1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Solved: Invasive virus - locking me out

Discussion in 'Virus & Other Malware Removal' started by nanrector, May 22, 2008.

Thread Status:
Not open for further replies.
Advertisement
  1. nanrector

    nanrector Thread Starter

    Joined:
    Jun 12, 2005
    Messages:
    60
    I have a bug of some sort. My virus software did not catch it. Typically I can get rid of these myself but this one has uninstalled my virus software and will not let me reinstall it. I also cannot install any other virus software. None will run. I cannot boot to safe mode either. Id appreciate any advice.

    nrector


    I was finally able to install AVG which removed a bunch of things. However hijack this will not install. Gives me error..."...Hijackthis.exe is not a valid win32 application."
     
  2. Sponsor

  3. cybertech

    cybertech Moderator

    Joined:
    Apr 16, 2002
    Messages:
    72,090
    What OS are you running?
     
  4. nanrector

    nanrector Thread Starter

    Joined:
    Jun 12, 2005
    Messages:
    60
    XP.Pro. AVG found all kinds of stuff including a flec006.exe It got rid of them but now its finding new viruses several times a day. Some of the same ones... so obviously I still have an issue. It lets me put them in the vault but they keep coming back later. Still can't install hijackthis.

    Nancy
     
  5. cybertech

    cybertech Moderator

    Joined:
    Apr 16, 2002
    Messages:
    72,090
    Click here to download Dr.Web CureIt and save it to your desktop.
    • Doubleclick the drweb-cureit.exe file and Allow to run the express scan
    • This will scan the files currently running in memory and when something is found, click the yes button when it asks you if you want to cure it. This is only a short scan.
    • Once the short scan has finished, mark the drives that you want to scan.
    • Select all drives. A red dot shows which drives have been chosen.
    • Click the green arrow at the right, and the scan will start.
    • Click 'Yes to all' if it asks if you want to cure/move the file.
    • When the scan has finished, look if you can click next icon next to the files found: [​IMG]
    • If so, click it and then click the next icon right below and select Move incurable as you'll see in next image:
      [​IMG]
      This will move it to the %userprofile%\DoctorWeb\quarantaine-folder if it can't be cured. (this in case if we need samples)
    • After selecting, in the Dr.Web CureIt menu on top, click file and choose save report list
    • Save the report to your desktop. The report will be called DrWeb.csv
    • Close Dr.Web Cureit.
    • Reboot your computer!! Because it could be possible that files in use will be moved/deleted during reboot.
    • After reboot, post the contents of the log from Dr.Web you saved previously in your next reply.

    NEXT


    Please download Malwarebytes Anti-Malware and save it to your desktop. alternate download link 1 alternate download link 2
    • Make sure you are connected to the Internet.
    • Double-click on Download_mbam-setup.exe to install the application.
    • When the installation begins, follow the prompts and do not make any changes to default settings.
    • When installation has finished, make sure you leave both of these checked:
      • Update Malwarebytes' Anti-Malware
      • Launch Malwarebytes' Anti-Malware
    • Then click Finish.
    • MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue. If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.
    • On the Scanner tab:
      • Make sure the "Perform Quick Scan" option is selected.
      • Then click on the Scan button.
    • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
    • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
    • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
    • Click OK to close the message box and continue with the removal process.
    • Back at the main Scanner screen, click on the Show Results button to see a list of any malware that was found.
    • Make sure that everything is checked, and click Remove Selected.
    • When removal is completed, a log report will open in Notepad and you may be prompted to restart your computer. (see Note below)
    • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
    • Copy and paste the contents of that report in your next reply and exit MBAM.
    Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.
     
  6. nanrector

    nanrector Thread Starter

    Joined:
    Jun 12, 2005
    Messages:
    60
    Didn't get my email notification you had posted! Glad I check.

    I've been trying to run Dr.Web... it froze first time. I have many drives. So its a LONG process. I had to start over on the freeze. Can I deep scan one drive at a time and then put the lots together from them and post?

    Nancy
     
  7. cybertech

    cybertech Moderator

    Joined:
    Apr 16, 2002
    Messages:
    72,090
    Yes you can do that or just post one scan at a time.
     
  8. nanrector

    nanrector Thread Starter

    Joined:
    Jun 12, 2005
    Messages:
    60
    Here is my report. I finally got it to run on all the drives. (12 hours almost!)

    stream021\livesrv.exe;C:\System Volume Information\_restore{B3BDD4F0-2FA7-4019-A7BF-3032547C42D0}\RP126\A0076216.msi\stream021;Probably DLOADER.Trojan;;
    stream021;C:\System Volume Information\_restore{B3BDD4F0-2FA7-4019-A7BF-3032547C42D0}\RP126\A0076216.msi;Archive contains infected objects;;
    A0076216.msi;C:\System Volume Information\_restore{B3BDD4F0-2FA7-4019-A7BF-3032547C42D0}\RP126;Archive contains infected objects;Moved.;
    A0053330.exe;C:\System Volume Information\_restore{B3BDD4F0-2FA7-4019-A7BF-3032547C42D0}\RP71;Adware.SearchTwo.36;;
    A0053332.exe;C:\System Volume Information\_restore{B3BDD4F0-2FA7-4019-A7BF-3032547C42D0}\RP71;Adware.SearchTwo.36;;
    A0053481.exe;C:\System Volume Information\_restore{B3BDD4F0-2FA7-4019-A7BF-3032547C42D0}\RP71;Adware.SearchTwo.36;;
    A0059998.exe;C:\System Volume Information\_restore{B3BDD4F0-2FA7-4019-A7BF-3032547C42D0}\RP82;Adware.SearchTwo.36;;
    A0063838.exe;C:\System Volume Information\_restore{B3BDD4F0-2FA7-4019-A7BF-3032547C42D0}\RP91;Probably DLOADER.Trojan;;
    A0064831.exe;C:\System Volume Information\_restore{B3BDD4F0-2FA7-4019-A7BF-3032547C42D0}\RP91;Probably DLOADER.Trojan;;
    A0064903.exe;C:\System Volume Information\_restore{B3BDD4F0-2FA7-4019-A7BF-3032547C42D0}\RP92;Probably DLOADER.Trojan;;
    A0064962.exe;C:\System Volume Information\_restore{B3BDD4F0-2FA7-4019-A7BF-3032547C42D0}\RP93;Probably DLOADER.Trojan;;
    A0065022.exe;C:\System Volume Information\_restore{B3BDD4F0-2FA7-4019-A7BF-3032547C42D0}\RP94;Probably DLOADER.Trojan;;
    A0065082.exe;C:\System Volume Information\_restore{B3BDD4F0-2FA7-4019-A7BF-3032547C42D0}\RP95;Probably DLOADER.Trojan;;
    A0065142.exe;C:\System Volume Information\_restore{B3BDD4F0-2FA7-4019-A7BF-3032547C42D0}\RP96;Probably DLOADER.Trojan;;
    A0065307.exe;C:\System Volume Information\_restore{B3BDD4F0-2FA7-4019-A7BF-3032547C42D0}\RP96;Probably DLOADER.Trojan;;
    LYN12_Corel_EN_ESD.exe;I:\GRAPHIC DESIGN\!PSP\PSPX2 PURCHASED;Adware.SearchTwo.36;;
    mediaoneFreeContent.exe;I:\GRAPHIC DESIGN\!PSP\PSPX2 PURCHASED;Adware.SearchTwo.36;;
    NIK200_Corel_EN_FR_DE_ES_ESD.exe;I:\GRAPHIC DESIGN\!PSP\PSPX2 PURCHASED;Adware.SearchTwo.36;;
    hpi2jpg.exe;I:\GRAPHIC DESIGN\HPI to JPG Script By Charles;Win32.HLLW.Sage;Deleted.;
    gm5p_setup.exe\data137;I:\INTERNET-MAIL\!MAIL PROGRAMS\Groupmail - Gift Nov 07\gm5p_setup.exe;Probably WIN.WORM.Virus;;
    gm5p_setup.exe;I:\INTERNET-MAIL\!MAIL PROGRAMS\Groupmail - Gift Nov 07;Archive contains infected objects;Moved.;
    gm5p_setupjan08Update.exe\data137;I:\INTERNET-MAIL\!MAIL PROGRAMS\Groupmail - Gift Nov 07\gm5p_setupjan08Update.exe;Probably WIN.WORM.Virus;;
    gm5p_setupjan08Update.exe;I:\INTERNET-MAIL\!MAIL PROGRAMS\Groupmail - Gift Nov 07;Archive contains infected objects;Moved.;
    gmstolg.exe\data019;I:\INTERNET-MAIL\!MAIL PROGRAMS\Groupmail - Gift Nov 07\gmstolg.exe;Probably WIN.WORM.Virus;;
    gmstolg.exe;I:\INTERNET-MAIL\!MAIL PROGRAMS\Groupmail - Gift Nov 07;Archive contains infected objects;Moved.;
    gm5p_setup.exe\data004;I:\INTERNET-MAIL\!MAIL PROGRAMS\Groupmail Updates Feb 07\gm5p_setup.exe;Probably WIN.WORM.Virus;;
    gm5p_setup.exe;I:\INTERNET-MAIL\!MAIL PROGRAMS\Groupmail Updates Feb 07;Archive contains infected objects;Moved.;
    gmstolg.exe\data019;I:\INTERNET-MAIL\!MAIL PROGRAMS\Groupmail Updates Feb 07\gmstolg.exe;Probably WIN.WORM.Virus;;
    gmstolg.exe;I:\INTERNET-MAIL\!MAIL PROGRAMS\Groupmail Updates Feb 07;Archive contains infected objects;Moved.;
    stream002\_FA33AF5E00FE47CB803B6C5B2E41E980;I:\MISC SOFTWARE\!MICROSOFT\Microsoft Student With Encarta Premium 2007.ShareVirus.iso\LRNGESSL\TEACHER.MSI\stream002;Probably SCRIPT.Virus;;
    stream002;I:\MISC SOFTWARE\!MICROSOFT\Microsoft Student With Encarta Premium 2007.ShareVirus.iso\LRNGESSL\TEACHER.MSI;Archive contains infected objects;;
    LRNGESSL\TEACHER.MSI;I:\MISC SOFTWARE\!MICROSOFT\Microsoft Student With Encarta Premium 2007.ShareVirus.iso\LRNGESSL;Archive contains infected objects;;
    Microsoft Student With Encarta Premium 2007.ShareVirus.iso;I:\MISC SOFTWARE\!MICROSOFT;Archive contains infected objects;Moved.;
    MandalaVisionsSceensaverUpdated.exe;I:\SYSTEM STUFF\!SCREENSAVERS;Adware.Cashon.120;;
    A0076517.exe;I:\System Volume Information\_restore{B3BDD4F0-2FA7-4019-A7BF-3032547C42D0}\RP127;Win32.HLLW.Sage;Deleted.;
    A0076518.exe\data137;I:\System Volume Information\_restore{B3BDD4F0-2FA7-4019-A7BF-3032547C42D0}\RP127\A0076518.exe;Probably WIN.WORM.Virus;;
    A0076518.exe;I:\System Volume Information\_restore{B3BDD4F0-2FA7-4019-A7BF-3032547C42D0}\RP127;Archive contains infected objects;Moved.;
    A0076519.exe\data137;I:\System Volume Information\_restore{B3BDD4F0-2FA7-4019-A7BF-3032547C42D0}\RP127\A0076519.exe;Probably WIN.WORM.Virus;;
    A0076519.exe;I:\System Volume Information\_restore{B3BDD4F0-2FA7-4019-A7BF-3032547C42D0}\RP127;Archive contains infected objects;Moved.;
    A0076520.exe\data019;I:\System Volume Information\_restore{B3BDD4F0-2FA7-4019-A7BF-3032547C42D0}\RP127\A0076520.exe;Probably WIN.WORM.Virus;;
    A0076520.exe;I:\System Volume Information\_restore{B3BDD4F0-2FA7-4019-A7BF-3032547C42D0}\RP127;Archive contains infected objects;Moved.;
    A0076521.exe\data004;I:\System Volume Information\_restore{B3BDD4F0-2FA7-4019-A7BF-3032547C42D0}\RP127\A0076521.exe;Probably WIN.WORM.Virus;;
    A0076521.exe;I:\System Volume Information\_restore{B3BDD4F0-2FA7-4019-A7BF-3032547C42D0}\RP127;Archive contains infected objects;Moved.;
    A0076522.exe\data019;I:\System Volume Information\_restore{B3BDD4F0-2FA7-4019-A7BF-3032547C42D0}\RP127\A0076522.exe;Probably WIN.WORM.Virus;;
    A0076522.exe;I:\System Volume Information\_restore{B3BDD4F0-2FA7-4019-A7BF-3032547C42D0}\RP127;Archive contains infected objects;Moved.;
    alltotray46-keygen.exe;I:\UTILITIES\alltotray 4.6;Trojan.DownLoader.17378;Deleted.;
    apc-keygen.exe;I:\WEB DESIGN\Atomic.Page.Size.Calculator.v1.04;Trojan.MulDrop.14775;Deleted.;
    NeXTensio2CMS_Site_ASP.zip\ktml2/includes/ktedit/ktml.js;I:\WEB DESIGN\Macromedia Programs\DW Extensions - All Versions\Flemings Dreamweaver Extension Collection\MX\MX.Kollection.v2.8.;Probably SCRIPT.Virus;;
    MX.Kollection.v2.8.4-SPK100\docs\Tutorials\NeXTensio2 CMS\ASP\site\NeXTensio2CMS_Site_ASP.zip;I:\WEB DESIGN\Macromedia Programs\DW Extensions - All Versions\Flemings Dreamweaver Extension Collection\MX\MX.Kollection.v2.8.;Archive contains infected objects;;
    MX.Kollection.v2.8.4-SPK100.rar;I:\WEB DESIGN\Macromedia Programs\DW Extensions - All Versions\Flemings Dreamweaver Extension Collection\MX;Archive contains infected objects;Moved.;
    GMMailer.exe;S:\!!CDrive #1\GroupMail 5;Probably WIN.WORM.Virus;;
    ktml[1].js;S:\!!CDrive #2\Documents and Settings\Nancy\Local Settings\Temporary Internet Files\Content.IE5\OL2B8TUZ;Probably SCRIPT.Virus;;
     
  9. cybertech

    cybertech Moderator

    Joined:
    Apr 16, 2002
    Messages:
    72,090
    12 hours! :eek:


    Dare I ask if you have had time to run Malwarebytes' ? :eek:
     
  10. nanrector

    nanrector Thread Starter

    Joined:
    Jun 12, 2005
    Messages:
    60
    Not yet. Wasn't sure if I needed to wait or not. I'll run it now.
    Nancy
     
  11. cybertech

    cybertech Moderator

    Joined:
    Apr 16, 2002
    Messages:
    72,090
    OK, thanks!
     
  12. nanrector

    nanrector Thread Starter

    Joined:
    Jun 12, 2005
    Messages:
    60
    I did a Quick Scan with Malwarebytes' . It only scanned drive C. There is no option to choose any drives on that setting (quick scan). Should I do a full scan instead as it says it will scan all the drives?
     
  13. cybertech

    cybertech Moderator

    Joined:
    Apr 16, 2002
    Messages:
    72,090
    I would.
     
  14. nanrector

    nanrector Thread Starter

    Joined:
    Jun 12, 2005
    Messages:
    60
    Here it is. The last entry I noticed is one that my avg keeps getting rid of yet it keeps coming back on a regular basis: flec006.exe
    Also my AVG is still catching viruses on a regular basis.



    Malwarebytes' Anti-Malware 1.14
    Database version: 829

    6:05:57 AM 6/6/2008
    mbam-log-6-6-2008 (06-05-53).txt

    Scan type: Full Scan (C:\|D:\|F:\|G:\|I:\|M:\|N:\|O:\|P:\|R:\|S:\|W:\|)
    Objects scanned: 923310
    Time elapsed: 2 hour(s), 59 minute(s), 31 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 1
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 13

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\mule_st_key (Trojan.Agent) -> No action taken.

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    C:\Documents and Settings\Nancy\Application Data\Desktopicon\eBayShortcuts.exe (Trojan.Agent) -> No action taken.
    I:\MISC SOFTWARE\!FINANCE\Quicken 2007 PURCHASED\Microsoft Office 2007 Professional (Word, Excel, Powerpoint, Access, Frontpage, Outlook, Infopath, Visio, Project) NOT USED\Winrar\CORE10k.EXE (Trojan.Agent) -> No action taken.
    I:\SYSTEM STUFF\!SPECIFIC COMPUTERS\Gigabyte Motherboard CDNancysPC1\Chipset\VIA\KM266\Win9x\S3\DVIDEO.DLL (Trojan.Clicker) -> No action taken.
    I:\SYSTEM STUFF\!SPECIFIC COMPUTERS\Gigabyte Motherboard CDNancysPC1\Chipset\VIA\Vt8365\win9x\S3noutil\DVIDEO.DLL (Trojan.Clicker) -> No action taken.
    I:\SYSTEM STUFF\!SPECIFIC COMPUTERS\Gigabyte Motherboard CDNancysPC1\Chipset\VIA\Vt8365\win9x\S3wIShld\DVIDEO.DLL (Trojan.Clicker) -> No action taken.
    I:\SYSTEM STUFF\!SPECIFIC COMPUTERS\Gigabyte Motherboard CDNancysPC1\Network\Via8233\W2000\FETND5A.SYS (Trojan.Clicker) -> No action taken.
    I:\SYSTEM STUFF\!SPECIFIC COMPUTERS\Gigabyte Motherboard CDNancysPC1\Network\Via8233\W98\FETND5A.SYS (Trojan.Clicker) -> No action taken.
    I:\SYSTEM STUFF\!SPECIFIC COMPUTERS\Gigabyte Motherboard CDNancysPC1\Network\Via8233\WME\FETND5A.SYS (Trojan.Clicker) -> No action taken.
    S:\RoysBackup\Roys\Excel Spreadsheets\12 month cash flow statement1.xls (Trojan.Clicker) -> No action taken.
    C:\WINDOWS\system32\drivers\srosa.sys (Rootkit.Bagle) -> No action taken.
    C:\WINDOWS\system32\mdelk.exe (Trojan.Agent) -> No action taken.
    C:\WINDOWS\system32\wintems.exe (Trojan.Agent) -> No action taken.
    C:\Documents and Settings\Nancy\Application Data\m\flec006.exe (Trojan.Agent) -> No action taken.
     
  15. cybertech

    cybertech Moderator

    Joined:
    Apr 16, 2002
    Messages:
    72,090
    Please visit this webpage for instructions on installing recovery console and downloading/running ComboFix.

    Post the log from ComboFix along with a new HijackThis log.
     
  16. nanrector

    nanrector Thread Starter

    Joined:
    Jun 12, 2005
    Messages:
    60
    Here is the ComboFix log. Hijack This will not run for me. I've tried different versions. It always gives me this message:
    c:\Program Files\Trend Micro\HijackThis\HijackThis.exe is not a valid Win32 application.

    My computer will not let me boot into safe mode either (so I can try running HijackThis that way.) It just keeps circiling and rebooting when I choose safe mode. I'm not sure what has caused that.



    COMBO FIX LOG
    ComboFix 08-06-05.3 - Nancy 2008-06-06 12:08:56.1 - NTFSx86
    Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2154 [GMT -5:00]
    Running from: C:\Documents and Settings\Nancy\Desktop\ComboFix.exe
    * Created a new restore point
    .

    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Documents and Settings\Nancy\Application Data\m
    C:\Documents and Settings\Nancy\Application Data\m\list.oct
    C:\Documents and Settings\Nancy\Application Data\m\shared
    C:\Documents and Settings\Nancy\Application Data\m\shared\A_Tale_of_Two_Cities_1.0_(Key+Serial).zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\AbyssAudio_Pro_2.40.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\Activity_Monitor_3.92.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\Adobe_FrameMaker_Templates_More_Book_Templates_Pack_6.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\Adriana Lima 38 Screensaver 1.0.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\Alternate_Taskmanager_2.102.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\Anim8or 0.95B.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\Aniosoft iPod to Computer 1.1.3.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\Antechinus_Audio_Editor_2.3.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\APN_Retail_eBay_Toolbar_1.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\Atlanta Air Quality 1.1.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\Attesoro_1.6.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\Auto_Draw_1.0.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\Bitdefender.Antivirus.Plus.10.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\Boo! Theme.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\Burn_Baby_Burn_3.7_(Key+Serial).zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\Canon IJ Printer Driver Canon iP5200R 1.90b.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\Chankenstein Font 1.0.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\Chat_Watch_Network_Edition_1.0_(Serial).zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\CJKOS_4.5.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\Classic Master Limiter 1.06.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\ContactGenie_Exporter_Basic_Ed_1.1.3.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\Cool Free Audio to OGG Converter 5.0.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\CryptoMailer_Full_4.08.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\CTMailer_2.20_(Key).zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\CtrlView 3.30 Patch.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\CZ-Xls2Pdf COM 1.0.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\deskPDF_Professional_2.56.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\Drweb.v4.32.Key.File.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\DSH_1.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\DTX_Deformation_for_MAX7_1.0_Key+Serial.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\DWG_to_JPG_2.9.312_[KeyGen].zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\DWGgateway_1.0.0.114.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\Easy_Email_Photos_1.1.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\EdPAD_1.1.3.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\Eraser_1.2_[Key+Serial].zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\Euro_2008_Countdown_1.0.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\Fast Folder Rename 1.5.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\FastReport 4.5.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\Favorites Finder 1.1 (KeyGen).zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\File_Crawler_1.0.9.0.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\FileMaker Password Recovery 1.0c.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\Folder_Security_Guard_3.0.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\FolderCloak_2.2_Key+Serial.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\Forest World 3D Screensaver 1.2.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\Forge_for_SwordSearcher_1.0.2.5.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\FormaLog_Entreprises_Professional_4.10.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\Fotki.com Uploader 1.1.0.48.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\FromImage2PDF_1.0_Crack.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\GFI MailArchiver for Exchange 5 SR1 Build 20080430.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\GINGERBREAD_HOUSE_Theme_1.0.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\GPRSim.net_1.0.6.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\Gumpo's_d10_Dice_Roller_1.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\HTML UnOptimiser 1.0.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\Iamota_Share_1.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\Idea_Magic_5.3.1.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\IEScroll_1.01.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\Improved_Gamma-Delta_Neutral_Option_Spreads_Calculator_1.0.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\InkSaver 2.0.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\Intellivision_for_Mac_Volume_2_1.0.4.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\InvoiceNet 2.18.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\ITIC_Dialer_2.4_build_30805.1100_(Cracked).zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\Jambo 1.1.22.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\Jovian_2.6.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\K Database Magic 2.8.3.0.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\Kaspersky.Anti.Virus.Personal.5.0.388.WinAll-TWK.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\KnujOn_0.31.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\Linear_Barcode_Console_1.3.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\LingvoSoft_Talking_Dictionary_2007_English_-_Yiddish_4.0.22_(With_Crack).zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\Loan_And_Mortgage_2.15_(Key).zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\Machine Cursors 1.0.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\Mafia-news.com 3.0.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\McPaw Card Designer 1.0.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\Mikey 3.2.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\MultiFilez_2.0.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\My_Bondage_and_My_Freedom_1.0.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\My_MP3_Organizer_2.0.0.1.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\NEWT_Professional_2.0.2309_beta.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\omnidea_Rulers_1.0.136.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\Osmose_0.1.35.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\PAL_PC_SPY_1.01_Cracked.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\PanelBar_1.0.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\PD_UnDelete_1.0.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\PEamp 1.02b.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\Perfect_Blackjack_for_PEST_3.0.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\PerfectClock 2007 1.0.2.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\Phone Log 6.0.5.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\Picture_Agent_3.50_Patch.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\PopUpXPert 1.1.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\PowerTCP Secure FTP for .NET 1.0.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\Pregnancy Calculator Opera Widget 1.5.3.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\Process Explorer 11.13.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\RegistryRecovery_1.0.0726_Key+Serial.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\Road To World Cup 1.0.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\Rocket Lawyer Home & Business Deluxe 2007.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\RSS Checker 1.20.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\SBS Communique 1.0.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\Shalom_Txt_1.2.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\SmartFTP_Client_(x64)_2.0.999.16.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\SOPHOS.ANTIVIRUS.V3.88.LINUX.Multilanguage-FeDEX.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\SpamWasher_2.0.1.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\Speak_N_Spell_1.1.0.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\SQL Server Data Access Components 4.00.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\Stained_Glass_Christmas_Screen_Saver_1.0_[Crack].zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\StreamChopper_1.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\Symantec.Norton.Antivirus.2005_liveupdate_reg_to_2010.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\TallApplications_Visual_Merge_1.0.1.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\Task_Actions_1.3_[KeyGen].zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\The temperature Tempo 1.2.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\The_New_Yankee_Widget_1.0.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\Tray_Timer_2.0.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\UpdateIP_JumpGate_0.4.55_Beta.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\URL-Checker_1.2.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\VCN-Server_2.0.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\VFWH monitor 1.12.342.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\Vincent van Gogh Art 1.0.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\VirtualDubMod 1.5.10.2 b2542.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\Water Color Fantasy Screensaver 1.0.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\Web_Services_Accelerator_1.0.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\What Changed 2.1.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\WinUtilities Duplicate File Finder 1.5.2.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\Wondershare PocketPC Slideshow 1.1.0.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\WTF 1.0.zip
    C:\Documents and Settings\Nancy\Application Data\m\shared\X2Net_Contacts_1.0.0.100.zip
    C:\Documents and Settings\Nancy\Application Data\m\srvlist.oct
    C:\WINDOWS\system32\ban_list.txt
    C:\WINDOWS\system32\drivers\downld
    C:\WINDOWS\system32\drivers\downld\105109.exe
    C:\WINDOWS\system32\drivers\downld\105453.exe
    C:\WINDOWS\system32\drivers\downld\110656.exe
    C:\WINDOWS\system32\drivers\downld\111937.exe
    C:\WINDOWS\system32\drivers\downld\113640.exe
    C:\WINDOWS\system32\drivers\downld\114031.exe
    C:\WINDOWS\system32\drivers\downld\114984.exe
    C:\WINDOWS\system32\drivers\downld\116203.exe
    C:\WINDOWS\system32\drivers\downld\118015.exe
    C:\WINDOWS\system32\drivers\downld\120281.exe
    C:\WINDOWS\system32\drivers\downld\121937.exe
    C:\WINDOWS\system32\drivers\downld\122625.exe
    C:\WINDOWS\system32\drivers\downld\123000.exe
    C:\WINDOWS\system32\drivers\downld\125843.exe
    C:\WINDOWS\system32\drivers\downld\129328.exe
    C:\WINDOWS\system32\drivers\downld\129859.exe
    C:\WINDOWS\system32\drivers\downld\130390.exe
    C:\WINDOWS\system32\drivers\downld\132640.exe
    C:\WINDOWS\system32\drivers\downld\137062.exe
    C:\WINDOWS\system32\drivers\downld\145656.exe
    C:\WINDOWS\system32\drivers\downld\14727484.exe
    C:\WINDOWS\system32\drivers\downld\14740359.exe
    C:\WINDOWS\system32\drivers\downld\14766062.exe
    C:\WINDOWS\system32\drivers\downld\14790609.exe
    C:\WINDOWS\system32\drivers\downld\14808703.exe
    C:\WINDOWS\system32\drivers\downld\14810984.exe
    C:\WINDOWS\system32\drivers\downld\149937.exe
    C:\WINDOWS\system32\drivers\downld\15002531.exe
    C:\WINDOWS\system32\drivers\downld\15028578.exe
    C:\WINDOWS\system32\drivers\downld\15061781.exe
    C:\WINDOWS\system32\drivers\downld\215546.exe
    C:\WINDOWS\system32\drivers\downld\225765.exe
    C:\WINDOWS\system32\drivers\downld\232750.exe
    C:\WINDOWS\system32\drivers\downld\233625.exe
    C:\WINDOWS\system32\drivers\downld\247718.exe
    C:\WINDOWS\system32\drivers\downld\252609.exe
    C:\WINDOWS\system32\drivers\downld\290562.exe
    C:\WINDOWS\system32\drivers\downld\29542218.exe
    C:\WINDOWS\system32\drivers\downld\29579062.exe
    C:\WINDOWS\system32\drivers\downld\29588906.exe
    C:\WINDOWS\system32\drivers\downld\29945750.exe
    C:\WINDOWS\system32\drivers\downld\30007890.exe
    C:\WINDOWS\system32\drivers\downld\30036984.exe
    C:\WINDOWS\system32\drivers\downld\303140.exe
    C:\WINDOWS\system32\drivers\downld\308921.exe
    C:\WINDOWS\system32\drivers\downld\326078.exe
    C:\WINDOWS\system32\drivers\downld\334031.exe
    C:\WINDOWS\system32\drivers\downld\335812.exe
    C:\WINDOWS\system32\drivers\downld\341125.exe
    C:\WINDOWS\system32\drivers\downld\34961265.exe
    C:\WINDOWS\system32\drivers\downld\34975015.exe
    C:\WINDOWS\system32\drivers\downld\34986921.exe
    C:\WINDOWS\system32\drivers\downld\360203.exe
    C:\WINDOWS\system32\drivers\downld\371187.exe
    C:\WINDOWS\system32\drivers\downld\81453.exe
    C:\WINDOWS\system32\drivers\downld\83328.exe
    C:\WINDOWS\system32\drivers\downld\83890.exe
    C:\WINDOWS\system32\drivers\downld\85453.exe
    C:\WINDOWS\system32\drivers\downld\85515.exe
    C:\WINDOWS\system32\drivers\downld\85921.exe
    C:\WINDOWS\system32\drivers\downld\86859.exe
    C:\WINDOWS\system32\drivers\downld\89296.exe
    C:\WINDOWS\system32\drivers\downld\89531.exe
    C:\WINDOWS\system32\drivers\downld\95875.exe
    C:\WINDOWS\system32\drivers\downld\98296.exe
    C:\WINDOWS\system32\MSINET.oca
    C:\WINDOWS\system32\winsys.exe

    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    -------\Legacy_SROSA
    -------\Service_srosa


    ((((((((((((((((((((((((( Files Created from 2008-05-06 to 2008-06-06 )))))))))))))))))))))))))))))))
    .

    2008-06-06 09:09 . 2008-06-06 09:09 <DIR> d-------- C:\Documents and Settings\Nancy\Application Data\nView_Wallpaper
    2008-06-06 09:08 . 2008-06-06 09:08 5,120 --ahs---- C:\WINDOWS\system32\Thumbs.db
    2008-06-05 17:10 . 2008-06-05 17:10 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
    2008-06-05 17:10 . 2008-06-05 17:10 <DIR> d-------- C:\Documents and Settings\Nancy\Application Data\Malwarebytes
    2008-06-05 17:10 . 2008-06-05 17:10 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-06-05 17:10 . 2008-05-30 01:06 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
    2008-06-05 17:10 . 2008-05-30 01:06 15,864 --a------ C:\WINDOWS\system32\drivers\mbam.sys
    2008-06-04 07:10 . 2008-06-04 07:17 <DIR> d-------- C:\Program Files\ABC Amber Audio Converter
    2008-06-03 18:55 . 2008-06-03 18:55 <DIR> d-------- C:\Documents and Settings\Nancy\DoctorWeb
    2008-06-03 17:16 . 2008-06-03 17:16 <DIR> d-------- C:\Program Files\Realtek AC97
    2008-06-03 11:04 . 2008-06-03 11:12 <DIR> d-------- C:\Program Files\EvilLyrics
    2008-06-03 11:03 . 2008-06-03 11:03 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\MediaMonkey
    2008-06-02 14:25 . 2008-06-02 14:25 <DIR> d-------- C:\Program Files\Cool MP3 Splitter
    2008-06-01 07:37 . 2008-06-06 08:28 54,156 --ah----- C:\WINDOWS\QTFont.qfn
    2008-06-01 07:37 . 2008-06-01 07:37 1,409 --a------ C:\WINDOWS\QTFont.for
    2008-05-31 17:57 . 2008-05-31 17:57 <DIR> d-------- C:\Documents and Settings\Nancy\Application Data\ArcSoft
    2008-05-31 17:55 . 2008-05-31 17:55 <DIR> d-------- C:\Program Files\Common Files\ArcSoft
    2008-05-31 17:55 . 2008-05-31 17:55 <DIR> d-------- C:\Program Files\ArcSoft
    2008-05-31 17:55 . 2008-06-01 08:32 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\ArcSoft
    2008-05-31 17:55 . 1995-08-01 04:44 212,480 --a------ C:\WINDOWS\PCDLIB32.DLL
    2008-05-31 17:55 . 2006-11-10 15:05 18,688 --a------ C:\WINDOWS\system32\drivers\afc.sys
    2008-05-31 13:08 . 2004-08-03 23:10 51,328 --a------ C:\WINDOWS\system32\drivers\msdv.sys
    2008-05-31 13:08 . 2004-08-03 23:10 51,328 --a--c--- C:\WINDOWS\system32\dllcache\msdv.sys
    2008-05-31 13:08 . 2004-08-03 23:10 48,128 --a------ C:\WINDOWS\system32\drivers\61883.sys
    2008-05-31 13:08 . 2004-08-03 23:10 48,128 --a--c--- C:\WINDOWS\system32\dllcache\61883.sys
    2008-05-31 13:08 . 2004-08-03 23:10 38,912 --a------ C:\WINDOWS\system32\drivers\avc.sys
    2008-05-31 13:08 . 2004-08-03 23:10 38,912 --a--c--- C:\WINDOWS\system32\dllcache\avc.sys
    2008-05-30 18:29 . 2008-05-30 18:29 <DIR> d-------- C:\Program Files\Motorola
    2008-05-30 18:23 . 2008-05-30 18:23 <DIR> d-------- C:\Program Files\Common Files\Motorola Shared
    2008-05-30 18:23 . 2006-11-13 14:45 1,419,232 --a------ C:\WINDOWS\system32\wdfcoinstaller01005.dll
    2008-05-30 18:23 . 2007-06-18 14:18 23,680 --a------ C:\WINDOWS\system32\drivers\motmodem.sys
    2008-05-27 07:51 . 2008-06-03 18:37 <DIR> d-------- C:\Program Files\Trend Micro
    2008-05-26 07:26 . 2008-05-26 07:40 8 --a------ C:\WINDOWS\system32\nvModes.dat
    2008-05-26 07:21 . 2008-06-06 12:21 182,441 --a------ C:\WINDOWS\system32\nvapps.xml
    2008-05-26 07:21 . 2008-05-02 22:46 181,895 --a------ C:\WINDOWS\system32\nvdsp.chm
    2008-05-26 07:21 . 2008-05-02 22:46 121,529 --a------ C:\WINDOWS\system32\nvcpl.chm
    2008-05-26 07:21 . 2008-05-02 22:46 116,384 --a------ C:\WINDOWS\system32\nv3d.chm
    2008-05-26 07:21 . 2008-05-02 22:46 54,988 --a------ C:\WINDOWS\system32\nvmob.chm
    2008-05-26 07:21 . 2008-05-02 22:46 18,070 --a------ C:\WINDOWS\system32\nvdisp.nvu
    2008-05-25 09:46 . 2008-05-25 09:46 <DIR> d-------- C:\Program Files\MediaMonkey
    2008-05-25 09:08 . 2008-05-25 09:30 <DIR> d-------- C:\Program Files\Musicmatch
    2008-05-25 09:08 . 2008-05-25 09:30 28,352 --a------ C:\WINDOWS\system32\drivers\MxlW2k.sys
    2008-05-23 10:00 . 2008-05-23 10:00 <DIR> d-------- C:\Program Files\Fellowes
    2008-05-23 10:00 . 2008-05-23 10:00 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Fellowes
    2008-05-23 07:14 . 2008-05-23 07:20 <DIR> d-------- C:\Program Files\Search Engine Commando
    2008-05-23 07:14 . 2008-05-23 07:14 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Search Engine Commando
    2008-05-22 17:53 . 2008-05-22 17:53 2 --a------ C:\temphtm.HTM
    2008-05-22 17:52 . 2008-05-22 17:52 <DIR> d-------- C:\Program Files\MySoftware
    2008-05-22 17:52 . 2008-05-22 17:52 <DIR> d-------- C:\Program Files\Common Files\MySoftware
    2008-05-22 17:52 . 2008-05-22 17:52 <DIR> d-------- C:\Program Files\Avanquest update
    2008-05-22 17:52 . 2008-05-22 17:52 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\BVRP Software
    2008-05-22 17:52 . 2004-06-14 12:19 348,160 --a------ C:\WINDOWS\system32\Mfc30.dll
    2008-05-22 17:52 . 2006-07-05 09:51 61,440 --a------ C:\WINDOWS\system32\CAPSPLPeer.exe
    2008-05-22 17:52 . 2004-06-14 12:21 24,576 --a------ C:\WINDOWS\system32\Msxml3a.dll
    2008-05-22 17:52 . 2006-07-05 09:51 9,216 --a------ C:\WINDOWS\system32\CAPSPLXP.DLL
    2008-05-22 17:52 . 2006-07-05 09:51 7,168 --a------ C:\WINDOWS\system32\CAPSPL.DLL
    2008-05-22 17:52 . 2006-07-05 09:51 5,632 --a------ C:\WINDOWS\system32\CAPSPL.exe
    2008-05-22 09:08 . 2008-05-22 09:08 <DIR> d-------- C:\Program Files\Mozilla ActiveX Control v1.7.12
    2008-05-22 09:07 . 2008-05-22 09:07 <DIR> d-------- C:\Documents and Settings\Nancy\Application Data\Graboid Inc
    2008-05-22 07:01 . 2008-06-06 07:49 <DIR> d--h----- C:\$AVG8.VAULT$
    2008-05-22 06:59 . 2008-06-06 05:16 <DIR> d-------- C:\WINDOWS\system32\drivers\Avg
    2008-05-22 06:59 . 2008-05-22 06:59 <DIR> d-------- C:\Program Files\AVG
    2008-05-22 06:59 . 2008-05-22 06:59 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\avg8
    2008-05-22 06:59 . 2008-05-22 06:59 96,520 --a------ C:\WINDOWS\system32\drivers\avgldx86.sys
    2008-05-22 06:59 . 2008-05-22 06:59 10,520 --a------ C:\WINDOWS\system32\avgrsstx.dll
    2008-05-22 05:50 . 2008-05-22 05:50 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab
    2008-05-22 05:50 . 2008-05-22 05:50 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
    2008-05-21 20:25 . 2008-05-22 08:12 <DIR> d-------- C:\Program Files\Panda Security
    2008-05-21 20:02 . 2007-12-10 13:53 81,288 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys
    2008-05-21 20:02 . 2007-12-10 13:53 66,952 --a------ C:\WINDOWS\system32\drivers\iksysflt.sys
    2008-05-21 20:02 . 2008-02-01 11:55 42,376 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys
    2008-05-21 20:02 . 2007-12-10 13:53 29,576 --a------ C:\WINDOWS\system32\drivers\kcom.sys
    2008-05-21 20:01 . 2008-05-21 20:02 <DIR> d-------- C:\Program Files\Spyware Doctor
    2008-05-21 20:01 . 2008-05-21 20:01 <DIR> d-------- C:\Documents and Settings\Nancy\Application Data\PC Tools
    2008-05-21 19:47 . 2008-05-21 19:52 <DIR> d-------- C:\WINDOWS\SxsCaPendDel
    2008-05-21 18:20 . 2008-06-04 07:04 <DIR> d-------- C:\Program Files\TSmartz
    2008-05-21 18:20 . 1996-11-08 02:48 368,912 --a------ C:\WINDOWS\system32\vbar332.dll
    2008-05-21 18:20 . 2001-11-05 08:30 165,376 --a------ C:\WINDOWS\UNWISE.EXE



    Continued on next post....(It said I was over the limit of characters.)
     
  17. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/714356