Jump to content

Build Theme!
  •  
  • Unreplied Topics
  • Downloads
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93084 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

[Resolved] Multiple Windows, Red Desktop

Started by crunchygeek , May 24 2008 06:08 AM

  • This topic is locked This topic is locked
2 replies to this topic

#1 crunchygeek

crunchygeek

    New Member

  • New Member
  • Pip
  • 4 posts

Posted 24 May 2008 - 06:08 AM

I posted this once before, but I wound up double posting, so I'm afraid it looks like I have been helped. If I have not waited long enough, please forgive me.

I am trying to clean up a friend's computer which has the desktop image that is all red with yellow and white letters stating that the computer is infected. Also, it gives multiple popups saying that "spyware activity has been recognized on the PC".

I ran AVG and SuperAntiSpyware, and they cleaned up a bunch temporarily. Then I found this forum via Google.

Here's what I did:

I was running a first run of ComboFix when the power died.

I re-ran that at 4am this morning. Log file is below.

Then I ran ATF-Cleaner and Malwarebytes. Then I rebooted.

Then HijackThis. Thank you very much for your help!

Log files:

ComboFix 08-05-21.3 - Owner 2008-05-23 4:59:07.2 - NTFSx86
Running from: C:\Documents and Settings\Owner\Desktop\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Owner\Application Data\HbTools
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\66855
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\669173
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\67226
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\67357
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\67464
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\67491
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\67506
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\67554
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\67564
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\67733
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\67821
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\67831
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\67918
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\67969
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\68016
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\68019
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\68021
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\68055
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\68076
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\68098
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\68148
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\68257
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\68370
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\68593
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\6873
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\68838
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\68870
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\69031
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\69045
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\69054
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\69076
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\69111
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\69118
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\6915
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\69199
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\69201
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\69308
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\69325
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\69515
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\69556
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\69625
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\69626
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\69776
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\69817
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\69940
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\7004
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\70093
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\70181
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\70202
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\70259
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\703336
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\70342
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\70449
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\70611
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\70650
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\70692
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\70907
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\70973
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\7122
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\71254
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\71340
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\71383
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\71497
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\71602
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\716588
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\71929
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\71999
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\72001
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\72010
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\72031
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\72072
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\72123
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\7220
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\72333
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\72341
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\72748
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\727608
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\72786
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\72796
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\72807
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\72846
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\72882
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\72889
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\72912
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\73119
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\73174
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\73391
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\7341
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\73415
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\73458
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\73484
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\73506
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\73560
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\73561
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\73576
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\73664
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\73670
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\73722
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\7376
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\73814
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\73840
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\73846
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\73922
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\73948
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\741292
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\741312
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\742099
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\742100
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\74263
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\74303
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\74398
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\74576
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\74798
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\7482
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\7492
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\75013
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\75045
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\75089
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\75119
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\75121
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\7515
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\7518
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\7521
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\75296
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\75495
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\75607
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\75743
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\75746
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\75907
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\76113
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\76119
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\76125
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\76184
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\7652
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\7690
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\77461
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\77468
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\77494
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\78118
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\78220
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\78228
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\78245
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\78424
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\78443
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\78489
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\78592
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\78600
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\78778
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\78788
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\7887
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\7889
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\7892
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\7894
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\79079
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\79257
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\79382
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\7946
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\79580
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\79596
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\79674
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\79683
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\79805
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\79824
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\79973
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\79977
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\79987
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\79989
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\80026
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\80193
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\80309
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\80644
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\80657
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\8067
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\80670
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\80689
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\8081
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\80950
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\81010
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\81071
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\81293
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\81507
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\81529
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\81721
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\81736
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\81830
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\81995
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\82011
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\82139
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\82180
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\82244
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\82278
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\82279
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\82292
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\82511
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\82557
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\82646
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\82647
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\82652
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\8271
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\82723
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\8282
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\8290
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\8306
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\83137
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\83209
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\83216
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\83226
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\83298
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\83634
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\83706
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\83723
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\83732
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\83743
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\83757
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\83783
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\8401
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\8443
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\84685
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\84753
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\84876
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\85062
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\85119
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\8526
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\85365
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\8544
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\85535
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\85547
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\85564
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\85588
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\85666
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\85699
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\8577
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\85831
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\85854
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\85899
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\86023
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\86049
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\86146
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\86173
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\86181
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\8619
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\86258
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\86266
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\86379
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\86416
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\86423
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\86632
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\86654
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\86993
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\87185
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\87191
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\87215
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\87385
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\87439
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\87483
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\87499
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\87555
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\87584
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\87594
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\87726
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\87825
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\87881
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\87995
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\88533
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\88609
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\89075
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\89334
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\8941
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\89462
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\89658
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\90008
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\90009
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\90149
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\90163
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\90311
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\90358
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\90375
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\90383
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\90763
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\90781
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\90826
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\90833
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\90835
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\90882
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\91096
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\9114
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\91171
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\91207
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\91218
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\91224
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\91231
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\91238
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\9146
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\91523
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\91589
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\916
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\91840
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\91986
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\92056
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\92061
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\92828
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\92886
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\92893
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\92930
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\93025
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\93110
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\93113
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\93192
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\93286
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\93295
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\93438
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\93544
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\93568
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\93575
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\93598
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\93857
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\93899
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\93921
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\93934
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\94125
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\94230
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\94303
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\94360
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\94407
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\94430
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\9475
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\94844
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\94975
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\94990
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\95052
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\95194
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\95291
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\95325
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\95363
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\95367
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\95411
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\95422
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\95610
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\95645
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\95678
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\95701
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\95704
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\95714
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\95740
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\95774
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\95779
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\95801
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\95803
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\95825
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\95828
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\95849
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\95862
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\95873
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\95980
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\9667
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\9672
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\96913
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\9695
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\96961
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\9714
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\97426
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\97546
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\97623
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\97656
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\9770
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\97734
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\97741
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\9786
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\97964
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\98229
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\98248
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\98285
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\98351
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\9836
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\98564
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\98677
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\9875
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\98779
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\99008
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\99163
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\99507
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\99658
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\9974
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\998
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\99871
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\9991
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\dynamic\ustat\3406.dat
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\ads.cdf
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\btntrans.idx
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\btntrans1.dat
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\business_promo.htm
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\buttondir.txt
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\components.cdf
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\d_icons_buttons_1000.res
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\d_icons_buttons_2000.res
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\d_icons_buttons_3000.res
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\d_icons_buttons_bar.res
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\d_icons_buttons_bbar1.res
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\d_icons_buttons_logos.res
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\d_icons_buttons_other.res
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\d_icons_weather.res
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\default.cdf
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\Default_511745-514279.mnu
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\Default_bidz.mnu
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\Default_bidz1.mnu
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\Default_bidz10.mnu
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\Default_bidz11.mnu
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\Default_bidz12.mnu
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\Default_bidz13.mnu
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\Default_bidz14.mnu
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\Default_bidz15.mnu
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\Default_bidz16.mnu
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\Default_bidz17.mnu
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\Default_bidz18.mnu
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\Default_bidz19.mnu
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\Default_bidz2.mnu
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\Default_bidz20.mnu
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\Default_bidz3.mnu
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\Default_bidz4.mnu
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\Default_bidz5.mnu
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\Default_bidz6.mnu
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\Default_bidz7.mnu
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\Default_bidz8.mnu
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\Default_bidz9.mnu
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\Default_categorize.mnu
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\Default_comparison.mnu
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\Default_explorer-Mails.mnu
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\Default_explorer-people.mnu
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\Default_favorites.mnu
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\Default_Games.mnu
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\Default_Hide.mnu
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\Default_hotbarcom.mnu
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\Default_Hotmail.mnu
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\Default_hsskin.mnu
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\Default_jemster.mnu
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\Default_jemsterie.mnu
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\Default_jemsteruk.mnu
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\Default_jobsearch.mnu
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\Default_Mails.mnu
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\Default_new.mnu
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\Default_premium.mnu
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\Default_reun.mnu
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\Default_ringtones.mnu
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\Default_SearchBoxTrapper.mnu
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\Default_searchfor.mnu
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\Default_searchgo.mnu
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\Default_weather.mnu
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\Default_yellowpages.mnu
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\email-def-511724-548964.mnu
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\email-def-511724-9595.mnu
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\email-t1-bg.res
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\hotbar-premium-hotbar-premium.mnu
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\hotbar-premium.cdf
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\hotbar_promo.htm
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\icons2.res
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\keywords.idx
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\keywords1.dat
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\layout.cdf
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\linkpathlegal.txt
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\progress.res
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\s_icons_buttons.res
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\sales_buttons.res
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\t2_bg.res
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\theweb.mnu
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\top7.cdf
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\Top7_theweb.mnu
C:\Documents and Settings\Owner\Application Data\HbTools\v3.0\HbTools\static\2\tsd_bg.res
.
---- Previous Run -------
.
C:\Program Files\ISM
C:\Program Files\ISM\ism.exe
C:\Program Files\ISM\Uninstall.exe
C:\WINDOWS\123messenger.per
C:\WINDOWS\b2new.exe
C:\WINDOWS\default.htm
C:\WINDOWS\didduid.ini
C:\WINDOWS\licencia.txt
C:\WINDOWS\mainms.vpi
C:\WINDOWS\megavid.cdt
C:\WINDOWS\muotr.so
C:\WINDOWS\promogif2.gif
C:\WINDOWS\promogif3.gif
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\adult.txt
C:\WINDOWS\system32\finance.txt
C:\WINDOWS\system32\lt.res
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\other.txt
C:\WINDOWS\system32\pharma.txt
C:\WINDOWS\telefonos.txt
C:\WINDOWS\textos.txt

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_MSSECURITY1.209.4
-------\Service_MsSecurity1.209.4


((((((((((((((((((((((((( Files Created from 2008-04-23 to 2008-05-23 )))))))))))))))))))))))))))))))
.

2008-05-22 21:17 . 2008-05-22 21:17 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\SUPERAntiSpyware.com
2008-05-22 18:25 . 2008-05-22 18:25 <DIR> d-------- C:\VundoFix Backups
2008-05-22 16:02 . 2008-05-22 16:02 <DIR> d-------- C:\Program Files\Trend Micro
2008-05-22 16:02 . 2008-05-22 16:02 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2008-05-22 16:02 . 2008-05-22 16:02 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\SUPERAntiSpyware.com
2008-05-22 16:02 . 2008-05-22 16:02 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-05-21 21:51 . 2008-05-21 21:51 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\McAfee.com Personal Firewall
2008-05-21 21:14 . 2008-05-21 21:14 <DIR> d-------- C:\Program Files\VS Revo Group
2008-05-21 20:38 . 2004-08-27 05:54 <DIR> d-------- C:\Documents and Settings\Administrator\WINDOWS
2008-05-21 20:38 . 2005-07-29 08:27 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\You've Got Pictures Screensaver
2008-05-21 20:38 . 2005-07-29 08:25 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\SampleView
2008-05-21 20:38 . 2005-07-29 08:30 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\McAfee
2008-05-21 20:38 . 2005-08-08 11:38 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\CyberLink
2008-05-21 20:38 . 2008-05-21 21:47 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\AOL
2008-05-21 20:38 . 2008-05-21 20:38 <DIR> d-------- C:\Documents and Settings\Administrator
2008-05-21 20:34 . 2008-05-21 20:34 96,520 --a------ C:\WINDOWS\system32\drivers\avgldx86.sys
2008-05-21 20:34 . 2008-05-21 20:34 75,272 --a------ C:\WINDOWS\system32\drivers\avgtdix.sys
2008-05-21 20:34 . 2008-05-21 20:34 10,520 --a------ C:\WINDOWS\system32\avgrsstx.dll
2008-05-21 20:33 . 2008-05-21 20:33 <DIR> d-------- C:\WINDOWS\system32\drivers\Avg
2008-05-21 20:33 . 2008-05-21 20:33 <DIR> d-------- C:\Program Files\AVG
2008-05-21 20:33 . 2008-05-21 20:33 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\avg8
2008-05-21 20:03 . 2008-05-21 20:03 <DIR> d-------- C:\Program Files\Lavasoft
2008-05-21 20:03 . 2008-05-21 20:03 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-05-21 20:02 . 2008-05-22 16:01 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-05-21 16:23 . 2008-05-21 16:23 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-05-21 16:22 . 2008-05-21 16:22 <DIR> d-------- C:\Program Files\Common Files\Roxio Shared
2008-05-21 16:22 . 2008-05-21 16:22 <DIR> d-------- C:\Program Files\Common Files\Adobe
2008-05-21 15:52 . 2008-05-21 15:52 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Comodo
2008-05-21 15:50 . 2005-10-30 18:10 211 --a------ C:\boot.ini.comodofirewall
2008-05-21 15:48 . 2008-05-21 15:49 <DIR> d-------- C:\Program Files\Comodo
2008-05-21 15:48 . 2008-05-21 15:48 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\BOC425
2008-05-21 15:48 . 2004-08-04 15:00 22,528 --a------ C:\WINDOWS\system32\wsock32.dlb
2008-05-21 15:18 . 2008-05-21 20:35 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\AVGTOOLBAR
2008-05-21 15:18 . 2008-05-22 04:21 <DIR> d-------- C:\$AVG8.VAULT$
2008-05-21 15:17 . 2008-05-21 15:17 <DIR> d-------- C:\WINDOWS\system32\drivers\Avg(2)
2008-05-21 15:17 . 2008-05-21 16:22 <DIR> d-------- C:\Program Files\AVG(2)
2008-05-21 15:17 . 2008-05-22 04:13 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\AVGTOOLBAR
2008-05-21 15:17 . 2008-05-21 16:22 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\avg8(2)
2008-05-20 21:50 . 2008-05-20 21:50 1,169 --a------ C:\WINDOWS\mozver.dat
2008-05-10 06:53 . 2008-05-10 06:53 1,906 --a------ C:\WINDOWS\index.html
2008-05-10 06:53 . 2008-05-10 06:53 1,294 --a------ C:\WINDOWS\homepage.html

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-22 08:11 --------- d-----w C:\Documents and Settings\Owner\Application Data\Aim
2008-05-22 08:06 --------- d-----w C:\Program Files\McAfee.com
2008-05-22 01:54 --------- d-----w C:\Documents and Settings\All Users\Application Data\Viewpoint
2008-05-22 01:53 --------- d-----w C:\Program Files\Common Files\Real
2008-05-22 01:51 --------- d-----w C:\Documents and Settings\All Users\Application Data\McAfee.com
2008-05-22 01:48 --------- d-----w C:\Program Files\Common Files\AOL
2008-05-22 01:47 --------- d-----w C:\Documents and Settings\Owner\Application Data\AOL
2008-05-22 01:47 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL
2008-05-21 23:48 --------- d-----w C:\Program Files\Pure Networks
2008-05-21 20:22 --------- d-----w C:\Program Files\Napster
2008-05-21 20:22 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-05-21 20:22 --------- d-----w C:\Documents and Settings\All Users\Application Data\Napster
2008-05-21 18:59 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-05-19 01:23 --------- d-----w C:\Documents and Settings\Owner\Application Data\LimeWire
2008-05-11 20:41 --------- d-----w C:\Documents and Settings\Owner\Application Data\U3
2008-05-07 15:43 30,734 ----a-w C:\Documents and Settings\Owner\Application Data\wklnhst.dat
2008-04-19 01:28 --------- d-----w C:\Program Files\Microsoft ActiveSync
2008-04-19 01:28 --------- d-----w C:\Program Files\Common Files\L&H
2008-04-19 01:27 --------- d-----w C:\Program Files\Microsoft.NET
2008-04-08 19:22 --------- d-----w C:\Program Files\QuickTime
2008-04-06 17:40 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL Downloads
2008-03-23 03:10 --------- d-----w C:\Program Files\Google
2007-03-10 11:45 32,352 ----a-w C:\Documents and Settings\Owner\Application Data\GDIPFONTCACHEV1.DAT
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8334A30C-49E5-489a-B63D-5B927C1EF46E}]
C:\Program Files\QdrDrive\QdrDrive15.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
2008-05-21 20:33 2050816 --a------ C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A352D40E-2264-4771-B1C9-9452D88D87D8}]
C:\WINDOWS\system32\khfDuTLD.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{c6eda351-1408-46af-9356-55c9e0c92584}]
C:\WINDOWS\system32\piuhdseq.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{A057A204-BACC-4D26-9990-79A187E2698E}"= "C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL" [2008-05-21 20:33 2050816]

[HKEY_CLASSES_ROOT\clsid\{a057a204-bacc-4d26-9990-79a187e2698e}]
[HKEY_CLASSES_ROOT\avgtoolbar.AVGTOOLBAR]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{A057A204-BACC-4D26-9990-79A187E2698E}"= C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2008-05-21 20:33 2050816]

[HKEY_CLASSES_ROOT\clsid\{a057a204-bacc-4d26-9990-79a187e2698e}]
[HKEY_CLASSES_ROOT\avgtoolbar.AVGTOOLBAR]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 15:00 15360]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-05-13 12:43 1510640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VTTimer"="VTTimer.exe" [2005-03-08 06:33 53248 C:\WINDOWS\system32\VTTimer.exe]
"VTTrayp"="VTtrayp.exe" [2005-03-11 20:33 147456 C:\WINDOWS\system32\VTTrayp.exe]
"Recguard"="%WINDIR%\SMINST\RECGUARD.EXE" [ ]
"SoundMan"="SOUNDMAN.EXE" [2003-12-09 14:17 67584 C:\WINDOWS\SOUNDMAN.EXE]
"QuickTime Task"="C:\Program Files\QuickTime\bak\qttask.exe" [2005-11-13 11:59 155648]
"AAWTray"="C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe" [2007-08-08 15:53 88024]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-05-21 20:33 1177368]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-24 02:05:26 29696]
BigFix.lnk - C:\Program Files\BigFix\BigFix.exe [2005-07-29 08:15:03 1742384]
Kodak EasyShare software.lnk - C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe [2005-07-22 05:47:22 151552]
Kodak software updater.lnk - C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe [2004-02-13 16:12:08 16423]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 02:01:04 83360]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 10:13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\pmnkIAqP]
pmnkIAqP.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll

[HKLM\~\startupfolder\C:^Documents and Settings^Owner^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
path=C:\Documents and Settings\Owner\Start Menu\Programs\Startup\LimeWire On Startup.lnk
backup=C:\WINDOWS\pss\LimeWire On Startup.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\20299561]
C:\WINDOWS\system32\puwkbvoh.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOL Spyware Protection]
--a------ 2004-10-18 20:42 79448 C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BM231aa6fd]
C:\WINDOWS\system32\yyjkxhwp.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QdrModule16]
C:\Program Files\QdrModule\QdrModule16.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QdrPack16]
C:\Program Files\QdrPack\QdrPack16.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"PrismXL"=2 (0x2)
"MskService"=2 (0x2)
"MpfService"=2 (0x2)
"lanmanserver"=2 (0x2)
"dvpapi"=2 (0x2)
"Apple Mobile Device"=2 (0x2)
"AOL TopSpeedMonitor"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltsmon.exe"=
"C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltpspd.exe"=
"C:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"=
"C:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\AOLSP Scheduler.exe"=
"C:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\asp.exe"=
"C:\\Program Files\\Support.com\\bin\\tgcmd.exe"=
"C:\\Program Files\\Common Files\\AOL\\1122639952\\ee\\aolservicehost.exe"= C:\\Program Files\\Common Files\\AOL\\1122639952\\EE\\AOLServiceHost.exe
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgemc.exe"=

R0 PzWDM;PzWDM;C:\WINDOWS\system32\Drivers\PzWDM.sys [2007-12-28 18:32]
R1 AvgLdx86;AVG AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-05-21 20:34]
R1 sdcplh;sdcplh;C:\WINDOWS\system32\drivers\sdcplh.sys [2005-09-20 12:26]
R2 avg8emc;AVG8 E-mail Scanner;C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-05-21 20:33]
R2 avg8wd;AVG8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-05-21 20:33]
R2 AvgTdiX;AVG8 Network Redirector;C:\WINDOWS\system32\Drivers\avgtdix.sys [2008-05-21 20:34]
S3 181d61c4-f2b0-41b1-adcc-716f7ceba753;181d61c4-f2b0-41b1-adcc-716f7ceba753;E:\CDS300\cds300.dll []

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{36db705f-3c72-11d8-a150-806d6172696f}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe folder.htt 480 480

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4021e6df-0a2a-11da-b762-806d6172696f}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe folder.htt 480 480

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{899de84e-a5be-11dc-868b-0040caa9f60e}]
\Shell\AutoRun\command - J:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{dcd886df-1ef9-11da-9a49-806d6172696f}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe folder.htt 480 480

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{deff3a65-0821-11da-8b7d-806d6172696f}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe folder.htt 480 480

.
Contents of the 'Scheduled Tasks' folder
"2008-05-05 20:18:06 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-23 05:14:49
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\BellSouth\BellSouth Internet Security\fws.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\AVG\AVG8\avgrsx.exe
.
**************************************************************************
.
Completion time: 2008-05-23 5:22:27 - machine was rebooted [Owner]
ComboFix-quarantined-files.txt 2008-05-23 09:22:18

Pre-Run: 141,022,306,304 bytes free
Post-Run: 143,445,340,160 bytes free

715 --- E O F --- 2008-02-19 08:09:30

================================================================================
===

Malwarebytes' Anti-Malware 1.12
Database version: 722

Scan type: Quick Scan
Objects scanned: 34902
Time elapsed: 6 minute(s), 6 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 3
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{66186f05-bbbb-4a39-864f-72d84615c679} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

===================================

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:07:43 PM, on 5/23/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\BellSouth\BellSouth Internet Security\fws.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\BigFix\BigFix.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = file://c:/windows/homepage.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = file://c:/windows/homepage.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = file://c:/windows/homepage.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: (no name) - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - (no file)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: McAfee Anti-Phishing Filter - {41D68ED8-4CFF-4115-88A6-6EBB8AF19000} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: StFlex IE Helper - {8334A30C-49E5-489a-B63D-5B927C1EF46E} - C:\Program Files\QdrDrive\QdrDrive15.dll (file missing)
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: (no name) - {A352D40E-2264-4771-B1C9-9452D88D87D8} - C:\WINDOWS\system32\khfDuTLD.dll (file missing)
O2 - BHO: {48529c0e-9c55-6539-fa64-8041153ade6c} - {c6eda351-1408-46af-9356-55c9e0c92584} - C:\WINDOWS\system32\piuhdseq.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\bak\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AAWTray] C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\BigFix.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 2.0\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O9 - Extra 'Tools' menuitem: McAfee Anti-Phishing Filter - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcaf...01/mcinsctl.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcaf...,26/mcgdmgr.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logme...trl.cab?lmi=100
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: pmnkIAqP - pmnkIAqP.dll (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Radialpoint Service (FWS) - Radialpoint Inc. - C:\Program Files\BellSouth\BellSouth Internet Security\fws.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O24 - Desktop Component 0: (no name) - http://i9.tinypic.com/85lhk3m.jpg

--
End of file - 8222 bytes

    Advertisements

Register to Remove

#2 Rorschach112

Rorschach112

    Teacher Emeritus

  • Authentic Member
  • PipPipPipPipPip
  • 3,651 posts

Posted 24 May 2008 - 06:21 AM

Multiple topic

#3 Rorschach112

Rorschach112

    Teacher Emeritus

  • Authentic Member
  • PipPipPipPipPip
  • 3,651 posts

Posted 24 May 2008 - 06:21 AM

Since this issue appears to be resolved ... this Topic has been closed. Glad we could be of assistance. If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread. Everyone else please begin a New Topic.

Related Topics

Back to Virus, Spyware & Malware Removal · Next Unread Topic →

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. What the Tech
  2. Spyware / Malware / Virus Removal
  3. Virus, Spyware & Malware Removal
  4. Privacy Policy
  5. Terms of Use ·