Thread: random pop ups tried spybot and kaspersky still get pop ups
View Single Post
Old 03-04-2007, 04:12 PM   #21 (permalink)
MyDingo21
Registered User
 
MyDingo21's Avatar
 
Join Date: Jan 2006
Location: Chi- city
Posts: 91
OS: XP pro sp2


Results
ok here's the kaspersky scan log:



-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Sunday, March 04, 2007 5:07:08 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 4/03/2007
Kaspersky Anti-Virus database records: 275813
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\
E:\

Scan Statistics:
Total number of scanned objects: 44057
Number of viruses found: 1
Number of infected objects: 6 / 0
Number of suspicious objects: 0
Duration of the scan process: 01:14:27

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\Admin\Application Data\SlySoft\AnyDVD\AnyDVD.chk Object is locked skipped
C:\Documents and Settings\Admin\Application Data\Webroot\Spy Sweeper\Logs\070304125854.ses Object is locked skipped
C:\Documents and Settings\Admin\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Temp\BCGB.tmp Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Temp\~DFC6FE.tmp Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Admin\ntuser.dat Object is locked skipped
C:\Documents and Settings\Admin\NTUSER.DAT.LOG Object is locked skipped
C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Anti-Virus Personal\5.0\Backup\BackupMng.i0000 Object is locked skipped
C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Anti-Virus Personal\5.0\Backup\BackupMng.i0001 Object is locked skipped
C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Anti-Virus Personal\5.0\Backup\BackupMng.i0100 Object is locked skipped
C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Anti-Virus Personal\5.0\Backup\BackupMng.i0101 Object is locked skipped
C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Anti-Virus Personal\5.0\Backup\BackupMng.i0200 Object is locked skipped
C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Anti-Virus Personal\5.0\Backup\BackupMng.i0201 Object is locked skipped
C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Anti-Virus Personal\5.0\Backup\BackupMng.i0300 Object is locked skipped
C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Anti-Virus Personal\5.0\Backup\BackupMng.i0301 Object is locked skipped
C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Anti-Virus Personal\5.0\Backup\BackupMng.reph Object is locked skipped
C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Anti-Virus Personal\5.0\Backup\BackupMng.repi Object is locked skipped
C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Anti-Virus Personal\5.0\Backup\BackupMng.rept Object is locked skipped
C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Anti-Virus Personal\5.0\Quarantine\QMng.i0000 Object is locked skipped
C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Anti-Virus Personal\5.0\Quarantine\QMng.i0001 Object is locked skipped
C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Anti-Virus Personal\5.0\Quarantine\QMng.i0100 Object is locked skipped
C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Anti-Virus Personal\5.0\Quarantine\QMng.i0101 Object is locked skipped
C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Anti-Virus Personal\5.0\Quarantine\QMng.i0200 Object is locked skipped
C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Anti-Virus Personal\5.0\Quarantine\QMng.i0201 Object is locked skipped
C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Anti-Virus Personal\5.0\Quarantine\QMng.i0300 Object is locked skipped
C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Anti-Virus Personal\5.0\Quarantine\QMng.i0301 Object is locked skipped
C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Anti-Virus Personal\5.0\Quarantine\QMng.reph Object is locked skipped
C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Anti-Virus Personal\5.0\Quarantine\QMng.repi Object is locked skipped
C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Anti-Virus Personal\5.0\Quarantine\QMng.rept Object is locked skipped
C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Anti-Virus Personal\5.0\Reports\RptMng.i0000 Object is locked skipped
C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Anti-Virus Personal\5.0\Reports\RptMng.i0001 Object is locked skipped
C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Anti-Virus Personal\5.0\Reports\RptMng.i0100 Object is locked skipped
C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Anti-Virus Personal\5.0\Reports\RptMng.i0101 Object is locked skipped
C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Anti-Virus Personal\5.0\Reports\RptMng.i0200 Object is locked skipped
C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Anti-Virus Personal\5.0\Reports\RptMng.i0201 Object is locked skipped
C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Anti-Virus Personal\5.0\Reports\RptMng.reph Object is locked skipped
C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Anti-Virus Personal\5.0\Reports\RptMng.repi Object is locked skipped
C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Anti-Virus Personal\5.0\Reports\RptMng.rept Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Data\settings.dat Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCS000F35D8-EB13-412E-AD90-AF07165D23B3.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCS002AD893-E43E-4FD6-9EFE-BB4FDC23E457.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCS0080D16D-1F45-486A-8CF8-60D7B65CD35F.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCS01CDFAB4-AA55-4F6C-8906-5B319AC1D0CB.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCS05C9D2CE-D905-4EC5-BA77-6989C178C400.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCS083B574E-8D1E-413F-BE8A-FF3ADD200D24.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCS0D986863-06A4-4567-8F99-747AF15FB8DE.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCS0E4BCBD0-A8EB-4EE9-91A2-6C88730659F0.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCS10DC97F8-41D4-4697-9957-8EE7F7D52F31.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCS15FA6124-EEC8-4337-8B94-A1D876E2EC9C.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCS201EC072-3F3D-4D3F-811B-ACFD2B926581.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCS2488C41F-3F21-4C2F-8F52-BE936202368C.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCS28FCE2BA-B22A-4138-AB15-7A40D458561C.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCS2AB225EF-FACD-42CE-8A83-09317DD63575.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCS2D323687-700A-49F6-99AF-876BB696954D.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCS33C4AF34-AB27-4F9D-AECA-C7EB4652445B.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCS373F8316-8C8A-47D7-AB51-2F33C93B74CF.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCS37A8B58E-CF45-4F4D-9EF5-4C81BBD60672.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCS39B309F7-E57C-42C3-8691-091081526E79.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCS3EE2726F-FCAB-4D76-9F4A-F4E31365E3DA.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCS4414AEE0-5556-47CC-A28A-787EC9D27CEA.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCS4555E565-D43B-4991-88FC-280A80ED2B44.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCS473A8270-0633-4B57-A3A1-727C882D6AFA.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCS47A855A5-DBE5-4D0A-82CC-07AE30660910.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCS4ACEA231-C426-4A7D-A3BD-6BFA56D41664.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCS52505073-2D4B-455B-89A9-B7649FCF27D3.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCS52886A02-7DAC-49C8-BE27-8E452F352B5D.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCS5C382A31-CAC0-4FF6-BD62-46FD43CC2E5E.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCS5EA918F5-7671-4C25-AC0B-98B45AC2541D.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCS615BFC62-3513-47FD-ADC2-F8E8D060AF95.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCS6371590D-AE06-4A0D-BA93-5B9A27C36206.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCS6AA3CB32-B0B0-4A93-9DCF-5E98D4969EE4.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCS6AC1F519-0949-49F5-A36B-678437FC7818.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCS6DEA2412-5956-426C-AD34-895DEDB48FD7.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCS6EF3EB28-86AB-4D44-A7EB-DB4EFF9EF33F.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCS76BEC271-096C-46EC-9B1B-E474188CF323.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCS7A40F2FA-7FFF-4F12-814A-4407B493DAA0.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCS7D31B7C2-6A20-4BBC-AACF-C6D0E112F26A.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCS80805546-2581-477A-8300-956EBF591AF7.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCS80D4AF6F-23C5-460D-A879-5B9A75005D7A.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCS824D7B37-E97D-4C36-8D96-5F523FD0AD0F.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCS881C7E10-7EEC-41E6-B750-B65C54439BFC.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCS891B04E8-4E51-4FFD-9698-CE8D6373D741.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCS89D46056-C63D-4DB3-A9C7-EEF5EE7D28BF.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCS8A0D5AEA-C802-43F0-8BB1-A3AEE65AA925.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCS8A8FD53B-A951-4FC2-B2A9-F187E06EFD15.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCS8FB147D0-594E-4F1D-9934-4527C1968B16.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCS907EEB49-36DA-482D-B159-ED213E87706D.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCS91B98809-BD54-41DA-8BBF-C9B1D9588669.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCS923FE0B4-E104-4612-A13E-4B740DB07051.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCS92605960-A8D6-4B12-92A4-D4EBCCCABD5C.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCS92BFD893-C722-4057-A033-AA84F5DC9DB5.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCS93D7D0AA-0C99-4284-9D6D-1F9C54471019.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCS94BC49E6-7B8F-46EE-BA21-98451A8ABA2D.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCS97260C7A-1A70-4DBC-A694-8C6C88E45DAB.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCS98C9820B-5E12-448E-BAEE-0BC08C4D0C1F.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCS9A0DBF5D-A02A-4F3D-8753-3A7A971850A2.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCS9A804AF2-64A1-4B42-8AA9-A184B936E554.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCSA1E1F2DA-6E2C-4D4C-B370-66966FCB08CB.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCSA25982DB-C15F-4B61-9A04-229809AA46EC.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCSA6BD6A47-8B4E-4EE1-BA96-9717DADDCF94.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCSABA82E8A-8751-445A-84FD-EB271DA1C38E.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCSACACF848-0742-4CD1-8C5C-B5045103E10F.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCSB0BE7F42-4C34-40C9-BC6E-52ED7DD53ABA.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCSB34BB7D0-26B3-4476-AC8F-C41D397AD91E.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCSBE6C9508-67B3-438D-85D0-F2299492F9CD.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCSC6661F42-E307-4B61-9BD4-C170567D25B2.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCSC6BC058C-ECE8-41C6-9741-C1DB0D0C9330.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCSD1DA0FE4-B25E-4DF5-86A3-89446F4CD350.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCSD5B09021-C83A-43F1-9405-9B0D50AD9871.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCSD61D111E-03A9-4B09-B3F8-9D724481E16D.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCSD6DCD233-7411-4457-A80F-5BF80C0E9E4D.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCSD7AFABEC-2F8F-4531-B8AC-2EFF3F6BEC9E.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCSDC351209-9DDD-4F33-8CAD-8C653C212A7C.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCSDC715B47-2E25-4E1A-89F1-4F889FF52EBA.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCSDEAA5924-D895-45A9-9DAC-81EDD92CB633.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCSDEDA535C-169F-401F-8927-61D91A520909.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCSE1F9CBB9-6EF5-4865-BC49-82FD6544BC8C.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCSE5640414-EA8B-4D0C-9B11-4C5133D691D0.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCSE712B712-D66B-4B99-AAE3-1F0A49089B04.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCSEA508645-9A17-4423-B788-3D6231F08059.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCSEE15279E-90F9-4015-AC4F-C386B0BEAE92.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCSEF24DCE7-4531-4136-BE85-776F794743AF.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCSEF366DEF-457D-4703-8D58-8E44A531B5BA.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCSF03D264A-E01A-42DB-A7DB-6BC040CFE6BF.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCSF81688CB-EE70-4B62-912A-9A059EE37C42.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCSF92AB412-32C3-4885-B915-B0AF151F9D79.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCSF9EA5922-F7ED-4D42-87E9-FFA9712A30A2.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCSFE84DFAD-F285-45E4-98A0-7CC947448EFC.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCSFF9E8A7C-1D86-4C75-B8CE-C04D110F2A7A.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot\Spy Sweeper\Temp\SSCSFFE8F2DC-4774-4945-99BA-7BF29FD111EA.tmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService.NT AUTHORITY\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService.NT AUTHORITY\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService.NT AUTHORITY\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService.NT AUTHORITY\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Hacker\applog.log Object is locked skipped
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Hacker\pktlog.log Object is locked skipped
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Hacker\seclog.log Object is locked skipped
C:\Program Files\Webroot\Spy Sweeper\Masters\masters.bak Object is locked skipped
C:\Program Files\Webroot\Spy Sweeper\Masters\Masters.const Object is locked skipped
C:\Program Files\Webroot\Spy Sweeper\Masters\masters.mst Object is locked skipped
C:\Program Files\Webroot\Spy Sweeper\Masters.base Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{46D322A0-EAC6-45A4-8F05-A822C0EF4FA5}\RP3\A0003297.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\System Volume Information\_restore{46D322A0-EAC6-45A4-8F05-A822C0EF4FA5}\RP3\A0003311.exe/data.rar/SmitfraudFix/Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\System Volume Information\_restore{46D322A0-EAC6-45A4-8F05-A822C0EF4FA5}\RP3\A0003311.exe/data.rar Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\System Volume Information\_restore{46D322A0-EAC6-45A4-8F05-A822C0EF4FA5}\RP3\A0003311.exe RarSFX: infected - 2 skipped
C:\System Volume Information\_restore{46D322A0-EAC6-45A4-8F05-A822C0EF4FA5}\RP3\A0003311.exe PE_Patch.UPX: infected - 2 skipped
C:\System Volume Information\_restore{46D322A0-EAC6-45A4-8F05-A822C0EF4FA5}\RP3\A0003315.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\System Volume Information\_restore{46D322A0-EAC6-45A4-8F05-A822C0EF4FA5}\RP4\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb Object is locked skipped
C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log Object is locked skipped
C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped

Scan process completed.








new comboscan:




ComboScan v20070226.18 run by Admin on 2007-03-04 at 17:08:49
Computer is in Normal Mode.
--------------------------------------------------------------------------------



-- HijackThis (run as Admin.exe) ------------------------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 5:09:26 PM, on 3/4/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SlySoft\AnyDVD\unBlackList.exe
C:\Program Files\LexmarkX63\AcBtnMgr_X63.exe
C:\Program Files\LexmarkX63\ACMonitor_X63.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Hacker\KAVPF.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
C:\Documents and Settings\Admin\Desktop\comboscan.exe
C:\DOCUME~1\Admin\Desktop\Admin.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cust...search/ie.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Surf the Web at your own risk!
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [RaidTool] "C:\Program Files\VIA\RAID\raid_tool.exe"
O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
O4 - HKLM\..\Run: [lxamsp32.exe] lxamsp32.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe /startintray
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [µnBlackList] "C:\Program Files\SlySoft\AnyDVD\unBlackList.exe"
O4 - Global Startup: AcBtnMgr_X63.exe.lnk = C:\Program Files\LexmarkX63\AcBtnMgr_X63.exe
O4 - Global Startup: ACMonitor_X63.exe.lnk = C:\Program Files\LexmarkX63\ACMonitor_X63.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Kaspersky Anti-Hacker.lnk = C:\Program Files\Kaspersky Lab\Kaspersky Anti-Hacker\KAVPF.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\npjpi150_11.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\npjpi150_11.dll
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/par...an_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1134841150578
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe


-- Files created between 2007-02-04 and 2007-03-04 ------------------------------

2007-03-04 15:45:37 0 d-------- C:\WINDOWS\LastGood
2007-03-02 18:36:39 0 d-------- C:\WINDOWS\system32\Kaspersky Lab<KASPER~1>
2007-03-02 16:40:27 3968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-03-02 16:40:18 0 d-------- C:\Program Files\Grisoft
2007-02-28 18:10:31 79360 --a------ C:\WINDOWS\system32\swxcacls.exe
2007-02-28 18:10:31 288417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2007-02-28 18:10:31 51200 --a------ C:\WINDOWS\system32\dumphive.exe
2007-02-28 18:10:29 40960 --a------ C:\WINDOWS\system32\swsc.exe
2007-02-28 18:10:29 135168 --a------ C:\WINDOWS\system32\swreg.exe
2007-02-28 18:10:26 53248 --a------ C:\WINDOWS\system32\Process.exe
2007-02-27 16:55:53 0 d-------- C:\CloneDVDTemp<CLONED~1>
2007-02-27 16:53:11 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Elaborate Bytes<ELABOR~1>
2007-02-27 16:53:04 0 d-------- C:\Documents and Settings\Admin\Application Data\SlySoft
2007-02-26 1805 1826 --a------ C:\WINDOWS\system32\tmp.reg
2007-02-26 16:49:31 0 d-------- C:\Documents and Settings\Administrator.USER-856C1D9BFD\Application Data\Webroot
2007-02-26 16:47:51 0 d-------- C:\Documents and Settings\NetworkService.NT AUTHORITY\Application Data\Webroot
2007-02-26 16:22:59 21056 --a------ C:\WINDOWS\system32\drivers\sskbfd.sys
2007-02-26 16:22:59 144448 --a------ C:\WINDOWS\system32\drivers\ssidrv.sys
2007-02-26 16:22:59 22080 --a------ C:\WINDOWS\system32\drivers\sshrmd.sys
2007-02-26 16:22:59 20544 --a------ C:\WINDOWS\system32\drivers\SSFS0509.sys
2007-02-26 16:21:58 0 d-------- C:\Program Files\Webroot
2007-02-26 16:21:58 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Webroot
2007-02-26 16:19:32 0 d-------- C:\Documents and Settings\Admin\Application Data\Webroot
2007-02-19 16:23:55 0 d-------- C:\Program Files\Acoustica Beatcraft<ACOUST~1>
2007-02-19 14:05:40 0 d-------- C:\Documents and Settings\Admin\Application Data\Media Player Classic<MEDIAP~1>
2007-02-19 14:03:57 0 d-------- C:\Program Files\Media Player Classic<MEDIAP~1>
2007-02-19 14:03:55 0 d-------- C:\Program Files\Real Alternative<REALAL~1>
2007-02-19 14:03:55 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Real
2007-02-19 14:03:55 0 d-------- C:\Documents and Settings\Admin\Application Data\Real
2007-02-19 13:02:12 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\NCH Swift Sound<NCHSWI~1>
2007-02-18 17:29:46 225280 --a------ C:\WINDOWS\system32\rewire.dll
2007-02-18 17:29:46 0 d-------- C:\Program Files\VstPlugins<VSTPLU~1>
2007-02-18 11:57:05 0 d-------- C:\Documents and Settings\Admin\Application Data\NCH Swift Sound<NCHSWI~1>
2007-02-18 11:56:07 0 d-------- C:\Program Files\NCH Swift Sound<NCHSWI~1>
2007-02-16 18:05:41 0 d-------- C:\Documents and Settings\Admin\Application Data\Azureus
2007-02-16 18:05:21 0 d-------- C:\Program Files\Azureus
2007-02-13 20:52:01 86016 --a------ C:\WINDOWS\unvise32.exe
2007-02-12 19:09:44 0 d-------- C:\Program Files\Avi2Dvd
2007-02-07 17:27:19 0 d-------- C:\My Downloads<MYDOWN~1>
2007-02-04 20:13:26 126976 --a------ C:\WINDOWS\system32\iavlsp.dll
2007-02-04 19:59:32 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP


-- Find3M Report ----------------------------------------------------------------

2007-03-02 21:19:20 0 d-------- C:\Program Files\Java
2007-03-02 20:27:22 0 d-------- C:\Program Files\Mozilla Firefox<MOZILL~1>
2007-03-01 18:13:56 0 d-------- C:\Program Files\Yahoo!
2007-03-01 18:13:25 0 d-------- C:\Program Files\XviD
2007-03-01 18:13:15 0 d-------- C:\Program Files\Windows NT<WINDOW~1>
2007-03-01 18:13:09 0 d-------- C:\Program Files\Windows Media Connect 2<WINDOW~4>
2007-03-01 18:12:35 0 d-------- C:\Program Files\SuperTux
2007-03-01 18:10:04 0 d-------- C:\Program Files\SBC Self Support Tool<SBCSEL~1>
2007-03-01 18:09:53 0 d-------- C:\Program Files\Realtek AC97<REALTE~2>
2007-03-01 18:09:38 0 d-------- C:\Program Files\Online Services<ONLINE~1>
2007-03-01 18:09:38 0 d-------- C:\Program Files\OfficeUpdate11<OFFICE~1>
2007-03-01 18:09:00 0 d-------- C:\Program Files\Movie Maker<MOVIEM~1>
2007-03-01 18:04:40 0 d-------- C:\Program Files\Microsoft ActiveSync<MICROS~3>
2007-03-01 18:04:39 0 d-------- C:\Program Files\Messenger<MESSEN~1>
2007-03-01 18:04:36 0 d-------- C:\Program Files\LimeWire
2007-03-01 18:04:25 0 d-------- C:\Program Files\LexmarkX63<LEXMAR~1>
2007-03-01 18:00:49 0 d-------- C:\Program Files\Hijackthis<HIJACK~1>
2007-03-01 18:00:35 0 d-------- C:\Program Files\DVD Shrink<DVDSHR~1>
2007-03-01 18:00:34 0 d-------- C:\Program Files\DVD Decrypter<DVDDEC~1>
2007-03-01 18:00:33 0 d-------- C:\Program Files\DV TS<DVTS~1>
2007-03-01 18:00:27 0 d-------- C:\Program Files\DivX
2007-03-01 18:00:18 0 d-------- C:\Program Files\DAMN NFO Viewer<DAMNNF~1>
2007-03-01 17:56:36 0 d-------- C:\Program Files\Common Files\Motive
2007-03-01 17:55:24 0 d-------- C:\Program Files\Common Files\Kaspersky Lab<KASPER~1>
2007-03-01 17:54:55 0 d-------- C:\Program Files\CCleaner
2007-03-01 17:53:54 0 d-------- C:\Program Files\AvRack
2007-03-01 17:53:53 0 d-------- C:\Program Files\AviSynth 2.5<AVISYN~1.5>
2007-03-01 17:52:38 0 d-------- C:\Program Files\AOD
2007-03-01 17:52:37 0 d-------- C:\Program Files\AIM6
2007-03-01 17:51:20 0 d-------- C:\Program Files\AIM
2007-03-01 17:50:59 0 d-------- C:\Program Files\ACE-HIGH MP3 WAV WMA OGG Converter<ACE-HI~1>
2007-03-01 17:31:37 0 d-------- C:\Documents and Settings\Admin\Application Data\uTorrent
2007-03-01 17:31:33 0 d-------- C:\Documents and Settings\Admin\Application Data\MSNInstaller<MSNINS~1>
2007-03-01 17:31:33 0 d-------- C:\Documents and Settings\Admin\Application Data\Mozilla
2007-03-01 17:31:05 0 d-------- C:\Documents and Settings\Admin\Application Data\LimeWire
2007-03-01 17:30:33 0 d-------- C:\Documents and Settings\Admin\Application Data\AdobeUM
2007-02-23 16:43:28 0 d--h----- C:\Program Files\InstallShield Installation Information<INSTAL~1>
2007-02-18 18:19:23 56314 --a------ C:\Documents and Settings\Admin\Application Data\speech.wav
2007-02-03 15:14:24 335 --a------ C:\WINDOWS\mozregistry.dat<MOZREG~1.DAT>
2007-02-02 21:30:31 0 d-------- C:\Program Files\Common Files\SWF Studio<SWFSTU~1>
2007-01-29 02:58:06 60416 -----n--- C:\WINDOWS\system32\tzchange.exe
2007-01-21 19:47:39 0 d-------- C:\Program Files\Elaborate Bytes<ELABOR~1>
2007-01-21 19:46:31 0 d-------- C:\Program Files\SlySoft
2007-01-12 09:27:42 232960 --a------ C:\WINDOWS\system32\webcheck.dll
2007-01-12 09:27:42 51712 -----n--- C:\WINDOWS\system32\msfeedsbs.dll<MSFEED~1.DLL>
2007-01-12 09:27:42 458752 -----n--- C:\WINDOWS\system32\msfeeds.dll
2007-01-12 09:27:42 6054400 --a------ C:\WINDOWS\system32\ieframe.dll
2007-01-08 19:38:04 0 d---s---- C:\Documents and Settings\Admin\Application Data\Microsoft<MICROS~1>
2007-01-08 19:04:54 105984 --a------ C:\WINDOWS\system32\url.dll
2007-01-08 19:04:08 102400 --a------ C:\WINDOWS\system32\occache.dll
2007-01-08 19:02:04 266752 --a------ C:\WINDOWS\system32\iertutil.dll
2007-01-08 19:02:04 44544 --a------ C:\WINDOWS\system32\iernonce.dll
2007-01-08 19:02:02 384000 --a------ C:\WINDOWS\system32\iedkcs32.dll
2007-01-08 19:02:02 383488 --a------ C:\WINDOWS\system32\ieapfltr.dll
2007-01-08 19:02:02 161792 --a------ C:\WINDOWS\system32\ieakui.dll
2007-01-08 19:02:02 230400 --a------ C:\WINDOWS\system32\ieaksie.dll
2007-01-08 19:02:02 153088 --a------ C:\WINDOWS\system32\ieakeng.dll
2007-01-08 19:01:14 17408 --a------ C:\WINDOWS\system32\corpol.dll
2007-01-08 19:00:48 124928 --a------ C:\WINDOWS\system32\advpack.dll
2007-01-08 18:08:14 56832 --a------ C:\WINDOWS\system32\ie4uinit.exe
2007-01-08 18:08:10 13824 --a------ C:\WINDOWS\system32\ieudinit.exe
2006-12-19 15:52:18 134656 --a------ C:\WINDOWS\system32\shsvcs.dll
2006-12-19 12:16:47 333824 --a------ C:\WINDOWS\system32\wiaservc.dll
2006-12-13 14:24:42 89296 --a------ C:\WINDOWS\system32\ElbyCDIO.dll
2006-12-12 14:15:08 845312 --a------ C:\WINDOWS\system32\Smab.dll


-- Registry Dump ----------------------------------------------------------------


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"µnBlackList"="\"C:\\Program Files\\SlySoft\\AnyDVD\\unBlackList.exe\""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"RaidTool"="\"C:\\Program Files\\VIA\\RAID\\raid_tool.exe\""
"KAVPersonal50"="\"C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus Personal\\kav.exe\" /minimize"
"PrinTray"="C:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\printray.exe"
"lxamsp32.exe"="lxamsp32.exe"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_11\\bin\\jusched.exe\""
"SpySweeper"="C:\\Program Files\\Webroot\\Spy Sweeper\\SpySweeperUI.exe /startintray"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"SMSystemAnalyzer"="\"C:\\Program Files\\iolo\\System Mechanic Professional 6\\SMSystemAnalyzer.exe\""

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
"backup"="C:\\WINDOWS\\pss\\Adobe Reader Speed Launch.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\Adobe\\ACROBA~2.0\\Reader\\READER~1.EXE "
"item"="Adobe Reader Speed Launch"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start Menu^Programs^Startup^Monitor.lnk]
"backup"="C:\\WINDOWS\\pss\\Monitor.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\ArcSoft\\MEDIAC~1\\MCCMON~1.EXE -r"
"item"="Monitor"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AIM]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="aim"
"hkey"="HKCU"
"command"="C:\\Program Files\\AIM\\aim.exe -cnetwait.odl"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim6]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"=""
"hkey"="HKCU"
"command"=""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AOLSoftware"
"hkey"="HKLM"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Language"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\CyberLink\\PowerDVD\\Language\\Language.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LexStart]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="qttask"
"hkey"="HKLM"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mavenapp://maven.net/nike/jogatv]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NikeJogaTV"
"hkey"="HKCU"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="msmsgs"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nero DriveSpeed]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="DRIVES~1"
"hkey"="HKLM"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NeroCheck"
"hkey"="HKLM"
"inimapping"="0"
"command"="C:\\Program Files\\Common Files\\Ahead\\Lib\\NeroCheck.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="qttask"
"hkey"="HKLM"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryMechanic]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"=""
"hkey"="HKLM"
"command"=""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="PDVDServ"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\CyberLink\\PowerDVD\\PDVDServ.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSystemAnalyzer]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SMSystemAnalyzer"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\System Mechanic Professional 6\\SMSystemAnalyzer.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spyware Doctor]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="swdoctor"
"hkey"="HKCU"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AdobeUpdateManager"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Adobe\\Acrobat 7.0\\Reader\\AdobeUpdateManager.exe\" AcRdB7_0_7 -reboot 1"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ViewMgr]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ViewMgr"
"hkey"="HKLM"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="winampa"
"hkey"="HKLM"
"command"="C:\\Program Files\\Winamp\\winampa.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="1"
"hkey"="HKCU"
"command"="1"
"inimapping"="0"


[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{C47A9554-195A-4769-9B13-04F15B450A39}"=""
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"=dword:00000000

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=dword:00000000

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\WebrootSpySweeperService

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0


[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G]
Shell\AutoRun\command G:\LaunchU3.exe -a

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ac442ae2-864e-11db-82f5-00508d79493f}]
Shell\AutoRun\command G:\LaunchU3.exe -a


-- End of ComboScan: finished at 2007-03-04 at 17:10:16 -------------------------
MyDingo21 is offline  
Important Information
Join the #1 Tech Support Forum Today - It's Totally Free!

TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free.

Join TechSupportforum.com Today - Click Here