Downloader, Spyshredder, Trojan. Dropper

Norton Security | Norton Internet Security
21

Hi

 

Yippie, None. Now download, install, update  and full scan SuperAntispyware Free to make sure http://www.superantispyware.com/download.html

 

Me a Hijackthis expert hahaha, nope. Over the Net I am a little bit more conservative as well as I'm not there to check signatures of files.  

 

 

22

Quads, You're Good!  It is about noon my time.  I will complete the rest of your instructions in a couple of hours.  I will send you the results of the Super AntySpyware scan.  Thanks again!

 

Rick

23

Hi

 

No Problem, Soory for not getting back earlier, been away from my PC fixing and upgrading hardware and software of another PC.

 

Quads 

24

Quads, here is 1/2 of the results of the SUPERAntiSpyware scan:

 

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 12/02/2008 at 01:28 PM

Application Version : 4.22.1014

Core Rules Database Version : 3660
Trace Rules Database Version: 1640

Scan type       : Complete Scan
Total Scan Time : 00:50:19

Memory items scanned      : 646
Memory threats detected   : 1
Registry items scanned    : 8134
Registry threats detected : 2
File items scanned        : 30399
File threats detected     : 252

Trojan.Dropper/Gen-Loader
 C:\WINDOWS\SYSTEM32\LOADER.EXE
 C:\WINDOWS\SYSTEM32\LOADER.EXE
 [loader.exe] C:\WINDOWS\SYSTEM32\LOADER.EXE
 C:\WINDOWS\Prefetch\LOADER.EXE-2784E3A5.pf

Adware.Tracking Cookie
 C:\Documents and Settings\Rick\Cookies\rick@advertising[1].txt
 C:\Documents and Settings\Rick\Cookies\rick@scanner.rapidantivirus[2].txt
 C:\Documents and Settings\Rick\Cookies\rick@57386690[2].txt
 C:\Documents and Settings\Rick\Cookies\rick@counter.hitslink[1].txt
 C:\Documents and Settings\Rick\Cookies\rick@61084510[1].txt
 C:\Documents and Settings\Rick\Cookies\rick@casalemedia[2].txt
 C:\Documents and Settings\Rick\Cookies\rick@tacoda[1].txt
 C:\Documents and Settings\Rick\Cookies\rick@trvlnet.adbureau[2].txt
 C:\Documents and Settings\Rick\Cookies\rick@adinterax[2].txt
 C:\Documents and Settings\Rick\Cookies\rick@roiservice[1].txt
 C:\Documents and Settings\Rick\Cookies\rick@ads.bridgetrack[1].txt
 C:\Documents and Settings\Rick\Cookies\rick@hitbox[2].txt
 C:\Documents and Settings\Rick\Cookies\rick@questionpro[1].txt
 C:\Documents and Settings\Rick\Cookies\rick@ad.yieldmanager[2].txt
 C:\Documents and Settings\Rick\Cookies\rick@protrafficsystem[2].txt
 C:\Documents and Settings\Rick\Cookies\rick@specificmedia[2].txt
 C:\Documents and Settings\Rick\Cookies\rick@doubleclick[1].txt
 C:\Documents and Settings\Rick\Cookies\rick@atdmt[2].txt
 C:\Documents and Settings\Rick\Cookies\rick@perf.overture[1].txt
 C:\Documents and Settings\Rick\Cookies\rick@47324702[2].txt
 C:\Documents and Settings\Rick\Cookies\rick@ads.adbrite[1].txt
 C:\Documents and Settings\Rick\Cookies\rick@revenue[2].txt
 C:\Documents and Settings\Rick\Cookies\rick@linksynergy[2].txt
 C:\Documents and Settings\Rick\Cookies\rick@adserver.adtechus[1].txt
 C:\Documents and Settings\Rick\Cookies\rick@trafficmp[1].txt
 C:\Documents and Settings\Rick\Cookies\rick@media.ntsserve[2].txt
 C:\Documents and Settings\Rick\Cookies\rick@cgi-bin[2].txt
 C:\Documents and Settings\Rick\Cookies\rick@1069112074[1].txt
 C:\Documents and Settings\Rick\Cookies\rick@ads.nba[1].txt
 C:\Documents and Settings\Rick\Cookies\rick@richmedia.yahoo[2].txt
 C:\Documents and Settings\Rick\Cookies\rick@collective-media[2].txt
 C:\Documents and Settings\Rick\Cookies\rick@mediaplex[2].txt
 C:\Documents and Settings\Rick\Cookies\rick@2o7[1].txt
 C:\Documents and Settings\Rick\Cookies\rick@specificclick[1].txt
 C:\Documents and Settings\Rick\Cookies\rick@insightexpressai[1].txt
 C:\Documents and Settings\Rick\Cookies\rick@atwola[2].txt
 C:\Documents and Settings\Rick\Cookies\rick@homestore.122.2o7[1].txt
 C:\Documents and Settings\Rick\Cookies\rick@www.burstbeacon[1].txt
 C:\Documents and Settings\Rick\Cookies\rick@www.gmbtrack[1].txt
 C:\Documents and Settings\Rick\Cookies\rick@bluestreak[1].txt
 C:\Documents and Settings\Rick\Cookies\rick@statse.webtrendslive[1].txt
 C:\Documents and Settings\Rick\Cookies\rick@pandasoftware.112.2o7[1].txt
 C:\Documents and Settings\Rick\Cookies\rick@adbrite[2].txt
 C:\Documents and Settings\Rick\Cookies\rick@questionmarket[2].txt
 C:\Documents and Settings\Rick\Cookies\rick@bs.serving-sys[2].txt
 C:\Documents and Settings\Rick\Cookies\rick@adopt.euroclick[1].txt
 C:\Documents and Settings\Rick\Cookies\rick@revsci[1].txt
 C:\Documents and Settings\Rick\Cookies\rick@phg.hitbox[1].txt
 C:\Documents and Settings\Rick\Cookies\rick@apmebf[1].txt
 C:\Documents and Settings\Rick\Cookies\rick@sales.liveperson[2].txt
 C:\Documents and Settings\Rick\Cookies\rick@adrevolver[2].txt
 C:\Documents and Settings\Rick\Cookies\rick@fastclick[1].txt
 C:\Documents and Settings\Rick\Cookies\rick@server.iad.liveperson[1].txt
 C:\Documents and Settings\Rick\Cookies\rick@tracking.keywordmax[1].txt
 C:\Documents and Settings\Rick\Cookies\rick@1072657340[2].txt
 C:\Documents and Settings\Rick\Cookies\rick@nextag[2].txt
 C:\Documents and Settings\Rick\Cookies\rick@kontera[2].txt
 C:\Documents and Settings\Rick\Cookies\rick@adlegend[2].txt
 C:\Documents and Settings\Rick\Cookies\rick@serving-sys[2].txt
 C:\Documents and Settings\Rick\Cookies\rick@samsclub.112.2o7[1].txt
 C:\Documents and Settings\Rick\Cookies\rick@interclick[2].txt
 C:\Documents and Settings\Rick\Cookies\rick@boostmobile.112.2o7[1].txt
 C:\Documents and Settings\Rick\Cookies\rick@1041220973[1].txt
 C:\Documents and Settings\Rick\Cookies\rick@media.adrevolver[1].txt
 C:\Documents and Settings\Rick\Cookies\rick@16298176[2].txt
 C:\Documents and Settings\Rick\Cookies\rick@ad[1].txt
 C:\Documents and Settings\Rick\Cookies\rick@ads.pointroll[1].txt
 C:\Documents and Settings\Rick\Cookies\rick@adopt.specificclick[1].txt
 C:\Documents and Settings\Rick\Cookies\rick@dynamic.media.adrevolver[1].txt
 C:\Documents and Settings\Rick\Cookies\rick@realmedia[1].txt
 C:\Documents and Settings\Rick\Cookies\rick@tribalfusion[1].txt
 C:\Documents and Settings\Rick\Cookies\rick@microsoftwindows.112.2o7[1].txt
 C:\Documents and Settings\Rick\Cookies\rick@247realmedia[2].txt
 C:\Documents and Settings\Rick\Cookies\rick@etoys.112.2o7[1].txt
 C:\Documents and Settings\Rick\Cookies\rick@at.atwola[2].txt
 C:\Documents and Settings\Rick\Cookies\rick@akira[2].txt
 C:\Documents and Settings\Guest\Cookies\guest@tribalfusion[1].txt
 C:\Documents and Settings\Guest\Cookies\guest@anad.tacoda[1].txt
 C:\Documents and Settings\Guest\Cookies\guest@serving-sys[2].txt
 C:\Documents and Settings\Guest\Cookies\guest@ehg-cskautocorporation.hitbox[1].txt
 C:\Documents and Settings\Guest\Cookies\guest@questionmarket[1].txt
 C:\Documents and Settings\Guest\Cookies\guest@media6degrees[2].txt
 C:\Documents and Settings\Guest\Cookies\guest@accounts[2].txt
 C:\Documents and Settings\Guest\Cookies\guest@ad.yieldmanager[1].txt
 C:\Documents and Settings\Guest\Cookies\guest@tripod[1].txt
 C:\Documents and Settings\Guest\Cookies\guest@ads.addynamix[2].txt
 C:\Documents and Settings\Guest\Cookies\guest@adserving.cpxinteractive[2].txt
 C:\Documents and Settings\Guest\Cookies\guest@tacoda[1].txt
 C:\Documents and Settings\Guest\Cookies\guest@adbrite[2].txt
 C:\Documents and Settings\Guest\Cookies\guest@ads.realtechnetwork[2].txt
 C:\Documents and Settings\Guest\Cookies\guest@msnaccountservices.112.2o7[1].txt
 C:\Documents and Settings\Guest\Cookies\guest@bluestreak[1].txt
 C:\Documents and Settings\Guest\Cookies\guest@stat.onestat[1].txt
 C:\Documents and Settings\Guest\Cookies\guest@ads4.blastro[1].txt
 C:\Documents and Settings\Guest\Cookies\guest@ad.xplusone[2].txt
 C:\Documents and Settings\Guest\Cookies\guest@doubleclick[2].txt
 C:\Documents and Settings\Guest\Cookies\guest@adinterax[2].txt
 C:\Documents and Settings\Guest\Cookies\guest@nextag[2].txt
 C:\Documents and Settings\Guest\Cookies\guest@revsci[2].txt
 C:\Documents and Settings\Guest\Cookies\guest@interclick[1].txt

25

Quads, here is the other 1/2.  I had to break it into halves because it would not let me post.  I received a message that a post could no obtain more than 20,000 characters.

 

 C:\Documents and Settings\Guest\Cookies\guest@qnsr[1].txt
 C:\Documents and Settings\Guest\Cookies\guest@fortunecity[1].txt
 C:\Documents and Settings\Guest\Cookies\guest@adlegend[2].txt
 C:\Documents and Settings\Guest\Cookies\guest@traffic.buyservices[1].txt
 C:\Documents and Settings\Guest\Cookies\guest@ads.pointroll[2].txt
 C:\Documents and Settings\Guest\Cookies\guest@atdmt[2].txt
 C:\Documents and Settings\Guest\Cookies\guest@www.burstbeacon[2].txt
 C:\Documents and Settings\Guest\Cookies\guest@tracker.e-sport[1].txt
 C:\Documents and Settings\Guest\Cookies\guest@freecodesource.advertserve[2].txt
 C:\Documents and Settings\Guest\Cookies\guest@apmebf[2].txt
 C:\Documents and Settings\Guest\Cookies\guest@statcounter[1].txt
 C:\Documents and Settings\Guest\Cookies\guest@i.screensavers[2].txt
 C:\Documents and Settings\Guest\Cookies\guest@atwola[1].txt
 C:\Documents and Settings\Guest\Cookies\guest@burstnet[1].txt
 C:\Documents and Settings\Guest\Cookies\guest@dynamic.media.adrevolver[2].txt
 C:\Documents and Settings\Guest\Cookies\guest@ehg-equifax.hitbox[2].txt
 C:\Documents and Settings\Guest\Cookies\guest@adrevolver[1].txt
 C:\Documents and Settings\Guest\Cookies\guest@citi.bridgetrack[1].txt
 C:\Documents and Settings\Guest\Cookies\guest@adserver[1].txt
 C:\Documents and Settings\Guest\Cookies\guest@ads.adbrite[2].txt
 C:\Documents and Settings\Guest\Cookies\guest@reduxads.valuead[2].txt
 C:\Documents and Settings\Guest\Cookies\guest@try.screensavers[1].txt
 C:\Documents and Settings\Guest\Cookies\guest@adserver.adtechus[1].txt
 C:\Documents and Settings\Guest\Cookies\guest@specificclick[1].txt
 C:\Documents and Settings\Guest\Cookies\guest@adrevolver[3].txt
 C:\Documents and Settings\Guest\Cookies\guest@coolsavings[1].txt
 C:\Documents and Settings\Guest\Cookies\guest@www.burstnet[2].txt
 C:\Documents and Settings\Guest\Cookies\guest@4.adbrite[1].txt
 C:\Documents and Settings\Guest\Cookies\guest@partner2profit[1].txt
 C:\Documents and Settings\Guest\Cookies\guest@equifax.adbureau[1].txt
 C:\Documents and Settings\Guest\Cookies\guest@login.tracking101[1].txt
 C:\Documents and Settings\Guest\Cookies\guest@a.websponsors[1].txt
 C:\Documents and Settings\Guest\Cookies\guest@specificmedia[2].txt
 C:\Documents and Settings\Guest\Cookies\guest@adopt.specificclick[2].txt
 C:\Documents and Settings\Guest\Cookies\guest@kontera[2].txt
 C:\Documents and Settings\Guest\Cookies\guest@trafficmp[1].txt
 C:\Documents and Settings\Guest\Cookies\guest@zedo[2].txt
 C:\Documents and Settings\Guest\Cookies\guest@hitbox[2].txt
 C:\Documents and Settings\Guest\Cookies\guest@richmedia.yahoo[1].txt
 C:\Documents and Settings\Guest\Cookies\guest@msnportal.112.2o7[1].txt
 C:\Documents and Settings\Guest\Cookies\guest@adopt.euroclick[1].txt
 C:\Documents and Settings\Guest\Cookies\guest@advertising[1].txt
 C:\Documents and Settings\Guest\Cookies\guest@247realmedia[2].txt
 C:\Documents and Settings\Guest\Cookies\guest@screensavers[2].txt
 C:\Documents and Settings\Guest\Cookies\guest@bs.serving-sys[1].txt
 C:\Documents and Settings\Guest\Cookies\guest@insightexpressai[2].txt
 C:\Documents and Settings\Guest\Cookies\guest@perf.overture[1].txt
 C:\Documents and Settings\Guest\Cookies\guest@buycom.122.2o7[1].txt
 C:\Documents and Settings\Guest\Cookies\guest@tradedoubler[1].txt
 C:\Documents and Settings\Guest\Cookies\guest@edge.ru4[2].txt
 C:\Documents and Settings\Guest\Cookies\guest@overture[1].txt
 C:\Documents and Settings\Guest\Cookies\guest@d3.zedo[1].txt
 C:\Documents and Settings\Guest\Cookies\guest@server.iad.liveperson[2].txt
 C:\Documents and Settings\Guest\Cookies\guest@realmedia[2].txt
 C:\Documents and Settings\Guest\Cookies\guest@fastclick[2].txt
 C:\Documents and Settings\Guest\Cookies\guest@casalemedia[2].txt
 C:\Documents and Settings\Guest\Cookies\guest@2o7[2].txt
 C:\Documents and Settings\Guest\Cookies\guest@112.2o7[1].txt
 C:\Documents and Settings\Guest\Cookies\guest@adserver.letsbeef[2].txt
 C:\Documents and Settings\Guest\Cookies\guest@media.adrevolver[1].txt
 C:\Documents and Settings\Guest\Cookies\guest@mediaplex[1].txt
 C:\Documents and Settings\Guest\Cookies\guest@tremor.adbureau[2].txt
 C:\Documents and Settings\Rick\Cookies\rick@accounts[2].txt
 C:\Documents and Settings\Rick\Cookies\rick@accounts[3].txt
 C:\Documents and Settings\Rick\Local Settings\Temp\Cookies\rick@adserver[1].txt
 C:\Documents and Settings\Rick\Local Settings\Temp\Cookies\rick@ads.bridgetrack[2].txt
 C:\Documents and Settings\Rick\Local Settings\Temp\Cookies\rick@serving-sys[2].txt
 C:\Documents and Settings\Rick\Local Settings\Temp\Cookies\rick@ad.yieldmanager[2].txt
 C:\Documents and Settings\Rick\Local Settings\Temp\Cookies\rick@adopt.specificclick[1].txt
 C:\Documents and Settings\Rick\Local Settings\Temp\Cookies\rick@apmebf[1].txt
 C:\Documents and Settings\Rick\Local Settings\Temp\Cookies\rick@ads.pointroll[1].txt
 C:\Documents and Settings\Rick\Local Settings\Temp\Cookies\rick@atdmt[2].txt
 C:\Documents and Settings\Rick\Local Settings\Temp\Cookies\rick@adopt.euroclick[2].txt
 C:\Documents and Settings\Rick\Local Settings\Temp\Cookies\rick@realmedia[1].txt
 C:\Documents and Settings\Rick\Local Settings\Temp\Cookies\rick@mediaservices.myspace[1].txt
 C:\Documents and Settings\Rick\Local Settings\Temp\Cookies\rick@112.2o7[2].txt
 C:\Documents and Settings\Rick\Local Settings\Temp\Cookies\rick@adinterax[2].txt
 C:\Documents and Settings\Rick\Local Settings\Temp\Cookies\rick@adrevolver[1].txt
 C:\Documents and Settings\Rick\Local Settings\Temp\Cookies\rick@advertising[2].txt
 C:\Documents and Settings\Rick\Local Settings\Temp\Cookies\rick@doubleclick[2].txt
 C:\Documents and Settings\Rick\Local Settings\Temp\Cookies\rick@bs.serving-sys[1].txt
 C:\Documents and Settings\Rick\Local Settings\Temp\Cookies\rick@casalemedia[2].txt
 C:\Documents and Settings\Rick\Local Settings\Temp\Cookies\rick@dynamic.media.adrevolver[1].txt
 C:\Documents and Settings\Rick\Local Settings\Temp\Cookies\rick@fastclick[2].txt
 C:\Documents and Settings\Rick\Local Settings\Temp\Cookies\rick@insightexpressai[1].txt
 C:\Documents and Settings\Rick\Local Settings\Temp\Cookies\rick@interclick[2].txt
 C:\Documents and Settings\Rick\Local Settings\Temp\Cookies\rick@media.adrevolver[1].txt
 C:\Documents and Settings\Rick\Local Settings\Temp\Cookies\rick@media6degrees[2].txt
 C:\Documents and Settings\Rick\Local Settings\Temp\Cookies\rick@mediaplex[2].txt
 C:\Documents and Settings\Rick\Local Settings\Temp\Cookies\rick@qnsr[1].txt
 C:\Documents and Settings\Rick\Local Settings\Temp\Cookies\rick@questionmarket[1].txt
 C:\Documents and Settings\Rick\Local Settings\Temp\Cookies\rick@revsci[2].txt
 C:\Documents and Settings\Rick\Local Settings\Temp\Cookies\rick@specificclick[1].txt
 C:\Documents and Settings\Rick\Local Settings\Temp\Cookies\rick@tacoda[2].txt
 C:\Documents and Settings\Rick\Local Settings\Temp\Cookies\rick@trafficmp[2].txt
 C:\Documents and Settings\Rick\Local Settings\Temp\Cookies\rick@tribalfusion[1].txt
 C:\Documents and Settings\Rick\Local Settings\Temp\Cookies\rick@www.xxxblackbook[1].txt
 C:\Documents and Settings\Rick\Local Settings\Temp\Cookies\rick@xxxblackbook[2].txt

Adware.Zango Toolbar/Hb
 C:\Documents and Settings\Rick\Application Data\ZangoToolbar\v3.0\ZangoOI\dynamic
 C:\Documents and Settings\Rick\Application Data\ZangoToolbar\v3.0\ZangoOI
 C:\Documents and Settings\Rick\Application Data\ZangoToolbar\v3.0\ZangoOL\dynamic
 C:\Documents and Settings\Rick\Application Data\ZangoToolbar\v3.0\ZangoOL
 C:\Documents and Settings\Rick\Application Data\ZangoToolbar\v3.0\ZangoToolbar\dynamic\890068.sdf
 C:\Documents and Settings\Rick\Application Data\ZangoToolbar\v3.0\ZangoToolbar\dynamic\ASPL1.dat
 C:\Documents and Settings\Rick\Application Data\ZangoToolbar\v3.0\ZangoToolbar\dynamic\hstat\3473.dat
 C:\Documents and Settings\Rick\Application Data\ZangoToolbar\v3.0\ZangoToolbar\dynamic\hstat
 C:\Documents and Settings\Rick\Application Data\ZangoToolbar\v3.0\ZangoToolbar\dynamic\TooltipXML
 C:\Documents and Settings\Rick\Application Data\ZangoToolbar\v3.0\ZangoToolbar\dynamic\ustat
 C:\Documents and Settings\Rick\Application Data\ZangoToolbar\v3.0\ZangoToolbar\dynamic
 C:\Documents and Settings\Rick\Application Data\ZangoToolbar\v3.0\ZangoToolbar
 C:\Documents and Settings\Rick\Application Data\ZangoToolbar\v3.0
 C:\Documents and Settings\Rick\Application Data\ZangoToolbar\zbar.log
 C:\Documents and Settings\Rick\Application Data\ZangoToolbar

Trojan.Fake-Alert/Trace
 HKU\S-1-5-21-2134937163-3549374570-1409559976-501\Software\Microsoft\Windows\CurrentVersion\Run#loader.exe [ C:\WINDOWS\system32\loader.exe ]

Malware.Installer-Pkg/Gen
 C:\PROGRAM FILES\WILDTANGENT\APPS\DELL GAME CONSOLE\DOWNLOADS\INSTALLERS\{6B6A7665-DB48-4762-AB5D-BEEB9E1CD7FA}.EXE
 C:\PROGRAM FILES\WILDTANGENT\APPS\DELL GAME CONSOLE\DOWNLOADS\INSTALLERS\{26D2C2C3-CF14-4ED7-B1FC-0BE64AFBA3B3}.EXE
 C:\PROGRAM FILES\WILDTANGENT\APPS\DELL GAME CONSOLE\DOWNLOADS\INSTALLERS\{3C48F877-A164-45E9-B9DA-26A049FFC207}.EXE
 C:\PROGRAM FILES\WILDTANGENT\APPS\DELL GAME CONSOLE\DOWNLOADS\INSTALLERS\{6293BC00-4EB8-4C65-8548-53E2FC3BF937}.EXE
 C:\PROGRAM FILES\WILDTANGENT\APPS\DELL GAME CONSOLE\DOWNLOADS\INSTALLERS\{651956B7-1969-42AA-9453-E0B813019D54}.EXE
 C:\PROGRAM FILES\WILDTANGENT\APPS\DELL GAME CONSOLE\DOWNLOADS\INSTALLERS\{989E4C3B-B2C9-4486-9A09-D5A8F953837C}.EXE
 C:\PROGRAM FILES\WILDTANGENT\APPS\DELL GAME CONSOLE\DOWNLOADS\INSTALLERS\{C0A0AA4D-C79B-48CA-8843-2B02B626C9E6}.EXE
 C:\PROGRAM FILES\WILDTANGENT\APPS\DELL GAME CONSOLE\DOWNLOADS\INSTALLERS\{C2D8F0E2-6978-4409-8351-BA8785DA11EE}.EXE
 C:\PROGRAM FILES\WILDTANGENT\APPS\DELL GAME CONSOLE\DOWNLOADS\INSTALLERS\{D1A6F3FD-7B40-443F-8767-BADB25A0D222}.EXE
 C:\PROGRAM FILES\WILDTANGENT\APPS\DELL GAME CONSOLE\DOWNLOADS\INSTALLERS\{E0814F95-5380-4892-B8C8-7FA4B349EF46}.EXE

Trojan.Zlob/Media-Codec
 C:\SYSTEM VOLUME INFORMATION\_RESTORE{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP1042\A0108334.DLL
 C:\SYSTEM VOLUME INFORMATION\_RESTORE{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP1042\A0108335.DLL
 C:\SYSTEM VOLUME INFORMATION\_RESTORE{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP1046\A0110375.DLL
 C:\SYSTEM VOLUME INFORMATION\_RESTORE{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP1046\A0110376.DLL
 C:\SYSTEM VOLUME INFORMATION\_RESTORE{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP1046\A0110424.DLL
 C:\SYSTEM VOLUME INFORMATION\_RESTORE{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP1046\A0110425.DLL
 C:\SYSTEM VOLUME INFORMATION\_RESTORE{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP1048\A0110563.DLL
 C:\SYSTEM VOLUME INFORMATION\_RESTORE{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP1048\A0110564.DLL
 C:\SYSTEM VOLUME INFORMATION\_RESTORE{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP1050\A0111564.DLL
 C:\SYSTEM VOLUME INFORMATION\_RESTORE{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP1050\A0111565.DLL
 C:\SYSTEM VOLUME INFORMATION\_RESTORE{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP1050\A0111596.DLL
 C:\SYSTEM VOLUME INFORMATION\_RESTORE{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP1050\A0111597.DLL
 C:\SYSTEM VOLUME INFORMATION\_RESTORE{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP1050\A0111659.DLL
 C:\SYSTEM VOLUME INFORMATION\_RESTORE{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP1050\A0111660.DLL
 C:\SYSTEM VOLUME INFORMATION\_RESTORE{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP1050\A0111716.DLL
 C:\SYSTEM VOLUME INFORMATION\_RESTORE{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP1050\A0111717.DLL
 C:\SYSTEM VOLUME INFORMATION\_RESTORE{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP1051\A0111849.DLL
 C:\SYSTEM VOLUME INFORMATION\_RESTORE{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP1051\A0111850.DLL
 C:\SYSTEM VOLUME INFORMATION\_RESTORE{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP1051\A0111865.DLL
 C:\SYSTEM VOLUME INFORMATION\_RESTORE{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP1051\A0111866.DLL
 C:\SYSTEM VOLUME INFORMATION\_RESTORE{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP1054\A0111979.DLL
 C:\SYSTEM VOLUME INFORMATION\_RESTORE{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP1054\A0111980.DLL
 C:\SYSTEM VOLUME INFORMATION\_RESTORE{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP1055\A0112085.DLL
 C:\SYSTEM VOLUME INFORMATION\_RESTORE{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP1055\A0112086.DLL
 C:\SYSTEM VOLUME INFORMATION\_RESTORE{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP1055\A0112137.DLL
 C:\SYSTEM VOLUME INFORMATION\_RESTORE{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP1055\A0112138.DLL

Rogue.AntiVir64
 C:\SYSTEM VOLUME INFORMATION\_RESTORE{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP1055\A0112020.EX

26

Hi

 

These

 

" C:\WINDOWS\SYSTEM32\LOADER.EXE

 C:\WINDOWS\SYSTEM32\LOADER.EXE

 [loader.exe] C:\WINDOWS\SYSTEM32\LOADER.EXE"

 

are the ones I stated about with the Hijackthis.log.

 

Cookies are cookies no probs.

 

The ":\SYSTEM VOLUME INFORMATION\_RESTORE.............." is the System Restore points, for these turn off the system restore and it romoves these.

 

Did SuperAntiSpyware remove them all??   

 

Quads 

 

 

27

It probably did.

Well done Quads. I've been reading along the side and you really did well. 

28

Hi Quads, 

 

Yes, SupeAntiSpyware removed them all!

29

Hey Quads, it appears that my computer is all normal again, thanks to you.  I’m deeply grateful for your help.  Can I offer you something in return for your help?

30
RickRojas wrote:
Hey Quads, it appears that my computer is all normal again, thanks to you.  I'm deeply grateful for your help.  Can I offer you something in return for your help?

 

 

 

Hi

 

Don't worry about that.

 

Quads 

31
RickRojas wrote:
Hey Quads, it appears that my computer is all normal again, thanks to you.  I'm deeply grateful for your help.  Can I offer you something in return for your help?

You can click on the KUDOS button next to any post by Quads that you consider relevant to the problem. Our salary is based on the number of KUDOS we have earned.  :smileyvery-happy: