Hey all, got a friends computer here with some problems. I ran Nod32 antivirus, superantispyware, spybot s and d, spywareblaster, malwarebytes antimalware, CCleaner, and updated all the java, firefox, ie, windows updates, etc. all system restore points were cleaned out, and several reboots done. Can someone take a quick look and see if its all clean now?
Attached are the logs. Thanks!
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:20:45 PM, on 29/09/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\ibmpmsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\System32\QCONSVC.EXE
C:\WINDOWS\System32\RegSrvc.exe
C:\WINDOWS\system32\TpKmpSVC.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
F1 - win.ini: run= C:\WESTWOOD\REDALERT\INSTICON.EXE
O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\iepro.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [S3TRAY2] S3Tray2.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe irprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [TP4EX] tp4ex.exe
O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE
O9 - Extra button: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1222652533576
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: IBM PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\System32\ibmpmsvc.exe
O23 - Service: QCONSVC - Unknown owner - C:\WINDOWS\System32\QCONSVC.EXE
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\System32\S24EvMon.exe
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe
--
End of file - 6157 bytes
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 09/29/2008 at 02:12 PM
Application Version : 4.21.1004
Core Rules Database Version : 3581
Trace Rules Database Version: 1569
Scan type : Complete Scan
Total Scan Time : 05:21:36
Memory items scanned : 343
Memory threats detected : 0
Registry items scanned : 4442
Registry threats detected : 0
File items scanned : 13997
File threats detected : 0
Malwarebytes' Anti-Malware 1.28
Database version: 1221
Windows 5.1.2600 Service Pack 3
29/09/2008 2:06:42 PM
mbam-log-2008-09-29 (14-06-42).txt
Scan type: Full Scan (C:\|D:\|)
Objects scanned: 68495
Time elapsed: 5 hour(s), 14 minute(s), 45 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
Scan Log
Version of virus signature database: 3373 (20080821)
Date: 29/09/2008 Time: 2:35:20 PM
Scanned disks, folders and files: C:\
C:\pagefile.sys - error opening [4]
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MicrosoftWindowsSecurityCenterdisabled.zip » ZIP » sbRecovery.reg - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MicrosoftWindowsSecurityCenterdisabled.zip » ZIP » sbRecovery.ini - error - password-protected file
C:\Documents and Settings\LocalService\NTUSER.DAT - error opening [4]
C:\Documents and Settings\LocalService\ntuser.dat.LOG - error opening [4]
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat - error opening [4]
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG - error opening [4]
C:\Documents and Settings\NetworkService\NTUSER.DAT - error opening [4]
C:\Documents and Settings\NetworkService\ntuser.dat.LOG - error opening [4]
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat - error opening [4]
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG - error opening [4]
C:\Documents and Settings\Preferred Customer\NTUSER.DAT - error opening [4]
C:\Documents and Settings\Preferred Customer\ntuser.dat.LOG - error opening [4]
C:\Documents and Settings\Preferred Customer\Application Data\Mozilla\Firefox\Profiles\iozs8ekg.default\extensions\bettergmail2@ginatrapani.org\chrome.manifest » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Preferred Customer\Application Data\Mozilla\Firefox\Profiles\iozs8ekg.default\extensions\elemhidehelper@adblockplus.org\chrome\elemhidehelper.jar » ZIP » locale/ca-AD/global.properties » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Preferred Customer\Application Data\Mozilla\Firefox\Profiles\iozs8ekg.default\extensions\elemhidehelper@adblockplus.org\chrome\elemhidehelper.jar » ZIP » locale/cs-CZ/global.properties » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Preferred Customer\Application Data\Mozilla\Firefox\Profiles\iozs8ekg.default\extensions\elemhidehelper@adblockplus.org\chrome\elemhidehelper.jar » ZIP » locale/da-DK/global.properties » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Preferred Customer\Application Data\Mozilla\Firefox\Profiles\iozs8ekg.default\extensions\elemhidehelper@adblockplus.org\chrome\elemhidehelper.jar » ZIP » locale/de-DE/global.properties » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Preferred Customer\Application Data\Mozilla\Firefox\Profiles\iozs8ekg.default\extensions\elemhidehelper@adblockplus.org\chrome\elemhidehelper.jar » ZIP » locale/el-GR/global.properties » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Preferred Customer\Application Data\Mozilla\Firefox\Profiles\iozs8ekg.default\extensions\elemhidehelper@adblockplus.org\chrome\elemhidehelper.jar » ZIP » locale/en-GB/global.properties » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Preferred Customer\Application Data\Mozilla\Firefox\Profiles\iozs8ekg.default\extensions\elemhidehelper@adblockplus.org\chrome\elemhidehelper.jar » ZIP » locale/en-US/global.properties » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Preferred Customer\Application Data\Mozilla\Firefox\Profiles\iozs8ekg.default\extensions\elemhidehelper@adblockplus.org\chrome\elemhidehelper.jar » ZIP » locale/es-ES/global.properties » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Preferred Customer\Application Data\Mozilla\Firefox\Profiles\iozs8ekg.default\extensions\elemhidehelper@adblockplus.org\chrome\elemhidehelper.jar » ZIP » locale/et-EE/global.properties » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Preferred Customer\Application Data\Mozilla\Firefox\Profiles\iozs8ekg.default\extensions\elemhidehelper@adblockplus.org\chrome\elemhidehelper.jar » ZIP » locale/fi-FI/global.properties » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Preferred Customer\Application Data\Mozilla\Firefox\Profiles\iozs8ekg.default\extensions\elemhidehelper@adblockplus.org\chrome\elemhidehelper.jar » ZIP » locale/fr-FR/global.properties » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Preferred Customer\Application Data\Mozilla\Firefox\Profiles\iozs8ekg.default\extensions\elemhidehelper@adblockplus.org\chrome\elemhidehelper.jar » ZIP » locale/he-IL/global.properties » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Preferred Customer\Application Data\Mozilla\Firefox\Profiles\iozs8ekg.default\extensions\elemhidehelper@adblockplus.org\chrome\elemhidehelper.jar » ZIP » locale/hr-HR/global.properties » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Preferred Customer\Application Data\Mozilla\Firefox\Profiles\iozs8ekg.default\extensions\elemhidehelper@adblockplus.org\chrome\elemhidehelper.jar » ZIP » locale/hu-HU/global.properties » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Preferred Customer\Application Data\Mozilla\Firefox\Profiles\iozs8ekg.default\extensions\elemhidehelper@adblockplus.org\chrome\elemhidehelper.jar » ZIP » locale/it-IT/global.properties » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Preferred Customer\Application Data\Mozilla\Firefox\Profiles\iozs8ekg.default\extensions\elemhidehelper@adblockplus.org\chrome\elemhidehelper.jar » ZIP » locale/ja-JP/global.properties » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Preferred Customer\Application Data\Mozilla\Firefox\Profiles\iozs8ekg.default\extensions\elemhidehelper@adblockplus.org\chrome\elemhidehelper.jar » ZIP » locale/ko-KR/global.properties » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Preferred Customer\Application Data\Mozilla\Firefox\Profiles\iozs8ekg.default\extensions\elemhidehelper@adblockplus.org\chrome\elemhidehelper.jar » ZIP » locale/lt-LT/global.properties » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Preferred Customer\Application Data\Mozilla\Firefox\Profiles\iozs8ekg.default\extensions\elemhidehelper@adblockplus.org\chrome\elemhidehelper.jar » ZIP » locale/nb-NO/global.properties » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Preferred Customer\Application Data\Mozilla\Firefox\Profiles\iozs8ekg.default\extensions\elemhidehelper@adblockplus.org\chrome\elemhidehelper.jar » ZIP » locale/nl-NL/global.properties » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Preferred Customer\Application Data\Mozilla\Firefox\Profiles\iozs8ekg.default\extensions\elemhidehelper@adblockplus.org\chrome\elemhidehelper.jar » ZIP » locale/pl-PL/global.properties » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Preferred Customer\Application Data\Mozilla\Firefox\Profiles\iozs8ekg.default\extensions\elemhidehelper@adblockplus.org\chrome\elemhidehelper.jar » ZIP » locale/pt-BR/global.properties » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Preferred Customer\Application Data\Mozilla\Firefox\Profiles\iozs8ekg.default\extensions\elemhidehelper@adblockplus.org\chrome\elemhidehelper.jar » ZIP » locale/pt-PT/global.properties » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Preferred Customer\Application Data\Mozilla\Firefox\Profiles\iozs8ekg.default\extensions\elemhidehelper@adblockplus.org\chrome\elemhidehelper.jar » ZIP » locale/ro-RO/global.properties » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Preferred Customer\Application Data\Mozilla\Firefox\Profiles\iozs8ekg.default\extensions\elemhidehelper@adblockplus.org\chrome\elemhidehelper.jar » ZIP » locale/ru-RU/global.properties » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Preferred Customer\Application Data\Mozilla\Firefox\Profiles\iozs8ekg.default\extensions\elemhidehelper@adblockplus.org\chrome\elemhidehelper.jar » ZIP » locale/sk-SK/global.properties » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Preferred Customer\Application Data\Mozilla\Firefox\Profiles\iozs8ekg.default\extensions\elemhidehelper@adblockplus.org\chrome\elemhidehelper.jar » ZIP » locale/sq-AL/global.properties » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Preferred Customer\Application Data\Mozilla\Firefox\Profiles\iozs8ekg.default\extensions\elemhidehelper@adblockplus.org\chrome\elemhidehelper.jar » ZIP » locale/sv-SE/global.properties » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Preferred Customer\Application Data\Mozilla\Firefox\Profiles\iozs8ekg.default\extensions\elemhidehelper@adblockplus.org\chrome\elemhidehelper.jar » ZIP » locale/th-TH/global.properties » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Preferred Customer\Application Data\Mozilla\Firefox\Profiles\iozs8ekg.default\extensions\elemhidehelper@adblockplus.org\chrome\elemhidehelper.jar » ZIP » locale/tr-TR/global.properties » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Preferred Customer\Application Data\Mozilla\Firefox\Profiles\iozs8ekg.default\extensions\elemhidehelper@adblockplus.org\chrome\elemhidehelper.jar » ZIP » locale/uk-UA/global.properties » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Preferred Customer\Application Data\Mozilla\Firefox\Profiles\iozs8ekg.default\extensions\elemhidehelper@adblockplus.org\chrome\elemhidehelper.jar » ZIP » locale/vi-VN/global.properties » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Preferred Customer\Application Data\Mozilla\Firefox\Profiles\iozs8ekg.default\extensions\elemhidehelper@adblockplus.org\chrome\elemhidehelper.jar » ZIP » locale/zh-CN/global.properties » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Preferred Customer\Application Data\Mozilla\Firefox\Profiles\iozs8ekg.default\extensions\elemhidehelper@adblockplus.org\chrome\elemhidehelper.jar » ZIP » locale/zh-TW/global.properties » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Preferred Customer\Application Data\Mozilla\Firefox\Profiles\iozs8ekg.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}\chrome.manifest » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Preferred Customer\Application Data\Mozilla\Firefox\Profiles\iozs8ekg.default\extensions\{37fa1426-b82d-11db-8314-0800200c9a66}\chrome.manifest » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Preferred Customer\Application Data\Mozilla\Firefox\Profiles\iozs8ekg.default\extensions\{63df8e21-711c-4074-a257-b065cadc28d8}\chrome.manifest » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Preferred Customer\Application Data\Mozilla\Firefox\Profiles\iozs8ekg.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}\chrome.manifest » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Preferred Customer\Application Data\Mozilla\Firefox\Profiles\iozs8ekg.default\extensions\{daf44bf7-a45e-4450-979c-91cf07434c3d}\chrome.manifest » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Preferred Customer\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-28-2008 - 18-10-54.SBU » ZIP » {4E3E6A58-EDC2-45C6-8927-A3CF1A7844E0} - error - password-protected file
C:\Documents and Settings\Preferred Customer\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-28-2008 - 18-10-54.SBU » ZIP » {517C1F28-CEB0-481B-8ECC-80D05880C70F} - error - password-protected file
C:\Documents and Settings\Preferred Customer\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-28-2008 - 18-10-54.SBU » ZIP » {607A41DA-EE67-4F73-829E-1B4BDF2B7410} - error - password-protected file
C:\Documents and Settings\Preferred Customer\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-28-2008 - 18-10-54.SBU » ZIP » {615E2CDD-C414-40BF-8241-2A341E761396} - error - password-protected file
C:\Documents and Settings\Preferred Customer\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-28-2008 - 18-10-54.SBU » ZIP » backup.db - error - password-protected file
C:\Documents and Settings\Preferred Customer\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat - error opening [4]
C:\Documents and Settings\Preferred Customer\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG - error opening [4]
C:\I386\COMPDATA\MSMQCOMP.TXT » MIME - is OK (internal scanning not performed)
C:\IBMTOOLS\DRIVERS\ETHINTVE\PRO100\WINNT4\NMS\NMSCFG.SYS » CAB - file is not an archive
C:\IBMTOOLS\DRIVERS\ETHINTVE\PRO1000\WINNT4\NMS\NMSCFG.SYS » CAB - file is not an archive
C:\Program Files\Common Files\Java\Update\Base Images\jre1.6.0.b105\core3.zip » ZIP » lib/deploy/ffjcext.zip » ZIP » {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}/chrome.manifest » MIME - is OK (internal scanning not performed)
C:\Program Files\Common Files\Java\Update\Base Images\jre1.6.0.b105\core3.zip » ZIP » lib/resources.jar » ZIP » com/sun/org/apache/xerces/internal/impl/msg/XIncludeMessages.properties » MIME - is OK (internal scanning not performed)
C:\Program Files\Common Files\Java\Update\Base Images\jre1.6.0.b105\core3.zip » ZIP » lib/resources.jar » ZIP » com/sun/xml/internal/fastinfoset/resources/ResourceBundle.properties » MIME - is OK (internal scanning not performed)
C:\Program Files\Common Files\Java\Update\Base Images\jre1.6.0.b105\core3.zip » ZIP » lib/resources.jar » ZIP » javax/xml/bind/Messages.properties » MIME - is OK (internal scanning not performed)
C:\Program Files\Java\jre1.6.0_07\lib\resources.jar » ZIP » com/sun/org/apache/xerces/internal/impl/msg/XIncludeMessages.properties » MIME - is OK (internal scanning not performed)
C:\Program Files\Java\jre1.6.0_07\lib\resources.jar » ZIP » com/sun/xml/internal/fastinfoset/resources/ResourceBundle.properties » MIME - is OK (internal scanning not performed)
C:\Program Files\Java\jre1.6.0_07\lib\resources.jar » ZIP » javax/xml/bind/Messages.properties » MIME - is OK (internal scanning not performed)
C:\Program Files\Java\jre1.6.0_07\lib\deploy\ffjcext.zip » ZIP » {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}/chrome.manifest » MIME - is OK (internal scanning not performed)
C:\Program Files\Mozilla Firefox\chrome\browser.manifest » MIME - is OK (internal scanning not performed)
C:\Program Files\Mozilla Firefox\chrome\comm.manifest » MIME - is OK (internal scanning not performed)
C:\Program Files\Mozilla Firefox\chrome\pippki.manifest » MIME - is OK (internal scanning not performed)
C:\Program Files\Mozilla Firefox\chrome\reporter.manifest » MIME - is OK (internal scanning not performed)
C:\Program Files\Mozilla Firefox\chrome\toolkit.manifest » MIME - is OK (internal scanning not performed)
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome.manifest » MIME - is OK (internal scanning not performed)
C:\Program Files\PartyGaming\PartyCasino\ProductVersion.txt » MIME - is OK (internal scanning not performed)
C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs_setup.cab » CAB » Chrome_manifest.3643236F_FC70_11D3_A536_0090278A1BB8 » MIME - is OK (internal scanning not performed)
C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\chrome.manifest » MIME - is OK (internal scanning not performed)
C:\WINDOWS\system32\CatRoot2\edb.log - error opening [4]
C:\WINDOWS\system32\CatRoot2\tmp.edb - error opening [4]
C:\WINDOWS\system32\config\DEFAULT - error opening [4]
C:\WINDOWS\system32\config\default.LOG - error opening [4]
C:\WINDOWS\system32\config\SAM - error opening [4]
C:\WINDOWS\system32\config\SAM.LOG - error opening [4]
C:\WINDOWS\system32\config\SECURITY - error opening [4]
C:\WINDOWS\system32\config\SECURITY.LOG - error opening [4]
C:\WINDOWS\system32\config\SOFTWARE - error opening [4]
C:\WINDOWS\system32\config\software.LOG - error opening [4]
C:\WINDOWS\system32\config\SYSTEM - error opening [4]
C:\WINDOWS\system32\config\system.LOG - error opening [4]
Number of scanned objects: 204118
Number of threats found: 0
Time of completion: 3:05:13 PM Total scanning time: 1793 sec (00:29:53)
Full Version: A friends computer logs
The log looks good to go, 1984.
Awesome! thank you Sir! 
Anytime
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.