Specialty Forums
Security and Virus
General Hardware
CPUs/Overclocking
Networking
Digital Photo/Video
Office Software
PC Gaming
Console Gaming
Programming
Database
Web Development
Digital Home

General Forums
Windows XP
Windows Vista
Windows 95/98
Windows Me
Windows NT
Windows 2000
Win Server 2008
Win Server 2003
Windows 3.1
Linux
PDAs
BeOS
Novell Netware
OpenVMS
Solaris
Disk Op. System
Unix
Mac
OS/2

Drivers
Driver Scan
Driver Forum

Software
Automatic Updates

BIOS Updates

My Computing.Net

Solution Center

Free IT eBook

Howtos

Site Search

Message Find

RSS Feeds

Install Guides

Data Recovery

About

Home
Reply to Message Icon Go to Main Page Icon

Can't get rid of w32.spybot.worm

Original Message
Name: innesfree
Date: January 18, 2007 at 13:08:06 Pacific
Subject: Can't get rid of w32.spybot.worm
OS: xp home edition 2002
CPU/Ram: 1.43GHz/1.49gb ram
Model/Manufacturer: toshiba Satellite m65-s80
Comment:
Every time I reboot, I get a message from Norton Protection Center that it has blocked w32.spybot.worm
I can't get into regedit in normal mode but have run Norton in safe mode more than once.
That didn't fix it.
I ran the free verson of no adware which found two threats (SpyGraphica and Mate Watcher) I didn't buy the product to remove it because I don't know if they are the problem.

I ran Superantispyware which didn't find anything.
I hope you can help me.



Report Offensive Message For Removal


Response Number 1
Name: jabuck
Date: January 18, 2007 at 14:02:14 Pacific
Subject: Can't get rid of w32.spybot.worm
Reply: (edit)

Please post a Hijack This log so that the files associated with the virus/spyware/hijacker can be identified.

Please download HJTsetup.exe from this link http://www.thespykiller.co.uk/files/HJTsetup.exe to your desktop.
Doubleclick on the HJTsetup.exe icon on your desktop.
By default it will install to C:\Program Files\Hijack This.
Continue to click "next" in the setup dialogue boxes until you get to the "Select Addition Tasks" dialogue.
Put a check by "Create a desktop icon" then click "Next" again.
Continue to follow the rest of the prompts from there.
At the final dialogue box click "Finish" and it will launch Hijack This.
Click on the "Do a system scan and save a logfile" button. It will scan and the log should open in notepad.
Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log and post it in this thread.

Do not fix anything yet unless you know what you are doing. This is a powerful tool that can crash the computer if used improperly.

Please download SmitFraudFix from this link http://siri.urz.free.fr/Fix/Smitfra... Then extract the contents to your desktop.
!!!! Only run option #1 as runing the other options on an uninfected computer will damage the desktop.!!!!
Open the "SmitfraudFix" folder and double-click "smitfraudfix.cmd"
Select option #1 - Search by typing 1 and press "Enter"; a text file will appear, which lists infected files (if present).
Please copy/paste the content of that report into your next reply.
Note : process.exe is detected by some antivirus programs (AntiVir, Dr.Web, Kaspersky) as a "RiskTool"; it is not a virus, but a program used to stop system processes. Antivirus programs cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert the user.


Report Offensive Follow Up For Removal

Response Number 2
Name: innesfree
Date: January 18, 2007 at 14:30:08 Pacific
Subject: Can't get rid of w32.spybot.worm
Reply: (edit)
Logfile of HijackThis v1.99.1
Scan saved at 4:27:28 PM, on 1/18/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\system32\DVDRAMSV.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
c:\Toshiba\IVP\swupdate\swupdtmr.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\WINDOWS\system32\TCtrlIOHook.exe
C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
C:\WINDOWS\system32\TPSMain.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\WINDOWS\system32\ZoomingHook.exe
C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\Toshiba\Tvs\TvsTray.exe
C:\toshiba\ivp\ism\pinger.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\WINDOWS\Samsung\PanelMgr\ssmmgr.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Webroot\Washer\wwDisp.exe
C:\Program Files\MSGTAG\MSGTAG.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\Innovative Solutions\Taskbar Button Manager\tbm.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\svchost.exe
C:\Program Files\Expedia\Expedia Fare Alert\ExpediaFareAlert.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\NoAdware5.0\NoAdware5.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
O4 - HKLM\..\Run: [TOSHIBA Accessibility] C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe
O4 - HKLM\..\Run: [TCtryIOHook] TCtrlIOHook.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [ZoomingHook] ZoomingHook.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [Tvs] C:\Program Files\Toshiba\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run
O4 - HKLM\..\Run: [Notebook Maximizer] C:\Program Files\Notebook Maximizer\maximizer_startup.exe
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Samsung PanelMgr] C:\WINDOWS\Samsung\PanelMgr\ssmmgr.exe /autorun
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [OPSE reminder] "C:\Program Files\ScanSoft\OmniPageSE2.0\EregEng\Ereg.exe" -r "C:\Program Files\ScanSoft\OmniPageSE2.0\EregEng\ereg.ini"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Window Washer] C:\Program Files\Webroot\Washer\wwDisp.exe
O4 - HKCU\..\Run: [MSGTAG] "C:\Program Files\MSGTAG\MSGTAG.exe" /startup
O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [Taskbar Button Manager] C:\Program Files\Innovative Solutions\Taskbar Button Manager\tbm.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Startup: Check for TWS Updates.lnk = C:\Jts\WiseUpdt.exe
O4 - Startup: Expedia Fare Alert.lnk = C:\Program Files\Expedia\Expedia Fare Alert\ExpediaFareAlert.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O4 - Global Startup: svchost.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.toshibadirect.com/dpdstart
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/...
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microso...
O16 - DPF: {BB383206-6DA1-4E80-B62A-3DF950FCC697} (Create & Print ActiveX Plug-in) - http://ak.imgag.com/imgag/cp/instal...
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://ak.imgag.com/imgag/cp/instal...
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: IntelWireless - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: DVD-RAM_Service - Matsus---a Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SVCLOAD - Unknown owner - c:\windows\system32\dllcache\sys32\winlogon.exe
O23 - Service: SVCMGR - Unknown owner - c:\windows\system32\dllcache\sys32\winlogon.exe
O23 - Service: Swupdtmr - Unknown owner - c:\Toshiba\IVP\swupdate\swupdtmr.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe



Report Offensive Follow Up For Removal

Response Number 3
Name: innesfree
Date: January 18, 2007 at 14:40:54 Pacific
Subject: Can't get rid of w32.spybot.worm
Reply: (edit)
I can't open smitfraudfix.cmd

I get a message that another program is
using the file. That's the same message I
get when I try to get into regedit from
normal mode.


Report Offensive Follow Up For Removal

Response Number 4
Name: innesfree
Date: January 18, 2007 at 15:19:46 Pacific
Subject: Can't get rid of w32.spybot.worm
Reply: (edit)
Would it help if I try to run smitfraudfix.cmd in safe mode?

Report Offensive Follow Up For Removal

Response Number 5
Name: jabuck
Date: January 18, 2007 at 15:22:39 Pacific
Subject: Can't get rid of w32.spybot.worm
Reply: (edit)
Please download ATF-Cleaner to your desktop from this link
http://www.atribune.org/content/view/19/2/ We will need it later in safe mode

Download and install AVG Anti-Spyware We will need this later in safe mode

Be sure to update AVG Anti- Spyware

Download Killbox to your desktop from this link Killbox by Option^Explicit. If you already have "Killbox" update to this newer version. We will need it later in safe mode

Empty the restore folder. Go to start>control panel>system>system restore tab>check the box beside "turn off system restore>apply (takes a minute)>ok. Go back and uncheck the box to turn system restore back on>apply>ok.

Set up the computer to view hidden files by going to start>control panel>folder options>view tab>tick the circle beside "show hidden files and folders" and untick the box beside "hide extensions of known file types" and "hide protected system operating files">apply>ok.

Next, please reboot your computer in Safe Mode by doing the following :

Restart your computer

After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;

Instead of Windows loading as normal, a menu with options should appear;

Select the first option, to run Windows in Safe Mode, then press "Enter".

Choose your usual account.

Run Hijack This from safe mode, close all windows except Hijack This, place a check to the left of the following items and press "fix checked":

O23 - Service: SVCLOAD - Unknown owner - c:\windows\system32\dllcache\sys32\winlogon.exe

O23 - Service: SVCMGR - Unknown owner - c:\windows\system32\dllcache\sys32\winlogon.exe

Exit Hijack this but remain in safe mode.

We are going to try to manually delete the trojan so while still in safe mode navigate to and delete these files if found:

C:\WINDOWS\system32\dllcache\sys32\winlogon.exe

C:\WINDOWS\System32\svcmgr.exe

C:\WINDOWS\System32\svcload.exe

While still in safe mode navigate to and delete this folder if found.

C:\WINDOWS\system32\dllcache\sys32


Run ATF-Cleaner from safe mode.Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.

In Safe Mode, run AVG Anti-spyware and click on the Scanner tab at the top. Click the "Settings" tab and then change the recommended action to Quarantine and click Automatically generate report after every scan. Click back to the "Scan" tab and then click on Complete System Scan. This scan can take quite a while to run, so be prepared.

AVG Anti-Spyware will list any infections found on the left hand side. When the scan has finished, it will automatically set the recommended action. Click the Apply all actions button. AVG Anti-Spyware will display "All actions have been applied" on the right hand side.

Click on "Save Report", then "Save Report As". This will create a text file. Make sure you know where to find this file again (like on the Desktop).

Post the AVG-AntiSpyware report, a new Hijack This log and try to run Smitfruadfix from normaol mode and post that log if possible.


Report Offensive Follow Up For Removal


Response Number 6
Name: innesfree
Date: January 18, 2007 at 18:26:21 Pacific
Subject: Can't get rid of w32.spybot.worm
Reply: (edit)

AVG Anti-Spyware - Scan Report


+ Created at: 8:06:15 PM 1/18/2007

+ Scan result:

C:\Documents and Settings\Pat\My Documents\My Music\_\#1 DVD Audio Ripper v1.2.8.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\#1 DVD Ripper 2.8.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\007 - Goldeneye 1995.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\007 Casino Royale - DvDRiP Spanish Spain.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\007 MP3 Sound Recorder v1.00.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\007 Spy Software v3.86.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\0S Non-Proxy Atomic Sync v2.06.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\1 Click And Lock v2.9.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\1 Click And Lock v3.2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\100 Girls DVDRip.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\100 Simple Secrets of the Best Half of Life.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\123 DVD Converter 4.0.6.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\123 Flash Image Extractor 1.20.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\12Ghosts Backup 8.11.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\1Click DVD Copy Pro 2.2.2.9.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\1Click DVD Copy v4.2.9.2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\1st SMTP Server 2.8.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\1st Screen Lock 6.5.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\1st mail server 2.2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\2006 International Building Code -.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\350 Photoshop Actions.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\3D Aquatic Screen Saver.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\3D Equalizer v.3.R4.B8.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\3D MP3 Sound Recorder v3.8.17.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\3D World Map v2.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\3DS MAX 7 Bible.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\3DSOM PRO v2.0.3.2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\3M Post-it Software Notes Professional v4.2.0.28.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\4Diskclean Gold v5.5.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\4U AVI MPEG Converter 5.2.6.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\4U AVI MPEG Converter v3.8.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\8 Mile 2002.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\A-One Dvd Copy v4.22.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\A-one 3GP Video Convertor v4.22.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\A-one Video Convertor v4.32.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\A1 DVD Ripper 1.1.15.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\A1 Sitemap Generator v1.1.9.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\A4 DVD Shrinker 4.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\ABBYY aio - LITE-ForoTK TeaM.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\ABC of Clinical Genetics.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\ABC of Clinical Haematology.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\ABC of Interventional Cardiology.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\ACD Systems Canvas X 925.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\ACD Systems Canvas X.925.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\ACD Systems FotoSlate v4.0.21.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\ACDSEE 9.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\ACDSee Photo Manager Pro 8.1.99.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\ACDSee Photo Viewer 5.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\ACDSee Portable.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\ACDSee Pro 8.0.67.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AI Roboform v6.69.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AIO AutoFX Photoshop PlugIn.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AIO Messenger Live v8.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\ALZip 6.13.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AMS Photo Studio 2.21.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\ANINAMANICS-THEGREAT EDOAR HUNT.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\ASCII Art Generator v3.2.2 Retail.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\ASP.NET 2.0 Instant Results.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\ATF Cleaner.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\ATITool 0.25 Beta 15.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AV Voice Changer Software Diamond Edition 5.0.17.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AVCataloger v3.7.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AVConverter MP3 Converter Pro v4.2.12.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AVConverter iPod Converter v3.8.2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AVG Anti-Virus Free 7.1.405a791.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AVG Anti-Virus Pro v7.1.405A.791.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AVG Anti-Virus Professional Edition 7.5 Build 433a904.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AVG Anti-Virus v7.1.406.799.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AVG Internet Security 7.5.433 Build 904.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AVG Internet Security ver. 7.5.433a904.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AVG Internet Security.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AVG Professional 7.5.432.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AVI Splitter v2.00.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Aarons WebVacuum v2.61f.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AbiWord 2.5.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Able Fax Tif View 1.4.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AbleFtp v6.28.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Absolute Sound Recorder 3.2.6.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Absolute Sound Recorder V3.3.3.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Absolute Sound Recorder v3.3.4.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Absolute Sound Recorder v3.3.5.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Absolute Sound Recorder v3.45.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Absolute Sound Recorder ver. 3.4.6.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Absolute Time Corrector 5.1 build 1248.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Absolute Uninstaller v1.7.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Absolute Video Converter 2.6.6.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Absolute Video Converter v2.5.4.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Absolute mp3 splitter converter.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AbsoluteTelnet ver 3.85.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Abylon Shredder v5.50.12.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Abyssmedia Audio Converter Plus v3.0.6.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Acala DVD Copy v2.2.6.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Acala DVD Ripper v2.2.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Acala DVD to Pocket PC Movie v.2.3.2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Acala DivX to iPod 2.2.2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Access 2003 Personal Trainer.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Access Manager for Windows v.6.4.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AcdSee pro 9.0 With Full Serial.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Ace Password Sniffer 1.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Ace Utilities 3.2.0 Build 4043.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Ace Utilities v.3.1.0.4039.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Ace Video Workshop v1.4.41.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Acon Digital Media Acoustica v4.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Acoustic-Motions Electri-Q VST 1.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Acoustica CD DVD Label Maker 3.03 - New.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Acoustica MP3 Audio Mixer 2.471.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Acoustica MP3 CD Burner v4.0.97.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Acoustica Mixcraft v2.50.50.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Acoustica Photos Forever v1.0.15.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Acronis Disk Director Suite 10.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Acronis Disk Director Suite Ver. 10.0.2089.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Acronis True Image 8.0.786.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Acronis True Image 9.0 Build 2323.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Acronis True Image v10 Build 4871.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\ActMon Password Recovery 4.03.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Action Jackson DVDRip.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Activation Code For All Tomtom Go one palm pda All Maps.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Active Contours The Application of Techniques.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Active Desktop Calendar 6.4 Build 061124.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Active Key Logger 2.5.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Active Multiwallpaper Changer v3.69.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Active WebCam 7.2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Active WebCam v7.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\ActiveDolls v1.2.2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\ActiveXperts SMS mCore - SMS.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Ad Muncher ver. 4.7.18335 Beta.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Ad-Aware SE Profesional v1.06.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Ad-Aware SE Professional.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AdCleaner v1.21.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AddSnippet 1.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Addisons Wall 2006 DVDRip XviD-NEPTUNE.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AdmWin v8.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Adobe Acrobat Professional 7.0.8 Corporate.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Adobe Acrobat Professional 7.0.8 Retail.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Adobe Acrobat Professional v8.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Adobe Acrobat Reader 8.0 for XP SP2 Vista.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Adobe Acrobat v8 with Keygen.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Adobe Acrobat v8.0 Professional.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Adobe After Effects Scripting Guide for 6.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Adobe After Effects v7.0 iSO Retail.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Adobe Audition v2.0 Full 349.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Adobe Audition v2.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Adobe Dimensions v3.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Adobe Graphics Server 2.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Adobe Illustrator CS2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Adobe InDesign CS2 4.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Adobe Macromedia Flash Professional 8.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Adobe PhotoShop Elements 5.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Adobe PhotoShop Styles Vol.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Adobe Photoshop 7 Fast Easy Fast Easy.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Adobe Photoshop CS CS2 Breakthroughs SolutionseBook.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Adobe Photoshop CS2 9.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Adobe Photoshop CS2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Adobe Photoshop CS3 With LightRoom.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Adobe Photoshop CS3 with LightRoom AIO.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Adobe Photoshop Plugins Collection.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Adobe Photoshop Pro CS2 v9.0 Full ISO.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Adobe Premier Pro 2.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Adobe Premier Pro 7.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Adobe Premiere Professional 2.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Adobe Premiere Professional v.2.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Adobe Reader 7.0.9 for Windows 2000 XP.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Adobe Reader 7.0.9.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Adobe Reader SpeedUp v.1.34.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Adobe after effects professional 7.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AdultPDF PDF to TIFF v.2.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AdultPDF PDF to Word 2.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AdultPDF PDF to Word v2.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Advanced Call Corder 3.6.0.181.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Advanced Desktop Shield v1.8.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Advanced Elearning Builder V3.56.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Advanced File Lock 3.2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Advanced Import Component Suite v2.40 for Delphi.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Advanced Installer Professional v3.9.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Advanced Internet Kiosk v3.2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Advanced Invisible Keylogger v1.7.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Advanced SMTP Server v2.7.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Advanced System Cleaner.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Advanced Uninstaller PRO 2006 7.52.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Advanced Uninstaller Pro 2006 v.7.53.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Advanced Windows Optimizer v.5.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Advanced WindowsCare Personal 2.3.0.726.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Adware Nuker v1.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Adwords & Keywords 2.00.061028.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\After Effects Studio Techniques.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AfterBurn v3.2 For 3DMax 7.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Agatha Christie Murder On The Orient Express iSO-RELOAD.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Age Of Empires 2 XP Patch.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Age Of Empires III.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AggPub v1.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Agnitum Outpost Firewall Pro 4.0 Build 1005 590.123.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Agnitum Outpost Network Security 2.0.762.462 Incl Seria.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Agnitum Outpost Network Security 2.0.762.462.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Ahead DVD Ripper 1.4.2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Aio Xp Helper.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AirStrike II.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Ajax on Rails.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Ak Player V2.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Alarm Master Plus v4.14.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Alawar Ancient Taxi v1.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Alawar Arkanoid 4000 v1.20.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Album Creator PRO v3.5.573.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Alchemy Eye PRO 8.5.8.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Alcohol 120 1.9.6.4719.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Alcohol 120 v1.9.6.4719 Retail.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Alcohol 120 v1.9.6.4719.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Alcohol 120 v1.95.4212.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Alcohol 120% v.1.9.5.4212.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Alcohol 120% v1.9.5.4327.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AlgoLab Photo Vector v1.98.58.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Algorithmic Arts ArtWonk v2.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Ali G Indahouse.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Alias PortfolioWall v3.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Alien Skin Blow Up 1.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Alive Video to Flash Converter v1.0.6.8.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\All Audio Recorder 2.10.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\All Media Fixer Pro v.6.3.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\All My Movies 3.95 Build 1214.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\All Sound Recorder XP v2.28.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\All Video Joiner 1.7.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\All redfield photoshop plugins.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\All-In-One Common Tools for Morphing.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AllForMP3 Audio MP3 Converter v2.42.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AllWebMenus PRO v4.1.626.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Allatori 1.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Allok MP3 WAV Converter v1.0.2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Allok MP3 to AMR Converter v2.0.2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Allok MP3 to AMR Converter v2.7.2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Allok Video to 3GP Converter 2.7.2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Allok Video to FLV Converter v2.7.2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Almanac v3.0.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Alnera FeedBuster 1.1.21.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Alone in the Dark 2005 DVDRip.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Alpha Dog 2006.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Alpha Dog TS SVCD-MENTiON.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Alpha Prime.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Alpha Rebellion v1.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Altia PhotoProto v.1.04.20 For Adobe Photoshop.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Amadis DVD Ripper Professional v1.0.3.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Amadis DVD Ripper Professional ver. 1.0.3 Full.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Amazing Hair Tutorial.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Amazon DVD Shrinker 2.4.3.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Amazon DVD Shrinker v2.1.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Amazon Trail 3rd Edition.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\American Idioms Dictionary Third Edition.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\American McGees Scrapland.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Amor SWF to Video Converter v.2.3.9.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Amor SWF to Video Converter v2.35.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\An Introduction to Programming in Emacs Lisp.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Analogue Vista Clock 1.0 - Cool Clock Software.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Anfibia Watchman v7.0.1 1.3 MB.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Animated GIF Producer v.3.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Animated GIF Producer v3.0.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Anno 1503 The New World.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Anonymous Web Surfing 3.3.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Antares Auto-Tune VST DX RTAS v4.39.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Anti Tracks 3.6.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Anti Tracks v5.9.8 Eclipse.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Anti Trojan Elite v3.40.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Anti-Porn 8.1.9.15.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Any Background v1.11.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Any DWG DXF Converter Pro v2007.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Any DWG to Image Converter v2007.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AnyDVD 5.4.1.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AnyDVD 6.0.7.0 Newest Protection Remover.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AnyDVD 6.1.0.2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AnyDVD 6.1.0.3 Incl Patch.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AnyDVD 6.1.0.4.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AnyDVD 6.1.0.6 Beta.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AnyDVD 6.1.0.6.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AnyDVD 6017 + REAL KEY.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AnyDVD V 6.1.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AnyDVD v5.4.1.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AnyDVD v5.9.5.8.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AnyDVD v6.0.0.4.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AnyDVD v6.0.1.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AnyDVD v6.0.4.5.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AnyDVD v6.0.7.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AnyDVD v6.0.9.5.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AnyDVD v6.1.0.2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AnyDVD v6.1.0.7.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AnyDVD v6102 - Updated - Read or copy all CD DVD music .exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Anytrac 2005 v1.0.43.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AoA DVD COPY v2.7.2.7.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AoA DVD Copy v2.7.5.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AoA DVD Ripper v3.85.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AoA DVD Ripper v3.94.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Aone Movie DVD Maker v1.7.2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Aone Photo Screensaver Maker 5.1.8.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\ApacheConf v5.0.0.4.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Apocalypto DVDSCR XviD.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Apocalypto PROPER DVD SCREENER XviD-NOBlE.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Apollo Audio DVD Creator v1.1.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Apollo Audio DVD Creator v1.2.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Apollo DVD To iPod v2.3.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Apollo DVD to PSP v3.1.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Apollo DVD to PSP v3.1.4.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Apollo MPEG To DVD Burner v2.3.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Apollo PSP Video Converter v2.7.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Apple QuickTtime Pro v7.0.4.80.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AptPassport v2.1.00.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Aqua Garden Deluxe v1.01.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Aquila Software Examine32 v4.30.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Arc DVD Copy v.1.3.2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Arc DVD Copy v1.1.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Arc DVD Copy v1.2.4.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\ArcSoft Photo Studio 5.5.0.61 Retail.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Archicad v10 Beta 3.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Ardamax Keylogger 2.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Ardamax Keylogger v2.41.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Arial Audio Converter 2.3.11.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Arial Audio Converter v2.3.42.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Arial CD Ripper 1.4.8.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Arial Sound Recorder v1.3.3.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\ArmA Armed Assault.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Armed Assault.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Arrested Developement 123 season COMPLETE.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Artful gif animator 1.3.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Arthur And The Invisibles TS XViD-mVs.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Ashampoo CD 2 iPod 1.62.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Ashampoo Firewall Pro v1.12.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Ashampoo Magic Defrag.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Ashampoo Magical Defrag v1.11.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Ashampoo Magical Defrag v2.05.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Ashampoo Magical Defrag v2.10.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Ashampoo WinOptimizer Platinum Suite v1.22.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Asmw PC-Optimizer Pro 7.0.0.2625.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Asphalt Jungle 1950.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Asset Tracker for Networks 6.4.2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Astalavista Security Toolbox DVD v.3.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Asterisk Password Reveal v.3.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Aston shell 1.9.3.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Astral Masters v1.4.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Astro Flash Creator v.1.10.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AtLast SketchUp v5.0.260.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Atani v4.0.6.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Atomaders DeLuxe.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Atomic Alarm Clock 3.61.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Atomic Alarm Clock v4.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Atomic Clock Service v2.6.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Atomix Virtual DJ Pro v4.1R2 Plugin Skin - Effects.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Atrise Golden Section v1.2.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Attack Force DVDRip Xvid.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Attractive Clock v1.0.2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Audio Commander v3.3.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Audio Dvd Creator 1.9.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Audio Edit Magic v8.6.5.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Audio Edit Magic v8.61.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Audio Editor Gold 7.4.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Audio Editor Gold 8.4.8.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Audio Editor Gold 8.9 Retail.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Audio Editor Gold 9.2.5 Build 424.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Audio Editor Gold v8.46.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Audio Editor Gold v8.47.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Audio Editor Gold ver. 9.2.5 Build 424.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Audio Grail 6.5.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AudioJack 1.42.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AudioList Plus v.4.4.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AudioList Plus v4.0.3.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AudioRetoucher v3.0.0.3.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Audiolabel Cd Dvd Labeler V3.80.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Aurora Media Workshop 2.5.3.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Aurora Media Workshop 3.3.16.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Aurora Media Workshop 3.3.26.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Aurora Media Workshop v3.3.5.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Auto Audio Mastering System v.2.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Auto FTP Manager v3.40.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AutoCAD 2007.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AutoDWG DWGSee Pro v2.121.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AutoPlay Media Studio 6.0.4.0 Retail plus many extras.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AutoPlay Media Studio Pro v6.0.30.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AutoPlay Menu Builder v5.2.0.1072.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AutoRun III v3.1.5 Pro.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AutoRun Pro Enterprise 10.0.0.105.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AutoRun Pro Enterprise v2.0.3.23.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AutoRun Professional 3.0.3.23.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AutoScreenRecorder Pro v2.1.281.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AutoShutdown Pro v4.7.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AutoVue SolidModel Pro 19.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Autodesk 3D Studio Max 9.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Autodesk Lustre 2007.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Autodesk Lustre v2007 build 2038.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Autodesk Maya 8.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Autodesk Maya v8.0P06.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Autodesk StudioViewer v13.02.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Autodesk Viz 2007.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Automatic Dialer v2.04.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Automatronix v2.19.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Automize 7.10 Enterprise.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Autopano Pro v1.2.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Avast Professional Edition v.4.7.892.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Avast Antivirus Pro 4.7.942.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\AvatarThe Last Airbender Season 1 Season 2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Avg Anti-virus Professional Edition Ver.7.5.433 Build 9.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Avid Softimage XSI Advanced 6.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Avid Xpress Pro 5.6.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Avira AntiVir PersonalEdition Classic 7 6.36.00.66.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\BB FlashBack 1.5.2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\BB FlashBack v1.5.2.148.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\BGEye 3.0.1.4.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\BR PhotoArchiver 4.15.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\BSPlayer Pro 2.10.939.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\BSPlayer Pro v1.42.833.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\BSplayer 2.11.940.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\BSplayer Pro v1.32.820.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\BSplayer Pro v1.36 Build 825.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\BSplayer Pro v2.12.941.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Babylon Pro v6.0.1 R36.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Backline American Records Vol 32.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Backup Made Simple v5.1.155.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Backup2005 Pro v4.24.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Bad CD Repair Pro 4.06.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Bad Copy Pro v3.80 Build 1108.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Bad Copy Pro ver. 3.80 build 1108.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Banner Maker Pro 6.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Banner Maker Pro for Flash v1.02.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Bass Pro Shops Trophy Hunter 2007 RiTUEL.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Bass Pro Shops Trophy Hunter 2007 iSO-JFKPC.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Bass Pro Shops Trophy Hunter 2007.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Batch Image Resizer 2.76.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Batch Image Resizer v2.68.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Batch It! Ultra V3.91.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Batch TIFF Resizer 1.50.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Batch Video Converter 2.5.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Batch Watermark Creator v.3.2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\BatchRename 2 v2.62.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\BattleField 2142 FULL.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\BattleField Vietnam PC.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Battlefield 2 Special Forces iSO.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Battlefield 2142.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Battleship 1.2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\BearShare Pro 5.2.6.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\BearShare Pro Tweaked Edition ver.5.2.6.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\BearShare Pro v5.2.1.3.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\BearShare Pro v5.2.5.3.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Bearshare Pro v5.2.6.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Becky Internet Mail 2.30.00.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Becky Internet Mail 2.30.01.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Beerfest 2006 DVDRip.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Beerfest UNRATED DVDRip Xvid.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Belltech Greeting Cards Designer v3.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Best Mail Server v1.7.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Best Of 2006 36 Programs.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Best Practices in Leadership Development and Organiza.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Best Uninstaller 2.12.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Bet On Soldier Blood of Sahara.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Bhagam Bhag PDVDrip Xvid.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Bibble Pro v4.81a.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Big Battles Of World War II Blitzkrieg DVDRiP XviD-ESSE.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Big Kahuna Reef + Fix.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Big Kahuna Reef 2 - Chain Reaction.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Binary Research Universal Imaging Utility v.3.0.0.9.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Bingo Card Creator 1.03.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Bingo Card Creator v.1.0.4.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Binteko FairBot v1.6.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Birthday Reminder v1.01.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\BitComet 0.61.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\BitDefender Antivirus Plus v10.0 Official.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\BitDefender Internet Security 10.5 Beta 4.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Bitsum PECompact v2.66 Retail.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Bizimg Wakeup V1.0.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Black And White 2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Black PS2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Black and White 2 and Battle of the Gods iSO.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Blaze Media Pro v7.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Blaze Media Professional 7.0 Full.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\BlazeVideo BlazeDVD Professional v5.0.0.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\BlindWrite 5.2.9.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Blitzkrieg 2 Fall of the Reich.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Blog System v1.4 Web Blog Online Script.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Blood Ranch 2006 DVDrip.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Blow Up 1.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Bluementals iNet Protector v2.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Bluetooth Lock 1.5.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\BluffTitler Dx9 5.08.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Blumentals Rapid CSS 2006 v7.1.0.66.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Blumentals Rapid PHP 2006 v7.1.0.66.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Blumentals iNet Protector v2.5.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\BoilSoft AVI-MPEG-RM-WMV Joiner v4.82.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Boilsoft MOV Converter v1.01.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Bomes Midi Translator Pro V1.50.615.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Bonnie And Clyde DVDRip.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\BookBag Plus v.4.1.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\BookBag Plus v4.1.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Bookworm Adventures Deluxe 1.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Bopup Messenger 4.3.5.331.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Bopup Messenger v4.3.3.3271.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Borat 2006 Deleted Scenes DVDRip.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Borat DvdRip.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Borland Developer Studio 2006 Architect.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Boson Netsim 6.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\BossEye TimeAnalyzer 1.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Boston Legal s03e11.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Boxing Manager.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Breeze Browser v2.11 (Full).exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Bring It On All Or Nothing 2006.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\British Pharmacopoeia 2005 eBook.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Broken Sword - The Shadow of The Templars.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Browser Hijack Recover v2.3.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Bryce ver. 6.0 ISO.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\BsPlayer Pro 1.41.832.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Bt Helper 1.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Buffalo Bill 1944.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Bug Doctor 3.0.3.8.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Bug Tracker Organizer Deluxe ver. 2.7.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\BulletProof FTP 2.45.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\BulletProof FTP Server 2.4.0.31.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Bully PS2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Bumfights 3 2004 DVDRip XVID.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Business Card Designer Plus 7.3.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Business Letter Pro 2006 5.2.0.0 Full.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\C++ FAQs Second Edition.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\CA eTrust Antivirus 2007 8.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\CA eTrust PestPatrol Anti-Spyware v.8.0.0.7.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\CAD Pro v4.014.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\CCleaner 1.24.180.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\CD Audio MP3 Converter v1.5.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\CD Bank Cataloguer v2.7.6.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\CD Bank Cataloguer v2.7.9.417.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\CD To MP3 RM Ripper 1.20.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\CD-Lock 5.9.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\CDMenuPro Business Edition 4.100.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\CDRWin v.6.1.1.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\CDRoller 6.03.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\CG Invoicer 2.2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\CHRIS REA - The Very Best Of.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\CKBackup 1.01a.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\CSI Miami Season 2 DVD Rip.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\CSS Editor v.1.2.4.317.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\CSV to HTML converter v1.01.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\CSV to SQL converter v.1.01.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\CSV to SQL converter v1.01.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\CSV to TAB converter v1.01.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Cache View v2.6.01.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Cad2Cad TwinView PLUS v12.63.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Call Of Cthulhu.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Call Of Duty 3 PS2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Call of Duty 2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Cam Upload v1.2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Camera Control Pro v.1.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Camfrog Video Chat Pro v3.71.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Camtasia 4.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Camtasia Studio 2.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Capture One PRO 3.7.5.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\CaptureOne Pro 3.7.3.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Capturix ScanShare v2.09.425.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Car Trak v3.2.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Car Trak v3.3.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Carmageddon 1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Casino Royale TC.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Catan - Die erste Insel.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Cd-lock 06.02.3.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Cfospeed 313 Build 1200.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Cfosspeed v3.13.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Championship Manager 01-02.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Championship Manager 06.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Channel 4 uk On Demand Tv.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Chariots Of War.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Charlottes Web 2006 TS SVCD-PreVail.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Charlottes Web 2006.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Charm Real Converter Pro v5.95.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Chat Anywhere v2.80.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Pat\My Documents\My Music\_\Chat Watch v4.4.9.exe -> Dropper.VB.lu : Cleaned.
C:\Docum


Report Offensive Follow Up For Removal

Response Number 7
Name: innesfree
Date: January 18, 2007 at 18:36:29 Pacific
Subject: Can't get rid of w32.spybot.worm
Reply: (edit)
I do not get the message from Norton that it is blocking w32.spybot.worm now.
I am able to get into regedit from normal mode now.
I could run smitfruadfix from normal mode this time.
For all of that many thanks. It is much appreciated.
Do you have any suggestions for better ant-virus protection than Norton?
TIA
I am very grateful for your help.

Report Offensive Follow Up For Removal

Response Number 8
Name: jabuck
Date: January 18, 2007 at 18:50:59 Pacific
Subject: Can't get rid of w32.spybot.worm
Reply: (edit)
Looking much better.

Please download ComboFix to the desktop from this link:

http://download.bleepingcomputer.com/sUBs/combofix.exe

Double-click combofix.exe
Follow the prompts.
(Don't click on the window while the program is running, it may cause your system to hang.)

Please post the combofix.txt log.

Empty the restore folder. Go to start>control panel>system>system restore tab>check the box beside "turn off system restore>apply (takes a minute)>ok. Go back and uncheck the box to turn system restore back on>apply>ok.

Reboot into safe mode.

Run ATF-Cleaner from safe mode.Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.

Run AVG_AntiSpyware again from safe mode and post that log.

Set msconfig to normal mode and post a new Hijack This log please.

You "java" is way out of date. Download the latest version of http://java.sun.com/javase/downloads/index.jsp

Scroll down to where it says "The J2SE Runtime Environment (JRE) allows end-users to run Java applications".

Click the "Download" button to the right.

Check the box that says: "Accept License Agreement". The page will refresh.

Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.

Close any programs you may have running - especially your web browser.

Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java. Check any item with Java Runtime Environment (JRE or J2SE) in the name. It should have the "coffee cup" icon next to it.

Click the Remove or Change/Remove button. Repeat as many times as necessary to remove each Java versions.

Reboot your computer once all Java components are removed

. Then from your desktop double-click on jre-1_6_0-windowsi586-p.exe to install the newest version.


Report Offensive Follow Up For Removal

Response Number 9
Name: innesfree
Date: January 18, 2007 at 19:08:31 Pacific
Subject: Can't get rid of w32.spybot.worm
Reply: (edit)
"Pat" - 07-01-18 21:01:57 Service Pack 2
ComboFix 07-01-18 - Running from: "C:\Program Files\Mozilla Firefox"

((((((((((((((((((((((((((((((( Files Created from 2006-12-18 to 2007-01-18 ))))))))))))))))))))))))))))))))))


2007-01-18 20:21 5,288 --a------ C:\WINDOWS\system32\tmp.reg
2007-01-18 20:19 79,360 --a------ C:\WINDOWS\system32\swxcacls.exe
2007-01-18 20:19 53,248 --a------ C:\WINDOWS\system32\Process.exe
2007-01-18 20:19 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2007-01-18 20:19 40,960 --a------ C:\WINDOWS\system32\swsc.exe
2007-01-18 20:19 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2007-01-18 20:19 135,168 --a------ C:\WINDOWS\system32\swreg.exe
2007-01-18 17:34 <DIR> d-------- C:\!KillBox
2007-01-18 17:32 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-01-18 17:32 <DIR> d-------- C:\Program Files\Grisoft
2007-01-18 16:26 <DIR> d-------- C:\Program Files\Hijackthis
2007-01-18 15:30 <DIR> d-------- C:\Program Files\ScanSpyware v3.8.0.4
2007-01-18 14:06 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2007-01-18 14:06 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-01-18 14:06 <DIR> d-------- C:\DOCUME~1\Pat\Application Data\SUPERAntiSpyware.com
2007-01-18 14:06 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\Application Data\SUPERAntiSpyware.com
2007-01-18 13:48 <DIR> d-------- C:\Program Files\NoAdware5.0
2007-01-18 09:57 127,208 --a------ C:\WINDOWS\system32\mucltui.dll
2007-01-17 13:00 <DIR> d-------- C:\DOCUME~1\Pat\Application Data\WholeSecurity
2007-01-17 12:51 <DIR> d-------- C:\Program Files\Innovative Solutions
2007-01-16 12:40 <DIR> d-------- C:\4825ad8bf970d2cd70
2007-01-16 12:25 <DIR> d-------- C:\5a4e58954e5da01beeb53b
2007-01-15 13:49 <DIR> d-------- C:\Program Files\Norton Internet Security
2007-01-11 10:23 32,768 --a------ C:\WINDOWS\system32\setup9x.exe
2007-01-11 10:23 192 --a------ C:\WINDOWS\system32\ggg.bat
2007-01-10 17:44 79 --a------ C:\WINDOWS\delay.reg
2007-01-10 17:08 48,776 --a------ C:\WINDOWS\system32\S32EVNT1.DLL
2007-01-10 17:08 115,000 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2007-01-09 16:12 0 --a------ C:\WINDOWS\system32\taskkill.exe
2007-01-09 13:53 87,608 --a------ C:\DOCUME~1\Pat\Application Data\ezpinst.exe
2007-01-09 13:53 47,360 --a------ C:\WINDOWS\system32\drivers\pcouffin.sys
2007-01-09 13:53 47,360 --a------ C:\DOCUME~1\Pat\Application Data\pcouffin.sys
2007-01-09 13:53 <DIR> d-------- C:\Program Files\vso
2007-01-09 13:53 <DIR> d-------- C:\DOCUME~1\Pat\Application Data\Vso
2007-01-09 11:03 <DIR> d-------- C:\DOCUME~1\Pat\Application Data\dvdcss
2007-01-09 10:26 <DIR> d-------- C:\DOCUME~1\Pat\Application Data\DeepBurner
2007-01-07 14:18 153 --a------ C:\DelUS.bat
2007-01-06 17:38 286,720 --a------ C:\WINDOWS\iun506.exe
2007-01-06 17:38 <DIR> d-------- C:\Program Files\Learn to Play Bridge
2006-12-20 18:19 <DIR> d-------- C:\Program Files\MTV Networks
2006-12-20 18:03 <DIR> d-------- C:\Program Files\Windows Media Connect 2
2006-12-20 18:00 <DIR> d-------- C:\WINDOWS\system32\drivers\UMDF
2006-12-19 17:09 276,792 --a------ C:\WINDOWS\system32\drivers\srtspl.sys
2006-12-19 17:09 25,400 --a------ C:\WINDOWS\system32\drivers\srtspx.sys
2006-12-19 17:09 247,096 --a------ C:\WINDOWS\system32\drivers\srtsp.sys


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2007-01-18 20:54 -------- d-------- C:\Program Files\mozilla firefox
2007-01-18 20:13 -------- d-------- C:\Program Files\notebook maximizer
2007-01-18 18:10 -------- d-------- C:\Program Files\Common Files\symantec shared
2007-01-18 13:47 -------- d-------- C:\Program Files\noadware4
2007-01-18 12:36 -------- d-------- C:\DOCUME~1\Pat\Application Data\adobeum
2007-01-17 13:34 -------- d-------- C:\DOCUME~1\Pat\Application Data\azureus
2007-01-17 13:33 -------- d-------- C:\Program Files\spywareblaster
2007-01-17 13:33 -------- d-------- C:\Program Files\quotetracker
2007-01-17 13:33 -------- d-------- C:\DOCUME~1\Pat\Application Data\mp3rocket
2007-01-15 13:51 -------- d-------- C:\Program Files\symantec
2007-01-12 17:12 -------- d-------- C:\Program Files\limewire
2007-01-11 13:03 7824 --a------ C:\DOCUME~1\Pat\Application Data\pcouffin.cat
2007-01-11 13:03 34 --a------ C:\DOCUME~1\Pat\Application Data\pcouffin.log
2007-01-11 13:03 1144 --a------ C:\DOCUME~1\Pat\Application Data\pcouffin.inf
2007-01-10 15:49 -------- d-------- C:\Program Files\astonsoft
2007-01-10 15:47 -------- d-------- C:\Program Files\microsoft works
2007-01-10 15:45 -------- d-------- C:\Program Files\mozilla thunderbird
2007-01-10 15:17 -------- d-------- C:\Program Files\registry mechanic
2007-01-10 14:54 -------- d-------- C:\Program Files\advanced system optimizer
2006-12-08 14:16 -------- d-------- C:\Program Files\Common Files\adobe
2006-12-04 10:35 -------- d-------- C:\Program Files\auction auto bidder
2006-11-30 16:54 -------- d-------- C:\Program Files\mytrack
2006-11-29 22:23 -------- d--h----- C:\Program Files\installshield installation information
2006-11-29 17:34 -------- d---s---- C:\DOCUME~1\Pat\Application Data\microsoft
2006-11-28 17:08 -------- d-------- C:\Program Files\america online 9.0a
2006-11-27 14:43 -------- d-------- C:\Program Files\google
2006-11-21 12:01 -------- d-------- C:\Program Files\expedia
2006-11-20 13:06 -------- d-------- C:\Program Files\quicktime
2006-11-07 23:06 679424 --a------ C:\WINDOWS\system32\inetcomm.dll
2006-11-04 14:14 1245696 --a------ C:\WINDOWS\system32\msxml4.dll
2006-11-02 13:14 704 --a------ C:\DOCUME~1\Pat\Application Data\update.log
2006-11-02 13:11 0 --a--c--- C:\Program Files\Common Files\err.log
2006-10-19 07:56 713216 --a------ C:\WINDOWS\system32\sxs.dll
2006-10-18 21:58 8704 --a------ C:\WINDOWS\system32\wdfmgr.exe
2006-10-18 21:58 8704 --a------ C:\WINDOWS\system32\uwdf.exe
2006-10-18 21:47 99840 --a------ C:\WINDOWS\system32\wmpshell.dll
2006-10-18 21:47 991744 --a------ C:\WINDOWS\system32\drmv2clt.dll
2006-10-18 21:47 937984 --a------ C:\WINDOWS\system32\wmnetmgr.dll
2006-10-18 21:47 8231936 --a------ C:\WINDOWS\system32\wmploc.dll
2006-10-18 21:47 767488 --------- C:\WINDOWS\system32\wmvsencd.dll
2006-10-18 21:47 757248 --a------ C:\WINDOWS\system32\wmadmod.dll
2006-10-18 21:47 7168 --a------ C:\WINDOWS\system32\asferror.dll
2006-10-18 21:47 656896 --------- C:\WINDOWS\system32\wmvxencd.dll
2006-10-18 21:47 63488 --a------ C:\WINDOWS\system32\wpdmtpus.dll
2006-10-18 21:47 629760 --a------ C:\WINDOWS\system32\wpd_ci.dll
2006-10-18 21:47 613376 --------- C:\WINDOWS\system32\wmpmde.dll
2006-10-18 21:47 603648 --a------ C:\WINDOWS\system32\wmspdmod.dll
2006-10-18 21:47 542720 --a------ C:\WINDOWS\system32\blackbox.dll
2006-10-18 21:47 535040 --------- C:\WINDOWS\system32\wmdrmsdk.dll
2006-10-18 21:47 429056 --a------ C:\WINDOWS\system32\wmdrmdev.dll
2006-10-18 21:47 414208 --a------ C:\WINDOWS\system32\msscp.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\wmvdmoe2.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\wmvdmod.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\wmvadve.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\wmvadvd.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\wmsdmoe2.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\wmsdmod.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\wdfapi.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\mpg4dmod.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\mp4sdmod.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\mp43dmod.dll
2006-10-18 21:47 38400 --------- C:\WINDOWS\system32\wpdshextres.dll
2006-10-18 21:47 37376 --a------ C:\WINDOWS\system32\wmdmps.dll
2006-10-18 21:47 35840 --a------ C:\WINDOWS\system32\wpdconns.dll
2006-10-18 21:47 356352 --a------ C:\WINDOWS\system32\wpdsp.dll
2006-10-18 21:47 348672 --a------ C:\WINDOWS\system32\wmdrmnet.dll
2006-10-18 21:47 33792 --a------ C:\WINDOWS\system32\wmdmlog.dll
2006-10-18 21:47 321536 --a------ C:\WINDOWS\system32\mswmdm.dll
2006-10-18 21:47 317440 --------- C:\WINDOWS\system32\mp4sdecd.dll
2006-10-18 21:47 314880 --a------ C:\WINDOWS\system32\wmpdxm.dll
2006-10-18 21:47 295936 --------- C:\WINDOWS\system32\wmpeffects.dll
2006-10-18 21:47 284160 --------- C:\WINDOWS\system32\portabledeviceapi.dll
2006-10-18 21:47 276992 --a------ C:\WINDOWS\system32\audiodev.dll
2006-10-18 21:47 27136 --a------ C:\WINDOWS\system32\mspmsnsv.dll
2006-10-18 21:47 2603008 --------- C:\WINDOWS\system32\wpdshext.dll
2006-10-18 21:47 259072 --------- C:\WINDOWS\system32\mpg4decd.dll
2006-10-18 21:47 259072 --------- C:\WINDOWS\system32\mp43decd.dll
2006-10-18 21:47 2450944 --a------ C:\WINDOWS\system32\wmvcore.dll
2006-10-18 21:47 242688 --a------ C:\WINDOWS\system32\wmpasf.dll
2006-10-18 21:47 229376 --a------ C:\WINDOWS\system32\cewmdm.dll
2006-10-18 21:47 227328 --a------ C:\WINDOWS\system32\wmerror.dll
2006-10-18 21:47 222208 --a------ C:\WINDOWS\system32\wmasf.dll
2006-10-18 21:47 212992 --------- C:\WINDOWS\system32\mfplat.dll
2006-10-18 21:47 211456 --a------ C:\WINDOWS\system32\qasf.dll
2006-10-18 21:47 204288 --a------ C:\WINDOWS\system32\wmpsrcwp.dll
2006-10-18 21:47 199168 --------- C:\WINDOWS\system32\portabledevicewmdrm.dll
2006-10-18 21:47 179712 --a------ C:\WINDOWS\system32\msnetobj.dll
2006-10-18 21:47 175616 --a------ C:\WINDOWS\system32\mspmsp.dll
2006-10-18 21:47 166912 --------- C:\WINDOWS\system32\portabledevicetypes.dll
2006-10-18 21:47 1661440 --a------ C:\WINDOWS\system32\wmpencen.dll
2006-10-18 21:47 1574912 --------- C:\WINDOWS\system32\wmvencod.dll
2006-10-18 21:47 157184 --a------ C:\WINDOWS\system32\wmidx.dll
2006-10-18 21:47 154624 --a------ C:\WINDOWS\system32\wpdmtp.dll
2006-10-18 21:47 1543680 --------- C:\WINDOWS\system32\wmvdecod.dll
2006-10-18 21:47 1382912 --------- C:\WINDOWS\system32\wmvsdecd.dll
2006-10-18 21:47 133632 --------- C:\WINDOWS\system32\wpdshserviceobj.dll
2006-10-18 21:47 1329152 --a------ C:\WINDOWS\system32\wmspdmoe.dll
2006-10-18 21:47 132096 --------- C:\WINDOWS\system32\portabledevicewiacompat.dll
2006-10-18 21:47 130048 --------- C:\WINDOWS\system32\wmpps.dll
2006-10-18 21:47 11264 --a------ C:\WINDOWS\system32\laprxy.dll
2006-10-18 21:47 1117696 --a------ C:\WINDOWS\system32\wmadmoe.dll
2006-10-18 21:47 101888 --------- C:\WINDOWS\system32\portabledeviceclassextension.dll
2006-10-18 20:03 100864 --a------ C:\WINDOWS\system32\logagent.exe
2006-10-18 20:00 249856 --------- C:\WINDOWS\system32\drmupgds.exe
2006-10-18 20:00 17408 --------- C:\WINDOWS\system32\wpdshextautoplay.exe


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"TOSCDSPD"="C:\\Program Files\\TOSHIBA\\TOSCDSPD\\toscdspd.exe"
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"Window Washer"="C:\\Program Files\\Webroot\\Washer\\wwDisp.exe"
"MSGTAG"="\"C:\\Program Files\\MSGTAG\\MSGTAG.exe\" /startup"
"Creative Detector"="C:\\Program Files\\Creative\\MediaSource\\Detector\\CTDetect.exe /R"
"Taskbar Button Manager"="C:\\Program Files\\Innovative Solutions\\Taskbar Button Manager\\tbm.exe"
"SUPERAntiSpyware"="C:\\Program Files\\SUPERAntiSpyware\\SUPERAntiSpyware.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"IgfxTray"="C:\\WINDOWS\\system32\\igfxtray.exe"
"HotKeysCmds"="C:\\WINDOWS\\system32\\hkcmd.exe"
@=""
"IntelWireless"="C:\\Program Files\\Intel\\Wireless\\Bin\\ifrmewrk.exe /tf Intel PROSet/Wireless"
"dla"="C:\\WINDOWS\\system32\\dla\\tfswctrl.exe"
"AGRSMMSG"="AGRSMMSG.exe"
"Apoint"="C:\\Program Files\\Apoint2K\\Apoint.exe"
"TPNF"="C:\\Program Files\\TOSHIBA\\TouchPad\\TPTray.exe"
"TOSHIBA Accessibility"="C:\\Program Files\\TOSHIBA\\Accessibility\\FnKeyHook.exe"
"TCtryIOHook"="TCtrlIOHook.exe"
"TFncKy"="TFncKy.exe"
"CeEKEY"="C:\\Program Files\\TOSHIBA\\E-KEY\\CeEKey.exe"
"TPSMain"="TPSMain.exe"
"SVPWUTIL"="C:\\Program Files\\Toshiba\\Windows Utilities\\SVPWUTIL.exe SVPwUTIL"
"PadTouch"="C:\\Program Files\\TOSHIBA\\Touch and Launch\\PadExe.exe"
"ZoomingHook"="ZoomingHook.exe"
"SmoothView"="C:\\Program Files\\TOSHIBA\\TOSHIBA Zooming Utility\\SmoothView.exe"
"HWSetup"="C:\\Program Files\\TOSHIBA\\TOSHIBA Applet\\HWSetup.exe hwSetUP"
"Tvs"="C:\\Program Files\\Toshiba\\Tvs\\TvsTray.exe"
"Pinger"="c:\\toshiba\\ivp\\ism\\pinger.exe /run"
"Notebook Maximizer"="C:\\Program Files\\Notebook Maximizer\\maximizer_startup.exe"
"Ulead AutoDetector v2"="C:\\Program Files\\Common Files\\Ulead Systems\\AutoDetector\\monitor.exe"
"Adobe Photo Downloader"="\"C:\\Program Files\\Adobe\\Photoshop Album Starter Edition\\3.0\\Apps\\apdproxy.exe\""
"Samsung PanelMgr"="C:\\WINDOWS\\Samsung\\PanelMgr\\ssmmgr.exe /autorun"
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="C:\\Program Files\\Google\\Gmail Notifier\\gnotify.exe"
"OpwareSE2"="\"C:\\Program Files\\ScanSoft\\OmniPageSE2.0\\OpwareSE2.exe\""
"OPSE reminder"="\"C:\\Program Files\\ScanSoft\\OmniPageSE2.0\\EregEng\\Ereg.exe\" -r \"C:\\Program Files\\ScanSoft\\OmniPageSE2.0\\EregEng\\ereg.ini\""
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"ccApp"="\"C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\""
"osCheck"="\"C:\\Program Files\\Norton Internet Security\\osCheck.exe\""
"!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
"backup"="C:\\WINDOWS\\pss\\Microsoft Office.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\MICROS~2\\Office10\\OSA.EXE -b -l"
"item"="Microsoft Office"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Pat^Start Menu^Programs^Startup^Webshots.lnk]
"backup"="C:\\WINDOWS\\pss\\Webshots.lnkStartup"
"location"="Startup"
"command"="C:\\PROGRA~1\\Webshots\\Launcher.exe /t"
"item"="Webshots"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=""
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\IntelWireless

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"


[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0

*newlycreated* - HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\LEGACY_COMHOST


Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\Norton Internet Security - Run Full System Scan - Pat.job

Completion time: 07-01-18 21:05:08


Report Offensive Follow Up For Removal

Response Number 10
Name: innesfree
Date: January 18, 2007 at 21:18:43 Pacific
Subject: Can't get rid of w32.spybot.worm
Reply: (edit)
Logfile of HijackThis v1.99.1
Scan saved at 11:12:40 PM, on 1/18/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\system32\DVDRAMSV.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
c:\Toshiba\IVP\swupdate\swupdtmr.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe
C:\WINDOWS\system32\TCtrlIOHook.exe
C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\WINDOWS\system32\ZoomingHook.exe
C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\Program Files\Toshiba\Tvs\TvsTray.exe
C:\toshiba\ivp\ism\pinger.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\WINDOWS\Samsung\PanelMgr\ssmmgr.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Webroot\Washer\wwDisp.exe
C:\Program Files\MSGTAG\MSGTAG.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\Innovative Solutions\Taskbar Button Manager\tbm.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\WINDOWS\system32\RAMASST.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Expedia\Expedia Fare Alert\ExpediaFareAl