I have recently started seeing variations of STS3.tmp, STS5.tmp, STSE.tmp, etc in my browser history when I look though it under My Computer. I am using Internet Explorer. When I view history and look under My computer I will usually see at least 2 different variations.
I have updated and run Norton AV, Ad-aware, Spybot, PrevX, and Combofix. Nothing seems to find the problem.
I have attached a HijackThis log. If anyone can give me a bit of assistance I would greatly appreciate it.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:07:21 PM, on 8/7/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\SYSTEM32\DRIVERS\ETC\CPUIDLE\srvany.exe
C:\WINDOWS\SYSTEM32\DRIVERS\ETC\CPUIDLE\cpuidle.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AOpen\Mouse\Amoumain.exe
C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\AWS\WeatherBug\Weather.exe
C:\WINDOWS\System32\ctfmon.exe
C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.garfield....ics_todays.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.5.1:3128
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Malicious Scripts Scanner - {55EA1964-F5E4-4D6A-B9B2-125B37655FCB} - C:\Documents and Settings\All Users\Application Data\Prevx\pxbho.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ReadFile Class - {9E4F45DB-2EC3-4b09-91F9-31C702B3285D} - C:\WINDOWS\System32\tgs.dll (file missing)
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WheelMouse] C:\PROGRA~1\AOpen\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Enterprise
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [AprvRemoveLegacyExcelKeys] "C:\Program Files\ApproveIt\Support\Tools\AprvClean.exe" -k HKCU SOFTWARE\Microsoft\Office\Excel\Addins\OfficeAddIn.OfficeAddIn
O4 - HKLM\..\Run: [AprvRemoveLegacyWordKeys] "C:\Program Files\ApproveIt\Support\Tools\AprvClean.exe" -k HKCU SOFTWARE\Microsoft\Office\Word\Addins\OfficeAddIn.OfficeAddIn
O4 - HKLM\..\Run: [masqform.exe] C:\Program Files\PureEdge\Viewer 6.5\masqform.exe -RunOnce
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [PrevxOne] "C:\Program Files\Prevx2\PXConsole.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\RunOnce: [ypagerps1] cmd.exe /C del "C:\Program Files\Yahoo!\Messenger\ypagerps1.DLL"
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\PROGRA~1\AWS\WEATHE~1\Weather.exe (HKCU)
O12 - Plugin for .tif: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin5.dll
O15 - Trusted Zone: www.us.army.mil
O16 - DPF: ActiveGS.cab - http://www.virtualap...om/activegs.cab
O16 - DPF: TAWClients - http://telwebpa2.int.../TAWClients.cab
O16 - DPF: Yahoo! Pool 2 - http://download.game...ts/y/pote_x.cab
O16 - DPF: {01111F00-3E00-11D2-8470-0060089874ED} - http://supportsoft.adelphia.net/sdccommon/...ad/tgctlins.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky...can_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www.costcopho...stcoActivia.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1094717199031
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1161989967430
O16 - DPF: {88D758A3-D33B-45FD-91E3-67749B4057FA} - http://dm.screensave.../sinstaller.cab
O16 - DPF: {90051A81-3018-4826-8B38-DD60B6B53F9C} (Snapfish File Upload ActiveX Control) - http://www.costcopho...ostcoUpload.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://www.digitalsurveillancecenter.com/a...sCamControl.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yahoo.com/...utocomplete.cab
O16 - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} - http://download.abac...abasetup160.cab
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} (Yahoo! Toolbar) - http://us.dl1.yimg.com/download.yahoo.com/...ebio5_0_2_1.cab
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: cpuidle - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\CPUIDLE\srvany.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Prevx Agent (PREVXAgent) - Prevx - C:\Program Files\Prevx2\PXAgent.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
2
getting sts*.tmp files showing up and getting runtime errors
Started by tadrith27, Aug 07 2007 07:11 PM
17 replies to this topic
#2 OFFLINE
-
- Spyware Moderators
-
- 1,821 posts
Power Member
- Gender:Male
- Location:Manchester. UK
- Interests:Music, Movies, Website Building & Design, Malware Testing/Research and spending time with friends & family.
Posted 08 August 2007 - 06:24 PM
Hi tadrith27, Welcome to the forum,
Please start with a online scan and post back the logs as there's traces of an information stealing trojan and possibly also a backdoor trojan showing in the log
Run Kaspersky WebScanner
Run SFP.exe.
Please copy the following lines into the Step 1: Paste Text window:
C:\WINDOWS\SYSTEM32\DRIVERS\ETC\CPUIDLE\*
C:\WINDOWS\System32\tgs.dll
then click "Continue".
This will create a .cab file on your desktop named requested-files[Date/Time].cab
Please then visit the below link
http://www.bleepingcomputer.com/submit-mal....php?channel=27
In the Link to topic where this file was requested: area just type Ccleaners , Click Browse and then locate the requested-files.cab archive on your desktop and click Send File
Please then post back the Kaspersky report and a new HijackThis log
Thanks
Andy
Please start with a online scan and post back the logs as there's traces of an information stealing trojan and possibly also a backdoor trojan showing in the log
Run Kaspersky WebScanner
- Please go HERE and click Kaspersky Online Scanner
- Read and Accept the Agreement
- You will be promted to install an ActiveX component from Kaspersky, Click Yes.
- If you see a Windows [dialog asking if you want to install this software, click the Install button.
- The program will launch and then begin downloading the latest definition files,
- When the "Update progress" line changes to "Ready" and the "NEXT ->" button becomes available, please click on it.
- Click on the Scan Settings button, and in the next window select the Extended database, and click Ok.
- Under "Please select a target to scan:", click My Computer to start the scan.
- When the scan is finished, click the "Save as Text" button, and save the file as kavscan.txt to your Desktop, close the Kaspersky On-line Scanner window.
Run SFP.exe.
Please copy the following lines into the Step 1: Paste Text window:
C:\WINDOWS\SYSTEM32\DRIVERS\ETC\CPUIDLE\*
C:\WINDOWS\System32\tgs.dll
then click "Continue".
This will create a .cab file on your desktop named requested-files[Date/Time].cab
Please then visit the below link
http://www.bleepingcomputer.com/submit-mal....php?channel=27
In the Link to topic where this file was requested: area just type Ccleaners , Click Browse and then locate the requested-files.cab archive on your desktop and click Send File
Please then post back the Kaspersky report and a new HijackThis log
Thanks
Andy
#3 OFFLINE
-
- Members
-
- 13 posts
Member
Posted 09 August 2007 - 01:32 AM
I ran Kapersky and it found quite a bit. Below is the new Hijackthis log and the Kapersky results. I also sent the sfp cab that you asked for.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:32:06 PM, on 8/8/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\SYSTEM32\DRIVERS\ETC\CPUIDLE\srvany.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\SYSTEM32\DRIVERS\ETC\CPUIDLE\cpuidle.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AOpen\Mouse\Amoumain.exe
C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\System32\ctfmon.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.garfield.com/comics/comics_todays.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.5.1:3128
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Malicious Scripts Scanner - {55EA1964-F5E4-4D6A-B9B2-125B37655FCB} - C:\Documents and Settings\All Users\Application Data\Prevx\pxbho.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ReadFile Class - {9E4F45DB-2EC3-4b09-91F9-31C702B3285D} - C:\WINDOWS\System32\tgs.dll (file missing)
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WheelMouse] C:\PROGRA~1\AOpen\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Enterprise
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [AprvRemoveLegacyExcelKeys] "C:\Program Files\ApproveIt\Support\Tools\AprvClean.exe" -k HKCU SOFTWARE\Microsoft\Office\Excel\Addins\OfficeAddIn.OfficeAddIn
O4 - HKLM\..\Run: [AprvRemoveLegacyWordKeys] "C:\Program Files\ApproveIt\Support\Tools\AprvClean.exe" -k HKCU SOFTWARE\Microsoft\Office\Word\Addins\OfficeAddIn.OfficeAddIn
O4 - HKLM\..\Run: [masqform.exe] C:\Program Files\PureEdge\Viewer 6.5\masqform.exe -RunOnce
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [PrevxOne] "C:\Program Files\Prevx2\PXConsole.exe"
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\PROGRA~1\AWS\WEATHE~1\Weather.exe (HKCU)
O12 - Plugin for .tif: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin5.dll
O15 - Trusted Zone: www.us.army.mil
O16 - DPF: ActiveGS.cab - http://www.virtualapple.com/activegs.cab
O16 - DPF: TAWClients - http://telwebpa2.intellimark-it.com/TAW/TAWClients.cab
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/pote_x.cab
O16 - DPF: {01111F00-3E00-11D2-8470-0060089874ED} - http://supportsoft.adelphia.net/sdccommon/...ad/tgctlins.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www.costcophotocenter.com/CostcoActivia.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1094717199031
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1161989967430
O16 - DPF: {88D758A3-D33B-45FD-91E3-67749B4057FA} - http://dm.screensavers.com/dm/installers/si/1/sinstaller.cab
O16 - DPF: {90051A81-3018-4826-8B38-DD60B6B53F9C} (Snapfish File Upload ActiveX Control) - http://www.costcophotocenter.com/CostcoUpload.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://www.digitalsurveillancecenter.com/a...sCamControl.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yahoo.com/...utocomplete.cab
O16 - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} - http://download.abacast.com/download/files/abasetup160.cab
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - http://us.dl1.yimg.com/download.yahoo.com/...ebio5_0_2_1.cab
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: cpuidle - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\CPUIDLE\srvany.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Prevx Agent (PREVXAgent) - Prevx - C:\Program Files\Prevx2\PXAgent.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
--
End of file - 11507 bytes
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Wednesday, August 08, 2007 9:26:58 PM
Operating System: Microsoft Windows XP Professional, Service Pack 1 (Build 2600)
Kaspersky Online Scanner version: 5.0.93.0
Kaspersky Anti-Virus database last update: 8/08/2007
Kaspersky Anti-Virus database records: 377249
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer:
A:\
C:\
D:\
E:\
Scan Statistics:
Total number of scanned objects: 74049
Number of viruses found: 10
Number of infected objects: 27
Number of suspicious objects: 0
Duration of the scan process: 04:16:14
Infected Object Name / Virus Name / Last Action
C:\90ea1\1394bus.sys Object is locked skipped
C:\90ea1\61883.sys Object is locked skipped
C:\90ea1\6to4svc.dll Object is locked skipped
C:\90ea1\ac97ali.sys Object is locked skipped
C:\90ea1\ac97via.sys Object is locked skipped
C:\90ea1\acgenral.dll Object is locked skipped
C:\90ea1\aclayers.dll Object is locked skipped
C:\90ea1\aclua.dll Object is locked skipped
C:\90ea1\acpi.sys Object is locked skipped
C:\90ea1\acspecfc.dll Object is locked skipped
C:\90ea1\activ.htm Object is locked skipped
C:\90ea1\activsvc.htm Object is locked skipped
C:\90ea1\actlan.htm Object is locked skipped
C:\90ea1\actshell.htm Object is locked skipped
C:\90ea1\acverfyr.dll Object is locked skipped
C:\90ea1\acxtrnal.dll Object is locked skipped
C:\90ea1\adeskerr.htm Object is locked skipped
C:\90ea1\admin.dll Object is locked skipped
C:\90ea1\admin.exe Object is locked skipped
C:\90ea1\admjoy.sys Object is locked skipped
C:\90ea1\adsldp.dll Object is locked skipped
C:\90ea1\adsldpc.dll Object is locked skipped
C:\90ea1\adsmsext.dll Object is locked skipped
C:\90ea1\adsnt.dll Object is locked skipped
C:\90ea1\advapi32.dll Object is locked skipped
C:\90ea1\advpack.dll Object is locked skipped
C:\90ea1\aec.sys Object is locked skipped
C:\90ea1\afd.sys Object is locked skipped
C:\90ea1\ahui.exe Object is locked skipped
C:\90ea1\alg.exe Object is locked skipped
C:\90ea1\amdk6.sys Object is locked skipped
C:\90ea1\amdk7.sys Object is locked skipped
C:\90ea1\an983.sys Object is locked skipped
C:\90ea1\apphelp.dll Object is locked skipped
C:\90ea1\apphelp.sdb Object is locked skipped
C:\90ea1\apps.chm Object is locked skipped
C:\90ea1\appwiz.cpl Object is locked skipped
C:\90ea1\arial.ttf Object is locked skipped
C:\90ea1\arp1394.sys Object is locked skipped
C:\90ea1\asctrls.ocx Object is locked skipped
C:\90ea1\asferror.dll Object is locked skipped
C:\90ea1\asfsipc.dll Object is locked skipped
C:\90ea1\asms\10100\msft\windows\gdiplus\gdiplus.cat Object is locked skipped
C:\90ea1\asms\10100\msft\windows\gdiplus\gdiplus.dll Object is locked skipped
C:\90ea1\asms\10100\msft\windows\gdiplus\gdiplus.man Object is locked skipped
C:\90ea1\asms\10100\policy\msft\windows\gdiplus\gdiplus.cat Object is locked skipped
C:\90ea1\asms\10100\policy\msft\windows\gdiplus\gdiplus.man Object is locked skipped
C:\90ea1\asms\60100\msft\windows\common\controls\comctl32.dll Object is locked skipped
C:\90ea1\asms\60100\msft\windows\common\controls\controls.cat Object is locked skipped
C:\90ea1\asms\60100\msft\windows\common\controls\controls.man Object is locked skipped
C:\90ea1\asms\60100\policy\60100\comctl\comctl.cat Object is locked skipped
C:\90ea1\asms\60100\policy\60100\comctl\comctl.man Object is locked skipped
C:\90ea1\asms\70100\msft\windows\mswincrt\msvcirt.dll Object is locked skipped
C:\90ea1\asms\70100\msft\windows\mswincrt\msvcrt.dll Object is locked skipped
C:\90ea1\asms\70100\msft\windows\mswincrt\mswincrt.cat Object is locked skipped
C:\90ea1\asms\70100\msft\windows\mswincrt\mswincrt.man Object is locked skipped
C:\90ea1\asms\70100\policy\msft\mswincrt\mswincrt.cat Object is locked skipped
C:\90ea1\asms\70100\policy\msft\mswincrt\mswincrt.man Object is locked skipped
C:\90ea1\at.exe Object is locked skipped
C:\90ea1\atapi.sys Object is locked skipped
C:\90ea1\ati2dvaa.dll Object is locked skipped
C:\90ea1\ati2dvag.dll Object is locked skipped
C:\90ea1\ati2mtaa.sys Object is locked skipped
C:\90ea1\ati2mtag.sys Object is locked skipped
C:\90ea1\ati3d1ag.dll Object is locked skipped
C:\90ea1\ati3d2ag.dll Object is locked skipped
C:\90ea1\atinbtxx.sys Object is locked skipped
C:\90ea1\atinmdxx.sys Object is locked skipped
C:\90ea1\atinpdxx.sys Object is locked skipped
C:\90ea1\atinraxx.sys Object is locked skipped
C:\90ea1\atinrvxx.sys Object is locked skipped
C:\90ea1\atinsnxx.sys Object is locked skipped
C:\90ea1\atinttxx.sys Object is locked skipped
C:\90ea1\atintuxx.sys Object is locked skipped
C:\90ea1\atinxbxx.sys Object is locked skipped
C:\90ea1\atinxsxx.sys Object is locked skipped
C:\90ea1\atiradn1.inf Object is locked skipped
C:\90ea1\ativdaxx.ax Object is locked skipped
C:\90ea1\ativmvxx.ax Object is locked skipped
C:\90ea1\atl.dll Object is locked skipped
C:\90ea1\atmlane.sys Object is locked skipped
C:\90ea1\audiosrv.dll Object is locked skipped
C:\90ea1\author.dll Object is locked skipped
C:\90ea1\author.exe Object is locked skipped
C:\90ea1\autochk.exe Object is locked skipped
C:\90ea1\autolfn.exe Object is locked skipped
C:\90ea1\auupdate.exe Object is locked skipped
C:\90ea1\avc.sys Object is locked skipped
C:\90ea1\avifil32.dll Object is locked skipped
C:\90ea1\basesrv.dll Object is locked skipped
C:\90ea1\batt.dll Object is locked skipped
C:\90ea1\bridge.sys Object is locked skipped
C:\90ea1\browselc.dll Object is locked skipped
C:\90ea1\browser.dll Object is locked skipped
C:\90ea1\browseui.dll Object is locked skipped
C:\90ea1\browsewm.dll Object is locked skipped
C:\90ea1\cabinet.dll Object is locked skipped
C:\90ea1\callcont.dll Object is locked skipped
C:\90ea1\catsrvut.dll Object is locked skipped
C:\90ea1\ccdecode.sys Object is locked skipped
C:\90ea1\cdfs.sys Object is locked skipped
C:\90ea1\cdm.dll Object is locked skipped
C:\90ea1\cdrom.sys Object is locked skipped
C:\90ea1\certcli.dll Object is locked skipped
C:\90ea1\cewmdm.dll Object is locked skipped
C:\90ea1\cfgbkend.dll Object is locked skipped
C:\90ea1\cfgwiz.exe Object is locked skipped
C:\90ea1\cimwin32.dll Object is locked skipped
C:\90ea1\ciodm.dll Object is locked skipped
C:\90ea1\classpnp.sys Object is locked skipped
C:\90ea1\clipbrd.exe Object is locked skipped
C:\90ea1\clusapi.dll Object is locked skipped
C:\90ea1\cmbatt.sys Object is locked skipped
C:\90ea1\cmdial32.dll Object is locked skipped
C:\90ea1\cmdl32.exe Object is locked skipped
C:\90ea1\comadmin.dll Object is locked skipped
C:\90ea1\comctl32.dll Object is locked skipped
C:\90ea1\comdlg32.dll Object is locked skipped
C:\90ea1\compatui.dll Object is locked skipped
C:\90ea1\comsvcs.dll Object is locked skipped
C:\90ea1\conf.exe Object is locked skipped
C:\90ea1\conime.exe Object is locked skipped
C:\90ea1\copymar.exe Object is locked skipped
C:\90ea1\courtney.acs Object is locked skipped
C:\90ea1\credui.dll Object is locked skipped
C:\90ea1\crusoe.sys Object is locked skipped
C:\90ea1\crypt32.dll Object is locked skipped
C:\90ea1\cryptdlg.dll Object is locked skipped
C:\90ea1\cryptsvc.dll Object is locked skipped
C:\90ea1\cryptui.dll Object is locked skipped
C:\90ea1\cscui.dll Object is locked skipped
C:\90ea1\csrsrv.dll Object is locked skipped
C:\90ea1\ctfmon.exe Object is locked skipped
C:\90ea1\custdial.dll Object is locked skipped
C:\90ea1\d3d8.dll Object is locked skipped
C:\90ea1\danim.dll Object is locked skipped
C:\90ea1\dbghelp.dll Object is locked skipped
C:\90ea1\dbmsadsn.dll Object is locked skipped
C:\90ea1\dbmsrpcn.dll Object is locked skipped
C:\90ea1\dbmsvinn.dll Object is locked skipped
C:\90ea1\dbnetlib.dll Object is locked skipped
C:\90ea1\dbnmpntw.dll Object is locked skipped
C:\90ea1\dcache.bin Object is locked skipped
C:\90ea1\dcap32.dll Object is locked skipped
C:\90ea1\ddraw.dll Object is locked skipped
C:\90ea1\defrag.exe Object is locked skipped
C:\90ea1\desk.cpl Object is locked skipped
C:\90ea1\devmgr.dll Object is locked skipped
C:\90ea1\dfrgfat.exe Object is locked skipped
C:\90ea1\dfrgntfs.exe Object is locked skipped
C:\90ea1\dfrgsnap.dll Object is locked skipped
C:\90ea1\dfrgui.dll Object is locked skipped
C:\90ea1\dfsshlex.dll Object is locked skipped
C:\90ea1\dgnet.dll Object is locked skipped
C:\90ea1\dhcpcsvc.dll Object is locked skipped
C:\90ea1\dhtmled.ocx Object is locked skipped
C:\90ea1\digest.dll Object is locked skipped
C:\90ea1\dinput.dll Object is locked skipped
C:\90ea1\dinput8.dll Object is locked skipped
C:\90ea1\disk.sys Object is locked skipped
C:\90ea1\diskdump.sys Object is locked skipped
C:\90ea1\dlimport.exe Object is locked skipped
C:\90ea1\dmband.dll Object is locked skipped
C:\90ea1\dmcompos.dll Object is locked skipped
C:\90ea1\dmime.dll Object is locked skipped
C:\90ea1\dmloader.dll Object is locked skipped
C:\90ea1\dmscript.dll Object is locked skipped
C:\90ea1\dmstyle.dll Object is locked skipped
C:\90ea1\dmusic.dll Object is locked skipped
C:\90ea1\dnsapi.dll Object is locked skipped
C:\90ea1\docprop2.dll Object is locked skipped
C:\90ea1\dpnet.dll Object is locked skipped
C:\90ea1\dpnhpast.dll Object is locked skipped
C:\90ea1\dpnhupnp.dll Object is locked skipped
C:\90ea1\dpvoice.dll Object is locked skipped
C:\90ea1\dpvsetup.exe Object is locked skipped
C:\90ea1\dpwsockx.dll Object is locked skipped
C:\90ea1\drmclien.dll Object is locked skipped
C:\90ea1\drmk.sys Object is locked skipped
C:\90ea1\drmkaud.sys Object is locked skipped
C:\90ea1\drmstor.dll Object is locked skipped
C:\90ea1\drmv2clt.dll Object is locked skipped
C:\90ea1\drvmain.sdb Object is locked skipped
C:\90ea1\ds32gt.dll Object is locked skipped
C:\90ea1\dshowext.ax Object is locked skipped
C:\90ea1\dsprop.dll Object is locked skipped
C:\90ea1\dsquery.dll Object is locked skipped
C:\90ea1\dssenh.dll Object is locked skipped
C:\90ea1\dumprep.exe Object is locked skipped
C:\90ea1\duser.dll Object is locked skipped
C:\90ea1\dw.exe Object is locked skipped
C:\90ea1\dwwin.exe Object is locked skipped
C:\90ea1\dxdiag.exe Object is locked skipped
C:\90ea1\dxg.sys Object is locked skipped
C:\90ea1\dxmasf.dll Object is locked skipped
C:\90ea1\dxmrtp.dll Object is locked skipped
C:\90ea1\dxtmsft.dll Object is locked skipped
C:\90ea1\dxtrans.dll Object is locked skipped
C:\90ea1\earl.acs Object is locked skipped
C:\90ea1\els.dll Object is locked skipped
C:\90ea1\ersvc.dll Object is locked skipped
C:\90ea1\es.dll Object is locked skipped
C:\90ea1\esscli.dll Object is locked skipped
C:\90ea1\essm2e.sys Object is locked skipped
C:\90ea1\eudcedit.exe Object is locked skipped
C:\90ea1\eventlog.dll Object is locked skipped
C:\90ea1\evntrprv.dll Object is locked skipped
C:\90ea1\explorer.exe Object is locked skipped
C:\90ea1\expsrv.dll Object is locked skipped
C:\90ea1\fastfat.sys Object is locked skipped
C:\90ea1\fastprox.dll Object is locked skipped
C:\90ea1\faultrep.dll Object is locked skipped
C:\90ea1\filelist.xml Object is locked skipped
C:\90ea1\fldrclnr.dll Object is locked skipped
C:\90ea1\flpydisk.sys Object is locked skipped
C:\90ea1\fontview.exe Object is locked skipped
C:\90ea1\fp4.cat Object is locked skipped
C:\90ea1\fp40ext.cab Object is locked skipped
C:\90ea1\fp40ext.dll Object is locked skipped
C:\90ea1\fp40ext.inf Object is locked skipped
C:\90ea1\fp4amsft.dll Object is locked skipped
C:\90ea1\fp4anscp.dll Object is locked skipped
C:\90ea1\fp4apws.dll Object is locked skipped
C:\90ea1\fp4areg.dll Object is locked skipped
C:\90ea1\fp4atxt.dll Object is locked skipped
C:\90ea1\fp4autl.dll Object is locked skipped
C:\90ea1\fp4avnb.dll Object is locked skipped
C:\90ea1\fp4avss.dll Object is locked skipped
C:\90ea1\fp4awebs.dll Object is locked skipped
C:\90ea1\fp4awel.dll Object is locked skipped
C:\90ea1\fp98sadm.exe Object is locked skipped
C:\90ea1\fp98swin.exe Object is locked skipped
C:\90ea1\fpadmcgi.exe Object is locked skipped
C:\90ea1\fpadmdll.dll Object is locked skipped
C:\90ea1\fpcount.exe Object is locked skipped
C:\90ea1\fpencode.dll Object is locked skipped
C:\90ea1\fpexedll.dll Object is locked skipped
C:\90ea1\fpmmc.dll Object is locked skipped
C:\90ea1\fpmmcsat.dll Object is locked skipped
C:\90ea1\fpremadm.exe Object is locked skipped
C:\90ea1\fpsrvadm.exe Object is locked skipped
C:\90ea1\framebuf.dll Object is locked skipped
C:\90ea1\ftp.exe Object is locked skipped
C:\90ea1\fxsapi.dll Object is locked skipped
C:\90ea1\fxsclnt.exe Object is locked skipped
C:\90ea1\fxscomex.dll Object is locked skipped
C:\90ea1\fxscover.exe Object is locked skipped
C:\90ea1\fxsdrv.dll Object is locked skipped
C:\90ea1\fxsext32.dll Object is locked skipped
C:\90ea1\fxsocm.dll Object is locked skipped
C:\90ea1\fxsocm.inf Object is locked skipped
C:\90ea1\fxsperf.dll Object is locked skipped
C:\90ea1\fxsres.dll Object is locked skipped
C:\90ea1\fxsst.dll Object is locked skipped
C:\90ea1\fxssvc.exe Object is locked skipped
C:\90ea1\fxst30.dll Object is locked skipped
C:\90ea1\fxstiff.dll Object is locked skipped
C:\90ea1\fxsui.dll Object is locked skipped
C:\90ea1\fxswzrd.dll Object is locked skipped
C:\90ea1\fxsxp32.dll Object is locked skipped
C:\90ea1\g400.inf Object is locked skipped
C:\90ea1\gameenum.sys Object is locked skipped
C:\90ea1\gckernel.sys Object is locked skipped
C:\90ea1\gdi32.dll Object is locked skipped
C:\90ea1\georgia.ttf Object is locked skipped
C:\90ea1\guitrn.dll Object is locked skipped
C:\90ea1\guitrn_a.dll Object is locked skipped
C:\90ea1\h323cc.dll Object is locked skipped
C:\90ea1\hal.dll Object is locked skipped
C:\90ea1\halaacpi.dll Object is locked skipped
C:\90ea1\halacpi.dll Object is locked skipped
C:\90ea1\halapic.dll Object is locked skipped
C:\90ea1\halmacpi.dll Object is locked skipped
C:\90ea1\halmps.dll Object is locked skipped
C:\90ea1\hccoin.dll Object is locked skipped
C:\90ea1\helpctr.exe Object is locked skipped
C:\90ea1\helpsvc.exe Object is locked skipped
C:\90ea1\hh.exe Object is locked skipped
C:\90ea1\hhctrl.ocx Object is locked skipped
C:\90ea1\hhsetup.dll Object is locked skipped
C:\90ea1\hidclass.sys Object is locked skipped
C:\90ea1\hidir.sys Object is locked skipped
C:\90ea1\hidserv.dll Object is locked skipped
C:\90ea1\highcont.mar Object is locked skipped
C:\90ea1\hmmapi.dll Object is locked skipped
C:\90ea1\hnetcfg.dll Object is locked skipped
C:\90ea1\homepage.inf Object is locked skipped
C:\90ea1\i8042prt.sys Object is locked skipped
C:\90ea1\ic\acpi.inf Object is locked skipped
C:\90ea1\ic\au.inf Object is locked skipped
C:\90ea1\ic\battery.inf Object is locked skipped
C:\90ea1\ic\bda.inf Object is locked skipped
C:\90ea1\ic\cdrom.inf Object is locked skipped
C:\90ea1\ic\cpu.inf Object is locked skipped
C:\90ea1\ic\disk.inf Object is locked skipped
C:\90ea1\ic\dpcdll.dll Object is locked skipped
C:\90ea1\ic\dpup.inf Object is locked skipped
C:\90ea1\ic\drvindex.inf Object is locked skipped
C:\90ea1\ic\hiddigi.inf Object is locked skipped
C:\90ea1\ic\hidserv.inf Object is locked skipped
C:\90ea1\ic\ie.inf Object is locked skipped
C:\90ea1\ic\ieaccess.inf Object is locked skipped
C:\90ea1\ic\iis.inf Object is locked skipped
C:\90ea1\ic\ims.inf Object is locked skipped
C:\90ea1\ic\input.inf Object is locked skipped
C:\90ea1\ic\intl.inf Object is locked skipped
C:\90ea1\ic\keyboard.inf Object is locked skipped
C:\90ea1\ic\kscaptur.inf Object is locked skipped
C:\90ea1\ic\layout.inf Object is locked skipped
C:\90ea1\ic\miscp.chm Object is locked skipped
C:\90ea1\ic\mshdc.inf Object is locked skipped
C:\90ea1\ic\msoe50.inf Object is locked skipped
C:\90ea1\ic\netip6.inf Object is locked skipped
C:\90ea1\ic\netoc.inf Object is locked skipped
C:\90ea1\ic\netrass.inf Object is locked skipped
C:\90ea1\ic\nt5inf.cat Object is locked skipped
C:\90ea1\ic\ntprint.inf Object is locked skipped
C:\90ea1\ic\pchealth.inf Object is locked skipped
C:\90ea1\ic\pidgen.dll Object is locked skipped
C:\90ea1\ic\pnpscsi.inf Object is locked skipped
C:\90ea1\ic\scsi.inf Object is locked skipped
C:\90ea1\ic\swflash.inf Object is locked skipped
C:\90ea1\ic\sysoc.inf Object is locked skipped
C:\90ea1\ic\syssetup.inf Object is locked skipped
C:\90ea1\ic\tape.inf Object is locked skipped
C:\90ea1\ic\tsoc.inf Object is locked skipped
C:\90ea1\ic\usbport.inf Object is locked skipped
C:\90ea1\ic\whatnewp.chm Object is locked skipped
C:\90ea1\icaapi.dll Object is locked skipped
C:\90ea1\icm32.dll Object is locked skipped
C:\90ea1\icsmgr.js Object is locked skipped
C:\90ea1\icwconn1.exe Object is locked skipped
C:\90ea1\idq.dll Object is locked skipped
C:\90ea1\ie4uinit.exe Object is locked skipped
C:\90ea1\ieakeng.dll Object is locked skipped
C:\90ea1\ieaksie.dll Object is locked skipped
C:\90ea1\iedkcs32.dll Object is locked skipped
C:\90ea1\iepeers.dll Object is locked skipped
C:\90ea1\iesetup.dll Object is locked skipped
C:\90ea1\ieuinit.inf Object is locked skipped
C:\90ea1\iexplore.exe Object is locked skipped
C:\90ea1\iis.dll Object is locked skipped
C:\90ea1\ils.dll Object is locked skipped
C:\90ea1\imaadp32.acm Object is locked skipped
C:\90ea1\imagehlp.dll Object is locked skipped
C:\90ea1\imapi.exe Object is locked skipped
C:\90ea1\imapi.sys Object is locked skipped
C:\90ea1\imeshare.dll Object is locked skipped
C:\90ea1\imgutil.dll Object is locked skipped
C:\90ea1\imm32.dll Object is locked skipped
C:\90ea1\inetcomm.dll Object is locked skipped
C:\90ea1\inetcpl.cpl Object is locked skipped
C:\90ea1\input.dll Object is locked skipped
C:\90ea1\inseng.dll Object is locked skipped
C:\90ea1\instcat.sql Object is locked skipped
C:\90ea1\intelide.sys Object is locked skipped
C:\90ea1\intl.cpl Object is locked skipped
C:\90ea1\ipconfig.exe Object is locked skipped
C:\90ea1\iphlpapi.dll Object is locked skipped
C:\90ea1\ipnat.sys Object is locked skipped
C:\90ea1\ipnathlp.dll Object is locked skipped
C:\90ea1\ippromon.dll Object is locked skipped
C:\90ea1\ipp_0001.asp Object is locked skipped
C:\90ea1\ipp_0002.asp Object is locked skipped
C:\90ea1\ipp_0004.asp Object is locked skipped
C:\90ea1\ipp_0006.asp Object is locked skipped
C:\90ea1\ipp_0013.asp Object is locked skipped
C:\90ea1\ipp_0014.asp Object is locked skipped
C:\90ea1\ipp_util.inc Object is locked skipped
C:\90ea1\ipsec.sys Object is locked skipped
C:\90ea1\ipsecsvc.dll Object is locked skipped
C:\90ea1\ipv6.exe Object is locked skipped
C:\90ea1\ipv6mon.dll Object is locked skipped
C:\90ea1\irbus.sys Object is locked skipped
C:\90ea1\irmon.dll Object is locked skipped
C:\90ea1\itircl.dll Object is locked skipped
C:\90ea1\itss.dll Object is locked skipped
C:\90ea1\iuctl.dll Object is locked skipped
C:\90ea1\iuengine.dll Object is locked skipped
C:\90ea1\ixsso.dll Object is locked skipped
C:\90ea1\joy.cpl Object is locked skipped
C:\90ea1\kbdclass.sys Object is locked skipped
C:\90ea1\kd1394.dll Object is locked skipped
C:\90ea1\kerberos.dll Object is locked skipped
C:\90ea1\kernel32.dll Object is locked skipped
C:\90ea1\keyboard.sys Object is locked skipped
C:\90ea1\kmixer.sys Object is locked skipped
C:\90ea1\ks.sys Object is locked skipped
C:\90ea1\ksxbar.ax Object is locked skipped
C:\90ea1\l3codeca.acm Object is locked skipped
C:\90ea1\lang\chajei.ime Object is locked skipped
C:\90ea1\lang\chtmbx.dll Object is locked skipped
C:\90ea1\lang\chtskdic.dll Object is locked skipped
C:\90ea1\lang\chtskf.dll Object is locked skipped
C:\90ea1\lang\cintime.dll Object is locked skipped
C:\90ea1\lang\cintlgnt.ime Object is locked skipped
C:\90ea1\lang\cintsetp.exe Object is locked skipped
C:\90ea1\lang\cplexe.exe Object is locked skipped
C:\90ea1\lang\dayi.ime Object is locked skipped
C:\90ea1\lang\imekr61.ime Object is locked skipped
C:\90ea1\lang\imekrcic.dll Object is locked skipped
C:\90ea1\lang\imjp81.ime Object is locked skipped
C:\90ea1\lang\imjp81k.dll Object is locked skipped
C:\90ea1\lang\imjpcd.dic Object is locked skipped
C:\90ea1\lang\imjpcic.dll Object is locked skipped
C:\90ea1\lang\imjpcus.dll Object is locked skipped
C:\90ea1\lang\imjpdct.dll Object is locked skipped
C:\90ea1\lang\imjpdct.exe Object is locked skipped
C:\90ea1\lang\imjpdsvr.exe Object is locked skipped
C:\90ea1\lang\imjpinst.exe Object is locked skipped
C:\90ea1\lang\imjpinst.ini Object is locked skipped
C:\90ea1\lang\imjpmig.exe Object is locked skipped
C:\90ea1\lang\imjprw.exe Object is locked skipped
C:\90ea1\lang\imjputy.exe Object is locked skipped
C:\90ea1\lang\imjputyc.dll Object is locked skipped
C:\90ea1\lang\imlang.dll Object is locked skipped
C:\90ea1\lang\imscinst.exe Object is locked skipped
C:\90ea1\lang\miniime.tpl Object is locked skipped
C:\90ea1\lang\padrs404.dll Object is locked skipped
C:\90ea1\lang\padrs804.dll Object is locked skipped
C:\90ea1\lang\phon.ime Object is locked skipped
C:\90ea1\lang\pintlcsa.dll Object is locked skipped
C:\90ea1\lang\pintlcsd.dic Object is locked skipped
C:\90ea1\lang\pintlcsd.dll Object is locked skipped
C:\90ea1\lang\pintlcsk.dic Object is locked skipped
C:\90ea1\lang\pintlgc.imd Object is locked skipped
C:\90ea1\lang\pintlgd.imd Object is locked skipped
C:\90ea1\lang\pintlgdx.imd Object is locked skipped
C:\90ea1\lang\pintlgi.imd Object is locked skipped
C:\90ea1\lang\pintlgix.imd Object is locked skipped
C:\90ea1\lang\pintlgl.imd Object is locked skipped
C:\90ea1\lang\pintlgne.chm Object is locked skipped
C:\90ea1\lang\pintlgnt.chm Object is locked skipped
C:\90ea1\lang\pintlgnt.ime Object is locked skipped
C:\90ea1\lang\pintlgr.imd Object is locked skipped
C:\90ea1\lang\pintlgs.imd Object is locked skipped
C:\90ea1\lang\pintlphr.exe Object is locked skipped
C:\90ea1\lang\pmigrate.dll Object is locked skipped
C:\90ea1\lang\quick.ime Object is locked skipped
C:\90ea1\lang\romanime.ime Object is locked skipped
C:\90ea1\lang\tintlgnt.ime Object is locked skipped
C:\90ea1\lang\tintlphr.exe Object is locked skipped
C:\90ea1\lang\tintsetp.exe Object is locked skipped
C:\90ea1\lang\tmigrate.dll Object is locked skipped
C:\90ea1\lang\unicdime.ime Object is locked skipped
C:\90ea1\lang\uniime.dll Object is locked skipped
C:\90ea1\lang\voicepad.dll Object is locked skipped
C:\90ea1\lang\voicesub.dll Object is locked skipped
C:\90ea1\lang\winar30.ime Object is locked skipped
C:\90ea1\lang\winime.ime Object is locked skipped
C:\90ea1\laprxy.dll Object is locked skipped
C:\90ea1\lcladvd.xml Object is locked skipped
C:\90ea1\lcldocs.xml Object is locked skipped
C:\90ea1\licdll.dll Object is locked skipped
C:\90ea1\license.chm Object is locked skipped
C:\90ea1\licmgr10.dll Object is locked skipped
C:\90ea1\licwmi.dll Object is locked skipped
C:\90ea1\licwmi.mfl Object is locked skipped
C:\90ea1\licwmi.mof Object is locked skipped
C:\90ea1\lmrt.dll Object is locked skipped
C:\90ea1\locale.nls Object is locked skipped
C:\90ea1\localspl.dll Object is locked skipped
C:\90ea1\localui.dll Object is locked skipped
C:\90ea1\log.dll Object is locked skipped
C:\90ea1\logagent.exe Object is locked skipped
C:\90ea1\logon.scr Object is locked skipped
C:\90ea1\logonmgr.dll Object is locked skipped
C:\90ea1\logonui.exe Object is locked skipped
C:\90ea1\lsasrv.dll Object is locked skipped
C:\90ea1\lsass.exe Object is locked skipped
C:\90ea1\ltmdmnt.sys Object is locked skipped
C:\90ea1\ltmdmntt.sys Object is locked skipped
C:\90ea1\ltotape.sys Object is locked skipped
C:\90ea1\lvback.gif Object is locked skipped
C:\90ea1\lwadihid.sys Object is locked skipped
C:\90ea1\mail.mar Object is locked skipped
C:\90ea1\mailtmpl.txt Object is locked skipped
C:\90ea1\manifest.xml Object is locked skipped
C:\90ea1\market.mar Object is locked skipped
C:\90ea1\mdmetech.inf Object is locked skipped
C:\90ea1\mdmlt3.inf Object is locked skipped
C:\90ea1\mdmrpci.inf Object is locked skipped
C:\90ea1\mdmsuprv.inf Object is locked skipped
C:\90ea1\memstpci.sys Object is locked skipped
C:\90ea1\migapp.inf Object is locked skipped
C:\90ea1\migism.dll Object is locked skipped
C:\90ea1\migism.inf Object is locked skipped
C:\90ea1\migism_a.dll Object is locked skipped
C:\90ea1\migload.exe Object is locked skipped
C:\90ea1\migrate.js Object is locked skipped
C:\90ea1\migrate.obe Object is locked skipped
C:\90ea1\migsys.inf Object is locked skipped
C:\90ea1\migwiz.exe Object is locked skipped
C:\90ea1\migwiz.inf Object is locked skipped
C:\90ea1\migwiz_a.exe Object is locked skipped
C:\90ea1\mindex.dll Object is locked skipped
C:\90ea1\mmcndmgr.dll Object is locked skipped
C:\90ea1\mnmdd.dll Object is locked skipped
C:\90ea1\mobsync.dll Object is locked skipped
C:\90ea1\mofcomp.exe Object is locked skipped
C:\90ea1\mofd.dll Object is locked skipped
C:\90ea1\moricons.dll Object is locked skipped
C:\90ea1\mouclass.sys Object is locked skipped
C:\90ea1\moviemk.exe Object is locked skipped
C:\90ea1\mpg2splt.ax Object is locked skipped
C:\90ea1\mpg4dmod.dll Object is locked skipped
C:\90ea1\mpg4ds32.ax Object is locked skipped
C:\90ea1\mplay32.exe Object is locked skipped
C:\90ea1\mplayer2.exe Object is locked skipped
C:\90ea1\mrxsmb.sys Object is locked skipped
C:\90ea1\msadce.dll Object is locked skipped
C:\90ea1\msadcf.dll Object is locked skipped
C:\90ea1\msadco.dll Object is locked skipped
C:\90ea1\msadcs.dll Object is locked skipped
C:\90ea1\msadds.dll Object is locked skipped
C:\90ea1\msadds32.ax Object is locked skipped
C:\90ea1\msado15.dll Object is locked skipped
C:\90ea1\msado20.tlb Object is locked skipped
C:\90ea1\msado21.tlb Object is locked skipped
C:\90ea1\msado25.tlb Object is locked skipped
C:\90ea1\msado26.tlb Object is locked skipped
C:\90ea1\msadomd.dll Object is locked skipped
C:\90ea1\msador15.dll Object is locked skipped
C:\90ea1\msadox.dll Object is locked skipped
C:\90ea1\msadp32.acm Object is locked skipped
C:\90ea1\msadrh15.dll Object is locked skipped
C:\90ea1\msaud32.acm Object is locked skipped
C:\90ea1\mscandui.dll Object is locked skipped
C:\90ea1\mscms.dll Object is locked skipped
C:\90ea1\msconf.dll Object is locked skipped
C:\90ea1\msconfig.exe Object is locked skipped
C:\90ea1\mscpx32r.dll Object is locked skipped
C:\90ea1\msctf.dll Object is locked skipped
C:\90ea1\msctfp.dll Object is locked skipped
C:\90ea1\msdadc.dll Object is locked skipped
C:\90ea1\msdaenum.dll Object is locked skipped
C:\90ea1\msdaer.dll Object is locked skipped
C:\90ea1\msdaipp.dll Object is locked skipped
C:\90ea1\msdaora.dll Object is locked skipped
C:\90ea1\msdaosp.dll Object is locked skipped
C:\90ea1\msdaprst.dll Object is locked skipped
C:\90ea1\msdaps.dll Object is locked skipped
C:\90ea1\msdarem.dll Object is locked skipped
C:\90ea1\msdart.dll Object is locked skipped
C:\90ea1\msdasc.dll Object is locked skipped
C:\90ea1\msdasql.dll Object is locked skipped
C:\90ea1\msdatl3.dll Object is locked skipped
C:\90ea1\msdatsrc.tlb Object is locked skipped
C:\90ea1\msdatt.dll Object is locked skipped
C:\90ea1\msdaurl.dll Object is locked skipped
C:\90ea1\msdbx.dll Object is locked skipped
C:\90ea1\msdfmap.dll Object is locked skipped
C:\90ea1\msdtcprx.dll Object is locked skipped
C:\90ea1\msdtctr.mof Object is locked skipped
C:\90ea1\msdxm.ocx Object is locked skipped
C:\90ea1\msdxmlc.dll Object is locked skipped
C:\90ea1\msexch40.dll Object is locked skipped
C:\90ea1\msexcl40.dll Object is locked skipped
C:\90ea1\msgina.dll Object is locked skipped
C:\90ea1\msgrocm.dll Object is locked skipped
C:\90ea1\msgsc.dll Object is locked skipped
C:\90ea1\msgslang.dll Object is locked skipped
C:\90ea1\msh261.drv Object is locked skipped
C:\90ea1\msh263.drv Object is locked skipped
C:\90ea1\mshtml.dll Object is locked skipped
C:\90ea1\mshtml.tlb Object is locked skipped
C:\90ea1\mshtmled.dll Object is locked skipped
C:\90ea1\mshtmler.dll Object is locked skipped
C:\90ea1\msi.dll Object is locked skipped
C:\90ea1\msieftp.dll Object is locked skipped
C:\90ea1\msiexec.exe Object is locked skipped
C:\90ea1\msihnd.dll Object is locked skipped
C:\90ea1\msimain.sdb Object is locked skipped
C:\90ea1\msimg32.dll Object is locked skipped
C:\90ea1\msimn.exe Object is locked skipped
C:\90ea1\msimtf.dll Object is locked skipped
C:\90ea1\msisam11.dll Object is locked skipped
C:\90ea1\msjet40.dll Object is locked skipped
C:\90ea1\msjetol1.dll Object is locked skipped
C:\90ea1\msjro.dll Object is locked skipped
C:\90ea1\msjtes40.dll Object is locked skipped
C:\90ea1\mskssrv.sys Object is locked skipped
C:\90ea1\mslbui.dll Object is locked skipped
C:\90ea1\msltus40.dll Object is locked skipped
C:\90ea1\msmom.dll Object is locked skipped
C:\90ea1\msmsgs.cat Object is locked skipped
C:\90ea1\msmsgs.exe Object is locked skipped
C:\90ea1\msmsgs.inf Object is locked skipped
C:\90ea1\msmsgsin.exe Object is locked skipped
C:\90ea1\msn.inf Object is locked skipped
C:\90ea1\msn100.mar Object is locked skipped
C:\90ea1\msn14.mar Object is locked skipped
C:\90ea1\msn150.mar Object is locked skipped
C:\90ea1\msn163.mar Object is locked skipped
C:\90ea1\msn188.mar Object is locked skipped
C:\90ea1\msn220.mar Object is locked skipped
C:\90ea1\msn222.mar Object is locked skipped
C:\90ea1\msn238.mar Object is locked skipped
C:\90ea1\msn36.mar Object is locked skipped
C:\90ea1\msn6.exe Object is locked skipped
C:\90ea1\msnetobj.dll Object is locked skipped
C:\90ea1\msnmetal.dll Object is locked skipped
C:\90ea1\msnmigr.dll Object is locked skipped
C:\90ea1\msnmsn.inf Object is locked skipped
C:\90ea1\msnmtllc.dll Object is locked skipped
C:\90ea1\msnntmig.dll Object is locked skipped
C:\90ea1\msnspell.dll Object is locked skipped
C:\90ea1\msnsspc.dll Object is locked skipped
C:\90ea1\msnunin.exe Object is locked skipped
C:\90ea1\msnupgrd.inf Object is locked skipped
C:\90ea1\msobcomm.dll Object is locked skipped
C:\90ea1\msobmain.dll Object is locked skipped
C:\90ea1\msobshel.htm Object is locked skipped
C:\90ea1\msoe.dll Object is locked skipped
C:\90ea1\msoeacct.dll Object is locked skipped
C:\90ea1\msoert2.dll Object is locked skipped
C:\90ea1\msorcl32.dll Object is locked skipped
C:\90ea1\mspaint.exe Object is locked skipped
C:\90ea1\mspbde40.dll Object is locked skipped
C:\90ea1\mspmsp.dll Object is locked skipped
C:\90ea1\msrating.dll Object is locked skipped
C:\90ea1\msrd2x40.dll Object is locked skipped
C:\90ea1\msrdp.cab Object is locked skipped
C:\90ea1\msrdp.ocx Object is locked skipped
C:\90ea1\msrepl40.dll Object is locked skipped
C:\90ea1\msrle32.dll Object is locked skipped
C:\90ea1\msscds32.ax Object is locked skipped
C:\90ea1\msscp.dll Object is locked skipped
C:\90ea1\msscript.ocx Object is locked skipped
C:\90ea1\mst120.dll Object is locked skipped
C:\90ea1\mst123.dll Object is locked skipped
C:\90ea1\mstask.dll Object is locked skipped
C:\90ea1\mstee.sys Object is locked skipped
C:\90ea1\mstext40.dll Object is locked skipped
C:\90ea1\mstime.dll Object is locked skipped
C:\90ea1\mstinit.exe Object is locked skipped
C:\90ea1\mstsc.chm Object is locked skipped
C:\90ea1\mstsc.exe Object is locked skipped
C:\90ea1\mstscax.dll Object is locked skipped
C:\90ea1\mstsweb.cat Object is locked skipped
C:\90ea1\msuni11.dll Object is locked skipped
C:\90ea1\msutb.dll Object is locked skipped
C:\90ea1\msv1_0.dll Object is locked skipped
C:\90ea1\msvcp60.dll Object is locked skipped
C:\90ea1\msvcrt.dll Object is locked skipped
C:\90ea1\msvfw32.dll Object is locked skipped
C:\90ea1\msvidctl.dll Object is locked skipped
C:\90ea1\mswebdvd.dll Object is locked skipped
C:\90ea1\msxactps.dll Object is locked skipped
C:\90ea1\msxbde40.dll Object is locked skipped
C:\90ea1\msxml2.dll Object is locked skipped
C:\90ea1\msxml3.dll Object is locked skipped
C:\90ea1\muisetup.exe Object is locked skipped
C:\90ea1\mup.sys Object is locked skipped
C:\90ea1\mutohpen.sys Object is locked skipped
C:\90ea1\nac.dll Object is locked skipped
C:\90ea1\ncobjapi.dll Object is locked skipped
C:\90ea1\ncprov.dll Object is locked skipped
C:\90ea1\nddenb32.dll Object is locked skipped
C:\90ea1\ndis.sys Object is locked skipped
C:\90ea1\ndisnpp.dll Object is locked skipped
C:\90ea1\ndisuio.sys Object is locked skipped
C:\90ea1\ndiswan.sys Object is locked skipped
C:\90ea1\net.exe Object is locked skipped
C:\90ea1\net1.exe Object is locked skipped
C:\90ea1\netapi32.dll Object is locked skipped
C:\90ea1\netbios.sys Object is locked skipped
C:\90ea1\netbt.sys Object is locked skipped
C:\90ea1\netcfgx.dll Object is locked skipped
C:\90ea1\netdde.exe Object is locked skipped
C:\90ea1\netklsi.inf Object is locked skipped
C:\90ea1\netlogon.dll Object is locked skipped
C:\90ea1\netman.dll Object is locked skipped
C:\90ea1\netnm.inf Object is locked skipped
C:\90ea1\netoc.dll Object is locked skipped
C:\90ea1\netplwiz.dll Object is locked skipped
C:\90ea1\netrtsnt.inf Object is locked skipped
C:\90ea1\netsetup.exe Object is locked skipped
C:\90ea1\netshell.dll Object is locked skipped
C:\90ea1\netwlan.inf Object is locked skipped
C:\90ea1\netwlan2.inf Object is locked skipped
C:\90ea1\netwlan5.img Object is locked skipped
C:\90ea1\netwlan5.sys Object is locked skipped
C:\90ea1\netwv48.inf Object is locked skipped
C:\90ea1\new\apph_sp.sdb Object is locked skipped
C:\90ea1\new\apps_sp.chm Object is locked skipped
C:\90ea1\new\ati2dvaa.dll Object is locked skipped
C:\90ea1\new\ati2dvag.dll Object is locked skipped
C:\90ea1\new\ati2mtaa.sys Object is locked skipped
C:\90ea1\new\ati2mtag.sys Object is locked skipped
C:\90ea1\new\ati3d1ag.dll Object is locked skipped
C:\90ea1\new\ati3d2ag.dll Object is locked skipped
C:\90ea1\new\atiixpaa.inf Object is locked skipped
C:\90ea1\new\atiixpag.inf Object is locked skipped
C:\90ea1\new\atinbtxx.sys Object is locked skipped
C:\90ea1\new\atinmdxx.sys Object is locked skipped
C:\90ea1\new\atinpdxx.sys Object is locked skipped
C:\90ea1\new\atinraxx.sys Object is locked skipped
C:\90ea1\new\atinrvxx.sys Object is locked skipped
C:\90ea1\new\atinsnxx.sys Object is locked skipped
C:\90ea1\new\atinttxx.sys Object is locked skipped
C:\90ea1\new\atintuxx.sys Object is locked skipped
C:\90ea1\new\atinxbxx.sys Object is locked skipped
C:\90ea1\new\atinxsxx.sys Object is locked skipped
C:\90ea1\new\ativdaxx.ax Object is locked skipped
C:\90ea1\new\ativmvxx.ax Object is locked skipped
C:\90ea1\new\atixpwdm.inf Object is locked skipped
C:\90ea1\new\c_28603.nls Object is locked skipped
C:\90ea1\new\dsprpres.dll Object is locked skipped
C:\90ea1\new\encapi.dll Object is locked skipped
C:\90ea1\new\encdec.dll Object is locked skipped
C:\90ea1\new\faxpatch.exe Object is locked skipped
C:\90ea1\new\hccoin.dll Object is locked skipped
C:\90ea1\new\hidir.sys Object is locked skipped
C:\90ea1\new\hscupd.exe Object is locked skipped
C:\90ea1\new\hscxpsp1.cab Object is locked skipped
C:\90ea1\new\logo.gif Object is locked skipped
C:\90ea1\new\logowin.gif Object is locked skipped
C:\90ea1\new\medctrro.exe Object is locked skipped
C:\90ea1\new\msctfime.ime Object is locked skipped
C:\90ea1\new\msftedit.dll Object is locked skipped
C:\90ea1\new\mssap.dll Object is locked skipped
C:\90ea1\new\mutohpen.sys Object is locked skipped
C:\90ea1\new\netbeac.inf Object is locked skipped
C:\90ea1\new\nettun.inf Object is locked skipped
C:\90ea1\new\nv4_disp.inf Object is locked skipped
C:\90ea1\new\nvct.inf Object is locked skipped
C:\90ea1\new\nvdm.inf Object is locked skipped
C:\90ea1\new\nvts.inf Object is locked skipped
C:\90ea1\new\oeaccess.inf Object is locked skipped
C:\90ea1\new\osloader.ntd Object is locked skipped
C:\90ea1\new\ramdisk.inf Object is locked skipped
C:\90ea1\new\rtcimsp.dll Object is locked skipped
C:\90ea1\new\sbe.dll Object is locked skipped
C:\90ea1\new\sbeio.dll Object is locked skipped
C:\90ea1\new\secupd.dat Object is locked skipped
C:\90ea1\new\secupd.sig Object is locked skipped
C:\90ea1\new\smtpsvc.dll Object is locked skipped
C:\90ea1\new\snchk.exe Object is locked skipped
C:\90ea1\new\sp1.cab Object is locked skipped
C:\90ea1\new\spgrmr.dll Object is locked skipped
C:\90ea1\new\usbehci.sys Object is locked skipped
C:\90ea1\new\wacompen.sys Object is locked skipped
C:\90ea1\new\winbrand.dll Object is locked skipped
C:\90ea1\new\winhttp.dll Object is locked skipped
C:\90ea1\new\wmaccess.inf Object is locked skipped
C:\90ea1\new\wmpocm.inf Object is locked skipped
C:\90ea1\new\wmvcore2.dll Object is locked skipped
C:\90ea1\new\wuau.adm Object is locked skipped
C:\90ea1\new\wuauhelp.chm Object is locked skipped
C:\90ea1\new\xpsp1res.dll Object is locked skipped
C:\90ea1\newalert.wav Object is locked skipped
C:\90ea1\newdev.dll Object is locked skipped
C:\90ea1\newemail.wav Object is locked skipped
C:\90ea1\neweula.htm Object is locked skipped
C:\90ea1\nic1394.sys Object is locked skipped
C:\90ea1\nlhtml.dll Object is locked skipped
C:\90ea1\nmas.dll Object is locked skipped
C:\90ea1\nmasnt.dll Object is locked skipped
C:\90ea1\nmchat.dll Object is locked skipped
C:\90ea1\nmcom.dll Object is locked skipped
C:\90ea1\nmft.dll Object is locked skipped
C:\90ea1\nmmkcert.dll Object is locked skipped
C:\90ea1\nmnt.sys Object is locked skipped
C:\90ea1\nmoldwb.dll Object is locked skipped
C:\90ea1\nmwb.dll Object is locked skipped
C:\90ea1\npdrmv2.dll Object is locked skipped
C:\90ea1\npdsplay.dll Object is locked skipped
C:\90ea1\nppagent.exe Object is locked skipped
C:\90ea1\npptools.dll Object is locked skipped
C:\90ea1\npwmsdrm.dll Object is locked skipped
C:\90ea1\nt5.cat Object is locked skipped
C:\90ea1\ntdetect.com Object is locked skipped
C:\90ea1\ntdll.dll Object is locked skipped
C:\90ea1\ntfs.sys Object is locked skipped
C:\90ea1\ntio.sys Object is locked skipped
C:\90ea1\ntkrnlmp.exe Object is locked skipped
C:\90ea1\ntkrnlpa.exe Object is locked skipped
C:\90ea1\ntkrpamp.exe Object is locked skipped
C:\90ea1\ntlanman.dll Object is locked skipped
C:\90ea1\ntldr Object is locked skipped
C:\90ea1\ntmarta.dll Object is locked skipped
C:\90ea1\ntmsapi.dll Object is locked skipped
C:\90ea1\ntmsdba.dll Object is locked skipped
C:\90ea1\ntmssvc.dll Object is locked skipped
C:\90ea1\ntoskrnl.exe Object is locked skipped
C:\90ea1\ntprint.cat Object is locked skipped
C:\90ea1\ntprint.dll Object is locked skipped
C:\90ea1\ntshrui.dll Object is locked skipped
C:\90ea1\ntvdm.exe Object is locked skipped
C:\90ea1\nv4_disp.dll Object is locked skipped
C:\90ea1\nv4_mini.sys Object is locked skipped
C:\90ea1\nwprovau.dll Object is locked skipped
C:\90ea1\oakley.dll Object is locked skipped
C:\90ea1\obeip.dun Object is locked skipped
C:\90ea1\ocgen.dll Object is locked skipped
C:\90ea1\ocmsn.dll Object is locked skipped
C:\90ea1\odbc32.dll Object is locked skipped
C:\90ea1\odbc32gt.dll Object is locked skipped
C:\90ea1\odbcad32.exe Object is locked skipped
C:\90ea1\odbcbcp.dll Object is locked skipped
C:\90ea1\odbcconf.dll Object is locked skipped
C:\90ea1\odbcconf.exe Object is locked skipped
C:\90ea1\odbcconf.rsp Object is locked skipped
C:\90ea1\odbccp32.dll Object is locked skipped
C:\90ea1\odbccr32.dll Object is locked skipped
C:\90ea1\odbccu32.dll Object is locked skipped
C:\90ea1\odbcp32r.dll Object is locked skipped
C:\90ea1\odbctrac.dll Object is locked skipped
C:\90ea1\offfilt.dll Object is locked skipped
C:\90ea1\ohci1394.sys Object is locked skipped
C:\90ea1\ole32.dll Object is locked skipped
C:\90ea1\oleaut32.dll Object is locked skipped
C:\90ea1\oledb32.dll Object is locked skipped
C:\90ea1\oleprn.dll Object is locked skipped
C:\90ea1\online.wav Object is locked skipped
C:\90ea1\oobebaln.exe Object is locked skipped
C:\90ea1\opengl32.dll Object is locked skipped
C:\90ea1\oschoice.exe Object is locked skipped
C:\90ea1\osk.exe Object is locked skipped
C:\90ea1\osloader.exe Object is locked skipped
C:\90ea1\p3.sys Object is locked skipped
C:\90ea1\packager.exe Object is locked skipped
C:\90ea1\page1.asp Object is locked skipped
C:\90ea1\parport.sys Object is locked skipped
C:\90ea1\pautoenr.dll Object is locked skipped
C:\90ea1\pchshell.dll Object is locked skipped
C:\90ea1\pchsvc.dll Object is locked skipped
C:\90ea1\pci.sys Object is locked skipped
C:\90ea1\pciidex.sys Object is locked skipped
C:\90ea1\pcmcia.sys Object is locked skipped
C:\90ea1\pcx500.sys Object is locked skipped
C:\90ea1\pdh.dll Object is locked skipped
C:\90ea1\perm2.sys Object is locked skipped
C:\90ea1\perm2dll.dll Object is locked skipped
C:\90ea1\perm3.sys Object is locked skipped
C:\90ea1\perm3dd.dll Object is locked skipped
C:\90ea1\phone.icw Object is locked skipped
C:\90ea1\phone.inf Object is locked skipped
C:\90ea1\phone.obe Object is locked skipped
C:\90ea1\pid.dll Object is locked skipped
C:\90ea1\ping.exe Object is locked skipped
C:\90ea1\pngfilt.dll Object is locked skipped
C:\90ea1\popc.dll Object is locked skipped
C:\90ea1\portcls.sys Object is locked skipped
C:\90ea1\ppa3.sys Object is locked skipped
C:\90ea1\printui.dll Object is locked skipped
C:\90ea1\privacy.hta Object is locked skipped
C:\90ea1\processr.sys Object is locked skipped
C:\90ea1\proctexe.ocx Object is locked skipped
C:\90ea1\ps5ui.dll Object is locked skipped
C:\90ea1\psapi.dll Object is locked skipped
C:\90ea1\psbase.dll Object is locked skipped
C:\90ea1\psched.sys Object is locked skipped
C:\90ea1\pscript5.dll Object is locked skipped
C:\90ea1\ptpusd.dll Object is locked skipped
C:\90ea1\qcap.dll Object is locked skipped
C:\90ea1\qdvd.dll Object is locked skipped
C:\90ea1\qedit.dll Object is locked skipped
C:\90ea1\qmgr.dll Object is locked skipped
C:\90ea1\qmgrprxy.dll Object is locked skipped
C:\90ea1\quartz.dll Object is locked skipped
C:\90ea1\query.dll Object is locked skipped
C:\90ea1\ramdisk.sys Object is locked skipped
C:\90ea1\rasapi32.dll Object is locked skipped
C:\90ea1\raschap.dll Object is locked skipped
C:\90ea1\rasdlg.dll Object is locked skipped
C:\90ea1\rasl2tp.sys Object is locked skipped
C:\90ea1\rasman.dll Object is locked skipped
C:\90ea1\rasmans.dll Object is locked skipped
C:\90ea1\rasppp.dll Object is locked skipped
C:\90ea1\raspptp.sys Object is locked skipped
C:\90ea1\rassapi.dll Object is locked skipped
C:\90ea1\rastapi.dll Object is locked skipped
C:\90ea1\rastls.dll Object is locked skipped
C:\90ea1\rcimlby.exe Object is locked skipped
C:\90ea1\rdbss.sys Object is locked skipped
C:\90ea1\rdchost.dll Object is locked skipped
C:\90ea1\rdpclip.exe Object is locked skipped
C:\90ea1\rdpdd.dll Object is locked skipped
C:\90ea1\rdpdr.sys Object is locked skipped
C:\90ea1\rdpsnd.dll Object is locked skipped
C:\90ea1\rdpwd.sys Object is locked skipped
C:\90ea1\rdpwsx.dll Object is locked skipped
C:\90ea1\rdsaddin.exe Object is locked skipped
C:\90ea1\readmesp.htm Object is locked skipped
C:\90ea1\redbook.sys Object is locked skipped
C:\90ea1\redir.exe Object is locked skipped
C:\90ea1\reg.exe Object is locked skipped
C:\90ea1\regapi.dll Object is locked skipped
C:\90ea1\regedit.exe Object is locked skipped
C:\90ea1\remotepg.dll Object is locked skipped
C:\90ea1\repdrvfs.dll Object is locked skipped
C:\90ea1\riched20.dll Object is locked skipped
C:\90ea1\rpcrt4.dll Object is locked skipped
C:\90ea1\rpcss.dll Object is locked skipped
C:\90ea1\rrcm.dll Object is locked skipped
C:\90ea1\rsaenh.dll Object is locked skipped
C:\90ea1\rshx32.dll Object is locked skipped
C:\90ea1\rstrui.exe Object is locked skipped
C:\90ea1\rtcdll.dll Object is locked skipped
C:\90ea1\rtcshare.exe Object is locked skipped
C:\90ea1\runonce.exe Object is locked skipped
C:\90ea1\samlib.dll Object is locked skipped
C:\90ea1\sapi.cpl Object is locked skipped
C:\90ea1\sapi.dll Object is locked skipped
C:\90ea1\savedump.exe Object is locked skipped
C:\90ea1\sbp2port.sys Object is locked skipped
C:\90ea1\sccbase.dll Object is locked skipped
C:\90ea1\sccsccp.dll Object is locked skipped
C:\90ea1\scecli.dll Object is locked skipped
C:\90ea1\scesrv.dll Object is locked skipped
C:\90ea1\schannel.dll Object is locked skipped
C:\90ea1\schedsvc.dll Object is locked skipped
C:\90ea1\script.dll Object is locked skipped
C:\90ea1\script_a.dll Object is locked skipped
C:\90ea1\scrnsave.scr Object is locked skipped
C:\90ea1\scsiport.sys Object is locked skipped
C:\90ea1\sdbinst.exe Object is locked skipped
C:\90ea1\secdrv.sys Object is locked skipped
C:\90ea1\secur32.dll Object is locked skipped
C:\90ea1\sens.dll Object is locked skipped
C:\90ea1\sensapi.dll Object is locked skipped
C:\90ea1\serial.sys Object is locked skipped
C:\90ea1\sessmgr.exe Object is locked skipped
C:\90ea1\setup.exe Object is locked skipped
C:\90ea1\setup50.exe Object is locked skipped
C:\90ea1\setupapi.dll Object is locked skipped
C:\90ea1\setupqry.dll Object is locked skipped
C:\90ea1\setupqry.inf Object is locked skipped
C:\90ea1\setup_wm.exe Object is locked skipped
C:\90ea1\sfcfiles.dll Object is locked skipped
C:\90ea1\sfc_os.dll Object is locked skipped
C:\90ea1\sfloppy.sys Object is locked skipped
C:\90ea1\shdocvw.dll Object is locked skipped
C:\90ea1\shell32.dll Object is locked skipped
C:\90ea1\shfolder.dll Object is locked skipped
C:\90ea1\shgina.dll Object is locked skipped
C:\90ea1\shimeng.dll Object is locked skipped
C:\90ea1\shimgvw.dll Object is locked skipped
C:\90ea1\shlwapi.dll Object is locked skipped
C:\90ea1\shmgrate.exe Object is locked skipped
C:\90ea1\shsvcs.dll Object is locked skipped
C:\90ea1\shtml.dll Object is locked skipped
C:\90ea1\shtml.exe Object is locked skipped
C:\90ea1\signup.mar Object is locked skipped
C:\90ea1\sigtab.dll Object is locked skipped
C:\90ea1\sigverif.exe Object is locked skipped
C:\90ea1\simpdata.tlb Object is locked skipped
C:\90ea1\skeys.exe Object is locked skipped
C:\90ea1\sla30nd5.sys Object is locked skipped
C:\90ea1\slayerxp.dll Object is locked skipped
C:\90ea1\sl_anet.acm Object is locked skipped
C:\90ea1\smbali.sys Object is locked skipped
C:\90ea1\smbbatt.sys Object is locked skipped
C:\90ea1\smbclass.sys Object is locked skipped
C:\90ea1\smi2smir.exe Object is locked skipped
C:\90ea1\smlogcfg.dll Object is locked skipped
C:\90ea1\smlogsvc.exe Object is locked skipped
C:\90ea1\smss.exe Object is locked skipped
C:\90ea1\snmp.exe Object is locked skipped
C:\90ea1\snmpapi.dll Object is locked skipped
C:\90ea1\snmpcl.dll Object is locked skipped
C:\90ea1\snmpincl.dll Object is locked skipped
C:\90ea1\snmpsmir.dll Object is locked skipped
C:\90ea1\snmpthrd.dll Object is locked skipped
C:\90ea1\softkbd.dll Object is locked skipped
C:\90ea1\sonydcam.sys Object is locked skipped
C:\90ea1\spider.exe Object is locked skipped
C:\90ea1\splitter.sys Object is locked skipped
C:\90ea1\spmsg.dll Object is locked skipped
C:\90ea1\spoolss.dll Object is locked skipped
C:\90ea1\sptip.dll Object is locked skipped
C:\90ea1\spuninst.exe Object is locked skipped
C:\90ea1\sqloledb.dll Object is locked skipped
C:\90ea1\sqlsrv32.dll Object is locked skipped
C:\90ea1\sqlxmlx.dll Object is locked skipped
C:\90ea1\sr.sys Object is locked skipped
C:\90ea1\srchui.dll Object is locked skipped
C:\90ea1\srclient.dll Object is locked skipped
C:\90ea1\srrstr.dll Object is locked skipped
C:\90ea1\srsvc.dll Object is locked skipped
C:\90ea1\ss3dfo.scr Object is locked skipped
C:\90ea1\ssbezier.scr Object is locked skipped
C:\90ea1\ssdpapi.dll Object is locked skipped
C:\90ea1\ssdpsrv.dll Object is locked skipped
C:\90ea1\ssflwbox.scr Object is locked skipped
C:\90ea1\ssmarque.scr Object is locked skipped
C:\90ea1\ssmyst.scr Object is locked skipped
C:\90ea1\sspipes.scr Object is locked skipped
C:\90ea1\ssstars.scr Object is locked skipped
C:\90ea1\sstext3d.scr Object is locked skipped
C:\90ea1\stdprov.dll Object is locked skipped
C:\90ea1\sti.dll Object is locked skipped
C:\90ea1\sti_ci.dll Object is locked skipped
C:\90ea1\stobject.dll Object is locked skipped
C:\90ea1\storprop.dll Object is locked skipped
C:\90ea1\stream.sys Object is locked skipped
C:\90ea1\strmdll.dll Object is locked skipped
C:\90ea1\stub_fpsrvadm.exe Object is locked skipped
C:\90ea1\stub_fpsrvwin.exe Object is locked skipped
C:\90ea1\swflash.ocx Object is locked skipped
C:\90ea1\sxs.dll Object is locked skipped
C:\90ea1\sysaudio.sys Object is locked skipped
C:\90ea1\sysdm.cpl Object is locked skipped
C:\90ea1\sysmain.sdb Object is locked skipped
C:\90ea1\sysmod.dll Object is locked skipped
C:\90ea1\sysmod_a.dll Object is locked skipped
C:\90ea1\sysmon.ocx Object is locked skipped
C:\90ea1\syssetup.dll Object is locked skipped
C:\90ea1\tagfile.1 Object is locked skipped
C:\90ea1\tahoma.ttf Object is locked skipped
C:\90ea1\tahomabd.ttf Object is locked skipped
C:\90ea1\tape.sys Object is locked skipped
C:\90ea1\tapi32.dll Object is locked skipped
C:\90ea1\tapisrv.dll Object is locked skipped
C:\90ea1\taskmgr.exe Object is locked skipped
C:\90ea1\tcpip.sys Object is locked skipped
C:\90ea1\tcpip6.sys Object is locked skipped
C:\90ea1\tcptest.exe Object is locked skipped
C:\90ea1\tcptsat.dll Object is locked skipped
C:\90ea1\telnet.exe Object is locked skipped
C:\90ea1\termdd.sys Object is locked skipped
C:\90ea1\termsrv.dll Object is locked skipped
C:\90ea1\tffsport.sys Object is locked skipped
C:\90ea1\themedef.mar Object is locked skipped
C:\90ea1\themeui.dll Object is locked skipped
C:\90ea1\times.ttf Object is locked skipped
C:\90ea1\tracert.exe Object is locked skipped
C:\90ea1\trebuc.ttf Object is locked skipped
C:\90ea1\triedit.dll Object is locked skipped
C:\90ea1\trkwks.dll Object is locked skipped
C:\90ea1\tscfgwmi.dll Object is locked skipped
C:\90ea1\tscfgwmi.mfl Object is locked skipped
C:\90ea1\tscfgwmi.mof Object is locked skipped
C:\90ea1\tscupgrd.exe Object is locked skipped
C:\90ea1\tshoot.chm Object is locked skipped
C:\90ea1\tsoc.dll Object is locked skipped
C:\90ea1\tsweb1.htm Object is locked skipped
C:\90ea1\tunmp.sys Object is locked skipped
C:\90ea1\type.wav Object is locked skipped
C:\90ea1\udfs.sys Object is locked skipped
C:\90ea1\udhisapi.dll Object is locked skipped
C:\90ea1\ui.mar Object is locked skipped
C:\90ea1\umandlg.dll Object is locked skipped
C:\90ea1\umpnpmgr.dll Object is locked skipped
C:\90ea1\unidrv.dll Object is locked skipped
C:\90ea1\unidrvui.dll Object is locked skipped
C:\90ea1\unregmp2.exe Object is locked skipped
C:\90ea1\untfs.dll Object is locked skipped
C:\90ea1\update\eula.txt Object is locked skipped
C:\90ea1\update\sp1.cat Object is locked skipped
C:\90ea1\update\spcustom.dll Object is locked skipped
C:\90ea1\update\update.exe Object is locked skipped
C:\90ea1\update\update.inf Object is locked skipped
C:\90ea1\update\update.url Object is locked skipped
C:\90ea1\update\update.ver Object is locked skipped
C:\90ea1\upnp.dll Object is locked skipped
C:\90ea1\upnphost.dll Object is locked skipped
C:\90ea1\upnpui.dll Object is locked skipped
C:\90ea1\ups.exe Object is locked skipped
C:\90ea1\url.dll Object is locked skipped
C:\90ea1\urlmon.dll Object is locked skipped
C:\90ea1\usb101et.sys Object is locked skipped
C:\90ea1\usbaudio.sys Object is locked skipped
C:\90ea1\usbccgp.sys Object is locked skipped
C:\90ea1\usbehci.sys Object is locked skipped
C:\90ea1\usbhub.sys Object is locked skipped
C:\90ea1\usbintel.sys Object is locked skipped
C:\90ea1\usbohci.sys Object is locked skipped
C:\90ea1\usbport.sys Object is locked skipped
C:\90ea1\usbprint.sys Object is locked skipped
C:\90ea1\usbscan.sys Object is locked skipped
C:\90ea1\usbstor.sys Object is locked skipped
C:\90ea1\usbuhci.sys Object is locked skipped
C:\90ea1\user32.dll Object is locked skipped
C:\90ea1\userenv.dll Object is locked skipped
C:\90ea1\userinit.exe Object is locked skipped
C:\90ea1\usmtdef.inf Object is locked skipped
C:\90ea1\usp10.dll Object is locked skipped
C:\90ea1\utilman.exe Object is locked skipped
C:\90ea1\uxtheme.dll Object is locked skipped
C:\90ea1\vbisurf.ax Object is locked skipped
C:\90ea1\vbscript.dll Object is locked skipped
C:\90ea1\vdmredir.dll Object is locked skipped
C:\90ea1\verdana.ttf Object is locked skipped
C:\90ea1\vfwwdm32.dll Object is locked skipped
C:\90ea1\vga.sys Object is locked skipped
C:\90ea1\vgx.dll Object is locked skipped
C:\90ea1\viaide.sys Object is locked skipped
C:\90ea1\videoprt.sys Object is locked skipped
C:\90ea1\vssapi.dll Object is locked skipped
C:\90ea1\w32time.dll Object is locked skipped
C:\90ea1\w95upgnt.dll Object is locked skipped
C:\90ea1\wab32.dll Object is locked skipped
C:\90ea1\wab32res.dll Object is locked skipped
C:\90ea1\wacompen.sys Object is locked skipped
C:\90ea1\watchdog.sys Object is locked skipped
C:\90ea1\wbemcomn.dll Object is locked skipped
C:\90ea1\wbemcore.dll Object is locked skipped
C:\90ea1\wbemess.dll Object is locked skipped
C:\90ea1\wbemprox.dll Object is locked skipped
C:\90ea1\wbemupgd.dll Object is locked skipped
C:\90ea1\wdmaud.sys Object is locked skipped
C:\90ea1\wdma_ali.inf Object is locked skipped
C:\90ea1\wdma_int.inf Object is locked skipped
C:\90ea1\wdma_via.inf Object is locked skipped
C:\90ea1\webcheck.dll Object is locked skipped
C:\90ea1\webclnt.dll Object is locked skipped
C:\90ea1\webfldrs.msi Object is locked skipped
C:\90ea1\webvw.dll Object is locked skipped
C:\90ea1\wextract.exe Object is locked skipped
C:\90ea1\wiadss.dll Object is locked skipped
C:\90ea1\wiaservc.dll Object is locked skipped
C:\90ea1\win32k.sys Object is locked skipped
C:\90ea1\win32spl.dll Object is locked skipped
C:\90ea1\winhlp32.exe Object is locked skipped
C:\90ea1\wininet.dll Object is locked skipped
C:\90ea1\winlogon.exe Object is locked skipped
C:\90ea1\winmm.dll Object is locked skipped
C:\90ea1\winspool.drv Object is locked skipped
C:\90ea1\winsrv.dll Object is locked skipped
C:\90ea1\winsta.dll Object is locked skipped
C:\90ea1\winxp_logo_horiz_sm.gif Object is locked skipped
C:\90ea1\wldap32.dll Object is locked skipped
C:\90ea1\wlluc48.sys Object is locked skipped
C:\90ea1\wlnotify.dll Object is locked skipped
C:\90ea1\wmadmod.dll Object is locked skipped
C:\90ea1\wmadmoe.dll Object is locked skipped
C:\90ea1\wmasf.dll Object is locked skipped
C:\90ea1\wmerrenu.dll Object is locked skipped
C:\90ea1\wmi.mof Object is locked skipped
C:\90ea1\wmicookr.dll Object is locked skipped
C:\90ea1\wmidcprv.dll Object is locked skipped
C:\90ea1\wmidx.ocx Object is locked skipped
C:\90ea1\wmipcima.dll Object is locked skipped
C:\90ea1\wmiprov.dll Object is locked skipped
C:\90ea1\wmiprvsd.dll Object is locked skipped
C:\90ea1\wmiprvse.exe Object is locked skipped
C:\90ea1\wmipsess.dll Object is locked skipped
C:\90ea1\wmisvc.dll Object is locked skipped
C:\90ea1\wmiutils.dll Object is locked skipped
C:\90ea1\wmmfilt.dll Object is locked skipped
C:\90ea1\wmmres.dll Object is locked skipped
C:\90ea1\wmmutil.dll Object is locked skipped
C:\90ea1\wmnetmgr.dll Object is locked skipped
C:\90ea1\wmp.inf Object is locked skipped
C:\90ea1\wmp.ocx Object is locked skipped
C:\90ea1\wmpcd.dll Object is locked skipped
C:\90ea1\wmpcore.dll Object is locked skipped
C:\90ea1\wmplayer.exe Object is locked skipped
C:\90ea1\wmploc.dll Object is locked skipped
C:\90ea1\wmpshell.dll Object is locked skipped
C:\90ea1\wmpstub.exe Object is locked skipped
C:\90ea1\wmpui.dll Object is locked skipped
C:\90ea1\wmpvis.dll Object is locked skipped
C:\90ea1\wmsdmod.dll Object is locked skipped
C:\90ea1\wmsdmoe.dll Object is locked skipped
C:\90ea1\wmstream.dll Object is locked skipped
C:\90ea1\wmv8dmod.dll Object is locked skipped
C:\90ea1\wmv8ds32.ax Object is locked skipped
C:\90ea1\wmvcore.dll Object is locked skipped
C:\90ea1\wmvdmod.dll Object is locked skipped
C:\90ea1\wmvdmoe.dll Object is locked skipped
C:\90ea1\wmvds32.ax Object is locked skipped
C:\90ea1\wordpad.exe Object is locked skipped
C:\90ea1\wow32.dll Object is locked skipped
C:\90ea1\wship6.dll Object is locked skipped
C:\90ea1\wsnmp32.dll Object is locked skipped
C:\90ea1\wtsapi32.dll Object is locked skipped
C:\90ea1\wuauclt.exe Object is locked skipped
C:\90ea1\wuaueng.dll Object is locked skipped
C:\90ea1\wuauserv.dll Object is locked skipped
C:\90ea1\wzcdlg.dll Object is locked skipped
C:\90ea1\wzcsapi.dll Object is locked skipped
C:\90ea1\wzcsvc.dll Object is locked skipped
C:\90ea1\xactsrv.dll Object is locked skipped
C:\90ea1\xenroll.dll Object is locked skipped
C:\90ea1\zipfldr.dll Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\settings.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\2007-08-08_Log.ALUSchedulerSvc.LiveUpdate Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine4D80000\46FCC079.VBN Infected: Trojan-Downloader.JS.Agent.kd skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine4D80001\46FCC095.VBN Infected: Trojan-Downloader.Win32.Small.evy skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine4D80002\46FCC0AF.VBN Infected: Trojan-Downloader.Win32.Small.evy skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine4D80003\46FCC0C9.VBN Infected: Trojan-Downloader.Win32.Small.evy skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine7400000\47DCEFFA.VBN Infected: Backdoor.Win32.Small.na skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine74C0000\47FD11EE.VBN Infected: Trojan-Spy.Win32.Banker.amq skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine75C0000\47DC9318.VBN Infected: Trojan-Downloader.Win32.Small.ccm skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine8800000\4D834F6A.VBN Infected: Trojan-Downloader.Win32.Small.ccm skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine9980000.VBN Infected: Trojan-Downloader.Win32.Murlo.co skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine9D40000\4FDD0160.VBN Infected: Trojan-Downloader.Win32.Murlo.co skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine9E40000\4FEF0A55.VBN Infected: Trojan-Downloader.Win32.Murlo.co skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine9E80000\4FE86617.VBN Infected: Trojan-Downloader.Win32.Murlo.co skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine9E80001\4FE9BF72.VBN Infected: Trojan-Downloader.Win32.Murlo.co skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\QuarantineA000001\4E3E743D.VBN Infected: Trojan-Downloader.Win32.Agent.bls skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\QuarantineA100000\4FD3BD47.VBN Infected: Trojan-Spy.Win32.Banker.amq skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\QuarantineA100001\4E3906E9.VBN Infected: Trojan-Downloader.WMA.Wimad.d skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\QuarantineA100003\4E390887.VBN Infected: Trojan-Downloader.WMA.Wimad.d skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\QuarantineA100004\4E3908C6.VBN Infected: Trojan-Downloader.WMA.Wimad.d skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\QuarantineA100005\4E390906.VBN Infected: Trojan-Downloader.WMA.Wimad.d skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\QuarantineA100006\4E390945.VBN Infected: Trojan-Downloader.WMA.Wimad.d skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\QuarantineA100007\4E3922CF.VBN Infected: Trojan-Downloader.WMA.Wimad.d skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\QuarantineA100008\4E39232B.VBN Infected: Trojan-Downloader.WMA.Wimad.d skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\QuarantineA100009\4E39237F.VBN Infected: Trojan-Downloader.WMA.Wimad.d skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\QuarantineA10000A\4E392407.VBN Infected: Trojan-Downloader.WMA.Wimad.d skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\QuarantineA10000B\4E39244F.VBN Infected: Trojan-Downloader.WMA.Wimad.d skipped
C:\Documents and Settings\All Users\Documents\Downloaded files\Apps\vncviewer.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.333 skipped
C:\Documents and Settings\David\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\David\Local Settings\Application Data\ApplicationHistory\hpqimzone.exe.3204510e.ini.inuse Object is locked skipped
C:\Documents and Settings\David\Local Settings\Application Data\HP\Digital Imaging\db\administrativeInfo.dbf Object is locked skipped
C:\Documents and Settings\David\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.cdx Object is locked skipped
C:\Documents and Settings\David\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.dbf Object is locked skipped
C:\Documents and Settings\David\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.cdx Object is locked skipped
C:\Documents and Settings\David\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.dbf Object is locked skipped
C:\Documents and Settings\David\Local Settings\Application Data\HP\Digital Imaging\db\CB_Server_Errors.txt Object is locked skipped
C:\Documents and Settings\David\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.cdx Object is locked skipped
C:\Documents and Settings\David\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.dbf Object is locked skipped
C:\Documents and Settings\David\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.cdx Object is locked skipped
C:\Documents and Settings\David\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.dbf Object is locked skipped
C:\Documents and Settings\David\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.fpt Object is locked skipped
C:\Documents and Settings\David\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.cdx Object is locked skipped
C:\Documents and Settings\David\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.dbf Object is locked skipped
C:\Documents and Settings\David\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.cdx Object is locked skipped
C:\Documents and Settings\David\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.dbf Object is locked skipped
C:\Documents and Settings\David\Local Settings\Application Data\HP\Digital Imaging\db\managedFolderTable.dbf Object is locked skipped
C:\Documents and Settings\David\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.cdx Object is locked skipped
C:\Documents and Settings\David\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.dbf Object is locked skipped
C:\Documents and Settings\David\Local Settings\Application Data\HP\Digital Imaging\db\propertiesTable.cdx Object is locked skipped
C:\Documents and Settings\David\Local Settings\Application Data\HP\Digital Imaging\db\propertiesTable.dbf Object is locked skipped
C:\Documents and Settings\David\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.cdx Object is locked skipped
C:\Documents and Settings\David\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.dbf Object is locked skipped
C:\Documents and Settings\David\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.cdx Object is locked skipped
C:\Documents and Settings\David\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.dbf Object is locked skipped
C:\Documents and Settings\David\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\David\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\David\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\David\Local Settings\History\History.IE5\MSHist012007080820070809\index.dat Object is locked skipped
C:\Documents and Settings\David\Local Settings\Temp\hpodvd09.log Object is locked skipped
C:\Documents and Settings\David\Local Settings\Temp\Perflib_Perfdata_e04.dat Object is locked skipped
C:\Documents and Settings\David\Local Settings\Temp\~DFD590.tmp Object is locked skipped
C:\Documents and Settings\David\Local Settings\Temp\~DFF091.tmp Object is locked skipped
C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\David\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\David\NTUSER.DAT.LOG Object is locked skipped
C:\Documents and Settings\David\UserData\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\EENGINE\EPERSIST.DAT Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBConfig.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBDebug.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBDetect.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBNotify.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBRefr.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetCfg.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetCfg2.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetDev.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetLoc.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetUsr.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSMNot.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSMReg.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSMRSt.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBStHash.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBStMSI.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBValid.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\SPPolicy.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\SPStart.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\SPStop.log Object is locked skipped
C:\Program Files\ProcManager.exe Infected: not-a-virus:RiskTool.Win32.PsKill.a skipped
C:\Program Files\Symantec AntiVirus\SAVRT172NAV~.TMP Object is locked skipped
C:\Program Files\Symantec AntiVirus\SAVRT874NAV~.TMP Object is locked skipped
C:\Program Files\Yahoo!\Messenger\logs\billing_David.log Object is locked skipped
C:\Program Files\Yahoo!\Messenger\logs\client_David.log Object is locked skipped
C:\Program Files\Yahoo!\Messenger\logs\network_David.log Object is locked skipped
C:\System Volume Information\_restore{DD466F22-596D-435E-BF37-9EA1699182E0}\RP1058\change.log Object is locked skipped
C:\WINDOWS\Debug\oakley.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\EventCache\{463E9F53-4669-45CD-A4E1-33D60BE64FE3}.bin Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\drivers\etc\CPUIDLE\lock.sah Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
Scan process completed.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:32:06 PM, on 8/8/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\SYSTEM32\DRIVERS\ETC\CPUIDLE\srvany.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\SYSTEM32\DRIVERS\ETC\CPUIDLE\cpuidle.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AOpen\Mouse\Amoumain.exe
C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\System32\ctfmon.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.garfield.com/comics/comics_todays.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.5.1:3128
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Malicious Scripts Scanner - {55EA1964-F5E4-4D6A-B9B2-125B37655FCB} - C:\Documents and Settings\All Users\Application Data\Prevx\pxbho.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ReadFile Class - {9E4F45DB-2EC3-4b09-91F9-31C702B3285D} - C:\WINDOWS\System32\tgs.dll (file missing)
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WheelMouse] C:\PROGRA~1\AOpen\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Enterprise
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [AprvRemoveLegacyExcelKeys] "C:\Program Files\ApproveIt\Support\Tools\AprvClean.exe" -k HKCU SOFTWARE\Microsoft\Office\Excel\Addins\OfficeAddIn.OfficeAddIn
O4 - HKLM\..\Run: [AprvRemoveLegacyWordKeys] "C:\Program Files\ApproveIt\Support\Tools\AprvClean.exe" -k HKCU SOFTWARE\Microsoft\Office\Word\Addins\OfficeAddIn.OfficeAddIn
O4 - HKLM\..\Run: [masqform.exe] C:\Program Files\PureEdge\Viewer 6.5\masqform.exe -RunOnce
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [PrevxOne] "C:\Program Files\Prevx2\PXConsole.exe"
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\PROGRA~1\AWS\WEATHE~1\Weather.exe (HKCU)
O12 - Plugin for .tif: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin5.dll
O15 - Trusted Zone: www.us.army.mil
O16 - DPF: ActiveGS.cab - http://www.virtualapple.com/activegs.cab
O16 - DPF: TAWClients - http://telwebpa2.intellimark-it.com/TAW/TAWClients.cab
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/pote_x.cab
O16 - DPF: {01111F00-3E00-11D2-8470-0060089874ED} - http://supportsoft.adelphia.net/sdccommon/...ad/tgctlins.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www.costcophotocenter.com/CostcoActivia.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1094717199031
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1161989967430
O16 - DPF: {88D758A3-D33B-45FD-91E3-67749B4057FA} - http://dm.screensavers.com/dm/installers/si/1/sinstaller.cab
O16 - DPF: {90051A81-3018-4826-8B38-DD60B6B53F9C} (Snapfish File Upload ActiveX Control) - http://www.costcophotocenter.com/CostcoUpload.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://www.digitalsurveillancecenter.com/a...sCamControl.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yahoo.com/...utocomplete.cab
O16 - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} - http://download.abacast.com/download/files/abasetup160.cab
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - http://us.dl1.yimg.com/download.yahoo.com/...ebio5_0_2_1.cab
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: cpuidle - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\CPUIDLE\srvany.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Prevx Agent (PREVXAgent) - Prevx - C:\Program Files\Prevx2\PXAgent.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
--
End of file - 11507 bytes
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Wednesday, August 08, 2007 9:26:58 PM
Operating System: Microsoft Windows XP Professional, Service Pack 1 (Build 2600)
Kaspersky Online Scanner version: 5.0.93.0
Kaspersky Anti-Virus database last update: 8/08/2007
Kaspersky Anti-Virus database records: 377249
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer:
A:\
C:\
D:\
E:\
Scan Statistics:
Total number of scanned objects: 74049
Number of viruses found: 10
Number of infected objects: 27
Number of suspicious objects: 0
Duration of the scan process: 04:16:14
Infected Object Name / Virus Name / Last Action
C:\90ea1\1394bus.sys Object is locked skipped
C:\90ea1\61883.sys Object is locked skipped
C:\90ea1\6to4svc.dll Object is locked skipped
C:\90ea1\ac97ali.sys Object is locked skipped
C:\90ea1\ac97via.sys Object is locked skipped
C:\90ea1\acgenral.dll Object is locked skipped
C:\90ea1\aclayers.dll Object is locked skipped
C:\90ea1\aclua.dll Object is locked skipped
C:\90ea1\acpi.sys Object is locked skipped
C:\90ea1\acspecfc.dll Object is locked skipped
C:\90ea1\activ.htm Object is locked skipped
C:\90ea1\activsvc.htm Object is locked skipped
C:\90ea1\actlan.htm Object is locked skipped
C:\90ea1\actshell.htm Object is locked skipped
C:\90ea1\acverfyr.dll Object is locked skipped
C:\90ea1\acxtrnal.dll Object is locked skipped
C:\90ea1\adeskerr.htm Object is locked skipped
C:\90ea1\admin.dll Object is locked skipped
C:\90ea1\admin.exe Object is locked skipped
C:\90ea1\admjoy.sys Object is locked skipped
C:\90ea1\adsldp.dll Object is locked skipped
C:\90ea1\adsldpc.dll Object is locked skipped
C:\90ea1\adsmsext.dll Object is locked skipped
C:\90ea1\adsnt.dll Object is locked skipped
C:\90ea1\advapi32.dll Object is locked skipped
C:\90ea1\advpack.dll Object is locked skipped
C:\90ea1\aec.sys Object is locked skipped
C:\90ea1\afd.sys Object is locked skipped
C:\90ea1\ahui.exe Object is locked skipped
C:\90ea1\alg.exe Object is locked skipped
C:\90ea1\amdk6.sys Object is locked skipped
C:\90ea1\amdk7.sys Object is locked skipped
C:\90ea1\an983.sys Object is locked skipped
C:\90ea1\apphelp.dll Object is locked skipped
C:\90ea1\apphelp.sdb Object is locked skipped
C:\90ea1\apps.chm Object is locked skipped
C:\90ea1\appwiz.cpl Object is locked skipped
C:\90ea1\arial.ttf Object is locked skipped
C:\90ea1\arp1394.sys Object is locked skipped
C:\90ea1\asctrls.ocx Object is locked skipped
C:\90ea1\asferror.dll Object is locked skipped
C:\90ea1\asfsipc.dll Object is locked skipped
C:\90ea1\asms\10100\msft\windows\gdiplus\gdiplus.cat Object is locked skipped
C:\90ea1\asms\10100\msft\windows\gdiplus\gdiplus.dll Object is locked skipped
C:\90ea1\asms\10100\msft\windows\gdiplus\gdiplus.man Object is locked skipped
C:\90ea1\asms\10100\policy\msft\windows\gdiplus\gdiplus.cat Object is locked skipped
C:\90ea1\asms\10100\policy\msft\windows\gdiplus\gdiplus.man Object is locked skipped
C:\90ea1\asms\60100\msft\windows\common\controls\comctl32.dll Object is locked skipped
C:\90ea1\asms\60100\msft\windows\common\controls\controls.cat Object is locked skipped
C:\90ea1\asms\60100\msft\windows\common\controls\controls.man Object is locked skipped
C:\90ea1\asms\60100\policy\60100\comctl\comctl.cat Object is locked skipped
C:\90ea1\asms\60100\policy\60100\comctl\comctl.man Object is locked skipped
C:\90ea1\asms\70100\msft\windows\mswincrt\msvcirt.dll Object is locked skipped
C:\90ea1\asms\70100\msft\windows\mswincrt\msvcrt.dll Object is locked skipped
C:\90ea1\asms\70100\msft\windows\mswincrt\mswincrt.cat Object is locked skipped
C:\90ea1\asms\70100\msft\windows\mswincrt\mswincrt.man Object is locked skipped
C:\90ea1\asms\70100\policy\msft\mswincrt\mswincrt.cat Object is locked skipped
C:\90ea1\asms\70100\policy\msft\mswincrt\mswincrt.man Object is locked skipped
C:\90ea1\at.exe Object is locked skipped
C:\90ea1\atapi.sys Object is locked skipped
C:\90ea1\ati2dvaa.dll Object is locked skipped
C:\90ea1\ati2dvag.dll Object is locked skipped
C:\90ea1\ati2mtaa.sys Object is locked skipped
C:\90ea1\ati2mtag.sys Object is locked skipped
C:\90ea1\ati3d1ag.dll Object is locked skipped
C:\90ea1\ati3d2ag.dll Object is locked skipped
C:\90ea1\atinbtxx.sys Object is locked skipped
C:\90ea1\atinmdxx.sys Object is locked skipped
C:\90ea1\atinpdxx.sys Object is locked skipped
C:\90ea1\atinraxx.sys Object is locked skipped
C:\90ea1\atinrvxx.sys Object is locked skipped
C:\90ea1\atinsnxx.sys Object is locked skipped
C:\90ea1\atinttxx.sys Object is locked skipped
C:\90ea1\atintuxx.sys Object is locked skipped
C:\90ea1\atinxbxx.sys Object is locked skipped
C:\90ea1\atinxsxx.sys Object is locked skipped
C:\90ea1\atiradn1.inf Object is locked skipped
C:\90ea1\ativdaxx.ax Object is locked skipped
C:\90ea1\ativmvxx.ax Object is locked skipped
C:\90ea1\atl.dll Object is locked skipped
C:\90ea1\atmlane.sys Object is locked skipped
C:\90ea1\audiosrv.dll Object is locked skipped
C:\90ea1\author.dll Object is locked skipped
C:\90ea1\author.exe Object is locked skipped
C:\90ea1\autochk.exe Object is locked skipped
C:\90ea1\autolfn.exe Object is locked skipped
C:\90ea1\auupdate.exe Object is locked skipped
C:\90ea1\avc.sys Object is locked skipped
C:\90ea1\avifil32.dll Object is locked skipped
C:\90ea1\basesrv.dll Object is locked skipped
C:\90ea1\batt.dll Object is locked skipped
C:\90ea1\bridge.sys Object is locked skipped
C:\90ea1\browselc.dll Object is locked skipped
C:\90ea1\browser.dll Object is locked skipped
C:\90ea1\browseui.dll Object is locked skipped
C:\90ea1\browsewm.dll Object is locked skipped
C:\90ea1\cabinet.dll Object is locked skipped
C:\90ea1\callcont.dll Object is locked skipped
C:\90ea1\catsrvut.dll Object is locked skipped
C:\90ea1\ccdecode.sys Object is locked skipped
C:\90ea1\cdfs.sys Object is locked skipped
C:\90ea1\cdm.dll Object is locked skipped
C:\90ea1\cdrom.sys Object is locked skipped
C:\90ea1\certcli.dll Object is locked skipped
C:\90ea1\cewmdm.dll Object is locked skipped
C:\90ea1\cfgbkend.dll Object is locked skipped
C:\90ea1\cfgwiz.exe Object is locked skipped
C:\90ea1\cimwin32.dll Object is locked skipped
C:\90ea1\ciodm.dll Object is locked skipped
C:\90ea1\classpnp.sys Object is locked skipped
C:\90ea1\clipbrd.exe Object is locked skipped
C:\90ea1\clusapi.dll Object is locked skipped
C:\90ea1\cmbatt.sys Object is locked skipped
C:\90ea1\cmdial32.dll Object is locked skipped
C:\90ea1\cmdl32.exe Object is locked skipped
C:\90ea1\comadmin.dll Object is locked skipped
C:\90ea1\comctl32.dll Object is locked skipped
C:\90ea1\comdlg32.dll Object is locked skipped
C:\90ea1\compatui.dll Object is locked skipped
C:\90ea1\comsvcs.dll Object is locked skipped
C:\90ea1\conf.exe Object is locked skipped
C:\90ea1\conime.exe Object is locked skipped
C:\90ea1\copymar.exe Object is locked skipped
C:\90ea1\courtney.acs Object is locked skipped
C:\90ea1\credui.dll Object is locked skipped
C:\90ea1\crusoe.sys Object is locked skipped
C:\90ea1\crypt32.dll Object is locked skipped
C:\90ea1\cryptdlg.dll Object is locked skipped
C:\90ea1\cryptsvc.dll Object is locked skipped
C:\90ea1\cryptui.dll Object is locked skipped
C:\90ea1\cscui.dll Object is locked skipped
C:\90ea1\csrsrv.dll Object is locked skipped
C:\90ea1\ctfmon.exe Object is locked skipped
C:\90ea1\custdial.dll Object is locked skipped
C:\90ea1\d3d8.dll Object is locked skipped
C:\90ea1\danim.dll Object is locked skipped
C:\90ea1\dbghelp.dll Object is locked skipped
C:\90ea1\dbmsadsn.dll Object is locked skipped
C:\90ea1\dbmsrpcn.dll Object is locked skipped
C:\90ea1\dbmsvinn.dll Object is locked skipped
C:\90ea1\dbnetlib.dll Object is locked skipped
C:\90ea1\dbnmpntw.dll Object is locked skipped
C:\90ea1\dcache.bin Object is locked skipped
C:\90ea1\dcap32.dll Object is locked skipped
C:\90ea1\ddraw.dll Object is locked skipped
C:\90ea1\defrag.exe Object is locked skipped
C:\90ea1\desk.cpl Object is locked skipped
C:\90ea1\devmgr.dll Object is locked skipped
C:\90ea1\dfrgfat.exe Object is locked skipped
C:\90ea1\dfrgntfs.exe Object is locked skipped
C:\90ea1\dfrgsnap.dll Object is locked skipped
C:\90ea1\dfrgui.dll Object is locked skipped
C:\90ea1\dfsshlex.dll Object is locked skipped
C:\90ea1\dgnet.dll Object is locked skipped
C:\90ea1\dhcpcsvc.dll Object is locked skipped
C:\90ea1\dhtmled.ocx Object is locked skipped
C:\90ea1\digest.dll Object is locked skipped
C:\90ea1\dinput.dll Object is locked skipped
C:\90ea1\dinput8.dll Object is locked skipped
C:\90ea1\disk.sys Object is locked skipped
C:\90ea1\diskdump.sys Object is locked skipped
C:\90ea1\dlimport.exe Object is locked skipped
C:\90ea1\dmband.dll Object is locked skipped
C:\90ea1\dmcompos.dll Object is locked skipped
C:\90ea1\dmime.dll Object is locked skipped
C:\90ea1\dmloader.dll Object is locked skipped
C:\90ea1\dmscript.dll Object is locked skipped
C:\90ea1\dmstyle.dll Object is locked skipped
C:\90ea1\dmusic.dll Object is locked skipped
C:\90ea1\dnsapi.dll Object is locked skipped
C:\90ea1\docprop2.dll Object is locked skipped
C:\90ea1\dpnet.dll Object is locked skipped
C:\90ea1\dpnhpast.dll Object is locked skipped
C:\90ea1\dpnhupnp.dll Object is locked skipped
C:\90ea1\dpvoice.dll Object is locked skipped
C:\90ea1\dpvsetup.exe Object is locked skipped
C:\90ea1\dpwsockx.dll Object is locked skipped
C:\90ea1\drmclien.dll Object is locked skipped
C:\90ea1\drmk.sys Object is locked skipped
C:\90ea1\drmkaud.sys Object is locked skipped
C:\90ea1\drmstor.dll Object is locked skipped
C:\90ea1\drmv2clt.dll Object is locked skipped
C:\90ea1\drvmain.sdb Object is locked skipped
C:\90ea1\ds32gt.dll Object is locked skipped
C:\90ea1\dshowext.ax Object is locked skipped
C:\90ea1\dsprop.dll Object is locked skipped
C:\90ea1\dsquery.dll Object is locked skipped
C:\90ea1\dssenh.dll Object is locked skipped
C:\90ea1\dumprep.exe Object is locked skipped
C:\90ea1\duser.dll Object is locked skipped
C:\90ea1\dw.exe Object is locked skipped
C:\90ea1\dwwin.exe Object is locked skipped
C:\90ea1\dxdiag.exe Object is locked skipped
C:\90ea1\dxg.sys Object is locked skipped
C:\90ea1\dxmasf.dll Object is locked skipped
C:\90ea1\dxmrtp.dll Object is locked skipped
C:\90ea1\dxtmsft.dll Object is locked skipped
C:\90ea1\dxtrans.dll Object is locked skipped
C:\90ea1\earl.acs Object is locked skipped
C:\90ea1\els.dll Object is locked skipped
C:\90ea1\ersvc.dll Object is locked skipped
C:\90ea1\es.dll Object is locked skipped
C:\90ea1\esscli.dll Object is locked skipped
C:\90ea1\essm2e.sys Object is locked skipped
C:\90ea1\eudcedit.exe Object is locked skipped
C:\90ea1\eventlog.dll Object is locked skipped
C:\90ea1\evntrprv.dll Object is locked skipped
C:\90ea1\explorer.exe Object is locked skipped
C:\90ea1\expsrv.dll Object is locked skipped
C:\90ea1\fastfat.sys Object is locked skipped
C:\90ea1\fastprox.dll Object is locked skipped
C:\90ea1\faultrep.dll Object is locked skipped
C:\90ea1\filelist.xml Object is locked skipped
C:\90ea1\fldrclnr.dll Object is locked skipped
C:\90ea1\flpydisk.sys Object is locked skipped
C:\90ea1\fontview.exe Object is locked skipped
C:\90ea1\fp4.cat Object is locked skipped
C:\90ea1\fp40ext.cab Object is locked skipped
C:\90ea1\fp40ext.dll Object is locked skipped
C:\90ea1\fp40ext.inf Object is locked skipped
C:\90ea1\fp4amsft.dll Object is locked skipped
C:\90ea1\fp4anscp.dll Object is locked skipped
C:\90ea1\fp4apws.dll Object is locked skipped
C:\90ea1\fp4areg.dll Object is locked skipped
C:\90ea1\fp4atxt.dll Object is locked skipped
C:\90ea1\fp4autl.dll Object is locked skipped
C:\90ea1\fp4avnb.dll Object is locked skipped
C:\90ea1\fp4avss.dll Object is locked skipped
C:\90ea1\fp4awebs.dll Object is locked skipped
C:\90ea1\fp4awel.dll Object is locked skipped
C:\90ea1\fp98sadm.exe Object is locked skipped
C:\90ea1\fp98swin.exe Object is locked skipped
C:\90ea1\fpadmcgi.exe Object is locked skipped
C:\90ea1\fpadmdll.dll Object is locked skipped
C:\90ea1\fpcount.exe Object is locked skipped
C:\90ea1\fpencode.dll Object is locked skipped
C:\90ea1\fpexedll.dll Object is locked skipped
C:\90ea1\fpmmc.dll Object is locked skipped
C:\90ea1\fpmmcsat.dll Object is locked skipped
C:\90ea1\fpremadm.exe Object is locked skipped
C:\90ea1\fpsrvadm.exe Object is locked skipped
C:\90ea1\framebuf.dll Object is locked skipped
C:\90ea1\ftp.exe Object is locked skipped
C:\90ea1\fxsapi.dll Object is locked skipped
C:\90ea1\fxsclnt.exe Object is locked skipped
C:\90ea1\fxscomex.dll Object is locked skipped
C:\90ea1\fxscover.exe Object is locked skipped
C:\90ea1\fxsdrv.dll Object is locked skipped
C:\90ea1\fxsext32.dll Object is locked skipped
C:\90ea1\fxsocm.dll Object is locked skipped
C:\90ea1\fxsocm.inf Object is locked skipped
C:\90ea1\fxsperf.dll Object is locked skipped
C:\90ea1\fxsres.dll Object is locked skipped
C:\90ea1\fxsst.dll Object is locked skipped
C:\90ea1\fxssvc.exe Object is locked skipped
C:\90ea1\fxst30.dll Object is locked skipped
C:\90ea1\fxstiff.dll Object is locked skipped
C:\90ea1\fxsui.dll Object is locked skipped
C:\90ea1\fxswzrd.dll Object is locked skipped
C:\90ea1\fxsxp32.dll Object is locked skipped
C:\90ea1\g400.inf Object is locked skipped
C:\90ea1\gameenum.sys Object is locked skipped
C:\90ea1\gckernel.sys Object is locked skipped
C:\90ea1\gdi32.dll Object is locked skipped
C:\90ea1\georgia.ttf Object is locked skipped
C:\90ea1\guitrn.dll Object is locked skipped
C:\90ea1\guitrn_a.dll Object is locked skipped
C:\90ea1\h323cc.dll Object is locked skipped
C:\90ea1\hal.dll Object is locked skipped
C:\90ea1\halaacpi.dll Object is locked skipped
C:\90ea1\halacpi.dll Object is locked skipped
C:\90ea1\halapic.dll Object is locked skipped
C:\90ea1\halmacpi.dll Object is locked skipped
C:\90ea1\halmps.dll Object is locked skipped
C:\90ea1\hccoin.dll Object is locked skipped
C:\90ea1\helpctr.exe Object is locked skipped
C:\90ea1\helpsvc.exe Object is locked skipped
C:\90ea1\hh.exe Object is locked skipped
C:\90ea1\hhctrl.ocx Object is locked skipped
C:\90ea1\hhsetup.dll Object is locked skipped
C:\90ea1\hidclass.sys Object is locked skipped
C:\90ea1\hidir.sys Object is locked skipped
C:\90ea1\hidserv.dll Object is locked skipped
C:\90ea1\highcont.mar Object is locked skipped
C:\90ea1\hmmapi.dll Object is locked skipped
C:\90ea1\hnetcfg.dll Object is locked skipped
C:\90ea1\homepage.inf Object is locked skipped
C:\90ea1\i8042prt.sys Object is locked skipped
C:\90ea1\ic\acpi.inf Object is locked skipped
C:\90ea1\ic\au.inf Object is locked skipped
C:\90ea1\ic\battery.inf Object is locked skipped
C:\90ea1\ic\bda.inf Object is locked skipped
C:\90ea1\ic\cdrom.inf Object is locked skipped
C:\90ea1\ic\cpu.inf Object is locked skipped
C:\90ea1\ic\disk.inf Object is locked skipped
C:\90ea1\ic\dpcdll.dll Object is locked skipped
C:\90ea1\ic\dpup.inf Object is locked skipped
C:\90ea1\ic\drvindex.inf Object is locked skipped
C:\90ea1\ic\hiddigi.inf Object is locked skipped
C:\90ea1\ic\hidserv.inf Object is locked skipped
C:\90ea1\ic\ie.inf Object is locked skipped
C:\90ea1\ic\ieaccess.inf Object is locked skipped
C:\90ea1\ic\iis.inf Object is locked skipped
C:\90ea1\ic\ims.inf Object is locked skipped
C:\90ea1\ic\input.inf Object is locked skipped
C:\90ea1\ic\intl.inf Object is locked skipped
C:\90ea1\ic\keyboard.inf Object is locked skipped
C:\90ea1\ic\kscaptur.inf Object is locked skipped
C:\90ea1\ic\layout.inf Object is locked skipped
C:\90ea1\ic\miscp.chm Object is locked skipped
C:\90ea1\ic\mshdc.inf Object is locked skipped
C:\90ea1\ic\msoe50.inf Object is locked skipped
C:\90ea1\ic\netip6.inf Object is locked skipped
C:\90ea1\ic\netoc.inf Object is locked skipped
C:\90ea1\ic\netrass.inf Object is locked skipped
C:\90ea1\ic\nt5inf.cat Object is locked skipped
C:\90ea1\ic\ntprint.inf Object is locked skipped
C:\90ea1\ic\pchealth.inf Object is locked skipped
C:\90ea1\ic\pidgen.dll Object is locked skipped
C:\90ea1\ic\pnpscsi.inf Object is locked skipped
C:\90ea1\ic\scsi.inf Object is locked skipped
C:\90ea1\ic\swflash.inf Object is locked skipped
C:\90ea1\ic\sysoc.inf Object is locked skipped
C:\90ea1\ic\syssetup.inf Object is locked skipped
C:\90ea1\ic\tape.inf Object is locked skipped
C:\90ea1\ic\tsoc.inf Object is locked skipped
C:\90ea1\ic\usbport.inf Object is locked skipped
C:\90ea1\ic\whatnewp.chm Object is locked skipped
C:\90ea1\icaapi.dll Object is locked skipped
C:\90ea1\icm32.dll Object is locked skipped
C:\90ea1\icsmgr.js Object is locked skipped
C:\90ea1\icwconn1.exe Object is locked skipped
C:\90ea1\idq.dll Object is locked skipped
C:\90ea1\ie4uinit.exe Object is locked skipped
C:\90ea1\ieakeng.dll Object is locked skipped
C:\90ea1\ieaksie.dll Object is locked skipped
C:\90ea1\iedkcs32.dll Object is locked skipped
C:\90ea1\iepeers.dll Object is locked skipped
C:\90ea1\iesetup.dll Object is locked skipped
C:\90ea1\ieuinit.inf Object is locked skipped
C:\90ea1\iexplore.exe Object is locked skipped
C:\90ea1\iis.dll Object is locked skipped
C:\90ea1\ils.dll Object is locked skipped
C:\90ea1\imaadp32.acm Object is locked skipped
C:\90ea1\imagehlp.dll Object is locked skipped
C:\90ea1\imapi.exe Object is locked skipped
C:\90ea1\imapi.sys Object is locked skipped
C:\90ea1\imeshare.dll Object is locked skipped
C:\90ea1\imgutil.dll Object is locked skipped
C:\90ea1\imm32.dll Object is locked skipped
C:\90ea1\inetcomm.dll Object is locked skipped
C:\90ea1\inetcpl.cpl Object is locked skipped
C:\90ea1\input.dll Object is locked skipped
C:\90ea1\inseng.dll Object is locked skipped
C:\90ea1\instcat.sql Object is locked skipped
C:\90ea1\intelide.sys Object is locked skipped
C:\90ea1\intl.cpl Object is locked skipped
C:\90ea1\ipconfig.exe Object is locked skipped
C:\90ea1\iphlpapi.dll Object is locked skipped
C:\90ea1\ipnat.sys Object is locked skipped
C:\90ea1\ipnathlp.dll Object is locked skipped
C:\90ea1\ippromon.dll Object is locked skipped
C:\90ea1\ipp_0001.asp Object is locked skipped
C:\90ea1\ipp_0002.asp Object is locked skipped
C:\90ea1\ipp_0004.asp Object is locked skipped
C:\90ea1\ipp_0006.asp Object is locked skipped
C:\90ea1\ipp_0013.asp Object is locked skipped
C:\90ea1\ipp_0014.asp Object is locked skipped
C:\90ea1\ipp_util.inc Object is locked skipped
C:\90ea1\ipsec.sys Object is locked skipped
C:\90ea1\ipsecsvc.dll Object is locked skipped
C:\90ea1\ipv6.exe Object is locked skipped
C:\90ea1\ipv6mon.dll Object is locked skipped
C:\90ea1\irbus.sys Object is locked skipped
C:\90ea1\irmon.dll Object is locked skipped
C:\90ea1\itircl.dll Object is locked skipped
C:\90ea1\itss.dll Object is locked skipped
C:\90ea1\iuctl.dll Object is locked skipped
C:\90ea1\iuengine.dll Object is locked skipped
C:\90ea1\ixsso.dll Object is locked skipped
C:\90ea1\joy.cpl Object is locked skipped
C:\90ea1\kbdclass.sys Object is locked skipped
C:\90ea1\kd1394.dll Object is locked skipped
C:\90ea1\kerberos.dll Object is locked skipped
C:\90ea1\kernel32.dll Object is locked skipped
C:\90ea1\keyboard.sys Object is locked skipped
C:\90ea1\kmixer.sys Object is locked skipped
C:\90ea1\ks.sys Object is locked skipped
C:\90ea1\ksxbar.ax Object is locked skipped
C:\90ea1\l3codeca.acm Object is locked skipped
C:\90ea1\lang\chajei.ime Object is locked skipped
C:\90ea1\lang\chtmbx.dll Object is locked skipped
C:\90ea1\lang\chtskdic.dll Object is locked skipped
C:\90ea1\lang\chtskf.dll Object is locked skipped
C:\90ea1\lang\cintime.dll Object is locked skipped
C:\90ea1\lang\cintlgnt.ime Object is locked skipped
C:\90ea1\lang\cintsetp.exe Object is locked skipped
C:\90ea1\lang\cplexe.exe Object is locked skipped
C:\90ea1\lang\dayi.ime Object is locked skipped
C:\90ea1\lang\imekr61.ime Object is locked skipped
C:\90ea1\lang\imekrcic.dll Object is locked skipped
C:\90ea1\lang\imjp81.ime Object is locked skipped
C:\90ea1\lang\imjp81k.dll Object is locked skipped
C:\90ea1\lang\imjpcd.dic Object is locked skipped
C:\90ea1\lang\imjpcic.dll Object is locked skipped
C:\90ea1\lang\imjpcus.dll Object is locked skipped
C:\90ea1\lang\imjpdct.dll Object is locked skipped
C:\90ea1\lang\imjpdct.exe Object is locked skipped
C:\90ea1\lang\imjpdsvr.exe Object is locked skipped
C:\90ea1\lang\imjpinst.exe Object is locked skipped
C:\90ea1\lang\imjpinst.ini Object is locked skipped
C:\90ea1\lang\imjpmig.exe Object is locked skipped
C:\90ea1\lang\imjprw.exe Object is locked skipped
C:\90ea1\lang\imjputy.exe Object is locked skipped
C:\90ea1\lang\imjputyc.dll Object is locked skipped
C:\90ea1\lang\imlang.dll Object is locked skipped
C:\90ea1\lang\imscinst.exe Object is locked skipped
C:\90ea1\lang\miniime.tpl Object is locked skipped
C:\90ea1\lang\padrs404.dll Object is locked skipped
C:\90ea1\lang\padrs804.dll Object is locked skipped
C:\90ea1\lang\phon.ime Object is locked skipped
C:\90ea1\lang\pintlcsa.dll Object is locked skipped
C:\90ea1\lang\pintlcsd.dic Object is locked skipped
C:\90ea1\lang\pintlcsd.dll Object is locked skipped
C:\90ea1\lang\pintlcsk.dic Object is locked skipped
C:\90ea1\lang\pintlgc.imd Object is locked skipped
C:\90ea1\lang\pintlgd.imd Object is locked skipped
C:\90ea1\lang\pintlgdx.imd Object is locked skipped
C:\90ea1\lang\pintlgi.imd Object is locked skipped
C:\90ea1\lang\pintlgix.imd Object is locked skipped
C:\90ea1\lang\pintlgl.imd Object is locked skipped
C:\90ea1\lang\pintlgne.chm Object is locked skipped
C:\90ea1\lang\pintlgnt.chm Object is locked skipped
C:\90ea1\lang\pintlgnt.ime Object is locked skipped
C:\90ea1\lang\pintlgr.imd Object is locked skipped
C:\90ea1\lang\pintlgs.imd Object is locked skipped
C:\90ea1\lang\pintlphr.exe Object is locked skipped
C:\90ea1\lang\pmigrate.dll Object is locked skipped
C:\90ea1\lang\quick.ime Object is locked skipped
C:\90ea1\lang\romanime.ime Object is locked skipped
C:\90ea1\lang\tintlgnt.ime Object is locked skipped
C:\90ea1\lang\tintlphr.exe Object is locked skipped
C:\90ea1\lang\tintsetp.exe Object is locked skipped
C:\90ea1\lang\tmigrate.dll Object is locked skipped
C:\90ea1\lang\unicdime.ime Object is locked skipped
C:\90ea1\lang\uniime.dll Object is locked skipped
C:\90ea1\lang\voicepad.dll Object is locked skipped
C:\90ea1\lang\voicesub.dll Object is locked skipped
C:\90ea1\lang\winar30.ime Object is locked skipped
C:\90ea1\lang\winime.ime Object is locked skipped
C:\90ea1\laprxy.dll Object is locked skipped
C:\90ea1\lcladvd.xml Object is locked skipped
C:\90ea1\lcldocs.xml Object is locked skipped
C:\90ea1\licdll.dll Object is locked skipped
C:\90ea1\license.chm Object is locked skipped
C:\90ea1\licmgr10.dll Object is locked skipped
C:\90ea1\licwmi.dll Object is locked skipped
C:\90ea1\licwmi.mfl Object is locked skipped
C:\90ea1\licwmi.mof Object is locked skipped
C:\90ea1\lmrt.dll Object is locked skipped
C:\90ea1\locale.nls Object is locked skipped
C:\90ea1\localspl.dll Object is locked skipped
C:\90ea1\localui.dll Object is locked skipped
C:\90ea1\log.dll Object is locked skipped
C:\90ea1\logagent.exe Object is locked skipped
C:\90ea1\logon.scr Object is locked skipped
C:\90ea1\logonmgr.dll Object is locked skipped
C:\90ea1\logonui.exe Object is locked skipped
C:\90ea1\lsasrv.dll Object is locked skipped
C:\90ea1\lsass.exe Object is locked skipped
C:\90ea1\ltmdmnt.sys Object is locked skipped
C:\90ea1\ltmdmntt.sys Object is locked skipped
C:\90ea1\ltotape.sys Object is locked skipped
C:\90ea1\lvback.gif Object is locked skipped
C:\90ea1\lwadihid.sys Object is locked skipped
C:\90ea1\mail.mar Object is locked skipped
C:\90ea1\mailtmpl.txt Object is locked skipped
C:\90ea1\manifest.xml Object is locked skipped
C:\90ea1\market.mar Object is locked skipped
C:\90ea1\mdmetech.inf Object is locked skipped
C:\90ea1\mdmlt3.inf Object is locked skipped
C:\90ea1\mdmrpci.inf Object is locked skipped
C:\90ea1\mdmsuprv.inf Object is locked skipped
C:\90ea1\memstpci.sys Object is locked skipped
C:\90ea1\migapp.inf Object is locked skipped
C:\90ea1\migism.dll Object is locked skipped
C:\90ea1\migism.inf Object is locked skipped
C:\90ea1\migism_a.dll Object is locked skipped
C:\90ea1\migload.exe Object is locked skipped
C:\90ea1\migrate.js Object is locked skipped
C:\90ea1\migrate.obe Object is locked skipped
C:\90ea1\migsys.inf Object is locked skipped
C:\90ea1\migwiz.exe Object is locked skipped
C:\90ea1\migwiz.inf Object is locked skipped
C:\90ea1\migwiz_a.exe Object is locked skipped
C:\90ea1\mindex.dll Object is locked skipped
C:\90ea1\mmcndmgr.dll Object is locked skipped
C:\90ea1\mnmdd.dll Object is locked skipped
C:\90ea1\mobsync.dll Object is locked skipped
C:\90ea1\mofcomp.exe Object is locked skipped
C:\90ea1\mofd.dll Object is locked skipped
C:\90ea1\moricons.dll Object is locked skipped
C:\90ea1\mouclass.sys Object is locked skipped
C:\90ea1\moviemk.exe Object is locked skipped
C:\90ea1\mpg2splt.ax Object is locked skipped
C:\90ea1\mpg4dmod.dll Object is locked skipped
C:\90ea1\mpg4ds32.ax Object is locked skipped
C:\90ea1\mplay32.exe Object is locked skipped
C:\90ea1\mplayer2.exe Object is locked skipped
C:\90ea1\mrxsmb.sys Object is locked skipped
C:\90ea1\msadce.dll Object is locked skipped
C:\90ea1\msadcf.dll Object is locked skipped
C:\90ea1\msadco.dll Object is locked skipped
C:\90ea1\msadcs.dll Object is locked skipped
C:\90ea1\msadds.dll Object is locked skipped
C:\90ea1\msadds32.ax Object is locked skipped
C:\90ea1\msado15.dll Object is locked skipped
C:\90ea1\msado20.tlb Object is locked skipped
C:\90ea1\msado21.tlb Object is locked skipped
C:\90ea1\msado25.tlb Object is locked skipped
C:\90ea1\msado26.tlb Object is locked skipped
C:\90ea1\msadomd.dll Object is locked skipped
C:\90ea1\msador15.dll Object is locked skipped
C:\90ea1\msadox.dll Object is locked skipped
C:\90ea1\msadp32.acm Object is locked skipped
C:\90ea1\msadrh15.dll Object is locked skipped
C:\90ea1\msaud32.acm Object is locked skipped
C:\90ea1\mscandui.dll Object is locked skipped
C:\90ea1\mscms.dll Object is locked skipped
C:\90ea1\msconf.dll Object is locked skipped
C:\90ea1\msconfig.exe Object is locked skipped
C:\90ea1\mscpx32r.dll Object is locked skipped
C:\90ea1\msctf.dll Object is locked skipped
C:\90ea1\msctfp.dll Object is locked skipped
C:\90ea1\msdadc.dll Object is locked skipped
C:\90ea1\msdaenum.dll Object is locked skipped
C:\90ea1\msdaer.dll Object is locked skipped
C:\90ea1\msdaipp.dll Object is locked skipped
C:\90ea1\msdaora.dll Object is locked skipped
C:\90ea1\msdaosp.dll Object is locked skipped
C:\90ea1\msdaprst.dll Object is locked skipped
C:\90ea1\msdaps.dll Object is locked skipped
C:\90ea1\msdarem.dll Object is locked skipped
C:\90ea1\msdart.dll Object is locked skipped
C:\90ea1\msdasc.dll Object is locked skipped
C:\90ea1\msdasql.dll Object is locked skipped
C:\90ea1\msdatl3.dll Object is locked skipped
C:\90ea1\msdatsrc.tlb Object is locked skipped
C:\90ea1\msdatt.dll Object is locked skipped
C:\90ea1\msdaurl.dll Object is locked skipped
C:\90ea1\msdbx.dll Object is locked skipped
C:\90ea1\msdfmap.dll Object is locked skipped
C:\90ea1\msdtcprx.dll Object is locked skipped
C:\90ea1\msdtctr.mof Object is locked skipped
C:\90ea1\msdxm.ocx Object is locked skipped
C:\90ea1\msdxmlc.dll Object is locked skipped
C:\90ea1\msexch40.dll Object is locked skipped
C:\90ea1\msexcl40.dll Object is locked skipped
C:\90ea1\msgina.dll Object is locked skipped
C:\90ea1\msgrocm.dll Object is locked skipped
C:\90ea1\msgsc.dll Object is locked skipped
C:\90ea1\msgslang.dll Object is locked skipped
C:\90ea1\msh261.drv Object is locked skipped
C:\90ea1\msh263.drv Object is locked skipped
C:\90ea1\mshtml.dll Object is locked skipped
C:\90ea1\mshtml.tlb Object is locked skipped
C:\90ea1\mshtmled.dll Object is locked skipped
C:\90ea1\mshtmler.dll Object is locked skipped
C:\90ea1\msi.dll Object is locked skipped
C:\90ea1\msieftp.dll Object is locked skipped
C:\90ea1\msiexec.exe Object is locked skipped
C:\90ea1\msihnd.dll Object is locked skipped
C:\90ea1\msimain.sdb Object is locked skipped
C:\90ea1\msimg32.dll Object is locked skipped
C:\90ea1\msimn.exe Object is locked skipped
C:\90ea1\msimtf.dll Object is locked skipped
C:\90ea1\msisam11.dll Object is locked skipped
C:\90ea1\msjet40.dll Object is locked skipped
C:\90ea1\msjetol1.dll Object is locked skipped
C:\90ea1\msjro.dll Object is locked skipped
C:\90ea1\msjtes40.dll Object is locked skipped
C:\90ea1\mskssrv.sys Object is locked skipped
C:\90ea1\mslbui.dll Object is locked skipped
C:\90ea1\msltus40.dll Object is locked skipped
C:\90ea1\msmom.dll Object is locked skipped
C:\90ea1\msmsgs.cat Object is locked skipped
C:\90ea1\msmsgs.exe Object is locked skipped
C:\90ea1\msmsgs.inf Object is locked skipped
C:\90ea1\msmsgsin.exe Object is locked skipped
C:\90ea1\msn.inf Object is locked skipped
C:\90ea1\msn100.mar Object is locked skipped
C:\90ea1\msn14.mar Object is locked skipped
C:\90ea1\msn150.mar Object is locked skipped
C:\90ea1\msn163.mar Object is locked skipped
C:\90ea1\msn188.mar Object is locked skipped
C:\90ea1\msn220.mar Object is locked skipped
C:\90ea1\msn222.mar Object is locked skipped
C:\90ea1\msn238.mar Object is locked skipped
C:\90ea1\msn36.mar Object is locked skipped
C:\90ea1\msn6.exe Object is locked skipped
C:\90ea1\msnetobj.dll Object is locked skipped
C:\90ea1\msnmetal.dll Object is locked skipped
C:\90ea1\msnmigr.dll Object is locked skipped
C:\90ea1\msnmsn.inf Object is locked skipped
C:\90ea1\msnmtllc.dll Object is locked skipped
C:\90ea1\msnntmig.dll Object is locked skipped
C:\90ea1\msnspell.dll Object is locked skipped
C:\90ea1\msnsspc.dll Object is locked skipped
C:\90ea1\msnunin.exe Object is locked skipped
C:\90ea1\msnupgrd.inf Object is locked skipped
C:\90ea1\msobcomm.dll Object is locked skipped
C:\90ea1\msobmain.dll Object is locked skipped
C:\90ea1\msobshel.htm Object is locked skipped
C:\90ea1\msoe.dll Object is locked skipped
C:\90ea1\msoeacct.dll Object is locked skipped
C:\90ea1\msoert2.dll Object is locked skipped
C:\90ea1\msorcl32.dll Object is locked skipped
C:\90ea1\mspaint.exe Object is locked skipped
C:\90ea1\mspbde40.dll Object is locked skipped
C:\90ea1\mspmsp.dll Object is locked skipped
C:\90ea1\msrating.dll Object is locked skipped
C:\90ea1\msrd2x40.dll Object is locked skipped
C:\90ea1\msrdp.cab Object is locked skipped
C:\90ea1\msrdp.ocx Object is locked skipped
C:\90ea1\msrepl40.dll Object is locked skipped
C:\90ea1\msrle32.dll Object is locked skipped
C:\90ea1\msscds32.ax Object is locked skipped
C:\90ea1\msscp.dll Object is locked skipped
C:\90ea1\msscript.ocx Object is locked skipped
C:\90ea1\mst120.dll Object is locked skipped
C:\90ea1\mst123.dll Object is locked skipped
C:\90ea1\mstask.dll Object is locked skipped
C:\90ea1\mstee.sys Object is locked skipped
C:\90ea1\mstext40.dll Object is locked skipped
C:\90ea1\mstime.dll Object is locked skipped
C:\90ea1\mstinit.exe Object is locked skipped
C:\90ea1\mstsc.chm Object is locked skipped
C:\90ea1\mstsc.exe Object is locked skipped
C:\90ea1\mstscax.dll Object is locked skipped
C:\90ea1\mstsweb.cat Object is locked skipped
C:\90ea1\msuni11.dll Object is locked skipped
C:\90ea1\msutb.dll Object is locked skipped
C:\90ea1\msv1_0.dll Object is locked skipped
C:\90ea1\msvcp60.dll Object is locked skipped
C:\90ea1\msvcrt.dll Object is locked skipped
C:\90ea1\msvfw32.dll Object is locked skipped
C:\90ea1\msvidctl.dll Object is locked skipped
C:\90ea1\mswebdvd.dll Object is locked skipped
C:\90ea1\msxactps.dll Object is locked skipped
C:\90ea1\msxbde40.dll Object is locked skipped
C:\90ea1\msxml2.dll Object is locked skipped
C:\90ea1\msxml3.dll Object is locked skipped
C:\90ea1\muisetup.exe Object is locked skipped
C:\90ea1\mup.sys Object is locked skipped
C:\90ea1\mutohpen.sys Object is locked skipped
C:\90ea1\nac.dll Object is locked skipped
C:\90ea1\ncobjapi.dll Object is locked skipped
C:\90ea1\ncprov.dll Object is locked skipped
C:\90ea1\nddenb32.dll Object is locked skipped
C:\90ea1\ndis.sys Object is locked skipped
C:\90ea1\ndisnpp.dll Object is locked skipped
C:\90ea1\ndisuio.sys Object is locked skipped
C:\90ea1\ndiswan.sys Object is locked skipped
C:\90ea1\net.exe Object is locked skipped
C:\90ea1\net1.exe Object is locked skipped
C:\90ea1\netapi32.dll Object is locked skipped
C:\90ea1\netbios.sys Object is locked skipped
C:\90ea1\netbt.sys Object is locked skipped
C:\90ea1\netcfgx.dll Object is locked skipped
C:\90ea1\netdde.exe Object is locked skipped
C:\90ea1\netklsi.inf Object is locked skipped
C:\90ea1\netlogon.dll Object is locked skipped
C:\90ea1\netman.dll Object is locked skipped
C:\90ea1\netnm.inf Object is locked skipped
C:\90ea1\netoc.dll Object is locked skipped
C:\90ea1\netplwiz.dll Object is locked skipped
C:\90ea1\netrtsnt.inf Object is locked skipped
C:\90ea1\netsetup.exe Object is locked skipped
C:\90ea1\netshell.dll Object is locked skipped
C:\90ea1\netwlan.inf Object is locked skipped
C:\90ea1\netwlan2.inf Object is locked skipped
C:\90ea1\netwlan5.img Object is locked skipped
C:\90ea1\netwlan5.sys Object is locked skipped
C:\90ea1\netwv48.inf Object is locked skipped
C:\90ea1\new\apph_sp.sdb Object is locked skipped
C:\90ea1\new\apps_sp.chm Object is locked skipped
C:\90ea1\new\ati2dvaa.dll Object is locked skipped
C:\90ea1\new\ati2dvag.dll Object is locked skipped
C:\90ea1\new\ati2mtaa.sys Object is locked skipped
C:\90ea1\new\ati2mtag.sys Object is locked skipped
C:\90ea1\new\ati3d1ag.dll Object is locked skipped
C:\90ea1\new\ati3d2ag.dll Object is locked skipped
C:\90ea1\new\atiixpaa.inf Object is locked skipped
C:\90ea1\new\atiixpag.inf Object is locked skipped
C:\90ea1\new\atinbtxx.sys Object is locked skipped
C:\90ea1\new\atinmdxx.sys Object is locked skipped
C:\90ea1\new\atinpdxx.sys Object is locked skipped
C:\90ea1\new\atinraxx.sys Object is locked skipped
C:\90ea1\new\atinrvxx.sys Object is locked skipped
C:\90ea1\new\atinsnxx.sys Object is locked skipped
C:\90ea1\new\atinttxx.sys Object is locked skipped
C:\90ea1\new\atintuxx.sys Object is locked skipped
C:\90ea1\new\atinxbxx.sys Object is locked skipped
C:\90ea1\new\atinxsxx.sys Object is locked skipped
C:\90ea1\new\ativdaxx.ax Object is locked skipped
C:\90ea1\new\ativmvxx.ax Object is locked skipped
C:\90ea1\new\atixpwdm.inf Object is locked skipped
C:\90ea1\new\c_28603.nls Object is locked skipped
C:\90ea1\new\dsprpres.dll Object is locked skipped
C:\90ea1\new\encapi.dll Object is locked skipped
C:\90ea1\new\encdec.dll Object is locked skipped
C:\90ea1\new\faxpatch.exe Object is locked skipped
C:\90ea1\new\hccoin.dll Object is locked skipped
C:\90ea1\new\hidir.sys Object is locked skipped
C:\90ea1\new\hscupd.exe Object is locked skipped
C:\90ea1\new\hscxpsp1.cab Object is locked skipped
C:\90ea1\new\logo.gif Object is locked skipped
C:\90ea1\new\logowin.gif Object is locked skipped
C:\90ea1\new\medctrro.exe Object is locked skipped
C:\90ea1\new\msctfime.ime Object is locked skipped
C:\90ea1\new\msftedit.dll Object is locked skipped
C:\90ea1\new\mssap.dll Object is locked skipped
C:\90ea1\new\mutohpen.sys Object is locked skipped
C:\90ea1\new\netbeac.inf Object is locked skipped
C:\90ea1\new\nettun.inf Object is locked skipped
C:\90ea1\new\nv4_disp.inf Object is locked skipped
C:\90ea1\new\nvct.inf Object is locked skipped
C:\90ea1\new\nvdm.inf Object is locked skipped
C:\90ea1\new\nvts.inf Object is locked skipped
C:\90ea1\new\oeaccess.inf Object is locked skipped
C:\90ea1\new\osloader.ntd Object is locked skipped
C:\90ea1\new\ramdisk.inf Object is locked skipped
C:\90ea1\new\rtcimsp.dll Object is locked skipped
C:\90ea1\new\sbe.dll Object is locked skipped
C:\90ea1\new\sbeio.dll Object is locked skipped
C:\90ea1\new\secupd.dat Object is locked skipped
C:\90ea1\new\secupd.sig Object is locked skipped
C:\90ea1\new\smtpsvc.dll Object is locked skipped
C:\90ea1\new\snchk.exe Object is locked skipped
C:\90ea1\new\sp1.cab Object is locked skipped
C:\90ea1\new\spgrmr.dll Object is locked skipped
C:\90ea1\new\usbehci.sys Object is locked skipped
C:\90ea1\new\wacompen.sys Object is locked skipped
C:\90ea1\new\winbrand.dll Object is locked skipped
C:\90ea1\new\winhttp.dll Object is locked skipped
C:\90ea1\new\wmaccess.inf Object is locked skipped
C:\90ea1\new\wmpocm.inf Object is locked skipped
C:\90ea1\new\wmvcore2.dll Object is locked skipped
C:\90ea1\new\wuau.adm Object is locked skipped
C:\90ea1\new\wuauhelp.chm Object is locked skipped
C:\90ea1\new\xpsp1res.dll Object is locked skipped
C:\90ea1\newalert.wav Object is locked skipped
C:\90ea1\newdev.dll Object is locked skipped
C:\90ea1\newemail.wav Object is locked skipped
C:\90ea1\neweula.htm Object is locked skipped
C:\90ea1\nic1394.sys Object is locked skipped
C:\90ea1\nlhtml.dll Object is locked skipped
C:\90ea1\nmas.dll Object is locked skipped
C:\90ea1\nmasnt.dll Object is locked skipped
C:\90ea1\nmchat.dll Object is locked skipped
C:\90ea1\nmcom.dll Object is locked skipped
C:\90ea1\nmft.dll Object is locked skipped
C:\90ea1\nmmkcert.dll Object is locked skipped
C:\90ea1\nmnt.sys Object is locked skipped
C:\90ea1\nmoldwb.dll Object is locked skipped
C:\90ea1\nmwb.dll Object is locked skipped
C:\90ea1\npdrmv2.dll Object is locked skipped
C:\90ea1\npdsplay.dll Object is locked skipped
C:\90ea1\nppagent.exe Object is locked skipped
C:\90ea1\npptools.dll Object is locked skipped
C:\90ea1\npwmsdrm.dll Object is locked skipped
C:\90ea1\nt5.cat Object is locked skipped
C:\90ea1\ntdetect.com Object is locked skipped
C:\90ea1\ntdll.dll Object is locked skipped
C:\90ea1\ntfs.sys Object is locked skipped
C:\90ea1\ntio.sys Object is locked skipped
C:\90ea1\ntkrnlmp.exe Object is locked skipped
C:\90ea1\ntkrnlpa.exe Object is locked skipped
C:\90ea1\ntkrpamp.exe Object is locked skipped
C:\90ea1\ntlanman.dll Object is locked skipped
C:\90ea1\ntldr Object is locked skipped
C:\90ea1\ntmarta.dll Object is locked skipped
C:\90ea1\ntmsapi.dll Object is locked skipped
C:\90ea1\ntmsdba.dll Object is locked skipped
C:\90ea1\ntmssvc.dll Object is locked skipped
C:\90ea1\ntoskrnl.exe Object is locked skipped
C:\90ea1\ntprint.cat Object is locked skipped
C:\90ea1\ntprint.dll Object is locked skipped
C:\90ea1\ntshrui.dll Object is locked skipped
C:\90ea1\ntvdm.exe Object is locked skipped
C:\90ea1\nv4_disp.dll Object is locked skipped
C:\90ea1\nv4_mini.sys Object is locked skipped
C:\90ea1\nwprovau.dll Object is locked skipped
C:\90ea1\oakley.dll Object is locked skipped
C:\90ea1\obeip.dun Object is locked skipped
C:\90ea1\ocgen.dll Object is locked skipped
C:\90ea1\ocmsn.dll Object is locked skipped
C:\90ea1\odbc32.dll Object is locked skipped
C:\90ea1\odbc32gt.dll Object is locked skipped
C:\90ea1\odbcad32.exe Object is locked skipped
C:\90ea1\odbcbcp.dll Object is locked skipped
C:\90ea1\odbcconf.dll Object is locked skipped
C:\90ea1\odbcconf.exe Object is locked skipped
C:\90ea1\odbcconf.rsp Object is locked skipped
C:\90ea1\odbccp32.dll Object is locked skipped
C:\90ea1\odbccr32.dll Object is locked skipped
C:\90ea1\odbccu32.dll Object is locked skipped
C:\90ea1\odbcp32r.dll Object is locked skipped
C:\90ea1\odbctrac.dll Object is locked skipped
C:\90ea1\offfilt.dll Object is locked skipped
C:\90ea1\ohci1394.sys Object is locked skipped
C:\90ea1\ole32.dll Object is locked skipped
C:\90ea1\oleaut32.dll Object is locked skipped
C:\90ea1\oledb32.dll Object is locked skipped
C:\90ea1\oleprn.dll Object is locked skipped
C:\90ea1\online.wav Object is locked skipped
C:\90ea1\oobebaln.exe Object is locked skipped
C:\90ea1\opengl32.dll Object is locked skipped
C:\90ea1\oschoice.exe Object is locked skipped
C:\90ea1\osk.exe Object is locked skipped
C:\90ea1\osloader.exe Object is locked skipped
C:\90ea1\p3.sys Object is locked skipped
C:\90ea1\packager.exe Object is locked skipped
C:\90ea1\page1.asp Object is locked skipped
C:\90ea1\parport.sys Object is locked skipped
C:\90ea1\pautoenr.dll Object is locked skipped
C:\90ea1\pchshell.dll Object is locked skipped
C:\90ea1\pchsvc.dll Object is locked skipped
C:\90ea1\pci.sys Object is locked skipped
C:\90ea1\pciidex.sys Object is locked skipped
C:\90ea1\pcmcia.sys Object is locked skipped
C:\90ea1\pcx500.sys Object is locked skipped
C:\90ea1\pdh.dll Object is locked skipped
C:\90ea1\perm2.sys Object is locked skipped
C:\90ea1\perm2dll.dll Object is locked skipped
C:\90ea1\perm3.sys Object is locked skipped
C:\90ea1\perm3dd.dll Object is locked skipped
C:\90ea1\phone.icw Object is locked skipped
C:\90ea1\phone.inf Object is locked skipped
C:\90ea1\phone.obe Object is locked skipped
C:\90ea1\pid.dll Object is locked skipped
C:\90ea1\ping.exe Object is locked skipped
C:\90ea1\pngfilt.dll Object is locked skipped
C:\90ea1\popc.dll Object is locked skipped
C:\90ea1\portcls.sys Object is locked skipped
C:\90ea1\ppa3.sys Object is locked skipped
C:\90ea1\printui.dll Object is locked skipped
C:\90ea1\privacy.hta Object is locked skipped
C:\90ea1\processr.sys Object is locked skipped
C:\90ea1\proctexe.ocx Object is locked skipped
C:\90ea1\ps5ui.dll Object is locked skipped
C:\90ea1\psapi.dll Object is locked skipped
C:\90ea1\psbase.dll Object is locked skipped
C:\90ea1\psched.sys Object is locked skipped
C:\90ea1\pscript5.dll Object is locked skipped
C:\90ea1\ptpusd.dll Object is locked skipped
C:\90ea1\qcap.dll Object is locked skipped
C:\90ea1\qdvd.dll Object is locked skipped
C:\90ea1\qedit.dll Object is locked skipped
C:\90ea1\qmgr.dll Object is locked skipped
C:\90ea1\qmgrprxy.dll Object is locked skipped
C:\90ea1\quartz.dll Object is locked skipped
C:\90ea1\query.dll Object is locked skipped
C:\90ea1\ramdisk.sys Object is locked skipped
C:\90ea1\rasapi32.dll Object is locked skipped
C:\90ea1\raschap.dll Object is locked skipped
C:\90ea1\rasdlg.dll Object is locked skipped
C:\90ea1\rasl2tp.sys Object is locked skipped
C:\90ea1\rasman.dll Object is locked skipped
C:\90ea1\rasmans.dll Object is locked skipped
C:\90ea1\rasppp.dll Object is locked skipped
C:\90ea1\raspptp.sys Object is locked skipped
C:\90ea1\rassapi.dll Object is locked skipped
C:\90ea1\rastapi.dll Object is locked skipped
C:\90ea1\rastls.dll Object is locked skipped
C:\90ea1\rcimlby.exe Object is locked skipped
C:\90ea1\rdbss.sys Object is locked skipped
C:\90ea1\rdchost.dll Object is locked skipped
C:\90ea1\rdpclip.exe Object is locked skipped
C:\90ea1\rdpdd.dll Object is locked skipped
C:\90ea1\rdpdr.sys Object is locked skipped
C:\90ea1\rdpsnd.dll Object is locked skipped
C:\90ea1\rdpwd.sys Object is locked skipped
C:\90ea1\rdpwsx.dll Object is locked skipped
C:\90ea1\rdsaddin.exe Object is locked skipped
C:\90ea1\readmesp.htm Object is locked skipped
C:\90ea1\redbook.sys Object is locked skipped
C:\90ea1\redir.exe Object is locked skipped
C:\90ea1\reg.exe Object is locked skipped
C:\90ea1\regapi.dll Object is locked skipped
C:\90ea1\regedit.exe Object is locked skipped
C:\90ea1\remotepg.dll Object is locked skipped
C:\90ea1\repdrvfs.dll Object is locked skipped
C:\90ea1\riched20.dll Object is locked skipped
C:\90ea1\rpcrt4.dll Object is locked skipped
C:\90ea1\rpcss.dll Object is locked skipped
C:\90ea1\rrcm.dll Object is locked skipped
C:\90ea1\rsaenh.dll Object is locked skipped
C:\90ea1\rshx32.dll Object is locked skipped
C:\90ea1\rstrui.exe Object is locked skipped
C:\90ea1\rtcdll.dll Object is locked skipped
C:\90ea1\rtcshare.exe Object is locked skipped
C:\90ea1\runonce.exe Object is locked skipped
C:\90ea1\samlib.dll Object is locked skipped
C:\90ea1\sapi.cpl Object is locked skipped
C:\90ea1\sapi.dll Object is locked skipped
C:\90ea1\savedump.exe Object is locked skipped
C:\90ea1\sbp2port.sys Object is locked skipped
C:\90ea1\sccbase.dll Object is locked skipped
C:\90ea1\sccsccp.dll Object is locked skipped
C:\90ea1\scecli.dll Object is locked skipped
C:\90ea1\scesrv.dll Object is locked skipped
C:\90ea1\schannel.dll Object is locked skipped
C:\90ea1\schedsvc.dll Object is locked skipped
C:\90ea1\script.dll Object is locked skipped
C:\90ea1\script_a.dll Object is locked skipped
C:\90ea1\scrnsave.scr Object is locked skipped
C:\90ea1\scsiport.sys Object is locked skipped
C:\90ea1\sdbinst.exe Object is locked skipped
C:\90ea1\secdrv.sys Object is locked skipped
C:\90ea1\secur32.dll Object is locked skipped
C:\90ea1\sens.dll Object is locked skipped
C:\90ea1\sensapi.dll Object is locked skipped
C:\90ea1\serial.sys Object is locked skipped
C:\90ea1\sessmgr.exe Object is locked skipped
C:\90ea1\setup.exe Object is locked skipped
C:\90ea1\setup50.exe Object is locked skipped
C:\90ea1\setupapi.dll Object is locked skipped
C:\90ea1\setupqry.dll Object is locked skipped
C:\90ea1\setupqry.inf Object is locked skipped
C:\90ea1\setup_wm.exe Object is locked skipped
C:\90ea1\sfcfiles.dll Object is locked skipped
C:\90ea1\sfc_os.dll Object is locked skipped
C:\90ea1\sfloppy.sys Object is locked skipped
C:\90ea1\shdocvw.dll Object is locked skipped
C:\90ea1\shell32.dll Object is locked skipped
C:\90ea1\shfolder.dll Object is locked skipped
C:\90ea1\shgina.dll Object is locked skipped
C:\90ea1\shimeng.dll Object is locked skipped
C:\90ea1\shimgvw.dll Object is locked skipped
C:\90ea1\shlwapi.dll Object is locked skipped
C:\90ea1\shmgrate.exe Object is locked skipped
C:\90ea1\shsvcs.dll Object is locked skipped
C:\90ea1\shtml.dll Object is locked skipped
C:\90ea1\shtml.exe Object is locked skipped
C:\90ea1\signup.mar Object is locked skipped
C:\90ea1\sigtab.dll Object is locked skipped
C:\90ea1\sigverif.exe Object is locked skipped
C:\90ea1\simpdata.tlb Object is locked skipped
C:\90ea1\skeys.exe Object is locked skipped
C:\90ea1\sla30nd5.sys Object is locked skipped
C:\90ea1\slayerxp.dll Object is locked skipped
C:\90ea1\sl_anet.acm Object is locked skipped
C:\90ea1\smbali.sys Object is locked skipped
C:\90ea1\smbbatt.sys Object is locked skipped
C:\90ea1\smbclass.sys Object is locked skipped
C:\90ea1\smi2smir.exe Object is locked skipped
C:\90ea1\smlogcfg.dll Object is locked skipped
C:\90ea1\smlogsvc.exe Object is locked skipped
C:\90ea1\smss.exe Object is locked skipped
C:\90ea1\snmp.exe Object is locked skipped
C:\90ea1\snmpapi.dll Object is locked skipped
C:\90ea1\snmpcl.dll Object is locked skipped
C:\90ea1\snmpincl.dll Object is locked skipped
C:\90ea1\snmpsmir.dll Object is locked skipped
C:\90ea1\snmpthrd.dll Object is locked skipped
C:\90ea1\softkbd.dll Object is locked skipped
C:\90ea1\sonydcam.sys Object is locked skipped
C:\90ea1\spider.exe Object is locked skipped
C:\90ea1\splitter.sys Object is locked skipped
C:\90ea1\spmsg.dll Object is locked skipped
C:\90ea1\spoolss.dll Object is locked skipped
C:\90ea1\sptip.dll Object is locked skipped
C:\90ea1\spuninst.exe Object is locked skipped
C:\90ea1\sqloledb.dll Object is locked skipped
C:\90ea1\sqlsrv32.dll Object is locked skipped
C:\90ea1\sqlxmlx.dll Object is locked skipped
C:\90ea1\sr.sys Object is locked skipped
C:\90ea1\srchui.dll Object is locked skipped
C:\90ea1\srclient.dll Object is locked skipped
C:\90ea1\srrstr.dll Object is locked skipped
C:\90ea1\srsvc.dll Object is locked skipped
C:\90ea1\ss3dfo.scr Object is locked skipped
C:\90ea1\ssbezier.scr Object is locked skipped
C:\90ea1\ssdpapi.dll Object is locked skipped
C:\90ea1\ssdpsrv.dll Object is locked skipped
C:\90ea1\ssflwbox.scr Object is locked skipped
C:\90ea1\ssmarque.scr Object is locked skipped
C:\90ea1\ssmyst.scr Object is locked skipped
C:\90ea1\sspipes.scr Object is locked skipped
C:\90ea1\ssstars.scr Object is locked skipped
C:\90ea1\sstext3d.scr Object is locked skipped
C:\90ea1\stdprov.dll Object is locked skipped
C:\90ea1\sti.dll Object is locked skipped
C:\90ea1\sti_ci.dll Object is locked skipped
C:\90ea1\stobject.dll Object is locked skipped
C:\90ea1\storprop.dll Object is locked skipped
C:\90ea1\stream.sys Object is locked skipped
C:\90ea1\strmdll.dll Object is locked skipped
C:\90ea1\stub_fpsrvadm.exe Object is locked skipped
C:\90ea1\stub_fpsrvwin.exe Object is locked skipped
C:\90ea1\swflash.ocx Object is locked skipped
C:\90ea1\sxs.dll Object is locked skipped
C:\90ea1\sysaudio.sys Object is locked skipped
C:\90ea1\sysdm.cpl Object is locked skipped
C:\90ea1\sysmain.sdb Object is locked skipped
C:\90ea1\sysmod.dll Object is locked skipped
C:\90ea1\sysmod_a.dll Object is locked skipped
C:\90ea1\sysmon.ocx Object is locked skipped
C:\90ea1\syssetup.dll Object is locked skipped
C:\90ea1\tagfile.1 Object is locked skipped
C:\90ea1\tahoma.ttf Object is locked skipped
C:\90ea1\tahomabd.ttf Object is locked skipped
C:\90ea1\tape.sys Object is locked skipped
C:\90ea1\tapi32.dll Object is locked skipped
C:\90ea1\tapisrv.dll Object is locked skipped
C:\90ea1\taskmgr.exe Object is locked skipped
C:\90ea1\tcpip.sys Object is locked skipped
C:\90ea1\tcpip6.sys Object is locked skipped
C:\90ea1\tcptest.exe Object is locked skipped
C:\90ea1\tcptsat.dll Object is locked skipped
C:\90ea1\telnet.exe Object is locked skipped
C:\90ea1\termdd.sys Object is locked skipped
C:\90ea1\termsrv.dll Object is locked skipped
C:\90ea1\tffsport.sys Object is locked skipped
C:\90ea1\themedef.mar Object is locked skipped
C:\90ea1\themeui.dll Object is locked skipped
C:\90ea1\times.ttf Object is locked skipped
C:\90ea1\tracert.exe Object is locked skipped
C:\90ea1\trebuc.ttf Object is locked skipped
C:\90ea1\triedit.dll Object is locked skipped
C:\90ea1\trkwks.dll Object is locked skipped
C:\90ea1\tscfgwmi.dll Object is locked skipped
C:\90ea1\tscfgwmi.mfl Object is locked skipped
C:\90ea1\tscfgwmi.mof Object is locked skipped
C:\90ea1\tscupgrd.exe Object is locked skipped
C:\90ea1\tshoot.chm Object is locked skipped
C:\90ea1\tsoc.dll Object is locked skipped
C:\90ea1\tsweb1.htm Object is locked skipped
C:\90ea1\tunmp.sys Object is locked skipped
C:\90ea1\type.wav Object is locked skipped
C:\90ea1\udfs.sys Object is locked skipped
C:\90ea1\udhisapi.dll Object is locked skipped
C:\90ea1\ui.mar Object is locked skipped
C:\90ea1\umandlg.dll Object is locked skipped
C:\90ea1\umpnpmgr.dll Object is locked skipped
C:\90ea1\unidrv.dll Object is locked skipped
C:\90ea1\unidrvui.dll Object is locked skipped
C:\90ea1\unregmp2.exe Object is locked skipped
C:\90ea1\untfs.dll Object is locked skipped
C:\90ea1\update\eula.txt Object is locked skipped
C:\90ea1\update\sp1.cat Object is locked skipped
C:\90ea1\update\spcustom.dll Object is locked skipped
C:\90ea1\update\update.exe Object is locked skipped
C:\90ea1\update\update.inf Object is locked skipped
C:\90ea1\update\update.url Object is locked skipped
C:\90ea1\update\update.ver Object is locked skipped
C:\90ea1\upnp.dll Object is locked skipped
C:\90ea1\upnphost.dll Object is locked skipped
C:\90ea1\upnpui.dll Object is locked skipped
C:\90ea1\ups.exe Object is locked skipped
C:\90ea1\url.dll Object is locked skipped
C:\90ea1\urlmon.dll Object is locked skipped
C:\90ea1\usb101et.sys Object is locked skipped
C:\90ea1\usbaudio.sys Object is locked skipped
C:\90ea1\usbccgp.sys Object is locked skipped
C:\90ea1\usbehci.sys Object is locked skipped
C:\90ea1\usbhub.sys Object is locked skipped
C:\90ea1\usbintel.sys Object is locked skipped
C:\90ea1\usbohci.sys Object is locked skipped
C:\90ea1\usbport.sys Object is locked skipped
C:\90ea1\usbprint.sys Object is locked skipped
C:\90ea1\usbscan.sys Object is locked skipped
C:\90ea1\usbstor.sys Object is locked skipped
C:\90ea1\usbuhci.sys Object is locked skipped
C:\90ea1\user32.dll Object is locked skipped
C:\90ea1\userenv.dll Object is locked skipped
C:\90ea1\userinit.exe Object is locked skipped
C:\90ea1\usmtdef.inf Object is locked skipped
C:\90ea1\usp10.dll Object is locked skipped
C:\90ea1\utilman.exe Object is locked skipped
C:\90ea1\uxtheme.dll Object is locked skipped
C:\90ea1\vbisurf.ax Object is locked skipped
C:\90ea1\vbscript.dll Object is locked skipped
C:\90ea1\vdmredir.dll Object is locked skipped
C:\90ea1\verdana.ttf Object is locked skipped
C:\90ea1\vfwwdm32.dll Object is locked skipped
C:\90ea1\vga.sys Object is locked skipped
C:\90ea1\vgx.dll Object is locked skipped
C:\90ea1\viaide.sys Object is locked skipped
C:\90ea1\videoprt.sys Object is locked skipped
C:\90ea1\vssapi.dll Object is locked skipped
C:\90ea1\w32time.dll Object is locked skipped
C:\90ea1\w95upgnt.dll Object is locked skipped
C:\90ea1\wab32.dll Object is locked skipped
C:\90ea1\wab32res.dll Object is locked skipped
C:\90ea1\wacompen.sys Object is locked skipped
C:\90ea1\watchdog.sys Object is locked skipped
C:\90ea1\wbemcomn.dll Object is locked skipped
C:\90ea1\wbemcore.dll Object is locked skipped
C:\90ea1\wbemess.dll Object is locked skipped
C:\90ea1\wbemprox.dll Object is locked skipped
C:\90ea1\wbemupgd.dll Object is locked skipped
C:\90ea1\wdmaud.sys Object is locked skipped
C:\90ea1\wdma_ali.inf Object is locked skipped
C:\90ea1\wdma_int.inf Object is locked skipped
C:\90ea1\wdma_via.inf Object is locked skipped
C:\90ea1\webcheck.dll Object is locked skipped
C:\90ea1\webclnt.dll Object is locked skipped
C:\90ea1\webfldrs.msi Object is locked skipped
C:\90ea1\webvw.dll Object is locked skipped
C:\90ea1\wextract.exe Object is locked skipped
C:\90ea1\wiadss.dll Object is locked skipped
C:\90ea1\wiaservc.dll Object is locked skipped
C:\90ea1\win32k.sys Object is locked skipped
C:\90ea1\win32spl.dll Object is locked skipped
C:\90ea1\winhlp32.exe Object is locked skipped
C:\90ea1\wininet.dll Object is locked skipped
C:\90ea1\winlogon.exe Object is locked skipped
C:\90ea1\winmm.dll Object is locked skipped
C:\90ea1\winspool.drv Object is locked skipped
C:\90ea1\winsrv.dll Object is locked skipped
C:\90ea1\winsta.dll Object is locked skipped
C:\90ea1\winxp_logo_horiz_sm.gif Object is locked skipped
C:\90ea1\wldap32.dll Object is locked skipped
C:\90ea1\wlluc48.sys Object is locked skipped
C:\90ea1\wlnotify.dll Object is locked skipped
C:\90ea1\wmadmod.dll Object is locked skipped
C:\90ea1\wmadmoe.dll Object is locked skipped
C:\90ea1\wmasf.dll Object is locked skipped
C:\90ea1\wmerrenu.dll Object is locked skipped
C:\90ea1\wmi.mof Object is locked skipped
C:\90ea1\wmicookr.dll Object is locked skipped
C:\90ea1\wmidcprv.dll Object is locked skipped
C:\90ea1\wmidx.ocx Object is locked skipped
C:\90ea1\wmipcima.dll Object is locked skipped
C:\90ea1\wmiprov.dll Object is locked skipped
C:\90ea1\wmiprvsd.dll Object is locked skipped
C:\90ea1\wmiprvse.exe Object is locked skipped
C:\90ea1\wmipsess.dll Object is locked skipped
C:\90ea1\wmisvc.dll Object is locked skipped
C:\90ea1\wmiutils.dll Object is locked skipped
C:\90ea1\wmmfilt.dll Object is locked skipped
C:\90ea1\wmmres.dll Object is locked skipped
C:\90ea1\wmmutil.dll Object is locked skipped
C:\90ea1\wmnetmgr.dll Object is locked skipped
C:\90ea1\wmp.inf Object is locked skipped
C:\90ea1\wmp.ocx Object is locked skipped
C:\90ea1\wmpcd.dll Object is locked skipped
C:\90ea1\wmpcore.dll Object is locked skipped
C:\90ea1\wmplayer.exe Object is locked skipped
C:\90ea1\wmploc.dll Object is locked skipped
C:\90ea1\wmpshell.dll Object is locked skipped
C:\90ea1\wmpstub.exe Object is locked skipped
C:\90ea1\wmpui.dll Object is locked skipped
C:\90ea1\wmpvis.dll Object is locked skipped
C:\90ea1\wmsdmod.dll Object is locked skipped
C:\90ea1\wmsdmoe.dll Object is locked skipped
C:\90ea1\wmstream.dll Object is locked skipped
C:\90ea1\wmv8dmod.dll Object is locked skipped
C:\90ea1\wmv8ds32.ax Object is locked skipped
C:\90ea1\wmvcore.dll Object is locked skipped
C:\90ea1\wmvdmod.dll Object is locked skipped
C:\90ea1\wmvdmoe.dll Object is locked skipped
C:\90ea1\wmvds32.ax Object is locked skipped
C:\90ea1\wordpad.exe Object is locked skipped
C:\90ea1\wow32.dll Object is locked skipped
C:\90ea1\wship6.dll Object is locked skipped
C:\90ea1\wsnmp32.dll Object is locked skipped
C:\90ea1\wtsapi32.dll Object is locked skipped
C:\90ea1\wuauclt.exe Object is locked skipped
C:\90ea1\wuaueng.dll Object is locked skipped
C:\90ea1\wuauserv.dll Object is locked skipped
C:\90ea1\wzcdlg.dll Object is locked skipped
C:\90ea1\wzcsapi.dll Object is locked skipped
C:\90ea1\wzcsvc.dll Object is locked skipped
C:\90ea1\xactsrv.dll Object is locked skipped
C:\90ea1\xenroll.dll Object is locked skipped
C:\90ea1\zipfldr.dll Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\settings.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\2007-08-08_Log.ALUSchedulerSvc.LiveUpdate Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine4D80000\46FCC079.VBN Infected: Trojan-Downloader.JS.Agent.kd skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine4D80001\46FCC095.VBN Infected: Trojan-Downloader.Win32.Small.evy skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine4D80002\46FCC0AF.VBN Infected: Trojan-Downloader.Win32.Small.evy skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine4D80003\46FCC0C9.VBN Infected: Trojan-Downloader.Win32.Small.evy skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine7400000\47DCEFFA.VBN Infected: Backdoor.Win32.Small.na skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine74C0000\47FD11EE.VBN Infected: Trojan-Spy.Win32.Banker.amq skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine75C0000\47DC9318.VBN Infected: Trojan-Downloader.Win32.Small.ccm skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine8800000\4D834F6A.VBN Infected: Trojan-Downloader.Win32.Small.ccm skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine9980000.VBN Infected: Trojan-Downloader.Win32.Murlo.co skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine9D40000\4FDD0160.VBN Infected: Trojan-Downloader.Win32.Murlo.co skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine9E40000\4FEF0A55.VBN Infected: Trojan-Downloader.Win32.Murlo.co skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine9E80000\4FE86617.VBN Infected: Trojan-Downloader.Win32.Murlo.co skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine9E80001\4FE9BF72.VBN Infected: Trojan-Downloader.Win32.Murlo.co skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\QuarantineA000001\4E3E743D.VBN Infected: Trojan-Downloader.Win32.Agent.bls skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\QuarantineA100000\4FD3BD47.VBN Infected: Trojan-Spy.Win32.Banker.amq skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\QuarantineA100001\4E3906E9.VBN Infected: Trojan-Downloader.WMA.Wimad.d skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\QuarantineA100003\4E390887.VBN Infected: Trojan-Downloader.WMA.Wimad.d skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\QuarantineA100004\4E3908C6.VBN Infected: Trojan-Downloader.WMA.Wimad.d skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\QuarantineA100005\4E390906.VBN Infected: Trojan-Downloader.WMA.Wimad.d skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\QuarantineA100006\4E390945.VBN Infected: Trojan-Downloader.WMA.Wimad.d skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\QuarantineA100007\4E3922CF.VBN Infected: Trojan-Downloader.WMA.Wimad.d skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\QuarantineA100008\4E39232B.VBN Infected: Trojan-Downloader.WMA.Wimad.d skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\QuarantineA100009\4E39237F.VBN Infected: Trojan-Downloader.WMA.Wimad.d skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\QuarantineA10000A\4E392407.VBN Infected: Trojan-Downloader.WMA.Wimad.d skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\QuarantineA10000B\4E39244F.VBN Infected: Trojan-Downloader.WMA.Wimad.d skipped
C:\Documents and Settings\All Users\Documents\Downloaded files\Apps\vncviewer.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.333 skipped
C:\Documents and Settings\David\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\David\Local Settings\Application Data\ApplicationHistory\hpqimzone.exe.3204510e.ini.inuse Object is locked skipped
C:\Documents and Settings\David\Local Settings\Application Data\HP\Digital Imaging\db\administrativeInfo.dbf Object is locked skipped
C:\Documents and Settings\David\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.cdx Object is locked skipped
C:\Documents and Settings\David\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.dbf Object is locked skipped
C:\Documents and Settings\David\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.cdx Object is locked skipped
C:\Documents and Settings\David\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.dbf Object is locked skipped
C:\Documents and Settings\David\Local Settings\Application Data\HP\Digital Imaging\db\CB_Server_Errors.txt Object is locked skipped
C:\Documents and Settings\David\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.cdx Object is locked skipped
C:\Documents and Settings\David\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.dbf Object is locked skipped
C:\Documents and Settings\David\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.cdx Object is locked skipped
C:\Documents and Settings\David\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.dbf Object is locked skipped
C:\Documents and Settings\David\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.fpt Object is locked skipped
C:\Documents and Settings\David\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.cdx Object is locked skipped
C:\Documents and Settings\David\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.dbf Object is locked skipped
C:\Documents and Settings\David\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.cdx Object is locked skipped
C:\Documents and Settings\David\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.dbf Object is locked skipped
C:\Documents and Settings\David\Local Settings\Application Data\HP\Digital Imaging\db\managedFolderTable.dbf Object is locked skipped
C:\Documents and Settings\David\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.cdx Object is locked skipped
C:\Documents and Settings\David\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.dbf Object is locked skipped
C:\Documents and Settings\David\Local Settings\Application Data\HP\Digital Imaging\db\propertiesTable.cdx Object is locked skipped
C:\Documents and Settings\David\Local Settings\Application Data\HP\Digital Imaging\db\propertiesTable.dbf Object is locked skipped
C:\Documents and Settings\David\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.cdx Object is locked skipped
C:\Documents and Settings\David\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.dbf Object is locked skipped
C:\Documents and Settings\David\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.cdx Object is locked skipped
C:\Documents and Settings\David\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.dbf Object is locked skipped
C:\Documents and Settings\David\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\David\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\David\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\David\Local Settings\History\History.IE5\MSHist012007080820070809\index.dat Object is locked skipped
C:\Documents and Settings\David\Local Settings\Temp\hpodvd09.log Object is locked skipped
C:\Documents and Settings\David\Local Settings\Temp\Perflib_Perfdata_e04.dat Object is locked skipped
C:\Documents and Settings\David\Local Settings\Temp\~DFD590.tmp Object is locked skipped
C:\Documents and Settings\David\Local Settings\Temp\~DFF091.tmp Object is locked skipped
C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\David\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\David\NTUSER.DAT.LOG Object is locked skipped
C:\Documents and Settings\David\UserData\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\EENGINE\EPERSIST.DAT Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBConfig.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBDebug.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBDetect.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBNotify.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBRefr.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetCfg.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetCfg2.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetDev.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetLoc.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetUsr.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSMNot.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSMReg.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSMRSt.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBStHash.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBStMSI.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBValid.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\SPPolicy.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\SPStart.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\SPStop.log Object is locked skipped
C:\Program Files\ProcManager.exe Infected: not-a-virus:RiskTool.Win32.PsKill.a skipped
C:\Program Files\Symantec AntiVirus\SAVRT172NAV~.TMP Object is locked skipped
C:\Program Files\Symantec AntiVirus\SAVRT874NAV~.TMP Object is locked skipped
C:\Program Files\Yahoo!\Messenger\logs\billing_David.log Object is locked skipped
C:\Program Files\Yahoo!\Messenger\logs\client_David.log Object is locked skipped
C:\Program Files\Yahoo!\Messenger\logs\network_David.log Object is locked skipped
C:\System Volume Information\_restore{DD466F22-596D-435E-BF37-9EA1699182E0}\RP1058\change.log Object is locked skipped
C:\WINDOWS\Debug\oakley.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\EventCache\{463E9F53-4669-45CD-A4E1-33D60BE64FE3}.bin Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\drivers\etc\CPUIDLE\lock.sah Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
Scan process completed.
#4 OFFLINE
-
- Spyware Moderators
-
- 1,821 posts
Power Member
- Gender:Male
- Location:Manchester. UK
- Interests:Music, Movies, Website Building & Design, Malware Testing/Research and spending time with friends & family.
Posted 09 August 2007 - 11:10 AM
Thanks for the logs and for uploading the files
The password stealer wasnt present in the uploaded files so that would of already been removed from your system at some stage, the file I thought maybe a backdoor trojan is actually fine and related to SETI@home which is good news
O2 - BHO: ReadFile Class - {9E4F45DB-2EC3-4b09-91F9-31C702B3285D} - C:\WINDOWS\System32\tgs.dll
Thats the entry for the password stealing trojan and its a variant of this info stealer
http://www.sophos.co...ojbankashl.html
While I was searching for a write up to explain the trojan I noticed this log you posted on here last year
http://forum.pirifor...?showtopic=7713
So this BHO entry is a leftover from when you was infected, as you didnt post back the logs on that topic the helper didnt get the chance to advise you to change all passwords for sites you use and to contact the bank if you do any banking or paying for goods online, even though its abit late now as it was 9 months ago I'll still pass on a link that provides abit more information
How to report ID theft, fraud, drive-by installs, hijacking and malware?
Looking at that older log I'd guess it was the WindowsXP Product Key Viewer.exe that added the banker trojans as that was detected by AVG as Trojan.Nilage, I notice you was also getting the runtime errors last year so whatever the problem is has been present for a long time, regarding these sts*.tmp files its difficult to say what they are without receiving some samples of them but its possible they are being created by a legit program you have installed, if they are still getting added try to upload afew at the Bleeping Computer link you used earlier and I'll take a look at them,
Do you know what created the C:\90ea1\ folder on your system ? , it appears to mainly have Windows system files inside but its not a default location or name,
For now lets clear up what we can see and run another scan to make sure there's no remaining problems
Remove the items in Nortons Quarantine as described Here
Disable the TeaTimer protection for Spybot so it doesnt interfere with the HijackThis fixes
1) Run Spybot-S&D
2) Go to the Mode menu, and make sure "Advanced Mode" is selected
3) On the left hand side, choose Tools -> Resident
4) Uncheck "Resident TeaTimer" and OK any prompts
You can reenable TeaTimer again once your system is clean.
Run Hijack This and choose Do A System Scan then place a check next to these entries
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ReadFile Class - {9E4F45DB-2EC3-4b09-91F9-31C702B3285D} - C:\WINDOWS\System32\tgs.dll (file missing)
O16 - DPF: {88D758A3-D33B-45FD-91E3-67749B4057FA} - ht*p://dm.screensavers.com/dm/installers/si/1/sinstaller.cab
Close all open browser and other windows except for HijackThis and press the Fix Checked button
Download Blacklight beta HERE and save it to your desktop.
Run the program, accept statement > click next then scan
When its finished scanning exit the program and post back the log if it detects hidden files, The log is called 'fsbl-<date/time>.log' which will save to the same location as the blbeta.exe file.
Finally run Panda Activescan from Here.
Once you are on the Panda site click the Scan your PC button
- A new window will open...click the Check Now button
- Enter your Country
- Enter your State/Province
- Enter your e-mail address and click send
- Select either Home User or Company
- Click the big Scan Now button
- If it wants to install an ActiveX component allow it
- It will start downloading the files it requires for the scan
(Note: It may take a couple of minutes)
- When the download is complete, click on Local Disks to start the scan
- When the scan completes, if anything malicious is detected, click the See Report button, then Save Report and save it to a convenient location so you can post it back.
Please then post back the Blacklight log if it finds any hidden files, the Pandascan log and let us know if your still getting runtime errors and sts*.tmp files being created.
Thanks
The password stealer wasnt present in the uploaded files so that would of already been removed from your system at some stage, the file I thought maybe a backdoor trojan is actually fine and related to SETI@home which is good news
O2 - BHO: ReadFile Class - {9E4F45DB-2EC3-4b09-91F9-31C702B3285D} - C:\WINDOWS\System32\tgs.dll
Thats the entry for the password stealing trojan and its a variant of this info stealer
http://www.sophos.co...ojbankashl.html
While I was searching for a write up to explain the trojan I noticed this log you posted on here last year
http://forum.pirifor...?showtopic=7713
So this BHO entry is a leftover from when you was infected, as you didnt post back the logs on that topic the helper didnt get the chance to advise you to change all passwords for sites you use and to contact the bank if you do any banking or paying for goods online, even though its abit late now as it was 9 months ago I'll still pass on a link that provides abit more information
How to report ID theft, fraud, drive-by installs, hijacking and malware?
Looking at that older log I'd guess it was the WindowsXP Product Key Viewer.exe that added the banker trojans as that was detected by AVG as Trojan.Nilage, I notice you was also getting the runtime errors last year so whatever the problem is has been present for a long time, regarding these sts*.tmp files its difficult to say what they are without receiving some samples of them but its possible they are being created by a legit program you have installed, if they are still getting added try to upload afew at the Bleeping Computer link you used earlier and I'll take a look at them,
Do you know what created the C:\90ea1\ folder on your system ? , it appears to mainly have Windows system files inside but its not a default location or name,
For now lets clear up what we can see and run another scan to make sure there's no remaining problems
Remove the items in Nortons Quarantine as described Here
Disable the TeaTimer protection for Spybot so it doesnt interfere with the HijackThis fixes
1) Run Spybot-S&D
2) Go to the Mode menu, and make sure "Advanced Mode" is selected
3) On the left hand side, choose Tools -> Resident
4) Uncheck "Resident TeaTimer" and OK any prompts
You can reenable TeaTimer again once your system is clean.
Run Hijack This and choose Do A System Scan then place a check next to these entries
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ReadFile Class - {9E4F45DB-2EC3-4b09-91F9-31C702B3285D} - C:\WINDOWS\System32\tgs.dll (file missing)
O16 - DPF: {88D758A3-D33B-45FD-91E3-67749B4057FA} - ht*p://dm.screensavers.com/dm/installers/si/1/sinstaller.cab
Close all open browser and other windows except for HijackThis and press the Fix Checked button
Download Blacklight beta HERE and save it to your desktop.
Run the program, accept statement > click next then scan
When its finished scanning exit the program and post back the log if it detects hidden files, The log is called 'fsbl-<date/time>.log' which will save to the same location as the blbeta.exe file.
Finally run Panda Activescan from Here.
Once you are on the Panda site click the Scan your PC button
- A new window will open...click the Check Now button
- Enter your Country
- Enter your State/Province
- Enter your e-mail address and click send
- Select either Home User or Company
- Click the big Scan Now button
- If it wants to install an ActiveX component allow it
- It will start downloading the files it requires for the scan
(Note: It may take a couple of minutes)
- When the download is complete, click on Local Disks to start the scan
- When the scan completes, if anything malicious is detected, click the See Report button, then Save Report and save it to a convenient location so you can post it back.
Please then post back the Blacklight log if it finds any hidden files, the Pandascan log and let us know if your still getting runtime errors and sts*.tmp files being created.
Thanks
#5 OFFLINE
-
- Members
-
- 13 posts
Member
Posted 12 August 2007 - 07:58 PM
Sorry this took so long to get back to, but I have been busy with work and have been squeezing in bits and pieces around my work schedule.
I ran the Blacklight scan and it did not find anything. Below is the Panda ActiveScan log....
Incident Status Location
Adware:adware/tvmedia Not disinfected C:\Documents and Settings\David\Application Data\tvmcwrd.dll
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\David\Cookies\david@2o7[1].txt
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\David\Cookies\david@ad.yieldmanager[1].txt
Spyware:Cookie/AdDynamix Not disinfected C:\Documents and Settings\David\Cookies\david@ads.addynamix[2].txt
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\David\Cookies\david@atwola[1].txt
Spyware:Cookie/bravenetA Not disinfected C:\Documents and Settings\David\Cookies\david@bravenet[1].txt
Spyware:Cookie/Ccbill Not disinfected C:\Documents and Settings\David\Cookies\david@ccbill[1].txt
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\David\Cookies\david@perf.overture[1].txt
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\David\Cookies\david@questionmarket[1].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\David\Cookies\david@realmedia[2].txt
Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\David\Cookies\david@server.iad.liveperson[2].txt
Spyware:Cookie/Traffic Marketplace Not disinfected C:\Documents and Settings\David\Cookies\david@trafficmp[1].txt
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\David\Cookies\david@tribalfusion[2].txt
Adware:Adware/Transponder Not disinfected C:\WINDOWS\inf\polall1r.inf
Potentially unwanted tool:Application/NirCmd.A Not disinfected C:\WINDOWS\nircmd.exe
Potentially unwanted tool:application/bestoffer Not disinfected C:\WINDOWS\smdat32m.sys
Adware:adware/twain-tech Not disinfected C:\WINDOWS\support.cn
Thanks again for the help...
I ran the Blacklight scan and it did not find anything. Below is the Panda ActiveScan log....
Incident Status Location
Adware:adware/tvmedia Not disinfected C:\Documents and Settings\David\Application Data\tvmcwrd.dll
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\David\Cookies\david@2o7[1].txt
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\David\Cookies\david@ad.yieldmanager[1].txt
Spyware:Cookie/AdDynamix Not disinfected C:\Documents and Settings\David\Cookies\david@ads.addynamix[2].txt
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\David\Cookies\david@atwola[1].txt
Spyware:Cookie/bravenetA Not disinfected C:\Documents and Settings\David\Cookies\david@bravenet[1].txt
Spyware:Cookie/Ccbill Not disinfected C:\Documents and Settings\David\Cookies\david@ccbill[1].txt
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\David\Cookies\david@perf.overture[1].txt
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\David\Cookies\david@questionmarket[1].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\David\Cookies\david@realmedia[2].txt
Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\David\Cookies\david@server.iad.liveperson[2].txt
Spyware:Cookie/Traffic Marketplace Not disinfected C:\Documents and Settings\David\Cookies\david@trafficmp[1].txt
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\David\Cookies\david@tribalfusion[2].txt
Adware:Adware/Transponder Not disinfected C:\WINDOWS\inf\polall1r.inf
Potentially unwanted tool:Application/NirCmd.A Not disinfected C:\WINDOWS\nircmd.exe
Potentially unwanted tool:application/bestoffer Not disinfected C:\WINDOWS\smdat32m.sys
Adware:adware/twain-tech Not disinfected C:\WINDOWS\support.cn
Thanks again for the help...
#6 OFFLINE
-
- Spyware Moderators
-
- 1,821 posts
Power Member
- Gender:Male
- Location:Manchester. UK
- Interests:Music, Movies, Website Building & Design, Malware Testing/Research and spending time with friends & family.
Posted 13 August 2007 - 07:20 PM
Hi tadrith27
As Pandascan has mostly detected Adware can you install and run SpySweeper as that should clear up most Adware/Spyware files then post back a list of the Add/Remove screen list as some of these Adware programs should have entries present if they are still installed on your system
Please download WebRoot SpySweeper from HERE (It's a 14 day trial):
Open Hijackthis, and click the Misc Tools button
(If its on the scan screen then in the lower right corner click the Config... button)
Then click the Open Uninstall Manager... button.
The Add/Remove Programs Manager panel should appear.
In this panel click the Save list button.
Save the uninstall_list.txt file to your desktop and copy and paste the contents back in your next reply.
Please then post back the Uninstall list and the SpySweeper results, let us know if your still getting the runtime errors and when they appear
Thanks
As Pandascan has mostly detected Adware can you install and run SpySweeper as that should clear up most Adware/Spyware files then post back a list of the Add/Remove screen list as some of these Adware programs should have entries present if they are still installed on your system
Please download WebRoot SpySweeper from HERE (It's a 14 day trial):
- Click the Download now link on the right to download the program.
- Double-click the file to install it as follows:
- Click "Next", read the agreement, Click "Next"
- Choose "Custom" click "Next".
- Leave the default installation directory as it is, then click "Next".
- UNcheck "Run SpySweeper at Windows Startup" and "Add Sweep for Spyware to Windows Explorer Context Menu". Click "Next".
- On the following screen you can leave the e-mail address field blank, if you wish. Click "Next".
- Finally, click "Install"
- Once the program is installed, it will open.
- It will prompt you to update to the latest definitions, click Yes.
- Once the definitions are installed, disconnect from the internet.
- Click Options on the left side.
- Click the Sweep Options tab.
- Under What to Sweep please put a check next to the following:
- Sweep Memory
- Sweep Registry
- Sweep Cookies
- Sweep All User Accounts
- Enable Direct Disk Sweeping
- Sweep Contents of Compressed Files
- Sweep for Rootkits
- Please UNCHECK Do not Sweep System Restore Folder.
- Click Sweep Now on the left side.
- Click the Start button.
- When it's done scanning, click the Next button.
- Make sure everything has a check next to it, then click the Next button.
- It will remove all of the items found.
- Click Session Log in the upper right corner, copy everything in that window.
- Click the Summary tab and click Finish.
- Paste the contents of the session log you copied into your next reply.
Open Hijackthis, and click the Misc Tools button
(If its on the scan screen then in the lower right corner click the Config... button)
Then click the Open Uninstall Manager... button.
The Add/Remove Programs Manager panel should appear.
In this panel click the Save list button.
Save the uninstall_list.txt file to your desktop and copy and paste the contents back in your next reply.
Please then post back the Uninstall list and the SpySweeper results, let us know if your still getting the runtime errors and when they appear
Thanks
#7 OFFLINE
-
- Members
-
- 13 posts
Member
Posted 13 August 2007 - 11:53 PM
Alright, here is the Spy Sweeper Scan log and the Uninstall List:
7:07 PM: Removal process completed. Elapsed time 00:01:41
7:07 PM: Quarantining All Traces: twain-tech
7:07 PM: Quarantining All Traces: tvmedia
7:07 PM: Quarantining All Traces: addestroyer
7:07 PM: Quarantining All Traces: seekseek
7:07 PM: Quarantining All Traces: drsnsrch.com hijack
7:07 PM: Quarantining All Traces: virtualbouncer
7:07 PM: Quarantining All Traces: radlight divx player
7:07 PM: Quarantining All Traces: begin2search
7:07 PM: Quarantining All Traces: dp trojan
7:06 PM: Quarantining All Traces: comet cursor
7:06 PM: Quarantining All Traces: blazefind
7:06 PM: Quarantining All Traces: directrevenue-abetterinternet
7:06 PM: Quarantining All Traces: trojan-phisher-bankash
7:06 PM: Quarantining All Traces: 2nd-thought
7:06 PM: Removal process initiated
6:51 PM: Traces Found: 46
6:51 PM: Custom Sweep has completed. Elapsed time 01:34:23
6:51 PM: File Sweep Complete, Elapsed Time: 01:21:26
6:24 PM: Warning: SweepDirectories: Cannot find directory "e:". This directory was not added to the list of paths to be scanned.
6:24 PM: Warning: SweepDirectories: Cannot find directory "d:". This directory was not added to the list of paths to be scanned.
6:24 PM: C:\WINDOWS\inf\polall1r.inf (ID = 83425)
6:24 PM: Found Adware: directrevenue-abetterinternet
6:24 PM: Warning: Failed to open file "c:\windows\system32\drivers\etc\cpuidle\lock.sah". The operation completed successfully
6:22 PM: C:\Program Files\Trend Micro\HijackThis\backups\backup-20070809-200703-950.inf (ID = 320977)
6:21 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssms3a34de64-05b7-4b18-b412-fc9d93b1df74.tmp". The operation completed successfully
6:21 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssmsd098b58f-ffd6-46aa-a6ca-f9c5eff71baf.tmp". The operation completed successfully
6:21 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssmsa41f589b-96d4-4ee2-a900-6b45bb9498b8.tmp". The operation completed successfully
6:21 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssmseefdfe4d-aba6-4be1-a5f2-d04deb38579f.tmp". The operation completed successfully
6:21 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssmsa7f117e2-d90e-403c-9632-802165a06b84.tmp". The operation completed successfully
6:21 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssmsec84d374-3629-4157-b6d9-8d388e8cfa03.tmp". The operation completed successfully
6:21 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssmsed796ef4-a6de-4171-9402-fdbcaa8cf435.tmp". The operation completed successfully
6:21 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssmsd1473000-c66d-428e-a1c7-c84d7cdabbd3.tmp". The operation completed successfully
6:20 PM: Warning: Failed to open file "c:\program files\symantec antivirus\savrt597nav~.tmp". The operation completed successfully
6:10 PM: C:\WINDOWS\support.cn (ID = 81870)
6:10 PM: Found Adware: twain-tech
6:07 PM: C:\Documents and Settings\David\Application Data\tvmknwrd.dll (ID = 318254)
6:07 PM: Found Adware: tvmedia
5:37 PM: C:\WINDOWS\system32\INNERADINSTALL.LOG (ID = 49035)
5:37 PM: Found Adware: addestroyer
5:31 PM: C:\WINDOWS\system32\moviesgreen11.ico (ID = 51033)
5:31 PM: Found Adware: begin2search
5:30 PM: C:\Program Files\Common Files\Slmss (1 subtraces) (ID = 2147485759)
5:30 PM: Found Adware: seekseek
5:29 PM: Starting File Sweep
5:29 PM: Warning: SweepDirectories: Cannot find directory "a:". This directory was not added to the list of paths to be scanned.
5:29 PM: Cookie Sweep Complete, Elapsed Time: 00:00:01
5:29 PM: Starting Cookie Sweep
5:29 PM: Registry Sweep Complete, Elapsed Time:00:01:39
5:29 PM: HKU\S-1-5-21-725345543-1993962763-1708537768-1003\software\microsoft\windows\currentversion\explorer\menuorder\start menu2\programs\virtual bouncer\ (ID = 1966189)
5:29 PM: HKU\S-1-5-21-725345543-1993962763-1708537768-1003\software\microsoft\search assistant\ || defaultsearchurl (ID = 128205)
5:29 PM: Found Adware: drsnsrch.com hijack
5:29 PM: HKU\S-1-5-21-725345543-1993962763-1708537768-1003\software\freeverse\viagra\ (ID = 125365)
5:29 PM: Found Trojan Horse: dp trojan
5:28 PM: HKLM\software\microsoft\windows\currentversion\explorer\browser helper objects\{9e4f45db-2ec3-4b09-91f9-31c702b3285d}\ (ID = 1199930)
5:28 PM: HKLM\software\classes\typelib\{a49460c9-d134-4c21-bf35-edd17d477dc8}\ (ID = 957356)
5:28 PM: HKCR\typelib\{a49460c9-d134-4c21-bf35-edd17d477dc8}\ (ID = 957346)
5:28 PM: HKLM\software\classes\rfa.rfa.1\ (ID = 945542)
5:28 PM: HKLM\software\classes\rfa.rfa\ (ID = 945538)
5:28 PM: HKCR\rfa.rfa.1\ (ID = 945514)
5:28 PM: HKCR\rfa.rfa\ (ID = 945510)
5:28 PM: Found Trojan Horse: trojan-phisher-bankash
5:28 PM: HKLM\software\classes\clsid\{8551311d-f3bf-4718-ad66-96e302500735}\ (ID = 476604)
5:28 PM: HKCR\clsid\{8551311d-f3bf-4718-ad66-96e302500735}\ (ID = 392235)
5:28 PM: HKCR\typelib\{5e594162-60a9-487d-84b8-dbdd716cb862}\ (ID = 145565)
5:28 PM: HKLM\software\classes\typelib\{5e594162-60a9-487d-84b8-dbdd716cb862}\ (ID = 145551)
5:28 PM: HKLM\software\classes\clsid\{8940e505-72c6-44de-be85-1d746780efbf}\ (ID = 145549)
5:28 PM: Found Adware: virtualbouncer
5:28 PM: HKLM\software\microsoft\code store database\distribution units\{88d758a3-d33b-45fd-91e3-67749b4057fa}\ (ID = 140566)
5:28 PM: Found Adware: comet cursor
5:28 PM: HKLM\software\classes\radlightfile\ (ID = 139215)
5:28 PM: HKCR\radlightfile\ (ID = 139212)
5:28 PM: Found Adware: radlight divx player
5:28 PM: HKLM\software\microsoft\windows\ || infamous (ID = 104517)
5:28 PM: Found Adware: blazefind
5:28 PM: HKLM\software\classes\interface\{d7eac2d8-2d52-4010-a4ad-dfdf60c1706c}\ (ID = 102001)
5:28 PM: HKLM\software\classes\interface\{c0f88e9e-dceb-4655-968a-ae508a677c39}\ (ID = 102000)
5:28 PM: HKLM\software\classes\interface\{bccab53d-0895-40c3-a942-a03538ce227a}\ (ID = 101999)
5:28 PM: HKLM\software\classes\interface\{a986f4db-792e-4571-8974-0bb6e024766f}\ (ID = 101998)
5:28 PM: HKLM\software\classes\interface\{830d3aed-2fa9-454f-b266-d931862bbf34}\ (ID = 101997)
5:28 PM: HKLM\software\classes\interface\{49db48ff-02b5-4645-b676-94a4df1aa026}\ (ID = 101996)
5:28 PM: HKLM\software\classes\interface\{9bcdd51b-4a7b-446c-8452-d32d38004582}\ (ID = 101995)
5:28 PM: HKLM\software\classes\interface\{8c53bd8e-b12d-4c8f-ad0e-c9ddc39d1273}\ (ID = 101994)
5:28 PM: HKLM\software\classes\interface\{6e0ed53c-9908-49ed-b055-7cb31b162577}\ (ID = 101993)
5:28 PM: HKCR\interface\{d7eac2d8-2d52-4010-a4ad-dfdf60c1706c}\ (ID = 101986)
5:28 PM: HKCR\interface\{c0f88e9e-dceb-4655-968a-ae508a677c39}\ (ID = 101985)
5:28 PM: HKCR\interface\{bccab53d-0895-40c3-a942-a03538ce227a}\ (ID = 101984)
5:28 PM: HKCR\interface\{a986f4db-792e-4571-8974-0bb6e024766f}\ (ID = 101983)
5:28 PM: HKCR\interface\{830d3aed-2fa9-454f-b266-d931862bbf34}\ (ID = 101982)
5:28 PM: HKCR\interface\{49db48ff-02b5-4645-b676-94a4df1aa026}\ (ID = 101981)
5:28 PM: HKCR\interface\{9bcdd51b-4a7b-446c-8452-d32d38004582}\ (ID = 101980)
5:28 PM: HKCR\interface\{8c53bd8e-b12d-4c8f-ad0e-c9ddc39d1273}\ (ID = 101979)
5:28 PM: HKCR\interface\{6e0ed53c-9908-49ed-b055-7cb31b162577}\ (ID = 101978)
5:28 PM: HKCR\clsid\{8940e505-72c6-44de-be85-1d746780efbf}\ (ID = 101977)
5:28 PM: Found Trojan Horse: 2nd-thought
5:27 PM: Starting Registry Sweep
5:27 PM: Memory Sweep Complete, Elapsed Time: 00:11:04
5:16 PM: Starting Memory Sweep
5:16 PM: Start Custom Sweep
5:16 PM: Sweep initiated using definitions version 967
5:14 PM: None
5:14 PM: Traces Found: 0
5:14 PM: Sweep Canceled
5:13 PM: Start Custom Sweep
5:13 PM: Sweep initiated using definitions version 967
5:12 PM: Informational: ShieldEmail: Start monitoring port 25 for mail activities
Keylogger: Off
5:12 PM: Informational: ShieldEmail: Start monitoring port 110 for mail activities
E-mail Attachment: On
BHO Shield: On
IE Security Shield: On
Alternate Data Stream (ADS) Execution Shield: On
Startup Shield: On
Common Ad Sites: Off
Hosts File Shield: On
Internet Communication Shield: On
ActiveX Shield: On
Windows Messenger Service Shield: On
IE Favorites Shield: On
File System Shield: On
Execution Shield: On
System Services Shield: On
IE Hijack Shield: On
IE Tracking Cookies Shield: Off
5:11 PM: Shield States
5:11 PM: License Check Status (0): Success
5:11 PM: Spyware Definitions: 967
5:10 PM: Spy Sweeper 5.5.7.48 started
5:10 PM: Spy Sweeper 5.5.7.48 started
5:10 PM: | Start of Session, Monday, August 13, 2007 |
***************
AC3Filter (remove only)
Ad-Aware SE Personal
Adobe Acrobat - Reader 6.0.2 Update
Adobe Acrobat 5.0
Adobe Acrobat 6.0.1 Professional
Adobe Acrobat and Reader 6.0.3 Update
Adobe Acrobat and Reader 6.0.4 Update
Adobe Acrobat and Reader 6.0.5 Update
Adobe Acrobat and Reader 6.0.6 Update
Adobe Atmosphere Player for Acrobat and Adobe Reader
Adobe Creative Suite
Adobe Flash Player ActiveX
Adobe Photoshop Album 2.0 Starter Edition
Adobe Reader 6.0.1
Adobe Shockwave Player
Adobe SVG Viewer 3.0
Advanced Networking Pack for Windows XP
AOL Instant Messenger
AOpen iWheelWorks Ver. 1.32
ApproveIt Desktop 5.7.3
AVG Anti-Spyware 7.5
AVIcodec (remove only)
CreataCard Special Edition - Lexmark 2
Creative System Information
CS Internet Tools 2.1
DivX 5.0.2 Pro Bundle
DivX Player
Family Tree Maker
hh_screensaver_2
HH_screensaver_v3
HighMAT Extension to Microsoft Windows XP CD Writing Wizard
HijackThis 2.0.2
HP Customer Participation Program 7.0
HP Document Viewer 7.0
HP Imaging Device Functions 7.0
HP Photosmart Essential
HP Photosmart Premier Software 6.5
HP Photosmart, Officejet and Deskjet 7.0.A
HP Solution Center 7.0
HP Update
ICatch (VI) PC Camera
InterVideo WinDVD
ItCan.Net Monitor 1.03
J2SE Runtime Environment 5.0 Update 11
Java™ SE Runtime Environment 6 Update 1
Kaspersky Online Scanner
LANguard Network Scanner
Learn2 Player (Uninstall Only)
LiveUpdate 3.0 (Symantec Corporation)
Logitech MouseWare 9.42 .1
Media Library Management Wizard
Micrografx Windows Draw 6 LE
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft Age of Empires II
Microsoft Data Access Components KB870669
Microsoft FrontPage 2000
Microsoft Office Professional Edition 2003
Microsoft Picture It! Express 7.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Web Publishing Wizard 1.52
Microsoft Windows Journal Viewer
Microsoft XML Parser and SDK
Movie Maker Background Music Files
Movie Maker Sound Effects
Movie Maker Title Images
MSN Music Assistant
Norton WMI Update
NVIDIA Display Driver
NVIDIA Windows 2000/XP Display Drivers
OCR Software by I.R.I.S 7.0
Optiquest Monitor Drivers
Outlook Express Q823353
Panda ActiveScan
PCFriendly
Personal License Update Wizard for Windows Media Player
Pharaoh
PhotoMAX Pro
PhotoPrinter 2.0
Plus! MP3 Audio Converter LE
Pop-Up Stopper Free Edition
Porrasturvat - Stair Dismount (remove only)
Presto! ImageFolio 4.2
Presto! Mr. Photo
Presto! VideoWorks 4.5
Prevx 2.0
PrintMaster 12
PureEdge Viewer 6.5
Quest for Glory V: Dragon Fire
Quicken 2005
QuickTime
QuickTime 3.0
RealPlayer Basic
Remove DivX Codec
Security Update for Windows Media Player 10 (KB917734)
Shockwave
Shogun Total War
Sierra Utilities
SiS 900 PCI Fast Ethernet Adapter Driver
SiS Audio Driver
SmartDraw Business & Charting Collection
Sound Blaster Live! 24-bit
Spy Sweeper
Spybot - Search & Destroy 1.3
Symantec AntiVirus
Tera Term Pro
Update for Windows XP (KB898461)
Viewpoint Manager (Remove Only)
Viewpoint Media Player
ViewSonic Windows XP Signed Files
WeatherBug
Windows Installer 3.1 (KB893803)
Windows Live Messenger
Windows Media Bonus Pack for Windows XP
Windows Media Format Runtime
Windows Media Player 10
Windows Media Player Playlist Import to Excel Wizard
Windows Media Player Skin Importer
Windows Media Player Tray Control
Windows XP Hotfix - KB820291
Windows XP Hotfix - KB821253
Windows XP Hotfix - KB821557
Windows XP Hotfix - KB822603
Windows XP Hotfix - KB823182
Windows XP Hotfix - KB823559
Windows XP Hotfix - KB824105
Windows XP Hotfix - KB824141
Windows XP Hotfix - KB825119
Windows XP Hotfix - KB826942
Windows XP Hotfix - KB828035
Windows XP Hotfix - KB828741
Windows XP Hotfix - KB833407
Windows XP Hotfix - KB833987
Windows XP Hotfix - KB834707
Windows XP Hotfix - KB835732
Windows XP Hotfix - KB837001
Windows XP Hotfix - KB839645
Windows XP Hotfix - KB840315
Windows XP Hotfix - KB840987
Windows XP Hotfix - KB841356
Windows XP Hotfix - KB841533
Windows XP Hotfix - KB841873
Windows XP Hotfix - KB842773
Windows XP Hotfix - KB867282
Windows XP Hotfix - KB871250
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB873376
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB889293
Windows XP Hotfix - KB890047
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB891711
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB918439
Windows XP Hotfix - KB925486
Windows XP Hotfix (SP2) [See Q329048 for more information]
Windows XP Hotfix (SP2) [See Q329115 for more information]
Windows XP Hotfix (SP2) [See Q329390 for more information]
Windows XP Hotfix (SP2) [See Q329834 for more information]
Windows XP Hotfix (SP2) Q322011
Windows XP Hotfix (SP2) Q327979
Windows XP Hotfix (SP2) Q329170
Windows XP Hotfix (SP2) Q329441
Windows XP Hotfix (SP2) Q810565
Windows XP Hotfix (SP2) Q810577
Windows XP Hotfix (SP2) Q810833
Windows XP Hotfix (SP2) Q811493
Windows XP Hotfix (SP2) Q814033
Windows XP Hotfix (SP2) Q814995
Windows XP Hotfix (SP2) Q815021
Windows XP Hotfix (SP2) Q817287
Windows XP Hotfix (SP2) Q817606
WinISO 5.3
WinRAR archiver
Yahoo! Address AutoComplete
Yahoo! Browser Services
Yahoo! extras
Yahoo! Install Manager
Yahoo! Internet Mail
Yahoo! Messenger
Thanks again......
7:07 PM: Removal process completed. Elapsed time 00:01:41
7:07 PM: Quarantining All Traces: twain-tech
7:07 PM: Quarantining All Traces: tvmedia
7:07 PM: Quarantining All Traces: addestroyer
7:07 PM: Quarantining All Traces: seekseek
7:07 PM: Quarantining All Traces: drsnsrch.com hijack
7:07 PM: Quarantining All Traces: virtualbouncer
7:07 PM: Quarantining All Traces: radlight divx player
7:07 PM: Quarantining All Traces: begin2search
7:07 PM: Quarantining All Traces: dp trojan
7:06 PM: Quarantining All Traces: comet cursor
7:06 PM: Quarantining All Traces: blazefind
7:06 PM: Quarantining All Traces: directrevenue-abetterinternet
7:06 PM: Quarantining All Traces: trojan-phisher-bankash
7:06 PM: Quarantining All Traces: 2nd-thought
7:06 PM: Removal process initiated
6:51 PM: Traces Found: 46
6:51 PM: Custom Sweep has completed. Elapsed time 01:34:23
6:51 PM: File Sweep Complete, Elapsed Time: 01:21:26
6:24 PM: Warning: SweepDirectories: Cannot find directory "e:". This directory was not added to the list of paths to be scanned.
6:24 PM: Warning: SweepDirectories: Cannot find directory "d:". This directory was not added to the list of paths to be scanned.
6:24 PM: C:\WINDOWS\inf\polall1r.inf (ID = 83425)
6:24 PM: Found Adware: directrevenue-abetterinternet
6:24 PM: Warning: Failed to open file "c:\windows\system32\drivers\etc\cpuidle\lock.sah". The operation completed successfully
6:22 PM: C:\Program Files\Trend Micro\HijackThis\backups\backup-20070809-200703-950.inf (ID = 320977)
6:21 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssms3a34de64-05b7-4b18-b412-fc9d93b1df74.tmp". The operation completed successfully
6:21 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssmsd098b58f-ffd6-46aa-a6ca-f9c5eff71baf.tmp". The operation completed successfully
6:21 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssmsa41f589b-96d4-4ee2-a900-6b45bb9498b8.tmp". The operation completed successfully
6:21 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssmseefdfe4d-aba6-4be1-a5f2-d04deb38579f.tmp". The operation completed successfully
6:21 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssmsa7f117e2-d90e-403c-9632-802165a06b84.tmp". The operation completed successfully
6:21 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssmsec84d374-3629-4157-b6d9-8d388e8cfa03.tmp". The operation completed successfully
6:21 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssmsed796ef4-a6de-4171-9402-fdbcaa8cf435.tmp". The operation completed successfully
6:21 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssmsd1473000-c66d-428e-a1c7-c84d7cdabbd3.tmp". The operation completed successfully
6:20 PM: Warning: Failed to open file "c:\program files\symantec antivirus\savrt597nav~.tmp". The operation completed successfully
6:10 PM: C:\WINDOWS\support.cn (ID = 81870)
6:10 PM: Found Adware: twain-tech
6:07 PM: C:\Documents and Settings\David\Application Data\tvmknwrd.dll (ID = 318254)
6:07 PM: Found Adware: tvmedia
5:37 PM: C:\WINDOWS\system32\INNERADINSTALL.LOG (ID = 49035)
5:37 PM: Found Adware: addestroyer
5:31 PM: C:\WINDOWS\system32\moviesgreen11.ico (ID = 51033)
5:31 PM: Found Adware: begin2search
5:30 PM: C:\Program Files\Common Files\Slmss (1 subtraces) (ID = 2147485759)
5:30 PM: Found Adware: seekseek
5:29 PM: Starting File Sweep
5:29 PM: Warning: SweepDirectories: Cannot find directory "a:". This directory was not added to the list of paths to be scanned.
5:29 PM: Cookie Sweep Complete, Elapsed Time: 00:00:01
5:29 PM: Starting Cookie Sweep
5:29 PM: Registry Sweep Complete, Elapsed Time:00:01:39
5:29 PM: HKU\S-1-5-21-725345543-1993962763-1708537768-1003\software\microsoft\windows\currentversion\explorer\menuorder\start menu2\programs\virtual bouncer\ (ID = 1966189)
5:29 PM: HKU\S-1-5-21-725345543-1993962763-1708537768-1003\software\microsoft\search assistant\ || defaultsearchurl (ID = 128205)
5:29 PM: Found Adware: drsnsrch.com hijack
5:29 PM: HKU\S-1-5-21-725345543-1993962763-1708537768-1003\software\freeverse\viagra\ (ID = 125365)
5:29 PM: Found Trojan Horse: dp trojan
5:28 PM: HKLM\software\microsoft\windows\currentversion\explorer\browser helper objects\{9e4f45db-2ec3-4b09-91f9-31c702b3285d}\ (ID = 1199930)
5:28 PM: HKLM\software\classes\typelib\{a49460c9-d134-4c21-bf35-edd17d477dc8}\ (ID = 957356)
5:28 PM: HKCR\typelib\{a49460c9-d134-4c21-bf35-edd17d477dc8}\ (ID = 957346)
5:28 PM: HKLM\software\classes\rfa.rfa.1\ (ID = 945542)
5:28 PM: HKLM\software\classes\rfa.rfa\ (ID = 945538)
5:28 PM: HKCR\rfa.rfa.1\ (ID = 945514)
5:28 PM: HKCR\rfa.rfa\ (ID = 945510)
5:28 PM: Found Trojan Horse: trojan-phisher-bankash
5:28 PM: HKLM\software\classes\clsid\{8551311d-f3bf-4718-ad66-96e302500735}\ (ID = 476604)
5:28 PM: HKCR\clsid\{8551311d-f3bf-4718-ad66-96e302500735}\ (ID = 392235)
5:28 PM: HKCR\typelib\{5e594162-60a9-487d-84b8-dbdd716cb862}\ (ID = 145565)
5:28 PM: HKLM\software\classes\typelib\{5e594162-60a9-487d-84b8-dbdd716cb862}\ (ID = 145551)
5:28 PM: HKLM\software\classes\clsid\{8940e505-72c6-44de-be85-1d746780efbf}\ (ID = 145549)
5:28 PM: Found Adware: virtualbouncer
5:28 PM: HKLM\software\microsoft\code store database\distribution units\{88d758a3-d33b-45fd-91e3-67749b4057fa}\ (ID = 140566)
5:28 PM: Found Adware: comet cursor
5:28 PM: HKLM\software\classes\radlightfile\ (ID = 139215)
5:28 PM: HKCR\radlightfile\ (ID = 139212)
5:28 PM: Found Adware: radlight divx player
5:28 PM: HKLM\software\microsoft\windows\ || infamous (ID = 104517)
5:28 PM: Found Adware: blazefind
5:28 PM: HKLM\software\classes\interface\{d7eac2d8-2d52-4010-a4ad-dfdf60c1706c}\ (ID = 102001)
5:28 PM: HKLM\software\classes\interface\{c0f88e9e-dceb-4655-968a-ae508a677c39}\ (ID = 102000)
5:28 PM: HKLM\software\classes\interface\{bccab53d-0895-40c3-a942-a03538ce227a}\ (ID = 101999)
5:28 PM: HKLM\software\classes\interface\{a986f4db-792e-4571-8974-0bb6e024766f}\ (ID = 101998)
5:28 PM: HKLM\software\classes\interface\{830d3aed-2fa9-454f-b266-d931862bbf34}\ (ID = 101997)
5:28 PM: HKLM\software\classes\interface\{49db48ff-02b5-4645-b676-94a4df1aa026}\ (ID = 101996)
5:28 PM: HKLM\software\classes\interface\{9bcdd51b-4a7b-446c-8452-d32d38004582}\ (ID = 101995)
5:28 PM: HKLM\software\classes\interface\{8c53bd8e-b12d-4c8f-ad0e-c9ddc39d1273}\ (ID = 101994)
5:28 PM: HKLM\software\classes\interface\{6e0ed53c-9908-49ed-b055-7cb31b162577}\ (ID = 101993)
5:28 PM: HKCR\interface\{d7eac2d8-2d52-4010-a4ad-dfdf60c1706c}\ (ID = 101986)
5:28 PM: HKCR\interface\{c0f88e9e-dceb-4655-968a-ae508a677c39}\ (ID = 101985)
5:28 PM: HKCR\interface\{bccab53d-0895-40c3-a942-a03538ce227a}\ (ID = 101984)
5:28 PM: HKCR\interface\{a986f4db-792e-4571-8974-0bb6e024766f}\ (ID = 101983)
5:28 PM: HKCR\interface\{830d3aed-2fa9-454f-b266-d931862bbf34}\ (ID = 101982)
5:28 PM: HKCR\interface\{49db48ff-02b5-4645-b676-94a4df1aa026}\ (ID = 101981)
5:28 PM: HKCR\interface\{9bcdd51b-4a7b-446c-8452-d32d38004582}\ (ID = 101980)
5:28 PM: HKCR\interface\{8c53bd8e-b12d-4c8f-ad0e-c9ddc39d1273}\ (ID = 101979)
5:28 PM: HKCR\interface\{6e0ed53c-9908-49ed-b055-7cb31b162577}\ (ID = 101978)
5:28 PM: HKCR\clsid\{8940e505-72c6-44de-be85-1d746780efbf}\ (ID = 101977)
5:28 PM: Found Trojan Horse: 2nd-thought
5:27 PM: Starting Registry Sweep
5:27 PM: Memory Sweep Complete, Elapsed Time: 00:11:04
5:16 PM: Starting Memory Sweep
5:16 PM: Start Custom Sweep
5:16 PM: Sweep initiated using definitions version 967
5:14 PM: None
5:14 PM: Traces Found: 0
5:14 PM: Sweep Canceled
5:13 PM: Start Custom Sweep
5:13 PM: Sweep initiated using definitions version 967
5:12 PM: Informational: ShieldEmail: Start monitoring port 25 for mail activities
Keylogger: Off
5:12 PM: Informational: ShieldEmail: Start monitoring port 110 for mail activities
E-mail Attachment: On
BHO Shield: On
IE Security Shield: On
Alternate Data Stream (ADS) Execution Shield: On
Startup Shield: On
Common Ad Sites: Off
Hosts File Shield: On
Internet Communication Shield: On
ActiveX Shield: On
Windows Messenger Service Shield: On
IE Favorites Shield: On
File System Shield: On
Execution Shield: On
System Services Shield: On
IE Hijack Shield: On
IE Tracking Cookies Shield: Off
5:11 PM: Shield States
5:11 PM: License Check Status (0): Success
5:11 PM: Spyware Definitions: 967
5:10 PM: Spy Sweeper 5.5.7.48 started
5:10 PM: Spy Sweeper 5.5.7.48 started
5:10 PM: | Start of Session, Monday, August 13, 2007 |
***************
AC3Filter (remove only)
Ad-Aware SE Personal
Adobe Acrobat - Reader 6.0.2 Update
Adobe Acrobat 5.0
Adobe Acrobat 6.0.1 Professional
Adobe Acrobat and Reader 6.0.3 Update
Adobe Acrobat and Reader 6.0.4 Update
Adobe Acrobat and Reader 6.0.5 Update
Adobe Acrobat and Reader 6.0.6 Update
Adobe Atmosphere Player for Acrobat and Adobe Reader
Adobe Creative Suite
Adobe Flash Player ActiveX
Adobe Photoshop Album 2.0 Starter Edition
Adobe Reader 6.0.1
Adobe Shockwave Player
Adobe SVG Viewer 3.0
Advanced Networking Pack for Windows XP
AOL Instant Messenger
AOpen iWheelWorks Ver. 1.32
ApproveIt Desktop 5.7.3
AVG Anti-Spyware 7.5
AVIcodec (remove only)
CreataCard Special Edition - Lexmark 2
Creative System Information
CS Internet Tools 2.1
DivX 5.0.2 Pro Bundle
DivX Player
Family Tree Maker
hh_screensaver_2
HH_screensaver_v3
HighMAT Extension to Microsoft Windows XP CD Writing Wizard
HijackThis 2.0.2
HP Customer Participation Program 7.0
HP Document Viewer 7.0
HP Imaging Device Functions 7.0
HP Photosmart Essential
HP Photosmart Premier Software 6.5
HP Photosmart, Officejet and Deskjet 7.0.A
HP Solution Center 7.0
HP Update
ICatch (VI) PC Camera
InterVideo WinDVD
ItCan.Net Monitor 1.03
J2SE Runtime Environment 5.0 Update 11
Java™ SE Runtime Environment 6 Update 1
Kaspersky Online Scanner
LANguard Network Scanner
Learn2 Player (Uninstall Only)
LiveUpdate 3.0 (Symantec Corporation)
Logitech MouseWare 9.42 .1
Media Library Management Wizard
Micrografx Windows Draw 6 LE
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft Age of Empires II
Microsoft Data Access Components KB870669
Microsoft FrontPage 2000
Microsoft Office Professional Edition 2003
Microsoft Picture It! Express 7.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Web Publishing Wizard 1.52
Microsoft Windows Journal Viewer
Microsoft XML Parser and SDK
Movie Maker Background Music Files
Movie Maker Sound Effects
Movie Maker Title Images
MSN Music Assistant
Norton WMI Update
NVIDIA Display Driver
NVIDIA Windows 2000/XP Display Drivers
OCR Software by I.R.I.S 7.0
Optiquest Monitor Drivers
Outlook Express Q823353
Panda ActiveScan
PCFriendly
Personal License Update Wizard for Windows Media Player
Pharaoh
PhotoMAX Pro
PhotoPrinter 2.0
Plus! MP3 Audio Converter LE
Pop-Up Stopper Free Edition
Porrasturvat - Stair Dismount (remove only)
Presto! ImageFolio 4.2
Presto! Mr. Photo
Presto! VideoWorks 4.5
Prevx 2.0
PrintMaster 12
PureEdge Viewer 6.5
Quest for Glory V: Dragon Fire
Quicken 2005
QuickTime
QuickTime 3.0
RealPlayer Basic
Remove DivX Codec
Security Update for Windows Media Player 10 (KB917734)
Shockwave
Shogun Total War
Sierra Utilities
SiS 900 PCI Fast Ethernet Adapter Driver
SiS Audio Driver
SmartDraw Business & Charting Collection
Sound Blaster Live! 24-bit
Spy Sweeper
Spybot - Search & Destroy 1.3
Symantec AntiVirus
Tera Term Pro
Update for Windows XP (KB898461)
Viewpoint Manager (Remove Only)
Viewpoint Media Player
ViewSonic Windows XP Signed Files
WeatherBug
Windows Installer 3.1 (KB893803)
Windows Live Messenger
Windows Media Bonus Pack for Windows XP
Windows Media Format Runtime
Windows Media Player 10
Windows Media Player Playlist Import to Excel Wizard
Windows Media Player Skin Importer
Windows Media Player Tray Control
Windows XP Hotfix - KB820291
Windows XP Hotfix - KB821253
Windows XP Hotfix - KB821557
Windows XP Hotfix - KB822603
Windows XP Hotfix - KB823182
Windows XP Hotfix - KB823559
Windows XP Hotfix - KB824105
Windows XP Hotfix - KB824141
Windows XP Hotfix - KB825119
Windows XP Hotfix - KB826942
Windows XP Hotfix - KB828035
Windows XP Hotfix - KB828741
Windows XP Hotfix - KB833407
Windows XP Hotfix - KB833987
Windows XP Hotfix - KB834707
Windows XP Hotfix - KB835732
Windows XP Hotfix - KB837001
Windows XP Hotfix - KB839645
Windows XP Hotfix - KB840315
Windows XP Hotfix - KB840987
Windows XP Hotfix - KB841356
Windows XP Hotfix - KB841533
Windows XP Hotfix - KB841873
Windows XP Hotfix - KB842773
Windows XP Hotfix - KB867282
Windows XP Hotfix - KB871250
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB873376
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB889293
Windows XP Hotfix - KB890047
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB891711
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB918439
Windows XP Hotfix - KB925486
Windows XP Hotfix (SP2) [See Q329048 for more information]
Windows XP Hotfix (SP2) [See Q329115 for more information]
Windows XP Hotfix (SP2) [See Q329390 for more information]
Windows XP Hotfix (SP2) [See Q329834 for more information]
Windows XP Hotfix (SP2) Q322011
Windows XP Hotfix (SP2) Q327979
Windows XP Hotfix (SP2) Q329170
Windows XP Hotfix (SP2) Q329441
Windows XP Hotfix (SP2) Q810565
Windows XP Hotfix (SP2) Q810577
Windows XP Hotfix (SP2) Q810833
Windows XP Hotfix (SP2) Q811493
Windows XP Hotfix (SP2) Q814033
Windows XP Hotfix (SP2) Q814995
Windows XP Hotfix (SP2) Q815021
Windows XP Hotfix (SP2) Q817287
Windows XP Hotfix (SP2) Q817606
WinISO 5.3
WinRAR archiver
Yahoo! Address AutoComplete
Yahoo! Browser Services
Yahoo! extras
Yahoo! Install Manager
Yahoo! Internet Mail
Yahoo! Messenger
Thanks again......
#8 OFFLINE
-
- Spyware Moderators
-
- 1,821 posts
Power Member
- Gender:Male
- Location:Manchester. UK
- Interests:Music, Movies, Website Building & Design, Malware Testing/Research and spending time with friends & family.
Posted 14 August 2007 - 08:51 PM
Thanks for the logs,
That looks fine, Spy Sweeper can be removed now using the Add/Remove screen as its only a trial version of the program, you could keep it for the 14 days until it expires if you wanted to though
Delete this file if it still exists
C:\WINDOWS\smdat32m.sys
You have a couple of versions of Java showing on the Add/Remove list, you only need one installed but its common for them to leave older versions on the system when it updates, you do not have the latest version installed so you may as well remove them both then get the latest from their website
Goto Start > Control Panel > Add or Remove Programs and remove
J2SE Runtime Environment 5.0 Update 11
Java SE Runtime Environment 6 Update 1
Once they are removed get the latest version from Sun's website here
http://www.java.com/...nload/index.jsp
The version of Spybot is out of date so that can also be removed from the Add/Remove screen and you can get the latest version from their website here
http://www.spybotupd.../spybotsd14.exe
Let us know if your still having problems on the PC or still getting runtime errors
Thanks
That looks fine, Spy Sweeper can be removed now using the Add/Remove screen as its only a trial version of the program, you could keep it for the 14 days until it expires if you wanted to though
Delete this file if it still exists
C:\WINDOWS\smdat32m.sys
You have a couple of versions of Java showing on the Add/Remove list, you only need one installed but its common for them to leave older versions on the system when it updates, you do not have the latest version installed so you may as well remove them both then get the latest from their website
Goto Start > Control Panel > Add or Remove Programs and remove
J2SE Runtime Environment 5.0 Update 11
Java SE Runtime Environment 6 Update 1
Once they are removed get the latest version from Sun's website here
http://www.java.com/...nload/index.jsp
The version of Spybot is out of date so that can also be removed from the Add/Remove screen and you can get the latest version from their website here
http://www.spybotupd.../spybotsd14.exe
Let us know if your still having problems on the PC or still getting runtime errors
Thanks
#9 OFFLINE
-
- Members
-
- 13 posts
Member
Posted 15 August 2007 - 01:41 AM
I am still getting the sts*.tmp files showing up and the only time I get runtime errors right now is whenever I log onto this particular webpage/post. Other than that, my system seems to be running quite a bit smoother anyways. Thanks for your help so far, and I will get the newer Java and Spybot installed in a couple of days.
#10 OFFLINE
-
- Spyware Moderators
-
- 1,821 posts
Power Member
- Gender:Male
- Location:Manchester. UK
- Interests:Music, Movies, Website Building & Design, Malware Testing/Research and spending time with friends & family.
Posted 15 August 2007 - 02:13 AM
See if you can upload afew of the sts*.tmp files on the Bleeping Computer link you used earlier and I'll check them and see if I can find any info on whats creating them, regarding the website if its not this website then can you post what the site is and I'll check it to see if its a problem with the webpage or if its also giving me errors but you could try resetting the Security settings in IE
Open a I.E browser window then goto Tools on the top bar then Internet Options
Cheers
Andy
Open a I.E browser window then goto Tools on the top bar then Internet Options
- Goto The Advanced Tab and Press Restore Defaults
- Goto The Security Tab, it will then be highlighting the Internet Zone, Press Custom Level then press Reset and Yes on the pop up confirmation box, then Click OK and OK again to close the Security Settings screen.
Cheers
Andy
#11 OFFLINE
-
- Members
-
- 13 posts
Member
Posted 15 August 2007 - 09:35 PM
Andy,
I submitted 3 of the sts*.tmp files to Bleeping Computer (STS22.tmp, STS1D.tmp, STS29.tmp). I went through and manually deleted them and the rest of the sts files that I could find after I posted them to you.
I will work on getting those updates as soon as I can. Thanks.
David
I submitted 3 of the sts*.tmp files to Bleeping Computer (STS22.tmp, STS1D.tmp, STS29.tmp). I went through and manually deleted them and the rest of the sts files that I could find after I posted them to you.
I will work on getting those updates as soon as I can. Thanks.
David
#12 OFFLINE
-
- Spyware Moderators
-
- 1,821 posts
Power Member
- Gender:Male
- Location:Manchester. UK
- Interests:Music, Movies, Website Building & Design, Malware Testing/Research and spending time with friends & family.
Posted 17 August 2007 - 10:14 AM
Hi David
I checked the files and they are clean htm files just containing this message so there's nothing to worry about
hp.jpg 6.02K
8 downloads
Cheers
I checked the files and they are clean htm files just containing this message so there's nothing to worry about
hp.jpg 6.02K
8 downloadsCheers
#13 OFFLINE
-
- Members
-
- 13 posts
Member
Posted 21 August 2007 - 12:12 AM
Andy,
Thanks fo letting me know those files were clean. I guess I did start seeing them appear around the time I bought a new printer (HP, of course), and since I don't turn my printer unless I need to use it, it makes since that it is disconnected. Odd about the tmp files though. I might pursue it with HP to see if they can explain why it does that. Again, thanks.
David
Thanks fo letting me know those files were clean. I guess I did start seeing them appear around the time I bought a new printer (HP, of course), and since I don't turn my printer unless I need to use it, it makes since that it is disconnected. Odd about the tmp files though. I might pursue it with HP to see if they can explain why it does that. Again, thanks.
David
#14 OFFLINE
-
- Spyware Moderators
-
- 1,821 posts
Power Member
- Gender:Male
- Location:Manchester. UK
- Interests:Music, Movies, Website Building & Design, Malware Testing/Research and spending time with friends & family.
Posted 21 August 2007 - 09:10 PM
Your Welcome David
Im glad I could help, if they are being created in a temp folder then CCleaner should take care of them to save you having to manually remove the files, regarding the site thats giving the runtime error's if its still happening let me know the site address (either on here or via PM) and I'll check it for any problems or scripting errors.
Please also read Tony Klein's excellent article as it contains lots of useful links and tips to help keep the PC secure: How I got Infected in the First Place
SpywareBlaster which is mentioned on that link is well worth installing to provide extra protection but there's lots of other useful programs mentioned on there.
Cheers
Im glad I could help, if they are being created in a temp folder then CCleaner should take care of them to save you having to manually remove the files, regarding the site thats giving the runtime error's if its still happening let me know the site address (either on here or via PM) and I'll check it for any problems or scripting errors.
Please also read Tony Klein's excellent article as it contains lots of useful links and tips to help keep the PC secure: How I got Infected in the First Place
SpywareBlaster which is mentioned on that link is well worth installing to provide extra protection but there's lots of other useful programs mentioned on there.
Cheers
#15 OFFLINE
-
- Members
-
- 13 posts
Member
Posted 21 August 2007 - 11:30 PM
Andy,
The runtime errors I get are consistant on this site, every time I log in to check this message board. One will pop up and mention a specific line, then I will say no to debug and another will pop for another line number.. and this goes down the page. Oh yeah.. the error is Unterminated String Constant. Each additional post we make it adds another message. Other than this page, I see it very infrequently now on other pages and it doesn't always do it on the same page. I can't really think of anything else to tell you. Thanks again.
David
The runtime errors I get are consistant on this site, every time I log in to check this message board. One will pop up and mention a specific line, then I will say no to debug and another will pop for another line number.. and this goes down the page. Oh yeah.. the error is Unterminated String Constant. Each additional post we make it adds another message. Other than this page, I see it very infrequently now on other pages and it doesn't always do it on the same page. I can't really think of anything else to tell you. Thanks again.
David
#16 OFFLINE
-
- Spyware Moderators
-
- 1,821 posts
Power Member
- Gender:Male
- Location:Manchester. UK
- Interests:Music, Movies, Website Building & Design, Malware Testing/Research and spending time with friends & family.
Posted 22 August 2007 - 01:14 AM
The best advise would be to upgrade to SP2 as that will improve security as well as updating files used by IE and adding more options such as the Manage Add-ons feature so you can control whats loading with IE, if that's not an option then there's afew other things you can try which I will list below
Try re-registering all these files but copy and paste this to notepad first so you can do it with IE closed
Click Start, and then click Run.
Type (or copy and paste)
regsvr32 urlmon.dll
Then click OK.
When you receive the "DllRegisterServer in urlmon.dll succeeded" message, click OK.
Repeat those steps to also re-register these files (replace Urlmon.dll with each of the file names below):
Actxprxy.dll
Shdocvw.dll
Oleaut32.dll
Mshtml.dll
Browseui.dll
Shell32.dll
vbscript.dll
jscript.dll
Next goto Start > Control Panel > Internet Options and delete the Temporary Internet Files by clicking Delete Files (place a check next to delete all offline content) then click OK, you can also open IE and click Tool on the Top Bar then Internet Options to get to the same screen if needed.
Then check if you still receive the error's
If you do you could test if its a third party plugin thats causing the problem by Unchecking the Enable third-party browser extensions option on the Advanced tab (Open Control Panel > Internet Options > Advanced) and click Apply and OK (then restart IE),
How to disable third-party tool bands and Browser Helper Objects
If its still the same after a reboot then you can re-enable that option to allow third party extensions to be used again.
To try reduce the effects of the errors open IE and goto Tools > Internet Options then Advanced and check the box to Disable script debugging. Also Uncheck the box to Display a notification about every script error and click Apply and OK (as explained in the link below)
http://support.microsoft.com/kb/822521
You could also work through the solutions on this Microsoft page
How to Troubleshoot Script Errors in Internet Explorer
Hopefully one of the steps will help but let us know how it goes
Cheers
Try re-registering all these files but copy and paste this to notepad first so you can do it with IE closed
Click Start, and then click Run.
Type (or copy and paste)
regsvr32 urlmon.dll
Then click OK.
When you receive the "DllRegisterServer in urlmon.dll succeeded" message, click OK.
Repeat those steps to also re-register these files (replace Urlmon.dll with each of the file names below):
Actxprxy.dll
Shdocvw.dll
Oleaut32.dll
Mshtml.dll
Browseui.dll
Shell32.dll
vbscript.dll
jscript.dll
Next goto Start > Control Panel > Internet Options and delete the Temporary Internet Files by clicking Delete Files (place a check next to delete all offline content) then click OK, you can also open IE and click Tool on the Top Bar then Internet Options to get to the same screen if needed.
Then check if you still receive the error's
If you do you could test if its a third party plugin thats causing the problem by Unchecking the Enable third-party browser extensions option on the Advanced tab (Open Control Panel > Internet Options > Advanced) and click Apply and OK (then restart IE),
How to disable third-party tool bands and Browser Helper Objects
If its still the same after a reboot then you can re-enable that option to allow third party extensions to be used again.
To try reduce the effects of the errors open IE and goto Tools > Internet Options then Advanced and check the box to Disable script debugging. Also Uncheck the box to Display a notification about every script error and click Apply and OK (as explained in the link below)
http://support.microsoft.com/kb/822521
You could also work through the solutions on this Microsoft page
How to Troubleshoot Script Errors in Internet Explorer
Hopefully one of the steps will help but let us know how it goes
Cheers
#17 OFFLINE
-
- Members
-
- 13 posts
Member
Posted 22 August 2007 - 08:08 PM
Andy,
I don't know what happened, but when I logged in to check your response post, I did not get a single runtime error. I have not taken any of the steps that you suggested yet, but something seems to have been fixed. I appreciate your help and will let you know if I have any other problems.
David
I don't know what happened, but when I logged in to check your response post, I did not get a single runtime error. I have not taken any of the steps that you suggested yet, but something seems to have been fixed. I appreciate your help and will let you know if I have any other problems.
David
#18 OFFLINE
-
- Spyware Moderators
-
- 1,821 posts
Power Member
- Gender:Male
- Location:Manchester. UK
- Interests:Music, Movies, Website Building & Design, Malware Testing/Research and spending time with friends & family.
Posted 23 August 2007 - 01:41 PM
That's good to hear David
Hopefully whatever was causing it has corrected itself but let us know if you have more problems anytime
Happy Surfing
Andy
Hopefully whatever was causing it has corrected itself but let us know if you have more problems anytime
Happy Surfing
Andy
