Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Possibly Malware Ne0ks.exe After Eset, Hjt And Dss Log


  • This topic is locked This topic is locked
2 replies to this topic

#1 Alkapone

Alkapone

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:04:37 AM

Posted 19 May 2008 - 05:30 PM

Hi !

On start up a command prompt box pops up with "Hello Bok2! Press any key to continue" on a black screen. The title of the box seems to be "ne0ks.exe". I have followed the preparation guide to posting a hijackthis log to the best of my ability.
While looking solutions for my computer, I found this topic which helped me to kind of solve the problem. I can say so cause everything seems to be OKAY now after following the described steps in the topic 119120. Now i would like to transfer a logtext of an EsetOnlineScanner and a HJT log and a DSS. Could you please help me with what to remove? Thank you very Much for your Help.


version=4
# OnlineScanner.ocx=1.0.0.56
# OnlineScannerDLLA.dll=1, 0, 0, 51
# OnlineScannerDLLW.dll=1, 0, 0, 51
# OnlineScannerUninstaller.exe=1, 0, 0, 49
# vers_standard_module=3100 (20080514)
# vers_arch_module=1.064 (20080214)
# vers_adv_heur_module=1.064 (20070717)
# EOSSerial=2f855b7bb87e2245a6a2b473214f13f4
# end=finished
# remove_checked=false
# unwanted_checked=true
# utc_time=2008-05-15 02:22:22
# local_time=2008-05-14 11:22:22 (-0400, Atlantic Daylight Time)
# country="United States"
# osver=5.1.2600 NT Service Pack 2
# scanned=431564
# found=352
# scan_time=5205
C:\t.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\t.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Documents and Settings\Compaq_Owner\Desktop\Alfred\Anglobal\poweriso v 3 1 + keygen_dngnmstr [bajado en p2platinos com]_.exe Win32/VB.NNI worm 83007444A24B33D4C5513D9F7EEE67D6
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\fns-3.exe a variant of Win32/Adware.HotSearchBar application 7D057F02942B47083B79121B2093ED65
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\fns-3.exe »NSIS »ý€ a variant of Win32/Adware.HotSearchBar application 00000000000000000000000000000000
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\hbd.dll Win32/IRCBot.SJ trojan 88DE3C0D6293EE2D27E536CEA77320F1
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\IIF7.tmp a variant of Win32/Adware.HotSearchBar application 7D057F02942B47083B79121B2093ED65
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\IIF7.tmp »NSIS »ý€ a variant of Win32/Adware.HotSearchBar application 00000000000000000000000000000000
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\p2psetup.exe Win32/Adware.P2PNet application 3E1D143C28BB5119CA6B72468E65A152
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\B9WRHOVD\setup[1].exe Win32/TrojanDownloader.Zlob.BWA trojan E501EB6CAB49D03D92544E93D26BCC56
C:\Program Files\LimeWire\_\007 Spy Software v 3.87.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\007 Spy Software v 3.87.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\300 2007 DVDRip XviD-NEPTUNE.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\300 2007 DVDRip XviD-NEPTUNE.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\300 Screener.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\300 Screener.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\5ive Girls.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\5ive Girls.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\7 Wonders.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\7 Wonders.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Absolute Sound Recorder v3.5.1.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Absolute Sound Recorder v3.5.1.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Ad Muncher 4.7.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Ad Muncher 4.7.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Advance Concrete 7.1.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Advance Concrete 7.1.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Advanced SmartCheck 3.30.920.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Advanced SmartCheck 3.30.920.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Advanced SmartCheck ver.3.30.920.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Advanced SmartCheck ver.3.30.920.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Age of Empires 3 The Warchiefs iSO.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Age of Empires 3 The Warchiefs iSO.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Age Of Empires 3 iSO.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Age Of Empires 3 iSO.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Age of Empires 3 The Warchiefs iSO.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Age of Empires 3 The Warchiefs iSO.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Ahead DVD Ripper 1.4.2.16.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Ahead DVD Ripper 1.4.2.16.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Ai Roboform Pro 6.9.3.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Ai Roboform Pro 6.9.3.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\AI Roboform Pro v6.93.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\AI Roboform Pro v6.93.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Akeelah and the Bee 2006.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Akeelah and the Bee 2006.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Allok Video to MP4 Converter v.3.0.2.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Allok Video to MP4 Converter v.3.0.2.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\ALO CD and DVD Burner 3.2.25.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\ALO CD and DVD Burner 3.2.25.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\AMD Dual Core Optimizer v1.1.1.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\AMD Dual Core Optimizer v1.1.1.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\AMD Dual-Core Optimizer v.1.1.1.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\AMD Dual-Core Optimizer v.1.1.1.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Ancient Wars Sparta.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Ancient Wars Sparta.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Apex iPod Video Converter 3.83.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Apex iPod Video Converter 3.83.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Apex Video Converter Super 5.58.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Apex Video Converter Super 5.58.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Arial Audio Converter 2.3.50.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Arial Audio Converter 2.3.50.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Article Submitter v1.6.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Article Submitter v1.6.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\AVG Internet Security 7.5.467.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\AVG Internet Security 7.5.467.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\AZ Studio Pro 7.1.0.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\AZ Studio Pro 7.1.0.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Backyard Baseball 2007.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Backyard Baseball 2007.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\BBC Space.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\BBC Space.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Bio-Cops DVDRip XviD-Nucleus.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Bio-Cops DVDRip XviD-Nucleus.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\BlindWrite 6.0.4.36.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\BlindWrite 6.0.4.36.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Bullet Candy 2.0.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Bullet Candy 2.0.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\CA Internet Security Suite 2007 v.3.2.0.3.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\CA Internet Security Suite 2007 v.3.2.0.3.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Caesar IV.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Caesar IV.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Call of Cthulhu Dark Corners of the Earth.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Call of Cthulhu Dark Corners of the Earth.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Cisco CCNP CBT.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Cisco CCNP CBT.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Colin McRae Rally 4.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Colin McRae Rally 4.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Command and Conquer 3 Tiberium Wars Kane Edition iSO.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Command and Conquer 3 Tiberium Wars Kane Edition iSO.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Command and Conquer 3 Tiberium Wars Kane Edition iSO.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Command and Conquer 3 Tiberium Wars Kane Edition iSO.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Company of Heroes.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Company of Heroes.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Cool Easy Card ver.2.55.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Cool Easy Card ver.2.55.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Cool Paint 2.6.0.1.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Cool Paint 2.6.0.1.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Corel Graphics Suite 11 Portable.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Corel Graphics Suite 11 Portable.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Cucusoft Video Converter Pro v.7.07.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Cucusoft Video Converter Pro v.7.07.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Dark Files 3.3.1.1.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Dark Files 3.3.1.1.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Dhoom 2 DVDRip.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Dhoom 2 DVDRip.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Directory Opus 9.0.0.3.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Directory Opus 9.0.0.3.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Diskeeper 2007 11.0.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Diskeeper 2007 11.0.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Don 2006 DVDRip.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Don 2006 DVDRip.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Dream Pinball 3D Retail.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Dream Pinball 3D Retail.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\DVDFab Platinum v3.1.2.2 Beta.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\DVDFab Platinum v3.1.2.2 Beta.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Dziobas RAR Player 0.006.4.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Dziobas RAR Player 0.006.4.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Easy DVD CD Burner 3.0.97.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Easy DVD CD Burner 3.0.97.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Ektron eWebEditPro XML v5.1.0.38.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Ektron eWebEditPro XML v5.1.0.38.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Euro Plus NiceLabel Suite v5.0.1.1446.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Euro Plus NiceLabel Suite v5.0.1.1446.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Face Smoother v1.12 Multilingual.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Face Smoother v1.12 Multilingual.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\FlashGet Version 1.8.4.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\FlashGet Version 1.8.4.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\FLV Player v.1.0.0.36.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\FLV Player v.1.0.0.36.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Ftp Commander Pro 8.0.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Ftp Commander Pro 8.0.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Funny Money 2006 DVDRip Xvid-aXXo.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Funny Money 2006 DVDRip Xvid-aXXo.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Getright Pro v6.2a.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Getright Pro v6.2a.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\GFI LANguard Network Security Scanner 8.0.20070322.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\GFI LANguard Network Security Scanner 8.0.20070322.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Ghost Rider 2007 EXTENDED DVDRip XviD-DiAMOND.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Ghost Rider 2007 EXTENDED DVDRip XviD-DiAMOND.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Ghost Rider EXTENDED DVDRip XviD-DiAMOND.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Ghost Rider EXTENDED DVDRip XviD-DiAMOND.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Godfather The Game iSO.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Godfather The Game iSO.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Godfather The Game iSO.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Godfather The Game iSO.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Google Earth PRO v.4.0.2737.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Google Earth PRO v.4.0.2737.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Grand Theft Auto III.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Grand Theft Auto III.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Gray Matters (2007).rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Gray Matters (2007).rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Gray Matters 2007 DVDSCR XviD-ViTE.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Gray Matters 2007 DVDSCR XviD-ViTE.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\GTA - San Andreas.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\GTA - San Andreas.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Hannibal Rising DVDRip XviD.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Hannibal Rising DVDRip XviD.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Happily Never After (2007).rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Happily Never After (2007).rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Happy Feet.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Happy Feet.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Harry Potter and the Goblet of Fire.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Harry Potter and the Goblet of Fire.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Harsh Times 2006 DVDRiP XviD.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Harsh Times 2006 DVDRiP XviD.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\ImTOO DVD Ripper Platinum v.4.0.74.0427.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\ImTOO DVD Ripper Platinum v.4.0.74.0427.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\IVT Bluesoleil v3.0.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\IVT Bluesoleil v3.0.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Jackass 2 DVDRip.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Jackass 2 DVDRip.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Jade Empire Special Edition DVD iSO.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Jade Empire Special Edition DVD iSO.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Jagged Alliance 2 Wildfire iSO.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Jagged Alliance 2 Wildfire iSO.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Jagged Alliance 2 Wildfire iSO.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Jagged Alliance 2 Wildfire iSO.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\JetAudio 7.0.2 Build 3010 Plus VX.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\JetAudio 7.0.2 Build 3010 Plus VX.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Kerio MailServer 6.4.0.3364.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Kerio MailServer 6.4.0.3364.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\L.A. Street Racing-RELOADED iSO.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\L.A. Street Racing-RELOADED iSO.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\LanHelper v1.71.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\LanHelper v1.71.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\MagicTweak 3.40.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\MagicTweak 3.40.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Makeup Pilot 1.35.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Makeup Pilot 1.35.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Mars WinCleaner 1.8.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Mars WinCleaner 1.8.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Messenger Detect 2.03.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Messenger Detect 2.03.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Messengerlog Pro 6.22.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Messengerlog Pro 6.22.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Microsoft Office 2006 Enterprise Final.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Microsoft Office 2006 Enterprise Final.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Microsoft Office Publisher 2007 Corporate.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Microsoft Office Publisher 2007 Corporate.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Microsoft Windows Vista Final 2006.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Microsoft Windows Vista Final 2006.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\MightyFax v3.38.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\MightyFax v3.38.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\MS Office 2007 Ultimate.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\MS Office 2007 Ultimate.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\MSN Messenger Monitor Sniffer 3.0.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\MSN Messenger Monitor Sniffer 3.0.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Mulholland Drive 2001 DVDRip AC3.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Mulholland Drive 2001 DVDRip AC3.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\My Drivers Pro v3.22.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\My Drivers Pro v3.22.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\n00zn00zn00zn00z.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\n00zn00zn00zn00z.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\National Lampoons Van Wilder The Rise of Taj 2006 DVDRi.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\National Lampoons Van Wilder The Rise of Taj 2006 DVDRi.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Need For Speed Carbon ISO.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Need For Speed Carbon ISO.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Nero 7 Premium Reloaded 7.9.6.0.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Nero 7 Premium Reloaded 7.9.6.0.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Netlimiter 2 Pro v2.0.10.1.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Netlimiter 2 Pro v2.0.10.1.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Nitro PDF Professional v5.2.0.5.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Nitro PDF Professional v5.2.0.5.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\NOD32 Antivirus System 2.70.39.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\NOD32 Antivirus System 2.70.39.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Norbit DVDRip XviD-DiAMOND.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Norbit DVDRip XviD-DiAMOND.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Norton Ghost v.12.0 Retail PROPER iSO-EDGEISO.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Norton Ghost v.12.0 Retail PROPER iSO-EDGEISO.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\O&O SafeErase v3.0 Build 1064.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\O&O SafeErase v3.0 Build 1064.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Opera 9.21 Build 8776.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Opera 9.21 Build 8776.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\PC Boost 3.5.21.2007.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\PC Boost 3.5.21.2007.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\PCThrust v1.5.21.2007.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\PCThrust v1.5.21.2007.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\PDF Split Merge v2.5.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\PDF Split Merge v2.5.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Perfect Clock 2007 1.0.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Perfect Clock 2007 1.0.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\PerfectDisk 8.0.64 Professional.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\PerfectDisk 8.0.64 Professional.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Photo Denoising 2.1.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Photo Denoising 2.1.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Pirates of the Caribbean 3.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Pirates of the Caribbean 3.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Pirates of the Caribbean At Worlds End TS XViD-mVs.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Pirates of the Caribbean At Worlds End TS XViD-mVs.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Pirates.of the Caribbean at Worlds.End.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Pirates.of the Caribbean at Worlds.End.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Popcorn 2007 DVDSCR XviD-VoMiT.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Popcorn 2007 DVDSCR XviD-VoMiT.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Quake 4 iSO.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Quake 4 iSO.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\RaidenMAILD v1.9.12.8 Normal Version.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\RaidenMAILD v1.9.12.8 Normal Version.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\RaidenMAILD v1.9.12.8 XP Version.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\RaidenMAILD v1.9.12.8 XP Version.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Rainbow Six Vegas iSO.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Rainbow Six Vegas iSO.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\RapidShare GetPoints v2.3.3.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\RapidShare GetPoints v2.3.3.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Recover Lost Data v3.1.1.9C.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Recover Lost Data v3.1.1.9C.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Registry Help Pro v1.52.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Registry Help Pro v1.52.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Registry TuneUp 3.2.0.4043.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Registry TuneUp 3.2.0.4043.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Rocky Balboa 2006 DVDRip XviD-DiAMOND.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Rocky Balboa 2006 DVDRip XviD-DiAMOND.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Rocky DVDRip.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Rocky DVDRip.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\RollerCoaster Tycoon 3 Soaked.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\RollerCoaster Tycoon 3 Soaked.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\S.C.A.R. - Squadra Corse Alfa Romeo.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\S.C.A.R. - Squadra Corse Alfa Romeo.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Sherrybaby.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Sherrybaby.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Sigma Plot 10.0.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Sigma Plot 10.0.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Skribbel 1.2.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Skribbel 1.2.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Snow Cake 2006 DVDRip.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Snow Cake 2006 DVDRip.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Speed DVD Creator Version 4.0.38.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Speed DVD Creator Version 4.0.38.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Spiderman 3.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Spiderman 3.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Starcraft 2.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Starcraft 2.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Super Audio Converter 5.0.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Super Audio Converter 5.0.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Super Screen Capture v5.56.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Super Screen Capture v5.56.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Surf it Easy 1.4.2.6.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Surf it Easy 1.4.2.6.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Symantec Norton Ghost 12 12.0.0.20352.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Symantec Norton Ghost 12 12.0.0.20352.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\The Elder Scrolls IV Oblivion Knights of the Nine iSO.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\The Elder Scrolls IV Oblivion Knights of the Nine iSO.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\The Elder Scrolls IV The Shivering Isles iSO.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\The Elder Scrolls IV The Shivering Isles iSO.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\The Elder Scrolls IV Oblivion Knights of the Nine iSO.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\The Elder Scrolls IV Oblivion Knights of the Nine iSO.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\The Elder Scrolls IV The Shivering Isles iSO.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\The Elder Scrolls IV The Shivering Isles iSO.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\The Hills Have Eyes II DVDSCR XviD-ViTE.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\The Hills Have Eyes II DVDSCR XviD-ViTE.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\The Hitchhiker 2007.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\The Hitchhiker 2007.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\The mystery of the mummy.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\The mystery of the mummy.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\The Secrets of Da Vinci The Forbidden Manuscript iSO.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\The Secrets of Da Vinci The Forbidden Manuscript iSO.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Thr3e 2006 LiMiTED DVDRip XviD-LMG.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Thr3e 2006 LiMiTED DVDRip XviD-LMG.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Tom Clancys Ghost Recon Advanced Warfighter.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Tom Clancys Ghost Recon Advanced Warfighter.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Tom Clancys Rainbow Six Lockdown.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Tom Clancys Rainbow Six Lockdown.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\TurboLaunch 5.0.10.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\TurboLaunch 5.0.10.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\TV Professional 5.01.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\TV Professional 5.01.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Urgent Backup v2.75.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Urgent Backup v2.75.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Venus LiMiTED DVDRip XviD-SAPHiRE.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Venus LiMiTED DVDRip XviD-SAPHiRE.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Vista Manager 1.1.6.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Vista Manager 1.1.6.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\VMware Workstation 6.0.0.45731.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\VMware Workstation 6.0.0.45731.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Vso Convertxtodvd v2.2.1.253.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Vso Convertxtodvd v2.2.1.253.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Website Submitter v1.4 Multilingual.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Website Submitter v1.4 Multilingual.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Windows Vista Ultimate x86.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Windows Vista Ultimate x86.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\WinHex 14.1.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\WinHex 14.1.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Wolfram Research Mathematica v.6.0 iSO.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Wolfram Research Mathematica v.6.0 iSO.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Work Pause v1.3.1.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Work Pause v1.3.1.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Xilisoft DVD Ripper Platinum 4.0.75.05.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Xilisoft DVD Ripper Platinum 4.0.75.05.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\XP Medic v4.2.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\XP Medic v4.2.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Yahoo Messenger Monitor Sniffer 3.2.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Yahoo Messenger Monitor Sniffer 3.2.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\LimeWire\_\Zen of zudoko.rar Win32/IRCBot trojan F9197764CC3F1B256B277BCD3213D630
C:\Program Files\LimeWire\_\Zen of zudoko.rar »ZIP »Setup.exe Win32/IRCBot trojan 00000000000000000000000000000000


--------------------------------------------------------------------------------------------------------

Deckard's System Scanner v20071014.68
Run by Compaq_Owner on 2008-05-19 18:58:34
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
87: 2008-05-19 21:58:46 UTC - RP985 - Deckard's System Scanner Restore Point
86: 2008-05-15 02:02:12 UTC - RP984 - System Checkpoint
85: 2008-05-12 20:25:05 UTC - RP983 - System Checkpoint
84: 2008-05-11 20:20:08 UTC - RP982 - System Checkpoint
83: 2008-05-06 22:14:38 UTC - RP981 - System Checkpoint


-- First Restore Point --
1: 2008-02-14 07:17:38 UTC - RP899 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.

Total Physical Memory: 448 MiB (512 MiB recommended).


-- HijackThis (run as Compaq_Owner.exe) ----------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:02:24 PM, on 5/19/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\NewDotNet\nnrun.exe
c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\NewDotNet\nnrun.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\PowerISO\SCDEmuApp.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Compaq Connections\6750491\Program\Compaq Connections.exe
C:\Program Files\CASIO\Photo Loader\Plauto.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Compaq_Owner\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Compaq_Owner.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.ca/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://minisearch.startnow.com/
R3 - URLSearchHook: HyperSearchHook - {70E2666C-69FB-4D60-B0FA-C03C16969AD2} - C:\Program Files\Common Files\Hyperbar\HyperbarSS3.dll (file missing)
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - c:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\PROGRA~1\TEXTware\QUICKF~1\PlugIns\IEHelp.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SCDEmuApp.exe] C:\Program Files\PowerISO\SCDEmuApp.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdS7_0_0
O4 - Global Startup: Compaq Connections.lnk = C:\Program Files\Compaq Connections\6750491\Program\Compaq Connections.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Supervision de Photo Loader.lnk = C:\Program Files\CASIO\Photo Loader\Plauto.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/OnlineScanner.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NNServ - New.net, Inc. - C:\Program Files\NewDotNet\nnrun.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

--
End of file - 12023 bytes

-- HijackThis Fixed Entries (C:\PROGRA~1\TRENDM~1\HIJACK~1\backups\) -----------

backup-20080514-213258-491 O4 - HKLM\..\Run: [System64] C:\WINDOWS\system32\ne0kS.dll.wsf
backup-20080514-213258-574 O4 - HKLM\..\Run: [System12] C:\WINDOWS\system32\ne0kS.exe

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 SCDEmu - c:\windows\system32\drivers\scdemu.sys <Not Verified; PowerISO Computing, Inc.; scdemu>
R2 CdaC15BA - c:\windows\system32\drivers\cdac15ba.sys <Not Verified; Macrovision Europe Ltd; Security Windows NT>

S3 HSF_DP - c:\windows\system32\drivers\hsf_dp.sys (file missing)
S3 HSFHWBS2 - c:\windows\system32\drivers\hsfhwbs2.sys (file missing)
S3 smserial - c:\windows\system32\drivers\smserial.sys (file missing)
S3 winachsf - c:\windows\system32\drivers\hsf_cnxt.sys (file missing)


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 C-DillaCdaC11BA - c:\windows\system32\drivers\cdac11ba.exe <Not Verified; Macrovision; SafeCast Windows NT>
R2 NNServ - "c:\program files\newdotnet\nnrun.exe" "c:\program files\newdotnet\nncore.dll" servicestart <Not Verified; New.net, Inc.; New.net runner>

S3 WmcCds (Windows Media Connect (WMC)) - c:\program files\windows media connect\mswmccds.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 WmcCdsLs (Windows Media Connect (WMC) Helper) - c:\program files\windows media connect\mswmcls.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>


-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: 1394 Net Adapter
Device ID: V1394\NIC1394\C876C2E01800
Manufacturer: Microsoft
Name: 1394 Net Adapter
PNP Device ID: V1394\NIC1394\C876C2E01800
Service: NIC1394


-- Scheduled Tasks -------------------------------------------------------------

2008-05-19 19:00:00 278 --ah----- C:\WINDOWS\Tasks\E2413C7E946EFEF6.job
2008-05-19 18:58:00 378 --a------ C:\WINDOWS\Tasks\Symantec NetDetect.job
2008-05-15 00:12:00 268 --a------ C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
2008-05-02 20:00:00 544 --a------ C:\WINDOWS\Tasks\Norton AntiVirus - Run Full System Scan - Compaq_Owner.job
2005-05-06 00:44:00 286 --a------ C:\WINDOWS\Tasks\Easy Internet Sign-up.job


-- Files created between 2008-04-19 and 2008-05-19 -----------------------------

2008-05-19 18:55:24 0 d-------- C:\WINDOWS\LastGood
2008-05-14 21:52:56 0 d-------- C:\Program Files\EsetOnlineScanner
2008-05-14 21:27:38 0 d-------- C:\Program Files\Trend Micro
2008-05-10 13:00:28 0 d-------- C:\Documents and Settings\Compaq_Owner\Application Data\dvdcss


-- Find3M Report ---------------------------------------------------------------

2008-05-19 18:59:42 0 d-------- C:\Program Files\Common Files\Symantec Shared
2008-05-19 18:44:51 0 d-------- C:\Documents and Settings\Compaq_Owner\Application Data\AdobeUM
2008-05-19 18:44:41 0 d-------- C:\Program Files\Common Files
2008-05-14 21:34:49 0 d-a-s---- C:\Program Files\NewDotNet
2008-05-10 13:37:44 0 d-------- C:\Program Files\TELL ME MORE NV


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe" [04/13/2005 03:48 AM]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [05/07/1998 08:04 PM]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [08/21/2004 02:55 AM]
"KBD"="C:\HP\KBD\KBD.EXE" [02/12/2003 12:02 AM]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [06/04/2004 11:38 PM]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [04/15/2004 12:43 AM]
"VTTimer"="VTTimer.exe" [10/22/2004 12:53 PM C:\WINDOWS\system32\VTTimer.exe]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [12/27/2005 03:32 PM]
"AGRSMMSG"="AGRSMMSG.exe" [03/04/2005 12:01 PM C:\WINDOWS\AGRSMMSG.exe]
"AlcxMonitor"="ALCXMNTR.EXE" [09/08/2004 12:47 AM C:\WINDOWS\ALCXMNTR.EXE]
"PS2"="C:\WINDOWS\system32\ps2.exe" [09/13/2003 12:13 AM]
"LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [10/15/2004 01:54 AM]
"Symantec NetDriver Monitor"="C:\PROGRA~1\SYMNET~1\SNDMon.exe" [03/01/2006 02:10 PM]
"HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [10/23/2003 08:51 PM]
"HP Software Update"="C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" [02/16/2005 11:11 PM]
"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe" [07/28/2003 10:43 AM]
"DeviceDiscovery"="C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe" [05/21/2003 07:37 PM]
"MessengerPlus3"="C:\Program Files\Messenger Plus! 3\MsgPlus.exe" [09/20/2006 12:36 AM]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [10/26/2004 11:36 PM]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [02/10/2005 01:31 AM]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [07/09/2001 11:50 AM]
"SCDEmuApp.exe"="C:\Program Files\PowerISO\SCDEmuApp.exe" [01/01/2006 03:33 AM]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 09:00 AM]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [10/13/2004 01:24 PM]
"MessengerPlus3"="C:\Program Files\Messenger Plus! 3\MsgPlus.exe" [09/20/2006 12:36 AM]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [11/22/2004 08:18 AM]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Compaq Connections.lnk - C:\Program Files\Compaq Connections\6750491\Program\Compaq Connections.exe [10/26/2004 11:46:41 PM]
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [12/14/2004 4:44:06 AM]
Supervision de Photo Loader.lnk - C:\Program Files\CASIO\Photo Loader\Plauto.exe [2/20/2006 2:12:06 AM]


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1ba937e7-4cc4-11db-bfe4-0011d83a96e4}]
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Setup.pif

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1f5d2265-acc8-11dc-8014-0011d83a96e4}]
AutoRun\command- L:\LaunchU3.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1f5d2266-acc8-11dc-8014-0011d83a96e4}]
Auto\command- wscript "Sex City.jpg.wsf"
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript "Sex City.jpg.wsf"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{30b89d0f-9ba0-11dc-8010-0011d83a96e4}]
Auto\command- wscript "Sex City.jpg.wsf"
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript "Sex City.jpg.wsf"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{acb964b0-61bb-11d9-bf24-806d6172696f}]
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d1dd1906-cb87-11dc-801c-0011d83a96e4}]
Auto\command- wscript "Sex City.jpg.wsf"
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript "Sex City.jpg.wsf"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{dac74fd3-5314-11dc-8009-0011d83a96e4}]
Auto\command- wscript "Sex City.jpg.wsf"
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript "Sex City.jpg.wsf"




-- End of Deckard's System Scanner: finished at 2008-05-19 19:03:13 ------------



------------------------------------------------------------------------------------------------------------------------

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: AMD Sempron™ 3000+
Percentage of Memory in Use: 60%
Physical Memory (total/avail): 447.48 MiB / 175.48 MiB
Pagefile Memory (total/avail): 674.01 MiB / 399.79 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1932.9 MiB

C: is Fixed (NTFS) - 51.71 GiB total, 27.23 GiB free.
D: is Fixed (FAT32) - 4.18 GiB total, 0.99 GiB free.
E: is CDROM (No Media)
F: is CDROM (No Media)
G: is Removable (No Media)
H: is Removable (No Media)
I: is Removable (No Media)
J: is Removable (No Media)
K: is CDROM (No Media)
L: is CDROM (No Media)
M: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - WDC WD600BB-22JHA0 - 55.9 GiB - 2 partitions
\PARTITION0 - Unknown - 4.19 GiB - D:
\PARTITION1 (bootable) - Installable File System - 51.71 GiB - C:

\\.\PHYSICALDRIVE2 - Generic USB CF Reader USB Device

\\.\PHYSICALDRIVE4 - Generic USB MS Reader USB Device

\\.\PHYSICALDRIVE1 - Generic USB SD Reader USB Device

\\.\PHYSICALDRIVE3 - Generic USB SM Reader USB Device



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.

FirstRunDisabled is set.
AntiVirusDisableNotify is set.
FirewallDisableNotify is set.

FW: Norton Internet Worm Protection v (Symantec Corporation) Disabled
FW: Norton Personal Firewall v2004 (Symantec Corporation)
AV: Norton AntiVirus 2006 v2005 (Symantec Corporation) Outdated

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%ProgramFiles%\\iTunes\\iTunes.exe"="%ProgramFiles%\\iTunes\\iTunes.exe:*:enabled:iTunes"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\Compaq Connections\\6750491\\Program\\Compaq Connections.exe"="C:\\Program Files\\Compaq Connections\\6750491\\Program\\Compaq Connections.exe:*:Enabled:BackWeb for Presario"
"C:\\Program Files\\EarthLink TotalAccess\\TaskPanl.exe"="C:\\Program Files\\EarthLink TotalAccess\\TaskPanl.exe:*:Enabled:Earthlink"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\Kazaa\\kazaa.exe"="C:\\Program Files\\Kazaa\\kazaa.exe:*:Enabled:Kazaa Media Desktop"
"C:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"="C:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe:*:Enabled:Remote Assistance - Windows Messenger and Voice"
"C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Compaq_Owner\Application Data
COLLECTIONID=COL8143
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=YOUR-C44D19AF4E
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HMSERVER=https://wwss1pro.cce.hp.com/wuss/servlet/WUSSServlet
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Compaq_Owner
ITEMID=dj-22741-15
LANG=1033
LOGONSERVER=\\YOUR-C44D19AF4E
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
OSVER=winXPH
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;c:\Python22;C:\Program Files\PC-Doctor for Windows\;C:\Program Files\ESTsoft\ALZip\;C:\Program Files\ESTsoft\ALZip\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 10 Stepping 0, AuthenticAMD
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0a00
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONID=1112839662756htx69315fe9c3:10328ca8590:-4567
SESSIONNAME=Console
SWUTVER=1.0.18.30716
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp
TIMEOUT=0
TMP=C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp
TOOLPATH=/C:\Program%20Files\Hewlett-Packard\HP%20Software%20Update\install.htm
UPDATEDIR=C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\rad0153F.tmp
USERDOMAIN=YOUR-C44D19AF4E
USERNAME=Compaq_Owner
USERPROFILE=C:\Documents and Settings\Compaq_Owner
VERSION=3.0.5.001
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

Compaq_Owner (admin)


-- Add/Remove Programs ---------------------------------------------------------

--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
--> c:\WINDOWS\system32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
--> VTUninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3Timer'
Adobe Flash Player 9 ActiveX --> C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Reader 7.0 - Français --> MsiExec.exe /I{AC76BA86-7AD7-1036-7646-A70000000000}
Adobe® Photoshop® Album Edition Découverte 3.0 --> MsiExec.exe /I{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}
Agere Systems PCI Soft Modem --> agrsmdel
ALZip --> "C:\Program Files\ESTsoft\ALZip\unins000.exe"
CC_ccProxyMSI --> MsiExec.exe /I{A398F2DC-D706-4bb2-AC38-5532CD229D08}
CC_ccStart --> MsiExec.exe /I{D6414CC7-F215-467F-88B1-546ED863F35B}
ccCommon --> MsiExec.exe /I{1248C09A-BD6B-47F5-BF3F-CD2B700D9FCB}
ccCommon --> MsiExec.exe /I{DC367608-64A7-4BF7-92F4-8BAA25BA02DB}
Compaq Connections --> C:\WINDOWS\BWUnin-6.3.2.62.exe -AppId 6750491
CoreFLAC Audio Decoder+Source Filter (remove only) --> "C:\WINDOWS\system32\CoreFLACDecoder-uninstall.exe"
CoreVorbis Audio Decoder (remove only) --> "C:\WINDOWS\system32\CoreVorbis-uninstall.exe"
Disc2Phone --> MsiExec.exe /I{FFAB5ABB-8AAB-42E2-847F-1743E51E01E9}
DivX --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Player --> C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
Easy Internet Sign-up --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{8105684D-8CA6-440D-8F58-7E5FD67A499D} /l1033
eMule --> "C:\Program Files\eMule\Uninstall.exe"
ESET Online Scanner --> C:\WINDOWS\system32\OnlineScannerUninstaller.exe
FastNetSearch.Net Browser Enhancement --> regsvr32 /u /s /c C:\WINDOWS\system32\nsv1E.dll
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
Help and Support Additions --> C:\PROGRA~1\HELPAN~1\UNWISE.EXE C:\PROGRA~1\HELPAN~1\INSTALL.LOG
High Definition Audio Driver Package - KB835221 --> C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe
HighMAT Extension to Microsoft Windows XP CD Writing Wizard --> MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
hp deskjet 5600 --> msiexec /x{DB5518BE-F40F-407A-B451-012625D4497B}
hp deskjet 5600 series --> rundll32 hpzcon09.dll,VendorJettison hp deskjet 5600 series
HP Memories Disc --> MsiExec.exe /X{B376402D-58EA-45EA-BD50-DD924EB67A70}
HP Photo and Imaging 2.0 - Deskjet Series --> MsiExec.exe /I{E0828692-FD9D-459F-9312-C645C3CA6650}
hp print screen utility --> C:\Program Files\Hewlett-Packard\hp print screen utility\UnInstall\prnunins.exe
HP Software Update --> MsiExec.exe /X{15EE79F4-4ED1-4267-9B0F-351009325D7D}
Internet Worm Protection --> MsiExec.exe /I{2908F0CB-C1D4-447F-97A2-CFC135C9F8D4}
IsoBuster 1.9 --> "C:\Program Files\Smart Projects\IsoBuster\Uninst\unins000.exe"
iTunes --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{00FC6799-866E-44A1-A60C-DCF394CF56FD}
J2SE Runtime Environment 5.0 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150030}
Java 2 Runtime Environment, SE v1.4.1_02 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFCE5837-FC21-11D6-9D24-00010240CE95}\setup.exe" Anytext
Java 2 Runtime Environment, SE v1.4.2_03 --> MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142030}
Java Web Start --> "C:\Program Files\Java\j2re1.4.2_03\javaws\uninst-javaws.exe"
KBD --> C:\HP\KBD\KBD.EXE uninstalled
LimeWire 4.12.11 --> "C:\Program Files\LimeWire\uninstall.exe"
LiveReg (Symantec Corporation) --> C:\Program Files\Common Files\Symantec Shared\LiveReg\VCSetup.exe /REMOVE
LiveUpdate 2.7 (Symantec Corporation) --> "C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
Longman Active Study Dictionary 4th edition --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Longman\LASD4\Uninst.isu"
Markstrat Online Equipe --> MsiExec.exe /I{4432D0AE-DD28-42F7-B388-28891F0BF11F}
Markstrat Online Team --> MsiExec.exe /X{DDEC7BC2-38BF-4BDE-8157-E08DB1199FD6}
Messenger Plus! 3 & Sponsor --> "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /Remove
Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
Microsoft Windows Journal Viewer --> MsiExec.exe /X{43DCF766-6838-4F9A-8C91-D92DA586DFA7}
Microsoft Works --> MsiExec.exe /I{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}
Monkey Audio Source Filter (remove only) --> "C:\Program Files\Monkey Audio Source Filter\uninstall.exe"
Mozilla Firefox (2.0.0.14) --> C:\PROGRA~1\Mozilla Firefox\uninstall\helper.exe
MSN --> C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
MSN Music Assistant --> rundll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\msninst.inf,Uninstall
MSRedist --> MsiExec.exe /I{FC37ABD0-2108-4beb-B010-1254E0662B5A}
NAVShortcut --> MsiExec.exe /I{F325CF11-27CE-4872-8022-6E9EB27DF24F}
Nero 6 Ultra Edition --> C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
Nero Media Player --> C:\WINDOWS\UNNMP.exe /UNINSTALL
New.net Domains 8.0 build 842 --> C:\Program Files\NewDotNet\uninstall.exe
Norton AntiVirus 2006 --> MsiExec.exe /X{C6F5B6CF-609C-428E-876F-CA83176C021B}
Norton AntiVirus 2006 (Symantec Corporation) --> "C:\Program Files\Common Files\Symantec Shared\SymSetup\{C6F5B6CF-609C-428E-876F-CA83176C021B}.exe" /X
Norton AntiVirus Help --> MsiExec.exe /I{34EEB1F5-E939-40A1-A6BA-957282A4B2C8}
Norton AntiVirus Parent MSI --> MsiExec.exe /I{E5EE9939-259F-4DE2-8023-5C49E16A4F43}
Norton AntiVirus SYMLT MSI --> MsiExec.exe /I{D1FF75E7-DD42-4CFD-B052-20B3FFF4EDB8}
Norton Internet Security --> MsiExec.exe /I{12E2B9E9-05B1-407d-B0FD-B5F350535125}
Norton Internet Security --> MsiExec.exe /I{48185814-A224-447a-81DA-71BD20580E1B}
Norton Internet Security --> MsiExec.exe /I{526AD5DC-CFC4-4f2a-8442-C84CC91D6C7F}
Norton Internet Security --> MsiExec.exe /I{91AA4B1F-B918-4e0b-A304-F8D4EC5D7726}
Norton Internet Security --> MsiExec.exe /I{C9D599E1-6B68-4a1f-8A4F-A1DB433DB1BF}
Norton Internet Security --> MsiExec.exe /I{E47EE8FB-ACC0-4608-859C-4E2851B18A6A}
Norton Internet Security --> MsiExec.exe /I{FC2C0536-583C-46c0-844A-62CECAE01F22}
Norton Personal Firewall --> MsiExec.exe /I{3BD0196C-6553-460c-A0C4-90D8AE5D60D2}
Norton Personal Firewall (Symantec Corporation) --> C:\Program Files\Common Files\Symantec Shared\SymSetup\{3BD0196C-6553-460c-A0C4-90D8AE5D60D2}.exe /X
Norton Protection Center --> MsiExec.exe /I{82A5BF38-8461-4A5C-B2C9-24F5256D92A6}
Norton WMI Update --> MsiExec.exe /X{1526D87C-A955-4FAB-BF18-697BA457E352}
Norton WMI Update --> MsiExec.exe /X{F64306A5-4C32-41bb-B153-53986527FAB4}
PC-Doctor for Windows --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{0C66761E-497A-4BE3-AE0D-8EC30FC9A9AA} /l1033
Photo Loader 2.2F --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{70B45586-B51E-4947-A258-A895596C5CED}\Setup.exe" -uninst
Photohands 1.0F --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{544FB392-069D-4BA5-9DC7-FFD47230AEE5}\Setup.exe"
PowerISO --> "C:\Program Files\PowerISO\uninstall.exe"
PS2 --> C:\WINDOWS\system32\ps2.exe uninstall
Python 2.2 combined Win32 extensions --> C:\Python22\Lib\SITE-P~1\UNWISE~1.EXE C:\Python22\Lib\SITE-P~1\w32inst.log
Python 2.2.1 --> C:\Python22\UNWISE.EXE C:\Python22\INSTALL.LOG
QuickTime --> C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
S3 S3Display --> vtuninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3Display'
S3 S3Gamma2 --> vtuninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3Gamma2'
S3 S3Info2 --> vtuninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3Info2'
S3 S3Overlay --> vtuninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3Overlay'
SafeCast Shared Components --> C:\Program Files\Common Files\Macrovision Shared\SafeCast\Install\CDAC13BA.EXE /uninstall
Search Plugin --> C:\DOCUME~1\COMPAQ~1\APPLIC~1\SLOWGR~1\barbroam.exe -uninstall
Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Step By Step Interactive Training (KB898458) --> "C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Security Update for Step By Step Interactive Training (KB923723) --> "C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Skype 2.5 --> "C:\Program Files\Skype\Phone\unins000.exe"
Sonic RecordNow! --> MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
SP2 Connection Patcher --> C:\Program Files\WXPSP2ConnectionPatcher\uninstall.exe
SPBBC --> MsiExec.exe /I{77772678-817F-4401-9301-ED1D01A8DA56}
SPSS 11.0 for Windows Student Version --> C:\WINDOWS\uninst.exe -f"C:\Program Files\SPSS Student\DeIsL1.isu" -c"C:\Program Files\SPSS Student\uninst.dll
Startnow Navigation Helper (v1.0.1.1) --> MsiExec.exe /X{EDE0985B-D652-4573-A89E-803CB2597247}
Symantec --> MsiExec.exe /I{228F6876-A313-40A3-91C0-C3CBE6997D09}
TeLL me More --> "C:\PROGRAM FILES\TELL ME MORE NV\BIN\unsetup.exe" -file "C:\PROGRAM FILES\TELL ME MORE NV\unsetup.aui"
VIA Rhine-Family Fast Ethernet Adapter --> Rundll32.exe vuins32.dll,vuins32Ex $Rhine $VIA
VIA/S3G Display Driver --> VTsetvga.exe -s -rRundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\system32\hg201hp.inf
VideoLAN VLC media player 0.8.4a --> C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Live Messenger --> MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}
Windows Live Sign-in Assistant --> MsiExec.exe /I{49672EC2-171B-47B4-8CE7-50D7806360D7}
Windows Live Toolbar --> "C:\Program Files\Windows Live Toolbar\UnInstall.exe" {0A8C97AD-DEED-4894-B446-3ABA95A77D0D}
Windows Live Toolbar --> MsiExec.exe /X{0A8C97AD-DEED-4894-B446-3ABA95A77D0D}
Windows Media Connect --> msiexec.exe /I {F6869CD2-3DB4-476D-A4C7-B3AE7C3ACF7B}
Windows Media Connect --> MsiExec.exe /I{F6869CD2-3DB4-476D-A4C7-B3AE7C3ACF7B}
Yahoo! Toolbar --> rundll32.exe C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\YCOMP5~1.DLL,DllCommand ui
Zoom Player (remove only) --> "C:\Program Files\Zoom Player\uninstall.exe"


-- Application Event Log -------------------------------------------------------

Event Record #/Type10868 / Error
Event Submitted/Written: 05/01/2008 11:51:55 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application IEXPLORE.EXE, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Event Record #/Type10825 / Warning
Event Submitted/Written: 04/30/2008 02:49:05 PM
Event ID/Source: 2002 / LoadPerf
Event Description:
The MOF file created for the Outlook service could not be loaded. The
error code returned by the MOF Compiler is contained in the Record Data.
Before the performance counters of this service can be collected by WMI
the MOF file will need to be loaded manually. Contact the vendor of this
service for additional information.

Event Record #/Type10793 / Error
Event Submitted/Written: 04/29/2008 06:33:16 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application IEXPLORE.EXE, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Event Record #/Type10792 / Error
Event Submitted/Written: 04/29/2008 06:32:40 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module kernel32.dll, version 5.1.2600.3119, fault address 0x00012a5b.
Processing media-specific event for [iexplore.exe!ws!]

Event Record #/Type10791 / Error
Event Submitted/Written: 04/29/2008 06:29:54 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module kernel32.dll, version 5.1.2600.3119, fault address 0x00012a5b.
Processing media-specific event for [iexplore.exe!ws!]



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type17231 / Error
Event Submitted/Written: 05/19/2008 06:42:00 PM
Event ID/Source: 16 / Windows Update Agent
Event Description:
Unable to Connect: Windows is unable to connect to the automatic updates service and therefore cannot download and install updates according to the set schedule. Windows will continue to try to establish a connection.

Event Record #/Type17155 / Error
Event Submitted/Written: 05/14/2008 09:16:52 PM
Event ID/Source: 16 / Windows Update Agent
Event Description:
Unable to Connect: Windows is unable to connect to the automatic updates service and therefore cannot download and install updates according to the set schedule. Windows will continue to try to establish a connection.

Event Record #/Type17139 / Error
Event Submitted/Written: 04/26/2008 09:43:00 AM
Event ID/Source: 10010 / DCOM
Event Description:
The server {DC0C2640-1415-4644-875C-6F4D769839BA} did not register with DCOM within the required timeout.

Event Record #/Type17137 / Warning
Event Submitted/Written: 04/26/2008 01:51:00 AM
Event ID/Source: 36 / W32Time
Event Description:
The time service has not been able to synchronize the system time
for 49152 seconds because none of the time providers has been able to
provide a usable time stamp. The system clock is unsynchronized.

Event Record #/Type17136 / Warning
Event Submitted/Written: 04/19/2008 01:51:02 AM
Event ID/Source: 36 / W32Time
Event Description:
The time service has not been able to synchronize the system time
for 49152 seconds because none of the time providers has been able to
provide a usable time stamp. The system clock is unsynchronized.



-- End of Deckard's System Scanner: finished at 2008-05-19 19:03:13 ------------

Attached Files

  • Attached File  log.txt   42.58KB   26 downloads
  • Attached File  main.txt   20.73KB   25 downloads
  • Attached File  extra.txt   19.78KB   27 downloads


BC AdBot (Login to Remove)

 


#2 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:04:37 AM

Posted 15 June 2008 - 03:11 PM

Hello Alkapone,

Welcome to Bleeping Computer :)

Sorry about the delay.:thumbsup: If you still need help, please post a new HijackThis log to make sure nothing has changed, and I'll be happy to look at it for you.

Thanks,
tea
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?

#3 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:04:37 AM

Posted 04 July 2008 - 10:08 PM

Due to the lack of feedback this Topic is closed.

If you need this topic reopened, please request this by sending the moderating team a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users