from 10 dayz im avin adwarez n spywarez in my pc i had spware doctor but it didn work den i formatted it twice but after oning da net deyre back again den atlast yesteday i got spysweeper n i sweeped da sytem n all da spwarez were deleted but 2day wen i oned da pc again deyre back i just dunno wat 2 do .....im avin ADWARE LOOK2ME
Try spybots S&D and run it in safe mode. And for god sake how hard is it to talk normally. Please speak normally. So much easier to help you that way.
srry but which software should i download ,can u give me da link and herez my last scan log ******** 6:52 PM: | Start of Session, Tuesday, July 25, 2006 | 6:52 PM: Spy Sweeper started 6:52 PM: Sweep initiated using definitions version 725 6:52 PM: Starting Memory Sweep 6:56 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 6:56 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 6:56 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 6:56 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 7:01 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 7:01 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 7:01 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 7:01 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 7:06 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 7:06 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 7:06 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 7:06 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 7:10 PM: Memory Sweep Complete, Elapsed Time: 00:17:19 7:10 PM: Starting Registry Sweep 7:11 PM: Found Adware: findthewebsiteyouneed hijack 7:11 PM: HKU\.default\software\microsoft\internet explorer\search\searchassistant explorer\main\ || default_search_url (ID = 555438) 7:11 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 7:11 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 7:11 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 7:11 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 7:11 PM: Registry Sweep Complete, Elapsed Time:00:01:27 7:11 PM: Starting Cookie Sweep 7:11 PM: Cookie Sweep Complete, Elapsed Time: 00:00:00 7:11 PM: Starting File Sweep 7:13 PM: Found Adware: look2me 7:13 PM: 00002690.dll (ID = 159) 7:16 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 7:16 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 7:16 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 7:16 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 7:17 PM: 00002685.dll (ID = 159) 7:18 PM: 00002683.dll (ID = 159) 7:18 PM: 00002681.exe (ID = 168558) 7:19 PM: 00002679.dll (ID = 159) 7:21 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 7:21 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 7:21 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 7:21 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 7:21 PM: 00002676.dll (ID = 159) 7:22 PM: 00002674.dll (ID = 159) 7:26 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 7:26 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 7:26 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 7:26 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 7:27 PM: 00002668.dll (ID = 159) 7:28 PM: 00002666.dll (ID = 159) 7:28 PM: 00002664.dll (ID = 163672) 7:28 PM: 00002662.dll (ID = 159) 7:28 PM: 00002660.dll (ID = 159) 7:28 PM: 00002658.dll (ID = 159) 7:28 PM: 00002656.dll (ID = 159) 7:29 PM: 00002651.dll (ID = 159) 7:31 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 7:31 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 7:31 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 7:31 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 7:31 PM: Found Adware: command 7:31 PM: uninstall_nmon.vbs (ID = 231442) 7:33 PM: ahferror.dll (ID = 159) 7:33 PM: k0pmla711d.dll (ID = 159) 7:34 PM: 00001130.dll (ID = 163672) 7:35 PM: hrr8059ue.dll (ID = 159) 7:35 PM: 00000594.dll (ID = 159) 7:35 PM: 00000841.dll (ID = 159) 7:36 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 7:36 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 7:36 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 7:36 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 7:36 PM: cudial32.dll (ID = 163672) 7:36 PM: atmtd.dll._ (ID = 166754) 7:37 PM: wdnotify.dll (ID = 159) 7:37 PM: 00000843.dll (ID = 159) 7:38 PM: 00000639.dll (ID = 159) 7:39 PM: m4640ejqehoe0.dll (ID = 159) 7:41 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 7:41 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 7:41 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 7:41 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 7:41 PM: 00000744.dll (ID = 159) 7:43 PM: lvl0093me.dll (ID = 159) 7:45 PM: 00000152.dll (ID = 159) 7:45 PM: dnrawex.dll (ID = 163672) 7:46 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 7:46 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 7:46 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 7:46 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 7:47 PM: rooc3260.dll (ID = 159) 7:51 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 7:51 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 7:51 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 7:51 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 7:54 PM: Found Adware: dollarrevenue 7:54 PM: drsmartload46a[1].exe (ID = 325335) 7:54 PM: sylogcfg.dll (ID = 159) 7:55 PM: drsmartload849a[1].exe (ID = 325336) 7:56 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 7:56 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 7:56 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 7:56 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 8:00 PM: 00000597.dll (ID = 159) 8:01 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 8:01 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 8:01 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 8:01 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 8:01 PM: cmdinst.exe (ID = 231664) 8:02 PM: dl3j.dll (ID = 159) 8:04 PM: kdrberos.dll (ID = 159) 8:05 PM: 00000567.dll (ID = 159) 8:06 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 8:06 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 8:06 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 8:06 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 8:06 PM: loader[1].exe (ID = 325333) 8:06 PM: rismxs.dll (ID = 163672) 8:07 PM: mkwdat10.dll (ID = 159) 8:07 PM: soredir.dll (ID = 163672) 8:07 PM: d4j00e1meh.dll (ID = 159) 8:07 PM: d00mlad11d0.dll (ID = 163672) 8:07 PM: mdtime.dll (ID = 159) 8:07 PM: 00000591.dll (ID = 159) 8:07 PM: mjoa.dll (ID = 159) 8:11 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 8:11 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 8:11 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 8:11 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 8:11 PM: 00002445.exe (ID = 144946) 8:11 PM: 00002692.exe (ID = 231443) 8:11 PM: asappsrv.dll (ID = 144945) 8:12 PM: 00002705.exe (ID = 325652) 8:12 PM: 00002708.exe (ID = 326742) 8:14 PM: miperf.dll (ID = 163672) 8:15 PM: uwat.dll (ID = 159) 8:16 PM: atmtd.dll (ID = 166754) 8:16 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 8:16 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 8:16 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 8:16 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 8:17 PM: drsmartload45a[1].exe (ID = 325334) 8:17 PM: drsmartload46a[1].exe (ID = 325335) 8:17 PM: drsmartload849a[1].exe (ID = 325336) 8:17 PM: mte3ndi6odoxng.exe (ID = 185985) 8:17 PM: ktp8l77u1.dll (ID = 159) 8:18 PM: g8220ifoe82c0.dll (ID = 159) 8:18 PM: lt4027hmg.dll (ID = 159) 8:19 PM: saictrddte.vbs (ID = 185675) 8:20 PM: File Sweep Complete, Elapsed Time: 01:08:42 8:20 PM: Full Sweep has completed. Elapsed time 01:27:46 8:20 PM: Traces Found: 67 8:21 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 8:21 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 8:21 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 8:21 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 8:22 PM: Removal process initiated 8:23 PM: Quarantining All Traces: look2me 8:24 PM: Quarantining All Traces: command 8:24 PM: Quarantining All Traces: findthewebsiteyouneed hijack 8:24 PM: Quarantining All Traces: dollarrevenue 8:24 PM: Removal process completed. Elapsed time 00:01:45 ******** 10:30 PM: | Start of Session, Monday, July 24, 2006 | 10:30 PM: Spy Sweeper started 10:30 PM: Sweep initiated using definitions version 725 10:30 PM: Found Adware: dollarrevenue 10:30 PM: HKLM\software\microsoft\windows\currentversion\run\ || newname (ID = 1231926) 10:30 PM: nwnmed_7.exe (ID = 1231926) 10:30 PM: Starting Memory Sweep 10:43 PM: Found Adware: command 10:43 PM: Detected running threat: C:\Program Files\Network Monitor\netmon.exe (ID = 231443) 10:45 PM: Detected running threat: C:\dfndrdd_6.exe (ID = 325652) 10:48 PM: Memory Sweep Complete, Elapsed Time: 00:17:47 10:48 PM: Starting Registry Sweep 10:49 PM: HKLM\software\microsoft\windows\currentversion\uninstall\{3877c2cd-f137-4144-bdb2-0a811492f920}\ (7 subtraces) (ID = 892523) 10:49 PM: HKLM\software\microsoft\windows\currentversion\uninstall\{3877c2cd-f137-4144-bdb2-0a811492f920}\ || nomodify (ID = 958653) 10:49 PM: HKLM\software\microsoft\windows\currentversion\uninstall\{3877c2cd-f137-4144-bdb2-0a811492f920}\ || noremove (ID = 958654) 10:49 PM: HKLM\software\microsoft\windows\currentversion\uninstall\{3877c2cd-f137-4144-bdb2-0a811492f920}\ || norepair (ID = 958655) 10:49 PM: HKLM\system\currentcontrolset\services\cmdservice\ (12 subtraces) (ID = 958670) 10:49 PM: HKLM\system\currentcontrolset\enum\root\legacy_cmdservice\0000\ (6 subtraces) (ID = 1016064) 10:49 PM: HKLM\system\currentcontrolset\enum\root\legacy_cmdservice\ (8 subtraces) (ID = 1016072) 10:49 PM: HKLM\software\microsoft\windows\currentversion\uninstall\{a394e835-c8d6-4b4b-884b-d2709059f3be}\ (7 subtraces) (ID = 1110756) 10:49 PM: HKLM\software\microsoft\drsmartload2\ (1 subtraces) (ID = 1134137) 10:49 PM: HKLM\software\microsoft\windows\currentversion\uninstall\{3877c2cd-f137-4144-bdb2-0a811492f920}\ || uninstallstring (ID = 1134952) 10:49 PM: Found Trojan Horse: trojan-backdoor-ranky 10:49 PM: HKLM\software\microsoft\windows\currentversion\run\ || windows core kernel update (ID = 1382092) 10:49 PM: HKLM\software\microsoft\windows\currentversion\run\ || defender (ID = 1558788) 10:49 PM: HKLM\software\microsoft\windows\currentversion\run\ || keyboard (ID = 1558789) 10:49 PM: Registry Sweep Complete, Elapsed Time:00:01:29 10:49 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie 10:49 PM: Starting Cookie Sweep 10:49 PM: Cookie Sweep Complete, Elapsed Time: 00:00:00 10:49 PM: Starting File Sweep 10:49 PM: c:\program files\network monitor (1 subtraces) (ID = -2147459771) 10:49 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie 10:50 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie 10:51 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie 10:52 PM: Found Adware: look2me 10:52 PM: l46o0ej3eho.dll (ID = 159) 10:52 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie 10:52 PM: 00000601.dll (ID = 159) 10:53 PM: 00002443.dll (ID = 159) 10:53 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie 10:53 PM: 00000809.dll (ID = 159) 10:53 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie 10:54 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie 10:55 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie 10:55 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie 10:56 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie 10:56 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie 10:58 PM: hrnq0555e.dll (ID = 159) 10:59 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie 10:59 PM: hrpu0579e.dll (ID = 159) 10:59 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie 11:00 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie 11:01 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie 11:01 PM: warebundle3.exe (ID = 168558) 11:01 PM: Spy Installation Shield: found: Adware: dollarrevenue, version 1.0.0.0 -- Execution Denied 11:01 PM: Spy Installation Shield: found: Adware: dollarrevenue, version 1.0.0.0 -- Execution Denied 11:01 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie 11:02 PM: n4p40e7qeh.dll (ID = 159) 11:03 PM: 00000743.dll (ID = 159) 11:03 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie 11:04 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie 11:04 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie 11:05 PM: k4620ejoehoc0.dll (ID = 159) 11:07 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie 11:08 PM: sdrmdll.dll (ID = 159) 11:08 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie 11:09 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie 11:10 PM: 00000808.dll (ID = 159) 11:11 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie 11:16 PM: 00000770.dll (ID = 159) 11:17 PM: 00001516.dll (ID = 159) 11:17 PM: 00000750.dll (ID = 159) 11:17 PM: wjhcon.dll (ID = 159) 11:18 PM: fsclient.dll (ID = 159) 11:19 PM: crmodem.dll (ID = 163672) 11:19 PM: padx5016.dll (ID = 159) 11:19 PM: p06s0aj7edo.dll (ID = 159) 11:19 PM: d40m0ed1eh0.dll (ID = 159) 11:19 PM: nwnmed_7[1].exe (ID = 326742) 11:19 PM: mgjetoledb40.dll (ID = 159) 11:19 PM: 00000592.dll (ID = 159) 11:20 PM: 00000599.dll (ID = 159) 11:21 PM: hr8605lse.dll (ID = 159) 11:24 PM: Sweep Canceled 11:24 PM: File Sweep Complete, Elapsed Time: 00:34:29 11:24 PM: Traces Found: 86 11:24 PM: Processing Startup Alerts 11:24 PM: Removed Startup entry: newname 11:24 PM: Removed Startup entry: defender 11:24 PM: Removed Startup entry: keyboard 11:25 PM: Removal process initiated 11:25 PM: Quarantining All Traces: look2me 11:26 PM: Quarantining All Traces: trojan-backdoor-ranky 11:26 PM: Quarantining All Traces: command 11:27 PM: Quarantining All Traces: dollarrevenue 11:27 PM: Removal process completed. Elapsed time 00:01:42 1:28 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 1:28 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 1:31 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 1:31 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 1:31 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 1:31 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 1:36 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 1:36 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 1:36 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 1:36 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 1:41 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 1:41 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 1:41 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 1:41 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 1:46 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 1:46 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 1:46 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 1:46 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 1:51 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 1:51 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 1:51 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 1:51 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 1:54 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie 1:56 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 1:56 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 1:56 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 1:56 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 1:58 PM: IE Tracking Cookies Shield: Removed yadro cookie 1:59 PM: IE Tracking Cookies Shield: Removed rambler cookie 1:59 PM: IE Tracking Cookies Shield: Removed yadro cookie 2:01 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 2:01 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 2:01 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 2:01 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 6:45 PM: Processing Startup Alerts 6:45 PM: Removed Startup entry: MSMSGS 6:47 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 6:47 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 6:47 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 6:47 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 6:51 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 6:51 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 6:51 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 6:51 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com 6:52 PM: Deletion from quarantine initiated 6:52 PM: Processing: command 6:52 PM: Processing: dollarrevenue 6:52 PM: Processing: findthewebsiteyouneed hijack 6:52 PM: Processing: icannnews 6:52 PM: Processing: isearch desktop search 6:52 PM: Processing: look2me 6:52 PM: Processing: trojan-backdoor-ranky 6:52 PM: Deletion from quarantine completed. Elapsed time 00:00:01 6:52 PM: | End of Session, Tuesday, July 25, 2006 | ******** 9:33 PM: | Start of Session, Monday, July 24, 2006 | 9:33 PM: Spy Sweeper started 9:33 PM: Sweep initiated using definitions version 547 9:33 PM: Starting Memory Sweep 9:34 PM: Found Adware: icannnews 9:34 PM: Detected running threat: C:\WINDOWS\system32\n06q0aj5edo.dll (ID = 83) 9:36 PM: Detected running threat: C:\WINDOWS\system32\tBpiui.dll (ID = 83) 9:36 PM: Found Adware: isearch desktop search 9:36 PM: Detected running threat: C:\WINDOWS\YmF5ZXppZA\command.exe (ID = 144946) 9:38 PM: Memory Sweep Complete, Elapsed Time: 00:05:10 9:38 PM: Starting Registry Sweep 9:39 PM: Found Adware: findthewebsiteyouneed hijacker 9:39 PM: HKU\.default\software\microsoft\internet explorer\search\searchassistant explorer\main\ || default_search_url (ID = 555438) 9:39 PM: Registry Sweep Complete, Elapsed Time:00:00:32 9:39 PM: Starting Cookie Sweep 9:39 PM: Cookie Sweep Complete, Elapsed Time: 00:00:00 9:39 PM: Starting File Sweep 9:41 PM: Found Adware: look2me 9:41 PM: appwrap[1].exe (ID = 65721) 9:41 PM: command.exe (ID = 144946) 9:41 PM: bw2.com (ID = 65721) 9:42 PM: File Sweep Complete, Elapsed Time: 00:02:53 9:42 PM: Full Sweep has completed. Elapsed time 00:08:46 9:42 PM: Traces Found: 7 9:44 PM: Removal process initiated 9:45 PM: Quarantining All Traces: look2me 9:45 PM: Quarantining All Traces: icannnews 9:45 PM: icannnews is in use. It will be removed on reboot. 9:45 PM: C:\WINDOWS\system32\n06q0aj5edo.dll is in use. It will be removed on reboot. 9:45 PM: C:\WINDOWS\system32\tBpiui.dll is in use. It will be removed on reboot. 9:45 PM: Quarantining All Traces: isearch desktop search 9:45 PM: isearch desktop search is in use. It will be removed on reboot. 9:45 PM: command.exe is in use. It will be removed on reboot. 9:45 PM: Quarantining All Traces: findthewebsiteyouneed hijacker 9:45 PM: Warning: Launched explorer.exe 9:45 PM: Warning: Quarantine process could not restart Explorer. 9:45 PM: Preparing to restart your computer. Please wait... 9:45 PM: Removal process completed. Elapsed time 00:00:54 10:19 PM: Processing Startup Alerts 10:19 PM: Removed Startup entry: MSMSGS 10:19 PM: Updating spyware definitions 10:29 PM: Your spyware definitions have been updated. 10:30 PM: Memory Shield: Found: Memory-resident threat command, version 1.0.0.0 10:30 PM: Detected running threat: command 10:30 PM: | End of Session, Monday, July 24, 2006 | ******** 9:31 PM: | Start of Session, Monday, July 24, 2006 | 9:31 PM: Spy Sweeper started 9:32 PM: IE Tracking Cookies Shield: Removed com.com cookie 9:33 PM: | End of Session, Monday, July 24, 2006 | thanx 4 ur cooperation
