Hello again JSntgRvr,
Everything went fine, I was unable to run Panda Activsescan with your instructions.
Here are the 3 logs you asked for. Thanks.
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Thursday, January 25, 2007 8:03:08 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 26/01/2007
Kaspersky Anti-Virus database records: 262055
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer:
A:\
C:\
D:\
Scan Statistics:
Total number of scanned objects: 132311
Number of viruses found: 6
Number of infected objects: 6 / 0
Number of suspicious objects: 5
Duration of the scan process: 01:30:49
Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\06f1738f838d4d03b1d5bfb613965bbd_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\075c72de79cfe082527af6cf0a6251aa_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0807d24d83b383d744843dbdf7df83c2_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0af01f0dc57c7c0f9f2e420a36ec7c5c_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0ff7eda3993a05543761633816615ac4_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\10135fd3bca553466f620804913d746a_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\145274ddbb609a34a71513db8d22233c_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1a0c2c7a7e638fd421f10ebe6a225d83_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\203d1c717c84f177af06fd973de72cd6_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\24a62345a10942dc2aa1230a1afab08d_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2642725c7821d2e5f83800c66e0d7cea_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2b548ecb151d1de0a07c88f34ac97d2a_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\31ea83f3581bff014a294b63391cc992_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3508672e6a707a95075d9b6f56cb345a_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\360fabc9b00bd02e134a8310ca8298b9_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\413dcdaba2b7ee233923fb0afe537301_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\426c00688a6fdf13b121e8ebabb2f82a_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\459259212786b89a3b584ca28f2d636d_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\47055420e1c88e8c89f558fc54c9e546_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4f5252b5df9e3a34fdaaa01e6f0f3bd8_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4f931d8b8d578e2cc179b6eab11db70e_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\52f6d9a2ad4b8303ed9adb9a6248237f_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5493a68d623ecff9667d1a1b9a3cc266_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\572c3c164444aa8aa9803852bb7c4e9f_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\599ee39a9c70d6cddd6e9ecc51f720ef_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6568ebfc90b9bd592dc13ffceb5d1aa8_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6e8a48f8813a6f7360e52d2c9f60042c_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\751c1d76cc3d9e9bbfecd6ea27ba6edf_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\795488acb43fb102aba07151ebb57f30_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7d00ffabd0b26675b260b4fca9a2257d_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\84d119fb64e8359408c81de3e583e012_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\877cbc510b892a7e7d0889e73e58339c_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\88b3f898ae49f6696387bd80e3f2dc24_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8e6a3ba3ebffa20a3f64dad5ec873836_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8e79063c8d47190aa64e49a548dbba17_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8f1892ead28bf98268a2534828c7a99c_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\90475218fc98fd31feed719d9c731d1d_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\90e2843b3c46d622d79ca0a43cb46a3d_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\913a848fb3cb09ed489bfbfabfe26fef_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\933ece581e2ffaa679bf2ddda3514ffb_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\97b3ac830190fa0efddd302e96746beb_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9c66e67d9d99cf9bd652ecd970da7120_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a0ead9b06abb851b338eeec8708c7e7a_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a433e23c7faac6ea4dcb29514eb39634_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a4f4c03c6e8a8e2f51f547341dc632aa_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\aa780e4af1e5afc77010a475c2258ee8_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\aca74860c66dead5c051c35629e4384a_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\b3c192f116ae9bcf6ac9d0ee241756f4_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\b536073309381defd2d13529c6a30f41_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\b7888f3d3b7360bd5d029be079db9bbb_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\b819cbbe93ce734a358eb67b8a5ba1ef_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\bb0def7826001fa9a0a60ab47b454996_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\bc5004f0267099b4e2f99923f17a9e08_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\bd69a14edcbd8341223c42328927164f_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\bec0d9fccfd3bff4dca75ba73114c3f3_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\c8b8df62bca952f3df72f0e9042c49c7_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\c9c1f7a97990faa09ee8a85febe0d7d0_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\ccb3e3803945240d2f74201883d465af_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\d026703d80f52786b621cbbd27bb9ccd_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\d18e4babd5b268d55504fcdebaf1cd79_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\daba967f5492901f6221eb61d6ce955b_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\dc9f07cd67c9aae9a0eab2e2c9b9a617_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\e0e19ef5487fc99a3f98c9abe32d0ce4_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\e40c77818a07050c2af6c4d9a16799f1_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\f04ba5535f9f50ae2f63ac0db1386f21_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\f1a4a8de8bcec3b9e41e1501c187541f_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\f3a6bd54d23112c055beda04741d7d47_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\f493715c91d477a3a690f34ceccaad55_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\f886bf2e83b29e2b06e5c3f71b8475ed_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\f938fb4cf759fdf503f748d984acf219_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\f956d1abfb04322f6ed501b047b1d7b5_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\fb8ca65f246a4687c74217ab454a5127_e6506961-a06a-4927-8e9e-1b6ecc3f46dc Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\Windows\Application Data\Interitchfive\13129.del Infected: not-a-virus:AdWare.Win32.Lop.ag skipped
C:\Documents and Settings\Windows\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Windows\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Windows\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Windows\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Windows\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Windows\My Documents\All to All ( MP3, OGG, WMA 8, WAV) converter+crack\All to All ( MP3, OGG, WMA 8, WAV) converter+crack.zip/Audio_Conversion_Wizard_Crack.zip/acw.exe Suspicious: Packed.Win32.PePatch.dk skipped
C:\Documents and Settings\Windows\My Documents\All to All ( MP3, OGG, WMA 8, WAV) converter+crack\All to All ( MP3, OGG, WMA 8, WAV) converter+crack.zip/Audio_Conversion_Wizard_Crack.zip Suspicious: Packed.Win32.PePatch.dk skipped
C:\Documents and Settings\Windows\My Documents\All to All ( MP3, OGG, WMA 8, WAV) converter+crack\All to All ( MP3, OGG, WMA 8, WAV) converter+crack.zip ZIP: suspicious - 2 skipped
C:\Documents and Settings\Windows\My Documents\All to All ( MP3, OGG, WMA 8, WAV) converter+crack\Audio_Conversion_Wizard_Crack.zip/acw.exe Suspicious: Packed.Win32.PePatch.dk skipped
C:\Documents and Settings\Windows\My Documents\All to All ( MP3, OGG, WMA 8, WAV) converter+crack\Audio_Conversion_Wizard_Crack.zip ZIP: suspicious - 1 skipped
C:\Documents and Settings\Windows\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Windows\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Panda Software\Panda Antivirus Platinum\Firewall\rawlog.log Object is locked skipped
C:\Program Files\Panda Software\Panda Antivirus Platinum\Firewall\seclog.log Object is locked skipped
C:\Program Files\Panda Software\Panda Antivirus Platinum\Firewall\syslog.log Object is locked skipped
C:\Program Files\Panda Software\Panda Antivirus Platinum\Firewall\tralog.log Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{1A5613EE-42E2-46E0-84AB-436AE4A87004}\RP4\A0000777.exe Infected: Trojan-Downloader.Win32.Swizzor.fg skipped
C:\System Volume Information\_restore{1A5613EE-42E2-46E0-84AB-436AE4A87004}\RP7\A0002152.exe Infected: not-virus:Hoax.Win32.Renos.gs skipped
C:\System Volume Information\_restore{1A5613EE-42E2-46E0-84AB-436AE4A87004}\RP7\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\ipreg32.dll Infected: Trojan-Downloader.Win32.Domcom.d skipped
C:\WINDOWS\Downloaded Program Files\ipreg32.dll Infected: Trojan-Downloader.Win32.Domcom.d skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\c0o81a0n.ini Infected: not-a-virus:AdWare.Win32.Sahat.ao skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\pavjob.log Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\Temp\PAV60760 Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
Scan process completed.
Pocket Killbox version 2.0.0.648
Running on Windows XP as Windows(Administrator)
was started @ Wednesday, January 24, 2007, 3:23 PM
Killbox Closed(Exit) @ 3:25:22 PM
__________________________________________________
Pocket Killbox version 2.0.0.648
Running on Windows XP as Windows(Administrator)
was started @ Wednesday, January 24, 2007, 3:38 PM
# 1 [Delete on Reboot]
Path = C:\WINDOWS\System32\ERTYDF.exe
# 2 [Delete on Reboot]
Path = C:\WINDOWS\System32\ERTYDF.exe
# 3 [Delete on Reboot]
Path = C:\WINDOWS\System32\syspanel.exe
# 4 [Delete on Reboot]
Path = C:\WINDOWS\System32\SysSupport.exe
# 5 [Delete on Reboot]
Path = C:\WINDOWS\System32\borlandg.exe
# 6 [Delete on Reboot]
Path = C:\WINDOWS\System32\SysSupport.exe
# 7 [Delete on Reboot]
Path = C:\WINDOWS\System32\pushow27.dll
PendingFileRenameOperations Registry Data has been Removed by External Process! @ 3:46:49 PM
Killbox Closed(Exit) @ 3:47:04 PM
__________________________________________________
Volume in drive C has no label.
Volume Serial Number is 3496-3E74
Directory of C:\!Killbox
24/01/2007 03:23 PM <DIR> .
24/01/2007 03:23 PM <DIR> ..
24/01/2007 03:23 PM <DIR> Logs
0 File(s) 0 bytes
3 Dir(s) 17,430,908,928 bytes free
Volume in drive C has no label.
Volume Serial Number is 3496-3E74
Directory of C:\Documents and Settings\Windows\start menu\programs\startup
18/01/2007 04:33 PM <DIR> .
18/01/2007 04:33 PM <DIR> ..
0 File(s) 0 bytes
2 Dir(s) 17,430,908,928 bytes free
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Logfile of HijackThis v1.99.1
Scan saved at 8:11:24 PM, on 25/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5346.0005)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Panda Software\Panda Antivirus Platinum\Firewall\PavFires.exe
C:\Program Files\Panda Software\Panda Antivirus Platinum\pavsrv51.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Panda Software\Panda Antivirus Platinum\APVXDWIN.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Panda Software\Panda Antivirus Platinum\pavProxy.exe
C:\Program Files\Java\jre1.5.0_06\bin\jucheck.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SynCor.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Panda Software\Panda Antivirus Platinum\AVENGINE.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HijackThis\HijackThis.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft....cid={SUB_CLCID}O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-ca\msntb.dll (file missing)
O3 - Toolbar: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files\Panda Software\Panda Antivirus Platinum\Inicio.exe"
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Antivirus Platinum\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [QuickFinder Scheduler] "C:\Program Files\Corel\WordPerfect Office 2002\Programs\QFSCHD100.EXE"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - Startup: csrss.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe
O9 - Extra 'Tools' menuitem: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O15 - Trusted Zone: *.searchmeup.cc (HKLM)
O16 - DPF: RaptisoftGameLoader -
http://www.miniclip....tgameloader.cabO16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
http://messenger.zon...kr.cab31267.cabO16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) -
http://www.kaspersky...can_unicode.cabO16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) -
http://www.musicnote...ad/mnviewer.cabO16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) -
http://messenger.zon...nt.cab31267.cabO16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft....k/?linkid=39204O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) -
http://messenger.zon...er.cab28578.cabO16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) -
http://us.chat1.yimg...v45/yacscom.cabO16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) -
http://us.dl1.yimg.c...s/yinst0401.cabO16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
http://spaces.msn.co...ad/MsnPUpld.cabO16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) -
http://messenger.zon...1/GAME_UNO1.cabO16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (Yahoo! Audio UI1) -
http://chat.yahoo.com/cab/yacsui.cabO16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) -
http://messenger.zon...nt.cab28578.cabO16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://acs.pandasoft...free/asinst.cabO16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) -
http://www.sibelius....tiveXPlugin.cabO16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) -
http://messenger.msn...pDownloader.cabO16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) -
http://messenger.zon...ro.cab53083.cabO16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) -
https://roxypalace.m...lay/FlashAX.cabO16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) -
http://messenger.zon...wn.cab28578.cabO18 - Protocol: bt2 - {1730B77B-F429-498F-9B15-4514D83C8294} - C:\PROGRA~1\BT2Net\BT2PLU~1.DLL (file missing)
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter: application/x-bt2 - {6E1DDCE8-76BC-4390-9488-806E8FB1AD77} - C:\PROGRA~1\BT2Net\BT2PLU~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\Pacsptisvr.exe
O23 - Service: Panda Firewall Service (PAVFIRES) - Panda Software - C:\Program Files\Panda Software\Panda Antivirus Platinum\Firewall\PavFires.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software - C:\Program Files\Panda Software\Panda Antivirus Platinum\pavsrv51.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\Sptisrv.exe
Edited by Iron_Canuck, 25 January 2007 - 07:13 PM.