Thread: New member needs help with log....
View Single Post
Old 02-28-2007, 09:55 PM   #8 (permalink)
honer's
Registered User
 
Join Date: Feb 2007
Posts: 38
OS: windows xp home


sure took me long enough to get this done but here are the results of my finding...... one last question....of all the downloads that i have installed what should i keep and if i do keep how often should i run these.....

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 6:01:03 AM 2/28/2007

+ Scan result:



C:\System Volume Information\_restore{78B518AB-0831-4146-921C-018A9AAD5B2E}\RP1257\A0212506.dll -> Adware.F1Organizer : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{78B518AB-0831-4146-921C-018A9AAD5B2E}\RP1257\A0212509.exe -> Adware.IWantSearch : Cleaned with backup (quarantined).
C:\RECYCLER\S-1-5-18\Dc1\system.dll -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{78B518AB-0831-4146-921C-018A9AAD5B2E}\RP1246\A0205217.dll -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{78B518AB-0831-4146-921C-018A9AAD5B2E}\RP1255\A0210251.dll -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{78B518AB-0831-4146-921C-018A9AAD5B2E}\RP1257\A0212508.dll -> Adware.Softomate : Cleaned with backup (quarantined).
C:\Downloads\DeerHunter2005_Setup-dm[1].exe -> Adware.Trymedia : Cleaned with backup (quarantined).
C:\Program Files\Archive\archive.exe -> Downloader.Small.adv : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{78B518AB-0831-4146-921C-018A9AAD5B2E}\RP1257\A0212510.exe -> Trojan.MediaPipe.a : Cleaned with backup (quarantined).
C:\WINDOWS\system32\1024 -> Trojan.Small : Cleaned with backup (quarantined).
C:\WINDOWS\system32\1024\ld819C.tmp -> Trojan.Small : Cleaned with backup (quarantined).
C:\WINDOWS\system32\1024\ld8E7F.tmp -> Trojan.Small : Cleaned with backup (quarantined).
C:\WINDOWS\system32\1024\ldD87B.tmp -> Trojan.Small : Cleaned with backup (quarantined).
C:\WINDOWS\system32\1024\ldFA41.tmp -> Trojan.Small : Cleaned with backup (quarantined).
C:\My Downloads\007 spy software crack.zip/007 spy software crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\3ds max 7 crack.zip/3ds max 7 crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\3gp converter crack.zip/3gp converter crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\Abakus UIQ3 crack.zip/Abakus UIQ3 crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\Adobe Acrobat Pro crack.zip/Adobe Acrobat Pro crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\CamStudio crack.zip/CamStudio crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\Cash Cow crack.zip/Cash Cow crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\DVD Cloner IV crack.zip/DVD Cloner IV crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\EMPIRE EARTH 2 crack.zip/EMPIRE EARTH 2 crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\EasyBoot crack.zip/EasyBoot crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\FLASHFXP crack.zip/FLASHFXP crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\FinePrint crack.zip/FinePrint crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\Kaspersky Anti-Virus Personal Pro crack.zip/Kaspersky Anti-Virus Personal Pro crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\Macromedia Flash 8 crack.zip/Macromedia Flash 8 crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\Magic Photo Editor crack.zip/Magic Photo Editor crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\MagicLines crack.zip/MagicLines crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\MagicMatch crack.zip/MagicMatch crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\Mpeg crack.zip/Mpeg crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\Mystic Inn crack.zip/Mystic Inn crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\Outpost Firewall Pro crack.zip/Outpost Firewall Pro crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\Perpetual Disco Screen Saver crack.zip/Perpetual Disco Screen Saver crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\Pinball Arcade crack.zip/Pinball Arcade crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\Pinnacle Studio Plus Titanium Edition v10.6 crack.zip/Pinnacle Studio Plus Titanium Edition v10.6 crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\Poker Superstars crack.zip/Poker Superstars crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\Quick time crack.zip/Quick time crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\R-Studio crack.zip/R-Studio crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\Simply Calenders crack.zip/Simply Calenders crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\Sothink SWF Decompiler 3.4 build 60912 crack.zip/Sothink SWF Decompiler 3.4 build 60912 crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\System Mechanic 6.0u crack.zip/System Mechanic 6.0u crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\System Mechanic 7 Pro crack.zip/System Mechanic 7 Pro crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\Universal Shield crack.zip/Universal Shield crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\Video Edit Magic v4.21 crack.zip/Video Edit Magic v4.21 crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\VirusRescue crack.zip/VirusRescue crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\WIN ZIP crack.zip/WIN ZIP crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\acronis true image crack.zip/acronis true image crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\adult crack.zip/adult crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\agnitum crack.zip/agnitum crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\anyplace control 3.2 crack.zip/anyplace control 3.2 crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\autodesk inventor crack.zip/autodesk inventor crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\avira crack.zip/avira crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\betrapped crack.zip/betrapped crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\black crack.zip/black crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\boris crack.zip/boris crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\canopus crack.zip/canopus crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\cuteftp 8 crack.zip/cuteftp 8 crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\digitando crack.zip/digitando crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\diskkeeper crack.zip/diskkeeper crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\divx pro 5.2.1 crack.zip/divx pro 5.2.1 crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\dreamweaver 6 crack.zip/dreamweaver 6 crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\dvd-cloner crack.zip/dvd-cloner crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\eltima crack.zip/eltima crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\far cry crack.zip/far cry crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\garmin crack.zip/garmin crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\holiday lights crack.zip/holiday lights crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\ice clock 3d crack.zip/ice clock 3d crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\icoo crack.zip/icoo crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\illustrator crack.zip/illustrator crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\internet download manager 5.05 crack.zip/internet download manager 5.05 crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\intervideo windvr crack.zip/intervideo windvr crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\karu crack.zip/karu crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\keygen nero 7 crack.zip/keygen nero 7 crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\luxor amun rising crack.zip/luxor amun rising crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\magic dvd crack.zip/magic dvd crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\magix music maker crack.zip/magix music maker crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\mahjong quest crack.zip/mahjong quest crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\mathcad crack.zip/mathcad crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\media center crack.zip/media center crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\memoriesontv crack.zip/memoriesontv crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\milkshape crack.zip/milkshape crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\ms office 2007 crack.zip/ms office 2007 crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\mystery crack.zip/mystery crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\n-track studio v5.0.2 crack.zip/n-track studio v5.0.2 crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\nero 6 crack.zip/nero 6 crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\nero 7 ultra crack.zip/nero 7 ultra crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\office 2003 small business crack.zip/office 2003 small business crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\operation flashpoint crack.zip/operation flashpoint crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\partition manager crack.zip/partition manager crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\pc cillin crack.zip/pc cillin crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\pc-cillin 2007 crack.zip/pc-cillin 2007 crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\power DVD 7.0 crack.zip/power DVD 7.0 crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\privacy guardian crack.zip/privacy guardian crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\pro crack.zip/pro crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\real player crack.zip/real player crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\red alert crack.zip/red alert crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\route 66 crack.zip/route 66 crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\setup factory crack.zip/setup factory crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\simcity 3000 crack.zip/simcity 3000 crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\sims 2 pets crack.zip/sims 2 pets crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\spin it again crack.zip/spin it again crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\super ad blocker crack.zip/super ad blocker crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\swf decompiler crack.zip/swf decompiler crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\switch crack.zip/switch crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\switch v 1.11 crack.zip/switch v 1.11 crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\system mechanic 7 professional crack.zip/system mechanic 7 professional crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\toast crack.zip/toast crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\tuneup utilities2006 crack.zip/tuneup utilities2006 crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\uninstall tool crack.zip/uninstall tool crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\viewletcam crack.zip/viewletcam crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\winrar 361 crack.zip/winrar 361 crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\wm recorder 11 crack.zip/wm recorder 11 crack.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
C:\My Downloads\007 spy software crack.zip/007 spy software crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\3ds max 7 crack.zip/3ds max 7 crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\3gp converter crack.zip/3gp converter crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\Abakus UIQ3 crack.zip/Abakus UIQ3 crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\Adobe Acrobat Pro crack.zip/Adobe Acrobat Pro crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\CamStudio crack.zip/CamStudio crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\Cash Cow crack.zip/Cash Cow crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\DVD Cloner IV crack.zip/DVD Cloner IV crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\EMPIRE EARTH 2 crack.zip/EMPIRE EARTH 2 crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\EasyBoot crack.zip/EasyBoot crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\FLASHFXP crack.zip/FLASHFXP crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\FinePrint crack.zip/FinePrint crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\Kaspersky Anti-Virus Personal Pro crack.zip/Kaspersky Anti-Virus Personal Pro crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\Macromedia Flash 8 crack.zip/Macromedia Flash 8 crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\Magic Photo Editor crack.zip/Magic Photo Editor crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\MagicLines crack.zip/MagicLines crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\MagicMatch crack.zip/MagicMatch crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\Mpeg crack.zip/Mpeg crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\Mystic Inn crack.zip/Mystic Inn crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\Outpost Firewall Pro crack.zip/Outpost Firewall Pro crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\Perpetual Disco Screen Saver crack.zip/Perpetual Disco Screen Saver crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\Pinball Arcade crack.zip/Pinball Arcade crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\Pinnacle Studio Plus Titanium Edition v10.6 crack.zip/Pinnacle Studio Plus Titanium Edition v10.6 crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\Poker Superstars crack.zip/Poker Superstars crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\Quick time crack.zip/Quick time crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\R-Studio crack.zip/R-Studio crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\Simply Calenders crack.zip/Simply Calenders crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\Sothink SWF Decompiler 3.4 build 60912 crack.zip/Sothink SWF Decompiler 3.4 build 60912 crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\System Mechanic 6.0u crack.zip/System Mechanic 6.0u crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\System Mechanic 7 Pro crack.zip/System Mechanic 7 Pro crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\Universal Shield crack.zip/Universal Shield crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\Video Edit Magic v4.21 crack.zip/Video Edit Magic v4.21 crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\VirusRescue crack.zip/VirusRescue crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\WIN ZIP crack.zip/WIN ZIP crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\acronis true image crack.zip/acronis true image crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\adult crack.zip/adult crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\agnitum crack.zip/agnitum crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\anyplace control 3.2 crack.zip/anyplace control 3.2 crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\autodesk inventor crack.zip/autodesk inventor crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\avira crack.zip/avira crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\betrapped crack.zip/betrapped crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\black crack.zip/black crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\boris crack.zip/boris crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\canopus crack.zip/canopus crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\cuteftp 8 crack.zip/cuteftp 8 crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\digitando crack.zip/digitando crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\diskkeeper crack.zip/diskkeeper crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\divx pro 5.2.1 crack.zip/divx pro 5.2.1 crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\dreamweaver 6 crack.zip/dreamweaver 6 crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\dvd-cloner crack.zip/dvd-cloner crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\eltima crack.zip/eltima crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\far cry crack.zip/far cry crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\garmin crack.zip/garmin crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\holiday lights crack.zip/holiday lights crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\ice clock 3d crack.zip/ice clock 3d crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\icoo crack.zip/icoo crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\illustrator crack.zip/illustrator crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\internet download manager 5.05 crack.zip/internet download manager 5.05 crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\intervideo windvr crack.zip/intervideo windvr crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\karu crack.zip/karu crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\keygen nero 7 crack.zip/keygen nero 7 crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\luxor amun rising crack.zip/luxor amun rising crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\magic dvd crack.zip/magic dvd crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\magix music maker crack.zip/magix music maker crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\mahjong quest crack.zip/mahjong quest crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\mathcad crack.zip/mathcad crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\media center crack.zip/media center crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\memoriesontv crack.zip/memoriesontv crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\milkshape crack.zip/milkshape crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\ms office 2007 crack.zip/ms office 2007 crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\mystery crack.zip/mystery crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\n-track studio v5.0.2 crack.zip/n-track studio v5.0.2 crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\nero 6 crack.zip/nero 6 crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\nero 7 ultra crack.zip/nero 7 ultra crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\office 2003 small business crack.zip/office 2003 small business crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\operation flashpoint crack.zip/operation flashpoint crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\partition manager crack.zip/partition manager crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\pc cillin crack.zip/pc cillin crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\pc-cillin 2007 crack.zip/pc-cillin 2007 crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\power DVD 7.0 crack.zip/power DVD 7.0 crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\privacy guardian crack.zip/privacy guardian crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\pro crack.zip/pro crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\real player crack.zip/real player crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\red alert crack.zip/red alert crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\route 66 crack.zip/route 66 crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\setup factory crack.zip/setup factory crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\simcity 3000 crack.zip/simcity 3000 crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\sims 2 pets crack.zip/sims 2 pets crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\spin it again crack.zip/spin it again crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\super ad blocker crack.zip/super ad blocker crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\swf decompiler crack.zip/swf decompiler crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\switch crack.zip/switch crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\switch v 1.11 crack.zip/switch v 1.11 crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\system mechanic 7 professional crack.zip/system mechanic 7 professional crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\toast crack.zip/toast crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\tuneup utilities2006 crack.zip/tuneup utilities2006 crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\uninstall tool crack.zip/uninstall tool crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\viewletcam crack.zip/viewletcam crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\winrar 361 crack.zip/winrar 361 crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).
C:\My Downloads\wm recorder 11 crack.zip/wm recorder 11 crack.exe/run.exe -> Worm.VB.njc : Cleaned with backup (quarantined).


::Report end

Volume in drive C has no label.
Volume Serial Number is E4B9-42B6

Directory of C:\Documents and Settings\All Users\Application Data

01/21/2007 10:31 PM <DIR> Adobe
01/21/2007 10:32 PM <DIR> Ahead
01/25/2006 11:34 PM <DIR> AOL Downloads
02/20/2007 03:03 PM <DIR> Apple Computer
12/15/2004 05:33 PM 3 DirectCDUserName.txt
11/26/2004 08:43 PM <DIR> Kazaa
11/05/2005 12:39 AM <DIR> Kodak
11/07/2006 10:24 AM <DIR> MSN6
11/01/2005 09:12 PM <DIR> QuickTime
07/11/2006 12:19 AM <DIR> Symantec
11/15/2006 09:30 AM <DIR> Trymedia
02/21/2007 07:05 PM <DIR> Viewpoint
08/13/2005 07:50 AM <DIR> Windows Genuine Advantage
1 File(s) 3 bytes
12 Dir(s) 13,659,770,880 bytes free
Volume in drive C has no label.
Volume Serial Number is E4B9-42B6

Directory of C:\Documents and Settings\bob\Application Data

01/25/2006 11:36 PM <DIR> acccore
07/19/2006 09:04 PM <DIR> Adobe
01/18/2007 12:28 PM <DIR> AdobeUM
01/22/2007 11:39 PM <DIR> Ahead
01/21/2007 10:31 PM <DIR> Aim
02/12/2007 09:58 AM <DIR> Apple Computer
03/08/2006 08:52 AM <DIR> DownloadManager
03/13/2006 09:20 PM <DIR> Google
02/22/2004 06:47 AM <DIR> Help
01/29/2004 11:25 PM <DIR> Identities
11/26/2004 08:34 PM <DIR> Kazaa Lite
11/27/2004 03:18 PM <DIR> Kontiki
11/01/2004 09:13 PM <DIR> Lavasoft
11/20/2004 05:12 PM <DIR> Leadertech
03/12/2006 11:31 AM <DIR> Macromedia
11/07/2006 10:26 AM <DIR> MSN6
03/15/2005 06:23 PM 0 OfficePool 2005 Prefs
02/14/2004 07:01 AM <DIR> Real
11/17/2005 01:30 AM <DIR> Simple Star
12/31/2006 11:46 AM <DIR> Sun
02/14/2004 07:05 AM <DIR> Symantec
02/01/2004 11:59 PM <DIR> Template
10/27/2006 08:19 AM <DIR> Trend Micro
07/07/2004 05:00 PM <DIR> uoau
03/10/2006 10:46 PM <DIR> Walgreens
07/11/2006 12:53 AM <DIR> Yahoo!
07/22/2004 04:43 PM <DIR> Yahoo! Messenger
1 File(s) 0 bytes
26 Dir(s) 13,659,770,880 bytes free
Volume in drive C has no label.
Volume Serial Number is E4B9-42B6

Directory of C:\Documents and Settings\Guest\Application Data

03/04/2004 03:50 PM <DIR> Aim
01/29/2004 11:25 PM <DIR> Identities
02/04/2004 10:39 PM <DIR> Macromedia
02/19/2004 10:17 PM <DIR> Real
02/03/2004 10:25 PM <DIR> Template
0 File(s) 0 bytes
5 Dir(s) 13,659,770,880 bytes free
Volume in drive C has no label.
Volume Serial Number is E4B9-42B6

Directory of C:\Documents and Settings\Owner\Application Data

01/29/2004 11:25 PM <DIR> Identities
0 File(s) 0 bytes
1 Dir(s) 13,659,770,880 bytes free
Volume in drive C has no label.
Volume Serial Number is E4B9-42B6

Directory of C:\Documents and Settings\Default User\Application Data

01/29/2004 11:25 PM <DIR> .
01/29/2004 11:25 PM <DIR> ..
01/29/2004 03:11 PM 62 desktop.ini
1 File(s) 62 bytes
2 Dir(s) 13,659,770,880 bytes free
Volume in drive C has no label.
Volume Serial Number is E4B9-42B6

Directory of C:\Documents and Settings\LocalService\Application Data

Volume in drive C has no label.
Volume Serial Number is E4B9-42B6

Directory of C:\Documents and Settings\NetworkService\Application Data

[TRACE] Enumerating jobs and queues
[TRACE] Activating job 'AppleSoftwareUpdate.job'
[TRACE] Printing all job properties

ApplicationName: 'C:\Program Files\Apple Software Update\SoftwareUpdate.exe'
Parameters: '-Task'
WorkingDirectory: ''
Comment: ''
Creator: 'SYSTEM'
Priority: NORMAL
MaxRunTime: 259200000 (3d 0:00:00)
IdleWait: 10
IdleDeadline: 60
MostRecentRun: 00/00/0000 0:00:00
NextRun: 03/06/2007 22:26:00
StartError: SCHED_E_ACCOUNT_INFORMATION_NOT_SET
ExitCode: 0
Status: SCHED_S_TASK_HAS_NOT_RUN
ScheduledWorkItem Flags:
DeleteWhenDone = 0
Suspend = 0
StartOnlyIfIdle = 0
KillOnIdleEnd = 0
RestartOnIdleResume = 0
DontStartIfOnBatteries = 0
KillIfGoingOnBatteries = 0
RunOnlyIfLoggedOn = 0
SystemRequired = 0
Hidden = 0
TaskFlags: 0

1 Trigger

Trigger 0:
Type: Weekly
WeeksInterval: 1
DaysOfTheWeek: ..T....
StartDate: 01/18/2007
EndDate: 00/00/0000
StartTime: 22:26
MinutesDuration: 0
MinutesInterval: 0
Flags:
HasEndDate = 0
KillAtDuration = 0
Disabled = 0


[TRACE] Activating job 'MP Scheduled Scan.job'
[TRACE] Printing all job properties

ApplicationName: 'C:\Program Files\Windows Defender\MpCmdRun.exe'
Parameters: 'Scan -RestrictPrivileges'
WorkingDirectory: ''
Comment: 'Scheduled Scan'
Creator: 'SYSTEM'
Priority: NORMAL
MaxRunTime: 259200000 (3d 0:00:00)
IdleWait: 10
IdleDeadline: 60
MostRecentRun: 00/00/0000 0:00:00
NextRun: 03/01/2007 2:11:00
StartError: SCHED_S_TASK_HAS_NOT_RUN
ExitCode: 0
Status: SCHED_S_TASK_HAS_NOT_RUN
ScheduledWorkItem Flags:
DeleteWhenDone = 0
Suspend = 0
StartOnlyIfIdle = 0
KillOnIdleEnd = 0
RestartOnIdleResume = 0
DontStartIfOnBatteries = 1
KillIfGoingOnBatteries = 0
RunOnlyIfLoggedOn = 0
SystemRequired = 0
Hidden = 1
TaskFlags: 0

1 Trigger

Trigger 0:
Type: Daily
DaysInterval: 1
StartDate: 02/28/2007
EndDate: 00/00/0000
StartTime: 02:11
MinutesDuration: 0
MinutesInterval: 0
Flags:
HasEndDate = 0
KillAtDuration = 0
Disabled = 0


[TRACE] Activating job 'Registration reminder 1.job'
[TRACE] Printing all job properties

ApplicationName: 'C:\WINDOWS\System32\OOBE\oobebaln.exe'
Parameters: '/sys /r /n:1'
WorkingDirectory: ''
Comment: ''
Creator: 'SYSTEM'
Priority: NORMAL
MaxRunTime: 259200000 (3d 0:00:00)
IdleWait: 10
IdleDeadline: 60
MostRecentRun: 02/03/2004 23:50:00
NextRun: 00/00/0000 0:00:00
StartError: S_OK
ExitCode: 0x80
Status: SCHED_S_TASK_READY
ScheduledWorkItem Flags:
DeleteWhenDone = 0
Suspend = 0
StartOnlyIfIdle = 0
KillOnIdleEnd = 0
RestartOnIdleResume = 0
DontStartIfOnBatteries = 0
KillIfGoingOnBatteries = 0
RunOnlyIfLoggedOn = 0
SystemRequired = 0
Hidden = 0
TaskFlags: 0

1 Trigger

Trigger 0:
Type: Once
StartDate: 02/03/2004
EndDate: 00/00/0000
StartTime: 00:05
MinutesDuration: 1440
MinutesInterval: 15
Flags:
HasEndDate = 0
KillAtDuration = 0
Disabled = 0


[TRACE] Activating job 'Registration reminder 2.job'
[TRACE] Printing all job properties

ApplicationName: 'C:\WINDOWS\System32\OOBE\oobebaln.exe'
Parameters: '/sys /r /n:2'
WorkingDirectory: ''
Comment: ''
Creator: 'SYSTEM'
Priority: NORMAL
MaxRunTime: 259200000 (3d 0:00:00)
IdleWait: 10
IdleDeadline: 60
MostRecentRun: 02/08/2004 23:50:00
NextRun: 00/00/0000 0:00:00
StartError: S_OK
ExitCode: 0x80
Status: SCHED_S_TASK_READY
ScheduledWorkItem Flags:
DeleteWhenDone = 0
Suspend = 0
StartOnlyIfIdle = 0
KillOnIdleEnd = 0
RestartOnIdleResume = 0
DontStartIfOnBatteries = 0
KillIfGoingOnBatteries = 0
RunOnlyIfLoggedOn = 0
SystemRequired = 0
Hidden = 0
TaskFlags: 0

1 Trigger

Trigger 0:
Type: Once
StartDate: 02/08/2004
EndDate: 00/00/0000
StartTime: 00:05
MinutesDuration: 1440
MinutesInterval: 15
Flags:
HasEndDate = 0
KillAtDuration = 0
Disabled = 0


[TRACE] Activating job 'Registration reminder 3.job'
[TRACE] Printing all job properties

ApplicationName: 'C:\WINDOWS\System32\OOBE\oobebaln.exe'
Parameters: '/sys /r /n:3'
WorkingDirectory: ''
Comment: ''
Creator: 'SYSTEM'
Priority: NORMAL
MaxRunTime: 259200000 (3d 0:00:00)
IdleWait: 10
IdleDeadline: 60
MostRecentRun: 02/13/2004 23:50:00
NextRun: 00/00/0000 0:00:00
StartError: S_OK
ExitCode: 0x80
Status: SCHED_S_TASK_READY
ScheduledWorkItem Flags:
DeleteWhenDone = 0
Suspend = 0
StartOnlyIfIdle = 0
KillOnIdleEnd = 0
RestartOnIdleResume = 0
DontStartIfOnBatteries = 0
KillIfGoingOnBatteries = 0
RunOnlyIfLoggedOn = 0
SystemRequired = 0
Hidden = 0
TaskFlags: 0

1 Trigger

Trigger 0:
Type: Once
StartDate: 02/13/2004
EndDate: 00/00/0000
StartTime: 00:05
MinutesDuration: 1440
MinutesInterval: 15
Flags:
HasEndDate = 0
KillAtDuration = 0
Disabled = 0

=================


Incident Status Location

Spyware:spyware/betterinet Not disinfected c:\windows\system32\in10b6s.dll
Adware:adware/videoc Not disinfected c:\windows\videoc.ocx
Potentially unwanted tool:application/funweb Not disinfected hkey_current_user\software\Fun Web Products
Adware:adware/neededware Not disinfected Windows Registry
Potentially unwanted tool:application/mywebsearch Not disinfected HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
Spyware:Cookie/AdDynamix Not disinfected C:\Documents and Settings\bob\Cookies\bob@ads.addynamix[1].txt
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\bob\Cookies\bob@ads.pointroll[2].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\bob\Cookies\bob@atdmt[2].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\bob\Cookies\bob@doubleclick[2].txt
Adware:Adware/EliteBar Not disinfected C:\WINDOWS\blocklist.reg
Spyware:Cookie/Go Not disinfected C:\WINDOWS\system32\config\systemprofile\Cookies\owner@go[1].txt



=================

ComboScan v20070221.16 run by bob on 2007-02-28 at 22:31:25
Computer is in Normal Mode.
--------------------------------------------------------------------------------



-- HijackThis (run as bob.exe) --------------------------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 10:31:31 PM, on 2/28/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\$sys$filesystem\$sys$DRMServer.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\CDProxyServ.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Compaq\Easy Access Button Support\StartEAK.exe
C:\Program Files\Compaq\Easy Access Button Support\CPQEADM.EXE
C:\COMPAQ\CPQINET\CPQInet.exe
C:\PROGRA~1\Compaq\EASYAC~1\BttnServ.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Yahoo!\Messenger\ypager.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Documents and Settings\bob\Desktop\comboscan.exe
C:\Documents and Settings\bob\Desktop\Honer's Hall of Shame\bob.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [WCOLOREAL] "C:\Program Files\COMPAQ\Coloreal\coloreal.exe"
O4 - HKLM\..\Run: [CPQEASYACC] C:\Program Files\Compaq\Easy Access Button Support\StartEAK.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKLM\..\Run: [srmclean] C:\Cpqs\Scom\srmclean.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Zone Labs Client] C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKCU\..\Run: [DW4] "C:\Program Files\The Weather Channel FW\Desktop Weather\DesktopWeather.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
O4 - HKCU\..\Run: [Dvd Dash] C:\DOCUME~1\bob\APPLIC~1\SUPPOR~1\drvwarnhide.exe
O4 - Startup: Intellicast.lnk = C:\Program Files\Intellicast\Intellicast.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\All Users\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk
O9 - Extra 'Tools' menuitem: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\All Users\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Support - {36263222-2F65-421C-BDEB-782EEEF11C2C} - C:\Program Files\Internet Explorer\SIGNUP\Presario.htm (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.insightbb.com
O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com.../c381/chat.cab
O16 - DPF: Yahoo! Euchre - http://download.games.yahoo.com/game...ts/y/et1_x.cab
O16 - DPF: Yahoo! MahJong Solitaire - http://download.games.yahoo.com/game.../y/mjst3_x.cab
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/game...s/y/pote_x.cab
O16 - DPF: Yahoo! Reversi - http://download.games.yahoo.com/game...ts/y/rt0_x.cab
O16 - DPF: {01CA75F1-054B-4A63-9221-C6926369EC52} (HS_live Control) - http://install.homestead.com/~site/I...ve/HS_live.cab
O16 - DPF: {02A2D714-433E-46E4-B217-7C3B3FAF8EAE} (ScrabbleCubes Control) - http://www.worldwinner.com/games/v44...abblecubes.cab
O16 - DPF: {2359626E-7524-4F87-B04E-22CD38A0C88C} - http://download.zonelabs.com/bin/free/cm/ICSCM.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/S...in/AvSniff.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/ca...C_1_0_0_44.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by3fd.bay3.hotmail.msn.com/re...s/MsnPUpld.cab
O16 - DPF: {5AA5A569-F96F-4628-A528-8B3698F558BB} (HS_live Control) - http://install.homestead.com/~site/I...ve/HS_live.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} - http://upload.facebook.com/controls/...toUploader.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} - http://launch.gamespyarcade.com/soft...ch/alaunch.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O16 - DPF: {B1826A9F-4AA0-4510-BA77-9013E74E4B9B} - http://www.trendmicro.com/spyware-scan/as4web.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/.../installer.exe
O16 - DPF: {FE5D6722-826F-11D5-A24E-0060B0F1A5AE} (Tukati Launcher) - http://www.tukati.com/software/4/1.7.20.20/tukati.cab
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Plug and Play Device Manager ($sys$DRMServer) - First 4 Internet Ltd - C:\WINDOWS\system32\$sys$filesystem\$sys$DRMServer.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: XCP CD Proxy (CD_Proxy) - Unknown owner - C:\WINDOWS\CDProxyServ.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Email AntiVirus (Email AV) - Unknown owner - C:\WINDOWS\email-av.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Roxio Inc. - C:\WINDOWS\system32\ImapiRox.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Service Cvasvr (Service Cvas) - Unknown owner - C:\WINDOWS\csvas.exe (file missing)
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe


-- Files created between 2007-01-28 and 2007-02-28 ------------------------------

2007-02-28 06:31:08 0 d-------- C:\WINDOWS\system32\ActiveScan<ACTIVE~1>
2007-02-28 06:31:03 0 d-------- C:\WINDOWS\LastGood
2007-02-28 06:19:01 0 d-------- C:\640b4ee8a92ba8d5b31bc18db9<640B4E~1>
2007-02-28 06:08:16 0 d-------- C:\bintheredunthat<BINTHE~1>
2007-02-27 20:27:09 0 d-------- C:\bfu
2007-02-27 20:09:00 3968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-02-27 20:08:53 0 d-------- C:\Program Files\Grisoft
2007-02-26 15:51:19 0 d-------- C:\Program Files\Common Files\EasyInfo
2007-02-26 06:54:42 0 d-------- C:\NoLopBackups<NOLOPB~1>
2007-02-21 1055 28672 --a------ C:\WINDOWS\system32\drivers\CO_Mon.sys
2007-02-16 12:01:42 438272 --a------ C:\WINDOWS\system32\vp6vfw.dll
2007-02-16 12:01:41 118832 --a------ C:\WINDOWS\system32\SHW32.DLL
2007-02-16 11:42:55 0 d-------- C:\Program Files\EA SPORTS<EASPOR~1>
2007-01-29 02:58:06 60416 -----n--- C:\WINDOWS\system32\tzchange.exe


-- Find3M Report ----------------------------------------------------------------

2007-02-28 20:58:48 0 d-------- C:\Program Files\Windows Defender<WIFD1F~1>
2007-02-28 20:58:34 0 d-------- C:\Program Files\Symantec AntiVirus<SYMANT~1>
2007-02-28 20:44:11 0 d-------- C:\Program Files\Common Files\Symantec Shared<SYMANT~1>
2007-02-28 06:00:52 0 d-------- C:\Program Files\Archive
2007-02-27 20:43:30 0 d-------- C:\Program Files\Java
2007-02-26 15:39:06 0 d-------- C:\Program Files\Google
2007-02-20 15:43:32 0 d-------- C:\Program Files\Virtools Web Player 3.5<VIRTOO~1.5>
2007-02-20 15:43:10 0 d--h----- C:\Program Files\InstallShield Installation Information<INSTAL~1>
2007-02-20 15:04:06 0 d-------- C:\Program Files\QuickTime<QUICKT~1>
2007-02-20 01:49:45 0 d---s---- C:\Documents and Settings\bob\Application Data\Microsoft<MICROS~1>
2007-02-15 07:22:16 0 d-------- C:\Program Files\Absolute Poker<ABSOLU~1>
2007-02-12 09:58:18 0 d-------- C:\Documents and Settings\bob\Application Data\Apple Computer<APPLEC~1>
2007-02-03 02:00:24 0 --a------ C:\tdd.exe
2007-01-23 09:42:04 0 d-------- C:\Program Files\Ahead
2007-01-22 23:39:43 0 d-------- C:\Documents and Settings\bob\Application Data\Ahead
2007-01-22 22:12:55 0 d-------- C:\Program Files\CCleaner
2007-01-21 22:32:32 0 d-------- C:\Program Files\Common Files\Adobe
2007-01-21 22:31:46 0 d-------- C:\Program Files\AIM
2007-01-21 22:31:46 0 d-------- C:\Documents and Settings\bob\Application Data\Aim
2007-01-18 12:28:15 0 d-------- C:\Documents and Settings\bob\Application Data\AdobeUM
2007-01-18 09:28:07 0 d-------- C:\Program Files\Apple Software Update<APPLES~1>
2007-01-12 09:27:42 822784 --a------ C:\WINDOWS\system32\wininet(2)(2).dll<WININE~1.DLL>
2007-01-12 09:27:42 232960 --a------ C:\WINDOWS\system32\webcheck.dll
2007-01-12 09:27:42 1149952 --a------ C:\WINDOWS\system32\urlmon(2)(2).dll<URLMON~1.DLL>
2007-01-12 09:27:42 51712 -----n--- C:\WINDOWS\system32\msfeedsbs.dll<MSFEED~1.DLL>
2007-01-12 09:27:42 458752 --a------ C:\WINDOWS\system32\msfeeds.dll
2007-01-12 09:27:42 6054400 --a------ C:\WINDOWS\system32\ieframe.dll
2007-01-08 19:04:54 105984 --a------ C:\WINDOWS\system32\url.dll
2007-01-08 19:04:54 105984 --a------ C:\WINDOWS\system32\url(2)(2).dll<URL(2)~1.DLL>
2007-01-08 19:04:08 102400 --a------ C:\WINDOWS\system32\occache.dll
2007-01-08 19:02:04 266752 --a------ C:\WINDOWS\system32\iertutil.dll
2007-01-08 19:02:04 266752 --a------ C:\WINDOWS\system32\iertutil(2)(2).dll<IERTUT~1.DLL>
2007-01-08 19:02:04 44544 --a------ C:\WINDOWS\system32\iernonce.dll
2007-01-08 19:02:02 384000 --a------ C:\WINDOWS\system32\iedkcs32.dll
2007-01-08 19:02:02 383488 --a------ C:\WINDOWS\system32\ieapfltr.dll
2007-01-08 19:02:02 161792 --a------ C:\WINDOWS\system32\ieakui.dll
2007-01-08 19:02:02 230400 --a------ C:\WINDOWS\system32\ieaksie.dll
2007-01-08 19:02:02 153088 --a------ C:\WINDOWS\system32\ieakeng.dll
2007-01-08 19:01:14 17408 --a------ C:\WINDOWS\system32\corpol.dll
2007-01-08 19:00:48 124928 --a------ C:\WINDOWS\system32\advpack.dll
2007-01-08 18:08:14 56832 --a------ C:\WINDOWS\system32\ie4uinit.exe
2007-01-08 18:08:10 13824 --a------ C:\WINDOWS\system32\ieudinit.exe
2006-12-31 11:46:07 0 d-------- C:\Documents and Settings\bob\Application Data\Sun
2006-12-31 08:45:57 0 d-------- C:\Program Files\Windows Media Connect 2<WI4DF6~1>
2006-12-31 08:42:49 0 d-------- C:\Program Files\Windows Media Connect<WINDOW~4>
2006-12-30 23:14:42 0 d-------- C:\Program Files\Kazaa Lite Resurrection<KAZAAL~1>
2006-12-19 15:52:18 134656 --a------ C:\WINDOWS\system32\shsvcs.dll
2006-12-19 15:52:18 134656 --a------ C:\WINDOWS\system32\shsvcs(2)(2).dll<SHSVCS~1.DLL>
2006-12-19 15:52:18 8453632 --a------ C:\WINDOWS\system32\shell32(2)(2).dll<SHELL3~1.DLL>
2006-12-19 12:16:47 333824 --a------ C:\WINDOWS\system32\wiaservc.dll


-- Registry Dump ----------------------------------------------------------------


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"DW4"="\"C:\\Program Files\\The Weather Channel FW\\Desktop Weather\\DesktopWeather.exe\""
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"WMPNSCFG"="C:\\Program Files\\Windows Media Player\\WMPNSCFG.exe"
"Yahoo! Pager"="\"C:\\Program Files\\Yahoo!\\Messenger\\ypager.exe\" -quiet"
"Dvd Dash"="C:\\DOCUME~1\\bob\\APPLIC~1\\SUPPOR~1\\drvwarnhide.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"WCOLOREAL"="\"C:\\Program Files\\COMPAQ\\Coloreal\\coloreal.exe\""
"CPQEASYACC"="C:\\Program Files\\Compaq\\Easy Access Button Support\\StartEAK.exe"
"Microsoft Works Portfolio"="C:\\Program Files\\Microsoft Works\\WksSb.exe /AllUsers"
"Microsoft Works Update Detection"="C:\\Program Files\\Microsoft Works\\WkDetect.exe"
"srmclean"="C:\\Cpqs\\Scom\\srmclean.exe"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\System32\\NvCpl.dll,NvStartup"
"nwiz"="nwiz.exe /install"
"Zone Labs Client"="C:\\PROGRA~1\\ZONELA~1\\ZONEAL~1\\zlclient.exe"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"ccApp"="\"C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\""
"vptray"="C:\\PROGRA~1\\SYMANT~1\\VPTray.exe"
"KernelFaultCheck"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,73,79,73,74,\
65,6d,33,32,5c,64,75,6d,70,72,65,70,20,30,20,2d,6b,00
"Windows Defender"="\"C:\\Program Files\\Windows Defender\\MSASCui.exe\" -hide"
"NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_11\\bin\\jusched.exe\""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonceex]
@=""


[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"="Microsoft AntiMalware ShellExecuteHook"
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=dword:00000000

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"SpecifyDefaultButtons"=dword:00000000
"Btn_Search"=dword:00000000

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0



-- End of ComboScan: finished at 2007-02-28 at 22:32:04 -------------------------
Attached Files
File Type: txt Report-Scan-20070228-060103.txt (52.9 KB, 1 views)
File Type: txt findlop.txt (10.2 KB, 1 views)
File Type: txt ComboScan.txt (22.1 KB, 1 views)
File Type: txt Activescan.txt (4.3 KB, 1 views)
Last edited by tetonbob; 02-28-2007 at 10:09 PM.
honer's is offline