From: Dodo (dodo_at_no.fly.invalid)
Date: Tue, 1 Feb 2005 15:35:52 -0600
To remove the files, you must be in safe mode and adjust folder options:
show hidden files, do not hide system files and do not hide extensions.
Malicious software usually starts up from two places: Windows startup and IE
startup. Autoruns is the most comprehensive I've seen at enumerating Windows
startup items. HijackThis is good for enumerating IE startup items and
repairing damage. Malicious BHOs must be removed.
Provide an Autoruns log configured as illustrated at http://spywareguy.com/
and a HijackThis log and I can help further.