Hi,,, One of the kids told me that internet explorer and windows explorer kept crashing on there computer. On the C: drive i found a load of files i dont know what they are (sqmnoopt19.sqm) 20 of them. I didnt get a extra.txt from Deckard's System Scanner (DSS) but i didnt download a fresh copy of it as i had it on the comp from last year.
Scans posted: Deckard's System Scanner; panda online ActiveScan and kaspersky online scan
Deckard's System Scanner v20070809.63
Run by all on 2008-05-08 at 23:08:31
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- HijackThis Clone ------------------------------------------------------------
Emulating logfile of HijackThis v1.99.1
Scan saved at 2008-05-08 23:09:01
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (7.00.6000.16640)
Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S30RP1.EXE
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Maxtor\Sync\SyncServices.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\snmp.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Radeon Omega Drivers\v3.8.360\ATI Tray Tools\atitray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Documents and Settings\all\Desktop\cleaning\dss.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.co.uk/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = iexplore
R1 - HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main,SearchAssistant =
http://www.microsoft.com/isapi/redir...ie&ar=iesearch
R1 - HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main,CustomizeSearch =
http://www.microsoft.com/isapi/redir...ie&ar=iesearch
R1 - HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKEY_LOCAL_MACHINE\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKEY_LOCAL_MACHINE\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [EPSON Stylus Photo R265 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBNE.EXE /FU "C:\WINDOWS\TEMP\E_S8C.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: ATI Tray Tools.lnk = C:\Program Files\Radeon Omega Drivers\v3.8.360\ATI Tray Tools\atitray.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites -
http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: (no name) - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)
O9 - Extra 'Tools' menuitem: (no name) - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Plugin Control) -
http://appldnld.apple.com.edgesuite....x/qtplugin.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) -
http://www.kaspersky.com/kos/eng/par...an_unicode.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) -
http://download.macromedia.com/pub/s...irector/sw.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) -
http://messenger.zone.msn.com/binary...r.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
http://by114fd.bay114.hotmail.msn.co...s/MsnPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) -
http://download.bitdefender.com/reso...an8/oscan8.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) -
http://upload.facebook.com/controls/...toUploader.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://www.update.microsoft.com/micr...?1188034837656
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab Class) -
http://www.readyforcrysis.com/sysreqlab2.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://www.update.microsoft.com/micr...?1188034823671
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () -
http://fpdownload.macromedia.com/get.../ultrashim.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://acs.pandasoftware.com/actives...ree/asinst.cab
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) -
http://www.crucial.com/controls/cpcScanner.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary...t.cab56907.cab
O16 - DPF: {E856B973-45FD-4559-8F82-EAB539144667} (Dell PC Checkup Installer Control) -
http://pccheckup.dellfix.com/rel/41/...l/gtdownde.cab
O18 - Protocol: lid - {5C135180-9973-46D9-ABF4-148267CBB8BF} - C:\WINDOWS\system32\msvidctl.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
O18 - Protocol: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL
O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
O20 - Winlogon Notify: AtiExtEvent - C:\WINDOWS\system32\Ati2evxx.dll
O23 - Service: Adobe LM Service - Unknown owner - "C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - "C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe"
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe"
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - Unknown owner - C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S30RP1.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - "C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe"
O23 - Service: ServiceLayer - Nokia. - "C:\Program Files\PC Connectivity Solution\ServiceLayer.exe"
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
-- Files created between 2008-04-08 and 2008-05-08 -----------------------------
2008-05-08 12:26:10 0 d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-05-08 09:00:18 0 d-------- C:\WINDOWS\system32\ActiveScan
2008-05-06 17:37:52 0 d-------- C:\Documents and Settings\all\Application Data\PandoraRecovery
2008-05-04 16:27:58 0 d-------- C:\Program Files\ReflexiveArcade
2008-05-03 10:09:20 56 --ah----- C:\WINDOWS\system32\ezsidmv.dat
2008-05-03 10:09:19 0 d-------- C:\Documents and Settings\all\Application Data\skypePM
2008-05-03 10:08:37 0 d-------- C:\Program Files\Common Files\Skype
2008-04-24 21:14:47 0 d-------- C:\Documents and Settings\all\Application Data\PC Suite
2008-04-24 21:14:46 0 d-------- C:\Documents and Settings\All Users\Application Data\PC Suite
2008-04-24 21:14:26 0 d-------- C:\Documents and Settings\all\Application Data\Nokia
2008-04-24 21:13:55 0 d-------- C:\Program Files\Common Files\PCSuite
2008-04-24 21:13:40 0 d-------- C:\Program Files\DIFX
2008-04-24 21:13:19 0 d-------- C:\Program Files\PC Connectivity Solution
2008-04-24 20:30:59 0 d-------- C:\Documents and Settings\All Users\Application Data\Nokia
2008-04-24 20:29:49 0 d-------- C:\Program Files\Common Files\Nokia
2008-04-24 20:29:48 0 d-------- C:\Program Files\Nokia
2008-04-24 20:29:09 0 d-------- C:\Documents and Settings\All Users\Application Data\Installations
2008-04-23 15:14:31 0 d-------- C:\Documents and Settings\all\Application Data\RSG
2008-04-23 12:20:08 0 dr-h----- C:\Documents and Settings\all\Recent
2008-04-21 21:27:31 0 d-------- C:\Program Files\Router Screenshot Grabber
2008-04-21 16:00:16 0 d-------- C:\Documents and Settings\all\Application Data\InstallShield
2008-04-21 15:58:58 96256 --a------ C:\WINDOWS\system32\drivers\mcdbus.sys <Not Verified; MagicISO, Inc.; MagicISO SCSI Host Controller>
2008-04-21 15:58:57 0 d-------- C:\Program Files\MagicDisc
2008-04-11 17:36:28 0 d-------- C:\Program Files\QuickTime
2008-04-11 15:43:53 0 d-------- C:\Downloads
-- Find3M Report ---------------------------------------------------------------
2008-05-08 10:15:30 0 d-------- C:\Program Files\Windows Live Toolbar
2008-05-08 10:13:43 0 d-------- C:\Program Files\Spyware Terminator
2008-05-06 22:57:45 0 d-------- C:\Documents and Settings\all\Application Data\Skype
2008-05-05 23:58:07 0 d-------- C:\Program Files\Java
2008-05-03 10:08:40 0 d-------- C:\Program Files\Skype
2008-05-03 10:08:37 0 d-------- C:\Program Files\Common Files
2008-04-29 23:35:29 0 d-------- C:\Program Files\GameSpy Arcade
2008-04-27 13:09:30 0 d-------- C:\Documents and Settings\all\Application Data\uTorrent
2008-04-26 12:46:16 0 d-------- C:\Program Files\SpywareBlaster
2008-04-25 12:46:13 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-04-25 09:30:11 0 d-------- C:\Documents and Settings\all\Application Data\Free Download Manager
2008-04-21 16:05:00 0 d-------- C:\Program Files\THQ
2008-04-11 12:54:44 0 d-------- C:\Documents and Settings\all\Application Data\Adobe
2008-04-06 18:51:10 0 d-------- C:\Program Files\Winmx
2008-04-04 02:13:54 0 d-------- C:\Program Files\MSXML 4.0
2008-04-03 03:46:41 2548 --a------ C:\WINDOWS\unins000.dat
2008-04-03 03:45:20 691545 --a------ C:\WINDOWS\unins000.exe
2008-04-03 02:31:40 0 d-------- C:\Program Files\Lavasoft
2008-04-03 02:31:12 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-04-02 14:25:17 0 d-------- C:\Program Files\Steam
2008-03-31 00:14:16 0 d-------- C:\Program Files\Alcohol Soft
2008-03-27 02:46:45 0 d-------- C:\Program Files\Avira
2008-03-25 14
29 0 d-------- C:\Program Files\Maxtor
2008-03-23 09:10:33 0 d-------- C:\Program Files\Common Files\Adobe
2008-03-19 18:18:37 116 --a------ C:\Documents and Settings\all\Application Data\wklnhst.dat
2008-03-19 13:31:32 0 d-------- C:\Documents and Settings\all\Application Data\Template
2008-03-19 13:25:45 0 d-------- C:\Program Files\Microsoft Works
2008-03-10 16:22:02 0 d-------- C:\Program Files\Windows Live
2008-03-01 20:58:27 16 --a------ C:\WINDOWS\popcinfo.dat
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AtiPTA"="atiptaxx.exe" [22/02/2006 01:05 C:\WINDOWS\system32\atiptaxx.exe]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [14/04/2008 23:39]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [04/08/2004 00:56]
"EPSON Stylus Photo R265 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBNE.exe" [19/05/2006 05:00]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [28/01/2008 11:43]
[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"RunNarrator"=Narrator.exe
C:\Documents and Settings\all\Start Menu\Programs\Startup\
ATI Tray Tools.lnk - C:\Program Files\Radeon Omega Drivers\v3.8.360\ATI Tray Tools\atitray.exe [13/11/2005 23:43:26]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
backup=C:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth Manager.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth Manager.lnk
backup=C:\WINDOWS\pss\Bluetooth Manager.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Sam.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Sam.lnk
backup=C:\WINDOWS\pss\Sam.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^SnagIt 8.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\SnagIt 8.lnk
backup=C:\WINDOWS\pss\SnagIt 8.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^all^Start Menu^Programs^Startup^MagicDisc.lnk]
path=C:\Documents and Settings\all\Start Menu\Programs\Startup\MagicDisc.lnk
backup=C:\WINDOWS\pss\MagicDisc.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\!AVG Anti-Spyware]
"C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVP]
"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
"C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lovefilm DLM Manager]
C:\Program Files\LOVEFiLM International\Lovefilm Download Manager\Download Manager.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"C:\Program Files\Messenger\msmsgs.exe" /background
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
"C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mxomssmenu]
"C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nokia.PCSync]
"G:\Program-Files\Nokia software suit\Nokia PC Suite 6\PCSync2.exe" /NoDialog
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
"G:\Program-Files\Nokia software suit\Nokia PC Suite 6\PCSuite.exe" -onlytray
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe" -atboottime
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
SOUNDMAN.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminator]
"C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
"c:\program files\steam\steam.exe" -silent
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uninstall_CToolbar]
"C:\WINDOWS\Temp\CTun.exe" "/remove"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
AutoRun\command- F:\LaunchU3.exe -a
-- End of Deckard's System Scanner: finished at 2008-05-08 at 23:09:32 ---------
panda online ActiveScan
Potentially unwanted tool:Application/NirCmd.A Not disinfected C:\UBCD4Win\BartPE\I386\SYSTEM32\NIRCMD.EXE
Hacktool:Hacktool/AngryScan Not disinfected C:\UBCD4Win\BartPE\PROGRAMS\IPScan\ipscan.exe
Potentially unwanted tool:Application/NirCmd.A Not disinfected C:\UBCD4Win\plugin\AntiVirus\AV7PE\nircmd.exe
Hacktool:Hacktool/AngryScan Not disinfected C:\UBCD4Win\plugin\Network\ipscan\ipscan.exe
Potentially unwanted tool:Application/SAMInside Not disinfected F:\doj\programs 1\(APP) - SAMInside_v2.6.0.0 + Crack .rar[SAMInside\SAMInside.exe]
Potentially unwanted tool:Application/SAMInside Not disinfected F:\doj\programs 1\(APP) - SAMInside_v2.6.0.0 + Crack .rar[SAMInside\Tools\GetHashes.exe]
Potentially unwanted tool:Application/SAMInside Not disinfected F:\doj\programs 1\(APP) - SAMInside_v2.6.0.0 + Crack .rar[SAMInside\Tools\GetSyskey.exe]
Potentially unwanted tool:Application/SAMInside Not disinfected F:\doj\programs 1\(App) SAMInside_v2.6.0.0 + Crack .rar[SAMInside\SAMInside.exe]
Potentially unwanted tool:Application/SAMInside Not disinfected F:\doj\programs 1\(App) SAMInside_v2.6.0.0 + Crack .rar[SAMInside\Tools\GetHashes.exe]
Potentially unwanted tool:Application/SAMInside Not disinfected F:\doj\programs 1\(App) SAMInside_v2.6.0.0 + Crack .rar[SAMInside\Tools\GetSyskey.exe]
Potentially unwanted tool:Application/SAMInside Not disinfected G:\programs 2\(APP) - SAMInside_v2.6.0.0 + Crack .rar[SAMInside\SAMInside.exe]
Potentially unwanted tool:Application/SAMInside Not disinfected G:\programs 2\(APP) - SAMInside_v2.6.0.0 + Crack .rar[SAMInside\Tools\GetHashes.exe]
Potentially unwanted tool:Application/SAMInside Not disinfected G:\programs 2\(APP) - SAMInside_v2.6.0.0 + Crack .rar[SAMInside\Tools\GetSyskey.exe]
kaspersky online scan
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Thursday, May 08, 2008 9:18:54 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 8/05/2008
Kaspersky Anti-Virus database records: 746421
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\
G:\
H:\
I:\
J:\
K:\
L:\
Scan Statistics:
Total number of scanned objects: 137771
Number of viruses found: 13
Number of infected objects: 106
Number of suspicious objects: 0
Duration of the scan process: 08:13:56
Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\all\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\all\Desktop\lime wire downloads\honey daniels.mp3 Infected: Trojan-Downloader.WMA.Wimad.n skipped
C:\Documents and Settings\all\Local Settings\Application Data\Microsoft\CardSpace\CardSpace.db Object is locked skipped
C:\Documents and Settings\all\Local Settings\Application Data\Microsoft\CardSpace\CardSpace.db.shadow Object is locked skipped
C:\Documents and Settings\all\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\all\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\all\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\all\Local Settings\History\History.IE5\MSHist012008050820080509\index.dat Object is locked skipped
C:\Documents and Settings\all\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\all\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\all\ntuser.dat Object is locked skipped
C:\Documents and Settings\all\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\logs\starwind.2008-05-08.08-57-15.log Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{BAD70DFF-4068-444B-B3C4-547AF0E48124}\RP107\A0005674.exe Infected: not-a-virus:AdWare.Win32.Trymedia.d skipped
C:\System Volume Information\_restore{BAD70DFF-4068-444B-B3C4-547AF0E48124}\RP107\A0005675.exe Infected: not-a-virus:AdWare.Win32.Trymedia.d skipped
C:\System Volume Information\_restore{BAD70DFF-4068-444B-B3C4-547AF0E48124}\RP137\A0007585.exe/file1 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4110 skipped
C:\System Volume Information\_restore{BAD70DFF-4068-444B-B3C4-547AF0E48124}\RP137\A0007585.exe/file3 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped
C:\System Volume Information\_restore{BAD70DFF-4068-444B-B3C4-547AF0E48124}\RP137\A0007585.exe Inno: infected - 2 skipped
C:\System Volume Information\_restore{BAD70DFF-4068-444B-B3C4-547AF0E48124}\RP158\change.log Object is locked skipped
C:\System Volume Information\_restore{BAD70DFF-4068-444B-B3C4-547AF0E48124}\RP76\A0003314.exe/file3145 Infected: not-a-virus:NetTool.Win32.Portscan.c skipped
C:\System Volume Information\_restore{BAD70DFF-4068-444B-B3C4-547AF0E48124}\RP76\A0003314.exe/file3324 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.c skipped
C:\System Volume Information\_restore{BAD70DFF-4068-444B-B3C4-547AF0E48124}\RP76\A0003314.exe/file3326 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.1102 skipped
C:\System Volume Information\_restore{BAD70DFF-4068-444B-B3C4-547AF0E48124}\RP76\A0003314.exe/file3329 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.c skipped
C:\System Volume Information\_restore{BAD70DFF-4068-444B-B3C4-547AF0E48124}\RP76\A0003314.exe/file3382 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped
C:\System Volume Information\_restore{BAD70DFF-4068-444B-B3C4-547AF0E48124}\RP76\A0003314.exe/file3385 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped
C:\System Volume Information\_restore{BAD70DFF-4068-444B-B3C4-547AF0E48124}\RP76\A0003314.exe/file3386 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped
C:\System Volume Information\_restore{BAD70DFF-4068-444B-B3C4-547AF0E48124}\RP76\A0003314.exe/file3387 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped
C:\System Volume Information\_restore{BAD70DFF-4068-444B-B3C4-547AF0E48124}\RP76\A0003314.exe/file3587/data.rar/xpkey.exe Infected: not-a-virus:PSWTool.Win32.RAS.g skipped
C:\System Volume Information\_restore{BAD70DFF-4068-444B-B3C4-547AF0E48124}\RP76\A0003314.exe/file3587/data.rar/officekey.exe Infected: not-a-virus:PSWTool.Win32.RAS.a skipped
C:\System Volume Information\_restore{BAD70DFF-4068-444B-B3C4-547AF0E48124}\RP76\A0003314.exe/file3587/data.rar Infected: not-a-virus:PSWTool.Win32.RAS.a skipped
C:\System Volume Information\_restore{BAD70DFF-4068-444B-B3C4-547AF0E48124}\RP76\A0003314.exe/file3587 Infected: not-a-virus:PSWTool.Win32.RAS.a skipped
C:\System Volume Information\_restore{BAD70DFF-4068-444B-B3C4-547AF0E48124}\RP76\A0003314.exe Inno: infected - 12 skipped
C:\UBCD4Win\BartPE\I386\SYSTEM32\WM_HOOKS.DLL Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped
C:\UBCD4Win\BartPE\PROGRAMS\IPScan\ipscan.exe Infected: not-a-virus:NetTool.Win32.Portscan.c skipped
C:\UBCD4Win\BartPE\PROGRAMS\ultravnc\vnchooks.dll Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.c skipped
C:\UBCD4Win\BartPE\PROGRAMS\ultravnc\vncviewer.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.1102 skipped
C:\UBCD4Win\BartPE\PROGRAMS\ultravnc\winvnc.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.c skipped
C:\UBCD4Win\BartPE\PROGRAMS\vncserver\vncconfig.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped
C:\UBCD4Win\BartPE\PROGRAMS\vncserver\winvnc4.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped
C:\UBCD4Win\plugin\Network\ipscan\ipscan.exe Infected: not-a-virus:NetTool.Win32.Portscan.c skipped
C:\UBCD4Win\plugin\Network\ultravnc\files\vnchooks.dll Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.c skipped
C:\UBCD4Win\plugin\Network\ultravnc\files\vncviewer.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.1102 skipped
C:\UBCD4Win\plugin\Network\ultravnc\files\winvnc.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.c skipped
C:\UBCD4Win\plugin\Network\VNCServer\vncconfig.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped
C:\UBCD4Win\plugin\Network\VNCServer\vncviewer.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped
C:\UBCD4Win\plugin\Network\VNCServer\winvnc4.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped
C:\UBCD4Win\plugin\Network\VNCServer\wm_hooks.dll Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\ACEEvent.evt Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\LogFiles\WUDF\WUDFTrace.etl Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\Temp\Perflib_Perfdata_67c.dat Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
F:\2a81faac611e32dcd1d6ff\msxml6-KB927977-enu-x86.log Object is locked skipped
F:\doj\programs 1\(APP) - SAMInside_v2.6.0.0 + Crack .rar/SAMInside/SAMInside.exe Infected: not-a-virus:PSWTool.Win32.SAMInside.g skipped
F:\doj\programs 1\(APP) - SAMInside_v2.6.0.0 + Crack .rar/SAMInside/Tools/GetHashes.exe Infected: not-a-virus:PSWTool.Win32.SAMInside.g skipped
F:\doj\programs 1\(APP) - SAMInside_v2.6.0.0 + Crack .rar/SAMInside/Tools/GetSyskey.exe Infected: not-a-virus:PSWTool.Win32.SAMInside.g skipped
F:\doj\programs 1\(APP) - SAMInside_v2.6.0.0 + Crack .rar RAR: infected - 3 skipped
F:\doj\programs 1\(App) SAMInside_v2.6.0.0 + Crack .rar/SAMInside/SAMInside.exe Infected: not-a-virus:PSWTool.Win32.SAMInside.g skipped
F:\doj\programs 1\(App) SAMInside_v2.6.0.0 + Crack .rar/SAMInside/Tools/GetHashes.exe Infected: not-a-virus:PSWTool.Win32.SAMInside.g skipped
F:\doj\programs 1\(App) SAMInside_v2.6.0.0 + Crack .rar/SAMInside/Tools/GetSyskey.exe Infected: not-a-virus:PSWTool.Win32.SAMInside.g skipped
F:\doj\programs 1\(App) SAMInside_v2.6.0.0 + Crack .rar RAR: infected - 3 skipped
F:\doj\programs 1\(APP) UBCD 4 Win V306.exe/file3145 Infected: not-a-virus:NetTool.Win32.Portscan.c skipped
F:\doj\programs 1\(APP) UBCD 4 Win V306.exe/file3324 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.c skipped
F:\doj\programs 1\(APP) UBCD 4 Win V306.exe/file3326 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.1102 skipped
F:\doj\programs 1\(APP) UBCD 4 Win V306.exe/file3329 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.c skipped
F:\doj\programs 1\(APP) UBCD 4 Win V306.exe/file3382 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped
F:\doj\programs 1\(APP) UBCD 4 Win V306.exe/file3385 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped
F:\doj\programs 1\(APP) UBCD 4 Win V306.exe/file3386 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped
F:\doj\programs 1\(APP) UBCD 4 Win V306.exe/file3387 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped
F:\doj\programs 1\(APP) UBCD 4 Win V306.exe/file3587/data.rar/xpkey.exe Infected: not-a-virus:PSWTool.Win32.RAS.g skipped
F:\doj\programs 1\(APP) UBCD 4 Win V306.exe/file3587/data.rar/officekey.exe Infected: not-a-virus:PSWTool.Win32.RAS.a skipped
F:\doj\programs 1\(APP) UBCD 4 Win V306.exe/file3587/data.rar Infected: not-a-virus:PSWTool.Win32.RAS.a skipped
F:\doj\programs 1\(APP) UBCD 4 Win V306.exe/file3587 Infected: not-a-virus:PSWTool.Win32.RAS.a skipped
F:\doj\programs 1\(APP) UBCD 4 Win V306.exe Inno: infected - 12 skipped
F:\doj\programs 1\(OS) Windows XP Pro Corp Slipstreamed.iso/$OEM$/$$/System32/cmdow.exe Infected: not-a-virus:RiskTool.Win32.HideWindows skipped
F:\doj\programs 1\(OS) Windows XP Pro Corp Slipstreamed.iso ISOimage: infected - 1 skipped
F:\doj\programs 1\UBCD 4 Win V306.exe/file3145 Infected: not-a-virus:NetTool.Win32.Portscan.c skipped
F:\doj\programs 1\UBCD 4 Win V306.exe/file3324 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.c skipped
F:\doj\programs 1\UBCD 4 Win V306.exe/file3326 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.1102 skipped
F:\doj\programs 1\UBCD 4 Win V306.exe/file3329 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.c skipped
F:\doj\programs 1\UBCD 4 Win V306.exe/file3382 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped
F:\doj\programs 1\UBCD 4 Win V306.exe/file3385 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped
F:\doj\programs 1\UBCD 4 Win V306.exe/file3386 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped
F:\doj\programs 1\UBCD 4 Win V306.exe/file3387 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped
F:\doj\programs 1\UBCD 4 Win V306.exe/file3587/data.rar/xpkey.exe Infected: not-a-virus:PSWTool.Win32.RAS.g skipped
F:\doj\programs 1\UBCD 4 Win V306.exe/file3587/data.rar/officekey.exe Infected: not-a-virus:PSWTool.Win32.RAS.a skipped
F:\doj\programs 1\UBCD 4 Win V306.exe/file3587/data.rar Infected: not-a-virus:PSWTool.Win32.RAS.a skipped
F:\doj\programs 1\UBCD 4 Win V306.exe/file3587 Infected: not-a-virus:PSWTool.Win32.RAS.a skipped
F:\doj\programs 1\UBCD 4 Win V306.exe Inno: infected - 12 skipped
F:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
F:\System Volume Information\_restore{FA0518AC-1051-4EA3-8BBD-49D6FA043FEA}\RP21\A0008419.exe/WISE0034.BIN Infected: not-a-virus:RiskTool.Win32.CloseApp.a skipped
F:\System Volume Information\_restore{FA0518AC-1051-4EA3-8BBD-49D6FA043FEA}\RP21\A0008419.exe/WISE0159.BIN/WISE0005.BIN Infected: not-a-virus:RiskTool.Win32.CloseApp.a skipped
F:\System Volume Information\_restore{FA0518AC-1051-4EA3-8BBD-49D6FA043FEA}\RP21\A0008419.exe/WISE0159.BIN Infected: not-a-virus:RiskTool.Win32.CloseApp.a skipped
F:\System Volume Information\_restore{FA0518AC-1051-4EA3-8BBD-49D6FA043FEA}\RP21\A0008419.exe WiseSFX: infected - 3 skipped
F:\temp stick\programs\VNC\vnc-4_1_1-x86_win32.exe/file1 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4110 skipped
F:\temp stick\programs\VNC\vnc-4_1_1-x86_win32.exe/file3 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped
F:\temp stick\programs\VNC\vnc-4_1_1-x86_win32.exe Inno: infected - 2 skipped
F:\to sort\Apps - PC Tools - Ultimate Boot Disk 9.02 SE.iso/Programs/RemoteControl/apc_host.exe Infected: not-a-virus:RemoteAdmin.Win32.RemoteDesktopControl.b skipped
F:\to sort\Apps - PC Tools - Ultimate Boot Disk 9.02 SE.iso ISOimage: infected - 1 skipped
G:\programs 2\(APP) - SAMInside_v2.6.0.0 + Crack .rar/SAMInside/SAMInside.exe Infected: not-a-virus:PSWTool.Win32.SAMInside.g skipped
G:\programs 2\(APP) - SAMInside_v2.6.0.0 + Crack .rar/SAMInside/Tools/GetHashes.exe Infected: not-a-virus:PSWTool.Win32.SAMInside.g skipped
G:\programs 2\(APP) - SAMInside_v2.6.0.0 + Crack .rar/SAMInside/Tools/GetSyskey.exe Infected: not-a-virus:PSWTool.Win32.SAMInside.g skipped
G:\programs 2\(APP) - SAMInside_v2.6.0.0 + Crack .rar RAR: infected - 3 skipped
G:\programs 2\(APP) UBCD 4 Win V306.exe/file3145 Infected: not-a-virus:NetTool.Win32.Portscan.c skipped
G:\programs 2\(APP) UBCD 4 Win V306.exe/file3324 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.c skipped
G:\programs 2\(APP) UBCD 4 Win V306.exe/file3326 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.1102 skipped
G:\programs 2\(APP) UBCD 4 Win V306.exe/file3329 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.c skipped
G:\programs 2\(APP) UBCD 4 Win V306.exe/file3382 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped
G:\programs 2\(APP) UBCD 4 Win V306.exe/file3385 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped
G:\programs 2\(APP) UBCD 4 Win V306.exe/file3386 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped
G:\programs 2\(APP) UBCD 4 Win V306.exe/file3387 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped
G:\programs 2\(APP) UBCD 4 Win V306.exe/file3587/data.rar/xpkey.exe Infected: not-a-virus:PSWTool.Win32.RAS.g skipped
G:\programs 2\(APP) UBCD 4 Win V306.exe/file3587/data.rar/officekey.exe Infected: not-a-virus:PSWTool.Win32.RAS.a skipped
G:\programs 2\(APP) UBCD 4 Win V306.exe/file3587/data.rar Infected: not-a-virus:PSWTool.Win32.RAS.a skipped
G:\programs 2\(APP) UBCD 4 Win V306.exe/file3587 Infected: not-a-virus:PSWTool.Win32.RAS.a skipped
G:\programs 2\(APP) UBCD 4 Win V306.exe Inno: infected - 12 skipped
G:\programs 2\(OS) Windows XP Pro Corp Slipstreamed.iso/$OEM$/$$/System32/cmdow.exe Infected: not-a-virus:RiskTool.Win32.HideWindows skipped
G:\programs 2\(OS) Windows XP Pro Corp Slipstreamed.iso ISOimage: infected - 1 skipped
G:\stick programs 22-4-08\VNC\vnc-4_1_1-x86_win32.exe/file1 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4110 skipped
G:\stick programs 22-4-08\VNC\vnc-4_1_1-x86_win32.exe/file3 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped
G:\stick programs 22-4-08\VNC\vnc-4_1_1-x86_win32.exe Inno: infected - 2 skipped
G:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
G:\System Volume Information\_restore{BAD70DFF-4068-444B-B3C4-547AF0E48124}\RP158\change.log Object is locked skipped
G:\temp stick\programs\VNC\vnc-4_1_1-x86_win32.exe/file1 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4110 skipped
G:\temp stick\programs\VNC\vnc-4_1_1-x86_win32.exe/file3 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped
G:\temp stick\programs\VNC\vnc-4_1_1-x86_win32.exe Inno: infected - 2 skipped
G:\to sort\Apps - PC Tools - Ultimate Boot Disk 9.02 SE.iso/Programs/RemoteControl/apc_host.exe Infected: not-a-virus:RemoteAdmin.Win32.RemoteDesktopControl.b skipped
G:\to sort\Apps - PC Tools - Ultimate Boot Disk 9.02 SE.iso ISOimage: infected - 1 skipped
Scan process completed.
Thanks for your time DojHarris
EDITS messege i get
Internet explore cannot open the internet site (what ever site I am opening,,, but not all the time) operation aborted
When running adware 2007 my antivirus popped and found:
Virus or unwanted program 'TR/Horse2.DBA.1 [trojan]'
detected in file 'F:\System Volume Information\_restore{7CA3826A-2F48-4A96-A949-80A5D96A75E7}\RP17\A0010330.exe.
Action performed: Move file to quarantine