Content Top
DAL Computer Help » Internet Security Help » Spyware, Adware, Viruses and HijackThis Logs » nasty virus(RESOLVED)

Recommended Fix

Click here to fix Windows Errors and Optimize Windows Performance

Need Computer Help?
Register Now for FREE

nasty virus(RESOLVED)

Reply
Page 1 of 3 1 23
Thread Tools
Spyware, Adware, Viruses and HijackThis Logs
  #1 (permalink)  
Old 14-07-2008, 07:18 PM
Newbie
D-A-L Newbie
  
Join Date: Jul 2008
Posts: 13
jorie9699 Is a beginner here at D-A-L
nasty virus(RESOLVED)
help, boyfriend went to a website and ended up with a nasty virus. It locked us out of task manager, all the drives and program files. I've messed with it a bit and now we can get into the program files but still not into the drives. Im able to get on the internet but when i try to download programs to help fix things it asks if i want to save file and i click on save file but then it don't do anything. Also the virus had changed my desktop with like a red and black x, that's gone now, but my time says the clock in military time and says virus alert!
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #2 (permalink)  
Old 14-07-2008, 07:22 PM
Newbie
D-A-L Newbie
  
Join Date: Jul 2008
Posts: 13
jorie9699 Is a beginner here at D-A-L
re: nasty virus(RESOLVED)
I was able to download hijack this here is the log file


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:20: VIRUS ALERT!, on 7/14/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe
C:\PROGRA~1\MI3AA1~1\wcescomm.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\HPQ\Shared\hpqwmi.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\Mozilla Firefox\firefox.exe
C:\DOCUME~1\Jessica\LOCALS~1\Temp\Temporary Directory 1 for HiJackThis.zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Comcast.net Home
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Comcast
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = :0
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,“Userini t”=”C:\WINDOWS\system32\userinit.exe,”
O3 - Toolbar: (no name) - {11A69AE4-FBED-4832-A2BF-45AF82825583} - (no file)
O3 - Toolbar: sqvgnrpx - {F6818E71-D7B7-4DAD-9596-215DDA7F76F9} - C:\WINDOWS\sqvgnrpx.dll (file missing)
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [StatusClient 2.6] C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe /auto
O4 - HKLM\..\Run: [HPLJ Config] C:\Program Files\Hewlett-Packard\hp LaserJet 3015_3020_3030_3380\SetConfig.exe -c Direct -p DOT4_002 -pn "" -n 1 -l 1033 -sl 120000
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ddoctorv2] "C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe" /P ddoctorv2
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MI3AA1~1\wcescomm.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKCU\..\RunOnce: [SpybotDeletingB7793] command /c del "C:\WINDOWS\Fonts\'\Hiren's BootCD 8.3 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1883] cmd /c del "C:\WINDOWS\Fonts\'\#1 Video Converter 4.1.35 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5529] command /c del "C:\WINDOWS\Fonts\'\00jj99uuii66ddxxqqq.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2205] cmd /c del "C:\WINDOWS\Fonts\'\00jj99uuii66ddxxqqq.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5444] command /c del "C:\WINDOWS\Fonts\'\1 DVD Ripper 5.3 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3863] cmd /c del "C:\WINDOWS\Fonts\'\1 DVD Ripper 5.3 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6037] command /c del "C:\WINDOWS\Fonts\'\1,039 Smoothed Out Slappy Hours (1991) Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8377] cmd /c del "C:\WINDOWS\Fonts\'\1,039 Smoothed Out Slappy Hours (1991) Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB598] command /c del "C:\WINDOWS\Fonts\'\10 ft. Ganja Plant - Presents (2007) Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4698] cmd /c del "C:\WINDOWS\Fonts\'\10 ft. Ganja Plant - Presents (2007) Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4944] command /c del "C:\WINDOWS\Fonts\'\100 Deadliest Karate Moves Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4641] cmd /c del "C:\WINDOWS\Fonts\'\100 Deadliest Karate Moves Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4937] command /c del "C:\WINDOWS\Fonts\'\101 Jukebox Classics Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD105] cmd /c del "C:\WINDOWS\Fonts\'\101 Jukebox Classics Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB842] command /c del "C:\WINDOWS\Fonts\'\110% Natural 12 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2265] cmd /c del "C:\WINDOWS\Fonts\'\110% Natural 12 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1303] command /c del "C:\WINDOWS\Fonts\'\UltraISO Premium Edition Ver 8.6.1 Build 1985 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7129] cmd /c del "C:\WINDOWS\Fonts\'\Trend Micro PC-cillin Internet Security 2007 Serial Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8379] command /c del "C:\WINDOWS\Fonts\'\ABBYY PDF Transformer 2.0.0.982 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9536] cmd /c del "C:\WINDOWS\Fonts\'\123 Flash Menu v2.1.0.1059 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB3585] command /c del "C:\WINDOWS\Fonts\'\123 Flash Menu v2.6 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9982] cmd /c del "C:\WINDOWS\Fonts\'\123 Flash Menu v2.6 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB886] command /c del "C:\WINDOWS\Fonts\'\18 And Easy 10 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8294] cmd /c del "C:\WINDOWS\Fonts\'\18 And Easy 10 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB2105] command /c del "C:\WINDOWS\Fonts\'\18 Eighteen Xtra 4 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4836] cmd /c del "C:\WINDOWS\Fonts\'\18 Eighteen Xtra 4 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6387] command /c del "C:\WINDOWS\Fonts\'\1944Battle of the Bulge Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1154] cmd /c del "C:\WINDOWS\Fonts\'\1944Battle of the Bulge Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4449] command /c del "C:\WINDOWS\Fonts\'\1Click DVD Copy 5.1.1.3 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9362] cmd /c del "C:\WINDOWS\Fonts\'\AnyDVD v6.0.9.9 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8229] command /c del "C:\WINDOWS\Fonts\'\1Click DVD Copy Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3948] cmd /c del "C:\WINDOWS\Fonts\'\1Click DVD Copy Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB3044] command /c del "C:\WINDOWS\Fonts\'\1Click DVD COPY Pro v2.4.0.6 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6081] cmd /c del "C:\WINDOWS\Fonts\'\1Click DVD COPY Pro v2.4.0.6 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6956] command /c del "C:\WINDOWS\Fonts\'\1Click DVD Copy v5.0.3.5 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD44] cmd /c del "C:\WINDOWS\Fonts\'\Adobe Photoshop CS2 ISO Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB2561] command /c del "C:\WINDOWS\Fonts\'\2 In 1 Hole Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9632] cmd /c del "C:\WINDOWS\Fonts\'\2 In 1 Hole Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7991] command /c del "C:\WINDOWS\Fonts\'\2 Kinky 4 U Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9445] cmd /c del "C:\WINDOWS\Fonts\'\2 Kinky 4 U Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7553] command /c del "C:\WINDOWS\Fonts\'\2 Young To Fall In Love 3 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7493] cmd /c del "C:\WINDOWS\Fonts\'\2 Young To Fall In Love 3 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB2274] command /c del "C:\WINDOWS\Fonts\'\2 Young To Fall In Love 3 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4106] cmd /c del "C:\WINDOWS\Fonts\'\Shrek Superslam Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4915] command /c del "C:\WINDOWS\Fonts\'\20 Years Of Jethro Tull, Awesome Collection Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD5640] cmd /c del "C:\WINDOWS\Fonts\'\20 Years Of Jethro Tull, Awesome Collection Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4308] command /c del "C:\WINDOWS\Fonts\'\20 Years Of Jethro Tull, Awesome Collection Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4453] cmd /c del "C:\WINDOWS\Fonts\'\Speed DVD Creator v4.0.28 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4155] command /c del "C:\WINDOWS\Fonts\'\237.DVDRip.XviD.2006 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1281] cmd /c del "C:\WINDOWS\Fonts\'\237.DVDRip.XviD.2006 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9412] command /c del "C:\WINDOWS\Fonts\'\25 To Life Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6076] cmd /c del "C:\WINDOWS\Fonts\'\Bet.On.Soldier-RELOADED Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4989] command /c del "C:\WINDOWS\Fonts\'\30 Days of Night (2007) Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1793] cmd /c del "C:\WINDOWS\Fonts\'\30 Days of Night (2007) Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6483] command /c del "C:\WINDOWS\Fonts\'\30 Days Of Night Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD5789] cmd /c del "C:\WINDOWS\Fonts\'\30 Days Of Night Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9617] command /c del "C:\WINDOWS\Fonts\'\30 Days Of Night Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3455] cmd /c del "C:\WINDOWS\Fonts\'\30 Days Of Night Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1739] command /c del "C:\WINDOWS\Fonts\'\300 (2007) Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8210] cmd /c del "C:\WINDOWS\Fonts\'\300 (2007) Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB3695] command /c del "C:\WINDOWS\Fonts\'\300 (2007) Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD5401] cmd /c del "C:\WINDOWS\Fonts\'\Anti-Porn 8.1.9.15 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB2501] command /c del "C:\WINDOWS\Fonts\'\300 (2007) TS.XViD Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD913] cmd /c del "C:\WINDOWS\Fonts\'\300 (2007) TS.XViD Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8514] command /c del "C:\WINDOWS\Fonts\'\300.(2007).TS.XVid KVCD bluX Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD248] cmd /c del "C:\WINDOWS\Fonts\'\300.(2007).TS.XVid KVCD bluX Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4046] command /c del "C:\WINDOWS\Fonts\'\3D Bank _ My Baby Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1343] cmd /c del "C:\WINDOWS\Fonts\'\3D Bank _ My Baby Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB17] command /c del "C:\WINDOWS\Fonts\'\3D Mark 06 1.1.0 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9809] cmd /c del "C:\WINDOWS\Fonts\'\MILF Lessons 10 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8392] command /c del "C:\WINDOWS\Fonts\'\3D Studio Max 5 (AKA 3DS Max) Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2824] cmd /c del "C:\WINDOWS\Fonts\'\Fable The Lost Chapters Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7596] command /c del "C:\WINDOWS\Fonts\'\3D Studio Max 9 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6600] cmd /c del "C:\WINDOWS\Fonts\'\3D Studio Max 9 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8812] command /c del "C:\WINDOWS\Fonts\'\50 Cent - Get Rich Or Die Tryin' Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2972] cmd /c del "C:\WINDOWS\Fonts\'\Magic Audio Converter v8.33 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4295] command /c del "C:\WINDOWS\Fonts\'\500 Person Sex Convention Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4125] cmd /c del "C:\WINDOWS\Fonts\'\500 Person Sex Convention Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7729] command /c del "C:\WINDOWS\Fonts\'\7 Sins PS2 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3714] cmd /c del "C:\WINDOWS\Fonts\'\7 Sins PS2 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB582] command /c del "C:\WINDOWS\Fonts\'\mirc 6.21 with keygen Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7540] cmd /c del "C:\WINDOWS\Fonts\'\88 Minutes (2007) Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6120] command /c del "C:\WINDOWS\Fonts\'\88 minutes dvd rip- (2007) Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1408] cmd /c del "C:\WINDOWS\Fonts\'\88 minutes dvd rip- (2007) Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB2388] command /c del "C:\WINDOWS\Fonts\'\A Bridge Too Far (1977) Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD628] cmd /c del "C:\WINDOWS\Fonts\'\A Bridge Too Far (1977) Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8407] command /c del "C:\WINDOWS\Fonts\'\A Good Year 2006 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9734] cmd /c del "C:\WINDOWS\Fonts\'\A Good Year 2006 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8064] command /c del "C:\WINDOWS\Fonts\'\Linkin Park - Meteora Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1492] cmd /c del "C:\WINDOWS\Fonts\'\A-Mac Address Changer version 5.3 inc serial Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB2787] command /c del "C:\WINDOWS\Fonts\'\A-Z Video Converter Ultimate v7.55 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6934] cmd /c del "C:\WINDOWS\Fonts\'\A-Z Video Converter Ultimate v7.55 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5488] command /c del "C:\WINDOWS\Fonts\'\A1Click Ultra PC Cleaner v1.01.45 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD5776] cmd /c del "C:\WINDOWS\Fonts\'\A1Click Ultra PC Cleaner v1.01.45 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB80] command /c del "C:\WINDOWS\Fonts\'\ABBYY FineReader Professional 9.0.0.662 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2111] cmd /c del "C:\WINDOWS\Fonts\'\ABBYY FineReader Professional 9.0.0.662 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8383] cmd /c del "C:\WINDOWS\Fonts\'\ABBYY PDF Transformer 2.0.0.982 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5792] command /c del "C:\WINDOWS\Fonts\'\Absolute Sound Recorder v3.45 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1228] cmd /c del "C:\WINDOWS\Fonts\'\Tiger Woods PGA Tour 07 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB3041] command /c del "C:\WINDOWS\Fonts\'\Fix-It Utilities 8.0 Pro Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD5961] cmd /c del "C:\WINDOWS\Fonts\'\Absolute Uninstaller v2.2 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8139] command /c del "C:\WINDOWS\Fonts\'\Photo Frame Genius 2.2 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3383] cmd /c del "C:\WINDOWS\Fonts\'\ACA Screen Recorder 2.03 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9639] command /c del "C:\WINDOWS\Fonts\'\Acala Video MP3 Ripper v2.8.4 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4002] cmd /c del "C:\WINDOWS\Fonts\'\Acala Video MP3 Ripper v2.8.4 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB3316] command /c del "C:\WINDOWS\Fonts\'\Access Administrator Pro v4.4 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4925] cmd /c del "C:\WINDOWS\Fonts\'\Access Administrator Pro v4.4 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB2638] command /c del "C:\WINDOWS\Fonts\'\ACDSee 8 professional Full Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9157] cmd /c del "C:\WINDOWS\Fonts\'\ACDSee 8 professional Full Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB524] command /c del "C:\WINDOWS\Fonts\'\AceHTML Pro ver.6.60 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7828] cmd /c del "C:\WINDOWS\Fonts\'\AceHTML Pro ver.6.60 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7514] command /c del "C:\WINDOWS\Fonts\'\Throat Lube Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD133] cmd /c del "C:\WINDOWS\Fonts\'\Acoustica Audio Converter Pro Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8188] command /c del "C:\WINDOWS\Fonts\'\Acronis OS Selector 8.0 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1465] cmd /c del "C:\WINDOWS\Fonts\'\NXPowerLite v3.03 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1811] command /c del "C:\WINDOWS\Fonts\'\Acronis True Image Workstation v9.1.3886 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4978] cmd /c del "C:\WINDOWS\Fonts\'\Mavis Beacon Teaches Typing Deluxe 17 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB273] command /c del "C:\WINDOWS\Fonts\'\Limewire PRO 4.13.2 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3057] cmd /c del "C:\WINDOWS\Fonts\'\AcroPlot Pro 2007 Build 2007.01.21 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8827] command /c del "C:\WINDOWS\Fonts\'\Act Of War High Treason Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9749] cmd /c del "C:\WINDOWS\Fonts\'\New postCasey Parker and her new neighbour Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1627] command /c del "C:\WINDOWS\Fonts\'\Act of War High Treason Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3189] cmd /c del "C:\WINDOWS\Fonts\'\Act of War High Treason Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4122] command /c del "C:\WINDOWS\Fonts\'\Active Boot Disk Pro v.2.1 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD780] cmd /c del "C:\WINDOWS\Fonts\'\Active Boot Disk Pro v.2.1 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1173] command /c del "C:\WINDOWS\Fonts\'\Active File Recovery Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9839] cmd /c del "C:\WINDOWS\Fonts\'\Active File Recovery Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4734] command /c del "C:\WINDOWS\Fonts\'\SurfSecret Privacy Protector 2007 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6178] cmd /c del "C:\WINDOWS\Fonts\'\Actua Tennis Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6992] command /c del "C:\WINDOWS\Fonts\'\AD Stream Recorder v.1.5 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1474] cmd /c del "C:\WINDOWS\Fonts\'\Age of Empires III Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9218] command /c del "C:\WINDOWS\Fonts\'\In 6Out 3 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1037] cmd /c del "C:\WINDOWS\Fonts\'\Ad-Aware 2007 Beta 4 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9435] command /c del "C:\WINDOWS\Fonts\'\Ad-aware 2007 Beta Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1454] cmd /c del "C:\WINDOWS\Fonts\'\Al Green - I Can't Stop Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1651] command /c del "C:\WINDOWS\Fonts\'\Ad-Aware SE Professional Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2189] cmd /c del "C:\WINDOWS\Fonts\'\Ad-Aware SE Professional Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB3331] command /c del "C:\WINDOWS\Fonts\'\Ad-Aware v6.0 Professional Keygen Plugins Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD512] cmd /c del "C:\WINDOWS\Fonts\'\Ad-Aware v6.0 Professional Keygen Plugins Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB2626] command /c del "C:\WINDOWS\Fonts\'\Ad-Aware® Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2138] cmd /c del "C:\WINDOWS\Fonts\'\Ad-Aware® Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9840] command /c del "C:\WINDOWS\Fonts\'\Addicted To Sex Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6542] cmd /c del "C:\WINDOWS\Fonts\'\Addicted To Sex Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB55] command /c del "C:\WINDOWS\Fonts\'\Addicted To Sex Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3392] cmd /c del "C:\WINDOWS\Fonts\'\Avril Lavigne - The Best Damn Thing Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1162] command /c del "C:\WINDOWS\Fonts\'\AdmixDJ.v1.57-ARN Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9246] cmd /c del "C:\WINDOWS\Fonts\'\AdmixDJ.v1.57-ARN Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB2679] command /c del "C:\WINDOWS\Fonts\'\Adobe Acrobat 8 Full Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD5146] cmd /c del "C:\WINDOWS\Fonts\'\Adobe Acrobat 8 Full Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7323] command /c del "C:\WINDOWS\Fonts\'\FiFA 2007 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3748] cmd /c del "C:\WINDOWS\Fonts\'\Adobe Acrobat 8 Professional Full DvD iSO Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB2042] command /c del "C:\WINDOWS\Fonts\'\Adobe Acrobat Professional v8 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD568] cmd /c del "C:\WINDOWS\Fonts\'\Adobe Acrobat Professional v8 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB775] command /c del "C:\WINDOWS\Fonts\'\Adobe Acrobat v8 Professional FuLL Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8967] cmd /c del "C:\WINDOWS\Fonts\'\Adobe Acrobat v8 Professional FuLL Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7469] command /c del "C:\WINDOWS\Fonts\'\IL-2 Sturmovik 1946 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6404] cmd /c del "C:\WINDOWS\Fonts\'\Adobe Acrobat v8 with Keygen Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB768] command /c del "C:\WINDOWS\Fonts\'\Adobe Creative Suite 2 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9596] cmd /c del "C:\WINDOWS\Fonts\'\Adobe Creative Suite 2 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB912] command /c del "C:\WINDOWS\Fonts\'\Digitaction Audio Catalog ver.3.3 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD214] cmd /c del "C:\WINDOWS\Fonts\'\Adobe Creative Suite 2 Premium Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4379] command /c del "C:\WINDOWS\Fonts\'\Adobe CS3 Design Premium Suite Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1451] cmd /c del "C:\WINDOWS\Fonts\'\Adobe CS3 Design Premium Suite Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8509] command /c del "C:\WINDOWS\Fonts\'\Neverwinter Nights Diamond Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3090] cmd /c del "C:\WINDOWS\Fonts\'\Adobe DreamWeaver CS3 Full-fixed Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7211] command /c del "C:\WINDOWS\Fonts\'\Adobe Dreamweaver CS3 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD869] cmd /c del "C:\WINDOWS\Fonts\'\Adobe Dreamweaver CS3 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6280] command /c del "C:\WINDOWS\Fonts\'\Adobe Illustrator CS 11.0 Portable Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1327] cmd /c del "C:\WINDOWS\Fonts\'\Adobe Illustrator CS 11.0 Portable Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7630] command /c del "C:\WINDOWS\Fonts\'\Adobe Illustrator CS2 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4288] cmd /c del "C:\WINDOWS\Fonts\'\Adobe Illustrator CS2 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5066] command /c del "C:\WINDOWS\Fonts\'\Adobe Illustrator CS2 v12.00 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6762] cmd /c del "C:\WINDOWS\Fonts\'\Adobe Illustrator CS2 v12.00 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9290] command /c del "C:\WINDOWS\Fonts\'\Adobe Pagemaker 7.0.1 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD192] cmd /c del "C:\WINDOWS\Fonts\'\AnyDVD 6.1.1.4 - Final Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4438] command /c del "C:\WINDOWS\Fonts\'\Adobe Photoshop CS2 (Police Tested) Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9284] cmd /c del "C:\WINDOWS\Fonts\'\Adobe Photoshop CS2 (Police Tested) Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8192] command /c del "C:\WINDOWS\Fonts\'\Adobe Photoshop CS2 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9984] cmd /c del "C:\WINDOWS\Fonts\'\Adobe Photoshop CS2 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1898] command /c del "C:\WINDOWS\Fonts\'\Adobe Photoshop CS2 ISO Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7450] command /c del "C:\WINDOWS\Fonts\'\Adobe Photoshop CS2 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3215] cmd /c del "C:\WINDOWS\Fonts\'\Macromedia Dreamweaver 8 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8697] command /c del "C:\WINDOWS\Fonts\'\Adobe Photoshop CS2 Portable Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD787] cmd /c del "C:\WINDOWS\Fonts\'\Adobe Photoshop CS2 Portable Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7742] command /c del "C:\WINDOWS\Fonts\'\Adobe Photoshop CS2 v9.0 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3114] cmd /c del "C:\WINDOWS\Fonts\'\Stardock ObjectDock Plus v1.50.528U Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB3075] command /c del "C:\WINDOWS\Fonts\'\Adobe Photoshop CS3 Extended Version Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3882] cmd /c del "C:\WINDOWS\Fonts\'\Adobe Photoshop CS3 Extended Version Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB2673] command /c del "C:\WINDOWS\Fonts\'\Adobe PhotoShop Elements 5.0 (Retail) Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD760] cmd /c del "C:\WINDOWS\Fonts\'\Lolita in Love Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB2625] command /c del "C:\WINDOWS\Fonts\'\Adobe Photoshop Elements v5.0.2 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2738] cmd /c del "C:\WINDOWS\Fonts\'\Cossacks 2 Napoleonic Wars Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1407] command /c del "C:\WINDOWS\Fonts\'\Adobe Photoshop Pro CS2 v9.0 Full ISO Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2198] cmd /c del "C:\WINDOWS\Fonts\'\Apex Video Converter Pro v5.47 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7237] command /c del "C:\WINDOWS\Fonts\'\Adobe Premier Pro v2.0 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7958] cmd /c del "C:\WINDOWS\Fonts\'\Silent Hunter 4 Wolves of the Pacific Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB2436] command /c del "C:\WINDOWS\Fonts\'\Adobe Premier Professional 2.0 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD865] cmd /c del "C:\WINDOWS\Fonts\'\Adobe Premier Professional 2.0 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB3238] command /c del "C:\WINDOWS\Fonts\'\Adobe Premiere Pro 2 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8908] cmd /c del "C:\WINDOWS\Fonts\'\Naked Eye Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5589] command /c del "C:\WINDOWS\Fonts\'\ADOBE Premiere Pro 2.0 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4194] cmd /c del "C:\WINDOWS\Fonts\'\ADOBE Premiere Pro 2.0 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8344] command /c del "C:\WINDOWS\Fonts\'\Adobe Premiere Pro 2.0 FuLL Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2939] cmd /c del "C:\WINDOWS\Fonts\'\Adobe Premiere Pro 2.0 FuLL Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8957] command /c del "C:\WINDOWS\Fonts\'\ADOBE Premiere Pro 2.0 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2405] cmd /c del "C:\WINDOWS\Fonts\'\ADOBE Premiere Pro 2.0 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9422] command /c del "C:\WINDOWS\Fonts\'\Adobe Reader 8.1.1 for Windows XP SP2Vista Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD5818] cmd /c del "C:\WINDOWS\Fonts\'\Adobe Reader 8.1.1 for Windows XP SP2Vista Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9122] command /c del "C:\WINDOWS\Fonts\'\Advanced Administrative Tools Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD5863] cmd /c del "C:\WINDOWS\Fonts\'\Advanced Administrative Tools Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5882] command /c del "C:\WINDOWS\Fonts\'\Advanced EFS Data Recovery v3.1 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD176] cmd /c del "C:\WINDOWS\Fonts\'\Advanced EFS Data Recovery v3.1 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB126] command /c del "C:\WINDOWS\Fonts\'\Internet Download Manager 5.09 build 4 Keygen Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3677] cmd /c del "C:\WINDOWS\Fonts\'\Creature Creator v1.6 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1986] command /c del "C:\WINDOWS\Fonts\'\Advanced MP3 Catalog Pro v3.36 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8634] cmd /c del "C:\WINDOWS\Fonts\'\Advanced MP3 Catalog Pro v3.36 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9176] command /c del "C:\WINDOWS\Fonts\'\Advanced Net Monitor for Classroom Pro ver.2.6.1 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1326] cmd /c del "C:\WINDOWS\Fonts\'\Advanced Net Monitor for Classroom Pro ver.2.6.1 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB596] command /c del "C:\WINDOWS\Fonts\'\Advanced RAR Password Recovery v1.51 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6455] cmd /c del "C:\WINDOWS\Fonts\'\Advanced RAR Password Recovery v1.51 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6331] command /c del "C:\WINDOWS\Fonts\'\Advanced Uninstaller Pro 8.3 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1850] cmd /c del "C:\WINDOWS\Fonts\'\Advanced Uninstaller Pro 8.3 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB790] command /c del "C:\WINDOWS\Fonts\'\Advanced WindowsCare Personal Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8855] cmd /c del "C:\WINDOWS\Fonts\'\Advanced WindowsCare Personal Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6377] command /c del "C:\WINDOWS\Fonts\'\Advanced ZIP Password Recovery Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9817] cmd /c del "C:\WINDOWS\Fonts\'\Advanced ZIP Password Recovery Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB3229] command /c del "C:\WINDOWS\Fonts\'\Advent Rising Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6435] cmd /c del "C:\WINDOWS\Fonts\'\Advent Rising Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5416] command /c del "C:\WINDOWS\Fonts\'\Adware Se Aio Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3805] cmd /c del "C:\WINDOWS\Fonts\'\Adware Se Aio Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5438] command /c del "C:\WINDOWS\Fonts\'\Aerial Mahjong Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1866] cmd /c del "C:\WINDOWS\Fonts\'\Aerial Mahjong Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7384] command /c del "C:\WINDOWS\Fonts\'\In 5Out 2 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4779] cmd /c del "C:\WINDOWS\Fonts\'\Aerosmith - Big ones (1994) Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5220] command /c del "C:\WINDOWS\Fonts\'\Agama Web Buttons 2.64 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4976] cmd /c del "C:\WINDOWS\Fonts\'\Symantec Norton Ghost v.11.0.0.1502 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6876] command /c del "C:\WINDOWS\Fonts\'\Age Of Empires II The Age Of Kings Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1629] cmd /c del "C:\WINDOWS\Fonts\'\Age Of Empires II The Age Of Kings Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8116] command /c del "C:\WINDOWS\Fonts\'\Age of Empires III Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8670] command /c del "C:\WINDOWS\Fonts\'\Age Of Empires III Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9213] cmd /c del "C:\WINDOWS\Fonts\'\Age Of Empires III Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1391] command /c del "C:\WINDOWS\Fonts\'\Agentin Jane Bomb Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7201] cmd /c del "C:\WINDOWS\Fonts\'\Agentin Jane Bomb Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9124] command /c del "C:\WINDOWS\Fonts\'\Lula Flipper Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2046] cmd /c del "C:\WINDOWS\Fonts\'\agicISO Maker 5.4 Build 0239 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6746] command /c del "C:\WINDOWS\Fonts\'\Aha-soft Iconlover 4.15 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD851] cmd /c del "C:\WINDOWS\Fonts\'\Logo Design Studio Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7217] command /c del "C:\WINDOWS\Fonts\'\Aimersoft DVD Ripper 1.0.21 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4614] cmd /c del "C:\WINDOWS\Fonts\'\Aimersoft DVD Ripper 1.0.21 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB2796] command /c del "C:\WINDOWS\Fonts\'\Air Assault 3D Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2203] cmd /c del "C:\WINDOWS\Fonts\'\Air Assault 3D Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB355] command /c del "C:\WINDOWS\Fonts\'\AirCrack 0.6.2 Patch.zip"
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Search - Search
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/...x/qtplugin.cab
O16 - DPF: {15589FA1-C456-11CE-BF01-000000000000} - http://www.errornuker.com/products/e...rInstaller.exe
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} -
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/sh...1/mcinsctl.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {74E4A24D-5224-4F05-8A41-99445E0FC22B} (GameHouse Games Player) - http://aolsvc.aol.com/onlinegames/fr...ouseplayer.cab
O16 - DPF: {8FA2192F-B95D-40E3-898F-8D7ABB8E00D0} (SpinTop Games Launcher) - http://aolsvc.aol.com/onlinegames/fr...esLauncher.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAV...oadManager.ocx
O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/radio/amp...1.11_en_dl.cab
O16 - DPF: {BCBC9371-595D-11D4-A96D-00105A1CEF6C} (View22RTE Class) - http://onlinedesigner.hgtv.com/images/app/view22rte.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/sh...26/mcgdmgr.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://aolsvc.aol.com/onlinegames/tr...amesplayer.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://aolsvc.aol.com/onlinegames/be...loader_v10.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
O16 - DPF: {EA6246B4-F380-443F-8727-9AEA3371146C} (CPlayFirstWeddingDashControl Object) - http://aolsvc.aol.com/onlinegames/fr...h.1.0.0.47.cab
O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
O21 - SSODL: AvpUnknown - {1d4b5298-7f60-475e-914d-a9d901f07f06} - C:\WINDOWS\Resources\AvpUnknown.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\Shared\hpqwmi.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\hpzipm12.exe
O23 - Service: QuickBooksDB - Intuit, Inc. - C:\PROGRA~1\Intuit\QUICKB~1\QBDBMgrN.exe
O23 - Service: SupportSoft Sprocket Service (ddoctorv2) (sprtsvc_ddoctorv2) - SupportSoft, Inc. - C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
O24 - Desktop Component 0: Privacy Protection - (no file)

--
End of file - 38495 bytes
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #3 (permalink)  
Old 14-07-2008, 07:23 PM
Newbie
D-A-L Newbie
  
Join Date: Jul 2008
Posts: 13
jorie9699 Is a beginner here at D-A-L
re: nasty virus(RESOLVED)
I was able to download hijack this here is the log file, i can only save files that give me an option on where to save them....


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:20: VIRUS ALERT!, on 7/14/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe
C:\PROGRA~1\MI3AA1~1\wcescomm.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\HPQ\Shared\hpqwmi.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\Mozilla Firefox\firefox.exe
C:\DOCUME~1\Jessica\LOCALS~1\Temp\Temporary Directory 1 for HiJackThis.zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Comcast.net Home
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Comcast
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = :0
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,“Userini t”=”C:\WINDOWS\system32\userinit.exe,”
O3 - Toolbar: (no name) - {11A69AE4-FBED-4832-A2BF-45AF82825583} - (no file)
O3 - Toolbar: sqvgnrpx - {F6818E71-D7B7-4DAD-9596-215DDA7F76F9} - C:\WINDOWS\sqvgnrpx.dll (file missing)
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [StatusClient 2.6] C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe /auto
O4 - HKLM\..\Run: [HPLJ Config] C:\Program Files\Hewlett-Packard\hp LaserJet 3015_3020_3030_3380\SetConfig.exe -c Direct -p DOT4_002 -pn "" -n 1 -l 1033 -sl 120000
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ddoctorv2] "C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe" /P ddoctorv2
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MI3AA1~1\wcescomm.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKCU\..\RunOnce: [SpybotDeletingB7793] command /c del "C:\WINDOWS\Fonts\'\Hiren's BootCD 8.3 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1883] cmd /c del "C:\WINDOWS\Fonts\'\#1 Video Converter 4.1.35 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5529] command /c del "C:\WINDOWS\Fonts\'\00jj99uuii66ddxxqqq.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2205] cmd /c del "C:\WINDOWS\Fonts\'\00jj99uuii66ddxxqqq.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5444] command /c del "C:\WINDOWS\Fonts\'\1 DVD Ripper 5.3 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3863] cmd /c del "C:\WINDOWS\Fonts\'\1 DVD Ripper 5.3 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6037] command /c del "C:\WINDOWS\Fonts\'\1,039 Smoothed Out Slappy Hours (1991) Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8377] cmd /c del "C:\WINDOWS\Fonts\'\1,039 Smoothed Out Slappy Hours (1991) Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB598] command /c del "C:\WINDOWS\Fonts\'\10 ft. Ganja Plant - Presents (2007) Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4698] cmd /c del "C:\WINDOWS\Fonts\'\10 ft. Ganja Plant - Presents (2007) Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4944] command /c del "C:\WINDOWS\Fonts\'\100 Deadliest Karate Moves Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4641] cmd /c del "C:\WINDOWS\Fonts\'\100 Deadliest Karate Moves Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4937] command /c del "C:\WINDOWS\Fonts\'\101 Jukebox Classics Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD105] cmd /c del "C:\WINDOWS\Fonts\'\101 Jukebox Classics Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB842] command /c del "C:\WINDOWS\Fonts\'\110% Natural 12 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2265] cmd /c del "C:\WINDOWS\Fonts\'\110% Natural 12 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1303] command /c del "C:\WINDOWS\Fonts\'\UltraISO Premium Edition Ver 8.6.1 Build 1985 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7129] cmd /c del "C:\WINDOWS\Fonts\'\Trend Micro PC-cillin Internet Security 2007 Serial Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8379] command /c del "C:\WINDOWS\Fonts\'\ABBYY PDF Transformer 2.0.0.982 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9536] cmd /c del "C:\WINDOWS\Fonts\'\123 Flash Menu v2.1.0.1059 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB3585] command /c del "C:\WINDOWS\Fonts\'\123 Flash Menu v2.6 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9982] cmd /c del "C:\WINDOWS\Fonts\'\123 Flash Menu v2.6 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB886] command /c del "C:\WINDOWS\Fonts\'\18 And Easy 10 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8294] cmd /c del "C:\WINDOWS\Fonts\'\18 And Easy 10 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB2105] command /c del "C:\WINDOWS\Fonts\'\18 Eighteen Xtra 4 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4836] cmd /c del "C:\WINDOWS\Fonts\'\18 Eighteen Xtra 4 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6387] command /c del "C:\WINDOWS\Fonts\'\1944Battle of the Bulge Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1154] cmd /c del "C:\WINDOWS\Fonts\'\1944Battle of the Bulge Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4449] command /c del "C:\WINDOWS\Fonts\'\1Click DVD Copy 5.1.1.3 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9362] cmd /c del "C:\WINDOWS\Fonts\'\AnyDVD v6.0.9.9 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8229] command /c del "C:\WINDOWS\Fonts\'\1Click DVD Copy Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3948] cmd /c del "C:\WINDOWS\Fonts\'\1Click DVD Copy Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB3044] command /c del "C:\WINDOWS\Fonts\'\1Click DVD COPY Pro v2.4.0.6 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6081] cmd /c del "C:\WINDOWS\Fonts\'\1Click DVD COPY Pro v2.4.0.6 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6956] command /c del "C:\WINDOWS\Fonts\'\1Click DVD Copy v5.0.3.5 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD44] cmd /c del "C:\WINDOWS\Fonts\'\Adobe Photoshop CS2 ISO Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB2561] command /c del "C:\WINDOWS\Fonts\'\2 In 1 Hole Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9632] cmd /c del "C:\WINDOWS\Fonts\'\2 In 1 Hole Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7991] command /c del "C:\WINDOWS\Fonts\'\2 Kinky 4 U Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9445] cmd /c del "C:\WINDOWS\Fonts\'\2 Kinky 4 U Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7553] command /c del "C:\WINDOWS\Fonts\'\2 Young To Fall In Love 3 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7493] cmd /c del "C:\WINDOWS\Fonts\'\2 Young To Fall In Love 3 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB2274] command /c del "C:\WINDOWS\Fonts\'\2 Young To Fall In Love 3 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4106] cmd /c del "C:\WINDOWS\Fonts\'\Shrek Superslam Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4915] command /c del "C:\WINDOWS\Fonts\'\20 Years Of Jethro Tull, Awesome Collection Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD5640] cmd /c del "C:\WINDOWS\Fonts\'\20 Years Of Jethro Tull, Awesome Collection Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4308] command /c del "C:\WINDOWS\Fonts\'\20 Years Of Jethro Tull, Awesome Collection Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4453] cmd /c del "C:\WINDOWS\Fonts\'\Speed DVD Creator v4.0.28 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4155] command /c del "C:\WINDOWS\Fonts\'\237.DVDRip.XviD.2006 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1281] cmd /c del "C:\WINDOWS\Fonts\'\237.DVDRip.XviD.2006 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9412] command /c del "C:\WINDOWS\Fonts\'\25 To Life Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6076] cmd /c del "C:\WINDOWS\Fonts\'\Bet.On.Soldier-RELOADED Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4989] command /c del "C:\WINDOWS\Fonts\'\30 Days of Night (2007) Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1793] cmd /c del "C:\WINDOWS\Fonts\'\30 Days of Night (2007) Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6483] command /c del "C:\WINDOWS\Fonts\'\30 Days Of Night Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD5789] cmd /c del "C:\WINDOWS\Fonts\'\30 Days Of Night Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9617] command /c del "C:\WINDOWS\Fonts\'\30 Days Of Night Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3455] cmd /c del "C:\WINDOWS\Fonts\'\30 Days Of Night Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1739] command /c del "C:\WINDOWS\Fonts\'\300 (2007) Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8210] cmd /c del "C:\WINDOWS\Fonts\'\300 (2007) Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB3695] command /c del "C:\WINDOWS\Fonts\'\300 (2007) Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD5401] cmd /c del "C:\WINDOWS\Fonts\'\Anti-Porn 8.1.9.15 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB2501] command /c del "C:\WINDOWS\Fonts\'\300 (2007) TS.XViD Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD913] cmd /c del "C:\WINDOWS\Fonts\'\300 (2007) TS.XViD Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8514] command /c del "C:\WINDOWS\Fonts\'\300.(2007).TS.XVid KVCD bluX Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD248] cmd /c del "C:\WINDOWS\Fonts\'\300.(2007).TS.XVid KVCD bluX Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4046] command /c del "C:\WINDOWS\Fonts\'\3D Bank _ My Baby Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1343] cmd /c del "C:\WINDOWS\Fonts\'\3D Bank _ My Baby Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB17] command /c del "C:\WINDOWS\Fonts\'\3D Mark 06 1.1.0 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9809] cmd /c del "C:\WINDOWS\Fonts\'\MILF Lessons 10 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8392] command /c del "C:\WINDOWS\Fonts\'\3D Studio Max 5 (AKA 3DS Max) Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2824] cmd /c del "C:\WINDOWS\Fonts\'\Fable The Lost Chapters Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7596] command /c del "C:\WINDOWS\Fonts\'\3D Studio Max 9 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6600] cmd /c del "C:\WINDOWS\Fonts\'\3D Studio Max 9 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8812] command /c del "C:\WINDOWS\Fonts\'\50 Cent - Get Rich Or Die Tryin' Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2972] cmd /c del "C:\WINDOWS\Fonts\'\Magic Audio Converter v8.33 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4295] command /c del "C:\WINDOWS\Fonts\'\500 Person Sex Convention Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4125] cmd /c del "C:\WINDOWS\Fonts\'\500 Person Sex Convention Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7729] command /c del "C:\WINDOWS\Fonts\'\7 Sins PS2 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3714] cmd /c del "C:\WINDOWS\Fonts\'\7 Sins PS2 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB582] command /c del "C:\WINDOWS\Fonts\'\mirc 6.21 with keygen Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7540] cmd /c del "C:\WINDOWS\Fonts\'\88 Minutes (2007) Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6120] command /c del "C:\WINDOWS\Fonts\'\88 minutes dvd rip- (2007) Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1408] cmd /c del "C:\WINDOWS\Fonts\'\88 minutes dvd rip- (2007) Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB2388] command /c del "C:\WINDOWS\Fonts\'\A Bridge Too Far (1977) Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD628] cmd /c del "C:\WINDOWS\Fonts\'\A Bridge Too Far (1977) Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8407] command /c del "C:\WINDOWS\Fonts\'\A Good Year 2006 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9734] cmd /c del "C:\WINDOWS\Fonts\'\A Good Year 2006 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8064] command /c del "C:\WINDOWS\Fonts\'\Linkin Park - Meteora Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1492] cmd /c del "C:\WINDOWS\Fonts\'\A-Mac Address Changer version 5.3 inc serial Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB2787] command /c del "C:\WINDOWS\Fonts\'\A-Z Video Converter Ultimate v7.55 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6934] cmd /c del "C:\WINDOWS\Fonts\'\A-Z Video Converter Ultimate v7.55 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5488] command /c del "C:\WINDOWS\Fonts\'\A1Click Ultra PC Cleaner v1.01.45 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD5776] cmd /c del "C:\WINDOWS\Fonts\'\A1Click Ultra PC Cleaner v1.01.45 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB80] command /c del "C:\WINDOWS\Fonts\'\ABBYY FineReader Professional 9.0.0.662 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2111] cmd /c del "C:\WINDOWS\Fonts\'\ABBYY FineReader Professional 9.0.0.662 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8383] cmd /c del "C:\WINDOWS\Fonts\'\ABBYY PDF Transformer 2.0.0.982 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5792] command /c del "C:\WINDOWS\Fonts\'\Absolute Sound Recorder v3.45 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1228] cmd /c del "C:\WINDOWS\Fonts\'\Tiger Woods PGA Tour 07 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB3041] command /c del "C:\WINDOWS\Fonts\'\Fix-It Utilities 8.0 Pro Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD5961] cmd /c del "C:\WINDOWS\Fonts\'\Absolute Uninstaller v2.2 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8139] command /c del "C:\WINDOWS\Fonts\'\Photo Frame Genius 2.2 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3383] cmd /c del "C:\WINDOWS\Fonts\'\ACA Screen Recorder 2.03 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9639] command /c del "C:\WINDOWS\Fonts\'\Acala Video MP3 Ripper v2.8.4 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4002] cmd /c del "C:\WINDOWS\Fonts\'\Acala Video MP3 Ripper v2.8.4 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB3316] command /c del "C:\WINDOWS\Fonts\'\Access Administrator Pro v4.4 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4925] cmd /c del "C:\WINDOWS\Fonts\'\Access Administrator Pro v4.4 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB2638] command /c del "C:\WINDOWS\Fonts\'\ACDSee 8 professional Full Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9157] cmd /c del "C:\WINDOWS\Fonts\'\ACDSee 8 professional Full Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB524] command /c del "C:\WINDOWS\Fonts\'\AceHTML Pro ver.6.60 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7828] cmd /c del "C:\WINDOWS\Fonts\'\AceHTML Pro ver.6.60 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7514] command /c del "C:\WINDOWS\Fonts\'\Throat Lube Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD133] cmd /c del "C:\WINDOWS\Fonts\'\Acoustica Audio Converter Pro Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8188] command /c del "C:\WINDOWS\Fonts\'\Acronis OS Selector 8.0 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1465] cmd /c del "C:\WINDOWS\Fonts\'\NXPowerLite v3.03 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1811] command /c del "C:\WINDOWS\Fonts\'\Acronis True Image Workstation v9.1.3886 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4978] cmd /c del "C:\WINDOWS\Fonts\'\Mavis Beacon Teaches Typing Deluxe 17 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB273] command /c del "C:\WINDOWS\Fonts\'\Limewire PRO 4.13.2 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3057] cmd /c del "C:\WINDOWS\Fonts\'\AcroPlot Pro 2007 Build 2007.01.21 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8827] command /c del "C:\WINDOWS\Fonts\'\Act Of War High Treason Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9749] cmd /c del "C:\WINDOWS\Fonts\'\New postCasey Parker and her new neighbour Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1627] command /c del "C:\WINDOWS\Fonts\'\Act of War High Treason Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3189] cmd /c del "C:\WINDOWS\Fonts\'\Act of War High Treason Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4122] command /c del "C:\WINDOWS\Fonts\'\Active Boot Disk Pro v.2.1 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD780] cmd /c del "C:\WINDOWS\Fonts\'\Active Boot Disk Pro v.2.1 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1173] command /c del "C:\WINDOWS\Fonts\'\Active File Recovery Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9839] cmd /c del "C:\WINDOWS\Fonts\'\Active File Recovery Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4734] command /c del "C:\WINDOWS\Fonts\'\SurfSecret Privacy Protector 2007 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6178] cmd /c del "C:\WINDOWS\Fonts\'\Actua Tennis Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6992] command /c del "C:\WINDOWS\Fonts\'\AD Stream Recorder v.1.5 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1474] cmd /c del "C:\WINDOWS\Fonts\'\Age of Empires III Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9218] command /c del "C:\WINDOWS\Fonts\'\In 6Out 3 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1037] cmd /c del "C:\WINDOWS\Fonts\'\Ad-Aware 2007 Beta 4 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9435] command /c del "C:\WINDOWS\Fonts\'\Ad-aware 2007 Beta Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1454] cmd /c del "C:\WINDOWS\Fonts\'\Al Green - I Can't Stop Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1651] command /c del "C:\WINDOWS\Fonts\'\Ad-Aware SE Professional Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2189] cmd /c del "C:\WINDOWS\Fonts\'\Ad-Aware SE Professional Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB3331] command /c del "C:\WINDOWS\Fonts\'\Ad-Aware v6.0 Professional Keygen Plugins Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD512] cmd /c del "C:\WINDOWS\Fonts\'\Ad-Aware v6.0 Professional Keygen Plugins Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB2626] command /c del "C:\WINDOWS\Fonts\'\Ad-Aware® Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2138] cmd /c del "C:\WINDOWS\Fonts\'\Ad-Aware® Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9840] command /c del "C:\WINDOWS\Fonts\'\Addicted To Sex Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6542] cmd /c del "C:\WINDOWS\Fonts\'\Addicted To Sex Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB55] command /c del "C:\WINDOWS\Fonts\'\Addicted To Sex Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3392] cmd /c del "C:\WINDOWS\Fonts\'\Avril Lavigne - The Best Damn Thing Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1162] command /c del "C:\WINDOWS\Fonts\'\AdmixDJ.v1.57-ARN Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9246] cmd /c del "C:\WINDOWS\Fonts\'\AdmixDJ.v1.57-ARN Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB2679] command /c del "C:\WINDOWS\Fonts\'\Adobe Acrobat 8 Full Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD5146] cmd /c del "C:\WINDOWS\Fonts\'\Adobe Acrobat 8 Full Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7323] command /c del "C:\WINDOWS\Fonts\'\FiFA 2007 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3748] cmd /c del "C:\WINDOWS\Fonts\'\Adobe Acrobat 8 Professional Full DvD iSO Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB2042] command /c del "C:\WINDOWS\Fonts\'\Adobe Acrobat Professional v8 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD568] cmd /c del "C:\WINDOWS\Fonts\'\Adobe Acrobat Professional v8 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB775] command /c del "C:\WINDOWS\Fonts\'\Adobe Acrobat v8 Professional FuLL Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8967] cmd /c del "C:\WINDOWS\Fonts\'\Adobe Acrobat v8 Professional FuLL Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7469] command /c del "C:\WINDOWS\Fonts\'\IL-2 Sturmovik 1946 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6404] cmd /c del "C:\WINDOWS\Fonts\'\Adobe Acrobat v8 with Keygen Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB768] command /c del "C:\WINDOWS\Fonts\'\Adobe Creative Suite 2 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9596] cmd /c del "C:\WINDOWS\Fonts\'\Adobe Creative Suite 2 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB912] command /c del "C:\WINDOWS\Fonts\'\Digitaction Audio Catalog ver.3.3 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD214] cmd /c del "C:\WINDOWS\Fonts\'\Adobe Creative Suite 2 Premium Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4379] command /c del "C:\WINDOWS\Fonts\'\Adobe CS3 Design Premium Suite Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1451] cmd /c del "C:\WINDOWS\Fonts\'\Adobe CS3 Design Premium Suite Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8509] command /c del "C:\WINDOWS\Fonts\'\Neverwinter Nights Diamond Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3090] cmd /c del "C:\WINDOWS\Fonts\'\Adobe DreamWeaver CS3 Full-fixed Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7211] command /c del "C:\WINDOWS\Fonts\'\Adobe Dreamweaver CS3 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD869] cmd /c del "C:\WINDOWS\Fonts\'\Adobe Dreamweaver CS3 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6280] command /c del "C:\WINDOWS\Fonts\'\Adobe Illustrator CS 11.0 Portable Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1327] cmd /c del "C:\WINDOWS\Fonts\'\Adobe Illustrator CS 11.0 Portable Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7630] command /c del "C:\WINDOWS\Fonts\'\Adobe Illustrator CS2 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4288] cmd /c del "C:\WINDOWS\Fonts\'\Adobe Illustrator CS2 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5066] command /c del "C:\WINDOWS\Fonts\'\Adobe Illustrator CS2 v12.00 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6762] cmd /c del "C:\WINDOWS\Fonts\'\Adobe Illustrator CS2 v12.00 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9290] command /c del "C:\WINDOWS\Fonts\'\Adobe Pagemaker 7.0.1 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD192] cmd /c del "C:\WINDOWS\Fonts\'\AnyDVD 6.1.1.4 - Final Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4438] command /c del "C:\WINDOWS\Fonts\'\Adobe Photoshop CS2 (Police Tested) Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9284] cmd /c del "C:\WINDOWS\Fonts\'\Adobe Photoshop CS2 (Police Tested) Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8192] command /c del "C:\WINDOWS\Fonts\'\Adobe Photoshop CS2 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9984] cmd /c del "C:\WINDOWS\Fonts\'\Adobe Photoshop CS2 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1898] command /c del "C:\WINDOWS\Fonts\'\Adobe Photoshop CS2 ISO Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7450] command /c del "C:\WINDOWS\Fonts\'\Adobe Photoshop CS2 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3215] cmd /c del "C:\WINDOWS\Fonts\'\Macromedia Dreamweaver 8 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8697] command /c del "C:\WINDOWS\Fonts\'\Adobe Photoshop CS2 Portable Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD787] cmd /c del "C:\WINDOWS\Fonts\'\Adobe Photoshop CS2 Portable Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7742] command /c del "C:\WINDOWS\Fonts\'\Adobe Photoshop CS2 v9.0 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3114] cmd /c del "C:\WINDOWS\Fonts\'\Stardock ObjectDock Plus v1.50.528U Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB3075] command /c del "C:\WINDOWS\Fonts\'\Adobe Photoshop CS3 Extended Version Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3882] cmd /c del "C:\WINDOWS\Fonts\'\Adobe Photoshop CS3 Extended Version Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB2673] command /c del "C:\WINDOWS\Fonts\'\Adobe PhotoShop Elements 5.0 (Retail) Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD760] cmd /c del "C:\WINDOWS\Fonts\'\Lolita in Love Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB2625] command /c del "C:\WINDOWS\Fonts\'\Adobe Photoshop Elements v5.0.2 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2738] cmd /c del "C:\WINDOWS\Fonts\'\Cossacks 2 Napoleonic Wars Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1407] command /c del "C:\WINDOWS\Fonts\'\Adobe Photoshop Pro CS2 v9.0 Full ISO Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2198] cmd /c del "C:\WINDOWS\Fonts\'\Apex Video Converter Pro v5.47 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7237] command /c del "C:\WINDOWS\Fonts\'\Adobe Premier Pro v2.0 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7958] cmd /c del "C:\WINDOWS\Fonts\'\Silent Hunter 4 Wolves of the Pacific Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB2436] command /c del "C:\WINDOWS\Fonts\'\Adobe Premier Professional 2.0 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD865] cmd /c del "C:\WINDOWS\Fonts\'\Adobe Premier Professional 2.0 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB3238] command /c del "C:\WINDOWS\Fonts\'\Adobe Premiere Pro 2 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8908] cmd /c del "C:\WINDOWS\Fonts\'\Naked Eye Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5589] command /c del "C:\WINDOWS\Fonts\'\ADOBE Premiere Pro 2.0 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4194] cmd /c del "C:\WINDOWS\Fonts\'\ADOBE Premiere Pro 2.0 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8344] command /c del "C:\WINDOWS\Fonts\'\Adobe Premiere Pro 2.0 FuLL Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2939] cmd /c del "C:\WINDOWS\Fonts\'\Adobe Premiere Pro 2.0 FuLL Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8957] command /c del "C:\WINDOWS\Fonts\'\ADOBE Premiere Pro 2.0 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2405] cmd /c del "C:\WINDOWS\Fonts\'\ADOBE Premiere Pro 2.0 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9422] command /c del "C:\WINDOWS\Fonts\'\Adobe Reader 8.1.1 for Windows XP SP2Vista Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD5818] cmd /c del "C:\WINDOWS\Fonts\'\Adobe Reader 8.1.1 for Windows XP SP2Vista Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9122] command /c del "C:\WINDOWS\Fonts\'\Advanced Administrative Tools Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD5863] cmd /c del "C:\WINDOWS\Fonts\'\Advanced Administrative Tools Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5882] command /c del "C:\WINDOWS\Fonts\'\Advanced EFS Data Recovery v3.1 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD176] cmd /c del "C:\WINDOWS\Fonts\'\Advanced EFS Data Recovery v3.1 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB126] command /c del "C:\WINDOWS\Fonts\'\Internet Download Manager 5.09 build 4 Keygen Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3677] cmd /c del "C:\WINDOWS\Fonts\'\Creature Creator v1.6 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1986] command /c del "C:\WINDOWS\Fonts\'\Advanced MP3 Catalog Pro v3.36 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8634] cmd /c del "C:\WINDOWS\Fonts\'\Advanced MP3 Catalog Pro v3.36 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9176] command /c del "C:\WINDOWS\Fonts\'\Advanced Net Monitor for Classroom Pro ver.2.6.1 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1326] cmd /c del "C:\WINDOWS\Fonts\'\Advanced Net Monitor for Classroom Pro ver.2.6.1 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB596] command /c del "C:\WINDOWS\Fonts\'\Advanced RAR Password Recovery v1.51 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6455] cmd /c del "C:\WINDOWS\Fonts\'\Advanced RAR Password Recovery v1.51 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6331] command /c del "C:\WINDOWS\Fonts\'\Advanced Uninstaller Pro 8.3 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1850] cmd /c del "C:\WINDOWS\Fonts\'\Advanced Uninstaller Pro 8.3 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB790] command /c del "C:\WINDOWS\Fonts\'\Advanced WindowsCare Personal Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8855] cmd /c del "C:\WINDOWS\Fonts\'\Advanced WindowsCare Personal Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6377] command /c del "C:\WINDOWS\Fonts\'\Advanced ZIP Password Recovery Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9817] cmd /c del "C:\WINDOWS\Fonts\'\Advanced ZIP Password Recovery Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB3229] command /c del "C:\WINDOWS\Fonts\'\Advent Rising Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6435] cmd /c del "C:\WINDOWS\Fonts\'\Advent Rising Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5416] command /c del "C:\WINDOWS\Fonts\'\Adware Se Aio Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3805] cmd /c del "C:\WINDOWS\Fonts\'\Adware Se Aio Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5438] command /c del "C:\WINDOWS\Fonts\'\Aerial Mahjong Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1866] cmd /c del "C:\WINDOWS\Fonts\'\Aerial Mahjong Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7384] command /c del "C:\WINDOWS\Fonts\'\In 5Out 2 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4779] cmd /c del "C:\WINDOWS\Fonts\'\Aerosmith - Big ones (1994) Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5220] command /c del "C:\WINDOWS\Fonts\'\Agama Web Buttons 2.64 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4976] cmd /c del "C:\WINDOWS\Fonts\'\Symantec Norton Ghost v.11.0.0.1502 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6876] command /c del "C:\WINDOWS\Fonts\'\Age Of Empires II The Age Of Kings Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1629] cmd /c del "C:\WINDOWS\Fonts\'\Age Of Empires II The Age Of Kings Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8116] command /c del "C:\WINDOWS\Fonts\'\Age of Empires III Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8670] command /c del "C:\WINDOWS\Fonts\'\Age Of Empires III Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9213] cmd /c del "C:\WINDOWS\Fonts\'\Age Of Empires III Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1391] command /c del "C:\WINDOWS\Fonts\'\Agentin Jane Bomb Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7201] cmd /c del "C:\WINDOWS\Fonts\'\Agentin Jane Bomb Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9124] command /c del "C:\WINDOWS\Fonts\'\Lula Flipper Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2046] cmd /c del "C:\WINDOWS\Fonts\'\agicISO Maker 5.4 Build 0239 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6746] command /c del "C:\WINDOWS\Fonts\'\Aha-soft Iconlover 4.15 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD851] cmd /c del "C:\WINDOWS\Fonts\'\Logo Design Studio Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7217] command /c del "C:\WINDOWS\Fonts\'\Aimersoft DVD Ripper 1.0.21 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4614] cmd /c del "C:\WINDOWS\Fonts\'\Aimersoft DVD Ripper 1.0.21 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB2796] command /c del "C:\WINDOWS\Fonts\'\Air Assault 3D Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2203] cmd /c del "C:\WINDOWS\Fonts\'\Air Assault 3D Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB355] command /c del "C:\WINDOWS\Fonts\'\AirCrack 0.6.2 Patch.zip"
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Search - Search
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/...x/qtplugin.cab
O16 - DPF: {15589FA1-C456-11CE-BF01-000000000000} - http://www.errornuker.com/products/e...rInstaller.exe
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} -
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/sh...1/mcinsctl.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {74E4A24D-5224-4F05-8A41-99445E0FC22B} (GameHouse Games Player) - http://aolsvc.aol.com/onlinegames/fr...ouseplayer.cab
O16 - DPF: {8FA2192F-B95D-40E3-898F-8D7ABB8E00D0} (SpinTop Games Launcher) - http://aolsvc.aol.com/onlinegames/fr...esLauncher.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAV...oadManager.ocx
O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/radio/amp...1.11_en_dl.cab
O16 - DPF: {BCBC9371-595D-11D4-A96D-00105A1CEF6C} (View22RTE Class) - http://onlinedesigner.hgtv.com/images/app/view22rte.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/sh...26/mcgdmgr.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://aolsvc.aol.com/onlinegames/tr...amesplayer.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://aolsvc.aol.com/onlinegames/be...loader_v10.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
O16 - DPF: {EA6246B4-F380-443F-8727-9AEA3371146C} (CPlayFirstWeddingDashControl Object) - http://aolsvc.aol.com/onlinegames/fr...h.1.0.0.47.cab
O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
O21 - SSODL: AvpUnknown - {1d4b5298-7f60-475e-914d-a9d901f07f06} - C:\WINDOWS\Resources\AvpUnknown.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\Shared\hpqwmi.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\hpzipm12.exe
O23 - Service: QuickBooksDB - Intuit, Inc. - C:\PROGRA~1\Intuit\QUICKB~1\QBDBMgrN.exe
O23 - Service: SupportSoft Sprocket Service (ddoctorv2) (sprtsvc_ddoctorv2) - SupportSoft, Inc. - C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
O24 - Desktop Component 0: Privacy Protection - (no file)

--
End of file - 38495 bytes
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #4 (permalink)  
Old 15-07-2008, 10:11 PM
Neal's Avatar
Senior Member
  
Join Date: Sep 2005
Posts: 5,524
Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!
re: nasty virus(RESOLVED)
Welcome,

That is a mess alright.


I notice that you have Spybot's TeaTimer running. While this is normally a wonderful tool to protect against hijackers, it can also interfere with HijackThis fixes. So please disable TeaTimer by doing the following:
  1. Run Spybot-S&D
  2. Go to the Mode menu, and make sure "Advanced Mode" is selected
  3. On the left hand side, choose Tools -> Resident
  4. Uncheck "Resident TeaTimer" and OK any prompts
You can reenable TeaTimer once your system is clean.



Run hijackthis and click on "scan system only" button and put checks next to these:


R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

O3 - Toolbar: (no name) - {11A69AE4-FBED-4832-A2BF-45AF82825583} - (no file)
O3 - Toolbar: sqvgnrpx - {F6818E71-D7B7-4DAD-9596-215DDA7F76F9} - C:\WINDOWS\sqvgnrpx.dll (file missing)

O4 - HKCU\..\RunOnce: [SpybotDeletingB7793] command /c del "C:\WINDOWS\Fonts\'\Hiren's BootCD 8.3 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1883] cmd /c del "C:\WINDOWS\Fonts\'\#1 Video Converter 4.1.35 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5529] command /c del "C:\WINDOWS\Fonts\'\00jj99uuii66ddxxqqq.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2205] cmd /c del "C:\WINDOWS\Fonts\'\00jj99uuii66ddxxqqq.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5444] command /c del "C:\WINDOWS\Fonts\'\1 DVD Ripper 5.3 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3863] cmd /c del "C:\WINDOWS\Fonts\'\1 DVD Ripper 5.3 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6037] command /c del "C:\WINDOWS\Fonts\'\1,039 Smoothed Out Slappy Hours (1991) Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8377] cmd /c del "C:\WINDOWS\Fonts\'\1,039 Smoothed Out Slappy Hours (1991) Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB598] command /c del "C:\WINDOWS\Fonts\'\10 ft. Ganja Plant - Presents (2007) Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4698] cmd /c del "C:\WINDOWS\Fonts\'\10 ft. Ganja Plant - Presents (2007) Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4944] command /c del "C:\WINDOWS\Fonts\'\100 Deadliest Karate Moves Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4641] cmd /c del "C:\WINDOWS\Fonts\'\100 Deadliest Karate Moves Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4937] command /c del "C:\WINDOWS\Fonts\'\101 Jukebox Classics Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD105] cmd /c del "C:\WINDOWS\Fonts\'\101 Jukebox Classics Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB842] command /c del "C:\WINDOWS\Fonts\'\110% Natural 12 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2265] cmd /c del "C:\WINDOWS\Fonts\'\110% Natural 12 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1303] command /c del "C:\WINDOWS\Fonts\'\UltraISO Premium Edition Ver 8.6.1 Build 1985 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7129] cmd /c del "C:\WINDOWS\Fonts\'\Trend Micro PC-cillin Internet Security 2007 Serial Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8379] command /c del "C:\WINDOWS\Fonts\'\ABBYY PDF Transformer 2.0.0.982 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9536] cmd /c del "C:\WINDOWS\Fonts\'\123 Flash Menu v2.1.0.1059 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB3585] command /c del "C:\WINDOWS\Fonts\'\123 Flash Menu v2.6 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9982] cmd /c del "C:\WINDOWS\Fonts\'\123 Flash Menu v2.6 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB886] command /c del "C:\WINDOWS\Fonts\'\18 And Easy 10 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8294] cmd /c del "C:\WINDOWS\Fonts\'\18 And Easy 10 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB2105] command /c del "C:\WINDOWS\Fonts\'\18 Eighteen Xtra 4 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4836] cmd /c del "C:\WINDOWS\Fonts\'\18 Eighteen Xtra 4 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6387] command /c del "C:\WINDOWS\Fonts\'\1944Battle of the Bulge Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1154] cmd /c del "C:\WINDOWS\Fonts\'\1944Battle of the Bulge Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4449] command /c del "C:\WINDOWS\Fonts\'\1Click DVD Copy 5.1.1.3 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9362] cmd /c del "C:\WINDOWS\Fonts\'\AnyDVD v6.0.9.9 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8229] command /c del "C:\WINDOWS\Fonts\'\1Click DVD Copy Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3948] cmd /c del "C:\WINDOWS\Fonts\'\1Click DVD Copy Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB3044] command /c del "C:\WINDOWS\Fonts\'\1Click DVD COPY Pro v2.4.0.6 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6081] cmd /c del "C:\WINDOWS\Fonts\'\1Click DVD COPY Pro v2.4.0.6 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6956] command /c del "C:\WINDOWS\Fonts\'\1Click DVD Copy v5.0.3.5 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD44] cmd /c del "C:\WINDOWS\Fonts\'\Adobe Photoshop CS2 ISO Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB2561] command /c del "C:\WINDOWS\Fonts\'\2 In 1 Hole Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9632] cmd /c del "C:\WINDOWS\Fonts\'\2 In 1 Hole Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7991] command /c del "C:\WINDOWS\Fonts\'\2 Kinky 4 U Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9445] cmd /c del "C:\WINDOWS\Fonts\'\2 Kinky 4 U Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7553] command /c del "C:\WINDOWS\Fonts\'\2 Young To Fall In Love 3 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7493] cmd /c del "C:\WINDOWS\Fonts\'\2 Young To Fall In Love 3 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB2274] command /c del "C:\WINDOWS\Fonts\'\2 Young To Fall In Love 3 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4106] cmd /c del "C:\WINDOWS\Fonts\'\Shrek Superslam Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4915] command /c del "C:\WINDOWS\Fonts\'\20 Years Of Jethro Tull, Awesome Collection Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD5640] cmd /c del "C:\WINDOWS\Fonts\'\20 Years Of Jethro Tull, Awesome Collection Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4308] command /c del "C:\WINDOWS\Fonts\'\20 Years Of Jethro Tull, Awesome Collection Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4453] cmd /c del "C:\WINDOWS\Fonts\'\Speed DVD Creator v4.0.28 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4155] command /c del "C:\WINDOWS\Fonts\'\237.DVDRip.XviD.2006 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1281] cmd /c del "C:\WINDOWS\Fonts\'\237.DVDRip.XviD.2006 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9412] command /c del "C:\WINDOWS\Fonts\'\25 To Life Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6076] cmd /c del "C:\WINDOWS\Fonts\'\Bet.On.Soldier-RELOADED Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4989] command /c del "C:\WINDOWS\Fonts\'\30 Days of Night (2007) Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1793] cmd /c del "C:\WINDOWS\Fonts\'\30 Days of Night (2007) Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6483] command /c del "C:\WINDOWS\Fonts\'\30 Days Of Night Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD5789] cmd /c del "C:\WINDOWS\Fonts\'\30 Days Of Night Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9617] command /c del "C:\WINDOWS\Fonts\'\30 Days Of Night Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3455] cmd /c del "C:\WINDOWS\Fonts\'\30 Days Of Night Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1739] command /c del "C:\WINDOWS\Fonts\'\300 (2007) Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8210] cmd /c del "C:\WINDOWS\Fonts\'\300 (2007) Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB3695] command /c del "C:\WINDOWS\Fonts\'\300 (2007) Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD5401] cmd /c del "C:\WINDOWS\Fonts\'\Anti-Porn 8.1.9.15 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB2501] command /c del "C:\WINDOWS\Fonts\'\300 (2007) TS.XViD Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD913] cmd /c del "C:\WINDOWS\Fonts\'\300 (2007) TS.XViD Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8514] command /c del "C:\WINDOWS\Fonts\'\300.(2007).TS.XVid KVCD bluX Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD248] cmd /c del "C:\WINDOWS\Fonts\'\300.(2007).TS.XVid KVCD bluX Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4046] command /c del "C:\WINDOWS\Fonts\'\3D Bank _ My Baby Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1343] cmd /c del "C:\WINDOWS\Fonts\'\3D Bank _ My Baby Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB17] command /c del "C:\WINDOWS\Fonts\'\3D Mark 06 1.1.0 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9809] cmd /c del "C:\WINDOWS\Fonts\'\MILF Lessons 10 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8392] command /c del "C:\WINDOWS\Fonts\'\3D Studio Max 5 (AKA 3DS Max) Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2824] cmd /c del "C:\WINDOWS\Fonts\'\Fable The Lost Chapters Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7596] command /c del "C:\WINDOWS\Fonts\'\3D Studio Max 9 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6600] cmd /c del "C:\WINDOWS\Fonts\'\3D Studio Max 9 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8812] command /c del "C:\WINDOWS\Fonts\'\50 Cent - Get Rich Or Die Tryin' Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2972] cmd /c del "C:\WINDOWS\Fonts\'\Magic Audio Converter v8.33 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4295] command /c del "C:\WINDOWS\Fonts\'\500 Person Sex Convention Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4125] cmd /c del "C:\WINDOWS\Fonts\'\500 Person Sex Convention Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7729] command /c del "C:\WINDOWS\Fonts\'\7 Sins PS2 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3714] cmd /c del "C:\WINDOWS\Fonts\'\7 Sins PS2 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB582] command /c del "C:\WINDOWS\Fonts\'\mirc 6.21 with keygen Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7540] cmd /c del "C:\WINDOWS\Fonts\'\88 Minutes (2007) Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6120] command /c del "C:\WINDOWS\Fonts\'\88 minutes dvd rip- (2007) Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1408] cmd /c del "C:\WINDOWS\Fonts\'\88 minutes dvd rip- (2007) Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB2388] command /c del "C:\WINDOWS\Fonts\'\A Bridge Too Far (1977) Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD628] cmd /c del "C:\WINDOWS\Fonts\'\A Bridge Too Far (1977) Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8407] command /c del "C:\WINDOWS\Fonts\'\A Good Year 2006 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9734] cmd /c del "C:\WINDOWS\Fonts\'\A Good Year 2006 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8064] command /c del "C:\WINDOWS\Fonts\'\Linkin Park - Meteora Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1492] cmd /c del "C:\WINDOWS\Fonts\'\A-Mac Address Changer version 5.3 inc serial Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB2787] command /c del "C:\WINDOWS\Fonts\'\A-Z Video Converter Ultimate v7.55 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6934] cmd /c del "C:\WINDOWS\Fonts\'\A-Z Video Converter Ultimate v7.55 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5488] command /c del "C:\WINDOWS\Fonts\'\A1Click Ultra PC Cleaner v1.01.45 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD5776] cmd /c del "C:\WINDOWS\Fonts\'\A1Click Ultra PC Cleaner v1.01.45 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB80] command /c del "C:\WINDOWS\Fonts\'\ABBYY FineReader Professional 9.0.0.662 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2111] cmd /c del "C:\WINDOWS\Fonts\'\ABBYY FineReader Professional 9.0.0.662 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8383] cmd /c del "C:\WINDOWS\Fonts\'\ABBYY PDF Transformer 2.0.0.982 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5792] command /c del "C:\WINDOWS\Fonts\'\Absolute Sound Recorder v3.45 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1228] cmd /c del "C:\WINDOWS\Fonts\'\Tiger Woods PGA Tour 07 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB3041] command /c del "C:\WINDOWS\Fonts\'\Fix-It Utilities 8.0 Pro Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD5961] cmd /c del "C:\WINDOWS\Fonts\'\Absolute Uninstaller v2.2 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8139] command /c del "C:\WINDOWS\Fonts\'\Photo Frame Genius 2.2 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3383] cmd /c del "C:\WINDOWS\Fonts\'\ACA Screen Recorder 2.03 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9639] command /c del "C:\WINDOWS\Fonts\'\Acala Video MP3 Ripper v2.8.4 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4002] cmd /c del "C:\WINDOWS\Fonts\'\Acala Video MP3 Ripper v2.8.4 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB3316] command /c del "C:\WINDOWS\Fonts\'\Access Administrator Pro v4.4 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4925] cmd /c del "C:\WINDOWS\Fonts\'\Access Administrator Pro v4.4 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB2638] command /c del "C:\WINDOWS\Fonts\'\ACDSee 8 professional Full Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9157] cmd /c del "C:\WINDOWS\Fonts\'\ACDSee 8 professional Full Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB524] command /c del "C:\WINDOWS\Fonts\'\AceHTML Pro ver.6.60 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7828] cmd /c del "C:\WINDOWS\Fonts\'\AceHTML Pro ver.6.60 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7514] command /c del "C:\WINDOWS\Fonts\'\Throat Lube Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD133] cmd /c del "C:\WINDOWS\Fonts\'\Acoustica Audio Converter Pro Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8188] command /c del "C:\WINDOWS\Fonts\'\Acronis OS Selector 8.0 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1465] cmd /c del "C:\WINDOWS\Fonts\'\NXPowerLite v3.03 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1811] command /c del "C:\WINDOWS\Fonts\'\Acronis True Image Workstation v9.1.3886 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4978] cmd /c del "C:\WINDOWS\Fonts\'\Mavis Beacon Teaches Typing Deluxe 17 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB273] command /c del "C:\WINDOWS\Fonts\'\Limewire PRO 4.13.2 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3057] cmd /c del "C:\WINDOWS\Fonts\'\AcroPlot Pro 2007 Build 2007.01.21 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8827] command /c del "C:\WINDOWS\Fonts\'\Act Of War High Treason Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9749] cmd /c del "C:\WINDOWS\Fonts\'\New postCasey Parker and her new neighbour Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1627] command /c del "C:\WINDOWS\Fonts\'\Act of War High Treason Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3189] cmd /c del "C:\WINDOWS\Fonts\'\Act of War High Treason Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4122] command /c del "C:\WINDOWS\Fonts\'\Active Boot Disk Pro v.2.1 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD780] cmd /c del "C:\WINDOWS\Fonts\'\Active Boot Disk Pro v.2.1 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1173] command /c del "C:\WINDOWS\Fonts\'\Active File Recovery Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9839] cmd /c del "C:\WINDOWS\Fonts\'\Active File Recovery Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4734] command /c del "C:\WINDOWS\Fonts\'\SurfSecret Privacy Protector 2007 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6178] cmd /c del "C:\WINDOWS\Fonts\'\Actua Tennis Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6992] command /c del "C:\WINDOWS\Fonts\'\AD Stream Recorder v.1.5 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1474] cmd /c del "C:\WINDOWS\Fonts\'\Age of Empires III Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9218] command /c del "C:\WINDOWS\Fonts\'\In 6Out 3 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1037] cmd /c del "C:\WINDOWS\Fonts\'\Ad-Aware 2007 Beta 4 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9435] command /c del "C:\WINDOWS\Fonts\'\Ad-aware 2007 Beta Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1454] cmd /c del "C:\WINDOWS\Fonts\'\Al Green - I Can't Stop Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1651] command /c del "C:\WINDOWS\Fonts\'\Ad-Aware SE Professional Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2189] cmd /c del "C:\WINDOWS\Fonts\'\Ad-Aware SE Professional Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB3331] command /c del "C:\WINDOWS\Fonts\'\Ad-Aware v6.0 Professional Keygen Plugins Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD512] cmd /c del "C:\WINDOWS\Fonts\'\Ad-Aware v6.0 Professional Keygen Plugins Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB2626] command /c del "C:\WINDOWS\Fonts\'\Ad-Aware® Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2138] cmd /c del "C:\WINDOWS\Fonts\'\Ad-Aware® Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9840] command /c del "C:\WINDOWS\Fonts\'\Addicted To Sex Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6542] cmd /c del "C:\WINDOWS\Fonts\'\Addicted To Sex Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB55] command /c del "C:\WINDOWS\Fonts\'\Addicted To Sex Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3392] cmd /c del "C:\WINDOWS\Fonts\'\Avril Lavigne - The Best Damn Thing Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1162] command /c del "C:\WINDOWS\Fonts\'\AdmixDJ.v1.57-ARN Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9246] cmd /c del "C:\WINDOWS\Fonts\'\AdmixDJ.v1.57-ARN Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB2679] command /c del "C:\WINDOWS\Fonts\'\Adobe Acrobat 8 Full Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD5146] cmd /c del "C:\WINDOWS\Fonts\'\Adobe Acrobat 8 Full Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7323] command /c del "C:\WINDOWS\Fonts\'\FiFA 2007 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3748] cmd /c del "C:\WINDOWS\Fonts\'\Adobe Acrobat 8 Professional Full DvD iSO Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB2042] command /c del "C:\WINDOWS\Fonts\'\Adobe Acrobat Professional v8 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD568] cmd /c del "C:\WINDOWS\Fonts\'\Adobe Acrobat Professional v8 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB775] command /c del "C:\WINDOWS\Fonts\'\Adobe Acrobat v8 Professional FuLL Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8967] cmd /c del "C:\WINDOWS\Fonts\'\Adobe Acrobat v8 Professional FuLL Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7469] command /c del "C:\WINDOWS\Fonts\'\IL-2 Sturmovik 1946 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6404] cmd /c del "C:\WINDOWS\Fonts\'\Adobe Acrobat v8 with Keygen Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB768] command /c del "C:\WINDOWS\Fonts\'\Adobe Creative Suite 2 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9596] cmd /c del "C:\WINDOWS\Fonts\'\Adobe Creative Suite 2 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB912] command /c del "C:\WINDOWS\Fonts\'\Digitaction Audio Catalog ver.3.3 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD214] cmd /c del "C:\WINDOWS\Fonts\'\Adobe Creative Suite 2 Premium Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4379] command /c del "C:\WINDOWS\Fonts\'\Adobe CS3 Design Premium Suite Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1451] cmd /c del "C:\WINDOWS\Fonts\'\Adobe CS3 Design Premium Suite Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8509] command /c del "C:\WINDOWS\Fonts\'\Neverwinter Nights Diamond Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3090] cmd /c del "C:\WINDOWS\Fonts\'\Adobe DreamWeaver CS3 Full-fixed Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7211] command /c del "C:\WINDOWS\Fonts\'\Adobe Dreamweaver CS3 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD869] cmd /c del "C:\WINDOWS\Fonts\'\Adobe Dreamweaver CS3 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6280] command /c del "C:\WINDOWS\Fonts\'\Adobe Illustrator CS 11.0 Portable Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1327] cmd /c del "C:\WINDOWS\Fonts\'\Adobe Illustrator CS 11.0 Portable Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7630] command /c del "C:\WINDOWS\Fonts\'\Adobe Illustrator CS2 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4288] cmd /c del "C:\WINDOWS\Fonts\'\Adobe Illustrator CS2 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5066] command /c del "C:\WINDOWS\Fonts\'\Adobe Illustrator CS2 v12.00 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6762] cmd /c del "C:\WINDOWS\Fonts\'\Adobe Illustrator CS2 v12.00 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9290] command /c del "C:\WINDOWS\Fonts\'\Adobe Pagemaker 7.0.1 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD192] cmd /c del "C:\WINDOWS\Fonts\'\AnyDVD 6.1.1.4 - Final Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4438] command /c del "C:\WINDOWS\Fonts\'\Adobe Photoshop CS2 (Police Tested) Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9284] cmd /c del "C:\WINDOWS\Fonts\'\Adobe Photoshop CS2 (Police Tested) Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8192] command /c del "C:\WINDOWS\Fonts\'\Adobe Photoshop CS2 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9984] cmd /c del "C:\WINDOWS\Fonts\'\Adobe Photoshop CS2 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1898] command /c del "C:\WINDOWS\Fonts\'\Adobe Photoshop CS2 ISO Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7450] command /c del "C:\WINDOWS\Fonts\'\Adobe Photoshop CS2 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3215] cmd /c del "C:\WINDOWS\Fonts\'\Macromedia Dreamweaver 8 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8697] command /c del "C:\WINDOWS\Fonts\'\Adobe Photoshop CS2 Portable Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD787] cmd /c del "C:\WINDOWS\Fonts\'\Adobe Photoshop CS2 Portable Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7742] command /c del "C:\WINDOWS\Fonts\'\Adobe Photoshop CS2 v9.0 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3114] cmd /c del "C:\WINDOWS\Fonts\'\Stardock ObjectDock Plus v1.50.528U Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB3075] command /c del "C:\WINDOWS\Fonts\'\Adobe Photoshop CS3 Extended Version Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3882] cmd /c del "C:\WINDOWS\Fonts\'\Adobe Photoshop CS3 Extended Version Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB2673] command /c del "C:\WINDOWS\Fonts\'\Adobe PhotoShop Elements 5.0 (Retail) Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD760] cmd /c del "C:\WINDOWS\Fonts\'\Lolita in Love Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB2625] command /c del "C:\WINDOWS\Fonts\'\Adobe Photoshop Elements v5.0.2 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2738] cmd /c del "C:\WINDOWS\Fonts\'\Cossacks 2 Napoleonic Wars Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1407] command /c del "C:\WINDOWS\Fonts\'\Adobe Photoshop Pro CS2 v9.0 Full ISO Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2198] cmd /c del "C:\WINDOWS\Fonts\'\Apex Video Converter Pro v5.47 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7237] command /c del "C:\WINDOWS\Fonts\'\Adobe Premier Pro v2.0 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7958] cmd /c del "C:\WINDOWS\Fonts\'\Silent Hunter 4 Wolves of the Pacific Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB2436] command /c del "C:\WINDOWS\Fonts\'\Adobe Premier Professional 2.0 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD865] cmd /c del "C:\WINDOWS\Fonts\'\Adobe Premier Professional 2.0 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB3238] command /c del "C:\WINDOWS\Fonts\'\Adobe Premiere Pro 2 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8908] cmd /c del "C:\WINDOWS\Fonts\'\Naked Eye Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5589] command /c del "C:\WINDOWS\Fonts\'\ADOBE Premiere Pro 2.0 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4194] cmd /c del "C:\WINDOWS\Fonts\'\ADOBE Premiere Pro 2.0 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8344] command /c del "C:\WINDOWS\Fonts\'\Adobe Premiere Pro 2.0 FuLL Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2939] cmd /c del "C:\WINDOWS\Fonts\'\Adobe Premiere Pro 2.0 FuLL Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8957] command /c del "C:\WINDOWS\Fonts\'\ADOBE Premiere Pro 2.0 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2405] cmd /c del "C:\WINDOWS\Fonts\'\ADOBE Premiere Pro 2.0 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9422] command /c del "C:\WINDOWS\Fonts\'\Adobe Reader 8.1.1 for Windows XP SP2Vista Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD5818] cmd /c del "C:\WINDOWS\Fonts\'\Adobe Reader 8.1.1 for Windows XP SP2Vista Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9122] command /c del "C:\WINDOWS\Fonts\'\Advanced Administrative Tools Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD5863] cmd /c del "C:\WINDOWS\Fonts\'\Advanced Administrative Tools Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5882] command /c del "C:\WINDOWS\Fonts\'\Advanced EFS Data Recovery v3.1 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD176] cmd /c del "C:\WINDOWS\Fonts\'\Advanced EFS Data Recovery v3.1 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB126] command /c del "C:\WINDOWS\Fonts\'\Internet Download Manager 5.09 build 4 Keygen Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3677] cmd /c del "C:\WINDOWS\Fonts\'\Creature Creator v1.6 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1986] command /c del "C:\WINDOWS\Fonts\'\Advanced MP3 Catalog Pro v3.36 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8634] cmd /c del "C:\WINDOWS\Fonts\'\Advanced MP3 Catalog Pro v3.36 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9176] command /c del "C:\WINDOWS\Fonts\'\Advanced Net Monitor for Classroom Pro ver.2.6.1 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1326] cmd /c del "C:\WINDOWS\Fonts\'\Advanced Net Monitor for Classroom Pro ver.2.6.1 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB596] command /c del "C:\WINDOWS\Fonts\'\Advanced RAR Password Recovery v1.51 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6455] cmd /c del "C:\WINDOWS\Fonts\'\Advanced RAR Password Recovery v1.51 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6331] command /c del "C:\WINDOWS\Fonts\'\Advanced Uninstaller Pro 8.3 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1850] cmd /c del "C:\WINDOWS\Fonts\'\Advanced Uninstaller Pro 8.3 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB790] command /c del "C:\WINDOWS\Fonts\'\Advanced WindowsCare Personal Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8855] cmd /c del "C:\WINDOWS\Fonts\'\Advanced WindowsCare Personal Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6377] command /c del "C:\WINDOWS\Fonts\'\Advanced ZIP Password Recovery Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9817] cmd /c del "C:\WINDOWS\Fonts\'\Advanced ZIP Password Recovery Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB3229] command /c del "C:\WINDOWS\Fonts\'\Advent Rising Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6435] cmd /c del "C:\WINDOWS\Fonts\'\Advent Rising Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5416] command /c del "C:\WINDOWS\Fonts\'\Adware Se Aio Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3805] cmd /c del "C:\WINDOWS\Fonts\'\Adware Se Aio Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5438] command /c del "C:\WINDOWS\Fonts\'\Aerial Mahjong Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1866] cmd /c del "C:\WINDOWS\Fonts\'\Aerial Mahjong Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7384] command /c del "C:\WINDOWS\Fonts\'\In 5Out 2 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4779] cmd /c del "C:\WINDOWS\Fonts\'\Aerosmith - Big ones (1994) Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5220] command /c del "C:\WINDOWS\Fonts\'\Agama Web Buttons 2.64 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4976] cmd /c del "C:\WINDOWS\Fonts\'\Symantec Norton Ghost v.11.0.0.1502 Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6876] command /c del "C:\WINDOWS\Fonts\'\Age Of Empires II The Age Of Kings Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1629] cmd /c del "C:\WINDOWS\Fonts\'\Age Of Empires II The Age Of Kings Keygen.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8116] command /c del "C:\WINDOWS\Fonts\'\Age of Empires III Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8670] command /c del "C:\WINDOWS\Fonts\'\Age Of Empires III Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9213] cmd /c del "C:\WINDOWS\Fonts\'\Age Of Empires III Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1391] command /c del "C:\WINDOWS\Fonts\'\Agentin Jane Bomb Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7201] cmd /c del "C:\WINDOWS\Fonts\'\Agentin Jane Bomb Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9124] command /c del "C:\WINDOWS\Fonts\'\Lula Flipper Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2046] cmd /c del "C:\WINDOWS\Fonts\'\agicISO Maker 5.4 Build 0239 Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6746] command /c del "C:\WINDOWS\Fonts\'\Aha-soft Iconlover 4.15 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD851] cmd /c del "C:\WINDOWS\Fonts\'\Logo Design Studio Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7217] command /c del "C:\WINDOWS\Fonts\'\Aimersoft DVD Ripper 1.0.21 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4614] cmd /c del "C:\WINDOWS\Fonts\'\Aimersoft DVD Ripper 1.0.21 Patch.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB2796] command /c del "C:\WINDOWS\Fonts\'\Air Assault 3D Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2203] cmd /c del "C:\WINDOWS\Fonts\'\Air Assault 3D Crack.zip"
O4 - HKCU\..\RunOnce: [SpybotDeletingB355] command /c del "C:\WINDOWS\Fonts\'\AirCrack 0.6.2 Patch.zip"
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O8 - Extra context menu item: &Search - Search

O16 - DPF: {15589FA1-C456-11CE-BF01-000000000000} - http://www.errornuker.com/products/e...rInstaller.exe
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} -

O21 - SSODL: AvpUnknown - {1d4b5298-7f60-475e-914d-a9d901f07f06} - C:\WINDOWS\Resources\AvpUnknown.dll

O24 - Desktop Component 0: Privacy Protection - (no file)


Please disconnect from the Internet. Please close ALL browser windows (including this one).

Everything closed out but hijackthis and click on "fix checked"


Reboot your PC, post a new hijackthis log please.
__________________
Stalking and killing Spyware

Have we helped you? Please consider a donation to help keep D-A-L free. Click on donate below



MALWARE: READ FIRST Procedures:
|_ SpyBot V1.5 _|_ HijackThis Log __V2.0.2 _|



ASAP: promoting a high standard and quality of security support no matter where you seek help.

Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #5 (permalink)  
Old 16-07-2008, 12:16 AM
Newbie
D-A-L Newbie
  
Join Date: Jul 2008
Posts: 13
jorie9699 Is a beginner here at D-A-L
re: nasty virus(RESOLVED)
here's the hijack this log........before getting a response I was messing around with other programs trying to clean out the virus. Not sure if I got it or not.


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:13, on 7/15/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe
C:\Program Files\Hewlett-Packard\hp LaserJet 3015_3020_3030_3380\SetConfig.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\MI3AA1~1\wcescomm.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HPQ\Shared\hpqwmi.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Jessica\Desktop\HijackThis.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\SoftwareDistribution\Download\5652d934e ec8bfa4dc68c4e256a23d5e\update\update.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Comcast.net Home
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = :0
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {6CF0A05E-7D6B-4E00-B836-B3F23513657C} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {9D8EA26A-BA5B-4CA6-B03A-74983D8DBDAA} - (no file)
O2 - BHO: (no name) - {e7530643-5e3b-4658-8e66-4e84199a99dd} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [StatusClient 2.6] C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe /auto
O4 - HKLM\..\Run: [HPLJ Config] C:\Program Files\Hewlett-Packard\hp LaserJet 3015_3020_3030_3380\SetConfig.exe -c Direct -p DOT4_002 -pn "" -n 1 -l 1033 -sl 120000
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ddoctorv2] "C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe" /P ddoctorv2
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MI3AA1~1\wcescomm.exe"
O8 - Extra context menu item: &Search - Search
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/...x/qtplugin.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/sh...1/mcinsctl.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {74E4A24D-5224-4F05-8A41-99445E0FC22B} -
O16 - DPF: {8FA2192F-B95D-40E3-898F-8D7ABB8E00D0} -
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAV...oadManager.ocx
O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/radio/amp...1.11_en_dl.cab
O16 - DPF: {BCBC9371-595D-11D4-A96D-00105A1CEF6C} -
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/sh...26/mcgdmgr.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} -
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} -
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
O16 - DPF: {EA6246B4-F380-443F-8727-9AEA3371146C} (CPlayFirstWeddingDashControl Object) - http://aolsvc.aol.com/onlinegames/fr...h.1.0.0.47.cab
O20 - Winlogon Notify: byXRjihi - C:\WINDOWS\
O20 - Winlogon Notify: byxxutu - C:\WINDOWS\
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\Shared\hpqwmi.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\hpzipm12.exe
O23 - Service: QuickBooksDB - Intuit, Inc. - C:\PROGRA~1\Intuit\QUICKB~1\QBDBMgrN.exe
O23 - Service: SupportSoft Sprocket Service (ddoctorv2) (sprtsvc_ddoctorv2) - SupportSoft, Inc. - C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
O24 - Desktop Component 0: Privacy Protection - (no file)

--
End of file - 9322 bytes
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #6 (permalink)  
Old 16-07-2008, 10:08 PM
Neal's Avatar
Senior Member
  
Join Date: Sep 2005
Posts: 5,524
Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!
re: nasty virus(RESOLVED)
Now reboot into safe mode( without networking support) by tapping your F8 key upon restart and safe mode screen appears, select safe mode and press enter.


Fix these with hijackthis:

O2 - BHO: (no name) - {6CF0A05E-7D6B-4E00-B836-B3F23513657C} - (no file)
O2 - BHO: (no name) - {9D8EA26A-BA5B-4CA6-B03A-74983D8DBDAA} - (no file)
O2 - BHO: (no name) - {e7530643-5e3b-4658-8e66-4e84199a99dd} - (no file)

O8 - Extra context menu item: &Search - Search

O16 - DPF: {74E4A24D-5224-4F05-8A41-99445E0FC22B} -
O16 - DPF: {8FA2192F-B95D-40E3-898F-8D7ABB8E00D0} -
O16 - DPF: {BCBC9371-595D-11D4-A96D-00105A1CEF6C} -
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} -
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} -

O20 - Winlogon Notify: byXRjihi - C:\WINDOWS\
O20 - Winlogon Notify: byxxutu - C:\WINDOWS\

O24 - Desktop Component 0: Privacy Protection - (no file)


EVerything closed out but hijackthis and click fix checked, reboot to normal mode please and post new hijackthis log and tell me what is going on now?
__________________
Stalking and killing Spyware

Have we helped you? Please consider a donation to help keep D-A-L free. Click on donate below



MALWARE: READ FIRST Procedures:
|_ SpyBot V1.5 _|_ HijackThis Log __V2.0.2 _|



ASAP: promoting a high standard and quality of security support no matter where you seek help.

Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #7 (permalink)  
Old 17-07-2008, 02:58 PM
Newbie
D-A-L Newbie
  
Join Date: Jul 2008
Posts: 13
jorie9699 Is a beginner here at D-A-L
re: nasty virus(RESOLVED)
My desktop is still weird, icons are all highlighted and can't stretch to fit, theres about an inch of white on one side no matter what i do.
also i noticed after fixing checked files that they are still there. here's my log.....


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:54, on 7/17/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\MI3AA1~1\wcescomm.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Jessica\Desktop\HijackThis.exe
\?\C:\WINDOWS\system32\WBEM\WMIADAP.EXE
C:\Program Files\HPQ\Shared\hpqwmi.exe
C:\WINDOWS\system32\wuauclt.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Comcast.net Home
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = :0
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {9D8EA26A-BA5B-4CA6-B03A-74983D8DBDAA} - (no file)
O2 - BHO: (no name) - {e7530643-5e3b-4658-8e66-4e84199a99dd} - (no file)
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [StatusClient 2.6] C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe /auto
O4 - HKLM\..\Run: [HPLJ Config] C:\Program Files\Hewlett-Packard\hp LaserJet 3015_3020_3030_3380\SetConfig.exe -c Direct -p DOT4_002 -pn "" -n 1 -l 1033 -sl 120000
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ddoctorv2] "C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe" /P ddoctorv2
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MI3AA1~1\wcescomm.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/...x/qtplugin.cab
O16 - DPF: {15589FA1-C456-11CE-BF01-000000000000} -
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} -
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/sh...1/mcinsctl.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {74E4A24D-5224-4F05-8A41-99445E0FC22B} -
O16 - DPF: {8FA2192F-B95D-40E3-898F-8D7ABB8E00D0} -
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAV...oadManager.ocx
O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/radio/amp...1.11_en_dl.cab
O16 - DPF: {BCBC9371-595D-11D4-A96D-00105A1CEF6C} -
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/sh...26/mcgdmgr.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} -
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
O16 - DPF: {EA6246B4-F380-443F-8727-9AEA3371146C} (CPlayFirstWeddingDashControl Object) - http://aolsvc.aol.com/onlinegames/fr...h.1.0.0.47.cab
O20 - Winlogon Notify: byXRjihi - C:\WINDOWS\
O20 - Winlogon Notify: byxxutu - C:\WINDOWS\
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\Shared\hpqwmi.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\hpzipm12.exe
O23 - Service: QuickBooksDB - Intuit, Inc. - C:\PROGRA~1\Intuit\QUICKB~1\QBDBMgrN.exe
O23 - Service: SupportSoft Sprocket Service (ddoctorv2) (sprtsvc_ddoctorv2) - SupportSoft, Inc. - C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
O24 - Desktop Component 0: Privacy Protection - (no file)

--
End of file - 9070 bytes
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #8 (permalink)  
Old 17-07-2008, 09:01 PM
Neal's Avatar
Senior Member
  
Join Date: Sep 2005
Posts: 5,524
Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!
re: nasty virus(RESOLVED)
Please make sure tea timer is turned off:
[*]Run Spybot-S&D[*]Go to the Mode menu, and make sure "Advanced Mode" is selected[*]On the left hand side, choose Tools -> Resident[*]Uncheck "Resident TeaTimer" and OK any prompts[/list]You can reenable TeaTimer once your system is clean.



Please download and install SUPERAntiSpyware Trial Pro Edition SUPERAntiSpyware.com - AntiAdware. AntiSpyware. AntiMalware.

* Load SUPERAntiSpyware and click the Check for Updates button.
* Once the update has finished, exit SUPERAntiSpyware. Please do NOT run a scan yet!


IMPORTANT: Do NOT open any other windows or programs while SUPERAntiSpyware is scanning, it may interfere with the scanning process.

* Open SUPERAntiSpyware and click the Scan your Computer button.
* Check Perform Complete Scan and then click Next.
* SUPERAntiSpyware will now scan your computer and when it’s finished it will list all the infections it has found.
* Make sure that they all have a check next to them, and then click Next.
* Click Finish and you will be taken back to the main interface.
* It could be possible that it will ask you to reboot your computer in order to delete some files after reboot.
* I'll need a log afterwards of what has been found.
* To get the log, click Preferences and then click the Statistics/Logs tab. Click the dated log and press View Log and a text file will appear.
* Please post the results of the SUPERAntiSpyware log in your next reply.



Download and install About:Buster:

HERE

Or

HERE


Important steps to getting this tool to work properly:

First unzip all files from the zip folder to a folder or your desktop. Start it and hit ok. Then hit update. A new screen should popup. On that screen hit Check for Updates. If it says it found an update hit Download Updates. If it doesnt it will automatically tell you and exit.

Now for the scanning part.


Now reboot into safe mode( without networking support) by tapping your F8 key upon restart and safe mode screen appears, select safe mode and press enter.

Run the tool, when it is fininshed, click exit and reboot your PC and do it again just like the first time or as many times as it takes not to find infection


Please post super antispyware log and new hijackthis log
__________________
Stalking and killing Spyware

Have we helped you? Please consider a donation to help keep D-A-L free. Click on donate below



MALWARE: READ FIRST Procedures:
|_ SpyBot V1.5 _|_ HijackThis Log __V2.0.2 _|



ASAP: promoting a high standard and quality of security support no matter where you seek help.

Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #9 (permalink)  
Old 18-07-2008, 06:07 AM
Newbie
D-A-L Newbie
  
Join Date: Jul 2008
Posts: 13
jorie9699 Is a beginner here at D-A-L
re: nasty virus(RESOLVED)
here are my logs
SUPERAntiSpyware Scan Log
SUPERAntiSpyware.com - AntiAdware, AntiSpyware, AntiMalware!

Generated 07/17/2008 at 11:31 PM

Application Version : 4.15.1000

Core Rules Database Version : 3507
Trace Rules Database Version: 1498

Scan type : Complete Scan
Total Scan Time : 01:49:00

Memory items scanned : 329
Memory threats detected : 0
Registry items scanned : 5823
Registry threats detected : 0
File items scanned : 16288
File threats detected : 0


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:05, on 7/18/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\MI3AA1~1\wcescomm.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\HPQ\Shared\hpqwmi.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Documents and Settings\Jessica\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Comcast.net Home
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = :0
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {9D8EA26A-BA5B-4CA6-B03A-74983D8DBDAA} - (no file)
O2 - BHO: (no name) - {e7530643-5e3b-4658-8e66-4e84199a99dd} - (no file)
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [StatusClient 2.6] C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe /auto
O4 - HKLM\..\Run: [HPLJ Config] C:\Program Files\Hewlett-Packard\hp LaserJet 3015_3020_3030_3380\SetConfig.exe -c Direct -p DOT4_002 -pn "" -n 1 -l 1033 -sl 120000
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ddoctorv2] "C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe" /P ddoctorv2
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MI3AA1~1\wcescomm.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/...x/qtplugin.cab
O16 - DPF: {15589FA1-C456-11CE-BF01-000000000000} -
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} -
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/sh...1/mcinsctl.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {74E4A24D-5224-4F05-8A41-99445E0FC22B} -
O16 - DPF: {8FA2192F-B95D-40E3-898F-8D7ABB8E00D0} -
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAV...oadManager.ocx
O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/radio/amp...1.11_en_dl.cab
O16 - DPF: {BCBC9371-595D-11D4-A96D-00105A1CEF6C} -
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/sh...26/mcgdmgr.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} -
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
O16 - DPF: {EA6246B4-F380-443F-8727-9AEA3371146C} (CPlayFirstWeddingDashControl Object) - http://aolsvc.aol.com/onlinegames/fr...h.1.0.0.47.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: byXRjihi - C:\WINDOWS\
O20 - Winlogon Notify: byxxutu - C:\WINDOWS\
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\Shared\hpqwmi.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\hpzipm12.exe
O23 - Service: QuickBooksDB - Intuit, Inc. - C:\PROGRA~1\Intuit\QUICKB~1\QBDBMgrN.exe
O23 - Service: SupportSoft Sprocket Service (ddoctorv2) (sprtsvc_ddoctorv2) - SupportSoft, Inc. - C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
O24 - Desktop Component 0: Privacy Protection - (no file)

--
End of file - 9081 bytes

buster didn't find anything.....
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #10 (permalink)  
Old 18-07-2008, 10:06 PM
Neal's Avatar
Senior Member
  
Join Date: Sep 2005
Posts: 5,524
Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!
re: nasty virus(RESOLVED)
You can uninstall super antispyware if you want, it did not help at all like I thought it would on the vundo trojan.

Let's break out the big guns and nail this sucker, please follow instructions very carefully.



Visit this page below to familiarize yourself to the tool below:

A guide and tutorial on using ComboFix




If you have previously downloaded ComboFix,please delete that version now.

Now download ComboFix and save to your desktop:

Note:

It is IMPORTANT that it is saved directly to your desktop

Close any open browsers.

Disconnect from the Internet.

Please do not re-connect your machine back to the Internet until Combofix has completely finished.

Disable your antivirus program and any realtime malware scanners and script blockers now


How To Disable



Double click on combofix.exe and follow the prompts.

When it's finished it will produce a log.
Post the entire contents of C:\ComboFix.txt into your next reply.

Note:
Do not mouseclick combofix's window while it's running.

That may cause the program to freeze/hang.

Do NOT post the ComboFix-quarantined-files.txt unless I ask.

Re-enable your anti-virus and re-connect back to the internet and post the combofix log.



*Note*
In case your Antivirus or any other realtime scanner is displaying an alert after you downloaded Combofix or while you use Combofix,please disable your scanner and redownload Combofix again.
Some scanners may see some combofix related components as suspicious and block or delete them while there's nothing wrong with them.

ComboFix SHOULD NOT be used unless requested by a forum helper.



New hijackthis log also plese.
__________________
Stalking and killing Spyware

Have we helped you? Please consider a donation to help keep D-A-L free. Click on donate below



MALWARE: READ FIRST Procedures:
|_ SpyBot V1.5 _|_ HijackThis Log __V2.0.2 _|



ASAP: promoting a high standard and quality of security support no matter where you seek help.

Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
Reply
Page 1 of 3 1 23

« Previous Thread | Next Thread »

Thread Tools

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Virus and other nasty bugs Help Pleeeeeease!!! Aphroditi Spyware, Adware, Viruses and HijackThis Logs 3 30-11-2008 02:21 AM
a nasty self copier satanhanx Spyware, Adware, Viruses and HijackThis Logs 3 09-06-2008 10:27 PM
Picked up something nasty! imported_Fathom Windows XP Help 10 25-11-2007 04:25 PM
Nasty CID Pop-ups (RESOLVED) shaz3rd Spyware, Adware, Viruses and HijackThis Logs 7 17-03-2007 02:36 AM
Virus - Fix this please!(RESOLVED) vmj126 Spyware, Adware, Viruses and HijackThis Logs 11 10-01-2007 07:57 PM


All times are GMT +1. The time now is 09:41 PM.
Member Login
Remember me ?
Forgot password?
Ads

Want to Advertise? Click Here
Help Categories
Desktop / Server Apps
Drivers
Firewalls and Networks
Games
General Internet Issues
Hardware
Linux
MAC OS
Modding / Overclocking
Search Engines
Spyware and Security
Web Development
Windows 2000
Windows 7
Windows 98
Windows ME
Windows Vista
Windows XP

Computer Repair Companies
Bottom Corner Bottom Nav