Got rid of the hijacker but - Free Antivirus Forum

Got rid of the hijacker but

BullGuard Antivirus Forum > Virus Removal > Removal Help > Got rid of the hijacker but

Forum Quick Jump

[ << Previous Thread | Next Thread >> ]

heymrwatanabe
New Member

Date Joined Mar 2007
Total Posts : 4

Posted 3-14-2007 1:36 (GMT +1)

hi... I've already removed the hijacker in my system but it messed up something in my registry. here they are:
1. the "Run" in the start menu is missing and when I press windows key + r, it says it's been restricted by the administrator.
2. the system restore is disabled by group policy.

it also disabled regedit and task manager. I've fixed these by reading some of the forums here.

here is my hjt file:

Logfile of HijackThis v1.99.1
Scan saved at 8:23:01 PM, on 3/14/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Documents and Settings\Administrator\Desktop\Picasa2\PicasaMediaDetector.exe
C:\WINDOWS\VM303_STI.EXE
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\System32\cisvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\WINDOWS\RavMonE.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\SEC\MagicTune 2.5\GammaTray.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HHVcdV5Sys\VC5SecS.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\slrundll.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Winamp\winamp.exe
C:\WINDOWS\system32\sol.exe
C:\Documents and Settings\Administrator\My Documents\Jerome's Documents\Hijack\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdmcks.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Documents and Settings\Administrator\Desktop\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [BigDog303] C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [RavAV] C:\WINDOWS\RavMonE.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: wkcalrem.LNK = C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Color Calibration.lnk = ?
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{61B55AE4-919E-491E-9531-1957374EA96A}: NameServer = 210.14.16.5 210.14.16.2
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Spyware Terminator Clam Service (sp_clamsrv) - Crawler.com - C:\Program Files\WinClamAVShield\sp_clamsrv.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Virtual CD v5 Security service (VC5SecS) - H+H Software GmbH - C:\Program Files\HHVcdV5Sys\VC5SecS.exe

please tell me how to solve this. thanks !!

dahli
Trusted Member

Date Joined Oct 2006
Total Posts : 238

Posted 3-14-2007 3:05 (GMT +1)

Hello,

Go HERE and run a Kaspersky Online Scan

Save and post the log it creates here.

Steve

heymrwatanabe
New Member

Date Joined Mar 2007
Total Posts : 4

Posted 3-20-2007 2:01 (GMT +1)

sorry for my late reply cause i've been busy these past few days. here is the log:
Tuesday, March 20, 2007 8:56:26 AM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 20/03/2007
Kaspersky Anti-Virus database records: 267250
Scan Settings
Scan using the following antivirus database standard
Scan Archives true
Scan Mail Bases true
Scan Target My Computer
A:\
C:\
D:\
E:\
F:\
G:\
H:\
Scan Statistics
Total number of scanned objects 105855
Number of viruses found 1
Number of infected objects 3 / 0
Number of suspicious objects 0
Duration of the scan process 01:52:30

Infected Object Name Virus Name Last Action
C:\Documents and Settings\Administrator\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Temp\Free Download Manager\tic1.tmp Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Temp\Free Download Manager\tic2.tmp Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Temp\hsperfdata_Administrator\2824 Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Administrator\ntuser.dat Object is locked skipped
C:\Documents and Settings\Administrator\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Avg7\Log\emc.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log.lck Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\logs\starwind.2007-03-20.06-49-37.log Object is locked skipped
C:\SDFix\backups\backups.zip/backups/lsass.exe Infected: Worm.Win32.VB.ck skipped
C:\SDFix\backups\backups.zip/backups/MSconfig.exe Infected: Worm.Win32.VB.ck skipped
C:\SDFix\backups\backups.zip ZIP: infected - 2 skipped
C:\System Volume Information\catalog.wci\00000002.ps1 Object is locked skipped
C:\System Volume Information\catalog.wci\00000002.ps2 Object is locked skipped
C:\System Volume Information\catalog.wci\00010001.ci Object is locked skipped
C:\System Volume Information\catalog.wci\cicat.fid Object is locked skipped
C:\System Volume Information\catalog.wci\cicat.hsh Object is locked skipped
C:\System Volume Information\catalog.wci\CiCL0001.000 Object is locked skipped
C:\System Volume Information\catalog.wci\CiP10000.000 Object is locked skipped
C:\System Volume Information\catalog.wci\CiP20000.000 Object is locked skipped
C:\System Volume Information\catalog.wci\CiPT0000.000 Object is locked skipped
C:\System Volume Information\catalog.wci\CiSL0001.000 Object is locked skipped
C:\System Volume Information\catalog.wci\CiSP0000.000 Object is locked skipped
C:\System Volume Information\catalog.wci\CiST0000.000 Object is locked skipped
C:\System Volume Information\catalog.wci\CiVP0000.000 Object is locked skipped
C:\System Volume Information\catalog.wci\INDEX.000 Object is locked skipped
C:\System Volume Information\catalog.wci\propstor.bk1 Object is locked skipped
C:\System Volume Information\catalog.wci\propstor.bk2 Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP316\A0530114.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP316\A0530115.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP316\A0530138.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP316\A0530139.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP316\A0530147.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP316\A0530148.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP316\A0531147.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP316\A0531148.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP317\A0531158.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP317\A0531159.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP317\A0531192.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP317\A0531193.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP317\A0532187.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP317\A0532188.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP317\A0533187.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP317\A0533188.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP317\A0534187.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP317\A0534188.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP317\A0538187.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP317\A0538188.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP317\A0538196.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP317\A0538197.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP317\A0539196.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP317\A0539197.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP317\A0540196.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP317\A0540197.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP317\A0541196.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP317\A0541197.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP317\A0541236.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP317\A0541237.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP317\A0541266.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP317\A0541267.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP317\A0541318.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP317\A0541319.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP318\A0541330.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP318\A0541331.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP318\A0542318.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP318\A0542319.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP318\A0543318.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP318\A0543319.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP318\A0543326.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP318\A0543327.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP318\A0544326.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP318\A0544327.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP318\A0544336.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP318\A0544337.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP318\A0544352.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP318\A0544353.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP318\A0544396.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP318\A0544397.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP318\A0545396.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP318\A0545397.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP318\A0546396.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP318\A0546397.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP318\A0548396.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP318\A0548397.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP318\A0549396.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP318\A0549397.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP318\A0549415.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP318\A0549416.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP318\A0549429.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP318\A0549430.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP318\A0550429.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP318\A0550430.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP318\A0551429.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP318\A0551430.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP319\A0551436.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP319\A0551437.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP319\A0551451.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP319\A0551452.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP319\A0551461.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP319\A0551462.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP319\A0551470.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP319\A0551471.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP319\A0552470.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP319\A0552471.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP319\A0553470.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP319\A0553471.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP319\A0554470.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP319\A0554471.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP319\A0555470.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP319\A0555471.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP319\A0556470.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP319\A0556471.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP319\A0558470.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP319\A0558471.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP319\A0559470.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP319\A0559471.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP319\A0560470.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP319\A0560471.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP319\A0576470.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP319\A0576471.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP319\A0580470.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP319\A0580471.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP319\A0581470.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP319\A0581471.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP319\A0581486.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP319\A0581487.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP319\A0582524.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP319\A0582525.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP319\A0582543.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP319\A0582544.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP319\A0583543.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP319\A0583544.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP319\A0584543.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP319\A0584544.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP319\A0585545.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP319\A0585546.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP319\A0586545.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP319\A0586546.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP319\A0586560.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP319\A0586561.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP319\A0588560.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP319\A0588561.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP319\A0588599.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP319\A0588600.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP320\A0588611.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP320\A0588612.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP320\A0589599.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP320\A0589600.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP320\A0589646.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP320\A0589647.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP320\A0590646.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP320\A0590647.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP320\A0590685.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP320\A0590686.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP320\A0590714.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP320\A0590715.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP320\A0590724.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP320\A0590725.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP320\A0590738.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP320\A0590739.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP320\A0591738.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP320\A0591739.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP320\A0592740.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP320\A0592741.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP320\A0593740.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP320\A0593741.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP320\A0594740.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP320\A0594741.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP320\A0598740.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP320\A0598741.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP320\A0599740.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP320\A0599741.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP320\A0599752.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP320\A0599753.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP320\A0599764.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP320\A0599765.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP320\A0600764.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP320\A0600765.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP321\A0600814.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP321\A0600815.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP321\A0601764.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP321\A0601765.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP321\A0601774.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP321\A0601775.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP321\A0601795.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP321\A0601796.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP321\A0601807.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP321\A0601808.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP321\A0602807.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP321\A0602808.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP321\A0603807.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP321\A0603808.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP321\A0603838.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP321\A0603839.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP321\A0603849.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP321\A0603850.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP321\A0604849.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP321\A0604850.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP321\A0605849.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP321\A0605850.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP321\A0607849.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP321\A0607850.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP321\A0607879.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP321\A0607880.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP321\A0608879.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP321\A0608880.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP324\A0616284.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP324\A0616285.vbs Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP325\A0618040.exe Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP325\A0618041.exe Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP325\A0618045.exe Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP325\A0618046.exe Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP325\A0618047.exe Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP325\A0618048.exe Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP326\A0630229.exe Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP328\A0645524.exe Object is locked skipped
C:\System Volume Information\_restore{742307F6-7FC2-403C-9CB9-D6F75E11887F}\RP330\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
Scan process completed.

dahli
Trusted Member

Date Joined Oct 2006
Total Posts : 238

Posted 3-21-2007 2:20 (GMT +1)

Start the Group Policy Editor (Click START>RUN then type gpedit.msc)
Navigate to Computer Configuration/Administrative Templates/System/System Restore
Set Turn off System Restore and Turn off Configuration to Disable
Right click on My Computer and Select Manage
Navigate to Services and Applications/Services
Navigate to System Restore Service and double click
On the General tab set [Startup Type] to Automatic using the drop down list
Click the Start button to start the service
Close the Computer Management console
Return to System Restore in Group Policy Editor and configure both to Not Configured
Close Group Policy Editor and reboot the system.

After the reboot is complete, right click My Computer, select Properties and the tab for System Restore will have been restored.

Post back whether this worked or not and then we can try to fix the other problems.

Steve

heymrwatanabe
New Member

Date Joined Mar 2007
Total Posts : 4

Posted 3-22-2007 8:02 (GMT +1)

hi steve... I guess you missed my first problem. the "START>RUN" is missing and windows key + r doesn't work also.
I also tried searching for gpedit.msc but it doesn't work too.

dahli
Trusted Member

Date Joined Oct 2006
Total Posts : 238

Posted 3-24-2007 1:21 (GMT +1)

* Right-click on the Start button

* Click on Properties

* Select the Start Menu tab

* Press the Customize button

* Select the Advanced tab

* Scroll down through the Start menu items list

* Check the box next to Run

* Press OK twice

Steve

heymrwatanabe
New Member

Date Joined Mar 2007
Total Posts : 4

Posted 3-31-2007 2:26 (GMT +1)

hi steve... I really can't find "Run" in the start menu items. try pressing windows key + r on your pc, it should open your run window but in my case it says: "This operation has been cancelled due to restrictions in effect on this computer. Please contact your system administrator." and I also found out yesterday that the hidden files and folders in my pc can't be accessed anymore. P.S. I really think that it has something to do with the virus messin' up my registry. Thanks !!

dahli
Trusted Member

Date Joined Oct 2006
Total Posts : 238

Posted 4-1-2007 12:39 (GMT +1)

How did you fix the previous issue, with task manager and regedit?

Steve

Forum Information

Currently it is Friday, January 09, 2009 11:59 PM (GMT +1)
There are a total of 66.009 posts in 16.187 threads.
In the last 3 days there were 18 new threads and 108 reply posts. View Active Threads