View Full Version : A lot of problems with surf side kik. I need help or assistance
Hi
This is my first post on the forum of spybot S&D.
Before starting , i got to say that my english is not verry good , so please, be tolerant. :bigthumb:
Ok, like a lot of people ,i get some problems with surf side kik who dont want to be removed by all the programs anti-spywares I tried and dont want to be removed manualy. So, the is a scan report by HijackThis v1.99.1 :
Logfile of HijackThis v1.99.1
Scan saved at 10:57:39, on 2006-07-20
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINNT\system32\nvsvc32.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\rundll32.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\wuauclt.exe
C:\WINNT\system32\sstray.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINNT\system32\RUNDLL32.EXE
C:\kybrddd_6.exe
C:\dfndrdd_6.exe
C:\WINNT\v1201.exe
C:\nwnmdd_6.exe
C:\Program Files\ipwins\ipwins.exe
C:\Program Files\Fichiers communs\{FC06304D-0872-1036-1112-040425030002}\Update.exe
C:\PROGRA~1\FICHIE~1\qfwo\qfwom.exe
C:\Program Files\TClock\TClock.exe
C:\PROGRA~1\FICHIE~1\qfwo\qfwoa.exe
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\svchost.exe
C:\WINNT\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\NoAdware4\NoAdware4.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Vincent\Bureau\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - C:\Program Files\SurfSideKick 3\SskBho.dll
O1 - Hosts: 64.15.141.85 l2testauthd.lineage2.com
O1 - Hosts: 64.15.141.85 l2authd.lineage2.com
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: ToolBar888 - {CBCC61FA-0221-4ccc-B409-CEE865CACA3A} - C:\Program Files\ToolBar888\MyToolBar.dll (file missing)
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [Ins3DT] E:\INSTALL4\INS3DT.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Fichiers communs\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [csr] csrrs.exe
O4 - HKLM\..\Run: [keyboard] C:\\kybrddd_6.exe
O4 - HKLM\..\Run: [defender] C:\\dfndrdd_6.exe
O4 - HKLM\..\Run: [ACTX1] C:\WINNT\v1201.exe
O4 - HKLM\..\Run: [newname] C:\\nwnmdd_6.exe
O4 - HKLM\..\Run: [IpWins] C:\Program Files\ipwins\ipwins.exe
O4 - HKLM\..\Run: [SurfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe
O4 - HKLM\..\RunServices: [csr] csrrs.exe
O4 - HKCU\..\Run: [qfwo] C:\PROGRA~1\FICHIE~1\qfwo\qfwom.exe
O4 - HKCU\..\Run: [SurfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe
O4 - Startup: PowerReg Scheduler.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: svchost.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O16 - DPF: {00000000-0000-0000-0000-000020050660} - http://207.234.185.217/ABoxInst_int15.exe
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.2.1.87.cab
O16 - DPF: {48884C41-EFAC-433D-958A-9FADAC41408E} (EGamesPlugin Class) - https://www.e-games.com.my/com/EGamesPlugin.cab
O16 - DPF: {A1426AC5-8CE5-4A00-B71E-011D35709AC6} - http://advnt01.com/dialer/int_ver34.CAB
O16 - DPF: {BE833F39-1E0C-468C-BA70-25AAEE55775E} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab.cab
O20 - AppInit_DLLs: repairs303169590.dll
O20 - Winlogon Notify: Media Center - C:\WINNT\system32\wR2topl.dll
O23 - Service: Aluria Spyware Eliminator Service (ASEService) - Unknown owner - C:\PROGRA~1\ALURIA~1\ASE\ASEServ.exe (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Crossfire server (Crossfire) - Unknown owner - C:\Program Files\Crossfire Server\Crossfire32.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
tank for your patience and your future help.
I am waiting your reply. :)
Hello and sorry for the wait konasix.
If you are still in need of assistance please go here and post a link back to this topic to flag a helper.
If you have waited four days for advice post here. (http://forums.spybot.info/showthread.php?p=4836#post4836)
LonnyRJones
2006-07-26, 04:22
Welcome
1. Download this file - combofix.exe
http://download.bleepingcomputer.com/sUBs/combofix.exe
2. Double click combofix.exe & follow the prompts.
3. When finished, it shall produce a log for you. Post that log in your next reply
Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall
Sorry but this program wont work on my computer :(
when i try to open it , its shut down.
LonnyRJones
2006-07-26, 09:23
In windows control panel addremove programs uninstall
SurfSideKick
ipwins
and TClock if listed
Restart your PC
Please download Look2Me-Destroyer.exe to your to the root drive, eg: Local Disk C: or partition where your operating system is installed.
http://www.atribune.org/content/view/28/
Close all windows before continuing.
Double-click Look2Me-Destroyer.exe to run it.
Put a check next to Run this program as a task.
You will receive a message saying Look2Me-Destroyer will close and re-open in approximately 1 to five minute's. Click OK
When Look2Me-Destroyer re-opens, click the Scan for L2M button, your desktop icons will disappear, this is normal.
Once it's done scanning, click the Remove L2M button.
You will receive a Done Scanning message, click OK.
When completed, you will receive this message: Done removing infected files! Look2Me-Destroyer will now shutdown your computer, click OK.
Your computer will then shutdown.
Wait about Four minutes, Turn your computer back on.
Please post the contents of Look2Me-Destroyer.txt and a new HiJackThis log.
(TClock was not listed)
Look2Me-Destroyer V1.0.12
Scanning for infected files.....
Scan started at 2006-07-26 12:58:37
Infected! C:\WINNT\system32\kt4ul7h91.dll
Infected! C:\WINNT\system32\dnrq0195e.dll
Infected! C:\WINNT\system32\gppol3731.dll
Infected! C:\WINNT\system32\gppql3751.dll
Infected! C:\WINNT\system32\gskrsrc.dll
Infected! C:\WINNT\system32\irnul5591.dll
Infected! C:\WINNT\system32\j06mlaj11do.dll
Infected! C:\WINNT\system32\kt4ul7h91.dll
Infected! C:\WINNT\system32\nawrssl.dll
Infected! C:\WINNT\system32\o6pq0g75e6.dll
Infected! C:\WINNT\system32\s4880eluehq80.dll
Infected! C:\WINNT\system32\SEtrmTR.dll
Infected! C:\WINNT\system32\swfilshr.dll
Infected! C:\WINNT\system32\syfolder.dll
Infected! C:\WINNT\system32\u8ru0i99e8.dll
Infected! C:\WINNT\system32\u8ruli9918.dll
Infected! C:\WINNT\system32\vu31vfw.dll
Infected! C:\WINNT\system32\whsdmoe2.dll
Infected! C:\WINNT\system32\wznhttp.dll
Attempting to delete infected files...
Attempting to delete: C:\WINNT\system32\kt4ul7h91.dll
C:\WINNT\system32\kt4ul7h91.dll Deleted successfully!
Attempting to delete: C:\WINNT\system32\dnrq0195e.dll
C:\WINNT\system32\dnrq0195e.dll Deleted successfully!
Attempting to delete: C:\WINNT\system32\gppol3731.dll
C:\WINNT\system32\gppol3731.dll Deleted successfully!
Attempting to delete: C:\WINNT\system32\gppql3751.dll
C:\WINNT\system32\gppql3751.dll Deleted successfully!
Attempting to delete: C:\WINNT\system32\gskrsrc.dll
C:\WINNT\system32\gskrsrc.dll Deleted successfully!
Attempting to delete: C:\WINNT\system32\irnul5591.dll
C:\WINNT\system32\irnul5591.dll Deleted successfully!
Attempting to delete: C:\WINNT\system32\j06mlaj11do.dll
C:\WINNT\system32\j06mlaj11do.dll Deleted successfully!
Attempting to delete: C:\WINNT\system32\kt4ul7h91.dll
C:\WINNT\system32\kt4ul7h91.dll Deleted successfully!
Attempting to delete: C:\WINNT\system32\nawrssl.dll
C:\WINNT\system32\nawrssl.dll Deleted successfully!
Attempting to delete: C:\WINNT\system32\o6pq0g75e6.dll
C:\WINNT\system32\o6pq0g75e6.dll Deleted successfully!
Attempting to delete: C:\WINNT\system32\s4880eluehq80.dll
C:\WINNT\system32\s4880eluehq80.dll Deleted successfully!
Attempting to delete: C:\WINNT\system32\SEtrmTR.dll
C:\WINNT\system32\SEtrmTR.dll Deleted successfully!
Attempting to delete: C:\WINNT\system32\swfilshr.dll
C:\WINNT\system32\swfilshr.dll Deleted successfully!
Attempting to delete: C:\WINNT\system32\syfolder.dll
C:\WINNT\system32\syfolder.dll Deleted successfully!
Attempting to delete: C:\WINNT\system32\u8ru0i99e8.dll
C:\WINNT\system32\u8ru0i99e8.dll Deleted successfully!
Attempting to delete: C:\WINNT\system32\u8ruli9918.dll
C:\WINNT\system32\u8ruli9918.dll Deleted successfully!
Attempting to delete: C:\WINNT\system32\vu31vfw.dll
C:\WINNT\system32\vu31vfw.dll Deleted successfully!
Attempting to delete: C:\WINNT\system32\whsdmoe2.dll
C:\WINNT\system32\whsdmoe2.dll Deleted successfully!
Attempting to delete: C:\WINNT\system32\wznhttp.dll
C:\WINNT\system32\wznhttp.dll Deleted successfully!
Making registry repairs.
Removing: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Media Center
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{D712B355-B580-4440-B533-CAC8FB7875C0}"
HKCR\Clsid\{D712B355-B580-4440-B533-CAC8FB7875C0}
Restoring Windows certificates.
Replaced hosts file with default windows hosts file
Restoring SeDebugPrivilege for Administrateurs - Succeeded
and my hijackthis log
Logfile of HijackThis v1.99.1
Scan saved at 13:31:33, on 2006-07-26
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\csrss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINNT\SmVhbiBMYWluZQ\command.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Network Monitor\netmon.exe
C:\WINNT\system32\nvsvc32.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\sstray.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\WINNT\system32\RUNDLL32.EXE
C:\kybrdef_7.exe
C:\dfndref_7.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINNT\v1201.exe
C:\nwnmef_7.exe
C:\WINNT\system32\RUNDLL32.EXE
C:\Program Files\Fichiers communs\{FC06304D-0872-1036-1112-040425030002}\Update.exe
C:\PROGRA~1\FICHIE~1\qfwo\qfwom.exe
C:\PROGRA~1\FICHIE~1\qfwo\qfwoa.exe
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\svchost.exe
C:\WINNT\system32\msiexec.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Vincent\Bureau\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.ca
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.findthewebsiteyouneed.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: ToolBar888 - {CBCC61FA-0221-4ccc-B409-CEE865CACA3A} - C:\Program Files\ToolBar888\MyToolBar.dll
O3 - Toolbar: UCmore XP - The Search Accelerator - {44BE0690-5429-47f0-85BB-3FFD8020233E} - C:\Program Files\TheSearchAccelerator\UCMTSAIE.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [Ins3DT] E:\INSTALL4\INS3DT.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Fichiers communs\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [csr] csrrs.exe
O4 - HKLM\..\Run: [keyboard] C:\\kybrdef_7.exe
O4 - HKLM\..\Run: [defender] C:\\dfndref_7.exe
O4 - HKLM\..\Run: [ACTX1] C:\WINNT\v1201.exe
O4 - HKLM\..\Run: [newname] C:\\nwnmef_7.exe
O4 - HKLM\..\Run: [ntdll.dll] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [oml11716] RUNDLL32.EXE w005f489.dll,n 002117140000000a005f489
O4 - HKLM\..\RunServices: [csr] csrrs.exe
O4 - HKCU\..\Run: [qfwo] C:\PROGRA~1\FICHIE~1\qfwo\qfwom.exe
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O4 - HKCU\..\Run: [Pop up Blocker] "C:\Program Files\Pop up Blocker\pd.exe" Minimize
O4 - Startup: PowerReg Scheduler.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: svchost.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: PD - {27524337-458A-4E77-95B8-D0A062E038CA} - C:\Program Files\Pop up Blocker\pd.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra button: AbsoluteShield IE Popup Blocker - {A70DD885-5FCE-44af-8AA1-FC07FFE8CE21} - C:\Program Files\SysShield Tools\IE Popup Blocker\PKMaster.exe (HKCU)
O16 - DPF: {00000000-0000-0000-0000-000020050660} - http://207.234.185.217/ABoxInst_int15.exe
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.2.1.87.cab
O16 - DPF: {48884C41-EFAC-433D-958A-9FADAC41408E} (EGamesPlugin Class) - https://www.e-games.com.my/com/EGamesPlugin.cab
O16 - DPF: {A1426AC5-8CE5-4A00-B71E-011D35709AC6} - http://advnt01.com/dialer/int_ver34.CAB
O16 - DPF: {BE833F39-1E0C-468C-BA70-25AAEE55775E} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab.cab
O23 - Service: Aluria Spyware Eliminator Service (ASEService) - Unknown owner - C:\PROGRA~1\ALURIA~1\ASE\ASEServ.exe (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINNT\SmVhbiBMYWluZQ\command.exe
O23 - Service: Crossfire server (Crossfire) - Unknown owner - C:\Program Files\Crossfire Server\Crossfire32.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
LonnyRJones
2006-07-26, 19:13
Next:
Set windows to show hiddenfiles/folders and extensions
for XP systems Open any folder, Select the Tools menu and click Folder Options. Select the View Tab.
Under the Hidden files and folders heading select "Show hidden files and folders".
Uncheck the "Hide protected operating system files (recommended)" option.
Uncheck the "Hide file extensions for known file types" option.
Click Apply to confirm. Click OK.
1. Please download Ewido Anti-Malware (http://www.ewido.net/en/download/)
Install ewido anti-malware
Launch ewido, there should be an icon on your desktop, double-click it.
The program will now open to the main screen.
Update the program and close it
2. Please download Brute Force Uninstaller (http://www.merijn.org/files/bfu.zip) to your desktop.
Right click the BFU folder on your desktop, and choose Extract All
Click "Next"
In the box to choose where to extract the files to,
Click "Browse"
Click on the + sign next to "My Computer"
Click on "Local Disk (C: ) or whatever your primary drive is
Click "Make New Folder"
Type in BFU
Click "Next", and Uncheck the "Show Extracted Files" box and then click "Finish".
3. RIGHT-CLICK HERE (http://metallica.geekstogo.com/alcanshorty.bfu) and choose "Save As" (in IE it's "Save Target As")
save as text Alcra PLUS Remover.
Save it in the same folder you made earlier (c:\BFU).
If it was saved as alcanshorty.bfu.txt rename to alcanshorty.bfu
Do not do anything with these yet!
Reboot your computer into Safe Mode. You can do this by restarting your computer and continually tapping F8 until a menu appears. Highlight Safe Mode and hit enter.
4. Once in Safe Mode, Open Ewido:
Click on scanner
Scanner tab at the top and then click on Complete System Scan This scan can take quite a while to run, so be prepared.
Ewido will list any infections found on the left hand side. When the scan has finished, it will automatically set the
recommended action. Click the Apply all actions button. Ewido will display "All actions have been applied" on the right hand side.
Click on "Save Report", then "Save Report As". This will create a text file. Make sure you know where to find this file again (like on the Desktop).
Close ewido anti-malware.
5. Then, please go to Start > My Computer and navigate to the C:\BFU folder.
Start the Brute Force Uninstaller by doubleclicking BFU.exe
Behind the scriptline to execute field click the folder icon http://metallica.geekstogo.com/foldericon.png and select alcanshorty.bfu
Press Execute and let the program do it’s job. (You ought to see a progress bar if you did this correctly.)
Wait for the complete script execution box to pop up and press OK.
Press exit to terminate the BFU program.
Reboot into normal windows and post the contents of Ewido text report that you saved and a new HiJackThis log.
ewido anti-spyware - Scan Report
---------------------------------------------------------
+ Created at: 15:52:38 2006-07-26
+ Scan result:
C:\WINNT\system32\pushow21.dll -> Adware.AdvertMen : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Effective-i -> Adware.EffectiveBrandToolbar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Effective-i\TheSearchAccelerator -> Adware.EffectiveBrandToolbar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Effective-i\TheSearchAccelerator\IE5 -> Adware.EffectiveBrandToolbar : Cleaned with backup (quarantined).
HKU\S-1-5-21-73586283-1844823847-1801674531-1000\Software\Effective-i -> Adware.EffectiveBrandToolbar : Cleaned with backup (quarantined).
HKU\S-1-5-21-73586283-1844823847-1801674531-1000\Software\Effective-i\TheSearchAccelerator -> Adware.EffectiveBrandToolbar : Cleaned with backup (quarantined).
HKU\S-1-5-21-73586283-1844823847-1801674531-1000\Software\Effective-i\TheSearchAccelerator\IE5 -> Adware.EffectiveBrandToolbar : Cleaned with backup (quarantined).
C:\WINNT\system32\ATPartners.dll -> Adware.F1Organizer : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Local Settings\Temporary Internet Files\Content.IE5\4DK9ENCD\ac3[1].txt -> Adware.IEHelper : Cleaned with backup (quarantined).
C:\Installer2.exe -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\Installer3.exe -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINNT\system32\VAAME.DLL -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINNT\system32\guard.tmp_tobedeleted -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\warebundle2.exe -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\warebundle3.exe -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\warebundlenewer.exe -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\Program Files\Save -> Adware.SaveNow : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Local Settings\Temp\i4.tmp -> Adware.SurfSide : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Local Settings\Temp\i81.tmp -> Adware.SurfSide : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Local Settings\Temp\un42.tmp -> Adware.SurfSide : Cleaned with backup (quarantined).
HKLM\SOFTWARE\SurfSideKick3 -> Adware.SurfSide : Cleaned with backup (quarantined).
HKLM\SOFTWARE\SurfSideKick3\Internet Explorer -> Adware.SurfSide : Cleaned with backup (quarantined).
HKU\S-1-5-21-73586283-1844823847-1801674531-1000\Software\SurfSideKick3 -> Adware.SurfSide : Cleaned with backup (quarantined).
HKU\S-1-5-21-73586283-1844823847-1801674531-1000\Software\SurfSideKick3\Internet Explorer -> Adware.SurfSide : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Local Settings\Temporary Internet Files\Content.IE5\VJPRR14S\ucmoreiex[1].exe/IUCMORE.DLL -> Adware.Ucmore : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Local Settings\Temporary Internet Files\Content.IE5\VJPRR14S\ucmoreiex[1].exe/UCMTSAIE.DLL -> Adware.Ucmore : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Local Settings\Temporary Internet Files\Content.IE5\VJPRR14S\ucmoreiex[1].exe/empty_00000001 -> Adware.Ucmore : Cleaned with backup (quarantined).
C:\Program Files\TheSearchAccelerator -> Adware.UCmore : Cleaned with backup (quarantined).
C:\Program Files\TheSearchAccelerator\INSTALL.LOG -> Adware.UCmore : Cleaned with backup (quarantined).
C:\Program Files\TheSearchAccelerator\IUCmore.dll -> Adware.UCmore : Cleaned with backup (quarantined).
C:\Program Files\TheSearchAccelerator\TBlogin.users.ucmore.com.4.5.40.0 -> Adware.UCmore : Cleaned with backup (quarantined).
C:\Program Files\TheSearchAccelerator\UNWISE.EXE -> Adware.UCmore : Cleaned with backup (quarantined).
C:\Program Files\TheSearchAccelerator\logo.ico -> Adware.UCmore : Cleaned with backup (quarantined).
C:\Program Files\TheSearchAccelerator\toolbar.cfg -> Adware.UCmore : Cleaned with backup (quarantined).
C:\ucmoreiex.exe/IUCMORE.DLL -> Adware.Ucmore : Cleaned with backup (quarantined).
C:\ucmoreiex.exe/UCMTSAIE.DLL -> Adware.Ucmore : Cleaned with backup (quarantined).
C:\ucmoreiex.exe/empty_00000001 -> Adware.Ucmore : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\UCmore - The Search Accelerator -> Adware.UCmore : Cleaned with backup (quarantined).
C:\WINNT\system32\V22006115.EPE -> Backdoor.Delf.ajn : Cleaned with backup (quarantined).
C:\WINNT\system32\csrrs.exe -> Backdoor.Rbot : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Local Settings\Temporary Internet Files\Content.IE5\D84FXHWL\int_ver34[1].CAB/int_ver34.ocx -> Dialer.VB.j : Cleaned with backup (quarantined).
C:\kybrded_7.exe -> Downloader.Adload.cu : Cleaned with backup (quarantined).
C:\nwnmed_7.exe -> Downloader.Adload.cy : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Local Settings\Temporary Internet Files\Content.IE5\0JZR2GL9\loader[1].exe -> Downloader.Adload.de : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Local Settings\Temporary Internet Files\Content.IE5\D84FXHWL\drsmartload[1].exe -> Downloader.Adload.de : Cleaned with backup (quarantined).
C:\drsmartload.exe -> Downloader.Adload.de : Cleaned with backup (quarantined).
C:\drsmartload1.exe -> Downloader.Adload.de : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Local Settings\Temp\isinst.exe -> Downloader.IstBar.pe : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Local Settings\Temporary Internet Files\Content.IE5\07HFQAJX\ac3_0010[1].exe -> Downloader.Small : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Local Settings\Temporary Internet Files\Content.IE5\D84FXHWL\al3[1].txt -> Downloader.Small : Cleaned with backup (quarantined).
C:\ac3_0010.exe -> Downloader.Small : Cleaned with backup (quarantined).
C:\MTE3NDI6ODoxNg.exe -> Downloader.Small.buy : Cleaned with backup (quarantined).
C:\MTE3NDI6ODoxNgnew.exe -> Downloader.Small.buy : Cleaned with backup (quarantined).
C:\VSL.dl_ -> Downloader.Small.ctp : Cleaned with backup (quarantined).
C:\Program Files\Fichiers communs\qfwo\qfwop.exe -> Downloader.TSUpdate.f : Cleaned with backup (quarantined).
C:\stub_113_4_0_4_0new.exe -> Downloader.TSUpdate.o : Cleaned with backup (quarantined).
C:\stub_113_4_0_4_0newer.exe -> Downloader.TSUpdate.o : Cleaned with backup (quarantined).
C:\kybrddd_6.exe -> Downloader.VB.aid : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Local Settings\Temporary Internet Files\Content.IE5\4J61SHU1\i[1].exe -> Downloader.VB.aik : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\setup.exe -> Downloader.VB.aik : Cleaned with backup (quarantined).
C:\WINNT\system32\setup.exe.tmp -> Downloader.VB.aik : Cleaned with backup (quarantined).
C:\kybrdef_7.exe -> Downloader.VB.air : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Local Settings\Temporary Internet Files\Content.IE5\0JZR2GL9\drsmartload45a[1].exe -> Downloader.VB.aiw : Cleaned with backup (quarantined).
C:\drsmartload45a7f.exe -> Downloader.VB.aiw : Cleaned with backup (quarantined).
C:\drsmartload45a7g.exe -> Downloader.VB.aiw : Cleaned with backup (quarantined).
C:\drsmartload45a7h.exe -> Downloader.VB.aiw : Cleaned with backup (quarantined).
C:\nwnmef_7.exe -> Downloader.VB.aiy : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Local Settings\Temporary Internet Files\Content.IE5\07HFQAJX\ABoxInst_int15[1].exe -> Downloader.VB.ft : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Local Settings\Temporary Internet Files\Content.IE5\FV5RB58S\ABoxInst_int15[1].exe -> Downloader.VB.ft : Cleaned with backup (quarantined).
C:\visfx500new.exe -> Dropper.Agent.aie : Cleaned with backup (quarantined).
C:\SS1001new.exe -> Dropper.Small.qn : Cleaned with backup (quarantined).
C:\SS1001newer.exe -> Dropper.Small.qn : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\#1 Video Converter 4.1.9.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\1Click DVD Copy 4.1.1.4.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\1Click DVD Copy v4.1.1.4.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\1st Network Admin 1.6.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\3D Backgammon 1.4.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\3D-Doctor v3.5.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\4U AVI MPEG Converter v2.3.8.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\50 First Dates [DVDRip].exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\7 Sins iSO.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\A-Converter v1.0.1.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\A-one DVD Copy v3.18.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\ABC Image Browser v4.6.1.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\ACDSee v8.1.98.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\ATani v2.7.0.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Abrosoft FantaMorph v3.0.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Absolute Sound Recorder v3.3.6.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Absolute Uninstaller 1.6.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Ace DVD Backup SE v1.2.26.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\AcePlanner v1.0.30.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Acoustica Beatcraft v1.00.9.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Acoustica Beatcraft v1.02.build.19.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Active Desktop Calendar v5.95.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Active File Recovery 7.1.257 Pro.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Adaptive Poker 2.0.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\AddRemove Plus 5.1.0.100.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Address Organizer Deluxe v2.3.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Adobe InCopy CS2.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\AdsGone 2004 v4.9.1.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Advanced MP3 WMA Recorder v5.9.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Advanced Security Administrator v10.4.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Advanced Uninstaller PRO 2006 7.5.3.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Ai Roboform 6.6.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Air Offensive Art Of Flying.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Album Generator and Viewer v2.0.3.1.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Alive MP3 WAV Converter v1.6.3.8.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Allok Audio Converter v1.0.2.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Allok MP3 WAV Converter v1.0.2.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Americas Army 1.6.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Amplusnet Stealth KeyLogger v3.1.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\An American Haunting DVDRip Xvid.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\AnFX 5.3.3.6.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\AnFX v5.3.3.1.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Antechinus C Sharp Editor v5.0.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Anti Tracks 5.98.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Anti Tracks v6.6.2.5 Retail.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Anydown v1.0.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\AoA DVD Ripper v3.85.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Aplus Video Converter v5.18.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Aplus Video Joiner v4.38.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Apocalypse Now [ DvdRiP ].exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Aquarium Desktop 1.0.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\ArGoSoft Mail Server Pro with IMAP v1.8.4.3.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\ArGoSoft News Server v1.0.1.9.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Ardamax Keylogger 2.4.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Armor2net Personal Firewall v3.12.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Ashampoo Burning Studio 6.20.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Ashampoo Magical Optimizer SE 1.10.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Aston Shell v1.9.2 [EN + RU] Incl. Serial.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Astrology Pro 7.05.56.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\AudioList Plus v4.0.3.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Aurora DVD Ripper v.1.1.1.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Auto Backup v2.3.0.185.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\AutoPlay Menu Builder v3.5.566.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\AutoShutdown Pro v4.6.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\BPS Popup, Cookie and Ad Shield.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Babylon v 6.0.0.r27 enterprise FULL.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Bandwidth Manager v2.5 Cracked.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Best SMTP Server 1.7.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\BestAddress HTML Editor 2004 Professional v5.1.8.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Big mamas house 2 DVDRip Xvid.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Billionaire II.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Bomberic 2 v1.0.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Bopup Communication Server v2.0.1.1056.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Bps data shredder v2.0.0.1.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\BreakNeck Racing.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Brothers Keeper v6.1.19.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Bugatron 1.51d.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Business Card Designer Pro v.4.00.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Bussiness Card Designer V 4.0.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\CD Storage Master Pro v5.81.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\CDMenuPro 5.23.01.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\CDRWin 5.05.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\CDRipper v2.78.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\CFosSpeed v2.12 Bld 1056.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Catch That Kid DVDRip Xvid.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Cedric The Entertainer Taking You Higher XviD-LionsDen.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Civilization IV iSO FULL - RELOADED.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Cleanse Uninstaller v1.7.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Click XViD TS-maVen.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\CloneDVD Mobile 1.1.0.5.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Code Calculator 2.7.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Code-Genie v3.11.12.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\CodeDrawer 1.8.4.0.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Coffee Break.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\CoffeeCup Web Video Player 4.6.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Condemned Criminal Origins iSO- RELOADED.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Conquest 2.1.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\CopyToDVD v2.3.12.239.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Cossacks European Wars.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Crime Stories.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\CryptCD v3.0.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\CryptoExpert 2003 Pro v2.86.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\CyberCafePro v5.0.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\DAEMON Tools version 4.03.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\DLLspy v1.6.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\DVD Next Copy v1.01.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\DVDFab Decrypter 2.9.8.1 Final.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\DVDFab Platinum 2.9.6.5.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\DVDFab Platinum Edition 2.70.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\DVDIdle 5.981.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Devil May Cry 3 Special Edition.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Digital DBA v1.1.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\DirSize v4.4.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\DivX Create Bundle v 6.2.5.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\DivX Pro v5.2.1 Win2kXP.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\DownloadStudio v2.1.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Dual DVD Copy Gold 4.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\ETD Security Scanner v.2.0.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\EVEREST Ultimate Edition 2006 v3.00.630 Multilingual In.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Easy Mail v3.1.34.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Elecard Mobile Converter v.1.1.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Elecard Mobile Converter v1.1.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Electric Image Animation System 6.5r2.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Emperor Battle for Dune iSO.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Empire Of The Ants.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Estimate Master 4.72.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\ExamXML v2.67.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Extensis Suitcase v9.2.2.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\FRITZ 9 - The Ultimate Chess Game-RELOADED iSO.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\FTPGetter v2.6.0.29.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Fahrenheit Indigo Prophecy iSO.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Fahrenheit 9-11 DVDRip Xvid.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\FairStars Audio Converter 1.55.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Family Cyber Alert V3.1.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Family Cyber Alert v.3.4.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Fight Club [ DvdRiP ].exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\FireGraphic 8.5.810.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\First Alert Service Monitor 9.90.01.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Flash2Video v3.06.490.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\FlashFXP 2.2 Build 933 Beta.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\FlatOut 2.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\FliSoft Power Card Maker v3.81.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Fortress v2.12.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Four Brothers DVDRip.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Foxit SSH Link FSLink v.1.1.221.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Freedom force iSO.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Fresh UI v7.63.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Full Throttle (ISO).exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\G-Clock 1.1e.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\GD Color Converter v1.5.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\GUILD WARS Collectors edition.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\GameHike v1.12.5.2005.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\GetRight Professional v6.0.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Gettysburg 1863.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Ghost Recon Advanced Warfighter iSO - RELOADED.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Good Keywords 2.0.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Goodfellas [ DvdRiP ].exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Graphic Workshop Professional v2.0.52a.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\GridinSoft Notepad v2.0.0.5.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\HDClone v3.1.11 Pro.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\HDD Life v1.0.14.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Handy Backup 5.x.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Hard Truck apocalypse.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Hide IP Platinum 2.9 Full.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Hide IP Platinum 2006 v2.9.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Hide IP Platinum v2.2.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Home Plan Pro 4.6.37.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\IMBT PageFour v1.42.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\ImTOO MOV Converter 3.1.6.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\ImTOO RM Converter 3.1.6.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\ImTOO WMA MP3 Converter 2.1.57.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\IncrediMail Xe Premium v5.0.2385.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Inside Man 2006 PROPER DVDRip XviD.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Internet Download Accelerator 2.3.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Internet Download Accelerator v2.5.1.637.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Internet Download Manager v5.01.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Internet Secure Tunneling v1.5.0.113.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Invisible Browsing 5.0.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Iseult v1.08.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\JMPuzzles v1.6.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Jarhead DVDRip XviD.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\JetAudio 6.1.3.6224 Full Retail.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Kari - Your virtual gilrfriend PC.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Kaspersky Anti Virus Personal Pro v5.0.20.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Kaspersky Anti-Hacker 1.94.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Kerio WinRoute Firewall.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Kerio Winroute Firewall v 6.1.3.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\KeyLogger Pro v2.0 Build 1.7.5.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Kill Bill Vol. 1 [DVDRip].exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Konfabulator 2.1.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\KoolMoves 5.4.3.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Latest Spy Sweeper 5.0.5.1286 NEW.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Lavasoft Personal Firewall 1.0.543.5722.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Lavavo CD Ripper v3.1.6.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Lavavo DVD Ripper v1.02.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Little Man CAM XViD.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Little Man CAM Xvid PROPER CAM-RPT.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Lock On Modern Air Combat Gold iSO -CRIME.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\MOV Converter v1.5.0.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\MP3 To Ringtone Gold 3.18.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\MP3 and MPEG Joiner v1.5.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Macro Mania v11.1.3.06082006.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Magic DVD Copier DVD9 to DVD5.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Magic Gallery v3.0.6.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Magic Image Resizer v1.0.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Magic Translator v3.01.38.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Magic Translator v5.00.5290.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\MagicIso Maker v5.2 Build 191.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Mail Snoop Pro v1.00.170.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Manga Studio 3.0.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Markzware FlightCheck Pro v5.7.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\MathXpert v3.02.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Maximum Sports Extreme.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\MegaView 8.05.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Messenger Plus Live 4.01.240.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Microsoft Visual FoxPro v9.0 - Retail.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\MonitorIT v8.012.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Movie Collector v4.9 build 3.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Movie DVD Maker v.1.3.8.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Multi Clipboard 9.90.01.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Musical Notes Preschool v.1.0.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\My Screen Recorder v2.51.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\MyIE2 0.8.2126.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\NASCAR SimRacing iSO.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Nacho Libre.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Nero 7 Premium v7.2.3.2b.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Nero Burning ROM 6.6.0.8.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Net Transport v1.52.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Neverend iSO.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Night Watch [3CD].exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Night Watch iSO.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Norton Utilities 2006.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\O&O Defrag Pro v8.5.1788.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\OO MediaRecovery v4.0.1373.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Okoker CD And DVD Burner v1.1.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Omniquad Instant Remote Control v2.2.6.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Over The Hedge Movie.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Over The HedgeTS.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\PCVoz v8.0.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\PDF Combine v1.0.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\PDF Filler Pilot v1.17.01.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\PDF Splitter v1.1.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\PLOT VISION PLUS V5.2.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Paragon CD Emulator 2.6.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\ParetoLogic XoftSpySE 4-23.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Photo Collage v1.41.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Picture Merge Genius V 2.2.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Piles O Tiles v.2.0E.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Pinnacle Studio Plus v.10.5.1 Titanium Edition Multilan.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Pirates Of The Caribbean Dead Mans Chest TELECINE XviD.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Pirates Of The Caribbean The Legend Of Jack Sparrow.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Pirates of the Caribbean Dead Mans Chest TS.XViD.INT-Pu.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\PolyView v3.93.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Pop up Blocker Pro v7.0.5.i.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Popup Ad Stopper 9.90.01.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Power CD+G Burner 1.3.16.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Power Video Converter v1.3.17.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\PowerArchiver 2004 v9.20.07.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Powered Keylogger v1.3.5.56.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Premier Manager 2003.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Presentation Wizard v2.0.22a.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Prey iSO - Razor1911.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Prey iSO.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Prince of Persia The Sands of Time-TECHNiC.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Prince of Persia Warrior Within iSO.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Privacy Cleaner Pro v3.20.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Privacy Fence v1.4.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Pro Cycling Manager 2006 iSO -CRIME.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Pro Evolution Soccer 5-RELOADED iSO.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\ProChef Premier v6.7.0.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\ProShow Gold 2.5.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Puff Puff Pass DVDRip XViD.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Puresim Baseball 2005 Gold Edition.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\PyroTrans v2.15.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Qimage Pro v2006.252.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\RMBSoft AudioConvert v3.1.126.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Rails Across America.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Rally Trophy.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\ReGet Deluxe 4.2 Build 265.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Recover My Files 3.26.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Recover My Files 3.97 Build 5012.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Registry Workshop v2.51.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Resident Evil 2 iSO.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\River Past Audio CD Ripper 1.0.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Road House 2 DVDRip XviD.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Robo-FTP v2.1.1.34.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\RoboToys Xonix 2.0.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\RollerCoaster Tycoon 3 iSO.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Rome Total War Alexander PROPER-RELOADED.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Sadman Slice N Splice v2.1.2.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Screen Saver Construction Set v2.0.20a.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Sega Master System 663 Roms.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Serv-U FTP Server 6.3.0.0 Corp.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Serv-u Ftp Server V6.3.0.0 Corporate Edition.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Setup2Go v1.9.11.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Shadow Illuminator for Photoshop v1.0.22.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Shaolin Soccer DVD Rip DivX.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Simply Calenders v4.1.668.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Skateboard Park Tycoon 2004.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Skateboard Park Tycoon.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\SlySoft AnyDVD 4.5.7.2.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Smart Protector Pro 3.5.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Smart Protector Pro Retail.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Smart Protector Pro v3.6.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\SmartFTP v1.5 Build 991.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Snappy Invoice System v2.2.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Snappy Invoice System v2.3.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\SnipeMonkey v0.9.8.79.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Soft Portal.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Space Sirens 2.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\SpamAware 4.2.1.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Spell Check Anywhere v4.0.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Splinter Cell Chaos Theory iSO.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\SpyRemover 2.46.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\SpyRemover 2.56.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Spyware Adware Remover ver. 9.3.0.1 Retail.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Spyware Doctor™ 3.8 For Windows.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Spyware Nuker 2005 v3.3.16.1.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Star Trek Bridge Commander-CLASS.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Star Wars Battle Front 2 iSO.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\StepZilla v3.02.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Stereogram Magician v3.12.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Stomp Backup MyPC 6 retail.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Student Scrambler v2.0.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Style XP 3.01 Full.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Super Proxy Helper v1.05.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\SuperAVConverter v6.2.110.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Superior SQL Builder v2.0.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Superman Returns XViD TS.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Superstar Soccer 3.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Svoi.Net PHP Edit v1.0.0.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Symantec AntiVirus Corporate Edition 10.0.1.628.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Sysgate Firewall 5.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\System rescue manager 9x 1.0.3.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Systerac XP Tools 3.3.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Tag&Rename v3.17.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\TaskInfo 2003.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Techsmith SnagIt v8.1.0.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\The Blot 1.0.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\The Breakup TS Xvid.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\The Daedalus Encounter iSO.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\The Grinch.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\The Hills Have Eyes UNRATED DVDRip XviD.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\The Ship.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\The Suffering Ties That Bind.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\TicketCreator v4.5.1.0.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\TigerCad v1.004.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Tmpgenc 3.0 Xpress V3.0.4.24.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Total PDF Converter v1.5.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Total Vectorize v1.0.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Touch It v1.2.5.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Trace Remover 1.1.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Traffic Giant.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Trains and Trucks Tycoon.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\TrayCapture v2.1.0.50.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Trojan Remover 6.3.5.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\True Crime New York City.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Turbo Photo v4.1.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Universal Upload Tool 3.5 Beta 8.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\VSO PhotoDVD v2.0.0.487.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Vic 20 Emulator Games.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Virtual Serial Port Control 2.2.1.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Visual Renamer v1.7.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\VividLyrics v2.3.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\VmWare Super AIO 2006 ISO.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\VueScan Pro v8.3.15.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\WTM CD Protect v1.91.3.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\War Of The States.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Warlords Battlecry.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Web Effects v2.2.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Will of Steel ISO.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Willing Webcam v1.3.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\WinASO Registry Optimizer v 2.5.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\WinBoost 4.5.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\WinBoost 4.90.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\WinCapture v8.4.0.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\WinDVD Platinum 6.0.06.128.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\WinImage Professional v7.0a.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\WinPatrol 10.0.1.0 Plus.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\WinPatrol v6.0.0.11.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\WinRAR 3.60 Beta 7.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\WinToolsnet Pro 7.4.4.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\WinXMedia DVD Audio Ripper v3.1.36.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Winamp 5.23 - Pro.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Winamp Pro v5.23.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Windoes Media Recorder v 10.2.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Windows XP License Tools 1.01.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Winrental v324.00.5.16.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\World FactBook.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Xara 3D 6.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Xilisoft CD Ripper v.1.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Xilisoft DVD Ripper v2.0.42.228.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\YoGen File Splitter v2.0.0.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Zealot AVI to VCD SVCD DVD Converter v1.7.5.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Zealot All Video Joiner v1.0.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Zealot RM to VCD SVCD DVD Converter v2.2.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\ZipScan 2.2c.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\ZoneAlarm Pro 3.5.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\Zoom Player 5.00.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\itan Quest iSO DVDrip XviD.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\mIRC 6.03.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\smsICQ v2.2.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\_\xzxzxzxzxzxz.exe -> Dropper.VB.lu : Cleaned with backup (quarantined).
C:\WINNT\wallpap.exe -> Hijacker.Small.jf : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Local Settings\Temporary Internet Files\Content.IE5\6HNK9O3A\drsmartload849a[1].exe -> Hijacker.VB.fg : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Local Settings\Temporary Internet Files\Content.IE5\H44J1PWT\drsmartload46a[1].exe -> Hijacker.VB.fg : Cleaned with backup (quarantined).
C:\WINNT\system32\dr.exe -> Hijacker.VB.fg : Cleaned with backup (quarantined).
C:\drsmartload46a7f.exe -> Hijacker.VB.fg : Cleaned with backup (quarantined).
C:\drsmartload46a7g.exe -> Hijacker.VB.fg : Cleaned with backup (quarantined).
C:\drsmartload46a7h.exe -> Hijacker.VB.fg : Cleaned with backup (quarantined).
C:\drsmartload849a7f.exe -> Hijacker.VB.fg : Cleaned with backup (quarantined).
C:\drsmartload849a7g.exe -> Hijacker.VB.fg : Cleaned with backup (quarantined).
C:\drsmartload849a7h.exe -> Hijacker.VB.fg : Cleaned with backup (quarantined).
C:\dfndref_7.exe -> Hijacker.VB.ly : Cleaned with backup (quarantined).
C:\dfndrdd_6.exe -> Hijacker.VB.nh : Cleaned with backup (quarantined).
C:\dfndred_7.exe -> Hijacker.VB.nh : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Local Settings\Temporary Internet Files\Content.IE5\JVH1PX1A\ErrorSafeScannerInstallFR[1].cab/UERSV_0001_N68M0602NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.d : Ignored.
C:\Documents and Settings\Vincent\Local Settings\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\Cache\D536F398d01 -> Not-A-Virus.Exploit.HTML.CodeBaseExec : Ignored.
C:\Documents and Settings\Vincent\Local Settings\Temporary Internet Files\Content.IE5\07HFQAJX\send_car_int[1].htm -> Not-A-Virus.Exploit.HTML.CodeBaseExec : Ignored.
C:\Documents and Settings\Vincent\Local Settings\Temporary Internet Files\Content.IE5\D84FXHWL\send_ocx_sof[2].htm -> Not-A-Virus.Exploit.HTML.CodeBaseExec : Ignored.
C:\Documents and Settings\Vincent\Local Settings\Temporary Internet Files\Content.IE5\H44J1PWT\send_ocx_sof[1].htm -> Not-A-Virus.Exploit.HTML.CodeBaseExec : Ignored.
C:\Documents and Settings\Vincent\Local Settings\Temporary Internet Files\Content.IE5\JVH1PX1A\send_ocx_sof[2].htm -> Not-A-Virus.Exploit.HTML.CodeBaseExec : Ignored.
C:\Documents and Settings\Vincent\Local Settings\Temporary Internet Files\Content.IE5\MRS3UDC7\send_ocx_sof[2].htm -> Not-A-Virus.Exploit.HTML.CodeBaseExec : Ignored.
C:\Documents and Settings\Vincent\Cookies\vincent@247realmedia[2].txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.184:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.185:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.186:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.187:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.7:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.96:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@heavycom.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@microsofteup.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@microsoftwga.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@omahasteaks.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@partygaming.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@redcats.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@adbrite[1].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@stats.adbrite[1].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@ads.addynamix[2].txt -> TrackingCookie.Addynamix : Cleaned.
C:\Documents and Settings\Vincent\Local Settings\Temp\Cookies\vincent@ads.addynamix[2].txt -> TrackingCookie.Addynamix : Cleaned.
:mozilla.339:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Adition : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@srv1.ad.adition[1].txt -> TrackingCookie.Adition : Cleaned.
:mozilla.242:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.243:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.244:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@rotator.adjuggler[1].txt -> TrackingCookie.Adjuggler : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@ad.adocean[1].txt -> TrackingCookie.Adocean : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@gde.adocean[2].txt -> TrackingCookie.Adocean : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@idg.adocean[2].txt -> TrackingCookie.Adocean : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@adrevolver[4].txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.967:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.968:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.969:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.970:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.971:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.972:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Adserver : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@z1.adserver[2].txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.11:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.12:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@adtech[2].txt -> TrackingCookie.Adtech : Cleaned.
C:\Documents and Settings\Vincent\Local Settings\Temp\Cookies\vincent@adtech[2].txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.556:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Adtrak : Cleaned.
:mozilla.557:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Adtrak : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@www.adtrak[2].txt -> TrackingCookie.Adtrak : Cleaned.
C:\Documents and Settings\Vincent\Local Settings\Temp\Cookies\vincent@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@bluestreak[2].txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\Vincent\Local Settings\Temp\Cookies\vincent@bluestreak[2].txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@ads08.bpath[1].txt -> TrackingCookie.Bpath : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@ads43.bpath[1].txt -> TrackingCookie.Bpath : Cleaned.
:mozilla.614:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Burstbeacon : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@www.burstbeacon[1].txt -> TrackingCookie.Burstbeacon : Cleaned.
:mozilla.615:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@www.burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@www2.burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@casalemedia[2].txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Documents and Settings\Vincent\Local Settings\Temp\Cookies\vincent@casalemedia[2].txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.141:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Casinotropez : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@promo.casinotropez[1].txt -> TrackingCookie.Casinotropez : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@centrport[2].txt -> TrackingCookie.Centrport : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@clickbank[1].txt -> TrackingCookie.Clickbank : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@ad1.clickhype[1].txt -> TrackingCookie.Clickhype : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@com[2].txt -> TrackingCookie.Com : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@fl01.ct2.comclick[2].txt -> TrackingCookie.Comclick : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@bilbo.counted[2].txt -> TrackingCookie.Counted : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@cpvfeed[1].txt -> TrackingCookie.Cpvfeed : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@dbbsrv[1].txt -> TrackingCookie.Dbbsrv : Cleaned.
C:\Documents and Settings\Vincent\Local Settings\Temp\Cookies\vincent@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@c.enhance[1].txt -> TrackingCookie.Enhance : Cleaned.
:mozilla.668:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Epilot : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@www.epilot[1].txt -> TrackingCookie.Epilot : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@e-2dj6wfk4aid5oeo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@e-2dj6wfk4wgazako.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@e-2dj6wfl4kndjwhq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@e-2dj6wflocjdpkho.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@e-2dj6wfloeodzmlp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@e-2dj6wflognazcgo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@e-2dj6wgloglc5sko.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@e-2dj6wjk4gnc5sap.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@e-2dj6wjkoehajaap.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@e-2dj6wjkoshcjgap.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@e-2dj6wjkycpdjifp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@e-2dj6wjkyulcjsfo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@e-2dj6wjlislczado.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@e-2dj6wjloenc5iap.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@e-2dj6wjlycgd5whp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@e-2dj6wjlyeic5mfq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@e-2dj6wjny-1kdpoh.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@e-2dj6wjny-1lazsg.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@e-2dj6wjny-1pcpae.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@e-2dj6wjnyqkazifo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@estat[1].txt -> TrackingCookie.Estat : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@adopt.euroclick[1].txt -> TrackingCookie.Euroclick : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@as-eu.falkag[1].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@as-us.falkag[1].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@as1.falkag[1].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@sel.as-eu.falkag[2].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@sel.as-us.falkag[2].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\Vincent\Local Settings\Temp\Cookies\vincent@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@findwhat[1].txt -> TrackingCookie.Findwhat : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@c.goclick[2].txt -> TrackingCookie.Goclick : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@hotlog[1].txt -> TrackingCookie.Hotlog : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@ads20.hyperbanner[2].txt -> TrackingCookie.Hyperbanner : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@hypertracker[1].txt -> TrackingCookie.Hypertracker : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@ivwbox[2].txt -> TrackingCookie.Ivwbox : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@kmpads[2].txt -> TrackingCookie.Kmpads : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@komtrack[2].txt -> TrackingCookie.Komtrack : Cleaned.
:mozilla.286:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.287:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@server.iad.liveperson[1].txt -> TrackingCookie.Liveperson : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@image.masterstats[1].txt -> TrackingCookie.Masterstats : Cleaned.
:mozilla.794:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Myaffiliateprogram : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@www.myaffiliateprogram[2].txt -> TrackingCookie.Myaffiliateprogram : Cleaned.
:mozilla.343:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.344:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.345:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.346:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.347:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@stat.onestat[2].txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.112:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@data1.perf.overture[1].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@data2.perf.overture[1].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@overture[2].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@perf.overture[1].txt -> TrackingCookie.Overture : Cleaned.
:mozilla.102:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Paycounter : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@paycounter[2].txt -> TrackingCookie.Paycounter : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@creative.paypopup[2].txt -> TrackingCookie.Paypopup : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@ppms.popularix[2].txt -> TrackingCookie.Popularix : Cleaned.
:mozilla.152:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned.
:mozilla.153:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@qksrv[2].txt -> TrackingCookie.Qksrv : Cleaned.
:mozilla.154:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.155:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.156:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@questionmarket[2].txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@ads.realcastmedia[1].txt -> TrackingCookie.Realcastmedia : Cleaned.
:mozilla.140:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Realtracker : Cleaned.
:mozilla.528:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Realtracker : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@project2.realtracker[1].txt -> TrackingCookie.Realtracker : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@web4.realtracker[2].txt -> TrackingCookie.Realtracker : Cleaned.
:mozilla.371:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.372:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.373:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.374:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.375:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.376:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.377:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.222:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Revenue : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@ads01.revenue[1].txt -> TrackingCookie.Revenue : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@revenue[1].txt -> TrackingCookie.Revenue : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@edge.ru4[1].txt -> TrackingCookie.Ru4 : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@banners.searchingbooth[1].txt -> TrackingCookie.Searchingbooth : Cleaned.
:mozilla.289:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.290:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.291:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.292:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.293:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@cs.sexcounter[2].txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.28:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.871:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.872:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.873:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.874:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.331:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@adopt.specificclick[1].txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.334:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Spylog : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@spylog[2].txt -> TrackingCookie.Spylog : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@h.starware[1].txt -> TrackingCookie.Starware : Cleaned.
:mozilla.348:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.349:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.350:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.351:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.352:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.353:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.354:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.355:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.356:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.357:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.358:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.359:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.360:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.361:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.362:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.363:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.364:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.365:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.366:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.367:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@statcounter[2].txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.399:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.400:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@anad.tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@media.top-banners[1].txt -> TrackingCookie.Top-banners : Cleaned.
:mozilla.439:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.440:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.441:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.442:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.443:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.444:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.445:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.446:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.447:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.448:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.449:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.450:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.451:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.452:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.453:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.454:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.455:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.456:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.457:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.458:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.459:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.460:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@trafficmp[2].txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.461:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Trafic : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@trafic[1].txt -> TrackingCookie.Trafic : Cleaned.
:mozilla.465:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.466:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.467:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Documents and Settings\Vincent\Local Settings\Temp\Cookies\vincent@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.124:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.125:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.126:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.127:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.189:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.190:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.191:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.192:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.193:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@pmads.valuead[2].txt -> TrackingCookie.Valuead : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@reduxads.valuead[2].txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.533:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned.
:mozilla.534:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned.
:mozilla.535:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned.
:mozilla.536:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned.
:mozilla.537:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned.
:mozilla.538:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@webstat[2].txt -> TrackingCookie.Web-stat : Cleaned.
:mozilla.529:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Weborama : Cleaned.
:mozilla.530:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Weborama : Cleaned.
:mozilla.531:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Weborama : Cleaned.
:mozilla.532:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Weborama : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@weborama[2].txt -> TrackingCookie.Weborama : Cleaned.
:mozilla.957:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Xxxcounter : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@xxxcounter[1].txt -> TrackingCookie.Xxxcounter : Cleaned.
:mozilla.958:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Yadro : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@yadro[2].txt -> TrackingCookie.Yadro : Cleaned.
:mozilla.987:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.988:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.977:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.978:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.979:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.980:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.981:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\w1vnhu0t.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
C:\Documents and Settings\Vincent\Cookies\vincent@zedo[1].txt -> TrackingCookie.Zedo : Cleaned.
C:\AntiVirScan.exe -> Worm.VB.dz : Cleaned with backup (quarantined).
C:\Documents and Settings\Vincent\Mes documents\Downloads\Serious Sam Crack & KeyGen all Versions.exe -> Worm.VB.dz : Cleaned with backup (quarantined).
C:\bac.exe -> Worm.VB.dz : Cleaned with backup (quarantined).
C:\bac2.exe -> Worm.VB.dz : Cleaned with backup (quarantined).
::Report end
finaly my hijackthis log
Logfile of HijackThis v1.99.1
Scan saved at 16:05:00, on 2006-07-26
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINNT\system32\nvsvc32.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\sstray.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\WINNT\system32\RUNDLL32.EXE
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Documents and Settings\Vincent\Bureau\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.ca
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.findthewebsiteyouneed.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: ToolBar888 - {CBCC61FA-0221-4ccc-B409-CEE865CACA3A} - C:\Program Files\ToolBar888\MyToolBar.dll (file missing)
O3 - Toolbar: UCmore XP - The Search Accelerator - {44BE0690-5429-47f0-85BB-3FFD8020233E} - C:\Program Files\TheSearchAccelerator\UCMTSAIE.dll (file missing)
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [Ins3DT] E:\INSTALL4\INS3DT.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Fichiers communs\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ntdll.dll] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [oml11716] RUNDLL32.EXE w005f489.dll,n 002117140000000a005f489
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [qfwo] C:\PROGRA~1\FICHIE~1\qfwo\qfwom.exe
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O4 - HKCU\..\Run: [Pop up Blocker] "C:\Program Files\Pop up Blocker\pd.exe" Minimize
O4 - Startup: PowerReg Scheduler.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: PD - {27524337-458A-4E77-95B8-D0A062E038CA} - C:\Program Files\Pop up Blocker\pd.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra button: AbsoluteShield IE Popup Blocker - {A70DD885-5FCE-44af-8AA1-FC07FFE8CE21} - C:\Program Files\SysShield Tools\IE Popup Blocker\PKMaster.exe (HKCU)
O16 - DPF: {00000000-0000-0000-0000-000020050660} - http://207.234.185.217/ABoxInst_int15.exe
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.2.1.87.cab
O16 - DPF: {48884C41-EFAC-433D-958A-9FADAC41408E} (EGamesPlugin Class) - https://www.e-games.com.my/com/EGamesPlugin.cab
O16 - DPF: {A1426AC5-8CE5-4A00-B71E-011D35709AC6} - http://advnt01.com/dialer/int_ver34.CAB
O16 - DPF: {BE833F39-1E0C-468C-BA70-25AAEE55775E} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab.cab
O23 - Service: Aluria Spyware Eliminator Service (ASEService) - Unknown owner - C:\PROGRA~1\ALURIA~1\ASE\ASEServ.exe (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Crossfire server (Crossfire) - Unknown owner - C:\Program Files\Crossfire Server\Crossfire32.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
ouf... :whistle:
LonnyRJones
2006-07-26, 23:26
Delete these folders if they still exist.
C:\Program Files\Fichiers communs\{FC06304D-0872-1036-1112-040425030002}
C:\Program Files\TClock
C:\Program Files\Fichiers communs\qfwo
C:\Program Files\NoAdware4 uninstall it first
C:\Program Files\ipwins
C:\Program Files\SurfSideKick 3
C:\Program Files\Save
C:\Program Files\TheSearchAccelerator
C:\Program Files\ToolBar888
The programs you downloaded and ran from here is what worries me.
c:\Documents and Settings\Vincent\Mes documents\Downloads\
why download with a p2p program when you can get them from the author's
if they require payments either pay of find an alternative
Hopefully you didnt get norton or any security software from a p2p or cracksite ?
And no scanning items downloaded from p2p is not enough to ensure they are not infected.
Franky, if it was my pc it would be formated and windows installed fresh again.
Start Hijackthis and place a check next to these items If there.
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.ca
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.findthewebsiteyouneed.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - (no file)
O3 - Toolbar: ToolBar888 - {CBCC61FA-0221-4ccc-B409-CEE865CACA3A} - C:\Program Files\ToolBar888\MyToolBar.dll (file missing)
O3 - Toolbar: UCmore XP - The Search Accelerator - {44BE0690-5429-47f0-85BB-3FFD8020233E} - C:\Program Files\TheSearchAccelerator\UCMTSAIE.dll (file missing)
O4 - HKLM\..\Run: [oml11716] RUNDLL32.EXE w005f489.dll,n 002117140000000a005f489
O4 - HKCU\..\Run: [qfwo] C:\PROGRA~1\FICHIE~1\qfwo\qfwom.exe
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O4 - Startup: PowerReg Scheduler.exe
O16 - DPF: {00000000-0000-0000-0000-000020050660} - http://207.234.185.217/ABoxInst_int15.exe
O16 - DPF: {A1426AC5-8CE5-4A00-B71E-011D35709AC6} - http://advnt01.com/dialer/int_ver34.CAB
====================================
Hit fix checked and close Hijackthis.
Restart the PC
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
C:\Program Files\Crossfire Server < can you provide some information on that program ?
Run combofix and post its log
Logfile of HijackThis v1.99.1
Scan saved at 20:38:11, on 2006-07-26
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINNT\system32\nvsvc32.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\sstray.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\WINNT\system32\RUNDLL32.EXE
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Documents and Settings\Vincent\Bureau\HijackThis.exe
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [Ins3DT] E:\INSTALL4\INS3DT.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Fichiers communs\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ntdll.dll] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra button: AbsoluteShield IE Popup Blocker - {A70DD885-5FCE-44af-8AA1-FC07FFE8CE21} - C:\Program Files\SysShield Tools\IE Popup Blocker\PKMaster.exe (HKCU)
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.2.1.87.cab
O16 - DPF: {48884C41-EFAC-433D-958A-9FADAC41408E} (EGamesPlugin Class) - https://www.e-games.com.my/com/EGamesPlugin.cab
O16 - DPF: {BE833F39-1E0C-468C-BA70-25AAEE55775E} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab.cab
O23 - Service: Aluria Spyware Eliminator Service (ASEService) - Unknown owner - C:\PROGRA~1\ALURIA~1\ASE\ASEServ.exe (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Crossfire server (Crossfire) - Unknown owner - C:\Program Files\Crossfire Server\Crossfire32.exe (file missing)
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
Well, i used a p2p program just to download something but this something was badly infected :( . And no my norton isnt pirated or cracked, but right now ,my abonement is expired. Crossfire is a game who required pass by a server to play with. I stop using it for a wile but i wanst expected that could bring problems to my computer. (sorry again for my english)
Ho , sorry i post u the wrong log
here he is:
Start Time= mer. 2006-07-26 20:50:54,00
Running from: C:\Documents and Settings\Vincent\Bureau
(((((((((((((((((((((((((((((((((((((((((((((((( Ssk's Log )))))))))))))))))))))))))))))))))))))))))))))))))))))
C:\Documents and Settings\Vincent\Application Data\Sskknwrd.dll
C:\Documents and Settings\Vincent\Local Settings\Temporary Internet Files\Ssk.log
* * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
20:54:02,62
(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\Windows\newname.dat
C:\Windows\keyboard1.dat
C:\WINNT\system32\atmtd.dll
C:\WINNT\system32\atmtd.dll._
C:\Documents and Settings\Default User\Application Data\NetMon
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2006-07-26 20:33:36 ( AD... ) "C:\Program Files\Fichiers communs"
2006-07-26 14:38:58 ( AD... ) "C:\Program Files\ewido anti-spyware 4.0"
2006-07-26 13:26:14 286 ( A.... ) "C:\WINNT\system32\n.bat"
2006-07-26 13:24:30 1064 ( A.... ) "C:\WINNT\system32\oml11716.sys"
2006-07-26 13:24:30 1064 ( A.... ) "C:\WINNT\system32\oml11716.sys"
2006-07-26 12:54:08 40960 ( A.... ) "C:\Look2Me-Destroyer.exe"
2006-07-26 12:53:36 ( .D... ) "C:\Program Files\Google"
2006-07-25 19:18:04 65536 ( A.... ) "C:\WINNT\IFinst27.exe"
2006-07-25 19:01:44 ( .D... ) "C:\Program Files\Gravity"
2006-07-25 13:15:04 ( .D.H. ) "C:\Program Files\InstallShield Installation Information"
2006-07-24 22:53:12 ( .D... ) "C:\Program Files\Helsource"
2006-07-24 22:23:46 ( .D... ) "C:\Program Files\Max Payne"
2006-07-23 17:27:12 ( .D... ) "C:\Program Files\MobRO"
2006-07-23 15:55:20 ( .D... ) "C:\Program Files\Codemasters"
2006-07-21 18:55:38 127578 ( A.... ) "C:\WINNT\system32\tsuninst.exe"
2006-07-20 16:52:38 ( .D... ) "C:\Program Files\directx"
2006-07-20 15:47:26 ( .D... ) "C:\Documents and Settings\Vincent\Application Data\Talkback"
2006-07-20 15:44:52 ( .D... ) "C:\Documents and Settings\Vincent\Application Data\Mozilla"
2006-07-20 14:44:14 ( .D... ) "C:\Program Files\SmartPopupBlocker"
2006-07-20 14:43:32 ( .D... ) "C:\Program Files\SysShield Tools"
2006-07-20 13:28:50 ( .D... ) "C:\Program Files\GameSpy Arcade"
2006-07-20 12:15:12 ( .D... ) "C:\Program Files\Lionhead Studios Ltd"
2006-07-20 10:03:38 ( .D... ) "C:\Program Files\Lineage II"
2006-07-20 09:53:44 ( .D... ) "C:\Program Files\File Sharing Revolution"
2006-07-20 00:57:50 0 ( A.... ) "C:\WINNT\system32\taskkill.exe"
2006-07-19 20:28:02 ( .D... ) "C:\Program Files\eMule"
2006-07-19 20:18:36 ( .D... ) "C:\Program Files\Clash N Slash"
2006-07-19 20:11:48 ( .D... ) "C:\Documents and Settings\Vincent\Application Data\Kazaa Lite"
2006-07-14 01:09:56 ( .D... ) "C:\Program Files\Cyanide"
2006-07-14 01:03:36 ( .D... ) "C:\Program Files\Powerdrome"
2006-07-12 14:15:36 ( .D... ) "C:\Program Files\LucasArts"
2006-06-26 21:03:46 ( .D... ) "C:\Program Files\Deluxe Snake"
2006-06-25 00:57:46 ( .D... ) "C:\Program Files\Armagetron"
2006-06-25 00:57:16 ( .D... ) "C:\Program Files\Rumble Box"
2006-06-09 19:30:50 18408 ( A.... ) "C:\Documents and Settings\Vincent\Application Data\GDIPFONTCACHEV1.DAT"
2006-06-07 13:55:52 3753 ( A.... ) "C:\Program Files\html2.htm"
2006-06-07 13:55:52 3626 ( A.... ) "C:\Program Files\html1.htm"
2006-06-03 17:27:36 ( .D... ) "C:\Program Files\ElastoMania111"
2006-06-03 16:42:24 ( .D... ) "C:\Program Files\Silver Wings"
2006-06-03 14:13:12 ( .D... ) "C:\Program Files\On2 Technologies"
2006-06-03 11:55:00 ( .D... ) "C:\Program Files\Eidos"
2006-05-29 20:17:32 98304 ( A.... ) "C:\WINNT\system32\CmdLineExt.dll"
2006-05-19 05:18:40 136976 ( A.... ) "C:\WINNT\system32\dnsapi.dll"
2006-05-19 05:18:40 90384 ( A.... ) "C:\WINNT\system32\DHCPCSVC.DLL"
2006-05-19 05:18:40 69392 ( A.... ) "C:\WINNT\system32\IPHLPAPI.DLL"
2006-05-17 02:20:56 17 ( A.... ) "C:\Program Files\d.bat"
2006-05-03 02:57:50 292352 ( A.... ) "C:\WINNT\system32\sp3res.dll"
2006-04-30 14:19:42 1386496 ( A.... ) "C:\WINNT\system32\MSVBVM60.DLL"
2005-11-21 18:04:52 172 ( A.... ) "C:\Program Files\run_studiomdl.bat"
2005-11-21 18:04:52 167 ( A.... ) "C:\Program Files\run_hlmv.bat"
2005-11-21 18:04:52 166 ( A.... ) "C:\Program Files\run_mod.bat"
2005-11-21 18:04:52 105 ( A.... ) "C:\Program Files\run_hammer.bat"
2005-10-30 20:54:28 74414 ( A.... ) "C:\Program Files\uninst_c14.exe"
2005-07-09 12:50:06 4549904 ( A.... ) "C:\Program Files\c14_m1b.bsp"
2005-06-28 07:36:22 3388192 ( A.... ) "C:\Program Files\c14_m1c.bsp"
2005-06-04 07:43:02 1662040 ( A.... ) "C:\Program Files\c14_m1.bsp"
2005-03-31 23:17:42 40960 ( A.... ) "C:\Program Files\Uninstall_CDS.exe"
2005-01-22 00:22:16 22115 ( ...H. ) "C:\Program Files\folder.htt"
2005-01-22 00:22:16 271 ( ...H. ) "C:\Program Files\desktop.ini"
(((((((((((((((((((((((((((((((((((((( Files Created - Last 30days )))))))))))))))))))))))))))))))))))))))))))
2006-07-26 12:54 40˙960 C:\Look2Me-Destroyer.exe
2006-07-26 12:43 1˙064 C:\WINNT\system32\oml11716.sys
2006-07-26 01:24 127˙578 C:\WINNT\system32\tsuninst.exe
2006-07-25 18:41 65˙536 C:\WINNT\IFinst27.exe
2006-07-20 01:00 480˙000 C:\WINNT\rrysqwf.exe
2006-07-20 00:58 286 C:\WINNT\system32\n.bat
2006-07-20 00:57 0 C:\WINNT\system32\taskkill.exe
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries are not shown
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"Synchronization Manager"="mobsync.exe /logon"
"Ins3DT"="E:\\INSTALL4\\INS3DT.EXE"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINNT\\system32\\NvCpl.dll,NvStartup"
"nwiz"="nwiz.exe /install"
"nForce Tray Options"="sstray.exe /r"
"ccApp"="\"C:\\Program Files\\Fichiers communs\\Symantec Shared\\ccApp.exe\""
"ccRegVfy"="\"C:\\Program Files\\Fichiers communs\\Symantec Shared\\ccRegVfy.exe\""
"SSC_UserPrompt"="C:\\Program Files\\Fichiers communs\\Symantec Shared\\Security Center\\UsrPrmpt.exe"
"Symantec NetDriver Monitor"="C:\\PROGRA~1\\SYMNET~1\\SNDMon.exe /Consumer"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"RemoteControl"="\"C:\\Program Files\\CyberLink DVD Solution\\PowerDVD\\PDVDServ.exe\""
"InCD"="C:\\Program Files\\Ahead\\InCD\\InCD.exe"
"NeroFilterCheck"="C:\\WINNT\\system32\\NeroCheck.exe"
"NvMediaCenter"="RUNDLL32.EXE C:\\WINNT\\system32\\NvMcTray.dll,NvTaskbarInit"
"ntdll.dll"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"!ewido"="\"C:\\Program Files\\ewido anti-spyware 4.0\\ewido.exe\" /minimized"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonceex]
"flags"=dword:00000008
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonceex\000]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\run]
"{FC06304D-0872-1036-1112-040425030002}"="\"C:\\Program Files\\Fichiers communs\\{FC06304D-0872-1036-1112-040425030002}\\Update.exe\" mc-110-12-0000140"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=dword:00000000
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000003
"Settings"=dword:00000001
"GeneralFlags"=dword:00000001
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e4,02,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,f0,01,00,00,b5,00,00,00,80,00,00,00,76,00,\
00,00,01,00,00,00
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"internat.exe"="internat.exe"
[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"^SetupICWDesktop"=""
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000095
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="ewido anti-spyware 4.0"
Contents of the 'Scheduled Tasks' folder
C:\WINNT\tasks\Norton AntiVirus - Analyser mon ordinateur.job
C:\WINNT\tasks\Symantec NetDetect.job
Completion time: mer. 2006-07-26 20:54:48,76
ComboFix ver 06.07.15 - This logfile is located at C:\ComboFix.txt
:)
ps: My computer stop to receive inutiles pop-up but i still with the problem that every time i open IE , my computer start the windowsXP instaler. :confused:
LonnyRJones
2006-07-27, 04:58
If notron is expired replace it with atleast a free antivirus program
Uninstall Kazaa Lite and delete its folders
C:\Documents and Settings\Vincent\Application Data\Kazaa Lite <
go submit these files here
http://www.virustotal.com/flash/index_en.html
C:\WINNT\system32\oml11716.sys
C:\WINNT\system32\tsuninst.exe
C:\WINNT\IFinst27.exe
C:\WINNT\rrysqwf.exe
C:\WINNT\system32\n.bat
anything bad found ?
"every time i open IE , my computer start the windowsXP instaler."
xp ?
Not sure this will help buts lets try ie repair
Click Start, click Run, and then in the Open box, copy then paste in the following command, and then click OK:
rundll32 setupwbv.dll,IE6Maintenance "C:\Program Files\Internet Explorer\Setup\SETUP.EXE" /g "C:\WINDOWS\IE Uninstall Log.Txt"
then use the repair option
referance http://support.microsoft.com/?kbid=293907
Ill try it. Can you suggest me a free antivirus before i continue with notron?
:bigthumb: Tanks a lot for ur help , ur great, continue to help peoples like that we appreciaate. :bigthumb:
LonnyRJones
2006-07-27, 05:12
Sure but uninstall norton first
There are three mentioned in this post , only install one !
http://forums.spybot.info/showthread.php?t=279
ok tanks! and did ie repair is alredy instaled on my computer or i need to download it?
Ho great i get a response from virus total:
Virus Total
_______________________________________________
Scan results
File: oml11716.sys
Date: 07/27/2006 05:42:54 (CET)
----
AntiVir 6.35.1.0/20060726 found nothing
Authentium 4.93.8/20060726 found nothing
Avast 4.7.844.0/20060726 found nothing
AVG 386/20060726 found nothing
BitDefender 7.2/20060727 found nothing
CAT-QuickHeal 8.00/20060726 found nothing
ClamAV devel-20060426/20060727 found nothing
DrWeb 4.33/20060726 found nothing
eTrust-InoculateIT 23.72.79/20060727 found nothing
eTrust-Vet 12.6.2309/20060726 found nothing
Ewido 4.0/20060726 found nothing
Fortinet 2.77.0.0/20060727 found nothing
F-Prot 3.16f/20060726 found nothing
F-Prot4 4.2.1.29/20060726 found nothing
Ikarus 0.2.65.0/20060726 found nothing
Kaspersky 4.0.2.24/20060726 found nothing
McAfee 4815/20060726 found nothing
Microsoft 1.1508/20060727 found nothing
NOD32v2 1.1680/20060727 found nothing
Norman 5.90.23/20060726 found nothing
Panda 9.0.0.4/20060726 found nothing
Sophos 4.07.0/20060727 found nothing
Symantec 8.0/20060727 found nothing
TheHacker 5.9.8.181/20060725 found nothing
UNA 1.83/20060726 found nothing
VBA32 3.11.0/20060726 found nothing
VirusBuster 4.3.7:9/20060726 found nothing
LonnyRJones
2006-07-27, 06:17
?
Did you try that start run command and choose the repair option then get a prompt to reboot the PC ?
Did you submit the other files yet ?
Ho! :blush: Its ok i found it!
But, what others files?
LonnyRJones
2006-07-27, 17:39
Files to submit at virustotal
1 C:\WINNT\system32\oml11716.sys done
2 C:\WINNT\system32\tsuninst.exe
3 C:\WINNT\IFinst27.exe
4 C:\WINNT\rrysqwf.exe
5 C:\WINNT\system32\n.bat
http://www.virustotal.com/flash/index_en.html (http://www.virustotal.com/flash/index_en.html)
anything bad found ?
Virus Total
_______________________________________________
Scan results
File: myfiles.rar
Date: 07/28/2006 05:03:56 (CET)
----
AntiVir 6.35.1.0/20060727 found nothing
Authentium 4.93.8/20060727 found nothing
Avast 4.7.844.0/20060726 found nothing
AVG 386/20060727 found nothing
BitDefender 7.2/20060728 found nothing
CAT-QuickHeal 8.00/20060726 found nothing
ClamAV devel-20060426/20060727 found nothing
DrWeb 4.33/20060727 found nothing
eTrust-InoculateIT 23.72.80/20060728 found nothing
eTrust-Vet 12.6.2312/20060727 found nothing
Ewido 4.0/20060727 found nothing
Fortinet 2.77.0.0/20060727 found [suspicious]
F-Prot 3.16f/20060727 found nothing
F-Prot4 4.2.1.29/20060727 found nothing
Ikarus 0.2.65.0/20060727 found nothing
Kaspersky 4.0.2.24/20060728 found nothing
McAfee 4816/20060727 found nothing
Microsoft 1.1508/20060727 found nothing
NOD32v2 1.1682/20060727 found nothing
Norman 5.90.23/20060727 found nothing
Panda 9.0.0.4/20060727 found nothing
Sophos 4.07.0/20060728 found nothing
Symantec 8.0/20060728 found nothing
TheHacker 5.9.8.182/20060727 found nothing
UNA 1.83/20060727 found nothing
VBA32 3.11.0/20060727 found nothing
VirusBuster 4.3.7:9/20060727 found nothing
_______________________________________________
I zip all the files and put them in a document named myfiles and its work now :D: .
LonnyRJones
2006-07-28, 19:47
Was there a problem submitting each file one at a time ?
my mail dont want to send the .exe programs. So i do a .zip
LonnyRJones
2006-07-29, 01:41
konasix you dont have to use email to submit files at virus total
LonnyRJones
2006-08-02, 08:54
Are there any current problems ?
This topic is closed. Thank you Lonny.
konasix if you need it re-opened please send me a pm and provide a link to the thread.
Applies only to the original topic starter.