Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

HiJackThis Log File

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

HiJackThis Log File

Unread postby jraltman » October 6th, 2007, 3:24 am

This log is being submitted because I have had a credit card compromised and I suspect that some malware has been introduced to my computer.
I would like to request that this log file be inspected for any abnormalities.

Thanks, Jay

Logfile of HijackThis v1.99.1
Scan saved at 12:17:42 AM, on 10/6/2007
Platform: Unknown Windows (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Memorex Button Manager\MmrBtnMgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\ArcSoft\TotalMedia Backup\uBBMonitor.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Jay\Desktop\HijackThis.exe
C:\Users\Jay\Desktop\DeskTopHijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://comcast.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Memorex Button Manager] C:\Program Files\Memorex Button Manager\MmrBtnMgr.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Symantec Fax Starter Edition Port.lnk = C:\Program Files\Microsoft Office\Office\1033\OLFSNT40.EXE
O4 - Global Startup: TotalMedia Backup Monitor.lnk = C:\Program Files\ArcSoft\TotalMedia Backup\uBBMonitor.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O11 - Options group: [INTERNATIONAL] International*
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: igfxcui - C:\Windows\SYSTEM32\igfxdev.dll
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: O2Micro Flash Memory (O2Flash) - O2Micro International - C:\Windows\system32\o2flash.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)
jraltman
Active Member
 
Posts: 6
Joined: September 30th, 2007, 4:27 pm
Advertisement
Register to Remove

Unread postby silver » October 6th, 2007, 5:48 am

Hi Jay,

I'm sorry to hear about your misfortune, we'll have a close look at your computer and if there's any malware present we'll take care of it.

------------------------------------------------------------------------

You appear to have no antivirus software running. Without antivirus software your computer is very vulnerable and can easily be infected at any time so it it is essential you have one active at all times.

There are several free packages available, two of the most popular are here:
Antivir: http://www.free-av.com/
AVG Antivirus: http://free.grisoft.com/doc/1

If you have no antivirus program then download and install one immediately, update the definitions and set it to update automatically. Then do a full system scan and quarantine/delete anything it finds, and make a note of where the logfile is stored so you can post a copy in your next response. If you have any difficulty locating and posting the scan log, let me know in your next response.

------------------------------------------------------------------------

Please download and install the latest version of HijackThis from here:
http://downloads.malwareremoval.com/HJTInstall.exe

Once you have downloaded the new version, remove the old version via Start->Control Panel->Programs & Features and then use Windows Explorer (right-click Start & select Explore) to delete the old program file HijackThis.exe from your Desktop and from the DeskTopHijackThis folder on your Desktop

Then run the new version's installer HJTInstall.exe and follow the prompts.
After installing, HijackThis will open automatically however close the program for now.

------------------------------------------------------------------------

Download Deckard's System Scanner (DSS)
  • Close all applications and windows.
  • Right-click on dss.exe and select Run as administrator to run it, and follow the prompts.
  • When the scan is complete, two text files will open - main.txt <- this one will be maximized and extra.txt<-this one will be minimized
  • Make sure Format->Word Wrap is unchecked
  • Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt and extra.txt in your reply


Once complete, please post the antivirus scan log and both DSS logs, you won't need to produce a new HijackThis log as DSS produces one for you.
User avatar
silver
Regular Member
 
Posts: 9219
Joined: August 7th, 2006, 9:40 pm
Location: GMT+7

DSS logs

Unread postby jraltman » October 6th, 2007, 6:08 pm

I couldn't find the McAfee log.

Here are the Dss logs:

Main text:

Deckard's System Scanner v20070905.67
Run by Jay on 2007-10-06 14:18:28
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- Last 5 Restore Point(s) --
10: 2007-10-06 20:49:16 UTC - RP217 - Scheduled Checkpoint
9: 2007-10-06 01:56:31 UTC - RP216 - Scheduled Checkpoint
8: 2007-10-04 22:05:51 UTC - RP215 - Windows Update
7: 2007-10-04 00:04:15 UTC - RP214 - Windows Update
6: 2007-10-03 00:50:28 UTC - RP213 - Scheduled Checkpoint


-- First Restore Point --
1: 2007-09-26 04:19:22 UTC - RP208 - Windows Update


Backed up registry hives.
Performed disk cleanup.

Total Physical Memory: 502 MiB (1024 MiB recommended).


-- HijackThis (run as Jay.exe) -------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:20:55 PM, on 10/6/2007
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Memorex Button Manager\MmrBtnMgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\ArcSoft\TotalMedia Backup\uBBMonitor.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Internet Explorer\ieuser.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
C:\Users\Jay\Desktop\DSS\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Jay.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://comcast.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptcl.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Memorex Button Manager] C:\Program Files\Memorex Button Manager\MmrBtnMgr.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\RunOnce: [DM_CleanUpC:\Users\Jay\AppData\Local\Temp\McDMTemp007] cmd /c rd "C:\Users\Jay\AppData\Local\Temp\McDMTemp007" /s /q
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [IETI] C:\Program Files\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IETI] C:\Program Files\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Symantec Fax Starter Edition Port.lnk = C:\Program Files\Microsoft Office\Office\1033\OLFSNT40.EXE
O4 - Global Startup: TotalMedia Backup Monitor.lnk = C:\Program Files\ArcSoft\TotalMedia Backup\uBBMonitor.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: McAfee Application Installer Cleanup (0179251191696195) (0179251191696195mcinstcleanup) - Unknown owner - C:\Users\Jay\AppData\Local\Temp\017925~1.EXE (file missing)
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: O2Micro Flash Memory (O2Flash) - O2Micro International - C:\Windows\system32\o2flash.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

--
End of file - 7564 bytes

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

All drivers whitelisted.


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 O2Flash (O2Micro Flash Memory) - c:\windows\system32\o2flash.exe <Not Verified; O2Micro International; O2 MS1/MP1 Service>
R3 NMIndexingService - "c:\program files\common files\ahead\lib\nmindexingservice.exe" <Not Verified; Nero AG; Nero Home>

S2 0179251191696195mcinstcleanup (McAfee Application Installer Cleanup (0179251191696195)) - c:\users\jay\appdata\local\temp\017925~1.exe c:\progra~1\common~1\mcafee\instal~1\cleanup.ini -cleanup -nolog -service (file missing)


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Scheduled Tasks -------------------------------------------------------------

2007-10-06 11:42:53 336 --a------ C:\Windows\Tasks\McDefragTask.job
2007-10-06 11:42:47 328 --a------ C:\Windows\Tasks\McQcTask.job


-- Files created between 2007-09-06 and 2007-10-06 -----------------------------

2007-10-06 13:19:38 0 d-------- C:\Program Files\Trend Micro
2007-10-06 11:42:09 0 d-------- C:\Program Files\McAfee.com
2007-10-06 11:41:45 0 d-------- C:\Program Files\Common Files\McAfee
2007-10-06 11:41:33 0 d-------- C:\Program Files\McAfee
2007-10-06 11:29:44 0 d-------- C:\Users\All Users\McAfee
2007-10-02 18:28:05 0 d-------- C:\Program Files\Mozilla Sunbird
2007-09-30 12:42:31 0 d-------- C:\Users\All Users\Spybot - Search & Destroy
2007-09-19 23:10:28 0 d-------- C:\Program Files\Windows Live Safety Center


-- Find3M Report ---------------------------------------------------------------

2007-10-06 11:41:45 0 d-------- C:\Program Files\Common Files
2007-10-06 00:50:27 0 d-------- C:\Users\Jay\AppData\Roaming\Skype
2007-10-02 18:28:37 0 d-------- C:\Users\Jay\AppData\Roaming\Talkback
2007-10-02 18:28:19 0 d-------- C:\Users\Jay\AppData\Roaming\Mozilla
2007-08-07 21:01:03 0 d-------- C:\Users\Jay\AppData\Roaming\Adobe
2007-08-06 22:41:35 0 d-------- C:\Program Files\Common Files\Adobe
2007-07-27 22:49:05 20 --ahs---- C:\ArcDeviceInfo


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [06/10/2007 01:02 AM]
"RtHDVCpl"="RtHDVCpl.exe" [11/19/2006 07:13 AM C:\Windows\RtHDVCpl.exe]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [01/12/2006 04:40 PM]
"IgfxTray"="C:\Windows\system32\igfxtray.exe" [11/05/2006 02:02 AM]
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [11/05/2006 02:05 AM]
"Persistence"="C:\Windows\system32\igfxpers.exe" [11/05/2006 02:02 AM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [07/12/2007 04:00 AM]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [05/11/2007 03:06 AM]
"Memorex Button Manager"="C:\Program Files\Memorex Button Manager\MmrBtnMgr.exe" [05/10/2007 01:39 PM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [11/02/2006 05:34 AM]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [12/23/2006 07:05 PM]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [08/31/2007 04:46 PM]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runonce]
"DM_CleanUpC:\Users\Jay\AppData\Local\Temp\McDMTemp007"=cmd /c rd "C:\Users\Jay\AppData\Local\Temp\McDMTemp007" /s /q

[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"IETI"=C:\Program Files\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [8/6/2007 10:41:59 PM]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [2/17/1999 9:05:56 PM]
Symantec Fax Starter Edition Port.lnk - C:\Program Files\Microsoft Office\Office\1033\OLFSNT40.EXE [12/23/1998 10:51:54 PM]
TotalMedia Backup Monitor.lnk - C:\Program Files\ArcSoft\TotalMedia Backup\uBBMonitor.exe [7/27/2007 10:45:18 PM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"=2 (0x2)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalService nsi lltdsvc SSDPSRV upnphost SCardSvr w32time EventSystem RemoteRegistry WinHttpAutoProxySvc lanmanworkstation TBS SLUINotify THREADORDER fdrespub netprofm fdphost wcncsvc QWAVE WebClient
LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc wlansvc EMDMgmt TabletInputService WPDBusEnum
LocalServiceNoNetwork PLA DPS BFE mpssvc

*Newly Created Service* - IPFILTERDRIVER
*Newly Created Service* - MFEAVFK
*Newly Created Service* - MFEBOPK
*Newly Created Service* - MFEHIDK
*Newly Created Service* - MFERKDK
*Newly Created Service* - MFESMFK
*Newly Created Service* - MPFP

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
C:\Windows\system32\unregmp2.exe /ShowWMP

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI



-- Hosts -----------------------------------------------------------------------

127.0.0.1 hityou.com
127.0.0.1 http://www.hityou.com
127.0.0.1 180searchassistant.com
127.0.0.1 http://www.180searchassistant.com
127.0.0.1 180solutions.com
127.0.0.1 http://www.180solutions.com
127.0.0.1 bis.180solutions.com
127.0.0.1 config.180solutions.com
127.0.0.1 cts.180solutions.com
127.0.0.1 downloads.180solutions.com

6621 more entries in hosts file.


-- End of Deckard's System Scanner: finished at 2007-10-06 14:32:45 ------------

Extra text:

Deckard's System Scanner v20070905.67
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft® Windows Vista™ Home Basic (build 6000)
Architecture: X86; Language: English

CPU 0: Intel(R) Celeron(R) M CPU 430 @ 1.73GHz
Percentage of Memory in Use: 74%
Physical Memory (total/avail): 501.56 MiB / 129.36 MiB
Pagefile Memory (total/avail): 1495.7 MiB / 807.65 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1939.52 MiB

C: is Fixed (NTFS) - 37.26 GiB total, 17.31 GiB free.
D: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - Hitachi HTS541640J9SA00 ATA Device - 37.26 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 37.26 GiB - C:



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.

AV: McAfee VirusScan v (McAfee)
AS: McAfee VirusScan v (McAfee)
AS: Spybot - Search and Destroy v1.0.0.4 (Safer Networking Ltd.) Outdated
AS: Windows Defender v1.1.1505.0 (Microsoft Corporation) Disabled

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\ProgramData
APPDATA=C:\Users\Jay\AppData\Roaming
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=JAYPEG-PC
ComSpec=C:\Windows\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Users\Jay
LOCALAPPDATA=C:\Users\Jay\AppData\Local
LOGONSERVER=\\JAYPEG-PC
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 14 Stepping 8, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0e08
ProgramData=C:\ProgramData
ProgramFiles=C:\Program Files
PROMPT=$P$G
PUBLIC=C:\Users\Public
SystemDrive=C:
SystemRoot=C:\Windows
TEMP=C:\Users\Jay\AppData\Local\Temp
TMP=C:\Users\Jay\AppData\Local\Temp
USERDOMAIN=JayPeg-PC
USERNAME=Jay
USERPROFILE=C:\Users\Jay
windir=C:\Windows


-- User Profiles ---------------------------------------------------------------

JayPeg
Peg
Jay


-- Add/Remove Programs ---------------------------------------------------------

--> C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
--> C:\Windows\UNNeroMediaHome.exe /UNINSTALL
--> C:\Windows\UNNeroShowTime.exe /UNINSTALL
--> C:\Windows\UNNeroVision.exe /UNINSTALL
--> C:\Windows\UNRecode.exe /UNINSTALL
Adobe Flash Player 9 ActiveX --> C:\Windows\system32\Macromed\Flash\FlashUtil9c.exe -uninstallUnlock
Adobe Flash Player Plugin --> C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Photoshop 7.0 --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Adobe\Photoshop 7.0\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop 7.0\Uninst.dll"
Adobe Reader 8.1.0 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81000000003}
ArcSoft TotalMedia Backup --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0249E03D-1DB0-4BAE-95F3-C79A7A14E255}\Setup.exe" -l0x9
BUM --> MsiExec.exe /I{55937F00-A69B-4049-8D3A-1C7729742B6F}
Google Earth --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}\setup.exe" -l0x9 -removeonly
Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar2.dll"
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Java(TM) 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) SE Runtime Environment 6 Update 1 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
KODAK EASYSHARE Gallery Easy Upload, v2.1 --> C:\Users\Jay\AppData\Local\KodakGallery\EasyShareSetup\$SETUP_140007_b5adde\Setup.exe /APR-REMOVE
McAfee SecurityCenter --> C:\Program Files\McAfee\MSC\mcuninst.exe
Memorex Button Manager --> C:\Program Files\Memorex Button Manager\Memorex HDD Button Uninstall.exe
Microsoft Internet Explorer Administration Kit 5 --> rundll32 advpack.dll,LaunchINFSection ieak5.inf,IEAK.Uninstall
Microsoft Office 2000 Disc 2 --> MsiExec.exe /I{00040409-78E1-11D2-B60F-006097C998E7}
Microsoft Office 2000 Premium --> MsiExec.exe /I{00000409-78E1-11D2-B60F-006097C998E7}
Microsoft Office 2000 Resource Kit Tools and Utilities --> MsiExec.exe /I{EF5F8554-BC5F-11d2-92F2-00104BC947F0}
Microsoft PhotoDraw 2000 --> "C:\Program Files\Microsoft Office\Office\Setup\PhotoDraw\setup.exe"
Mozilla Firefox (2.0.0.7) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Sunbird (0.5) --> C:\Program Files\Mozilla Sunbird\uninstall\uninst.exe
Nero 7 Essentials --> MsiExec.exe /X{F63C7908-08EA-46F5-9EDF-DFF9FD231033}
O2Micro Flash Memory Card Windows Driver V3.00 --> C:\Program Files\InstallShield Installation Information\{3562A082-CF01-419B-8A02-233E31B8A83C}\Setup.exe -runfromtemp -l0x0409
Realtek High Definition Audio Driver --> RtlUpd.exe -r -m
Skypeâ„¢ 3.2 --> MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
Spybot - Search & Destroy --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Virtual Earth 3D (Beta) --> MsiExec.exe /I{619B8475-0F48-41B7-A370-5147F7092989}
Windows Live OneCare safety scanner --> MsiExec.exe /X{FE0646A7-19D0-41B4-A2BB-2C35D644270D}


-- Application Event Log -------------------------------------------------------

Event Record #/Type17335 / Success
Event Submitted/Written: 10/06/2007 11:10:52 AM
Event ID/Source: 5617 / WinMgmt
Event Description:


Event Record #/Type17334 / Success
Event Submitted/Written: 10/06/2007 11:10:51 AM
Event ID/Source: 5615 / WinMgmt
Event Description:


Event Record #/Type17333 / Success
Event Submitted/Written: 10/06/2007 11:10:24 AM
Event ID/Source: 902 / Software Licensing Service
Event Description:
The Software Licensing service has started.

Event Record #/Type17324 / Warning
Event Submitted/Written: 10/06/2007 01:00:00 AM
Event ID/Source: 1530 / profsvc
Event Description:
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.

DETAIL -
5 user registry handles leaked from \Registry\User\S-1-5-21-2913235873-221017604-2209180424-1002:
Process 3008 (\Device\HarddiskVolume1\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe) has opened key \REGISTRY\USER\S-1-5-21-2913235873-221017604-2209180424-1002\Software\Ahead\Nero Home\MediaLibrary
Process 3008 (\Device\HarddiskVolume1\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe) has opened key \REGISTRY\USER\S-1-5-21-2913235873-221017604-2209180424-1002\Software\Ahead\Nero Home\MediaLibrary
Process 3008 (\Device\HarddiskVolume1\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe) has opened key \REGISTRY\USER\S-1-5-21-2913235873-221017604-2209180424-1002\Software\Ahead\Nero Home\MediaLibrary
Process 3008 (\Device\HarddiskVolume1\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe) has opened key \REGISTRY\USER\S-1-5-21-2913235873-221017604-2209180424-1002\Software\Ahead\Nero Home\MediaLibrary\Scanner
Process 3008 (\Device\HarddiskVolume1\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe) has opened key \REGISTRY\USER\S-1-5-21-2913235873-221017604-2209180424-1002\Software\Ahead\Nero Home\MediaLibrary\Scanner

Event Record #/Type17319 / Warning
Event Submitted/Written: 10/06/2007 00:59:34 AM
Event ID/Source: 1530 / profsvc
Event Description:
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.

DETAIL -
1 user registry handles leaked from \Registry\User\S-1-5-21-2913235873-221017604-2209180424-1003_Classes:
Process 852 (\Device\HarddiskVolume1\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2913235873-221017604-2209180424-1003_CLASSES



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type41630 / Error
Event Submitted/Written: 10/06/2007 11:42:31 AM
Event ID/Source: 7030 / Service Control Manager
Event Description:
McAfee Update Manager

Event Record #/Type41536 / Warning
Event Submitted/Written: 10/06/2007 01:00:30 AM
Event ID/Source: 4001 / Microsoft-Windows-WLAN-AutoConfig
Event Description:


Event Record #/Type41523 / Warning
Event Submitted/Written: 10/05/2007 11:25:36 PM
Event ID/Source: 1003 / Dhcp
Event Description:
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 0019DB0758F1. The following error occurred:
%%121. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Event Record #/Type41517 / Warning
Event Submitted/Written: 10/05/2007 11:24:56 PM
Event ID/Source: 17 / i8042prt
Event Description:
The device sent an incorrect response(s) following a keyboard reset.

Event Record #/Type41409 / Warning
Event Submitted/Written: 10/05/2007 05:41:34 AM
Event ID/Source: 4001 / Microsoft-Windows-WLAN-AutoConfig
Event Description:




-- End of Deckard's System Scanner: finished at 2007-10-06 14:32:45 ------------

Thanks for your help, Jay

P.S. This is a relatively new laptop and I neglected to to remember to install the McAfee software that I have on our other computers.
jraltman
Active Member
 
Posts: 6
Joined: September 30th, 2007, 4:27 pm

Unread postby silver » October 6th, 2007, 10:40 pm

Hi jraltman,

Did McAfee detect anything on it's scan? If you aren't sure you may be able to get the details as follows:
  • Open the McAfee Security Center via Start->All Programs or double-clicking the tray icon
  • From the left hand menu, select View Recent Events (or Reports & Logs if you use the Advanced Menu), then press the View Log button on the right.
  • Select Detection Log from the left pane
  • Find the relevant detections in the right pane, select each one and note down the File: and Process: for each
  • Post the details in your next response

Your Java is outdated and is now a security risk
Go to Start » Control Panel » Programs and Features and uninstall the following:
Java(TM) 6 Update 2
Java(TM) SE Runtime Environment 6 Update 1

Download and install the newest version of Java Runtime Environment (JRE) (version 6 update 3), from here:
http://java.sun.com/javase/downloads/index.jsp


Let's double-check with an online scan by Kaspersky:

Open Kaspersky Online Scanner in Internet Explorer

When prompted, allow the installation of ActiveX components from Kaspersky
  • The program will launch and then begin downloading the latest definition files:
  • Once the files have been downloaded click on NEXT and then Scan Settings
  • In the scan settings make that the following are selected:
    • Scan using the following Anti-Virus database:
      Extended (if available otherwise Standard)
    • Scan Options:
      Scan Archives
      Scan Mail Bases
  • Click OK
  • Now under select a target to scan:
      Select My Computer
  • The program will start to scan your system.
  • Once the scan is complete, click on the Save Report As button, change the Save as type: to Text file and save the file to your Desktop
  • If Internet Explorer responds saying the report has been saved to the Temporary Internet Files folder, say Yes to open the folder, then navigate to C -> Users -> (Your username) -> Desktop to locate the report
Note: If at any time you have trouble with the accept button of the license, click on the Zoom tool located at the right bottom of the IE window and set the zoom to 75 %. Once the license is accepted, reset to 100%.

Once complete, please post the McAfee results (if any), the Kaspersky report and a new HijackThis log.
Also, let me know how your computer is running.
User avatar
silver
Regular Member
 
Posts: 9219
Joined: August 7th, 2006, 9:40 pm
Location: GMT+7

Kaspersky Log, etc.

Unread postby jraltman » October 8th, 2007, 12:23 am

Here's the new HijackThis Log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:20:55 PM, on 10/6/2007
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Memorex Button Manager\MmrBtnMgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\ArcSoft\TotalMedia Backup\uBBMonitor.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Internet Explorer\ieuser.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
C:\Users\Jay\Desktop\DSS\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Jay.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://comcast.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptcl.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Memorex Button Manager] C:\Program Files\Memorex Button Manager\MmrBtnMgr.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\RunOnce: [DM_CleanUpC:\Users\Jay\AppData\Local\Temp\McDMTemp007] cmd /c rd "C:\Users\Jay\AppData\Local\Temp\McDMTemp007" /s /q
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [IETI] C:\Program Files\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IETI] C:\Program Files\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Symantec Fax Starter Edition Port.lnk = C:\Program Files\Microsoft Office\Office\1033\OLFSNT40.EXE
O4 - Global Startup: TotalMedia Backup Monitor.lnk = C:\Program Files\ArcSoft\TotalMedia Backup\uBBMonitor.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: McAfee Application Installer Cleanup (0179251191696195) (0179251191696195mcinstcleanup) - Unknown owner - C:\Users\Jay\AppData\Local\Temp\017925~1.EXE (file missing)
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: O2Micro Flash Memory (O2Flash) - O2Micro International - C:\Windows\system32\o2flash.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

--
End of file - 7564 bytes


Kaspersky Log: I tried to find it again, but couldn't. I do remember that it found no problems. If you know where that log might be, maybe I can retreive it.


The McaFee scan also found no problems. I copied a screen shot into Word, but couldn't figure out how to get it into this post.

The computer has been running normally.

Thank you for all your help.

This has been very enlightening. I did run the McAfee scan on our two other computers and it found 0 problems.

Thanks again, Jay
jraltman
Active Member
 
Posts: 6
Joined: September 30th, 2007, 4:27 pm

Unread postby silver » October 8th, 2007, 3:08 am

Hi jraltman,

It would be good to see the Kaspersky log if possible, did you try to save it to your Desktop?
Please try this:
Copy (Ctrl-C) this path and paste it into the search box (available from the Start menu) and press Enter:
C:\Users\Jay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\C\Users\Jay\Desktop

If the file is present then open it and post a copy of the contents in your next response.

Great to hear McAfee didn't find any problems either, and that your machine is running fine.
I'd like to see one more HijackThis log, as the one in your last post was not new - it was a copy of the one produced by the DSS scan. You can see if you are posting the correct log by checking the date and time of the scan in the header.

In your response please post the Kaspersky report (if available), and a new HijackThis log.
User avatar
silver
Regular Member
 
Posts: 9219
Joined: August 7th, 2006, 9:40 pm
Location: GMT+7

Unread postby jraltman » October 8th, 2007, 10:32 pm

Nice directions :)


Here's the Kaspersky Log:

KASPERSKY ONLINE SCANNER REPORT
Sunday, October 07, 2007 3:07:40 PM
Operating System: Microsoft Windows Vista Home Edition, (Build 6000)
Kaspersky Online Scanner version: 5.0.93.1
Kaspersky Anti-Virus database last update: 7/10/2007
Kaspersky Anti-Virus database records: 428863


Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true

Scan Target My Computer
C:\
D:\

Scan Statistics
Total number of scanned objects 88652
Number of viruses found 0
Number of infected objects 0
Number of suspicious objects 0
Duration of the scan process 01:11:58

Infected Object Name Virus Name Last Action
C:\Deckard\System Scanner\backup\Windows\temp\coinlog.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\DMI9423.tmp Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\DMI9923.tmp Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\DMIA6F8.tmp Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\DMID039.tmp Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070408-193947-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070408-193952-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070410-054553-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070410-054559-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070410-213459-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070410-213505-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070410-224212-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070410-224217-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070411-145848-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070411-145855-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070412-203817-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070412-203823-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070413-233412-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070413-233419-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070414-113722-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070414-113728-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070414-151222-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070414-151228-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070414-212051-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070414-212056-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070415-074556-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070415-074614-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070415-091005-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070415-091011-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070415-112520-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070415-112527-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070415-115543-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070415-115550-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070415-165730-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070415-165735-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070415-221313-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070415-221318-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070416-100220-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070416-100226-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070416-130450-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070416-130454-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070416-163412-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070416-163418-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070416-212042-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070416-212050-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070417-193343-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070417-193350-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070418-001922-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070418-001928-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070418-054545-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070418-124321-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070418-124327-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070418-173147-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070418-173152-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070418-220819-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070418-220824-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070419-105804-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070419-105811-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070419-195156-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070419-195208-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070419-215622-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070419-215628-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070420-171128-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070420-171134-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070421-125404-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070421-125411-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070421-225052-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070421-225058-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070422-195106-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070422-195116-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070422-213632-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070422-213638-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070423-212456-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070423-212501-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070424-054340-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070424-054347-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070424-184946-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070424-184952-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070425-131202-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070425-131210-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070425-165112-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070425-165119-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070426-174808-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070426-174815-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070427-175043-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070427-175048-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070428-084644-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070428-084652-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070428-111556-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070428-111603-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070428-161216-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070428-161226-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070428-192351-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070428-192357-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070429-095813-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070429-095820-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070429-141139-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070429-141146-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070429-173637-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070429-173643-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070429-232235-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070429-232241-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070430-113409-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070430-113415-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070430-133742-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070430-133748-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070430-184618-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070430-184628-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070430-225901-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070430-225908-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070501-142144-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070501-142151-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070501-182429-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070501-182435-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070502-054200-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070502-054206-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070502-123555-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070502-123600-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070502-191016-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070502-191023-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070503-114615-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070503-114622-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070503-145953-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070503-145959-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070504-055527-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070504-055534-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070504-121713-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070504-121718-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070504-161755-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070504-161801-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070505-090706-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070505-090712-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070505-095834-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070505-095846-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070505-121631-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070505-121638-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070505-234259-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070505-234305-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070506-094943-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070506-094949-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070507-115159-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070507-115205-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070507-145221-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070507-145228-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070508-121230-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070508-121237-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070508-174046-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070508-174055-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070509-122303-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070509-122310-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070510-174528-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070510-174533-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070511-065222-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070511-065229-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070511-121246-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070511-121253-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070511-225201-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070511-225208-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070512-004334-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070512-004424-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070512-092404-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070512-092511-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070512-155207-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070512-155215-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070513-104350-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070513-104358-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070513-212915-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070513-212921-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070514-052006-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070514-052013-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070514-113520-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070514-113525-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070514-194435-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070514-194440-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070515-121320-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070515-121327-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070515-211547-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070515-211553-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070516-142600-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070516-142606-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070516-204419-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070516-204430-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070518-175136-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070518-175143-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070518-181512-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070518-181523-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070518-202401-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070518-202409-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070518-230837-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070518-230844-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070519-091821-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070519-091829-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070519-120300-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070519-120306-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070519-190735-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070519-190832-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070520-095822-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070520-095827-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070521-183224-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070521-183231-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070521-234509-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070521-234517-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070522-123933-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070522-123940-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070522-202040-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070522-202046-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070523-123232-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070523-123238-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070523-161941-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070523-161947-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070524-151027-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070524-151035-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070525-122007-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070525-122014-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070525-172718-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070525-172725-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070526-061046-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070526-061052-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070526-132314-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070526-132320-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070526-152144-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070526-152150-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070526-163845-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070526-163852-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070526-212330-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070526-212345-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070526-230509-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070526-230524-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070527-083050-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070527-083055-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070527-192955-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070527-193002-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070528-003046-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070528-003053-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070528-074113-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070528-074119-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070528-135644-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070528-135651-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070528-220111-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070528-220117-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070528-233834-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070528-233840-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070529-112151-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070529-112158-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070529-205217-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070529-205225-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070530-183100-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070530-183106-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070531-094327-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070531-094334-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070531-132559-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070531-132610-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070531-190156-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070531-190204-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070601-110120-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070601-110127-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070601-212315-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070601-212324-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070601-224939-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070601-224945-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070602-084703-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070602-084710-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070602-205616-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070602-205627-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070602-230018-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070602-230024-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070603-095106-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070603-095112-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070603-101328-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070603-101334-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070604-154545-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070604-154552-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070604-171930-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070604-171936-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070605-190721-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070605-190728-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070605-200701-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070605-200708-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070606-123755-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070606-123802-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070606-205733-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070606-205740-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070607-130715-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070607-130723-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070608-150427-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070608-150433-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070609-111239-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070609-111246-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070609-204901-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070609-204913-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070610-092455-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070610-092520-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070610-130210-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070610-130219-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070610-163837-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070610-163844-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070610-223441-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070610-223448-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070611-130740-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070611-130747-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070611-190806-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070611-190816-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070612-053926-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070612-053955-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070612-180424-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070612-180435-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070613-225519-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070613-225527-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070614-124620-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070614-124629-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070614-151314-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070614-151322-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070615-054309-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070615-054318-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070615-125610-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070615-125618-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070615-174910-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070615-174924-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070616-081654-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070616-081704-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070616-113748-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070616-113758-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070616-185414-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070616-185423-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070616-201809-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070616-201816-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070617-092705-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070617-092712-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070617-150450-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070617-150500-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070617-214707-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070617-214715-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070618-113627-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070618-113635-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070618-195638-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070618-195647-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070619-110204-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070619-110212-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070619-134918-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070619-134926-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070619-170537-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070619-170545-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070619-215834-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070619-215841-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070620-052813-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070620-052828-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070620-122553-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070620-122600-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070621-050407-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070621-050417-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070621-211055-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070621-211103-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070622-125743-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070622-125751-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070622-171712-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070622-171719-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070623-082019-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070623-082028-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070623-103748-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070623-103755-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070623-190053-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070623-190102-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070624-080354-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070624-080402-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070624-103440-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070624-103449-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070625-121732-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070625-121741-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070625-124711-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070625-124723-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070625-144457-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070625-144504-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070625-185016-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070625-185026-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070626-054646-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070626-054655-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070626-155659-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070626-155707-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070626-174058-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070626-174105-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070626-225024-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070626-225031-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070626-231721-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070626-231728-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070627-140025-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070627-140033-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070627-162759-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070627-162807-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070627-221043-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070627-221051-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070628-120018-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070628-120027-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070628-160218-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070628-160226-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070628-191017-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070628-191026-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070629-092825-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070629-092832-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070629-210610-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070629-210619-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070630-101404-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070630-101413-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070630-171002-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070630-171010-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070630-231114-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070630-231122-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070701-071826-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070701-071841-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070701-115903-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070701-115910-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070701-224304-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070701-224312-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070702-103629-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070702-103638-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070702-135718-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070702-135725-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070702-224459-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070702-224507-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070703-094351-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070703-094401-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070703-133634-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070703-133642-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070703-145000-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070703-145008-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070703-213014-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070703-213021-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070703-230134-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070703-230146-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070704-084553-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070704-084601-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070704-121916-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070704-121925-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070704-195724-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070704-195732-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070705-221824-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070705-221833-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070706-082953-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070706-083000-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070706-190952-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070706-191000-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070706-233501-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070706-233510-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070707-104547-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070707-104556-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070707-220117-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070707-220126-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070708-112247-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070708-112255-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070708-200908-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070708-200917-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070709-115919-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070709-115927-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070709-172136-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070709-172145-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070710-203618-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070710-203626-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070710-222408-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070710-222417-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070711-093009-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070711-093019-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070711-114156-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070711-114207-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070711-165039-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070711-165047-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070711-221119-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070711-221130-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070712-083207-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070712-083216-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070712-130457-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070712-130505-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070713-005700-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070713-005709-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070713-111130-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070713-111137-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070713-152048-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070713-152058-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070713-175411-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070713-175419-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070714-020044-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070714-020123-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070714-190012-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070714-190021-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070714-222842-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070714-222858-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070715-130111-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070715-130120-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070715-184715-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070715-184728-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070716-220205-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070716-220213-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070717-050107-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070717-050117-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070717-115100-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070717-115107-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070717-201433-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070717-201447-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070718-050620-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070718-050629-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070718-120419-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070718-120428-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070718-175644-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070718-175652-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070718-204447-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070718-204454-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070719-070815-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070719-070850-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070719-104920-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070719-104928-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070719-115908-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070719-115917-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070719-153409-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070719-153419-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070719-185055-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070719-185103-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070720-055056-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070720-055105-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070720-121436-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070720-121443-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070720-185342-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070720-185350-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070721-102826-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070721-102837-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070721-173319-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070721-173327-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070722-092521-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070722-092528-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070722-225456-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070722-225504-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070723-150941-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070723-150950-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070724-192300-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070724-192309-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070725-115943-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070725-115951-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070725-145328-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070725-145336-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070725-174028-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070725-174036-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070726-132910-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070726-132918-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070726-210351-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070726-210359-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070727-084236-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070727-084253-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070727-143134-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070727-143143-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070727-200647-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070727-200657-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070727-234511-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070727-234655-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070728-005610-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070728-005630-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070728-093853-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070728-093900-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070728-095756-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070728-095809-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070728-153912-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070728-153933-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070728-172318-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070728-172325-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070728-222359-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070728-222407-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070729-081937-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070729-081951-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070729-120225-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070729-120232-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070729-185935-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070729-185942-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070730-054736-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070730-054751-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070730-133332-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070730-133344-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070730-191048-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070730-191056-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070731-194142-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070731-194151-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070801-121241-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070801-121254-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070801-173807-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070801-173814-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070801-203233-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070801-203240-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070801-225421-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070801-225433-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070802-191646-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070802-191654-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070803-111151-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070803-111159-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070803-201028-0.log Object is locked skipped

C:\Deckard\System Scanner\backup\Windows\temp\lpksetup-20070803-201041-0.log Object is locked
jraltman
Active Member
 
Posts: 6
Joined: September 30th, 2007, 4:27 pm

Unread postby silver » October 8th, 2007, 10:43 pm

Hi jraltman,

It looks like your post was cut off because the Kaspersky log was too long.

Please open it again and save a copy to your Desktop, then open this page:
http://www.bleepingcomputer.com/submit- ... channel=32

Press the Browse button, browse to the copy on your Desktop and press Open
Then click the Send File button.

Also please post a new HijackThis log :)
User avatar
silver
Regular Member
 
Posts: 9219
Joined: August 7th, 2006, 9:40 pm
Location: GMT+7

Unread postby jraltman » October 12th, 2007, 1:14 am

Back again.........

I sent the Kaspersky file.

Here's the latest HiJack log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:10:45 PM, on 10/11/2007
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16546)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Memorex Button Manager\MmrBtnMgr.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\ArcSoft\TotalMedia Backup\uBBMonitor.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://comcast.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptcl.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Memorex Button Manager] C:\Program Files\Memorex Button Manager\MmrBtnMgr.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [IETI] C:\Program Files\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IETI] C:\Program Files\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Symantec Fax Starter Edition Port.lnk = C:\Program Files\Microsoft Office\Office\1033\OLFSNT40.EXE
O4 - Global Startup: TotalMedia Backup Monitor.lnk = C:\Program Files\ArcSoft\TotalMedia Backup\uBBMonitor.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/ka ... nicode.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: O2Micro Flash Memory (O2Flash) - O2Micro International - C:\Windows\system32\o2flash.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

--
End of file - 7224 bytes

Thanks, Jay
jraltman
Active Member
 
Posts: 6
Joined: September 30th, 2007, 4:27 pm

Unread postby silver » October 12th, 2007, 3:18 am

Hi jraltman,

All your scans look good so I think your machine is clean :)

You should now delete dss.exe from your Desktop, also delete this folder:
C:\Deckard

Here are some tips for using your credit card online safely:
  • Don't click links in email, especially to ecommerce or financial sites, emails can easily be forged and urls can appear correct even though they are malicious.
  • Before entering any username, password, credit card details etc, check that the address bar shows that you are at the correct website.
  • Also check that you have an SSL connection (the url should starts with https:// )
  • Consider getting another extra credit card with a very low limit, specifically for use online.

Here are some tips to help you keep your computer clean:

Operating system vulnerabilities can easily be exploited by malware so please ensure your operating system is automatically kept up to date by using Windows Update:
Go to Start->Control Panel->Windows Update->Change Settings
Select Install updates automatically and select a suitable schedule
Also, check that your antivirus and antispyware programs are set to automatically update daily.

Windows Defender comes with Vista, but you currently have it disabled. I recommend you re-enable it to help protect your computer. Spybot S&D is also installed, however it's definitions are outdated - I recommend you regularly update and scan with this program.

Spywareblaster is a free program which prevents the download and installation of Internet Explorer ActiveX based malware by immunizing your system against it. You can download Spywareblaster from here and a tutorial to help you get started is available here.

Consider a custom hosts file such as MVPS HOSTS. This custom hosts file effectively blocks a wide range of unwanted ads, banners, 3rd party Cookies, 3rd party page counters, web bugs, and many hijackers.
For information on how to download and install, please read this tutorial by WinHelp2002
Note: Be sure to follow the instructions to disable the DNS Client service before installing a custom hosts file.

Please take care when downloading programs. One of the easiest ways to be infected is to download freeware/shareware programs which come laden with malware - this includes allowing websites to install browser plug-ins orActiveX controls. Before downloading, it is crucial to check whether the source is reputable.
One way to check is to use McAfee SiteAdvisor. Copy the domain name into the space provided and SiteAdvisor will give you a report on the website which can help you decide if it is safe. They also have a toolbar for IE and Firefox which adds this functionality to your browser.

Find out more about how to prevent infection in the future
http://forum.malwareremoval.com/viewtopic.php?p=33687

Please post back to let me know that you have read this, and if there are any further issues.
User avatar
silver
Regular Member
 
Posts: 9219
Joined: August 7th, 2006, 9:40 pm
Location: GMT+7

Unread postby jraltman » October 12th, 2007, 8:45 am

Thank You for all of the help. I'll follow your suggestions and proceed with care.
All of your suggestions will be followed in the future.

Thanks again, Jay
jraltman
Active Member
 
Posts: 6
Joined: September 30th, 2007, 4:27 pm

Unread postby silver » October 12th, 2007, 9:21 am

You're most welcome, best of luck!
User avatar
silver
Regular Member
 
Posts: 9219
Joined: August 7th, 2006, 9:40 pm
Location: GMT+7

Unread postby Gary R » October 12th, 2007, 9:31 am

This topic is now closed.

If you are the originator of this topic, and you need it re-opened please send an email to 'admin at malwareremoval.com', including a link to this topic.

If you have been helped and wish to donate to help with the costs of this volunteer site, please read Donations For Malware Removal

Please do not contact us if you are not the topic starter. A valid, working link to the closed topic is required along with the user name used. If the user name does not match the one in the thread linked, the email will be deleted.

Gary R
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 292 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware