Cannot get rid of trats virus, generic dropper, and virtumonde

combofix pt 1

BTW....thankyou SOOmuch for your help!
ComboFix 08-02.02.5 - Lori 2008-02-03 13:14:09.3 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.1406 [GMT -5:00]
Running from: C:\Documents and Settings\Lori\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\Lori\Desktop\CFScript.txt
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Created from 2008-01-03 to 2008-02-03 )))))))))))))))))))))))))))))))
.

2008-01-30 21:21 . 2008-01-30 21:21 <DIR> d-------- C:\Documents and Settings\Noelle\Application Data\Talkback
2008-01-21 19:55 . 2008-02-02 10:55 7,741,472 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2008-01-21 19:55 . 2008-02-02 10:55 1,054,752 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat
2008-01-21 19:55 . 2008-02-02 10:55 105,800 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
2008-01-21 19:55 . 2008-02-02 10:55 101,000 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.idx
2008-01-21 19:54 . 2008-01-21 19:54 <DIR> d-------- C:\Program Files\Trend Micro
2008-01-21 19:49 . 2008-01-21 19:49 <DIR> d-------- C:\Program Files\Kaspersky Lab
2008-01-21 19:49 . 2008-01-21 19:49 <DIR> d-------- C:\KAV
2008-01-21 12:29 . 2008-01-21 12:29 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Prism
2008-01-21 12:28 . 2005-11-15 22:16 357,632 -ra------ C:\WINDOWS\system32\drivers\2862WICB.sys
2008-01-21 12:27 . 2008-01-21 12:27 <DIR> d-------- C:\Program Files\SMC
2008-01-21 12:27 . 2008-01-21 12:27 15,781 --a------ C:\WINDOWS\system32\drivers\mdc8021x.sys
2008-01-21 12:15 . 2008-01-21 12:15 158,208 --a--c--- C:\WINDOWS\system32\dllcache\msconfig.exe
2008-01-21 10:51 . 2008-01-21 10:51 <DIR> d-------- C:\Documents and Settings\Bob\Application Data\HPAppData
2008-01-19 07:29 . 2008-01-23 22:31 1,357 --a------ C:\WINDOWS\wininit.ini
2008-01-19 06:30 . 2008-01-19 06:30 <DIR> d-------- C:\Documents and Settings\Bob\Application Data\Talkback
2008-01-18 16:57 . 2008-01-19 05:36 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-01-18 16:57 . 2008-01-19 12:32 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-01-16 16:29 . 2008-01-16 16:29 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-01-16 16:29 . 2008-01-16 16:29 1,409 --a------ C:\WINDOWS\QTFont.for
2008-01-16 15:57 . 2008-01-16 15:57 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Talkback
2008-01-15 23:14 . 2008-01-15 23:14 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Webroot
2008-01-15 23:12 . 2003-12-02 16:13 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\AdobeUM
2008-01-15 23:11 . 2008-01-15 23:11 <DIR> d-------- C:\Documents and Settings\NetworkService\Application Data\Webroot
2008-01-11 23:08 . 2008-01-22 05:42 <DIR> d-------- C:\VundoFix Backups
2008-01-06 13:39 . 2008-01-06 13:39 <DIR> d-------- C:\Documents and Settings\Noelle\Application Data\HPAppData
2008-01-06 00:43 . 2008-01-06 00:43 <DIR> d-------- C:\Program Files\MSXML 4.0
2008-01-05 23:56 . 2008-01-05 23:56 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\WEBREG
2008-01-05 23:49 . 2007-03-07 23:20 16,496 -ra------ C:\WINDOWS\system32\drivers\HPZipr12.sys
2008-01-05 23:48 . 2008-01-05 23:48 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
2008-01-05 23:48 . 2007-03-07 23:20 49,920 -ra------ C:\WINDOWS\system32\drivers\HPZid412.sys
2008-01-05 23:45 . 2007-05-02 03:56 954,368 -ra------ C:\WINDOWS\system32\hpotiop5.dll
2008-01-05 23:45 . 2007-05-02 04:01 675,840 -ra------ C:\WINDOWS\system32\hpowiax5.dll
2008-01-05 23:45 . 2007-03-07 23:20 364,544 -ra------ C:\WINDOWS\system32\hppldcoi.dll
2008-01-05 23:45 . 2007-03-07 23:20 309,760 -ra------ C:\WINDOWS\system32\difxapi.dll
2008-01-05 23:45 . 2007-05-02 04:00 303,104 -ra------ C:\WINDOWS\system32\hpovst12.dll
2008-01-05 23:45 . 2007-03-07 23:20 21,568 -ra------ C:\WINDOWS\system32\drivers\HPZius12.sys
2008-01-05 23:25 . 2008-01-05 23:25 <DIR> d-------- C:\Documents and Settings\Lori\Application Data\HP
2008-01-05 23:19 . 2008-01-05 23:19 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\HPSSUPPLY
2008-01-05 23:12 . 2008-01-05 23:14 146,986 --------- C:\WINDOWS\hpoins21.dat.temp
2008-01-05 23:12 . 2007-05-15 05:10 8,138 --------- C:\WINDOWS\hpomdl21.dat.temp
2008-01-05 22:49 . 2008-01-05 22:49 <DIR> d-------- C:\Documents and Settings\Lori\Application Data\HPAppData
2008-01-05 21:59 . 2008-01-05 21:59 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\HP Product Assistant
2008-01-05 21:59 . 2008-01-05 22:01 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\HP
2008-01-05 21:58 . 2008-01-05 21:58 <DIR> d-------- C:\Program Files\Common Files\HP
2008-01-05 21:57 . 2008-01-05 21:57 <DIR> d-------- C:\Program Files\Hewlett-Packard
2008-01-05 21:56 . 2008-01-05 21:56 <DIR> d-------- C:\Program Files\Common Files\Hewlett-Packard
2008-01-05 21:54 . 2008-01-05 23:19 <DIR> d-------- C:\Program Files\HP
2008-01-05 21:52 . 2008-01-06 00:01 147,669 --a------ C:\WINDOWS\hpoins21.dat
2008-01-05 21:52 . 2007-05-15 05:10 8,138 --------- C:\WINDOWS\hpomdl21.dat

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-03 17:06 --------- d-----w C:\Program Files\VIP Casinos
2008-02-03 15:51 22 ----a-w C:\qpmd8376.bin
2008-02-03 15:43 --------- d-----w C:\Program Files\QuickTime
2008-02-03 15:42 --------- d-----w C:\Program Files\MSN Messenger
2008-02-03 15:42 --------- d-----w C:\Program Files\iTunes
2008-02-03 15:42 --------- d-----w C:\Program Files\ESPNRunTime
2008-02-03 15:42 --------- d-----w C:\Program Files\DIGStream
2008-02-03 15:42 --------- d-----w C:\Program Files\AIM95
2008-02-03 15:12 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2008-02-03 09:46 --------- d-----w C:\Documents and Settings\Lori\Application Data\SiteAdvisor
2008-02-02 03:11 --------- d-----w C:\Documents and Settings\Bob\Application Data\SiteAdvisor
2008-01-31 04:17 --------- d-----w C:\Documents and Settings\Noelle\Application Data\SiteAdvisor
2008-01-21 17:29 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-21 17:15 158,208 ----a-w C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe
2008-01-17 01:50 --------- d-----w C:\Documents and Settings\All Users\Application Data\McAfee
2008-01-17 01:48 --------- d-----w C:\Documents and Settings\Lori\Application Data\McAfee
2008-01-16 21:42 15,360 ----a-w C:\WINDOWS\system32\ctfmon.exe
2008-01-11 03:31 --------- d-----w C:\Program Files\WhiteSmoke
2008-01-09 03:50 --------- d-----w C:\Documents and Settings\All Users\Application Data\DIGStream
2008-01-07 05:38 155,648 ----a-w C:\WINDOWS\system32\igfxtray .exe
2008-01-07 05:38 114,688 ----a-w C:\WINDOWS\system32\hkcmd.exe
2008-01-05 01:56 1,526,640 ----a-w C:\WINDOWS\WRSetup.dll
2008-01-05 01:34 23,920 ----a-w C:\WINDOWS\system32\drivers\sskbfd.sys
2008-01-05 01:34 21,872 ----a-w C:\WINDOWS\system32\drivers\sshrmd.sys
2008-01-05 01:34 20,336 ----a-w C:\WINDOWS\system32\drivers\SSFS0BB9.sys
2008-01-05 01:34 163,696 ----a-w C:\WINDOWS\system32\drivers\ssidrv.sys
2008-01-04 01:45 --------- d-----w C:\Program Files\DL_cats
2008-01-03 04:30 --------- d-----w C:\Program Files\Casino Share Flash Casino
2008-01-02 23:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\MGS
2007-12-31 05:29 --------- d-----w C:\Program Files\Abbyy FineReader 6.0 Sprint
2007-12-31 05:23 --------- d-----w C:\Program Files\Dell_Photo AIO Printer 962
2007-12-30 17:30 --------- d-----w C:\Program Files\Dell_ENA
2007-12-30 17:30 --------- d-----w C:\Program Files\Dell
2007-12-30 16:05 --------- d-----w C:\Program Files\KeyGen Crack
2007-12-30 01:01 --------- d-----w C:\Documents and Settings\All Users\Application Data\espionServerData
2007-12-30 00:38 --------- d-----w C:\Documents and Settings\Lori\Application Data\AdobeUM
2007-12-28 02:04 --------- d-----w C:\Program Files\Common Files\Adobe
2007-12-28 01:56 43,528 ----a-w C:\WINDOWS\system32\drivers\pxhelp20.sys
2007-12-28 01:56 129,784 ----a-w C:\WINDOWS\system32\pxafs.dll
2007-12-28 01:56 118,520 ----a-w C:\WINDOWS\system32\pxinsi64.exe
2007-12-28 01:56 116,472 ----a-w C:\WINDOWS\system32\pxcpyi64.exe
2007-12-27 23:32 --------- d-----w C:\Documents and Settings\Lori\Application Data\Apple Computer
2007-12-23 00:02 --------- d-----w C:\Program Files\BatchPhoto
2007-12-23 00:02 --------- d-----w C:\Documents and Settings\All Users\Application Data\TEMP
2007-12-21 04:02 --------- d-----w C:\Program Files\SiteAdvisor
2007-12-09 21:11 --------- d-----w C:\Program Files\PhotoFiltre
2007-12-08 05:00 --------- d-----w C:\Documents and Settings\LocalService\Application Data\SiteAdvisor
2007-11-09 01:13 164 ----a-w C:\install.dat
2007-11-07 09:26 721,920 ----a-w C:\WINDOWS\system32\lsasrv.dll
2002-05-19 05:57 944,797 ----a-w C:\Program Files\wrar300.exe
2002-05-15 04:37 473 ----a-w C:\Program Files\rarregkey.txt
2002-04-01 13:43 11,264 ----a-w C:\Program Files\readme.wri
.
Code: 
<pre>
----a-w           286,720 2008-01-11 13:47:40  C:\Program Files\QuickTime\qttask         .exe
----a-w           286,720 2008-01-11 13:47:41  C:\Program Files\QuickTime\qttask    .exe
----a-w         5,367,608 2008-01-23 00:48:54  C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI .exe
----a-w           155,648 2008-01-07 05:38:41  C:\WINDOWS\system32\igfxtray .exe
</pre>


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
2007-03-02 16:52 1298024 -ra------ C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]
2007-03-02 16:52 177768 -ra------ C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-01-16 16:42 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SiteAdvisor"="C:\Program Files\SiteAdvisor\6172\SiteAdv.exe" [ ]
"QuickTime Task"="C:\Program Files\QuickTime\qttask .exe" [ ]
"PRISMSVR.EXE"="C:\Program Files\SMC\SMC2862W-G EZ Connect g 2.4Ghz 802.11g Wireless USB 2.0 Adapter\PRISMSVR.exe" [ ]
"Microsoft Works Update Detection"="C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe" [2008-01-08 22:09 28672]
"mcagent_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" [2008-01-22 05:34 582992]
"McAfee Backup"="C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe" [2007-01-16 13:59 4838952]
"MBkLogOnHook"="C:\Program Files\McAfee\MBK\LogOnHook.exe" [2007-01-08 11:22 20480]
"MSConfig"="C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe" [2008-01-21 12:15 158208]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-01-08 22:09 68856]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"McWebDownlMgr"="C:\WINDOWS\TEMP\McDMTemp007 (2)\DwnldMgr.exe" [ ]

C:\Documents and Settings\Lori\Start Menu\Programs\Startup\
NaturalColorLoad.lnk - C:\Program Files\SEC\Natural Color\NaturalColorLoad.exe [2006-06-25 23:05:30 155715]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2007-03-11 21:26:24 210520]
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2006-07-05 19:45:13 450560]
NaturalColorLoad.lnk - C:\Program Files\SEC\Natural Color\NaturalColorLoad.exe [2006-06-25 23:05:30 155715]
Quicken Scheduled Updates.lnk - C:\Program Files\Quicken\bagent.exe [2003-10-02 17:08:08 57344]
Service Manager.lnk - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [2000-08-06 00:03:20 69632]
SMC2862W-G EZ Connect g 802.11g Wireless USB Utility.lnk - C:\Program Files\SMC\SMC2862W-G EZ Connect g 2.4Ghz 802.11g Wireless USB 2.0 Adapter\SMCWGUTI.exe [2005-10-17 16:10:34 421888]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2006-04-24 12:13 282624]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Acrobat Speed Launcher.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
backup=C:\WINDOWS\pss\Adobe Acrobat Speed Launcher.lnkCommon Startup
 
combo pt 2

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Forget Me Not.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Forget Me Not.lnk
backup=C:\WINDOWS\pss\Forget Me Not.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Lori^Start Menu^Programs^Startup^Kaboom! Jr. Control Panel.lnk]
path=C:\Documents and Settings\Lori\Start Menu\Programs\Startup\Kaboom! Jr. Control Panel.lnk
backup=C:\WINDOWS\pss\Kaboom! Jr. Control Panel.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Lori^Start Menu^Programs^Startup^MemoKit.lnk]
path=C:\Documents and Settings\Lori\Start Menu\Programs\Startup\MemoKit.lnk
backup=C:\WINDOWS\pss\MemoKit.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Lori^Start Menu^Programs^Startup^Office Information Worker Feedback Program.lnk]
path=C:\Documents and Settings\Lori\Start Menu\Programs\Startup\Office Information Worker Feedback Program.lnk
backup=C:\WINDOWS\pss\Office Information Worker Feedback Program.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2001-07-09 10:50 155648 C:\WINDOWS\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryMechanic]
--a------ 2006-10-30 13:12 2287152 C:\Program Files\Registry Mechanic\RegMech.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpySweeper]
--a------ 2008-01-04 20:56 5367664 C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
--a------ 2008-01-08 22:09 68856 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ViewMgr]
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ViewpointPhotosDeviceConnect]
C:\Program Files\Common Files\Viewpoint\Toolbar Runtime\3.7.0\FotomatDeviceConnect.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zune Launcher]
--a------ 2006-12-12 14:45 21464 C:\Program Files\Zune\ZuneLauncher.exe

R0 sojubus;sojubus;C:\WINDOWS\system32\DRIVERS\sojubus.sys [2003-10-05 10:41]
R0 sojuscsi;sojuscsi;C:\WINDOWS\system32\DRIVERS\sojuscsi.sys [2003-09-28 10:57]
R2 AdobeActiveFileMonitor6.0;Adobe Active File Monitor V6;C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [2007-10-02 14:46]
R2 ColdFusion MX ODBC Agent;ColdFusion MX ODBC Agent;C:\CFusionMX\db\slserver52\bin\swagent.exe "ColdFusion MX ODBC Agent" []
R2 cvintdrv;cvintdrv;C:\WINDOWS\system32\drivers\cvintdrv.sys [2006-04-10 09:01]
S3 SMC2862W;SMC2862W-G EZ Connect g 2.4Ghz 802.11g Wireless USB 2.0 Adapter Driver;C:\WINDOWS\system32\DRIVERS\2862WICB.sys [2005-11-15 22:16]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{56014d2e-1ff4-11db-8d13-000ea65cb895}]
\Shell\AutoRun\command - H:\setupSNK.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fb86e361-07c3-11db-8cf0-000ea65cb895}]
\Shell\AutoRun\command - setupSNK.exe

.
Contents of the 'Scheduled Tasks' folder
"2008-01-15 07:30:27 C:\WINDOWS\Tasks\McDefragTask.job"
- c:\program files\mcafee\mqc\QcConsol.exe'
"2008-02-01 06:00:00 C:\WINDOWS\Tasks\McQcTask.job"
- c:\program files\mcafee\mqc\QcConsol.exe
"2008-02-03 15:53:54 C:\WINDOWS\Tasks\MP Scheduled Scan.job"
- C:\Program Files\Windows Defender\MpCmdRun.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-03 13:16:46
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-02-03 13:17:50
ComboFix-quarantined-files.txt 2008-02-03 18:17:46
ComboFix2.txt 2008-02-03 16:02:00
ComboFix3.txt 2008-02-02 16:52:06
.
2008-01-30 17:44:07 --- E O F ---
 
hjt 1

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:24:05 PM, on 2/3/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\CFusionMX\runtime\bin\jrunsvc.exe
C:\CFusionMX\db\slserver52\bin\swagent.exe
C:\CFusionMX\runtime\bin\jrun.exe
C:\CFusionMX\db\slserver52\bin\swstrtr.exe
C:\CFusionMX\db\slserver52\bin\swsoc.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\McAfee\MPF\MPFSrv.exe
c:\program files\mcafee\msk\msksrver.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\SiteAdvisor\6253\SAService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\PROGRA~1\McAfee.com\Agent\mcagent.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\SEC\Natural Color\NaturalColorLoad.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\SMC\SMC2862W-G EZ Connect g 2.4Ghz 802.11g Wireless USB 2.0 Adapter\SMCWGUTI.exe
C:\Program Files\MemoKit\memokit2.exe
C:\Program Files\Microsoft Office System Information Worker Feedback Program\wfpscheduler.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Microsoft Office System Information Worker Feedback Program\WfpSaS.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\nsga1.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\LORI\Application Data\Mozilla\Profiles\default\ie2qxrqv.slt\prefs.js)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - C:\Program Files\McAfee\MSK\mcapbho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: &ESPN - {AE6F2894-AF10-4C9C-B16E-1DFC6FF8C0C6} - C:\Program Files\ESPN\Toolbar\DIGToolBar.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask .exe" -atboottime
O4 - HKLM\..\Run: [PRISMSVR.EXE] "C:\Program Files\SMC\SMC2862W-G EZ Connect g 2.4Ghz 802.11g Wireless USB 2.0 Adapter\PRISMSVR.EXE" /APPLY
O4 - HKLM\..\Run: [Microsoft Works Update Detection] "C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe"
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [McAfee Backup] "C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe"
O4 - HKLM\..\Run: [MBkLogOnHook] "C:\Program Files\McAfee\MBK\LogOnHook.exe"
O4 - HKLM\..\Run: [MSConfig] "C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe" /auto
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [McWebDownlMgr] C:\WINDOWS\TEMP\McDMTemp007 (2)\DwnldMgr.exe /runkey (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [McWebDownlMgr] C:\WINDOWS\TEMP\McDMTemp007 (2)\DwnldMgr.exe /runkey (User 'Default user')
O4 - Startup: NaturalColorLoad.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: NaturalColorLoad.lnk = ?
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O4 - Global Startup: SMC2862W-G EZ Connect g 802.11g Wireless USB Utility.lnk = C:\Program Files\SMC\SMC2862W-G EZ Connect g 2.4Ghz 802.11g Wireless USB 2.0 Adapter\SMCWGUTI.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
 
hjt cont

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim .exe (file missing)
O9 - Extra button: Vegas Red Casino - {D5AE2D6D-38A7-425c-86C0-E4ABBDB9EC68} - C:\Casino\Vegas Red Casino\casino.exe
O9 - Extra 'Tools' menuitem: Vegas Red Casino - {D5AE2D6D-38A7-425c-86C0-E4ABBDB9EC68} - C:\Casino\Vegas Red Casino\casino.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O15 - Trusted Zone: http://www.vip.com
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} (VaioInfo.CMClass) - http://esupport.sony.com/VaioInfo.CAB
O16 - DPF: {1E2941E3-8E63-11D4-9D5A-00902742D6E0} (iNotes Class) - http://mail.malden.mec.edu/iNotes.cab
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) - http://a516.g.akamai.net/f/516/25175/7d/runaware.download.akamai.com/25175/citrix/wficat-no-eula.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {36E4E9BC-4D0C-41B4-90C9-37AFDBFAAD3C} (InforbitHelper Class) - http://download.infotriever.com/bin/ifhelper.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by104fd.bay104.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5EB6A98B-F75B-4AC7-821D-BAD2C29D18C2} (CVALAXObj Class) - https://mycampus.phoenix.edu/support/tutorials/Click2Talk/ClickToTalkTS/download/CVALAX.CAB
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1151289857000
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1151290801484
O16 - DPF: {A82C3A33-5C0E-466C-B020-71585433A7E4} (PhxStudent.OeSetup15) - https://ecampus.phoenix.edu/secure/PhxStudent15.CAB
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/mcgdmgr/1,0,0,26/mcgdmgr.cab
O16 - DPF: {CC32D4D8-2A0B-4CEB-B105-C9B968379105} (CGameManagerCtrl Object) - https://disney.go.com/games/downloads/gamemanager/DIGGameManager.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://casinoshare.microgaming.com/casinoshare/FlashAX.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://www.driveragent.com/files/driveragent.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: ColdFusion MX Application Server - Macromedia Inc. - C:\CFusionMX\runtime\bin\jrunsvc.exe
O23 - Service: ColdFusion MX ODBC Agent - Unknown owner - C:\CFusionMX\db\slserver52\bin\swagent.exe
O23 - Service: ColdFusion MX ODBC Server - Unknown owner - C:\CFusionMX\db\slserver52\bin\swstrtr.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\SYSTEM32\GEARSEC.EXE
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - c:\program files\mcafee\msk\msksrver.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SiteAdvisor Service - Unknown owner - C:\Program Files\SiteAdvisor\6253\SAService.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\Sptisrv.exe
O23 - Service: VAIO Media Music Server (VAIOMediaPlatform-MusicServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Music\SSSvr.exe
O23 - Service: VAIO Media Music Server (HTTP) (VAIOMediaPlatform-MusicServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Music Server (UPnP) (VAIOMediaPlatform-MusicServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Photo Server (VAIOMediaPlatform-PhotoServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Photo\appsrv\PhotoAppSrv.exe
O23 - Service: VAIO Media Photo Server (HTTP) (VAIOMediaPlatform-PhotoServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Photo Server (UPnP) (VAIOMediaPlatform-PhotoServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Video\GPVSvr.exe
O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

--
End of file - 17989 bytes
 
Hi

Looks like that not all files doesn't want to rename.

That just means that you will need to re-install some startup programs later.

Open notepad and copy/paste the text in the quotebox below into it:

Code: 
File::
C:\Program Files\QuickTime\qttask         .exe
C:\Program Files\QuickTime\qttask    .exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI .exe
C:\WINDOWS\system32\igfxtray .exe

Save this as "CFScript"

Then drag the CFScript into ComboFix.exe as you see in the screenshot below.

CFScript.gif


This will start ComboFix again. After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply together with a new HijackThis log.

Combofix should never take more that 20 minutes including the reboot if malware is detected.
If it does, open Task Manager then Processes tab (press ctrl, alt and del at the same time) and end any processes of findstr, find, sed or swreg, then combofix should continue.
If that happened we want to know, and also what process you had to end.
 
combofix1

ComboFix 08-02.02.5 - Lori 2008-02-03 14:12:12.4 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.1487 [GMT -5:00]
Running from: C:\Documents and Settings\Lori\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\Lori\Desktop\CFScript.txt
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

FILE
C:\Program Files\QuickTime\qttask .exe
C:\Program Files\QuickTime\qttask .exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI .exe
C:\WINDOWS\system32\igfxtray .exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\QuickTime\qttask .exe
C:\Program Files\QuickTime\qttask .exe
C:\Program Files\QuickTime\qttask .exe
C:\Program Files\QuickTime\qttask .exe
C:\WINDOWS\system32\igfxtray .exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI .exe . . . . failed to delete

.
((((((((((((((((((((((((( Files Created from 2008-01-03 to 2008-02-03 )))))))))))))))))))))))))))))))
.

2008-01-30 21:21 . 2008-01-30 21:21 <DIR> d-------- C:\Documents and Settings\Noelle\Application Data\Talkback
2008-01-21 19:55 . 2008-02-02 10:55 7,741,472 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2008-01-21 19:55 . 2008-02-02 10:55 1,054,752 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat
2008-01-21 19:55 . 2008-02-02 10:55 105,800 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
2008-01-21 19:55 . 2008-02-02 10:55 101,000 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.idx
2008-01-21 19:54 . 2008-01-21 19:54 <DIR> d-------- C:\Program Files\Trend Micro
2008-01-21 19:49 . 2008-01-21 19:49 <DIR> d-------- C:\Program Files\Kaspersky Lab
2008-01-21 19:49 . 2008-01-21 19:49 <DIR> d-------- C:\KAV
2008-01-21 12:29 . 2008-01-21 12:29 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Prism
2008-01-21 12:28 . 2005-11-15 22:16 357,632 -ra------ C:\WINDOWS\system32\drivers\2862WICB.sys
2008-01-21 12:27 . 2008-01-21 12:27 <DIR> d-------- C:\Program Files\SMC
2008-01-21 12:27 . 2008-01-21 12:27 15,781 --a------ C:\WINDOWS\system32\drivers\mdc8021x.sys
2008-01-21 12:15 . 2008-01-21 12:15 158,208 --a--c--- C:\WINDOWS\system32\dllcache\msconfig.exe
2008-01-21 10:51 . 2008-01-21 10:51 <DIR> d-------- C:\Documents and Settings\Bob\Application Data\HPAppData
2008-01-19 07:29 . 2008-01-23 22:31 1,357 --a------ C:\WINDOWS\wininit.ini
2008-01-19 06:30 . 2008-01-19 06:30 <DIR> d-------- C:\Documents and Settings\Bob\Application Data\Talkback
2008-01-18 16:57 . 2008-01-19 05:36 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-01-18 16:57 . 2008-01-19 12:32 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-01-16 16:29 . 2008-01-16 16:29 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-01-16 16:29 . 2008-01-16 16:29 1,409 --a------ C:\WINDOWS\QTFont.for
2008-01-16 15:57 . 2008-01-16 15:57 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Talkback
2008-01-15 23:14 . 2008-01-15 23:14 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Webroot
2008-01-15 23:12 . 2003-12-02 16:13 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\AdobeUM
2008-01-15 23:11 . 2008-01-15 23:11 <DIR> d-------- C:\Documents and Settings\NetworkService\Application Data\Webroot
2008-01-11 23:08 . 2008-01-22 05:42 <DIR> d-------- C:\VundoFix Backups
2008-01-06 13:39 . 2008-01-06 13:39 <DIR> d-------- C:\Documents and Settings\Noelle\Application Data\HPAppData
2008-01-06 00:43 . 2008-01-06 00:43 <DIR> d-------- C:\Program Files\MSXML 4.0
2008-01-05 23:56 . 2008-01-05 23:56 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\WEBREG
2008-01-05 23:49 . 2007-03-07 23:20 16,496 -ra------ C:\WINDOWS\system32\drivers\HPZipr12.sys
2008-01-05 23:48 . 2008-01-05 23:48 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
2008-01-05 23:48 . 2007-03-07 23:20 49,920 -ra------ C:\WINDOWS\system32\drivers\HPZid412.sys
2008-01-05 23:45 . 2007-05-02 03:56 954,368 -ra------ C:\WINDOWS\system32\hpotiop5.dll
2008-01-05 23:45 . 2007-05-02 04:01 675,840 -ra------ C:\WINDOWS\system32\hpowiax5.dll
2008-01-05 23:45 . 2007-03-07 23:20 364,544 -ra------ C:\WINDOWS\system32\hppldcoi.dll
2008-01-05 23:45 . 2007-03-07 23:20 309,760 -ra------ C:\WINDOWS\system32\difxapi.dll
2008-01-05 23:45 . 2007-05-02 04:00 303,104 -ra------ C:\WINDOWS\system32\hpovst12.dll
2008-01-05 23:45 . 2007-03-07 23:20 21,568 -ra------ C:\WINDOWS\system32\drivers\HPZius12.sys
2008-01-05 23:25 . 2008-01-05 23:25 <DIR> d-------- C:\Documents and Settings\Lori\Application Data\HP
2008-01-05 23:19 . 2008-01-05 23:19 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\HPSSUPPLY
2008-01-05 23:12 . 2008-01-05 23:14 146,986 --------- C:\WINDOWS\hpoins21.dat.temp
2008-01-05 23:12 . 2007-05-15 05:10 8,138 --------- C:\WINDOWS\hpomdl21.dat.temp
2008-01-05 22:49 . 2008-01-05 22:49 <DIR> d-------- C:\Documents and Settings\Lori\Application Data\HPAppData
2008-01-05 21:59 . 2008-01-05 21:59 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\HP Product Assistant
2008-01-05 21:59 . 2008-01-05 22:01 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\HP
2008-01-05 21:58 . 2008-01-05 21:58 <DIR> d-------- C:\Program Files\Common Files\HP
2008-01-05 21:57 . 2008-01-05 21:57 <DIR> d-------- C:\Program Files\Hewlett-Packard
2008-01-05 21:56 . 2008-01-05 21:56 <DIR> d-------- C:\Program Files\Common Files\Hewlett-Packard
2008-01-05 21:54 . 2008-01-05 23:19 <DIR> d-------- C:\Program Files\HP
2008-01-05 21:52 . 2008-01-06 00:01 147,669 --a------ C:\WINDOWS\hpoins21.dat
2008-01-05 21:52 . 2007-05-15 05:10 8,138 --------- C:\WINDOWS\hpomdl21.dat

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-03 19:18 22 ----a-w C:\qpmd8376.bin
2008-02-03 19:17 --------- d-----w C:\Program Files\QuickTime
2008-02-03 17:06 --------- d-----w C:\Program Files\VIP Casinos
2008-02-03 15:42 --------- d-----w C:\Program Files\MSN Messenger
2008-02-03 15:42 --------- d-----w C:\Program Files\iTunes
2008-02-03 15:42 --------- d-----w C:\Program Files\ESPNRunTime
2008-02-03 15:42 --------- d-----w C:\Program Files\DIGStream
2008-02-03 15:42 --------- d-----w C:\Program Files\AIM95
2008-02-03 15:12 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2008-02-03 09:46 --------- d-----w C:\Documents and Settings\Lori\Application Data\SiteAdvisor
2008-02-02 03:11 --------- d-----w C:\Documents and Settings\Bob\Application Data\SiteAdvisor
2008-01-31 04:17 --------- d-----w C:\Documents and Settings\Noelle\Application Data\SiteAdvisor
2008-01-21 17:29 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-17 01:50 --------- d-----w C:\Documents and Settings\All Users\Application Data\McAfee
2008-01-17 01:48 --------- d-----w C:\Documents and Settings\Lori\Application Data\McAfee
2008-01-11 03:31 --------- d-----w C:\Program Files\WhiteSmoke
2008-01-09 03:50 --------- d-----w C:\Documents and Settings\All Users\Application Data\DIGStream
2008-01-05 01:56 1,526,640 ----a-w C:\WINDOWS\WRSetup.dll
2008-01-05 01:34 23,920 ----a-w C:\WINDOWS\system32\drivers\sskbfd.sys
2008-01-05 01:34 21,872 ----a-w C:\WINDOWS\system32\drivers\sshrmd.sys
2008-01-05 01:34 20,336 ----a-w C:\WINDOWS\system32\drivers\SSFS0BB9.sys
2008-01-05 01:34 163,696 ----a-w C:\WINDOWS\system32\drivers\ssidrv.sys
2008-01-04 01:45 --------- d-----w C:\Program Files\DL_cats
2008-01-03 04:30 --------- d-----w C:\Program Files\Casino Share Flash Casino
2008-01-02 23:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\MGS
2007-12-31 05:29 --------- d-----w C:\Program Files\Abbyy FineReader 6
 
combo2

2007-12-31 05:23 --------- d-----w C:\Program Files\Dell_Photo AIO Printer 962
2007-12-30 17:30 --------- d-----w C:\Program Files\Dell_ENA
2007-12-30 17:30 --------- d-----w C:\Program Files\Dell
2007-12-30 16:05 --------- d-----w C:\Program Files\KeyGen Crack
2007-12-30 01:01 --------- d-----w C:\Documents and Settings\All Users\Application Data\espionServerData
2007-12-30 00:38 --------- d-----w C:\Documents and Settings\Lori\Application Data\AdobeUM
2007-12-28 02:04 --------- d-----w C:\Program Files\Common Files\Adobe
2007-12-28 01:56 43,528 ----a-w C:\WINDOWS\system32\drivers\pxhelp20.sys
2007-12-27 23:32 --------- d-----w C:\Documents and Settings\Lori\Application Data\Apple Computer
2007-12-23 00:02 --------- d-----w C:\Program Files\BatchPhoto
2007-12-23 00:02 --------- d-----w C:\Documents and Settings\All Users\Application Data\TEMP
2007-12-21 04:02 --------- d-----w C:\Program Files\SiteAdvisor
2007-12-09 21:11 --------- d-----w C:\Program Files\PhotoFiltre
2007-12-08 05:00 --------- d-----w C:\Documents and Settings\LocalService\Application Data\SiteAdvisor
2007-11-09 01:13 164 ----a-w C:\install.dat
2002-05-19 05:57 944,797 ----a-w C:\Program Files\wrar300.exe
2002-05-15 04:37 473 ----a-w C:\Program Files\rarregkey.txt
2002-04-01 13:43 11,264 ----a-w C:\Program Files\readme.wri
.
Code: 
<pre>
----a-w         5,367,608 2008-01-23 00:48:54  C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI .exe
</pre>


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
2007-03-02 16:52 1298024 -ra------ C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]
2007-03-02 16:52 177768 -ra------ C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-01-16 16:42 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SiteAdvisor"="C:\Program Files\SiteAdvisor\6172\SiteAdv.exe" [ ]
"QuickTime Task"="C:\Program Files\QuickTime\qttask .exe" [ ]
"PRISMSVR.EXE"="C:\Program Files\SMC\SMC2862W-G EZ Connect g 2.4Ghz 802.11g Wireless USB 2.0 Adapter\PRISMSVR.exe" [ ]
"Microsoft Works Update Detection"="C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe" [2008-01-08 22:09 28672]
"mcagent_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" [2008-01-22 05:34 582992]
"McAfee Backup"="C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe" [2007-01-16 13:59 4838952]
"MBkLogOnHook"="C:\Program Files\McAfee\MBK\LogOnHook.exe" [2007-01-08 11:22 20480]
"MSConfig"="C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe" [2008-01-21 12:15 158208]
"combofix"="C:\ComboFix\kmd.exe" [2004-08-04 02:56 388608]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-01-08 22:09 68856]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"McWebDownlMgr"="C:\WINDOWS\TEMP\McDMTemp007 (2)\DwnldMgr.exe" [ ]

C:\Documents and Settings\Lori\Start Menu\Programs\Startup\
NaturalColorLoad.lnk - C:\Program Files\SEC\Natural Color\NaturalColorLoad.exe [2006-06-25 23:05:30 155715]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2007-03-11 21:26:24 210520]
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2006-07-05 19:45:13 450560]
NaturalColorLoad.lnk - C:\Program Files\SEC\Natural Color\NaturalColorLoad.exe [2006-06-25 23:05:30 155715]
Quicken Scheduled Updates.lnk - C:\Program Files\Quicken\bagent.exe [2003-10-02 17:08:08 57344]
Service Manager.lnk - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [2000-08-06 00:03:20 69632]
SMC2862W-G EZ Connect g 802.11g Wireless USB Utility.lnk - C:\Program Files\SMC\SMC2862W-G EZ Connect g 2.4Ghz 802.11g Wireless USB 2.0 Adapter\SMCWGUTI.exe [2005-10-17 16:10:34 421888]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2006-04-24 12:13 282624]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Acrobat Speed Launcher.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
backup=C:\WINDOWS\pss\Adobe Acrobat Speed Launcher.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Forget Me Not.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Forget Me Not.lnk
backup=C:\WINDOWS\pss\Forget Me Not.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Lori^Start Menu^Programs^Startup^Kaboom! Jr. Control Panel.lnk]
path=C:\Documents and Settings\Lori\Start Menu\Programs\Startup\Kaboom! Jr. Control Panel.lnk
backup=C:\WINDOWS\pss\Kaboom! Jr. Control Panel.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Lori^Start Menu^Programs^Startup^MemoKit.lnk]
path=C:\Documents and Settings\Lori\Start Menu\Programs\Startup\MemoKit.lnk
backup=C:\WINDOWS\pss\MemoKit.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Lori^Start Menu^Programs^Startup^Office Information Worker Feedback Program.lnk]
path=C:\Documents and Settings\Lori\Start Menu\Programs\Startup\Office Information Worker Feedback Program.lnk
backup=C:\WINDOWS\pss\Office Information Worker Feedback Program.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2001-07-09 10:50 155648 C:\WINDOWS\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryMechanic]
--a------ 2006-10-30 13:12 2287152 C:\Program Files\Registry Mechanic\RegMech.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpySweeper]
--a------ 2008-01-04 20:56 5367664 C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
--a------ 2008-01-08 22:09 68856 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ViewMgr]
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ViewpointPhotosDeviceConnect]
C:\Program Files\Common Files\Viewpoint\Toolbar Runtime\3.7.0\FotomatDeviceConnect.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zune Launcher]
--a------ 2006-12-12 14:45 21464 C:\Program Files\Zune\ZuneLauncher.exe

R0 sojubus;sojubus;C:\WINDOWS\system32\DRIVERS\sojubus.sys [2003-10-05 10:41]
R0 sojuscsi;sojuscsi;C:\WINDOWS\system32\DRIVERS\sojuscsi.sys [2003-09-28 10:57]
R2 AdobeActiveFileMonitor6.0;Adobe Active File Monitor V6;C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [2007-10-02 14:46]
R2 ColdFusion MX ODBC Agent;ColdFusion MX ODBC Agent;C:\CFusionMX\db\slserver52\bin\swagent.exe "ColdFusion MX ODBC Agent" []
R2 cvintdrv;cvintdrv;C:\WINDOWS\system32\drivers\cvintdrv.sys [2006-04-10 09:01]
S3 SMC2862W;SMC2862W-G EZ Connect g 2.4Ghz 802.11g Wireless USB 2.0 Adapter Driver;C:\WINDOWS\system32\DRIVERS\2862WICB.sys [2005-11-15 22:16]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{56014d2e-1ff4-11db-8d13-000ea65cb895}]
\Shell\AutoRun\command - H:\setupSNK.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fb86e361-07c3-11db-8cf0-000ea65cb895}]
\Shell\AutoRun\command - setupSNK.exe

.
Contents of the 'Scheduled Tasks' folder
"2008-01-15 07:30:27 C:\WINDOWS\Tasks\McDefragTask.job"
- c:\program files\mcafee\mqc\QcConsol.exe'
"2008-02-01 06:00:00 C:\WINDOWS\Tasks\McQcTask.job"
- c:\program files\mcafee\mqc\QcConsol.exe
"2008-02-03 19:21:18 C:\WINDOWS\Tasks\MP Scheduled Scan.job"
- C:\Program Files\Windows Defender\MpCmdRun.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-03 14:38:18
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Windows Defender\MsMpEng.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\CFusionMX\runtime\bin\jrunsvc.exe
C:\CFusionMX\runtime\bin\jrun.exe
C:\CFusionMX\db\slserver52\bin\swstrtr.exe
C:\CFusionMX\db\slserver52\bin\swsoc.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\McAfee\MPF\MPFSrv.exe
c:\program files\mcafee\msk\msksrver.exe
C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
C:\Program Files\SiteAdvisor\6253\SAService.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\PROGRA~1\McAfee.com\Agent\mcagent.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
.
**************************************************************************
.
Completion time: 2008-02-03 14:44:48 - machine was rebooted
ComboFix-quarantined-files.txt 2008-02-03 19:44:43
ComboFix2.txt 2008-02-03 18:17:51
ComboFix3.txt 2008-02-03 16:02:00
ComboFix4.txt 2008-02-02 16:52:06
.
2008-01-30 17:44:07 --- E O F ---
 
hjt

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:58:16 PM, on 2/3/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\CFusionMX\runtime\bin\jrunsvc.exe
C:\CFusionMX\db\slserver52\bin\swagent.exe
C:\CFusionMX\runtime\bin\jrun.exe
C:\CFusionMX\db\slserver52\bin\swstrtr.exe
C:\CFusionMX\db\slserver52\bin\swsoc.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\McAfee\MPF\MPFSrv.exe
c:\program files\mcafee\msk\msksrver.exe
C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\SiteAdvisor\6253\SAService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\PROGRA~1\McAfee.com\Agent\mcagent.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\SEC\Natural Color\NaturalColorLoad.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\SMC\SMC2862W-G EZ Connect g 2.4Ghz 802.11g Wireless USB 2.0 Adapter\SMCWGUTI.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\nsga1.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\LORI\Application Data\Mozilla\Profiles\default\ie2qxrqv.slt\prefs.js)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - C:\Program Files\McAfee\MSK\mcapbho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: &ESPN - {AE6F2894-AF10-4C9C-B16E-1DFC6FF8C0C6} - C:\Program Files\ESPN\Toolbar\DIGToolBar.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask .exe" -atboottime
O4 - HKLM\..\Run: [PRISMSVR.EXE] "C:\Program Files\SMC\SMC2862W-G EZ Connect g 2.4Ghz 802.11g Wireless USB 2.0 Adapter\PRISMSVR.EXE" /APPLY
O4 - HKLM\..\Run: [Microsoft Works Update Detection] "C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe"
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [McAfee Backup] "C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe"
O4 - HKLM\..\Run: [MBkLogOnHook] "C:\Program Files\McAfee\MBK\LogOnHook.exe"
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [McWebDownlMgr] C:\WINDOWS\TEMP\McDMTemp007 (2)\DwnldMgr.exe /runkey (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [McWebDownlMgr] C:\WINDOWS\TEMP\McDMTemp007 (2)\DwnldMgr.exe /runkey (User 'Default user')
O4 - Startup: NaturalColorLoad.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: NaturalColorLoad.lnk = ?
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O4 - Global Startup: SMC2862W-G EZ Connect g 802.11g Wireless USB Utility.lnk = C:\Program Files\SMC\SMC2862W-G EZ Connect g 2.4Ghz 802.11g Wireless USB 2.0 Adapter\SMCWGUTI.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim .exe (file missing)
O9 - Extra button: Vegas Red Casino - {D5AE2D6D-38A7-425c-86C0-E4ABBDB9EC68} - C:\Casino\Vegas Red Casino\casino.exe
O9 - Extra 'Tools' menuitem: Vegas Red Casino - {D5AE2D6D-38A7-425c-86C0-E4ABBDB9EC68} - C:\Casino\Vegas Red Casino\casino.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O15 - Trusted Zone: http://www.vip.com
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} (VaioInfo.CMClass) - http://esupport.sony.com/VaioInfo.CAB
O16 - DPF: {1E2941E3-8E63-11D4-9D5A-00902742D6E0} (iNotes Class) - http://mail.malden.mec.edu/iNotes.cab
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) - http://a516.g.akamai.net/f/516/25175/7d/runaware.download.akamai.com/25175/citrix/wficat-no-eula.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {36E4E9BC-4D0C-41B4-90C9-37AFDBFAAD3C} (InforbitHelper Class) - http://download.infotriever.com/bin/ifhelper.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by104fd.bay104.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5EB6A98B-F75B-4AC7-821D-BAD2C29D18C2} (CVALAXObj Class) - https://mycampus.phoenix.edu/support/tutorials/Click2Talk/ClickToTalkTS/download/CVALAX.CAB
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1151289857000
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1151290801484
O16 - DPF: {A82C3A33-5C0E-466C-B020-71585433A7E4} (PhxStudent.OeSetup15) - https://ecampus.phoenix.edu/secure/PhxStudent15.CAB
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/mcgdmgr/1,0,0,26/mcgdmgr.cab
O16 - DPF: {CC32D4D8-2A0B-4CEB-B105-C9B968379105} (CGameManagerCtrl Object) - https://disney.go.com/games/downloads/gamemanager/DIGGameManager.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://casinoshare.microgaming.com/casinoshare/FlashAX.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://www.driveragent.com/files/driveragent.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: ColdFusion MX Application Server - Macromedia Inc. - C:\CFusionMX\runtime\bin\jrunsvc.exe
O23 - Service: ColdFusion MX ODBC Agent - Unknown owner - C:\CFusionMX\db\slserver52\bin\swagent.exe
O23 - Service: ColdFusion MX ODBC Server - Unknown owner - C:\CFusionMX\db\slserver52\bin\swstrtr.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\SYSTEM32\GEARSEC.EXE
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - c:\program files\mcafee\msk\msksrver.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SiteAdvisor Service - Unknown owner - C:\Program Files\SiteAdvisor\6253\SAService.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\Sptisrv.exe
O23 - Service: VAIO Media Music Server (VAIOMediaPlatform-MusicServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Music\SSSvr.exe
O23 - Service: VAIO Media Music Server (HTTP) (VAIOMediaPlatform-MusicServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Music Server (UPnP) (VAIOMediaPlatform-MusicServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Photo Server (VAIOMediaPlatform-PhotoServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Photo\appsrv\PhotoAppSrv.exe
O23 - Service: VAIO Media Photo Server (HTTP) (VAIOMediaPlatform-PhotoServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Photo Server (UPnP) (VAIOMediaPlatform-PhotoServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Video\GPVSvr.exe
O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

--
End of file - 17726 bytes
 
Hi

Uninstall Spy Sweeper (you can re-install it once you're clean).

Delete this folder is still exists:

C:\Program Files\Webroot\Spy Sweeper

Please do an online scan with Kaspersky Online Scanner. You will be prompted to install an ActiveX component from Kaspersky, Click Yes.
  • The program will launch and then start to download the latest definition files.
  • Once the scanner is installed and the definitions downloaded, click Next.
  • Now click on Scan Settings
  • In the scan settings make sure that the following are selected:

    o Scan using the following Anti-Virus database:

    + Extended (If available otherwise Standard)

    o Scan Options:

    + Scan Archives
    + Scan Mail Bases
  • Click OK
  • Now under select a target to scan select My Computer
  • The scan will take a while so be patient and let it run. Once the scan is complete it will display if your system has been infected.
  • Now click on the Save as Text button
  • Save the file to your desktop.
  • Copy and paste that information in your next post.

Note: This scanner will work with Internet Explorer Only!

Note for Internet Explorer 7 users: If at any time you have trouble with the accept button of the license, click on the Zoom tool located at the right bottom of the IE window and set the zoom to 75 %. Once the license accepted, reset to 100%.

Post:

- a fresh HijackThis log
- kaspersky report
 
Hjt

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:02:04 AM, on 2/5/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\CFusionMX\runtime\bin\jrunsvc.exe
C:\CFusionMX\db\slserver52\bin\swagent.exe
C:\CFusionMX\runtime\bin\jrun.exe
C:\CFusionMX\db\slserver52\bin\swstrtr.exe
C:\CFusionMX\db\slserver52\bin\swsoc.exe
C:\WINDOWS\SYSTEM32\GEARSEC.EXE
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\McAfee\MPF\MPFSrv.exe
c:\program files\mcafee\msk\msksrver.exe
C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\SiteAdvisor\6253\SAService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\PROGRA~1\McAfee.com\Agent\mcagent.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\SEC\Natural Color\NaturalColorLoad.exe
C:\Program Files\SMC\SMC2862W-G EZ Connect g 2.4Ghz 802.11g Wireless USB 2.0 Adapter\SMCWGUTI.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\HP\Smart Web Printing\hpswp_clipbook.exe
C:\Program Files\SiteAdvisor\6253\SiteAdv.exe
C:\Program Files\McAfee\MSC\mcshell.exe
C:\Program Files\McAfee\MSC\mcuimgr.exe
C:\Program Files\Trend Micro\HijackThis\nsga1.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\LORI\Application Data\Mozilla\Profiles\default\ie2qxrqv.slt\prefs.js)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - C:\Program Files\McAfee\MSK\mcapbho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: &ESPN - {AE6F2894-AF10-4C9C-B16E-1DFC6FF8C0C6} - C:\Program Files\ESPN\Toolbar\DIGToolBar.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask .exe" -atboottime
O4 - HKLM\..\Run: [PRISMSVR.EXE] "C:\Program Files\SMC\SMC2862W-G EZ Connect g 2.4Ghz 802.11g Wireless USB 2.0 Adapter\PRISMSVR.EXE" /APPLY
O4 - HKLM\..\Run: [Microsoft Works Update Detection] "C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe"
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [McAfee Backup] "C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe"
O4 - HKLM\..\Run: [MBkLogOnHook] "C:\Program Files\McAfee\MBK\LogOnHook.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [McWebDownlMgr] C:\WINDOWS\TEMP\McDMTemp007 (2)\DwnldMgr.exe /runkey (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [McWebDownlMgr] C:\WINDOWS\TEMP\McDMTemp007 (2)\DwnldMgr.exe /runkey (User 'Default user')
O4 - Startup: NaturalColorLoad.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: NaturalColorLoad.lnk = ?
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O4 - Global Startup: SMC2862W-G EZ Connect g 802.11g Wireless USB Utility.lnk = C:\Program Files\SMC\SMC2862W-G EZ Connect g 2.4Ghz 802.11g Wireless USB 2.0 Adapter\SMCWGUTI.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O9 - Extra button: Vegas Red Casino - {D5AE2D6D-38A7-425c-86C0-E4ABBDB9EC68} - C:\Casino\Vegas Red Casino\casino.exe
O9 - Extra 'Tools' menuitem: Vegas Red Casino - {D5AE2D6D-38A7-425c-86C0-E4ABBDB9EC68} - C:\Casino\Vegas Red Casino\casino.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O15 - Trusted Zone: http://www.vip.com
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} (VaioInfo.CMClass) - http://esupport.sony.com/VaioInfo.CAB
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {1E2941E3-8E63-11D4-9D5A-00902742D6E0} (iNotes Class) - http://mail.malden.mec.edu/iNotes.cab
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) - http://a516.g.akamai.net/f/516/25175/7d/runaware.download.akamai.com/25175/citrix/wficat-no-eula.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {36E4E9BC-4D0C-41B4-90C9-37AFDBFAAD3C} (InforbitHelper Class) - http://download.infotriever.com/bin/ifhelper.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by104fd.bay104.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5EB6A98B-F75B-4AC7-821D-BAD2C29D18C2} (CVALAXObj Class) - https://mycampus.phoenix.edu/support/tutorials/Click2Talk/ClickToTalkTS/download/CVALAX.CAB
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1151289857000
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1151290801484
O16 - DPF: {A82C3A33-5C0E-466C-B020-71585433A7E4} (PhxStudent.OeSetup15) - https://ecampus.phoenix.edu/secure/PhxStudent15.CAB
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/mcgdmgr/1,0,0,26/mcgdmgr.cab
O16 - DPF: {CC32D4D8-2A0B-4CEB-B105-C9B968379105} (CGameManagerCtrl Object) - https://disney.go.com/games/downloads/gamemanager/DIGGameManager.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://casinoshare.microgaming.com/casinoshare/FlashAX.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://www.driveragent.com/files/driveragent.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O23 - Service: McAfee Application Installer Cleanup (0287191202205476) (0287191202205476mcinstcleanup) - McAfee, Inc. - C:\WINDOWS\TEMP\028719~1.EXE
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: ColdFusion MX Application Server - Macromedia Inc. - C:\CFusionMX\runtime\bin\jrunsvc.exe
O23 - Service: ColdFusion MX ODBC Agent - Unknown owner - C:\CFusionMX\db\slserver52\bin\swagent.exe
O23 - Service: ColdFusion MX ODBC Server - Unknown owner - C:\CFusionMX\db\slserver52\bin\swstrtr.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\SYSTEM32\GEARSEC.EXE
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - c:\program files\mcafee\msk\msksrver.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SiteAdvisor Service - Unknown owner - C:\Program Files\SiteAdvisor\6253\SAService.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\Sptisrv.exe
O23 - Service: VAIO Media Music Server (VAIOMediaPlatform-MusicServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Music\SSSvr.exe
O23 - Service: VAIO Media Music Server (HTTP) (VAIOMediaPlatform-MusicServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Music Server (UPnP) (VAIOMediaPlatform-MusicServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Photo Server (VAIOMediaPlatform-PhotoServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Photo\appsrv\PhotoAppSrv.exe
O23 - Service: VAIO Media Photo Server (HTTP) (VAIOMediaPlatform-PhotoServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Photo Server (UPnP) (VAIOMediaPlatform-PhotoServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Video\GPVSvr.exe
O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe

--
End of file - 18077 bytes
 
kaps p1 sooo big have to finish post later

KASPERSKY ONLINE SCANNER REPORT
Tuesday, February 05, 2008 7:09:41 AM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 5/02/2008
Kaspersky Anti-Virus database records: 548717
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\
G:\
H:\

Scan Statistics:
Total number of scanned objects: 166589
Number of viruses found: 2
Number of infected objects: 15
Number of suspicious objects: 0
Duration of the scan process: 03:38:23

Infected Object Name / Virus Name / Last Action
C:\CFusionMX\db\slserver52\tracing\ColdFusion MX ODBC Agent.trc Object is locked skipped
C:\CFusionMX\db\slserver52\tracing\ColdFusion MX ODBC Server.trc Object is locked skipped
C:\CFusionMX\logs\server.log Object is locked skipped
C:\CFusionMX\runtime\logs\default-err.log Object is locked skipped
C:\CFusionMX\runtime\logs\default-out.log Object is locked skipped
C:\CFusionMX\runtime\servers\default\SERVER-INF\jms\db\coremq\consumer.dat Object is locked skipped
C:\CFusionMX\runtime\servers\default\SERVER-INF\jms\db\coremq\destination.dat Object is locked skipped
C:\CFusionMX\runtime\servers\default\SERVER-INF\jms\db\coremq\handle.dat Object is locked skipped
C:\CFusionMX\runtime\servers\default\SERVER-INF\jms\db\coremq\message.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\McAfee\MNA\NAData Object is locked skipped
C:\Documents and Settings\All Users\Application Data\McAfee\MPF\data\log.edb Object is locked skipped
C:\Documents and Settings\All Users\Application Data\McAfee\MSC\Logs\Events.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\McAfee\MSC\McUsers.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\McAfee\MSK\MSKWMDB.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\McAfee\MSK\settingsdb.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\McAfee\VirusScan\Logs\OAS.Log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8e31766098082b1b41af627599f835e1_51efa46f-1676-4937-b187-21320319e24c Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\b690388aa1292b7fbe341629caa78bc9_51efa46f-1676-4937-b187-21320319e24c Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.439.Crwl Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.439.gthr Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\MSS.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\CiPT0000.000 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\Used0000.000 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore\CiST0000.000 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy8239.gthr Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\tmp.edb Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Windows.edb Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Ntf1.tmp Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Ntf2.tmp Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Perflib_Perfdata_9cc.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Support\MPLog-12072006-221540.log Object is locked skipped
C:\Documents and Settings\Grace\Application Data\acccore\caches\bart\1\0201D2062E Object is locked skipped
C:\Documents and Settings\Grace\Application Data\acccore\caches\bart\1\0201E08CEC Object is locked skipped
C:\Documents and Settings\Grace\Application Data\acccore\caches\bart\1\0201E0917F Object is locked skipped
C:\Documents and Settings\Grace\Application Data\acccore\caches\bart\1\030A2D3F9566F8133E7241A792D9D978 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\acccore\caches\bart\1\26827173A32CFD66AE06B2E03C2090B8 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\acccore\caches\bart\1\26EC0C5B7114F10875139504DC06CB40 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\acccore\caches\bart\1\2B0000003C Object is locked skipped
C:\Documents and Settings\Grace\Application Data\acccore\caches\bart\1\2B00002065 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\acccore\caches\bart\1\2B00002834 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\acccore\caches\bart\1\2B00002B40 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\acccore\caches\bart\1\2C494D53747265657469636F6E Object is locked skipped
C:\Documents and Settings\Grace\Application Data\acccore\caches\bart\1\2C67696C7A6F7469636F6E Object is locked skipped
C:\Documents and Settings\Grace\Application Data\acccore\caches\bart\1\2C73706C65616B5F69636F6E Object is locked skipped
C:\Documents and Settings\Grace\Application Data\acccore\caches\bart\1\2FF3EC05D8D0239C17813A71950FEB39 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\acccore\caches\bart\1\32FD965AA1A6EF4F1E8F4DE14D141A4B Object is locked skipped
C:\Documents and Settings\Grace\Application Data\acccore\caches\bart\1\340011B145208CFBEA76AD088CB728AE Object is locked skipped
C:\Documents and Settings\Grace\Application Data\acccore\caches\bart\1\3D81CBF32B4374900D3161432904B286 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\acccore\caches\bart\1\41F3BF594DDAC6CAA3D2942C3F7FE6FA Object is locked skipped
C:\Documents and Settings\Grace\Application Data\acccore\caches\bart\1\4916D554C00AB7982229A88F95B5F2ED Object is locked skipped
C:\Documents and Settings\Grace\Application Data\acccore\caches\bart\1\5DA6BF6279DAA8A81EAB61C5BBC01AFD Object is locked skipped
C:\Documents and Settings\Grace\Application Data\acccore\caches\bart\1\5F1DD9054F9FCB372E9853C77E3F5F90 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\acccore\caches\bart\1\6239FAC128E92C898A32819F776BED26 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\acccore\caches\bart\1\697CB5B0CBDACCE78B827F1A4796E140 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\acccore\caches\bart\1\7E940868FE64CC37B1E4D18982B0CE82 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\acccore\caches\bart\1\902BBA87C11E77570137A1F5A1B145BE Object is locked skipped
C:\Documents and Settings\Grace\Application Data\acccore\caches\bart\1\A455B7F56A7845F8A3BB1DAD4C8ED557 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\acccore\caches\bart\1\A4CC7695FD279702F37EDC69829CC639 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\acccore\caches\bart\1\A65B598392822A71E1F1858EF57BCBE7 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\acccore\caches\bart\1\B1BD3D6D007DCC7A9685FD2DB47142F8 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\acccore\caches\bart\1\D47F2681C0ADDC11330F0C2362C6301B Object is locked skipped
C:\Documents and Settings\Grace\Application Data\acccore\caches\bart\1024\2B000001B7 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\acccore\caches\bart\129\0201D215F1 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\acccore\caches\bart\129\2B0000144F Object is locked skipped
C:\Documents and Settings\Grace\Application Data\acccore\caches\users\graceebabyxoo\feedbag Object is locked skipped
C:\Documents and Settings\Grace\Application Data\acccore\caches\users\gracieakersz13\buddyicon Object is locked skipped
C:\Documents and Settings\Grace\Application Data\acccore\caches\users\gracieakersz13\feedbag Object is locked skipped
C:\Documents and Settings\Grace\Application Data\acccore\nss\cert8.db Object is locked skipped
C:\Documents and Settings\Grace\Application Data\acccore\nss\key3.db Object is locked skipped
C:\Documents and Settings\Grace\Application Data\acccore\nss\secmod.db Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Adobe\Acrobat\6.0\AcroForm\MRUFormsList Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Adobe\Acrobat\6.0\AdobeComFnt06.lst Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Adobe\Acrobat\6.0\Collab\OfflineDocs Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Adobe\Acrobat\6.0\Collab\Reviews Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Adobe\Acrobat\6.0\TMGrpPrm.sav Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Adobe\Acrobat\6.0\Updater\udstore.js Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Adobe\Acrobat\7.0\AdobeCMapFnt07.lst Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Adobe\Acrobat\7.0\AdobeSysFnt07.lst Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Adobe\Acrobat\7.0\Collab\RSS Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Adobe\Acrobat\7.0\JavaScripts\glob.settings.js Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Adobe\Acrobat\7.0\JSADM.exv Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Adobe\Acrobat\7.0\Lori.err Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Adobe\Acrobat\7.0\organizer70\favorites.frm Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Adobe\Acrobat\7.0\organizer70\favorites.MYD Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Adobe\Acrobat\7.0\organizer70\favorites.MYI Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Adobe\Acrobat\7.0\organizer70\files.frm Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Adobe\Acrobat\7.0\organizer70\files.MYD Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Adobe\Acrobat\7.0\organizer70\files.MYI Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Adobe\Acrobat\7.0\organizer70\folders.frm Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Adobe\Acrobat\7.0\organizer70\folders.MYD Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Adobe\Acrobat\7.0\organizer70\folders.MYI Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Adobe\Acrobat\7.0\Preferences\AcrobatColorSettings.csf Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Adobe\Acrobat\7.0\Updater\udlog.txt Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Adobe\Acrobat\7.0\Updater\udstore.js Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Adobe\Acrobat\7.0\UserCache.bin Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Adobe\Acrobat\8.0\AdobeCMapFnt08.lst Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Adobe\Acrobat\8.0\AdobeSysFnt08.lst Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Adobe\Acrobat\8.0\JavaScripts\glob.js Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Adobe\Acrobat\8.0\JavaScripts\glob.settings.js Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Adobe\Acrobat\8.0\Lori.err Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Adobe\Acrobat\8.0\organizer70\db.opt Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Adobe\Acrobat\8.0\organizer70\favorites.frm Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Adobe\Acrobat\8.0\organizer70\favorites.MYD Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Adobe\Acrobat\8.0\organizer70\favorites.MYI Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Adobe\Acrobat\8.0\organizer70\files.frm Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Adobe\Acrobat\8.0\organizer70\files.MYD Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Adobe\Acrobat\8.0\organizer70\files.MYI Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Adobe\Acrobat\8.0\organizer70\folders.frm Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Adobe\Acrobat\8.0\organizer70\folders.MYD Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Adobe\Acrobat\8.0\organizer70\folders.MYI Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Adobe\Acrobat\8.0\Synchronizer\adobesynchronizersu80 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Adobe\Acrobat\8.0\Synchronizer\metadata\Synchronizer80 Object is locked skipped
 
part kaps report log

C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2B0000174E Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2B000017AD Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2B000017DF Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2B0000182B Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2B000019A4 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2B00001C06 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2B00001C0C Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2B00001C38 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2B00001D55 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2B00001D8A Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2B00001DB1 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2B00001DBB Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2B00001DD8 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2B00001E6C Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2B00001E6E Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2B00001E70 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2B00001E91 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2B00001ECA Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2B00001EFF Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2B00001F33 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2B00001FB4 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2B00002065 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2B000020FD Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2B000025C3 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2B00002830 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2B00002834 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2B00002919 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2B0000291C Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2B00002A5E Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2B00002AC3 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2B00002B40 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2B00002BB5 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2B00002BF8 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2B00002C95 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2B00002DB8 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2B00002DDA Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2B2FAC0024C60E3E26B3E742B7AA6D9B Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2B50FB34071203B5DD5805C1CD6C5676 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2B5D6902FAB73E8CB4FAB7048850A9B4 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2B8B2741990DE10B264BC78EC7693140 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2BE6797A6A10958855F7D9D780C60538 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2C494D53747265657469636F6E Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2C58B2ADBD4D8823AE38D9F23A6D9AC2 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2C61705F69636F6E Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2C66616365626F6F6B69636F6E Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2C67696C7A6F7469636F6E Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2C73706C65616B5F69636F6E Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2C97672BD88CDF697FF1BB3F746F5F51 Object is locked skipped
 
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2CA437FEB353D9C0A3DEEE10069F2007 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2D5FD2707F615D08D468DA7A2B87E4C8 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2D68CD4BCC7092C7A4C352B76D7C1453 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2DB02F50E3CD802EC02DBDC185B6E4D6 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2E000C000000000000010066656501 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2E000C000000000000010066CA1901 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2E000C0000000000000100692B1601 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2E000C0000000000000100707BEA01 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2E000C0000000000000100797E6B01 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2E000C00000000000001007B09EE01 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2E000C0000000000000100AB803501 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2E000C000000000000020068FD7001 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2E000C00000000000002008D1FD501 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2E000C000000000000030078762901 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2E000C00000000000005007F7EB101 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2E000C0000000000000600750B3B01 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2E000C00000000000007008C403901 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2E000C0000000000000A00924B8101 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2E72E1060662D408B09B5C8D54D960D6 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2EC828E22B6603DDFB7F737954393077 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2F5D6544203811C4E0363DB99C0022B1 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\2FF3EC05D8D0239C17813A71950FEB39 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\301FC416600D3B5110E3703752BD615F Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\308E6DDEC6E4161FCBC2B0E22E0B9A4A Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\31A7C76ED8D544AC3F8C963F33B2BF14 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\320F208F165B48089D9EC157301FA3B6 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\3292F246BF93A729867E1B1A562DFF1B Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\32DB44D3DB2BF80A307459989A3568F7 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\32EC48C7726D473187C06DB8A7BA45DD Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\32FD965AA1A6EF4F1E8F4DE14D141A4B Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\3361787B8A9E270A05FF006F057968F9 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\3367B202F0206FAD888001B3746AD2CD Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\33B2FA255578D0652CE725F54F202703 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\33DEC29C3E78DA287ADBB9C68BED0014 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\34BDD24C33D00E01A5FCC4ED6DA02822 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\357AC1659AA7C4AEE812FA87748F27E7 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\3599516245074242D2FC94A93210F3F2 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\363605893615FDE356A53FCBECC8B33F Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\368E2A2D57A5DC6AC4C38C0793913D16 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\36B5AB25461C8EF72DD637E579D81A40 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\378217C590DE923D4B05C7680CB6FEE8 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\37CCD619222B0953A25097395380D351 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\37F05D2C96BBAA1A8A791CDF6F627A69 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\3856125418206AC6FABBB7A99D79EC68 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\389804A833D4ACCE9A83D90D086A8C98 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\38C7443EEEF3CAECBB8CF38DD8211F2F Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\38DF284B5DCD2A7DA3991CDED6BE1D24 Object is locked skipped
 
part 4

C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\394FAA2AC35486A52BD0A3C18F910089 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\396E6F84D26C2A83E929E73A28CB5E02 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\39BD03551906393C159922F6BB008DE1 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\3A4D65AC626EC3F8A6D1E3C0C78347DA Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\3ACD00AB44BF10ACCA93183204E013E8 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\3BBB4E2895A49A1111432D5265370F7F Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\3C50CEB18F1C1CEAC46B636939ECE455 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\3D9B10A62596FFC51BBC56DD26734D63 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\3E3A020CA014F40884D6B4E967C9E7F6 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\3F3F772FE3FE3D7A06398BCFF45A18D7 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\40BF632629FB27FF314D24F20686AFAE Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\40E732151372F86395E3DA8FAC3FDCD1 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\40F3DD249DB34DFE501DF6C9EDC3F05E Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\411B302813FB0F58AB9480803C4007EC Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\4250224DF6D96FFA93BCC293517763FE Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\42569440221D0BABB0F298E3193EAD3D Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\42C5B0ABF1D5CB66347446A6495B871A Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\42EFFCE95173C5AB8F4103591D6F61FA Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\42F07D3A874604AB80FBA713EF3232A4 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\42F56A02DB242ABF535F236DC55A85F5 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\4300BAD6B3D53D533F574553E53D5D83 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\432E11FDC69A74C4565B851AF986370C Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\433CF97CC0157BD68FC3167A9F62AB6F Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\433D1BB23EB6DD2A3BBB17BF2768C17B Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\43412F3DC48EC1945450E45B860240EB Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\435A62ADC30B5B54DC4DD3527C0C19BF Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\435F22661CEB8E05370A35F32C7C98E0 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\43815C26F73155668AEBF9869E7A74F5 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\43B311743413459FBFD0D9A827F80C56 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\4416E93D9E6894EA9CC18051AD9DEC1A Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\450D2BF895317B2C2922F9282D2DD083 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\4514332B5AFD9FD819373304A2694444 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\4693E78223F7BF053DC62231A1320278 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\469E065972C97378FC3301E9615E1305 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\471FB1B352A24CBBC593478C2936D665 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\48072562CF3BE9CDF57F7B4DFC8D324A Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\48154EA474A8245EA15D2B32EDE913B0 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\48A619BD9B4F1FA31E4147D80CD2F6A7 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\48AD388C3A55FA5CA150E6D4ED7F39AA Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\48AF972823BBB3B144E6A06000191B8E Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\49002C6A651D6A150A3AA76EFBC1FE1A Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\497B2D90686BEFB7DADFC369A87C9AFF Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\4A05FF6596D627E65CA49F3BEB50E7A0 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\4A4EED4481603942336923C8125BBDD5 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\4B3032F82EB426BFC25BC3720AEAF536 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\4B9996A7F927BF26B865547B6A5B04F6 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\4BFDB10A21F93DFBE0434D7A9C05BC24 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\4C360F16208A6EDC1EF3DAAE8E5CD8CA Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\4C4054D35213154CCC11B67E75D51E7F Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\4C48E39EAFBC9BF4C1FC36DA90775498 Object is locked skipped
 
part5

C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\4C56E8F0C6544F51DB9F74DC8B411C83 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\4C7C7C72CE3628A396959B312422C298 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\4C94E4F32E30DA6C7463723D4CC77FC3 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\4CD71A86E586D2ABB41BEBA6B0141B02 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\4D24EBD1CF905103C28CA41ED96E7257 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\4D51A9991B04E1F3B1C6E5E500B60F9D Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\4D6E185453A077AA4736ECCCA722469C Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\4DD5FCCB2BFDFD9CB29864DCA018B721 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\4E5A143B1379564EAF16E2589EF83A18 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\4EC0A0B4A856608B9516C06B13147322 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\4ED3E52CA405E982B780C93CF6188460 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\4EE8929B0819789376BCC2BDBA0A6271 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\4F3C77E867CDA974C8A8F63126072548 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\5050BFBEAF962CC7901E8412F9D3DBF6 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\505325C12EE666F4FE2C921F423BA108 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\505FFB0B2666D1F3E5BA413A5643E36A Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\50C9C883EA0F249C0DED19FDEB6DA636 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\51B55D8FBA10E6C9D3A5C56AED293B86 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\52124EF4432DB6028A17BC973D63F2EC Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\52228A49FBAFF40B86A3BF181292C5EF Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\52B33DF87FC2E717F0DE607CBB705CC1 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\52E4233399602D400F36BE9A5CC72963 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\5314C482B019C43833146AA44CE5BBBA Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\53523298F3EED517E637055CED08C634 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\5436B2F8E49117CF1509A90EE46987AF Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\54BBE1D476AD3A3C12F6F0D129DA928C Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\5579DB428286A8E34B692371EBDFF8E0 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\55A4D14DAA505431929032F4109031B0 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\5615900B82DC8667F64A077F28681B1D Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\567556B0F0F21FD39C68C09483B28D83 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\569601FD5D62ECD4D32CCDEF4929BFE5 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\56E22B7D5903C8E4C0955D9EB1135AD6 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\576AEB291883AD9BCE3D8F2E13FA780E Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\57844603498233293728CC3BFFA7044B Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\5856D95061FC8AA62C08D779B0AE29F0 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\58E3F2658CE6E75D9475AF0B43113AE8 Object is locked skipped
 
part6

C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\58F29E67D9DBFC31B3A12513299B59D7 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\5909E98862BB1506DBE4ED585764CAA7 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\59A6D8864E8249E0816CC004561C0C1F Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\5A069AD462D1645A148E177CD0E931CD Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\5A8634BDCE878B0687C9D9D7A552E8AB Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\5AD440AC6E552B56EAAEFA55AEDC3671 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\5B253B66E126BE24B6733DC6D89708AB Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\5B9880E3DE7B3633C211ACBCBD0192A6 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\5BD16EB79B916655F3A64C08972C2F24 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\5D3C82624EC81BC482DA838D2D038869 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\5DAF5455999D1BF3AE8E2DE53CAAA0B2 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\5EA55C09271535DD048460DD07C67FE2 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\5EE0D7B1E1D6620AD1F50596F8526039 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\5EFBC5ADBB18F44BD850FDC393AC3AF1 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\5F5351FC5220E71D851F79CE60AD7DF2 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\5FA518C9BC31841262590AA389197413 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\5FE59759CBE342605BE5C77AFFAA661A Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\6006A18324A965827A2B811134FB00D5 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\60107DEE153026B5E9142D8B87827A24 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\601E069A8F667714810FC9FD818E25ED Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\60B66C1A941E54ED2481FC3E69665374 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\60EBE26EC9509D10AACCBD0E8C846736 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\6132378DC0FB94754BC867DE213D218D Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\616062D1789779D930624B394E1221DC Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\61C3B4F5ACA96934F18E038D6C078F25 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\6212171D8F626F087A68F8A8BEB22DA4 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\621B25AAE7182F73EAB93206174E5819 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\6234A084BBABCF9B3C60684B43F4F69B Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\6431797F82A686DD95FD543EDD05DE61 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\652078F19C59CF06AA125E0633979096 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\65C4B5E7A6015DCC1A89411047D64EAB Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\65EC9EB0B106EE801EDFFADDE173B2EB Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\6600D5A73952C708A2E484C1AC91A522 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\66708C9FBE519C56CA70CB6C0F5577E2 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\66E9719B12105F56C7AD53C9C82F01D0 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\670972469077F1BAE9C39CB853AB8488 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\6724FC575B162CE266C4FD99A45065AC Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\67AAE904AA536F3635F172D5453E9B7C Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\68505243C7CA5C4E54B7D16CB7B35F27 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\6880442014EBB51A99B6823DBF219883 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\68D7AAF748179F23B34F590F8F64D28F Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\68F30B23F4DEBB3FE406E4F87B162203 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\68F556ED3D3E74DF30B339DBCBCD0BF8 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\691B839CBF2D18932F859C4CF002A97D Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\69B917C353D3691EF592946E65DE7FD0 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\6A33BAA3BFCECE8C0D6F6B16CCF0F88F Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\6A51964C5ECA4F12DEC0CB8D52ECB862 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\6AC4F60699BF3731143D6CC7BB9527D0 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\6B018DF4FABE28A07F22D5BC568ED1CB Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\6BF3E30646FDE41FD128DAD6CF79AE3E Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\6C1AA14013E8F38166637D7A9C074EEE Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\6CA599E255A965CC43B645AE39F93FD3 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\6CC7E61285E40F85F4D8A14F1508151E Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\6CD5D713C10429181CFA4A2734D9B537 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\6CF283F16ACC73F695AAEA8BF038C5CE Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\6D31EA78672B892D42EE6A8A5CDF94A6 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\6E3C46BEFB209B52F49EF95B998439D9 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\6E576B4C8E3401227E21EBD7B39F67E4 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\6F9338874035C5DD7E2D20115D19609D Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\7009E788626B967862C53241B3D759A8 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\701623F88EBFF89C48A484046B2C2555 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\702B87FF981AB602C25145804952DAFE Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\7066BF3520E2E0CD74D80E33E71CA585 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\707D8A0AAA69AB37EF7A1B85A3D4020F Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\70F2CE573433011DFB627FDA49082D97 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\7130530F661F307CA730782DB5335CA1 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\721CE2C39DD6395E22BB9C2B58604ECC Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\7324BCD55D6CD7DDAD96037749CBCEAC Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\7330618ED7E4BE27B6B9B4EBA5134077 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\733A6D31EC6A5C465603681670C37AE5 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\736D0FDE2A0921624F1264B3DC7E8486 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\73ABA25C6D1E0118EFEA0C452BEBA634 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\73D271DC324927EBFF0E118B60C7363B Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\73D81029828959698DC893F1D7823936 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\73F1CCE431E903FEF05863C3CFF939B1 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\744C9F6AC723CD7574E8C3ECD98B1754 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\746D824FD4B795D5E11D3B26D211D879 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\74FCD1316FF613588AE1D2F1B93FB597 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\7503FADFAF894ECFBD6E952FA95C609B Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\7552B0B7B5064000D2CCD23C43D0A8D5 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\756CEF18CABD65B6EBB2973E023E1E8A Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\75992FDD2C14EF3D2B05BCBF5C09EA75 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\75C6D4C1F58BB83E7D21465C45427A55 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\76F333CCFC86B0C5CD3CB0588FD7399C Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\7765EB847595311B0E0E5A236AAFA0FC Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\77BC4863139F47BC4A4AC56CD96AAB9B Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\77C0B30607E7BB5CB9851528F65E2362 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\78671636A5E3DA74C931C6263D76B5EA Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\78894C0E5A6D109115ACD40E22D5163C Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\790E3E78F9AD7F0696F9C21A6CFDDE85 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\792D0608E188B51B18B3E4A007CE0364 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\79592105BCB63DB264E889FBD5CCB9DC Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\795B434D51810E81CBC3463B56586A53 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\79B4B8C21F00DCC7CD7C2E13EDFD7170 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\79E530236ABC62B280D29BB33DA814DB Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\7A0189E05D9B939188BD9CB3E92A2BCB Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\7A84ABFD5AD39B4E671571547B5CE1CD Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\7ADCCE6635392041D82A1EC5F42830EE Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\7AEDF199449A086BFBF5FC7B62D00623 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\7B42D982B387D7E170405FE0FAFDA8D6 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\7B478C53AC0FF1FB48E09BD3782C4FD8 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\7B8241A0BC95687E3DDB5EE4311B132F Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\7B88EAF3B4FD5FE66A30E9E962C3D2E5 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\7BCD201D62C35A2C1D568ECB67499E06 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\7BF5F034F6FA878617258682B039051A Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\7C28376B8BECC96C5ED561EABB3E9358 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\7C2EBF5C6BCFC5517437594624F6DAC9 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\7CA4F3B1044EA82563568E2C8CA5AC3C Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\7CC6D19CC3C9A3DFD53D1CB23C1F89B0 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\7D161CBA2A94AC9D234DA5CB5C75D1D6 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\7D57DBC953178AD36480473ADDB9BF0B Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\7D9972AEC4894442617E0EC81417687C Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\7DF71F554F01FFA414655ED31A91DD6C Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\7E3AF1C0D6E076F927C1986ACE09CAE5 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\7E3B56631D1F48BB107A67B065F740AF Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\7E5C23ADABFE18984BFFED164E09C9BD Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\7E89415C782D7FC871DFFED69F80FC99 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\7EFC693912DEB203F1845E437F61EB1A Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\7F43C265CCEBAD30437BB8D0AF1754FC Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\7F66A5A7A8954B92CBEA9C4785365175 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\7FA8DFA0A8AAC9921DA483EA9B34A162 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\7FF51F8CCBF0FD575034CCCA31B3CBD7 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\8044A77A56D74180E50FD6954E1037AC Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\8061F4B3EE3D04D19A684FB371E51B32 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\80A7779A9A954E8B9503E6B4B4920BEE Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\80AFE5B4D893F869154F0C92DEB03E68 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\81005D77291EAED94158A3D08BA39427 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\822CA989B7CC560A00A88EE27D7DD3DC Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\82E1F23A2F587EEF68311C32365A2CA5 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\82F1FE6EA75FF0AF6F293609D89DD877 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\831C9CE3AE50097AD1CF6999E2B483C0 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\835532B7D172F00A537953D8ACF9ADA5 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\835927F9F9EBC57A82B8777272ACB4A1 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\83C00FBD5E3AEC8C0F56F069F4B4D8F6 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\841E75CB45BCFA29A5AF2F0C2059F61F Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\8456A8925B439135F29EBB984A473313 Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\8496B1702794996CAB4842889A5B905E Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\84BC6252A688E87E333EEC5BEE0D8CFE Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\84BDFF35AA854C7097F9037854AFC4EB Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\84E0720994A36C2D8915626D3888B29D Object is locked skipped
C:\Documents and Settings\Grace\Application Data\Aim\afnwcbys\bartcache\1\85EF878E207A369532429B242DE6507E Object is locked skipped
 
Hi

You can edit out all entries with object locked skipped and post those with infected, please :)
 
I am confused

I am confused because every one says "locked skipped", but it found 2 viruses and 15 infected files:
Scan Statistics:
Total number of scanned objects: 166589
Number of viruses found: 2
Number of infected objects: 15
Number of suspicious objects: 0
Duration of the scan process: 03:38:23

Infected Object Name / Virus Name / Last Action
C:\CFusionMX\db\slserver52\tracing\ColdFusion MX ODBC Agent.trc Object is locked skipped
C:\CFusionMX\db\slserver52\tracing\ColdFusion MX ODBC Server.trc Object is locked skipped
C:\CFusionMX\logs\server.log Object is locked skipped
C:\CFusionMX\runtime\logs\default-err.log Object is locked skipped
C:\CFusionMX\runtime\logs\default-out.log Object is locked skipped
C:\CFusionMX\runtime\servers\default\SERVER-INF\jms\db\coremq\consumer.dat Object is locked skippe
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8e31766098082b1b41af627599f835e1_51efa46f-1676-4937-b187-21320319e24c Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\b690388aa1292b7fbe341629caa78bc9_51efa46f-1676-4937-b187-21320319e24c Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.439.Crwl Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.439.gthr Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\MSS.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\CiPT0000.000 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\Used0000.000 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore\CiST0000.000 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy8239.gthr Object is locked skipped
 
Hi

Those with infected don't say object locked skipped but infected skipped.

Please do a search with infected in Notepad when that log is open and copy/paste those entries only here :)
 
You must log in or register to reply here.
Back
Top