were in C:\WINDOWS\system32\pntadmhv . You can nuke this entire folder , the rest is just fluff though .
were in C:\WINDOWS\system32 .
The installer (ivevergp.exe) is included , pass <-> infected .
(sttool32.exe kind of describes this infection , if you know what I mean)
Looks like I will have to do this in two posts .
It looks like the attachment limit is for more than just this post or thread .