Meki_j

Everything seems to be working fine now. Thank you very much for all your help

Hi, Coulding find c:\windows\ex23567.dat but did upload ex1234.dat Log as requested.... Malwarebytes' Anti-Malware 1.40 Database version: 2681 Windows 6.0.6001 Service Pack 1 23/08/2009 07:26:04 mbam-log-2009-08-23 (07-26-04).txt Scan type: Quick Scan Objects scanned: 90955 Time elapsed: 4 minute(s), 58 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected)

Thanks for all your help so far. Did as you asked for the ex1234.dat file, couldnt find the ectbbyn.dat file, think mbam must have deleted it. ========= Malwarebytes' Anti-Malware 1.40 Database version: 2672 Windows 6.0.6001 Service Pack 1 21/08/2009 23:10:12 mbam-log-2009-08-21 (23-10-12).txt Scan type: Quick Scan Objects scanned: 89913 Time elapsed: 3 minute(s), 59 second(s) Memory Processes Infected: 0 Memory Modules Infected: 1 Registry Keys Infected: 4 Registry Values Infected: 1 Registry Data Items Infected: 0 Folders Infected: 1 Files Infected: 4 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: c:\program files\ddnsfilter\ddnsfilter.dll (Worm.KoobFace) -> Delete on reboot. Registry Keys Infected: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ddnsfilter (Worm.KoobFace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\ddnsfilter (Worm.KoobFace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ddnsfilter (Worm.KoobFace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\DnsFilter (Trojan.DNSChanger) -> Quarantined and deleted successfully. Registry Values Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\ddnsfilter (Trojan.DNSChanger) -> Quarantined and deleted successfully. Registry Data Items Infected: (No malicious items detected) Folders Infected: C:\Program Files\DDnsFilter (Trojan.DNSChanger) -> Delete on reboot. Files Infected: c:\program files\ddnsfilter\ddnsfilter.dll (Worm.KoobFace) -> Delete on reboot. C:\Windows\System32\drivers\DnsFilter.sys (Worm.KoobFace) -> Quarantined and deleted successfully. C:\Windows\ectbbyn.dat (KoobFace.Trace) -> Quarantined and deleted successfully. C:\Windows\0535251103110107106.yux (KoobFace.Trace) -> Quarantined and deleted successfully. ============== Antivirus Version Last Update Result a-squared 4.5.0.24 2009.08.21 - AhnLab-V3 5.0.0.2 2009.08.21 - AntiVir 7.9.1.3 2009.08.21 - Antiy-AVL 2.0.3.7 2009.08.21 - Authentium 5.1.2.4 2009.08.21 - Avast 4.8.1335.0 2009.08.21 - AVG 8.5.0.406 2009.08.22 - BitDefender 7.2 2009.08.21 - CAT-QuickHeal 10.00 2009.08.21 - ClamAV 0.94.1 2009.08.21 - Comodo 2050 2009.08.22 - DrWeb 5.0.0.12182 2009.08.21 - eSafe 7.0.17.0 2009.08.20 - eTrust-Vet 31.6.6694 2009.08.21 - F-Prot 4.4.4.56 2009.08.21 - F-Secure 8.0.14470.0 2009.08.21 - Fortinet 3.120.0.0 2009.08.21 - GData 19 2009.08.21 - Ikarus T3.1.1.68.0 2009.08.21 - Jiangmin 11.0.800 2009.08.21 - K7AntiVirus 7.10.824 2009.08.21 - Kaspersky 7.0.0.125 2009.08.21 - McAfee 5716 2009.08.21 - McAfee+Artemis 5716 2009.08.21 - McAfee-GW-Edition 6.8.5 2009.08.21 - Microsoft 1.4903 2009.08.21 - NOD32 4357 2009.08.21 - Norman 6.01.09 2009.08.21 - nProtect 2009.1.8.0 2009.08.21 - Panda 10.0.0.14 2009.08.21 - PCTools 4.4.2.0 2009.08.21 - Prevx 3.0 2009.08.22 - Rising 21.43.44.00 2009.08.21 - Sophos 4.44.0 2009.08.21 - Sunbelt 3.2.1858.2 2009.08.21 - Symantec 1.4.4.12 2009.08.21 - TheHacker 6.3.4.3.384 2009.08.21 - TrendMicro 8.950.0.1094 2009.08.21 - VBA32 3.12.10.9 2009.08.20 - ViRobot 2009.8.21.1895 2009.08.21 - VirusBuster 4.6.5.0 2009.08.21 - Additional information File size: 4283 bytes MD5...: e6a4b81e989fd3c823a2e4037868d5cd SHA1..: 0c9b140a54a5418ac5e6d86fa055e87a6e031b55 SHA256: 4e8b9cfe3de4e6392db77700d6c5cf91651cad1434a93f443684e289aac748e3 ssdeep: 96:Ugzksh7HkStc270c4cYpII8rIsDGIRhdKfxBBSGPddwM6I:Ugzksh4Suw0HIS HIRh6bldd/ PEiD..: - TrID..: File type identification Unknown! PEInfo: - PDFiD.: - RDS...: NSRL Reference Data Set - ============== Scanning Report Saturday, August 22, 2009 09:23:20 - 11:56:25 Computer name: LOUBIE-PC Scanning type: Scan system for malware, spyware and rootkits Target: C:\ D:\ -------------------------------------------------------------------------------- 3 malware found TrackingCookie.2o7 (spyware) System (Disinfected) TrackingCookie.Atdmt (spyware) System (Disinfected) TrackingCookie.Doubleclick (spyware) System (Disinfected) -------------------------------------------------------------------------------- Statistics Scanned: Files: 502141 System: 3944 Not scanned: 140 Actions: Disinfected: 3 Renamed: 0 Deleted: 0 Not cleaned: 0 Submitted: 0 Files not scanned: C:\PAGEFILE.SYS C:\WINDOWS\SYSTEM32\CONFIG\SAM C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT C:\WINDOWS\SYSTEM32\CONFIG\SECURITY C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE C:\WINDOWS\SYSTEM32\CONFIG\COMPONENTS C:\WINDOWS\SYSTEM32\CONFIG\REGBACK\COMPONENTS C:\WINDOWS\SYSTEM32\CONFIG\REGBACK\SOFTWARE C:\WINDOWS\SYSTEM32\CONFIG\REGBACK\SAM C:\WINDOWS\SYSTEM32\CONFIG\REGBACK\DEFAULT C:\WINDOWS\SYSTEM32\CONFIG\REGBACK\SECURITY C:\WINDOWS\SYSTEM32\CONFIG\REGBACK\SYSTEM C:\WINDOWS\SYSTEM32\CATROOT2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\CATDB C:\WINDOWS\SYSTEM32\CATROOT2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\CATDB C:\USERS\LOUBIE\LOCAL SETTINGS\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\USERS\LOUBIE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\USERS\LOUBIE\LOCAL SETTINGS\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\USERS\LOUBIE\LOCAL SETTINGS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\USERS\LOUBIE\LOCAL SETTINGS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\USERS\LOUBIE\LOCAL SETTINGS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\USERS\LOUBIE\LOCAL SETTINGS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\USERS\LOUBIE\LOCAL SETTINGS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\USERS\LOUBIE\LOCAL SETTINGS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\USERS\LOUBIE\LOCAL SETTINGS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\USERS\LOUBIE\LOCAL SETTINGS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\USERS\LOUBIE\LOCAL SETTINGS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\USERS\LOUBIE\LOCAL SETTINGS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\USERS\LOUBIE\LOCAL SETTINGS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\USERS\LOUBIE\LOCAL SETTINGS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\USERS\LOUBIE\LOCAL SETTINGS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\USERS\LOUBIE\LOCAL SETTINGS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\USERS\LOUBIE\LOCAL SETTINGS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\USERS\LOUBIE\LOCAL SETTINGS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\USERS\LOUBIE\LOCAL SETTINGS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\USERS\LOUBIE\LOCAL SETTINGS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\USERS\LOUBIE\LOCAL SETTINGS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\USERS\LOUBIE\LOCAL SETTINGS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\USERS\LOUBIE\LOCAL SETTINGS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\USERS\LOUBIE\LOCAL SETTINGS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\USERS\LOUBIE\LOCAL SETTINGS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\USERS\LOUBIE\LOCAL SETTINGS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\USERS\LOUBIE\LOCAL SETTINGS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\USERS\LOUBIE\LOCAL SETTINGS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR C:\USERS\LOUBIE\LOCAL SETTINGS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DA C:\USERS\LOUBIE\LOCAL SETTINGS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DA C:\USERS\LOUBIE\APPDATA\LOCAL\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\USERS\LOUBIE\APPDATA\LOCAL\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\USERS\LOUBIE\APPDATA\LOCAL\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\USERS\LOUBIE\APPDATA\LOCAL\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\USERS\LOUBIE\APPDATA\LOCAL\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\USERS\LOUBIE\APPDATA\LOCAL\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\USERS\LOUBIE\APPDATA\LOCAL\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\USERS\LOUBIE\APPDATA\LOCAL\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\USERS\LOUBIE\APPDATA\LOCAL\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\USERS\LOUBIE\APPDATA\LOCAL\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\USERS\LOUBIE\APPDATA\LOCAL\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\USERS\LOUBIE\APPDATA\LOCAL\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\USERS\LOUBIE\APPDATA\LOCAL\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\USERS\LOUBIE\APPDATA\LOCAL\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\USERS\LOUBIE\APPDATA\LOCAL\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\USERS\LOUBIE\APPDATA\LOCAL\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\USERS\LOUBIE\APPDATA\LOCAL\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\USERS\LOUBIE\APPDATA\LOCAL\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\USERS\LOUBIE\APPDATA\LOCAL\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\USERS\LOUBIE\APPDATA\LOCAL\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\USERS\LOUBIE\APPDATA\LOCAL\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\USERS\LOUBIE\APPDATA\LOCAL\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\USERS\LOUBIE\APPDATA\LOCAL\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\USERS\LOUBIE\APPDATA\LOCAL\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\USERS\LOUBIE\APPDATA\LOCAL\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\USERS\LOUBIE\APPDATA\LOCAL\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\USERS\LOUBIE\APPDATA\LOCAL\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\USERS\LOUBIE\APPDATA\LOCAL\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR C:\USERS\LOUBIE\APPDATA\LOCAL\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DAT C:\USERS\LOUBIE\APPDATA\LOCAL\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DAT C:\USERS\LOUBIE\APPDATA\LOCAL\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DAT C:\SYSTEM VOLUME INFORMATION\MOUNTPOINTMANAGERREMOTEDATABASE C:\DOCUMENTS AND SETTINGS\LOUBIE\LOCAL SETTINGS\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\DOCUMENTS AND SETTINGS\LOUBIE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\DOCUMENTS AND SETTINGS\LOUBIE\LOCAL SETTINGS\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\DOCUMENTS AND SETTINGS\LOUBIE\LOCAL SETTINGS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\DOCUMENTS AND SETTINGS\LOUBIE\LOCAL SETTINGS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\DOCUMENTS AND SETTINGS\LOUBIE\LOCAL SETTINGS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\DOCUMENTS AND SETTINGS\LOUBIE\LOCAL SETTINGS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\DOCUMENTS AND SETTINGS\LOUBIE\LOCAL SETTINGS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\DOCUMENTS AND SETTINGS\LOUBIE\LOCAL SETTINGS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\DOCUMENTS AND SETTINGS\LOUBIE\LOCAL SETTINGS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\DOCUMENTS AND SETTINGS\LOUBIE\LOCAL SETTINGS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\DOCUMENTS AND SETTINGS\LOUBIE\LOCAL SETTINGS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\DOCUMENTS AND SETTINGS\LOUBIE\LOCAL SETTINGS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\DOCUMENTS AND SETTINGS\LOUBIE\LOCAL SETTINGS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\DOCUMENTS AND SETTINGS\LOUBIE\LOCAL SETTINGS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\DOCUMENTS AND SETTINGS\LOUBIE\LOCAL SETTINGS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\DOCUMENTS AND SETTINGS\LOUBIE\LOCAL SETTINGS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\DOCUMENTS AND SETTINGS\LOUBIE\LOCAL SETTINGS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\DOCUMENTS AND SETTINGS\LOUBIE\LOCAL SETTINGS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\DOCUMENTS AND SETTINGS\LOUBIE\LOCAL SETTINGS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\DOCUMENTS AND SETTINGS\LOUBIE\LOCAL SETTINGS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\DOCUMENTS AND SETTINGS\LOUBIE\LOCAL SETTINGS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\DOCUMENTS AND SETTINGS\LOUBIE\LOCAL SETTINGS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\DOCUMENTS AND SETTINGS\LOUBIE\LOCAL SETTINGS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\DOCUMENTS AND SETTINGS\LOUBIE\LOCAL SETTINGS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\DOCUMENTS AND SETTINGS\LOUBIE\LOCAL SETTINGS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\DOCUMENTS AND SETTINGS\LOUBIE\LOCAL SETTINGS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\DOCUMENTS AND SETTINGS\LOUBIE\LOCAL SETTINGS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR C:\DOCUMENTS AND SETTINGS\LOUBIE\LOCAL SETTINGS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DA C:\DOCUMENTS AND SETTINGS\LOUBIE\LOCAL SETTINGS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DA C:\DOCUMENTS AND SETTINGS\LOUBIE\APPDATA\LOCAL\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\DOCUMENTS AND SETTINGS\LOUBIE\APPDATA\LOCAL\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\DOCUMENTS AND SETTINGS\LOUBIE\APPDATA\LOCAL\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\DOCUMENTS AND SETTINGS\LOUBIE\APPDATA\LOCAL\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\DOCUMENTS AND SETTINGS\LOUBIE\APPDATA\LOCAL\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\DOCUMENTS AND SETTINGS\LOUBIE\APPDATA\LOCAL\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\DOCUMENTS AND SETTINGS\LOUBIE\APPDATA\LOCAL\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\DOCUMENTS AND SETTINGS\LOUBIE\APPDATA\LOCAL\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\DOCUMENTS AND SETTINGS\LOUBIE\APPDATA\LOCAL\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\DOCUMENTS AND SETTINGS\LOUBIE\APPDATA\LOCAL\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\DOCUMENTS AND SETTINGS\LOUBIE\APPDATA\LOCAL\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\DOCUMENTS AND SETTINGS\LOUBIE\APPDATA\LOCAL\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\DOCUMENTS AND SETTINGS\LOUBIE\APPDATA\LOCAL\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\DOCUMENTS AND SETTINGS\LOUBIE\APPDATA\LOCAL\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\DOCUMENTS AND SETTINGS\LOUBIE\APPDATA\LOCAL\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\DOCUMENTS AND SETTINGS\LOUBIE\APPDATA\LOCAL\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\DOCUMENTS AND SETTINGS\LOUBIE\APPDATA\LOCAL\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\DOCUMENTS AND SETTINGS\LOUBIE\APPDATA\LOCAL\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\DOCUMENTS AND SETTINGS\LOUBIE\APPDATA\LOCAL\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\DOCUMENTS AND SETTINGS\LOUBIE\APPDATA\LOCAL\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\DOCUMENTS AND SETTINGS\LOUBIE\APPDATA\LOCAL\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\DOCUMENTS AND SETTINGS\LOUBIE\APPDATA\LOCAL\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\DOCUMENTS AND SETTINGS\LOUBIE\APPDATA\LOCAL\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\DOCUMENTS AND SETTINGS\LOUBIE\APPDATA\LOCAL\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\DOCUMENTS AND SETTINGS\LOUBIE\APPDATA\LOCAL\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\DOCUMENTS AND SETTINGS\LOUBIE\APPDATA\LOCAL\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\DOCUMENTS AND SETTINGS\LOUBIE\APPDATA\LOCAL\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR HISTORY\COUNTERS C:\DOCUMENTS AND SETTINGS\LOUBIE\APPDATA\LOCAL\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\GOOGLE\TOOLBAR C:\DOCUMENTS AND SETTINGS\LOUBIE\APPDATA\LOCAL\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DAT C:\DOCUMENTS AND SETTINGS\LOUBIE\APPDATA\LOCAL\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DAT C:\DOCUMENTS AND SETTINGS\LOUBIE\APPDATA\LOCAL\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DAT C:\BOOT\BCD -------------------------------------------------------------------------------- Options Scanning engines: Scanning options: Scan defined files: COM EXE SYS OV? BIN SCR DLL SHS HTM HTML HTT VBS JS INF VXD DO? XL? RTF CPL WIZ HTA PP? PWZ P?T MSO PIF . ACM ASP AX CNV CSC DRV INI MDB MPD MPP MPT OBD OBT OCX PCI TLB TSP WBK WBT WPC WSH VWP WML BOO HLP TD0 TT6 MSG ASD JSE VBE WSC CHM EML PRC SHB LNK WSF {* PDF ZL? XML XXX ANI AVB BAT CMD JOB LSP MAP MHT MIF PHP POT SWF WMF NWS TAR Use advanced heuristics -------------------------------------------------------------------------------- Copyright

Hi, Have tried to update off-line, as whenever I try on the infected computer, I get the message, An Error has occured, Error code 732 (0,0) The most recent offline update I could get was database version 2667. Where can I download the most recent update? Cheers

Sorry forgot the hijack this log. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:49:42, on 21/08/2009 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v8.00 (8.00.6001.18813) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/webhp?sourceid=nav...GB&ie=UTF-8 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...o&pf=laptop R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file) O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe" O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0" O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [HPADVISOR] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Startup: Pregnancy Desktop.lnk = C:\Program Files\Pregnancy Desktop\Pregnancy Desktop.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Update Agent.lnk = ? O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 7739 bytes

Thanks for the reply, Logs as requested. ============= Malwarebytes' Anti-Malware 1.40 Database version: 2658 Windows 6.0.6001 Service Pack 1 21/08/2009 21:20:07 mbam-log-2009-08-21 (21-20-07).txt Scan type: Quick Scan Objects scanned: 88614 Time elapsed: 4 minute(s), 19 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) ============ ComboFix 09-08-20.07 - loubie 21/08/2009 21:28.1.2 - NTFSx86 Microsoft

Hello, Unfortunately my wife's laptop has been infected with the Freddy58/Koobface virus. We thought that we had removed the virus, but Internet Explorer and Firefox keep coming up with DNS errors, this happens when attempting to access anti virus sites. I am also unable to update the MBAM, I keep getting the following error code, 732 (0,0) Date: 8/3/2009 Database Version 2551 Fringerprints loaded 120579 I have download MBAM and HijackThis, below is what they have produced. Malwarebytes' Anti-Malware 1.40 Database version: 2551 Windows 6.0.6001 Service Pack 1 18/08/2009 22:01:13 mbam-log-2009-08-18 (22-01-13).txt Scan type: Quick Scan Objects scanned: 88258 Time elapsed: 4 minute(s), 30 second(s) Memory Processes Infected: 2 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 3 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 3 Memory Processes Infected: C:\Windows\freddy58.exe (Worm.KoobFace) -> Unloaded process successfully. C:\Windows\pp11.exe (Worm.KoobFace) -> Unloaded process successfully. Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\pp (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysfbtray (Worm.KoobFace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysldtray (Backdoor.Bot) -> Quarantined and deleted successfully. Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: c:\Windows\pp11.exe (Malware.Trace) -> Quarantined and deleted successfully. C:\Windows\freddy58.exe (Worm.KoobFace) -> Quarantined and deleted successfully. c:\Windows\ld14.exe (Backdoor.Bot) -> Quarantined and deleted successfully. ====== Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:59:37, on 19/08/2009 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v8.00 (8.00.6001.18813) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Hp\QuickPlay\QPService.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Hp\HP Software Update\hpwuschd2.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\3\3Connect\AutoUpdateSrv.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe C:\Program Files\Apoint2K\ApMsgFwd.exe C:\Program Files\Apoint2K\Apntex.exe C:\Windows\Explorer.EXE C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Windows\System32\mobsync.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...o&pf=laptop R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/webhp?sourceid=nav...GB&ie=UTF-8 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...o&pf=laptop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...o&pf=laptop R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file) O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe" O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0" O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [HPADVISOR] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Startup: Pregnancy Desktop.lnk = C:\Program Files\Pregnancy Desktop\Pregnancy Desktop.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Update Agent.lnk = ? O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 9731 bytes