Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Need Help with SSTQP.dll removal

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Need Help with SSTQP.dll removal

Unread postby distinctedge » September 28th, 2007, 12:34 am

I have all P2P off.

Vundofix and fixvundo give a clean bill of health.

Hijackthis cannot delete.

Trojan Hunter cannot find this particular one.

Super Antispyware and Spyware Doctor both identify as Trojan Virtumonde but cannot delete.

I have also ran these in safe mode to no avail.

Now as I write this Avast has found another trojan, without scanning. Win32:DSSdoor-B.

The SSTQP.dll is running with MS C:\WINDOWS\system32\lsass.exe


Here is the hijackthis log:

Logfile of HijackThis v1.99.1
Scan saved at 9:03:57 PM, on 9/27/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\RFA Platinum\rfagent.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Norton Password Manager\AcctMgr.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\Program Files\MpcStar\Codecs\QuickTime\QTSystem\qttask.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\AceLogix\Free Ram Optimizer\fro.exe
C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\BitTorrent_DNA\dna.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
C:\PROGRA~1\Nero\PHOTOS~1\data\Xtras\mssysmgr.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\PROGRA~1\AWS\WEATHE~1\Weather.exe
C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
C:\Program Files\TechTracker\VersionTracker Pro\VersionTrackerPro.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe
C:\HP\KBD\KBD.EXE
c:\windows\system\hpsysdrv.exe
C:\Program Files\DISC\DISCover.exe
C:\Program Files\DISC\DiscUpdMgr.exe
C:\Program Files\DISC\DiscStreamHub.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\TrojanHunter 5.0\TrojanHunter.exe
C:\Program Files\TrojanHunter 5.0\THGuard.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://news.google.com/nwshp?tab=wn
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\pchealth\helpctr\System\panels\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\pchealth\helpctr\System\panels\blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {83FAA3C2-542D-4D67-9BC9-A1CFD29CF491} - C:\WINDOWS\system32\sstqp.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: hpWebHelper Class - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
O4 - HKLM\..\Run: [DMAScheduler] "c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [rfagent] "C:\Program Files\RFA Platinum\rfagent.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [AcctMgr] C:\Program Files\Norton Password Manager\AcctMgr.exe /startup
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\MpcStar\Codecs\QuickTime\QTSystem\qttask.exe" -atboottime
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [AntiSpyWare2Guard] C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWare2Guard.exe
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 5.0\THGuard.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Free Ram Optimizer] C:\Program Files\AceLogix\Free Ram Optimizer\fro.exe
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [ares ultra] "C:\Program Files\Ares Ultra\Ares Ultra.exe" -h
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\BitTorrent_DNA\dna.exe"
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Nero PhotoShow Media Manager] C:\PROGRA~1\Nero\PHOTOS~1\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [Weather] C:\PROGRA~1\AWS\WEATHE~1\Weather.exe 1
O4 - HKCU\..\RunOnce: [] C:\Program Files\Internet Explorer\iexplore.exe http://www.symantec.com/techsupp/servle ... A.000000B7
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Updates From HP.lnk = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
O4 - Global Startup: VersionTracker Pro.lnk = ?
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.c ... 040510.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 9639996078
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~4\Office12\GR99D3~1.DLL
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - (no file)
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: awtuvsq - awtuvsq.dll (file missing)
O20 - Winlogon Notify: iifcdaw - iifcdaw.dll (file missing)
O20 - Winlogon Notify: iifgfed - iifgfed.dll (file missing)
O20 - Winlogon Notify: yayyyay - yayyyay.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ashampoo AntiSpyWare 2 Service (AASW2_Service) - Unknown owner - C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe
O23 - Service: Adobe Version Cue CS3 - Unknown owner - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe" -win32service (file missing)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares Ultra\chatServer.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Bonjour Service - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\NSWBE07100\Support\ccCommon\ccCommon\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Intel(R) Quick Resume technology (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\NSWBE07100\Support\ccCommon\ccCommon\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: LiveUpdate Notice Service - Unknown owner - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll (file missing)
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe

Thanks in advance,

The Castlestormer
distinctedge
Regular Member
 
Posts: 17
Joined: September 27th, 2007, 7:00 pm
Advertisement
Register to Remove

I think it is fixed.

Unread postby distinctedge » September 28th, 2007, 12:23 pm

For now it appears that combo fix did the job ever so effortlessly. Nice tool!!

The Castlestormer
distinctedge
Regular Member
 
Posts: 17
Joined: September 27th, 2007, 7:00 pm

Unread postby Katana » October 1st, 2007, 9:19 pm

Hello and welcome to the forums

My name is Katana and I will be helping you to remove any infection(s) that you may have.

Please observe these rules while we work:
1. If you don't know, stop and ask! Don't keep going on.
2. Please reply to this thread. Do not start a new topic.
3. Please continue to respond until I give you the "All Clear"
(Just because you can't see a problem doesn't mean it isn't there)

If you can do those three things, everything should go smoothly :D

I apologize for the delay in responding, but as you can probably see the forums are quite busy
and helpers look for posts with zero replies.
Unfortunately there are far more people needing help than there are helpers.

Given that Win32:DSSdoor-B. is a backdoor password stealer,
I would recommend that you post a fresh HJT log
User avatar
Katana
MRU Teacher Emeritus
 
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester

Unread postby distinctedge » October 2nd, 2007, 11:22 am

Hi Katana,

Thank you for the response.

OK here is the latest HJT

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:18, on 2007-10-02
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\PROGRA~1\NORTON~3\NORTON~1\NPROTECT.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\PROGRA~1\NORTON~3\NORTON~1\SPEEDD~1\NOPDB.EXE
C:\PROGRA~1\SPYWAR~2\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\RFA Platinum\rfagent.exe
C:\PROGRA~1\SPYWAR~2\SpywareTerminatorShield.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWare2Guard.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\PROGRA~1\Nero\PHOTOS~1\data\xtras\mssysmgr.exe
C:\Program Files\AceLogix\Free Ram Optimizer\fro.exe
C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\BitTorrent\bittorrent.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Norton SystemWorks Basic Edition\Norton Utilities\SYSDOC32.EXE
C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\TechTracker\VersionTracker Pro\VersionTrackerPro.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\Program Files\Norton Password Manager\AcctMgr.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\DISC\DISCover.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\DISC\DiscUpdMgr.exe
C:\Program Files\DISC\DiscStreamHub.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
C:\Program Files\LimeWire\LimeWire.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
C:\Program Files\Symantec\LiveUpdate\LUALL.EXE
C:\Program Files\Windows Live\Mail\wlmail.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://news.google.com/nwshp?tab=wn
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?.home=ytie
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?.home=ytie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customi ... .yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\pchealth\helpctr\System\panels\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: hpWebHelper Class - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn2\yt.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [rfagent] "C:\Program Files\RFA Platinum\rfagent.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\PROGRA~1\SPYWAR~2\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
O4 - HKLM\..\Run: [AntiSpyWare2Guard] C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWare2Guard.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "c:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [AcctMgr] C:\Program Files\Norton Password Manager\AcctMgr.exe /startup
O4 - HKLM\..\Run: [Corel Photo Downloader] "C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup
O4 - HKLM\..\RunOnce: [C:\PROGRA~1\NORTON~2\ppWebWnd.dll] C:\WINDOWS\system32\regsvr32.exe /s "C:\PROGRA~1\NORTON~2\ppWebWnd.dll"
O4 - HKLM\..\RunOnce: [C:\PROGRA~1\COMMON~1\SYMANT~1\drWebWnd.dll] C:\WINDOWS\system32\regsvr32.exe /s "C:\PROGRA~1\COMMON~1\SYMANT~1\drWebWnd.dll"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Nero PhotoShow Media Manager] C:\PROGRA~1\Nero\PHOTOS~1\data\xtras\mssysmgr.exe
O4 - HKCU\..\Run: [Free Ram Optimizer] C:\Program Files\AceLogix\Free Ram Optimizer\fro.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Uniblue SpyEraser] "C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe" -m
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [ares ultra] "C:\Program Files\Ares Ultra\Ares Ultra.exe" -h
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Norton System Doctor.LNK = ?
O4 - Global Startup: Updates From HP.lnk = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
O4 - Global Startup: VersionTracker Pro.lnk = ?
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks Basic Edition\Norton Cleanup\WCQuick.lnk
O9 - Extra 'Tools' menuitem: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks Basic Edition\Norton Cleanup\WCQuick.lnk
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://*.trymedia.com (HKLM)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 1061435187
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~4\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ashampoo AntiSpyWare 2 Service (AASW2_Service) - Unknown owner - C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Intel(R) Quick Resume technology (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Norton UnErase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~3\NORTON~1\NPROTECT.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~3\NORTON~1\SPEEDD~1\NOPDB.EXE
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\PROGRA~1\SPYWAR~2\sp_rsser.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe

--
End of file - 19399 bytes


Thanks again,

The CastleStormer
distinctedge
Regular Member
 
Posts: 17
Joined: September 27th, 2007, 7:00 pm

Unread postby Katana » October 2nd, 2007, 5:46 pm

IMPORTANT I notice there are signs of one or more P2P (Person to Person) File Sharing Programs on your computer.

Bittorent
Ares Ultra


I'd like you to read the Guidelines for P2P Programs where we explain why it's not a good idea to have them.

Also available here.

My recommendation is you go to Control Panel > Add/Remove Programs and uninstall the programs listed above (in red).
Please note: you must NOT use this whilst we are cleaning your machine.

Fix With HJT
Close all other windows and then start HiJack This
Click Do A System Scan Only
When it has finished scanning put a check next to the following lines
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customi ... .yahoo.com

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

- Close ALL open windows (especially Internet Explorer!)-
Now click Fix checked
Click yes to any prompts
Close HijackThis

Kaspersky Online Scanner .

Go Here http://www.kaspersky.com/virusscanner

Read the Requirements and limitations before you click Accept.
Allow the ActiveX download if necessary
Once the database has downloaded, click Next.
Click Scan Settings and change the "Scan using the following antivirus database" from standard to extended and then click OK.
Click on "My Computer" and then put the kettle on!
When the scan has completed, click Save Report As...
Enter a name for the file in the Filename: text box and then click the down arrow to the right of Save as type: and select text file (*.txt)
Click Save - by default the file will be saved to your Desktop, but you can change this if you wish.

Please post a fresh HJT log along with the Kaspersky Log in you reply
User avatar
Katana
MRU Teacher Emeritus
 
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester

Unread postby distinctedge » October 3rd, 2007, 10:05 pm

Hello Again Katana,

Ok here is the Kaspersky report:

KASPERSKY ONLINE SCANNER REPORT
2007-10-03 18:21
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.93.1
Kaspersky Anti-Virus database last update: 3/10/2007
Kaspersky Anti-Virus database records: 426846

Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true
Scan Target My Computer
C:\
D:\
E:\
F:\
G:\
H:\
I:\
J:\
K:\
L:\
Scan Statistics
Total number of scanned objects 369477
Number of viruses found 12
Number of infected objects 33
Number of suspicious objects 0
Duration of the scan process 08:13:53

Infected Object Name Virus Name Last Action
C:\Documents and Settings\All Users\Application Data\Microsoft\eHome\logs\ehRecvr.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.2.Crwl Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.2.gthr Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\MSS.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\MSStmp.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010001.wid Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010002.wid Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010003.wid Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010004.wid Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010005.wid Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010006.wid Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010007.wid Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010008.wid Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010009.wid Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000A.wid Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000B.wid Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000C.wid Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010011.wid Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010015.wid Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010016.wid Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010018.wid Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001B.wid Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001D.ci Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001D.wid Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001D.wsb Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\INDEX.000 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\CiPT0000.000 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\Used0000.000 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore\CiST0000.000 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk1.gthr Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk2.gthr Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy4.gthr Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\tmp.edb Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Windows.edb Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Ntf5.tmp Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Ntf6.tmp Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Perflib_Perfdata_dfc.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Nero\Nero8\Nero BackItUp\Cache\NeroBackItUpScheduler3.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\settings.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\2007-10-03_Log.ALUSchedulerSvc.LiveUpdate Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBConfig.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBDebug.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBDetect.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBNotify.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBRefr.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetCfg.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetCfg2.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetDev.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetLoc.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetUsr.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBStHash.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBValid.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\SPPolicy.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\SPStart.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\SPStop.log Object is locked skipped
C:\Documents and Settings\All Users\Documents\Media Center Shortcuts\1Click DVD Copy Pro.lnk Object is locked skipped
C:\Documents and Settings\All Users\Documents\Media Center Shortcuts\1st Video Converter.lnk Object is locked skipped
C:\Documents and Settings\All Users\Documents\Media Center Shortcuts\Absolute Video Converter.lnk Object is locked skipped
C:\Documents and Settings\All Users\Documents\Media Center Shortcuts\CyberLink PowerDVD.lnk Object is locked skipped
C:\Documents and Settings\All Users\Documents\Media Center Shortcuts\Dr. DivX.lnk Object is locked skipped
C:\Documents and Settings\All Users\Documents\Media Center Shortcuts\Magic DVD Copier.lnk Object is locked skipped
C:\Documents and Settings\All Users\Documents\Media Center Shortcuts\Nidesoft MP4 Video Converter 2.0.lnk Object is locked skipped
C:\Documents and Settings\All Users\Documents\Media Center Shortcuts\Nidesoft Zune Video Converter 2.0.lnk Object is locked skipped
C:\Documents and Settings\All Users\Documents\Media Center Shortcuts\Shortcut to dswin.lnk Object is locked skipped
C:\Documents and Settings\All Users\Documents\Media Center Shortcuts\VoomTube.lnk Object is locked skipped
C:\Documents and Settings\All Users\Documents\Media Center Shortcuts\Xilisoft DVD Audio Ripper 4.lnk Object is locked skipped
C:\Documents and Settings\All Users\Documents\Media Center Shortcuts\Xilisoft DVD Creator.lnk Object is locked skipped
C:\Documents and Settings\All Users\Documents\Media Center Shortcuts\Xilisoft DVD Ripper 4.lnk Object is locked skipped
C:\Documents and Settings\All Users\Documents\Media Center Shortcuts\Xilisoft DVD to 3GP Converter 4.lnk Object is locked skipped
C:\Documents and Settings\All Users\Documents\Media Center Shortcuts\Xilisoft DVD to DivX Converter 4.lnk Object is locked skipped
C:\Documents and Settings\All Users\Documents\Media Center Shortcuts\Xilisoft DVD to iPod Converter 4.lnk Object is locked skipped
C:\Documents and Settings\All Users\Documents\Media Center Shortcuts\Xilisoft DVD to PSP Converter 4.lnk Object is locked skipped
C:\Documents and Settings\All Users\Documents\Media Center Shortcuts\Xilisoft DVD to WMV Converter 4.lnk Object is locked skipped
C:\Documents and Settings\All Users\Documents\Media Center Shortcuts\Xilisoft MOV Converter 3.lnk Object is locked skipped
C:\Documents and Settings\All Users\Documents\Media Center Shortcuts\Xilisoft MOV Converter Wizard 3.lnk Object is locked skipped
C:\Documents and Settings\All Users\Documents\Media Center Shortcuts\Xilisoft RM Converter 3.lnk Object is locked skipped
C:\Documents and Settings\All Users\Documents\Media Center Shortcuts\Xilisoft RM Converter Wizard 3.lnk Object is locked skipped
C:\Documents and Settings\All Users\Documents\Media Center Shortcuts\Xilisoft Video Converter 3.lnk Object is locked skipped
C:\Documents and Settings\All Users\Documents\Media Center Shortcuts\Xilisoft Video Converter Wizard 3.lnk Object is locked skipped
C:\Documents and Settings\All Users\Documents\Recorded TV\TempRec\TempSBE\MSDVRMM_3569709026_1179648_285418 Object is locked skipped
C:\Documents and Settings\All Users\Documents\Recorded TV\TempRec\TempSBE\MSDVRMM_3569709026_720896_285417 Object is locked skipped
C:\Documents and Settings\All Users\Documents\Recorded TV\TempRec\TempSBE\SBE3.tmp Object is locked skipped
C:\Documents and Settings\All Users\Documents\Recorded TV\TempRec\TempSBE\SBE4.tmp Object is locked skipped
C:\Documents and Settings\All Users\Documents\Recorded TV\TempRec\{206DAA98-B827-47C6-95BB-9CFDEB90BD45}.TmpSBE Object is locked skipped
C:\Documents and Settings\All Users\Documents\Recorded TV\TempRec\{D7EC53E1-9CD9-48ED-A549-81F8B3E4037C}.TmpSBE Object is locked skipped
C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp Object is locked skipped
C:\Documents and Settings\All Users\DRM\drmstore.hds Object is locked skipped
C:\Documents and Settings\HP_Administrator\Application Data\$_hpcst$.hpc Object is locked skipped
C:\Documents and Settings\HP_Administrator\Application Data\Roxio\MediaManager10\Album.ldb Object is locked skipped
C:\Documents and Settings\HP_Administrator\Application Data\Roxio\MediaManager10\Album.psod Object is locked skipped
C:\Documents and Settings\HP_Administrator\Application Data\Skype\castlestormer\call256.dbb Object is locked skipped
C:\Documents and Settings\HP_Administrator\Application Data\Skype\castlestormer\callmember256.dbb Object is locked skipped
C:\Documents and Settings\HP_Administrator\Application Data\Skype\castlestormer\chat512.dbb Object is locked skipped
C:\Documents and Settings\HP_Administrator\Application Data\Skype\castlestormer\chatmember256.dbb Object is locked skipped
C:\Documents and Settings\HP_Administrator\Application Data\Skype\castlestormer\chatmsg1024.dbb Object is locked skipped
C:\Documents and Settings\HP_Administrator\Application Data\Skype\castlestormer\chatmsg2048.dbb Object is locked skipped
C:\Documents and Settings\HP_Administrator\Application Data\Skype\castlestormer\chatmsg256.dbb Object is locked skipped
C:\Documents and Settings\HP_Administrator\Application Data\Skype\castlestormer\chatmsg4096.dbb Object is locked skipped
C:\Documents and Settings\HP_Administrator\Application Data\Skype\castlestormer\chatmsg512.dbb Object is locked skipped
C:\Documents and Settings\HP_Administrator\Application Data\Skype\castlestormer\contactgroup256.dbb Object is locked skipped
C:\Documents and Settings\HP_Administrator\Application Data\Skype\castlestormer\dyncontent\bundle.dat Object is locked skipped
C:\Documents and Settings\HP_Administrator\Application Data\Skype\castlestormer\index2.dat Object is locked skipped
C:\Documents and Settings\HP_Administrator\Application Data\Skype\castlestormer\profile256.dbb Object is locked skipped
C:\Documents and Settings\HP_Administrator\Application Data\Skype\castlestormer\transfer256.dbb Object is locked skipped
C:\Documents and Settings\HP_Administrator\Application Data\Skype\castlestormer\transfer512.dbb Object is locked skipped
C:\Documents and Settings\HP_Administrator\Application Data\Skype\castlestormer\user1024.dbb Object is locked skipped
C:\Documents and Settings\HP_Administrator\Application Data\Skype\castlestormer\user4096.dbb Object is locked skipped
C:\Documents and Settings\HP_Administrator\Application Data\Skype\castlestormer\voicemail256.dbb Object is locked skipped
C:\Documents and Settings\HP_Administrator\Application Data\Spyware Terminator\Reports\scan_0000.dat.xml Object is locked skipped
C:\Documents and Settings\HP_Administrator\Application Data\Spyware Terminator\Reports\scan_0001.dat.xml Object is locked skipped
C:\Documents and Settings\HP_Administrator\Application Data\Spyware Terminator\Reports\scan_0002.dat.xml Object is locked skipped
C:\Documents and Settings\HP_Administrator\Application Data\Spyware Terminator\Reports\scan_0003.dat.xml Object is locked skipped
C:\Documents and Settings\HP_Administrator\Application Data\Spyware Terminator\Reports\scan_0004.dat.xml Object is locked skipped
C:\Documents and Settings\HP_Administrator\Application Data\Spyware Terminator\Reports\scan_0005.dat.xml Object is locked skipped
C:\Documents and Settings\HP_Administrator\Application Data\Spyware Terminator\Reports\scan_0006.dat.xml Object is locked skipped
C:\Documents and Settings\HP_Administrator\Application Data\Spyware Terminator\Reports\scan_0007.dat.xml Object is locked skipped
C:\Documents and Settings\HP_Administrator\Application Data\Spyware Terminator\Reports\scan_0008.dat.xml Object is locked skipped
C:\Documents and Settings\HP_Administrator\Application Data\Spyware Terminator\Reports\scan_0009.dat.xml Object is locked skipped
C:\Documents and Settings\HP_Administrator\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\HP_Administrator\Desktop\AntiSpyware\Combo fix\log.txt Object is locked skipped
C:\Documents and Settings\HP_Administrator\Desktop\Needs reset\Photo Stuff\Adobe Illustrator CS3.lnk Object is locked skipped
C:\Documents and Settings\HP_Administrator\Desktop\Needs reset\Photo Stuff\Adobe Photoshop CS3.lnk Object is locked skipped
C:\Documents and Settings\HP_Administrator\Desktop\Needs reset\Photo Stuff\Microsoft Digital Image Pro 10.lnk Object is locked skipped
C:\Documents and Settings\HP_Administrator\Desktop\Needs reset\Photo Stuff\Shortcut to autorun.lnk Object is locked skipped
C:\Documents and Settings\HP_Administrator\Desktop\Needs reset\Spyware\Ashampoo AntiSpyWare 2.lnk Object is locked skipped
C:\Documents and Settings\HP_Administrator\Desktop\Needs reset\Spyware\Mischel Internet Security - Updating Your TrojanHunterT Rule Files Manually.url Object is locked skipped
C:\Documents and Settings\HP_Administrator\Desktop\Needs reset\Spyware\Norton Security Scan.lnk Object is locked skipped
C:\Documents and Settings\HP_Administrator\Desktop\Needs reset\Spyware\RunScanner.exe Object is locked skipped
C:\Documents and Settings\HP_Administrator\Desktop\Needs reset\Spyware\Shortcut to NSS.lnk Object is locked skipped
C:\Documents and Settings\HP_Administrator\Desktop\Needs reset\Spyware\Shortcut to TrojanHunter 4.2.lnk Object is locked skipped
C:\Documents and Settings\HP_Administrator\Desktop\Needs reset\Spyware\Spybot - Search & Destroy.lnk Object is locked skipped
C:\Documents and Settings\HP_Administrator\Desktop\Needs reset\Spyware\Spyware Doctor.lnk Object is locked skipped
C:\Documents and Settings\HP_Administrator\Desktop\Needs reset\Spyware\Spyware Terminator.lnk Object is locked skipped
C:\Documents and Settings\HP_Administrator\Desktop\Needs reset\Spyware\StartUp Manager.lnk Object is locked skipped
C:\Documents and Settings\HP_Administrator\Desktop\Needs reset\Spyware\SUPERAntiSpyware Professional.lnk Object is locked skipped
C:\Documents and Settings\HP_Administrator\Desktop\Needs reset\Spyware\Trojan Remover.lnk Object is locked skipped
C:\Documents and Settings\HP_Administrator\Desktop\Needs reset\Spyware\TrojanHunter.lnk Object is locked skipped
C:\Documents and Settings\HP_Administrator\Desktop\Needs reset\Spyware\VundoFix.exe Object is locked skipped
C:\Documents and Settings\HP_Administrator\Desktop\New Folder\Shortcut to WebWave.lnk Object is locked skipped
C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Ahead\Nero Home\bl.db Object is locked skipped
C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Ahead\Nero Home\is2.db Object is locked skipped
C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\ApplicationHistory\DiscStreamHub.exe.fddeaf63.ini.inuse Object is locked skipped
C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\ApplicationHistory\DiscUpdMgr.exe.f0c5ac89.ini.inuse Object is locked skipped
C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Microsoft\Desktop Search\Logs\OTFSMonLog.txt Object is locked skipped
C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped
C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Yahoo\Widget Engine\Widget Data\Yahoo! Weather\location data.db Object is locked skipped
C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Yahoo\Widget Engine\Widget Data\Yahoo! Widget Gallery\Widget Data\Seen Widgets.db Object is locked skipped
C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Yahoo\Widget Engine\Widgets DB\widgets.db Object is locked skipped
C:\Documents and Settings\HP_Administrator\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\HP_Administrator\Local Settings\History\History.IE5\MSHist012007100220071003\index.dat Object is locked skipped
C:\Documents and Settings\HP_Administrator\Local Settings\Temp\WCESLog.log Object is locked skipped
C:\Documents and Settings\HP_Administrator\Local Settings\Temp\~DFCA51.tmp Object is locked skipped
C:\Documents and Settings\HP_Administrator\Local Settings\Temp\~DFCA6F.tmp Object is locked skipped
C:\Documents and Settings\HP_Administrator\Local Settings\Temp\~ROMFN_00000918 Object is locked skipped
C:\Documents and Settings\HP_Administrator\Local Settings\Temp\~ROMFN_00001464 Object is locked skipped
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\HP_Administrator\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\HP_Administrator\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\hpcmerr.log Object is locked skipped
C:\online installs\Nero 8\Nero PhotoShow Express\nero_photoshow_express_5_setup.exe/data0017 Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\online installs\Nero 8\Nero PhotoShow Express\nero_photoshow_express_5_setup.exe NSIS: infected - 1 skipped
C:\online installs\Nero 8\Toolbar.exe Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\Program Files\Adobe\Adobe Device Central CS3\AdobeLM_libFNP.dll Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcrst.dll Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsys.dll Object is locked skipped
C:\Program Files\Nero\Nero8\Nero BackItUp\BIU2.txt Object is locked skipped
C:\Program Files\Nero\PhotoShow 5\data\Xtras\nero_photoshow_express_5_setup.exe/data0017 Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\Program Files\Nero\PhotoShow 5\data\Xtras\nero_photoshow_express_5_setup.exe NSIS: infected - 1 skipped
C:\Program Files\Spyware Terminator\unins000.exe Object is locked skipped
C:\Program Files\Updates from HP\9972322\Users\Default\Data\chandir.dat Object is locked skipped
C:\Program Files\Updates from HP\9972322\Users\Default\Data\chandir.idx Object is locked skipped
C:\Program Files\Updates from HP\9972322\Users\Default\Data\chn.dat Object is locked skipped
C:\Program Files\Updates from HP\9972322\Users\Default\Data\chn.idx Object is locked skipped
C:\Program Files\Updates from HP\9972322\Users\Default\Data\D0000000.FCS Object is locked skipped
C:\Program Files\Updates from HP\9972322\Users\Default\Data\inuse.txt Object is locked skipped
C:\Program Files\Updates from HP\9972322\Users\Default\Data\L0000006.FCS Object is locked skipped
C:\Program Files\Updates from HP\9972322\Users\Default\Data\main.log Object is locked skipped
C:\Program Files\Updates from HP\9972322\Users\Default\Data\prs.dat Object is locked skipped
C:\Program Files\Updates from HP\9972322\Users\Default\Data\prs.idx Object is locked skipped
C:\Program Files\Updates from HP\9972322\Users\Default\Data\prs_die.dat Object is locked skipped
C:\Program Files\Updates from HP\9972322\Users\Default\Data\prs_die.idx Object is locked skipped
C:\Program Files\Updates from HP\9972322\Users\Default\Data\prs_dnd.dat Object is locked skipped
C:\Program Files\Updates from HP\9972322\Users\Default\Data\prs_dnd.idx Object is locked skipped
C:\Program Files\Updates from HP\9972322\Users\Default\Data\prs_ext.dat Object is locked skipped
C:\Program Files\Updates from HP\9972322\Users\Default\Data\prs_ext.idx Object is locked skipped
C:\Program Files\Updates from HP\9972322\Users\Default\Data\prs_rcv.dat Object is locked skipped
C:\Program Files\Updates from HP\9972322\Users\Default\Data\prs_rcv.idx Object is locked skipped
C:\Program Files\Updates from HP\9972322\Users\Default\Data\storydb.dat Object is locked skipped
C:\Program Files\Updates from HP\9972322\Users\Default\Data\storydb.idx Object is locked skipped
C:\Program Files\Yahoo!\YPSR\Quarantine\20070912042415.zip Object is locked skipped
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqdb.dat Object is locked skipped
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqsdb.dat Object is locked skipped
C:\qoobox\Quarantine\C\WINDOWS\main_uninstaller.exe.vir Infected: Trojan-Downloader.Win32.Zlob.cpx skipped
C:\qoobox\Quarantine\C\WINDOWS\nsduo.dll.vir Infected: not-a-virus:AdWare.Win32.Agent.kc skipped
C:\qoobox\Quarantine\catchme2007-09-28_ 90031.29.zip Object is locked skipped
C:\RECYCLER\NPROTECT\NPROTECT.LOG Object is locked skipped
C:\RECYCLER\S-1-5-21-874265949-2478572579-3184734211-1007\Dc10.log Object is locked skipped
C:\RECYCLER\S-1-5-21-874265949-2478572579-3184734211-1007\Dc9.png Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP21\A0007102.lnk Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0007772.lnk Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0007773.lnk Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0007774.lnk Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0007784.lnk Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0007790.lnk Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0007791.lnk Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0007796.lnk Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0007800.lnk Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0007951.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0007952.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0007953.EXE Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0007954.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0007955.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0007956.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0007957.exe Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0007958.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0007959.EXE Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0007960.exe Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0007961.msi Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0007962.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0007963.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0007964.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0007965.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0007966.spm Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0007967.spm Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0007968.spm Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0007969.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0007970.exe Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0007971.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0007972.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0007973.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0007974.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0007975.DLL Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0007976.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0007977.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0007978.DLL Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0007979.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0007980.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0007981.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0007982.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0007983.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0007984.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0007985.exe Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0007986.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0007987.MSI Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0007988.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0007989.exe Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0007990.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0007991.msi Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0007992.exe Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0007993.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0007994.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0007995.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0007996.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0007997.exe Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0007998.spm Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0007999.sys Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008000.sys Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008001.sys Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008002.sys Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008003.sys Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008004.cat Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008005.inf Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008006.sys Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008007.sys Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008008.exe Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008009.MSI Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008010.DLL Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008011.DLL Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008012.CAT Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008013.INF Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008014.SYS Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008015.DLL Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008016.DLL Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008017.EXE Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008018.SPM Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008019.exe Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008020.exe Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008021.msi Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008022.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008023.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008024.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008025.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008026.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008027.ocx Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008028.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008029.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008030.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008031.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008032.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008033.ocx Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008034.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008035.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008036.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008037.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008038.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008039.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008040.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008041.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008042.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008043.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008044.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008045.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008046.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008047.tlb Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008048.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008049.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008050.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008051.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008052.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008053.exe Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008054.exe Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008055.exe Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008056.exe Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008057.msi Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008058.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008059.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008060.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008061.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008062.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008063.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008064.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008065.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008066.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008067.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008068.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008069.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008070.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008071.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008072.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008073.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008074.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008075.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008076.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008077.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008078.exe Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008079.exe Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008080.exe Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008081.msi Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008082.msi Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008083.msi Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008084.msi Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008085.spm Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008086.spm Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008087.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008088.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008089.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008090.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008091.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008092.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008093.msi Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008094.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008095.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008096.exe Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008097.spm Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008098.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008099.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008100.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008101.exe Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008102.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008103.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008104.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008105.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008106.exe Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008107.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008108.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008109.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008110.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008111.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008112.exe Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008113.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008114.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008115.exe Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008116.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008117.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008118.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008119.spm Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008120.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008121.DLL Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008122.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008123.spm Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008124.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008125.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008126.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008127.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008128.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008129.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008130.msi Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008131.spm Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008132.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008133.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008134.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008135.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008136.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008137.exe Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008138.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008139.msi Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008140.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008141.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008142.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008143.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008144.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008145.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008146.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008147.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008148.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008149.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008150.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008151.DLL Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008152.DLL Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008153.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008154.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008155.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008156.SYS Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008157.SYS Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008158.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008159.DLL Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008160.exe Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008161.HLP Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008162.EXE Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008163.DLL Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008164.DLL Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008165.DLL Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008166.DLL Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008167.DLL Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008168.DLL Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008169.DLL Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008170.DLL Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008171.DLL Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008172.DLL Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008173.VXD Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008174.DLL Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008175.EXE Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008176.DLL Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008177.tlb Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008178.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008179.WipeSlack Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008180.WipeInfo Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008181.DLL Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008182.DLL Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008183.EXE Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008184.OCX Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008185.DLL Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008186.DLL Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008187.DLL Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008188.DLL Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008189.DLL Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008190.DLL Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008191.DLL Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008192.DLL Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008193.EXE Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008194.HLP Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008195.ICO Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008196.DLL Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008197.DLL Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008198.REG Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008199.DLL Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008200.EXE Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008201.HLP Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008202.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008203.DLL Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008204.DLL Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008205.DLL Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008206.EXE Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008207.HLP Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008208.EXE Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008209.HLP Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008210.EXE Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008211.HLP Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008212.DLL Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008213.DLL Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008214.DLL Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008215.DLL Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008216.EXE Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008217.DLL Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008218.EXE Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008219.VXD Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008220.EXE Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008221.HLP Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008222.EXE Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008223.DLL Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008224.DLL Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008225.HLP Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008226.DLL Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008227.DLL Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008228.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008229.ini Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008230.DLL Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008231.DLL Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008232.DLL Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008233.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008234.DLL Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008235.dll Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008236.exe Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008237.DLL Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008238.NSI Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008239.DLL Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008240.DLL Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008241.DLL Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008242.DLL Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008243.EXE Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008244.HLP Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008245.DLL Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008246.EXE Object is locked skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008247.HLP Object is locked skipped
C:\System Volume I
distinctedge
Regular Member
 
Posts: 17
Joined: September 27th, 2007, 7:00 pm

Unread postby distinctedge » October 3rd, 2007, 10:11 pm

C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008248.EXE
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008249.DLL
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008250.DLL
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008251.DLL
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008252.DLL
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008253.DLL
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008254.DLL
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008255.DLL
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008256.DLL
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008257.DLL
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008258.DLL
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008259.DLL
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008260.EXE
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008261.HLP
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008262.DLL
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008263.VXD
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008264.DLL
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008265.DLL
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008266.PID
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008267.EXE
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008268.reg
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008269.EXE
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008270.VXD
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008271.DLL
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008272.VXD
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008273.EXE
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008274.HLP
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008275.DLL
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008276.DLL
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008277.DLL
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008278.EXE
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008279.HLP
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008280.DLL
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008281.EXE
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008282.HLP
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008283.EXE
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008284.HLP
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008285.DLL
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008286.VXD
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008287.EXE
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008288.DLL
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008289.EXE
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008290.HLP
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008291.DLL
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008292.EXE
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008293.HLP
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008294.EXE
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008295.HLP
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008296.DLL
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008297.DLL
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008298.dll
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008299.DLL
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008300.dll
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008301.dll
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008302.DLL
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008303.dll
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008304.dll
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008305.exe
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008306.exe
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008307.DLL
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008308.dll
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008309.dll
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008310.DLL
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008311.dll
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008312.dll
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008313.dll
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008314.HLP
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008315.EXE
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008316.exe
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008317.dll
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008318.exe
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008319.dll
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008320.dll
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008321.dll
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008322.ini
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008323.dll
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008324.dll
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008325.HLP
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008326.msi
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008327.ini
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008328.dll
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008329.msi
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008330.msi
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008331.dll
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008332.dll
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008333.config
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008334.dll
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008335.dll
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008336.config
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008337.dll
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008338.config
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008339.dll
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008340.Config
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008341.msi
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008342.config
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008343.exe
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008344.dll
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008345.config
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008346.dll
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008347.dll
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008348.dll
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008349.config
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008350.dll
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008351.dll
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008352.dll
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008353.config
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008354.msi
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008355.exe
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008358.lnk
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP29\A0008359.LNK
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP34\A0009161.exe
Infected: Trojan-Downloader.Win32.Zlob.czi
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP34\A0009165.exe
Infected: Trojan-Downloader.Win32.Zlob.czi
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP34\A0009190.exe
Infected: Trojan-Downloader.Win32.Zlob.czk
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP34\A0009447.exe
Infected: Trojan-Downloader.Win32.Zlob.czi
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP34\A0009449.dll
Infected: not-a-virus:AdWare.Win32.Agent.lf
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP34\A0009450.OCX
Infected: Trojan.Win32.Agent.bto
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP34\A0009458.dll
Infected: not-a-virus:AdWare.Win32.Agent.kc
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP37\A0009551.EXE/crack.exe
Infected: Trojan-Downloader.Win32.Zlob.czk
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP37\A0009551.EXE
ZIP: infected - 1
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP41\A0010515.lnk
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP41\A0010519.lnk
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP41\A0010564.lnk
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP41\A0010661.lnk
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP41\A0010746.lnk
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP43\A0012428.dll
Infected: not-a-virus:AdWare.Win32.Agent.lg
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP55\A0019724.exe
Infected: Packed.Win32.PolyCrypt.d
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP55\A0019762.exe/data.rar/RunSequence.exe/script.au3
Infected: Backdoor.Win32.DSSdoor.c
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP55\A0019762.exe/data.rar/RunSequence.exe
Infected: Backdoor.Win32.DSSdoor.c
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP55\A0019762.exe/data.rar/_aps activator.exe
Infected: Backdoor.Win32.DSSdoor.c
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP55\A0019762.exe/data.rar
Infected: Backdoor.Win32.DSSdoor.c
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP55\A0019762.exe
RarSFX: infected - 4
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP56\A0020644.lnk
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP56\A0020645.lnk
Object is locked
skipped
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP68\change.log
Object is locked
skipped
C:\WINDOWS\Debug\PASSWD.LOG
Object is locked
skipped
C:\WINDOWS\div32.dll
Infected: not-a-virus:AdWare.Win32.Agent.lg
skipped
C:\WINDOWS\Registration\{02D4B3F1-FD88-11D1-960D-00805FC79235}.{A6F160EE-65D1-493C-AE33-2B482A636C93}.crmlog
Object is locked
skipped
C:\WINDOWS\SchedLgU.Txt
Object is locked
skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log
Object is locked
skipped
C:\WINDOWS\Sti_Trace.log
Object is locked
skipped
C:\WINDOWS\system32\CatRoot2\edb.log
Object is locked
skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb
Object is locked
skipped
C:\WINDOWS\system32\config\Antivirus.Evt
Object is locked
skipped
C:\WINDOWS\system32\config\AppEvent.Evt
Object is locked
skipped
C:\WINDOWS\system32\config\default
Object is locked
skipped
C:\WINDOWS\system32\config\default.LOG
Object is locked
skipped
C:\WINDOWS\system32\config\IntelDH.evt
Object is locked
skipped
C:\WINDOWS\system32\config\Internet.evt
Object is locked
skipped
C:\WINDOWS\system32\config\Media Ce.evt
Object is locked
skipped
C:\WINDOWS\system32\config\ODiag.evt
Object is locked
skipped
C:\WINDOWS\system32\config\OSession.evt
Object is locked
skipped
C:\WINDOWS\system32\config\SAM
Object is locked
skipped
C:\WINDOWS\system32\config\SAM.LOG
Object is locked
skipped
C:\WINDOWS\system32\config\SecEvent.Evt
Object is locked
skipped
C:\WINDOWS\system32\config\SECURITY
Object is locked
skipped
C:\WINDOWS\system32\config\SECURITY.LOG
Object is locked
skipped
C:\WINDOWS\system32\config\software
Object is locked
skipped
C:\WINDOWS\system32\config\software.LOG
Object is locked
skipped
C:\WINDOWS\system32\config\SysEvent.Evt
Object is locked
skipped
C:\WINDOWS\system32\config\system
Object is locked
skipped
C:\WINDOWS\system32\config\system.LOG
Object is locked
skipped
C:\WINDOWS\system32\h323log.txt
Object is locked
skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR
Object is locked
skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP
Object is locked
skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER
Object is locked
skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP
Object is locked
skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP
Object is locked
skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA
Object is locked
skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP
Object is locked
skipped
C:\WINDOWS\Temp\JET6CB6.tmp
Object is locked
skipped
C:\WINDOWS\Temp\Perflib_Perfdata_1604.dat
Object is locked
skipped
C:\WINDOWS\Temp\Perflib_Perfdata_6b8.dat
Object is locked
skipped
C:\WINDOWS\wiadebug.log
Object is locked
skipped
C:\WINDOWS\wiaservc.log
Object is locked
skipped
C:\WINDOWS\WindowsUpdate.log
Object is locked
skipped
distinctedge
Regular Member
 
Posts: 17
Joined: September 27th, 2007, 7:00 pm

Unread postby distinctedge » October 3rd, 2007, 10:14 pm

D:\1207124e6d1c4edf3f1e96\1033\finish.rtf
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\autorun.ico
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\autorun.inf
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\dbghelp.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\default.hta
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\default.htm
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\license.txt
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\microsoft.vc80.crt.manifest
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\msvcp80.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\msvcr80.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\readmesqlexp2005.htm
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\requirementssqlexp2005.htm
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\help\1033\setupsql9.chm
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\images\autorun_silver_bground.png
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\images\browse_cd.gif
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\images\license_agreement.gif
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\images\newsgroup.gif
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\images\release_notes.gif
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\images\server.gif
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\images\setup.gif
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\images\splash.bmp
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\images\sql_website.gif
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\libertysql.msp
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\msde2000.msp
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\msxml6.msi
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\msxml6_x64.msi
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\common files\microsoft shared\sql debugging\ssdebugps.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\80\tools\binn\msvcr71.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\80\tools\binn\resources\1033\sqldmo.rll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\80\tools\binn\sqldmo.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\80\tools\binn\sqldmo80.cnt
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\80\tools\binn\sqldmo80.hlp
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\com\axscphst90.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\com\distrib.exe
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\com\en\microsoft.sqlserver.replication.businesslogicsupport.xml
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\com\instapi.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\com\mergetxt.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\com\microsoft.sqlserver.replication.businesslogicsupport.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\com\microsoft.sqlserver.replication.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\com\msgprox.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\com\rdistcom.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\com\replerrx.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\com\replisapi.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\com\replmerg.exe
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\com\replprov.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\com\replrec.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\com\replsub.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\com\replsync.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\com\resources\1033\axscphst90.rll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\com\resources\1033\replres.rll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\com\spresolv.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\com\sqldistx.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\com\sqlmergx.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\com\sqlresld90.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\com\sqlwep.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\com\ssradd.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\com\ssravg.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\com\ssrdown.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\com\ssrmax.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\com\ssrmin.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\com\ssrpub.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\com\ssrup.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\com\tablediff.exe
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\com\xmlsub.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\eula\license_expr_enu.txt
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\gac\microsoft.analysisservices.deploymentengine.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\gac\microsoft.analysisservices.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\gac\microsoft.datawarehouse.interfaces.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\gac\microsoft.sqlserver.batchparser.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\gac\microsoft.sqlserver.connectioninfo.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\gac\microsoft.sqlserver.regsvrenum.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\gac\microsoft.sqlserver.rmo.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\gac\microsoft.sqlserver.servicebrokerenum.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\gac\microsoft.sqlserver.smo.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\gac\microsoft.sqlserver.smoenum.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\gac\microsoft.sqlserver.sqlenum.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\gac\microsoft.sqlserver.sstring.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\gac\microsoft.sqlserver.wmienum.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\microsoft.sqlserver.replication.businesslogicsupport.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\sdk\assemblies\en\microsoft.exceptionmessagebox.xml
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\sdk\assemblies\en\microsoft.sqlserver.connectioninfo.xml
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\sdk\assemblies\en\microsoft.sqlserver.replication.xml
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\sdk\assemblies\en\microsoft.sqlserver.rmo.xml
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\sdk\assemblies\en\microsoft.sqlserver.servicebrokerenum.xml
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\sdk\assemblies\en\microsoft.sqlserver.smo.xml
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\sdk\assemblies\en\microsoft.sqlserver.smoenum.xml
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\sdk\assemblies\en\microsoft.sqlserver.sqlenum.xml
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\sdk\assemblies\en\microsoft.sqlserver.wmienum.xml
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\sdk\assemblies\microsoft.exceptionmessagebox.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\sdk\assemblies\microsoft.sqlserver.connectioninfo.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\sdk\assemblies\microsoft.sqlserver.regsvrenum.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\sdk\assemblies\microsoft.sqlserver.replication.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\sdk\assemblies\microsoft.sqlserver.rmo.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\sdk\assemblies\microsoft.sqlserver.servicebrokerenum.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\sdk\assemblies\microsoft.sqlserver.smo.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\sdk\assemblies\microsoft.sqlserver.smoenum.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\sdk\assemblies\microsoft.sqlserver.sqlenum.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\sdk\assemblies\microsoft.sqlserver.sstring.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\sdk\assemblies\microsoft.sqlserver.wmienum.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\sdk\microsoft.exceptionmessagebox.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\shared\custsat.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\shared\dbghelp.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\shared\instapi.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\shared\isacctchange.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\shared\mdf_ndf_dbfiles.ico
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\shared\microsoft.netenterpriseservers.exceptionmessagebox.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\shared\microsoft.sqlsac.public.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\shared\microsoft.sqlserver.instapi.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\shared\microsoft.sqlserver.mgdsqldumper.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\shared\microsoft.sqlserver.sqltdiagm.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\shared\msasxpress.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\shared\msclusterlib.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\shared\msxmlsql.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\shared\resources\1033\msxmlsql.rll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\shared\resources\1033\sbevent.rll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\shared\resources\1033\sqladevn90.rll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\shared\resources\1033\sqlmgmprovider.mfl
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\shared\sac.exe
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\shared\sqladhlp90.exe
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\shared\sqlboot.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\shared\sqlbrowser.exe
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\shared\sqldumper.exe
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\shared\sqlftacct.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\shared\sqlmgmprovider.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\shared\sqlmgmprovider.mof
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\shared\sqlmgmproviderxpsp2up.mof
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\shared\sqlprov.exe
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\shared\sqlsac.exe
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\shared\sqlsecacctchg.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\shared\sqlsqm.exe
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\shared\sqlsvcsync.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\shared\sqlwtsn.exe
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\shared\svrenumapi.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\shared\transaction_logfile.ico
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\batchparser90.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\bcp.exe
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\osql.exe
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\resources\1033\bcp.rll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\resources\1033\cmptmgr9.chm
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\resources\1033\osql.rll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\resources\1033\semmap90.rll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\resources\1033\sqlcm.xml
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\resources\1033\sqlcmd.rll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\resources\1033\sqldiag.rll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\resources\1033\sqlmanager.rll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\resources\1033\sqlsvc90.rll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\07\dta\dtaschema.xsd
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\07\queryprocessor\memorygrantschema.xsd
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\07\showplan\showplanxml.xsd
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\bulkload\format\bulkloadschema.xsd
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\soap\options\sqlsoapoptions.xsd
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\soap\types\sqlmessage\sqlmessage.xsd
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\soap\types\sqlparameter\sqlparameter.xsd
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\soap\types\sqlresultstream\sqlresultstream.xsd
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\soap\types\sqlrowcount\sqlrowcount.xsd
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\soap\types\sqlsoaptypes.xsd
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\soap\types\sqltransaction\sqltransaction.xsd
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\sqltypes\sqltypes.xsd
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\semmap90.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\sqlcmd.exe
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\sqldiag.exe
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\sqlmanager.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\sqlresld90.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\sqlresourceloader.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\sqlscm90.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\sqlsvc90.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\system32\ansi\atl80.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\system32\atl80.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\system32\mfc80.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\system32\mfc80chs.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\system32\mfc80cht.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\system32\mfc80deu.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\system32\mfc80enu.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\system32\mfc80esp.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\system32\mfc80fra.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\system32\mfc80ita.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\system32\mfc80jpn.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\system32\mfc80kor.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\system32\mfc80u.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\system32\mfcm80.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\system32\mfcm80u.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\system32\msvcm80.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\system32\msvcp80.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\system32\msvcr80.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\1kn09qps.lm8\mfc80chs.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\1kn09qps.lm8\mfc80cht.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\1kn09qps.lm8\mfc80deu.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\1kn09qps.lm8\mfc80enu.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\1kn09qps.lm8\mfc80esp.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\1kn09qps.lm8\mfc80fra.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\1kn09qps.lm8\mfc80ita.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\1kn09qps.lm8\mfc80jpn.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\1kn09qps.lm8\mfc80kor.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\3ggml9qs.lm8\8.0.50727.42.cat
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\3ggml9qs.lm8\8.0.50727.42.policy
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\3kfkwlwq.lm8\8.0.50727.42.cat
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\3kfkwlwq.lm8\8.0.50727.42.policy
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\3kn09qps.lm8\mfc80chs.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\3kn09qps.lm8\mfc80cht.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\3kn09qps.lm8\mfc80deu.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\3kn09qps.lm8\mfc80enu.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\3kn09qps.lm8\mfc80esp.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\3kn09qps.lm8\mfc80fra.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\3kn09qps.lm8\mfc80ita.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\3kn09qps.lm8\mfc80jpn.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\3kn09qps.lm8\mfc80kor.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\3kn09qps.lm8\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0.cat
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\3kn09qps.lm8\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0.manifest
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\77wtistq.lm8\8.0.50727.42.cat
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\77wtistq.lm8\8.0.50727.42.policy
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\9ql1q2cs.lm8\mfc80.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\9ql1q2cs.lm8\mfc80u.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\9ql1q2cs.lm8\mfcm80.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\9ql1q2cs.lm8\mfcm80u.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\bql1q2cs.lm8\mfc80.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\bql1q2cs.lm8\mfc80u.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\bql1q2cs.lm8\mfcm80.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\bql1q2cs.lm8\mfcm80u.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\bql1q2cs.lm8\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2.cat
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\bql1q2cs.lm8\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2.manifest
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\hwfvlhtq.lm8\atl80.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\jwfvlhtq.lm8\atl80.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\jwfvlhtq.lm8\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_6e805841.cat
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\jwfvlhtq.lm8\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_6e805841.manifest
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\manifests\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_6e805841.cat
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\manifests\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_6e805841.manifest
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\manifests\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd.cat
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\manifests\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd.manifest
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\manifests\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0.cat
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\manifests\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0.manifest
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\manifests\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2.cat
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\manifests\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2.manifest
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\p6hpravq.lm8\msvcm80.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\p6hpravq.lm8\msvcp80.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\p6hpravq.lm8\msvcr80.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\policies\2ggml9qs.lm8\8.0.50727.42.cat
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\policies\2ggml9qs.lm8\8.0.50727.42.policy
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\policies\2kfkwlwq.lm8\8.0.50727.42.cat
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\policies\2kfkwlwq.lm8\8.0.50727.42.policy
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\policies\67wtistq.lm8\8.0.50727.42.cat
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\policies\67wtistq.lm8\8.0.50727.42.policy
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\policies\y8ww3aes.lm8\8.0.50727.42.cat
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\policies\y8ww3aes.lm8\8.0.50727.42.policy
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\r6hpravq.lm8\msvcm80.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\r6hpravq.lm8\msvcp80.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\r6hpravq.lm8\msvcr80.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\r6hpravq.lm8\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd.cat
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\r6hpravq.lm8\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd.manifest
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\z8ww3aes.lm8\8.0.50727.42.cat
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\z8ww3aes.lm8\8.0.50727.42.policy
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\90\tools\binn\xmlrw.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\common files\microsoft shared\database replication\resources\1033\replres.rll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\x86\binn\batchparser90.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\x86\binn\dbghelp.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\x86\binn\odsole70.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\x86\binn\opends60.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\x86\binn\res\1033\odsole70.rll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\x86\binn\res\1033\sqlevn70.rll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\x86\binn\res\1033\sqlmaint.rll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\x86\binn\res\1033\sqlsvc90.rll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\x86\binn\res\1033\xplog70.rll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\x86\binn\res\1033\xpstar90.rll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\x86\binn\sqlaccess.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\x86\binn\sqlboot.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\x86\binn\sqlctr.h
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\x86\binn\sqlctr.ini
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\x86\binn\sqlmaint.exe
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\x86\binn\sqlos.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\x86\binn\sqlresld90.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\x86\binn\sqlresourceloader.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\x86\binn\sqlscm90.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\x86\binn\sqlservr.exe
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\x86\binn\sqlsvc90.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\x86\binn\sqlwep-uni.mof
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\x86\binn\sqlwep-xp.mof
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\x86\binn\xmlrw.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\x86\binn\xmlrwbin.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\x86\binn\xpadsi90.exe
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\x86\binn\xplog70.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\x86\binn\xpqueue.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\x86\binn\xprepl.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\x86\binn\xpsqlbot.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\x86\binn\xpstar90.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\x86\data\master.mdf
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\x86\data\mastlog.ldf
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\x86\data\model.mdf
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\x86\data\modellog.ldf
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\x86\data\msdbdata.mdf
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\x86\data\msdblog.ldf
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\x86\data\mssqlsystemresource1.ldf
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\x86\data\mssqlsystemresource1.mdf
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\x86\install\dbengine_hotfix_install.sql
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\x86\install\dbengine_hotfix_uninstall.sql
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\x86\install\failoveranalysis.sql
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\x86\install\instmsdb.sql
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\x86\install\odsole.sql
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\x86\install\oledbsch.sql
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\x86\install\procsyst.sql
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\x86\install\repl_master.sql
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\x86\install\sqlagent90_msdb_upgrade.sql
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\x86\install\sqldmo.sql
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\x86\install\sysdbupg.sql
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\x86\install\sysdbupg_uninstall.sql
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\x86\install\u_tables.sql
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\x86\install\web.sql
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft sql server\x86\install\xpstar.sql
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft.net\adomd.net\90\en\microsoft.analysisservices.adomdclient.xml
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft.net\adomd.net\90\microsoft.analysisservices.adomdclient.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\program files\microsoft.net\adomd.net\microsoft.analysisservices.adomdclient.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\setupex.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\sqlncli.msi
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\sqlncli_x64.msi
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\sqlrun.msi
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\sqlrun_sql.ini
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\sqlrun_sql.msi
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\sqlrun_tools.msi
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\sqlsupport.msi
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\sqlwriter.msi
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\sqlwriter_x64.msi
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\system\sqlctr90.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup\system\sqlservermanager.msc
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup.exe
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup.ico
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\setup.rll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\splash.hta
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\sqlcu.dll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\sqlcu.rll
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\template.ini
Object is locked
skipped
D:\1207124e6d1c4edf3f1e96\xmlrw.dll
Object is locked
skipped
D:\28e1f46a85a8702557\update\update.exe
Object is locked
skipped
D:\28e1f46a85a8702557\update\updspapi.dll
Object is locked
skipped
D:\28e1f46a85a8702557\update\wpdinstallutil.dll
Object is locked
skipped
D:\2f58089b5244e9dd6f05e428bd6e253d\$shtdwn$.req
Object is locked
skipped
D:\2f58089b5244e9dd6f05e428bd6e253d\1033\eula.txt
Object is locked
skipped
D:\2f58089b5244e9dd6f05e428bd6e253d\1033\finalsql2005information.rtf
Object is locked
skipped
D:\2f58089b5244e9dd6f05e428bd6e253d\1033\hotfix.rll
Object is locked
skipped
D:\2f58089b5244e9dd6f05e428bd6e253d\1033\sqlhotfix.chm
Object is locked
skipped
D:\2f58089b5244e9dd6f05e428bd6e253d\1033\sqlse.rll
Object is locked
skipped
D:\2f58089b5244e9dd6f05e428bd6e253d\batchparser90.dll
Object is locked
skipped
D:\2f58089b5244e9dd6f05e428bd6e253d\hotfix.exe
Object is locked
skipped
D:\2f58089b5244e9dd6f05e428bd6e253d\hotfixexpress\files\sqlexpr.exe
Object is locked
skipped
D:\2f58089b5244e9dd6f05e428bd6e253d\hotfixexpress.inf
Object is locked
skipped
D:\2f58089b5244e9dd6f05e428bd6e253d\master.inf
Object is locked
skipped
D:\2f58089b5244e9dd6f05e428bd6e253d\msvcp80.dll
Object is locked
skipped
D:\2f58089b5244e9dd6f05e428bd6e253d\msvcr80.dll
Object is locked
skipped
D:\2f58089b5244e9dd6f05e428bd6e253d\osql.exe
Object is locked
skipped
D:\2f58089b5244e9dd6f05e428bd6e253d\osql.rll
Object is locked
skipped
D:\2f58089b5244e9dd6f05e428bd6e253d\sqlcmd.exe
Object is locked
skipped
D:\2f58089b5244e9dd6f05e428bd6e253d\sqlcmd.rll
Object is locked
skipped
D:\2f58089b5244e9dd6f05e428bd6e253d\sqldiscoveryapi.dll
Object is locked
skipped
D:\2f58089b5244e9dd6f05e428bd6e253d\sqlsetupvista.dll
Object is locked
skipped
D:\537525956f28f400756afb6e\update\update.exe
Object is locked
skipped
D:\537525956f28f400756afb6e\update\updspapi.dll
Object is locked
skipped
D:\b6ad448d49c39f4e1b6d63e0d84c8f\update\update.exe
Object is locked
skipped
D:\b6ad448d49c39f4e1b6d63e0d84c8f\update\updspapi.dll
Object is locked
skipped
D:\b6ad448d49c39f4e1b6d63e0d84c8f\update\wudfcustom.dll
Object is locked
skipped
D:\f79659c1c29ca7f5526de65dd9e432a4\update\wdssetup.exe
Object is locked
skipped
D:\fce534f2f76a6f3c9a1e0b2025\%temp%dd_msxml_retMSI.txt
Object is locked
skipped
D:\RECYCLER\NPROTECT\NPROTECT.LOG
Object is locked
skipped
D:\System Volume Information\MountPointManagerRemoteDatabase
Object is locked
skipped
E:\Recycled\NPROTECT\NPROTECT.LOG
Object is locked
skipped
Scan process completed.
distinctedge
Regular Member
 
Posts: 17
Joined: September 27th, 2007, 7:00 pm

Unread postby distinctedge » October 3rd, 2007, 10:15 pm

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:49, on 2007-10-03
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\RFA Platinum\rfagent.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Norton Password Manager\AcctMgr.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Roxio\CinePlayer\DMXLauncher.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe
C:\PROGRA~1\Nero\PHOTOS~1\data\xtras\mssysmgr.exe
C:\Program Files\AceLogix\Free Ram Optimizer\fro.exe
C:\PROGRA~1\NORTON~3\NORTON~1\NPROTECT.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\PROGRA~1\SPYWAR~2\sp_rsser.exe
C:\Program Files\Norton SystemWorks Basic Edition\Norton Utilities\SYSDOC32.EXE
C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
C:\WINDOWS\system32\svchost.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
C:\WINDOWS\System32\alg.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\CPSHelpRunner10.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\DISC\DISCover.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\DISC\DiscUpdMgr.exe
C:\Program Files\DISC\DiscStreamHub.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\explorer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZSTC09.exe
C:\Program Files\Common Files\Real\Update_OB\RealOneMessageCenter.exe
C:\Program Files\MTV Networks\URGE\UrgeMS.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Windows Live\Mail\wlmail.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://news.google.com/nwshp?tab=wn
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: hpWebHelper Class - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn2\yt.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [rfagent] "C:\Program Files\RFA Platinum\rfagent.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\PROGRA~1\SPYWAR~2\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
O4 - HKLM\..\Run: [AntiSpyWare2Guard] C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWare2Guard.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "c:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [AcctMgr] C:\Program Files\Norton Password Manager\AcctMgr.exe /startup
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe"
O4 - HKLM\..\Run: [DMXLauncher] "C:\Program Files\Roxio\CinePlayer\DMXLauncher.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Corel Photo Downloader] "C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Nero PhotoShow Media Manager] C:\PROGRA~1\Nero\PHOTOS~1\data\xtras\mssysmgr.exe
O4 - HKCU\..\Run: [Free Ram Optimizer] C:\Program Files\AceLogix\Free Ram Optimizer\fro.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Uniblue SpyEraser] "C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe" -m
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: wkcalrem.LNK = C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Acrobat Synchronizer.lnk = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Norton System Doctor.LNK = ?
O4 - Global Startup: Updates From HP.lnk = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
O4 - Global Startup: VersionTracker Pro.lnk = ?
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks Basic Edition\Norton Cleanup\WCQuick.lnk
O9 - Extra 'Tools' menuitem: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks Basic Edition\Norton Cleanup\WCQuick.lnk
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/ka ... nicode.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 1061435187
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~4\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ashampoo AntiSpyWare 2 Service (AASW2_Service) - Unknown owner - C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Intel(R) Quick Resume technology (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Norton UnErase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~3\NORTON~1\NPROTECT.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Roxio UPnP Renderer 10 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
O23 - Service: Roxio Upnp Server 10 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 10\RoxioUpnpService10.exe
O23 - Service: LiveShare P2P Server 10 (RoxLiveShare10) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe
O23 - Service: RoxMediaDB10 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
O23 - Service: Roxio Hard Drive Watcher 10 (RoxWatch10) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: SessionLauncher - Unknown owner - C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\DX9\SessionLauncher.exe (file missing)
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~3\NORTON~1\SPEEDD~1\NOPDB.EXE
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\PROGRA~1\SPYWAR~2\sp_rsser.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe

--
End of file - 19830 bytes
distinctedge
Regular Member
 
Posts: 17
Joined: September 27th, 2007, 7:00 pm

Unread postby Katana » October 4th, 2007, 7:09 am

Your logs don't show any active malware, but depending on how often you create a new restore point they do show that the back door has been there for a while.
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP55\A0019762.exe/data.rar/RunSequence.exe/script.au3
Infected: Backdoor.Win32.DSSdoor.c
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP55\A0019762.exe/data.rar/RunSequence.exe
Infected: Backdoor.Win32.DSSdoor.c
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP55\A0019762.exe/data.rar/_aps activator.exe
Infected: Backdoor.Win32.DSSdoor.c
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP55\A0019762.exe/data.rar
Infected: Backdoor.Win32.DSSdoor.c


This shows that the backdoor has been there since restore point 55, you are now up to point 68.

This is the standard speech when we find a backdoor trojan, please note the parts highlighted in red.
I'm afraid I have unpleasant news for you. You have a Very Dangerous infection on this machine.
The infection is delivered by Win32.DSSdoor.b and Win32.DSSdoor.c
It allows outsiders COMPLETE access to every keystroke, account, and password you use while on this machine, and complete access to any other data present...
IF this computer has been used for any kind of important data, my best recommendation is to Disconnect from Internet, Re-Format the entire drive and re-install your Operating system and Applications.

We can likely clean the infected files off the computer, and if you wish we will attempt to do so, but we cannot be sure that the infection didn't do something to your system to reduce the system security. In that instance, even after removal of the infection, you could be subject to another attack or takeover as soon as you re-connect to the Internet.

The Decision Whether to ReFormat or Not should be based on:
  • The use of the computer - this is the primary factor in the decision whether to re-format and re-install, or just disinfect.
  • The variety of malware - this influences the decision on whether to re-format and re-install, or just disinfect. IN THIS CASE we have a Backdoor Trojan, the worst kind.
If the Computer has been used for any important data, you are strongly advised to do the following, immediately:
  • Disconnect the infected computer from the internet and from any networked computers until the computer can be cleaned.
  • Back up all important data on the machine. Do not back up any Applications (programs). Those should be re-installed from the original source CDs or websites.
  • If you have ever used this computer for shopping, banking, or any transactions relating to your financial well being:
    Call all of your banks, credit card companies, and financial institutions, informing them that you may be a victim of identity theft, and to put a watch on your accounts or change all your account numbers.
  • From a clean computer, change ALL your online passwords -- for ISP login, email, banks, financial accounts, PayPal, eBay, online companies, and any online forums or groups you belong to.
  • DO NOT change passwords or do any transactions while using the infected computer because the attacker will get the new password and transaction information.
  • Take any other steps you think appropriate for an attempted identity theft.
While you are deciding whether to ReFormat and Re-Install, a useful link is here: http://www.dslreports.com/faq/10063
Please let me know what you decide.


I know it sounds all doom and gloom, but it is better that you know the full extent of the danger.

The following files are related to MyWebSearch, whilst they are not malicious they are not really desirable
Delete Files and Folders
Find and delete the following Files
C:\online installs\Nero 8\Nero PhotoShow Express\nero_photoshow_express_5_setup.exe <<< This File
C:\online installs\Nero 8\Toolbar.exe <<< This File
C:\Program Files\Nero\PhotoShow 5\data\Xtras\nero_photoshow_express_5_setup.exe <<< This File


Now you should disable System restore to purge any infected files and then re-enable it,

Turn off System Restore.

On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
Check Turn off System Restore.
Click Apply, and then click OK.
Restart your computer

Turn ON System Restore

On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
Un-Check Turn off System Restore.
Click Apply, and then click OK.

TotalScan

Please go to this site Link >> TotalScan << LINK
  • Under Scan Now click the Full Scan button
  • Follow the prompts to install the Active X if necessary
  • Go and make a cup of tea/coffee/beverage of your choice and watch some TV :)
  • When the scan is finished, a report will be generated
  • Next to Scan Details click the small Save button and save the report to your desktop.
  • Please post the report in your reply.
User avatar
Katana
MRU Teacher Emeritus
 
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester

Unread postby distinctedge » October 4th, 2007, 6:47 pm

> * The use of the computer - this is the primary factor in the decision whether to re-format and re-install, or just disinfect.
* The variety of malware - this influences the decision on whether to re-format and re-install, or just disinfect. IN THIS CASE we have a Backdoor Trojan, the worst kind.



OK Now after days of reinstalling from a go back. I am not in the mood for that anymore. :evil:

Soo I would like to know how to at least try a disinfect.

What is the best method?

The Castlestormer.
distinctedge
Regular Member
 
Posts: 17
Joined: September 27th, 2007, 7:00 pm

Unread postby Katana » October 4th, 2007, 7:18 pm

As I said, your logs don't show any sign of active malware so at the moment it looks like you are clean.

The problem is that if those two backdoors were active then changes may have been made that we would never find.
Like the speech says, the use of the computer is a factor in whether a reformat is essential.
If you do any online banking or other financial transactions then the best option is a reformat.

Please run the Total Scan that I gave a link to in my last post.
User avatar
Katana
MRU Teacher Emeritus
 
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester

Unread postby distinctedge » October 4th, 2007, 10:56 pm

Hi Katana,

OK I went to total scan and did the scan. Something is wrong!

Two trojans popped up when the scan software was DL.

I killed both and ran scan. Results came in one second for the total scan.

* No viruses, spyware, Trojans, or any other ACTIVE or LATENT threats have been detected on your PC.

* We detected that avast! antivirus 4.7.1043 [VPS 000778-3] is enabled and up-to-date.

After completely scanning your PC, we have not detected any ACTIVE or LATENT malicious software.

I will try Trend Micro and whatever else you think.

The Castle Stormer
distinctedge
Regular Member
 
Posts: 17
Joined: September 27th, 2007, 7:00 pm

Unread postby Katana » October 4th, 2007, 11:13 pm

Was it Avast that gave the Trojan alert?
If so can you get the report from it
Total Scan should scan running processes first and then scan your hard drive. It should take anything up to an hour.

Please try this scan instead
Run Panda Online Scan
Run Panda's ActiveScan from here and perform a full system scan.
- Once you are on the Panda site click the "Scan your PC" button
- A new window will open...click the big "Check Now" button
- Enter your Country
- Enter your State/Province
- Enter your e-mail address and click send
- Select either Home User or Company
- Click the big Scan Now button
- If it wants to install an ActiveX component allow it
- It will start downloading the files it requires for the scan (Note: It will take a couple minutes)
- Click on "Local Disks" to start the scan
- Save the log file to your desktop
User avatar
Katana
MRU Teacher Emeritus
 
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester

Panda Trojan

Unread postby distinctedge » October 4th, 2007, 11:27 pm

OK that virus again. Yes Avast is getting them.

http://acs.pandasoftware.com/activescan ... /motor.cab\pskavs.DLL

Win32:CTX
Virus/Worm
000778-3, 2007-10-04

It had me abort the scan

I guess its a false alarm, but I hate to go on in case a hacker is having fun.

The CastleStormer
distinctedge
Regular Member
 
Posts: 17
Joined: September 27th, 2007, 7:00 pm
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 311 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware