trojans galore can`t help myself THANKS

[351bloor]

Logfile of HijackThis v1.99.1
Scan saved at 1:23:33 PM, on 05/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Bell\Security Manager\Fws.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Personal Vault\VaultClientUpgrade.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Bell\Sympatico Security Advisor\SSA.exe
C:\Program Files\Bell\Security Manager\Rps.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\BigFix\bigfix.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Bell\Sympatico Security Advisor\SSAComHandler.exe
C:\Program Files\Bell\Security Manager\rpsupdaterR.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
C:\Documents and Settings\Owner\Desktop\Owner.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Sympatico
R3 - URLSearchHook: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Pop-Up Blocker BHO - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\Bell\Security Manager\pkR.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VMSnap3] C:\WINDOWS\VMSnap3.EXE
O4 - HKLM\..\Run: [Domino] C:\WINDOWS\Domino.EXE
O4 - HKLM\..\Run: [SSA.exe] "C:\Program Files\Bell\Sympatico Security Advisor\SSA.exe" /AUTORUN
O4 - HKLM\..\Run: [Sympatico Security Manager] "C:\Program Files\Bell\Security Manager\Rps.exe"
O4 - HKLM\..\Run: [-FreedomNeedsReboot] "C:\Program Files\Bell\Security Manager\ZkRunOnceR.exe"
O4 - HKLM\..\RunOnce: [IndexCleaner] "C:\Program Files\Bell\Security Manager\IdxClnR.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BitDownload] "C:\Program Files\BitDownload\BitDownload.exe" /minimized
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\RunOnce: [IndexCleaner] "C:\Program Files\Bell\Security Manager\IdxClnR.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\bigfix.exe
O4 - Global Startup: Install Pending Files.LNK = C:\Program Files\SIFXINST\SIFXINST.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.emachines.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/actives.../as2stubie.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1162151770718
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - http://cdn2.zone.msn.com/binFramewor...o.cab34246.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Automatic LiveUpdate Scheduler - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: DvpApi (dvpapi) - Authentium, Inc. - C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: CA Pest Patrol Realtime Protection Service (ITMRTSVC) - CA, Inc. - C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: Sympatico Security Manager (Radialpoint Security Services) - Radialpoint Inc. - C:\Program Files\Bell\Security Manager\RpsSecurityAware.exe
O23 - Service: Sympatico Security Manager Update Service (RPSUpdaterR) - Bell Sympatico - C:\Program Files\Bell\Security Manager\rpsupdaterR.exe
O23 - Service: Sympatico Security Manager Firewall (RP_FWS) - Bell Sympatico - C:\Program Files\Bell\Security Manager\Fws.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Personal Vault Upgrade Service (VaultClientUpgrade) - BELL - C:\Program Files\Personal Vault\VaultClientUpgrade.exe



Deckard's System Scanner v20071014.68
Run by Owner on 2008-06-05 14:23:01
Computer is in Normal Mode.
--------------------------------------------------------------------------------

Total Physical Memory: 479 MiB (512 MiB recommended).


-- HijackThis (run as Owner.exe) -----------------------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 2:23:25 PM, on 05/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Bell\Security Manager\Fws.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Personal Vault\VaultClientUpgrade.exe
C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Bell\Sympatico Security Advisor\SSA.exe
C:\Program Files\Bell\Security Manager\Rps.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\BigFix\bigfix.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\Bell\Sympatico Security Advisor\SSAComHandler.exe
C:\Program Files\Bell\Security Manager\rpsupdaterR.exe
C:\Documents and Settings\Owner\Desktop\dss.exe
C:\DOCUME~1\Owner\Desktop\Owner.exe
C:\WINDOWS\system32\NOTEPAD.EXE

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Sympatico
R3 - URLSearchHook: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Pop-Up Blocker BHO - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\Bell\Security Manager\pkR.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VMSnap3] C:\WINDOWS\VMSnap3.EXE
O4 - HKLM\..\Run: [Domino] C:\WINDOWS\Domino.EXE
O4 - HKLM\..\Run: [SSA.exe] "C:\Program Files\Bell\Sympatico Security Advisor\SSA.exe" /AUTORUN
O4 - HKLM\..\Run: [Sympatico Security Manager] "C:\Program Files\Bell\Security Manager\Rps.exe"
O4 - HKLM\..\Run: [-FreedomNeedsReboot] "C:\Program Files\Bell\Security Manager\ZkRunOnceR.exe"
O4 - HKLM\..\RunOnce: [IndexCleaner] "C:\Program Files\Bell\Security Manager\IdxClnR.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BitDownload] "C:\Program Files\BitDownload\BitDownload.exe" /minimized
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\RunOnce: [IndexCleaner] "C:\Program Files\Bell\Security Manager\IdxClnR.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\bigfix.exe
O4 - Global Startup: Install Pending Files.LNK = C:\Program Files\SIFXINST\SIFXINST.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.emachines.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/actives.../as2stubie.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1162151770718
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - http://cdn2.zone.msn.com/binFramewor...o.cab34246.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Automatic LiveUpdate Scheduler - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: DvpApi (dvpapi) - Authentium, Inc. - C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: CA Pest Patrol Realtime Protection Service (ITMRTSVC) - CA, Inc. - C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: Sympatico Security Manager (Radialpoint Security Services) - Radialpoint Inc. - C:\Program Files\Bell\Security Manager\RpsSecurityAware.exe
O23 - Service: Sympatico Security Manager Update Service (RPSUpdaterR) - Bell Sympatico - C:\Program Files\Bell\Security Manager\rpsupdaterR.exe
O23 - Service: Sympatico Security Manager Firewall (RP_FWS) - Bell Sympatico - C:\Program Files\Bell\Security Manager\Fws.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Personal Vault Upgrade Service (VaultClientUpgrade) - BELL - C:\Program Files\Personal Vault\VaultClientUpgrade.exe


-- Files created between 2008-05-05 and 2008-06-05 -----------------------------

2008-05-31 18:04:20 0 d-------- C:\WINDOWS\SxsCaPendDel
2008-05-31 17:52:20 0 d-------- C:\Documents and Settings\All Users\Application Data\SITEguard
2008-05-31 17:50:42 0 d-------- C:\Program Files\Common Files\iS3
2008-05-31 17:50:41 0 d-------- C:\Documents and Settings\All Users\Application Data\STOPzilla!
2008-05-31 17:32:46 0 d-------- C:\Program Files\Spyware Doctor
2008-05-31 17:32:46 0 d-------- C:\Documents and Settings\Owner\Application Data\PC Tools
2008-05-31 17:11:52 0 d-------- C:\Program Files\XP Antivirus
2008-05-29 14:03:11 0 d-------- C:\Program Files\Personal Vault
2008-05-29 14:01:44 0 d-------- C:\Program Files\Common Files\Authentium
2008-05-29 14:01:32 0 d-------- C:\Program Files\Raxco
2008-05-29 14:01:32 0 d-------- C:\Documents and Settings\All Users\Application Data\Raxco
2008-05-29 14:01:19 0 d-------- C:\Program Files\Common Files\Scanner
2008-05-29 12:45:11 0 dr-h----- C:\Documents and Settings\Owner\Recent
2008-05-28 12:22:54 0 d-------- C:\Program Files\Panda Security
2008-05-21 12:38:19 0 d--hs---- C:\found.001


-- Find3M Report ---------------------------------------------------------------

2008-06-01 20:26:35 0 d-------- C:\Documents and Settings\Owner\Application Data\MSN6
2008-06-01 20:11:22 0 d-------- C:\Program Files\Microsoft Works
2008-05-31 22:48:03 0 d-------- C:\Documents and Settings\Owner\Application Data\Adobe
2008-05-31 17:58:12 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-05-31 17:50:42 0 d-------- C:\Program Files\Common Files
2008-05-29 14:28:09 0 d-------- C:\Program Files\BitDownload
2008-05-29 14:20:23 0 d-------- C:\Documents and Settings\Owner\Application Data\BitDownload
2008-05-29 14:00:58 0 d-------- C:\Program Files\Bell
2008-05-29 13:53:52 0 d-------- C:\Program Files\CA
2008-05-29 13:49:46 0 d-------- C:\Documents and Settings\Owner\Application Data\Bell
2008-05-29 04:32:22 0 d-------- C:\Program Files\XoftSpySE
2008-04-30 17:23:40 0 d-------- C:\Documents and Settings\Owner\Application Data\LimeWire
2008-04-29 13:26:48 0 d-------- C:\Program Files\Creative
2008-04-29 12:08:10 0 d-------- C:\Program Files\Common Files\Symantec Shared
2008-04-28 19:53:30 0 d-------- C:\Program Files\Motorola Phone Tools


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [09/07/2001 01:50 PM]
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [02/11/2004 10:24 PM]
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [12/08/2004 03:13 PM]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [12/08/2004 03:12 PM]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [20/08/2004 05:55 PM]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [20/08/2004 05:51 PM]
"Recguard"="%WINDIR%\SMINST\RECGUARD.EXE" []
"VMSnap3"="C:\WINDOWS\VMSnap3.EXE" []
"Domino"="C:\WINDOWS\Domino.EXE" []
"SSA.exe"="C:\Program Files\Bell\Sympatico Security Advisor\SSA.exe" [27/03/2007 10:33 AM]
"Sympatico Security Manager"="C:\Program Files\Bell\Security Manager\Rps.exe" [10/03/2008 12:25 PM]
"-FreedomNeedsReboot"="C:\Program Files\Bell\Security Manager\ZkRunOnceR.exe" [10/03/2008 12:26 PM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [13/10/2004 12:24 PM]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [04/08/2004 03:00 PM]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [29/07/2007 11:48 AM]
"BitDownload"="C:\Program Files\BitDownload\BitDownload.exe" []
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [30/03/2006 04:45 PM]
"NBJ"="C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" [02/06/2005 06:03 PM]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runonce]
"IndexCleaner"="C:\Program Files\Bell\Security Manager\IdxClnR.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce]
"IndexCleaner"="C:\Program Files\Bell\Security Manager\IdxClnR.exe"

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [23/09/2005 10:05:26 PM]
BigFix.lnk - C:\Program Files\BigFix\bigfix.exe [22/03/2006 10:14:48 PM]
Install Pending Files.LNK - C:\Program Files\SIFXINST\SIFXINST.EXE [20/09/2005 12:35:38 PM]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [13/02/2001 2:01:04 AM]
NkbMonitor.exe.lnk - C:\Program Files\Nikon\PictureProject\NkbMonitor.exe [22/12/2007 5:05:00 PM]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice"




-- End of Deckard's System Scanner: finished at 2008-06-05 14:24:06 ------------

[351bloor]

Bump::::

[tetonbob]

You've already posted for help here:

http://www.techsupportforum.com/secu...messed-up.html

Have you uninstalled the cracked software?

Cracked (Illegal) Software

Quote:

00962932 Generic Malware Virus/Trojan No 0 No No C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3001d21.000[XoftSpySE 4.31 + Crack.rar][XoftSpySE 4.31 + Crack\CRACK\ParetoLogic_Slayer_v1.2.exe]

This is quite likely the main reason your computer is infected. Visiting cracksites/warezsites - and other questionable/illegal sites is always a risk.

Even a single click on the site can drop multiple forms of very serious malware, many of which disable your onboard protection, and System Restore. Don't think: "I have a good Antivirus and Firewall installed, they will protect me" - because that's not true... and even before you know it, your Antivirus and Firewall may become disabled by the malware which has now found its way on your system.

If you install the cracked software, you are running executable files from these dubious, unknown sources. You are in effect giving these sources access to information on your hard disk, and potential control over the operation of your computer.

Additionally, cracked programs are illegal.

Referring to the Forum Rules which you should have read at the time of Registering at this forum, TSF does not support illegal activity. Before posting for help, we ask that you uninstall any such applications, as indicated in this sticky topic.

As such, be advised that any request for assistance in removing malware may go unanswered, or may be discontinued, if the cracked (illegal) software is still present on the machine. Any future requests for help may be ignored.

Uninstall these illegal softwares now.


You are using an outdated version of HijackThis. Please uninstall from Add/Remove programs, and delete your current version.

Next, download HijackThis to your desktop

Alternate link

Double-click on the file you just downloaded.
Click on the "Unzip" button to install. It will by default install to the directory - C:\Program Files\Trend Micro\HijackThis

Upon install, HijackThis should open for you.

When it does, just close it.

---------------------------------------------------------------------------------------------


Please run Deckard's System Scanner once again, this time using these instructions:

Click the Windows 'Start' button > Select 'Run' - then copy/paste this into the run box & click OK

"%userprofile%\desktop\dss.exe" /config

Click on "Check All"

Click Scan!

When finished, it shall produce two logs for you. Post those logs in your next reply.

---------------------------------------------------------------------------------------------

[351bloor]

Deckard's System Scanner v20071014.68
Run by Owner on 2008-06-08 19:56:13
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
71: 2008-06-08 23:56:32 UTC - RP526 - Deckard's System Scanner Restore Point
70: 2008-06-08 21:37:57 UTC - RP525 - System Checkpoint
69: 2008-06-07 19:37:15 UTC - RP524 - System Checkpoint
68: 2008-06-05 18:00:20 UTC - RP523 - System Checkpoint
67: 2008-05-31 22:03:34 UTC - RP522 - Removed STOPzilla. Available with Windows Installer version 1.2 and later.


-- First Restore Point --
1: 2008-03-11 15:27:02 UTC - RP456 - System Checkpoint


Performed disk cleanup.

Percentage of Memory in Use: 83% (more than 75%).
Total Physical Memory: 479 MiB (512 MiB recommended).


-- HijackThis (run as Owner.exe) -----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:57:00 PM, on 08/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Bell\Security Manager\Fws.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Personal Vault\VaultClientUpgrade.exe
C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Bell\Sympatico Security Advisor\SSA.exe
C:\Program Files\Bell\Security Manager\Rps.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\BigFix\bigfix.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\Bell\Sympatico Security Advisor\SSAComHandler.exe
C:\Program Files\Bell\Security Manager\rpsupdaterR.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\MSN\MSNCoreFiles\MSN.EXE
C:\Documents and Settings\Owner\desktop\dss.exe
C:\DOCUME~1\Owner\Desktop\Owner.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Sympatico
R3 - URLSearchHook: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Pop-Up Blocker BHO - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\Bell\Security Manager\pkR.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VMSnap3] C:\WINDOWS\VMSnap3.EXE
O4 - HKLM\..\Run: [Domino] C:\WINDOWS\Domino.EXE
O4 - HKLM\..\Run: [SSA.exe] "C:\Program Files\Bell\Sympatico Security Advisor\SSA.exe" /AUTORUN
O4 - HKLM\..\Run: [Sympatico Security Manager] "C:\Program Files\Bell\Security Manager\Rps.exe"
O4 - HKLM\..\Run: [-FreedomNeedsReboot] "C:\Program Files\Bell\Security Manager\ZkRunOnceR.exe"
O4 - HKLM\..\RunOnce: [IndexCleaner] "C:\Program Files\Bell\Security Manager\IdxClnR.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BitDownload] "C:\Program Files\BitDownload\BitDownload.exe" /minimized
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\RunOnce: [IndexCleaner] "C:\Program Files\Bell\Security Manager\IdxClnR.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\bigfix.exe
O4 - Global Startup: Install Pending Files.LNK = C:\Program Files\SIFXINST\SIFXINST.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.emachines.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/actives.../as2stubie.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1162151770718
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - http://cdn2.zone.msn.com/binFramewor...o.cab34246.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Automatic LiveUpdate Scheduler - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: DvpApi (dvpapi) - Authentium, Inc. - C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: CA Pest Patrol Realtime Protection Service (ITMRTSVC) - CA, Inc. - C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: Sympatico Security Manager (Radialpoint Security Services) - Radialpoint Inc. - C:\Program Files\Bell\Security Manager\RpsSecurityAware.exe
O23 - Service: Sympatico Security Manager Update Service (RPSUpdaterR) - Bell Sympatico - C:\Program Files\Bell\Security Manager\rpsupdaterR.exe
O23 - Service: Sympatico Security Manager Firewall (RP_FWS) - Bell Sympatico - C:\Program Files\Bell\Security Manager\Fws.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Personal Vault Upgrade Service (VaultClientUpgrade) - BELL - C:\Program Files\Personal Vault\VaultClientUpgrade.exe

--
End of file - 8501 bytes

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 StarOpen - c:\windows\system32\drivers\staropen.sys
R3 ElbyDelay - c:\windows\system32\drivers\elbydelay.sys <Not Verified; Elaborate Bytes; CDRTools>

S3 pcouffin (VSO Software pcouffin) - c:\windows\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
S3 vmfilter303 - c:\windows\system32\drivers\vmfilter303.sys (file missing)
S3 ZSMC303 (G-CUBE NOTEBOOK WEB CAMERA) - c:\windows\system32\drivers\usbvm303.sys (file missing)


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 VaultClientUpgrade (Personal Vault Upgrade Service) - c:\program files\personal vault\vaultclientupgrade.exe <Not Verified; BELL; Backup Manager>

S2 Automatic LiveUpdate Scheduler - "c:\program files\symantec\liveupdate\aluschedulersvc.exe" (file missing)


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Process Modules -------------------------------------------------------------

C:\WINDOWS\explorer.exe (pid 1832)
2004-12-26 21:34:38 121344 --a------ C:\Program Files\WinRAR\RarExt.dll


-- Scheduled Tasks -------------------------------------------------------------

2005-12-22 19:09:23 258 --a------ C:\WINDOWS\Tasks\ISP signup reminder 3.job


-- Files created between 2008-05-08 and 2008-06-08 -----------------------------

2008-05-31 18:04:20 0 d-------- C:\WINDOWS\SxsCaPendDel
2008-05-31 17:52:20 0 d-------- C:\Documents and Settings\All Users\Application Data\SITEguard
2008-05-31 17:50:42 0 d-------- C:\Program Files\Common Files\iS3
2008-05-31 17:50:41 0 d-------- C:\Documents and Settings\All Users\Application Data\STOPzilla!
2008-05-31 17:32:46 0 d-------- C:\Program Files\Spyware Doctor
2008-05-31 17:32:46 0 d-------- C:\Documents and Settings\Owner\Application Data\PC Tools
2008-05-31 17:11:52 0 d-------- C:\Program Files\XP Antivirus
2008-05-29 14:03:11 0 d-------- C:\Program Files\Personal Vault
2008-05-29 14:01:44 0 d-------- C:\Program Files\Common Files\Authentium
2008-05-29 14:01:32 0 d-------- C:\Program Files\Raxco
2008-05-29 14:01:32 0 d-------- C:\Documents and Settings\All Users\Application Data\Raxco
2008-05-29 14:01:19 0 d-------- C:\Program Files\Common Files\Scanner
2008-05-29 12:45:11 0 dr-h----- C:\Documents and Settings\Owner\Recent
2008-05-28 12:22:54 0 d-------- C:\Program Files\Panda Security
2008-05-21 12:38:19 0 d--hs---- C:\found.001


-- Find3M Report ---------------------------------------------------------------

2008-06-08 19:44:40 0 d-------- C:\Documents and Settings\Owner\Application Data\MSN6
2008-06-05 20:16:43 0 d-------- C:\Documents and Settings\Owner\Application Data\AdobeUM
2008-06-01 20:11:22 0 d-------- C:\Program Files\Microsoft Works
2008-05-31 22:48:03 0 d-------- C:\Documents and Settings\Owner\Application Data\Adobe
2008-05-31 17:58:12 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-05-31 17:50:42 0 d-------- C:\Program Files\Common Files
2008-05-29 14:28:09 0 d-------- C:\Program Files\BitDownload
2008-05-29 14:20:23 0 d-------- C:\Documents and Settings\Owner\Application Data\BitDownload
2008-05-29 14:00:58 0 d-------- C:\Program Files\Bell
2008-05-29 13:53:52 0 d-------- C:\Program Files\CA
2008-05-29 13:49:46 0 d-------- C:\Documents and Settings\Owner\Application Data\Bell
2008-05-29 04:32:22 0 d-------- C:\Program Files\XoftSpySE
2008-04-30 17:23:40 0 d-------- C:\Documents and Settings\Owner\Application Data\LimeWire
2008-04-29 13:26:48 0 d-------- C:\Program Files\Creative
2008-04-29 12:08:10 0 d-------- C:\Program Files\Common Files\Symantec Shared
2008-04-28 19:53:30 0 d-------- C:\Program Files\Motorola Phone Tools


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [09/07/2001 01:50 PM]
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [02/11/2004 10:24 PM]
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [12/08/2004 03:13 PM]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [12/08/2004 03:12 PM]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [20/08/2004 05:55 PM]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [20/08/2004 05:51 PM]
"Recguard"="%WINDIR%\SMINST\RECGUARD.EXE" []
"VMSnap3"="C:\WINDOWS\VMSnap3.EXE" []
"Domino"="C:\WINDOWS\Domino.EXE" []
"SSA.exe"="C:\Program Files\Bell\Sympatico Security Advisor\SSA.exe" [27/03/2007 10:33 AM]
"Sympatico Security Manager"="C:\Program Files\Bell\Security Manager\Rps.exe" [10/03/2008 12:25 PM]
"-FreedomNeedsReboot"="C:\Program Files\Bell\Security Manager\ZkRunOnceR.exe" [10/03/2008 12:26 PM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [13/10/2004 12:24 PM]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [04/08/2004 03:00 PM]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [29/07/2007 11:48 AM]
"BitDownload"="C:\Program Files\BitDownload\BitDownload.exe" []
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [30/03/2006 04:45 PM]
"NBJ"="C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" [02/06/2005 06:03 PM]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runonce]
"IndexCleaner"="C:\Program Files\Bell\Security Manager\IdxClnR.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce]
"IndexCleaner"="C:\Program Files\Bell\Security Manager\IdxClnR.exe"

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [23/09/2005 10:05:26 PM]
BigFix.lnk - C:\Program Files\BigFix\bigfix.exe [22/03/2006 10:14:48 PM]
Install Pending Files.LNK - C:\Program Files\SIFXINST\SIFXINST.EXE [20/09/2005 12:35:38 PM]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [13/02/2001 2:01:04 AM]
NkbMonitor.exe.lnk - C:\Program Files\Nikon\PictureProject\NkbMonitor.exe [22/12/2007 5:05:00 PM]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice"




-- End of Deckard's System Scanner: finished at 2008-06-08 19:59:53 ------------

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: Intel(R) Celeron(R) M processor 1.50GHz
Percentage of Memory in Use: 82%
Physical Memory (total/avail): 478.42 MiB / 84.2 MiB
Pagefile Memory (total/avail): 1120.31 MiB / 706.88 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1900.15 MiB

C: is Fixed (NTFS) - 70.51 GiB total, 52 GiB free.
D: is Fixed (FAT32) - 4 GiB total, 2.33 GiB free.
E: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - WDC WD800UE-00HCT0 - 74.53 GiB - 2 partitions
\PARTITION0 (bootable) - Installable File System - 70.51 GiB - C:
\PARTITION1 - Unknown - 4.01 GiB - D:



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.

FirstRunDisabled is set.
AntiVirusDisableNotify is set.
FirewallDisableNotify is set.

FW: Sympatico Security Manager Firewall v6.0.2 (Bell Sympatico (b1xxxxxx))
AV: Sympatico Security Manager Anti-Virus v6.0.2 (Bell Sympatico (b1xxxxxx))

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\PrinterOn Corporation\\PrintWhere 3.0\\pwcPrinterSelect.exe"="C:\\Program Files\\PrinterOn Corporation\\PrintWhere 3.0\\pwcPrinterSelect.exe:*:Enabled:PrintWhere 3.0 Printer Select"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\BitDownload\\BitDownload.exe"="C:\\Program Files\\BitDownload\\BitDownload.exe:*:Enabled:Warez3"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Owner\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=LAPTOP
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Owner
LOGONSERVER=\\LAPTOP
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\CA\PPRT\bin
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 13 Stepping 8, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0d08
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Owner\LOCALS~1\Temp
TMP=C:\DOCUME~1\Owner\LOCALS~1\Temp
USERDOMAIN=LAPTOP
USERNAME=Owner
USERPROFILE=C:\Documents and Settings\Owner
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

Owner (admin)


-- Add/Remove Programs ---------------------------------------------------------

--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x9
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Ad-Aware 2007 --> MsiExec.exe /X{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Flash Player 9 ActiveX --> C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 7.0.9 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70900000002}
Adobe Shockwave Player --> C:\WINDOWS\system32\Adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
ArcSoft Panorama Maker 3 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A5F68DC8-0278-4AD8-B413-861509B5F25B}\Setup.exe" -l0x9
Authentium AntiVirus SDK - 2 --> MsiExec.exe /I{C67DF120-4DD3-11D4-A3CA-005004AD2A5B}
Avanquest update --> C:\Program Files\InstallShield Installation Information\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}\Setup.exe -runfromtemp -l0x0009 -removeonly
BigFix --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\BigFix\Uninst.isu" -c"C:\Program Files\BigFix\Lib\UninstallHelper.dll"
CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
CloneDVD2 --> "C:\Program Files\Elaborate Bytes\CloneDVD2\CloneDVD2-uninst.exe" /D="C:\Program Files\Elaborate Bytes\CloneDVD2"
Creative System Information --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x9 /remove
easypix Photo Viewer --> C:\Program Files\easypix Photo Viewer\uninstall.exe
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar4.dll"
HijackThis 2.0.2 --> "C:\Documents and Settings\Owner\Desktop\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Intel(R) Extreme Graphics 2 Driver --> RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_3582
J2SE Runtime Environment 5.0 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150020}
LiveUpdate 3.0 (Symantec Corporation) --> "C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Digital Image Starter Edition 2006 --> "C:\Program Files\Common Files\Microsoft Shared\Picture It!\RmvSuite.exe" ADDREMOVE=1 SKU=TRIAL VERSION=11
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 --> "C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft Money 2005 --> C:\Program Files\Microsoft Money 2005\MNYCoreFiles\Setup\uninst.exe /s:120
Microsoft Office Outlook Connector --> MsiExec.exe /I{8C25E29E-FC5D-44CD-A58C-5746AF303CF2}
Microsoft Office XP Professional with FrontPage --> MsiExec.exe /I{90280409-6000-11D3-8CFE-0050048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Works --> MsiExec.exe /I{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}
Motorola Driver Installation 3.2.0 --> MsiExec.exe /I{D6A1E429-CCE1-4140-A615-710B806D12BA}
Motorola Phone Tools --> C:\Program Files\InstallShield Installation Information\{BAD8CA9C-77C0-4663-B00B-A8D3B13C341B}\setup.exe -runfromtemp -l0x0009 -removeonly
Move Networks Media Player for Internet Explorer --> C:\Documents and Settings\Owner\Application Data\Move Networks\ie_bin\Uninst.exe
Mpeg2Decoder 1.3 --> "C:\Program Files\Mpeg2Decoder\unins000.exe"
MSN --> C:\Program Files\MSN\MsnInstaller\msniadm.exe /Action:ARP
MSN Encarta Plus Support Files --> MsiExec.exe /I{00000000-785F-478A-BAA2-87F1A136068C}
Nero BurnRights --> C:\WINDOWS\UNNeroBurnRights.exe /UNINSTALL
Nero OEM --> C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
Nikon Message Center --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}\Setup.exe" -l0x9 UNINSTALL
Panda ActiveScan 2.0 --> C:\Program Files\Panda Security\ActiveScan 2.0\as2uninst.exe
PerfectDisk --> MsiExec.exe /I{212F5777-1190-4DEF-8E4D-6B2F313B45E7}
PictureProject --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FF3999BE-1A7B-4738-88AA-97BF14094A4A}\Setup.exe" -l0x9 UNINSTALL
PictureProject In Touch Downloader 1.0 --> C:\Program Files\PictureProject In Touch Downloader\uninst.exe
PowerDVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
PPSDKRedistributables --> MsiExec.exe /I{C144C566-21EF-4F8C-9667-40CF19E6AED0}
RPS Ad Blocker --> MsiExec.exe /I{05D0A02F-616D-4F2F-B143-1EDFD4954117}
RPS AntiFraud --> MsiExec.exe /I{33E42E0F-DE63-4527-80F6-C54F749D4F72}
RPS AntiSpyware --> MsiExec.exe /I{3A4EA99A-9CFB-4F21-8DBC-B55318791346}
RPS AntiVirus --> MsiExec.exe /I{2F645B95-2EE3-4D12-B1F1-92792A5A0475}
RPS App Detector --> MsiExec.exe /I{16F44008-A0B2-4F1D-8077-4EF3CECCF2A8}
RPS AsRealtime --> MsiExec.exe /I{D919664A-4246-4FC1-A781-84631737EBF3}
RPS Backup --> MsiExec.exe /I{A1A3D151-0707-4F6D-9DC1-8FAA6B8B152B}
RPS Burn --> MsiExec.exe /I{9ED8C15D-35E7-4A4B-B103-C234A9600CCB}
RPS Diagnostic Utility --> MsiExec.exe /I{17E8D1B6-A3B0-4F86-9D4B-B5B74FCE6CF8}
RPS Firewall --> MsiExec.exe /I{FF50571F-15FF-4435-97E1-7BB70EAA53A0}
RPS ParentalControl --> MsiExec.exe /I{EBCA18FC-A574-4EE1-B86B-87AB483C628C}
RPS Performance Tool --> MsiExec.exe /I{ED2E9BCD-B68A-40F7-AE60-A530F3D30370}
RPS PopupBlocker --> MsiExec.exe /I{B12897AC-1B80-41EE-B9A2-B965F766D157}
RPS Privacy Manager --> MsiExec.exe /I{2403195D-95B9-42ED-BE2E-EB2A5A6E1648}
RPS RpsCore --> MsiExec.exe /I{77A490DB-BBB8-4809-A0D5-37B592D76CED}
RPS Security Cleanup --> MsiExec.exe /I{E39707C3-A285-467E-BEDE-E63A1AFF32FC}
RPS Zip --> MsiExec.exe /I{AFE925E3-AEB4-4BBB-B97D-022135B50ED6}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Step By Step Interactive Training (KB898458) -->
SoftK56 Data Fax Modem --> C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_8086&DEV_24C6&SUBSYS_2030161F\HXFSETUP.EXE -U -Iask20305.inf
SoundMAX --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\setup.exe" -l0x9 -removeonly
Spyware Doctor 5.5 --> C:\Program Files\Spyware Doctor\unins000.exe /LOG
Sympatico Security Advisor 1.5.11 --> "C:\Program Files\Bell\Sympatico Security Advisor\unins000.exe"
Sympatico Security Manager --> C:\Program Files\InstallShield Installation Information\{76AA8F37-51BD-445F-B355-293A72D6A291}\setup.exe -runfromtemp -l0x0009 -removeonly
Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Texas Instruments PCIxx21/x515 drivers. --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{425ECED4-23ED-4E05-A88A-B59700DAF2AD}
Windows Backup Utility --> MsiExec.exe /I{76EFFC7C-17A6-479D-9E47-8E658C1695AE}
Windows Live installer --> MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
Windows Live Messenger --> MsiExec.exe /X{508CE775-4BA4-4748-82DF-FE28DA9F03B0}
Windows Live Sign-in Assistant --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe


-- Application Event Log -------------------------------------------------------

Event Record #/Type1499 / Error
Event Submitted/Written: 06/08/2008 07:39:38 PM
Event ID/Source: 1001 / Application Hang
Event Description:
Fault bucket 686628912.

Event Record #/Type1498 / Error
Event Submitted/Written: 06/08/2008 07:37:59 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application iexplore.exe, version 7.0.6000.16640, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Event Record #/Type1495 / Success
Event Submitted/Written: 06/08/2008 07:34:20 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.

Event Record #/Type1480 / Success
Event Submitted/Written: 06/07/2008 02:32:13 PM
Event ID/Source: 17 / PDAgent
Event Description:
Defragmentation on drive D:\ was canceled because of loss of AC power.

Event Record #/Type1479 / Success
Event Submitted/Written: 06/07/2008 02:32:12 PM
Event ID/Source: 17 / PDAgent
Event Description:
Defragmentation on drive C:\ was canceled because of loss of AC power.



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type38007 / Error
Event Submitted/Written: 06/08/2008 04:15:19 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The Automatic LiveUpdate Scheduler service failed to start due to the following error:
%%2

Event Record #/Type38002 / Error
Event Submitted/Written: 06/07/2008 07:56:43 PM
Event ID/Source: 1001 / Dhcp
Event Description:
Your computer was not assigned an address from the network (by the DHCP
Server) for the Network Card with network address 0014A5455CDA. The following error
occurred:
%%121.
Your computer will continue to try and obtain an address on its own from
the network address (DHCP) server.

Event Record #/Type38001 / Warning
Event Submitted/Written: 06/07/2008 07:43:15 PM
Event ID/Source: 1007 / Dhcp
Event Description:
Your computer has automatically configured the IP address for the Network
Card with network address 0014A5455CDA. The IP address being used is 169.254.133.235.

Event Record #/Type37997 / Warning
Event Submitted/Written: 06/07/2008 02:46:39 PM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Event Record #/Type37968 / Error
Event Submitted/Written: 06/07/2008 02:32:01 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The Automatic LiveUpdate Scheduler service failed to start due to the following error:
%%2



-- End of Deckard's System Scanner: finished at 2008-06-08 19:59:53 ------------

[tetonbob]

I'm not seeing much in the way of active infection. Let's take care of what Panda IDd, but did not remove.

Please download ATF Cleaner by Atribune.

• Double-click ATF-Cleaner.exe to run the program.
  Under Main choose: Select All
  Click the Empty Selected button.

If you use Firefox browser

• Click Firefox at the top and choose: Select All
  Click the Empty Selected button.
  NOTE: If you would like to keep your saved passwords, please click No at the prompt.

If you use Opera browser

• Click Opera at the top and choose: Select All
  Click the Empty Selected button.
  NOTE: If you would like to keep your saved passwords, please click No at the prompt.

Click Exit on the Main menu to close the program.
For Technical Support, double-click the e-mail address located at the bottom of each menu.

---------------------------------------------------------------------------------------------


Please download OTMoveIt2 by OldTimer.

• Save it to your desktop.
• Please double-click OTMoveIt2.exe to run it.
  
• Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
  
  
  Quote:

  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.104d[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.104e[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.110[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.111[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.1166[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.1167[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.132d[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.132e[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.155c[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.155d[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.1723[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.1724[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.1936[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.1937[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.1afd[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.1afe[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.1d2c[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.1d2d[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.1f4b[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.1f4c[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.2112[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.2113[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.2341[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.2342[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.2508[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.2509[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.2621[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.2622[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.27e8[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.27e9[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.2a17[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.2a18[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.2bde[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.2bdf[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.2d7[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.2d8[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.2df1[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.2df2[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.2fb8[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.2fb9[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.31e7[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.31e8[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.33ae[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.33af[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.506[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.507[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.6cd[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.6ce[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.7e6[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.7e7[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.a90[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.a91[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.c57[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.c58[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.e86[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.e87[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30000d0.002[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30000d1.002[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30000d5.003[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30000d6.003[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30000df.004[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30000e0.004[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30000f4.005[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30000f4.006[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30000f5.005[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30000f5.006[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x300011d.001[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x300011d.007[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x300011e.001[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x300011e.007[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x300029c.000[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x300029d.000[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30002a6.001[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30002a7.001[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30002bb.002[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30002bb.003[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30002bc.002[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30002bc.003[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30002e4.004[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30002e5.004[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30004d5.000[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30004d6.000[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30004ea.001[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30004ea.002[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30004eb.001[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30004eb.002[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3000513.003[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3000514.003[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x300069c.000[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x300069d.000[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30006b1.001[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30006b1.002[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30006b2.001[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30006b2.002[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30006da.003[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30006db.003[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30007f3.002[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30007f4.002[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30008c4.000[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30008c5.000[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3000a84.001[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3000a85.001[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3000a8b.000[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3000a8c.000[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3000c4b.001[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3000c4c.001[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3000cba.000[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3000cbb.000[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3000e7a.001[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3000e7b.001[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3000e81.000[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3000e82.000[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3001041.001[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3001042.001[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x300115a.002[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x300115b.002[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3001321.000[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3001322.000[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3001550.000[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3001551.000[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3001717.000[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3001718.000[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x300192a.000[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x300192b.000[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3001af1.000[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3001af2.000[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3001d20.000[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3001d21.000[XoftSpySE 4.31 + Crack.rar]
  C:\Documents and Settings\Owner\My Documents\BitDownload\XoftSpySE 4.31 + Crack.rar
  HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{42F2C9BA-614F-47c0-B3E3-ECFD34EED658}
  C:\Program Files\XP Antivirus
  C:\Program Files\XoftSpySE
  

• Return to OTMoveIt2, right click in the "Paste List Of Files/Patterns To Search For and Move" window (under the yellow bar) and choose Paste.
  
• Click the red Moveit! button.
• Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
• Close OTMoveIt2

If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

If the machine reboots, the Results log can be found here:

c:\_OTMoveIt\MovedFiles\mmddyyyy_hhmmss.log

Where mmddyyyy_hhmmss is the date of the tool run.

[351bloor]

< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.104d[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.104d[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.104e[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.104e[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.110[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.110[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.111[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.111[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.1166[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.1166[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.1167[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.1167[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.132d[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.132d[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.132e[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.132e[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.155c[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.155c[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.155d[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.155d[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.1723[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.1723[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.1724[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.1724[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.1936[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.1936[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.1937[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.1937[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.1afd[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.1afd[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.1afe[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.1afe[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.1d2c[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.1d2c[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.1d2d[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.1d2d[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.1f4b[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.1f4b[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.1f4c[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.1f4c[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.2112[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.2112[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.2113[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.2113[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.2341[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.2341[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.2342[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.2342[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.2508[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.2508[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.2509[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.2509[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.2621[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.2621[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.2622[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.2622[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.27e8[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.27e8[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.27e9[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.27e9[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.2a17[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.2a17[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.2a18[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.2a18[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.2bde[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.2bde[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.2bdf[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.2bdf[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.2d7[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.2d7[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.2d8[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.2d8[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.2df1[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.2df1[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.2df2[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.2df2[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.2fb8[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.2fb8[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.2fb9[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.2fb9[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.31e7[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.31e7[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.31e8[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.31e8[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.33ae[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.33ae[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.33af[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.33af[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.506[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.506[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.507[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.507[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.6cd[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.6cd[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.6ce[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.6ce[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.7e6[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.7e6[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.7e7[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.7e7[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.a90[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.a90[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.a91[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.a91[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.c57[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.c57[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.c58[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.c58[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.e86[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.e86[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.e87[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\jtktt-sympatico-ca.e87[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30000d0.002[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30000d0.002[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30000d1.002[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30000d1.002[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30000d5.003[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30000d5.003[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30000d6.003[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30000d6.003[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30000df.004[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30000df.004[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30000e0.004[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30000e0.004[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30000f4.005[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30000f4.005[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30000f4.006[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30000f4.006[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30000f5.005[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30000f5.005[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30000f5.006[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30000f5.006[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x300011d.001[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x300011d.001[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x300011d.007[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x300011d.007[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x300011e.001[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x300011e.001[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x300011e.007[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x300011e.007[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x300029c.000[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x300029c.000[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x300029d.000[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x300029d.000[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30002a6.001[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30002a6.001[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30002a7.001[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30002a7.001[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30002bb.002[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30002bb.002[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30002bb.003[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30002bb.003[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30002bc.002[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30002bc.002[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30002bc.003[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30002bc.003[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30002e4.004[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30002e4.004[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30002e5.004[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30002e5.004[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30004d5.000[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30004d5.000[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30004d6.000[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30004d6.000[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30004ea.001[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30004ea.001[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30004ea.002[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30004ea.002[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30004eb.001[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30004eb.001[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30004eb.002[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30004eb.002[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3000513.003[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3000513.003[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3000514.003[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3000514.003[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x300069c.000[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x300069c.000[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x300069d.000[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x300069d.000[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30006b1.001[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30006b1.001[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30006b1.002[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30006b1.002[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30006b2.001[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30006b2.001[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30006b2.002[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30006b2.002[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30006da.003[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30006da.003[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30006db.003[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30006db.003[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30007f3.002[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30007f3.002[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30007f4.002[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30007f4.002[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30008c4.000[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30008c4.000[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30008c5.000[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x30008c5.000[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3000a84.001[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3000a84.001[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3000a85.001[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3000a85.001[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3000a8b.000[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3000a8b.000[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3000a8c.000[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3000a8c.000[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3000c4b.001[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3000c4b.001[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3000c4c.001[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3000c4c.001[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3000cba.000[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3000cba.000[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3000cbb.000[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3000cbb.000[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3000e7a.001[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3000e7a.001[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3000e7b.001[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3000e7b.001[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3000e81.000[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3000e81.000[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3000e82.000[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3000e82.000[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3001041.001[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3001041.001[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3001042.001[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3001042.001[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x300115a.002[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x300115a.002[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x300115b.002[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x300115b.002[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3001321.000[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3001321.000[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3001322.000[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3001322.000[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3001550.000[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3001550.000[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3001551.000[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3001551.000[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3001717.000[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3001717.000[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3001718.000[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3001718.000[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x300192a.000[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x300192a.000[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x300192b.000[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x300192b.000[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3001af1.000[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3001af1.000[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3001af2.000[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3001af2.000[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3001d20.000[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3001d20.000[XoftSpySE 4.31 + Crack.rar] not found.
< C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3001d21.000[XoftSpySE 4.31 + Crack.rar] >
File/Folder C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\MSN\db30\Mail (jtktt@sympatico.ca)\stm0x3001d21.000[XoftSpySE 4.31 + Crack.rar] not found.
File/Folder C:\Documents and Settings\Owner\My Documents\BitDownload\XoftSpySE 4.31 + Crack.rar not found.
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{42F2C9BA-614F-47c0-B3E3-ECFD34EED658} >
Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{42F2C9BA-614F-47c0-B3E3-ECFD34EED658}\\ deleted successfully.
C:\Program Files\XP Antivirus moved successfully.
C:\Program Files\XoftSpySE\Scripts\VundoRemover.8 moved successfully.
C:\Program Files\XoftSpySE\Scripts\SpyAxer.10 moved successfully.
C:\Program Files\XoftSpySE\Scripts\HuntBarRemover.3 moved successfully.
C:\Program Files\XoftSpySE\Scripts\AltNetRemover.3 moved successfully.
C:\Program Files\XoftSpySE\Scripts moved successfully.
C:\Program Files\XoftSpySE\Quarantine moved successfully.
C:\Program Files\XoftSpySE\Logs moved successfully.
C:\Program Files\XoftSpySE moved successfully.

OTMoveIt2 by OldTimer - Version 1.0.4.2 log created on 06092008_190111

[tetonbob]

Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update.

• Download the latest version of Java Runtime Environment (JRE) 6 Update 6 and save it to your desktop.
• Scroll down to where it says "Java Runtime Environment (JRE) 6 Update 6. The Java SE Runtime Environment (JRE) allows end-users to run Java applications."
• Click the "Download" button to the right.
• Select the Windows platform from the dropdown menu.
• Read the License Agreement and then check the box that says: "Accept License Agreement". Click on Continue.The page will refresh.
• Click on the link to download Windows Offline Installation and save the file to your desktop.
• Close any programs you may have running - especially your web browser.
• Go to Start > Settings > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java.
• Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
• Click the Remove or Change/Remove button.
• Repeat as many times as necessary to remove each Java versions.
• Reboot your computer once all Java components are removed.
• Then from your desktop double-click on jre-6u6-windows-i586-p.exe to install the newest version.

• After the install is complete, go into the Control Panel (using Classic View) and double-click the Java Icon. (looks like a coffee cup)
  • On the General tab, under Temporary Internet Files, click the Settings button.
  • Next, click on the Delete Files button
  • There are two options in the window to clear the cache - Leave BOTH Checked
    • Applications and Applets
      Trace and Log Files
  • Click OK on Delete Temporary Files Window
    Note: This deletes ALL the Downloaded Applications and Applets from the CACHE.
  • Click OK to leave the Temporary Files Window
  • Click OK to leave the Java Control Panel.

---------------------------------------------------------------------------------------------

Please run this online scan to help look for remnants.

First, Go to Start>Control Panel>Add/Remove Programs and remove Kaspersky online scanner if present prior to downloading the most up-to-date one.

Next, establish an internet connection & perform an online scan using Internet Explorer at Kaspersky Online Scanner

Answer Yes, when prompted to install an ActiveX component.

• The program will then begin downloading the latest definition files.
• Once the files have been downloaded click on NEXT
• Locate the Scan Settings button & configure to:
  • Scan using the following Anti-Virus database:
    • Extended
  • Scan Options:
    • Scan Archives
    • Scan Mail Bases
• Click OK & have it scan My Computer
• Once the scan is complete, it will display if your system has been infected. It does not provide an option to clean/disinfect. We only require a report from it.
  
  
• Click the Save as Text button to save the file to your desktop so that you may post it in your next reply

**Note**

To optimize scanning time and produce a more sensible report for review:

• Close any open programs
• Turn off the real time scanner of any existing antivirus program while performing the online scan. You may disconnect from the internet once you begin the scan.

Note for Internet Explorer 7 users: If at any time you have trouble viewing the accept button of the license, click on the Zoom tool located at the bottom right of the IE window and set the zoom to 75 %. Once the license accepted, reset to 100%.

---------------------------------------------------------------------------------------------

Open HijackThis and click on 'Do a System Scan and save a Logfile'. Save the log file and post it here.

---------------------------------------------------------------------------------------------

[351bloor]

, June 11, 2008
Operating System: Microsoft Windows XP Home Edition Service Pack 2 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Wednesday, June 11, 2008 02:24:21
Records in database: 849818


Scan settings
Scan using the following database extended
Scan archives yes
Scan mail databases yes

Scan area My Computer
C:\
D:\
E:\

Scan statistics
Files scanned 70837
Threat name 3
Infected objects 3
Suspicious objects 0
Duration of the scan 03:19:15

File name Threat name Threats count
C:\Documents and Settings\All Users\Documents\My Music\02 Track 2 (rock).wm Infected: Trojan-Downloader.WMA.Wimad.l 1

C:\Documents and Settings\All Users\Documents\My Music\he lives in me disney.wm Infected: Trojan-Downloader.WMA.Wimad.m 1

C:\_OTMoveIt\MovedFiles\06092008_190111\Program Files\XP Antivirus\xpa.exe.tmp Infected: not-a-virus:FraudTool.Win32.XPAntivirus.hr 1

The selected area was scanned.
, June 11, 2008
Operating System: Microsoft Windows XP Home Edition Service Pack 2 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Wednesday, June 11, 2008 02:24:21
Records in database: 849818


Scan settings
Scan using the following database extended
Scan archives yes
Scan mail databases yes

Scan area My Computer
C:\
D:\
E:\

Scan statistics
Files scanned 70837
Threat name 3
Infected objects 3
Suspicious objects 0
Duration of the scan 03:19:15

File name Threat name Threats count
C:\Documents and Settings\All Users\Documents\My Music\02 Track 2 (rock).wm Infected: Trojan-Downloader.WMA.Wimad.l 1

C:\Documents and Settings\All Users\Documents\My Music\he lives in me disney.wm Infected: Trojan-Downloader.WMA.Wimad.m 1

C:\_OTMoveIt\MovedFiles\06092008_190111\Program Files\XP Antivirus\xpa.exe.tmp Infected: not-a-virus:FraudTool.Win32.XPAntivirus.hr 1

The selected area was scanned.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:48:24 AM, on 11/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Bell\Security Manager\Fws.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Personal Vault\VaultClientUpgrade.exe
C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Bell\Sympatico Security Advisor\SSA.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\BigFix\bigfix.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\Bell\Security Manager\rpsupdaterR.exe
C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
C:\Documents and Settings\Owner\Desktop\Owner.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Sympatico
R3 - URLSearchHook: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Pop-Up Blocker BHO - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\Bell\Security Manager\pkR.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VMSnap3] C:\WINDOWS\VMSnap3.EXE
O4 - HKLM\..\Run: [Domino] C:\WINDOWS\Domino.EXE
O4 - HKLM\..\Run: [SSA.exe] "C:\Program Files\Bell\Sympatico Security Advisor\SSA.exe" /AUTORUN
O4 - HKLM\..\Run: [Sympatico Security Manager] "C:\Program Files\Bell\Security Manager\Rps.exe"
O4 - HKLM\..\Run: [-FreedomNeedsReboot] "C:\Program Files\Bell\Security Manager\ZkRunOnceR.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\RunOnce: [IndexCleaner] "C:\Program Files\Bell\Security Manager\IdxClnR.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BitDownload] "C:\Program Files\BitDownload\BitDownload.exe" /minimized
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\RunOnce: [IndexCleaner] "C:\Program Files\Bell\Security Manager\IdxClnR.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\bigfix.exe
O4 - Global Startup: Install Pending Files.LNK = C:\Program Files\SIFXINST\SIFXINST.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.emachines.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/actives.../as2stubie.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1162151770718
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - http://cdn2.zone.msn.com/binFramewor...o.cab34246.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Automatic LiveUpdate Scheduler - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: DvpApi (dvpapi) - Authentium, Inc. - C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: CA Pest Patrol Realtime Protection Service (ITMRTSVC) - CA, Inc. - C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: Sympatico Security Manager (Radialpoint Security Services) - Radialpoint Inc. - C:\Program Files\Bell\Security Manager\RpsSecurityAware.exe
O23 - Service: Sympatico Security Manager Update Service (RPSUpdaterR) - Bell Sympatico - C:\Program Files\Bell\Security Manager\rpsupdaterR.exe
O23 - Service: Sympatico Security Manager Firewall (RP_FWS) - Bell Sympatico - C:\Program Files\Bell\Security Manager\Fws.exe
O23 - Service: Personal Vault Upgrade Service (VaultClientUpgrade) - BELL - C:\Program Files\Personal Vault\VaultClientUpgrade.exe

--
End of file - 8485 bytes

[tetonbob]

These music files appear to be infected. It is not uncommon of late for downloaded music files to have embedded trojans. Be certain of your sources.

Delete these files:

C:\Documents and Settings\All Users\Documents\My Music\02 Track 2 (rock).wm
C:\Documents and Settings\All Users\Documents\My Music\he lives in me disney.wm


DoubleClick on OTMoveit2.exe to run it. Click on the Cleanup button. Follow the prompts. If you get a warning from your firewall or other security programs regarding OTMoveIt attempting to contact the internet you should allow it to do so. The system may require a reboot to complete this step. Please allow it.

Your logs appear clean.You should be good to go. We still have a few items to address.

C:\System Volume Information\ is where System Restore's cache is stored. Whatever is in there can't harm you unless you choose to perform a manual restore. Nevertheless, we shall be resetting/clearing the cache in a little while.


Reset hidden/system files and folders

• Click Start.
• Open My Computer.
• Select the Tools menu and click Folder Options.
• Select the View tab.
• Deselect the Show hidden files and folders option.
• Select the Hide file extensions for known types option.
• Select the Hide protected operating system files option.
• Click Yes to confirm.
• Click OK.

Clear & Reset System Restore's Cache

• click Start >> Run - type SYSDM.CPL & press Enter
• select the System Restore Tab
• tick on the checkbox - "Turn off System Restore on all drives"
• click Apply
• then untick the same checkbox & click OK

Now that your system is clean, to help protect your computer in the future I recommend that you follow these steps and use the following free programs:

• Microsoft Windows Update - http://www.windowsupdate.com
  Visit regularly. This will ensure your computer always has the latest security updates. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.
  
• SpywareBlaster to help prevent spyware from installing in the first place.
  • Install & update SpywareBlaster with the latest definitions.
    After you have updated, click the button - enable protection for all unprotected items
• MVPS HOST FILE
  The MVPS Hosts file replaces your current HOSTS file with one that will restrict known ad sites form serving you unsolicited advertisements. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is the IP of your local computer.
  • Download Host.zip to your desktop.
  • From your Desktop right-click (hosts.zip) and select:
    Extract All from the menu.
    
  • Click Next, click Next, select the option:
    "Show Extracted files", click Finish
    
  • This will open the newly created hosts folder on your Desktop.
    
  • Double-click on the included mvps.bat file, this will rename the existing HOSTS file to HOSTS.MVP, then it will copy the included updated HOSTS file to the correct location on your machine.
    
  • Once updated you should see another prompt that the task was completed.
• Winpatrol
  
  Winpatrol is heuristic protection program, meaning it looks for patterns in codes that work like malware. It also takes a snapshot of your system's critical resources and alerts you to any changes that may occur without you knowing. You can read more about Winpatrol's features here.
  
  You can get a free copy of Winpatrol or use the Plus version for more features.
  
  You can read Winpatrol's FAQ if you run into problems.
  
• ANTIVIRUS SOFTWARE
  It is very important that you have anti-virus software running on your machine. This alone can save you a lot of trouble with malware in the future. It is imperative that you update your antivirus software at least once a week (even more if you wish). If you do not update your antivirus software then it will not be able to catch new malware that may have come out.
  
• FIREWALL
  Using a third-party firewall will allow you to give/deny access for applications that want to go online. Without a firewall your computer is susceptible to being hacked and taken over. Simply using a Firewall in its default configuration can lower your risk greatly. A tutorial on Firewalls and a listing of some available ones can be found here
  
  Do not install more than one firewall program because they will conflict with each other.

Here are some additional utilities that will further enhance your safety.

• http://www.trillian.cc ? Trillian or http://www.miranda-im.com ? Miranda-IM - These are Malware free Instant Messenger programs which allow you to connect to multiple IM services in one program! (AOL, Yahoo, ICQ, IRC, MSN)
  
  
• http://www.mozilla.org/products/firefox/ - Firefox - Use this alternate browser. While Internet Explorer is not a bad browser, almost every exploit crafted is targeted to take advantage of an IE weakness.
  
  
• http://java.com/en/index.jsp - Sun's Java - It's much more secure than Microsoft's Java Virtual Machine.
  
  
• http://www.aumha.org/downloads/erunt-setup.exe - ERUNT - A useful freeware utility for users of Windows 2000/XP. It's made up of two parts - ERUNT & NTREGOPT.
  
  ERUNT will create daily complete backups of your computer's Registry. Whilst System Restore does the same thing, a corrupt registry file may prevent Windows from booting & this effectively renders disables System Restore. With ERUNT, you're able to restore the damaged Registry.
  
  NTREGOPT works by recreating each registry hive "from scratch", thus removing any slack space that may be left from previously modified or deleted keys. In other words, it compacts the Registry to a small size which allows Windows to load & perform faster.

In light of your recent troubles, I'm sure you'll like to avoid any future infections. Please take a look at these well written articles

• HOW DID I GET INFECTED IN THE FIRST PLACE?
• MAKING INTERNET EXPLORER SAFER

Please respond to this thread one more time so we can mark this thread as resolved.

[351bloor]

Have you ever heard of this tentonbob

UipopupHidden

every time I restart I see this in a wait program closing window

Thanks
351bloor

[tetonbob]

All those RPS applications in your Add or Remove are from Radial Point/Freedom, I believe...now your ISP, Bell CA is using them also. Essentially, these are rebranded applications.

Nearly every instance of that error on google indicates it's this application, and has been ongoing for years.

You may want to unininstall/reinstall the application package, or uninstall it and go with a selection from the link in my signature. There are excellent free AntiVirus and Firewall applications available

It has been suggested that reinstalling the Sympatico Security Manager can solve this. I would contact your ISP, as it is their application.

http://forums.radialpoint.net/index....eaded&pid=1039

https://securityservices.sympatico.c...oad.do?lang=en

http://kb.bellcanada.freedom.net/ind...d=331&catId=13

Hope that helps.