|
|
|
|
|||||
|
|
|
|
|
|
|||
| Welcome
to Tech Support Forum home to more then 136,000 problems solved. Issues
have included: Spyware, Malware, Virus Issues, Windows, Microsoft,
Linux, Networking, Security, Hardware, and Gaming Getting your
problem solved is as easy as: 1. Registering for a free account 2. Asking your question 3. Receiving an answer Registered members: * See fewer ads. * And much more..
|
| Want to know how to post a question? click here | Having problems with spyware and pop-ups? First Steps |
|
|||||||
| Resolved HJT Threads Resolved spyware and popup issues. |
|
|
LinkBack | Thread Tools |
07-10-2006, 04:34 PM
|
#1 (permalink) |
|
Registered User
Join Date: Jul 2006
Posts: 9
OS: XP sp 2
|
Intermittent Access
Here is my HJT log:
Logfile of HijackThis v1.99.1 Scan saved at 6:31:35 PM, on 7/10/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\CTHELPER.EXE C:\WINDOWS\System32\rmctrl.exe D:\Program Files\D-Tools\daemon.exe C:\WINDOWS\Logi_MwX.Exe D:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Program Files\One-VA VPN Client\cvpnd.exe D:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\eFax Messenger 4.1\J2GDllCmd.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE D:\PROGRA~1\Comcast\COMCAS~1\data\Xtras\mssysmgr.exe C:\Program Files\Google\Google Talk\googletalk.exe D:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe C:\WINDOWS\system32\nvsvc32.exe D:\Program Files\AIM\aim.exe D:\Program Files\Serv-U\ServUDaemon.exe D:\Program Files\Serv-U\ServUTray.exe C:\WINDOWS\System32\tcpsvcs.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\System32\WLTRYSVC.EXE C:\WINDOWS\System32\bcmwltry.exe C:\Program Files\eFax Messenger 4.1\J2GTray.exe D:\Program Files\Logitech\SetPoint\SetPoint.exe D:\Program Files\No-IP\DUC20.exe C:\Program Files\Common Files\Skyscape\smARTupdate.exe C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE C:\WINDOWS\system32\svchost.exe D:\Program Files\Serv-U\ServUAdmin.exe C:\Program Files\One-VA VPN Client\vpngui.exe C:\WINDOWS\System32\svchost.exe d:\Program Files\Winamp\Winamp.exe C:\Program Files\Common Files\Symantec Shared\NMain.exe D:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe D:\Program Files\iPod\bin\iPodService.exe D:\Program Files\iTunes\iTunesHelper.exe D:\Program Files\eDonkey2000\edonkey2000.exe D:\Program Files\Mozilla Firefox\firefox.exe D:\Program Files\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fatwallet.com/c/18/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fatwallet.com/c/18/ R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://192.168.0.1/start.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0 R3 - Default URLSearchHook is missing O1 - Hosts: 212.227.64.159 www.winmx.com O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - D:\Program Files\TechSmith\SnagIt 7\SnagItBHO.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - D:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - D:\Program Files\TechSmith\SnagIt 7\SnagItIEAddin.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - D:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [DeadAIM] rundll32.exe "D:\PROGRA~1\AIM\\DeadAIM.ocm",ExportedCheckODLs O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [Jet Detection] "D:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe" O4 - HKLM\..\Run: [RemoteControl] C:\WINDOWS\System32\rmctrl.exe O4 - HKLM\..\Run: [DAEMON Tools-1033] "D:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe" O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "D:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [eFax 4.1] "C:\Program Files\eFax Messenger 4.1\J2GDllCmd.exe" /R O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] D:\PROGRA~1\Comcast\COMCAS~1\data\Xtras\mssysmgr.exe O4 - HKCU\..\Run: [googletalk] "C:\Program Files\Google\Google Talk\googletalk.exe" /autostart O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [AIM] D:\Program Files\AIM\aim.exe -cnetwait.odl O4 - HKCU\..\Run: [ServUTrayIcon] D:\Program Files\Serv-U\ServUTray.exe O4 - Startup: No-IP DUC.lnk = D:\Program Files\No-IP\DUC20.exe O4 - Startup: Skyscape smARTupdate.lnk = C:\Program Files\Common Files\Skyscape\smARTupdate.exe O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ? O4 - Global Startup: eFax 4.1.lnk = C:\Program Files\eFax Messenger 4.1\J2GTray.exe O4 - Global Startup: Logitech SetPoint.lnk = D:\Program Files\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: One-VA VPN Client.lnk = C:\Program Files\One-VA VPN Client\vpngui.exe O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: Convert link target to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert link target to existing PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert selected links to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert selected links to existing PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Convert selection to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert selection to existing PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert to existing PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - D:\Program Files\AIM\aim.exe O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - d:\Program Files\ICQLite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - d:\Program Files\ICQLite\ICQLite.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {1842B0EE-B597-11D4-8997-00104BD12D94} (iCC Class) - http://www.pcpitstop.com/internet/pcpConnCheck.cab O16 - DPF: {1DF36010-E276-11D4-A7C0-00C04F0453DD} (Stamps.com Secure Postal Account Registration) - https://secure.stamps.com/download/u...9/sdcregie.cab O16 - DPF: {2DEF4530-8CE6-41C9-84B6-A54536C90213} (Crystal Report Viewer Control 9) - https://comdo-wcnlb.uc.edu/viewer9/a...ivexviewer.cab O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.microsoft.com/OAS/ActiveX/odc.cab O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/acti..._v1-0-3-17.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by104fd.bay104.hotmail.msn.co...s/MsnPUpld.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.co...?1093993332171 O16 - DPF: {94B82441-A413-4E43-8422-D49930E69764} - http://echat.us.dell.com/Media/Visit.../TLIEFlash.CAB O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab O16 - DPF: {CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA} (Java Plug-in) - O16 - DPF: {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} (Java Plug-in) - O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\One-VA VPN Client\cvpnd.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - D:\Program Files\iPod\bin\iPodService.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - D:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - D:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing) O23 - Service: SAVScan - Symantec Corporation - D:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Serv-U FTP Server (Serv-U) - Unknown owner - D:\Program Files\Serv-U\ServUDaemon.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe O23 - Service: WLTRYSVC - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE Maybe it is no help now, would have been when the problem was going on. I still don't understand what has changed. Yes it is a computer, and its playing with my emotions.  Thanks for your help.
|
|
     |
| Important Information |
|
Join the #1 Tech Support Forum Today - It's Totally Free!
TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free. Join TechSupportforum.com Today - Click Here |
|
07-10-2006, 04:51 PM
|
#2 (permalink) |
|
Manager, Networking Forums
Join Date: Sep 2002
Location: S.E. Pennsylvania, US
Posts: 41,685
OS: Windows 7, XP-Pro, Vista, Linux
Blog Entries: 1
|
I've moved your log over to the HijackThis forum, let's let the security folks take a peek at it.
__________________
If TSF has helped you, Tell us about it! or Donate to help keep the site up! Microsoft MVP - Windows Desktop Experience |
|
|
|
|
07-10-2006, 06:33 PM
|
#3 (permalink) |
|
Analyst, Security Team
Join Date: Jun 2005
Posts: 3,065
OS: Windows XP
|
Hoster- Unzip it to your desktop.
Open up Hoster
Please open IE and go to Kaspersky WebScanner Next Click on Kaspersky Online Scanner You will be prompted to install an ActiveX component from Kaspersky, Click Yes.
* Turn off the real time scanner of any existing antivirus program while performing the online scan
__________________
|
|
|
|
|
07-10-2006, 07:08 PM
|
#4 (permalink) |
|
Registered User
Join Date: Jul 2006
Posts: 9
OS: XP sp 2
|
In IE when I click on the online scan, it opens another window which quickly closes. I tried with firefox and it gives me an accept window, which said this only works in IE 5 or greater. I don't see any ActiveX settings. I did disable norton A/V and worm.
Nevermind I left Ad-watch on, it was blocking. Last edited by moosebanna; 07-10-2006 at 07:15 PM. |
|
|
|
|
07-10-2006, 10:25 PM
|
#5 (permalink) |
|
Registered User
Join Date: Jul 2006
Posts: 9
OS: XP sp 2
|
I did the hoster restore. He is my Kaspersky scan log:
------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER REPORT Tuesday, July 11, 2006 12:21:47 AM Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.83.0 Kaspersky Anti-Virus database last update: 11/07/2006 Kaspersky Anti-Virus database records: 206321 ------------------------------------------------------------------------------- Scan Settings: Scan using the following antivirus database: extended Scan Archives: true Scan Mail Bases: true Scan Target - My Computer: A:\ C:\ D:\ E:\ M:\ V:\ Scan Statistics: Total number of scanned objects: 177637 Number of viruses found: 45 Number of infected objects: 182 / 0 Number of suspicious objects: 0 Duration of the scan process: 02:59:48 Infected Object Name / Virus Name / Last Action C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\03d4c551b87a3514f51e9389acf18d22_1a7b7f9b-a655-4bca-950e-1c12c832a26c Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp Object is locked skipped C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Windows Defender\Support\WDLog-05062006-165915.log Object is locked skipped C:\Documents and Settings\All Users.WINDOWS\Application Data\Symantec\Common Client\settings.dat Object is locked skipped C:\Documents and Settings\All Users.WINDOWS\Application Data\Symantec\LiveUpdate\2006-07-10_Log.ALUSchedulerSvc.LiveUpdate Object is locked skipped C:\Documents and Settings\LocalService.NT AUTHORITY\Cookies\index.dat Object is locked skipped C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\History\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService.NT AUTHORITY\NTUSER.DAT Object is locked skipped C:\Documents and Settings\LocalService.NT AUTHORITY\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\Moustafa Banna.MOOSEBANNA\Application Data\Aim\moosebanna\cert8.db Object is locked skipped C:\Documents and Settings\Moustafa Banna.MOOSEBANNA\Application Data\Aim\moosebanna\key3.db Object is locked skipped C:\Documents and Settings\Moustafa Banna.MOOSEBANNA\Application Data\Mozilla\Firefox\Profiles\cndxzq5r.default\cert8.db Object is locked skipped C:\Documents and Settings\Moustafa Banna.MOOSEBANNA\Application Data\Mozilla\Firefox\Profiles\cndxzq5r.default\history.dat Object is locked skipped C:\Documents and Settings\Moustafa Banna.MOOSEBANNA\Application Data\Mozilla\Firefox\Profiles\cndxzq5r.default\key3.db Object is locked skipped C:\Documents and Settings\Moustafa Banna.MOOSEBANNA\Application Data\Mozilla\Firefox\Profiles\cndxzq5r.default\parent.lock Object is locked skipped C:\Documents and Settings\Moustafa Banna.MOOSEBANNA\Cookies\index.dat Object is locked skipped C:\Documents and Settings\Moustafa Banna.MOOSEBANNA\Local Settings\Application Data\Microsoft\Messenger\moosebanna@hotmail.com\SharingMetadata\infected.dat Object is locked skipped C:\Documents and Settings\Moustafa Banna.MOOSEBANNA\Local Settings\Application Data\Microsoft\Messenger\moosebanna@hotmail.com\SharingMetadata\Logs\Dfsr.log Object is locked skipped C:\Documents and Settings\Moustafa Banna.MOOSEBANNA\Local Settings\Application Data\Microsoft\Messenger\moosebanna@hotmail.com\SharingMetadata\pending.dat Object is locked skipped C:\Documents and Settings\Moustafa Banna.MOOSEBANNA\Local Settings\Application Data\Microsoft\Messenger\moosebanna@hotmail.com\SharingMetadata\Working\database_B020_175C_2017_28BC\dfsr.db Object is locked skipped C:\Documents and Settings\Moustafa Banna.MOOSEBANNA\Local Settings\Application Data\Microsoft\Messenger\moosebanna@hotmail.com\SharingMetadata\Working\database_B020_175C_2017_28BC\fsr.log Object is locked skipped C:\Documents and Settings\Moustafa Banna.MOOSEBANNA\Local Settings\Application Data\Microsoft\Messenger\moosebanna@hotmail.com\SharingMetadata\Working\database_B020_175C_2017_28BC\fsrtmp.log Object is locked skipped C:\Documents and Settings\Moustafa Banna.MOOSEBANNA\Local Settings\Application Data\Microsoft\Messenger\moosebanna@hotmail.com\SharingMetadata\Working\database_B020_175C_2017_28BC\tmp.edb Object is locked skipped C:\Documents and Settings\Moustafa Banna.MOOSEBANNA\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\Moustafa Banna.MOOSEBANNA\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\Moustafa Banna.MOOSEBANNA\Local Settings\Application Data\Microsoft\Windows Defender\FileTracker\{348F92AB-957B-4BDD-A870-AF408C421158} Object is locked skipped C:\Documents and Settings\Moustafa Banna.MOOSEBANNA\Local Settings\Application Data\Microsoft\Windows Defender\FileTracker\{448CAB57-43D1-4293-A49B-9744A94AD070} Object is locked skipped C:\Documents and Settings\Moustafa Banna.MOOSEBANNA\Local Settings\Application Data\Microsoft\Windows Defender\FileTracker\{8F4DAAE7-F5D3-454B-B178-2E1B2145ADB2} Object is locked skipped C:\Documents and Settings\Moustafa Banna.MOOSEBANNA\Local Settings\Application Data\Microsoft\Windows Defender\FileTracker\{A7E7A146-14F5-4184-AE22-F9F14930AC01} Object is locked skipped C:\Documents and Settings\Moustafa Banna.MOOSEBANNA\Local Settings\Application Data\Microsoft\Windows Defender\FileTracker\{FA1B79CB-7705-43AD-AF87-751F2DE1F53A} Object is locked skipped C:\Documents and Settings\Moustafa Banna.MOOSEBANNA\Local Settings\Application Data\Microsoft\Windows Defender\FileTracker\{FDBF9851-67F7-4E41-B049-C63D0E6F67B6} Object is locked skipped C:\Documents and Settings\Moustafa Banna.MOOSEBANNA\Local Settings\Application Data\Microsoft\Windows Live Contacts\moosebanna@hotmail.com\real\members.stg Object is locked skipped C:\Documents and Settings\Moustafa Banna.MOOSEBANNA\Local Settings\Application Data\Microsoft\Windows Live Contacts\moosebanna@hotmail.com\shadow\members.stg Object is locked skipped C:\Documents and Settings\Moustafa Banna.MOOSEBANNA\Local Settings\Application Data\Mozilla\Firefox\Profiles\cndxzq5r.default\Cache\_CACHE_001_ Object is locked skipped C:\Documents and Settings\Moustafa Banna.MOOSEBANNA\Local Settings\Application Data\Mozilla\Firefox\Profiles\cndxzq5r.default\Cache\_CACHE_002_ Object is locked skipped C:\Documents and Settings\Moustafa Banna.MOOSEBANNA\Local Settings\Application Data\Mozilla\Firefox\Profiles\cndxzq5r.default\Cache\_CACHE_003_ Object is locked skipped C:\Documents and Settings\Moustafa Banna.MOOSEBANNA\Local Settings\Application Data\Mozilla\Firefox\Profiles\cndxzq5r.default\Cache\_CACHE_MAP_ Object is locked skipped C:\Documents and Settings\Moustafa Banna.MOOSEBANNA\Local Settings\History\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\Moustafa Banna.MOOSEBANNA\Local Settings\History\History.IE5\MSHist012006071020060711\index.dat Object is locked skipped C:\Documents and Settings\Moustafa Banna.MOOSEBANNA\Local Settings\Temp\~DF1E75.tmp Object is locked skipped C:\Documents and Settings\Moustafa Banna.MOOSEBANNA\Local Settings\Temp\~DF1E92.tmp Object is locked skipped C:\Documents and Settings\Moustafa Banna.MOOSEBANNA\Local Settings\Temp\~DF5329.tmp Object is locked skipped C:\Documents and Settings\Moustafa Banna.MOOSEBANNA\Local Settings\Temp\~DF5380.tmp Object is locked skipped C:\Documents and Settings\Moustafa Banna.MOOSEBANNA\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\Moustafa Banna.MOOSEBANNA\NTUSER.DAT Object is locked skipped C:\Documents and Settings\Moustafa Banna.MOOSEBANNA\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\Moustafa Banna.MOOSEBANNA\UserData\index.dat Object is locked skipped C:\Documents and Settings\NetworkService.NT AUTHORITY\Cookies\index.dat Object is locked skipped C:\Documents and Settings\NetworkService.NT AUTHORITY\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\NetworkService.NT AUTHORITY\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService.NT AUTHORITY\Local Settings\History\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\NetworkService.NT AUTHORITY\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\NetworkService.NT AUTHORITY\NTUSER.DAT Object is locked skipped C:\Documents and Settings\NetworkService.NT AUTHORITY\ntuser.dat.LOG Object is locked skipped C:\Program Files\Common Files\Skyscape\smARTupdate.log Object is locked skipped C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcrst.dll Object is locked skipped C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsys.dll Object is locked skipped C:\Program Files\Common Files\Symantec Shared\SNDALRT.log Object is locked skipped C:\Program Files\Common Files\Symantec Shared\SNDCON.log Object is locked skipped C:\Program Files\Common Files\Symantec Shared\SNDDBG.log Object is locked skipped C:\Program Files\Common Files\Symantec Shared\SNDFW.log Object is locked skipped C:\Program Files\Common Files\Symantec Shared\SNDIDS.log Object is locked skipped C:\Program Files\Common Files\Symantec Shared\SNDSYS.log Object is locked skipped C:\Program Files\Common Files\Symantec Shared\SPPolicy.log Object is locked skipped C:\Program Files\Common Files\Symantec Shared\SPStart.log Object is locked skipped C:\Program Files\Common Files\Symantec Shared\SPStop.log Object is locked skipped C:\Program Files\One-VA VPN Client\Certificates\CAAAAAAA.CDX Object is locked skipped C:\Program Files\One-VA VPN Client\Certificates\CAAAAAAA.DBF Object is locked skipped C:\Program Files\One-VA VPN Client\Certificates\CAAAAAAA.FPT Object is locked skipped C:\Program Files\One-VA VPN Client\Certificates\CBAAAAAA.CDX Object is locked skipped C:\Program Files\One-VA VPN Client\Certificates\CBAAAAAA.DBF Object is locked skipped C:\Program Files\One-VA VPN Client\Certificates\CBAAAAAA.FPT Object is locked skipped C:\Program Files\One-VA VPN Client\Certificates\CCAAAAAA.CDX Object is locked skipped C:\Program Files\One-VA VPN Client\Certificates\CCAAAAAA.DBF Object is locked skipped C:\Program Files\One-VA VPN Client\Certificates\CCAAAAAA.FPT Object is locked skipped C:\Program Files\One-VA VPN Client\Certificates\CDAAAAAA.CDX Object is locked skipped C:\Program Files\One-VA VPN Client\Certificates\CDAAAAAA.DBF Object is locked skipped C:\Program Files\One-VA VPN Client\Certificates\CDAAAAAA.FPT Object is locked skipped C:\Program Files\One-VA VPN Client\Certificates\PAAAAAAA.CDX Object is locked skipped C:\Program Files\One-VA VPN Client\Certificates\PAAAAAAA.DBF Object is locked skipped C:\Program Files\One-VA VPN Client\Certificates\PAAAAAAA.FPT Object is locked skipped C:\Program Files\One-VA VPN Client\Certificates\PBAAAAAA.CDX Object is locked skipped C:\Program Files\One-VA VPN Client\Certificates\PBAAAAAA.DBF Object is locked skipped C:\Program Files\One-VA VPN Client\Certificates\PBAAAAAA.FPT Object is locked skipped C:\Program Files\One-VA VPN Client\Certificates\PCAAAAAA.CDX Object is locked skipped C:\Program Files\One-VA VPN Client\Certificates\PCAAAAAA.DBF Object is locked skipped C:\Program Files\One-VA VPN Client\Certificates\PCAAAAAA.FPT Object is locked skipped C:\Program Files\One-VA VPN Client\Certificates\PDAAAAAA.CDX Object is locked skipped C:\Program Files\One-VA VPN Client\Certificates\PDAAAAAA.DBF Object is locked skipped C:\Program Files\One-VA VPN Client\Certificates\PDAAAAAA.FPT Object is locked skipped C:\Program Files\One-VA VPN Client\Certificates\RAAAAAAA.CDX Object is locked skipped C:\Program Files\One-VA VPN Client\Certificates\RAAAAAAA.DBF Object is locked skipped C:\Program Files\One-VA VPN Client\Certificates\RAAAAAAA.FPT Object is locked skipped C:\Program Files\One-VA VPN Client\Certificates\RBAAAAAA.CDX Object is locked skipped C:\Program Files\One-VA VPN Client\Certificates\RBAAAAAA.DBF Object is locked skipped C:\Program Files\One-VA VPN Client\Certificates\RBAAAAAA.FPT Object is locked skipped C:\Program Files\One-VA VPN Client\Certificates\RCAAAAAA.CDX Object is locked skipped C:\Program Files\One-VA VPN Client\Certificates\RCAAAAAA.DBF Object is locked skipped C:\Program Files\One-VA VPN Client\Certificates\RCAAAAAA.FPT Object is locked skipped C:\Program Files\One-VA VPN Client\Certificates\RDAAAAAA.CDX Object is locked skipped C:\Program Files\One-VA VPN Client\Certificates\RDAAAAAA.DBF Object is locked skipped C:\Program Files\One-VA VPN Client\Certificates\RDAAAAAA.FPT Object is locked skipped C:\Program Files\One-VA VPN Client\Certificates\RSADB.CDX Object is locked skipped C:\Program Files\One-VA VPN Client\Certificates\RSADB.DBF Object is locked skipped C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped C:\System Volume Information\_restore{F0BE623C-F3B7-43A1-8229-505E2FAEBB56}\RP827\change.log Object is locked skipped C:\WINDOWS\$_hpcst$.hpc Object is locked skipped C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\SchedLgU.Txt Object is locked skipped C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped C:\WINDOWS\Sti_Trace.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\default Object is locked skipped C:\WINDOWS\system32\config\default.LOG Object is locked skipped C:\WINDOWS\system32\config\SAM Object is locked skipped C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SECURITY Object is locked skipped C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped C:\WINDOWS\system32\config\software Object is locked skipped C:\WINDOWS\system32\config\software.LOG Object is locked skipped C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\system Object is locked skipped C:\WINDOWS\system32\config\system.LOG Object is locked skipped C:\WINDOWS\system32\h323log.txt Object is locked skipped C:\WINDOWS\system32\LogFiles\HTTPERR\httperr1.log Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped C:\WINDOWS\Temp\Perflib_Perfdata_948.dat Object is locked skipped C:\WINDOWS\wiadebug.log Object is locked skipped C:\WINDOWS\wiaservc.log Object is locked skipped C:\WINDOWS\WindowsUpdate.log Object is locked skipped D:\Moustafa Banna\Outlook Express\backup.pst/Personal Folders/Sent Items/27 Feb 2003 01:54 to amee@cwru.edu:Emailing: CUTE4032, CuteFtp_v/CUTE4032.EXE/WISE0011.BIN/CTInstall.exe Infected: not-a-virus:AdWare.Win32.TimeSink skipped D:\Moustafa Banna\Outlook Express\backup.pst/Personal Folders/Sent Items/27 Feb 2003 01:54 to amee@cwru.edu:Emailing: CUTE4032, CuteFtp_v/CUTE4032.EXE/WISE0011.BIN/SimpleRegistration.dll Infected: not-a-virus:AdWare.Win32.TimeSink skipped D:\Moustafa Banna\Outlook Express\backup.pst/Personal Folders/Sent Items/27 Feb 2003 01:54 to amee@cwru.edu:Emailing: CUTE4032, CuteFtp_v/CUTE4032.EXE/WISE0011.BIN/tsad.dll Infected: not-a-virus:AdWare.Win32.TimeSink skipped D:\Moustafa Banna\Outlook Express\backup.pst/Personal Folders/Sent Items/27 Feb 2003 01:54 to amee@cwru.edu:Emailing: CUTE4032, CuteFtp_v/CUTE4032.EXE/WISE0011.BIN/TSUninstaller.exe Infected: not-a-virus:AdWare.Win32.TimeSink skipped D:\Moustafa Banna\Outlook Express\backup.pst/Personal Folders/Sent Items/27 Feb 2003 01:54 to amee@cwru.edu:Emailing: CUTE4032, CuteFtp_v/CUTE4032.EXE/WISE0011.BIN Infected: not-a-virus:AdWare.Win32.TimeSink skipped D:\Moustafa Banna\Outlook Express\backup.pst/Personal Folders/Sent Items/27 Feb 2003 01:54 to amee@cwru.edu:Emailing: CUTE4032, CuteFtp_v/CUTE4032.EXE Infected: not-a-virus:AdWare.Win32.TimeSink skipped D:\Moustafa Banna\Outlook Express\backup.pst Mail MS Mail: infected - 6 skipped D:\Program Files\GlobalSCAPE\CuteFTP\CTInstall.exe Infected: not-a-virus:AdWare.Win32.TimeSink skipped D:\Program Files\No-IP\DUC - Moustafa Banna.log Object is locked skipped D:\Program Files\Norton AntiVirus\AVApp.log Object is locked skipped D:\Program Files\Norton AntiVirus\AVError.log Object is locked skipped D:\Program Files\Norton AntiVirus\AVVirus.log Object is locked skipped D:\Program Files\Norton AntiVirus\Quarantine\03264A4F.tmp Infected: Trojan-Downloader.Java.OpenConnection.aj skipped D:\Program Files\Norton AntiVirus\Quarantine\09EB6072.exe Infected: not-a-virus:AdWare.Win32.CashFiesta.a skipped D:\Program Files\Norton AntiVirus\Quarantine\19781B9B/sau.exe Infected: not-a-virus:AdWare.Win32.180Solutions skipped D:\Program Files\Norton AntiVirus\Quarantine\19781B9B CAB: infected - 1 skipped D:\Program Files\Norton AntiVirus\Quarantine\19781B9B MimarSinan: infected - 1 skipped D:\Program Files\Norton AntiVirus\Quarantine\19781B9B UPX: infected - 1 skipped D:\Program Files\Norton AntiVirus\Quarantine\19781B9B CryptFF: infected - 1 skipped D:\Program Files\Norton AntiVirus\Quarantine\205A7EB1.cla Infected: Trojan-Downloader.Java.OpenStream.z skipped D:\Program Files\Norton AntiVirus\Quarantine\28DB1AEC.tmp Infected: Trojan-Downloader.Java.OpenStream.z skipped D:\Program Files\Norton AntiVirus\Quarantine\29756325 Infected: Trojan-Dropper.Win32.Yabinder.102 skipped D:\Program Files\Norton AntiVirus\Quarantine\2983166A.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c skipped D:\Program Files\Norton AntiVirus\Quarantine\2983166A.zip/InsecureClassLoader.class Infected: Exploit.Java.ByteVerify skipped D:\Program Files\Norton AntiVirus\Quarantine\2983166A.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a skipped D:\Program Files\Norton AntiVirus\Quarantine\2983166A.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v skipped D:\Program Files\Norton AntiVirus\Quarantine\2983166A.zip ZIP: infected - 4 skipped D:\Program Files\Norton AntiVirus\Quarantine\2983166A.zip CryptFF: infected - 4 skipped D:\Program Files\Norton AntiVirus\Quarantine\3A0A70A6.tmp Infected: Trojan-Downloader.Java.OpenConnection.aj skipped D:\Program Files\Norton AntiVirus\Quarantine\4F5476B1/InpB/SskBho.dll Infected: not-a-virus:AdWare.Win32.TotalVelocity.v skipped D:\Program Files\Norton AntiVirus\Quarantine\4F5476B1/InpB/SskCore.dll Infected: not-a-virus:AdWare.Win32.TotalVelocity.ag skipped D:\Program Files\Norton AntiVirus\Quarantine\4F5476B1/InpB/Ssk.exe Infected: not-a-virus:AdWare.Win32.TotalVelocity.ag skipped D:\Program Files\Norton AntiVirus\Quarantine\4F5476B1/InpB Infected: not-a-virus:AdWare.Win32.TotalVelocity.ag skipped D:\Program Files\Norton AntiVirus\Quarantine\4F5476B1 CAB: infected - 4 skipped D:\Program Files\Norton AntiVirus\Quarantine\4F5476B1 CryptFF: infected - 4 skipped D:\Program Files\Norton AntiVirus\Quarantine\508A3E52 Infected: Trojan-Dropper.Win32.SurfSide.a skipped D:\Program Files\Norton AntiVirus\Quarantine\544769AA.cla Infected: Trojan-Downloader.Java.OpenConnection.aj skipped D:\Program Files\Norton AntiVirus\Quarantine\60216086.class Infected: Trojan-Downloader.Java.OpenStream.w skipped D:\Program Files\Norton AntiVirus\Quarantine\66EC55B6 Infected: not-a-virus:AdWare.Win32.SurfSide.a skipped D:\Program Files\Norton AntiVirus\Quarantine\66F07FB3 Infected: Trojan-Dropper.Win32.SurfSide.a skipped D:\Program Files\Norton AntiVirus\Quarantine\6F44349C.cla Infected: Trojan-Downloader.Java.OpenConnection.aj skipped D:\Program Files\Norton AntiVirus\Quarantine\7EBF5804 Infected: not-a-virus:AdWare.Win32.SurfSide.a skipped D:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\36D07E9F Infected: Trojan.JS.Offiz skipped D:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\620C1129 Infected: Trojan.JS.Offiz skipped D:\Program Files\Serv-U\ServUDaemon.BAK Infected: not-a-virus:Server-FTP.Win32.Serv-U.5000 skipped D:\Program Files\Serv-U\ServUDaemon.exe Infected: not-a-virus:Server-FTP.Win32.Serv-U.5000 skipped D:\Program Files\Serv-U\ServUTray.exe Infected: not-a-virus:Server-FTP.Win32.Serv-U.5201 skipped D:\Serv-U\Serv-U32.exe Infected: not-a-virus:Server-FTP.Win32.Serv-U.24.a skipped D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped M:\aeb6d34b43e61b4\6to4svc.dll Object is locked skipped M:\aeb6d34b43e61b4\ac97ali.sys Object is locked skipped M:\aeb6d34b43e61b4\ac97via.sys Object is locked skipped M:\aeb6d34b43e61b4\acgenral.dll Object is locked skipped M:\aeb6d34b43e61b4\aclayers.dll Object is locked skipped M:\aeb6d34b43e61b4\aclua.dll Object is locked skipped M:\aeb6d34b43e61b4\acpi.sys Object is locked skipped M:\aeb6d34b43e61b4\acspecfc.dll Object is locked skipped M:\aeb6d34b43e61b4\activ.htm Object is locked skipped M:\aeb6d34b43e61b4\activsvc.htm Object is locked skipped M:\aeb6d34b43e61b4\actlan.htm Object is locked skipped M:\aeb6d34b43e61b4\actshell.htm Object is locked skipped M:\aeb6d34b43e61b4\acverfyr.dll Object is locked skipped M:\aeb6d34b43e61b4\acxtrnal.dll Object is locked skipped M:\aeb6d34b43e61b4\adeskerr.htm Object is locked skipped M:\aeb6d34b43e61b4\admin.dll Object is locked skipped M:\aeb6d34b43e61b4\admin.exe Object is locked skipped M:\aeb6d34b43e61b4\admjoy.sys Object is locked skipped M:\aeb6d34b43e61b4\adsldp.dll Object is locked skipped M:\aeb6d34b43e61b4\adsldpc.dll Object is locked skipped M:\aeb6d34b43e61b4\adsmsext.dll Object is locked skipped M:\aeb6d34b43e61b4\adsnt.dll Object is locked skipped M:\aeb6d34b43e61b4\advapi32.dll Object is locked skipped M:\aeb6d34b43e61b4\advpack.dll Object is locked skipped M:\aeb6d34b43e61b4\aec.sys Object is locked skipped M:\aeb6d34b43e61b4\afd.sys Object is locked skipped M:\aeb6d34b43e61b4\ahui.exe Object is locked skipped M:\aeb6d34b43e61b4\alg.exe Object is locked skipped M:\aeb6d34b43e61b4\amdk6.sys Object is locked skipped M:\aeb6d34b43e61b4\amdk7.sys Object is locked skipped M:\aeb6d34b43e61b4\an983.sys Object is locked skipped M:\aeb6d34b43e61b4\apphelp.dll Object is locked skipped M:\aeb6d34b43e61b4\apphelp.sdb Object is locked skipped M:\aeb6d34b43e61b4\apps.chm Object is locked skipped M:\aeb6d34b43e61b4\appwiz.cpl Object is locked skipped M:\aeb6d34b43e61b4\arial.ttf Object is locked skipped M:\aeb6d34b43e61b4\arp1394.sys Object is locked skipped M:\aeb6d34b43e61b4\asctrls.ocx Object is locked skipped M:\aeb6d34b43e61b4\asferror.dll Object is locked skipped M:\aeb6d34b43e61b4\asfsipc.dll Object is locked skipped M:\aeb6d34b43e61b4\asms\10100\msft\windows\gdiplus\gdiplus.cat Object is locked skipped M:\aeb6d34b43e61b4\asms\10100\msft\windows\gdiplus\gdiplus.dll Object is locked skipped M:\aeb6d34b43e61b4\asms\10100\msft\windows\gdiplus\gdiplus.man Object is locked skipped M:\aeb6d34b43e61b4\asms\10100\policy\msft\windows\gdiplus\gdiplus.cat Object is locked skipped M:\aeb6d34b43e61b4\asms\10100\policy\msft\windows\gdiplus\gdiplus.man Object is locked skipped M:\aeb6d34b43e61b4\asms\60100\msft\windows\common\controls\comctl32.dll Object is locked skipped M:\aeb6d34b43e61b4\asms\60100\msft\windows\common\controls\controls.cat Object is locked skipped M:\aeb6d34b43e61b4\asms\60100\msft\windows\common\controls\controls.man Object is locked skipped M:\aeb6d34b43e61b4\asms\60100\policy\60100\comctl\comctl.cat Object is locked skipped M:\aeb6d34b43e61b4\asms\60100\policy\60100\comctl\comctl.man Object is locked skipped M:\aeb6d34b43e61b4\asms\70100\msft\windows\mswincrt\msvcirt.dll Object is locked skipped M:\aeb6d34b43e61b4\asms\70100\msft\windows\mswincrt\msvcrt.dll Object is locked skipped M:\aeb6d34b43e61b4\asms\70100\msft\windows\mswincrt\mswincrt.cat Object is locked skipped M:\aeb6d34b43e61b4\asms\70100\msft\windows\mswincrt\mswincrt.man Object is locked skipped M:\aeb6d34b43e61b4\asms\70100\policy\msft\mswincrt\mswincrt.cat Object is locked skipped M:\aeb6d34b43e61b4\asms\70100\policy\msft\mswincrt\mswincrt.man Object is locked skipped M:\aeb6d34b43e61b4\at.exe Object is locked skipped M:\aeb6d34b43e61b4\atapi.sys Object is locked skipped M:\aeb6d34b43e61b4\ati2dvaa.dll Object is locked skipped M:\aeb6d34b43e61b4\ati2dvag.dll Object is locked skipped M:\aeb6d34b43e61b4\ati2mtaa.sys Object is locked skipped M:\aeb6d34b43e61b4\ati2mtag.sys Object is locked skipped M:\aeb6d34b43e61b4\ati3d1ag.dll Object is locked skipped M:\aeb6d34b43e61b4\ati3d2ag.dll Object is locked skipped M:\aeb6d34b43e61b4\atinbtxx.sys Object is locked skipped M:\aeb6d34b43e61b4\atinmdxx.sys Object is locked skipped M:\aeb6d34b43e61b4\atinpdxx.sys Object is locked skipped M:\aeb6d34b43e61b4\atinraxx.sys Object is locked skipped M:\aeb6d34b43e61b4\atinrvxx.sys Object is locked skipped M:\aeb6d34b43e61b4\atinsnxx.sys Object is locked skipped M:\aeb6d34b43e61b4\atinttxx.sys Object is locked skipped M:\aeb6d34b43e61b4\atintuxx.sys Object is locked skipped M:\aeb6d34b43e61b4\atinxbxx.sys Object is locked skipped M:\aeb6d34b43e61b4\atinxsxx.sys Object is locked skipped M:\aeb6d34b43e61b4\atiradn1.inf Object is locked skipped M:\aeb6d34b43e61b4\ativdaxx.ax Object is locked skipped M:\aeb6d34b43e61b4\ativmvxx.ax Object is locked skipped M:\aeb6d34b43e61b4\atl.dll Object is locked skipped M:\aeb6d34b43e61b4\atmlane.sys Object is locked skipped M:\aeb6d34b43e61b4\audiosrv.dll Object is locked skipped M:\aeb6d34b43e61b4\author.dll Object is locked skipped M:\aeb6d34b43e61b4\author.exe Object is locked skipped M:\aeb6d34b43e61b4\autochk.exe Object is locked skipped M:\aeb6d34b43e61b4\autolfn.exe Object is locked skipped M:\aeb6d34b43e61b4\auupdate.exe Object is locked skipped M:\aeb6d34b43e61b4\avc.sys Object is locked skipped M:\aeb6d34b43e61b4\avifil32.dll Object is locked skipped M:\aeb6d34b43e61b4\basesrv.dll Object is locked skipped M:\aeb6d34b43e61b4\batt.dll Object is locked skipped M:\aeb6d34b43e61b4\bridge.sys Object is locked skipped M:\aeb6d34b43e61b4\browselc.dll Object is locked skipped M:\aeb6d34b43e61b4\browser.dll Object is locked skipped M:\aeb6d34b43e61b4\browseui.dll Object is locked skipped M:\aeb6d34b43e61b4\browsewm.dll Object is locked skipped M:\aeb6d34b43e61b4\cabinet.dll Object is locked skipped M:\aeb6d34b43e61b4\callcont.dll Object is locked skipped M:\aeb6d34b43e61b4\catsrvut.dll Object is locked skipped M:\aeb6d34b43e61b4\ccdecode.sys Object is locked skipped M:\aeb6d34b43e61b4\cdfs.sys Object is locked skipped M:\aeb6d34b43e61b4\cdm.dll Object is locked skipped M:\aeb6d34b43e61b4\cdrom.sys Object is locked skipped M:\aeb6d34b43e61b4\certcli.dll Object is locked skipped M:\aeb6d34b43e61b4\cewmdm.dll Object is locked skipped M:\aeb6d34b43e61b4\cfgbkend.dll Object is locked skipped M:\aeb6d34b43e61b4\cfgwiz.exe Object is locked skipped M:\aeb6d34b43e61b4\cimwin32.dll Object is locked skipped M:\aeb6d34b43e61b4\ciodm.dll Object is locked skipped M:\aeb6d34b43e61b4\classpnp.sys Object is locked skipped M:\aeb6d34b43e61b4\clipbrd.exe Object is locked skipped M:\aeb6d34b43e61b4\clusapi.dll Object is locked skipped M:\aeb6d34b43e61b4\cmbatt.sys Object is locked skipped M:\aeb6d34b43e61b4\cmdial32.dll Object is locked skipped M:\aeb6d34b43e61b4\cmdl32.exe Object is locked skipped M:\aeb6d34b43e61b4\comadmin.dll Object is locked skipped M:\aeb6d34b43e61b4\comctl32.dll Object is locked skipped M:\aeb6d34b43e61b4\comdlg32.dll Object is locked skipped M:\aeb6d34b43e61b4\compatui.dll Object is locked skipped M:\aeb6d34b43e61b4\comsvcs.dll Object is locked skipped M:\aeb6d34b43e61b4\conf.exe Object is locked skipped M:\aeb6d34b43e61b4\conime.exe Object is locked skipped M:\aeb6d34b43e61b4\copymar.exe Object is locked skipped M:\aeb6d34b43e61b4\courtney.acs Object is locked skipped M:\aeb6d34b43e61b4\credui.dll Object is locked skipped M:\aeb6d34b43e61b4\crusoe.sys Object is locked skipped M:\aeb6d34b43e61b4\crypt32.dll Object is locked skipped M:\aeb6d34b43e61b4\cryptdlg.dll Object is locked skipped M:\aeb6d34b43e61b4\cryptsvc.dll Object is locked skipped M:\aeb6d34b43e61b4\cryptui.dll Object is locked skipped M:\aeb6d34b43e61b4\cscui.dll Object is locked skipped M:\aeb6d34b43e61b4\csrsrv.dll Object is locked skipped M:\aeb6d34b43e61b4\ctfmon.exe Object is locked skipped M:\aeb6d34b43e61b4\custdial.dll Object is locked skipped M:\aeb6d34b43e61b4\d3d8.dll Object is locked skipped M:\aeb6d34b43e61b4\danim.dll Object is locked skipped M:\aeb6d34b43e61b4\dbghelp.dll Object is locked skipped M:\aeb6d34b43e61b4\dbmsadsn.dll Object is locked skipped M:\aeb6d34b43e61b4\dbmsrpcn.dll Object is locked skipped M:\aeb6d34b43e61b4\dbmsvinn.dll Object is locked skipped M:\aeb6d34b43e61b4\dbnetlib.dll Object is locked skipped M:\aeb6d34b43e61b4\dbnmpntw.dll Object is locked skipped M:\aeb6d34b43e61b4\dcache.bin Object is locked skipped M:\aeb6d34b43e61b4\dcap32.dll Object is locked skipped M:\aeb6d34b43e61b4\ddraw.dll Object is locked skipped M:\aeb6d34b43e61b4\defrag.exe Object is locked skipped M:\aeb6d34b43e61b4\desk.cpl Object is locked skipped M:\aeb6d34b43e61b4\devmgr.dll Object is locked skipped M:\aeb6d34b43e61b4\dfrgfat.exe Object is locked skipped M:\aeb6d34b43e61b4\dfrgntfs.exe Object is locked skipped M:\aeb6d34b43e61b4\dfrgsnap.dll Object is locked skipped M:\aeb6d34b43e61b4\dfrgui.dll Object is locked skipped M:\aeb6d34b43e61b4\dfsshlex.dll Object is locked skipped M:\aeb6d34b43e61b4\dgnet.dll Object is locked skipped M:\aeb6d34b43e61b4\dhcpcsvc.dll Object is locked skipped M:\aeb6d34b43e61b4\dhtmled.ocx Object is locked skipped M:\aeb6d34b43e61b4\digest.dll Object is locked skipped M:\aeb6d34b43e61b4\dinput.dll Object is locked skipped M:\aeb6d34b43e61b4\dinput8.dll Object is locked skipped M:\aeb6d34b43e61b4\disk.sys Object is locked skipped M:\aeb6d34b43e61b4\diskdump.sys Object is locked skipped M:\aeb6d34b43e61b4\dlimport.exe Object is locked skipped M:\aeb6d34b43e61b4\dmband.dll Object is locked skipped M:\aeb6d34b43e61b4\dmcompos.dll Object is locked skipped M:\aeb6d34b43e61b4\dmime.dll Object is locked skipped M:\aeb6d34b43e61b4\dmloader.dll Object is locked skipped M:\aeb6d34b43e61b4\dmscript.dll Object is locked skipped M:\aeb6d34b43e61b4\dmstyle.dll Object is locked skipped M:\aeb6d34b43e61b4\dmusic.dll Object is locked skipped M:\aeb6d34b43e61b4\dnsapi.dll Object is locked skipped M:\aeb6d34b43e61b4\docprop2.dll Object is locked skipped M:\aeb6d34b43e61b4\download\log.dll._p Object is locked skipped M:\aeb6d34b43e61b4\download\logagent.exe._p Object is locked skipped M:\aeb6d34b43e61b4\download\logon.scr._p Object is locked skipped M:\aeb6d34b43e61b4\download\logonmgr.dll._p Object is locked skipped M:\aeb6d34b43e61b4\download\logonui.exe._p Object is locked skipped M:\aeb6d34b43e61b4\download\lsasrv.dll._p Object is locked skipped M:\aeb6d34b43e61b4\download\lsass.exe._p Object is locked skipped M:\aeb6d34b43e61b4\download\ltmdmnt.sys._p Object is locked skipped M:\aeb6d34b43e61b4\dpnet.dll Object is locked skipped M:\aeb6d34b43e61b4\dpnhpast.dll Object is locked skipped M:\aeb6d34b43e61b4\dpnhupnp.dll Object is locked skipped M:\aeb6d34b43e61b4\dpvoice.dll Object is locked skipped M:\aeb6d34b43e61b4\dpvsetup.exe Object is locked skipped M:\aeb6d34b43e61b4\dpwsockx.dll Object is locked skipped M:\aeb6d34b43e61b4\drmclien.dll Object is locked skipped M:\aeb6d34b43e61b4\drmk.sys Object is locked skipped M:\aeb6d34b43e61b4\drmkaud.sys Object is locked skipped M:\aeb6d34b43e61b4\drmstor.dll Object is locked skipped M:\aeb6d34b43e61b4\drmv2clt.dll Object is locked skipped M:\aeb6d34b43e61b4\drvmain.sdb Object is locked skipped M:\aeb6d34b43e61b4\ds32gt.dll Object is locked skipped M:\aeb6d34b43e61b4\dshowext.ax Object is locked skipped M:\aeb6d34b43e61b4\dsprop.dll Object is locked skipped M:\aeb6d34b43e61b4\dsquery.dll Object is locked skipped M:\aeb6d34b43e61b4\dssenh.dll Object is locked skipped M:\aeb6d34b43e61b4\dumprep.exe Object is locked skipped M:\aeb6d34b43e61b4\duser.dll Object is locked skipped M:\aeb6d34b43e61b4\dw.exe Object is locked skipped M:\aeb6d34b43e61b4\dwwin.exe Object is locked skipped M:\aeb6d34b43e61b4\dxdiag.exe Object is locked skipped M:\aeb6d34b43e61b4\dxg.sys Object is locked skipped M:\aeb6d34b43e61b4\dxmasf.dll Object is locked skipped M:\aeb6d34b43e61b4\dxmrtp.dll Object is locked skipped M:\aeb6d34b43e61b4\dxtmsft.dll Object is locked skipped M:\aeb6d34b43e61b4\dxtrans.dll Object is locked skipped M:\aeb6d34b43e61b4\earl.acs Object is locked skipped M:\aeb6d34b43e61b4\els.dll Object is locked skipped M:\aeb6d34b43e61b4\ersvc.dll Object is locked skipped M:\aeb6d34b43e61b4\es.dll Object is locked skipped M:\aeb6d34b43e61b4\esscli.dll Object is locked skipped M:\aeb6d34b43e61b4\essm2e.sys Object is locked skipped M:\aeb6d34b43e61b4\eudcedit.exe Object is locked skipped M:\aeb6d34b43e61b4\eventlog.dll Object is locked skipped M:\aeb6d34b43e61b4\evntrprv.dll Object is locked skipped M:\aeb6d34b43e61b4\explorer.exe Object is locked skipped M:\aeb6d34b43e61b4\expsrv.dll Object is locked skipped M:\aeb6d34b43e61b4\fastfat.sys Object is locked skipped M:\aeb6d34b43e61b4\fastprox.dll Object is locked skipped M:\aeb6d34b43e61b4\faultrep.dll Object is locked skipped M:\aeb6d34b43e61b4\filelist.xml Object is locked skipped M:\aeb6d34b43e61b4\fldrclnr.dll Object is locked skipped M:\aeb6d34b43e61b4\flpydisk.sys Object is locked skipped M:\aeb6d34b43e61b4\fontview.exe Object is locked skipped M:\aeb6d34b43e61b4\fp4.cat Object is locked skipped M:\aeb6d34b43e61b4\fp40ext.cab Object is locked skipped M:\aeb6d34b43e61b4\fp40ext.dll Object is locked skipped M:\aeb6d34b43e61b4\fp40ext.inf Object is locked skipped M:\aeb6d34b43e61b4\fp4amsft.dll Object is locked skipped M:\aeb6d34b43e61b4\fp4anscp.dll Object is locked skipped M:\aeb6d34b43e61b4\fp4apws.dll Object is locked skipped M:\aeb6d34b43e61b4\fp4areg.dll Object is locked skipped M:\aeb6d34b43e61b4\fp4atxt.dll Object is locked skipped M:\aeb6d34b43e61b4\fp4autl.dll Object is locked skipped M:\aeb6d34b43e61b4\fp4avnb.dll Object is locked skipped M:\aeb6d34b43e61b4\fp4avss.dll Object is locked skipped M:\aeb6d34b43e61b4\fp4awebs.dll Object is locked skipped M:\aeb6d34b43e61b4\fp4awel.dll Object is locked skipped M:\aeb6d34b43e61b4\fp98sadm.exe Object is locked skipped M:\aeb6d34b43e61b4\fp98swin.exe Object is locked skipped M:\aeb6d34b43e61b4\fpadmcgi.exe Object is locked skipped M:\aeb6d34b43e61b4\fpadmdll.dll Object is locked skipped M:\aeb6d34b43e61b4\fpcount.exe Object is locked skipped M:\aeb6d34b43e61b4\fpencode.dll Object is locked skipped M:\aeb6d34b43e61b4\fpexedll.dll Object is locked skipped M:\aeb6d34b43e61b4\fpmmc.dll Object is locked skipped M:\aeb6d34b43e61b4\fpmmcsat.dll Object is locked skipped M:\aeb6d34b43e61b4\fpremadm.exe Object is locked skipped M:\aeb6d34b43e61b4\fpsrvadm.exe Object is locked skipped M:\aeb6d34b43e61b4\framebuf.dll Object is locked skipped M:\aeb6d34b43e61b4\ftp.exe Object is locked skipped M:\aeb6d34b43e61b4\fxsapi.dll Object is locked skipped M:\aeb6d34b43e61b4\fxsclnt.exe Object is locked skipped M:\aeb6d34b43e61b4\fxscomex.dll Object is locked skipped M:\aeb6d34b43e61b4\fxscover.exe Object is locked skipped M:\aeb6d34b43e61b4\fxsdrv.dll Object is locked skipped M:\aeb6d34b43e61b4\fxsext32.dll Object is locked skipped M:\aeb6d34b43e61b4\fxsocm.dll Object is locked skipped M:\aeb6d34b43e61b4\fxsocm.inf Object is locked skipped M:\aeb6d34b43e61b4\fxsperf.dll Object is locked skipped M:\aeb6d34b43e61b4\fxsres.dll Object is locked skipped M:\aeb6d34b43e61b4\fxsst.dll Object is locked skipped M:\aeb6d34b43e61b4\fxssvc.exe Object is locked skipped M:\aeb6d34b43e61b4\fxst30.dll Object is locked skipped M:\aeb6d34b43e61b4\fxstiff.dll Object is locked skipped M:\aeb6d34b43e61b4\fxsui.dll Object is locked skipped M:\aeb6d34b43e61b4\fxswzrd.dll Object is locked skipped M:\aeb6d34b43e61b4\fxsxp32.dll Object is locked skipped M:\aeb6d34b43e61b4\g400.inf Object is locked skipped M:\aeb6d34b43e61b4\gameenum.sys Object is locked skipped M:\aeb6d34b43e61b4\gckernel.sys Object is locked skipped M:\aeb6d34b43e61b4\gdi32.dll Object is locked skipped M:\aeb6d34b43e61b4\georgia.ttf Object is locked skipped M:\aeb6d34b43e61b4\guitrn.dll Object is locked skipped M:\aeb6d34b43e61b4\guitrn_a.dll Object is locked skipped M:\aeb6d34b43e61b4\h323cc.dll Object is locked skipped M:\aeb6d34b43e61b4\hal.dll Object is locked skipped M:\aeb6d34b43e61b4\halaacpi.dll Object is locked skipped M:\aeb6d34b43e61b4\halacpi.dll Object is locked skipped M:\aeb6d34b43e61b4\halapic.dll Object is locked skipped M:\aeb6d34b43e61b4\halmacpi.dll Object is locked skipped M:\aeb6d34b43e61b4\halmps.dll Object is locked skipped M:\aeb6d34b43e61b4\hccoin.dll Object is locked skipped M:\aeb6d34b43e61b4\helpctr.exe Object is locked skipped M:\aeb6d34b43e61b4\helpsvc.exe Object is locked skipped M:\aeb6d34b43e61b4\hh.exe Object is locked skipped M:\aeb6d34b43e61b4\hhctrl.ocx Object is locked skipped M:\aeb6d34b43e61b4\hhsetup.dll Object is locked skipped M:\aeb6d34b43e61b4\hidclass.sys Object is locked skipped M:\aeb6d34b43e61b4\hidir.sys Object is locked skipped M:\aeb6d34b43e61b4\hidserv.dll Object is locked skipped M:\aeb6d34b43e61b4\highcont.mar Object is locked skipped M:\aeb6d34b43e61b4\hmmapi.dll Object is locked skipped M:\aeb6d34b43e61b4\hnetcfg.dll Object is locked skipped M:\aeb6d34b43e61b4\homepage.inf Object is locked skipped M:\aeb6d34b43e61b4\i8042prt.sys Object is locked skipped M:\aeb6d34b43e61b4\icaapi.dll Object is locked skipped M:\aeb6d34b43e61b4\icm32.dll Object is locked skipped M:\aeb6d34b43e61b4\icsmgr.js Object is locked skipped M:\aeb6d34b43e61b4\icwconn1.exe Object is locked skipped M:\aeb6d34b43e61b4\idq.dll Object is locked skipped M:\aeb6d34b43e61b4\ie4uinit.exe Object is locked skipped M:\aeb6d34b43e61b4\ieakeng.dll Object is locked skipped M:\aeb6d34b43e61b4\ieaksie.dll Object is locked skipped M:\aeb6d34b43e61b4\iedkcs32.dll Object is locked skipped M:\aeb6d34b43e61b4\iepeers.dll Object is locked skipped M:\aeb6d34b43e61b4\iesetup.dll Object is locked skipped M:\aeb6d34b43e61b4\ieuinit.inf Object is locked skipped M:\aeb6d34b43e61b4\iexplore.exe Object is locked skipped M:\aeb6d34b43e61b4\iis.dll Object is locked skipped M:\aeb6d34b43e61b4\ils.dll Object is locked skipped M:\aeb6d34b43e61b4\imaadp32.acm Object is locked skipped M:\aeb6d34b43e61b4\imagehlp.dll Object is locked skipped M:\aeb6d34b43e61b4\imapi.exe Object is locked skipped M:\aeb6d34b43e61b4\imapi.sys Object is locked skipped M:\aeb6d34b43e61b4\imeshare.dll Object is locked skipped M:\aeb6d34b43e61b4\imgutil.dll Object is locked skipped M:\aeb6d34b43e61b4\imm32.dll Object is locked skipped M:\aeb6d34b43e61b4\inetcomm.dll Object is locked skipped M:\aeb6d34b43e61b4\inetcpl.cpl Object is locked skipped M:\aeb6d34b43e61b4\input.dll Object is locked skipped M:\aeb6d34b43e61b4\inseng.dll Object is locked skipped M:\aeb6d34b43e61b4\instcat.sql Object is locked skipped M:\aeb6d34b43e61b4\intelide.sys Object is locked skipped M:\aeb6d34b43e61b4\intl.cpl Object is locked skipped M:\aeb6d34b43e61b4\ip\acpi.inf Object is locked skipped M:\aeb6d34b43e61b4\ip\adsiis51.dll Object is locked skipped M:\aeb6d34b43e61b4\ip\appmgmts.dll Object is locked skipped M:\aeb6d34b43e61b4\ip\appmgr.dll Object is locked skipped M:\aeb6d34b43e61b4\ip\asp51.dll Object is locked skipped M:\aeb6d34b43e61b4\ip\asr_pfu.exe Object is locked skipped M:\aeb6d34b43e61b4\ip\au.inf Object is locked skipped M:\aeb6d34b43e61b4\ip\battery.inf Object is locked skipped M:\aeb6d34b43e61b4\ip\bda.inf Object is locked skipped M:\aeb6d34b43e61b4\ip\cdrom.inf Object is locked skipped M:\aeb6d34b43e61b4\ip\coadmin.dll Object is locked skipped M:\aeb6d34b43e61b4\ip\cpu.inf Object is locked skipped M:\aeb6d34b43e61b4\ip\default.asp Object is locked skipped M:\aeb6d34b43e61b4\ip\disk.inf Object is locked skipped M:\aeb6d34b43e61b4\ip\dpcdll.dll Object is locked skipped M:\aeb6d34b43e61b4\ip\drvindex.inf Object is locked skipped M:\aeb6d34b43e61b4\ip\dwup.inf Object is locked skipped M:\aeb6d34b43e61b4\ip\fdeploy.dll Object is locked skipped M:\aeb6d34b43e61b4\ip\ftpsv251.dll Object is locked skipped M:\aeb6d34b43e61b4\ip\gprslt.exe Object is locked skipped M:\aeb6d34b43e61b4\ip\gptext.dll Object is locked skipped M:\aeb6d34b43e61b4\ip\hiddigi.inf Object is locked skipped M:\aeb6d34b43e61b4\ip\hidserv.inf Object is locked skipped M:\aeb6d34b43e61b4\ip\hscmui.cab Object is locked skipped M:\aeb6d34b43e61b4\ip\httpext.dll Object is locked skipped M:\aeb6d34b43e61b4\ip\httpod51.dll Object is locked skipped M:\aeb6d34b43e61b4\ip\ie.inf Object is locked skipped M:\aeb6d34b43e61b4\ip\ieaccess.inf Object is locked skipped M:\aeb6d34b43e61b4\ip\iis.inf Object is locked skipped M:\aeb6d34b43e61b4\ip\iislog51.dll Object is locked skipped M:\aeb6d34b43e61b4\ip\ims.inf Object is locked skipped M:\aeb6d34b43e61b4\ip\inetres.adm Object is locked skipped M:\aeb6d34b43e61b4\ip\infocomm.dll Object is locked skipped M:\aeb6d34b43e61b4\ip\input.inf Object is locked skipped M:\aeb6d34b43e61b4\ip\intl.inf Object is locked skipped M:\aeb6d34b43e61b4\ip\irbus.sys Object is locked skipped M:\aeb6d34b43e61b4\ip\keyboard.inf Object is locked skipped M:\aeb6d34b43e61b4\ip\kscaptur.inf Object is locked skipped M:\aeb6d34b43e61b4\ip\layout.inf Object is locked skipped M:\aeb6d34b43e61b4\ip\login.cmd Object is locked skipped M:\aeb6d34b43e61b4\ip\md5filt.dll Object is locked skipped M:\aeb6d34b43e61b4\ip\medctroc.dll Object is locked skipped M:\aeb6d34b43e61b4\ip\medctroc.inf Object is locked skipped M:\aeb6d34b43e61b4\ip\mediactr.cat Object is locked skipped M:\aeb6d34b43e61b4\ip\miscw.chm Object is locked skipped M:\aeb6d34b43e61b4\ip\mqac.sys Object is locked skipped M:\aeb6d34b43e61b4\ip\mqad.dll Object is locked skipped M:\aeb6d34b43e61b4\ip\mqise.dll Object is locked skipped M:\aeb6d34b43e61b4\ip\mqqm.dll Object is locked skipped M:\aeb6d34b43e61b4\ip\mqrt.dll Object is locked skipped M:\aeb6d34b43e61b4\ip\mqsec.dll Object is locked skipped M:\aeb6d34b43e61b4\ip\mqsnap.dll Object is locked skipped M:\aeb6d34b43e61b4\ip\mqtrig.dll Object is locked skipped M:\aeb6d34b43e61b4\ip\mqutil.dll Object is locked skipped M:\aeb6d34b43e61b4\ip\mshdc.inf Object is locked skipped M:\aeb6d34b43e61b4\ip\msmqocm.dll Object is locked skipped M:\aeb6d34b43e61b4\ip\msoe50.inf Object is locked skipped M:\aeb6d34b43e61b4\ip\netfxocm.dll Object is locked skipped M:\aeb6d34b43e61b4\ip\netfxocm.inf Object is locked skipped M:\aeb6d34b43e61b4\ip\netip6.inf Object is locked skipped M:\aeb6d34b43e61b4\ip\netoc.inf Object is locked skipped M:\aeb6d34b43e61b4\ip\netrass.inf Object is locked skipped M:\aeb6d34b43e61b4\ip\nt5inf.cat Object is locked skipped M:\aeb6d34b43e61b4\ip\ntprint.inf Object is locked skipped M:\aeb6d34b43e61b4\ip\nwrdr.sys Object is locked skipped M:\aeb6d34b43e61b4\ip\nwwks.dll Object is locked skipped M:\aeb6d34b43e61b4\ip\pchealth.inf Object is locked skipped M:\aeb6d34b43e61b4\ip\pidgen.dll Object is locked skipped M:\aeb6d34b43e61b4\ip\pnpscsi.inf Object is locked skipped M:\aeb6d34b43e61b4\ip\policman.dll Object is locked skipped M:\aeb6d34b43e61b4\ip\query.asp Object is locked skipped M:\aeb6d34b43e61b4\ip\rsnotify.exe Object is locked skipped M:\aeb6d34b43e61b4\ip\scsi.inf Object is locked skipped M:\aeb6d34b43e61b4\ip\sctasks.exe Object is locked skipped M:\aeb6d34b43e61b4\ip\search.asp Object is locked skipped M:\aeb6d34b43e61b4\ip\spiisupd.exe Object is locked skipped M:\aeb6d34b43e61b4\ip\spra0401.dll Object is locked skipped M:\aeb6d34b43e61b4\ip\spra0402.dll Object is locked skipped M:\aeb6d34b43e61b4\ip\spra0404.dll Object is locked skipped M:\aeb6d34b43e61b4\ip\spra0405.dll Object is locked skipped M:\aeb6d34b43e61b4\ip\spra0406.dll Object is locked skipped M:\aeb6d34b43e61b4\ip\spra0407.dll Object is locked skipped M:\aeb6d34b43e61b4\ip\spra0408.dll Object is locked skipped M:\aeb6d34b43e61b4\ip\spra040b.dll Object is locked skipped M:\aeb6d34b43e61b4\ip\spra040c.dll Object is locked skipped M:\aeb6d34b43e61b4\ip\spra040d.dll Object is locked skipped M:\aeb6d34b43e61b4\ip\spra040e.dll Object is locked skipped M:\aeb6d34b43e61b4\ip\spra0410.dll Object is locked skipped M:\aeb6d34b43e61b4\ip\spra0411.dll Object is locked skipped M:\aeb6d34b43e61b4\ip\spra0412.dll Object is locked skipped M:\aeb6d34b43e61b4\ip\spra0413.dll Object is locked skipped M:\aeb6d34b43e61b4\ip\spra0414.dll Object is locked skipped M:\aeb6d34b43e61b4\ip\spra0415.dll Object is locked skipped M:\aeb6d34b43e61b4\ip\spra0416.dll Object is locked skipped M:\aeb6d34b43e61b4\ip\spra0418.dll Object is locked skipped M:\aeb6d34b43e61b4\ip\spra0419.dll Object is locked skipped M:\aeb6d34b43e61b4\ip\spra041a.dll Object is locked skipped M:\aeb6d34b43e61b4\ip\spra041b.dll Object is locked skipped M:\aeb6d34b43e61b4\ip\spra041d.dll Object is locked skipped M:\aeb6d34b43e61b4\ip\spra041e.dll Object is locked skipped M:\aeb6d34b43e61b4\ip\spra041f.dll Object is locked skipped M:\aeb6d34b43e61b4\ip\spra0424.dll Object is locked skipped M:\aeb6d34b43e61b4\ip\spra0425.dll Object is locked skipped M:\aeb6d34b43e61b4\ip\spra0426.dll Object is locked skipped M:\aeb6d34b43e61b4\ip\spra0427.dll Object is locked skipped M:\aeb6d34b43e61b4\ip\spra0804.dll Object is locked skipped M:\aeb6d34b43e61b4\ip\spra0816.dll Object is locked skipped M:\aeb6d34b43e61b4\ip\spra0c0a.dll Object is locked skipped M:\aeb6d34b43e61b4\ip\ssinc51.dll Object is locked skipped M:\aeb6d34b43e61b4\ip\swflash.inf Object is locked skipped M:\aeb6d34b43e61b4\ip\sysoc.inf Object is locked skipped M:\aeb6d34b43e61b4\ip\syssetup.inf Object is locked skipped M:\aeb6d34b43e61b4\ip\system.adm Object is locked skipped M:\aeb6d34b43e61b4\ip\system.chm Object is locked skipped M:\aeb6d34b43e61b4\ip\tabletoc.dll Object is locked skipped M:\aeb6d34b43e61b4\ip\tabletpc.cat Object is locked skipped M:\aeb6d34b43e61b4\ip\tabletpc.inf Object is locked skipped M:\aeb6d34b43e61b4\ip\tape.inf Object is locked skipped M:\aeb6d34b43e61b4\ip\termcap Object is locked skipped M:\aeb6d34b43e61b4\ip\tlntadmn.exe Object is locked skipped M:\aeb6d34b43e61b4\ip\tlntsess.exe Object is locked skipped M:\aeb6d34b43e61b4\ip\tlntsvr.exe Object is locked skipped M:\aeb6d34b43e61b4\ip\tlntsvrp.dll Object is locked skipped M:\aeb6d34b43e61b4\ip\tracerpt.exe Object is locked skipped M:\aeb6d34b43e61b4\ip\tsoc.inf Object is locked skipped M:\aeb6d34b43e61b4\ip\usbport.inf Object is locked skipped M:\aeb6d34b43e61b4\ip\w3svc.dll Object is locked skipped M:\aeb6d34b43e61b4\ip\whatneww.chm Object is locked skipped M:\aeb6d34b43e61b4\ip\wmic.exe Object is locked skipped M:\aeb6d34b43e61b4\ip\wsecedit.dll Object is locked skipped M:\aeb6d34b43e61b4\ipconfig.exe Object is locked skipped M:\aeb6d34b43e61b4\ipevldpc.dll Object is locked skipped M:\aeb6d34b43e61b4\ipevlpid.dll Object is locked skipped M:\aeb6d34b43e61b4\iphlpapi.dll Object is locked skipped M:\aeb6d34b43e61b4\ipmntdpc.dll Object is locked skipped M:\aeb6d34b43e61b4\ipnat.sys Object is locked skipped M:\aeb6d34b43e61b4\ipnathlp.dll Object is locked skipped M:\aeb6d34b43e61b4\ippromon.dll Object is locked skipped M:\aeb6d34b43e61b4\ipp_0001.asp Object is locked skipped M:\aeb6d34b43e61b4\ipp_0002.asp Object is locked skipped M:\aeb6d34b43e61b4\ipp_0004.asp Object is locked skipped M:\aeb6d34b43e61b4\ipp_0006.asp Object is locked skipped M:\aeb6d34b43e61b4\ipp_0013.asp Object is locked skipped M:\aeb6d34b43e61b4\ipp_0014.asp Object is locked skipped M:\aeb6d34b43e61b4\ipp_util.inc Object is locked skipped M:\aeb6d34b43e61b4\ipsec.sys Object is locked skipped M:\aeb6d34b43e61b4\ipsecsvc.dll Object is locked skipped M:\aeb6d34b43e61b4\ipseldpc.dll Object is locked skipped M:\aeb6d34b43e61b4\ipselpid.dll Object is locked skipped M:\aeb6d34b43e61b4\ipv6.exe Object is locked skipped M:\aeb6d34b43e61b4\ipv6mon.dll Object is locked skipped M:\aeb6d34b43e61b4\irbus.sys Object is locked skipped M:\aeb6d34b43e61b4\irmon.dll Object is locked skipped M:\aeb6d34b43e61b4\itircl.dll Object is locked skipped M:\aeb6d34b43e61b4\itss.dll Object is locked skipped M:\aeb6d34b43e61b4\iuctl.dll Object is locked skipped M:\aeb6d34b43e61b4\iuengine.dll Object is locked skipped M:\aeb6d34b43e61b4\ixsso.dll Object is locked skipped M:\aeb6d34b43e61b4\joy.cpl Object is locked skipped M:\aeb6d34b43e61b4\kbdclass.sys Object is locked skipped M:\aeb6d34b43e61b4\kd1394.dll Object is locked skipped M:\aeb6d34b43e61b4\kerberos.dll Object is locked skipped M:\aeb6d34b43e61b4\kernel32.dll Object is locked skipped M:\aeb6d34b43e61b4\keyboard.sys Object is locked skipped M:\aeb6d34b43e61b4\kmixer.sys Object is locked skipped M:\aeb6d34b43e61b4\ks.sys Object is locked skipped M:\aeb6d34b43e61b4\ksxbar.ax Object is locked skipped M:\aeb6d34b43e61b4\l3codeca.acm Object is locked skipped M:\aeb6d34b43e61b4\lang\chajei.ime Object is locked skipped M:\aeb6d34b43e61b4\lang\chtmbx.dll Object is locked skipped M:\aeb6d34b43e61b4\lang\chtskdic.dll Object is locked skipped M:\aeb6d34b43e61b4\lang\chtskf.dll Object is locked skipped M:\aeb6d34b43e61b4\lang\cintime.dll Object is locked skipped M:\aeb6d34b43e61b4\lang\cintlgnt.ime Object is locked skipped M:\aeb6d34b43e61b4\lang\cintsetp.exe Object is locked skipped M:\aeb6d34b43e61b4\lang\cplexe.exe Object is locked skipped M:\aeb6d34b43e61b4\lang\dayi.ime Object is locked skipped M:\aeb6d34b43e61b4\lang\imekr61.ime Object is locked skipped M:\aeb6d34b43e61b4\lang\imekrcic.dll Object is locked skipped M:\aeb6d34b43e61b4\lang\imjp81.ime Object is locked skipped M:\aeb6d34b43e61b4\lang\imjp81k.dll Object is locked skipped M:\aeb6d34b43e61b4\lang\imjpcd.dic Object is locked skipped M:\aeb6d34b43e61b4\lang\imjpcic.dll Object is locked skipped M:\aeb6d34b43e61b4\lang\imjpcus.dll Object is locked skipped M:\aeb6d34b43e61b4\lang\imjpdct.dll Object is locked skipped M:\aeb6d34b43e61b4\lang\imjpdct.exe Object is locked skipped M:\aeb6d34b43e61b4\lang\imjpdsvr.exe Object is locked skipped M:\aeb6d34b43e61b4\lang\imjpinst.exe Object is locked skipped M:\aeb6d34b43e61b4\lang\imjpinst.ini Object is locked skipped M:\aeb6d34b43e61b4\lang\imjpmig.exe Object is locked skipped M:\aeb6d34b43e61b4\lang\imjprw.exe Object is locked skipped M:\aeb6d34b43e61b4\lang\imjputy.exe Object is locked skipped M:\aeb6d34b43e61b4\lang\imjputyc.dll Object is locked skipped M:\aeb6d34b43e61b4\lang\imlang.dll Object is locked skipped M:\aeb6d34b43e61b4\lang\imscinst.exe Object is locked skipped M:\aeb6d34b43e61b4\lang\miniime.tpl Object is locked skipped M:\aeb6d34b43e61b4\lang\padrs404.dll Object is locked skipped M:\aeb6d34b43e61b4\lang\padrs804.dll Object is locked skipped M:\aeb6d34b43e61b4\lang\phon.ime Object is locked skipped M:\aeb6d34b43e61b4\lang\pintlcsa.dll Object is locked skipped M:\aeb6d34b43e61b4\lang\pintlcsd.dic Object is locked skipped M:\aeb6d34b43e61b4\lang\pintlcsd.dll Object is locked skipped M:\aeb6d34b43e61b4\lang\pintlcsk.dic Object is locked skipped M:\aeb6d34b43e61b4\lang\pintlgc.imd Object is locked skipped M:\aeb6d34b43e61b4\lang\pintlgd.imd Object is locked skipped M:\aeb6d34b43e61b4\lang\pintlgdx.imd Object is locked skipped M:\aeb6d34b43e61b4\lang\pintlgi.imd Object is locked skipped M:\aeb6d34b43e61b4\lang\pintlgix.imd Object is locked skipped M:\aeb6d34b43e61b4\lang\pintlgl.imd Object is locked skipped M:\aeb6d34b43e61b4\lang\pintlgne.chm Object is locked skipped M:\aeb6d34b43e61b4\lang\pintlgnt.chm Object is locked skipped M:\aeb6d34b43e61b4\lang\pintlgnt.ime Object is locked skipped M:\aeb6d34b43e61b4\lang\pintlgr.imd Object is locked skipped M:\aeb6d34b43e61b4\lang\pintlgs.imd Object is locked skipped M:\aeb6d34b43e61b4\lang\pintlphr.exe Object is locked skipped M:\aeb6d34b43e61b4\lang\pmigrate.dll Object is locked skipped M:\aeb6d34b43e61b4\lang\quick.ime Object is locked skipped M:\aeb6d34b43e61b4\lang\romanime.ime Object is locked skipped M:\aeb6d34b43e61b4\lang\tintlgnt.ime Object is locked skipped M:\aeb6d34b43e61b4\lang\tintlphr.exe Object is locked skipped M:\aeb6d34b43e61b4\lang\tintsetp.exe Object is locked skipped M:\aeb6d34b43e61b4\lang\tmigrate.dll Object is locked skipped M:\aeb6d34b43e61b4\lang\unicdime.ime Object is locked skipped M:\aeb6d34b43e61b4\lang\uniime.dll Object is locked skipped M:\aeb6d34b43e61b4\lang\voicepad.dll Object is locked skipped M:\aeb6d34b43e61b4\lang\voicesub.dll Object is locked skipped M:\aeb6d34b43e61b4\lang\winar30.ime Object is locked skipped M:\aeb6d34b43e61b4\lang\winime.ime Object is locked skipped M:\aeb6d34b43e61b4\laprxy.dll Object is locked skipped M:\aeb6d34b43e61b4\lcladvd.xml Object is locked skipped M:\aeb6d34b43e61b4\lcldocs.xml Object is locked skipped M:\aeb6d34b43e61b4\licdll.dll Object is locked skipped M:\aeb6d34b43e61b4\license.chm Object is locked skipped M:\aeb6d34b43e61b4\licmgr10.dll Object is locked skipped M:\aeb6d34b43e61b4\licwmi.dll Object is locked skipped M:\aeb6d34b43e61b4\licwmi.mfl Object is locked skipped M:\aeb6d34b43e61b4\licwmi.mof Object is locked skipped M:\aeb6d34b43e61b4\lmrt.dll Object is locked skipped M:\aeb6d34b43e61b4\locale.nls Object is locked skipped M:\aeb6d34b43e61b4\localspl.dll Object is locked skipped M:\aeb6d34b43e61b4\localui.dll Object is locked skipped M:\aeb6d34b43e61b4\log.dll Object is locked skipped M:\aeb6d34b43e61b4\lvback.gif Object is locked skipped M:\aeb6d34b43e61b4\mailtmpl.txt Object is locked skipped M:\aeb6d34b43e61b4\msdtctr.mof Object is locked skipped M:\aeb6d34b43e61b4\mstsc.chm Object is locked skipped M:\aeb6d34b43e61b4\new\logo.gif Object is locked skipped M:\aeb6d34b43e61b4\new\logowin.gif Object is locked skipped M:\aeb6d34b43e61b4\new\rtcimsp.dll Object is locked skipped M:\aeb6d34b43e61b4\new\secupd.dat Object is locked skipped M:\aeb6d34b43e61b4\new\secupd.sig Object is locked skipped M:\aeb6d34b43e61b4\newalert.wav Object is locked skipped M:\aeb6d34b43e61b4\newemail.wav Object is locked skipped M:\aeb6d34b43e61b4\online.wav Object is locked skipped M:\aeb6d34b43e61b4\readmesp.htm Object is locked skipped M:\aeb6d34b43e61b4\secdrv.sys Object is locked skipped M:\aeb6d34b43e61b4\spmsg.dll Object is locked skipped M:\aeb6d34b43e61b4\spuninst.exe Object is locked skipped M:\aeb6d34b43e61b4\tagfile.1 Object is locked skipped M:\aeb6d34b43e61b4\type.wav Object is locked skipped M:\aeb6d34b43e61b4\update\eula.txt Object is locked skipped M:\aeb6d34b43e61b4\update\sp1.cat Object is locked skipped M:\aeb6d34b43e61b4\update\spcustom.dll Object is locked skipped M:\aeb6d34b43e61b4\update\update.exe Object is locked skipped M:\aeb6d34b43e61b4\update\update.inf Object is locked skipped M:\aeb6d34b43e61b4\update\update.url Object is locked skipped M:\aeb6d34b43e61b4\update\update.ver Object is locked skipped M:\aeb6d34b43e61b4\winxp_logo_horiz_sm.gif Object is locked skipped M:\Plugins\Audiogalaxy\AGSetup0608.exe/fsg-ag.exe Infected: not-a-virus:AdWare.Win32.Gator.1050 skipped M:\Plugins\Audiogalaxy\AGSetup0608.exe ViseMan: infected - 1 skipped M:\Plugins\Audiogalaxy\AGSetup0608.exe ViseMan: infected - 1 skipped M:\Plugins\Bearshare\BearInst.exe/WISE0136.BIN/Uninst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.au skipped M:\Plugins\Bearshare\BearInst.exe/WISE0136.BIN Infected: not-a-virus:AdWare.Win32.SaveNow.au skipped M:\Plugins\Bearshare\BearInst.exe WiseSFX: infected - 2 skipped M:\Plugins\Bearshare\BearInst.exe WiseSFX Dropper: infected - 2 skipped M:\Plugins\Cash Fiesta\cfshtie.dll Infected: not-a-virus:AdWare.Win32.CashFiesta.a skipped M:\Plugins\Cash Fiesta\Impcfw.dll Infected: not-a-virus:AdWare.Win32.CashFiesta.a skipped M:\Plugins\Edonkey\eDonkey0.44.exe/data0076/UCMIE.DLL Infected: not-a-virus:AdWare.Win32.Ucmore.a skipped M:\Plugins\Edonkey\eDonkey0.44.exe/data0076/IUCMORE.DLL Infected: not-a-virus:AdWare.Win32.Ucmore skipped M:\Plugins\Edonkey\eDonkey0.44.exe/data0076 Infected: not-a-virus:AdWare.Win32.Ucmore skipped M:\Plugins\Edonkey\eDonkey0.44.exe NSIS: infected - 3 skipped M:\Plugins\Edonkey\eDonkey0.45.exe/data0079/UCMIE.DLL Infected: not-a-virus:AdWare.Win32.Ucmore.a skipped M:\Plugins\Edonkey\eDonkey0.45.exe/data0079/IUCMORE.DLL Infected: not-a-virus:AdWare.Win32.Ucmore skipped M:\Plugins\Edonkey\eDonkey0.45.exe/data0079 Infected: not-a-virus:AdWare.Win32.Ucmore skipped M:\Plugins\Edonkey\eDonkey0.45.exe NSIS: infected - 3 skipped M:\Plugins\Edonkey\eDonkey0.46.exe/data0080/UCMIE.DLL Infected: not-a-virus:AdWare.Win32.Ucmore.a skipped M:\Plugins\Edonkey\eDonkey0.46.exe/data0080/IUCMORE.DLL Infected: not-a-virus:AdWare.Win32.Ucmore skipped M:\Plugins\Edonkey\eDonkey0.46.exe/data0080 Infected: not-a-virus:AdWare.Win32.Ucmore skipped M:\Plugins\Edonkey\eDonkey0.46.exe NSIS: infected - 3 skipped M:\Plugins\Edonkey\eDonkey0.48.1.exe/data0089/UCMIE.DLL Infected: not-a-virus:AdWare.Win32.Ucmore.a skipped M:\Plugins\Edonkey\eDonkey0.48.1.exe/data0089/IUCMORE.DLL Infected: not-a-virus:AdWare.Win32.Ucmore skipped M:\Plugins\Edonkey\eDonkey0.48.1.exe/data0089 Infected: not-a-virus:AdWare.Win32.Ucmore skipped M:\Plugins\Edonkey\eDonkey0.48.1.exe NSIS: infected - 3 skipped M:\Plugins\Edonkey\eDonkey57.exe/data0005 Infected: not-a-virus:AdWare.Win32.Gator.1050 skipped M:\Plugins\Edonkey\eDonkey57.exe NSIS: infected - 1 skipped M:\Plugins\Edonkey\eDonkey59.exe/data0005 Infected: not-a-virus:AdWare.Win32.Gator.1050 skipped M:\Plugins\Edonkey\eDonkey59.exe NSIS: infected - 1 skipped M:\Plugins\Edonkey\eDonkey60.exe/data0005/UCMIE.DLL Infected: not-a-virus:AdWare.Win32.Ucmore.a skipped M:\Plugins\Edonkey\eDonkey60.exe/data0005 Infected: not-a-virus:AdWare.Win32.Ucmore.a skipped M:\Plugins\Edonkey\eDonkey60.exe NSIS: infected - 2 skipped M:\Plugins\Edonkey\eDonkey61.exe/data0006 Infected: not-a-virus:AdWare.Win32.EZula.j skipped M:\Plugins\Edonkey\eDonkey61.exe/data0007/UCMIE.DLL Infected: not-a-virus:AdWare.Win32.Ucmore.a skipped M:\Plugins\Edonkey\eDonkey61.exe/data0007 Infected: not-a-virus:AdWare.Win32.Ucmore.a skipped M:\Plugins\Edonkey\eDonkey61.exe NSIS: infected - 3 skipped M:\Plugins\Edonkey\overnet0.49.4.exe/data0081/UCMIE.DLL Infected: not-a-virus:AdWare.Win32.Ucmore.a skipped M:\Plugins\Edonkey\overnet0.49.4.exe/data0081/IUCMORE.DLL Infected: not-a-virus:AdWare.Win32.Ucmore skipped M:\Plugins\Edonkey\overnet0.49.4.exe/data0081 Infected: not-a-virus:AdWare.Win32.Ucmore skipped M:\Plugins\Edonkey\overnet0.49.4.exe NSIS: infected - 3 skipped M:\Plugins\Edonkey\overnet0.50.1.exe/data0004/fatovernet.exe Infected: not-a-virus:Server-Proxy.Win32.Overnet skipped M:\Plugins\Edonkey\overnet0.50.1.exe/data0004 Infected: not-a-virus:Server-Proxy.Win32.Overnet skipped M:\Plugins\Edonkey\overnet0.50.1.exe/data0014/UCMIE.DLL Infected: not-a-virus:AdWare.Win32.Ucmore.a skipped M:\Plugins\Edonkey\overnet0.50.1.exe/data0014/IUCMORE.DLL Infected: not-a-virus:AdWare.Win32.Ucmore skipped M:\Plugins\Edonkey\overnet0.50.1.exe/data0014 Infected: not-a-virus:AdWare.Win32.Ucmore skipped M:\Plugins\Edonkey\overnet0.50.1.exe NSIS: infected - 5 skipped M:\Plugins\Edonkey\overnet0.50.exe/data0014/UCMIE.DLL Infected: not-a-virus:AdWare.Win32.Ucmore.a skipped M:\Plugins\Edonkey\overnet0.50.exe/data0014/IUCMORE.DLL Infected: not-a-virus:AdWare.Win32.Ucmore skipped M:\Plugins\Edonkey\overnet0.50.exe/data0014 Infected: not-a-virus:AdWare.Win32.Ucmore skipped M:\Plugins\Edonkey\overnet0.50.exe NSIS: infected - 3 skipped M:\Plugins\Imesh\iMeshV2.exe/WISE0102.BIN Infected: not-a-virus:AdWare.Win32.TimeSinc skipped M:\Plugins\Imesh\iMeshV2.exe WiseSFX: infected - 1 skipped M:\Plugins\Kazaa\KazaaUpdate131.exe/data0003/cd_clint.dll Infected: not-a-virus:AdWare.Win32.Cydoor skipped M:\Plugins\Kazaa\KazaaUpdate131.exe/data0003/cd_htm.dll Infected: not-a-virus:AdWare.Win32.Cydoor.c skipped M:\Plugins\Kazaa\KazaaUpdate131.exe/data0003 Infected: not-a-virus:AdWare.Win32.Cydoor.c skipped M:\Plugins\Kazaa\KazaaUpdate131.exe/data0007/wbhshare.dll Infected: not-a-virus:AdWare.Win32.WebHancer.214 skipped M:\Plugins\Kazaa\KazaaUpdate131.exe/data0007/Webhdll.dll Infected: not-a-virus:AdWare.Win32.WebHancer skipped M:\Plugins\Kazaa\KazaaUpdate131.exe/data0007/WhAgent.exe Infected: not-a-virus:AdWare.Win32.WebHancer.214 skipped M:\Plugins\Kazaa\KazaaUpdate131.exe/data0007/whiehlpr.dll Infected: not-a-virus:AdWare.Win32.WebHancer.214 skipped M:\Plugins\Kazaa\KazaaUpdate131.exe/data0007/whieshm.dll Infected: not-a-virus:AdWare.Win32.WebHancer.214 skipped M:\Plugins\Kazaa\KazaaUpdate131.exe/data0007/whInstaller.exe Infected: not-a-virus:AdWare.Win32.WebHancer.214 skipped M:\Plugins\Kazaa\KazaaUpdate131.exe/data0007 Infected: not-a-virus:AdWare.Win32.WebHancer.214 skipped M:\Plugins\Kazaa\KazaaUpdate131.exe/data0008 Infected: not-a-virus:AdWare.Win32.NewDotNet skipped M:\Plugins\Kazaa\KazaaUpdate131.exe/data0009 Infected: not-a-virus:AdWare.Win32.180Solutions skipped M:\Plugins\Kazaa\KazaaUpdate131.exe Inno: infected - 12 skipped M:\Plugins\Kazaa\KazaaUpdate132.exe/data0003/cd_clint.dll Infected: not-a-virus:AdWare.Win32.Cydoor skipped M:\Plugins\Kazaa\KazaaUpdate132.exe/data0003/cd_htm.dll Infected: not-a-virus:AdWare.Win32.Cydoor.c skipped M:\Plugins\Kazaa\KazaaUpdate132.exe/data0003 Infected: not-a-virus:AdWare.Win32.Cydoor.c skipped M:\Plugins\Kazaa\KazaaUpdate132.exe/data0005/SaveNow.exe Infected: not-a-virus:AdWare.Win32.SaveNow.aa skipped M:\Plugins\Kazaa\KazaaUpdate132.exe/data0005/Uninst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.au skipped M:\Plugins\Kazaa\KazaaUpdate132.exe/data0005 Infected: not-a-virus:AdWare.Win32.SaveNow.au skipped M:\Plugins\Kazaa\KazaaUpdate132.exe Inno: infected - 6 skipped M:\Plugins\Kazaa\KazaaUpdate151.exe/data0003/cd_clint.dll Infected: not-a-virus:AdWare.Win32.Cydoor skipped M:\Plugins\Kazaa\KazaaUpdate151.exe/data0003/cd_htm.dll Infected: not-a-virus:AdWare.Win32.Cydoor skipped M:\Plugins\Kazaa\KazaaUpdate151.exe/data0003 Infected: not-a-virus:AdWare.Win32.Cydoor skipped M:\Plugins\Kazaa\KazaaUpdate151.exe/data0008/bdedetect1.dll Infected: not-a-virus:AdWare.Win32.BrilliantDigital.1007 skipped M:\Plugins\Kazaa\KazaaUpdate151.exe/data0008 Infected: not-a-virus:AdWare.Win32.BrilliantDigital.1007 skipped M:\Plugins\Kazaa\KazaaUpdate151.exe/data0011 Infected: not-a-virus:AdWare.Win32.BrilliantDigital.1007 skipped M:\Plugins\Kazaa\KazaaUpdate151.exe/data0012 Infected: not-a-virus:AdWare.Win32.Altnet.a skipped M:\Plugins\Kazaa\KazaaUpdate151.exe/data0018/bdeinstall.exe Infected: not-a-virus:AdWare.Win32.BrilliantDigital.1044 skipped M:\Plugins\Kazaa\KazaaUpdate151.exe/data0018 Infected: not-a-virus:AdWare.Win32.BrilliantDigital.1044 skipped M:\Plugins\Kazaa\KazaaUpdate151.exe/data0019/bde3d_ref2.dll Infected: not-a-virus:AdWare.Win32.BrilliantDigital.d skipped M:\Plugins\Kazaa\KazaaUpdate151.exe/data0019 Infected: not-a-virus:AdWare.Win32.BrilliantDigital.d skipped M:\Plugins\Kazaa\KazaaUpdate151.exe/data0022/bdeload.dll Infected: not-a-virus:AdWare.Win32.BrilliantDigital.e skipped M:\Plugins\Kazaa\KazaaUpdate151.exe/data0022 Infected: not-a-virus:AdWare.Win32.BrilliantDigital.e skipped M:\Plugins\Kazaa\KazaaUpdate151.exe/data0023/bdeplayer2.dll Infected: not-a-virus:AdWare.Win32.BrilliantDigital.f skipped M:\Plugins\Kazaa\KazaaUpdate151.exe/data0023 Infected: not-a-virus:AdWare.Win32.BrilliantDigital.f skipped M:\Plugins\Kazaa\KazaaUpdate151.exe/data0026/BDESac10.dll Infected: not-a-virus:AdWare.Win32.BrilliantDigital.3120 skipped M:\Plugins\Kazaa\KazaaUpdate151.exe/data0026 Infected: not-a-virus:AdWare.Win32.BrilliantDigital.3120 skipped M:\Plugins\Kazaa\KazaaUpdate151.exe/data0027/bdeviewer.exe Infected: Trojan.Win32.Krepper.y skipped M:\Plugins\Kazaa\KazaaUpdate151.exe/data0027 Infected: Trojan.Win32.Krepper.y skipped M:\Plugins\Kazaa\KazaaUpdate151.exe/data0029/BDEVerify.exe Infected: not-a-virus:AdWare.Win32.BrilliantDigital.a skipped M:\Plugins\Kazaa\KazaaUpdate151.exe/data0029/BDEVerify.dll Infected: not-a-virus:AdWare.Win32.BrilliantDigital.b skipped M:\Plugins\Kazaa\KazaaUpdate151.exe/data0029 Infected: not-a-virus:AdWare.Win32.BrilliantDigital.b skipped M:\Plugins\Kazaa\KazaaUpdate151.exe Inno: infected - 22 skipped M:\Plugins\Kazaa\kmd151_en.exe/data0003/cd_clint.dll Infected: not-a-virus:AdWare.Win32.Cydoor skipped M:\Plugins\Kazaa\kmd151_en.exe/data0003/cd_htm.dll Infected: not-a-virus:AdWare.Win32.Cydoor skipped M:\Plugins\Kazaa\kmd151_en.exe/data0003 Infected: not-a-virus:AdWare.Win32.Cydoor skipped M:\Plugins\Kazaa\kmd151_en.exe/data0007 Infected: not-a-virus:AdWare.Win32.NewDotNet skipped M:\Plugins\Kazaa\kmd151_en.exe/data0008/SaveNow.exe Infected: not-a-virus:AdWare.Win32.SaveNow.av skipped M:\Plugins\Kazaa\kmd151_en.exe/data0008/Uninst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.au skipped M:\Plugins\Kazaa\kmd151_en.exe/data0008 Infected: not-a-virus:AdWare.Win32.SaveNow.au skipped M:\Plugins\Kazaa\kmd151_en.exe/data0011/bdedetect1.dll Infected: not-a-virus:AdWare.Win32.BrilliantDigital.1007 skipped M:\Plugins\Kazaa\kmd151_en.exe/data0011 Infected: not-a-virus:AdWare.Win32.BrilliantDigital.1007 skipped M:\Plugins\Kazaa\kmd151_en.exe/data0014 Infected: not-a-virus:AdWare.Win32.BrilliantDigital.1007 skipped M:\Plugins\Kazaa\kmd151_en.exe/data0015 Infected: not-a-virus:AdWare.Win32.Altnet.a skipped M:\Plugins\Kazaa\kmd151_en.exe/data0021/bdeinstall.exe Infected: not-a-virus:AdWare.Win32.BrilliantDigital.1044 skipped M:\Plugins\Kazaa\kmd151_en.exe/data0021 Infected: not-a-virus:AdWare.Win32.BrilliantDigital.1044 skipped M:\Plugins\Kazaa\kmd151_en.exe/data0022/bde3d_ref2.dll Infected: not-a-virus:AdWare.Win32.BrilliantDigital.d skipped M:\Plugins\Kazaa\kmd151_en.exe/data0022 Infected: not-a-virus:AdWare.Win32.BrilliantDigital.d skipped M:\Plugins\Kazaa\kmd151_en.exe/data0025/bdeload.dll Infected: not-a-virus:AdWare.Win32.BrilliantDigital.e skipped M:\Plugins\Kazaa\kmd151_en.exe/data0025 Infected: not-a-virus:AdWare.Win32.BrilliantDigital.e skipped M:\Plugins\Kazaa\kmd151_en.exe/data0026/bdeplayer2.dll Infected: not-a-virus:AdWare.Win32.BrilliantDigital.f skipped M:\Plugins\Kazaa\kmd151_en.exe/data0026 Infected: not-a-virus:AdWare.Win32.BrilliantDigital.f skipped M:\Plugins\Kazaa\kmd151_en.exe/data0029/BDESac10.dll Infected: not-a-virus:AdWare.Win32.BrilliantDigital.3120 skipped M:\Plugins\Kazaa\kmd151_en.exe/data0029 Infected: not-a-virus:AdWare.Win32.BrilliantDigital.3120 skipped M:\Plugins\Kazaa\kmd151_en.exe/data0030/bdeviewer.exe Infected: Trojan.Win32.Krepper.y skipped M:\Plugins\Kazaa\kmd151_en.exe/data0030 Infected: Trojan.Win32.Krepper.y skipped M:\Plugins\Kazaa\kmd151_en.exe/data0032/BDEVerify.exe Infected: not-a-virus:AdWare.Win32.BrilliantDigital.a skipped M:\Plugins\Kazaa\kmd151_en.exe/data0032/BDEVerify.dll Infected: not-a-virus:AdWare.Win32.BrilliantDigital.b skipped M:\Plugins\Kazaa\kmd151_en.exe/data0032 Infected: not-a-virus:AdWare.Win32.BrilliantDigital.b skipped M:\Plugins\Kazaa\kmd151_en.exe Inno: infected - 26 skipped M:\Plugins\mIRC\mirc612.exe/data0001.bin Infected: not-a-virus:Client-IRC.Win32.mIRC.612 skipped M:\Plugins\mIRC\mirc612.exe mIRC: infected - 1 skipped M:\Plugins\Serv-U 2.5\Serv-u\SETUP.EXE/SERV-U32.EXE Infected: not-a-virus:Server-FTP.Win32.Serv-U.24.a skipped M:\Plugins\Serv-U 2.5\Serv-u\SETUP.EXE ZIP: infected - 1 skipped M:\Plugins\Serv-U 2.5\Serv-U Ftp v2.4.zip/SETUP.EXE/SERV-U32.EXE Infected: not-a-virus:Server-FTP.Win32.Serv-U.24.a skipped M:\Plugins\Serv-U 2.5\Serv-U Ftp v2.4.zip/SETUP.EXE Infected: not-a-virus:Server-FTP.Win32.Serv-U.24.a skipped M:\Plugins\Serv-U 2.5\Serv-U Ftp v2.4.zip ZIP: infected - 2 skipped M:\Plugins\Serv-U 3.0\susetup.exe/SERVUDAEMON.EXE Infected: not-a-virus:Server-FTP.Win32.Serv-U.3017 skipped M:\Plugins\Serv-U 3.0\susetup.exe ZIP: infected - 1 skipped M:\Plugins\Serv-U 5.0\Serv-U.FTP.v5.0.Corporate.Edition-BetaMaster.ShareReactor\ServUSetup.exe/SERVUDAEMON.EXE Infected: not-a-virus:Server-FTP.Win32.Serv-U.5000 skipped M:\Plugins\Serv-U 5.0\Serv-U.FTP.v5.0.Corporate.Edition-BetaMaster.ShareReactor\ServUSetup.exe/SERVUTRAY.EXE Infected: not-a-virus:Server-FTP.Win32.Serv-U.5201 skipped M:\Plugins\Serv-U 5.0\Serv-U.FTP.v5.0.Corporate.Edition-BetaMaster.ShareReactor\ServUSetup.exe ZIP: infected - 2 skipped M:\Plugins\Serv-U 5.0\Serv-U.FTP.v5.0.Corporate.Edition-BetaMaster.ShareReactor.rar/ServUSetup.exe/SERVUDAEMON.EXE Infected: not-a-virus:Server-FTP.Win32.Serv-U.5000 skipped M:\Plugins\Serv-U 5.0\Serv-U.FTP.v5.0.Corporate.Edition-BetaMaster.ShareReactor.rar/ServUSetup.exe/SERVUTRAY.EXE Infected: not-a-virus:Server-FTP.Win32.Serv-U.5201 skipped M:\Plugins\Serv-U 5.0\Serv-U.FTP.v5.0.Corporate.Edition-BetaMaster.ShareReactor.rar/ServUSetup.exe Infected: not-a-virus:Server-FTP.Win32.Serv-U.5201 skipped M:\Plugins\Serv-U 5.0\Serv-U.FTP.v5.0.Corporate.Edition-BetaMaster.ShareReactor.rar RAR: infected - 3 skipped M:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped Scan process completed. |
|
|
|
|
07-11-2006, 11:02 AM
|
#6 (permalink) |
|
Analyst, Security Team
Join Date: Jun 2005
Posts: 3,065
OS: Windows XP
|
Please follow
Symantec’s Guide to clean out your Norton quarantine. P2P - I see you have P2P software installed on your machine. We are not here to pass judgment on file-sharing as a concept. However, we will warn you that engaging in this activity and having this kind of software installed on your machine will always make you more susceptible to re-infections. It is certainly contributing to your current situation. I’ll leave the decision to you. Your log appears to be clean. If you still have any problems let me know and we will work on diagnosing those through other means. If not, there are just a few more things to go through to finish this off and help prevent future infections. Please post one more time even if you have no problems so we can mark this thread as resolved. Setting a new Restore Point Go to Start >> Run - type control sysdm.cpl,,4 & press Enter.
Windows Update Make sure to get the latest updates for Windows and Internet Explorer at Microsoft Update Site. Prevention A good virus scanner is a necessity in today's computer environment. Many virus scanners include active components that protect you from infection without even running a scan. Some good free antivirus programs include: AVG Free Avast! Home Edition (Antivirus & Firewall) AntiVir A firewall is the first line of defense standing between the internet and your computer. Some good free firewalls are: Zone Alarm Outpost Tiny Personal Firewall Sunbelt Kerio Personal Firewall Adaware SE and Spybot SD are a pair of anti-spyware scanners that should be run every week or two. Although there is some overlap there are many pieces of malware that is caught by one of these and not the other, therefore it is recommended you use both to compliment each other. Spybot also contains two other useful pieces. The first is "Immunize", this helps protect your computer against known exploits. The second is "TeaTimer", with this feature enabled you will receive notifications of all changes to the registry such as programs adding themselves to start-up and you default search page being changed. Spyware Blaster is a powerful tool that prevents "drive-by" downloads and other unwanted installations. It also uses no system resources, run it once and you're all set. Spyware Guard Is a realtime protection engine to guard your computer from spyware. This program does for spyware what an antivirus program does for viruses. IE-Spyad is a program that only needs to be run once to protect you from many malicious sites. It adds domains of known adware companies into the Restricted List of Internet Explorer, preventing them from performing malicious actions on your PC. The MVPS HOSTS file is a file you can download and use to replace your regular hosts file. It prevents many sites from performing malicious actions by blocking the sites from ever being accessed. Together these programs form a powerful barrier between the Internet and your computer. However, all the programs stand alone and feel free to eliminate any you are not comfortable with. Any protection you add to your PC is better than no protection at all. Alternative Programs Here are some alternatives that are either less suceptible than others to malware or don't contain malware where similar programs do. Trillian or Miranda-IM - These are Malware free Instant Messenger programs which allow you to connect to multiple IM services in one program! (AOL, Yahoo, ICQ, IRC, MSN) Desktop Weather - Free taskbar weather program that is free, malware free, and resource light. Firefox - This is an increasingly popular alternate browser. Whilst Internet Explorer is not a bad browser, almost every exploit crafted is targeted to take advantage of an IE weakness.
__________________
|
|
|
|
|
07-11-2006, 04:43 PM
|
#7 (permalink) |
|
Registered User
Join Date: Jul 2006
Posts: 9
OS: XP sp 2
|
Thanks
I am aware of the P2P risks. Had not had problems with it in the past, and I for sure stay away from kazaa or like (limewire) ones as I have seen higher incidence of fake files and viruses.
I cleaned those back-up files in my quarantine, I don't think they were a big deal. I used to use spybot before, but then when a new version came out, it never worked properly again kept giving me these never ending pop up messages. I have ad-aware and microsoft defender for now. I guess I could retry spybot again, see if it doesnt screw up again. So you don't recommend norton antivirus, or the others were just free? Otherwise I thank you for your help and time. What exactly did hoster.exe do. I saw it changed one thing. |
|
|
|
|
07-11-2006, 06:16 PM
|
#8 (permalink) |
|
Analyst, Security Team
Join Date: Jun 2005
Posts: 3,065
OS: Windows XP
|
The Norton Quarantine files aren't really a big deal, we just like to be thorough :)
I personally have seen many issues caused by Norton or a faulty uninstallation of Norton. Having said that, when it runs properly it is one of the better Antivirus programs available. If you have no issues with it's resource usage and are happy with its performance I would keep it. I only recommend free software in my final speech. Hoster resets the Host file to the default Windows Host file. Although only one entry showed in your Hijackthis log it is possible that there were other entries present that could have blocked you from accessing legitimate sites.
__________________
|
|
|
|
|
07-11-2006, 07:20 PM
|
#9 (permalink) |
|
Registered User
Join Date: Jul 2006
Posts: 9
OS: XP sp 2
|
Its odd, because I was not restricted from websites, it all started because I could no longer access my shared files on the network, then I noticed AIM reconnecting very often, then after 3 days, it stopped and was back to the same. After all the things I did, that had not helped. My computer needed TLC.
|
|
|
|
| Thread Tools | |
|
|
