View Full Version : Please help with nasty virtumonde infection
billybob0626
2007-08-24, 20:43
Recently Spybot search and destroy detected the virtumonde trojan in my computer. The "1shoppingcart" cookie was removed but the infection remained. I ran Spybot S&D in safe mode but nothing was detected. I also ran combofix and vundoremove but no luck. I read Sticky's "what to do before posting. This is my first time posting threads in a forum. I will give you the most recent HJT log. Thank you in advance.
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 10:37:58 AM, on 8/25/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Intel\ASF Agent\ASFAgent.exe
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Dell\OpenManage\Client\Iap.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\ScsiAccess.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft Windows OneCare Live\Firewall\msfwsvc.exe
C:\Program Files\Microsoft Windows OneCare Live\winss.exe
C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Print Server\PTP\PSDiagnostic.exe
C:\Program Files\GIL Virtual HDD\VHKTRAY.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\IEEE 802.11g USB Wireless LAN\Wireless LAN\WlanUtil.exe
C:\Program Files\U.S. Robotics\U.S. Robotics USB Phone\U.S.RoboticsUSBPhone.exe
C:\Documents and Settings\Bill and Shirley\Desktop\HiJackThis_v2.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.att.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: CCHelper - {0CF0B8EE-6596-11D5-A98E-0003470BB48E} - C:\Program Files\Panicware\Pop-Up Stopper\CCHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: TSWLObj Class - {8A7B6C4E-282C-4000-8336-27859E0A38FF} - C:\Program Files\GIL Virtual HDD\tsweblock.dll
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [PrintServer Diagnostic] C:\Program Files\Print Server\PTP\PSDiagnostic.exe
O4 - HKLM\..\Run: [VHKTRAY] C:\Program Files\GIL Virtual HDD\VHKTRAY.exe
O4 - HKLM\..\Run: [OneCareUI] "C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe"
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08d9 -f video -m logitech -d 10.5.0.1091 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08d9 -f video -m logitech -d 10.5.0.1091 (User 'Default user')
O4 - Startup: U.S. Robotics USB Phone.lnk = C:\Program Files\U.S. Robotics\U.S. Robotics USB Phone\U.S.RoboticsUSBPhone.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: IEEE 802.11g USB Wireless LAN Utility.lnk = C:\Program Files\IEEE 802.11g USB Wireless LAN\Wireless LAN\WlanUtil.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://F:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .bcf: C:\Program Files\Internet Explorer\Plugins\NPBelv32.dll
O12 - Plugin for .mid: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin2.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O12 - Plugin for .tiff: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin5.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {13EC55CF-D993-475B-9ACA-F4A384957956} (Controller Class) - https://www.windowsonecare.com/install/cli/1.1.1067.14/WinSSWebAgent.CAB
O16 - DPF: {1D9EFA3B-4E85-41A8-9092-14012CD447C9} (NetCamPlayerWeb Control) - http://192.168.1.11/img/NetCamPlayerWeb.ocx
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: ASF Agent (ASFAgent) - Intel Corporation - C:\Program Files\Intel\ASF Agent\ASFAgent.exe
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: Iap - Dell Computer Corporation - C:\Program Files\Dell\OpenManage\Client\Iap.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Intel(R) NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\System32\ScsiAccess.EXE
--
End of file - 7920 bytes
pskelley
2007-08-24, 23:08
Welcome to Safer Networking, I wish to be sure you have viewed and understand this information.
"BEFORE you POST" (READ this Procedure before Requesting Assistance)
http://forums.spybot.info/showthread.php?t=288
All advice given is taken at your own risk.
Please make sure you have read this information so we are on the same page.
I am not seeing evidence of Vundo infection in this HJT log, but the HJT version is out of date? If you still need help, please do this.
1) Review the instructions again, if you missed the HJT version, you may have missed other important instructions.
2) Remove from your computer the tools you said you used, I may use them again, but will want the newest versions downloaded from the links I provide.
3) Take the time to describe the symptoms you are receiving, just recause Spybot S&D finds a cookie or an item it can't remove may mean your version of the tool is out of date and have nothing to do with malware. If you receive any error messages, post them "word for word" I need to know what programs is finding what and exactly what it is finding.
4) C:\Documents and Settings\Bill and Shirley\Desktop\HiJackThis_v2.exe
Delete that version of HJT completely from your computer.
5) Download this self-installer version of HJT from here:
http://www.trendsecure.com/portal/en-US/threat_analytics/HJTInstall.exe
Follow the prompts, the program will install where it is supposed to.
6) Post a new HJT log, also post any information I requested above.
Thanks
billybob0626
2007-08-24, 23:52
Thank you for your quick response.
i apoplgize this is my first time in a forum.
I had to upload the properversion of HJT from another computer as whatever is in this computer would not let me download it.
Here is my problem. It started when I would get popups online. This was a couple of weeks ago. Spybot S&D said it found virtumonde on the computer. I noticed my computer was slow ad the popups continued but now they were telling me to use skype to order whatever things i was looking at on the internet. Then my skype changed it no longer recognizes my skype name. Every time I try to download any anti-spyware program my computer disconnects from the internet. I ran the updated Spybot S & D in safe mode and nothing was found.
I am not a computer expert and i appriciate your help.
Here is the new HJT log
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:51:05 PM, on 8/25/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Intel\ASF Agent\ASFAgent.exe
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Dell\OpenManage\Client\Iap.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\ScsiAccess.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft Windows OneCare Live\Firewall\msfwsvc.exe
C:\Program Files\Microsoft Windows OneCare Live\winss.exe
C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Print Server\PTP\PSDiagnostic.exe
C:\Program Files\GIL Virtual HDD\VHKTRAY.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\IEEE 802.11g USB Wireless LAN\Wireless LAN\WlanUtil.exe
C:\Program Files\U.S. Robotics\U.S. Robotics USB Phone\U.S.RoboticsUSBPhone.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.att.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: CCHelper - {0CF0B8EE-6596-11D5-A98E-0003470BB48E} - C:\Program Files\Panicware\Pop-Up Stopper\CCHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: TSWLObj Class - {8A7B6C4E-282C-4000-8336-27859E0A38FF} - C:\Program Files\GIL Virtual HDD\tsweblock.dll
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [PrintServer Diagnostic] C:\Program Files\Print Server\PTP\PSDiagnostic.exe
O4 - HKLM\..\Run: [VHKTRAY] C:\Program Files\GIL Virtual HDD\VHKTRAY.exe
O4 - HKLM\..\Run: [OneCareUI] "C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe"
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08d9 -f video -m logitech -d 10.5.0.1091 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08d9 -f video -m logitech -d 10.5.0.1091 (User 'Default user')
O4 - Startup: U.S. Robotics USB Phone.lnk = C:\Program Files\U.S. Robotics\U.S. Robotics USB Phone\U.S.RoboticsUSBPhone.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: IEEE 802.11g USB Wireless LAN Utility.lnk = C:\Program Files\IEEE 802.11g USB Wireless LAN\Wireless LAN\WlanUtil.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://F:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .bcf: C:\Program Files\Internet Explorer\Plugins\NPBelv32.dll
O12 - Plugin for .mid: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin2.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O12 - Plugin for .tiff: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin5.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {13EC55CF-D993-475B-9ACA-F4A384957956} (Controller Class) - https://www.windowsonecare.com/install/cli/1.1.1067.14/WinSSWebAgent.CAB
O16 - DPF: {1D9EFA3B-4E85-41A8-9092-14012CD447C9} (NetCamPlayerWeb Control) - http://192.168.1.11/img/NetCamPlayerWeb.ocx
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: ASF Agent (ASFAgent) - Intel Corporation - C:\Program Files\Intel\ASF Agent\ASFAgent.exe
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: Iap - Dell Computer Corporation - C:\Program Files\Dell\OpenManage\Client\Iap.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Intel(R) NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\System32\ScsiAccess.EXE
--
End of file - 7735 bytes
pskelley
2007-08-25, 00:13
There is still nothing showing in the HJT log that looks like malware. Issues with Skype you will have to take up with their technical support.
The inability to download could have something to do with your wireless equipment which I know absolutely nothing about. Do you have any issues downloading updates for the Microsoft Windows OneCare Live program you are running.
You mention this all happened a couple of weeks ago, when was the last time you had any problems and exactly what were they. Spybot S&D will not remove a vundo infection but the other tools you said you ran may have. I would like to have a look at a comboxfix log, please make sure you have deleted the old combofix program and follow these instructions.
Thanks to sUBs and anyone else who helped with this fix.
Download ComboFix from Here (http://www.techsupportforum.com/sectools/sUBs/ComboFix.exe) or Here (http://download.bleepingcomputer.com/sUBs/ComboFix.exe) to your Desktop.
Double click combofix.exe and follow the prompts.
When finished, it shall produce a log for you. Post that log in your next reply
Note: Do not mouseclick combofix's window while its running. That may cause it to stall
Thanks
billybob0626
2007-08-25, 00:53
I had to upload combofix from another computer. When I attempt to run the program the autoscan screen comes up and the program appears to start. A prompt then comes that tells me that my clock setting has been changed by combofix and not to change it as combo fix will restore it later and then the program stops.
I neglected to mention that my computer had "win32.small.bkf on it several months ago. Spybot S & D removed it and i have not had any problems since.
One other thing that I orgot to mention with the problem I am having now whateven infected my computer removed all of my system restore points.
This morning I ran an online scan with Kapersky. Would it be helpful to post the log?
Thanks again for your help.
pskelley
2007-08-25, 01:06
Not sure if I can help if you can not run the tools I use, you said you ran combofix before?
Post the Kaspersky scan results. I will also mention it does me little good to know what occured in the past, I am interested in what you are finding on the computer with any of the tools you are using now. Can you tell me if you have an updated version of Spybot S&D that is fully immunized? What does it report when you run it?
Thanks
billybob0626
2007-08-25, 01:40
Sorry for the delay.
I have used combofix and vundofix before. I was able to download the components for the kapersky scan and here is the log.
I know that there is something in my computer because of its extreemly slow performance and whenever I go to a security related website I get disconnected from the website. Whateven this thing is it lets me go to other websites. It says that the log is too long so I will put it in another post.
billybob0626
2007-08-25, 01:46
The scan report is too long. It appears i will have to send it in three posts. Here is the first part.
KASPERSKY ONLINE SCANNER REPORT
Saturday, August 25, 2007 10:26:18 AM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.93.0
Kaspersky Anti-Virus database last update: 24/08/2007
Kaspersky Anti-Virus database records: 388954
Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true
Scan Target My Computer
A:\
C:\
D:\
E:\
F:\
Scan Statistics
Total number of scanned objects 68136
Number of viruses found 0
Number of infected objects 0
Number of suspicious objects 0
Duration of the scan process 03:23:59
Infected Object Name Virus Name Last Action
C:\a223630\laprxy.dll Object is locked skipped
C:\a223630\lcladvd.xml Object is locked skipped
C:\a223630\lcldocs.xml Object is locked skipped
C:\a223630\license.chm Object is locked skipped
C:\a223630\licmgr10.dll Object is locked skipped
C:\a223630\licwmi.dll Object is locked skipped
C:\a223630\licwmi.mof Object is locked skipped
C:\a223630\lmrt.dll Object is locked skipped
C:\a223630\locale.nls Object is locked skipped
C:\a223630\localspl.dll Object is locked skipped
C:\a223630\localui.dll Object is locked skipped
C:\a223630\log.dll Object is locked skipped
C:\a223630\logagent.exe Object is locked skipped
C:\a223630\logon.scr Object is locked skipped
C:\a223630\logonmgr.dll Object is locked skipped
C:\a223630\logonui.exe Object is locked skipped
C:\a223630\lsasrv.dll Object is locked skipped
C:\a223630\lsass.exe Object is locked skipped
C:\a223630\ltmdmnt.sys Object is locked skipped
C:\a223630\ltmdmntt.sys Object is locked skipped
C:\a223630\ltotape.sys Object is locked skipped
C:\a223630\lwadihid.sys Object is locked skipped
C:\a223630\mail.mar Object is locked skipped
C:\a223630\manifest.xml Object is locked skipped
C:\a223630\market.mar Object is locked skipped
C:\a223630\mdmetech.inf Object is locked skipped
C:\a223630\mdmlt3.inf Object is locked skipped
C:\a223630\mdmrpci.inf Object is locked skipped
C:\a223630\mdmsuprv.inf Object is locked skipped
C:\a223630\memstpci.sys Object is locked skipped
C:\a223630\migapp.inf Object is locked skipped
C:\a223630\migism.dll Object is locked skipped
C:\a223630\migism.inf Object is locked skipped
C:\a223630\migism_a.dll Object is locked skipped
C:\a223630\migload.exe Object is locked skipped
C:\a223630\migrate.js Object is locked skipped
C:\a223630\migrate.obe Object is locked skipped
C:\a223630\migsys.inf Object is locked skipped
C:\a223630\migwiz.exe Object is locked skipped
C:\a223630\migwiz.inf Object is locked skipped
C:\a223630\migwiz_a.exe Object is locked skipped
C:\a223630\mindex.dll Object is locked skipped
C:\a223630\mmcndmgr.dll Object is locked skipped
C:\a223630\mnmdd.dll Object is locked skipped
C:\a223630\mobsync.dll Object is locked skipped
C:\a223630\mofcomp.exe Object is locked skipped
C:\a223630\mofd.dll Object is locked skipped
C:\a223630\moricons.dll Object is locked skipped
C:\a223630\mouclass.sys Object is locked skipped
C:\a223630\moviemk.exe Object is locked skipped
C:\a223630\mpg2splt.ax Object is locked skipped
C:\a223630\mpg4dmod.dll Object is locked skipped
C:\a223630\mpg4ds32.ax Object is locked skipped
C:\a223630\mplay32.exe Object is locked skipped
C:\a223630\mplayer2.exe Object is locked skipped
C:\a223630\mrxsmb.sys Object is locked skipped
C:\a223630\msadce.dll Object is locked skipped
C:\a223630\msadcf.dll Object is locked skipped
C:\a223630\msadco.dll Object is locked skipped
C:\a223630\msadcs.dll Object is locked skipped
C:\a223630\msadds.dll Object is locked skipped
C:\a223630\msadds32.ax Object is locked skipped
C:\a223630\msado15.dll Object is locked skipped
C:\a223630\msado20.tlb Object is locked skipped
C:\a223630\msado21.tlb Object is locked skipped
C:\a223630\msado25.tlb Object is locked skipped
C:\a223630\msado26.tlb Object is locked skipped
C:\a223630\msadomd.dll Object is locked skipped
C:\a223630\msador15.dll Object is locked skipped
C:\a223630\msadox.dll Object is locked skipped
C:\a223630\msadp32.acm Object is locked skipped
C:\a223630\msadrh15.dll Object is locked skipped
C:\a223630\msaud32.acm Object is locked skipped
C:\a223630\mscandui.dll Object is locked skipped
C:\a223630\mscms.dll Object is locked skipped
C:\a223630\msconf.dll Object is locked skipped
C:\a223630\msconfig.exe Object is locked skipped
C:\a223630\mscpx32r.dll Object is locked skipped
C:\a223630\msctf.dll Object is locked skipped
C:\a223630\msctfp.dll Object is locked skipped
C:\a223630\msdadc.dll Object is locked skipped
C:\a223630\msdaenum.dll Object is locked skipped
C:\a223630\msdaer.dll Object is locked skipped
C:\a223630\msdaipp.dll Object is locked skipped
C:\a223630\msdaora.dll Object is locked skipped
C:\a223630\msdaosp.dll Object is locked skipped
C:\a223630\msdaprst.dll Object is locked skipped
C:\a223630\msdaps.dll Object is locked skipped
C:\a223630\msdarem.dll Object is locked skipped
C:\a223630\msdart.dll Object is locked skipped
C:\a223630\msdasc.dll Object is locked skipped
C:\a223630\msdasql.dll Object is locked skipped
C:\a223630\msdatl3.dll Object is locked skipped
C:\a223630\msdatsrc.tlb Object is locked skipped
C:\a223630\msdatt.dll Object is locked skipped
C:\a223630\msdaurl.dll Object is locked skipped
C:\a223630\msdbx.dll Object is locked skipped
C:\a223630\msdfmap.dll Object is locked skipped
C:\a223630\msdtcprx.dll Object is locked skipped
C:\a223630\msdxm.ocx Object is locked skipped
C:\a223630\msdxmlc.dll Object is locked skipped
C:\a223630\msexch40.dll Object is locked skipped
C:\a223630\msexcl40.dll Object is locked skipped
C:\a223630\msgina.dll Object is locked skipped
C:\a223630\msgrocm.dll Object is locked skipped
C:\a223630\msgsc.dll Object is locked skipped
C:\a223630\msgslang.dll Object is locked skipped
C:\a223630\msh261.drv Object is locked skipped
C:\a223630\msh263.drv Object is locked skipped
C:\a223630\mshtml.dll Object is locked skipped
C:\a223630\mshtml.tlb Object is locked skipped
C:\a223630\mshtmled.dll Object is locked skipped
C:\a223630\mshtmler.dll Object is locked skipped
C:\a223630\msi.dll Object is locked skipped
C:\a223630\msieftp.dll Object is locked skipped
C:\a223630\msiexec.exe Object is locked skipped
C:\a223630\msihnd.dll Object is locked skipped
C:\a223630\msimain.sdb Object is locked skipped
C:\a223630\msimg32.dll Object is locked skipped
C:\a223630\msimn.exe Object is locked skipped
C:\a223630\msimtf.dll Object is locked skipped
C:\a223630\msisam11.dll Object is locked skipped
C:\a223630\msjet40.dll Object is locked skipped
C:\a223630\msjetol1.dll Object is locked skipped
C:\a223630\msjro.dll Object is locked skipped
C:\a223630\msjtes40.dll Object is locked skipped
C:\a223630\mskssrv.sys Object is locked skipped
C:\a223630\mslbui.dll Object is locked skipped
C:\a223630\msltus40.dll Object is locked skipped
C:\a223630\msmom.dll Object is locked skipped
C:\a223630\msmsgs.cat Object is locked skipped
C:\a223630\msmsgs.exe Object is locked skipped
C:\a223630\msmsgs.inf Object is locked skipped
C:\a223630\msmsgsin.exe Object is locked skipped
C:\a223630\msn.inf Object is locked skipped
C:\a223630\msn100.mar Object is locked skipped
C:\a223630\msn14.mar Object is locked skipped
C:\a223630\msn150.mar Object is locked skipped
C:\a223630\msn163.mar Object is locked skipped
C:\a223630\msn188.mar Object is locked skipped
C:\a223630\msn220.mar Object is locked skipped
C:\a223630\msn222.mar Object is locked skipped
C:\a223630\msn238.mar Object is locked skipped
C:\a223630\msn36.mar Object is locked skipped
C:\a223630\msn6.exe Object is locked skipped
C:\a223630\msnetobj.dll Object is locked skipped
C:\a223630\msnmetal.dll Object is locked skipped
C:\a223630\msnmigr.dll Object is locked skipped
C:\a223630\msnmsn.inf Object is locked skipped
C:\a223630\msnmtllc.dll Object is locked skipped
C:\a223630\msnntmig.dll Object is locked skipped
C:\a223630\msnspell.dll Object is locked skipped
C:\a223630\msnsspc.dll Object is locked skipped
C:\a223630\msnunin.exe Object is locked skipped
C:\a223630\msobcomm.dll Object is locked skipped
C:\a223630\msobmain.dll Object is locked skipped
C:\a223630\msobshel.htm Object is locked skipped
C:\a223630\msoe.dll Object is locked skipped
C:\a223630\msoeacct.dll Object is locked skipped
C:\a223630\msoert2.dll Object is locked skipped
C:\a223630\msorcl32.dll Object is locked skipped
C:\a223630\mspaint.exe Object is locked skipped
C:\a223630\mspbde40.dll Object is locked skipped
C:\a223630\mspmsp.dll Object is locked skipped
C:\a223630\msrating.dll Object is locked skipped
C:\a223630\msrd2x40.dll Object is locked skipped
C:\a223630\msrdp.cab Object is locked skipped
C:\a223630\msrdp.ocx Object is locked skipped
C:\a223630\msrepl40.dll Object is locked skipped
C:\a223630\msrle32.dll Object is locked skipped
C:\a223630\msscds32.ax Object is locked skipped
C:\a223630\msscp.dll Object is locked skipped
C:\a223630\msscript.ocx Object is locked skipped
C:\a223630\mst120.dll Object is locked skipped
C:\a223630\mst123.dll Object is locked skipped
C:\a223630\mstask.dll Object is locked skipped
C:\a223630\mstee.sys Object is locked skipped
C:\a223630\mstext40.dll Object is locked skipped
C:\a223630\mstime.dll Object is locked skipped
C:\a223630\mstinit.exe Object is locked skipped
C:\a223630\mstsc.exe Object is locked skipped
C:\a223630\mstscax.dll Object is locked skipped
C:\a223630\mstsweb.cat Object is locked skipped
C:\a223630\msuni11.dll Object is locked skipped
C:\a223630\msutb.dll Object is locked skipped
C:\a223630\msv1_0.dll Object is locked skipped
C:\a223630\msvcp60.dll Object is locked skipped
C:\a223630\msvcrt.dll Object is locked skipped
C:\a223630\msvfw32.dll Object is locked skipped
C:\a223630\msvidctl.dll Object is locked skipped
C:\a223630\mswebdvd.dll Object is locked skipped
C:\a223630\msxactps.dll Object is locked skipped
C:\a223630\msxbde40.dll Object is locked skipped
C:\a223630\msxml2.dll Object is locked skipped
C:\a223630\msxml3.dll Object is locked skipped
C:\a223630\muisetup.exe Object is locked skipped
C:\a223630\mup.sys Object is locked skipped
C:\a223630\mutohpen.sys Object is locked skipped
C:\a223630\nac.dll Object is locked skipped
C:\a223630\ncobjapi.dll Object is locked skipped
C:\a223630\ncprov.dll Object is locked skipped
C:\a223630\nddenb32.dll Object is locked skipped
C:\a223630\ndis.sys Object is locked skipped
C:\a223630\ndisnpp.dll Object is locked skipped
C:\a223630\ndisuio.sys Object is locked skipped
C:\a223630\ndiswan.sys Object is locked skipped
C:\a223630\net.exe Object is locked skipped
C:\a223630\net1.exe Object is locked skipped
C:\a223630\netapi32.dll Object is locked skipped
C:\a223630\netbios.sys Object is locked skipped
C:\a223630\netbt.sys Object is locked skipped
C:\a223630\netcfgx.dll Object is locked skipped
C:\a223630\netdde.exe Object is locked skipped
C:\a223630\netklsi.inf Object is locked skipped
C:\a223630\netlogon.dll Object is locked skipped
C:\a223630\netman.dll Object is locked skipped
C:\a223630\netnm.inf Object is locked skipped
C:\a223630\netoc.dll Object is locked skipped
C:\a223630\netplwiz.dll Object is locked skipped
C:\a223630\netrtsnt.inf Object is locked skipped
C:\a223630\netsetup.exe Object is locked skipped
C:\a223630\netshell.dll Object is locked skipped
C:\a223630\netwlan.inf Object is locked skipped
C:\a223630\netwlan2.inf Object is locked skipped
C:\a223630\netwlan5.img Object is locked skipped
C:\a223630\netwlan5.sys Object is locked skipped
C:\a223630\netwv48.inf Object is locked skipped
C:\a223630\new\apph_sp.sdb Object is locked skipped
C:\a223630\new\apps_sp.chm Object is locked skipped
C:\a223630\new\ati2dvaa.dll Object is locked skipped
C:\a223630\new\ati2dvag.dll Object is locked skipped
C:\a223630\new\ati2mtaa.sys Object is locked skipped
C:\a223630\new\ati2mtag.sys Object is locked skipped
C:\a223630\new\ati3d1ag.dll Object is locked skipped
C:\a223630\new\ati3d2ag.dll Object is locked skipped
C:\a223630\new\atiixpaa.inf Object is locked skipped
C:\a223630\new\atiixpag.inf Object is locked skipped
C:\a223630\new\atinbtxx.sys Object is locked skipped
C:\a223630\new\atinmdxx.sys Object is locked skipped
C:\a223630\new\atinpdxx.sys Object is locked skipped
C:\a223630\new\atinraxx.sys Object is locked skipped
C:\a223630\new\atinrvxx.sys Object is locked skipped
C:\a223630\new\atinsnxx.sys Object is locked skipped
C:\a223630\new\atinttxx.sys Object is locked skipped
C:\a223630\new\atintuxx.sys Object is locked skipped
C:\a223630\new\atinxbxx.sys Object is locked skipped
C:\a223630\new\atinxsxx.sys Object is locked skipped
C:\a223630\new\ativdaxx.ax Object is locked skipped
C:\a223630\new\ativmvxx.ax Object is locked skipped
C:\a223630\new\atixpwdm.inf Object is locked skipped
C:\a223630\new\c_28603.nls Object is locked skipped
C:\a223630\new\dsprpres.dll Object is locked skipped
C:\a223630\new\encapi.dll Object is locked skipped
C:\a223630\new\encdec.dll Object is locked skipped
C:\a223630\new\faxpatch.exe Object is locked skipped
C:\a223630\new\hccoin.dll Object is locked skipped
C:\a223630\new\hidir.sys Object is locked skipped
C:\a223630\new\hscupd.exe Object is locked skipped
C:\a223630\new\irbus.inf Object is locked skipped
C:\a223630\new\medctrro.exe Object is locked skipped
C:\a223630\new\msctfime.ime Object is locked skipped
C:\a223630\new\msftedit.dll Object is locked skipped
C:\a223630\new\mssap.dll Object is locked skipped
C:\a223630\new\mutohpen.sys Object is locked skipped
C:\a223630\new\netbeac.inf Object is locked skipped
C:\a223630\new\nettun.inf Object is locked skipped
C:\a223630\new\nv4_disp.inf Object is locked skipped
C:\a223630\new\nvct.inf Object is locked skipped
C:\a223630\new\nvdm.inf Object is locked skipped
C:\a223630\new\nvts.inf Object is locked skipped
C:\a223630\new\oeaccess.inf Object is locked skipped
C:\a223630\new\osloader.ntd Object is locked skipped
C:\a223630\new\ramdisk.inf Object is locked skipped
C:\a223630\new\sbe.dll Object is locked skipped
C:\a223630\new\sbeio.dll Object is locked skipped
C:\a223630\new\smtpsvc.dll Object is locked skipped
C:\a223630\new\snchk.exe Object is locked skipped
C:\a223630\new\sp1.cab Object is locked skipped
C:\a223630\new\spgrmr.dll Object is locked skipped
C:\a223630\new\usbehci.sys Object is locked skipped
C:\a223630\new\wacompen.sys Object is locked skipped
C:\a223630\new\winbrand.dll Object is locked skipped
C:\a223630\new\winhttp.dll Object is locked skipped
C:\a223630\new\wmaccess.inf Object is locked skipped
C:\a223630\new\wmpocm.inf Object is locked skipped
C:\a223630\new\wmvcore2.dll Object is locked skipped
C:\a223630\new\wuau.adm Object is locked skipped
C:\a223630\new\xpsp1res.dll Object is locked skipped
C:\a223630\newdev.dll Object is locked skipped
C:\a223630\neweula.htm Object is locked skipped
C:\a223630\nic1394.sys Object is locked skipped
billybob0626
2007-08-25, 01:49
here is the second part of the scan.
C:\a223630\nlhtml.dll Object is locked skipped
C:\a223630\nmas.dll Object is locked skipped
C:\a223630\nmasnt.dll Object is locked skipped
C:\a223630\nmchat.dll Object is locked skipped
C:\a223630\nmcom.dll Object is locked skipped
C:\a223630\nmft.dll Object is locked skipped
C:\a223630\nmmkcert.dll Object is locked skipped
C:\a223630\nmnt.sys Object is locked skipped
C:\a223630\nmoldwb.dll Object is locked skipped
C:\a223630\nmwb.dll Object is locked skipped
C:\a223630\npdrmv2.dll Object is locked skipped
C:\a223630\npdsplay.dll Object is locked skipped
C:\a223630\nppagent.exe Object is locked skipped
C:\a223630\npptools.dll Object is locked skipped
C:\a223630\npwmsdrm.dll Object is locked skipped
C:\a223630\nt5.cat Object is locked skipped
C:\a223630\ntdetect.com Object is locked skipped
C:\a223630\ntdll.dll Object is locked skipped
C:\a223630\ntfs.sys Object is locked skipped
C:\a223630\ntio.sys Object is locked skipped
C:\a223630\ntkrnlmp.exe Object is locked skipped
C:\a223630\ntkrnlpa.exe Object is locked skipped
C:\a223630\ntkrpamp.exe Object is locked skipped
C:\a223630\ntlanman.dll Object is locked skipped
C:\a223630\ntldr Object is locked skipped
C:\a223630\ntmarta.dll Object is locked skipped
C:\a223630\ntmsapi.dll Object is locked skipped
C:\a223630\ntmsdba.dll Object is locked skipped
C:\a223630\ntmssvc.dll Object is locked skipped
C:\a223630\ntoskrnl.exe Object is locked skipped
C:\a223630\ntprint.cat Object is locked skipped
C:\a223630\ntprint.dll Object is locked skipped
C:\a223630\ntshrui.dll Object is locked skipped
C:\a223630\ntvdm.exe Object is locked skipped
C:\a223630\nv4_disp.dll Object is locked skipped
C:\a223630\nv4_mini.sys Object is locked skipped
C:\a223630\nwprovau.dll Object is locked skipped
C:\a223630\oakley.dll Object is locked skipped
C:\a223630\obeip.dun Object is locked skipped
C:\a223630\ocgen.dll Object is locked skipped
C:\a223630\ocmsn.dll Object is locked skipped
C:\a223630\odbc32.dll Object is locked skipped
C:\a223630\odbc32gt.dll Object is locked skipped
C:\a223630\odbcad32.exe Object is locked skipped
C:\a223630\odbcbcp.dll Object is locked skipped
C:\a223630\odbcconf.dll Object is locked skipped
C:\a223630\odbcconf.exe Object is locked skipped
C:\a223630\odbcconf.rsp Object is locked skipped
C:\a223630\odbccp32.dll Object is locked skipped
C:\a223630\odbccr32.dll Object is locked skipped
C:\a223630\odbccu32.dll Object is locked skipped
C:\a223630\odbcp32r.dll Object is locked skipped
C:\a223630\odbctrac.dll Object is locked skipped
C:\a223630\offfilt.dll Object is locked skipped
C:\a223630\ohci1394.sys Object is locked skipped
C:\a223630\ole32.dll Object is locked skipped
C:\a223630\oleaut32.dll Object is locked skipped
C:\a223630\oledb32.dll Object is locked skipped
C:\a223630\oleprn.dll Object is locked skipped
C:\a223630\oobebaln.exe Object is locked skipped
C:\a223630\opengl32.dll Object is locked skipped
C:\a223630\oschoice.exe Object is locked skipped
C:\a223630\osk.exe Object is locked skipped
C:\a223630\osloader.exe Object is locked skipped
C:\a223630\p3.sys Object is locked skipped
C:\a223630\packager.exe Object is locked skipped
C:\a223630\page1.asp Object is locked skipped
C:\a223630\parport.sys Object is locked skipped
C:\a223630\pautoenr.dll Object is locked skipped
C:\a223630\pchshell.dll Object is locked skipped
C:\a223630\pchsvc.dll Object is locked skipped
C:\a223630\pci.sys Object is locked skipped
C:\a223630\pciidex.sys Object is locked skipped
C:\a223630\pcmcia.sys Object is locked skipped
C:\a223630\pcx500.sys Object is locked skipped
C:\a223630\pdh.dll Object is locked skipped
C:\a223630\perm2.sys Object is locked skipped
C:\a223630\perm2dll.dll Object is locked skipped
C:\a223630\perm3.sys Object is locked skipped
C:\a223630\perm3dd.dll Object is locked skipped
C:\a223630\phone.icw Object is locked skipped
C:\a223630\phone.inf Object is locked skipped
C:\a223630\phone.obe Object is locked skipped
C:\a223630\pid.dll Object is locked skipped
C:\a223630\ping.exe Object is locked skipped
C:\a223630\pngfilt.dll Object is locked skipped
C:\a223630\popc.dll Object is locked skipped
C:\a223630\portcls.sys Object is locked skipped
C:\a223630\ppa3.sys Object is locked skipped
C:\a223630\printui.dll Object is locked skipped
C:\a223630\privacy.hta Object is locked skipped
C:\a223630\processr.sys Object is locked skipped
C:\a223630\proctexe.ocx Object is locked skipped
C:\a223630\ps5ui.dll Object is locked skipped
C:\a223630\psapi.dll Object is locked skipped
C:\a223630\psbase.dll Object is locked skipped
C:\a223630\psched.sys Object is locked skipped
C:\a223630\pscript5.dll Object is locked skipped
C:\a223630\ptpusd.dll Object is locked skipped
C:\a223630\qcap.dll Object is locked skipped
C:\a223630\qdvd.dll Object is locked skipped
C:\a223630\qedit.dll Object is locked skipped
C:\a223630\qmgr.dll Object is locked skipped
C:\a223630\qmgrprxy.dll Object is locked skipped
C:\a223630\quartz.dll Object is locked skipped
C:\a223630\query.dll Object is locked skipped
C:\a223630\ramdisk.sys Object is locked skipped
C:\a223630\rasapi32.dll Object is locked skipped
C:\a223630\raschap.dll Object is locked skipped
C:\a223630\rasdlg.dll Object is locked skipped
C:\a223630\rasl2tp.sys Object is locked skipped
C:\a223630\rasman.dll Object is locked skipped
C:\a223630\rasmans.dll Object is locked skipped
C:\a223630\rasppp.dll Object is locked skipped
C:\a223630\raspptp.sys Object is locked skipped
C:\a223630\rassapi.dll Object is locked skipped
C:\a223630\rastapi.dll Object is locked skipped
C:\a223630\rastls.dll Object is locked skipped
C:\a223630\rcimlby.exe Object is locked skipped
C:\a223630\rdbss.sys Object is locked skipped
C:\a223630\rdchost.dll Object is locked skipped
C:\a223630\rdpclip.exe Object is locked skipped
C:\a223630\rdpdd.dll Object is locked skipped
C:\a223630\rdpdr.sys Object is locked skipped
C:\a223630\rdpsnd.dll Object is locked skipped
C:\a223630\rdpwd.sys Object is locked skipped
C:\a223630\rdpwsx.dll Object is locked skipped
C:\a223630\rdsaddin.exe Object is locked skipped
C:\a223630\redbook.sys Object is locked skipped
C:\a223630\redir.exe Object is locked skipped
C:\a223630\reg.exe Object is locked skipped
C:\a223630\regapi.dll Object is locked skipped
C:\a223630\regedit.exe Object is locked skipped
C:\a223630\remotepg.dll Object is locked skipped
C:\a223630\repdrvfs.dll Object is locked skipped
C:\a223630\riched20.dll Object is locked skipped
C:\a223630\rpcrt4.dll Object is locked skipped
C:\a223630\rpcss.dll Object is locked skipped
C:\a223630\rrcm.dll Object is locked skipped
C:\a223630\rsaenh.dll Object is locked skipped
C:\a223630\rshx32.dll Object is locked skipped
C:\a223630\rstrui.exe Object is locked skipped
C:\a223630\rtcdll.dll Object is locked skipped
C:\a223630\rtcshare.exe Object is locked skipped
C:\a223630\runonce.exe Object is locked skipped
C:\a223630\samlib.dll Object is locked skipped
C:\a223630\sapi.cpl Object is locked skipped
C:\a223630\sapi.dll Object is locked skipped
C:\a223630\savedump.exe Object is locked skipped
C:\a223630\sbp2port.sys Object is locked skipped
C:\a223630\sccbase.dll Object is locked skipped
C:\a223630\sccsccp.dll Object is locked skipped
C:\a223630\scecli.dll Object is locked skipped
C:\a223630\scesrv.dll Object is locked skipped
C:\a223630\schannel.dll Object is locked skipped
C:\a223630\schedsvc.dll Object is locked skipped
C:\a223630\script.dll Object is locked skipped
C:\a223630\script_a.dll Object is locked skipped
C:\a223630\scrnsave.scr Object is locked skipped
C:\a223630\scsiport.sys Object is locked skipped
C:\a223630\sdbinst.exe Object is locked skipped
C:\a223630\secur32.dll Object is locked skipped
C:\a223630\sens.dll Object is locked skipped
C:\a223630\sensapi.dll Object is locked skipped
C:\a223630\serial.sys Object is locked skipped
C:\a223630\sessmgr.exe Object is locked skipped
billybob0626
2007-08-25, 01:54
Here is the third part of the scan. It tells me this is too long so i will also send a fourth and final part of the scan.
C:\a223630\setup.exe Object is locked skipped
C:\a223630\setup50.exe Object is locked skipped
C:\a223630\setupapi.dll Object is locked skipped
C:\a223630\setupqry.dll Object is locked skipped
C:\a223630\setupqry.inf Object is locked skipped
C:\a223630\setup_wm.exe Object is locked skipped
C:\a223630\sfcfiles.dll Object is locked skipped
C:\a223630\sfc_os.dll Object is locked skipped
C:\a223630\sfloppy.sys Object is locked skipped
C:\a223630\shdocvw.dll Object is locked skipped
C:\a223630\shell32.dll Object is locked skipped
C:\a223630\shfolder.dll Object is locked skipped
C:\a223630\shgina.dll Object is locked skipped
C:\a223630\shimeng.dll Object is locked skipped
C:\a223630\shimgvw.dll Object is locked skipped
C:\a223630\shlwapi.dll Object is locked skipped
C:\a223630\shmgrate.exe Object is locked skipped
C:\a223630\shsvcs.dll Object is locked skipped
C:\a223630\shtml.dll Object is locked skipped
C:\a223630\shtml.exe Object is locked skipped
C:\a223630\sigtab.dll Object is locked skipped
C:\a223630\sigverif.exe Object is locked skipped
C:\a223630\simpdata.tlb Object is locked skipped
C:\a223630\skeys.exe Object is locked skipped
C:\a223630\sla30nd5.sys Object is locked skipped
C:\a223630\slayerxp.dll Object is locked skipped
C:\a223630\sl_anet.acm Object is locked skipped
C:\a223630\smbali.sys Object is locked skipped
C:\a223630\smbbatt.sys Object is locked skipped
C:\a223630\smbclass.sys Object is locked skipped
C:\a223630\smi2smir.exe Object is locked skipped
C:\a223630\smlogcfg.dll Object is locked skipped
C:\a223630\smlogsvc.exe Object is locked skipped
C:\a223630\smss.exe Object is locked skipped
C:\a223630\snmp.exe Object is locked skipped
C:\a223630\snmpapi.dll Object is locked skipped
C:\a223630\snmpcl.dll Object is locked skipped
C:\a223630\snmpincl.dll Object is locked skipped
C:\a223630\snmpsmir.dll Object is locked skipped
C:\a223630\snmpthrd.dll Object is locked skipped
C:\a223630\softkbd.dll Object is locked skipped
C:\a223630\sonydcam.sys Object is locked skipped
C:\a223630\spider.exe Object is locked skipped
C:\a223630\splitter.sys Object is locked skipped
C:\a223630\spoolss.dll Object is locked skipped
C:\a223630\sptip.dll Object is locked skipped
C:\a223630\sqloledb.dll Object is locked skipped
C:\a223630\sqlsrv32.dll Object is locked skipped
C:\a223630\sqlxmlx.dll Object is locked skipped
C:\a223630\sr.sys Object is locked skipped
C:\a223630\srchui.dll Object is locked skipped
C:\a223630\srclient.dll Object is locked skipped
C:\a223630\srrstr.dll Object is locked skipped
C:\a223630\srsvc.dll Object is locked skipped
C:\a223630\ss3dfo.scr Object is locked skipped
C:\a223630\ssbezier.scr Object is locked skipped
C:\a223630\ssdpapi.dll Object is locked skipped
C:\a223630\ssdpsrv.dll Object is locked skipped
C:\a223630\ssflwbox.scr Object is locked skipped
C:\a223630\ssmarque.scr Object is locked skipped
C:\a223630\ssmyst.scr Object is locked skipped
C:\a223630\sspipes.scr Object is locked skipped
C:\a223630\ssstars.scr Object is locked skipped
C:\a223630\sstext3d.scr Object is locked skipped
C:\a223630\stdprov.dll Object is locked skipped
C:\a223630\sti.dll Object is locked skipped
C:\a223630\sti_ci.dll Object is locked skipped
C:\a223630\stobject.dll Object is locked skipped
C:\a223630\storprop.dll Object is locked skipped
C:\a223630\stream.sys Object is locked skipped
C:\a223630\strmdll.dll Object is locked skipped
C:\a223630\stub_fpsrvadm.exe Object is locked skipped
C:\a223630\stub_fpsrvwin.exe Object is locked skipped
C:\a223630\swflash.ocx Object is locked skipped
C:\a223630\sxs.dll Object is locked skipped
C:\a223630\sysaudio.sys Object is locked skipped
C:\a223630\sysdm.cpl Object is locked skipped
C:\a223630\sysmain.sdb Object is locked skipped
C:\a223630\sysmod.dll Object is locked skipped
C:\a223630\sysmod_a.dll Object is locked skipped
C:\a223630\sysmon.ocx Object is locked skipped
C:\a223630\syssetup.dll Object is locked skipped
C:\a223630\tahoma.ttf Object is locked skipped
C:\a223630\tahomabd.ttf Object is locked skipped
C:\a223630\tape.sys Object is locked skipped
C:\a223630\tapi32.dll Object is locked skipped
C:\a223630\tapisrv.dll Object is locked skipped
C:\a223630\taskmgr.exe Object is locked skipped
C:\a223630\tcpip.sys Object is locked skipped
C:\a223630\tcpip6.sys Object is locked skipped
C:\a223630\tcptest.exe Object is locked skipped
C:\a223630\tcptsat.dll Object is locked skipped
C:\a223630\telnet.exe Object is locked skipped
C:\a223630\termdd.sys Object is locked skipped
C:\a223630\termsrv.dll Object is locked skipped
C:\a223630\tffsport.sys Object is locked skipped
C:\a223630\themeui.dll Object is locked skipped
C:\a223630\times.ttf Object is locked skipped
C:\a223630\tracert.exe Object is locked skipped
C:\a223630\trebuc.ttf Object is locked skipped
C:\a223630\triedit.dll Object is locked skipped
C:\a223630\trkwks.dll Object is locked skipped
C:\a223630\tscfgwmi.dll Object is locked skipped
C:\a223630\tscfgwmi.mfl Object is locked skipped
C:\a223630\tscfgwmi.mof Object is locked skipped
C:\a223630\tscupgrd.exe Object is locked skipped
C:\a223630\tshoot.chm Object is locked skipped
C:\a223630\tsoc.dll Object is locked skipped
C:\a223630\tsweb1.htm Object is locked skipped
C:\a223630\tunmp.sys Object is locked skipped
C:\a223630\udfs.sys Object is locked skipped
C:\a223630\udhisapi.dll Object is locked skipped
C:\a223630\ui.mar Object is locked skipped
billybob0626
2007-08-25, 01:55
Here is the fourth part of the scan.
C:\a223630\umandlg.dll Object is locked skipped
C:\a223630\umpnpmgr.dll Object is locked skipped
C:\a223630\unidrv.dll Object is locked skipped
C:\a223630\unidrvui.dll Object is locked skipped
C:\a223630\unregmp2.exe Object is locked skipped
C:\a223630\untfs.dll Object is locked skipped
C:\a223630\upnp.dll Object is locked skipped
C:\a223630\upnphost.dll Object is locked skipped
C:\a223630\upnpui.dll Object is locked skipped
C:\a223630\ups.exe Object is locked skipped
C:\a223630\url.dll Object is locked skipped
C:\a223630\urlmon.dll Object is locked skipped
C:\a223630\usb101et.sys Object is locked skipped
C:\a223630\usbaudio.sys Object is locked skipped
C:\a223630\usbccgp.sys Object is locked skipped
C:\a223630\usbehci.sys Object is locked skipped
C:\a223630\usbhub.sys Object is locked skipped
C:\a223630\usbintel.sys Object is locked skipped
C:\a223630\usbohci.sys Object is locked skipped
C:\a223630\usbport.sys Object is locked skipped
C:\a223630\usbprint.sys Object is locked skipped
C:\a223630\usbscan.sys Object is locked skipped
C:\a223630\usbstor.sys Object is locked skipped
C:\a223630\usbuhci.sys Object is locked skipped
C:\a223630\user32.dll Object is locked skipped
C:\a223630\userenv.dll Object is locked skipped
C:\a223630\userinit.exe Object is locked skipped
C:\a223630\usmtdef.inf Object is locked skipped
C:\a223630\usp10.dll Object is locked skipped
C:\a223630\utilman.exe Object is locked skipped
C:\a223630\uxtheme.dll Object is locked skipped
C:\a223630\vbisurf.ax Object is locked skipped
C:\a223630\vbscript.dll Object is locked skipped
C:\a223630\vdmredir.dll Object is locked skipped
C:\a223630\verdana.ttf Object is locked skipped
C:\a223630\vfwwdm32.dll Object is locked skipped
C:\a223630\vga.sys Object is locked skipped
C:\a223630\vgx.dll Object is locked skipped
C:\a223630\viaide.sys Object is locked skipped
C:\a223630\videoprt.sys Object is locked skipped
C:\a223630\vssapi.dll Object is locked skipped
C:\a223630\w32time.dll Object is locked skipped
C:\a223630\w95upgnt.dll Object is locked skipped
C:\a223630\wab32.dll Object is locked skipped
C:\a223630\wab32res.dll Object is locked skipped
C:\a223630\wacompen.sys Object is locked skipped
C:\a223630\watchdog.sys Object is locked skipped
C:\a223630\wbemcomn.dll Object is locked skipped
C:\a223630\wbemcore.dll Object is locked skipped
C:\a223630\wbemess.dll Object is locked skipped
C:\a223630\wbemprox.dll Object is locked skipped
C:\a223630\wbemupgd.dll Object is locked skipped
C:\a223630\wdmaud.sys Object is locked skipped
C:\a223630\wdma_ali.inf Object is locked skipped
C:\a223630\wdma_int.inf Object is locked skipped
C:\a223630\wdma_via.inf Object is locked skipped
C:\a223630\webcheck.dll Object is locked skipped
C:\a223630\webclnt.dll Object is locked skipped
C:\a223630\webfldrs.msi Object is locked skipped
C:\a223630\webvw.dll Object is locked skipped
C:\a223630\wextract.exe Object is locked skipped
C:\a223630\wiadss.dll Object is locked skipped
C:\a223630\wiaservc.dll Object is locked skipped
C:\a223630\win32k.sys Object is locked skipped
C:\a223630\win32spl.dll Object is locked skipped
C:\a223630\winhlp32.exe Object is locked skipped
C:\a223630\wininet.dll Object is locked skipped
C:\a223630\winlogon.exe Object is locked skipped
C:\a223630\winmm.dll Object is locked skipped
C:\a223630\winspool.drv Object is locked skipped
C:\a223630\winsrv.dll Object is locked skipped
C:\a223630\winsta.dll Object is locked skipped
C:\a223630\wldap32.dll Object is locked skipped
C:\a223630\wlluc48.sys Object is locked skipped
C:\a223630\wlnotify.dll Object is locked skipped
C:\a223630\wmadmod.dll Object is locked skipped
C:\a223630\wmadmoe.dll Object is locked skipped
C:\a223630\wmasf.dll Object is locked skipped
C:\a223630\wmerrenu.dll Object is locked skipped
C:\a223630\wmi.mof Object is locked skipped
C:\a223630\wmicookr.dll Object is locked skipped
C:\a223630\wmidcprv.dll Object is locked skipped
C:\a223630\wmidx.ocx Object is locked skipped
C:\a223630\wmipcima.dll Object is locked skipped
C:\a223630\wmiprov.dll Object is locked skipped
C:\a223630\wmiprvsd.dll Object is locked skipped
C:\a223630\wmiprvse.exe Object is locked skipped
C:\a223630\wmipsess.dll Object is locked skipped
C:\a223630\wmisvc.dll Object is locked skipped
C:\a223630\wmiutils.dll Object is locked skipped
C:\a223630\wmmfilt.dll Object is locked skipped
C:\a223630\wmmres.dll Object is locked skipped
C:\a223630\wmmutil.dll Object is locked skipped
C:\a223630\wmnetmgr.dll Object is locked skipped
C:\a223630\wmp.inf Object is locked skipped
C:\a223630\wmp.ocx Object is locked skipped
C:\a223630\wmpcd.dll Object is locked skipped
C:\a223630\wmpcore.dll Object is locked skipped
C:\a223630\wmplayer.exe Object is locked skipped
C:\a223630\wmploc.dll Object is locked skipped
C:\a223630\wmpshell.dll Object is locked skipped
C:\a223630\wmpstub.exe Object is locked skipped
C:\a223630\wmpui.dll Object is locked skipped
C:\a223630\wmpvis.dll Object is locked skipped
C:\a223630\wmsdmod.dll Object is locked skipped
C:\a223630\wmsdmoe.dll Object is locked skipped
C:\a223630\wmstream.dll Object is locked skipped
C:\a223630\wmv8dmod.dll Object is locked skipped
C:\a223630\wmv8ds32.ax Object is locked skipped
C:\a223630\wmvcore.dll Object is locked skipped
C:\a223630\wmvdmod.dll Object is locked skipped
C:\a223630\wmvdmoe.dll Object is locked skipped
C:\a223630\wmvds32.ax Object is locked skipped
C:\a223630\wordpad.exe Object is locked skipped
C:\a223630\wow32.dll Object is locked skipped
C:\a223630\wship6.dll Object is locked skipped
C:\a223630\wsnmp32.dll Object is locked skipped
C:\a223630\wtsapi32.dll Object is locked skipped
C:\a223630\wuauclt.exe Object is locked skipped
C:\a223630\wuaueng.dll Object is locked skipped
C:\a223630\wuauserv.dll Object is locked skipped
C:\a223630\wzcdlg.dll Object is locked skipped
C:\a223630\wzcsapi.dll Object is locked skipped
C:\a223630\wzcsvc.dll Object is locked skipped
C:\a223630\xactsrv.dll Object is locked skipped
C:\a223630\zipfldr.dll Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\OneCare Protection\Support\MPLog-06092007-234105.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Protection Service\edb.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Protection Service\edbtmp.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Protection Service\MPSSVCPolicyIdLog.etl Object is locked skipped
C:\Documents and Settings\Bill and Shirley\Cookies\INDEX.DAT Object is locked skipped
C:\Documents and Settings\Bill and Shirley\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped
C:\Documents and Settings\Bill and Shirley\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Bill and Shirley\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Bill and Shirley\Local Settings\History\History.IE5\INDEX.DAT Object is locked skipped
C:\Documents and Settings\Bill and Shirley\Local Settings\History\History.IE5\MSHist012007082520070826\index.dat Object is locked skipped
C:\Documents and Settings\Bill and Shirley\Local Settings\Temp\hpodvd09.log Object is locked skipped
C:\Documents and Settings\Bill and Shirley\Local Settings\Temp\~DF7647.tmp Object is locked skipped
C:\Documents and Settings\Bill and Shirley\Local Settings\Temp\~DF7782.tmp Object is locked skipped
C:\Documents and Settings\Bill and Shirley\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\Bill and Shirley\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Bill and Shirley\ntuser.dat Object is locked skipped
C:\Documents and Settings\Bill and Shirley\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\Bill and Shirley\UserData\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\INDEX.DAT Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\INDEX.DAT Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Microsoft Windows OneCare Live\ClientSD\Ent.dat Object is locked skipped
C:\Program Files\Microsoft Windows OneCare Live\ClientSD\prov\prov.xml Object is locked skipped
C:\Program Files\Microsoft Windows OneCare Live\ClientSD\prov\Service.xml Object is locked skipped
C:\Program Files\Microsoft Windows OneCare Live\ClientSD\prov\service.xml.bak Object is locked skipped
C:\Program Files\Microsoft Windows OneCare Live\ClientSD\prov\user.xml Object is locked skipped
C:\Program Files\Microsoft Windows OneCare Live\ClientSD\prov\user.xml.bak Object is locked skipped
C:\Program Files\Microsoft Windows OneCare Live\Database\edb.log Object is locked skipped
C:\Program Files\Microsoft Windows OneCare Live\Database\tmp.edb Object is locked skipped
C:\Program Files\Microsoft Windows OneCare Live\Database\WinSS_st.edb Object is locked skipped
C:\Program Files\Microsoft Windows OneCare Live\onecaremp_log.bin Object is locked skipped
C:\Program Files\Microsoft Windows OneCare Live\WinSSSvc_log.bin Object is locked skipped
C:\System Volume Information\_restore{E87A81FB-FDCF-4B92-A20C-951710F82D7C}\RP1478\change.log Object is locked skipped
C:\WINDOWS\$NtUninstallKB824141$\kb824141.cat Object is locked skipped
C:\WINDOWS\$NtUninstallKB824141$\user32.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB824141$\win32k.sys Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\accwiz.exe Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\cryptsvc.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\locator.exe Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\magnify.exe Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\migwiz.exe Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\narrator.exe Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\newdev.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\osk.exe Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\pchshell.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828035$\kb828035.cat Object is locked skipped
C:\WINDOWS\$NtUninstallKB828035$\msgsvc.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828035$\wkssvc.dll Object is locked skipped
C:\WINDOWS\$NtUninstallQ329048$\reg00001 Object is locked skipped
C:\WINDOWS\$NtUninstallQ329390$\reg00001 Object is locked skipped
C:\WINDOWS\$NtUninstallQ329834$\reg00001 Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\SYSTEM32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\SYSTEM32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\AppEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\Internet.evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\MSFWSVC.evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SAM Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SAM.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SecEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SECURITY Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SECURITY.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SysEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\Windows_OneCare_Evt.evt Object is locked skipped
C:\WINDOWS\SYSTEM32\H323LOG.TXT Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\temp\Perflib_Perfdata_6c0.dat Object is locked skipped
C:\WINDOWS\WIADEBUG.LOG Object is locked skipped
C:\WINDOWS\WIASERVC.LOG Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
F:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
Scan process completed.
Thank you for all of your help and patience.
pskelley
2007-08-25, 02:04
Do you understand Kaspersky is reporting no infections?
What is this stuff: C:\a223630\ <<< open the folder and see what it is. The few files I have googled appear to be valid.
Everything I am seeing from the Kaspersky scan is in that same folder on your C:\ what is the stuff?
Scan Statistics
Total number of scanned objects 68136
Number of viruses found 0
Number of infected objects 0
Number of suspicious objects 0
Duration of the scan process 03:23:59
Here are free online scanners if you need them:
http://virusscan.jotti.org/
http://www.kaspersky.com/scanforvirus
http://www.virustotal.com/
_______________________________________________________
Here are the instructions I post with Kaspersky:
Run this online scan using Internet Explorer:
Kaspersky Online Scanner from http://www.kaspersky.com/virusscanner
Next Click on Launch Kaspersky Online Scanner
You will be prompted to install an ActiveX component from Kaspersky, Click Yes.
* The program will launch and then begin downloading the latest definition files:
* Once the files have been downloaded click on NEXT
* Now click on Scan Settings
* In the scan settings make that the following are selected:
* Scan using the following Anti-Virus database:
* Standard
* Scan Options:
* Scan Archives
* Scan Mail Bases
* Click OK
* Now under select a target to scan:
* Select My Computer
* This will program will start and scan your system.
* The scan will take a while so be patient and let it run.
* Once the scan is complete it will display if your system has been infected.
* Now click on the Save as Text button:
* Save the file to your desktop.
Then post it here.
____________________________________
Thanks
billybob0626
2007-08-25, 02:45
Thank you again for your response. I noticed that Kaspersky reported no infections.
I do not know what this a223630 folder is. There are several sub-folders that tell me access is denied when I try to open them. They are: download, ip, lang, and new. There are dozens of othe files that appear to be different types of system files. I cannot acces these files. If I attempt to open them they say something to the effect invalid path or not proper path. There is a large number of these files. What if anything should i do with that folder?
This morning when i ran the Kaspersky scan it took more than three hours. I will wait for a response about this folder before i run the Kaspersky scan from the above link.
Thank you for your patient assistance.
pskelley
2007-08-25, 03:05
Thanks for the feedback, please understand that there is only so much I can do from here. My first question would be, is this your computer?
I have no idea what that folder is and it very well may be valid? You need to sign in as administrator, boot to safe mode, or do whatever you have to do to access that information and find out what it is. Here is information to help you take ownership of files and folders on your computer.
http://support.microsoft.com/kb/308421
Understand I have not been able to run any tool and nothing that I have seen has given me any information that I can use to advise you. You have options I can mention:
http://www.google.com/search?hl=en&q=reinstall+windows+XP&btnG=Search
and I am not totally sure if that would fix this problem.
http://spyware-free.us/tutorials/reformat/
http://www.cyberwalker.net/faqs/how-tos/reinstall-faq.html
http://helpdesk.its.uiowa.edu/windows/instructions/reformat.htm
that would surely fix all problems.
I can not say that a Kaspersky scan set the way I posted would give us the answers we need. It is just that we have none now.
Thanks
billybob0626
2007-08-25, 03:34
I understand the limitations since the tools you recomend cannot function on my computer. I am the administrator of this computer. Whatever that folder is the files were created in 1998. In any event I will run the Kaspersky as you posted it. Thank you for your help. Agin I understand the limited resources that are at hand.
pskelley
2007-08-25, 03:40
If they should show up in the Kaspersky scan results, please edit them out before you post.
Thanks
billybob0626
2007-08-25, 06:19
Here is the Kaspersky scan.
This is part 1
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
2007-08-25 20:19
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.93.0
Kaspersky Anti-Virus database last update: 25/08/2007
Kaspersky Anti-Virus database records: 389685
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\
Scan Statistics:
Total number of scanned objects: 68543
Number of viruses found: 0
Number of infected objects: 0
Number of suspicious objects: 0
Duration of the scan process: 02:31:10
Infected Object Name / Virus Name / Last Action
C:\a223630\laprxy.dll Object is locked skipped
C:\a223630\lcladvd.xml Object is locked skipped
C:\a223630\lcldocs.xml Object is locked skipped
C:\a223630\license.chm Object is locked skipped
C:\a223630\licmgr10.dll Object is locked skipped
C:\a223630\licwmi.dll Object is locked skipped
C:\a223630\licwmi.mof Object is locked skipped
C:\a223630\lmrt.dll Object is locked skipped
C:\a223630\locale.nls Object is locked skipped
C:\a223630\localspl.dll Object is locked skipped
C:\a223630\localui.dll Object is locked skipped
C:\a223630\log.dll Object is locked skipped
C:\a223630\logagent.exe Object is locked skipped
C:\a223630\logon.scr Object is locked skipped
C:\a223630\logonmgr.dll Object is locked skipped
C:\a223630\logonui.exe Object is locked skipped
C:\a223630\lsasrv.dll Object is locked skipped
C:\a223630\lsass.exe Object is locked skipped
C:\a223630\ltmdmnt.sys Object is locked skipped
C:\a223630\ltmdmntt.sys Object is locked skipped
C:\a223630\ltotape.sys Object is locked skipped
C:\a223630\lwadihid.sys Object is locked skipped
C:\a223630\mail.mar Object is locked skipped
C:\a223630\manifest.xml Object is locked skipped
C:\a223630\market.mar Object is locked skipped
C:\a223630\mdmetech.inf Object is locked skipped
C:\a223630\mdmlt3.inf Object is locked skipped
C:\a223630\mdmrpci.inf Object is locked skipped
C:\a223630\mdmsuprv.inf Object is locked skipped
C:\a223630\memstpci.sys Object is locked skipped
C:\a223630\migapp.inf Object is locked skipped
C:\a223630\migism.dll Object is locked skipped
C:\a223630\migism.inf Object is locked skipped
C:\a223630\migism_a.dll Object is locked skipped
C:\a223630\migload.exe Object is locked skipped
C:\a223630\migrate.js Object is locked skipped
C:\a223630\migrate.obe Object is locked skipped
C:\a223630\migsys.inf Object is locked skipped
C:\a223630\migwiz.exe Object is locked skipped
C:\a223630\migwiz.inf Object is locked skipped
C:\a223630\migwiz_a.exe Object is locked skipped
C:\a223630\mindex.dll Object is locked skipped
C:\a223630\mmcndmgr.dll Object is locked skipped
C:\a223630\mnmdd.dll Object is locked skipped
C:\a223630\mobsync.dll Object is locked skipped
C:\a223630\mofcomp.exe Object is locked skipped
C:\a223630\mofd.dll Object is locked skipped
C:\a223630\moricons.dll Object is locked skipped
C:\a223630\mouclass.sys Object is locked skipped
C:\a223630\moviemk.exe Object is locked skipped
C:\a223630\mpg2splt.ax Object is locked skipped
C:\a223630\mpg4dmod.dll Object is locked skipped
C:\a223630\mpg4ds32.ax Object is locked skipped
C:\a223630\mplay32.exe Object is locked skipped
C:\a223630\mplayer2.exe Object is locked skipped
C:\a223630\mrxsmb.sys Object is locked skipped
C:\a223630\msadce.dll Object is locked skipped
C:\a223630\msadcf.dll Object is locked skipped
C:\a223630\msadco.dll Object is locked skipped
C:\a223630\msadcs.dll Object is locked skipped
C:\a223630\msadds.dll Object is locked skipped
C:\a223630\msadds32.ax Object is locked skipped
C:\a223630\msado15.dll Object is locked skipped
C:\a223630\msado20.tlb Object is locked skipped
C:\a223630\msado21.tlb Object is locked skipped
C:\a223630\msado25.tlb Object is locked skipped
C:\a223630\msado26.tlb Object is locked skipped
C:\a223630\msadomd.dll Object is locked skipped
C:\a223630\msador15.dll Object is locked skipped
C:\a223630\msadox.dll Object is locked skipped
C:\a223630\msadp32.acm Object is locked skipped
C:\a223630\msadrh15.dll Object is locked skipped
C:\a223630\msaud32.acm Object is locked skipped
C:\a223630\mscandui.dll Object is locked skipped
C:\a223630\mscms.dll Object is locked skipped
C:\a223630\msconf.dll Object is locked skipped
C:\a223630\msconfig.exe Object is locked skipped
C:\a223630\mscpx32r.dll Object is locked skipped
C:\a223630\msctf.dll Object is locked skipped
C:\a223630\msctfp.dll Object is locked skipped
C:\a223630\msdadc.dll Object is locked skipped
C:\a223630\msdaenum.dll Object is locked skipped
C:\a223630\msdaer.dll Object is locked skipped
C:\a223630\msdaipp.dll Object is locked skipped
C:\a223630\msdaora.dll Object is locked skipped
C:\a223630\msdaosp.dll Object is locked skipped
C:\a223630\msdaprst.dll Object is locked skipped
C:\a223630\msdaps.dll Object is locked skipped
C:\a223630\msdarem.dll Object is locked skipped
C:\a223630\msdart.dll Object is locked skipped
C:\a223630\msdasc.dll Object is locked skipped
C:\a223630\msdasql.dll Object is locked skipped
C:\a223630\msdatl3.dll Object is locked skipped
C:\a223630\msdatsrc.tlb Object is locked skipped
C:\a223630\msdatt.dll Object is locked skipped
C:\a223630\msdaurl.dll Object is locked skipped
C:\a223630\msdbx.dll Object is locked skipped
C:\a223630\msdfmap.dll Object is locked skipped
C:\a223630\msdtcprx.dll Object is locked skipped
C:\a223630\msdxm.ocx Object is locked skipped
C:\a223630\msdxmlc.dll Object is locked skipped
C:\a223630\msexch40.dll Object is locked skipped
C:\a223630\msexcl40.dll Object is locked skipped
C:\a223630\msgina.dll Object is locked skipped
C:\a223630\msgrocm.dll Object is locked skipped
C:\a223630\msgsc.dll Object is locked skipped
C:\a223630\msgslang.dll Object is locked skipped
C:\a223630\msh261.drv Object is locked skipped
C:\a223630\msh263.drv Object is locked skipped
C:\a223630\mshtml.dll Object is locked skipped
C:\a223630\mshtml.tlb Object is locked skipped
C:\a223630\mshtmled.dll Object is locked skipped
C:\a223630\mshtmler.dll Object is locked skipped
C:\a223630\msi.dll Object is locked skipped
C:\a223630\msieftp.dll Object is locked skipped
C:\a223630\msiexec.exe Object is locked skipped
C:\a223630\msihnd.dll Object is locked skipped
C:\a223630\msimain.sdb Object is locked skipped
C:\a223630\msimg32.dll Object is locked skipped
C:\a223630\msimn.exe Object is locked skipped
C:\a223630\msimtf.dll Object is locked skipped
C:\a223630\msisam11.dll Object is locked skipped
C:\a223630\msjet40.dll Object is locked skipped
C:\a223630\msjetol1.dll Object is locked skipped
C:\a223630\msjro.dll Object is locked skipped
C:\a223630\msjtes40.dll Object is locked skipped
C:\a223630\mskssrv.sys Object is locked skipped
C:\a223630\mslbui.dll Object is locked skipped
C:\a223630\msltus40.dll Object is locked skipped
C:\a223630\msmom.dll Object is locked skipped
C:\a223630\msmsgs.cat Object is locked skipped
C:\a223630\msmsgs.exe Object is locked skipped
C:\a223630\msmsgs.inf Object is locked skipped
C:\a223630\msmsgsin.exe Object is locked skipped
C:\a223630\msn.inf Object is locked skipped
C:\a223630\msn100.mar Object is locked skipped
C:\a223630\msn14.mar Object is locked skipped
C:\a223630\msn150.mar Object is locked skipped
C:\a223630\msn163.mar Object is locked skipped
C:\a223630\msn188.mar Object is locked skipped
C:\a223630\msn220.mar Object is locked skipped
C:\a223630\msn222.mar Object is locked skipped
C:\a223630\msn238.mar Object is locked skipped
C:\a223630\msn36.mar Object is locked skipped
C:\a223630\msn6.exe Object is locked skipped
C:\a223630\msnetobj.dll Object is locked skipped
C:\a223630\msnmetal.dll Object is locked skipped
C:\a223630\msnmigr.dll Object is locked skipped
C:\a223630\msnmsn.inf Object is locked skipped
C:\a223630\msnmtllc.dll Object is locked skipped
C:\a223630\msnntmig.dll Object is locked skipped
C:\a223630\msnspell.dll Object is locked skipped
C:\a223630\msnsspc.dll Object is locked skipped
C:\a223630\msnunin.exe Object is locked skipped
C:\a223630\msobcomm.dll Object is locked skipped
C:\a223630\msobmain.dll Object is locked skipped
C:\a223630\msobshel.htm Object is locked skipped
C:\a223630\msoe.dll Object is locked skipped
C:\a223630\msoeacct.dll Object is locked skipped
C:\a223630\msoert2.dll Object is locked skipped
C:\a223630\msorcl32.dll Object is locked skipped
C:\a223630\mspaint.exe Object is locked skipped
C:\a223630\mspbde40.dll Object is locked skipped
C:\a223630\mspmsp.dll Object is locked skipped
C:\a223630\msrating.dll Object is locked skipped
C:\a223630\msrd2x40.dll Object is locked skipped
C:\a223630\msrdp.cab Object is locked skipped
C:\a223630\msrdp.ocx Object is locked skipped
C:\a223630\msrepl40.dll Object is locked skipped
C:\a223630\msrle32.dll Object is locked skipped
C:\a223630\msscds32.ax Object is locked skipped
C:\a223630\msscp.dll Object is locked skipped
C:\a223630\msscript.ocx Object is locked skipped
C:\a223630\mst120.dll Object is locked skipped
C:\a223630\mst123.dll Object is locked skipped
C:\a223630\mstask.dll Object is locked skipped
C:\a223630\mstee.sys Object is locked skipped
C:\a223630\mstext40.dll Object is locked skipped
C:\a223630\mstime.dll Object is locked skipped
C:\a223630\mstinit.exe Object is locked skipped
C:\a223630\mstsc.exe Object is locked skipped
C:\a223630\mstscax.dll Object is locked skipped
C:\a223630\mstsweb.cat Object is locked skipped
C:\a223630\msuni11.dll Object is locked skipped
C:\a223630\msutb.dll Object is locked skipped
C:\a223630\msv1_0.dll Object is locked skipped
C:\a223630\msvcp60.dll Object is locked skipped
C:\a223630\msvcrt.dll Object is locked skipped
C:\a223630\msvfw32.dll Object is locked skipped
C:\a223630\msvidctl.dll Object is locked skipped
C:\a223630\mswebdvd.dll Object is locked skipped
C:\a223630\msxactps.dll Object is locked skipped
C:\a223630\msxbde40.dll Object is locked skipped
C:\a223630\msxml2.dll Object is locked skipped
C:\a223630\msxml3.dll Object is locked skipped
C:\a223630\muisetup.exe Object is locked skipped
C:\a223630\mup.sys Object is locked skipped
C:\a223630\mutohpen.sys Object is locked skipped
C:\a223630\nac.dll Object is locked skipped
C:\a223630\ncobjapi.dll Object is locked skipped
C:\a223630\ncprov.dll Object is locked skipped
C:\a223630\nddenb32.dll Object is locked skipped
C:\a223630\ndis.sys Object is locked skipped
C:\a223630\ndisnpp.dll Object is locked skipped
C:\a223630\ndisuio.sys Object is locked skipped
C:\a223630\ndiswan.sys Object is locked skipped
C:\a223630\net.exe Object is locked skipped
C:\a223630\net1.exe Object is locked skipped
C:\a223630\netapi32.dll Object is locked skipped
C:\a223630\netbios.sys Object is locked skipped
C:\a223630\netbt.sys Object is locked skipped
C:\a223630\netcfgx.dll Object is locked skipped
C:\a223630\netdde.exe Object is locked skipped
C:\a223630\netklsi.inf Object is locked skipped
C:\a223630\netlogon.dll Object is locked skipped
C:\a223630\netman.dll Object is locked skipped
C:\a223630\netnm.inf Object is locked skipped
C:\a223630\netoc.dll Object is locked skipped
C:\a223630\netplwiz.dll Object is locked skipped
C:\a223630\netrtsnt.inf Object is locked skipped
C:\a223630\netsetup.exe Object is locked skipped
C:\a223630\netshell.dll Object is locked skipped
C:\a223630\netwlan.inf Object is locked skipped
C:\a223630\netwlan2.inf Object is locked skipped
C:\a223630\netwlan5.img Object is locked skipped
C:\a223630\netwlan5.sys Object is locked skipped
C:\a223630\netwv48.inf Object is locked skipped
C:\a223630\new\apph_sp.sdb Object is locked skipped
C:\a223630\new\apps_sp.chm Object is locked skipped
C:\a223630\new\ati2dvaa.dll Object is locked skipped
C:\a223630\new\ati2dvag.dll Object is locked skipped
C:\a223630\new\ati2mtaa.sys Object is locked skipped
C:\a223630\new\ati2mtag.sys Object is locked skipped
C:\a223630\new\ati3d1ag.dll Object is locked skipped
C:\a223630\new\ati3d2ag.dll Object is locked skipped
C:\a223630\new\atiixpaa.inf Object is locked skipped
C:\a223630\new\atiixpag.inf Object is locked skipped
C:\a223630\new\atinbtxx.sys Object is locked skipped
C:\a223630\new\atinmdxx.sys Object is locked skipped
C:\a223630\new\atinpdxx.sys Object is locked skipped
C:\a223630\new\atinraxx.sys Object is locked skipped
C:\a223630\new\atinrvxx.sys Object is locked skipped
C:\a223630\new\atinsnxx.sys Object is locked skipped
C:\a223630\new\atinttxx.sys Object is locked skipped
C:\a223630\new\atintuxx.sys Object is locked skipped
C:\a223630\new\atinxbxx.sys Object is locked skipped
C:\a223630\new\atinxsxx.sys Object is locked skipped
C:\a223630\new\ativdaxx.ax Object is locked skipped
C:\a223630\new\ativmvxx.ax Object is locked skipped
C:\a223630\new\atixpwdm.inf Object is locked skipped
C:\a223630\new\c_28603.nls Object is locked skipped
C:\a223630\new\dsprpres.dll Object is locked skipped
C:\a223630\new\encapi.dll Object is locked skipped
C:\a223630\new\encdec.dll Object is locked skipped
C:\a223630\new\faxpatch.exe Object is locked skipped
C:\a223630\new\hccoin.dll Object is locked skipped
C:\a223630\new\hidir.sys Object is locked skipped
C:\a223630\new\hscupd.exe Object is locked skipped
C:\a223630\new\irbus.inf Object is locked skipped
C:\a223630\new\medctrro.exe Object is locked skipped
C:\a223630\new\msctfime.ime Object is locked skipped
C:\a223630\new\msftedit.dll Object is locked skipped
C:\a223630\new\mssap.dll Object is locked skipped
C:\a223630\new\mutohpen.sys Object is locked skipped
C:\a223630\new\netbeac.inf Object is locked skipped
C:\a223630\new\nettun.inf Object is locked skipped
C:\a223630\new\nv4_disp.inf Object is locked skipped
C:\a223630\new\nvct.inf Object is locked skipped
C:\a223630\new\nvdm.inf Object is locked skipped
C:\a223630\new\nvts.inf Object is locked skipped
C:\a223630\new\oeaccess.inf Object is locked skipped
C:\a223630\new\osloader.ntd Object is locked skipped
C:\a223630\new\ramdisk.inf Object is locked skipped
C:\a223630\new\sbe.dll Object is locked skipped
C:\a223630\new\sbeio.dll Object is locked skipped
C:\a223630\new\smtpsvc.dll Object is locked skipped
C:\a223630\new\snchk.exe Object is locked skipped
C:\a223630\new\sp1.cab Object is locked skipped
C:\a223630\new\spgrmr.dll Object is locked skipped
C:\a223630\new\usbehci.sys Object is locked skipped
C:\a223630\new\wacompen.sys Object is locked skipped
C:\a223630\new\winbrand.dll Object is locked skipped
C:\a223630\new\winhttp.dll Object is locked skipped
C:\a223630\new\wmaccess.inf Object is locked skipped
C:\a223630\new\wmpocm.inf Object is locked skipped
C:\a223630\new\wmvcore2.dll Object is locked skipped
C:\a223630\new\wuau.adm Object is locked skipped
C:\a223630\new\xpsp1res.dll Object is locked skipped
C:\a223630\newdev.dll Object is locked skipped
C:\a223630\neweula.htm Object is locked skipped
billybob0626
2007-08-25, 06:20
Here is part 2 of the scan
C:\a223630\nic1394.sys Object is locked skipped
C:\a223630\nlhtml.dll Object is locked skipped
C:\a223630\nmas.dll Object is locked skipped
C:\a223630\nmasnt.dll Object is locked skipped
C:\a223630\nmchat.dll Object is locked skipped
C:\a223630\nmcom.dll Object is locked skipped
C:\a223630\nmft.dll Object is locked skipped
C:\a223630\nmmkcert.dll Object is locked skipped
C:\a223630\nmnt.sys Object is locked skipped
C:\a223630\nmoldwb.dll Object is locked skipped
C:\a223630\nmwb.dll Object is locked skipped
C:\a223630\npdrmv2.dll Object is locked skipped
C:\a223630\npdsplay.dll Object is locked skipped
C:\a223630\nppagent.exe Object is locked skipped
C:\a223630\npptools.dll Object is locked skipped
C:\a223630\npwmsdrm.dll Object is locked skipped
C:\a223630\nt5.cat Object is locked skipped
C:\a223630\ntdetect.com Object is locked skipped
C:\a223630\ntdll.dll Object is locked skipped
C:\a223630\ntfs.sys Object is locked skipped
C:\a223630\ntio.sys Object is locked skipped
C:\a223630\ntkrnlmp.exe Object is locked skipped
C:\a223630\ntkrnlpa.exe Object is locked skipped
C:\a223630\ntkrpamp.exe Object is locked skipped
C:\a223630\ntlanman.dll Object is locked skipped
C:\a223630\ntldr Object is locked skipped
C:\a223630\ntmarta.dll Object is locked skipped
C:\a223630\ntmsapi.dll Object is locked skipped
C:\a223630\ntmsdba.dll Object is locked skipped
C:\a223630\ntmssvc.dll Object is locked skipped
C:\a223630\ntoskrnl.exe Object is locked skipped
C:\a223630\ntprint.cat Object is locked skipped
C:\a223630\ntprint.dll Object is locked skipped
C:\a223630\ntshrui.dll Object is locked skipped
C:\a223630\ntvdm.exe Object is locked skipped
C:\a223630\nv4_disp.dll Object is locked skipped
C:\a223630\nv4_mini.sys Object is locked skipped
C:\a223630\nwprovau.dll Object is locked skipped
C:\a223630\oakley.dll Object is locked skipped
C:\a223630\obeip.dun Object is locked skipped
C:\a223630\ocgen.dll Object is locked skipped
C:\a223630\ocmsn.dll Object is locked skipped
C:\a223630\odbc32.dll Object is locked skipped
C:\a223630\odbc32gt.dll Object is locked skipped
C:\a223630\odbcad32.exe Object is locked skipped
C:\a223630\odbcbcp.dll Object is locked skipped
C:\a223630\odbcconf.dll Object is locked skipped
C:\a223630\odbcconf.exe Object is locked skipped
C:\a223630\odbcconf.rsp Object is locked skipped
C:\a223630\odbccp32.dll Object is locked skipped
C:\a223630\odbccr32.dll Object is locked skipped
C:\a223630\odbccu32.dll Object is locked skipped
C:\a223630\odbcp32r.dll Object is locked skipped
C:\a223630\odbctrac.dll Object is locked skipped
C:\a223630\offfilt.dll Object is locked skipped
C:\a223630\ohci1394.sys Object is locked skipped
C:\a223630\ole32.dll Object is locked skipped
C:\a223630\oleaut32.dll Object is locked skipped
C:\a223630\oledb32.dll Object is locked skipped
C:\a223630\oleprn.dll Object is locked skipped
C:\a223630\oobebaln.exe Object is locked skipped
C:\a223630\opengl32.dll Object is locked skipped
C:\a223630\oschoice.exe Object is locked skipped
C:\a223630\osk.exe Object is locked skipped
C:\a223630\osloader.exe Object is locked skipped
C:\a223630\p3.sys Object is locked skipped
C:\a223630\packager.exe Object is locked skipped
C:\a223630\page1.asp Object is locked skipped
C:\a223630\parport.sys Object is locked skipped
C:\a223630\pautoenr.dll Object is locked skipped
C:\a223630\pchshell.dll Object is locked skipped
C:\a223630\pchsvc.dll Object is locked skipped
C:\a223630\pci.sys Object is locked skipped
C:\a223630\pciidex.sys Object is locked skipped
C:\a223630\pcmcia.sys Object is locked skipped
C:\a223630\pcx500.sys Object is locked skipped
C:\a223630\pdh.dll Object is locked skipped
C:\a223630\perm2.sys Object is locked skipped
C:\a223630\perm2dll.dll Object is locked skipped
C:\a223630\perm3.sys Object is locked skipped
C:\a223630\perm3dd.dll Object is locked skipped
C:\a223630\phone.icw Object is locked skipped
C:\a223630\phone.inf Object is locked skipped
C:\a223630\phone.obe Object is locked skipped
C:\a223630\pid.dll Object is locked skipped
C:\a223630\ping.exe Object is locked skipped
C:\a223630\pngfilt.dll Object is locked skipped
C:\a223630\popc.dll Object is locked skipped
C:\a223630\portcls.sys Object is locked skipped
C:\a223630\ppa3.sys Object is locked skipped
C:\a223630\printui.dll Object is locked skipped
C:\a223630\privacy.hta Object is locked skipped
C:\a223630\processr.sys Object is locked skipped
C:\a223630\proctexe.ocx Object is locked skipped
C:\a223630\ps5ui.dll Object is locked skipped
C:\a223630\psapi.dll Object is locked skipped
C:\a223630\psbase.dll Object is locked skipped
C:\a223630\psched.sys Object is locked skipped
C:\a223630\pscript5.dll Object is locked skipped
C:\a223630\ptpusd.dll Object is locked skipped
C:\a223630\qcap.dll Object is locked skipped
C:\a223630\qdvd.dll Object is locked skipped
C:\a223630\qedit.dll Object is locked skipped
C:\a223630\qmgr.dll Object is locked skipped
C:\a223630\qmgrprxy.dll Object is locked skipped
C:\a223630\quartz.dll Object is locked skipped
C:\a223630\query.dll Object is locked skipped
C:\a223630\ramdisk.sys Object is locked skipped
C:\a223630\rasapi32.dll Object is locked skipped
C:\a223630\raschap.dll Object is locked skipped
C:\a223630\rasdlg.dll Object is locked skipped
C:\a223630\rasl2tp.sys Object is locked skipped
C:\a223630\rasman.dll Object is locked skipped
C:\a223630\rasmans.dll Object is locked skipped
C:\a223630\rasppp.dll Object is locked skipped
C:\a223630\raspptp.sys Object is locked skipped
C:\a223630\rassapi.dll Object is locked skipped
C:\a223630\rastapi.dll Object is locked skipped
C:\a223630\rastls.dll Object is locked skipped
C:\a223630\rcimlby.exe Object is locked skipped
C:\a223630\rdbss.sys Object is locked skipped
C:\a223630\rdchost.dll Object is locked skipped
C:\a223630\rdpclip.exe Object is locked skipped
C:\a223630\rdpdd.dll Object is locked skipped
C:\a223630\rdpdr.sys Object is locked skipped
C:\a223630\rdpsnd.dll Object is locked skipped
C:\a223630\rdpwd.sys Object is locked skipped
C:\a223630\rdpwsx.dll Object is locked skipped
C:\a223630\rdsaddin.exe Object is locked skipped
C:\a223630\redbook.sys Object is locked skipped
C:\a223630\redir.exe Object is locked skipped
C:\a223630\reg.exe Object is locked skipped
C:\a223630\regapi.dll Object is locked skipped
C:\a223630\regedit.exe Object is locked skipped
C:\a223630\remotepg.dll Object is locked skipped
C:\a223630\repdrvfs.dll Object is locked skipped
C:\a223630\riched20.dll Object is locked skipped
C:\a223630\rpcrt4.dll Object is locked skipped
C:\a223630\rpcss.dll Object is locked skipped
C:\a223630\rrcm.dll Object is locked skipped
C:\a223630\rsaenh.dll Object is locked skipped
C:\a223630\rshx32.dll Object is locked skipped
C:\a223630\rstrui.exe Object is locked skipped
C:\a223630\rtcdll.dll Object is locked skipped
C:\a223630\rtcshare.exe Object is locked skipped
C:\a223630\runonce.exe Object is locked skipped
C:\a223630\samlib.dll Object is locked skipped
C:\a223630\sapi.cpl Object is locked skipped
C:\a223630\sapi.dll Object is locked skipped
C:\a223630\savedump.exe Object is locked skipped
C:\a223630\sbp2port.sys Object is locked skipped
C:\a223630\sccbase.dll Object is locked skipped
C:\a223630\sccsccp.dll Object is locked skipped
C:\a223630\scecli.dll Object is locked skipped
C:\a223630\scesrv.dll Object is locked skipped
C:\a223630\schannel.dll Object is locked skipped
C:\a223630\schedsvc.dll Object is locked skipped
C:\a223630\script.dll Object is locked skipped
C:\a223630\script_a.dll Object is locked skipped
C:\a223630\scrnsave.scr Object is locked skipped
C:\a223630\scsiport.sys Object is locked skipped
C:\a223630\sdbinst.exe Object is locked skipped
C:\a223630\secur32.dll Object is locked skipped
C:\a223630\sens.dll Object is locked skipped
C:\a223630\sensapi.dll Object is locked skipped
C:\a223630\serial.sys Object is locked skipped
C:\a223630\sessmgr.exe Object is locked skipped
C:\a223630\setup.exe Object is locked skipped
C:\a223630\setup50.exe Object is locked skipped
C:\a223630\setupapi.dll Object is locked skipped
C:\a223630\setupqry.dll Object is locked skipped
C:\a223630\setupqry.inf Object is locked skipped
C:\a223630\setup_wm.exe Object is locked skipped
C:\a223630\sfcfiles.dll Object is locked skipped
C:\a223630\sfc_os.dll Object is locked skipped
C:\a223630\sfloppy.sys Object is locked skipped
C:\a223630\shdocvw.dll Object is locked skipped
C:\a223630\shell32.dll Object is locked skipped
C:\a223630\shfolder.dll Object is locked skipped
C:\a223630\shgina.dll Object is locked skipped
C:\a223630\shimeng.dll Object is locked skipped
C:\a223630\shimgvw.dll Object is locked skipped
C:\a223630\shlwapi.dll Object is locked skipped
C:\a223630\shmgrate.exe Object is locked skipped
C:\a223630\shsvcs.dll Object is locked skipped
C:\a223630\shtml.dll Object is locked skipped
C:\a223630\shtml.exe Object is locked skipped
C:\a223630\sigtab.dll Object is locked skipped
C:\a223630\sigverif.exe Object is locked skipped
C:\a223630\simpdata.tlb Object is locked skipped
C:\a223630\skeys.exe Object is locked skipped
C:\a223630\sla30nd5.sys Object is locked skipped
C:\a223630\slayerxp.dll Object is locked skipped
C:\a223630\sl_anet.acm Object is locked skipped
C:\a223630\smbali.sys Object is locked skipped
C:\a223630\smbbatt.sys Object is locked skipped
C:\a223630\smbclass.sys Object is locked skipped
C:\a223630\smi2smir.exe Object is locked skipped
C:\a223630\smlogcfg.dll Object is locked skipped
C:\a223630\smlogsvc.exe Object is locked skipped
C:\a223630\smss.exe Object is locked skipped
C:\a223630\snmp.exe Object is locked skipped
C:\a223630\snmpapi.dll Object is locked skipped
C:\a223630\snmpcl.dll Object is locked skipped
C:\a223630\snmpincl.dll Object is locked skipped
C:\a223630\snmpsmir.dll Object is locked skipped
C:\a223630\snmpthrd.dll Object is locked skipped
C:\a223630\softkbd.dll Object is locked skipped
C:\a223630\sonydcam.sys Object is locked skipped
C:\a223630\spider.exe Object is locked skipped
C:\a223630\splitter.sys Object is locked skipped
C:\a223630\spoolss.dll Object is locked skipped
C:\a223630\sptip.dll Object is locked skipped
C:\a223630\sqloledb.dll Object is locked skipped
C:\a223630\sqlsrv32.dll Object is locked skipped
C:\a223630\sqlxmlx.dll Object is locked skipped
C:\a223630\sr.sys Object is locked skipped
C:\a223630\srchui.dll Object is locked skipped
C:\a223630\srclient.dll Object is locked skipped
C:\a223630\srrstr.dll Object is locked skipped
C:\a223630\srsvc.dll Object is locked skipped
C:\a223630\ss3dfo.scr Object is locked skipped
C:\a223630\ssbezier.scr Object is locked skipped
C:\a223630\ssdpapi.dll Object is locked skipped
C:\a223630\ssdpsrv.dll Object is locked skipped
C:\a223630\ssflwbox.scr Object is locked skipped
C:\a223630\ssmarque.scr Object is locked skipped
C:\a223630\ssmyst.scr Object is locked skipped
C:\a223630\sspipes.scr Object is locked skipped
C:\a223630\ssstars.scr Object is locked skipped
C:\a223630\sstext3d.scr Object is locked skipped
C:\a223630\stdprov.dll Object is locked skipped
C:\a223630\sti.dll Object is locked skipped
C:\a223630\sti_ci.dll Object is locked skipped
C:\a223630\stobject.dll Object is locked skipped
C:\a223630\storprop.dll Object is locked skipped
C:\a223630\stream.sys Object is locked skipped
C:\a223630\strmdll.dll Object is locked skipped
C:\a223630\stub_fpsrvadm.exe Object is locked skipped
C:\a223630\stub_fpsrvwin.exe Object is locked skipped
C:\a223630\swflash.ocx Object is locked skipped
C:\a223630\sxs.dll Object is locked skipped
C:\a223630\sysaudio.sys Object is locked skipped
C:\a223630\sysdm.cpl Object is locked skipped
C:\a223630\sysmain.sdb Object is locked skipped
C:\a223630\sysmod.dll Object is locked skipped
C:\a223630\sysmod_a.dll Object is locked skipped
C:\a223630\sysmon.ocx Object is locked skipped
C:\a223630\syssetup.dll Object is locked skipped
billybob0626
2007-08-25, 06:22
here is part three of the scan.
C:\a223630\tahoma.ttf Object is locked skipped
C:\a223630\tahomabd.ttf Object is locked skipped
C:\a223630\tape.sys Object is locked skipped
C:\a223630\tapi32.dll Object is locked skipped
C:\a223630\tapisrv.dll Object is locked skipped
C:\a223630\taskmgr.exe Object is locked skipped
C:\a223630\tcpip.sys Object is locked skipped
C:\a223630\tcpip6.sys Object is locked skipped
C:\a223630\tcptest.exe Object is locked skipped
C:\a223630\tcptsat.dll Object is locked skipped
C:\a223630\telnet.exe Object is locked skipped
C:\a223630\termdd.sys Object is locked skipped
C:\a223630\termsrv.dll Object is locked skipped
C:\a223630\tffsport.sys Object is locked skipped
C:\a223630\themeui.dll Object is locked skipped
C:\a223630\times.ttf Object is locked skipped
C:\a223630\tracert.exe Object is locked skipped
C:\a223630\trebuc.ttf Object is locked skipped
C:\a223630\triedit.dll Object is locked skipped
C:\a223630\trkwks.dll Object is locked skipped
C:\a223630\tscfgwmi.dll Object is locked skipped
C:\a223630\tscfgwmi.mfl Object is locked skipped
C:\a223630\tscfgwmi.mof Object is locked skipped
C:\a223630\tscupgrd.exe Object is locked skipped
C:\a223630\tshoot.chm Object is locked skipped
C:\a223630\tsoc.dll Object is locked skipped
C:\a223630\tsweb1.htm Object is locked skipped
C:\a223630\tunmp.sys Object is locked skipped
C:\a223630\udfs.sys Object is locked skipped
C:\a223630\udhisapi.dll Object is locked skipped
C:\a223630\ui.mar Object is locked skipped
C:\a223630\umandlg.dll Object is locked skipped
C:\a223630\umpnpmgr.dll Object is locked skipped
C:\a223630\unidrv.dll Object is locked skipped
C:\a223630\unidrvui.dll Object is locked skipped
C:\a223630\unregmp2.exe Object is locked skipped
C:\a223630\untfs.dll Object is locked skipped
C:\a223630\upnp.dll Object is locked skipped
C:\a223630\upnphost.dll Object is locked skipped
C:\a223630\upnpui.dll Object is locked skipped
C:\a223630\ups.exe Object is locked skipped
C:\a223630\url.dll Object is locked skipped
C:\a223630\urlmon.dll Object is locked skipped
C:\a223630\usb101et.sys Object is locked skipped
C:\a223630\usbaudio.sys Object is locked skipped
C:\a223630\usbccgp.sys Object is locked skipped
C:\a223630\usbehci.sys Object is locked skipped
C:\a223630\usbhub.sys Object is locked skipped
C:\a223630\usbintel.sys Object is locked skipped
C:\a223630\usbohci.sys Object is locked skipped
C:\a223630\usbport.sys Object is locked skipped
C:\a223630\usbprint.sys Object is locked skipped
C:\a223630\usbscan.sys Object is locked skipped
C:\a223630\usbstor.sys Object is locked skipped
C:\a223630\usbuhci.sys Object is locked skipped
C:\a223630\user32.dll Object is locked skipped
C:\a223630\userenv.dll Object is locked skipped
C:\a223630\userinit.exe Object is locked skipped
C:\a223630\usmtdef.inf Object is locked skipped
C:\a223630\usp10.dll Object is locked skipped
C:\a223630\utilman.exe Object is locked skipped
C:\a223630\uxtheme.dll Object is locked skipped
C:\a223630\vbisurf.ax Object is locked skipped
C:\a223630\vbscript.dll Object is locked skipped
C:\a223630\vdmredir.dll Object is locked skipped
C:\a223630\verdana.ttf Object is locked skipped
C:\a223630\vfwwdm32.dll Object is locked skipped
C:\a223630\vga.sys Object is locked skipped
C:\a223630\vgx.dll Object is locked skipped
C:\a223630\viaide.sys Object is locked skipped
C:\a223630\videoprt.sys Object is locked skipped
C:\a223630\vssapi.dll Object is locked skipped
C:\a223630\w32time.dll Object is locked skipped
C:\a223630\w95upgnt.dll Object is locked skipped
C:\a223630\wab32.dll Object is locked skipped
C:\a223630\wab32res.dll Object is locked skipped
C:\a223630\wacompen.sys Object is locked skipped
C:\a223630\watchdog.sys Object is locked skipped
C:\a223630\wbemcomn.dll Object is locked skipped
C:\a223630\wbemcore.dll Object is locked skipped
C:\a223630\wbemess.dll Object is locked skipped
C:\a223630\wbemprox.dll Object is locked skipped
C:\a223630\wbemupgd.dll Object is locked skipped
C:\a223630\wdmaud.sys Object is locked skipped
C:\a223630\wdma_ali.inf Object is locked skipped
C:\a223630\wdma_int.inf Object is locked skipped
C:\a223630\wdma_via.inf Object is locked skipped
C:\a223630\webcheck.dll Object is locked skipped
C:\a223630\webclnt.dll Object is locked skipped
C:\a223630\webfldrs.msi Object is locked skipped
C:\a223630\webvw.dll Object is locked skipped
C:\a223630\wextract.exe Object is locked skipped
C:\a223630\wiadss.dll Object is locked skipped
C:\a223630\wiaservc.dll Object is locked skipped
C:\a223630\win32k.sys Object is locked skipped
C:\a223630\win32spl.dll Object is locked skipped
C:\a223630\winhlp32.exe Object is locked skipped
C:\a223630\wininet.dll Object is locked skipped
C:\a223630\winlogon.exe Object is locked skipped
C:\a223630\winmm.dll Object is locked skipped
C:\a223630\winspool.drv Object is locked skipped
C:\a223630\winsrv.dll Object is locked skipped
C:\a223630\winsta.dll Object is locked skipped
C:\a223630\wldap32.dll Object is locked skipped
C:\a223630\wlluc48.sys Object is locked skipped
C:\a223630\wlnotify.dll Object is locked skipped
C:\a223630\wmadmod.dll Object is locked skipped
C:\a223630\wmadmoe.dll Object is locked skipped
C:\a223630\wmasf.dll Object is locked skipped
C:\a223630\wmerrenu.dll Object is locked skipped
C:\a223630\wmi.mof Object is locked skipped
C:\a223630\wmicookr.dll Object is locked skipped
C:\a223630\wmidcprv.dll Object is locked skipped
C:\a223630\wmidx.ocx Object is locked skipped
C:\a223630\wmipcima.dll Object is locked skipped
C:\a223630\wmiprov.dll Object is locked skipped
C:\a223630\wmiprvsd.dll Object is locked skipped
C:\a223630\wmiprvse.exe Object is locked skipped
C:\a223630\wmipsess.dll Object is locked skipped
C:\a223630\wmisvc.dll Object is locked skipped
C:\a223630\wmiutils.dll Object is locked skipped
C:\a223630\wmmfilt.dll Object is locked skipped
C:\a223630\wmmres.dll Object is locked skipped
C:\a223630\wmmutil.dll Object is locked skipped
C:\a223630\wmnetmgr.dll Object is locked skipped
C:\a223630\wmp.inf Object is locked skipped
C:\a223630\wmp.ocx Object is locked skipped
C:\a223630\wmpcd.dll Object is locked skipped
C:\a223630\wmpcore.dll Object is locked skipped
C:\a223630\wmplayer.exe Object is locked skipped
C:\a223630\wmploc.dll Object is locked skipped
C:\a223630\wmpshell.dll Object is locked skipped
C:\a223630\wmpstub.exe Object is locked skipped
C:\a223630\wmpui.dll Object is locked skipped
C:\a223630\wmpvis.dll Object is locked skipped
C:\a223630\wmsdmod.dll Object is locked skipped
C:\a223630\wmsdmoe.dll Object is locked skipped
C:\a223630\wmstream.dll Object is locked skipped
C:\a223630\wmv8dmod.dll Object is locked skipped
C:\a223630\wmv8ds32.ax Object is locked skipped
C:\a223630\wmvcore.dll Object is locked skipped
C:\a223630\wmvdmod.dll Object is locked skipped
C:\a223630\wmvdmoe.dll Object is locked skipped
C:\a223630\wmvds32.ax Object is locked skipped
C:\a223630\wordpad.exe Object is locked skipped
C:\a223630\wow32.dll Object is locked skipped
C:\a223630\wship6.dll Object is locked skipped
C:\a223630\wsnmp32.dll Object is locked skipped
C:\a223630\wtsapi32.dll Object is locked skipped
C:\a223630\wuauclt.exe Object is locked skipped
C:\a223630\wuaueng.dll Object is locked skipped
C:\a223630\wuauserv.dll Object is locked skipped
C:\a223630\wzcdlg.dll Object is locked skipped
C:\a223630\wzcsapi.dll Object is locked skipped
C:\a223630\wzcsvc.dll Object is locked skipped
C:\a223630\xactsrv.dll Object is locked skipped
C:\a223630\zipfldr.dll Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\OneCare Protection\Support\MPLog-06092007-234105.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Protection Service\edb.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Protection Service\MPSSVCPolicyIdLog.etl Object is locked skipped
C:\Documents and Settings\Bill and Shirley\Cookies\INDEX.DAT Object is locked skipped
C:\Documents and Settings\Bill and Shirley\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped
C:\Documents and Settings\Bill and Shirley\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Bill and Shirley\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Bill and Shirley\Local Settings\History\History.IE5\INDEX.DAT Object is locked skipped
C:\Documents and Settings\Bill and Shirley\Local Settings\History\History.IE5\MSHist012007082520070826\index.dat Object is locked skipped
C:\Documents and Settings\Bill and Shirley\Local Settings\Temp\hpodvd09.log Object is locked skipped
C:\Documents and Settings\Bill and Shirley\Local Settings\Temp\~DF9FE1.tmp Object is locked skipped
C:\Documents and Settings\Bill and Shirley\Local Settings\Temp\~DF9FEE.tmp Object is locked skipped
C:\Documents and Settings\Bill and Shirley\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\Bill and Shirley\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Bill and Shirley\ntuser.dat Object is locked skipped
C:\Documents and Settings\Bill and Shirley\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\INDEX.DAT Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\INDEX.DAT Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Microsoft Windows OneCare Live\ClientSD\Ent.dat Object is locked skipped
C:\Program Files\Microsoft Windows OneCare Live\ClientSD\prov\prov.xml Object is locked skipped
C:\Program Files\Microsoft Windows OneCare Live\ClientSD\prov\Service.xml Object is locked skipped
C:\Program Files\Microsoft Windows OneCare Live\ClientSD\prov\service.xml.bak Object is locked skipped
C:\Program Files\Microsoft Windows OneCare Live\ClientSD\prov\user.xml Object is locked skipped
C:\Program Files\Microsoft Windows OneCare Live\ClientSD\prov\user.xml.bak Object is locked skipped
C:\Program Files\Microsoft Windows OneCare Live\Database\edb.log Object is locked skipped
C:\Program Files\Microsoft Windows OneCare Live\Database\tmp.edb Object is locked skipped
C:\Program Files\Microsoft Windows OneCare Live\Database\WinSS_st.edb Object is locked skipped
C:\Program Files\Microsoft Windows OneCare Live\onecaremp_log.bin Object is locked skipped
C:\Program Files\Microsoft Windows OneCare Live\WinSSSvc_log.bin Object is locked skipped
C:\System Volume Information\_restore{E87A81FB-FDCF-4B92-A20C-951710F82D7C}\RP1479\change.log Object is locked skipped
C:\WINDOWS\$NtUninstallKB824141$\kb824141.cat Object is locked skipped
C:\WINDOWS\$NtUninstallKB824141$\user32.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB824141$\win32k.sys Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\accwiz.exe Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\cryptsvc.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\locator.exe Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\magnify.exe Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\migwiz.exe Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\narrator.exe Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\newdev.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\osk.exe Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\pchshell.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828035$\kb828035.cat Object is locked skipped
C:\WINDOWS\$NtUninstallKB828035$\msgsvc.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828035$\wkssvc.dll Object is locked skipped
C:\WINDOWS\$NtUninstallQ329048$\reg00001 Object is locked skipped
C:\WINDOWS\$NtUninstallQ329390$\reg00001 Object is locked skipped
C:\WINDOWS\$NtUninstallQ329834$\reg00001 Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\SYSTEM32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\SYSTEM32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\AppEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\Internet.evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\MSFWSVC.evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SAM Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SAM.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SecEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SECURITY Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SECURITY.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SysEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\Windows_OneCare_Evt.evt Object is locked skipped
C:\WINDOWS\SYSTEM32\H323LOG.TXT Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\temp\Perflib_Perfdata_6bc.dat Object is locked skipped
C:\WINDOWS\WIADEBUG.LOG Object is locked skipped
C:\WINDOWS\WIASERVC.LOG Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
F:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
F:\System Volume Information\_restore{E87A81FB-FDCF-4B92-A20C-951710F82D7C}\RP1479\change.log Object is locked skipped
Scan process completed.
Thank you again for everything
pskelley
2007-08-25, 15:07
That is the same junk you posted before that I asked you to edit out???
The scan still shows no infections and you tell me the junk is from 1998?
You might try a free diagnostic here: http://www.pcpitstop.com/
Tutorial: http://www.pcpitstop.com/techexpress/howto1.asp
Help with results: http://pcpitstop.invisionzone.com/index.php?showforum=6
Post a link to the test results, I may spot something. At this point, you may want to consider a local technicial who can get in front of that box, appears there is not a lot I can do remotely.
Thanks
billybob0626
2007-08-25, 17:51
Sorry I did not see your request to edit the stuff until after i posted the scan. When I put the cursor over one of the files they all say fie created in 1998. I truly appreciate all of your help. I realize that you and the rest of the team are volunteers and donate your time. I will get the diagnostic from pcscript and post a link to the results. Thank you again for your patience and time
billybob0626
2007-08-25, 18:06
Here is the link to the test result page of pcpitstop.
http://www.pcpitstop.com/pcpitstop/summary.asp
Thank you again for all of your help.
pskelley
2007-08-25, 18:17
Thanks link goes nowhere:sad:
billybob0626
2007-08-25, 19:08
Sorry about the link. Do you think maybe a password is needed?
It appears from the pcpitstop diagnosis that there are several hardware and configuration issues. For example my C drive has only 4% free space available and according to the diagnosis my internet cache is too small. This could explain some of the sluggishness in my computer. I will try to resolve these issues and see if these are the sources of my problems.
Thank you again for all of your help. I know that you and the other membes of the Spybot S&D team are dedicated to eliminating malicious software. Thank you again.
Sincerely Billybob0626
pskelley
2007-08-25, 19:18
No passwpord is need, you just need to post the correct link. You must have registered (free) or they can't save the results for you. Look at this link:
http://pcpitstop.invisionzone.com/index.php?showforum=6 which I posted for you. I will guess every poster who posts includes the link to the test results, here is just the first one:
http://forums.pcpitstop.com/index.php?showtopic=145999
and their test results:
http://www.pcpitstop.com/pcpitstop/Summary.asp?TechExpress=QLLJHW7BX4VSQX7V
I can't really comment without seeing the information but if you have no more space than that on your hard drive, you have major issues. That includes having files on your computer on your C:\ drive that you can not access and do not know what are.
Here is information that might help:
http://www.castlecops.com/postitle175256-0-0-.html
http://users.telenet.be/bluepatchy/miekiemoes/slowcomputer.html
http://www.microsoft.com/atwork/getstarted/speed.mspx?wt_svl=20292a&mg_id=20292b
I might also speculate that with no more hard drive space than that, you may not be able to download needed Windows updates and it could also be the reason you can not download the tools we tried to use. Kaspersky scans online and does not need hard drive space.
It is also unlikely this will give you what you need, but it may give you some ideas:
http://www.google.com/search?hl=en&q=how+to+increase+hard+drive+space&btnG=Google+Search
Thanks
billybob0626
2007-08-25, 19:55
Sorry I posted the wrong link. Here is the link to the page with my test results.
http://www.pcpitstop.com/pcpitstop/Summary.asp?conid=18493403
Thank you again for all of your help
pskelley
2007-08-25, 19:56
That is not a link to your test results???:sad:
billybob0626
2007-08-25, 20:28
Sorry for the problems with the link. I am new at on-line forums. With your advice and the test results I believe the lack of space on my hard drive is the source of my problems. Who knows maybe the lack of space prevented the virtumonde infection from entering my computer. Anyway I will remove the many unused files on my hard drive. Thanks for all of your help, patience and time. Hopefully this will not happen but if I ever have problems with malicious software I know where to turn. Thank you PSKELLEY and the rest of the Spybot S&D team for all of your help.
A sincerely greatful Billybob0626
This is my last post on this topic
pskelley
2007-08-25, 20:49
Thanks for that feedback, here is some information that might be handy in the future.
http://www.microsoft.com/windowsxp/using/helpandsupport/learnmore/tips/mcgill1.mspx
Here is some great information from experts in this field that will help you stay clean and safe online.
http://users.telenet.be/bluepatchy/miekiemoes/prevention.html
http://forums.spybot.info/showthread.php?t=279
http://russelltexas.com/malware/allclear.htm
http://forum.malwareremoval.com/viewtopic.php?t=14
http://www.bleepingcomputer.com/forums/topict2520.html
http://cybercoyote.org/security/not-admin.shtml
Thanks...pskelley
Safer Networking Forums
http://www.spybot.info/en/donate/index.html
If you are reading this information...thank a teacher,
If you are reading it in English...thank a soldier.
pskelley
2007-09-01, 15:07
As the problem appears to be resolved this topic has been closed.
If you need it re-opened please send me or a forum staff member a private message (pm) and provide a link to the thread; this applies only to the original topic starter.
Anyone else with similar problems please start a new topic.
Thanks