View Full Version : Fake anti-virus called windows antivirus pro.
Disconnected
2009-08-15, 04:54
keeps telling me all my programs are infected and wont let me open the unless i end the process in the task manager, as well as poping up with fake alerts ever five minutes and when i ran avg it just closed everything i had open at the time and forced my computer to shut down, but it couldnt shut down all the way and just ended up as a black screen with my mouse pointer on it.
here is my HJT log
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:41:43 PM, on 14/08/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\svchast.exe
C:\Program Files\AskBarDis\bar\bin\AskService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\System32\Drivers\WTSRV.EXE
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Xfire\Xfire.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Documents and Settings\daniel\Desktop\HiJackThis.exe
C:\Program Files\Windows Antivirus Pro\Windows Antivirus Pro.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
F2 - REG:system.ini: Shell=Explorer.exe logon.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Seekmo /fleok=1D8A83A5C3E1197F99AA6C2A1FBB39BFE4976E26CAEDA120180A196D6093 - {07AA283A-43D7-4CBE-A064-32A21112D94D} - C:\Program Files\Seekmo\bin\10.0.431.0\HostIE.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: ICQSys (IE PlugIn) - {76DC0B63-1533-4ba9-8BE8-D59EB676FA02} - C:\WINDOWS\system32\dddesot.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: ZoneAlarm Spy Blocker Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: Seekmo - {07AA283A-43D7-4CBE-A064-32A21112D94D} - C:\Program Files\Seekmo\bin\10.0.431.0\HostIE.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\JM\JMInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\JMRaidSetup.exe boot
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [WTClient] WTClient.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [SeekmoOE] C:\Program Files\Seekmo\bin\10.0.431.0\OEAddOn.exe
O4 - HKLM\..\Run: [SeekmoSA] "C:\Program Files\Seekmo\bin\10.0.431.0\SeekmoSA.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [DriverCure] C:\Program Files\ParetoLogic\DriverCure\DriverCure.exe -scan
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: DesktopVideoPlayer.LNK = C:\Program Files\vghd\vghd.exe
O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AntipyProex (AntipPro2009_100) - Unknown owner - C:\WINDOWS\svchast.exe
O23 - Service: ASKService - Unknown owner - C:\Program Files\AskBarDis\bar\bin\AskService.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: Google Update Service (gupdate1c99b06d6abe68e) (gupdate1c99b06d6abe68e) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: WinTab Service (WinTabService) - Tablet Driver - C:\WINDOWS\System32\Drivers\WTSRV.EXE
--
End of file - 8669 bytes
Hello Disconnected
Welcome to Safer Networking.
Please read Before You Post (http://forums.spybot.info/showthread.php?t=288)
That said, All advice given by anyone volunteering here, is taken at your own risk.
While best efforts are made to assist in removing infections safely, unexpected stuff can happen.
Please download Malwarebytes' Anti-Malware from Here (http://www.besttechie.net/tools/mbam-setup.exe) or Here (http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html)
Double-click mbam-setup.exe and follow the prompts to install the program.
At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select Perform quick scan, then click Scan.
http://forums.whatthetech.com/post_a4255_MBAM.PNG
When the scan is complete, click OK, then Show Results to view the results.
Be sure that everything is checked, and click Remove Selected .
When completed, a log will open in Notepad. Please save it to a convenient location and post the results.
Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot.
Post the report and also a new HJT log please
Disconnected
2009-08-17, 08:21
Malwarebytes' Anti-Malware 1.40
Database version: 2637
Windows 5.1.2600 Service Pack 2
16/08/2009 11:05:32 PM
mbam-log-2009-08-16 (23-05-32).txt
Scan type: Quick Scan
Objects scanned: 90495
Time elapsed: 2 minute(s), 25 second(s)
Memory Processes Infected: 4
Memory Modules Infected: 3
Registry Keys Infected: 113
Registry Values Infected: 5
Registry Data Items Infected: 2
Folders Infected: 32
Files Infected: 768
Memory Processes Infected:
C:\WINDOWS\svchast.exe (Trojan.FakeAlert) -> Unloaded process successfully.
C:\Program Files\Windows Antivirus Pro\Windows Antivirus Pro.exe (Rogue.WindowsAntivirus) -> Unloaded process successfully.
C:\Program Files\Seekmo\bin\10.0.431.0\OEAddOn.exe (Adware.180Solutions) -> Unloaded process successfully.
C:\Program Files\Seekmo\bin\10.0.431.0\SeekmoSA.exe (Adware.180Solutions) -> Unloaded process successfully.
Memory Modules Infected:
C:\Program Files\Seekmo\bin\10.0.431.0\SeekmoSAAX.dll (Adware.Seekmo) -> Delete on reboot.
C:\Program Files\Seekmo\bin\10.0.431.0\HostOE.dll (Adware.180Solutions) -> Delete on reboot.
c:\program files\Seekmo\bin\10.0.431.0\seekmosahook.dll (Adware.180Solutions) -> Delete on reboot.
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\antippro2009_100 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\antippro2009_100 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\antippro2009_100 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\coresrv.coreservices (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{229d2451-a617-4b30-b5e8-8138694240cb} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1230cf51-6bc4-4a23-b3f1-c7cf0afed619} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2e623b96-b166-4c70-8169-820761794299} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{4e8b851b-05b0-4baf-b24d-d0dfe88dded3} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{50c3e2b3-4fd7-4cb9-91f9-641a6e6b3689} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{62b0b239-f9ac-4a5b-bfae-62c7a23f7627} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{726f0ab9-b842-4ae4-90c7-230e233e6a99} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{b9cc2b92-5611-453f-8381-8b6f72d9c0b8} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{c4543e64-1498-410d-8e72-4744eea99ab9} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1e0004ec-5df0-48c7-a8f0-fbb0488a3d94} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b0cb585f-3271-4e42-88d9-ae5c9330d554} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d2221ccb-f2bb-4858-aad4-57c754153603} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\coresrv.coreservices.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\coresrv.lfgax (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\coresrv.lfgax.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbcoresrv.dynamicprop (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbcoresrv.dynamicprop.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbmain.commband (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{087c4054-0a2b-4f35-b0db-bed3e21650f4} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{00b77587-be1b-4201-b8e9-09fcf50ab771} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{5a4737a8-b92a-4e54-970e-c2891d98ce3f} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{ace99e77-aa2a-43c2-8c9d-caf2020fdf2b} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e0fb1610-b25b-49f6-be20-751b2f230e6f} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{07aa283a-43d7-4cbe-a064-32a21112d94d} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07aa283a-43d7-4cbe-a064-32a21112d94d} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07aa283a-43d7-4cbe-a064-32a21112d94d} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{93b0fa7b-50f6-41b4-ac7e-612a72ce8c3c} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{93b0fa7b-50f6-41b4-ac7e-612a72ce8c3c} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{93b0fa7b-50f6-41b4-ac7e-612a72ce8c3c} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ea0b6a1a-6a59-4a58-9c41-9966504898a5} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbmain.commband.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbr.hbmain (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbr.hbmain.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostie.bho (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostie.bho.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostol.mailanim (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{08755390-f46d-4d09-968c-3430166b3189} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{34e29700-0d13-46aa-b9a5-ace68e21a091} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3661af2d-c27b-499c-9bcf-66c8502a3806} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{99123ac9-7dda-4c82-b252-44c2804bf392} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8971cb48-9fca-445a-be77-e8e8a4cc9df7} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b88e4484-3ff6-4ea9-815b-a54fe20d4387} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostol.mailanim.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostol.webmailsend (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostol.webmailsend.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\seekmo.desktopflash (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\seekmo.desktopflash.1 (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\seekmoax.clientdetector (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{fbb40fdf-b715-4342-ab82-244ecc66e979} (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{067c6a37-72ea-4437-863a-5be20c246f3c} (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1a2af056-1fe1-47ca-993d-5d09d18e674e} (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{b247f5bf-bd9d-4ecd-8fc1-365f36a1fda1} (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{bbbfb891-98ae-4678-86f3-bd5a2eed86c9} (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1f158a1e-a687-4a11-9679-b3ac64b86a1c} (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1f158a1e-a687-4a11-9679-b3ac64b86a1c} (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e313f5dc-cfe7-4568-84a4-c76653547571} (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e313f5dc-cfe7-4568-84a4-c76653547571} (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\seekmoax.clientdetector.1 (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\seekmoax.userprofiles (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\seekmoax.userprofiles.1 (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\srv.coreservices (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\srv.coreservices.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\toolbar.htmlmenuui (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{ccc6e232-aa4c-4813-a019-9c14b27776b6} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{49155dae-c471-40fa-98ee-b2b3cad115ce} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{4d783385-0dda-4188-a529-c97dc3d67cbd} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6e10479b-31e8-4a3b-81b1-ddaf39097f19} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5b2e150d-4c8a-40e4-8c36-dd9c02771c67} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{627d894a-8a77-416e-b522-432eaf2c818e} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\toolbar.htmlmenuui.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\toolbar.toolbarctl (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\toolbar.toolbarctl.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\wallpaper.wallpapermanager (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{c23fa5a4-1fea-419f-8b14-f7465df062bc} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2b81f920-6660-4f76-93bf-b1c67bf5d1a0} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{54a3f8b7-228e-4ed8-895b-de832b2c3959} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{54a3f8b7-228e-4ed8-895b-de832b2c3959} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{54a3f8b7-228e-4ed8-895b-de832b2c3959} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\wallpaper.wallpapermanager.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3f0915b8-b238-4c2d-ad1e-60db1e14d27a} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{bd5258af-20ae-4bd3-b748-b2851aca7335} (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{ea58c2ea-be26-49dd-9b9a-c8e4e5ca7791} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{fca28ac5-c1e1-4d67-a5ae-c44d6c374d9f} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{4a40e8fc-c7e4-4f57-9fa4-85dd77402897} (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{914a8f99-38e4-47ec-b875-2b0653516030} (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7138f250-5b72-48dd-adfb-9a83b429dd9e} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{bf1bf02c-5a86-4ecf-adac-472c54c4d21e} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{995e885e-3ff5-4f66-a107-8bfb3a0f8f12} (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{0923208c-e259-4ed5-a778-cb607da350ad} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Features\9ee2330ae5f4470cac801baac83818c9 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Products\568267acfc5644dab06f058006ddbae3 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{914a8f99-38e4-47ec-b875-2b0653516030} (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eddbb5ee-bb64-4bfc-9dbe-e7c85941335b} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{914a8f99-38e4-47ec-b875-2b0653516030} (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{76dc0b63-1533-4ba9-8be8-d59eb676fa02} (Rogue.ASC-AntiSpyware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{76dc0b63-1533-4ba9-8be8-d59eb676fa02} (Rogue.ASC-AntiSpyware) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{76dc0b63-1533-4ba9-8be8-d59eb676fa02} (Rogue.ASC-AntiSpyware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\seekmo.desktopflash (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\seekmo.desktopflash.1 (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\seekmoax.clientdetector (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\seekmoax.clientdetector.1 (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\seekmoax.userprofiles (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\seekmoax.userprofiles.1 (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\seekmo (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\seekmosa (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\seekmosa (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Win AntiVirus Pro (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\seekmo (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-18\SOFTWARE\Windows antiVirus pro (Rogue.Trace) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ShellBrowser\{07aa283a-43d7-4cbe-a064-32a21112d94d} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{07aa283a-43d7-4cbe-a064-32a21112d94d} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{07aa283a-43d7-4cbe-a064-32a21112d94d} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\seekmooe (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\seekmosa (Adware.180Solutions) -> Quarantined and deleted successfully.
Registry Data Items Infected:
HKEY_CLASSES_ROOT\exefile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: (C:\WINDOWS\system32\desot.exe "%1" %*) Good: ("%1" %*) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell) -> Bad: (Explorer.exe logon.exe) Good: (Explorer.exe) -> Quarantined and deleted successfully.
Folders Infected:
C:\Documents and Settings\All Users\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65 (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\IESkins (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\dynamic (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\DownLoad (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOL (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOL\dynamic (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOL\static (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\ustat (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\1 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\2 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SeekmoSA (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Program Files\Seekmo (Adware.180Solutions) -> Delete on reboot.
C:\Program Files\Seekmo\bin (Adware.180Solutions) -> Delete on reboot.
C:\Program Files\Seekmo\bin\10.0.431.0 (Adware.180Solutions) -> Delete on reboot.
C:\Program Files\Seekmo\bin\10.0.431.0\firefox (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\Seekmo\bin\10.0.431.0\firefox\extensions (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\Seekmo\bin\10.0.431.0\firefox\extensions\components (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\Seekmo\bin\10.0.431.0\firefox\extensions\plugins (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Start Menu\Programs\Seekmo (Adware.Seekmo) -> Quarantined and deleted successfully.
Files Infected:
C:\WINDOWS\svchast.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Windows Antivirus Pro\Windows Antivirus Pro.exe (Rogue.WindowsAntivirus) -> Quarantined and deleted successfully.
C:\Program Files\Seekmo\bin\10.0.431.0\CoreSrv.dll (Adware.Zango) -> Quarantined and deleted successfully.
C:\Program Files\Seekmo\bin\10.0.431.0\HostIE.dll (Adware.Zango) -> Quarantined and deleted successfully.
C:\Program Files\Seekmo\bin\10.0.431.0\HostOL.dll (Adware.Zango) -> Quarantined and deleted successfully.
C:\Program Files\Seekmo\bin\10.0.431.0\SeekmoSAAX.dll (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Program Files\Seekmo\bin\10.0.431.0\Toolbar.dll (Adware.Zango) -> Quarantined and deleted successfully.
C:\Program Files\Seekmo\bin\10.0.431.0\Wallpaper.dll (Adware.Zango) -> Quarantined and deleted successfully.
C:\Program Files\Seekmo\bin\10.0.431.0\SeekmoSADF.exe (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Program Files\Seekmo\bin\10.0.431.0\Srv.exe (Adware.Zango) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dddesot.dll (Rogue.ASC-AntiSpyware) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\desot.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\030104_emte10_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\030104_emte11_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\030104_emte12_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\030104_emte13_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\030104_emte14_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\030104_emte19_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\030104_emte20_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\030104_emte21_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\030104_emte9_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\030203lib_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\033102angel_1_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\033102bigluf_1_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\033102bigsmile_1_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\033102birthday_1_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\033102cheers_1_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\033102flo_1_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\033102good_1_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\033102jump_1_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\033102king_1_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\033102lough_1_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\033102luf_1_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\033102smiled_1_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\033102smile_1_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\033102sor_1_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\033102thanx_1_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\033102uhu_1_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\040103ahh_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\040103wow_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\040104_emi2_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\042102_1134_112_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\050103big_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\050103gig_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\050103hm_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\050103nomail_emoti_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\050103norm_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\060104_ema15_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\060104_ema16_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\060104_ema17_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\060104_ema18_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\060104_ema19_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\060104_ema20_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\060104_ema21_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\060104_ema24_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\060104_ema25_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\060104_ema26_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\060104_ema30_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\060104_ema33_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\060104_ema34_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\062802hippi_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\062802jumpie_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\080402argh_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\080402oops_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\080402ouch_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\082502no_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\082502yes_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\110103_boring1_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\110103_confused_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\110103_crying_ugly_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\110103_fantastic_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\110103_feel_better_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\110103_gimme_break_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\110103_heehee_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\110103_hlopaet_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\110103_ign_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\110103_lol_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\110103_no_comment_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\110103_peace_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\110103_smashing_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\110103_talk2thehand_prv.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\blocked.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\blocked2.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\block_sm.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\block_sm2.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\block_smli.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\block_smli2.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\btn_add-but.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\btn_back-but.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\btn_left_cut_enabled_1.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\btn_left_enabled_1.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\btn_left_pressed_1.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\btn_middle_enabled_1.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\btn_middle_pressed_1.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\btn_right_cut_enabled_1.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\btn_right_enabled_1.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\btn_right_pressed_1.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\business_promo.htm (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\buttondir.txt (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\components.cdf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\css2_main.css (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\css2_pagingmodule.css (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\css2_topbuttons.css (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\css_cattree.css (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\css_flashpreview.css (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\cursors.res (Adware.Agent) -> Quarantined and deleted successfully.
Disconnected
2009-08-17, 08:22
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\delete.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\edit_clear_sound.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\edit_fs.htm (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\edit_select.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\email-def-511724-543450.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\email-def-511724-548964.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\email-def-511724-589306.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\email-def-511724-591943.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\email-def-511724-592579.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\email-def-511724-598579.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\email-def-511724-603763.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\email-def-511724-9595.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\email-def-511724-9696.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\email-def-511745-514279.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\email-def-email-backgrounds.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\email-def-email-bcards.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\email-def-email-ecards.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\email-def-email-emoticons.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\email-def-email-estationery.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\email-def-email-funny.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\email-def-email-help.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\email-def-email-images.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\email-def-email-info.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\email-def-email-more.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\email-def-email-my.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\email-def-email-new.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\email-def-email-new2.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\email-def-email-options.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\email-def-email-people.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\email-def-email-photo.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\email-def-email-tell.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\email-def-email-temp.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\email-def-email-text.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\email-def-email-voice.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\email-def.cdf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\email-premium-email-premium.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\email-t1-bg.res (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\email-temp-bg.res (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\estatationery.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\flashpatch.js (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\flashpreview.htm (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\fs3.htm (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\hotbar_promo.htm (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\icon_checked_1.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\icon_close_1.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\icon_close_pressed_1.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\icon_edit_preview.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\icon_edit_send.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\icon_flash_preview.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\icon_recently_used.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\icon_remove_1.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\icon_remove_pressed_1.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\icon_sand-clock2.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\icon_tell_1.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\icon_tell_pressed_1.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\icon_tree_null.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\icon_unchecked_1.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\icon_unchecked_pressed_1.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\img_barlayout.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\img_barlayout2.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\img_barlayout4.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\img_corner_left.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\img_local_logo.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\js2_basetemplate.js (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\js2_hbgroups.js (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\js2_hbobject3.js (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\js2_hbobjectset3.js (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\js2_hotbarwrapper.js (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\js2_iteratorsandreaders3nf.js (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\js2_pagingmoduleobj3.js (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\js2_texts3.js (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\js2_xmltree3nf.js (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\layout.cdf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\linkpathlegal.txt (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\n.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\nav_bb_2.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\nav_b_2.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\nav_ff_2.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\nav_f_2.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\progress.res (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\sales_buttons.res (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\searchbtn.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\seekmo_btn.res (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\submit.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\tab_bg.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\tab_bga.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\tab_bgia.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\tab_l.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\tab_la.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\tab_lia.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\tab_r.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\tab_ra.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\tab_ria.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\treedata_animations.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\treedata_backgrounds.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\treedata_ecards.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\treedata_emoticons.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\treedata_notifiers.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\treedata_text.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\tree_dots.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\tree_minus.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\1\tree_plus.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\DownLoad\business_promo.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\DownLoad\buttondir.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\DownLoad\code.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\DownLoad\cursors.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\DownLoad\email-def.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\DownLoad\email-t1-bg.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\DownLoad\email-temp-bg.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\DownLoad\hotbar_promo.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\DownLoad\images.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\DownLoad\layout.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\DownLoad\linkpathlegal.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\DownLoad\localcontent.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\DownLoad\progress.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\DownLoad\sales_buttons.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\DownLoad\seekmo_btn.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\HostOI\static\DownLoad\treexml.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\1.sdf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\1383771.sdf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\1385217.sdf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\1385232.sdf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\1400800.sdf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\1406215.sdf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\1406946.sdf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\186440.sdf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\222610.sdf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\247657.sdf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\2763251.sdf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\2883915.sdf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\2885061.sdf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\2894097.sdf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\2899625.sdf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\331148.sdf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\3347374.sdf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\3348393.sdf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\3462488.sdf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\3756141.sdf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\3852296.sdf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\3894012.sdf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\3894692.sdf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\420374.sdf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\48657.sdf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\491501.sdf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\502653.sdf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\720992.sdf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\757108.sdf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\859800.sdf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\923091.sdf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\936439.sdf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\951083.sdf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\965522.sdf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\domains.txt (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\1000021559 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\1000024473 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\1000032183 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\1000068050 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\1000090942 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\1000091007 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\1000091043 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\1000091175 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\1000091181 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\1000091203 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\1000091277 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\1000091308 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\1000091316 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\1000091335 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\1000091368 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\1000091499 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\1000091682 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\1000091774 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\1000091806 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\1000091815 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\10807 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\117970 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\11891 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\12776 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\13546 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\13608 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\1410 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\1491 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\15626 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\16434 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\167151 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\168167 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\17923 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\17957 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\17987 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\18019 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\180320 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\180605 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\185130 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\185347 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\185626 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\18906 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\19624 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\197434 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\197630 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\202699 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\20388 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\205324 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\20570 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\20898 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\20980 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\21060 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\213558 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\218419 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\21846 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\218712 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\218859 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\22254 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\22258 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\224717 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\230333 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\23042 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\234180 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\235796 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\23923 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\243256 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\24341 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\249916 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\251440 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\252531 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\25509 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\25708 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\260609 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\263345 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\26340 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\26656 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\26664 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\27060 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\270971 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\27503 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\27505 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\27627 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\277907 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\28383 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\288733 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\288799 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\29115 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\29297 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\29308 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\29479 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\29547 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\29683 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\297534 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\300441 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\30999 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\313470 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\31638 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\31979 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\32137 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\324832 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\32634 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\33233 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\33923 (Adware.Agent) -> Quarantined and deleted successfully.
Disconnected
2009-08-17, 08:23
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\3405 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\34123 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\34137 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\34186 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\342303 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\34237 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\342421 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\34381 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\34513 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\34747 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\34754 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\35015 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\35047 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\35389 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\361427 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\36735 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\367353 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\36834 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\37675 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\37827 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\382545 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\38733 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\389687 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\40256 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\403305 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\41499 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\41526 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\41588 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\42034 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\427075 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\43142 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\432053 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\43719 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\43979 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\44228 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\44229 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\44306 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\44458 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\44462 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\44750 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\44878 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\449274 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\453218 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\456535 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\460342 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\471072 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\477253 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\477779 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\50056 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\50548 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\50582 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\507892 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\50887 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\510935 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\51166 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\51287 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\51666 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\519215 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\53481 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\53605 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\54118 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\542228 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\54473 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\547723 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\54979 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\555618 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\56113 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\569859 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\573448 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\578110 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\579123 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\57973 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\59234 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\59844 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\59905 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\604347 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\61212 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\61779 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\61837 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\63778 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\63801 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\639731 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\64364 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\64495 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\64605 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\64737 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\64763 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\66109 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\66836 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\67215 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\67226 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\67345 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\68870 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\68942 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\69263 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\70614 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\70636 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\70773 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\71225 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\71340 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\71531 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\71600 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\71999 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\72932 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\73143 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\73282 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\73620 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\737665 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\738022 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\738418 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\73922 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\73948 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\74398 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\744211 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\744599 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\744617 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\744786 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\744881 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\745146 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\745367 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\745415 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\745434 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\745546 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\745758 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\745856 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\747928 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\747936 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\7482 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\748350 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\748408 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\748880 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\751223 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\7521 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\752447 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\753250 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\753366 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\753378 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\753437 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\753438 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\753446 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\753461 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\753472 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\753475 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\753477 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\753478 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\753576 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\753624 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\753630 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\753633 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\753634 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\75473 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\77494 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\78600 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\78788 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\79246 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\79257 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\79432 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\79972 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\79973 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\79989 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\80026 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\80567 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\80576 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\80663 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\80689 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\81010 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\8111 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\81293 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\81561 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\82155 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\82292 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\8282 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\83226 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\84293 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\8443 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\85055 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\85083 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\85365 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\85381 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\86140 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\86470 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\873 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\87439 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\87584 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\87594 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\87613 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\89673 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\89853 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\90009 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\90098 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\90234 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\90325 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\90453 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\90711 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\90976 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\91204 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\91986 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\92994 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\93845 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\93857 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\93899 (Adware.Agent) -> Quarantined and deleted successfully.
Disconnected
2009-08-17, 08:24
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\93921 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\93934 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\95646 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\95716 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\95803 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\95825 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\96961 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\97741 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\98395 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\98493 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\9991 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\1\btntrans.idx (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\1\btntrans1.dat (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\1\buttondir.txt (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\1\components.cdf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\1\cursors.res (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\1\default.cdf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\1\Default_511745-514279.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\1\Default_categorize.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\1\Default_comparison.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\1\Default_explorer-Mails.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\1\Default_explorer-people.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\1\Default_favorites.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\1\Default_Games.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\1\Default_Hide.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\1\Default_hotbarcom.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\1\Default_Hotmail.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\1\Default_hsskin.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\1\Default_Mails.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\1\Default_new.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\1\Default_premium.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\1\Default_searchfor.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\1\Default_searchgo.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\1\Default_weather.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\1\Default_yellowpages.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\1\d_icons_buttons_1000.res (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\1\d_icons_buttons_2000.res (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\1\d_icons_buttons_3000.res (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\1\d_icons_buttons_bar.res (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\1\d_icons_buttons_bbar1.res (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\1\d_icons_buttons_logos.res (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\1\d_icons_buttons_other.res (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\1\d_icons_weather.res (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\1\email-def-511724-548964.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\1\email-def-511724-9595.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\1\email-t1-bg.res (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\1\icons2.res (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\1\ie_games_icon.res (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\1\ie_video.res (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\1\keywords.idx (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\1\keywords1.dat (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\1\layout.cdf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\1\linkpathlegal.txt (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\1\progress.res (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\1\sales_buttons.res (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\1\seekmo.res (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\1\seekmo_ie_menu.res (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\1\s_icons_buttons.res (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\1\t2_bg.res (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\1\theweb.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\1\top7.cdf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\1\Top7_theweb.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\1\tsd_bg.res (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\2\btntrans.idx (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\2\btntrans1.dat (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\2\buttondir.txt (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\2\components.cdf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\2\cursors.res (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\2\default.cdf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\2\Default_511745-514279.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\2\Default_categorize.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\2\Default_comparison.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\2\Default_explorer-Mails.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\2\Default_explorer-people.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\2\Default_favorites.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\2\Default_Games.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\2\Default_Hide.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\2\Default_hotbarcom.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\2\Default_Hotmail.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\2\Default_hsskin.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\2\Default_Mails.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\2\Default_new.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\2\Default_premium.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\2\Default_searchfor.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\2\Default_searchgo.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\2\Default_weather.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\2\Default_yellowpages.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\2\d_icons_buttons_1000.res (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\2\d_icons_buttons_2000.res (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\2\d_icons_buttons_3000.res (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\2\d_icons_buttons_bar.res (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\2\d_icons_buttons_bbar1.res (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\2\d_icons_buttons_logos.res (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\2\d_icons_buttons_other.res (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\2\d_icons_weather.res (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\2\email-def-511724-548964.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\2\email-def-511724-9595.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\2\email-t1-bg.res (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\2\icons2.res (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\2\ie_games_icon.res (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\2\ie_video.res (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\2\keywords.idx (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\2\keywords1.dat (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\2\layout.cdf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\2\linkpathlegal.txt (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\2\progress.res (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\2\sales_buttons.res (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\2\seekmo.res (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\2\seekmo_ie_menu.res (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\2\s_icons_buttons.res (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\2\t2_bg.res (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\2\theweb.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\2\top7.cdf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\2\Top7_theweb.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\2\tsd_bg.res (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\BtnTrans.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\BtnTrans1.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\buttondir.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\cursors.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\default.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\d_icons_buttons_1000.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\d_icons_buttons_2000.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\d_icons_buttons_3000.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\d_icons_buttons_bar.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\d_icons_buttons_bbar1.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\d_icons_buttons_logos.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\d_icons_buttons_other.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\d_icons_weather.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\email-t1-bg.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\icons2.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\ie_games_icon.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\ie_video.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\keywords.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\keywords1.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\layout.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\linkpathlegal.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\progress.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\sales_buttons.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\samplegroups2.txt (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\samplegroups2.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\seekmo.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\seekmo_ie_menu.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\s_icons_buttons.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\t2_bg.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\top7.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\daniel\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\tsd_bg.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SeekmoSA\SeekmoSA.dat (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SeekmoSA\SeekmoSAAbout.mht (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SeekmoSA\SeekmoSAau.dat (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SeekmoSA\SeekmoSAEula.mht (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SeekmoSA\SeekmoSA_kyf.dat (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Program Files\Seekmo\bin\10.0.431.0\arrow.ico (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\Seekmo\bin\10.0.431.0\copyright.txt (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\Seekmo\bin\10.0.431.0\HostOE.dll (Adware.180Solutions) -> Delete on reboot.
C:\Program Files\Seekmo\bin\10.0.431.0\link.ico (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\Seekmo\bin\10.0.431.0\OEAddOn.exe (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\Seekmo\bin\10.0.431.0\SeekmoSA.exe (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\Seekmo\bin\10.0.431.0\SeekmoSAHook.dll (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\Seekmo\bin\10.0.431.0\SeekmoUnInstaller.exe (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\Seekmo\bin\10.0.431.0\firefox\extensions\chrome.manifest (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\Seekmo\bin\10.0.431.0\firefox\extensions\install.rdf (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\Seekmo\bin\10.0.431.0\firefox\extensions\components\npclntax.xpt (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\Seekmo\bin\10.0.431.0\firefox\extensions\plugins\npclntax_SeekmoSA.dll (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\msvcm80.dll (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\msvcp80.dll (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\msvcr80.dll (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\dbsinit.exe (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\wispex.html (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\i1.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\i2.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\i3.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\j1.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\j2.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\j3.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\jj1.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\jj2.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\jj3.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\l1.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\l2.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\l3.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\pix.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\t1.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\t2.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\up1.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\up2.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\w1.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\w11.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\w2.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\w3.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\w3.jpg (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\wt1.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\wt2.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\wt3.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Start Menu\Programs\Seekmo\Reset Cursor.lnk (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Start Menu\Programs\Seekmo\Seekmo Customer Support Center.lnk (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Start Menu\Programs\Seekmo\Seekmo Uninstall Instructions.lnk (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bennuar.old (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bincd32.dat (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\logon.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\onhelp.htm (Rogue.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sonhelp.htm (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sysnet.dat (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wispex.html (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\ppp3.dat (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\ppp4.dat (Malware.Trace) -> Quarantined and deleted successfully.
Disconnected
2009-08-17, 08:25
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:09:14 PM, on 16/08/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\WTClient.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\program files\steam\steam.exe
C:\Program Files\DNA\btdna.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Xfire\Xfire.exe
C:\Program Files\vghd\VirtuaGirl_downloader.exe
C:\Program Files\AskBarDis\bar\bin\AskService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\System32\Drivers\WTSRV.EXE
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\daniel\Desktop\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: ZoneAlarm Spy Blocker Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\JM\JMInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\JMRaidSetup.exe boot
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [WTClient] WTClient.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [DriverCure] C:\Program Files\ParetoLogic\DriverCure\DriverCure.exe -scan
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: DesktopVideoPlayer.LNK = C:\Program Files\vghd\vghd.exe
O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: ASKService - Unknown owner - C:\Program Files\AskBarDis\bar\bin\AskService.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: Google Update Service (gupdate1c99b06d6abe68e) (gupdate1c99b06d6abe68e) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: WinTab Service (WinTabService) - Tablet Driver - C:\WINDOWS\System32\Drivers\WTSRV.EXE
--
End of file - 8276 bytes
Hi,
Wow, Malwarebytes removed a ton of junk. Lets did a bit deeper and make sure there is no more.
Please download ATF Cleaner (http://www.atribune.org/ccount/click.php?id=1) by Atribune to your desktop.
Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.Your system may start up slower after running ATF Cleaner, this is expected but will be back to normal after the first or second boot up
Please note: If you use online banking or are registered online with any other organizations, ensure you have memorized password and other personal information as removing cookies will temporarily disable the auto-login facility.
We Need to check for Rootkits with RootRepeal
Download RootRepeal (http://ad13.geekstogo.com/RootRepeal.exe.)from and save it to your desktop.
Open http://billy-oneal.com/forums/rootRepeal/rootRepealDesktopIcon.png on your desktop.
Click the http://billy-oneal.com/forums/rootRepeal/reportTab.png tab.
Click the http://billy-oneal.com/forums/rootRepeal/btnScan.png button.
Check all seven boxes: http://billy-oneal.com/forums/rootRepeal/checkBoxes2.png
Push Ok
Check the box for your main system drive (Usually C:), and press Ok.
Allow RootRepeal to run a scan of your system. This may take some time.
Once the scan completes, push the http://billy-oneal.com/forums/rootRepeal/saveReport.png button. Save the log to your desktop, using a distinctive name, such as RootRepeal.txt. Include this report in your post.
Disconnected
2009-08-19, 03:22
but i couldn't get the link for Root repeal to work
Try one of these. Then follow the directions in my post about running the program
Here (http://ad13.geekstogo.com/RootRepeal.exe)
Here (http://download.bleepingcomputer.com/rootrepeal/RootRepeal.exe)
Disconnected
2009-08-20, 04:56
ROOTREPEAL (c) AD, 2007-2009
==================================================
Scan Start Time: 2009/08/19 18:03
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP2
==================================================
Drivers
-------------------
Name: dump_nvata.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_nvata.sys
Address: 0xB59BB000 Size: 106496 File Visible: No Signed: -
Status: -
Name: dump_WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Address: 0xBA630000 Size: 8192 File Visible: No Signed: -
Status: -
Name: PCI_PNP1972
Image Path: \Driver\PCI_PNP1972
Address: 0x00000000 Size: 0 File Visible: No Signed: -
Status: -
Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xB4212000 Size: 49152 File Visible: No Signed: -
Status: -
Name: SKYNETfqqakyap.sys
Image Path: C:\WINDOWS\system32\drivers\SKYNETfqqakyap.sys
Address: 0xB5D5D000 Size: 151552 File Visible: - Signed: -
Status: Hidden from the Windows API!
Name: sprt.sys
Image Path: sprt.sys
Address: 0xB9EA6000 Size: 1052672 File Visible: No Signed: -
Status: -
Name: sptd
Image Path: \Driver\sptd
Address: 0x00000000 Size: 0 File Visible: No Signed: -
Status: -
Name: srescan.sys
Image Path: srescan.sys
Address: 0xB9CC2000 Size: 81920 File Visible: No Signed: -
Status: -
Hidden/Locked Files
-------------------
Path: C:\WINDOWS\system32\SKYNETixbqurqh.dat
Status: Invisible to the Windows API!
Path: C:\WINDOWS\system32\SKYNETrjnmcwyg.dat
Status: Invisible to the Windows API!
Path: C:\WINDOWS\system32\SKYNETsoiytkxv.dll
Status: Invisible to the Windows API!
Path: C:\WINDOWS\system32\SKYNETulbbgvxj.dll
Status: Invisible to the Windows API!
Path: C:\WINDOWS\system32\drivers\SKYNETfqqakyap.sys
Status: Invisible to the Windows API!
Stealth Objects
-------------------
Object: Hidden Module [Name: SKYNETsoiytkxv.dll]
Process: winlogon.exe (PID: 1132) Address: 0x10000000 Size: 32768
Object: Hidden Module [Name: SKYNETsoiytkxv.dll]
Process: services.exe (PID: 1176) Address: 0x10000000 Size: 32768
Object: Hidden Module [Name: SKYNETsoiytkxv.dll]
Process: lsass.exe (PID: 1188) Address: 0x10000000 Size: 32768
Object: Hidden Module [Name: SKYNETulbbgvxj.dll]
Process: svchost.exe (PID: 1360) Address: 0x00660000 Size: 53248
Object: Hidden Module [Name: SKYNETsoiytkxv.dll]
Process: svchost.exe (PID: 1360) Address: 0x10000000 Size: 32768
Object: Hidden Module [Name: SKYNETsoiytkxv.dll]
Process: svchost.exe (PID: 1436) Address: 0x10000000 Size: 32768
Object: Hidden Module [Name: SKYNETsoiytkxv.dll]
Process: svchost.exe (PID: 1640) Address: 0x10000000 Size: 32768
Object: Hidden Module [Name: SKYNETsoiytkxv.dll]
Process: svchost.exe (PID: 1780) Address: 0x10000000 Size: 32768
Object: Hidden Module [Name: SKYNETsoiytkxv.dll]
Process: svchost.exe (PID: 1940) Address: 0x10000000 Size: 32768
Object: Hidden Module [Name: SKYNETsoiytkxv.dll]
Process: vsmon.exe (PID: 168) Address: 0x10000000 Size: 32768
Object: Hidden Module [Name: SKYNETsoiytkxv.dll]
Process: spoolsv.exe (PID: 768) Address: 0x10000000 Size: 32768
Object: Hidden Module [Name: SKYNETsoiytkxv.dll]
Process: AskService.exe (PID: 1864) Address: 0x10000000 Size: 32768
Object: Hidden Module [Name: SKYNETsoiytkxv.dll]
Process: mDNSResponder.exe (PID: 1900) Address: 0x10000000 Size: 32768
Object: Hidden Module [Name: SKYNETsoiytkxv.dll]
Process: apache.exe (PID: 2016) Address: 0x10000000 Size: 32768
Object: Hidden Module [Name: SKYNETsoiytkxv.dll]
Process: jqs.exe (PID: 1856) Address: 0x10000000 Size: 32768
Object: Hidden Module [Name: SKYNETsoiytkxv.dll]
Process: nSvcLog.exe (PID: 1512) Address: 0x006f0000 Size: 32768
Object: Hidden Module [Name: SKYNETsoiytkxv.dll]
Process: nvsvc32.exe (PID: 252) Address: 0x10000000 Size: 32768
Object: Hidden Module [Name: SKYNETsoiytkxv.dll]
Process: PnkBstrA.exe (PID: 288) Address: 0x10000000 Size: 32768
Object: Hidden Module [Name: SKYNETsoiytkxv.dll]
Process: PnkBstrB.exe (PID: 324) Address: 0x10000000 Size: 32768
Object: Hidden Module [Name: SKYNETsoiytkxv.dll]
Process: wdfmgr.exe (PID: 1560) Address: 0x10000000 Size: 32768
Object: Hidden Module [Name: SKYNETsoiytkxv.dll]
Process: WTSRV.EXE (PID: 1312) Address: 0x10000000 Size: 32768
Object: Hidden Module [Name: SKYNETsoiytkxv.dll]
Process: nSvcAppFlt.exe (PID: 2128) Address: 0x00b30000 Size: 32768
Object: Hidden Module [Name: SKYNETsoiytkxv.dll]
Process: nSvcIp.exe (PID: 2188) Address: 0x00940000 Size: 32768
Object: Hidden Module [Name: SKYNETsoiytkxv.dll]
Process: apache.exe (PID: 2496) Address: 0x10000000 Size: 32768
Object: Hidden Module [Name: SKYNETsoiytkxv.dll]
Process: alg.exe (PID: 2920) Address: 0x10000000 Size: 32768
Object: Hidden Module [Name: SKYNETsoiytkxv.dll]
Process: Explorer.EXE (PID: 3732) Address: 0x10000000 Size: 32768
Object: Hidden Module [Name: SKYNETsoiytkxv.dll]
Process: svchost.exe (PID: 1112) Address: 0x10000000 Size: 32768
Object: Hidden Module [Name: SKYNETsoiytkxv.dll]
Process: smax4pnp.exe (PID: 3052) Address: 0x009e0000 Size: 32768
Object: Hidden Module [Name: SKYNETsoiytkxv.dll]
Process: avgtray.exe (PID: 3104) Address: 0x10000000 Size: 32768
Object: Hidden Module [Name: SKYNETsoiytkxv.dll]
Process: zlclient.exe (PID: 3148) Address: 0x10000000 Size: 32768
Object: Hidden Module [Name: SKYNETsoiytkxv.dll]
Process: WTClient.exe (PID: 3816) Address: 0x10000000 Size: 32768
Object: Hidden Module [Name: SKYNETsoiytkxv.dll]
Process: RUNDLL32.EXE (PID: 2060) Address: 0x10000000 Size: 32768
Object: Hidden Module [Name: SKYNETsoiytkxv.dll]
Process: jusched.exe (PID: 2212) Address: 0x10000000 Size: 32768
Object: Hidden Module [Name: SKYNETsoiytkxv.dll]
Process: realsched.exe (PID: 2336) Address: 0x10000000 Size: 32768
Object: Hidden Module [Name: SKYNETsoiytkxv.dll]
Process: btdna.exe (PID: 2480) Address: 0x10000000 Size: 32768
Object: Hidden Module [Name: SKYNETsoiytkxv.dll]
Process: ctfmon.exe (PID: 3652) Address: 0x10000000 Size: 32768
Object: Hidden Module [Name: SKYNETsoiytkxv.dll]
Process: Xfire.exe (PID: 4088) Address: 0x10000000 Size: 32768
Object: Hidden Module [Name: SKYNETsoiytkxv.dll]
Process: wuauclt.exe (PID: 3184) Address: 0x10000000 Size: 32768
Object: Hidden Module [Name: SKYNETsoiytkxv.dll]
Process: avgwdsvc.exe (PID: 568) Address: 0x10000000 Size: 32768
Object: Hidden Module [Name: SKYNETsoiytkxv.dll]
Process: avgrsx.exe (PID: 3468) Address: 0x10000000 Size: 32768
Object: Hidden Module [Name: SKYNETsoiytkxv.dll]
Process: avgnsx.exe (PID: 3768) Address: 0x10000000 Size: 32768
Object: Hidden Module [Name: SKYNETsoiytkxv.dll]
Process: avgemc.exe (PID: 4044) Address: 0x10000000 Size: 32768
Object: Hidden Module [Name: SKYNETsoiytkxv.dll]
Process: avgcsrvx.exe (PID: 2160) Address: 0x10000000 Size: 32768
Object: Hidden Module [Name: SKYNETsoiytkxv.dll]
Process: RootRepeal.exe (PID: 5924) Address: 0x10000000 Size: 32768
Object: Hidden Code [Driver: Ntfs, IRP_MJ_CREATE]
Process: System Address: 0x89d5a1f8 Size: 121
Object: Hidden Code [Driver: Ntfs, IRP_MJ_CLOSE]
Process: System Address: 0x89d5a1f8 Size: 121
Object: Hidden Code [Driver: Ntfs, IRP_MJ_READ]
Process: System Address: 0x89d5a1f8 Size: 121
Object: Hidden Code [Driver: Ntfs, IRP_MJ_WRITE]
Process: System Address: 0x89d5a1f8 Size: 121
Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_INFORMATION]
Process: System Address: 0x89d5a1f8 Size: 121
Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_INFORMATION]
Process: System Address: 0x89d5a1f8 Size: 121
Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_EA]
Process: System Address: 0x89d5a1f8 Size: 121
Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_EA]
Process: System Address: 0x89d5a1f8 Size: 121
Object: Hidden Code [Driver: Ntfs, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x89d5a1f8 Size: 121
Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_VOLUME_INFORMATION]
Process: System Address: 0x89d5a1f8 Size: 121
Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_VOLUME_INFORMATION]
Process: System Address: 0x89d5a1f8 Size: 121
Object: Hidden Code [Driver: Ntfs, IRP_MJ_DIRECTORY_CONTROL]
Process: System Address: 0x89d5a1f8 Size: 121
Object: Hidden Code [Driver: Ntfs, IRP_MJ_FILE_SYSTEM_CONTROL]
Process: System Address: 0x89d5a1f8 Size: 121
Object: Hidden Code [Driver: Ntfs, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x89d5a1f8 Size: 121
Object: Hidden Code [Driver: Ntfs, IRP_MJ_SHUTDOWN]
Process: System Address: 0x89d5a1f8 Size: 121
Object: Hidden Code [Driver: Ntfs, IRP_MJ_LOCK_CONTROL]
Process: System Address: 0x89d5a1f8 Size: 121
Object: Hidden Code [Driver: Ntfs, IRP_MJ_CLEANUP]
Process: System Address: 0x89d5a1f8 Size: 121
Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_SECURITY]
Process: System Address: 0x89d5a1f8 Size: 121
Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_SECURITY]
Process: System Address: 0x89d5a1f8 Size: 121
Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_QUOTA]
Process: System Address: 0x89d5a1f8 Size: 121
Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_QUOTA]
Process: System Address: 0x89d5a1f8 Size: 121
Object: Hidden Code [Driver: Ntfs, IRP_MJ_PNP]
Process: System Address: 0x89d5a1f8 Size: 121
Object: Hidden Code [Driver: nvata, IRP_MJ_CREATE]
Process: System Address: 0x89d5b1f8 Size: 121
Object: Hidden Code [Driver: nvata, IRP_MJ_CREATE_NAMED_PIPE]
Process: System Address: 0x89d5b1f8 Size: 121
Object: Hidden Code [Driver: nvata, IRP_MJ_CLOSE]
Process: System Address: 0x89d5b1f8 Size: 121
Object: Hidden Code [Driver: nvata, IRP_MJ_READ]
Process: System Address: 0x89d5b1f8 Size: 121
Object: Hidden Code [Driver: nvata, IRP_MJ_WRITE]
Process: System Address: 0x89d5b1f8 Size: 121
Object: Hidden Code [Driver: nvata, IRP_MJ_QUERY_INFORMATION]
Process: System Address: 0x89d5b1f8 Size: 121
Object: Hidden Code [Driver: nvata, IRP_MJ_SET_INFORMATION]
Process: System Address: 0x89d5b1f8 Size: 121
Object: Hidden Code [Driver: nvata, IRP_MJ_QUERY_EA]
Process: System Address: 0x89d5b1f8 Size: 121
Object: Hidden Code [Driver: nvata, IRP_MJ_SET_EA]
Process: System Address: 0x89d5b1f8 Size: 121
Object: Hidden Code [Driver: nvata, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x89d5b1f8 Size: 121
Object: Hidden Code [Driver: nvata, IRP_MJ_QUERY_VOLUME_INFORMATION]
Process: System Address: 0x89d5b1f8 Size: 121
Object: Hidden Code [Driver: nvata, IRP_MJ_SET_VOLUME_INFORMATION]
Process: System Address: 0x89d5b1f8 Size: 121
Object: Hidden Code [Driver: nvata, IRP_MJ_DIRECTORY_CONTROL]
Process: System Address: 0x89d5b1f8 Size: 121
Object: Hidden Code [Driver: nvata, IRP_MJ_FILE_SYSTEM_CONTROL]
Process: System Address: 0x89d5b1f8 Size: 121
Object: Hidden Code [Driver: nvata, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x89d5b1f8 Size: 121
Object: Hidden Code [Driver: nvata, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x89d5b1f8 Size: 121
Object: Hidden Code [Driver: nvata, IRP_MJ_SHUTDOWN]
Process: System Address: 0x89d5b1f8 Size: 121
Object: Hidden Code [Driver: nvata, IRP_MJ_LOCK_CONTROL]
Process: System Address: 0x89d5b1f8 Size: 121
Object: Hidden Code [Driver: nvata, IRP_MJ_CLEANUP]
Process: System Address: 0x89d5b1f8 Size: 121
Object: Hidden Code [Driver: nvata, IRP_MJ_CREATE_MAILSLOT]
Process: System Address: 0x89d5b1f8 Size: 121
Object: Hidden Code [Driver: nvata, IRP_MJ_QUERY_SECURITY]
Process: System Address: 0x89d5b1f8 Size: 121
Object: Hidden Code [Driver: nvata, IRP_MJ_SET_SECURITY]
Process: System Address: 0x89d5b1f8 Size: 121
Object: Hidden Code [Driver: nvata, IRP_MJ_POWER]
Process: System Address: 0x89d5b1f8 Size: 121
Object: Hidden Code [Driver: nvata, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x89d5b1f8 Size: 121
Object: Hidden Code [Driver: nvata, IRP_MJ_DEVICE_CHANGE]
Process: System Address: 0x89d5b1f8 Size: 121
Object: Hidden Code [Driver: nvata, IRP_MJ_QUERY_QUOTA]
Process: System Address: 0x89d5b1f8 Size: 121
Object: Hidden Code [Driver: nvata, IRP_MJ_SET_QUOTA]
Process: System Address: 0x89d5b1f8 Size: 121
Object: Hidden Code [Driver: nvata, IRP_MJ_PNP]
Process: System Address: 0x89d5b1f8 Size: 121
Object: Hidden Code [Driver: Cdrom, IRP_MJ_CREATE]
Process: System Address: 0x89b501f8 Size: 121
Object: Hidden Code [Driver: Cdrom, IRP_MJ_CLOSE]
Process: System Address: 0x89b501f8 Size: 121
Object: Hidden Code [Driver: Cdrom, IRP_MJ_READ]
Process: System Address: 0x89b501f8 Size: 121
Object: Hidden Code [Driver: Cdrom, IRP_MJ_WRITE]
Process: System Address: 0x89b501f8 Size: 121
Object: Hidden Code [Driver: Cdrom, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x89b501f8 Size: 121
Object: Hidden Code [Driver: Cdrom, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x89b501f8 Size: 121
Object: Hidden Code [Driver: Cdrom, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x89b501f8 Size: 121
Object: Hidden Code [Driver: Cdrom, IRP_MJ_SHUTDOWN]
Process: System Address: 0x89b501f8 Size: 121
Object: Hidden Code [Driver: Cdrom, IRP_MJ_POWER]
Process: System Address: 0x89b501f8 Size: 121
Object: Hidden Code [Driver: Cdrom, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x89b501f8 Size: 121
Object: Hidden Code [Driver: Cdrom, IRP_MJ_PNP]
Process: System Address: 0x89b501f8 Size: 121
Object: Hidden Code [Driver: atapi, IRP_MJ_CREATE]
Process: System Address: 0x89d5c1f8 Size: 121
Object: Hidden Code [Driver: atapi, IRP_MJ_CLOSE]
Process: System Address: 0x89d5c1f8 Size: 121
Object: Hidden Code [Driver: atapi, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x89d5c1f8 Size: 121
Object: Hidden Code [Driver: atapi, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x89d5c1f8 Size: 121
Object: Hidden Code [Driver: atapi, IRP_MJ_POWER]
Process: System Address: 0x89d5c1f8 Size: 121
Object: Hidden Code [Driver: atapi, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x89d5c1f8 Size: 121
Object: Hidden Code [Driver: atapi, IRP_MJ_PNP]
Process: System Address: 0x89d5c1f8 Size: 121
Object: Hidden Code [Driver: akvwb69qЅష浍瑓飀๑, IRP_MJ_CREATE]
Process: System Address: 0x89b39500 Size: 121
Object: Hidden Code [Driver: akvwb69qЅష浍瑓飀๑, IRP_MJ_CLOSE]
Process: System Address: 0x89b39500 Size: 121
Object: Hidden Code [Driver: akvwb69qЅష浍瑓飀๑, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x89b39500 Size: 121
Object: Hidden Code [Driver: akvwb69qЅష浍瑓飀๑, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x89b39500 Size: 121
Object: Hidden Code [Driver: akvwb69qЅష浍瑓飀๑, IRP_MJ_POWER]
Process: System Address: 0x89b39500 Size: 121
Object: Hidden Code [Driver: akvwb69qЅష浍瑓飀๑, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x89b39500 Size: 121
Object: Hidden Code [Driver: akvwb69qЅష浍瑓飀๑, IRP_MJ_PNP]
Process: System Address: 0x89b39500 Size: 121
Object: Hidden Code [Driver: JRAID, IRP_MJ_CREATE]
Process: System Address: 0x89dcc1f8 Size: 121
Object: Hidden Code [Driver: JRAID, IRP_MJ_CLOSE]
Process: System Address: 0x89dcc1f8 Size: 121
Object: Hidden Code [Driver: JRAID, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x89dcc1f8 Size: 121
Object: Hidden Code [Driver: JRAID, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x89dcc1f8 Size: 121
Object: Hidden Code [Driver: JRAID, IRP_MJ_POWER]
Process: System Address: 0x89dcc1f8 Size: 121
Object: Hidden Code [Driver: JRAID, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x89dcc1f8 Size: 121
Object: Hidden Code [Driver: JRAID, IRP_MJ_PNP]
Process: System Address: 0x89dcc1f8 Size: 121
Object: Hidden Code [Driver: dmio, IRP_MJ_CREATE]
Process: System Address: 0x89dcd1f8 Size: 121
Object: Hidden Code [Driver: dmio, IRP_MJ_CLOSE]
Process: System Address: 0x89dcd1f8 Size: 121
Object: Hidden Code [Driver: dmio, IRP_MJ_READ]
Process: System Address: 0x89dcd1f8 Size: 121
Object: Hidden Code [Driver: dmio, IRP_MJ_WRITE]
Process: System Address: 0x89dcd1f8 Size: 121
Object: Hidden Code [Driver: dmio, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x89dcd1f8 Size: 121
Object: Hidden Code [Driver: dmio, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x89dcd1f8 Size: 121
Object: Hidden Code [Driver: dmio, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x89dcd1f8 Size: 121
Object: Hidden Code [Driver: dmio, IRP_MJ_SHUTDOWN]
Process: System Address: 0x89dcd1f8 Size: 121
Object: Hidden Code [Driver: dmio, IRP_MJ_POWER]
Process: System Address: 0x89dcd1f8 Size: 121
Object: Hidden Code [Driver: dmio, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x89dcd1f8 Size: 121
Object: Hidden Code [Driver: dmio, IRP_MJ_PNP]
Process: System Address: 0x89dcd1f8 Size: 121
Object: Hidden Code [Driver: usbohci, IRP_MJ_CREATE]
Process: System Address: 0x89b711f8 Size: 121
Object: Hidden Code [Driver: usbohci, IRP_MJ_CLOSE]
Process: System Address: 0x89b711f8 Size: 121
Object: Hidden Code [Driver: usbohci, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x89b711f8 Size: 121
Object: Hidden Code [Driver: usbohci, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x89b711f8 Size: 121
Object: Hidden Code [Driver: usbohci, IRP_MJ_POWER]
Process: System Address: 0x89b711f8 Size: 121
Object: Hidden Code [Driver: usbohci, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x89b711f8 Size: 121
Object: Hidden Code [Driver: usbohci, IRP_MJ_PNP]
Process: System Address: 0x89b711f8 Size: 121
Object: Hidden Code [Driver: Ftdisk, IRP_MJ_CREATE]
Process: System Address: 0x89d5d1f8 Size: 121
Object: Hidden Code [Driver: Ftdisk, IRP_MJ_READ]
Process: System Address: 0x89d5d1f8 Size: 121
Object: Hidden Code [Driver: Ftdisk, IRP_MJ_WRITE]
Process: System Address: 0x89d5d1f8 Size: 121
Object: Hidden Code [Driver: Ftdisk, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x89d5d1f8 Size: 121
Object: Hidden Code [Driver: Ftdisk, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x89d5d1f8 Size: 121
Object: Hidden Code [Driver: Ftdisk, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x89d5d1f8 Size: 121
Object: Hidden Code [Driver: Ftdisk, IRP_MJ_SHUTDOWN]
Process: System Address: 0x89d5d1f8 Size: 121
Object: Hidden Code [Driver: Ftdisk, IRP_MJ_CLEANUP]
Process: System Address: 0x89d5d1f8 Size: 121
Object: Hidden Code [Driver: Ftdisk, IRP_MJ_POWER]
Process: System Address: 0x89d5d1f8 Size: 121
Object: Hidden Code [Driver: Ftdisk, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x89d5d1f8 Size: 121
Object: Hidden Code [Driver: Ftdisk, IRP_MJ_PNP]
Process: System Address: 0x89d5d1f8 Size: 121
Object: Hidden Code [Driver: NetBT, IRP_MJ_CREATE]
Process: System Address: 0x891e4500 Size: 121
Object: Hidden Code [Driver: NetBT, IRP_MJ_CLOSE]
Process: System Address: 0x891e4500 Size: 121
Object: Hidden Code [Driver: NetBT, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x891e4500 Size: 121
Object: Hidden Code [Driver: NetBT, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x891e4500 Size: 121
Object: Hidden Code [Driver: NetBT, IRP_MJ_CLEANUP]
Process: System Address: 0x891e4500 Size: 121
Object: Hidden Code [Driver: NetBT, IRP_MJ_PNP]
Process: System Address: 0x891e4500 Size: 121
Object: Hidden Code [Driver: usbehci, IRP_MJ_CREATE]
Process: System Address: 0x89b5c1f8 Size: 121
Object: Hidden Code [Driver: usbehci, IRP_MJ_CLOSE]
Process: System Address: 0x89b5c1f8 Size: 121
Object: Hidden Code [Driver: usbehci, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x89b5c1f8 Size: 121
Object: Hidden Code [Driver: usbehci, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x89b5c1f8 Size: 121
Object: Hidden Code [Driver: usbehci, IRP_MJ_POWER]
Process: System Address: 0x89b5c1f8 Size: 121
Object: Hidden Code [Driver: usbehci, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x89b5c1f8 Size: 121
Object: Hidden Code [Driver: usbehci, IRP_MJ_PNP]
Process: System Address: 0x89b5c1f8 Size: 121
Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CREATE]
Process: System Address: 0x88b0a1f8 Size: 121
Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CREATE_NAMED_PIPE]
Process: System Address: 0x88b0a1f8 Size: 121
Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CLOSE]
Process: System Address: 0x88b0a1f8 Size: 121
Object: Hidden Code [Driver: MRxSmb, IRP_MJ_READ]
Process: System Address: 0x88b0a1f8 Size: 121
Object: Hidden Code [Driver: MRxSmb, IRP_MJ_WRITE]
Process: System Address: 0x88b0a1f8 Size: 121
Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_INFORMATION]
Process: System Address: 0x88b0a1f8 Size: 121
Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_INFORMATION]
Process: System Address: 0x88b0a1f8 Size: 121
Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_EA]
Process: System Address: 0x88b0a1f8 Size: 121
Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_EA]
Process: System Address: 0x88b0a1f8 Size: 121
Object: Hidden Code [Driver: MRxSmb, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x88b0a1f8 Size: 121
Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_VOLUME_INFORMATION]
Process: System Address: 0x88b0a1f8 Size: 121
Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_VOLUME_INFORMATION]
Process: System Address: 0x88b0a1f8 Size: 121
Object: Hidden Code [Driver: MRxSmb, IRP_MJ_DIRECTORY_CONTROL]
Process: System Address: 0x88b0a1f8 Size: 121
Object: Hidden Code [Driver: MRxSmb, IRP_MJ_FILE_SYSTEM_CONTROL]
Process: System Address: 0x88b0a1f8 Size: 121
Object: Hidden Code [Driver: MRxSmb, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x88b0a1f8 Size: 121
Object: Hidden Code [Driver: MRxSmb, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x88b0a1f8 Size: 121
Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SHUTDOWN]
Process: System Address: 0x88b0a1f8 Size: 121
Object: Hidden Code [Driver: MRxSmb, IRP_MJ_LOCK_CONTROL]
Process: System Address: 0x88b0a1f8 Size: 121
Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CLEANUP]
Process: System Address: 0x88b0a1f8 Size: 121
Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CREATE_MAILSLOT]
Process: System Address: 0x88b0a1f8 Size: 121
Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_SECURITY]
Process: System Address: 0x88b0a1f8 Size: 121
Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_SECURITY]
Process: System Address: 0x88b0a1f8 Size: 121
Object: Hidden Code [Driver: MRxSmb, IRP_MJ_POWER]
Process: System Address: 0x88b0a1f8 Size: 121
Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x88b0a1f8 Size: 121
Object: Hidden Code [Driver: MRxSmb, IRP_MJ_DEVICE_CHANGE]
Process: System Address: 0x88b0a1f8 Size: 121
Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_QUOTA]
Process: System Address: 0x88b0a1f8 Size: 121
Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_QUOTA]
Process: System Address: 0x88b0a1f8 Size: 121
Object: Hidden Code [Driver: MRxSmb, IRP_MJ_PNP]
Process: System Address: 0x88b0a1f8 Size: 121
Object: Hidden Code [Driver: Cdfsఌ浗灩, IRP_MJ_CREATE]
Process: System Address: 0x892243e8 Size: 121
Object: Hidden Code [Driver: Cdfsఌ浗灩, IRP_MJ_CLOSE]
Process: System Address: 0x892243e8 Size: 121
Object: Hidden Code [Driver: Cdfsఌ浗灩, IRP_MJ_READ]
Process: System Address: 0x892243e8 Size: 121
Object: Hidden Code [Driver: Cdfsఌ浗灩, IRP_MJ_QUERY_INFORMATION]
Process: System Address: 0x892243e8 Size: 121
Object: Hidden Code [Driver: Cdfsఌ浗灩, IRP_MJ_SET_INFORMATION]
Process: System Address: 0x892243e8 Size: 121
Object: Hidden Code [Driver: Cdfsఌ浗灩, IRP_MJ_QUERY_VOLUME_INFORMATION]
Process: System Address: 0x892243e8 Size: 121
Object: Hidden Code [Driver: Cdfsఌ浗灩, IRP_MJ_DIRECTORY_CONTROL]
Process: System Address: 0x892243e8 Size: 121
Object: Hidden Code [Driver: Cdfsఌ浗灩, IRP_MJ_FILE_SYSTEM_CONTROL]
Process: System Address: 0x892243e8 Size: 121
Object: Hidden Code [Driver: Cdfsఌ浗灩, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x892243e8 Size: 121
Object: Hidden Code [Driver: Cdfsఌ浗灩, IRP_MJ_SHUTDOWN]
Process: System Address: 0x892243e8 Size: 121
Object: Hidden Code [Driver: Cdfsఌ浗灩, IRP_MJ_LOCK_CONTROL]
Process: System Address: 0x892243e8 Size: 121
Object: Hidden Code [Driver: Cdfsఌ浗灩, IRP_MJ_CLEANUP]
Process: System Address: 0x892243e8 Size: 121
Object: Hidden Code [Driver: Cdfsఌ浗灩, IRP_MJ_PNP]
Process: System Address: 0x892243e8 Size: 121
Hidden Services
-------------------
Service Name: SKYNEThoowprtq
Image Path: C:\WINDOWS\system32\drivers\SKYNETfqqakyap.sys
Shadow SSDT
-------------------
#: 460 Function Name: NtUserMessageCall
Status: Hooked by "C:\WINDOWS\System32\vsdatant.sys" at address 0xb5b948b0
#: 475 Function Name: NtUserPostMessage
Status: Hooked by "C:\WINDOWS\System32\vsdatant.sys" at address 0xb5b94950
#: 476 Function Name: NtUserPostThreadMessage
Status: Hooked by "C:\WINDOWS\System32\vsdatant.sys" at address 0xb5b949e0
#: 491 Function Name: NtUserRegisterRawInputDevices
Status: Hooked by "C:\WINDOWS\System32\vsdatant.sys" at address 0xb5b937b0
#: 502 Function Name: NtUserSendInput
Status: Hooked by "C:\WINDOWS\System32\vsdatant.sys" at address 0xb5b94bb0
==EOF==
Hi,
Your infected with a Rootkit :red:
Open RootRepeal
click the Files tab
click C:\drive
click OK.
After the scan, locate SKYNETfqqakyap.sys
Select Wipe File. (Do not select Force Delete)
Reboot PC
Do the above for any file that starts with SKYNET
Download Combofix from any of the links below. You must rename it before saving it. Save it to your desktop.
Link 1 (http://download.bleepingcomputer.com/sUBs/ComboFix.exe)
Link 2 (http://www.forospyware.com/sUBs/ComboFix.exe)
Link 3 (http://subs.geekstogo.com/ComboFix.exe)
http://i266.photobucket.com/albums/ii277/sUBs_/combofix/CF_download_FF.gif
http://i266.photobucket.com/albums/ii277/sUBs_/combofix/CF_download_rename.gif
* IMPORTANT !!! Save ComboFix.exe to your Desktop
Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
See this Link (http://www.bleepingcomputer.com/forums/topic114351.html) for programs that need to be disabled and instruction on how to disable them.
Remember to re-enable them when we're done.
Double click on ComboFix.exe & follow the prompts.
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
http://i24.photobucket.com/albums/c30/ken545/RcAuto1.gif
Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
http://i24.photobucket.com/albums/c30/ken545/whatnext.jpg
Click on Yes, to continue scanning for malware.
When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply along with a New Hijackthis log.
*If there is no internet connection when Combofix has completely finished then restart your computer to restore back the connections.
Disconnected, this topic has been closed due to inactivity.
If you still require help, please start a new topic and include a new HijackThis log with a link to your previous thread.
Please do not add any logs that might have been requested previously, you would be starting fresh.
Applies only to the original poster, anyone else with similar problems please start your own topic.
Thank you ken545. :)
Disconnected,
I have re opened this thread for you. Understand that we get so many people posting with infected computers that if a thread is not replied to in a reasonable amount of time that its closed.
What you have going on here is a nasty rootkit infection, what you need to do is go to a known clean computer and download Combofix, don't forget to rename it, then burn it to a CD and transfer it to the infected one and run it.
Disconnected
2009-08-28, 23:57
But now that internet explorer and Firefox are telling me that they are not valid win32 programs I no longer have easy access to the internet:sad:
You need to use a known clean computer and download Internet Explorer 8, copy it to a CD or USB drive and transfer it to the infected computer and install it, see if this fixed your internet.
Get it here
http://www.microsoft.com/downloads/details.aspx?FamilyID=341c2ad5-8c3d-4347-8c03-08cdecd8852b&displaylang=en
Hi,
How are you coming along ? The skynet I had you remove is a very nasty Rootkit infection. This should not have effected your browsers. Both of them need to be reinstalled.
If you get them working then follow these instructions to run Combofix which will remove that rootkit , it needs to go. If needed , you can download this also to a known clean computer and transfer by disk to the infected one and run it.
It has to be renamed as this rootkit blocks most security programs from running.
Download Combofix from any of the links below. You must rename it before saving it. Save it to your desktop.
Link 1 (http://download.bleepingcomputer.com/sUBs/ComboFix.exe)
Link 2 (http://www.forospyware.com/sUBs/ComboFix.exe)
Link 3 (http://subs.geekstogo.com/ComboFix.exe)
http://i266.photobucket.com/albums/ii277/sUBs_/combofix/CF_download_FF.gif
http://i266.photobucket.com/albums/ii277/sUBs_/combofix/CF_download_rename.gif
* IMPORTANT !!! Save ComboFix.exe to your Desktop
Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
See this Link (http://www.bleepingcomputer.com/forums/topic114351.html) for programs that need to be disabled and instruction on how to disable them.
Remember to re-enable them when we're done.
Double click on ComboFix.exe & follow the prompts.
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
http://i24.photobucket.com/albums/c30/ken545/RcAuto1.gif
Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
http://i24.photobucket.com/albums/c30/ken545/whatnext.jpg
Click on Yes, to continue scanning for malware.
When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply along with a New Hijackthis log.
*If there is no internet connection when Combofix has completely finished then restart your computer to restore back the connections.
Disconnected
2009-08-31, 01:21
I Downloaded Combofix and renamed it after download because it wouldn't let before download, saved it to a disk and tried to run it on the infected computer but its telling me its not a valid win32 program as well.:sad:
I need feedback from you in order to help you. Did you install IE 8 ?
Try running Combofix in safemode
To Enter Safemode
Go to Start> Shut off your Computer> Restart
As the computer starts to boot-up, Tap the F8 KEY somewhat rapidly,
this will bring up a menu.
Use the Up and Down Arrow Keys to scroll up to Safemode with Networking
Then press the Enter Key on your Keyboard
Tutorial if you need it How to boot into Safemode (http://www.bleepingcomputer.com/tutorials/tutorial61.html)
Disconnected
2009-08-31, 02:08
:oops: right after i sent that i went back to the infected computer and my avg which i forgot to disable was warning me about a potentially fake anti virus trying to start up and asked me if i wanted to remove it.
i hit yes and it asked me if i wanted to force remove it which might cause system instability i hit no, after this combofix ran and my internet was working as well.
So here is the combo fix log
ComboFix 09-08-30.01 - daniel 30/08/2009 16:37.1.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2046.1128 [GMT -6:00]
Running from: c:\documents and settings\daniel\Desktop\Combo-Fix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: ZoneAlarm Firewall *disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\Windows Antivirus Pro
c:\program files\Windows Antivirus Pro\msvcm80.dll
c:\program files\Windows Antivirus Pro\msvcp80.dll
c:\program files\Windows Antivirus Pro\msvcr80.dll
c:\program files\Windows Antivirus Pro\tmp\dbsinit.exe
c:\program files\Windows Antivirus Pro\tmp\images\i1.gif
c:\program files\Windows Antivirus Pro\tmp\images\i2.gif
c:\program files\Windows Antivirus Pro\tmp\images\i3.gif
c:\program files\Windows Antivirus Pro\tmp\images\j1.gif
c:\program files\Windows Antivirus Pro\tmp\images\j2.gif
c:\program files\Windows Antivirus Pro\tmp\images\j3.gif
c:\program files\Windows Antivirus Pro\tmp\images\jj1.gif
c:\program files\Windows Antivirus Pro\tmp\images\jj2.gif
c:\program files\Windows Antivirus Pro\tmp\images\jj3.gif
c:\program files\Windows Antivirus Pro\tmp\images\l1.gif
c:\program files\Windows Antivirus Pro\tmp\images\l2.gif
c:\program files\Windows Antivirus Pro\tmp\images\l3.gif
c:\program files\Windows Antivirus Pro\tmp\images\pix.gif
c:\program files\Windows Antivirus Pro\tmp\images\t1.gif
c:\program files\Windows Antivirus Pro\tmp\images\t2.gif
c:\program files\Windows Antivirus Pro\tmp\images\Thumbs.db
c:\program files\Windows Antivirus Pro\tmp\images\up1.gif
c:\program files\Windows Antivirus Pro\tmp\images\up2.gif
c:\program files\Windows Antivirus Pro\tmp\images\w1.gif
c:\program files\Windows Antivirus Pro\tmp\images\w11.gif
c:\program files\Windows Antivirus Pro\tmp\images\w2.gif
c:\program files\Windows Antivirus Pro\tmp\images\w3.gif
c:\program files\Windows Antivirus Pro\tmp\images\w3.jpg
c:\program files\Windows Antivirus Pro\tmp\images\wt1.gif
c:\program files\Windows Antivirus Pro\tmp\images\wt2.gif
c:\program files\Windows Antivirus Pro\tmp\images\wt3.gif
c:\program files\Windows Antivirus Pro\tmp\wispex.html
c:\program files\Windows Antivirus Pro\Windows Antivirus Pro.exe
c:\windows\ppp3.dat
c:\windows\ppp4.dat
c:\windows\system32\bennuar.old
c:\windows\system32\config\systemprofile\Start Menu\Programs\Windows Antivirus Pro
c:\windows\system32\config\systemprofile\Start Menu\Programs\Windows Antivirus Pro\Windows Antivirus Pro.lnk
c:\windows\system32\dddesot.dll
c:\windows\system32\desot.exe
c:\windows\system32\drivers\SKYNETfqqakyap.sys
c:\windows\system32\images
c:\windows\system32\images\i1.gif
c:\windows\system32\images\i2.gif
c:\windows\system32\images\i3.gif
c:\windows\system32\images\j1.gif
c:\windows\system32\images\j2.gif
c:\windows\system32\images\j3.gif
c:\windows\system32\images\jj1.gif
c:\windows\system32\images\jj2.gif
c:\windows\system32\images\jj3.gif
c:\windows\system32\images\l1.gif
c:\windows\system32\images\l2.gif
c:\windows\system32\images\l3.gif
c:\windows\system32\images\pix.gif
c:\windows\system32\images\t1.gif
c:\windows\system32\images\t2.gif
c:\windows\system32\images\up1.gif
c:\windows\system32\images\up2.gif
c:\windows\system32\images\w1.gif
c:\windows\system32\images\w11.gif
c:\windows\system32\images\w2.gif
c:\windows\system32\images\w3.gif
c:\windows\system32\images\w3.jpg
c:\windows\system32\images\wt1.gif
c:\windows\system32\images\wt2.gif
c:\windows\system32\images\wt3.gif
c:\windows\system32\SKYNETixbqurqh.dat
c:\windows\system32\SKYNETrjnmcwyg.dat
c:\windows\system32\SKYNETsoiytkxv.dll
c:\windows\system32\SKYNETulbbgvxj.dll
c:\windows\system32\sonhelp.htm
c:\windows\system32\sysnet.dat
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_ANTIPPRO2009_100
-------\Legacy_SKYNEThoowprtq
-------\Service_AntipPro2009_100
-------\Service_SKYNEThoowprtq
((((((((((((((((((((((((( Files Created from 2009-07-28 to 2009-08-30 )))))))))))))))))))))))))))))))
.
2009-08-25 22:53 . 2009-08-25 22:53 -------- d-sh--w- C:\found.000
2009-08-17 04:54 . 2009-08-17 04:54 -------- d-----w- c:\documents and settings\daniel\Application Data\Malwarebytes
2009-08-17 04:54 . 2009-08-03 19:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-08-17 04:54 . 2009-08-17 04:54 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-08-17 04:54 . 2009-08-17 04:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-08-17 04:54 . 2009-08-03 19:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-08-15 01:34 . 2009-08-15 01:35 -------- d-----w- c:\program files\ERUNT
2009-08-13 19:53 . 2009-08-13 19:53 41872 ----a-w- c:\windows\system32\xfcodec.dll
2009-08-12 05:13 . 2009-08-12 05:14 -------- d-----w- c:\program files\Bethesda Softworks
2009-08-03 00:49 . 2009-08-03 00:49 -------- d-----w- c:\documents and settings\daniel\Application Data\AdobeUM
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-30 22:56 . 2008-12-19 23:50 1069711392 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-08-30 22:55 . 2008-12-25 08:04 -------- d-----w- c:\documents and settings\daniel\Application Data\DNA
2009-08-30 22:45 . 2008-12-18 20:35 -------- d-----w- c:\program files\Steam
2009-08-30 22:45 . 2009-04-10 03:02 7 ----a-w- c:\windows\sbacknt.bin
2009-08-30 22:45 . 2008-12-25 08:04 -------- d-----w- c:\program files\DNA
2009-08-30 22:43 . 2008-12-19 23:50 12535940 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-08-30 22:24 . 2008-12-18 20:53 -------- d-----w- c:\documents and settings\All Users\Application Data\avg8
2009-08-30 22:09 . 2008-12-20 00:03 -------- d-----w- c:\program files\Xfire
2009-08-20 04:20 . 2009-06-13 02:45 98304 ----a-w- c:\windows\system32\CmdLineExt.dll
2009-08-19 22:59 . 2008-12-18 20:53 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-08-19 22:59 . 2008-12-18 20:53 335240 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-08-19 22:59 . 2008-12-18 20:53 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-08-19 03:08 . 2009-04-08 02:18 -------- d-----w- c:\program files\GameJack 5
2009-08-18 23:33 . 2008-12-20 00:03 -------- d-----w- c:\documents and settings\daniel\Application Data\Xfire
2009-08-18 23:29 . 2009-04-07 00:09 664 ----a-w- c:\windows\system32\d3d9caps.dat
2009-08-14 01:23 . 2009-04-04 22:05 552 ----a-w- c:\windows\system32\d3d8caps.dat
2009-08-13 01:36 . 2008-12-25 10:20 -------- d-----w- c:\documents and settings\All Users\Application Data\FLEXnet
2009-08-02 21:55 . 2008-12-18 19:53 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-08-02 21:29 . 2009-06-11 23:10 -------- d-----w- c:\program files\Ubisoft
2009-08-02 21:19 . 2009-04-01 01:38 -------- d-----w- c:\documents and settings\daniel\Application Data\Hamachi
2009-07-28 23:31 . 2009-02-09 21:28 5256993 ----a-w- c:\windows\Internet Logs\tvDebug.Zip
2009-07-16 02:20 . 2009-07-16 02:20 -------- d-----w- c:\documents and settings\All Users\Application Data\Ubisoft
2009-07-16 02:19 . 2009-07-16 02:19 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-07-16 02:19 . 2009-07-16 02:19 22328 ----a-w- c:\documents and settings\daniel\Application Data\PnkBstrK.sys
2009-07-16 02:19 . 2009-07-16 02:19 22328 ----a-w- c:\documents and settings\daniel\Application Data\PnkBstrK.sys
2009-07-16 02:19 . 2009-07-16 02:19 107832 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-07-16 02:19 . 2009-07-16 02:19 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-07-16 02:19 . 2009-07-16 02:19 2337865 ----a-w- c:\windows\system32\pbsvc.exe
2009-07-14 01:47 . 2009-04-10 03:01 152904 ----a-w- c:\windows\system32\vghd.scr
2009-07-14 01:47 . 2009-04-10 03:01 -------- d-----w- c:\program files\vghd
2009-07-04 23:32 . 2008-12-25 08:05 -------- d-----w- c:\documents and settings\daniel\Application Data\BitTorrent
2009-07-01 14:39 . 2009-03-02 07:17 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-06-11 23:19 . 2009-06-11 23:19 152576 ----a-w- c:\documents and settings\daniel\Application Data\Sun\Java\jre1.6.0_14\lzma.dll
2009-06-08 20:44 . 2009-06-08 20:44 78848 ----a-w- c:\windows\system32\drivers\SSHDRV85.sys
2009-06-06 02:17 . 2004-08-04 12:00 12400 ----a-w- c:\windows\system32\drivers\secdrv.sys
2009-06-06 02:16 . 2009-03-30 17:18 976 ----a-w- c:\windows\eReg.dat
2009-06-05 04:14 . 2009-06-05 04:14 10134 ----a-r- c:\documents and settings\daniel\Application Data\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
2009-06-03 04:35 . 2009-04-01 01:38 25280 ----a-w- c:\windows\system32\drivers\hamachi.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-10-17 01:22 333192 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-10-17 333192]
[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-10-17 333192]
[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files\steam\steam.exe" [2009-06-11 1217784]
"BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2008-12-25 342848]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656]
"EA Core"="c:\program files\Electronic Arts\EADM\Core.exe" [2009-04-29 3338240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"="c:\windows\JM\JMInsIDE.exe" [2006-10-30 36864]
"36X Raid Configurer"="c:\windows\system32\JMRaidSetup.exe" [2006-11-16 1953792]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-12-18 868352]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-03-27 13684736]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-08-19 2007832]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-11-13 981904]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2008-11-02 167936]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2009-03-09 37888]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-03-27 86016]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-05-21 148888]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-05-26 413696]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-07-01 198160]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2009-03-27 1657376]
"WTClient"="WTClient.exe" - c:\windows\system32\WTClient.exe [2007-04-11 40960]
c:\documents and settings\daniel\Start Menu\Programs\Startup\
DesktopVideoPlayer.LNK - c:\program files\vghd\vghd.exe [2009-4-9 402768]
ERUNT AutoBackup.lnk - c:\program files\ERUNT\AUTOBACK.EXE [2005-10-20 38912]
Xfire.lnk - c:\program files\Xfire\Xfire.exe [2009-8-13 3109264]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-08-19 22:59 11952 ----a-w- c:\windows\system32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\fear2spdemo\\FEAR2SPDemo.exe"=
"c:\\Program Files\\Steam\\steamapps\\fragbait884\\dark messiah might and magic multi-player\\runme.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\tomb raider legend\\trl.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\dawn of war gold\\W40kWA.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\railroad tycoon 3\\RT3.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\heroes of annihilated empires\\engine.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\shadowgrounds survivor\\survivor.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\tomb raider underworld\\tru.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\dawn of war gold\\W40k.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\dawn of war dark crusade\\darkcrusade.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\dawn of war soulstorm\\soulstorm.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\mount and blade\\runme.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\lost planet extreme condition\\LostPlanetDX9.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\lost planet extreme condition\\LostPlanetDX10.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\unreal ii the awakening\\System\\Unreal2.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\unreal gold\\System\\Unreal.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\unreal tournament\\System\\UnrealTournament.exe"=
"c:\\Program Files\\THQ\\Gas Powered Games\\Supreme Commander - Forged Alliance\\bin\\ForgedAlliance.exe"=
"c:\\Program Files\\THQ\\Gas Powered Games\\GPGNet\\GPG.Multiplayer.Client.exe"=
"c:\\Program Files\\LucasArts\\Star Wars Republic Commando\\GameData\\System\\SWRepublicCommando.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\unreal tournament 3\\Binaries\\UT3.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\on the rain-slick precipice of darkness - episode one\\RainSlickEp1.exe"=
"c:\\Program Files\\Ascaron Entertainment\\Sacred Underworld\\gameserver.exe"=
"c:\\Program Files\\Ascaron Entertainment\\Sacred Underworld\\sacred.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\il 2 sturmovik 1946\\il2fb.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Ubisoft\\Tom Clancy's Rainbow Six Vegas 2\\Binaries\\R6Vegas2_Game.exe"=
"c:\\Program Files\\Ubisoft\\Tom Clancy's Rainbow Six Vegas 2\\Binaries\\R6Vegas2_Launcher.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\left 4 dead\\left4dead.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\left 4 dead\\srcds.exe"=
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [18/12/2008 02:53 PM 335240]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [18/12/2008 02:53 PM 108552]
R1 SSHDRV85;SSHDRV85;c:\windows\system32\drivers\SSHDRV85.sys [08/06/2009 02:44 PM 78848]
R2 ASKService;ASKService;c:\program files\AskBarDis\bar\bin\AskService.exe [19/12/2008 05:47 PM 464264]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [18/12/2008 02:53 PM 908056]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [18/12/2008 02:53 PM 297752]
S2 gupdate1c99b06d6abe68e;Google Update Service (gupdate1c99b06d6abe68e);c:\program files\Google\Update\GoogleUpdate.exe [02/03/2009 01:16 AM 133104]
.
Contents of the 'Scheduled Tasks' folder
2009-08-14 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 18:34]
2009-08-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-02 07:16]
2009-08-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-02 07:16]
.
- - - - ORPHANS REMOVED - - - -
HKCU-Run-DriverCure - c:\program files\ParetoLogic\DriverCure\DriverCure.exe
.
------- Supplementary Scan -------
.
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
IE: &Winamp Search - c:\documents and settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
LSP: %SYSTEMROOT%\system32\nvappfilter.dll
FF - ProfilePath - c:\documents and settings\daniel\Application Data\Mozilla\Firefox\Profiles\a386xk3d.default\
FF - component: c:\documents and settings\daniel\Application Data\Mozilla\Firefox\Profiles\a386xk3d.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampTBPlayer.dll
FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npclntax_SeekmoSA.dll
---- FIREFOX POLICIES ----
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-08-30 16:45
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'lsass.exe'(1200)
c:\windows\system32\nvappfilter.dll
- - - - - - - > 'explorer.exe'(2180)
c:\program files\Xfire\xfire_toucan_38751.dll
c:\windows\system32\msi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\program files\AVG\AVG8\avgrsx.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\drivers\WTSrv.exe
c:\progra~1\AVG\AVG8\avgnsx.exe
c:\program files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
c:\program files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
c:\program files\AVG\AVG8\avgcsrvx.exe
c:\program files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\rundll32.exe
c:\program files\Java\jre6\bin\jucheck.exe
.
**************************************************************************
.
Completion time: 2009-08-30 16:58 - machine was rebooted
ComboFix-quarantined-files.txt 2009-08-30 22:58
Pre-Run: 18,859,601,920 bytes free
Post-Run: 18,885,570,560 bytes free
308
and here is a new hjt log cause i think i remember you asking for one with the combo fix log before when you told me to wipe all the skynet stuff
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 05:00:45 PM, on 30/08/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AskBarDis\bar\bin\AskService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\System32\Drivers\WTSRV.EXE
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\WTClient.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\program files\steam\steam.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Electronic Arts\EADM\Core.exe
C:\Program Files\vghd\vghd.exe
C:\Program Files\Xfire\Xfire.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Documents and Settings\daniel\Desktop\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: ZoneAlarm Spy Blocker Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\JM\JMInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\JMRaidSetup.exe boot
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [WTClient] WTClient.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - Startup: DesktopVideoPlayer.LNK = C:\Program Files\vghd\vghd.exe
O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: ASKService - Unknown owner - C:\Program Files\AskBarDis\bar\bin\AskService.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: Google Update Service (gupdate1c99b06d6abe68e) (gupdate1c99b06d6abe68e) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: WinTab Service (WinTabService) - Tablet Driver - C:\WINDOWS\System32\Drivers\WTSRV.EXE
--
End of file - 8522 bytes
Great :2thumb:
Give me a bit to look over your Combofix log , in the meantime do this. We have run them already but lets run them again.
Download TFC (http://oldtimer.geekstogo.com/TFC.exe) to your desktop
Close any open windows.
Double click the TFC icon to run the program
TFC will close all open programs itself in order to run,
Click the Start button to begin the process.
Allow TFC to run uninterrupted.
The program should not take long to finish it's job
Once its finished it should automatically reboot your machine,
if it doesn't, manually reboot to ensure a complete clean
You should still have Malwarebytes installed, open it, check for updates and run the quick scan.
Post the log and a new HJT log please
Disconnected
2009-08-31, 03:53
Malwarebytes' Anti-Malware 1.40
Database version: 2719
Windows 5.1.2600 Service Pack 2
30/08/2009 06:09:07 PM
mbam-log-2009-08-30 (18-09-07).txt
Scan type: Quick Scan
Objects scanned: 89176
Time elapsed: 3 minute(s), 19 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 2
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_USERS\S-1-5-18\SOFTWARE\Windows antiVirus pro (Rogue.Trace) -> Quarantined and deleted successfully.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\Program Files\Mozilla Firefox\plugins\npclntax_SeekmoSA.dll (Adware.Zango) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\onhelp.htm (Rogue.Trace) -> Quarantined and deleted successfully.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 06:13:27 PM, on 30/08/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\WTClient.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\program files\steam\steam.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Electronic Arts\EADM\Core.exe
C:\Program Files\AskBarDis\bar\bin\AskService.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\vghd\vghd.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Xfire\Xfire.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\vghd\VirtuaGirl_downloader.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\System32\Drivers\WTSRV.EXE
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\daniel\Desktop\HiJackThis.exe
C:\WINDOWS\system32\wuauclt.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: ZoneAlarm Spy Blocker Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\JM\JMInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\JMRaidSetup.exe boot
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [WTClient] WTClient.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - Startup: DesktopVideoPlayer.LNK = C:\Program Files\vghd\vghd.exe
O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: ASKService - Unknown owner - C:\Program Files\AskBarDis\bar\bin\AskService.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: Google Update Service (gupdate1c99b06d6abe68e) (gupdate1c99b06d6abe68e) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: WinTab Service (WinTabService) - Tablet Driver - C:\WINDOWS\System32\Drivers\WTSRV.EXE
--
End of file - 8584 bytes
Hi,
BitTorrent DNA <-- This is most likely how you got infected , read this please.
BitTorrent DNA<-- Just want to give you a heads up on P2P programs, your downloading a file from an unknown source, you never know whats attached to that file, its like playing Russian roulette malwarewise.
We have noticed that many people seeking help from us are coming with infections contracted from the use of P2P programs.
Because of this, we changed our malware forum's policy on the use of P2P file sharing programs.
If your helper detects the presence of such programs on your computer he/she will ask you to remove them. Help will be withdrawn should you not agree to their removal.
If we clean your computer of infection, and you return to us a short time later with an infection contracted by the use of P2P programs, volunteer analysts will refuse their help.
We do not ask you to do this without reason.
P2P (File Sharing ) programs form a direct conduit onto your computer, their security measures are easily circumvented, and Malware writers are increasingly exploiting them to spread their wares onto your computer. Further to that, if your P2P program is not configured correctly you may be sharing more files than you realize. There have been cases where people's Passwords, Address Books and other personal, private, and financial details have been exposed to the file sharing network by a badly configured program.
Many of the programs come bundled with other unwanted programs, but even the ones free of any bundled software are not safe to use.
This article from InfoWorld illustrates the dangers of a poorly configured P2P program.
http://www.infoworld.com/article/07/09/06/...ID-theft_1.html (http://www.infoworld.com/article/07/09/06/Seattle-man-arrested-for-p-to-p-ID-theft_1.html)
When you use them you are downloading software from an unknown source directly onto your computer, bypassing your Firewall and Anti-Virus software. Hardly surprising then that many of these Downloads are being targeted to carry infections.
The rest of your logs look fine, How are things running now ?
Disconnected
2009-08-31, 04:46
and as for bit torrent I've been trying to remove it ever since the infection but it hasn't been letting me, now that it seems clear i shall try again. not only that but i almost lost my internet because of it so i haven't used it in almost a year.:oops: thanks for all your help, hopefully my computer is fixed now.:thanks:
Open HijackThis > Do a System Scan Only, close your browser and all open windows including this one, the only program or window you should have open is HijackThis, check the following entries and click on Fix Checked.
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
Open Notepad Go to Start> All Programs> Assessories> Notepad ( this will only work with Notepad )and copy all the text inside the Codebox by highlighting it all and pressing CTRL C on your keyboard, then paste it into Notepad, make sure there is no space before and above Folder::
Folder::
C:\Program Files\DNA
Save this as CFScript to your desktop.
Then drag the CFScript into ComboFix.exe as you see in the screenshot below.
http://i24.photobucket.com/albums/c30/ken545/CFScriptB-4.gif
This will start ComboFix again. After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply together with a new HijackThis log.
Disconnected
2009-08-31, 23:08
i deleted it using add/remove programs
Post one last HJT log and lets make sure nothing has returned.
Disconnected
2009-09-01, 02:08
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 05:08:00 PM, on 31/08/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\WTClient.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\program files\steam\steam.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\AskBarDis\bar\bin\AskService.exe
C:\Program Files\Xfire\Xfire.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\System32\Drivers\WTSRV.EXE
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\daniel\Desktop\Malware removal tools\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: ZoneAlarm Spy Blocker Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\JM\JMInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\JMRaidSetup.exe boot
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [WTClient] WTClient.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: DesktopVideoPlayer.LNK = C:\Program Files\vghd\vghd.exe
O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: ASKService - Unknown owner - C:\Program Files\AskBarDis\bar\bin\AskService.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: Google Update Service (gupdate1c99b06d6abe68e) (gupdate1c99b06d6abe68e) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: WinTab Service (WinTabService) - Tablet Driver - C:\WINDOWS\System32\Drivers\WTSRV.EXE
--
End of file - 8872 bytes
Hi,
Your log looks fine. Just a couple of points to go over.
I can just advise you, I have no right to tell you what and what not to use on your computer...BUT using programs like the torrents, or any file sharing program , Virtual Girl and the like are going to keep getting you in trouble. There is some nasty stuff going around right now and your playing with fire using programs like that.
Malwarebytes <-- Yours to keep also, check for updates and run a scan now and then.
Combofix <---Is not a general cleaning tool, just run it with supervision or you can bork your system
Click START then RUN
Now type Combofix /u in the runbox and click OK. Note the space between the X and the U, it needs to be there.
http://i189.photobucket.com/albums/z176/EPL47/CF_Cleanup.png
When shown the disclaimer, Select "2"
The above procedure will:
Delete the following:
ComboFix and its associated files and folders.
VundoFix backups, if present
The C:\Deckard folder, if present
The C:_OtMoveIt folder, if present
Reset the clock settings.
Hide file extensions, if required.
Hide System/Hidden files, if required.
Reset System Restore.
How did I get infected in the first place ?
Read these links and find out how to prevent getting infected again.
Tutorial for System Restore (http://www.bleepingcomputer.com/tutorials/tutorial56.html) <-- Do this first to prevent yourself from being reinfected.
WhattheTech (http://forums.whatthetech.com/So_how_did_I_get_infected_in_the_first_place_t57817.html)
Grinler BleepingComputer (http://www.bleepingcomputer.com/forums/topic2520.html)
GeeksTo Go (http://www.geekstogo.com/forum/index.php?autocom=custom&page=How_did_I)
Dslreports (http://www.dslreports.com/faq/10002)
Keep in mind if you install some of these programs. Only ONE Anti Virus and only ONE Firewall is recommended, more is overkill and can cause you problems. You can install all the Spyware programs I have listed without any problems. If you install Spyware Blaster and Spyware Guard, they will conflict with the TeaTimer in Spybot , you can still install Spybot Search and Destroy but do not enable the TeaTimer .
Here are some free programs to install, all free and highly regarded by the fine people in the Malware Removal Community
Spybot Search and Destroy 1.6 (http://www.safer-networking.org/en/download/)
Check for Updates/ Immunize and run a Full System Scan on a regular basis. If you install Spyware Blaster ( Recommended ) then do not enable the TeaTimer in Spybot Search and Destroy.
Spyware Blaster (http://www.javacoolsoftware.com/spywareblaster.html) It will prevent most spyware from ever being installed. No scan to run, just update about once a week and enable all protection.
Spyware Guard (http://www.javacoolsoftware.com/spywareguard.html) It offers realtime protection from spyware installation attempts, again, no scan to run, just install it and let it do its thing.
IE-Spyad (http://www.pcworld.com/downloads/file/fid,23332-order,1-page,1-c,antispywaretools/description.html)
IE-Spyad places over 6000 web sites and domains in the IE Restricted list which will severely impair attempts to infect your system. It basically prevents any downloads (cookies etc) from the sites listed, although you will still be able to connect to the sites.
Firefox 3 (http://www.mozilla.org/products/firefox/) It has more features and is a lot more secure than IE. It is a very easy and painless download and install, it will no way interfere with IE, you can use them both.
Safe Surfn
Ken
Disconnected
2009-09-01, 03:47
I have already installed Spybot at the recommendation of my brother.:thanks:
and i also already use Firefox.:FF:
So again thanks for the help. :thanks:
Your very welcome,
Take Care,
Ken :)
Since this issue appears to be resolved ... this Topic has been closed. Glad I could help.