tetonbob

Not sure if they regened or just didn't get deleted. Let's try again.

C:\WINDOWS\system32\AddQuit.ico
C:\WINDOWS\system32\Desktop.ico
C:\WINDOWS\system32\Help.ico
C:\WINDOWS\system32\IE.ico
C:\WINDOWS\system32\Open.ico
C:\WINDOWS\system32\Quick.ico
C:\WINDOWS\system32\Uninstall.ico


Select/Highlight all the filename(s) from the above.
Copy to clipboard by pressing [CTRL]+[C] on your keyboard.

Run KILL box.


1. Go to the File menu, and choose Paste from Clipboard * this feature does not work on older versons of Killbox
Click the dropdown-arrow next to the "Full Path of File to Delete" field.
Verify that the filenames you pasted are found in there.
2. Select/tick the following:
* Delete on Reboot
* End Explorer Shell While Killing File
* Unregister.dll Before Deleting * if it's not grayed out
3. Click the RED X button.
4. Click Yes at the 'Delete on Reboot' prompt.
5. Click Yes at the 'Pending Operations prompt'.

Run Killbox a second time with the same list of files. Then check your System32 folder for their presence. If still present, manually delete each one. If deletion still proves problematic, reboot into safe mode and delete the files. Let me know if they persist.

The rest of your logs appear clean. You can eliminate MS's AntiSpyware program, for the reasons noted above.

You have 2 others which each have real time monitoring features...Webroot's Spysweeper and WinPatrol, and having more than one active can cause some slowing. Ewido also has a real time monitor, until the trial expires.

Other than that, your logs appear clean. Any more issues? If not you should be good to go. We still have a few items to address.


Reset hidden/system files and folders

• Click Start.
• Open My Computer.
• Select the Tools menu and click Folder Options.
• Select the View tab.
• Deselect the Show hidden files and folders option.
• Select the Hide file extensions for known types option.
• Select the Hide protected operating system files option.
• Click Yes to confirm.
• Click OK.

Create a new System Restore point

• click Start >> Run - type SYSDM.CPL & press Enter
• select the System Restore Tab
• tick on the checkbox - "Turn off System Restore on all drives"
• click Apply
• then untick the same checkbox & click OK

Enable Windows Auto Update

• Go to Start>Run - type wuaucpl.cpl
• tick on the checkbox - "Keep my computer up to date"
• Under settings, choose "Automatically download the updates, and install them on the schedule that I specify".
• Click on "OK".

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programs:

• SpywareBlaster to help prevent spyware from installing in the first place.
• SpywareGuard to catch and block spyware before it can execute.
• IESpy-Ad to block access to malicious websites so you cannot be redirected to them from an infected site or email.

If you do not have a firewall, here are 3 free ones available for personal use:

• Sygate Personal Firewall
• Kerio Personal Firewall
• ZoneAlarm

In light of your recent troubles, I'm sure you'll like to avoid any future infections. Please take a look at these well written articles

• HOW DID I GET INFECTED IN THE FIRST PLACE?
• THE ANTI-SPYWARE TUTORIAL
• MAKING INTERNET EXPLORER SAFER