SUPERAntiSpyware Scan Log http://www.superantispyware.com Generated 04/29/2007 at 06:02 PM Application Version : 3.7.1018 Core Rules Database Version : 3227 Trace Rules Database Version: 1238 Scan type : Complete Scan Total Scan Time : 01:04:09 Memory items scanned : 163 Memory threats detected : 2 Registry items scanned : 4812 Registry threats detected : 24 File items scanned : 30291 File threats detected : 370 Trojan.Net-Jovi/DN C:\WINDOWS\SYSTEM32\KBDROV.DLL C:\WINDOWS\SYSTEM32\KBDROV.DLL HKLM\Software\Classes\CLSID\{b88af703-0c92-4186-bcbc-a3d8ed889ee8} HKCR\CLSID\{B88AF703-0C92-4186-BCBC-A3D8ED889EE8} HKCR\CLSID\{B88AF703-0C92-4186-BCBC-A3D8ED889EE8}\InprocServer32 HKCR\CLSID\{B88AF703-0C92-4186-BCBC-A3D8ED889EE8}\InprocServer32#ThreadingModel HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b88af703-0c92-4186-bcbc-a3d8ed889ee8} Software\Microsoft\Windows NT\CurrentVersion\WinLogon\Notify\kbdrov C:\DOCUMENTS AND SETTINGS\MALOSSI HYPER RACING\SKRIVEBORD\NY MAPPE\BACKUPS\BACKUP-20070429-161516-776.DLL Trojan.Downloader-MSNETAX C:\WINDOWS\SYSTEM32\RMXXTHX.DLL C:\WINDOWS\SYSTEM32\RMXXTHX.DLL Adware.Vundo Variant HKLM\Software\Classes\CLSID\{1557B435-8242-4686-9AA3-9265BF7525A4} HKCR\CLSID\{1557B435-8242-4686-9AA3-9265BF7525A4} HKCR\CLSID\{1557B435-8242-4686-9AA3-9265BF7525A4}\InprocServer32 HKCR\CLSID\{1557B435-8242-4686-9AA3-9265BF7525A4}\InprocServer32#ThreadingModel C:\WINDOWS\SYSTEM32\TMP1BF.TMP.DLL HKCR\CLSID\{1557B435-8242-4686-9AA3-9265BF7525A4} C:\VUNDOFIX BACKUPS\TMP3.TMP.DLL.BAD C:\WINDOWS\SYSTEM32\TMP2.TMP.DLL Malware.Safety Bar HKLM\Software\Classes\CLSID\{18668683-731c-48fa-b1b9-ad013748fb00} HKCR\CLSID\{18668683-731C-48FA-B1B9-AD013748FB00} HKCR\CLSID\{18668683-731C-48FA-B1B9-AD013748FB00} HKCR\CLSID\{18668683-731C-48FA-B1B9-AD013748FB00}\Implemented Categories HKCR\CLSID\{18668683-731C-48FA-B1B9-AD013748FB00}\Implemented Categories\{00021493-0000-0000-C000-000000000046} HKCR\CLSID\{18668683-731C-48FA-B1B9-AD013748FB00}\InprocServer32 HKCR\CLSID\{18668683-731C-48FA-B1B9-AD013748FB00}\InprocServer32#ThreadingModel C:\PROGRAMFILER\SAFETY BAR\SAFETYBAR.DLL HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SafetyBar HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SafetyBar#DisplayName HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SafetyBar#UninstallString Adware.Tracking Cookie C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@advertising[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@mb[3].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@ads.us.e-planning[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@clicktorrent[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@burstnet[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@i[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@kanoodle[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@ad.adocean[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@xiti[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@atwola[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@stats.canalblog[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@mediaonenetwork[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@stats.ilsemedia[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@findexa-s.adbureau[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@cpvfeed[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@drivecleaner[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@www.belstat[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@ads.adultswim[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@www2.mystats[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@findexa.adbureau[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@yourmedia[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@atlas.fixionmedia[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@30148[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@ad1.clickhype[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@warlog[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@adserver.easy-ad[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@acvs.mediaonenetwork[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@ads.vg.basefarm[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@adopt.euroclick[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@cpacampaigns.directtrack[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@ad.yieldmanager[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@adserver.easyad[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@adbrite[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@yadro[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@ad1.emediate[3].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@cz5.clickzs[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@media.sensis.com[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@weborama[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@bizrate[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@realmedia[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@image.masterstats[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@estat[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@mb[4].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@tripod[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@partypoker[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@no.drivecleaner[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@adsrevenue[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@ads.glispa[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@stats1.reliablestats[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@stat.onestat[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@www.fullreleases[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@admarketplace[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@arena51[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@creview.adbureau[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@tacoda[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@sexlist[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@adultadworld[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@clicksor[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@cgi-bin[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@ads.mininova[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@ads.realtechnetwork[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@statcounter[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@track.vivid[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@partygaming.122.2o7[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@mb[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@www.comprabanner[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@carasexe[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@data.neuroxmedia[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@audit.median[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@ads.beamfile[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@ad1.hardware[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@adv.surinter[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@track.adform[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@flixbanner.bearshare[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@fishadultgames[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@www.rowise[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@tradedoubler[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@counter14.sextracker[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@www.livewebstats[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@statse.webtrendslive[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@itxt.vibrantmedia[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@ad[4].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@www.burstnet[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@adv.webmd[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@www2.adultreviews[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@netmediagroup[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@overture[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@www.1xxxpics[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@msnportal.112.2o7[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@fortunecity[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@members.tripod[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@nissan-nordics[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@klik.klikadvertising[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@www.etracker[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@adultreviews[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@ads.cartoonnetwork[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@adlegend[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@adserver.filefront[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@directtrack[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@data3.perf.overture[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@indexstats[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@rambler[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@a[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@server.iad.liveperson[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@sextracker[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@list[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@toplist[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@www.amaena[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@studenti.adbureau[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@ads.biggerboat[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@hitbox[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@rotator.adjuggler[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@stat.dealtime[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@mb[5].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@30209[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@247realmedia[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@ad1.emediate[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@webpower[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@ads.monster[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@3426148[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@adserver.adreactor[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@click24[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@www.clicktorrent[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@www.burstbeacon[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@login.tracking101[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@2o7[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@clickbank[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@adultfriendfinder[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@e2.emediate[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@lynxtrack[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@adserver[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@ehg-hollywood.hitbox[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@stat.katalysatormedia[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@ad.adtoma[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@ad[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@somasex[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@cs.sexcounter[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@ads.as4x.tmcs[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@revsci[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@ads.gamershell[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@azjmp[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@no.winantivirus[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@www-qa.keywordmax[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@m1.webstats4u[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@122.2o7[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@worldlingomedia[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@tgp.xxxkey[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@cgi-bin[3].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@smileycentral[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@cz7.clickzs[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@indextools[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@fl01.ct2.comclick[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@winantivirus[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@perf.overture[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@go.drivecleaner[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@bluestreak[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@1070922802[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@80570461[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@57[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@mediaplex[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@angleinteractive.directtrack[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@r-kimedia.co[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@ad.zanox[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@ehg-hollywoodmedia.hitbox[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@mywebsearch[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@www.search4click[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@mediamgr.ugo[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@nissan[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@stats.drivecleaner[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@sitestats.tiscali.co[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@www.drivecleaner[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@adtech[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@www.winantiviruspro[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@www.clickxchange[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@advert.travlang[1].txt C:\Documents and Settings\Gjest\Cookies\gjest@ad.adtoma[2].txt C:\Documents and Settings\Gjest\Cookies\gjest@mediavantage[1].txt C:\Documents and Settings\Gjest\Cookies\gjest@stat.katalysatormedia[1].txt C:\Documents and Settings\Gjest\Cookies\gjest@track.adform[1].txt C:\Documents and Settings\Gjest\Cookies\gjest@track.adform[2].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@cracks[1].txt C:\Documents and Settings\Malossi Hyper Racing\Cookies\malossi hyper racing@Sexy-Strip-Quiz-7[1].txt C:\Documents and Settings\silje\Cookies\silje@247realmedia[1].txt C:\Documents and Settings\silje\Cookies\silje@2o7[2].txt C:\Documents and Settings\silje\Cookies\silje@ad-creatividades.infojobs[1].txt C:\Documents and Settings\silje\Cookies\silje@ad.adtoma[1].txt C:\Documents and Settings\silje\Cookies\silje@ad.stat.4u[1].txt C:\Documents and Settings\silje\Cookies\silje@ad.yieldmanager[2].txt C:\Documents and Settings\silje\Cookies\silje@ad.zanox[1].txt C:\Documents and Settings\silje\Cookies\silje@ad1.emediate[1].txt C:\Documents and Settings\silje\Cookies\silje@ad1.emediate[3].txt C:\Documents and Settings\silje\Cookies\silje@admarketplace[1].txt C:\Documents and Settings\silje\Cookies\silje@adrevolver[2].txt C:\Documents and Settings\silje\Cookies\silje@ads.clickad.com[2].txt C:\Documents and Settings\silje\Cookies\silje@ads.doktoronline[1].txt C:\Documents and Settings\silje\Cookies\silje@ads.esmas[1].txt C:\Documents and Settings\silje\Cookies\silje@ads.pointroll[1].txt C:\Documents and Settings\silje\Cookies\silje@ads.vg.basefarm[1].txt C:\Documents and Settings\silje\Cookies\silje@adsrevenue[1].txt C:\Documents and Settings\silje\Cookies\silje@adtech[1].txt C:\Documents and Settings\silje\Cookies\silje@advertising[2].txt C:\Documents and Settings\silje\Cookies\silje@as1.falkag[1].txt C:\Documents and Settings\silje\Cookies\silje@atdmt[2].txt C:\Documents and Settings\silje\Cookies\silje@atwola[1].txt C:\Documents and Settings\silje\Cookies\silje@belnk[1].txt C:\Documents and Settings\silje\Cookies\silje@bs.serving-sys[1].txt C:\Documents and Settings\silje\Cookies\silje@burstnet[2].txt C:\Documents and Settings\silje\Cookies\silje@casalemedia[2].txt C:\Documents and Settings\silje\Cookies\silje@clickbank[1].txt C:\Documents and Settings\silje\Cookies\silje@clicktorrent[2].txt C:\Documents and Settings\silje\Cookies\silje@dist.belnk[2].txt C:\Documents and Settings\silje\Cookies\silje@doubleclick[1].txt C:\Documents and Settings\silje\Cookies\silje@e-2dj6wfkigicpmao.stats.esomniture[1].txt C:\Documents and Settings\silje\Cookies\silje@e-2dj6wfkyagdpiao.stats.esomniture[2].txt C:\Documents and Settings\silje\Cookies\silje@e-2dj6wfkyqiazicp.stats.esomniture[2].txt C:\Documents and Settings\silje\Cookies\silje@e-2dj6wfkyugdjalp.stats.esomniture[2].txt C:\Documents and Settings\silje\Cookies\silje@e-2dj6wflikjdjodq.stats.esomniture[2].txt C:\Documents and Settings\silje\Cookies\silje@e-2dj6wfliqoazcbo.stats.esomniture[2].txt C:\Documents and Settings\silje\Cookies\silje@e-2dj6wflocodjmfp.stats.esomniture[1].txt C:\Documents and Settings\silje\Cookies\silje@e-2dj6wflokodzilq.stats.esomniture[2].txt C:\Documents and Settings\silje\Cookies\silje@e-2dj6wflowhc5wko.stats.esomniture[2].txt C:\Documents and Settings\silje\Cookies\silje@e-2dj6wgkoklc5ckp.stats.esomniture[2].txt C:\Documents and Settings\silje\Cookies\silje@e-2dj6wgl4kgdpsdp.stats.esomniture[2].txt C:\Documents and Settings\silje\Cookies\silje@e-2dj6wgl4klczakq.stats.esomniture[2].txt C:\Documents and Settings\silje\Cookies\silje@e-2dj6wjk4apdpihp.stats.esomniture[2].txt C:\Documents and Settings\silje\Cookies\silje@e-2dj6wjk4kidjmlp.stats.esomniture[2].txt C:\Documents and Settings\silje\Cookies\silje@e-2dj6wjk4kldzseq.stats.esomniture[2].txt C:\Documents and Settings\silje\Cookies\silje@e-2dj6wjk4umcpecp.stats.esomniture[2].txt C:\Documents and Settings\silje\Cookies\silje@e-2dj6wjk4wjdzmdo.stats.esomniture[1].txt C:\Documents and Settings\silje\Cookies\silje@e-2dj6wjkoghd5cgp.stats.esomniture[2].txt C:\Documents and Settings\silje\Cookies\silje@e-2dj6wjkygmdpmlp.stats.esomniture[1].txt C:\Documents and Settings\silje\Cookies\silje@e-2dj6wjkyohdpgap.stats.esomniture[2].txt C:\Documents and Settings\silje\Cookies\silje@e-2dj6wjkysjcjcgo.stats.esomniture[2].txt C:\Documents and Settings\silje\Cookies\silje@e-2dj6wjl4kicjwho.stats.esomniture[2].txt C:\Documents and Settings\silje\Cookies\silje@e-2dj6wjlisidzibp.stats.esomniture[2].txt C:\Documents and Settings\silje\Cookies\silje@e-2dj6wjloajc5aap.stats.esomniture[1].txt C:\Documents and Settings\silje\Cookies\silje@e-2dj6wjloepc5wkp.stats.esomniture[2].txt C:\Documents and Settings\silje\Cookies\silje@e-2dj6wjlowlczmfo.stats.esomniture[2].txt C:\Documents and Settings\silje\Cookies\silje@e-2dj6wjmiojdjmeq.stats.esomniture[2].txt C:\Documents and Settings\silje\Cookies\silje@e-2dj6wjmyskdzkeo.stats.esomniture[2].txt C:\Documents and Settings\silje\Cookies\silje@e-2dj6wjmysmajkcq.stats.esomniture[2].txt C:\Documents and Settings\silje\Cookies\silje@e-2dj6wjmywpcjadp.stats.esomniture[2].txt C:\Documents and Settings\silje\Cookies\silje@e-2dj6wjny-1kazih.stats.esomniture[2].txt C:\Documents and Settings\silje\Cookies\silje@e-2dj6wjnyeicjmcp.stats.esomniture[2].txt C:\Documents and Settings\silje\Cookies\silje@e-2dj6wjnyogdzigo.stats.esomniture[2].txt C:\Documents and Settings\silje\Cookies\silje@e-2dj6wjnyqgajkdo.stats.esomniture[2].txt C:\Documents and Settings\silje\Cookies\silje@e-2dj6wjnyshdjidp.stats.esomniture[2].txt C:\Documents and Settings\silje\Cookies\silje@e-2dj6wjnyujajshq.stats.esomniture[2].txt C:\Documents and Settings\silje\Cookies\silje@e-2dj6wjnyunc5kbo.stats.esomniture[2].txt C:\Documents and Settings\silje\Cookies\silje@e-2dj6wjnywpczkgq.stats.esomniture[1].txt C:\Documents and Settings\silje\Cookies\silje@edge.ru4[1].txt C:\Documents and Settings\silje\Cookies\silje@ehg-nokiafin.hitbox[1].txt C:\Documents and Settings\silje\Cookies\silje@ehg-salesforce.hitbox[2].txt C:\Documents and Settings\silje\Cookies\silje@evolnetmedia[1].txt C:\Documents and Settings\silje\Cookies\silje@exitexchange[1].txt C:\Documents and Settings\silje\Cookies\silje@fastclick[1].txt C:\Documents and Settings\silje\Cookies\silje@findexa.adbureau[1].txt C:\Documents and Settings\silje\Cookies\silje@hg1.hitbox[1].txt C:\Documents and Settings\silje\Cookies\silje@hitbox[2].txt C:\Documents and Settings\silje\Cookies\silje@image.masterstats[1].txt C:\Documents and Settings\silje\Cookies\silje@media.fastclick[1].txt C:\Documents and Settings\silje\Cookies\silje@media7.sitebrand[1].txt C:\Documents and Settings\silje\Cookies\silje@mediaplex[1].txt C:\Documents and Settings\silje\Cookies\silje@msnportal.112.2o7[1].txt C:\Documents and Settings\silje\Cookies\silje@opentracker[1].txt C:\Documents and Settings\silje\Cookies\silje@perf.overture[1].txt C:\Documents and Settings\silje\Cookies\silje@phg.hitbox[1].txt C:\Documents and Settings\silje\Cookies\silje@questionmarket[1].txt C:\Documents and Settings\silje\Cookies\silje@realmedia[2].txt C:\Documents and Settings\silje\Cookies\silje@redorbit[2].txt C:\Documents and Settings\silje\Cookies\silje@revenue[2].txt C:\Documents and Settings\silje\Cookies\silje@roiservice[1].txt C:\Documents and Settings\silje\Cookies\silje@salesforce.122.2o7[1].txt C:\Documents and Settings\silje\Cookies\silje@server.iad.liveperson[1].txt C:\Documents and Settings\silje\Cookies\silje@serving-sys[2].txt C:\Documents and Settings\silje\Cookies\silje@spylog[1].txt C:\Documents and Settings\silje\Cookies\silje@stat.onestat[2].txt C:\Documents and Settings\silje\Cookies\silje@statcounter[1].txt C:\Documents and Settings\silje\Cookies\silje@stats.channel4[1].txt C:\Documents and Settings\silje\Cookies\silje@stats.pcworld[1].txt C:\Documents and Settings\silje\Cookies\silje@stats1.reliablestats[2].txt C:\Documents and Settings\silje\Cookies\silje@statse.webtrendslive[1].txt C:\Documents and Settings\silje\Cookies\silje@superstats[1].txt C:\Documents and Settings\silje\Cookies\silje@tacoda[2].txt C:\Documents and Settings\silje\Cookies\silje@targetnet[2].txt C:\Documents and Settings\silje\Cookies\silje@toplist[1].txt C:\Documents and Settings\silje\Cookies\silje@track.adform[1].txt C:\Documents and Settings\silje\Cookies\silje@tradedoubler[2].txt C:\Documents and Settings\silje\Cookies\silje@trafficmp[2].txt C:\Documents and Settings\silje\Cookies\silje@tribalfusion[2].txt C:\Documents and Settings\silje\Cookies\silje@tripod[1].txt C:\Documents and Settings\silje\Cookies\silje@warlog[1].txt C:\Documents and Settings\silje\Cookies\silje@www.burstbeacon[2].txt C:\Documents and Settings\silje\Cookies\silje@yadro[2].txt C:\Documents and Settings\silje\Cookies\silje@z1.adserver[1].txt C:\Documents and Settings\silje\Cookies\silje@zedo[2].txt Browser Hijacker.Favorites C:\Documents and Settings\Malossi Hyper Racing\Favoritter\Download Free Spyware Remover.url C:\Documents and Settings\All Users\Favoritter\Download Free Spyware Remover.url C:\Documents and Settings\All Users\Favoritter\NEW VIAGRA at Half Price!.url C:\Documents and Settings\All Users\Favoritter\Online Chat With Nude Girls.url C:\Documents and Settings\All Users\Favoritter\Order CIALIS online without leaving home..url C:\Documents and Settings\All Users\Favoritter\PC protection in under 2 minutes!.url C:\Documents and Settings\Malossi Hyper Racing\Favoritter\Stop PopUps On Your Computer.url C:\Documents and Settings\All Users\Favoritter\Stop PopUps On Your Computer.url C:\Documents and Settings\All Users\Favoritter\VIAGRA at incredible low price. Bonus Pills!.url C:\Documents and Settings\All Users\Favoritter\View ADULT photos of REAL GIRLS!.url C:\Documents and Settings\All Users\Favoritter\Online Pharmacy\CHEAPEST VIAGRA ONLINE.url C:\Documents and Settings\All Users\Favoritter\Online Pharmacy\Cialis at HALF PRICE!.url C:\Documents and Settings\All Users\Favoritter\Online Pharmacy\Fast Way To Loose Your Weight!.url C:\Documents and Settings\All Users\Favoritter\Online Pharmacy\Guaranteed low price at Pills..url C:\Documents and Settings\All Users\Favoritter\Online Pharmacy\SOMA at Special LOW PRICE.url C:\Documents and Settings\All Users\Favoritter\Online Pharmacy\Tramadol Special Offer!.url C:\Documents and Settings\All Users\Favoritter\Online Pharmacy\Try New VIAGRA! Works Faster and Longer!.url C:\Documents and Settings\All Users\Favoritter\Online Pharmacy C:\Documents and Settings\All Users\Favoritter\Spyware Uninstall\Easy Detect and Uninstall Spyware..url C:\Documents and Settings\All Users\Favoritter\Spyware Uninstall\Free Spyware Scanner..url C:\Documents and Settings\All Users\Favoritter\Spyware Uninstall\Search & Destroy Annoying Adware..url C:\Documents and Settings\All Users\Favoritter\Spyware Uninstall\Stop PopUps on your PC..url C:\Documents and Settings\All Users\Favoritter\Spyware Uninstall C:\DOCUMENTS AND SETTINGS\MALOSSI HYPER RACING\FAVORITTER\ONLINE SECURITY TEST.URL Malware.VirusBurst HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Safety Alert 2006 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Safety Alert 2006#DisplayName HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Safety Alert 2006#UninstallString Trojan.Spam-RUCrzy C:\DOCUMENTS AND SETTINGS\MALOSSI HYPER RACING\LOKALE INNSTILLINGER\TEMPORARY INTERNET FILES\CONTENT.IE5\W92RK1MN\D5[1].EXE Trojan.ErrorSafe C:\DOCUMENTS AND SETTINGS\SILJE\LOKALE INNSTILLINGER\TEMPORARY INTERNET FILES\CONTENT.IE5\SHQREX4H\ERRORSAFEFREEINSTALL_NO[1].EXE BearShare File Sharing Client C:\PROGRAMFILER\BEARSHARE\BEARSHARE.EXE C:\PROGRAMFILER\BITLORD\DOWNLOADS\BEARSHARE_PRO_V5[1].2.5.3-DIGERATI\CRACK\BEARSHARE.EXE C:\WINDOWS\Prefetch\BEARSHARE.EXE-19787EF4.pf Trojan.Downloader-Gen/Cent C:\SDFIX\BACKUPS\CENT.EXE.EXE [SIZE=7][B]Logfile of HijackThis v1.99.1[/B][/SIZE] Scan saved at 16:42:56, on 30.04.2007 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\FELLES~1\Stardock\SDMCP.exe C:\WINDOWS\Explorer.EXE C:\Norman\bin\ZLH.EXE C:\Programfiler\QuickTime\qttask.exe C:\WINDOWS\System32\CTSvcCDA.EXE C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Programfiler\ewido\security suite\ewidoctrl.exe C:\Norman\Bin\Zanda.exe C:\WINDOWS\system32\pctspk.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\Norman\Nvc\BIN\NVCSCHED.EXE C:\Norman\Nvc\BIN\nipsvc.exe C:\Norman\Nvc\bin\nvcoas.exe C:\Norman\bin\NJEEVES.EXE C:\Programfiler\Internet Explorer\iexplore.exe C:\Programfiler\Internet Explorer\iexplore.exe C:\Programfiler\Winamp\winamp.exe C:\Documents and Settings\Malossi Hyper Racing\Skrivebord\Ny mappe\Test.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.no/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {b88af703-0c92-4186-bcbc-a3d8ed889ee8} - (no file) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programfiler\google\googletoolbar2.dll O4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\bin\ZLH.EXE /LOAD /SPLASH O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [ATIPTA] C:\Programfiler\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programfiler\Java\j2re1.4.2_04\bin\jusched.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programfiler\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\j2re1.4.2_04\bin\npjpi142_04.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\j2re1.4.2_04\bin\npjpi142_04.dll O9 - Extra button: Oppslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by143fd.bay143.hotmail.msn.com/resources/MsnPUpld.cab O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} (AxisMediaControl Class) - http://campuscentercam.its.wesleyan.edu/activex/AMC.cab O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://213.28.44.184/activex/AMC.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: !SASWinLogon - C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll O20 - Winlogon Notify: MCPClient - C:\PROGRA~1\FELLES~1\Stardock\mcpstub.dll O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTSvcCDA.EXE O23 - Service: ewido security suite control - ewido networks - C:\Programfiler\ewido\security suite\ewidoctrl.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Programfiler\iPod\bin\iPodService.exe O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\Norman\Nvc\BIN\nipsvc.exe O23 - Service: Norman NJeeves - Unknown owner - C:\Norman\bin\NJEEVES.EXE O23 - Service: Norman ZANDA - Unknown owner - C:\Norman\Bin\Zanda.exe O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Norman\Nvc\bin\nvcoas.exe O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman Data Defense Systems - C:\Norman\Nvc\BIN\NVCSCHED.EXE O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe [SIZE=7][B]SDFix:[/B][/SIZE] Version 1.81 Run by Malossi Hyper Racing - 29.04.2007 - 16:50:05.04 Microsoft Windows XP [Versjon 5.1.2600] Service Pack 1 Running From: C:\SDFix Safe Mode: Checking Services: Name: kprof ntldr.sys poof wincom32 ImagePath: \??\C:\WINDOWS\System32\kprof \??\C:\ntldr.sys \??\C:\WINDOWS\System32\poof \??\C:\WINDOWS\System32\wincom32.sys kprof - Deleted ntldr.sys - Deleted poof - Deleted wincom32 - Deleted ndis.sys Infected! Patched File copied to Backups Folder Attempting to replace ndis.sys with original version... Original ndis.sys Restored Restoring Windows Registry Values Restoring Windows Default Hosts File Rebooting... Normal Mode: Checking Files: Below files will be copied to Backups folder then removed: C:\WINDOWS\SYSTEM32\16039_UP.EXE - Deleted C:\CP1041.NLS - Deleted C:\WINDOWS\system32\cent.exe.exe - Deleted C:\WINDOWS\system32\pdp.exe.exe - Deleted C:\DOCUME~1\MALOSS~1\LOKALE~1\Temp\tmp172.tmp.exe - Deleted C:\DOCUME~1\MALOSS~1\LOKALE~1\Temp\tmp1BF.tmp.exe - Deleted C:\DOCUME~1\MALOSS~1\LOKALE~1\Temp\tmp2.tmp.exe - Deleted C:\DOCUME~1\MALOSS~1\LOKALE~1\Temp\tmp3.tmp.exe - Deleted C:\DOCUME~1\MALOSS~1\LOKALE~1\Temp\tmp4.tmp.exe - Deleted C:\DOCUME~1\MALOSS~1\LOKALE~1\Temp\tmp79.tmp.exe - Deleted C:\DOCUME~1\MALOSS~1\LOKALE~1\Temp\tmp9.tmp.exe - Deleted C:\DOCUME~1\MALOSS~1\LOKALE~1\Temp\abc123.pid - Deleted C:\WINDOWS\odbc.INI - Deleted C:\WINDOWS\system32\form.txt - Deleted C:\WINDOWS\system32\koos.exe - Deleted C:\WINDOWS\system32\kprof - Deleted C:\WINDOWS\system32\poof - Deleted C:\WINDOWS\system32\svcp.csv - Deleted C:\WINDOWS\system32\svehost.exe - Deleted C:\WINDOWS\system32\TFTP2072 - Deleted C:\WINDOWS\system32\TFTP2280 - Deleted C:\WINDOWS\system32\TFTP2592 - Deleted C:\WINDOWS\system32\TFTP2596 - Deleted C:\WINDOWS\system32\wincom32.ini - Deleted C:\WINDOWS\system32\wincom32.sys - Deleted C:\WINDOWS\system32\winsub.xml - Deleted Removing Temp Files ADS Check: Checking if ADS is attached to system32 Folder C:\WINDOWS\system32 No streams found. Checking if ADS is attached to svchost.exe C:\WINDOWS\system32\svchost.exe No streams found. Final Check: Remaining Services: ------------------ Authorized Application Key Export: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE"="C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE:*:Enabled:Internet Explorer" Remaining Files: --------------- Backups Folder: - C:\SDFix\backups\backups.zip Checking For Files with Hidden Attributes: C:\RECYCLER\S-1-5-21-1614895754-706699826-1060284298-1003\Dc16\Boieng 747 orginal\Textures\Katie of Katies-world.com\Thumbs.db C:\Programfiler\Fellesfiler\Adobe\ESD\DLMCleanup.exe C:\Documents and Settings\Malossi Hyper Racing\Skrivebord\~WRL0005.tmp C:\WINDOWS\LastGood.Tmp\INF\oem0.inf C:\WINDOWS\LastGood.Tmp\INF\oem0.PNF Finished [SIZE=7][B]VundoFix[/B] [/SIZE]V6.3.20 Checking Java version... Sun Java not detected Scan started at 16:20:01 29.04.2007 Listing files found while scanning.... C:\WINDOWS\System32\tmp3.tmp.dll Beginning removal... Attempting to delete C:\WINDOWS\System32\tmp3.tmp.dll C:\WINDOWS\System32\tmp3.tmp.dll Has been deleted! Performing Repairs to the registry. Done!