A lot of problems with surf side kik. I need help or assistance

finaly my hijackthis log

Logfile of HijackThis v1.99.1
Scan saved at 16:05:00, on 2006-07-26
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINNT\system32\nvsvc32.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\sstray.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\WINNT\system32\RUNDLL32.EXE
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Documents and Settings\Vincent\Bureau\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.ca
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.findthewebsiteyouneed.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: ToolBar888 - {CBCC61FA-0221-4ccc-B409-CEE865CACA3A} - C:\Program Files\ToolBar888\MyToolBar.dll (file missing)
O3 - Toolbar: UCmore XP - The Search Accelerator - {44BE0690-5429-47f0-85BB-3FFD8020233E} - C:\Program Files\TheSearchAccelerator\UCMTSAIE.dll (file missing)
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [Ins3DT] E:\INSTALL4\INS3DT.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Fichiers communs\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ntdll.dll] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [oml11716] RUNDLL32.EXE w005f489.dll,n 002117140000000a005f489
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [qfwo] C:\PROGRA~1\FICHIE~1\qfwo\qfwom.exe
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O4 - HKCU\..\Run: [Pop up Blocker] "C:\Program Files\Pop up Blocker\pd.exe" Minimize
O4 - Startup: PowerReg Scheduler.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: PD - {27524337-458A-4E77-95B8-D0A062E038CA} - C:\Program Files\Pop up Blocker\pd.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra button: AbsoluteShield IE Popup Blocker - {A70DD885-5FCE-44af-8AA1-FC07FFE8CE21} - C:\Program Files\SysShield Tools\IE Popup Blocker\PKMaster.exe (HKCU)
O16 - DPF: {00000000-0000-0000-0000-000020050660} - http://207.234.185.217/ABoxInst_int15.exe
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.2.1.87.cab
O16 - DPF: {48884C41-EFAC-433D-958A-9FADAC41408E} (EGamesPlugin Class) - https://www.e-games.com.my/com/EGamesPlugin.cab
O16 - DPF: {A1426AC5-8CE5-4A00-B71E-011D35709AC6} - http://advnt01.com/dialer/int_ver34.CAB
O16 - DPF: {BE833F39-1E0C-468C-BA70-25AAEE55775E} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab.cab
O23 - Service: Aluria Spyware Eliminator Service (ASEService) - Unknown owner - C:\PROGRA~1\ALURIA~1\ASE\ASEServ.exe (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Crossfire server (Crossfire) - Unknown owner - C:\Program Files\Crossfire Server\Crossfire32.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe

ouf... :whistle:
 
Delete these folders if they still exist.
C:\Program Files\Fichiers communs\{FC06304D-0872-1036-1112-040425030002}
C:\Program Files\TClock
C:\Program Files\Fichiers communs\qfwo
C:\Program Files\NoAdware4 uninstall it first
C:\Program Files\ipwins
C:\Program Files\SurfSideKick 3
C:\Program Files\Save
C:\Program Files\TheSearchAccelerator
C:\Program Files\ToolBar888

The programs you downloaded and ran from here is what worries me.
c:\Documents and Settings\Vincent\Mes documents\Downloads\
why download with a p2p program when you can get them from the author's
if they require payments either pay of find an alternative
Hopefully you didnt get norton or any security software from a p2p or cracksite ?
And no scanning items downloaded from p2p is not enough to ensure they are not infected.
Franky, if it was my pc it would be formated and windows installed fresh again.


Start Hijackthis and place a check next to these items If there.
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.ca
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.findthewebsiteyouneed.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - (no file)
O3 - Toolbar: ToolBar888 - {CBCC61FA-0221-4ccc-B409-CEE865CACA3A} - C:\Program Files\ToolBar888\MyToolBar.dll (file missing)
O3 - Toolbar: UCmore XP - The Search Accelerator - {44BE0690-5429-47f0-85BB-3FFD8020233E} - C:\Program Files\TheSearchAccelerator\UCMTSAIE.dll (file missing)
O4 - HKLM\..\Run: [oml11716] RUNDLL32.EXE w005f489.dll,n 002117140000000a005f489
O4 - HKCU\..\Run: [qfwo] C:\PROGRA~1\FICHIE~1\qfwo\qfwom.exe
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O4 - Startup: PowerReg Scheduler.exe
O16 - DPF: {00000000-0000-0000-0000-000020050660} - http://207.234.185.217/ABoxInst_int15.exe
O16 - DPF: {A1426AC5-8CE5-4A00-B71E-011D35709AC6} - http://advnt01.com/dialer/int_ver34.CAB


====================================
Hit fix checked and close Hijackthis.
Restart the PC
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



C:\Program Files\Crossfire Server < can you provide some information on that program ?

Run combofix and post its log
 
Logfile of HijackThis v1.99.1
Scan saved at 20:38:11, on 2006-07-26
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINNT\system32\nvsvc32.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\sstray.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\WINNT\system32\RUNDLL32.EXE
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Documents and Settings\Vincent\Bureau\HijackThis.exe

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [Ins3DT] E:\INSTALL4\INS3DT.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Fichiers communs\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ntdll.dll] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra button: AbsoluteShield IE Popup Blocker - {A70DD885-5FCE-44af-8AA1-FC07FFE8CE21} - C:\Program Files\SysShield Tools\IE Popup Blocker\PKMaster.exe (HKCU)
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.2.1.87.cab
O16 - DPF: {48884C41-EFAC-433D-958A-9FADAC41408E} (EGamesPlugin Class) - https://www.e-games.com.my/com/EGamesPlugin.cab
O16 - DPF: {BE833F39-1E0C-468C-BA70-25AAEE55775E} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab.cab
O23 - Service: Aluria Spyware Eliminator Service (ASEService) - Unknown owner - C:\PROGRA~1\ALURIA~1\ASE\ASEServ.exe (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Crossfire server (Crossfire) - Unknown owner - C:\Program Files\Crossfire Server\Crossfire32.exe (file missing)
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe

Well, i used a p2p program just to download something but this something was badly infected :( . And no my norton isnt pirated or cracked, but right now ,my abonement is expired. Crossfire is a game who required pass by a server to play with. I stop using it for a wile but i wanst expected that could bring problems to my computer. (sorry again for my english)
 
Ho , sorry i post u the wrong log
here he is:

Start Time= mer. 2006-07-26 20:50:54,00
Running from: C:\Documents and Settings\Vincent\Bureau

(((((((((((((((((((((((((((((((((((((((((((((((( Ssk's Log )))))))))))))))))))))))))))))))))))))))))))))))))))))


C:\Documents and Settings\Vincent\Application Data\Sskknwrd.dll
C:\Documents and Settings\Vincent\Local Settings\Temporary Internet Files\Ssk.log


* * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *



20:54:02,62
(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\Windows\newname.dat
C:\Windows\keyboard1.dat
C:\WINNT\system32\atmtd.dll
C:\WINNT\system32\atmtd.dll._
C:\Documents and Settings\Default User\Application Data\NetMon


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2006-07-26 20:33:36 ( AD... ) "C:\Program Files\Fichiers communs"
2006-07-26 14:38:58 ( AD... ) "C:\Program Files\ewido anti-spyware 4.0"
2006-07-26 13:26:14 286 ( A.... ) "C:\WINNT\system32\n.bat"
2006-07-26 13:24:30 1064 ( A.... ) "C:\WINNT\system32\oml11716.sys"
2006-07-26 13:24:30 1064 ( A.... ) "C:\WINNT\system32\oml11716.sys"
2006-07-26 12:54:08 40960 ( A.... ) "C:\Look2Me-Destroyer.exe"
2006-07-26 12:53:36 ( .D... ) "C:\Program Files\Google"
2006-07-25 19:18:04 65536 ( A.... ) "C:\WINNT\IFinst27.exe"
2006-07-25 19:01:44 ( .D... ) "C:\Program Files\Gravity"
2006-07-25 13:15:04 ( .D.H. ) "C:\Program Files\InstallShield Installation Information"
2006-07-24 22:53:12 ( .D... ) "C:\Program Files\Helsource"
2006-07-24 22:23:46 ( .D... ) "C:\Program Files\Max Payne"
2006-07-23 17:27:12 ( .D... ) "C:\Program Files\MobRO"
2006-07-23 15:55:20 ( .D... ) "C:\Program Files\Codemasters"
2006-07-21 18:55:38 127578 ( A.... ) "C:\WINNT\system32\tsuninst.exe"
2006-07-20 16:52:38 ( .D... ) "C:\Program Files\directx"
2006-07-20 15:47:26 ( .D... ) "C:\Documents and Settings\Vincent\Application Data\Talkback"
2006-07-20 15:44:52 ( .D... ) "C:\Documents and Settings\Vincent\Application Data\Mozilla"
2006-07-20 14:44:14 ( .D... ) "C:\Program Files\SmartPopupBlocker"
2006-07-20 14:43:32 ( .D... ) "C:\Program Files\SysShield Tools"
2006-07-20 13:28:50 ( .D... ) "C:\Program Files\GameSpy Arcade"
2006-07-20 12:15:12 ( .D... ) "C:\Program Files\Lionhead Studios Ltd"
2006-07-20 10:03:38 ( .D... ) "C:\Program Files\Lineage II"
2006-07-20 09:53:44 ( .D... ) "C:\Program Files\File Sharing Revolution"
2006-07-20 00:57:50 0 ( A.... ) "C:\WINNT\system32\taskkill.exe"
2006-07-19 20:28:02 ( .D... ) "C:\Program Files\eMule"
2006-07-19 20:18:36 ( .D... ) "C:\Program Files\Clash N Slash"
2006-07-19 20:11:48 ( .D... ) "C:\Documents and Settings\Vincent\Application Data\Kazaa Lite"
2006-07-14 01:09:56 ( .D... ) "C:\Program Files\Cyanide"
2006-07-14 01:03:36 ( .D... ) "C:\Program Files\Powerdrome"
2006-07-12 14:15:36 ( .D... ) "C:\Program Files\LucasArts"
2006-06-26 21:03:46 ( .D... ) "C:\Program Files\Deluxe Snake"
2006-06-25 00:57:46 ( .D... ) "C:\Program Files\Armagetron"
2006-06-25 00:57:16 ( .D... ) "C:\Program Files\Rumble Box"
2006-06-09 19:30:50 18408 ( A.... ) "C:\Documents and Settings\Vincent\Application Data\GDIPFONTCACHEV1.DAT"
2006-06-07 13:55:52 3753 ( A.... ) "C:\Program Files\html2.htm"
2006-06-07 13:55:52 3626 ( A.... ) "C:\Program Files\html1.htm"
2006-06-03 17:27:36 ( .D... ) "C:\Program Files\ElastoMania111"
2006-06-03 16:42:24 ( .D... ) "C:\Program Files\Silver Wings"
2006-06-03 14:13:12 ( .D... ) "C:\Program Files\On2 Technologies"
2006-06-03 11:55:00 ( .D... ) "C:\Program Files\Eidos"
2006-05-29 20:17:32 98304 ( A.... ) "C:\WINNT\system32\CmdLineExt.dll"
2006-05-19 05:18:40 136976 ( A.... ) "C:\WINNT\system32\dnsapi.dll"
2006-05-19 05:18:40 90384 ( A.... ) "C:\WINNT\system32\DHCPCSVC.DLL"
2006-05-19 05:18:40 69392 ( A.... ) "C:\WINNT\system32\IPHLPAPI.DLL"
2006-05-17 02:20:56 17 ( A.... ) "C:\Program Files\d.bat"
2006-05-03 02:57:50 292352 ( A.... ) "C:\WINNT\system32\sp3res.dll"
2006-04-30 14:19:42 1386496 ( A.... ) "C:\WINNT\system32\MSVBVM60.DLL"
2005-11-21 18:04:52 172 ( A.... ) "C:\Program Files\run_studiomdl.bat"
2005-11-21 18:04:52 167 ( A.... ) "C:\Program Files\run_hlmv.bat"
2005-11-21 18:04:52 166 ( A.... ) "C:\Program Files\run_mod.bat"
2005-11-21 18:04:52 105 ( A.... ) "C:\Program Files\run_hammer.bat"
2005-10-30 20:54:28 74414 ( A.... ) "C:\Program Files\uninst_c14.exe"
2005-07-09 12:50:06 4549904 ( A.... ) "C:\Program Files\c14_m1b.bsp"
2005-06-28 07:36:22 3388192 ( A.... ) "C:\Program Files\c14_m1c.bsp"
2005-06-04 07:43:02 1662040 ( A.... ) "C:\Program Files\c14_m1.bsp"
2005-03-31 23:17:42 40960 ( A.... ) "C:\Program Files\Uninstall_CDS.exe"
2005-01-22 00:22:16 22115 ( ...H. ) "C:\Program Files\folder.htt"
2005-01-22 00:22:16 271 ( ...H. ) "C:\Program Files\desktop.ini"


(((((((((((((((((((((((((((((((((((((( Files Created - Last 30days )))))))))))))))))))))))))))))))))))))))))))


2006-07-26 12:54 40ÿ960 C:\Look2Me-Destroyer.exe
2006-07-26 12:43 1ÿ064 C:\WINNT\system32\oml11716.sys
2006-07-26 01:24 127ÿ578 C:\WINNT\system32\tsuninst.exe
2006-07-25 18:41 65ÿ536 C:\WINNT\IFinst27.exe
2006-07-20 01:00 480ÿ000 C:\WINNT\rrysqwf.exe
2006-07-20 00:58 286 C:\WINNT\system32\n.bat
2006-07-20 00:57 0 C:\WINNT\system32\taskkill.exe


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries are not shown

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"Synchronization Manager"="mobsync.exe /logon"
"Ins3DT"="E:\\INSTALL4\\INS3DT.EXE"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINNT\\system32\\NvCpl.dll,NvStartup"
"nwiz"="nwiz.exe /install"
"nForce Tray Options"="sstray.exe /r"
"ccApp"="\"C:\\Program Files\\Fichiers communs\\Symantec Shared\\ccApp.exe\""
"ccRegVfy"="\"C:\\Program Files\\Fichiers communs\\Symantec Shared\\ccRegVfy.exe\""
"SSC_UserPrompt"="C:\\Program Files\\Fichiers communs\\Symantec Shared\\Security Center\\UsrPrmpt.exe"
"Symantec NetDriver Monitor"="C:\\PROGRA~1\\SYMNET~1\\SNDMon.exe /Consumer"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"RemoteControl"="\"C:\\Program Files\\CyberLink DVD Solution\\PowerDVD\\PDVDServ.exe\""
"InCD"="C:\\Program Files\\Ahead\\InCD\\InCD.exe"
"NeroFilterCheck"="C:\\WINNT\\system32\\NeroCheck.exe"
"NvMediaCenter"="RUNDLL32.EXE C:\\WINNT\\system32\\NvMcTray.dll,NvTaskbarInit"
"ntdll.dll"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"!ewido"="\"C:\\Program Files\\ewido anti-spyware 4.0\\ewido.exe\" /minimized"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonceex]
"flags"=dword:00000008

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonceex\000]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\run]
"{FC06304D-0872-1036-1112-040425030002}"="\"C:\\Program Files\\Fichiers communs\\{FC06304D-0872-1036-1112-040425030002}\\Update.exe\" mc-110-12-0000140"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=dword:00000000

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000003
"Settings"=dword:00000001
"GeneralFlags"=dword:00000001

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e4,02,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,f0,01,00,00,b5,00,00,00,80,00,00,00,76,00,\
00,00,01,00,00,00

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"internat.exe"="internat.exe"

[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"^SetupICWDesktop"=""

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000095

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="ewido anti-spyware 4.0"



Contents of the 'Scheduled Tasks' folder
C:\WINNT\tasks\Norton AntiVirus - Analyser mon ordinateur.job
C:\WINNT\tasks\Symantec NetDetect.job

Completion time: mer. 2006-07-26 20:54:48,76
ComboFix ver 06.07.15 - This logfile is located at C:\ComboFix.txt

:)

ps: My computer stop to receive inutiles pop-up but i still with the problem that every time i open IE , my computer start the windowsXP instaler. :confused:
 
If notron is expired replace it with atleast a free antivirus program

Uninstall Kazaa Lite and delete its folders
C:\Documents and Settings\Vincent\Application Data\Kazaa Lite <
go submit these files here
http://www.virustotal.com/flash/index_en.html
C:\WINNT\system32\oml11716.sys
C:\WINNT\system32\tsuninst.exe
C:\WINNT\IFinst27.exe
C:\WINNT\rrysqwf.exe
C:\WINNT\system32\n.bat
anything bad found ?

"every time i open IE , my computer start the windowsXP instaler."
xp ?
Not sure this will help buts lets try ie repair

Click Start, click Run, and then in the Open box, copy then paste in the following command, and then click OK:

rundll32 setupwbv.dll,IE6Maintenance "C:\Program Files\Internet Explorer\Setup\SETUP.EXE" /g "C:\WINDOWS\IE Uninstall Log.Txt"

then use the repair option
referance http://support.microsoft.com/?kbid=293907
 
Ill try it. Can you suggest me a free antivirus before i continue with notron?

:bigthumb: Tanks a lot for ur help , ur great, continue to help peoples like that we appreciaate. :bigthumb:
 
Ho great i get a response from virus total:

Virus Total
_______________________________________________

Scan results
File: oml11716.sys
Date: 07/27/2006 05:42:54 (CET)
----
AntiVir 6.35.1.0/20060726 found nothing
Authentium 4.93.8/20060726 found nothing
Avast 4.7.844.0/20060726 found nothing
AVG 386/20060726 found nothing
BitDefender 7.2/20060727 found nothing
CAT-QuickHeal 8.00/20060726 found nothing
ClamAV devel-20060426/20060727 found nothing
DrWeb 4.33/20060726 found nothing
eTrust-InoculateIT 23.72.79/20060727 found nothing
eTrust-Vet 12.6.2309/20060726 found nothing
Ewido 4.0/20060726 found nothing
Fortinet 2.77.0.0/20060727 found nothing
F-Prot 3.16f/20060726 found nothing
F-Prot4 4.2.1.29/20060726 found nothing
Ikarus 0.2.65.0/20060726 found nothing
Kaspersky 4.0.2.24/20060726 found nothing
McAfee 4815/20060726 found nothing
Microsoft 1.1508/20060727 found nothing
NOD32v2 1.1680/20060727 found nothing
Norman 5.90.23/20060726 found nothing
Panda 9.0.0.4/20060726 found nothing
Sophos 4.07.0/20060727 found nothing
Symantec 8.0/20060727 found nothing
TheHacker 5.9.8.181/20060725 found nothing
UNA 1.83/20060726 found nothing
VBA32 3.11.0/20060726 found nothing
VirusBuster 4.3.7:9/20060726 found nothing
 
?

Did you try that start run command and choose the repair option then get a prompt to reboot the PC ?

Did you submit the other files yet ?
 
Virus Total
_______________________________________________

Scan results
File: myfiles.rar
Date: 07/28/2006 05:03:56 (CET)
----
AntiVir 6.35.1.0/20060727 found nothing
Authentium 4.93.8/20060727 found nothing
Avast 4.7.844.0/20060726 found nothing
AVG 386/20060727 found nothing
BitDefender 7.2/20060728 found nothing
CAT-QuickHeal 8.00/20060726 found nothing
ClamAV devel-20060426/20060727 found nothing
DrWeb 4.33/20060727 found nothing
eTrust-InoculateIT 23.72.80/20060728 found nothing
eTrust-Vet 12.6.2312/20060727 found nothing
Ewido 4.0/20060727 found nothing
Fortinet 2.77.0.0/20060727 found [suspicious]
F-Prot 3.16f/20060727 found nothing
F-Prot4 4.2.1.29/20060727 found nothing
Ikarus 0.2.65.0/20060727 found nothing
Kaspersky 4.0.2.24/20060728 found nothing
McAfee 4816/20060727 found nothing
Microsoft 1.1508/20060727 found nothing
NOD32v2 1.1682/20060727 found nothing
Norman 5.90.23/20060727 found nothing
Panda 9.0.0.4/20060727 found nothing
Sophos 4.07.0/20060728 found nothing
Symantec 8.0/20060728 found nothing
TheHacker 5.9.8.182/20060727 found nothing
UNA 1.83/20060727 found nothing
VBA32 3.11.0/20060727 found nothing
VirusBuster 4.3.7:9/20060727 found nothing

_______________________________________________


I zip all the files and put them in a document named myfiles and its work now :D: .
 
This topic is closed. Thank you Lonny.

konasix if you need it re-opened please send me a pm and provide a link to the thread.
Applies only to the original topic starter.
 
You must log in or register to reply here.
Back
Top