TheTechGuide Forum

General Category => Tech Clinic => Topic started by: Asuyuki on May 23, 2006, 07:05:03 AM

Title: help!!!!!
Post by: Asuyuki on May 23, 2006, 07:05:03 AM

currently my com got so problem here....

I am using a tablet pc running on window xp.

i realised that i cannot on task manager.

and i asked my friend and he say my com tio virus..

so i scanned my com wif Ad- Aware and this is the results.

Ad-Aware SE Build 1.06r1
Logfile Created on:Tuesday, May 23, 2006 7:31:00 PM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R108 17.05.2006
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
MRU List(TAC index:0):7 total references
Tracking Cookie(TAC index:3):1 total references
Win32.P2P-Worm.Alcan.a(TAC index:8):8 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects

5-23-2006 7:31:00 PM - Scan started. (Smart mode)

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 552
ThreadCreationTime : 5-23-2006 11:25:37 AM
BasePriority : Normal

#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 1104
ThreadCreationTime : 5-23-2006 11:25:40 AM
BasePriority : Normal

#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 1128
ThreadCreationTime : 5-23-2006 11:25:43 AM
BasePriority : High

#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1176
ThreadCreationTime : 5-23-2006 11:25:46 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe

#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1188
ThreadCreationTime : 5-23-2006 11:25:46 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1360
ThreadCreationTime : 5-23-2006 11:25:52 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1472
ThreadCreationTime : 5-23-2006 11:25:53 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [msmpeng.exe]
FilePath : C:\Program Files\Windows Defender\
ProcessID : 1512
ThreadCreationTime : 5-23-2006 11:25:54 AM
BasePriority : Normal
FileVersion : 1.1.1051.0
ProductVersion : 1.1.1051.0
ProductName : Windows Defender
CompanyName : Microsoft Corporation
FileDescription : Service Executable
InternalName : MsMpEng.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : MsMpEng.exe

#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1552
ThreadCreationTime : 5-23-2006 11:25:54 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:10 [evteng.exe]
FilePath : C:\Program Files\Intel\Wireless\Bin\
ProcessID : 1616
ThreadCreationTime : 5-23-2006 11:25:55 AM
BasePriority : Normal
FileVersion : 9, 0, 0, 12
ProductVersion : 9, 0, 0, 0
ProductName : EvtEng Module
CompanyName : Intel Corporation
FileDescription : EvtEng Module
InternalName : EvtEng
LegalCopyright : Copyright © Intel Corporation 1999-2004
OriginalFilename : EvtEng.EXE

#:11 [s24evmon.exe]
FilePath : C:\Program Files\Intel\Wireless\Bin\
ProcessID : 1664
ThreadCreationTime : 5-23-2006 11:25:56 AM
BasePriority : Normal
FileVersion : 9, 0, 0, 39
ProductVersion : 9, 0, 0, 0
ProductName : Mobile Unit Support Service
CompanyName : Intel Corporation
FileDescription : Event Monitor - Supports driver extensions to NIC Driver for wireless adapters.
InternalName : S24EvMon
LegalCopyright : Copyright © Intel Corporation 1999-2004
OriginalFilename : S24EvMon.exe

#:12 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1700
ThreadCreationTime : 5-23-2006 11:25:56 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:13 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1844
ThreadCreationTime : 5-23-2006 11:25:58 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:14 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 492
ThreadCreationTime : 5-23-2006 11:26:02 AM
BasePriority : Normal
FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
ProductVersion : 5.1.2600.2696
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:15 [scardsvr.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 596
ThreadCreationTime : 5-23-2006 11:26:03 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Smart Card Resource Management Server
InternalName : SCardSvr.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : SCardSvr.exe

#:16 [digtizer.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 856
ThreadCreationTime : 5-23-2006 11:26:04 AM
BasePriority : High
FileVersion : 1, 0, 3, 0
ProductVersion : 1, 0, 3, 0
ProductName : WACOM TabletPC Driver
CompanyName : WACOM
FileDescription : Digitizer Service
InternalName : digtizer
LegalCopyright : Copyright WACOM Co., Ltd. 2001-2004
OriginalFilename : digtizer.exe

#:17 [mdm.exe]
FilePath : C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\
ProcessID : 920
ThreadCreationTime : 5-23-2006 11:26:05 AM
BasePriority : Normal
FileVersion : 7.00.9466
ProductVersion : 7.00.9466
ProductName : Microsoft® Visual Studio .NET
CompanyName : Microsoft Corporation
FileDescription : Machine Debug Manager
InternalName : mdm.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : mdm.exe

#:18 [igfxext.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 924
ThreadCreationTime : 5-23-2006 11:26:05 AM
BasePriority : Normal
FileVersion : 3.0.0.2350
ProductVersion : 7.0.0.2350
ProductName : Intel® Common User Interface
CompanyName : Intel Corporation
FileDescription : igfxext Module
InternalName : IGFXEXT
LegalCopyright : Copyright 1999-2003, Intel Corporation
OriginalFilename : IGFXEXT.EXE

#:19 [zanda.exe]
FilePath : C:\Norman\Nvc\Bin\
ProcessID : 988
ThreadCreationTime : 5-23-2006 11:26:06 AM
BasePriority : Normal

#:20 [keyboardsurrogate.exe]
FilePath : C:\Program Files\Common Files\Microsoft Shared\Ink\
ProcessID : 1012
ThreadCreationTime : 5-23-2006 11:26:06 AM
BasePriority : Normal
FileVersion : 1.7.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 1.7.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Microsoft Tablet PC Component
InternalName : KeyboardSurrogate.exe
LegalCopyright : Copyright © 1998-2003 Microsoft Corp.
OriginalFilename : KeyboardSurrogate.exe

#:21 [oprotsvc.exe]
FilePath : C:\Program Files\Intel\Wireless\Bin\
ProcessID : 1192
ThreadCreationTime : 5-23-2006 11:26:07 AM
BasePriority : Normal
FileVersion : 9, 0, 0, 3
ProductVersion : 9, 0, 0, 0
ProductName : Intel PROSet/Wireless
CompanyName : Intel Corporation
FileDescription : Ownership protocol service
InternalName : OwnershipProtocol
LegalCopyright : Copyright © Intel Corporation 1999-2004
OriginalFilename : OProtSvc.exe

#:22 [regsrvc.exe]
FilePath : C:\Program Files\Intel\Wireless\Bin\
ProcessID : 1584
ThreadCreationTime : 5-23-2006 11:26:08 AM
BasePriority : Normal
FileVersion : 9, 0, 0, 10
ProductVersion : 9, 0, 0, 0
ProductName : RegSrvc Module
CompanyName : Intel Corporation
FileDescription : RegSrvc Module
InternalName : RegSrvc
LegalCopyright : Copyright © Intel Corporation 1999-2004
OriginalFilename : RegSrvc.EXE
Comments : Registry Interface for Intel Wireless Products

#:23 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1780
ThreadCreationTime : 5-23-2006 11:26:09 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:24 [wdfmgr.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1868
ThreadCreationTime : 5-23-2006 11:26:09 AM
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe

#:25 [wuser32.exe]
FilePath : C:\WINDOWS\system32\CCM\CLICOMP\RemCtrl\
ProcessID : 1956
ThreadCreationTime : 5-23-2006 11:26:11 AM
BasePriority : Normal
FileVersion : 2.50.3174.1130
ProductVersion : 2.50.3174.1130
ProductName : Systems Management Server
CompanyName : Microsoft Corporation
FileDescription : Systems Management Server
InternalName : WUSER32
LegalCopyright : Copyright © Microsoft Corporation 2004
OriginalFilename : WUSER32.EXE

#:26 [mdnsresponder.exe]
FilePath : C:\Program Files\Bonjour\
ProcessID : 1908
ThreadCreationTime : 5-23-2006 11:26:17 AM
BasePriority : Normal
FileVersion : 1,0,1,2
ProductVersion : 1,0,1,2
ProductName : Bonjour
CompanyName : Apple Computer, Inc.
FileDescription : Bonjour Service
InternalName : mDNSResponder.exe
LegalCopyright : Copyright © 2003-2005 Apple Computer, Inc.
OriginalFilename : mDNSResponder.exe

#:27 [ccmexec.exe]
FilePath : C:\WINDOWS\system32\CCM\
ProcessID : 2024
ThreadCreationTime : 5-23-2006 11:26:18 AM
BasePriority : Normal

#:28 [zcfgsvc.exe]
FilePath : C:\Program Files\Intel\Wireless\Bin\
ProcessID : 316
ThreadCreationTime : 5-23-2006 11:26:23 AM
BasePriority : Normal
FileVersion : 9, 0, 0, 43
ProductVersion : 1, 0, 0, 2
ProductName : ZeroCfgSvc Application
CompanyName : Intel Corporation
FileDescription : ZeroCfgSvc MFC Application
InternalName : ZeroCfgSvc
LegalCopyright : Copyright © Intel Corporation 1999-2004
OriginalFilename : ZeroCfgSvc.EXE

#:29 [wisptis.exe]
FilePath : C:\WINDOWS\SYSTEM32\
ProcessID : 400
ThreadCreationTime : 5-23-2006 11:26:23 AM
BasePriority : High
FileVersion : 1.7.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 1.7.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Microsoft Tablet PC Component
InternalName : WISPTIS.EXE
LegalCopyright : Copyright © 1998-2003 Microsoft Corp.
OriginalFilename : WISPTIS.EXE

#:30 [njeeves.exe]
FilePath : C:\NORMAN\Nvc\BIN\
ProcessID : 616
ThreadCreationTime : 5-23-2006 11:26:24 AM
BasePriority : Normal

#:31 [nvcoas.exe]
FilePath : C:\NORMAN\Nvc\BIN\
ProcessID : 632
ThreadCreationTime : 5-23-2006 11:26:25 AM
BasePriority : Normal
FileVersion : 5, 3, 0, 1
ProductVersion : NVC forTerminal server beta
ProductName : NVC on-access scanner
CompanyName : Norman ASA
FileDescription : NVC on-access virus scanner
InternalName : NVCNT
LegalCopyright : Copyright © 2000-2001
OriginalFilename : NVCOAS.EXE

#:32 [nvcsched.exe]
FilePath : C:\NORMAN\Nvc\BIN\
ProcessID : 708
ThreadCreationTime : 5-23-2006 11:26:26 AM
BasePriority : Normal
FileVersion : 1.03
ProductVersion : 1.03
ProductName : Norman Virus Control
CompanyName : Norman Data Defense Systems
FileDescription : NVC Scheduler
InternalName : NVCSched.exe
LegalCopyright : © Norman Data Defense Systems. 1997-2000
OriginalFilename : NVCSched.exe

#:33 [nipsvc.exe]
FilePath : C:\NORMAN\Nvc\BIN\
ProcessID : 1912
ThreadCreationTime : 5-23-2006 11:26:28 AM
BasePriority : Normal

#:34 [tabbtnu.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 2096
ThreadCreationTime : 5-23-2006 11:26:28 AM
BasePriority : Above Normal
FileVersion : 1.0.2201.0
ProductVersion : 1.0.2201.0
ProductName : Tablet PC
CompanyName : Microsoft Corporation
FileDescription : Tablet PC Buttons Service
InternalName : tabbtnu.exe
LegalCopyright : Copyright © 1998-2002 Microsoft Corp.
OriginalFilename : tabbtnu.exe

#:35 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 2248
ThreadCreationTime : 5-23-2006 11:26:30 AM
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE

#:36 [ctfmon.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2308
ThreadCreationTime : 5-23-2006 11:26:33 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE

#:37 [1xconfig.exe]
FilePath : C:\PROGRA~1\Intel\Wireless\Bin\
ProcessID : 2676
ThreadCreationTime : 5-23-2006 11:26:38 AM
BasePriority : Normal
FileVersion : 9, 0, 0, 31
ProductVersion : 9, 0, 0, 0
ProductName : 8021XConfig Module
CompanyName : Intel
FileDescription : 8021XConfig Module
InternalName : 8021XConfig
LegalCopyright : Copyright © Intel Corporation 1999-2004
OriginalFilename : 1XConfig.EXE
Comments : Wrapper for MH. (Service COM)

#:38 [msiexec.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2888
ThreadCreationTime : 5-23-2006 11:26:45 AM
BasePriority : Normal

#:39 [alg.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 3028
ThreadCreationTime : 5-23-2006 11:26:47 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe

#:40 [tcserver.exe]
FilePath : C:\Program Files\Common Files\Microsoft Shared\Ink\
ProcessID : 3176
ThreadCreationTime : 5-23-2006 11:26:49 AM
BasePriority : Normal
FileVersion : 1.7.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 1.7.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Microsoft Tablet PC Component
InternalName : TCServer.exe
LegalCopyright : Copyright © 1998-2003 Microsoft Corp.
OriginalFilename : TCServer.exe

#:41 [wmiprvse.exe]
FilePath : C:\WINDOWS\system32\wbem\
ProcessID : 3504
ThreadCreationTime : 5-23-2006 11:26:53 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : WMI
InternalName : Wmiprvse.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : Wmiprvse.exe

#:42 [hkcmd.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 3448
ThreadCreationTime : 5-23-2006 11:27:04 AM
BasePriority : Normal
FileVersion : 3.0.0.2350
ProductVersion : 7.0.0.2350
ProductName : Intel® Common User Interface
CompanyName : Intel Corporation
FileDescription : hkcmd Module
InternalName : HKCMD
LegalCopyright : Copyright 1999-2003, Intel Corporation
OriginalFilename : HKCMD.EXE

#:43 [fjevents.exe]
FilePath : C:\Program Files\Fujitsu\Utils\
ProcessID : 3680
ThreadCreationTime : 5-23-2006 11:27:05 AM
BasePriority : Normal
FileVersion : 1, 2, 825, 2004
ProductVersion : 1, 2, 825, 2004
ProductName : Fujitsu PC Corporation FjEvents
CompanyName : Fujitsu Computer Systems Corporation
FileDescription : FjEvents
InternalName : FjEvents
LegalCopyright : Copyright © 2003
OriginalFilename : FjEvents.exe

#:44 [fjdspmon.exe]
FilePath : C:\Program Files\Fujitsu\Utils\
ProcessID : 3764
ThreadCreationTime : 5-23-2006 11:27:06 AM
BasePriority : Normal
FileVersion : 1, 0, 728, 2003
ProductVersion : 1, 0, 728, 2003
ProductName : Fujitsu PC Corporation FjDspMon
CompanyName : Fujitsu PC Corporation
FileDescription : FjDspMon
InternalName : FjDspMon
LegalCopyright : Copyright © 2003
OriginalFilename : FjDspMon.exe

#:45 [fjmnuico.exe]
FilePath : C:\Program Files\Fujitsu\Utils\
ProcessID : 3800
ThreadCreationTime : 5-23-2006 11:27:06 AM
BasePriority : Normal
FileVersion : 1, 0, 1027, 2003
ProductVersion : 1, 0, 1027, 2003
ProductName : FjMenu Application
FileDescription : FjMenu MFC Application
InternalName : FjMenu
LegalCopyright : Copyright © 2002
OriginalFilename : FjMenu.EXE

#:46 [btnhnd.exe]
FilePath : C:\Program Files\Fujitsu\BtnHnd\
ProcessID : 4036
ThreadCreationTime : 5-23-2006 11:27:07 AM
BasePriority : Normal
FileVersion : 2, 5, 0, 1
ProductVersion : 2, 5, 0, 0
ProductName : Button handler
CompanyName : FUJITSU LIMITED
FileDescription : Button handler
InternalName : Fujitsu->BtnHnd->BtnHnd.exe
LegalCopyright : Copyright © FUJITSU LIMITED 1998-2001.
OriginalFilename : BtnHnd.exe

#:47 [updnavi.exe]
FilePath : C:\Program Files\Fujitsu\updnavi\
ProcessID : 328
ThreadCreationTime : 5-23-2006 11:27:07 AM
BasePriority : Normal

#:48 [apoint.exe]
FilePath : C:\Program Files\Apoint2K\
ProcessID : 1804
ThreadCreationTime : 5-23-2006 11:27:09 AM
BasePriority : Normal
FileVersion : 5.3.10.174
ProductVersion : 5.3.10.174
ProductName : Alps Pointing-device Driver
CompanyName : Alps Electric Co., Ltd.
FileDescription : Alps Pointing-device Driver
InternalName : Alps Pointing-device Driver
LegalCopyright : Copyright © 1999-2003 Alps Electric Co., Ltd.
OriginalFilename : Apoint.exe

#:49 [agrsmmsg.exe]
FilePath : C:\WINDOWS\
ProcessID : 2276
ThreadCreationTime : 5-23-2006 11:27:10 AM
BasePriority : Normal
FileVersion : 2.1.41 2.1.41 06/07/2004 10:15:45
ProductVersion : 2.1.41 2.1.41 06/07/2004 10:15:45
ProductName : Agere SoftModem Messaging Applet
CompanyName : Agere Systems
FileDescription : SoftModem Messaging Applet
InternalName : smdmstat.exe
LegalCopyright : Copyright © Agere Systems 1998-2000
OriginalFilename : smdmstat.exe

#:50 [ltmoh.exe]
FilePath : C:\Program Files\ltmoh\
ProcessID : 668
ThreadCreationTime : 5-23-2006 11:27:10 AM
BasePriority : Normal
FileVersion : 1.73
ProductVersion : 1.73
ProductName : LtMoh Application
CompanyName : Agere Systems
FileDescription : LtMoh MFC Application
InternalName : LtMoh
LegalCopyright : Agere Copyright © 2001-2004
LegalTrademarks : Agere Systens
OriginalFilename : LtMoh.EXE

#:51 [indicatoruty.exe]
FilePath : C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\
ProcessID : 1696
ThreadCreationTime : 5-23-2006 11:27:11 AM
BasePriority : Normal
FileVersion : 2, 3, 0, 1
ProductVersion : 2, 3, 0, 0
ProductName : Fujitsu Hotkey Utility
CompanyName : FUJITSU LIMITED
FileDescription : Fujitsu Hotkey Utility
InternalName : Fujitsu Hotkey Utility
LegalCopyright : Copyright © FUJITSU LIMITED 2001-2004.
OriginalFilename : IndicatorUty.exe

#:52 [igfxext.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2516
ThreadCreationTime : 5-23-2006 11:27:15 AM
BasePriority : Normal
FileVersion : 3.0.0.2350
ProductVersion : 7.0.0.2350
ProductName : Intel® Common User Interface
CompanyName : Intel Corporation
FileDescription : igfxext Module
InternalName : IGFXEXT
LegalCopyright : Copyright 1999-2003, Intel Corporation
OriginalFilename : IGFXEXT.EXE

#:53 [jusched.exe]
FilePath : C:\Program Files\Java\jre1.5.0_06\bin\
ProcessID : 2528
ThreadCreationTime : 5-23-2006 11:27:15 AM
BasePriority : Normal

#:54 [zlh.exe]
FilePath : C:\NORMAN\Nvc\BIN\
ProcessID : 2552
ThreadCreationTime : 5-23-2006 11:27:16 AM
BasePriority : Normal

#:55 [tfswctrl.exe]
FilePath : C:\WINDOWS\system32\dla\
ProcessID : 2572
ThreadCreationTime : 5-23-2006 11:27:16 AM
BasePriority : Normal
FileVersion : 1.04.08a
CompanyName : Sonic Solutions
FileDescription : Drive Letter Access Component
LegalCopyright : Copyright © 2004 Sonic Solutions

#:56 [ituneshelper.exe]
FilePath : C:\Program Files\iTunes\
ProcessID : 2632
ThreadCreationTime : 5-23-2006 11:27:16 AM
BasePriority : Normal
FileVersion : 5.0.0.35
ProductVersion : 5.0.0.35
ProductName : iTunes
CompanyName : Apple Computer, Inc.
FileDescription : iTunesHelper Module
InternalName : iTunesHelper
LegalCopyright : © 2003-2005 Apple Computer, Inc. All Rights Reserved.
OriginalFilename : iTunesHelper.exe

#:57 [qttask.exe]
FilePath : C:\Program Files\QuickTime\
ProcessID : 2644
ThreadCreationTime : 5-23-2006 11:27:17 AM
BasePriority : Normal
FileVersion : 7.0.2
ProductVersion : QuickTime 7.0.2
ProductName : QuickTime
CompanyName : Apple Computer, Inc.
FileDescription : QuickTime Task
InternalName : QuickTime Task
LegalCopyright : Copyright Apple Computer, Inc. 1989-2005
OriginalFilename : QTTask.exe

#:58 [realsched.exe]
FilePath : C:\Program Files\Common Files\Real\Update_OB\
ProcessID : 3240
ThreadCreationTime : 5-23-2006 11:27:18 AM
BasePriority : Normal
FileVersion : 0.1.0.3292
ProductVersion : 0.1.0.3292
ProductName : RealPlayer (32-bit)
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
LegalCopyright : Copyright © RealNetworks, Inc. 1995-2004
LegalTrademarks : RealAudio(tm) is a trademark of RealNetworks, Inc.
OriginalFilename : realsched.exe

#:59 [ifrmewrk.exe]
FilePath : C:\Program Files\Intel\Wireless\Bin\
ProcessID : 3348
ThreadCreationTime : 5-23-2006 11:27:20 AM
BasePriority : Normal
FileVersion : 9, 0, 0, 18
ProductVersion : 9, 0, 0, 0
ProductName : Intel PROSet/Wireless
CompanyName : Intel Corporation
FileDescription : Intel Framework MFC Application
InternalName : Framework
LegalCopyright : Copyright © Intel Corporation 1999-2004
OriginalFilename : iFramewrk.exe

#:60 [tabtip.exe]
FilePath : C:\Program Files\Common Files\Microsoft Shared\Ink\
ProcessID : 3424
ThreadCreationTime : 5-23-2006 11:27:20 AM
BasePriority : Normal
FileVersion : 1.7.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 1.7.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Microsoft Tablet PC Component
InternalName : TabTip.exe
LegalCopyright : Copyright © 1998-2003 Microsoft Corp.
OriginalFilename : TabTip.exe

#:61 [ipodservice.exe]
FilePath : C:\Program Files\iPod\bin\
ProcessID : 3720
ThreadCreationTime : 5-23-2006 11:27:22 AM
BasePriority : Normal
FileVersion : 5.0.0.35
ProductVersion : 5.0.0.35
ProductName : iTunes
CompanyName : Apple Computer, Inc.
FileDescription : iPodService Module
InternalName : iPodService
LegalCopyright : © 2003-2005 Apple Computer, Inc. All Rights Reserved.
OriginalFilename : iPodService.exe

#:62 [nymse.exe]
FilePath : C:\NORMAN\Nvc\BIN\
ProcessID : 336
ThreadCreationTime : 5-23-2006 11:27:26 AM
BasePriority : Normal

#:63 [eouwiz.exe]
FilePath : C:\Program Files\Intel\Wireless\Bin\
ProcessID : 376
ThreadCreationTime : 5-23-2006 11:27:26 AM
BasePriority : Normal
FileVersion : 9, 0, 0, 21
ProductVersion : 9, 0, 0, 0
ProductName : Intel PROSet/Wireless
CompanyName : Intel Corporation
FileDescription : Ease Of Use Wizard Application
InternalName : EOUWiz
LegalCopyright : Copyright © Intel Corporation 1999-2004
OriginalFilename : EOUWiz.EXE

#:64 [nip.exe]
FilePath : C:\NORMAN\Nvc\BIN\
ProcessID : 672
ThreadCreationTime : 5-23-2006 11:27:26 AM
BasePriority : Normal

#:65 [cclaw.exe]
FilePath : C:\NORMAN\Nvc\BIN\
ProcessID : 680
ThreadCreationTime : 5-23-2006 11:27:26 AM
BasePriority : Normal

#:66 [msascui.exe]
FilePath : C:\Program Files\Windows Defender\
ProcessID : 904
ThreadCreationTime : 5-23-2006 11:27:28 AM
BasePriority : Normal
FileVersion : 1.1.1051.0
ProductVersion : 1.1.1051.0
ProductName : Windows Defender
CompanyName : Microsoft Corporation
FileDescription : User Interface
InternalName : MSASCUI
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : MSASCUI.exe

#:67 [msgplus.exe]
FilePath : C:\Program Files\MessengerPlus! 3\
ProcessID : 2416
ThreadCreationTime : 5-23-2006 11:27:31 AM
BasePriority : Normal

#:68 [winupdates.exe]
FilePath : C:\Program Files\winupdates\
ProcessID : 3072
ThreadCreationTime : 5-23-2006 11:27:33 AM
BasePriority : Normal
FileVersion : 3.06
ProductVersion : 3.06
ProductName : inno setup
CompanyName : inno setup
FileDescription : inno setup
InternalName : Setup
LegalCopyright : inno setup
LegalTrademarks : inno setup
OriginalFilename : Setup.exe
Comments : inno setup

#:69 [msnmsgr.exe]
FilePath : C:\Program Files\MSN Messenger\
ProcessID : 3020
ThreadCreationTime : 5-23-2006 11:27:34 AM
BasePriority : Normal
FileVersion : 7.5.0322
ProductVersion : 7.5.0322
ProductName : MSN Messenger
CompanyName : Microsoft Corporation
FileDescription : MSN Messenger
InternalName : msnmsgr
LegalCopyright : Copyright © Microsoft Corporation 1997-2004
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msnmsgr.exe

#:70 [hidfind.exe]
FilePath : C:\Program Files\Apoint2K\
ProcessID : 3364
ThreadCreationTime : 5-23-2006 11:27:35 AM
BasePriority : Normal

#:71 [apntex.exe]
FilePath : C:\Program Files\Apoint2K\
ProcessID : 3732
ThreadCreationTime : 5-23-2006 11:27:36 AM
BasePriority : Normal
FileVersion : 5.0.1.15
ProductVersion : 5.0.1.15
ProductName : Alps Pointing-device Driver for Windows NT/2000/XP
CompanyName : Alps Electric Co., Ltd.
FileDescription : Alps Pointing-device Driver for Windows NT/2000/XP
InternalName : Alps Pointing-device Driver for Windows NT/2000/XP
LegalCopyright : Copyright © 1998-2003 Alps Electric Co., Ltd.
OriginalFilename : ApntEx.exe

#:72 [svchost.exe]
FilePath : C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
ProcessID : 3932
ThreadCreationTime : 5-23-2006 11:27:39 AM
BasePriority : Normal

#:73 [limewire.exe]
FilePath : C:\Program Files\LimeWire\
ProcessID : 3956
ThreadCreationTime : 5-23-2006 11:27:40 AM
BasePriority : Normal
FileVersion : 1, 0, 0, 2
ProductVersion : 1, 0, 0, 2
ProductName : LimeWire
CompanyName : Lime Wire, LLC
FileDescription : LimeWire
InternalName : LimeWire
LegalCopyright : Copyright © 2004
OriginalFilename : LimeWire.exe
Comments : The most advanced file sharing program on the planet.

#:74 [wmiprvse.exe]
FilePath : C:\WINDOWS\system32\wbem\
ProcessID : 728
ThreadCreationTime : 5-23-2006 11:28:26 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : WMI
InternalName : Wmiprvse.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : Wmiprvse.exe

#:75 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\
ProcessID : 3244
ThreadCreationTime : 5-23-2006 11:29:12 AM
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0

Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0

Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0

Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : pikasword@cgi-bin[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:[email protected]/cgi-bin
Expires : 5-20-2016 4:08:52 PM
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 1
Objects found so far: 1

Deep scanning and examining files...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 1

Win32.P2P-Worm.Alcan.a Object Recognized!
Type : File
Data : bszip.dll
TAC Rating : 8
Category : Worm
Comment :
Object : C:\WINDOWS\system32\
FileVersion : 3.0.2.0
ProductVersion : 3.02
ProductName : BigSpeed Zip DLL
CompanyName : BigSpeedSoft
InternalName : bszip.dll
LegalCopyright : © BigSpeedSoft
LegalTrademarks : BigSpeed is a trademark of BigSpeedSoft
OriginalFilename : bszip.dll

Disk Scan Result for C:\WINDOWS\system32
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 2

Disk Scan Result for C:\DOCUME~1\PUNKAT~1\LOCALS~1\Temp\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 2

Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 2

MRU List Object Recognized!
Location: : C:\Documents and Settings\PUN KA TSUN\Application Data\microsoft\office\recent
Description : list of recently opened documents using microsoft office

MRU List Object Recognized!
Location: : C:\Documents and Settings\PUN KA TSUN\recent
Description : list of recently opened documents

MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d

MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X

MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw

MRU List Object Recognized!
Location: : S-1-5-21-915521880-572170853-2185102057-1007\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput

MRU List Object Recognized!
Location: : S-1-5-21-915521880-572170853-2185102057-1007\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput

Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Win32.P2P-Worm.Alcan.a Object Recognized!
Type : File
Data : cmd.com
TAC Rating : 8
Category : Worm
Comment :
Object : C:\WINDOWS\system32\

Win32.P2P-Worm.Alcan.a Object Recognized!
Type : File
Data : netstat.com
TAC Rating : 8
Category : Worm
Comment :
Object : C:\WINDOWS\system32\

Win32.P2P-Worm.Alcan.a Object Recognized!
Type : File
Data : ping.com
TAC Rating : 8
Category : Worm
Comment :
Object : C:\WINDOWS\system32\

Win32.P2P-Worm.Alcan.a Object Recognized!
Type : File
Data : regedit.com
TAC Rating : 8
Category : Worm
Comment :
Object : C:\WINDOWS\system32\

Win32.P2P-Worm.Alcan.a Object Recognized!
Type : File
Data : taskkill.com
TAC Rating : 8
Category : Worm
Comment :
Object : C:\WINDOWS\system32\

Win32.P2P-Worm.Alcan.a Object Recognized!
Type : File
Data : tasklist.com
TAC Rating : 8
Category : Worm
Comment :
Object : C:\WINDOWS\system32\

Win32.P2P-Worm.Alcan.a Object Recognized!
Type : File
Data : tracert.com
TAC Rating : 8
Category : Worm
Comment :
Object : C:\WINDOWS\system32\

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 7
Objects found so far: 16

7:41:21 PM Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:10:21.233
Objects scanned:89979
Objects identified:9
Objects ignored:0
New critical objects:9

can anyone tell me if my problem is caused by this virus, whihc is Win32.P2P- Worm.Alcan.a
and also anyone could provide some advice to remove it.

thx in advance...

Title: help!!!!!
Post by: guestolo on May 23, 2006, 08:56:23 AM

Just on my way to work
We shouldn't have a problem removing your problems

/smile.gif\' class=\'bbc_emoticon\' alt=\':)\' />
But I need to see the following
From my signature below, download and save too a permanent folder of it's own onto your harddrive
Hijackthis 1.99.1
Open Hijackthis.exe

Do a "SCAN and Save a Log file"
A log will open in Notepad
Copy and paste the WHOLE contents of the log here... Don't try and fix anything yet----It is all important

Title: help!!!!!
Post by: Asuyuki on May 24, 2006, 06:46:21 AM

paiseh for the long wait.

was at sch...

i scanned le..

Logfile of HijackThis v1.99.1
Scan saved at 7:44:48 PM, on 5/24/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\WINDOWS\System32\digtizer.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Norman\Nvc\Bin\Zanda.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\KeyboardSurrogate.exe
C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\CCM\CLICOMP\RemCtrl\Wuser32.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CCM\CcmExec.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\SYSTEM32\WISPTIS.EXE
C:\NORMAN\Nvc\BIN\NJEEVES.EXE
C:\NORMAN\Nvc\BIN\nvcoas.exe
C:\NORMAN\Nvc\BIN\NVCSCHED.EXE
C:\NORMAN\Nvc\BIN\nipsvc.exe
C:\WINDOWS\System32\tabbtnu.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\TCServer.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Fujitsu\Utils\fjevents.exe
C:\Program Files\Fujitsu\Utils\FjDspMon.exe
C:\Program Files\Fujitsu\Utils\FjMnuIco.exe
C:\Program Files\Fujitsu\BtnHnd\BtnHnd.exe
C:\Program Files\Fujitsu\updnavi\updnavi.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\NORMAN\Nvc\BIN\ZLH.EXE
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\TabTip.exe
C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\NORMAN\Nvc\BIN\cclaw.exe
C:\NORMAN\Nvc\BIN\NYMSE.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\NORMAN\Nvc\BIN\NIP.EXE
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\winupdates\winupdates.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Apoint2K\HidFind.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\svchost.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Defender\MpCmdRun.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:\ka tsun's stuff\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.singnet.com.sg (http://\"http://www.singnet.com.sg\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.pc-ap.fujitsu.com/ (http://\"http://www.pc-ap.fujitsu.com/\")
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local.,
R3 - Default URLSearchHook is missing
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [TabletWizard] C:\WINDOWS\help\SplshWrp.exe
O4 - HKLM\..\Run: [TabletTip] "C:\Program Files\Common Files\microsoft shared\ink\tabtip.exe" /resume
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [FjEvents] C:\Program Files\Fujitsu\Utils\fjevents.exe
O4 - HKLM\..\Run: [FjDspMon] C:\Program Files\Fujitsu\Utils\FjDspMon.exe
O4 - HKLM\..\Run: [Fujitsu Menu] C:\Program Files\Fujitsu\Utils\FjMnuIco.exe
O4 - HKLM\..\Run: [LoadBtnHnd] C:\Program Files\Fujitsu\BtnHnd\BtnHnd.exe
O4 - HKLM\..\Run: [FJUPDNV_Chitose] C:\Program Files\Fujitsu\updnavi\updnavi.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [IndicatorUtility] C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Norman ZANDA] C:\NORMAN\Nvc\BIN\ZLH.EXE /LOAD /SPLASH
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [5QBk] C:\WINDOWS\cdglf.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [EOUApp] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [winupdates] C:\Program Files\winupdates\winupdates.exe /auto
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: svchost.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.pc-ap.fujitsu.com/
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 (http://\"http://go.microsoft.com/fwlink/?linkid=39204\")
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab (http://\"http://spaces.msn.com//PhotoUpload/MsnPUpld.cab\")
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1125504900410 (http://\"http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1125504900410\")
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = chs.moe.edu.sg
O17 - HKLM\Software\..\Telephony: DomainName = chs.moe.edu.sg
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = chs.moe.edu.sg
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: IntelWireless - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll
O20 - Winlogon Notify: loginkey - C:\Program Files\Common Files\Microsoft Shared\Ink\loginkey.dll
O20 - Winlogon Notify: TabBtnWL - C:\WINDOWS\SYSTEM32\TabBtnWL.dll
O20 - Winlogon Notify: tpgwlnotify - C:\WINDOWS\SYSTEM32\tpgwlnot.dll
O20 - Winlogon Notify: WB - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Bonjour Service - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Digitizer Service (Digitizer) - WACOM - C:\WINDOWS\System32\digtizer.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\NORMAN\Nvc\BIN\nipsvc.exe
O23 - Service: Norman NJeeves - Unknown owner - C:\NORMAN\Nvc\BIN\NJEEVES.EXE
O23 - Service: Norman ZANDA - Unknown owner - C:\Norman\Nvc\Bin\Zanda.exe
O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\NORMAN\Nvc\BIN\nvcoas.exe
O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman Data Defense Systems - C:\NORMAN\Nvc\BIN\NVCSCHED.EXE
O23 - Service: OwnershipProtocol - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

Title: help!!!!!
Post by: guestolo on May 24, 2006, 09:07:18 PM

Please download [color=\"red\"]Brute Force Uninstaller[/color] (http://\"http://www.merijn.org/files/bfu.zip\")[/b] to your desktop. (rightclick on this link and choose save as, if using IE save target as)

Right click the BFU folder on your desktop, and choose Extract All
Click "Next"
In the box to choose where to extract the files to,
Click "Browse"
Click on the + sign next to "My Computer"
Click on "Local Disk (C:) or whatever your primary drive is
Click "Make New Folder"
Type in BFU
Click "Next", and Uncheck the "Show Extracted Files" box and then click "Finish".

[color=\"#CC0000\"]RIGHT CLICK HERE[/color] (http://\"http://metallica.geekstogo.com/alcanshorty.bfu\")
and choose "Save As" (in IE it's "Save Target As") in order to download [color=\"#3333FF\"]Alcanshorty.bfu[/color].
Save it in the folder you made earlier (c:\BFU)
So you now have C:\Bfu\alcanshorty.bfu

==Download and install Windows CleanUp! 4.5.1 (http://\"http://www.stevengould.org/downloads/cleanup/CleanUp451.exe\")
Don't run this yet
NOTE: If you have an older version of Windows CleanUp!, Please uninstall it and use this newer version

==Download and then Install
Ewido anti-malware 3.5 (http://\"http://download.ewido.net/ewido-setup.exe\")

When installing, under "Additional Options" UNCHECK

From the main ewido screen, click on Update in the left menu, then click the Start update button.
After the update finishes (the status bar at the bottom will display "Update successful")
Close out Ewido for now, we'll need it later
If for some reason the auto updater won't work
Please manually update from this link
http://www.ewido.net/en/download/updates/ (http://\"http://www.ewido.net/en/download/updates/\")

Please save these instructions to a Notepad file and save it to your Desktop for reference
or Print them out!

We need to disable Windows Defenders realtime protection
They may, and probably will interfere with any of the below fixes we are about to do
Keep this disabled until we have you entirely clean please
Open Windows Defender.
Click on Tools, General Settings.
Scroll down and uncheck Turn on real-time protection (recommended).
After you uncheck this, click on the Save button and close Windows Defender.

RESTART your Computer in SAFE MODE
You can do this by tapping the F8 key as the system is restarting, just before Windows loads
Choose Safe mode from the startup menu
In safe mode

==Open Cleanup! by double-clicking the icon on your desktop (or from the Start > All Programs menu).
Set the program up as follows:
Click "Options..."
Move the arrow down to "Custom CleanUp!"
Put a check next to the following (Make sure nothing else is checked!):

* Empty Recycle Bins
* Delete Cookies
* Delete Prefetch files
* Cleanup! All Users

Click OK
Press the CleanUp! button to start the program.
CleanUp, may prompt to run in Demo mode the first time ran, decline, we actually want to run the cleanup portion
When it's done>>Click Close
DECLINE to Log off or Restart the computer

=Open the C:\BFU folder
Double click to run BFU.exe
Use the "Open Script file" button (the folder icon next to Scriptfile to execute)
Navigate to alcanshorty.bfu in the C:\BFU folder
Right click alcanshorty.bfu and choose Select
In Brute Force Uninstaller select Execute
Wait for the "complete script execution" box to pop up and press OK.
Press exit to terminate the BFU program.

==Open Ewido Anti-malware
Click on the Scanner button on the left menu
Select Complete System Scan
*If Ewido finds something it will prompt you with "Infected Object found"
Ensure the following are Selected
*1. Perform Action = Remove
*2. Create Encrypted Backup in Quarantine (Recommended)
*3. Perform action with all infections
Then click OK
When Ewido has finished it's scan click the "Save Report" button
Save the report to the desktop or someplace you will remember
Exit Ewido
NOTE: When Ewido is running, don't open any other windows, let it run uninterrupted

Reboot back to Normal mode
Post back the following please
1. Run a Scan and save logfile with Hijackthis and post a fresh log
2. Post the whole report from Ewidos'

Title: help!!!!!
Post by: Asuyuki on May 25, 2006, 07:28:21 AM

ok done wat u said....

here is the hijack report

Logfile of HijackThis v1.99.1
Scan saved at 8:22:13 PM, on 5/25/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\WINDOWS\System32\digtizer.exe
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\KeyboardSurrogate.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Norman\Nvc\Bin\Zanda.exe
C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\CCM\CLICOMP\RemCtrl\Wuser32.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CCM\CcmExec.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\SYSTEM32\WISPTIS.EXE
C:\WINDOWS\System32\tabbtnu.exe
C:\NORMAN\Nvc\BIN\NJEEVES.EXE
C:\NORMAN\Nvc\BIN\nvcoas.exe
C:\WINDOWS\Explorer.EXE
C:\NORMAN\Nvc\BIN\NVCSCHED.EXE
C:\NORMAN\Nvc\BIN\nipsvc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\TCServer.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Fujitsu\Utils\fjevents.exe
C:\Program Files\Fujitsu\Utils\FjDspMon.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\TabTip.exe
C:\Program Files\Fujitsu\Utils\FjMnuIco.exe
C:\Program Files\Fujitsu\BtnHnd\BtnHnd.exe
C:\Program Files\Fujitsu\updnavi\updnavi.exe
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
C:\Program Files\Apoint2K\HidFind.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\NORMAN\Nvc\BIN\ZLH.EXE
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\NORMAN\Nvc\BIN\NYMSE.EXE
C:\NORMAN\Nvc\BIN\NIP.EXE
C:\NORMAN\Nvc\BIN\cclaw.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
D:\ka tsun's stuff\other junks\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.singnet.com.sg (http://\"http://www.singnet.com.sg\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.pc-ap.fujitsu.com/ (http://\"http://www.pc-ap.fujitsu.com/\")
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local.,
R3 - Default URLSearchHook is missing
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [TabletWizard] C:\WINDOWS\help\SplshWrp.exe
O4 - HKLM\..\Run: [TabletTip] "C:\Program Files\Common Files\microsoft shared\ink\tabtip.exe" /resume
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [FjEvents] C:\Program Files\Fujitsu\Utils\fjevents.exe
O4 - HKLM\..\Run: [FjDspMon] C:\Program Files\Fujitsu\Utils\FjDspMon.exe
O4 - HKLM\..\Run: [Fujitsu Menu] C:\Program Files\Fujitsu\Utils\FjMnuIco.exe
O4 - HKLM\..\Run: [LoadBtnHnd] C:\Program Files\Fujitsu\BtnHnd\BtnHnd.exe
O4 - HKLM\..\Run: [FJUPDNV_Chitose] C:\Program Files\Fujitsu\updnavi\updnavi.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [IndicatorUtility] C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Norman ZANDA] C:\NORMAN\Nvc\BIN\ZLH.EXE /LOAD /SPLASH
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [5QBk] C:\WINDOWS\cdglf.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [EOUApp] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.pc-ap.fujitsu.com/
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 (http://\"http://go.microsoft.com/fwlink/?linkid=39204\")
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab (http://\"http://spaces.msn.com//PhotoUpload/MsnPUpld.cab\")
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1125504900410 (http://\"http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1125504900410\")
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = chs.moe.edu.sg
O17 - HKLM\Software\..\Telephony: DomainName = chs.moe.edu.sg
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = chs.moe.edu.sg
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: IntelWireless - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll
O20 - Winlogon Notify: loginkey - C:\Program Files\Common Files\Microsoft Shared\Ink\loginkey.dll
O20 - Winlogon Notify: TabBtnWL - C:\WINDOWS\SYSTEM32\TabBtnWL.dll
O20 - Winlogon Notify: tpgwlnotify - C:\WINDOWS\SYSTEM32\tpgwlnot.dll
O20 - Winlogon Notify: WB - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Bonjour Service - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Digitizer Service (Digitizer) - WACOM - C:\WINDOWS\System32\digtizer.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\NORMAN\Nvc\BIN\nipsvc.exe
O23 - Service: Norman NJeeves - Unknown owner - C:\NORMAN\Nvc\BIN\NJEEVES.EXE
O23 - Service: Norman ZANDA - Unknown owner - C:\Norman\Nvc\Bin\Zanda.exe
O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\NORMAN\Nvc\BIN\nvcoas.exe
O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman Data Defense Systems - C:\NORMAN\Nvc\BIN\NVCSCHED.EXE
O23 - Service: OwnershipProtocol - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

cannot post teh ewido until u post something

Title: help!!!!!
Post by: guestolo on May 25, 2006, 08:26:18 AM

bump

Title: help!!!!!
Post by: Asuyuki on May 28, 2006, 11:46:16 PM

interernet down so post so late...

here is the ewido report

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on:         7:28:37 PM, 5/25/2006
+ Report-Checksum:      1E4F2C5C

+ Scan result:

   :mozilla.8:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Adbrite : Cleaned with backup
   :mozilla.39:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Atdmt : Cleaned with backup
   :mozilla.57:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Yieldmanager : Cleaned with backup
   :mozilla.58:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Yieldmanager : Cleaned with backup
   :mozilla.59:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Yieldmanager : Cleaned with backup
   :mozilla.60:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Yieldmanager : Cleaned with backup
   :mozilla.61:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Yieldmanager : Cleaned with backup
   :mozilla.95:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Fastclick : Cleaned with backup
   :mozilla.96:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Fastclick : Cleaned with backup
   :mozilla.97:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Fastclick : Cleaned with backup
   :mozilla.98:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Tribalfusion : Cleaned with backup
   :mozilla.106:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.107:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.108:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.109:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.110:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.111:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.112:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.122:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.123:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.124:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.125:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.126:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.127:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.128:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.129:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.130:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.131:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.132:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.133:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.134:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.135:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.136:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.137:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.138:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.139:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.157:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Advertising : Cleaned with backup
   :mozilla.158:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Advertising : Cleaned with backup
   :mozilla.168:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Serving-sys : Cleaned with backup
   :mozilla.169:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Serving-sys : Cleaned with backup
   :mozilla.170:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Serving-sys : Cleaned with backup
   :mozilla.171:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Serving-sys : Cleaned with backup
   :mozilla.178:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.247realmedia : Cleaned with backup
   :mozilla.192:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.193:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Adbrite : Cleaned with backup
   :mozilla.194:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Adbrite : Cleaned with backup
   :mozilla.197:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Euroclick : Cleaned with backup
   :mozilla.198:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Euroclick : Cleaned with backup
   :mozilla.200:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Pointroll : Cleaned with backup
   :mozilla.201:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Pointroll : Cleaned with backup
   :mozilla.202:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Pointroll : Cleaned with backup
   :mozilla.203:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Pointroll : Cleaned with backup
   :mozilla.205:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Adtech : Cleaned with backup
   :mozilla.206:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Adtech : Cleaned with backup
   :mozilla.223:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Falkag : Cleaned with backup
   :mozilla.234:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Burstnet : Cleaned with backup
   :mozilla.237:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Casalemedia : Cleaned with backup
   :mozilla.238:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Casalemedia : Cleaned with backup
   :mozilla.253:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Com : Cleaned with backup
   :mozilla.254:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Com : Cleaned with backup
   :mozilla.261:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Sexcounter : Cleaned with backup
   :mozilla.262:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Sexcounter : Cleaned with backup
   :mozilla.263:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Clickzs : Cleaned with backup
   :mozilla.264:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Clickzs : Cleaned with backup
   :mozilla.270:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Ru4 : Cleaned with backup
   :mozilla.271:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Ru4 : Cleaned with backup
   :mozilla.272:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Ru4 : Cleaned with backup
   :mozilla.273:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Ru4 : Cleaned with backup
   :mozilla.309:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Hotlog : Cleaned with backup
   :mozilla.327:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.337:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Kmpads : Cleaned with backup
   :mozilla.338:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Kmpads : Cleaned with backup
   :mozilla.353:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.357:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.385:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.388:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Paycounter : Cleaned with backup
   :mozilla.394:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Overture : Cleaned with backup
   :mozilla.403:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.404:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Qksrv : Cleaned with backup
   :mozilla.405:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Qksrv : Cleaned with backup
   :mozilla.406:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Questionmarket : Cleaned with backup
   :mozilla.407:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Questionmarket : Cleaned with backup
   :mozilla.415:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Revenue : Cleaned with backup
   :mozilla.440:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Spylog : Cleaned with backup
   :mozilla.442:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Tacoda : Cleaned with backup
   :mozilla.443:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Tacoda : Cleaned with backup
   :mozilla.453:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Trafficmp : Cleaned with backup
   :mozilla.454:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Trafficmp : Cleaned with backup
   :mozilla.455:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Trafficmp : Cleaned with backup
   :mozilla.456:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Trafficmp : Cleaned with backup
   :mozilla.457:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Trafficmp : Cleaned with backup
   :mozilla.458:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Trafficmp : Cleaned with backup
   :mozilla.459:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Trafficmp : Cleaned with backup
   :mozilla.460:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Trafficmp : Cleaned with backup
   :mozilla.497:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Adserver : Cleaned with backup
   :mozilla.498:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Adserver : Cleaned with backup
   :mozilla.499:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Zedo : Cleaned with backup
   :mozilla.500:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Zedo : Cleaned with backup
   :mozilla.541:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Enhance : Cleaned with backup
   :mozilla.565:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Masterstats : Cleaned with backup
   :mozilla.566:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Sitestat : Cleaned with backup
   :mozilla.567:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Sitestat : Cleaned with backup
   :mozilla.580:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Liveperson : Cleaned with backup
   :mozilla.581:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Liveperson : Cleaned with backup
   :mozilla.582:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Liveperson : Cleaned with backup
   :mozilla.587:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Onestat : Cleaned with backup
   :mozilla.588:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Onestat : Cleaned with backup
   :mozilla.589:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Onestat : Cleaned with backup
   :mozilla.590:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Onestat : Cleaned with backup
   :mozilla.591:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -> TrackingCookie.Onestat : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\1215 FULL ALBUM RAP.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\123 video 3 in 1.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\2D3 SteadyMove v1.2 for Adobe Premiere Pro 2.0.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\2DArtist Issue 002 February 2006 (PDF).exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\3D Aquatic Screen Saver.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\3D Shop Modeldesign v2.7.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\3D Total Textures v14 Set 03 Clothing.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Abander TagControl v2.66.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Abexo Registry Cleaner 3.1.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\ACA Capture Pro v5.10.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Access Administrator v4.1.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\ACDSee Pro v8.0.67.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Ace Buddy v3.0.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Acronis Disk Director Suite v10.0.2085.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Acronis True Image Server v9.1.3567.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Active Desktop Calendar v3.2.040118.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Active Desktop Calendar v5.99b.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Adobe Acrobat 3D v7.0.7.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Adobe Audition 1.0.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Adobe InDesign CS2 v4.0.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Adobe Press Adobe GoLive CS2 Official JavaScript Refere.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Advent Rising.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Ai Roboform v6.62.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\AIO DJ Toolz.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Akala Exe Lock v3.2.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Alap InEffects 1.0.2 for Adobe InDesign CS2.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\All Media Fixer Pro v5.4.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\AnyDVD 5.9.5.6.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Aquamarine Xvid.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\ArGoSoft FTP Server v1.4.3.6.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\ArtRage v2.05 retail.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\ATL TS ORC Xvid.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Audio Editor Gold 7.6.1.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Audio Editor Gold v8.4.1.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\AVOne 3GP Video Converter v1.62.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\B.O.S. Bet on Solders iSO.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Backup Magic 1.6.4.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\BackUp Maker v4.2.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Barbie Mermaidia (2006).exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\BayGenie eBay Auction Sniper v2.1.0.0.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Bee-Line 001 Advertising, Signage.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Best National Geographic Images Collection.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Bibble Pro 4.4.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Bitsum PECompact v2.66 Retail.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Blazing Angels Squadrons of WWII.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\BlindWrite Suite v4.5.5.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Blubster 2.5.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Bollywood Calender 2006.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Brokeback Mountain DVDRip Xvid.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Business Card Designer Plus 7.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\BySoft FreeRam v4.0.4.467.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\ByteOMeter v1.0.110.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\CallingID v1.2.0.21.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Camfrog Video Conference.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Candybar 2.6.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\CFA RipIt v1.69.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\CHM2Word 2.2.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\ChrisTV Professional v4.90.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Cleanerzoomer Professional v3.2.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\ClickBank Profit FeedsGenerator.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Clicking Agent 3.83.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\CoCSoft Stream Down v5.6.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Code Pro Analytix 4.3.0.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Code Pro Analytix v4.3.0.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Computer Repair v1.3.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Cool Edit Pro Full.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Cool Music Card v3.60.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Cop Land DVDRip Xvid.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\CopyToDVD v2.4.16.267.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\CopyToDVD v2.4.9.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Cpu-Z v1.30.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Credit Money Machine v3.5.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Crystal Impact Diamond v3.1b.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\CS Multiplayer Cheats Pak.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\CyberMotion 3D-Designer.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Dandelion (2004).exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Dave Chappelle For What It's Worth (2004).exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Dead Birds (2004).exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\DeepBurner Pro v1.8.0.225.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Defender of the crown.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\DevPlanner v2.1.3.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Digital Audio Editor 4.3.2.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Disk Space Inspector 3.3.2.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Disney's Alice In Wonderland.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\DivX Create Bundle v6.2.0.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\DivX Create Bundle v6.2.1.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\DivX Create Bundle v6.2.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Download Accelerator.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Driver Magician v 2.5.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Drug Lord 2.1.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\DSL Speed v3.1.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Dual Burner for MP3 Players v 6.5.0.501.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\DVDFab Platinum v2.9.5.8.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\DVDIdle Pro 5.9.6.2.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Easy DVD to DVD Copy v3.0.27.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Easy Hi-Q Converter v1.7.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Easy Mail v3.1.34.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Eight Below TS RMVB.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Empire of Ants.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Erotic Tetris Adult Tetris Game.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Etrom The Astral Essence.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Extensis Portfolio v8.0.0.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\EzyPage Enterprise v9.22.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\FaceOnBody 2.1.3.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Failure to Launch (2006).exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Falcon 4.0 Allied Force iSO.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Fantasy Chess v2.1.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Fantasy DVD Player Professional v8.50.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\FarStone DefendIT Wireless v1.0.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\File Boss v1.0.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\File Deleter v1.7.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\File King v2004.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\File Packager Professional v4.0.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\FileLocator Pro 3.1.638.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Final Destination 3.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Find Me Guilty (2006) CAM-RUSTLERS.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\FireDaemon Pro v1.9.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\FireGraphic v8.0.808.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Flash Designer 5.0.22.8.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\FlashFXP 3.3.5 Build 1110 Beta.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Folder Lock 2.5.6.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Fontlab Studio 5.0.0.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Forum Proxy Leecher v1.02.1030.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Foxit Reader Pro v1.3.1522.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Freedom Fighters PC Version.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Frozen Icons v2.21.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\FruityLoops Studio 6.04.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\FTPEditor Pro v3.3.0.444.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\FyTek Text2PDF v5.1.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Gadget Tycoon.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Game Jackal v2.7.14.352.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Game Jackal v2.7.14.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Game-Cloner 1.15.1.1.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\GameHouse Sudoku v1.0.0.16.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\GatherBird SQLGrep v1.3.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\GFI LANguard Network Security Scanner.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\GFI Network tools 4in1.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Golden Records v1.01.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Goldwave 5.13.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Good Morning v1.0.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Grade Keeper v5.9.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\GT-Legends iSO.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Harry Potter And The Goblet Of Fire.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Hex Workshop 4.22.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Hex Workshop v4.20.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\HexPuzzle Deluxe v1.02a.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Hoo WinTail v3.4 Build 562.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Hornsoft Online TV v3.8.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Hot Wired.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\House of the Dead 2 Dead Aim (2006).exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\HTML Password Lock v3.23.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\HyperCam v.2.13.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Ice Age 2 The Meltdown.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\ICQ Lite build 1305.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\ImToo AIO.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\ImTOO DVD Ripper Platinum v4.0.28.1201.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\International Superstar Soccer 3.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Internet Download Accelerator v5.05.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Internet Download Manager v5.02.11.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\InterVations RegCOPA v2.01.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\IPod Access for Windows 2.6.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\iPod Helper v1.0.1.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\iso buster.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\James Bond 007.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Jasc Animation Shop 3.05.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Jersey Girl DVDRip Xvid.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Junior Icon Editor 2.0.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Kaena The Prophecy (2004).exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\KeyMaster v1.03.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\KeyPass v2.5.3.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\King Kong (Movie).exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\KingQc Real RM Converter v1.1.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\KoolMoves 5.1.6.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\KoolMoves v5.3.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Kung Fu Hustle DVDRip Xvid.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Liquidpaint 1.0.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Lock Folder XP 3.6.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Lucky Number Slevin TS.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\LUXOLOGY MODO V1.03.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Magic Audio CD Burner v2.1.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Magic Folders v6.04.1.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Mailing List Deluxe v5.95.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Manga Studio EX v3.0.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Match Point DVDRip XviD-DMT.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\MegaView 8.05.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\MeggieSoft Canasta v16.4 16404.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\MeggieSoft Cribbage v16.4 16404.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Metal Gear Solid (PC Rip).exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Microsoft Money 2006 Small Business Edition.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Microsoft Office XP.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Microsoft Plus Digital Media Edition.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Microsoft Windows Vista Ultimate Build 5342.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\MightSoft Audio Editor Pro v1.60.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Military Sokoban v1.1.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\MindSoft Utilities XP v.9.06.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Mooma Video To PSP Converter v1.20.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\MooTools RC Localize v3.11.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Motor City Online.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Mouse Wheel Control 2.0.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Movie DVD Maker v1.3.8.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\MSN Explorer 7.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Multi-DB Querier v1.1.1.43.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\MultiMailer 2005 v4.0.10 Professional.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\My Screensaver Maker v3.61.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Neat Image 5.0.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Net Meter v3.0.0.239.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\NetConceal Anonymizer v2.95.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\NeuVoice NeuMemo v1.0.0.12.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\NewName Pro v1.53.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\NHL 2006 iSO - 22 03 2006.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Nikon Capture 4.4.0.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\No1 DVD Ripper v2.7.0.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\NOD32 AntiVirus v2.50.26 English Edition.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Norton AntiVirus 2006 with 2-yr Subscription.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Norton Ghost 10.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Notorious DVDRip Xvid.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Odds Wizard Diamond Magic 1.8.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Offline Explorer 4.0.2298.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\One Click Ringtone Converter v1.0.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\PacBomber 1.72.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Pacifist 2.0.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Pack Vista Inspirat 1.1.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Panda Platinum 2006 Internet Security ver. 10.01.00 Retail.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\PC Auto Shutdown 1.8.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\PC-Cillin 2004 v11.0 b1253.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Personal Chess Trainer v2.00.29.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\PhotoActions AlbumWeb Pro v2.8.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\PhotoS v1.0.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\PhotoWatermark Professional v6.0.8.0.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\PHPMaker v3.2.04.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Picture To Icon v1.90.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\PicturesToExe v4.44.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Pimasoft Registry Fix v3.0.2.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\PipeFun v2.3.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Power Edit v2.02a.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\PPN AskLog v1.4.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\PrinterExpress v1.32.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\ProShow Gold v2.5.1635.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\PS2 Divx Media Player.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Quick Notes Plus v5.0.47.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\RadLight SE 3.03.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\RAM Saver Pro 5.0.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Real One Arcade.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Real Spy Monitor v2.42.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Red Eye DVDRip Xvid.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\RegDoctor 1.5.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\RegDoctor 1.50.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\RegDoctor v1.5.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Registry Help Pro 1.18.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Registry Mechanic v5.2.0.310.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Registry Washer v3.35.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Replay Music v2.40.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Rocchetta Label Maker.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Roxio Easy Creative 8 Deluxe Suite.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Roxio Easy Media Creator v8.0 Suite.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Roxio VideoWave 7 Professional.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Rumor Has It... DVDRip.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Screeny v1.4.3.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Selteco Flash Designer v5.0.23.7.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Semjaza 6.1.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\SideFX Houdini Master v8.0.474.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Silent Hunter III.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\SiSoftware Sandra 2005.SR1 10.50.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Slither TS XViD.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Soldat 1.2.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Sonic Scenarist v3.1.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Sony CD Architect v5.2a.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Sony Vegas v5.0b.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Space Commander 3000.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\SpaceObServer v2.1.0.211.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Spanglish DVDRip Xvid.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Speed It Up Extreme v.3.5.1.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Speed Video Splitter 2.4.12.exe -> Dropper.VB.lu : Cleaned with backup
   bump more.

Title: help!!!!!
Post by: guestolo on May 28, 2006, 11:55:34 PM

bump>>Did you run the actual Clean with Windows CleanUp! ??

Title: help!!!!!
Post by: Asuyuki on May 29, 2006, 12:36:57 AM

not sure...
think should be...
rest of report

C:\Documents and Settings\PUN KA TSUN\Shared\_\Spy Emergency 2005 Build 2.0.315.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Spy Emergency 2005.v2.0.325.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\SpyFerret v5.00.702.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Spyware Blaster Info.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Spyware Nuker XT v4.6.49.1650.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Startup-Spy XP 2006 v1.11A.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Steinberg MyMp3PRO v5.0.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Steinberg WaveLab v5.01b.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Storage Crypt v2.0.1.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Street Hacker Full Updates Patch ISO.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Summit Soft 1500 Fonts.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Super Text Search v2.52a.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\SwiftDisc Burning Wizard v1.95.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Symantec Norton Mega Pack (2006 Best).exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\System Mechanic 4.0J.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Tag and Rename v3.2 Final.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Take the Lead (2006).exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Task Catcher v1.0.0.1.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\TaxCut Premium 2005.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Terragen 0.9.19.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Test Log v2.1.1004.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\TextAloud MP3 v2.173.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\The Bat! v2.02 CE RC2.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\The Bourne Supremacy (2004).exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\The Chronicles of Narnia.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\The Family Stone DVDRip.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\The Princess Has Come Of Age.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\The Village (2004).exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\ThunderSite DeLuxe v3.0.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Tiff-PDF counter 1.0.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\To Catch a Thief DVDRip Xvid 1955.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Tony Hawk's American Wasteland.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Tony Hawks American Wasteland RiP.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\TRADOS MultiTerm 7 Desktop.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Transmit 3.5.3 [Hot].exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Trojan Remover v6.4.4.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Trolltech Qt for Visual Studio 2005.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\True Vine Inet Secure v1.0.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Tweak-XP Pro v4.0.7.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Ulead VideoGraphics Lab v1.0.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Ultra DVD Creator v1.3.8.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Ultra Tag Editor v.2.31.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\UltraISO Premium Edition v8.0.0.1392.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\UltraSentry v2.00b.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\UnTraceable v3.0.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Vevo! CatalogMaker v1.2.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Video Edit Magic v4.12.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\VidLogo 2.4.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Virtual CD v7.1.0.2.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Virtual Cover Creator v2.1.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Virtual DJ 3.4.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\VirtualDJ 3.4 The ultimate DJ mixing.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Visnetic Firewall v2.07.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Visual Basic 6 Enterprise Edition.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Visual Business Cards v4.10.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Warlords Battlecry III.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\When Will I Be Loved (2004).exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Wild Roomies (2004).exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\WinACE 2.6 Final regged.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\WinCHM 2.51.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Windows Media Center (MCE) 2006.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Windows Vista Transformation AiO 2006.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Windows XP Unofficial Service Pack 3.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\WinHex 12.7 SR-10.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\WinPatrol 6.0.0.1.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\WinProducer DVD Edition Pro 3.1.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\WinRescue XP v1.08.34.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\WinUtilities v1.6 Build 0101.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Wordy v1.1.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\World Class Leader Board.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Wrong Turn DVDRip.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Wtools32 v1.6.28.198.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\X-Plane Sim.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Xara 3D 6.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\XP Codec Pack 1.3.0.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\xXx State of the Union DVDRip Xvid.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\xzxzxzxzxzxz.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\ZeallSoft Fun Morph v2.3 (Retail).exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Zealot Advanced MP3 Sound Recorder v2.2.1.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Zealot All Video Joiner v2.4.1.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Zealot All Video Sound Extractor v2.1.1.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Zealot Photo to VCD SVCD DVD Converter v1.8.1.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Zealot WMV to VCD SVCD DVD Converter v2.1.1.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\ZoneAlarm Security Suite v6.1.737.000.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\PUN KA TSUN\Shared\_\Zork 3.exe -> Dropper.VB.lu : Cleaned with backup
   :mozilla.15:C:\Documents and Settings\s9170460i\Application Data\Mozilla\Firefox\Profiles\cthjtvr9.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
   :mozilla.18:C:\Documents and Settings\s9170460i\Application Data\Mozilla\Firefox\Profiles\cthjtvr9.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
   :mozilla.19:C:\Documents and Settings\s9170460i\Application Data\Mozilla\Firefox\Profiles\cthjtvr9.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
   :mozilla.20:C:\Documents and Settings\s9170460i\Application Data\Mozilla\Firefox\Profiles\cthjtvr9.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
   :mozilla.21:C:\Documents and Settings\s9170460i\Application Data\Mozilla\Firefox\Profiles\cthjtvr9.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
   :mozilla.27:C:\Documents and Settings\s9170460i\Application Data\Mozilla\Firefox\Profiles\cthjtvr9.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
   :mozilla.28:C:\Documents and Settings\s9170460i\Application Data\Mozilla\Firefox\Profiles\cthjtvr9.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
   :mozilla.29:C:\Documents and Settings\s9170460i\Application Data\Mozilla\Firefox\Profiles\cthjtvr9.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
   :mozilla.30:C:\Documents and Settings\s9170460i\Application Data\Mozilla\Firefox\Profiles\cthjtvr9.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
   :mozilla.31:C:\Documents and Settings\s9170460i\Application Data\Mozilla\Firefox\Profiles\cthjtvr9.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
   :mozilla.32:C:\Documents and Settings\s9170460i\Application Data\Mozilla\Firefox\Profiles\cthjtvr9.default\cookies.txt -> TrackingCookie.Targetnet : Cleaned with backup
   :mozilla.33:C:\Documents and Settings\s9170460i\Application Data\Mozilla\Firefox\Profiles\cthjtvr9.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
   :mozilla.34:C:\Documents and Settings\s9170460i\Application Data\Mozilla\Firefox\Profiles\cthjtvr9.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
   :mozilla.35:C:\Documents and Settings\s9170460i\Application Data\Mozilla\Firefox\Profiles\cthjtvr9.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
   :mozilla.51:C:\Documents and Settings\s9170460i\Application Data\Mozilla\Firefox\Profiles\cthjtvr9.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
   :mozilla.52:C:\Documents and Settings\s9170460i\Application Data\Mozilla\Firefox\Profiles\cthjtvr9.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
   :mozilla.58:C:\Documents and Settings\s9170460i\Application Data\Mozilla\Firefox\Profiles\cthjtvr9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.59:C:\Documents and Settings\s9170460i\Application Data\Mozilla\Firefox\Profiles\cthjtvr9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.67:C:\Documents and Settings\s9170460i\Application Data\Mozilla\Firefox\Profiles\cthjtvr9.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup
   :mozilla.71:C:\Documents and Settings\s9170460i\Application Data\Mozilla\Firefox\Profiles\cthjtvr9.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
   :mozilla.73:C:\Documents and Settings\s9170460i\Application Data\Mozilla\Firefox\Profiles\cthjtvr9.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
   C:\Documents and Settings\s9170460i\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\007 DVD Copy v5.10.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\1 DVD Ripper 2.70.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\24 The Game (Playstation 2).exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\3d Button Creator Gold 3.02.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\3D Mark 2003.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\3D SexVilla v17 (Adult Game).exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\3DVista Skin Editor 3.0.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\A1 DVD Ripper 1.1.14 Pro.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Abylon Enterprise v6.00.04.0.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Ace Optimizer Utilities 2.6.0.4026.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Ace Utilities 2.20.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Acme CAD Converter v6.52.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Acronis Disk Director Suite 10.0.2117.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Acronis True Image 9.1 Build 3567 Workstation.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Acronis True Image v9.0.3567.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Act Of War - Direct Action and High Treason.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Activestate Komodo v2.5.1.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Add Remove Plus 2003 v4.0.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Adobe Acrobat 7.0 Professional.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Adobe Audition v2.0.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Adobe Creative Suite 2 iSO.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\ADSLKeepalive Version v3.1 FULL.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Advanced Registry Doctor Pro 7.5 Build 04.20.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Advanced Registry Doctor Pro 7.5 Build.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Advanced Uninstaller PRO 2006 7.52.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Agnitum Outpost Firewall Pro v3.51.748.462.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Agon The Mysterious Codex.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Ahead DVD Ripper v1.1.3.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Ahead Nero 7.0.1.4 Premium.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\AIO On2.com $500 , retail version.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Alcohol 120 v1.9.5.3823 Retail.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Alive DVD Ripper v1.2.0.9.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\All Sound Recorder Xp v2.05.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Allok OGG MP3 Converter v1.0.6.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Allok WMA WAV MP3 To Audio CD Maker v1.0.6.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Almost Famous.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Altostorm Rectilinear Panorama Pro v1.2.1 for Adobe Pho.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\ALZip 5.51.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Amigo Easy Video Converter v4.53.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\An American Haunting CAM VCD-Chr0mE.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Antares Autotune DX v4.15 Retail.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\AnyDVD v5.9.5.7.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\ApBackUp 2.5.1591.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Apollo iPod Video Converter v2.0.1.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Apollo PSP Video Converter v2.0.1.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Archimap v1.0 Multilanguage.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\ArchiPanel v1.00 Multilanguage ArchiCAD plug-in.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Arles Image Web Page Creator v5.8.5.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Army Men 2.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Ashampoo Burning Studio 5.2.0.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\AudioTester v2.1B.5.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Aurora Media Workshop v3.3.4.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\AutoRun Pro Enterprise v4.0.1.36.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\AutoRun Pro v6.0.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\AutoUpdate Plus v3.1.4.68.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Avast Antivirus Pro 4.6.691.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Avast Professional v4.6.739.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Avast Professional v4.7.817 (2006 Final).exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Avast! Professional Edition 4.6.691.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\AVID Xpress Pro HD V5.2.1.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Aye Shutdown 5.86.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\B.T.K. Killer (2005) DVDRip.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Babylon Pro 5.0.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\BarScribe v1.0.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Batch Image Resizer v2.16.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Batch Text Replacer v2.1.0.1.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Battlefield 2.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Because Of Winn-Dixie DVDRip Xvid.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\BitTorrent 3.3.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\BlindWrite 5.2.6.139.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Blindwrite Suite 5.2.2.136.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Blood Creek Xvid.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Boris Continuum Complete v4.0.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Brain Age.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\BTK Killer DVDrip Xvid.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Butteryfly Kiss (1995) DVDRip.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Cable Modem Booster.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Call of Duty 2 (2005) PC.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Carry On Cowboy DVDRip Xvid 1965.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\CD Bank Cataloguer v2.7.6.355.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\CDRWin 5.05.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Cebas FinalRender Stage v2.0 For Cinema 4D.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\CHM2Word v2.2.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Citizen Toxie The Toxic Avenger IV DVDRip Xvid.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\CloneDVD 2.7.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\CloneDVD v2.8.9.5.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\CoffeeCup Flash Firestarter v6.7.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\CoffeeCup Flash Photo Gallery v3.0.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Cold War.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Commandos 3 Destination Berlin iSO.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\ComputerTime v1.0.1.11.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Condemned Criminal Origins.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Corbis Urban Grafitti Clipart.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Corel Painter Essentials v3.0.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\COREL PAINTER IX.5.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Cosmic Voyage v3.4.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\CREATiVE Dimensions 3Dsom Pro v2.0.3.2.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Crossword Construction Kit ver. 4.0.3.1 Full.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Curious George TS Xvid.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\CwGet ver. 1.50.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\CyberMotion 3D-Designer.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Cycore Effects v1.0.1 for Adobe After Effects 7.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Damage Cleanup Services v3.1.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Dane Cook - Harmful if swallowed HDTVRip Mp4.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Darksim DarkTree Textures.v2.5.1.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\DAZ3D Stone Texture Building Kit br_ma001b for Bry.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Deepwater DVDRip Xvid.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\DeskSoft BWMeter v2.3.3.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Desktop Wizard Pro v1.22.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Diagram Studio v3.6.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Digital Anarchy Primatte Cromakey v2.0 For Photosh.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\DigitByte CD DVD Data Recovery v1.0.702.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Diskeeper 9 Professional Edition Full.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\DiskIndex 1.3.1.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Divx 5.02 Corp Edition.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\DivX 6.0 Pro.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\DivX 6.2.2.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\DivX Create Bundle v6.2.0.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\DivX Pro v6 And DivX Create Bundle v6.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\DocRepair v2.20.0718.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Dot Matrix Pilot v2.09.04.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Dr Word Master 7.0.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Dr.Web 4.32b.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Dream Aquarium 0.99.94.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\DreameeSoft Check List Pro v4.0.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Dreamfall The Longest Journey (2006) 6 CD - PC.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Drivermagic v1.0.7.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Droppix Recorder 1.74.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\DTP Tools X-Ray v1.0 for Adobe Indesign CS and CS2.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\DVD Genie 4.05.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\DVDFab Platinum Gold Express 2.9.7.6.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\DVDIdle Pro 5.61.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\E-Mail Icon Generator.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\EarthView v3.33.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\EarthView v3.4.7.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Easy Music CD Burner v3.0.34.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\EasyBoot 5.0.6.472.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Effective File Search v3.9.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Elaborate Bytes CloneDVD v2.8.9.7.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\EngInSite MySQL Client v1.4.9.195.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Eudora v6.2.3.4.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\EVEREST Ultimate 2.80.565.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Evrox v5.0.3.32.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\EximiousSoft GIF Creator v3.08.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Express Burn Plus v1.0.8.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\EZ Auction Timer Plus v1.60.153.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\EZTwain Pro v3.08.16.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Fabulous MP3 v1.06.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Fallout 2.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Fallout Tactics Brotherhood of Steel.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Far Cry.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Fast Food Tycoon 2.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Fear (2005) PC.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\File & Folder Protector v.2.3.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\File ArchiveRescue Pro 3.0 Build 115.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\File Security Manager v1.7.1.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\FileRecoveryAngel 1.00.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\FileZilla 2.2.21.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\FitnessBliss v1.3.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Flash Decompiler ver.2.9.0.349.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\FlashFXP v2.2 954 beta cracked.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\FlashGet v1.71.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\FlashGit 1.60.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Font Twister.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\foobar2000 0.9.1 final.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Four Rooms (1995) DVDRip.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Fresh UI 7.43.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\FTP Now v2.6.32.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Galleon 3D Screensaver.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Genie Backup Manager Professional v5.0.23.1286.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Get More Visitors Premium v1.2.5.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Golden FTP Server Pro v2.70.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Half Life 2 iSO.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Harry Potter All 4 Movies DVDRip Xvids.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Hearts of Iron II.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Hellboy (2004).exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\HentaII 3D v17 (Adult Game).exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Hero Video Converter 2.7.8.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Hide IP Platinum 2.6.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Hide IP Platinum v2.61.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\HiDownload 6.9 Beta 2.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Home Cable Modem Booster.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\HTML Merge v1.0.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\HttpWatch v3.2.0.60.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Human Stain DVDRip Xvid.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\IAR Embedded Workbench for TI MSP430 v3.41.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\iHateSpam Universal Desktop Edition v4.0.404.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Immortel (2004) DVDRip.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\IMSI FloorPlan 3D Design Suite v10.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\ImTOO MPEG Encoder v3.0.2.0412b.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Indiana Jones and the Emperors Tomb - iSO.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\InkSaver 2.0.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Instant Demo Professional v5.00.03.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\ISO Buster.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Jaws PDF Creator v3.61.2302.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Jetico Personal Firewall 1.0.1.53.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Just Friends WS PROPER DVDrip XViD-MDP.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\jv16 PowerTools 2006 1.5.2.336.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\K-Lite Codec Pack Full 2.36.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Kaspersky Anti-Virus Personal v6.0.0.299.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Kassy 0.71.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Kerio MailServer 5.7.10.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Kerio Personal Firewall 4.1.0.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Kerio WinRoute Firewall v6.01.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Klondike Collection v6.0.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\KoolMoves v5.0.3.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\KVEC v2.99.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\LanBuster v1.04.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Larry The Cable Guy Health Inspector.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Last Holiday DVDRip SVCD-Chakra.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Last Holiday.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\LimeWire PRO 4.11 new version.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Lord Of The Rings Battle For Middle Earth 2.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Lord Of War (2005) DVDRip.XviD.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Lords Of The Realm III.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Lost Highway (1997) DVDRip.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Lost Marble Moho 5.3.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Macromedia Director 8.0.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Madden NFL 2006 iSO.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Magic Tweak 2.20.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Magic tweak.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\MagicISO 5.2 (Build 190).exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Manga Studio 3.0 EX.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\McAfee VirusScan Professional Edition 2006.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Mcft Office 2003 Pro.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\MDaemon Pro v8.14.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Mechanical clock 3D Screensaver.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Medal of Honor Allied Assault-DEViANCE iSO.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Mediabee Group Planner and Dashboard 1.0.4.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Meet The Fockers.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Memoirs Of A Geisha.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\MemoriesOnTV 2.1.7.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Microsoft Office Pro Plus 2007.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Microsoft Virtual PC 2004.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Microsoft Windows Vista 5231 Full Themes.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\MMH Cleaner 2.1 Build 15.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\MOBILedit! ver.1.97.0.3.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Moffsoft Calculator v2.0.1.24.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Money In Money Out v1.0.0.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Monopoly 3.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Motor City Online.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Movie Collector Pro v4.9.5.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Movie DVD Maker v1.4.2.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\MP3 Doctor 5.10.92.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Mp3 Doctor 5.10.95.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\MSN Chat Monitor and Sniffer v3.52.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\MusicMatch Jukebox Plus 10.00.4033.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Must Love Dogs DvdRip Xvid.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\My IP Suite.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Mystery Of The Nile (2005) DVDRip.XviD.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\NASA World Wind 1.3.4.3.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Neat Notes 2005 v2.61.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Need For Speed Most Wanted Black Edition.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Need For Speed Most Wanted.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Nero 7 Premium iSO.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Nero Premium Ultra Edition 7.0.8.2.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Nero SIPPS 2.1.3.61.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\NeroVision Express 2 2.1.2.2.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\NeroVision Express 3.1.0.14a.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\NET Traffic Meter v2.1.2.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Network Eagle Monitor Pro v4.6.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Network Monitor Professional v3.7.11.20.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Nexagon Deathmatch.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\NFS Most Wanted Black Edition.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Nice PDF Creator v3.02.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Norton Systemworks Pro 2005 iSO.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Nsauditor Network Security Auditor v1.23.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Nvidia nTune 2005 Retail.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Office DocumentsRescue Pro 4.0.138.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Office Intercom v4.01.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Online TV Player 2.8.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Opera 7.53.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Opera 7.60 Technical Preview 4.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\PC-Cillin Internet Security 14.1.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\PCMark 05 1.0.1.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Pennocks Email Notifier v1.1.10.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Perfect DVD Duplication 3.0.0.1.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Perfect Screen Ruler v1.0.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\PerpetualBudget System v3.8.40.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\PhaseOut 5.4.2.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Photo Movie Creator v1.15.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\PHPedit v2.2.0.219.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\PHPMaker Version 3.20.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Pointdev Ideal Administration v6.72.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Power Retouche Pro v6.1 Retail for Adobe Photoshop.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Power Soft Power Notes v3.15.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Power Video Converter 1.29.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\PowerISO v3.0 Incl Keygen.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Prince of Persia The Sands of Time.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Prince of Persia Warrior Within.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Prince of Persia 3 The Two Thrones (2005) PC.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Privacy Fence v1.5.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\ProShow Gold 2.0.1568.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\ProShow Producer 2.6.1775.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\PSPaudioware PSP Neon VST DX RTAS v1.0.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Purple Ghost PodPlus v1.1.0.0.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\QUAKE 4 DVD-DEViANCE iSO.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\R-Drive Image ver.3.0.3047.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Rails Across America.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Rapidshare Grabber 1.4.2.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Real Alternative 1.12 RC2.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Recover My Files 3.94.4393.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Recover My Files v3.94.4393.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Reget Deluxe 4.2.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\ReGet Deluxe v4.2.264.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Registry Defragmentation v7.5 Build 07.10.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Registry Repair v1.43.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Ring Around The Rosie.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Ringtone Maker 4.2.19.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Rogue Trooper (2006) PC.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Rotor 3D v1.3.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Roxio Easy Media Creator v8.0 Suite.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\SamLogic MultiMailer 2005 v4.0.14 Pro.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Sarm Soft WebAlbum v3.4.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\SaveFlash 3.0.61.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Scarface DVDRip Xvid-Voodoo.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Scary Movie 4 TS XViD-PUKKA.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Second In Command.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Secrets Protector 2.03.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Shareaza 2.1.2.0 beta.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Shopgirl PROPER DVDRip XviD-DiAMOND.exe -> Dropper.VB.lu : Cleaned with backup
   C:\Documents and Settings\s9170460i\Shared\_\Silent Hill Xvid.exe -> Dropper.VB.lu : Cleaned with backup

Title: help!!!!!
Post by: guestolo on May 29, 2006, 08:42:31 AM

Can you do the following

Do another scan with Hijackthis and put a check next to these entries:

R3 - Default URLSearchHook is missing
O4 - HKLM\..\Run: [5QBk] C:\WINDOWS\cdglf.exe

After you have ticked the above entries, close All other open windows, including this one
Leave Hijackthis open and click FIX CHECKED
OK the prompt and exit Hijackthis

Reboot the computer

Come back here and post a fresh hijackthis log
Also
Anything in the Ewido report that looks like the following
Which includes cookies or the Shared folder
Examples
:mozilla.168:C:\Documents and Settings\PUN KA TSUN\Application Data\Mozilla\Firefox\Profiles\13k7wy5z.default\cookies.txt.old -
C:\Documents and Settings\PUN KA TSUN\Shared\_\Spy Emergency 2005 Build 2.0.315.exe
C:\Documents and Settings\s9170460i\Shared\_\Because Of Winn-Dixie DVDRip Xvid.exe

Don't copy and paste those back
But include anything below them please

Title: help!!!!!
Post by: Asuyuki on May 31, 2006, 01:59:16 AM

k done.

hijack report

Logfile of HijackThis v1.99.1
Scan saved at 2:53:53 PM, on 5/31/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\digtizer.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\KeyboardSurrogate.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\CCM\CLICOMP\RemCtrl\Wuser32.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\SYSTEM32\WISPTIS.EXE
C:\WINDOWS\System32\tabbtnu.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\TCServer.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\TabTip.exe
C:\Program Files\Fujitsu\Utils\fjevents.exe
C:\Program Files\Fujitsu\Utils\FjDspMon.exe
C:\Program Files\Fujitsu\BtnHnd\BtnHnd.exe
C:\Program Files\Fujitsu\updnavi\updnavi.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Apoint2K\HidFind.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:\ka tsun's stuff\other junks\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.singnet.com.sg (http://\"http://www.singnet.com.sg\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.pc-ap.fujitsu.com/ (http://\"http://www.pc-ap.fujitsu.com/\")
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local.,
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [TabletWizard] C:\WINDOWS\help\SplshWrp.exe
O4 - HKLM\..\Run: [TabletTip] "C:\Program Files\Common Files\microsoft shared\ink\tabtip.exe" /resume
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [FjEvents] C:\Program Files\Fujitsu\Utils\fjevents.exe
O4 - HKLM\..\Run: [FjDspMon] C:\Program Files\Fujitsu\Utils\FjDspMon.exe
O4 - HKLM\..\Run: [Fujitsu Menu] C:\Program Files\Fujitsu\Utils\FjMnuIco.exe
O4 - HKLM\..\Run: [LoadBtnHnd] C:\Program Files\Fujitsu\BtnHnd\BtnHnd.exe
O4 - HKLM\..\Run: [FJUPDNV_Chitose] C:\Program Files\Fujitsu\updnavi\updnavi.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [IndicatorUtility] C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [EOUApp] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.pc-ap.fujitsu.com/
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 (http://\"http://go.microsoft.com/fwlink/?linkid=39204\")
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab (http://\"http://spaces.msn.com//PhotoUpload/MsnPUpld.cab\")
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1125504900410 (http://\"http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1125504900410\")
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = chs.moe.edu.sg
O17 - HKLM\Software\..\Telephony: DomainName = chs.moe.edu.sg
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = chs.moe.edu.sg
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: IntelWireless - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll
O20 - Winlogon Notify: loginkey - C:\Program Files\Common Files\Microsoft Shared\Ink\loginkey.dll
O20 - Winlogon Notify: TabBtnWL - C:\WINDOWS\SYSTEM32\TabBtnWL.dll
O20 - Winlogon Notify: tpgwlnotify - C:\WINDOWS\SYSTEM32\tpgwlnot.dll
O20 - Winlogon Notify: WB - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Bonjour Service - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: SMS Agent Host (CcmExec) - Unknown owner - C:\WINDOWS\system32\CCM\CcmExec.exe (file missing)
O23 - Service: Digitizer Service (Digitizer) - WACOM - C:\WINDOWS\System32\digtizer.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: OwnershipProtocol - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

Title: help!!!!!
Post by: guestolo on June 01, 2006, 08:54:25 AM

Looks ok, I would look within Limewire too disable it from running on startup
You can just start it manually

How is everything running?

Title: help!!!!!
Post by: Asuyuki on June 02, 2006, 10:03:58 PM

er how ar???

i look in limewire there only got connect or not when start up

Title: help!!!!!
Post by: guestolo on June 04, 2006, 10:39:30 AM

Sorry for the delay, let's do the following
Do a "System scan only" with Hijackthis and put a check next to these entries:

O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe

After you have ticked the above entry, close All other open windows
Including this one
Leave Hijackthis open and click FIX CHECKED
OK the prompt and exit Hijackthis

Reboot the computer

Come back here and post one last hijackthis log
Let me know how things are running please
Just some final cleanup and we're done here

Title: help!!!!!
Post by: Asuyuki on June 05, 2006, 01:49:51 AM

thx a lot... com does nto seems to have problem le.....

here is the final hijack report

Logfile of HijackThis v1.99.1
Scan saved at 2:44:33 PM, on 6/5/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\digtizer.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\KeyboardSurrogate.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\CCM\CLICOMP\RemCtrl\Wuser32.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\SYSTEM32\WISPTIS.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\WINDOWS\System32\tabbtnu.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\Ink\TCServer.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Fujitsu\Utils\fjevents.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\TabTip.exe
C:\Program Files\Fujitsu\Utils\FjDspMon.exe
C:\Program Files\Fujitsu\Utils\FjMnuIco.exe
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\Fujitsu\BtnHnd\BtnHnd.exe
C:\Program Files\Fujitsu\updnavi\updnavi.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Apoint2K\HidFind.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:\ka tsun's stuff\other junks\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.singnet.com.sg (http://\"http://www.singnet.com.sg\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.pc-ap.fujitsu.com/ (http://\"http://www.pc-ap.fujitsu.com/\")
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local.,
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [TabletWizard] C:\WINDOWS\help\SplshWrp.exe
O4 - HKLM\..\Run: [TabletTip] "C:\Program Files\Common Files\microsoft shared\ink\tabtip.exe" /resume
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [FjEvents] C:\Program Files\Fujitsu\Utils\fjevents.exe
O4 - HKLM\..\Run: [FjDspMon] C:\Program Files\Fujitsu\Utils\FjDspMon.exe
O4 - HKLM\..\Run: [Fujitsu Menu] C:\Program Files\Fujitsu\Utils\FjMnuIco.exe
O4 - HKLM\..\Run: [LoadBtnHnd] C:\Program Files\Fujitsu\BtnHnd\BtnHnd.exe
O4 - HKLM\..\Run: [FJUPDNV_Chitose] C:\Program Files\Fujitsu\updnavi\updnavi.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [IndicatorUtility] C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [EOUApp] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.pc-ap.fujitsu.com/
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 (http://\"http://go.microsoft.com/fwlink/?linkid=39204\")
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab (http://\"http://spaces.msn.com//PhotoUpload/MsnPUpld.cab\")
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1125504900410 (http://\"http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1125504900410\")
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = chs.moe.edu.sg
O17 - HKLM\Software\..\Telephony: DomainName = chs.moe.edu.sg
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = chs.moe.edu.sg
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: IntelWireless - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll
O20 - Winlogon Notify: loginkey - C:\Program Files\Common Files\Microsoft Shared\Ink\loginkey.dll
O20 - Winlogon Notify: TabBtnWL - C:\WINDOWS\SYSTEM32\TabBtnWL.dll
O20 - Winlogon Notify: tpgwlnotify - C:\WINDOWS\SYSTEM32\tpgwlnot.dll
O20 - Winlogon Notify: WB - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Bonjour Service - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: SMS Agent Host (CcmExec) - Unknown owner - C:\WINDOWS\system32\CCM\CcmExec.exe (file missing)
O23 - Service: Digitizer Service (Digitizer) - WACOM - C:\WINDOWS\System32\digtizer.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: OwnershipProtocol - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

Title: help!!!!!
Post by: guestolo on June 05, 2006, 11:14:14 PM

If everything is running better
We should flush all your restore points to ensure you don't restore any nasties that may be sitting idle
Go to START>>RUN
Type in msconfig
Click OK
Click the "Launch System Restore" button
On the Left hand side click on "System Restore Settings"
Put a Check in "Turn off System Restore"
Apply it and OK out of there>>Reboot your computer
[/list]
Back in Windows, Go back and take the check out of "Turn off system restore"
This will reenable the System Restore feature and creates a new restore point

[indent][color=\"#CC0000\"]Protect yourself against Future Attacks[/color][/i][/b][/indent]
*Install SpywareBlaster 3.5.1 by JavaCool (http://\"http://www.javacoolsoftware.com/spywareblaster.html\")

After installation, Check for updates and then click the "Enable all protection"
"Check for updates every couple of weeks"
after every update just simply click the "enable protection on all unprotected items"

*Keep up to date on Windows updates (High Priorities)
This is the most important step in keeping your system secure
Make sure you check for updates at least once a month and/or set to Autoupdate

*Make sure your Anti-Virus software is always kept up to date and actively running in the background

*Keep your Firewall protection enabled
A Firewall is also very important
This provides a line of defense against someone who might try to access your computer without your permission

Update and do scan's with your Anti-Spyware programs on a regular basis
In addition, open Spybot 1.4
Click the "Immunize" button on the left>>>OK at the prompt>>Immunzine at the top green cross
Immunize after every update

+You may choose to hold onto CleanUp! and Ewido
Ewido will become a limited free version after a couple of weeks
Still, a great scanner to update and run on a monthly basis

Stay safe

/smile.gif\' class=\'bbc_emoticon\' alt=\':)\' />

Title: help!!!!!
Post by: Asuyuki on June 11, 2006, 01:54:50 AM

yeh teh com lesser lag and load faster le

but y i use spybot scan always got some weird thing there..

Title: help!!!!!
Post by: guestolo on June 11, 2006, 08:26:23 AM

Not sure what Spybot is always finding
Can you let me know please
If in doubt, update Spybot as there was new updates yesterday
Run a scan

When the scan is complete, right click on the results and save a report
Save to desktop then copy and paste back here the results please

Title: help!!!!!
Post by: Asuyuki on June 11, 2006, 08:51:08 PM

--- Search result list ---
Avenue A, Inc.: Tracking cookie (Firefox: default) (Cookie, nothing done)

CasaleMedia: Tracking cookie (Firefox: default) (Cookie, nothing done)

CasaleMedia: Tracking cookie (Firefox: default) (Cookie, nothing done)

CasaleMedia: Tracking cookie (Firefox: default) (Cookie, nothing done)

CasaleMedia: Tracking cookie (Firefox: default) (Cookie, nothing done)

CasaleMedia: Tracking cookie (Firefox: default) (Cookie, nothing done)

CasaleMedia: Tracking cookie (Firefox: default) (Cookie, nothing done)

DoubleClick: Tracking cookie (Firefox: default) (Cookie, nothing done)

HitBox: Tracking cookie (Firefox: default) (Cookie, nothing done)

HitBox: Tracking cookie (Firefox: default) (Cookie, nothing done)

HitBox: Tracking cookie (Firefox: default) (Cookie, nothing done)

FastClick: Tracking cookie (Firefox: default) (Cookie, nothing done)

FastClick: Tracking cookie (Firefox: default) (Cookie, nothing done)

HitBox: Tracking cookie (Firefox: default) (Cookie, nothing done)

MediaPlex: Tracking cookie (Firefox: default) (Cookie, nothing done)

SexList: Tracking cookie (Firefox: default) (Cookie, nothing done)

--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---

2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2005-09-09 unins000.exe (51.41.0.0)
2005-05-31 Update.exe (1.4.0.0)
2006-02-06 advcheck.dll (1.0.2.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2006-02-20 Tools.dll (2.0.0.2)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2006-06-10 Includes\Cookies.sbi (*)
2006-06-10 Includes\Dialer.sbi (*)
2006-06-10 Includes\Hijackers.sbi (*)
2006-06-10 Includes\Keyloggers.sbi (*)
2006-06-10 Includes\Malware.sbi (*)
2006-06-10 Includes\PUPS.sbi (*)
2006-06-10 Includes\Revision.sbi (*)
2006-06-10 Includes\Security.sbi (*)
2006-06-10 Includes\Spybots.sbi (*)
2005-02-17 Includes\Tracks.uti
2006-06-10 Includes\Trojans.sbi (*)

--- System information ---
Windows XP (Build: 2600) Service Pack 2
/ .NETFramework / 1.0: Microsoft .NET Framework 1.0 Hotfix (KB887998)
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Hotfix (KB886903)
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
/ Windows Media Player 10: Security Update for Windows Media Player 10 (KB911565)
/ Windows XP / SP3: Windows XP Hotfix - KB873333
/ Windows XP / SP3: Windows XP Hotfix - KB873339
/ Windows XP / SP3: Windows XP Hotfix - KB885250
/ Windows XP / SP3: Windows XP Hotfix - KB885835
/ Windows XP / SP3: Windows XP Hotfix - KB885836
/ Windows XP / SP3: Windows XP Hotfix - KB886185
/ Windows XP / SP3: Windows XP Hotfix - KB887472
/ Windows XP / SP3: Windows XP Hotfix - KB887742
/ Windows XP / SP3: Microsoft .NET Framework 1.0 Hotfix (KB887998)
/ Windows XP / SP3: Windows XP Hotfix - KB888113
/ Windows XP / SP3: Windows XP Hotfix - KB888302
/ Windows XP / SP3: Security Update for Windows XP (KB890046)
/ Windows XP / SP3: Windows XP Hotfix - KB890859
/ Windows XP / SP3: Windows XP Hotfix - KB891781
/ Windows XP / SP3: Security Update for Windows XP (KB893066)
/ Windows XP / SP3: Windows XP Hotfix - KB893086
/ Windows XP / SP3: Security Update for Windows XP (KB893756)
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Update for Windows XP (KB894391)
/ Windows XP / SP3: Security Update for Windows XP (KB896358)
/ Windows XP / SP3: Security Update for Windows XP (KB896422)
/ Windows XP / SP3: Security Update for Windows XP (KB896423)
/ Windows XP / SP3: Security Update for Windows XP (KB896424)
/ Windows XP / SP3: Security Update for Windows XP (KB896428)
/ Windows XP / SP3: Update for Windows XP (KB896727)
/ Windows XP / SP3: Update for Windows XP (KB898461)
/ Windows XP / SP3: Security Update for Windows XP (KB899587)
/ Windows XP / SP3: Security Update for Windows XP (KB899588)
/ Windows XP / SP3: Security Update for Windows XP (KB899589)
/ Windows XP / SP3: Security Update for Windows XP (KB899591)
/ Windows XP / SP3: Update for Windows XP (KB900485)
/ Windows XP / SP3: Security Update for Windows XP (KB900725)
/ Windows XP / SP3: Security Update for Windows XP (KB901017)
/ Windows XP / SP3: Security Update for Windows XP (KB901190)
/ Windows XP / SP3: Security Update for Windows XP (KB901214)
/ Windows XP / SP3: Security Update for Windows XP (KB902400)
/ Windows XP / SP3: Security Update for Windows XP (KB904706)
/ Windows XP / SP3: Security Update for Windows XP (KB905414)
/ Windows XP / SP3: Security Update for Windows XP (KB905749)
/ Windows XP / SP3: Security Update for Windows XP (KB908519)
/ Windows XP / SP3: Update for Windows XP (KB908531)
/ Windows XP / SP3: Update for Windows XP (KB910437)
/ Windows XP / SP3: Security Update for Windows XP (KB911562)
/ Windows XP / SP3: Security Update for Windows XP (KB911567)
/ Windows XP / SP3: Security Update for Windows XP (KB911927)
/ Windows XP / SP3: Security Update for Windows XP (KB912812)
/ Windows XP / SP3: Security Update for Windows XP (KB912919)
/ Windows XP / SP3: Security Update for Windows XP (KB913446)
/ Windows XP / SP3: Security Update for Windows XP (KB913580)

--- Startup entries list ---
Located: HK_LM:Run,
command:
file:

Located: HK_LM:Run, AGRSMMSG
command: AGRSMMSG.exe
file: C:\WINDOWS\AGRSMMSG.exe
size: 88363
MD5: f7b737e2af9e5c14459c659ecd6c4ed5

Located: HK_LM:Run, Apoint
command: C:\Program Files\Apoint2K\Apoint.exe
file: C:\Program Files\Apoint2K\Apoint.exe
size: 159744
MD5: a0f2a6dddbb570f110e9cc45bfc9a37b

Located: HK_LM:Run, dla
command: C:\WINDOWS\system32\dla\tfswctrl.exe
file: C:\WINDOWS\system32\dla\tfswctrl.exe
size: 122939
MD5: c22bdb59d346aba833a3a207e1629f07

Located: HK_LM:Run, EOUApp
command: C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
file: C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
size: 356352
MD5: c00b4e6d42e93adc0d3f35fe8602ebec

Located: HK_LM:Run, FjDspMon
command: C:\Program Files\Fujitsu\Utils\FjDspMon.exe
file: C:\Program Files\Fujitsu\Utils\FjDspMon.exe
size: 20480
MD5: a5681b70e7f8f7056a4e6b189dc41b49

Located: HK_LM:Run, FjEvents
command: C:\Program Files\Fujitsu\Utils\fjevents.exe
file: C:\Program Files\Fujitsu\Utils\fjevents.exe
size: 20480
MD5: 36f39ad1c8eb477fdba7ec9c8cebcb86

Located: HK_LM:Run, FJUPDNV_Chitose
command: C:\Program Files\Fujitsu\updnavi\updnavi.exe
file: C:\Program Files\Fujitsu\updnavi\updnavi.exe
size: 266240
MD5: 3e8ef453726549b156a1d22fe3584db1

Located: HK_LM:Run, Fujitsu Menu
command: C:\Program Files\Fujitsu\Utils\FjMnuIco.exe
file: C:\Program Files\Fujitsu\Utils\FjMnuIco.exe
size: 32768
MD5: 4bd14a1a1511bb5ddd918b02de7442ac

Located: HK_LM:Run, HotKeysCmds
command: C:\WINDOWS\system32\hkcmd.exe
file: C:\WINDOWS\system32\hkcmd.exe
size: 118784
MD5: 75566bd38a36bf1c80cef1d4eac05f12

Located: HK_LM:Run, IMJPMIG8.1
command: "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
file: C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE
size: 208952
MD5: 7bbe4cf421aecc7f0226edd75f12079f

Located: HK_LM:Run, IndicatorUtility
command: C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
file: C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
size: 81920
MD5: c88736f51fac99d8aa0406d13e6eb58b

Located: HK_LM:Run, IntelWireless
command: C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
file:

Located: HK_LM:Run, iTunesHelper
command: "C:\Program Files\iTunes\iTunesHelper.exe"
file: C:\Program Files\iTunes\iTunesHelper.exe
size: 274432
MD5: e9766c6a4fd03c23607b064d0f5dcf3e

Located: HK_LM:Run, LoadBtnHnd
command: C:\Program Files\Fujitsu\BtnHnd\BtnHnd.exe
file: C:\Program Files\Fujitsu\BtnHnd\BtnHnd.exe
size: 61440
MD5: 0dd8d12201344c728ba3ee6d0d479395

Located: HK_LM:Run, LtMoh
command: C:\Program Files\ltmoh\Ltmoh.exe
file: C:\Program Files\ltmoh\Ltmoh.exe
size: 184320
MD5: c2ede68251407ccacabf5e48028626bd

Located: HK_LM:Run, MessengerPlus3
command: "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
file: C:\Program Files\MessengerPlus! 3\MsgPlus.exe
size: 190024
MD5: b787d9a60fee9c3732c2e2d4571bb716

Located: HK_LM:Run, MSPY2002
command: C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
file: C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe
size: 59392
MD5: 1b17e09c1223f6d17336d2dd7a1af4f4

Located: HK_LM:Run, PHIME2002A
command: C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
file: C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE
size: 455168
MD5: 024dc0f68df5fd6ae9dd82dfbaf479d6

Located: HK_LM:Run, PHIME2002ASync
command: C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
file: C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE
size: 455168
MD5: 024dc0f68df5fd6ae9dd82dfbaf479d6

Located: HK_LM:Run, QuickTime Task
command: "C:\Program Files\QuickTime\qttask.exe" -atboottime
file: C:\Program Files\QuickTime\qttask.exe
size: 155648
MD5: 3e7d91f24d28c968b92c85c7e2882eed

Located: HK_LM:Run, SunJavaUpdateSched
command: C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
file: C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
size: 36975
MD5: 61a3a9d5d98bf0331df5b716144a8100

Located: HK_LM:Run, TabletTip
command: "C:\Program Files\Common Files\microsoft shared\ink\tabtip.exe" /resume
file: C:\Program Files\Common Files\microsoft shared\ink\tabtip.exe
size: 271872
MD5: f123c4abba2d4ae57918596873085293

Located: HK_LM:Run, TabletWizard
command: C:\WINDOWS\help\SplshWrp.exe
file: C:\WINDOWS\help\SplshWrp.exe
size: 16384
MD5: 29033eae606944db4c802d61fc45394f

Located: HK_LM:Run, TkBellExe
command: "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
file: C:\Program Files\Common Files\Real\Update_OB\realsched.exe
size: 180269
MD5: f9b47f830dd55fedd6ef27d063c29a42

Located: HK_LM:Run, Windows Defender
command: "C:\Program Files\Windows Defender\MSASCui.exe" -hide
file: C:\Program Files\Windows Defender\MSASCui.exe
size: 1420560
MD5: 81aa8ba06a824e637e2ba290d4fa9e3e

Located: HK_CU:Run, ctfmon.exe
command: C:\WINDOWS\system32\ctfmon.exe
file: C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 24232996a38c0b0cf151c2140ae29fc8

Located: HK_CU:Run, MessengerPlus3
command: "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
file: C:\Program Files\MessengerPlus! 3\MsgPlus.exe
size: 190024
MD5: b787d9a60fee9c3732c2e2d4571bb716

Located: HK_CU:Run, msnmsgr
command: "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
file: C:\Program Files\MSN Messenger\msnmsgr.exe
size: 7094272
MD5: 59e6b431faf166923c93f32d1fb9aaa4

Located: HK_CU:Run, WindowsHiderPro
command: C:\Program Files\WHidePro\whpro.exe
file: C:\Program Files\WHidePro\whpro.exe
size: 4608
MD5: 8ddd4045e82038d14fe5671a4148c955

Located: Startup (common), Adobe Reader Speed Launch.lnk
command: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
file: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
size: 29696
MD5: 43362b96870ce8649f4f2ec893da93f0

Located: Startup (user), Adobe Gamma.lnk
command: C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
file: C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
size: 113664
MD5: c2ff17734176cd15221c10044ef0ba1a

Located: System.ini, crypt32chain
command: crypt32.dll
file: crypt32.dll

Located: System.ini, cryptnet
command: cryptnet.dll
file: cryptnet.dll

Located: System.ini, cscdll
command: cscdll.dll
file: cscdll.dll

Located: System.ini, igfxcui
command: igfxsrvc.dll
file: igfxsrvc.dll

Located: System.ini, IntelWireless
command: C:\Program Files\Intel\Wireless\Bin\LgNotify.dll
file: C:\Program Files\Intel\Wireless\Bin\LgNotify.dll
size: 110592
MD5: 342574b587aa96ee5bbf3adb22987359

Located: System.ini, loginkey
command: C:\Program Files\Common Files\Microsoft Shared\Ink\loginkey.dll
file: C:\Program Files\Common Files\Microsoft Shared\Ink\loginkey.dll
size: 47104
MD5: a88a8ec8b0b8371e26b217a9c010d4aa

Located: System.ini, ScCertProp
command: wlnotify.dll
file: wlnotify.dll

Located: System.ini, Schedule
command: wlnotify.dll
file: wlnotify.dll

Located: System.ini, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll

Located: System.ini, SensLogn
command: WlNotify.dll
file: WlNotify.dll

Located: System.ini, TabBtnWL
command: TabBtnWL.dll
file: TabBtnWL.dll

Located: System.ini, termsrv
command: wlnotify.dll
file: wlnotify.dll

Located: System.ini, tpgwlnotify
command: tpgwlnot.dll
file: tpgwlnot.dll

Located: System.ini, WB
command: C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll
file: C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll
size: 24576
MD5: 9f884c45f10aaee442d4370ba90a1f89

Located: System.ini, WgaLogon
command: WgaLogon.dll
file: WgaLogon.dll

Located: System.ini, wlballoon
command: wlnotify.dll
file: wlnotify.dll

--- Browser helper object list ---
{5CA3D70E-1895-11CF-8E15-001234567890} (DriveLetterAccess)
BHO name:
CLSID name: DriveLetterAccess
description: Hewlett-Packard's DLA software
classification: Unknown
known filename: tfswshx.dll
info link:
info source: TonyKlein
Path: C:\WINDOWS\system32\dla\
Long name: tfswshx.dll
Short name:
Date (created): 12/17/2004 5:31:16 PM
Date (last access): 6/12/2006 9:14:08 AM
Date (last write): 8/3/2004 5:05:00 PM
Filesize: 118842
Attributes: archive
MD5: 4F9F33FE6C6462002F981DF5BB67E0A5
CRC32: 01A23B03
Version: 1.4.8.0

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
BHO name:
CLSID name: SSVHelper Class
Path: C:\Program Files\Java\jre1.5.0_06\bin\
Long name: ssv.dll
Short name:
Date (created): 11/10/2005 1:03:56 PM
Date (last access): 6/12/2006 9:17:10 AM
Date (last write): 11/10/2005 1:22:10 PM
Filesize: 184423
Attributes: archive
MD5: F01726F7CA8538FDD4663C9DB8FEAEDC
CRC32: 0111B892
Version: 5.0.60.5

--- ActiveX list ---
{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0)
DPF name: Java Runtime Environment 1.5.0
CLSID name: Java Plug-in 1.5.0_06
Installer:
Codebase: http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (http://\"http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab\")
Path: C:\Program Files\Java\jre1.5.0_06\bin\
Long name: NPJPI150_06.dll
Short name: NPJPI1~1.DLL
Date (created): 11/10/2005 1:03:56 PM
Date (last access): 6/12/2006 9:40:48 AM
Date (last write): 11/10/2005 1:22:10 PM
Filesize: 69746
Attributes: archive
MD5: D2CF6BB5E9020E6707B62575F8083954
CRC32: 7F39DC54
Version: 5.0.60.5

{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0)
DPF name: Java Runtime Environment 1.5.0
CLSID name: Java Plug-in 1.5.0_06
Installer:
Codebase: http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (http://\"http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab\")
Path: C:\Program Files\Java\jre1.5.0_06\bin\
Long name: NPJPI150_06.dll
Short name: NPJPI1~1.DLL
Date (created): 11/10/2005 1:03:56 PM
Date (last access): 6/12/2006 9:40:48 AM
Date (last write): 11/10/2005 1:22:10 PM
Filesize: 69746
Attributes: archive
MD5: D2CF6BB5E9020E6707B62575F8083954
CRC32: 7F39DC54
Version: 5.0.60.5

--- Process list ---
PID: 0 ( 0) [System]
PID: 496 ( 4) \SystemRoot\System32\smss.exe
PID: 1048 ( 496) \??\C:\WINDOWS\system32\csrss.exe
PID: 1076 ( 496) \??\C:\WINDOWS\system32\winlogon.exe
PID: 1120 (1076) C:\WINDOWS\system32\services.exe
size: 108032
MD5: C6CE6EEC82F187615D1002BB3BB50ED4
PID: 1132 (1076) C:\WINDOWS\system32\lsass.exe
size: 13312
MD5: 84885F9B82F4D55C6146EBF6065D75D2
PID: 1308 (1120) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1420 (1120) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1460 (1120) C:\Program Files\Windows Defender\MsMpEng.exe
size: 45840
MD5: 948D315495195662BA2A683A7A156BEA
PID: 1500 (1120) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1564 (1120) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
size: 86016
MD5: 458B61E00843B7E04C4A26C4B332229A
PID: 1604 (1120) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
size: 360521
MD5: B5C93F50E862BB431C32A5EB2C42D6DA
PID: 1656 (1120) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1776 (1120) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 384 (1120) C:\WINDOWS\system32\spoolsv.exe
size: 57856
MD5: DA81EC57ACD4CDC3D4C51CF3D409AF9F
PID: 436 (1120) C:\WINDOWS\System32\SCardSvr.exe
size: 95744
MD5: 25D8DE134DF108E3DBC8D7D23B1AA58E
PID: 752 (1120) C:\WINDOWS\System32\digtizer.exe
size: 61440
MD5: C88F5632D52FC81192754A17E3ADD427
PID: 812 (1308) C:\WINDOWS\system32\igfxext.exe
size: 94208
MD5: 2B37743823DC0186CCA53A8588BE0F79
PID: 816 (1120) C:\Program Files\ewido anti-malware\ewidoctrl.exe
size: 13888
MD5: 26830B750372AB1BF29C95DEEBEB802F
PID: 872 (1076) C:\Program Files\Common Files\Microsoft Shared\Ink\KeyboardSurrogate.exe
size: 29696
MD5: A21FE56B8CA8E24596C108C918D7C44F
PID: 968 (1120) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
size: 322120
MD5: 11F714F85530A2BD134074DC30E99FCA
PID: 1052 (1120) C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
size: 98304
MD5: 24D58E98AFD11C6A039A029A1F82B2A1
PID: 1348 (1120) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
size: 139264
MD5: 8EC2789217388939B6268AA7A8A595B0
PID: 1636 (1120) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1672 (1120) C:\WINDOWS\system32\wdfmgr.exe
size: 38912
MD5: C81B8635DEE0D3EF5F64B3DD643023A5
PID: 1712 (1120) C:\WINDOWS\system32\CCM\CLICOMP\RemCtrl\Wuser32.exe
size: 241664
MD5: BFC9E2B49EDD35664D966733E79294FC
PID: 160 (1120) C:\Program Files\Bonjour\mDNSResponder.exe
size: 217088
MD5: E2F35CB96EA14DC7DD6EAB24BFF187C2
PID: 420 (1076) C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
size: 389120
MD5: 21383B579357DA810C3E483B77BA1FE5
PID: 584 (1076) C:\WINDOWS\SYSTEM32\WISPTIS.EXE
size: 293376
MD5: 9C492FEC0D62844ADFA1FD910F0AF3B8
PID: 528 (1076) C:\WINDOWS\System32\tabbtnu.exe
size: 35328
MD5: B1EFF44C35FB2DC975AABAF2051C6ECD
PID: 1360 ( 864) C:\WINDOWS\Explorer.EXE
size: 1032192
MD5: A0732187050030AE399B241436565E64
PID: 1732 ( 420) C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 24232996A38C0B0CF151C2140AE29FC8
PID: 2056 (1308) C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
size: 245760
MD5: 5957013D751C6EF99974E048F553D781
PID: 2100 (1120) C:\WINDOWS\System32\alg.exe
size: 44544
MD5: F1958FBF86D5C004CF19A5951A9514B7
PID: 2504 (1308) C:\Program Files\Common Files\Microsoft Shared\Ink\TCServer.exe
size: 43520
MD5: AF7AE3C1B1AF5EB3CC35C55B35AD627B
PID: 2860 (1360) C:\WINDOWS\system32\hkcmd.exe
size: 118784
MD5: 75566BD38A36BF1C80CEF1D4EAC05F12
PID: 2888 (1360) C:\Program Files\Fujitsu\Utils\fjevents.exe
size: 20480
MD5: 36F39AD1C8EB477FDBA7EC9C8CEBCB86
PID: 2904 (1308) C:\Program Files\Common Files\Microsoft Shared\Ink\TabTip.exe
size: 271872
MD5: F123C4ABBA2D4AE57918596873085293
PID: 2928 (1360) C:\Program Files\Fujitsu\Utils\FjDspMon.exe
size: 20480
MD5: A5681B70E7F8F7056A4E6B189DC41B49
PID: 2944 (1360) C:\Program Files\Fujitsu\Utils\FjMnuIco.exe
size: 32768
MD5: 4BD14A1A1511BB5DDD918B02DE7442AC
PID: 2952 (1360) C:\Program Files\Fujitsu\BtnHnd\BtnHnd.exe
size: 61440
MD5: 0DD8D12201344C728BA3EE6D0D479395
PID: 2984 (1308) C:\WINDOWS\system32\igfxext.exe
size: 94208
MD5: 2B37743823DC0186CCA53A8588BE0F79
PID: 3036 (1360) C:\Program Files\Fujitsu\updnavi\updnavi.exe
size: 266240
MD5: 3E8EF453726549B156A1D22FE3584DB1
PID: 3052 (1360) C:\Program Files\Apoint2K\Apoint.exe
size: 159744
MD5: A0F2A6DDDBB570F110E9CC45BFC9A37B
PID: 3064 (1360) C:\WINDOWS\AGRSMMSG.exe
size: 88363
MD5: F7B737E2AF9E5C14459C659ECD6C4ED5
PID: 3116 (1360) C:\Program Files\ltmoh\Ltmoh.exe
size: 184320
MD5: C2EDE68251407CCACABF5E48028626BD
PID: 3144 (1360) C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
size: 81920
MD5: C88736F51FAC99D8AA0406D13E6EB58B
PID: 3240 (1360) C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
size: 36975
MD5: 61A3A9D5D98BF0331DF5B716144A8100
PID: 3260 (1360) C:\WINDOWS\system32\dla\tfswctrl.exe
size: 122939
MD5: C22BDB59D346ABA833A3A207E1629F07
PID: 3268 (1360) C:\Program Files\iTunes\iTunesHelper.exe
size: 274432
MD5: E9766C6A4FD03C23607B064D0F5DCF3E
PID: 3296 (1360) C:\Program Files\QuickTime\qttask.exe
size: 155648
MD5: 3E7D91F24D28C968B92C85C7E2882EED
PID: 3340 (1360) C:\Program Files\Common Files\Real\Update_OB\realsched.exe
size: 180269
MD5: F9B47F830DD55FEDD6EF27D063C29A42
PID: 3352 (3052) C:\Program Files\Apoint2K\HidFind.exe
size: 45056
MD5: A134AF5410BC88AC91C34BD4473E666A
PID: 3356 (1360) C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
size: 385024
MD5: 923282F7BEA485CE34CFA6BC1DE061BB
PID: 3364 (3336) C:\Program Files\Apoint2K\Apntex.exe
size: 45056
MD5: CCA1B81492B40890E44B2B20A780EE1F
PID: 3388 (1360) C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
size: 356352
MD5: C00B4E6D42E93ADC0D3F35FE8602EBEC
PID: 3412 (1360) C:\Program Files\Windows Defender\MSASCui.exe
size: 1420560
MD5: 81AA8BA06A824E637E2BA290D4FA9E3E
PID: 3680 (1360) C:\Program Files\MessengerPlus! 3\MsgPlus.exe
size: 190024
MD5: B787D9A60FEE9C3732C2E2D4571BB716
PID: 3720 (1120) C:\Program Files\iPod\bin\iPodService.exe
size: 323584
MD5: 44C99586DE77688B6AE8D428E9D880FA
PID: 3768 (1360) C:\Program Files\WHidePro\whpro.exe
size: 4608
MD5: 8DDD4045E82038D14FE5671A4148C955
PID: 1316 (3760) C:\Program Files\MSN Messenger\msnmsgr.exe
size: 7094272
MD5: 59E6B431FAF166923C93F32D1FB9AAA4
PID: 1300 (1360) C:\Program Files\Mozilla Firefox\firefox.exe
size: 7177325
MD5: 635D94AB57D1B7EDB36B0C4F1A980A88
PID: 3460 (1360) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 4393096
MD5: 09CA174A605B480318731E691DC98539
PID: 3796 (1360) C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
size: 12047560
MD5: 5FEAF6AB43AA477597F9F8DB0E8CB69C
PID: 2248 (3952) C:\Program Files\Windows Defender\MpCmdRun.exe
size: 276240
MD5: 444FFA5BF4F0929296B4D1A9A0AA520B
PID: 2252 (1500) C:\WINDOWS\system32\wuauclt.exe
size: 124184
MD5: EBF1AB7E4FC05CABF2F4680D2A45F827
PID: 4 ( 0) System

--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 6/12/2006 9:42:18 AM

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\WINDOWS\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch (http://\"http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch\")
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.singnet.com.sg (http://\"http://www.singnet.com.sg\")
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
%SystemRoot%\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch (http://\"http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch\")
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.microsoft.com/isapi/redir.dll?p...B_PVER}&ar=home (http://\"http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home\")
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://www.pc-ap.fujitsu.com/ (http://\"http://www.pc-ap.fujitsu.com/\")
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch (http://\"http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch\")
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm (http://\"http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm\")
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm (http://\"http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm\")

--- Winsock Layered Service Provider list ---

--- Uninstall list ---
Ad-Aware SE Personal 1.06 (Ad-Aware SE Personal)
uninstall cmd: C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
publisher: Lavasoft
help link: http://www.lavasoft.com (http://\"http://www.lavasoft.com\")

(AddressBook)

Adobe Photoshop CS2 9.0 (Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D})
version: 9
version (major): 9
install location: C:\Program Files\Adobe\Adobe Photoshop CS2\
uninstall cmd: msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
publisher: Adobe Systems, Inc.
comments:
contact: Customer Support
help link: http://www.adobe.com/support/main.html (http://\"http://www.adobe.com/support/main.html\")
help telephone: 1-555-555-4505

Agere Systems AC'97 Modem (Agere Systems Soft Modem)
uninstall cmd: agrsmdel

CleanUp! (CleanUp!)
uninstall cmd: C:\Program Files\CleanUp!\uninstall.exe

(Connection Manager)

(Diablo II)

(DirectAnimation)

(DirectDrawEx)

(dlatray.exe)
uninstall cmd: C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}

(DXM_Runtime)

Earth Our Home 1 (Student) (Earth Our Home 1 (Student)_is1)
install location: D:\LTB2\
uninstall cmd: D:\LTB2\unins000.exe

Earth Our Home 2 (Earth Our Home 2_is1)
install location: d:\ltb2\Earth Our Home 2\
uninstall cmd: "d:\ltb2\Earth Our Home 2\unins000.exe"

ewido anti-malware (ewidoantimalware)
install location: C:\Program Files\ewido anti-malware
uninstall cmd: C:\Program Files\ewido anti-malware\Uninstall.exe
publisher: ewido networks
help link: http://www.ewido.net (http://\"http://www.ewido.net\")

(Fontcore)

GoldWave v5.13 (GoldWave v5.13)
uninstall cmd: "C:\Program Files\GoldWave\unstall.exe" "GoldWave v5.13" "C:\Program Files\GoldWave\unstall.log"

Graphmatica (Graphmatica)
uninstall cmd: C:\Program Files\Graphmatica\uninstall.exe

Hamachi 0.9.9.9 (Hamachi)
uninstall cmd: C:\Program Files\Hamachi\uninstall.exe

HijackThis 1.99.1 1.99.1 (HijackThis)
uninstall cmd: D:\ka tsun's stuff\HijackThis.exe /uninstall
publisher: Soeperman Enterprises Ltd.

Hot Potatoes v 6.0.3.39 (hotpot6_is1)
uninstall cmd: "C:\Program Files\HotPotatoes6\unins000.exe"
publisher: Half-Baked Software
help link: http://www.halfbakedsoftware.com (http://\"http://www.halfbakedsoftware.com\")

(ICW)

(IE40)

(IE4Data)

(IE5BAKEX)

(IEData)

(InstallShield Uninstall Information)

Fujitsu Hardware Diagnostics Tool 1.06.002 (InstallShield_{0C66761E-497A-4BE3-AE0D-8EC30FC9A9AA})
version: 17170434
version (major): 1
version (minor): 6
estimated size: 93378
install date: 20040914
install source: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\_is6\
uninstall cmd: C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{0C66761E-497A-4BE3-AE0D-8EC30FC9A9AA} /l1033
publisher: PC-Doctor, Inc.
comments: Personal Computer Diagnostics Software
contact: Customer Support Department
help link: http://www.PC-Doctor.com (http://\"http://www.PC-Doctor.com\")

QuickTime 7.0.2 (InstallShield_{4E5E22C2-1386-47AE-8EDE-32DDCDCD6653})
version: 117440514
version (major): 7
estimated size: 62050
install date: 20050909
install location: C:\Program Files\QuickTime\
install source: C:\DOCUME~1\PUNKAT~1\LOCALS~1\Temp\_is5C\
uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{4E5E22C2-1386-47AE-8EDE-32DDCDCD6653} /l1033
publisher: Apple Computer, Inc.
contact: AppleCare Support
help link: http://www.info.apple.com/ (http://\"http://www.info.apple.com/\")
help telephone: 1-800-275-2273

iTunes 5.0.0.35 (InstallShield_{5A4AFC3E-4973-46A1-92D6-3A1C5E52948A})
version: 83886080
version (major): 5
estimated size: 31128
install date: 20050909
install location: C:\Program Files\iTunes\
install source: C:\WINDOWS\Downloaded Installations\{EA7763E4-20ED-43E2-AEFB-D81D1FC2ED59}\
uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{5A4AFC3E-4973-46A1-92D6-3A1C5E52948A} /l1033
publisher: Apple Computer, Inc.
contact: AppleCare Support
help link: http://www.info.apple.com/ (http://\"http://www.info.apple.com/\")
help telephone: 1-800-275-2273

O2Micro MemoryCardBus Windows Driver 1.50.0000 (InstallShield_{B08D94CF-88AA-45ED-B323-30B321DBC92A})
version: 20054016
version (major): 1
version (minor): 50
install date: 20040914
install source: C:\Drivers\PCMCIA\
uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{B08D94CF-88AA-45ED-B323-30B321DBC92A} /l1033
publisher: O2Micro Electronics, Inc.
comments: Not support
contact: Customer Support Department
help link: Not support
help telephone: Not support
readme: Not support

Windows XP Hotfix - KB873333 20050114.005213 (KB873333)
uninstall cmd: C:\WINDOWS\$NtUninstallKB873333$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=873333 (http://\"http://support.microsoft.com?kbid=873333\")

Windows XP Hotfix - KB873339 20041117.092459 (KB873339)
uninstall cmd: C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=873339 (http://\"http://support.microsoft.com?kbid=873339\")

(KB884016)

Windows XP Hotfix - KB885250 20050118.202711 (KB885250)
uninstall cmd: C:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=885250 (http://\"http://support.microsoft.com?kbid=885250\")

Windows XP Hotfix - KB885835 20041027.181713 (KB885835)
uninstall cmd: C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=885835 (http://\"http://support.microsoft.com?kbid=885835\")

Windows XP Hotfix - KB885836 20041028.173203 (KB885836)
uninstall cmd: C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=885836 (http://\"http://support.microsoft.com?kbid=885836\")

Windows XP Hotfix - KB886185 20041021.090540 (KB886185)
uninstall cmd: C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=886185 (http://\"http://support.microsoft.com?kbid=886185\")

Windows XP Hotfix - KB887472 20041014.162858 (KB887472)
uninstall cmd: C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=887472 (http://\"http://support.microsoft.com?kbid=887472\")

Windows XP Hotfix - KB887742 20041103.095002 (KB887742)
uninstall cmd: C:\WINDOWS\$NtUninstallKB887742$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=887742 (http://\"http://support.microsoft.com?kbid=887742\")

Microsoft .NET Framework 1.0 Hotfix (KB887998) (KB887998)
install date: 20050831
uninstall cmd: "C:\WINDOWS\$NtUninstallKB887998$\spuninst\spuninst.exe"
publisher: Microsoft Corporation

Windows XP Hotfix - KB888113 20041116.131036 (KB888113)
uninstall cmd: C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=888113 (http://\"http://support.microsoft.com?kbid=888113\")

Windows XP Hotfix - KB888302 20041207.111426 (KB888302)
uninstall cmd: C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=888302 (http://\"http://support.microsoft.com?kbid=888302\")

Security Update for Windows XP (KB890046) 1 (KB890046)
install date: 20050831
uninstall cmd: "C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=890046 (http://\"http://support.microsoft.com?kbid=890046\")

Windows XP Hotfix - KB890859 1 (KB890859)
install date: 20050831
uninstall cmd: "C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=890859 (http://\"http://support.microsoft.com?kbid=890859\")

Windows XP Hotfix - KB891781 20050110.165439 (KB891781)
uninstall cmd: C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=891781 (http://\"http://support.microsoft.com?kbid=891781\")

Security Update for Windows XP (KB893066) 2 (KB893066)
install date: 20050831
uninstall cmd: "C:\WINDOWS\$NtUninstallKB893066$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=893066 (http://\"http://support.microsoft.com?kbid=893066\")

Windows XP Hotfix - KB893086 1 (KB893086)
install date: 20050831
uninstall cmd: "C:\WINDOWS\$NtUninstallKB893086$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=893086 (http://\"http://support.microsoft.com?kbid=893086\")

Security Update for Windows XP (KB893756) 1 (KB893756)
install date: 20050831
uninstall cmd: "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=893756 (http://\"http://support.microsoft.com?kbid=893756\")

(KB893803)

Windows Installer 3.1 (KB893803) 3.1 (KB893803v2)
uninstall cmd: "C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=42467 (http://\"http://go.microsoft.com/fwlink/?LinkId=42467\")

Update for Windows XP (KB894391) 1 (KB894391)
install date: 20050831
uninstall cmd: "C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=894391 (http://\"http://support.microsoft.com?kbid=894391\")

Security Update for Windows XP (KB896358) 1 (KB896358)
install date: 20050831
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896358 (http://\"http://support.microsoft.com?kbid=896358\")

Security Update for Windows XP (KB896422) 1 (KB896422)
install date: 20050831
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896422 (http://\"http://support.microsoft.com?kbid=896422\")

Security Update for Windows XP (KB896423) 1 (KB896423)
install date: 20050831
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896423 (http://\"http://support.microsoft.com?kbid=896423\")

Security Update for Windows XP (KB896424) 1 (KB896424)
install date: 20060609
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896424 (http://\"http://support.microsoft.com?kbid=896424\")

Security Update for Windows XP (KB896428) 1 (KB896428)
install date: 20050831
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896428 (http://\"http://support.microsoft.com?kbid=896428\")

Update for Windows XP (KB896727) 1 (KB896727)
install date: 20050831
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896727$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896727 (http://\"http://support.microsoft.com?kbid=896727\")

Update for Windows XP (KB898461) 1 (KB898461)
install date: 20050831
uninstall cmd: "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=898461 (http://\"http://support.microsoft.com?kbid=898461\")

Security Update for Windows XP (KB899587) 1 (KB899587)
install date: 20050831
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=899587 (http://\"http://support.microsoft.com?kbid=899587\")

Security Update for Windows XP (KB899588) 1 (KB899588)
install date: 20050831
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899588$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=899588 (http://\"http://support.microsoft.com?kbid=899588\")

Security Update for Windows XP (KB899589) 1 (KB899589)
install date: 20060609
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899589$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=899589 (http://\"http://support.microsoft.com?kbid=899589\")

Security Update for Windows XP (KB899591) 1 (KB899591)
install date: 20050831
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=899591 (http://\"http://support.microsoft.com?kbid=899591\")

Update for Windows XP (KB900485) 2 (KB900485)
install date: 20060609
uninstall cmd: "C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=900485 (http://\"http://support.microsoft.com?kbid=900485\")

Security Update for Windows XP (KB900725) 1 (KB900725)
install date: 20060609
uninstall cmd: "C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=900725 (http://\"http://support.microsoft.com?kbid=900725\")

Security Update for Windows XP (KB901017) 1 (KB901017)
install date: 20060609
uninstall cmd: "C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=901017 (http://\"http://support.microsoft.com?kbid=901017\")

Security Update for Windows XP (KB901190) 1 (KB901190)
install date: 20060609
uninstall cmd: "C:\WINDOWS\$NtUninstallKB901190$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=901190 (http://\"http://support.microsoft.com?kbid=901190\")

Security Update for Windows XP (KB901214) 1 (KB901214)
install date: 20050831
uninstall cmd: "C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=901214 (http://\"http://support.microsoft.com?kbid=901214\")

Security Update for Windows XP (KB902400) 1 (KB902400)
install date: 20060609
uninstall cmd: "C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=902400 (http://\"http://support.microsoft.com?kbid=902400\")

Security Update for Windows XP (KB904706) 2 (KB904706)
install date: 20060609
uninstall cmd: "C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=904706 (http://\"http://support.microsoft.com?kbid=904706\")

Security Update for Windows XP (KB905414) 1 (KB905414)
install date: 20060609
uninstall cmd: "C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=905414 (http://\"http://support.microsoft.com?kbid=905414\")

Security Update for Windows XP (KB905749) 1 (KB905749)
install date: 20060609
uninstall cmd: "C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=905749 (http://\"http://support.microsoft.com?kbid=905749\")

Security Update for Windows XP (KB908519) 1 (KB908519)
install date: 20060609
uninstall cmd: "C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=908519 (http://\"http://support.microsoft.com?kbid=908519\")

Update for Windows XP (KB908531) 2 (KB908531)
install date: 20060609
uninstall cmd: "C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=908531 (http://\"http://support.microsoft.com?kbid=908531\")

Update for Windows XP (KB910437) 1 (KB910437)
install date: 20060609
uninstall cmd: "C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=910437 (http://\"http://support.microsoft.com?kbid=910437\")

Security Update for Windows XP (KB911562) 1 (KB911562)
install date: 20060609
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=911562 (http://\"http://support.microsoft.com?kbid=911562\")

Security Update for Windows Media Player (KB911564) (KB911564)
install date: 20060609
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=911564 (http://\"http://support.microsoft.com/?kbid=911564\")

Security Update for Windows Media Player 10 (KB911565) (KB911565)
install date: 20060609
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=911565 (http://\"http://support.microsoft.com/?kbid=911565\")

Security Update for Windows XP (KB911567) 1 (KB911567)
install date: 20060609
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911567$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=911567 (http://\"http://support.microsoft.com?kbid=911567\")

Security Update for Windows XP (KB911927) 1 (KB911927)
install date: 20060609
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=911927 (http://\"http://support.microsoft.com?kbid=911927\")

Security Update for Windows XP (KB912812) 1 (KB912812)
install date: 20060609
uninstall cmd: "C:\WINDOWS\$NtUninstallKB912812$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=912812 (http://\"http://support.microsoft.com?kbid=912812\")

Security Update for Windows XP (KB912919) 1 (KB912919)
install date: 20060609
uninstall cmd: "C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=912919 (http://\"http://support.microsoft.com?kbid=912919\")

Security Update for Windows XP (KB913446) 1 (KB913446)
install date: 20060609
uninstall cmd: "C:\WINDOWS\$NtUninstallKB913446$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=913446 (http://\"http://support.microsoft.com?kbid=913446\")

Security Update for Windows XP (KB913580) 1 (KB913580)
install date: 20060609
uninstall cmd: "C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=913580 (http://\"http://support.microsoft.com?kbid=913580\")

LimeWire 4.10.9 4.10.9 (LimeWire)
uninstall cmd: "C:\Program Files\LimeWire\uninstall.exe"
publisher: Lime Wire, LLC
help link: http://www.limewire.com/support (http://\"http://www.limewire.com/support\")

Microsoft .NET Framework 1.1 Hotfix (KB886903) (M886903)
uninstall cmd: "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M886903\M886903Uninstall.msp"

Macromedia Shockwave Player 10.1.0.11 (Macromedia Shockwave Player)
uninstall cmd: C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
publisher: Macromedia, Inc.
help link: http://www.macromedia.com/support/shockwave (http://\"http://www.macromedia.com/support/shockwave\")

MechWarrior Vengeance (MechWarrior Vengeance)
uninstall cmd: "C:\Program Files\Microsoft Games\MechWarrior Vengeance\MWUNINSTAL.EXE" /runtemp /addremove

Microsoft .NET Framework 1.1 (Microsoft .NET Framework 1.1 (1033))
uninstall cmd: msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
readme: file://C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\RepairRedist.htm

mIRC (mIRC)
uninstall cmd: "C:\Program Files\mIRC\mirc.exe" -uninstall

(MobileOptionPack)

Mozilla Firefox (1.5.0.4) 1.5.0.4 (en-US) (Mozilla Firefox (1.5.0.4))
install location: C:\Program Files\Mozilla Firefox
uninstall cmd: C:\Program Files\Mozilla Firefox\uninstall\uninstall.exe /ua "1.5.0.4 (en-US)"
publisher: Mozilla

(MPlayer2)

Messenger Plus! 3 (MsgPlus! Plugin)
uninstall cmd: "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /Remove

(MSI30-Beta1)

(MSI30-Beta2)

(MSI30-KB884016)

(MSI30-RC1)

(MSI30-RC2)

(MSI30a-KB884016)

(MSI31-Beta)

(MSI31-RC1)

MSN Music Assistant (MSN Music Assistant)
uninstall cmd: rundll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\msninst.inf,Uninstall

Musicnotes Player V1.22.2 1.22.2 (Musicnotes Player_is1)
install location: C:\Program Files\Musicnotes\Player\
uninstall cmd: "C:\Program Files\Musicnotes\Player\unins000.exe"
publisher: Musicnotes Inc.
help link: http://www.musicnotes.com/help (http://\"http://www.musicnotes.com/help\")

(NetMeeting)

(OutlookExpress)

(PCHealth)
uninstall cmd: rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf

PopCap Browser Plugin (PopCap Browser Plugin)
uninstall cmd: C:\Program Files\PopCap Games\PopCap Browser Plugin\Uninstall.exe

Power MP3 WMA Converter 2005, (ver 2.0) 2.0.0.6 (Power MP3 WMA Converter_is1)
install location: C:\Program Files\Power MP3 WMA Converter\
uninstall cmd: "C:\Program Files\Power MP3 WMA Converter\unins000.exe"
publisher: CooolSoft, Inc.
help link: http://www.cooolsoft.com (http://\"http://www.cooolsoft.com\")

Intel® PROSet/Wireless Software (ProInst)
install location: C:\WINDOWS\Installer\iProInst.exe
uninstall cmd: C:\WINDOWS\Installer\iProInst.exe
publisher: Intel Corporation

Quick Start V1.3 (Prolink Hurricane 9000C_is1)
install location: C:\Program Files\Prolink Hurricane 9000C\
uninstall cmd: "C:\Program Files\Prolink Hurricane 9000C\unins000.exe"
publisher: Fida International (S) Pte Ltd
help link: http://www.fida.com (http://\"http://www.fida.com\")

(RealJukebox 1.0)
uninstall cmd: C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0

RealPlayer (RealPlayer 6.0)
uninstall cmd: C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0

(RecordNow.exe)
uninstall cmd: C:\WINDOWS\system32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}

(SchedulingAgent)

Security Task Manager 1.6f 1.6f (Security Task Manager)
version (major): 1
version (minor): 6
install location: C:\Program Files\Security Task Manager\
uninstall cmd: C:\Program Files\Security Task Manager\Uninstal.exe "C:\Documents and Settings\All Users\Start Menu\Programs\Security Task Manager"
publisher: Neuber GbR
contact: [email protected]
help link: http://http://www.neuber.com/taskmanager (http://\"http://http://www.neuber.com/taskmanager\")

(Shockwave)

Macromedia Flash Player 8 8 (ShockwaveFlash)
uninstall cmd: RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\swflash.inf,DefaultUninstall,5
publisher: Macromedia
help link: http://www.macromedia.com/go/flashplayer_support/ (http://\"http://www.macromedia.com/go/flashplayer_support/\")

Spybot - Search & Destroy 1.4 1.4 (Spybot - Search & Destroy_is1)
install location: C:\Program Files\Spybot - Search & Destroy\
uninstall cmd: "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
publisher: Safer Networking Limited

SpywareBlaster v3.5.1 3.5.1 (SpywareBlaster_is1)
install location: C:\Program Files\SpywareBlaster\
uninstall cmd: "C:\Program Files\SpywareBlaster\unins000.exe"
publisher: Javacool Software LLC

Teen Life 2 (Teen Life 2_is1)
install location: d:\ltb2\Teen Life 2\
uninstall cmd: "d:\ltb2\Teen Life 2\unins000.exe"

Windows Genuine Advantage Validation Tool (KB892130) 1.5.0530.0 (WGA)
install date: 20060609
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=892130 (http://\"http://support.microsoft.com?kbid=892130\")

Windows Genuine Advantage Notifications (KB905474) 1.5.0532.2 (WgaNotify)
install date: 20060609
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=905474 (http://\"http://support.microsoft.com?kbid=905474\")

Windows Hider Pro (remove only) (WHidePro)
uninstall cmd: "C:\Program Files\WHidePro\uninstall.exe"

Windows Me

Title: help!!!!!
Post by: guestolo on June 11, 2006, 09:40:37 PM

Just finding cookies
Did you install SpywareBlaster with the instructions I posted?
Make sure you do

Also, make sure that you use the immunize feature with the instructions I posted earlier with Spybot

After that is done
Open CleanUp! >>START>>All Programs>>CleanUp!
Click the CleanUp! button
DO NOT choose Demo mode, run the actual clean
When it's done click Close
NOTE: CleanUp! deletes EVERYTHING out of your temp/temporary folders, it does not make backups. If you have any documents or programs that are saved in any Temporary Folders, make a backup of these before running CleanUp!

Don't just log off, but instead reboot the computer

Back in Windows
Run a fresh scan with Spybot and see if it is still finding those cookies

Could I aslo check the following please
Download and unzip to it's own folder on your desktop
findlop.zip (http://\"http://metallica.geekstogo.com/findlop.zip\")

Inside the findlop folder on the desktop double click on
findlop.bat
It will create the file C:\findlop.txt
Find that file and copy the whole contents into your next post please

Title: help!!!!!
Post by: Asuyuki on June 13, 2006, 04:33:47 AM

the spybot side nothing le

the txt

[TRACE] Enumerating jobs and queues
[TRACE] Activating job 'Critical Battery Alarm Program.job'
[TRACE] Printing all job properties

ApplicationName: ''
Parameters: ''
WorkingDirectory: ''
Comment: ''
Creator: 'Pikasword'
Priority: NORMAL
MaxRunTime: 259200000 (3d 0:00:00)
IdleWait: 10
IdleDeadline: 60
MostRecentRun: 00/00/0000 0:00:00
NextRun: 00/00/0000 0:00:00
StartError: SCHED_S_TASK_HAS_NOT_RUN
ExitCode: 0
Status: SCHED_S_TASK_NOT_SCHEDULED
ScheduledWorkItem Flags:
DeleteWhenDone = 0
Suspend = 0
StartOnlyIfIdle = 0
KillOnIdleEnd = 0
RestartOnIdleResume = 0
DontStartIfOnBatteries = 0
KillIfGoingOnBatteries = 0
RunOnlyIfLoggedOn = 0
SystemRequired = 0
Hidden = 0
TaskFlags: 0

No triggers

[TRACE] Activating job 'MP Scheduled Scan.job'
[TRACE] Printing all job properties

ApplicationName: 'C:\Program Files\Windows Defender\MpCmdRun.exe'
Parameters: 'Scan -ScanType config -Privileges restricted'
WorkingDirectory: ''
Comment: 'Scheduled Scan'
Creator: 'SYSTEM'
Priority: NORMAL
MaxRunTime: 259200000 (3d 0:00:00)
IdleWait: 10
IdleDeadline: 60
MostRecentRun: 00/00/0000 0:00:00
NextRun: 06/14/2006 1:55:00
StartError: SCHED_S_TASK_HAS_NOT_RUN
ExitCode: 0
Status: SCHED_S_TASK_HAS_NOT_RUN
ScheduledWorkItem Flags:
DeleteWhenDone = 0
Suspend = 0
StartOnlyIfIdle = 0
KillOnIdleEnd = 0
RestartOnIdleResume = 0
DontStartIfOnBatteries = 1
KillIfGoingOnBatteries = 0
RunOnlyIfLoggedOn = 0
SystemRequired = 0
Hidden = 1
TaskFlags: 0

1 Trigger

Trigger 0:
Type: Daily
DaysInterval: 1
StartDate: 06/13/2006
EndDate: 00/00/0000
StartTime: 01:55
MinutesDuration: 0
MinutesInterval: 0
Flags:
HasEndDate = 0
KillAtDuration = 0
Disabled = 0

Title: help!!!!!
Post by: guestolo on June 13, 2006, 10:27:50 PM

Looks good, I'll lock this topic if you have no further problems
Take care

/smile.gif\' class=\'bbc_emoticon\' alt=\':)\' />