Help appreciated!

Hi sulan33 and welcome to A2K.
Timbers thread for removal of Yuckware will remove most hijackers and redirects, However you have a new varient of the CWS hijacker which requires a new tool.
I would like you to enable System Restore for now please,
We will create a new Restore point after your system is cleaned,
Now need you to do a couple things please,
Dowload the following program
CWShredder
It should be the current version, but check for updates
Run Program cwshredder and have it fix anything it finds.
Make sure you click the "Fix" button

Next,
Download AboutBuster
Then Unzip it to your desktop.. "Don't run it yet"

First, reboot into 'SAFE MODE'. (By tapping the F8 key on start up)
Next:
Run About Buster twice in safe Mode Save the logs it generates,
While still in safe mode,
Please restart HJT put a check next to the following if they still exist, close all open windows and click "fix.checked"
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINNT\izyhs.dll/sp.html#96676
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINNT\izyhs.dll/sp.html#96676
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINNT\izyhs.dll/sp.html#96676
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINNT\izyhs.dll/sp.html#96676
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINNT\izyhs.dll/sp.html#96676
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINNT\izyhs.dll/sp.html#96676
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {660FFA3A-3DFA-0ABC-710F-380FEDEE7151} - C:\WINNT\system32\ntit.dll
O4 - HKLM\..\Run: [addxb32.exe] C:\WINNT\system32\addxb32.exe
O4 - HKLM\..\Run: [wwrcdxeszpvdk] C:\WINNT\System32\dvlyyc.exe
O4 - HKCU\..\Run: [Iwlyz] C:\WINNT\System32\rdsj.exe
O15 - Trusted Zone: *.clickspring.net
O15 - Trusted Zone: *.mt-download.com
O15 - Trusted Zone: *.my-internet.info
O15 - Trusted Zone: *.searchmiracle.com
O15 - Trusted Zone: *.skoobidoo.com

make sure you can view all View all Hidden Files/Folders search for and delete the following in BOLD if still present
C:\WINNT\izyhs.dll
C:\WINNT\system32\ntit.dll
C:\WINNT\system32\addxb32.exe
C:\WINNT\System32\dvlyyc.exe
C:\WINNT\System32\rdsj.exe

Restart your computer,

Run About Buster twice again please, Again save the log from it,

Run CWShredder again please,
Post back all the logs from AboutBuster and a fresh HJT log please.

Hi Don 77

Thank you for your reply and assistance. I have done what you suggested, please find the log files from AboutBuster and HJT below.

Once again thank you very much for your help it is much appreciated.

Scanned at: 10:25:22 PM on: 1/3/2005


-- Scan 1 ---------------------------
About:Buster Version 4.0
Reference List : 19


Removed Data Streams:
C:\WINNT\addjv.dll:etxia
C:\WINNT\addvw32.dll:nqimx
C:\WINNT\addzf32.dll:znsgy
C:\WINNT\apico32.dll:jcwkk
C:\WINNT\apiqo.dll:asaqc
C:\WINNT\apped.dll:ltlew
C:\WINNT\appwa.dll:onouv
C:\WINNT\crgn.dll:nqhcn
C:\WINNT\crvu.dll:rkdad
C:\WINNT\d3et.dll:kclgr
C:\WINNT\d3wd32.dll:knscf
C:\WINNT\ieio32.dll:cqqhs
C:\WINNT\ipnm.dll:qvtkn
C:\WINNT\mfclb32.dll:ngllq
C:\WINNT\mfcrh32.dll:ggeqs
C:\WINNT\mfcwq32.dll:jipjp
C:\WINNT\msmg.dll:qrlug
C:\WINNT\msrq.dll:ykyvi
C:\WINNT\msxmidi.exe.js:muhsx
C:\WINNT\netbj.dll:edbhm
C:\WINNT\netdg.dll:vaajz
C:\WINNT\n_skhvoz.dat:xqils
C:\WINNT\n_xcojyv.dat:qrbqu
C:\WINNT\ockodak.log:ijtvo
C:\WINNT\REGLOCS.OLD:wldzb
C:\WINNT\tjavs.dll:ewadq
C:\WINNT\tsoc.log:wxlik
C:\WINNT\twunk_16.exe:pydnm
C:\WINNT\winhelp.exe:rqzsr
C:\WINNT\WINNT32.LOG:jgdsf
C:\WINNT\winsc.dll:nluih
C:\WINNT\wmsetup.log:fqaxe


Removed 4 Random Key Entries
Removed! : C:\WINNT\addfs32.dll
Removed! : C:\WINNT\addol.dll
Removed! : C:\WINNT\adduk32.dll
Removed! : C:\WINNT\addzf32.dll
Removed! : C:\WINNT\apibj.dll
Removed! : C:\WINNT\appaz32.dll
Removed! : C:\WINNT\appvo32.dll
Removed! : C:\WINNT\appwx.dll
Removed! : C:\WINNT\atlbp32.dll
Removed! : C:\WINNT\atlwb.dll
Removed! : C:\WINNT\aueys.dll
Removed! : C:\WINNT\bmnjg.dll
Removed! : C:\WINNT\cjovs.dat
Removed! : C:\WINNT\crcm32.dll
Removed! : C:\WINNT\creo32.dll
Removed! : C:\WINNT\d3or.dll
Removed! : C:\WINNT\dghld.dat
Removed! : C:\WINNT\fkndl.dll
Removed! : C:\WINNT\hwiri.dat
Removed! : C:\WINNT\iecc32.dll
Removed! : C:\WINNT\iesf32.dll
Removed! : C:\WINNT\imtqc.dat
Removed! : C:\WINNT\ipjc32.exe
Removed! : C:\WINNT\ipjr32.dll
Removed! : C:\WINNT\izyhs.dll
Removed! : C:\WINNT\knfzx.dat
Removed! : C:\WINNT\kpnes.dll
Removed! : C:\WINNT\liqim.dll
Removed! : C:\WINNT\mfcdd32.exe
Removed! : C:\WINNT\mkfym.dat
Removed! : C:\WINNT\mshf.dll
Removed! : C:\WINNT\msuo32.dll
Removed! : C:\WINNT\msyi.dll
Removed! : C:\WINNT\netcg32.dll
Removed! : C:\WINNT\ntzo32.dll
Removed! : C:\WINNT\oxsxu.dll
Removed! : C:\WINNT\repyi.dll
Removed! : C:\WINNT\sssgw.dll
Removed! : C:\WINNT\syssv32.dll
Removed! : C:\WINNT\winrt32.dll
Removed! : C:\WINNT\winwu.dll
Removed! : C:\WINNT\winzb32.dll
Removed! : C:\WINNT\xfbbl.dat
Removed! : C:\WINNT\ystci.dat
Removed! : C:\WINNT\system32\bldkv.dat
Removed! : C:\WINNT\system32\ffiwj.dat
Removed! : C:\WINNT\system32\flylg.dat
Removed! : C:\WINNT\system32\hrhfe.dat
Removed! : C:\WINNT\system32\ieqkm.dll
Removed! : C:\WINNT\system32\jflup.dat
Removed! : C:\WINNT\system32\mkitk.dat
Removed! : C:\WINNT\system32\obgpq.dat
Removed! : C:\WINNT\system32\qsmwj.dat
Removed! : C:\WINNT\system32\triju.dat
Attempted Clean Of Temp folder.
Removed Uninstall Key (HSA)
Removed Uninstall Key (SE)
Removed Uninstall Key (SW)
Pages Reset... Done!

-- Scan 2 ---------------------------
About:Buster Version 4.0
Reference List : 19


Removed Data Streams:
C:\WINNT\addjv.dll:etxia
C:\WINNT\addvw32.dll:nqimx
C:\WINNT\addzf32.dll:znsgy
C:\WINNT\apico32.dll:jcwkk
C:\WINNT\apiqo.dll:asaqc
C:\WINNT\apped.dll:ltlew
C:\WINNT\appwa.dll:onouv
C:\WINNT\crgn.dll:nqhcn
C:\WINNT\crvu.dll:rkdad
C:\WINNT\d3et.dll:kclgr
C:\WINNT\d3wd32.dll:knscf
C:\WINNT\ieio32.dll:cqqhs
C:\WINNT\ipnm.dll:qvtkn
C:\WINNT\mfclb32.dll:ngllq
C:\WINNT\mfcrh32.dll:ggeqs
C:\WINNT\mfcwq32.dll:jipjp
C:\WINNT\msmg.dll:qrlug
C:\WINNT\msrq.dll:ykyvi
C:\WINNT\msxmidi.exe.js:muhsx
C:\WINNT\netbj.dll:edbhm
C:\WINNT\netdg.dll:vaajz
C:\WINNT\n_skhvoz.dat:xqils
C:\WINNT\n_xcojyv.dat:qrbqu
C:\WINNT\ockodak.log:ijtvo
C:\WINNT\REGLOCS.OLD:wldzb
C:\WINNT\tjavs.dll:ewadq
C:\WINNT\tsoc.log:wxlik
C:\WINNT\twunk_16.exe:pydnm
C:\WINNT\winhelp.exe:rqzsr
C:\WINNT\WINNT32.LOG:jgdsf
C:\WINNT\winsc.dll:nluih
C:\WINNT\wmsetup.log:fqaxe


Attempted Clean Of Temp folder.
Pages Reset... Done!






Scanned at: 10:27:24 PM on: 1/3/2005


-- Scan 1 ---------------------------
About:Buster Version 4.0
Reference List : 19

No ADS found on system
Attempted Clean Of Temp folder.
Pages Reset... Done!

-- Scan 2 ---------------------------
About:Buster Version 4.0
Reference List : 19

No ADS found on system
Attempted Clean Of Temp folder.
Pages Reset... Done!






Scanned at: 10:40:00 PM on: 1/3/2005


-- Scan 1 ---------------------------
About:Buster Version 4.0
Reference List : 19

No ADS found on system
Removed 5 Random Key Entries
Attempted Clean Of Temp folder.
Removed Uninstall Key (HSA)
Removed Uninstall Key (SE)
Removed Uninstall Key (SW)
Pages Reset... Done!

-- Scan 2 ---------------------------
About:Buster Version 4.0
Reference List : 19

No ADS found on system
Attempted Clean Of Temp folder.
Pages Reset... Done!






Scanned at: 10:41:11 PM on: 1/3/2005


-- Scan 1 ---------------------------
About:Buster Version 4.0
Reference List : 19

No ADS found on system
Removed 5 Random Key Entries
Attempted Clean Of Temp folder.
Removed Uninstall Key (HSA)
Removed Uninstall Key (SE)
Removed Uninstall Key (SW)
Pages Reset... Done!

-- Scan 2 ---------------------------
About:Buster Version 4.0
Reference List : 19

No ADS found on system
Attempted Clean Of Temp folder.
Pages Reset... Done!

-- Scan 3 ---------------------------
About:Buster Version 4.0
Reference List : 19

No ADS found on system
Attempted Clean Of Temp folder.
Removed Uninstall Key (HSA)
Removed Uninstall Key (SE)
Removed Uninstall Key (SW)
Pages Reset... Done!






Logfile of HijackThis v1.98.2
Scan saved at 9:46:48 PM, on 1/3/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\Documents and Settings\Administrator\My Documents\Viruses\Hijack This\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINNT\system32\vlfvk.dll/sp.html#96676
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINNT\system32\vlfvk.dll/sp.html#96676
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINNT\system32\vlfvk.dll/sp.html#96676
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINNT\system32\vlfvk.dll/sp.html#96676
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINNT\system32\vlfvk.dll/sp.html#96676
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINNT\system32\vlfvk.dll/sp.html#96676
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {1C7F9903-C936-4A89-AC66-ABFC5B5710E3} - C:\WINNT\appvw32.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [MMTray2K] MMTray2k.exe
O4 - HKCU\..\Run: [SpyKiller] C:\Program Files\SpyKiller\spykiller.exe /startup
O4 - HKCU\..\Run: [BestPopUpKiller] C:\Program Files\BestPopUpKiller\BestPopupKiller.exe /startup
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINNT\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: EPSON CardMonitor.lnk = C:\Program Files\epson\EPSON CardMonitor\EPSON CardMonitor1.2.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Picture Package Menu.lnk = C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
O4 - Global Startup: Picture Package VCD Maker.lnk = C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: ppctlcab - http://www.pestscan.com/scanner/ppctlcab.cab
O16 - DPF: {1B735B98-8010-11D5-AD0B-00500463D885} (SearchCD Control) - http://www.partsarena.com/baxi/Plugins/IMIESRCH.cab
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://www.pestscan.com/scanner/axscanner.cab
O16 - DPF: {36C17E9B-3354-11D1-95CF-0000B4530F04} (GrafixViewControl) - http://www.partsarena.com/baxi/Plugins/GFXVIEW.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-12.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {75D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin.SecureControl) - http://secure2.comned.com/signuptemplates/ActiveSecurity.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab





Logfile of HijackThis v1.98.2
Scan saved at 10:30:17 PM, on 1/3/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\Documents and Settings\Administrator\My Documents\Viruses\Hijack This\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINNT\fxfdj.dll/sp.html#96676
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINNT\fxfdj.dll/sp.html#96676
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINNT\fxfdj.dll/sp.html#96676
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {D510C478-0562-AD04-9899-2E205DA0ABA8} - C:\WINNT\system32\ietf.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [MMTray2K] MMTray2k.exe
O4 - HKLM\..\Run: [sysqw32.exe] C:\WINNT\system32\sysqw32.exe
O4 - HKLM\..\RunOnce: [winyg.exe] C:\WINNT\system32\winyg.exe
O4 - HKCU\..\Run: [SpyKiller] C:\Program Files\SpyKiller\spykiller.exe /startup
O4 - HKCU\..\Run: [BestPopUpKiller] C:\Program Files\BestPopUpKiller\BestPopupKiller.exe /startup
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINNT\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: EPSON CardMonitor.lnk = C:\Program Files\epson\EPSON CardMonitor\EPSON CardMonitor1.2.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Picture Package Menu.lnk = C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
O4 - Global Startup: Picture Package VCD Maker.lnk = C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: ppctlcab - http://www.pestscan.com/scanner/ppctlcab.cab
O16 - DPF: {1B735B98-8010-11D5-AD0B-00500463D885} (SearchCD Control) - http://www.partsarena.com/baxi/Plugins/IMIESRCH.cab
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://www.pestscan.com/scanner/axscanner.cab
O16 - DPF: {36C17E9B-3354-11D1-95CF-0000B4530F04} (GrafixViewControl) - http://www.partsarena.com/baxi/Plugins/GFXVIEW.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-12.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {75D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin.SecureControl) - http://secure2.comned.com/signuptemplates/ActiveSecurity.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab



Logfile of HijackThis v1.98.2
Scan saved at 10:43:35 PM, on 1/3/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\Ati2evxx.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\ZoneLabs\vsmon.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINNT\system32\MMTray2k.exe
C:\WINNT\system32\sysqw32.exe
C:\WINNT\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
C:\WINNT\system32\winyg.exe
C:\Documents and Settings\Administrator\My Documents\Viruses\Hijack This\HijackThis.exe

R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {653805CE-E873-DEE6-3454-F790713B8265} - C:\WINNT\netgl32.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [MMTray2K] MMTray2k.exe
O4 - HKLM\..\Run: [sysqw32.exe] C:\WINNT\system32\sysqw32.exe
O4 - HKCU\..\Run: [SpyKiller] C:\Program Files\SpyKiller\spykiller.exe /startup
O4 - HKCU\..\Run: [BestPopUpKiller] C:\Program Files\BestPopUpKiller\BestPopupKiller.exe /startup
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINNT\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: EPSON CardMonitor.lnk = C:\Program Files\epson\EPSON CardMonitor\EPSON CardMonitor1.2.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Picture Package Menu.lnk = C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
O4 - Global Startup: Picture Package VCD Maker.lnk = C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: ppctlcab - http://www.pestscan.com/scanner/ppctlcab.cab
O16 - DPF: {1B735B98-8010-11D5-AD0B-00500463D885} (SearchCD Control) - http://www.partsarena.com/baxi/Plugins/IMIESRCH.cab
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://www.pestscan.com/scanner/axscanner.cab
O16 - DPF: {36C17E9B-3354-11D1-95CF-0000B4530F04} (GrafixViewControl) - http://www.partsarena.com/baxi/Plugins/GFXVIEW.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-12.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {75D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin.SecureControl) - http://secure2.comned.com/signuptemplates/ActiveSecurity.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab

First, reboot into 'SAFE MODE'. (By tapping the F8 key on start up)
Next:
Run About Buster twice in safe Mode Save the logs it generates,
While still in safe mode,
Please restart HJT put a check next to the following if they still exist, close all open windows and click "fix.checked"
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINNT\system32\vlfvk.dll/sp.html#96676
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINNT\system32\vlfvk.dll/sp.html#96676
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINNT\system32\vlfvk.dll/sp.html#96676
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINNT\system32\vlfvk.dll/sp.html#96676
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINNT\system32\vlfvk.dll/sp.html#96676
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINNT\system32\vlfvk.dll/sp.html#96676
O2 - BHO: (no name) - {1C7F9903-C936-4A89-AC66-ABFC5B5710E3} - C:\WINNT\appvw32.dll


make sure you can view all View all Hidden Files/Folders search for and delete the following in BOLD if still present

C:\WINNT\appvw32.dll

Restart your computer,

Run About Buster twice again please, Again save the log from it and post back all the logs from AboutBuster and a fresh HJT log please.

Fresh Logs
Please find fresh About Buster and HJT logs below:



Scanned at: 3:03:44 PM on: 1/9/2005


-- Scan 1 ---------------------------
About:Buster Version 4.0
Reference List : 19


Removed Data Streams:
C:\WINNT\n_bxecjd.dat:aksag


Removed 4 Random Key Entries
Attempted Clean Of Temp folder.
Removed Uninstall Key (HSA)
Removed Uninstall Key (SE)
Removed Uninstall Key (SW)
Pages Reset... Done!

-- Scan 2 ---------------------------
About:Buster Version 4.0
Reference List : 19


Removed Data Streams:
C:\WINNT\n_bxecjd.dat:aksag


Attempted Clean Of Temp folder.
Pages Reset... Done!






Scanned at: 3:05:04 PM on: 1/9/2005


-- Scan 1 ---------------------------
About:Buster Version 4.0
Reference List : 19


Removed Data Streams:
C:\WINNT\n_bxecjd.dat:aksag


Removed 4 Random Key Entries
Attempted Clean Of Temp folder.
Removed Uninstall Key (HSA)
Removed Uninstall Key (SE)
Removed Uninstall Key (SW)
Pages Reset... Done!

-- Scan 2 ---------------------------
About:Buster Version 4.0
Reference List : 19


Removed Data Streams:
C:\WINNT\n_bxecjd.dat:aksag


Attempted Clean Of Temp folder.
Pages Reset... Done!

-- Scan 3 ---------------------------
About:Buster Version 4.0
Reference List : 19

No ADS found on system
Attempted Clean Of Temp folder.
Pages Reset... Done!






Scanned at: 3:20:35 PM on: 1/9/2005


-- Scan 1 ---------------------------
About:Buster Version 4.0
Reference List : 19

No ADS found on system
Removed 5 Random Key Entries
Attempted Clean Of Temp folder.
Removed Uninstall Key (HSA)
Removed Uninstall Key (SE)
Removed Uninstall Key (SW)
Pages Reset... Done!

-- Scan 2 ---------------------------
About:Buster Version 4.0
Reference List : 19

No ADS found on system
Attempted Clean Of Temp folder.
Pages Reset... Done!






Scanned at: 3:21:46 PM on: 1/9/2005


-- Scan 1 ---------------------------
About:Buster Version 4.0
Reference List : 19

No ADS found on system
Removed 5 Random Key Entries
Attempted Clean Of Temp folder.
Removed Uninstall Key (HSA)
Removed Uninstall Key (SE)
Removed Uninstall Key (SW)
Pages Reset... Done!

-- Scan 2 ---------------------------
About:Buster Version 4.0
Reference List : 19

No ADS found on system
Attempted Clean Of Temp folder.
Pages Reset... Done!

-- Scan 3 ---------------------------
About:Buster Version 4.0
Reference List : 19

No ADS found on system
Attempted Clean Of Temp folder.
Removed Uninstall Key (HSA)
Removed Uninstall Key (SE)
Removed Uninstall Key (SW)
Pages Reset... Done!


Logfile of HijackThis v1.98.2
Scan saved at 3:09:28 PM, on 1/9/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\Documents and Settings\Administrator\My Documents\Viruses\Hijack This\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINNT\lykno.dll/sp.html#96676
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINNT\lykno.dll/sp.html#96676
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINNT\lykno.dll/sp.html#96676
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {07B31207-7D9E-6A5F-0B00-B01EA27D9E4B} - C:\WINNT\system32\crie.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [MMTray2K] MMTray2k.exe
O4 - HKLM\..\Run: [sysqw32.exe] C:\WINNT\system32\sysqw32.exe
O4 - HKCU\..\Run: [SpyKiller] C:\Program Files\SpyKiller\spykiller.exe /startup
O4 - HKCU\..\Run: [BestPopUpKiller] C:\Program Files\BestPopUpKiller\BestPopupKiller.exe /startup
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINNT\system32\ctfmon.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: EPSON CardMonitor.lnk = C:\Program Files\epson\EPSON CardMonitor\EPSON CardMonitor1.2.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Picture Package Menu.lnk = C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
O4 - Global Startup: Picture Package VCD Maker.lnk = C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: ppctlcab - http://www.pestscan.com/scanner/ppctlcab.cab
O16 - DPF: {1B735B98-8010-11D5-AD0B-00500463D885} (SearchCD Control) - http://www.partsarena.com/baxi/Plugins/IMIESRCH.cab
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://www.pestscan.com/scanner/axscanner.cab
O16 - DPF: {36C17E9B-3354-11D1-95CF-0000B4530F04} (GrafixViewControl) - http://www.partsarena.com/baxi/Plugins/GFXVIEW.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-12.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {75D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin.SecureControl) - http://secure2.comned.com/signuptemplates/ActiveSecurity.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab

Thanks...

Please restart HJT put a check next to the following, close all open windows and click "Fix Checked"
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINNT\lykno.dll/sp.html#96676
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINNT\lykno.dll/sp.html#96676
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINNT\lykno.dll/sp.html#96676
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {07B31207-7D9E-6A5F-0B00-B01EA27D9E4B} - C:\WINNT\system32\crie.dll
O4 - HKLM\..\Run: [sysqw32.exe] C:\WINNT\system32\sysqw32.exe

Next reboot to safe mode ( By tapping the F8 key on start up) Make sure you can view all Hidden Files/Folders search for and delete the above files highlighted in BOLD
C:\WINNT\lykno.dll
C:\WINNT\system32\crie.dll
C:\WINNT\system32\sysqw32.exe

Restart your computer,

Go Here BitDefender Scan Online
Run a scan with BitDefender , Be sure and Check Auto Clean. Make a note of anything it can't remove

Next
Go here Trend Micro - Free online virus Scan
Be sure and check Auto Clean before you do the scan. If it finds anything that it cannot clean have it delete it or make a note of the file location so you can delete it yourself.


Post back a fresh log please when done please

Re: BitDefender Scan
Please find BitDefender scan and HJT log. For some reason I could not use the Trend Micro scan internet explorer popup continously said problems with add-on d3pm32.dll and shut down.

BitDefender Log

C:\DC++\Shared\Programs\nero 6.0.0.9(burningrom+vision+incd+mix+mediaplayer+all keygens(suto).exe=>(RAR Sfx o)=>nero 6.0.0.9 (burningrom+incd+mediaplayer+mix+vision+keygens)suto\nero incd 4.0.1.2.1\InCD40121.exe=>(RAR Sfx o)=>sharedNT\incdsrv.exe: bad crc
C:\DC++\Shared\Programs\nero 6.0.0.9(burningrom+vision+incd+mix+mediaplayer+all keygens(suto).exe=>(RAR Sfx o)=>nero 6.0.0.9 (burningrom+incd+mediaplayer+mix+vision+keygens)suto\nero mix1.4.0.4+keygen\NeroMIX1404.exe=>(RAR Sfx o)=>NeroMix\Skins\Flame.BMP: bad crc
C:\Documents and Settings\Administrator\Local Settings\Temp\B.tmp: infected with Trojan.Hideprocs.B
C:\Documents and Settings\Administrator\Local Settings\Temp\B.tmp: disinfection failed
C:\Documents and Settings\Administrator\Local Settings\Temp\remove.exe: infected with Trojan.Downloader.Keenval.F
C:\Documents and Settings\Administrator\Local Settings\Temp\remove.exe: disinfection failed
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Advertisingcom.zip=>[email protected][2].txt: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Advertisingcom.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Advertisingcom1.zip=>administrator@advertising[1].txt: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Advertisingcom1.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Advertisingcom2.zip=>[email protected][1].txt: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Advertisingcom2.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Advertisingcom3.zip=>administrator@advertising[2].txt: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Advertisingcom3.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Advertisingcom4.zip=>[email protected][1].txt: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Advertisingcom4.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Advertisingcom5.zip=>administrator@advertising[1].txt: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Advertisingcom5.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Advertisingcom6.zip=>[email protected][2].txt: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Advertisingcom6.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Advertisingcom7.zip=>administrator@advertising[1].txt: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Advertisingcom7.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Advertisingcom8.zip=>[email protected][1].txt: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Advertisingcom8.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Advertisingcom9.zip=>administrator@advertising[2].txt: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Advertisingcom9.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Adviva.zip=>administrator@adviva[2].txt: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Adviva.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Adviva1.zip=>administrator@adviva[1].txt: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Adviva1.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Adviva2.zip=>administrator@adviva[1].txt: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Adviva2.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Adviva3.zip=>administrator@adviva[2].txt: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Adviva3.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AlexaRelated.zip=>related.htm: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AlexaRelated.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AlexaRelated1.zip=>RELATED.HTM: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AlexaRelated1.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AlexaRelated2.zip=>related.htm: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AlexaRelated2.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AvenueAInc.zip=>administrator@atdmt[2].txt: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AvenueAInc.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AvenueAInc1.zip=>administrator@atdmt[2].txt: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AvenueAInc1.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AvenueAInc2.zip=>administrator@atdmt[2].txt: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AvenueAInc2.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AvenueAInc3.zip=>administrator@atdmt[2].txt: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AvenueAInc3.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AvenueAInc4.zip=>administrator@atdmt[2].txt: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AvenueAInc4.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AvenueAInc5.zip=>administrator@atdmt[2].txt: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AvenueAInc5.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AvenueAInc6.zip=>administrator@atdmt[1].txt: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AvenueAInc6.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BFast.zip=>administrator@bfast[1].txt: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BFast.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BFast1.zip=>administrator@bfast[1].txt: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BFast1.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Comload.zip=>sbRecovery.reg: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Comload.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Comload1.zip=>sbRecovery.reg: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Comload1.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Comload2.zip=>sbRecovery.reg: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Comload2.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Comload3.zip=>sbRecovery.reg: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Comload3.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Comload4.zip=>sbRecovery.reg: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Comload4.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Comload5.zip=>sbRecovery.reg: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Comload5.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Comload6.zip=>sbRecovery.reg: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Comload6.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Comload7.zip=>sbRecovery.reg: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Comload7.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Comload8.zip=>sbRecovery.reg: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Comload8.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Comload9.zip=>sbRecovery.reg: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Comload9.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CommissionJunction.zip=>administrator@qksrv[1].txt: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CommissionJunction.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CommissionJunction1.zip=>administrator@qksrv[1].txt: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CommissionJunction1.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CommissionJunction2.zip=>administrator@commission-junction[1].txt: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CommissionJunction2.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CommissionJunction3.zip=>administrator@qksrv[1].txt: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CommissionJunction3.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CommonName.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CoreMetrics.zip=>[email protected][1].txt: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CoreMetrics.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_329_0_1_674800.gif: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_329_0_1_731400.gif: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_329_0_2_515400.gif: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_329_0_2_516800.gif: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_329_0_2_518900.gif: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_329_0_2_520900.gif: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_329_0_2_521100.gif: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_329_0_2_526400.gif: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_329_0_2_538800.gif: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_329_0_2_560200.gif: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_329_0_2_560800.gif: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_329_0_2_584300.gif: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_329_0_2_597700.gif: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_329_0_2_676200.gif: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_329_2_1_674800.gif: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_329_2_1_731400.gif: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_329_2_2_515400.gif: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_329_2_2_516800.gif: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_329_2_2_518900.gif: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_329_2_2_520900.gif: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_329_2_2_521100.gif: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_329_2_2_526400.gif: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_329_2_2_538800.gif: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_329_2_2_560200.gif: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_329_2_2_560800.gif: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_329_2_2_584300.gif: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_329_2_2_597700.gif: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_329_2_2_676200.gif: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_329_3_1_674800.gif: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_329_3_1_731400.gif: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_329_3_2_515400.gif: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_329_3_2_516800.gif: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_329_3_2_518900.gif: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_329_3_2_520900.gif: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_329_3_2_521100.gif: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_329_3_2_526400.gif: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_329_3_2_538800.gif: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_329_3_2_560200.gif: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_329_3_2_560800.gif: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_329_3_2_584300.gif: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_329_3_2_597700.gif: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_329_3_2_676200.gif: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_329_4_1_500100.htm: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_329_4_1_501500.htm: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_329_4_1_502900.htm: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_329_4_1_517500.htm: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_329_4_1_517600.htm: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_329_4_1_523600.htm: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_329_4_1_552200.htm: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_329_4_1_574900.htm: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_329_4_1_575700.gif: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_329_4_1_575700.htm: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_329_4_1_581900.htm: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_329_4_1_582000.htm: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_329_4_1_595900.htm: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_329_4_1_644200.htm: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_329_4_1_644400.htm: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_329_4_1_691900.htm: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_329_4_1_731900.htm: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_329_4_1_736100.htm: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_329_4_1_740400.htm: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_514300.htm: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_541000.htm: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_548400.htm: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_553400.htm: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_556100.htm: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_585100.htm: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_613800.htm: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_623000.htm: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_661300.htm: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_665200.htm: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_748700.htm: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>B_749800.htm: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor1.zip=>sbRecovery.reg: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor1.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor2.zip=>cd_clint.dll: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor2.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor3.zip=>sbRecovery.reg: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Cydoor3.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DoubleClick.zip=>administrator@doubleclick[1].txt: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DoubleClick.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DoubleClick1.zip=>administrator@doubleclick[2].txt: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DoubleClick1.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DoubleClick2.zip=>administrator@doubleclick[2].txt: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DoubleClick2.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DoubleClick3.zip=>administrator@doubleclick[1].txt: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DoubleClick3.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DoubleClick4.zip=>administrator@doubleclick[1].txt: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DoubleClick4.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DoubleClick5.zip=>administrator@doubleclick[1].txt: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DoubleClick5.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DoubleClick6.zip=>administrator@doubleclick[2].txt: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DoubleClick6.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit.zip=>sbRecovery.reg: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit1.zip=>sbRecovery.reg: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit1.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit2.zip=>sbRecovery.reg: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit2.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FastClick.zip=>administrator@fastclick[1].txt: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FastClick.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FastClick1.zip=>administrator@fastclick[2].txt: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FastClick1.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator.zip=>sbRecovery.reg: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator1.zip=>GStartup.lnk: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator1.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator10.zip=>administrator@gator[1].txt: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator10.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator2.zip=>sbRecovery.reg: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator2.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>Data/User1.gud: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>EGGCEngine.dll: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>egIEEngine.dll: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>EGIEProcess.dll: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>EGNSEngine.dll: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>FillIn.wav: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>Gator.log: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>GatorRes.dll: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>GatorStubSetup.exe: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>GMT.exe: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>GMT.exe.manifest: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>GUninstaller.exe: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>Helper.wav: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/BannerHash3.dat: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/1.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/1027.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/1031.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/1032.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/1042.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/1046.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/1064.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/1077.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/1083.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/1085.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/1091.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/1099.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/1106.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/1113.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/1114.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/1117.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/1120.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/1121.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/1134.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/1142.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/1145.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/1151.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/1153.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/1154.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/1155.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/1156.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/1157.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/1169.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/1181.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/1184.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/1187.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/1192.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/1199.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/1204.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/1206.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/135.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/138.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/144.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/167.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/177.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/186.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/188.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/194.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/20.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/202.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/226.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/25.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/266.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/269.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/280.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/306.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/335.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/338.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/348.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/355.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/360.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/364.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/366.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/416.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/428.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/429.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/436.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/446.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/447.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/457.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/459.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/461.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/473.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/48.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/484.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/493.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/496.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/540.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/549.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/551.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/553.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/560.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/563.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/574.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/594.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/596.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/610.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/619.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/639.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/653.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/659.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/676.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/680.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/689.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/696.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/699.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/724.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/726.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/737.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/755.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/757.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/763.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/767.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/773.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/778.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/779.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/795.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/799.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/802.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/81.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/842.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/867.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/888.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/889.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/894.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/912.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/917.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/919.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/926.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/927.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/934.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/939.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/949.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/969.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/970.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/976.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/977.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/988.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/989.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/990.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/ga/991.ga: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/11217/11217.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/11218/11218.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/11637/11637.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/12869/12869.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/12891/12891.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/13013/13013.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/13143/13143.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/13152/13152.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/13164/13164.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/13172/13172.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/13529/13529.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/13611/13611.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/13816/13816.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/13842/13842.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/14258/14258.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/14289/14289.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/14298/14298.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/14308/14308.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/14310/14310.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/14312/14312.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/14370/14370.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/14371/14371.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/14372/14372.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/14561/14561.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/14568/14568.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/14579/14579.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/14600/14600.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/14610/14610.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/14612/14612.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/14613/14613.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/14614/14614.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/14616/14616.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/14617/14617.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/14622/14622.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/14673/14673.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/14682/14682.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/14683/14683.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/14694/14694.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/14746/14746.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/15266/15266.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/15318/15318.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/15418/15418.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/15475/15475.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/15564/15564.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/15573/15573.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/15578/15578.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/15611/15611.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/15616/15616.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/15624/15624.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/15642/15642.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/15741/15741.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/15853/15853.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/15860/15860.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/15963/15963.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/16109/16109.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/16376/16376.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/16410/16410.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/16425/16425.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/16486/16486.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/16599/16599.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/16606/16606.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/16696/16696.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/16717/16717.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/16739/16739.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/16780/16780.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/16783/16783.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/16799/16799.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/16825/16825.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/16835/16835.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/16934/16934.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/16947/16947.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/16953/16953.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/16967/16967.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/16983/16983.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/16999/16999.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/17032/17032.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/17051/17051.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/17071/17071.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/17313/17313.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/17706/17706.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/17708/17708.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/17751/17751.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/17774/17774.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/17807/17807.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/17820/17820.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/17835/17835.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/17881/17881.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/17884/17884.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/17886/17886.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/17892/17892.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/17933/17933.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/17951/17951.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/18021/18021.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/18108/18108.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/18111/18111.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/18121/18121.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/18146/18146.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/18157/18157.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/18208/18208.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/18211/18211.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/18289/18289.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/18336/18336.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/18370/18370.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/18374/18374.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/18460/18460.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/18519/18519.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/18526/18526.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Gator3.zip=>m9ge3034f7/gb/18530/18530.gbd3: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recove

Rest of log and HJT log
C:\Program Files\Nero\nero 6.0.0.9 (burningrom+incd+mediaplayer+mix+vision+keygens)suto\nero incd 4.0.1.2.1\InCD40121.exe=>(RAR Sfx o)=>sharedNT\incdsrv.exe: bad crc
C:\Program Files\Nero\nero 6.0.0.9 (burningrom+incd+mediaplayer+mix+vision+keygens)suto\nero mix1.4.0.4+keygen\NeroMIX1404.exe=>(RAR Sfx o)=>NeroMix\Skins\Flame.BMP: bad crc
C:\Program Files\Norton AntiVirus\Quarantine\338408FE.tmp=>(Quarantine): infected with Java.Trojan.OpenConnection.F
C:\Program Files\Norton AntiVirus\Quarantine\338408FE.tmp=>(Quarantine): disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\5B3A0677.tmp=>(Quarantine): infected with Java.Trojan.Exploit.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\5B3A0677.tmp=>(Quarantine): disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\72681238.tmp=>(Quarantine): infected with Java.Trojan.Exploit.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\72681238.tmp=>(Quarantine): disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\726B3C34.tmp=>(Quarantine): infected with Java.Trojan.Exploit.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\726B3C34.tmp=>(Quarantine): disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\77E20DB0.tmp=>(Quarantine): infected with Java.Trojan.Exploit.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\77E20DB0.tmp=>(Quarantine): disinfection failed
C:\WINNT\dkrgz.dll: infected with Trojan.Downloader.WinShow.AK
C:\WINNT\dkrgz.dll: disinfection failed
C:\WINNT\Downloaded Program Files\ActiveSecurity.ocx: infected with Virtool.Collector.A
C:\WINNT\Downloaded Program Files\ActiveSecurity.ocx: disinfection failed
C:\WINNT\hgyxx.dll: infected with Trojan.Downloader.WinShow.AK
C:\WINNT\hgyxx.dll: disinfection failed
C:\WINNT\n_xcojyv.dat: infected with Trojan.Downloader.CB
C:\WINNT\n_xcojyv.dat: disinfection failed
C:\WINNT\system32\iffkx.dll: infected with Trojan.Downloader.WinShow.AK
C:\WINNT\system32\iffkx.dll: disinfection failed
C:\WINNT\system32\mcyko.dll: infected with Trojan.Downloader.WinShow.AK
C:\WINNT\system32\mcyko.dll: disinfection failed

HJT Log

Logfile of HijackThis v1.98.2
Scan saved at 6:52:07 PM, on 1/16/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\spoolsv.exe
C:\WINNT\system32\Ati2evxx.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\ZoneLabs\vsmon.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINNT\apifq.exe
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINNT\system32\MMTray2k.exe
C:\Program Files\Eset\nod32kui.exe
C:\WINNT\system32\apply.exe
C:\WINNT\system32\ctfmon.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
C:\Documents and Settings\Administrator\My Documents\Viruses\Hijack This\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINNT\onyqw.dll/sp.html#96676
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINNT\onyqw.dll/sp.html#96676
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINNT\onyqw.dll/sp.html#96676
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINNT\onyqw.dll/sp.html#96676
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINNT\onyqw.dll/sp.html#96676
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINNT\onyqw.dll/sp.html#96676
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {27A95597-88C1-80FE-6D1E-D1BCAFEBAC65} - C:\WINNT\d3pm32.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [MMTray2K] MMTray2k.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [apply.exe] C:\WINNT\system32\apply.exe
O4 - HKLM\..\RunOnce: [apifq.exe] C:\WINNT\apifq.exe
O4 - HKCU\..\Run: [SpyKiller] C:\Program Files\SpyKiller\spykiller.exe /startup
O4 - HKCU\..\Run: [BestPopUpKiller] C:\Program Files\BestPopUpKiller\BestPopupKiller.exe /startup
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINNT\system32\ctfmon.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: EPSON CardMonitor.lnk = C:\Program Files\epson\EPSON CardMonitor\EPSON CardMonitor1.2.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Picture Package Menu.lnk = C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
O4 - Global Startup: Picture Package VCD Maker.lnk = C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: ppctlcab - http://www.pestscan.com/scanner/ppctlcab.cab
O16 - DPF: {1B735B98-8010-11D5-AD0B-00500463D885} (SearchCD Control) - http://www.partsarena.com/baxi/Plugins/IMIESRCH.cab
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://www.pestscan.com/scanner/axscanner.cab
O16 - DPF: {36C17E9B-3354-11D1-95CF-0000B4530F04} (GrafixViewControl) - http://www.partsarena.com/baxi/Plugins/GFXVIEW.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-12.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {75D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin.SecureControl) - http://secure2.comned.com/signuptemplates/ActiveSecurity.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab

I must say that it will be difficult to help you get rid of this, If you only post back once a week, Everytime you shut down and restart the files change making it hard to kill this one,
If we could be on at the same time after a fresh restart we should be able to get rid of this,

Check your PM