Persistent problem with Zlob - Plz help

Reports after Delete - User1 HJT log

Logfile of HijackThis v1.99.1
Scan saved at 12:47:46 AM, on 6/13/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16441)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\IPSSVC.EXE
C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\mcshield.exe
C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TPHDEXLG.EXE
C:\WINDOWS\system32\TpKmpSVC.exe
C:\Program Files\IBM ThinkVantage\Rescue and Recovery\rrservice.exe
C:\Program Files\IBM ThinkVantage\Common\Scheduler\tvtsched.exe
C:\Program Files\ThinkVantage\SystemUpdate\UCLauncherService.exe
C:\Program Files\VMware\VMware Server\vmware-authd.exe
C:\WINDOWS\system32\vmnat.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
C:\WINDOWS\system32\vmnetdhcp.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\VMware\VMware Server\vmserverdWin32.exe
C:\Program Files\IBM ThinkVantage\Common\Logger\logmon.exe
C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\TpShocks.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe
C:\Program Files\Lenovo\PkgMgr\HOTKEY\TPONSCR.exe
C:\Program Files\Lenovo\PkgMgr\HOTKEY_1\TpScrex.exe
C:\PROGRA~1\THINKV~2\AMSG\amsg.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\IBM ThinkVantage\Client Security Solution\cssauth.exe
C:\Program Files\IBM ThinkVantage\SafeGuard PrivateDisk\pdservice.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Common Files\Network Associates\TalkBack\tbmon.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
C:\Program Files\MIT\KLP\klptray.exe
C:\Program Files\Kerberos\krbcc32s.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\IBM ThinkVantage\Client Security Solution\pwmgr.exe
C:\WINDOWS\system32\LVComsX.exe
C:\swares\2xExplorer\2xExplorer.exe
C:\swares\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://web.mit.edu/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: (no name) - {67982BB7-0F95-44C5-92DC-E3AF3DC19D6D} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: del.icio.us Toolbar Helper - {7AA07AE6-01EF-44EC-93CA-9D7CD41CCDB6} - C:\Program Files\del.icio.us\Internet Explorer Buttons\dlcsIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: del.icio.us - {981FE6A8-260C-4930-960F-C3BC82746CB0} - C:\Program Files\del.icio.us\Internet Explorer Buttons\dlcsIE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [TP4EX] tp4ex.exe
O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [suScheduler] C:\Program Files\ThinkVantage\SystemUpdate\UCLauncher.exe /SCHEDULER
O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe
O4 - HKLM\..\Run: [AMSG] C:\PROGRA~1\THINKV~2\AMSG\amsg.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [cssauth] "C:\Program Files\IBM ThinkVantage\Client Security Solution\cssauth.exe" silent
O4 - HKLM\..\Run: [PDService.exe] "C:\Program Files\IBM ThinkVantage\SafeGuard PrivateDisk\pdservice.exe"
O4 - HKLM\..\Run: [ACTray] C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
O4 - HKLM\..\Run: [ACWLIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
O4 - HKLM\..\Run: [PWRMGRTR] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [BLOG] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Common Files\Network Associates\TalkBack\tbmon.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Startup: Stretch Break.lnk.disabled
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk.disabled
O4 - Global Startup: HP Digital Imaging Monitor.lnk.disabled
O4 - Global Startup: KlpTray.lnk = C:\Program Files\MIT\KLP\klptray.exe
O4 - Global Startup: Leash Kerberos Ticket Manager.lnk.disabled
O4 - Global Startup: Logitech Desktop Messenger.lnk.disabled
O4 - Global Startup: Logitech SetPoint.lnk.disabled
O4 - Global Startup: WordWeb.lnk.disabled
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &WordWeb... - res://C:\WINDOWS\system32\wweb32.dll/lookup.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Download using Download &Express - C:\Program Files\Download Express\Add_Url.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Software Installer - {D1A4DEBD-C2EE-449f-B9FB-E8409F9A0BC5} - C:\Program Files\Lenovo\PkgMgr\\PkgMgr.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O11 - Options group: [JAVA_IBM] Java (IBM)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} (LinkedIn ContactFinderControl) - http://www.linkedin.com/cab/LinkedInContactFinderControl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
O16 - DPF: {74FFE28D-2378-11D5-990C-006094235084} (IBM Access Support) - http://www-307.ibm.com/pc/support/IbmEgath.cab
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www.ca.com/us/securityadvisor/virusinfo/webscan.cab
O16 - DPF: {C606BA60-AB76-48B6-96A7-2C4D5C386F70} -
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)
O20 - Winlogon Notify: AfsLogon - C:\WINDOWS\system32\afslogon.dll
O20 - Winlogon Notify: KFWLogon - C:\WINDOWS\system32\afslogon.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\
O20 - Winlogon Notify: psfus - C:\WINDOWS\SYSTEM32\psqlpwd.dll
O20 - Winlogon Notify: tpfnf2 - C:\WINDOWS\SYSTEM32\notifyf2.dll
O20 - Winlogon Notify: tphotkey - C:\WINDOWS\SYSTEM32\tphklock.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Unknown owner - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: BJZCWY - Unknown owner - C:\DOCUME~1\bsanjayb\LOCALS~1\Temp\BJZCWY.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: Sony SPTI Service for DVE (ICDSPTSV) - Sony Corporation - C:\WINDOWS\system32\IcdSptSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IPS Core Service (IPSSVC) - Lenovo Group Limited - C:\WINDOWS\system32\IPSSVC.EXE
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.EXE
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe
O23 - Service: OpenAFS Client (TransarcAFSDaemon) - OpenAFS Project - C:\Program Files\OpenAFS\Client\Program\afsd_service.exe
O23 - Service: TSS Core Service (TSSCoreService) - IBM - C:\Program Files\IBM ThinkVantage\Client Security Solution\ibmtcsd.exe
O23 - Service: TVT Backup Service - Unknown owner - C:\Program Files\IBM ThinkVantage\Rescue and Recovery\rrservice.exe
O23 - Service: TVT Scheduler - Unknown owner - C:\Program Files\IBM ThinkVantage\Common\Scheduler\tvtsched.exe
O23 - Service: ThinkVantage System Update (UCLauncherService) - Unknown owner - C:\Program Files\ThinkVantage\SystemUpdate\UCLauncherService.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Server\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
O23 - Service: VMware Registration Service (vmserverdWin32) - VMware, Inc. - C:\Program Files\VMware\VMware Server\vmserverdWin32.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe
 
User 2 - HJT log

Logfile of HijackThis v1.99.1
Scan saved at 10:56:33 PM, on 6/13/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16441)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\IPSSVC.EXE
C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\mcshield.exe
C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TPHDEXLG.EXE
C:\WINDOWS\system32\TpKmpSVC.exe
C:\Program Files\IBM ThinkVantage\Rescue and Recovery\rrservice.exe
C:\Program Files\IBM ThinkVantage\Common\Scheduler\tvtsched.exe
C:\Program Files\ThinkVantage\SystemUpdate\UCLauncherService.exe
C:\Program Files\VMware\VMware Server\vmware-authd.exe
C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
C:\WINDOWS\system32\vmnat.exe
C:\WINDOWS\system32\vmnetdhcp.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\VMware\VMware Server\vmserverdWin32.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\TpShocks.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Lenovo\PkgMgr\HOTKEY\TPONSCR.exe
C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe
C:\Program Files\Lenovo\PkgMgr\HOTKEY_1\TpScrex.exe
C:\PROGRA~1\THINKV~2\AMSG\amsg.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\IBM ThinkVantage\Client Security Solution\cssauth.exe
C:\Program Files\IBM ThinkVantage\Common\Logger\logmon.exe
C:\Program Files\IBM ThinkVantage\SafeGuard PrivateDisk\pdservice.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Common Files\Network Associates\TalkBack\tbmon.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
C:\Program Files\MIT\KLP\klptray.exe
C:\Program Files\Kerberos\krbcc32s.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\swares\2xExplorer\2xExplorer.exe
C:\swares\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: (no name) - {67982BB7-0F95-44C5-92DC-E3AF3DC19D6D} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: del.icio.us Toolbar Helper - {7AA07AE6-01EF-44EC-93CA-9D7CD41CCDB6} - C:\Program Files\del.icio.us\Internet Explorer Buttons\dlcsIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: del.icio.us - {981FE6A8-260C-4930-960F-C3BC82746CB0} - C:\Program Files\del.icio.us\Internet Explorer Buttons\dlcsIE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [TP4EX] tp4ex.exe
O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [suScheduler] C:\Program Files\ThinkVantage\SystemUpdate\UCLauncher.exe /SCHEDULER
O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe
O4 - HKLM\..\Run: [AMSG] C:\PROGRA~1\THINKV~2\AMSG\amsg.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [cssauth] "C:\Program Files\IBM ThinkVantage\Client Security Solution\cssauth.exe" silent
O4 - HKLM\..\Run: [PDService.exe] "C:\Program Files\IBM ThinkVantage\SafeGuard PrivateDisk\pdservice.exe"
O4 - HKLM\..\Run: [ACTray] C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
O4 - HKLM\..\Run: [ACWLIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
O4 - HKLM\..\Run: [PWRMGRTR] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [BLOG] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Common Files\Network Associates\TalkBack\tbmon.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk.disabled
O4 - Global Startup: HP Digital Imaging Monitor.lnk.disabled
O4 - Global Startup: KlpTray.lnk = C:\Program Files\MIT\KLP\klptray.exe
O4 - Global Startup: Leash Kerberos Ticket Manager.lnk.disabled
O4 - Global Startup: Logitech Desktop Messenger.lnk.disabled
O4 - Global Startup: Logitech SetPoint.lnk.disabled
O4 - Global Startup: WordWeb.lnk.disabled
O8 - Extra context menu item: Download using Download &Express - C:\Program Files\Download Express\Add_Url.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Software Installer - {D1A4DEBD-C2EE-449f-B9FB-E8409F9A0BC5} - C:\Program Files\Lenovo\PkgMgr\\PkgMgr.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O11 - Options group: [JAVA_IBM] Java (IBM)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} (LinkedIn ContactFinderControl) - http://www.linkedin.com/cab/LinkedInContactFinderControl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
O16 - DPF: {74FFE28D-2378-11D5-990C-006094235084} (IBM Access Support) - http://www-307.ibm.com/pc/support/IbmEgath.cab
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www.ca.com/us/securityadvisor/virusinfo/webscan.cab
O16 - DPF: {C606BA60-AB76-48B6-96A7-2C4D5C386F70} -
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)
O20 - Winlogon Notify: AfsLogon - C:\WINDOWS\system32\afslogon.dll
O20 - Winlogon Notify: KFWLogon - C:\WINDOWS\system32\afslogon.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\
O20 - Winlogon Notify: psfus - C:\WINDOWS\SYSTEM32\psqlpwd.dll
O20 - Winlogon Notify: tpfnf2 - C:\WINDOWS\SYSTEM32\notifyf2.dll
O20 - Winlogon Notify: tphotkey - C:\WINDOWS\SYSTEM32\tphklock.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Unknown owner - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: BJZCWY - Unknown owner - C:\DOCUME~1\bsanjayb\LOCALS~1\Temp\BJZCWY.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: Sony SPTI Service for DVE (ICDSPTSV) - Sony Corporation - C:\WINDOWS\system32\IcdSptSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IPS Core Service (IPSSVC) - Lenovo Group Limited - C:\WINDOWS\system32\IPSSVC.EXE
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.EXE
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe
O23 - Service: OpenAFS Client (TransarcAFSDaemon) - OpenAFS Project - C:\Program Files\OpenAFS\Client\Program\afsd_service.exe
O23 - Service: TSS Core Service (TSSCoreService) - IBM - C:\Program Files\IBM ThinkVantage\Client Security Solution\ibmtcsd.exe
O23 - Service: TVT Backup Service - Unknown owner - C:\Program Files\IBM ThinkVantage\Rescue and Recovery\rrservice.exe
O23 - Service: TVT Scheduler - Unknown owner - C:\Program Files\IBM ThinkVantage\Common\Scheduler\tvtsched.exe
O23 - Service: ThinkVantage System Update (UCLauncherService) - Unknown owner - C:\Program Files\ThinkVantage\SystemUpdate\UCLauncherService.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Server\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
O23 - Service: VMware Registration Service (vmserverdWin32) - VMware, Inc. - C:\Program Files\VMware\VMware Server\vmserverdWin32.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe
 
Kapersky log - part 1

-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Wednesday, June 13, 2007 2:51:39 AM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.93.0
Kaspersky Anti-Virus database last update: 13/06/2007
Kaspersky Anti-Virus database records: 342853
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
C:\
D:\

Scan Statistics:
Total number of scanned objects: 126120
Number of viruses found: 2
Number of infected objects: 0
Number of suspicious objects: 3
Duration of the scan process: 01:32:58

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Application Data\AOL\TopSpeed\2.0\aolstderr.txt Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\TopSpeed\2.0\aolstdout.txt Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\TopSpeed\2.0\aoltsmon.lock Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\TopSpeed\2.0\cache.db Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\TopSpeed\2.0\server.lock Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log.lck Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Lenovo\messages\logs\lf000.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\ff8b6423e9e6bac92437a6ccf2413f92_6948e975-c7e0-42c6-8274-92a22297dfdb Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Network Associates\BOPDATA\_Date-20070612_Time-221646250_EnterceptExceptions.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Network Associates\BOPDATA\_Date-20070612_Time-221646250_EnterceptRules.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Network Associates\Common Framework\Db\Agent_SUN.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Network Associates\Common Framework\Db\PrdMgr_SUN.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Network Associates\VirusScan\AccessProtectionLog.txt Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Network Associates\VirusScan\BufferOverflowProtectionLog.txt Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Network Associates\VirusScan\OnAccessScanLog.txt Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZlobVideoActiveXObject.zip/uninst.exe Suspicious: Password-protected-EXE skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZlobVideoActiveXObject.zip ZIP: suspicious - 1 skipped
C:\Documents and Settings\All Users\Application Data\VMware\vmnetdhcp.leases Object is locked skipped
C:\Documents and Settings\bsanjayb\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\bsanjayb\Local Settings\Application Data\Mozilla\Firefox\Profiles\9en3xuet.default\Cache\9653CD84d01 Suspicious: Exploit.HTML.Mht skipped
C:\Documents and Settings\bsanjayb\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\bsanjayb\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\bsanjayb\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\bsanjayb\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\San\Application Data\Adobe\Acrobat\7.0\AdobeCMapFnt07.lst Object is locked skipped
C:\Documents and Settings\San\Application Data\Adobe\Acrobat\7.0\AdobeSysFnt07.lst Object is locked skipped
C:\Documents and Settings\San\Application Data\Adobe\Acrobat\7.0\Collab\RSS Object is locked skipped
C:\Documents and Settings\San\Application Data\Adobe\Acrobat\7.0\JavaScripts\glob.settings.js Object is locked skipped
C:\Documents and Settings\San\Application Data\Adobe\Acrobat\7.0\Preferences\AutoFillDefaults.dat Object is locked skipped
C:\Documents and Settings\San\Application Data\Adobe\Acrobat\7.0\Preferences\defaultHeuristics.dat Object is locked skipped
C:\Documents and Settings\San\Application Data\Adobe\Acrobat\7.0\Updater\udlog.txt Object is locked skipped
C:\Documents and Settings\San\Application Data\Adobe\Acrobat\7.0\Updater\udstore.js Object is locked skipped
C:\Documents and Settings\San\Application Data\Adobe\Acrobat\7.0\UserCache.bin Object is locked skipped
C:\Documents and Settings\San\Application Data\AVG7\log.idx Object is locked skipped
C:\Documents and Settings\San\Application Data\AVG7\l_000101.log Object is locked skipped
C:\Documents and Settings\San\Application Data\AVG7\sched-0001.cfg Object is locked skipped
C:\Documents and Settings\San\Application Data\AVG7\sched-0002.cfg Object is locked skipped
C:\Documents and Settings\San\Application Data\AVG7\test-0001.cfg Object is locked skipped
C:\Documents and Settings\San\Application Data\AVG7\test-0002.cfg Object is locked skipped
C:\Documents and Settings\San\Application Data\AVG7\test-0003.cfg Object is locked skipped
C:\Documents and Settings\San\Application Data\AVG7\test-0004.cfg Object is locked skipped
C:\Documents and Settings\San\Application Data\AVG7\test-0005.cfg Object is locked skipped
C:\Documents and Settings\San\Application Data\AVG7\test-0006.cfg Object is locked skipped
C:\Documents and Settings\San\Application Data\AVG7\test-0007.cfg Object is locked skipped
C:\Documents and Settings\San\Application Data\AVG7\test-0008.cfg Object is locked skipped
C:\Documents and Settings\San\Application Data\AVG7\test-0009.cfg Object is locked skipped
C:\Documents and Settings\San\Application Data\AVG7\test-0011.cfg Object is locked skipped
C:\Documents and Settings\San\Application Data\AVG7\test-0012.cfg Object is locked skipped
C:\Documents and Settings\San\Application Data\AVG7\test-0013.cfg Object is locked skipped
C:\Documents and Settings\San\Application Data\AVG7\user-0000.cfg Object is locked skipped
 
Kapersky log - part 2

C:\Documents and Settings\San\Application Data\desktop.ini Object is locked skipped
C:\Documents and Settings\San\Application Data\Google\Local Search History\google%2Eweb.w Object is locked skipped
C:\Documents and Settings\San\Application Data\IBM\Java\Deployment\deployment.properties Object is locked skipped
C:\Documents and Settings\San\Application Data\Macromedia\Flash Player\#SharedObjects\RKDBXNSH\skype.com\#ui\preferences.sol Object is locked skipped
C:\Documents and Settings\San\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sol Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\CLR Security Config\v1.1.4322\security.config Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\CLR Security Config\v1.1.4322\security.config.cch Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\CryptnetUrlCache\Content\60E31627FDA0A46932B0E5948949F2A5 Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\CryptnetUrlCache\Content\A44F4E7CB3133FF765C39A53AD8FCFDD Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\CryptnetUrlCache\Content\A8FABA189DB7D25FBA7CAC806625FD30 Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\CryptnetUrlCache\MetaData\60E31627FDA0A46932B0E5948949F2A5 Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\CryptnetUrlCache\MetaData\A44F4E7CB3133FF765C39A53AD8FCFDD Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\CryptnetUrlCache\MetaData\A8FABA189DB7D25FBA7CAC806625FD30 Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\Crypto\RSA\S-1-5-21-3247866205-2105670090-2518177237-1005\533145ef011ddf5ca3983e2545a902b4_6948e975-c7e0-42c6-8274-92a22297dfdb Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\Crypto\RSA\S-1-5-21-3247866205-2105670090-2518177237-1005\6aa0487f26600cd657138d907005de1e_6948e975-c7e0-42c6-8274-92a22297dfdb Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\Excel\Excel11.xlb Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\HTML Help\hh.dat Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\Internet Explorer\brndlog.bak Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\Internet Explorer\brndlog.txt Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\Internet Explorer\Desktop.htt Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\Media Player\00771AE7.wpl Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\MMC\dfrg Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\Office\Excel11.pip Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\Office\MSO1033.acl Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\Office\MSOut11.pip Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\Office\PowerP11.pip Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\Office\Recent\06_Instructions2_for Zlob removal.LNK Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\Office\Recent\AfricanFellowsFields.LNK Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\Office\Recent\alumni on www.iie.org.url Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\Office\Recent\Alumni workshop guidelines.doc.url Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\Office\Recent\CSIRT.LNK Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\Office\Recent\Desktop.ini Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\Office\Recent\Europa2010 h.LNK Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\Office\Recent\Humphrey06-07 Fellows Profile List for web.LNK Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\Office\Recent\Humphrey06-07_Analysed.LNK Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\Office\Recent\HumphreySite.LNK Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\Office\Recent\HumpreyGeneral.LNK Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\Office\Recent\index.dat Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\Office\Recent\ITSecMeeting_12-01-07.LNK Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\Office\Recent\ITSecMeeting_27-04-07.LNK Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\Office\Recent\ITSecMIT.LNK Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\Office\Recent\ITSecurityAuditChecklist.LNK Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\Office\Recent\Letter for Feb Course - Duteil.LNK Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\Office\Recent\OLK871.LNK Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\Office\Recent\RegionalAlumni workshop guidelines.LNK Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\Office\Recent\Templates.LNK Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\Office\Recent\THE RISE OF THE VIRTUAL MACHINES.LNK Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\Office\Recent\USCert-websiteReviewFreeTools.LNK Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\Office\Recent\Virtualization.LNK Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\Office\Recent\Virutalization and DATA CENTER.LNK Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\Office\Recent\Zlob_infection.LNK Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\Office\Word11.pip Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\Office\Wordma11.pip Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\Outlook\outcmd.dat Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\Outlook\Outlook.NK2 Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\Outlook\Outlook.srs Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\Outlook\Outlook.xml Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\PowerPoint\PPT11.pcb Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\Proof\CUSTOM.DIC Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\Protect\CREDHIST Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\Protect\S-1-5-21-1711984796-385799163-2964708926-500\1c219d41-9abb-41b5-beab-7a94361df772 Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\Protect\S-1-5-21-1711984796-385799163-2964708926-500\Preferred Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\Protect\S-1-5-21-2211086380-485395168-2894439224-500\0fd705c8-eb4c-4944-8e75-56c6bdd13458 Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\Protect\S-1-5-21-2211086380-485395168-2894439224-500\Preferred Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\Protect\S-1-5-21-3247866205-2105670090-2518177237-1005\57dbde19-9b5c-4b66-9a55-01f4cd6bf691 Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\Protect\S-1-5-21-3247866205-2105670090-2518177237-1005\92300664-72b6-4eab-8f2f-e405aab73cae Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\Protect\S-1-5-21-3247866205-2105670090-2518177237-1005\c949cbe0-ba40-40ab-baf0-14ce63001b03 Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\Protect\S-1-5-21-3247866205-2105670090-2518177237-1005\Preferred Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\Templates\Normal.dot Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\Templates\~$Normal.dot Object is locked skipped
C:\Documents and Settings\San\Application Data\Microsoft\Windows\Themes\Custom.theme Object is locked skipped
C:\Documents and Settings\San\Application Data\Mozilla\Firefox\pluginreg.dat Object is locked skipped
C:\Documents and Settings\San\Application Data\Mozilla\Firefox\Profiles\st1ozpxx.default\bookmarkbackups\bookmarks-2007-06-09.html Object is locked skipped
C:\Documents and Settings\San\Application Data\Mozilla\Firefox\Profiles\st1ozpxx.default\bookmarks.bak Object is locked skipped
C:\Documents and Settings\San\Application Data\Mozilla\Firefox\Profiles\st1ozpxx.default\bookmarks.html Object is locked skipped
C:\Documents and Settings\San\Application Data\Mozilla\Firefox\Profiles\st1ozpxx.default\cert8.db Object is locked skipped
C:\Documents and Settings\San\Application Data\Mozilla\Firefox\Profiles\st1ozpxx.default\chrome\userChrome-example.css Object is locked skipped
C:\Documents and Settings\San\Application Data\Mozilla\Firefox\Profiles\st1ozpxx.default\chrome\userContent-example.css Object is locked skipped
C:\Documents and Settings\San\Application Data\Mozilla\Firefox\Profiles\st1ozpxx.default\compatibility.ini Object is locked skipped
C:\Documents and Settings\San\Application Data\Mozilla\Firefox\Profiles\st1ozpxx.default\compreg.dat Object is locked skipped
C:\Documents and Settings\San\Application Data\Mozilla\Firefox\Profiles\st1ozpxx.default\extensions.cache Object is locked skipped
C:\Documents and Settings\San\Application Data\Mozilla\Firefox\Profiles\st1ozpxx.default\extensions.ini Object is locked skipped
C:\Documents and Settings\San\Application Data\Mozilla\Firefox\Profiles\st1ozpxx.default\extensions.rdf Object is locked skipped
C:\Documents and Settings\San\Application Data\Mozilla\Firefox\Profiles\st1ozpxx.default\formhistory.dat Object is locked skipped
C:\Documents and Settings\San\Application Data\Mozilla\Firefox\Profiles\st1ozpxx.default\googlesafebrowsing.db Object is locked skipped
C:\Documents and Settings\San\Application Data\Mozilla\Firefox\Profiles\st1ozpxx.default\history.dat Object is locked skipped
C:\Documents and Settings\San\Application Data\Mozilla\Firefox\Profiles\st1ozpxx.default\key3.db Object is locked skipped
C:\Documents and Settings\San\Application Data\Mozilla\Firefox\Profiles\st1ozpxx.default\localstore.rdf Object is locked skipped
C:\Documents and Settings\San\Application Data\Mozilla\Firefox\Profiles\st1ozpxx.default\metrics.xml Object is locked skipped
C:\Documents and Settings\San\Application Data\Mozilla\Firefox\Profiles\st1ozpxx.default\mimeTypes.rdf Object is locked skipped
C:\Documents and Settings\San\Application Data\Mozilla\Firefox\Profiles\st1ozpxx.default\prefs.js Object is locked skipped
C:\Documents and Settings\San\Application Data\Mozilla\Firefox\Profiles\st1ozpxx.default\search.rdf Object is locked skipped
C:\Documents and Settings\San\Application Data\Mozilla\Firefox\Profiles\st1ozpxx.default\secmod.db Object is locked skipped
C:\Documents and Settings\San\Application Data\Mozilla\Firefox\Profiles\st1ozpxx.default\xpti.dat Object is locked skipped
C:\Documents and Settings\San\Application Data\Mozilla\Firefox\profiles.ini Object is locked skipped
C:\Documents and Settings\San\Application Data\Real\RealPlayer\norestore.ste Object is locked skipped
C:\Documents and Settings\San\Application Data\Real\RealPlayer\realplayer.ste Object is locked skipped
C:\Documents and Settings\San\Application Data\Real\RealPlayer\skins\data\normal\imgcache.dat Object is locked skipped
C:\Documents and Settings\San\Application Data\Real\RealPlayer\skins\data\normal\state.ini Object is locked skipped
C:\Documents and Settings\San\Application Data\Skype\roomab\config.lck Object is locked skipped
C:\Documents and Settings\San\Application Data\Skype\roomab\config.xml Object is locked skipped
C:\Documents and Settings\San\Application Data\Skype\roomab\contactgroup256.dbb Object is locked skipped
C:\Documents and Settings\San\Application Data\Skype\roomab\index2.dat Object is locked skipped
C:\Documents and Settings\San\Application Data\Skype\roomab\profile256.dbb Object is locked skipped
C:\Documents and Settings\San\Application Data\Skype\roomab\user1024.dbb Object is locked skipped
C:\Documents and Settings\San\Application Data\Skype\shared.lck Object is locked skipped
C:\Documents and Settings\San\Application Data\Skype\shared.xml Object is locked skipped
C:\Documents and Settings\San\Application Data\Symantec\Shared\Options.VcPref Object is locked skipped
C:\Documents and Settings\San\Application Data\Talkback\MozillaOrg\Firefox15\Win32\2007031202\manifest.ini Object is locked skipped
C:\Documents and Settings\San\Application Data\Talkback\MozillaOrg\Firefox15\Win32\2007031202\permdata.box Object is locked skipped
C:\Documents and Settings\San\Application Data\ThinkVantage\Client Security\encobject.dat Object is locked skipped
C:\Documents and Settings\San\Application Data\ThinkVantage\Client Security\hibernation.dat Object is locked skipped
C:\Documents and Settings\San\Application Data\ThinkVantage\Client Security\hwkeys.dat Object is locked skipped
C:\Documents and Settings\San\Application Data\ThinkVantage\Client Security\pwdrecovery.dat Object is locked skipped
C:\Documents and Settings\San\Application Data\ThinkVantage\Client Security\symkeys.dat Object is locked skipped
C:\Documents and Settings\San\Cookies\desktop.ini Object is locked skipped
C:\Documents and Settings\San\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\San\Desktop\Windows Media Player.lnk Object is locked skipped
C:\Documents and Settings\San\Favorites\Africa Guide - Map of Africa.url Object is locked skipped
C:\Documents and Settings\San\Favorites\Desktop.ini Object is locked skipped
C:\Documents and Settings\San\Favorites\Links\Customize Links.url Object is locked skipped
C:\Documents and Settings\San\Favorites\Links\Free Hotmail.url Object is locked skipped
C:\Documents and Settings\San\Favorites\Links\Windows Marketplace.url Object is locked skipped
C:\Documents and Settings\San\Favorites\Links\Windows Media.url Object is locked skipped
C:\Documents and Settings\San\Favorites\Links\Windows.url Object is locked skipped
C:\Documents and Settings\San\Favorites\Microsoft Websites\IE Add-on site.url Object is locked skipped
C:\Documents and Settings\San\Favorites\Microsoft Websites\IE site on Microsoft.com.url Object is locked skipped
C:\Documents and Settings\San\Favorites\Microsoft Websites\Marketplace.url Object is locked skipped
C:\Documents and Settings\San\Favorites\Microsoft Websites\Microsoft At Home.url Object is locked skipped
C:\Documents and Settings\San\Favorites\Microsoft Websites\Microsoft At Work.url Object is locked skipped
C:\Documents and Settings\San\Favorites\Microsoft Websites\Welcome to IE7.url Object is locked skipped
C:\Documents and Settings\San\Favorites\MSN.com.url Object is locked skipped
C:\Documents and Settings\San\Favorites\Radio Station Guide.url Object is locked skipped
C:\Documents and Settings\San\Favorites\ThinkPad Recommended Sites\Accessories & Upgrades.url Object is locked skipped
C:\Documents and Settings\San\Favorites\ThinkPad Recommended Sites\Community.url Object is locked skipped
C:\Documents and Settings\San\Favorites\ThinkPad Recommended Sites\IBM Home.url Object is locked skipped
C:\Documents and Settings\San\Favorites\ThinkPad Recommended Sites\IBM PC Home.url Object is locked skipped
C:\Documents and Settings\San\Favorites\ThinkPad Recommended Sites\Support & Services.url Object is locked skipped
C:\Documents and Settings\San\Favorites\ThinkPad Recommended Sites\Think News.url Object is locked skipped
C:\Documents and Settings\San\Favorites\ThinkPad Recommended Sites\ThinkPad Home.url Object is locked skipped
C:\Documents and Settings\San\Favorites\ThinkPad Recommended Sites\ThinkVantage Technologies.url Object is locked skipped
C:\Documents and Settings\San\Local Settings\Application Data\Adobe\Acrobat\7.0\Cache\AcroFnt07.lst Object is locked skipped
C:\Documents and Settings\San\Local Settings\Application Data\Adobe\Color\ACECache4.lst Object is locked skipped
C:\Documents and Settings\San\Local Settings\Application Data\Ahead\Nero Home\bl.db Object is locked skipped
C:\Documents and Settings\San\Local Settings\Application Data\Ahead\Nero Home\crawlercfg.dat Object is locked skipped
C:\Documents and Settings\San\Local Settings\Application Data\Ahead\Nero Home\idx\deletable Object is locked skipped
C:\Documents and Settings\San\Local Settings\Application Data\Ahead\Nero Home\idx\segments Object is locked skipped
C:\Documents and Settings\San\Local Settings\Application Data\Ahead\Nero Home\idx\_3f.cfs Object is locked skipped
C:\Documents and Settings\San\Local Settings\Application Data\Ahead\Nero Home\is2.db Object is locked skipped
C:\Documents and Settings\San\Local Settings\Application Data\Ahead\Nero Home\SID.db Object is locked skipped
C:\Documents and Settings\San\Local Settings\Application Data\Ahead\Nero Home\SII.db Object is locked skipped
C:\Documents and Settings\San\Local Settings\Application Data\ApplicationHistory\cli.exe.c88dbd71.ini.inuse Object is locked skipped
C:\Documents and Settings\San\Local Settings\Application Data\ApplicationHistory\MsiExec.exe.8cb23528.ini.inuse Object is locked skipped
C:\Documents and Settings\San\Local Settings\Application Data\ApplicationHistory\ngen.exe.2c05686e.ini Object is locked skipped
C:\Documents and Settings\San\Local Settings\Application Data\ApplicationHistory\SL1E.tmp.2b86805d.ini Object is locked skipped
C:\Documents and Settings\San\Local Settings\Application Data\ATI\ACE\Profiles.xml Object is locked skipped
C:\Documents and Settings\San\Local Settings\Application Data\fusioncache.dat Object is locked skipped
C:\Documents and Settings\San\Local Settings\Application Data\GDIPFONTCACHEV1.DAT Object is locked skipped
C:\Documents and Settings\San\Local Settings\Application Data\Google\Google Desktop\919b45ba152f\gpac.xml Object is locked skipped
C:\Documents and Settings\San\Local Settings\Application Data\IconCache.db Object is locked skipped
C:\Documents and Settings\San\Local Settings\Application Data\Microsoft\Feeds\FeedsStore.feedsdb-ms Object is locked skipped
C:\Documents and Settings\San\Local Settings\Application Data\Microsoft\Feeds\Microsoft Feeds~\Microsoft at Home~.feed-ms Object is locked skipped
 
Kapersky log - part 3

C:\Documents and Settings\San\Local Settings\Application Data\Microsoft\Feeds\Microsoft Feeds~\Microsoft at Work~.feed-ms Object is locked skipped
C:\Documents and Settings\San\Local Settings\Application Data\Microsoft\Feeds Cache\BZOGYTF5\desktop.ini Object is locked skipped
C:\Documents and Settings\San\Local Settings\Application Data\Microsoft\Feeds Cache\BZOGYTF5\fwlink[1] Object is locked skipped
C:\Documents and Settings\San\Local Settings\Application Data\Microsoft\Feeds Cache\desktop.ini Object is locked skipped
C:\Documents and Settings\San\Local Settings\Application Data\Microsoft\Feeds Cache\EUXIXTY3\desktop.ini Object is locked skipped
C:\Documents and Settings\San\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped
C:\Documents and Settings\San\Local Settings\Application Data\Microsoft\Feeds Cache\SHQN3TUM\desktop.ini Object is locked skipped
C:\Documents and Settings\San\Local Settings\Application Data\Microsoft\Feeds Cache\VLXB21B5\desktop.ini Object is locked skipped
C:\Documents and Settings\San\Local Settings\Application Data\Microsoft\Feeds Cache\VLXB21B5\fwlink[1] Object is locked skipped
C:\Documents and Settings\San\Local Settings\Application Data\Microsoft\FORMS\FRMCACHE.DAT Object is locked skipped
C:\Documents and Settings\San\Local Settings\Application Data\Microsoft\Internet Explorer\brndlog.txt Object is locked skipped
C:\Documents and Settings\San\Local Settings\Application Data\Microsoft\Internet Explorer\MSIMGSIZ.DAT Object is locked skipped
C:\Documents and Settings\San\Local Settings\Application Data\Microsoft\Media Player\CurrentDatabase_219.wmdb Object is locked skipped
C:\Documents and Settings\San\Local Settings\Application Data\Microsoft\Media Player\CurrentDatabase_360.wmdb Object is locked skipped
C:\Documents and Settings\San\Local Settings\Application Data\Microsoft\Media Player\CurrentDatabase_59R.wmdb Object is locked skipped
C:\Documents and Settings\San\Local Settings\Application Data\Microsoft\Media Player\lastplayed.wpl Object is locked skipped
C:\Documents and Settings\San\Local Settings\Application Data\Microsoft\Media Player\LocalMLS_0.wmdb Object is locked skipped
C:\Documents and Settings\San\Local Settings\Application Data\Microsoft\Media Player\LocalMLS_1.wmdb Object is locked skipped
C:\Documents and Settings\San\Local Settings\Application Data\Microsoft\Media Player\LocalMLS_2.wmdb Object is locked skipped
C:\Documents and Settings\San\Local Settings\Application Data\Microsoft\Media Player\LocalMLS_3.wmdb Object is locked skipped
C:\Documents and Settings\San\Local Settings\Application Data\Microsoft\Media Player\wmdbexport.xml Object is locked skipped
C:\Documents and Settings\San\Local Settings\Application Data\Microsoft\Media Player\wmpfolders.wmdb Object is locked skipped
C:\Documents and Settings\San\Local Settings\Application Data\Microsoft\Outlook\extend.dat Object is locked skipped
C:\Documents and Settings\San\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst Object is locked skipped
C:\Documents and Settings\San\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\San\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\San\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNS.DTD Object is locked skipped
C:\Documents and Settings\San\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNS.XML Object is locked skipped
C:\Documents and Settings\San\Local Settings\Application Data\Microsoft\Windows Media\11.0\WMSDKNS.DTD Object is locked skipped
C:\Documents and Settings\San\Local Settings\Application Data\Microsoft\Windows Media\11.0\WMSDKNS.XML Object is locked skipped
C:\Documents and Settings\San\Local Settings\Application Data\Microsoft\Windows Media\9.0\WMSDKNS.DTD Object is locked skipped
C:\Documents and Settings\San\Local Settings\Application Data\Microsoft\Windows Media\9.0\WMSDKNS.XML Object is locked skipped
C:\Documents and Settings\San\Local Settings\Application Data\Mozilla\Firefox\Profiles\st1ozpxx.default\Cache\_CACHE_001_ Object is locked skipped
C:\Documents and Settings\San\Local Settings\Application Data\Mozilla\Firefox\Profiles\st1ozpxx.default\Cache\_CACHE_002_ Object is locked skipped
C:\Documents and Settings\San\Local Settings\Application Data\Mozilla\Firefox\Profiles\st1ozpxx.default\Cache\_CACHE_003_ Object is locked skipped
C:\Documents and Settings\San\Local Settings\Application Data\Mozilla\Firefox\Profiles\st1ozpxx.default\Cache\_CACHE_MAP_ Object is locked skipped
C:\Documents and Settings\San\Local Settings\Application Data\Mozilla\Firefox\Profiles\st1ozpxx.default\XUL.mfl Object is locked skipped
C:\Documents and Settings\San\Local Settings\Application Data\Musicmatch\Jukebox\mmjbaltlog.txt Object is locked skipped
C:\Documents and Settings\San\Local Settings\Application Data\Musicmatch\Jukebox\mmjblog.txt Object is locked skipped
C:\Documents and Settings\San\Local Settings\Application Data\Musicmatch\Jukebox\Portables.log Object is locked skipped
C:\Documents and Settings\San\Local Settings\Application Data\Musicmatch\MIM\Database\Default.mdb Object is locked skipped
C:\Documents and Settings\San\Local Settings\Application Data\Musicmatch\MIM\MMCDi.xml Object is locked skipped
C:\Documents and Settings\San\Local Settings\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Logs\08242006.Log Object is locked skipped
C:\Documents and Settings\San\Local Settings\desktop.ini Object is locked skipped
C:\Documents and Settings\San\Local Settings\History\desktop.ini Object is locked skipped
C:\Documents and Settings\San\Local Settings\History\History.IE5\desktop.ini Object is locked skipped
C:\Documents and Settings\San\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\San\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\San\Local Settings\Temporary Internet Files\Content.IE5\AX4K0P63\desktop.ini Object is locked skipped
C:\Documents and Settings\San\Local Settings\Temporary Internet Files\Content.IE5\desktop.ini Object is locked skipped
C:\Documents and Settings\San\Local Settings\Temporary Internet Files\Content.IE5\HIW311T2\desktop.ini Object is locked skipped
C:\Documents and Settings\San\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\San\Local Settings\Temporary Internet Files\Content.IE5\ORANH5E3\desktop.ini Object is locked skipped
C:\Documents and Settings\San\Local Settings\Temporary Internet Files\Content.IE5\SGIF6OO2\desktop.ini Object is locked skipped
C:\Documents and Settings\San\Local Settings\Temporary Internet Files\desktop.ini Object is locked skipped
C:\Documents and Settings\San\My Documents\desktop.ini Object is locked skipped
C:\Documents and Settings\San\My Documents\My Google Gadgets\Analog Clock-Google.gg Object is locked skipped
C:\Documents and Settings\San\My Documents\My Google Gadgets\Battery Meter-Google.gg Object is locked skipped
C:\Documents and Settings\San\My Documents\My Google Gadgets\Digital Clock-Google.gg Object is locked skipped
C:\Documents and Settings\San\My Documents\My Google Gadgets\Google Gadget Tips-Google.gg Object is locked skipped
C:\Documents and Settings\San\My Documents\My Google Gadgets\Google Gadgets Calendar-Google.gg Object is locked skipped
C:\Documents and Settings\San\My Documents\My Google Gadgets\Media Player Remote-Google.gg Object is locked skipped
C:\Documents and Settings\San\My Documents\My Google Gadgets\Wireless Signal Meter-Google.gg Object is locked skipped
C:\Documents and Settings\San\My Documents\My Music\Desktop.ini Object is locked skipped
C:\Documents and Settings\San\My Documents\My Music\Sample Music.lnk Object is locked skipped
C:\Documents and Settings\San\My Documents\My Pictures\Desktop.ini Object is locked skipped
C:\Documents and Settings\San\My Documents\My Pictures\My Logitech Pictures\Pictures and Videos\FishTank.avi Object is locked skipped
C:\Documents and Settings\San\My Documents\My Pictures\My Logitech Pictures\Pictures and Videos\folder.dat Object is locked skipped
C:\Documents and Settings\San\My Documents\My Pictures\My Logitech Pictures\Pictures and Videos\Henry.jpg Object is locked skipped
C:\Documents and Settings\San\My Documents\My Pictures\Sample Pictures.lnk Object is locked skipped
C:\Documents and Settings\San\My Documents\My Videos\Desktop.ini Object is locked skipped
C:\Documents and Settings\San\My Documents\SecureDrive.vol Object is locked skipped
C:\Documents and Settings\San\My Documents\SkypeSoundEqt.PDF Object is locked skipped
C:\Documents and Settings\San\NetHood\My Web Sites on MSN\Desktop.ini Object is locked skipped
C:\Documents and Settings\San\NetHood\My Web Sites on MSN\target.lnk Object is locked skipped
C:\Documents and Settings\San\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\San\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\San\ntuser.ini Object is locked skipped
C:\Documents and Settings\San\Recent\00_ResearchtoFindandAccess.lnk Object is locked skipped
C:\Documents and Settings\San\Recent\06_Instructions2_for Zlob removal.lnk Object is locked skipped
C:\Documents and Settings\San\Recent\AfricanFellowsFields.lnk Object is locked skipped
C:\Documents and Settings\San\Recent\CSIRT.lnk Object is locked skipped
C:\Documents and Settings\San\Recent\ctrlemlmem4.lnk Object is locked skipped
C:\Documents and Settings\San\Recent\Desktop.ini Object is locked skipped
C:\Documents and Settings\San\Recent\Digital Line Detect.lnk.lnk Object is locked skipped
C:\Documents and Settings\San\Recent\eml.lnk Object is locked skipped
C:\Documents and Settings\San\Recent\HP Digital Imaging Monitor.lnk.lnk Object is locked skipped
C:\Documents and Settings\San\Recent\Humphrey06-07 Fellows Profile List for web.lnk Object is locked skipped
C:\Documents and Settings\San\Recent\Humphrey06-07_Analysed.lnk Object is locked skipped
C:\Documents and Settings\San\Recent\HumphreySite.lnk Object is locked skipped
C:\Documents and Settings\San\Recent\HumpreyGeneral.lnk Object is locked skipped
C:\Documents and Settings\San\Recent\Logitech Desktop Messenger.lnk.lnk Object is locked skipped
C:\Documents and Settings\San\Recent\Logitech SetPoint.lnk.lnk Object is locked skipped
C:\Documents and Settings\San\Recent\PerformanceMeter.lnk Object is locked skipped
C:\Documents and Settings\San\Recent\RegionalAlumni workshop guidelines.lnk Object is locked skipped
C:\Documents and Settings\San\Recent\Registration.lnk Object is locked skipped
C:\Documents and Settings\San\Recent\SkypeSoundEqt.lnk Object is locked skipped
C:\Documents and Settings\San\Recent\Specifications.lnk Object is locked skipped
C:\Documents and Settings\San\Recent\Startup.lnk Object is locked skipped
 
Kapersky log - part 4

C:\Documents and Settings\San\Recent\TenderSpecs_June07.lnk Object is locked skipped
C:\Documents and Settings\San\Recent\THE RISE OF THE VIRTUAL MACHINES.lnk Object is locked skipped
C:\Documents and Settings\San\Recent\USCert-websiteReviewFreeTools.lnk Object is locked skipped
C:\Documents and Settings\San\Recent\utils.lnk Object is locked skipped
C:\Documents and Settings\San\Recent\Venkat_pdf.lnk Object is locked skipped
C:\Documents and Settings\San\Recent\Virtualization.lnk Object is locked skipped
C:\Documents and Settings\San\Recent\Virutalization and DATA CENTER.lnk Object is locked skipped
C:\Documents and Settings\San\Recent\Zlob_infection.lnk Object is locked skipped
C:\Documents and Settings\San\SendTo\Bluetooth\desktop.ini Object is locked skipped
C:\Documents and Settings\San\SendTo\Bluetooth\Other....lnk Object is locked skipped
C:\Documents and Settings\San\SendTo\Compressed (zipped) Folder.ZFSendToTarget Object is locked skipped
C:\Documents and Settings\San\SendTo\Desktop (create shortcut).DeskLink Object is locked skipped
C:\Documents and Settings\San\SendTo\desktop.ini Object is locked skipped
C:\Documents and Settings\San\SendTo\Mail Recipient.MAPIMail Object is locked skipped
C:\Documents and Settings\San\SendTo\My Documents.mydocs Object is locked skipped
C:\Documents and Settings\San\Start Menu\desktop.ini Object is locked skipped
C:\Documents and Settings\San\Start Menu\Programs\Accessories\Accessibility\desktop.ini Object is locked skipped
C:\Documents and Settings\San\Start Menu\Programs\Accessories\Accessibility\Magnifier.lnk Object is locked skipped
C:\Documents and Settings\San\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk Object is locked skipped
C:\Documents and Settings\San\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk Object is locked skipped
C:\Documents and Settings\San\Start Menu\Programs\Accessories\Accessibility\Utility Manager.lnk Object is locked skipped
C:\Documents and Settings\San\Start Menu\Programs\Accessories\Address Book.lnk Object is locked skipped
C:\Documents and Settings\San\Start Menu\Programs\Accessories\Command Prompt.lnk Object is locked skipped
C:\Documents and Settings\San\Start Menu\Programs\Accessories\desktop.ini Object is locked skipped
C:\Documents and Settings\San\Start Menu\Programs\Accessories\Entertainment\desktop.ini Object is locked skipped
C:\Documents and Settings\San\Start Menu\Programs\Accessories\Notepad.lnk Object is locked skipped
C:\Documents and Settings\San\Start Menu\Programs\Accessories\Program Compatibility Wizard.lnk Object is locked skipped
C:\Documents and Settings\San\Start Menu\Programs\Accessories\Synchronize.lnk Object is locked skipped
C:\Documents and Settings\San\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk Object is locked skipped
C:\Documents and Settings\San\Start Menu\Programs\Accessories\Tour Windows XP.lnk Object is locked skipped
C:\Documents and Settings\San\Start Menu\Programs\Accessories\Windows Explorer.lnk Object is locked skipped
C:\Documents and Settings\San\Start Menu\Programs\Administrative Tools\desktop.ini Object is locked skipped
C:\Documents and Settings\San\Start Menu\Programs\desktop.ini Object is locked skipped
C:\Documents and Settings\San\Start Menu\Programs\Internet Explorer.lnk Object is locked skipped
C:\Documents and Settings\San\Start Menu\Programs\Outlook Express.lnk Object is locked skipped
C:\Documents and Settings\San\Start Menu\Programs\Remote Assistance.lnk Object is locked skipped
C:\Documents and Settings\San\Start Menu\Programs\Startup\desktop.ini Object is locked skipped
C:\Documents and Settings\San\Start Menu\Programs\Windows Media Player.lnk Object is locked skipped
C:\Documents and Settings\San\Templates\amipro.sam Object is locked skipped
C:\Documents and Settings\San\Templates\excel.xls Object is locked skipped
C:\Documents and Settings\San\Templates\excel4.xls Object is locked skipped
C:\Documents and Settings\San\Templates\lotus.wk4 Object is locked skipped
C:\Documents and Settings\San\Templates\powerpnt.ppt Object is locked skipped
C:\Documents and Settings\San\Templates\presenta.shw Object is locked skipped
C:\Documents and Settings\San\Templates\quattro.wb2 Object is locked skipped
C:\Documents and Settings\San\Templates\sndrec.wav Object is locked skipped
C:\Documents and Settings\San\Templates\winword.doc Object is locked skipped
C:\Documents and Settings\San\Templates\winword2.doc Object is locked skipped
C:\Documents and Settings\San\Templates\wordpfct.wpd Object is locked skipped
C:\Documents and Settings\San\Templates\wordpfct.wpg Object is locked skipped
C:\Documents and Settings\sanybill\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\sanybill\Local Settings\Application Data\ApplicationHistory\cli.exe.c88dbd71.ini.inuse Object is locked skipped
C:\Documents and Settings\sanybill\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\sanybill\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\sanybill\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\sanybill\Local Settings\Temp\Perflib_Perfdata_1290.dat Object is locked skipped
C:\Documents and Settings\sanybill\Local Settings\Temp\Perflib_Perfdata_17b4.dat Object is locked skipped
C:\Documents and Settings\sanybill\Local Settings\Temp\~DF3ACC.tmp Object is locked skipped
C:\Documents and Settings\sanybill\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\sanybill\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\sanybill\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\sanybill\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Veoh Networks\Veoh\client.log Object is locked skipped
C:\Program Files\Veoh Networks\Veoh\upload.log Object is locked skipped
C:\RECYCLER\S-1-5-21-3247866205-2105670090-2518177237-1005\Dc13.tmp Object is locked skipped
C:\RECYCLER\S-1-5-21-3247866205-2105670090-2518177237-1005\Dc14.tmp Object is locked skipped
C:\RECYCLER\S-1-5-21-3247866205-2105670090-2518177237-1005\Dc15.tmp Object is locked skipped
C:\RECYCLER\S-1-5-21-3247866205-2105670090-2518177237-1005\Dc16.tmp Object is locked skipped
C:\RECYCLER\S-1-5-21-3247866205-2105670090-2518177237-1005\Dc17.tmp Object is locked skipped
C:\RECYCLER\S-1-5-21-3247866205-2105670090-2518177237-1005\Dc18.tmp Object is locked skipped
C:\RECYCLER\S-1-5-21-3247866205-2105670090-2518177237-1005\Dc19.tmp Object is locked skipped
C:\RECYCLER\S-1-5-21-3247866205-2105670090-2518177237-1005\Dc20.tmp Object is locked skipped
C:\RECYCLER\S-1-5-21-3247866205-2105670090-2518177237-1005\Dc21.tmp Object is locked skipped
C:\RECYCLER\S-1-5-21-3247866205-2105670090-2518177237-1005\Dc22.tmp Object is locked skipped
C:\RECYCLER\S-1-5-21-3247866205-2105670090-2518177237-1005\Dc23.tmp Object is locked skipped
C:\RECYCLER\S-1-5-21-3247866205-2105670090-2518177237-1005\Dc24.tmp Object is locked skipped
C:\RECYCLER\S-1-5-21-3247866205-2105670090-2518177237-1005\Dc25.tmp Object is locked skipped
C:\RECYCLER\S-1-5-21-3247866205-2105670090-2518177237-1005\Dc26.doc Object is locked skipped
C:\RECYCLER\S-1-5-21-3247866205-2105670090-2518177237-1005\Dc27.tmp Object is locked skipped
C:\RECYCLER\S-1-5-21-3247866205-2105670090-2518177237-1005\Dc28.tmp Object is locked skipped
C:\RECYCLER\S-1-5-21-3247866205-2105670090-2518177237-1005\Dc29.log Object is locked skipped
C:\RECYCLER\S-1-5-21-3247866205-2105670090-2518177237-1005\Dc30.REG Object is locked skipped
C:\RECYCLER\S-1-5-21-3247866205-2105670090-2518177237-1005\Dc31.xml Object is locked skipped
C:\RECYCLER\S-1-5-21-3247866205-2105670090-2518177237-1005\Dc32.log Object is locked skipped
C:\RECYCLER\S-1-5-21-3247866205-2105670090-2518177237-1005\Dc33.log Object is locked skipped
C:\RECYCLER\S-1-5-21-3247866205-2105670090-2518177237-1005\Dc34.LOG Object is locked skipped
C:\RECYCLER\S-1-5-21-3247866205-2105670090-2518177237-1005\Dc35.exe Object is locked skipped
C:\RECYCLER\S-1-5-21-3247866205-2105670090-2518177237-1005\Dc37.log Object is locked skipped
C:\RECYCLER\S-1-5-21-3247866205-2105670090-2518177237-1005\Dc4\{07986C34-8325-D60A-26AA-163746389479}\1033\strings.xml Object is locked skipped
C:\RECYCLER\S-1-5-21-3247866205-2105670090-2518177237-1005\Dc4\{07986C34-8325-D60A-26AA-163746389479}\gadget.gmanifest Object is locked skipped
C:\RECYCLER\S-1-5-21-3247866205-2105670090-2518177237-1005\Dc4\{152A2428-1F10-2637-7FD6-33E69889E11E}\1033\strings.xml Object is locked skipped
C:\RECYCLER\S-1-5-21-3247866205-2105670090-2518177237-1005\Dc4\{152A2428-1F10-2637-7FD6-33E69889E11E}\gadget.gmanifest Object is locked skipped
C:\RECYCLER\S-1-5-21-3247866205-2105670090-2518177237-1005\Dc4\{6626DBDA-021B-C749-EBCA-74A7599F594C}\1033\strings.xml Object is locked skipped
C:\RECYCLER\S-1-5-21-3247866205-2105670090-2518177237-1005\Dc4\{6626DBDA-021B-C749-EBCA-74A7599F594C}\gadget.gmanifest Object is locked skipped
C:\RECYCLER\S-1-5-21-3247866205-2105670090-2518177237-1005\Dc4\{8B21D205-5F03-5C5C-0DCF-F83BC74BCACF}\1033\strings.xml Object is locked skipped
C:\RECYCLER\S-1-5-21-3247866205-2105670090-2518177237-1005\Dc4\{8B21D205-5F03-5C5C-0DCF-F83BC74BCACF}\gadget.gmanifest Object is locked skipped
C:\RECYCLER\S-1-5-21-3247866205-2105670090-2518177237-1005\Dc4\{B6B175A4-44C6-0025-87C8-40A6A6E898D5}\1033\strings.xml Object is locked skipped
C:\RECYCLER\S-1-5-21-3247866205-2105670090-2518177237-1005\Dc4\{B6B175A4-44C6-0025-87C8-40A6A6E898D5}\gadget.gmanifest Object is locked skipped
C:\RECYCLER\S-1-5-21-3247866205-2105670090-2518177237-1005\Dc4\{D6C33382-7C05-88A5-BC3D-752C772BE1E1}\1033\strings.xml Object is locked skipped
C:\RECYCLER\S-1-5-21-3247866205-2105670090-2518177237-1005\Dc4\{D6C33382-7C05-88A5-BC3D-752C772BE1E1}\gadget.gmanifest Object is locked skipped
C:\RECYCLER\S-1-5-21-3247866205-2105670090-2518177237-1005\Dc4\{E8F29EC9-2661-B048-53C9-3514B3A6BDEF}\1033\strings.xml Object is locked skipped
C:\RECYCLER\S-1-5-21-3247866205-2105670090-2518177237-1005\Dc4\{E8F29EC9-2661-B048-53C9-3514B3A6BDEF}\gadget.gmanifest Object is locked skipped
C:\RECYCLER\S-1-5-21-3247866205-2105670090-2518177237-1005\Dc40.LOG Object is locked skipped
C:\RECYCLER\S-1-5-21-3247866205-2105670090-2518177237-1005\Dc9\firstrun.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\config\ACEEvent.evt Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\DEFAULT Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\SOFTWARE Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SYSTEM Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\spool\PRINTERS\00002.SPL Object is locked skipped
C:\WINDOWS\system32\spool\PRINTERS\00004.SPL Object is locked skipped
C:\WINDOWS\system32\spool\PRINTERS\00005.SPL Object is locked skipped
C:\WINDOWS\system32\spool\PRINTERS\00009.SPL Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\Temp\Perflib_Perfdata_3c8.dat Object is locked skipped
C:\WINDOWS\Temp\Perflib_Perfdata_a0c.dat Object is locked skipped
C:\WINDOWS\Temp\vmware-serverd.log Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped

Scan process completed.
 
Hi

Empty this folder:

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\

Empty Recycle Bin

Otherwise looking good :)

Still problems?
 
You must log in or register to reply here.
Back
Top