Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Video Activex Object


  • Please log in to reply
12 replies to this topic

#1 tberger

tberger

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:08:18 AM

Posted 24 February 2007 - 02:20 PM

Hello,

I foolishly feel for the Video ActiveX Object and ended up getting a mess of mal ware and pop ups on my system. After following all of the instructions on your web site, I finally made a Hijack this log file. I think I was able to clean everything up, but just wanted someone to look at the list and make sure I got everything. Thank you for your help.

tb

Log file:

Logfile of HijackThis v1.99.1
Scan saved at 11:00:50 AM, on 2/24/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\pavsrv51.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\AVENGINE.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\TPSrv.exe
C:\WINDOWS\system32\acs.exe
c:\program files\panda software\panda antivirus + firewall 2007\firewall\PNMSRV.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\arservice.exe
C:\Program Files\DISC\DISCover.exe
C:\Program Files\DISC\DiscUpdMgr.exe
C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
C:\WINDOWS\system32\hphmon04.exe
C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Common Files\Command Software\dvpapi.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Cox\Applications\app\start.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\Program Files\HP\HP Share-to-Web\hpgs2wnf.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\HP\KBD\KBD.EXE
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\APVXDWIN.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\DWL-G520M Wireless 108G MIMO PCI Adapter\AIRPLUS.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PavFnSvr.exe
C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PsImSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\dllhost.exe
c:\program files\panda software\panda antivirus + firewall 2007\WebProxy.exe
C:\Program Files\DISC\DiscStreamHub.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\HijackThis\HijackThis.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:6711
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {3C7195F6-D788-4D50-BA72-2EE212EDAC78} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: HpWebHelper - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\webhelper.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: (no name) - {2C0A5F28-48D8-408B-9172-9C6121025BCE} - (no file)
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [DISCover] C:\Program Files\DISC\DISCover.exe
O4 - HKLM\..\Run: [DiscUpdateManager] C:\Program Files\DISC\DiscUpdMgr.exe
O4 - HKLM\..\Run: [DMAScheduler] "c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [HPHmon04] C:\WINDOWS\system32\hphmon04.exe
O4 - HKLM\..\Run: [HPHUPD04] "C:\Program Files\HP Photosmart 11\hphinstall\UniPatch\hphupd04.exe"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ESP] C:\Program Files\Cox\Applications\app\start.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\APVXDWIN.EXE" /s
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: D-Link REG Utility.lnk = C:\Program Files\DWL-G520M Wireless 108G MIMO PCI Adapter\Reg.exe
O4 - Global Startup: DWL-G520M Wireless 108G MIMO PCI Adapter Utility.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Updates From HP.lnk = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Trend Micro Security Services - {D5E1CDC8-64B9-4f8c-8155-FC3B6D6749F7} - http://tmss.trendmicro.com/dashboard/dashb...AAJCDHHADBADICF (file missing)
O9 - Extra 'Tools' menuitem: Trend Micro Security Services - {D5E1CDC8-64B9-4f8c-8155-FC3B6D6749F7} - http://tmss.trendmicro.com/dashboard/dashb...AAJCDHHADBADICF (file missing)
O9 - Extra button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O15 - Trusted Zone: http://*.trymedia.com (HKLM)
O16 - DPF: {1B4F9DD7-2D7C-44B5-9126-73206DA0AE75} (CNavigationManager Object) - http://www3.authentium.com/cssrelease/bin/wizard.exe
O16 - DPF: {410A8B3C-7CCB-40E8-8B11-28B099E5C488} (Trend Micro Security Services Control) - http://tmss.trendmicro.com/Dashboard/contr...TMSSReportW.CAB
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B1826A9F-4AA0-4510-BA77-9013E74E4B9B} - http://www.trendmicro.com/spyware-scan/as4web.cab
O20 - AppInit_DLLs: WIKI.DLL
O20 - Winlogon Notify: avldr - C:\WINDOWS\SYSTEM32\avldr.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O21 - SSODL: eitheror - {2016a466-91a2-43c6-97d8-2fd380f065ef} - C:\WINDOWS\system32\higehsg.dll (file missing)
O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: DvpApi (dvpapi) - Command Software Systems, Inc. - C:\Program Files\Common Files\Command Software\dvpapi.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\pavsrv51.exe
O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\system32\HPHipm11.exe
O23 - Service: Panda Network Manager (PNMSRV) - Panda Software International - c:\program files\panda software\panda antivirus + firewall 2007\firewall\PNMSRV.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PsImSvc.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Software - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\TPSrv.exe

BC AdBot (Login to Remove)

 


#2 RichieUK

RichieUK

    Malware Assassin


  • Malware Response Team
  • 13,614 posts
  • OFFLINE
  •  
  • Local time:05:18 PM

Posted 24 February 2007 - 06:58 PM

Welcome to BC tberger :thumbsup:

Have Hijack This fix the following by placing a check in the appropriate boxes and selecting 'Fix checked'.
Make sure all browser and all Windows Explorer windows are closed before fixing:
O2 - BHO: (no name) - {3C7195F6-D788-4D50-BA72-2EE212EDAC78} - (no file)
O3 - Toolbar: (no name) - {2C0A5F28-48D8-408B-9172-9C6121025BCE} - (no file)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O21 - SSODL: eitheror - {2016a466-91a2-43c6-97d8-2fd380f065ef} - C:\WINDOWS\system32\higehsg.dll (file missing)

Exit Hijackthis.

******************************

Download\install CleanUp.
Launch CleanUp,then click on 'Options'.
Now move the slider on the left up to 'Standard Cleanup!'.
Click 'Ok',now run the program by clicking on the 'Cleanup' button.
Reboot,or log off/log on when it's finished.

******************************

Download SmitfraudFix (by S!Ri), to your desktop.
Double click on Smitfraudfix.cmd
Select option #1 Search, by typing 1 and press "Enter"; a text file will appear, which lists infected files (if present).
Please copy/paste the content of that report into your next reply,along with a new Hijackthis log please.
Posted Image
Posted Image

#3 tberger

tberger
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:08:18 AM

Posted 24 February 2007 - 11:44 PM

Here is the SmitFraudFix log report:

SmitFraudFix v2.132

Scan done at 20:36:26.50, Sat 02/24/2007
Run from C:\Documents and Settings\All Users\Documents\Downloads\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in normal mode

C:\


C:\WINDOWS


C:\WINDOWS\system


C:\WINDOWS\Web


C:\WINDOWS\system32


C:\WINDOWS\system32\LogFiles


C:\Documents and Settings\HP_Administrator


C:\Documents and Settings\HP_Administrator\Application Data


Start Menu


C:\DOCUME~1\HP_ADM~1\FAVORI~1


Desktop


C:\Program Files


Corrupted keys


Desktop Components



Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{2016a466-91a2-43c6-97d8-2fd380f065ef}"="eitheror"



AppInit_DLLs
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="WIKI.DLL"


Winlogon.System
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


pe386-msguard-lzx32


Scanning wininet.dll infection


End




And here is the new HJT log report:

Logfile of HijackThis v1.99.1
Scan saved at 8:38:29 PM, on 2/24/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\pavsrv51.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\AVENGINE.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\TPSrv.exe
C:\WINDOWS\system32\acs.exe
c:\program files\panda software\panda antivirus + firewall 2007\firewall\PNMSRV.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\arservice.exe
C:\Program Files\Common Files\Command Software\dvpapi.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PavFnSvr.exe
C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PsImSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\ARPWRMSG.EXE
C:\Program Files\DISC\DISCover.exe
C:\Program Files\DISC\DiscUpdMgr.exe
C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
C:\WINDOWS\system32\hphmon04.exe
C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\HP\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\DISC\DiscStreamHub.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\APVXDWIN.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\DWL-G520M Wireless 108G MIMO PCI Adapter\AIRPLUS.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
c:\program files\panda software\panda antivirus + firewall 2007\WebProxy.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\avciman.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\psimreal.exe
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:6711
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: HpWebHelper - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\webhelper.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [DISCover] C:\Program Files\DISC\DISCover.exe
O4 - HKLM\..\Run: [DiscUpdateManager] C:\Program Files\DISC\DiscUpdMgr.exe
O4 - HKLM\..\Run: [DMAScheduler] "c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [HPHmon04] C:\WINDOWS\system32\hphmon04.exe
O4 - HKLM\..\Run: [HPHUPD04] "C:\Program Files\HP Photosmart 11\hphinstall\UniPatch\hphupd04.exe"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ESP] C:\Program Files\Cox\Applications\app\start.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\APVXDWIN.EXE" /s
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: D-Link REG Utility.lnk = C:\Program Files\DWL-G520M Wireless 108G MIMO PCI Adapter\Reg.exe
O4 - Global Startup: DWL-G520M Wireless 108G MIMO PCI Adapter Utility.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Updates From HP.lnk = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: Trend Micro Security Services - {D5E1CDC8-64B9-4f8c-8155-FC3B6D6749F7} - http://tmss.trendmicro.com/dashboard/dashb...BJFHDDHFGDDJGCH (file missing)
O9 - Extra 'Tools' menuitem: Trend Micro Security Services - {D5E1CDC8-64B9-4f8c-8155-FC3B6D6749F7} - http://tmss.trendmicro.com/dashboard/dashb...BJFHDDHFGDDJGCH (file missing)
O9 - Extra button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O15 - Trusted Zone: http://*.trymedia.com (HKLM)
O16 - DPF: {1B4F9DD7-2D7C-44B5-9126-73206DA0AE75} (CNavigationManager Object) - http://www3.authentium.com/cssrelease/bin/wizard.exe
O16 - DPF: {410A8B3C-7CCB-40E8-8B11-28B099E5C488} (Trend Micro Security Services Control) - http://tmss.trendmicro.com/Dashboard/contr...TMSSReportW.CAB
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B1826A9F-4AA0-4510-BA77-9013E74E4B9B} - http://www.trendmicro.com/spyware-scan/as4web.cab
O20 - AppInit_DLLs: WIKI.DLL
O20 - Winlogon Notify: avldr - C:\WINDOWS\SYSTEM32\avldr.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: DvpApi (dvpapi) - Command Software Systems, Inc. - C:\Program Files\Common Files\Command Software\dvpapi.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\pavsrv51.exe
O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\system32\HPHipm11.exe
O23 - Service: Panda Network Manager (PNMSRV) - Panda Software International - c:\program files\panda software\panda antivirus + firewall 2007\firewall\PNMSRV.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PsImSvc.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Software - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\TPSrv.exe

#4 RichieUK

RichieUK

    Malware Assassin


  • Malware Response Team
  • 13,614 posts
  • OFFLINE
  •  
  • Local time:05:18 PM

Posted 25 February 2007 - 06:56 AM

Reboot your computer into SAFE MODE" using the F8 method.
To do this,restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly.
A menu will appear with several options.
Use the arrow keys on your keyboard to navigate and select the option to run Windows in "Safe Mode".

Double click on Smitfraudfix.cmd
Select #2 and hit Enter to delete the infected files.
You will be prompted: 'Do you want to clean the registry?' answer Y (yes) and hit Enter in order to remove the Desktop background and clean registry keys associated with the infection.
The tool will now check if wininet.dll is infected. You may be prompted to replace the infected file (if found): 'Replace infected file ?' answer Y (yes) and hit Enter to restore a clean file.
A reboot may be needed to finish the cleaning process.
The report can be found at the root of the system drive, usually at C:\rapport.txt

*****************************

Please download/install AVG Anti-Spyware 7.5.
Please follow these instructions carefully.
Launch/start up AVG Anti-Spyware.
On the main page click the 'Update' tab,and then 'Start Update'.
Once the updates have been installed,do the following:
Select the 'Scanner' icon at the top of the screen, then select the 'Settings' tab.
Once in the 'Settings' screen,under 'How to act?',then under 'Set default action for detected malware to:', click on 'Recommended actions',then click on 'Quarantine'.
Under 'Reports' select 'Automatically generate report after every scan' and unselect 'Only if threats were found'.
Exit AVG Anti-Spyware,don't run the scan just yet.

You might want to print/copy the following as you need to be in Safe Mode from here on.

Reboot your computer into SAFE MODE" using the F8 method.
To do this,restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly.
A menu will appear with several options.
Use the arrow keys on your keyboard to navigate and select the option to run Windows in "Safe Mode".

Launch AVG Anti-Spyware.
Click the 'Scanner' icon at the top.
To start the scan click on 'Complete System Scan'.
Please be patient,it takes a while for the scan to finish.

Once the scan is complete,do the following.
If AVG Anti-Spyware detected any infected objects:,click on 'Apply All Actions'.
Next click on 'Save Report'.
Copy and paste that report into your next reply.
The report can be found under the 'Reports' tab at the top.
Close AVG Anti-Spyware when you've done.
Reboot normally.

Post the smitfraudfix report,the AVG Anti-Spyware report,and a new Hijack This log into your next reply.
Let me know how your pc is running now please.
Posted Image
Posted Image

#5 tberger

tberger
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:08:18 AM

Posted 25 February 2007 - 08:19 PM

SmitFraudFix Report:

SmitFraudFix v2.132

Scan done at 13:13:45.75, Sun 02/25/2007
Run from C:\Documents and Settings\All Users\Documents\Downloads\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in safe mode

Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{2016a466-91a2-43c6-97d8-2fd380f065ef}"="eitheror"


Killing process


Generic Renos Fix

GenericRenosFix by S!Ri


Deleting infected files


Deleting Temp Files


Winlogon.System
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


Registry Cleaning

Registry Cleaning done.

After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{2016a466-91a2-43c6-97d8-2fd380f065ef}"="eitheror"



End




When I ran the updates on the AVG Anti-Spyware program, I thought it had finished updating, but it didn't. I didn't realize this till later. Long story short, after properly updating, I ran the full scan. There are 3 AVG reports (in order in which they were performed.)

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 3:35:48 PM 2/25/2007

+ Scan result:



C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@coxhsi.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.


::Report end
---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 3:48:23 PM 2/25/2007

+ Scan result:



HKU\S-1-5-21-2795490171-2331985253-53004894-1008\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0D045BAA-4BD3-4C94-BE8B-21536BD6BD9F} -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-2795490171-2331985253-53004894-1008\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{67982BB7-0F95-44C5-92DC-E3AF3DC19D6D} -> Adware.Generic : Cleaned with backup (quarantined).


::Report end


---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 4:59:42 PM 2/25/2007

+ Scan result:



C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP138\A0053463.exe -> Adware.SpyDawn : Cleaned with backup (quarantined).
C:\Program Files\SpywareRemover -> Adware.SpywareRemover : Cleaned with backup (quarantined).
C:\Program Files\SpywareRemover\DataBaseNew.ref -> Adware.SpywareRemover : Cleaned with backup (quarantined).
C:\Program Files\SpywareRemover\Log -> Adware.SpywareRemover : Cleaned with backup (quarantined).
C:\Program Files\SpywareRemover\Log\log_2007_01_13_18_19_48.log -> Adware.SpywareRemover : Cleaned with backup (quarantined).
C:\Program Files\SpywareRemover\Log\log_2007_01_13_18_19_49.log -> Adware.SpywareRemover : Cleaned with backup (quarantined).
C:\Program Files\SpywareRemover\Quarantine -> Adware.SpywareRemover : Cleaned with backup (quarantined).
C:\Program Files\SpywareRemover\Registry Backups -> Adware.SpywareRemover : Cleaned with backup (quarantined).
C:\Program Files\SpywareRemover\Settings -> Adware.SpywareRemover : Cleaned with backup (quarantined).
C:\Program Files\SpywareRemover\Settings\CustomScan.stg -> Adware.SpywareRemover : Cleaned with backup (quarantined).
C:\Program Files\SpywareRemover\Settings\IgnoreList.stg -> Adware.SpywareRemover : Cleaned with backup (quarantined).
C:\Program Files\SpywareRemover\Settings\ScanInfo.stg -> Adware.SpywareRemover : Cleaned with backup (quarantined).
C:\Program Files\SpywareRemover\Settings\ScanResults.stg -> Adware.SpywareRemover : Cleaned with backup (quarantined).
C:\Program Files\SpywareRemover\Settings\SelectedFolders.stg -> Adware.SpywareRemover : Cleaned with backup (quarantined).
C:\Program Files\SpywareRemover\Settings\Settings.stg -> Adware.SpywareRemover : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP114\A0045013.dll -> Adware.WorldSecurityOnline : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP114\A0045018.exe -> Downloader.Zlob.arq : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP137\A0053045.exe -> Downloader.Zlob.bcz : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP137\A0053068.exe -> Downloader.Zlob.bcz : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP137\A0053097.exe -> Downloader.Zlob.bcz : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP137\A0053114.exe -> Downloader.Zlob.bcz : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP137\A0053156.exe -> Downloader.Zlob.bcz : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP138\A0053446.exe -> Downloader.Zlob.bcz : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP138\A0053456.exe -> Downloader.Zlob.bcz : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP138\A0053495.exe -> Downloader.Zlob.bcz : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP138\A0053509.exe -> Downloader.Zlob.bcz : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP139\A0053584.exe -> Downloader.Zlob.bcz : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP140\A0053619.exe -> Downloader.Zlob.bcz : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP140\A0053706.exe -> Downloader.Zlob.bcz : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP114\A0045014.dll -> Downloader.Zlob.bdi : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP114\A0045022.exe -> Downloader.Zlob.bfh : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP137\A0053044.exe -> Downloader.Zlob.big : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP137\A0053069.exe -> Downloader.Zlob.big : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP137\A0053098.exe -> Downloader.Zlob.big : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP137\A0053113.exe -> Downloader.Zlob.big : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP137\A0053157.exe -> Downloader.Zlob.big : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP140\A0053729.exe -> Downloader.Zlob.big : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP114\A0045015.exe -> Downloader.Zlob.biu : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP114\A0045016.exe -> Downloader.Zlob.biu : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP114\A0045017.exe -> Downloader.Zlob.biu : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP114\A0045020.exe -> Downloader.Zlob.bjc : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP114\A0045021.exe -> Downloader.Zlob.bjc : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP137\A0053043.dll -> Downloader.Zlob.bne : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP137\A0053067.dll -> Downloader.Zlob.bne : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP137\A0053096.dll -> Downloader.Zlob.bne : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP137\A0053112.dll -> Downloader.Zlob.bne : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP137\A0053155.dll -> Downloader.Zlob.bne : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP138\A0053435.dll -> Downloader.Zlob.bne : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP138\A0053441.dll -> Downloader.Zlob.bne : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP140\A0053633.exe -> Downloader.Zlob.bng : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP140\A0053731.exe -> Downloader.Zlob.bnh : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP138\A0053440.exe -> Downloader.Zlob.bnz : Cleaned with backup (quarantined).
C:\Program Files\Video Access ActiveX Object\iesuninst.exe -> Downloader.Zlob.bor : Cleaned with backup (quarantined).


::Report end

HJT Report:

Logfile of HijackThis v1.99.1
Scan saved at 5:08:21 PM, on 2/25/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\pavsrv51.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\AVENGINE.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\TPSrv.exe
C:\WINDOWS\system32\acs.exe
c:\program files\panda software\panda antivirus + firewall 2007\firewall\PNMSRV.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\DISC\DISCover.exe
C:\Program Files\DISC\DiscUpdMgr.exe
C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
C:\WINDOWS\system32\hphmon04.exe
C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\APVXDWIN.EXE
C:\WINDOWS\arservice.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\HP\HP Share-to-Web\hpgs2wnf.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\Command Software\dvpapi.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\DWL-G520M Wireless 108G MIMO PCI Adapter\AIRPLUS.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PavFnSvr.exe
C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PsImSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
c:\program files\panda software\panda antivirus + firewall 2007\WebProxy.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\DISC\DiscStreamHub.exe
C:\WINDOWS\system32\wuauclt.exe
c:\windows\microsoft.net\framework\v1.1.4322\csc.exe
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\cvtres.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:6711
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: HpWebHelper - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\webhelper.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [DISCover] C:\Program Files\DISC\DISCover.exe
O4 - HKLM\..\Run: [DiscUpdateManager] C:\Program Files\DISC\DiscUpdMgr.exe
O4 - HKLM\..\Run: [DMAScheduler] "c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [HPHmon04] C:\WINDOWS\system32\hphmon04.exe
O4 - HKLM\..\Run: [HPHUPD04] "C:\Program Files\HP Photosmart 11\hphinstall\UniPatch\hphupd04.exe"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ESP] C:\Program Files\Cox\Applications\app\start.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: D-Link REG Utility.lnk = C:\Program Files\DWL-G520M Wireless 108G MIMO PCI Adapter\Reg.exe
O4 - Global Startup: DWL-G520M Wireless 108G MIMO PCI Adapter Utility.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Updates From HP.lnk = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: Trend Micro Security Services - {D5E1CDC8-64B9-4f8c-8155-FC3B6D6749F7} - http://tmss.trendmicro.com/dashboard/dashb...BJFHDDHFGDDJGCH (file missing)
O9 - Extra 'Tools' menuitem: Trend Micro Security Services - {D5E1CDC8-64B9-4f8c-8155-FC3B6D6749F7} - http://tmss.trendmicro.com/dashboard/dashb...BJFHDDHFGDDJGCH (file missing)
O9 - Extra button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O15 - Trusted Zone: http://*.trymedia.com (HKLM)
O16 - DPF: {1B4F9DD7-2D7C-44B5-9126-73206DA0AE75} (CNavigationManager Object) - http://www3.authentium.com/cssrelease/bin/wizard.exe
O16 - DPF: {410A8B3C-7CCB-40E8-8B11-28B099E5C488} (Trend Micro Security Services Control) - http://tmss.trendmicro.com/Dashboard/contr...TMSSReportW.CAB
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B1826A9F-4AA0-4510-BA77-9013E74E4B9B} - http://www.trendmicro.com/spyware-scan/as4web.cab
O20 - AppInit_DLLs: WIKI.DLL
O20 - Winlogon Notify: avldr - C:\WINDOWS\SYSTEM32\avldr.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: DvpApi (dvpapi) - Command Software Systems, Inc. - C:\Program Files\Common Files\Command Software\dvpapi.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\pavsrv51.exe
O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\system32\HPHipm11.exe
O23 - Service: Panda Network Manager (PNMSRV) - Panda Software International - c:\program files\panda software\panda antivirus + firewall 2007\firewall\PNMSRV.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PsImSvc.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Software - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\TPSrv.exe


The computer takes a good 3 minutes to boot up, which is a little longer than usual. I still have the trial version of Panda on it. Also, our internet service provider, COX, has a security suite which I took off, but it gives me a message asking if I want to repair it. When I try to do it, it does not freeze up the computer, but I do have to end the task. I know this is something I'll probably have to contact COX tech support to fix, but that's what is going on. I haven't experienced any pop ups though. Also, the icon tray next to the clock usually has a little arrow to reveal more icons. It hasn't been coming up the last few start ups.

Thanks again for your time and help!

tb

#6 RichieUK

RichieUK

    Malware Assassin


  • Malware Response Team
  • 13,614 posts
  • OFFLINE
  •  
  • Local time:05:18 PM

Posted 25 February 2007 - 08:40 PM

Click on Start>Run,type regedit then press Ok.
Navigate to:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
Double click on AppInit_DLLs in the right hand pane.
In the opening 'Edit String' box,under 'Value data:',clear the space\remove WIKI.DLL,then press Ok.
Exit regedit,reboot.

***********************

Have Hijack This fix the following by placing a check in the appropriate boxes and selecting 'Fix checked'.
Make sure all browser and all Windows Explorer windows are closed before fixing:
O9 - Extra button: Trend Micro Security Services - {D5E1CDC8-64B9-4f8c-8155-FC3B6D6749F7} - http://tmss.trendmicro.com/dashboard/dashb...BJFHDDHFGDDJGCH (file missing)
O9 - Extra 'Tools' menuitem: Trend Micro Security Services - {D5E1CDC8-64B9-4f8c-8155-FC3B6D6749F7} - http://tmss.trendmicro.com/dashboard/dashb...BJFHDDHFGDDJGCH (file missing)
O16 - DPF: {1B4F9DD7-2D7C-44B5-9126-73206DA0AE75} (CNavigationManager Object) - http://www3.authentium.com/cssrelease/bin/wizard.exe

Exit Hijackthis.

***********************

Download 'e Scan MWAV' from here to your desktop:
http://www.mwti.net/download/tools/mwav.exe
Disconnect from the internet,close all running programs.
Double click on the mwav icon on your desktop.
The program will start,the Licence Agreement will pop up.
Select 'I accept the agreement',then press Ok.
The program will open,leave all the settings as they are.
Now press the 'Scan & Clean' button.
The program will now start scanning your pc.
Once the scan has finished,post the results from the lower window 'Virus Log Information'.
Also post a new Hijackthis log please.
Posted Image
Posted Image

#7 tberger

tberger
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:08:18 AM

Posted 26 February 2007 - 12:01 AM

Here is the MWAV log Part 1:

Sun Feb 25 19:40:02 2007 => MWAV in SPECIAL PROMOTION MODE.
Sun Feb 25 19:40:02 2007 => **********************************************************
Sun Feb 25 19:40:02 2007 => MicroWorld Anti Virus & Spyware Toolkit Utility.
Sun Feb 25 19:40:02 2007 => Copyright 2003-2006, MicroWorld Technologies Inc.
Sun Feb 25 19:40:02 2007 => **********************************************************
Sun Feb 25 19:40:02 2007 => Source: C:\DOCUME~1\HP_ADM~1\Desktop\mwav.exe
Sun Feb 25 19:40:02 2007 => Version 9.1.7 (C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\mexe.com)
Sun Feb 25 19:40:02 2007 => Log File: C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\MWAV.LOG
Sun Feb 25 19:40:02 2007 => MWAV Registered: TRUE.
Sun Feb 25 19:40:02 2007 => User Account: HP_Administrator
Sun Feb 25 19:40:02 2007 => OS Type: Windows Workstation
Sun Feb 25 19:40:02 2007 => OS: Windows XP
Sun Feb 25 19:40:02 2007 => Ver: Service Pack 2 (Build 2600)
Sun Feb 25 19:40:02 2007 => Windows Root Folder: C:\WINDOWS
Sun Feb 25 19:40:02 2007 => Windows Sys32 Folder: C:\WINDOWS\system32
Sun Feb 25 19:40:02 2007 => Local Fixed Drives: c:\,d:\
Sun Feb 25 19:40:02 2007 => MWAV Mode: Scan and Clean files (for viruses, adware and spyware).
Sun Feb 25 19:40:02 2007 => Latest Date of files inside MWAV: 24 Feb 2007 12:46:3.
Sun Feb 25 19:40:06 2007 => AV Library Loaded...
Sun Feb 25 19:40:06 2007 => MWAV doing self scanning...
Sun Feb 25 19:40:06 2007 => Scanning File C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\Getvlist.exe
Sun Feb 25 19:40:06 2007 => Scanning File C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\main.avi
Sun Feb 25 19:40:06 2007 => Scanning File C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\virus.avi
Sun Feb 25 19:40:06 2007 => Scanning File C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\ScanningProcess.exe
Sun Feb 25 19:40:06 2007 => Scanning File C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\Kave.dll
Sun Feb 25 19:40:06 2007 => Scanning File C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\prloader.dll
Sun Feb 25 19:40:06 2007 => MWAV files are clean.
Sun Feb 25 19:40:11 2007 => Virus Database Date: 2/24/2007
Sun Feb 25 19:40:11 2007 => Virus Database Count: 273067

Sun Feb 25 19:40:43 2007 => **********************************************************
Sun Feb 25 19:40:43 2007 => MicroWorld Anti Virus & Spyware Toolkit Utility.
Sun Feb 25 19:40:43 2007 => Copyright 2003-2006, MicroWorld Technologies Inc.
Sun Feb 25 19:40:43 2007 =>
Sun Feb 25 19:40:43 2007 => Support: support@mwti.net
Sun Feb 25 19:40:43 2007 => Web: http://www.mwti.net
Sun Feb 25 19:40:43 2007 => **********************************************************
Sun Feb 25 19:40:43 2007 => Version 9.1.7 (C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\mexe.com)
Sun Feb 25 19:40:43 2007 => Log File: C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\MWAV.LOG
Sun Feb 25 19:40:43 2007 => User Account: HP_Administrator
Sun Feb 25 19:40:43 2007 => Windows Root Folder: C:\WINDOWS
Sun Feb 25 19:40:43 2007 => Windows Sys32 Folder: C:\WINDOWS\system32
Sun Feb 25 19:40:43 2007 => OS: Windows XP
Sun Feb 25 19:40:43 2007 => Ver: Service Pack 2 (Build 2600)
Sun Feb 25 19:40:43 2007 => Latest Date of files inside MWAV: 24 Feb 2007 12:46:3.

Sun Feb 25 19:40:43 2007 => Options Selected by User:
Sun Feb 25 19:40:43 2007 => Memory Check: Enabled
Sun Feb 25 19:40:43 2007 => Registry Check: Enabled
Sun Feb 25 19:40:43 2007 => StartUp Folder Check: Enabled
Sun Feb 25 19:40:43 2007 => System Folder Check: Enabled
Sun Feb 25 19:40:43 2007 => System Area Check: Disabled
Sun Feb 25 19:40:43 2007 => Services Check: Enabled
Sun Feb 25 19:40:43 2007 => Drive Check Option Disabled
Sun Feb 25 19:40:43 2007 => Folder Check: Disabled

Sun Feb 25 19:40:46 2007 => ***** Scanning Memory Files *****
Sun Feb 25 19:40:46 2007 => Scanning File C:\WINDOWS\System32\smss.exe
Sun Feb 25 19:40:47 2007 => Scanning File C:\WINDOWS\system32\ntdll.dll
Sun Feb 25 19:40:47 2007 => Scanning File C:\WINDOWS\SYSTEM32\CSRSS.EXE
Sun Feb 25 19:40:47 2007 => Scanning File C:\WINDOWS\system32\CSRSRV.dll
Sun Feb 25 19:40:47 2007 => Scanning File C:\WINDOWS\system32\basesrv.dll
Sun Feb 25 19:40:47 2007 => Scanning File C:\WINDOWS\system32\winsrv.dll
Sun Feb 25 19:40:47 2007 => Scanning File C:\WINDOWS\system32\GDI32.dll
Sun Feb 25 19:40:47 2007 => Scanning File C:\WINDOWS\system32\KERNEL32.dll
Sun Feb 25 19:40:47 2007 => Scanning File C:\WINDOWS\system32\USER32.dll
Sun Feb 25 19:40:47 2007 => Scanning File C:\WINDOWS\system32\sxs.dll
Sun Feb 25 19:40:47 2007 => Scanning File C:\WINDOWS\system32\ADVAPI32.dll
Sun Feb 25 19:40:47 2007 => Scanning File C:\WINDOWS\system32\RPCRT4.dll
Sun Feb 25 19:40:47 2007 => Scanning File C:\WINDOWS\system32\Apphelp.dll
Sun Feb 25 19:40:47 2007 => Scanning File C:\WINDOWS\system32\VERSION.dll
Sun Feb 25 19:40:47 2007 => Scanning File C:\WINDOWS\SYSTEM32\WINLOGON.EXE
Sun Feb 25 19:40:48 2007 => Scanning File C:\WINDOWS\system32\AUTHZ.dll
Sun Feb 25 19:40:48 2007 => Scanning File C:\WINDOWS\system32\msvcrt.dll
Sun Feb 25 19:40:48 2007 => Scanning File C:\WINDOWS\system32\CRYPT32.dll
Sun Feb 25 19:40:48 2007 => Scanning File C:\WINDOWS\system32\MSASN1.dll
Sun Feb 25 19:40:48 2007 => Scanning File C:\WINDOWS\system32\NDdeApi.dll
Sun Feb 25 19:40:48 2007 => Scanning File C:\WINDOWS\system32\PROFMAP.dll
Sun Feb 25 19:40:48 2007 => Scanning File C:\WINDOWS\system32\NETAPI32.dll
Sun Feb 25 19:40:48 2007 => Scanning File C:\WINDOWS\system32\USERENV.dll
Sun Feb 25 19:40:48 2007 => Scanning File C:\WINDOWS\system32\PSAPI.DLL
Sun Feb 25 19:40:48 2007 => Scanning File C:\WINDOWS\system32\REGAPI.dll
Sun Feb 25 19:40:48 2007 => Scanning File C:\WINDOWS\system32\Secur32.dll
Sun Feb 25 19:40:48 2007 => Scanning File C:\WINDOWS\system32\SETUPAPI.dll
Sun Feb 25 19:40:48 2007 => Scanning File C:\WINDOWS\system32\WINSTA.dll
Sun Feb 25 19:40:48 2007 => Scanning File C:\WINDOWS\system32\WINTRUST.dll
Sun Feb 25 19:40:48 2007 => Scanning File C:\WINDOWS\system32\IMAGEHLP.dll
Sun Feb 25 19:40:48 2007 => Scanning File C:\WINDOWS\system32\WS2_32.dll
Sun Feb 25 19:40:48 2007 => Scanning File C:\WINDOWS\system32\WS2HELP.dll
Sun Feb 25 19:40:48 2007 => Scanning File C:\WINDOWS\system32\IMM32.DLL
Sun Feb 25 19:40:48 2007 => Scanning File C:\WINDOWS\system32\MSGINA.dll
Sun Feb 25 19:40:48 2007 => Scanning File C:\WINDOWS\system32\SHELL32.dll
Sun Feb 25 19:40:48 2007 => Scanning File C:\WINDOWS\system32\SHLWAPI.dll
Sun Feb 25 19:40:48 2007 => Scanning File C:\WINDOWS\system32\COMCTL32.dll
Sun Feb 25 19:40:49 2007 => Scanning File C:\WINDOWS\system32\ODBC32.dll
Sun Feb 25 19:40:49 2007 => Scanning File C:\WINDOWS\system32\comdlg32.dll
Sun Feb 25 19:40:49 2007 => Scanning File C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
Sun Feb 25 19:40:49 2007 => Scanning File C:\WINDOWS\system32\odbcint.dll
Sun Feb 25 19:40:49 2007 => Scanning File C:\WINDOWS\system32\SHSVCS.dll
Sun Feb 25 19:40:49 2007 => Scanning File C:\WINDOWS\system32\sfc.dll
Sun Feb 25 19:40:49 2007 => Scanning File C:\WINDOWS\system32\sfc_os.dll
Sun Feb 25 19:40:49 2007 => Scanning File C:\WINDOWS\system32\ole32.dll
Sun Feb 25 19:40:49 2007 => Scanning File C:\WINDOWS\system32\msctfime.ime
Sun Feb 25 19:40:49 2007 => Scanning File C:\WINDOWS\system32\WINSCARD.DLL
Sun Feb 25 19:40:49 2007 => Scanning File C:\WINDOWS\system32\WTSAPI32.dll
Sun Feb 25 19:40:49 2007 => Scanning File C:\WINDOWS\system32\WINMM.dll
Sun Feb 25 19:40:49 2007 => Scanning File C:\WINDOWS\system32\uxtheme.dll
Sun Feb 25 19:40:49 2007 => Scanning File C:\WINDOWS\system32\avldr.dll
Sun Feb 25 19:40:49 2007 => Scanning File C:\WINDOWS\system32\rsaenh.dll
Sun Feb 25 19:40:49 2007 => Scanning File C:\WINDOWS\system32\cscdll.dll
Sun Feb 25 19:40:49 2007 => Scanning File C:\WINDOWS\system32\WlNotify.dll
Sun Feb 25 19:40:49 2007 => Scanning File C:\WINDOWS\system32\WINSPOOL.DRV
Sun Feb 25 19:40:49 2007 => Scanning File C:\WINDOWS\system32\MPR.dll
Sun Feb 25 19:40:49 2007 => Scanning File C:\WINDOWS\system32\WgaLogon.dll
Sun Feb 25 19:40:49 2007 => Scanning File C:\WINDOWS\system32\OLEAUT32.dll
Sun Feb 25 19:40:50 2007 => Scanning File C:\WINDOWS\system32\NTMARTA.DLL
Sun Feb 25 19:40:50 2007 => Scanning File C:\WINDOWS\system32\WLDAP32.dll
Sun Feb 25 19:40:50 2007 => Scanning File C:\WINDOWS\system32\SAMLIB.dll
Sun Feb 25 19:40:50 2007 => Scanning File C:\WINDOWS\system32\CLBCATQ.DLL
Sun Feb 25 19:40:50 2007 => Scanning File C:\WINDOWS\system32\COMRes.dll
Sun Feb 25 19:40:50 2007 => Scanning File C:\WINDOWS\system32\msv1_0.dll
Sun Feb 25 19:40:50 2007 => Scanning File C:\WINDOWS\system32\iphlpapi.dll
Sun Feb 25 19:40:50 2007 => Scanning File C:\WINDOWS\system32\RASAPI32.dll
Sun Feb 25 19:40:50 2007 => Scanning File C:\WINDOWS\system32\rasman.dll
Sun Feb 25 19:40:50 2007 => Scanning File C:\WINDOWS\system32\TAPI32.dll
Sun Feb 25 19:40:50 2007 => Scanning File C:\WINDOWS\system32\rtutils.dll
Sun Feb 25 19:40:50 2007 => Scanning File C:\WINDOWS\system32\cscui.dll
Sun Feb 25 19:40:50 2007 => Scanning File C:\WINDOWS\system32\xpsp2res.dll
Sun Feb 25 19:40:50 2007 => Scanning File C:\WINDOWS\system32\wdmaud.drv
Sun Feb 25 19:40:50 2007 => Scanning File C:\WINDOWS\system32\msacm32.drv
Sun Feb 25 19:40:50 2007 => Scanning File C:\WINDOWS\system32\MSACM32.dll
Sun Feb 25 19:40:50 2007 => Scanning File C:\WINDOWS\system32\midimap.dll
Sun Feb 25 19:40:50 2007 => Scanning File C:\WINDOWS\system32\services.exe
Sun Feb 25 19:40:51 2007 => Scanning File C:\WINDOWS\system32\SCESRV.dll
Sun Feb 25 19:40:51 2007 => Scanning File C:\WINDOWS\system32\umpnpmgr.dll
Sun Feb 25 19:40:51 2007 => Scanning File C:\WINDOWS\system32\NCObjAPI.DLL
Sun Feb 25 19:40:51 2007 => Scanning File C:\WINDOWS\system32\MSVCP60.dll
Sun Feb 25 19:40:51 2007 => Scanning File C:\WINDOWS\system32\ShimEng.dll
Sun Feb 25 19:40:51 2007 => Scanning File C:\WINDOWS\AppPatch\AcGenral.DLL
Sun Feb 25 19:40:51 2007 => Scanning File C:\WINDOWS\system32\eventlog.dll
Sun Feb 25 19:40:51 2007 => Scanning File C:\WINDOWS\system32\lsass.exe
Sun Feb 25 19:40:51 2007 => Scanning File C:\WINDOWS\system32\LSASRV.dll
Sun Feb 25 19:40:51 2007 => Scanning File C:\WINDOWS\system32\NTDSAPI.dll
Sun Feb 25 19:40:51 2007 => Scanning File C:\WINDOWS\system32\DNSAPI.dll
Sun Feb 25 19:40:51 2007 => Scanning File C:\WINDOWS\system32\SAMSRV.dll
Sun Feb 25 19:40:51 2007 => Scanning File C:\WINDOWS\system32\cryptdll.dll
Sun Feb 25 19:40:51 2007 => Scanning File C:\WINDOWS\system32\msprivs.dll
Sun Feb 25 19:40:51 2007 => Scanning File C:\WINDOWS\system32\kerberos.dll
Sun Feb 25 19:40:51 2007 => Scanning File C:\WINDOWS\system32\netlogon.dll
Sun Feb 25 19:40:51 2007 => Scanning File C:\WINDOWS\system32\w32time.dll
Sun Feb 25 19:40:51 2007 => Scanning File C:\WINDOWS\system32\schannel.dll
Sun Feb 25 19:40:51 2007 => Scanning File C:\WINDOWS\system32\wdigest.dll
Sun Feb 25 19:40:51 2007 => Scanning File C:\WINDOWS\system32\nwprovau.dll
Sun Feb 25 19:40:51 2007 => Scanning File C:\WINDOWS\system32\scecli.dll
Sun Feb 25 19:40:51 2007 => Scanning File C:\WINDOWS\system32\ipsecsvc.dll
Sun Feb 25 19:40:51 2007 => Scanning File C:\WINDOWS\system32\oakley.DLL
Sun Feb 25 19:40:51 2007 => Scanning File C:\WINDOWS\system32\WINIPSEC.DLL
Sun Feb 25 19:40:51 2007 => Scanning File C:\WINDOWS\system32\pstorsvc.dll
Sun Feb 25 19:40:51 2007 => Scanning File c:\PROGRA~1\PANDAS~1\PANDAA~1\pavlsp.dll
Sun Feb 25 19:40:51 2007 => Scanning File c:\PROGRA~1\PANDAS~1\PANDAA~1\icl_cfg.dll
Sun Feb 25 19:40:51 2007 => Scanning File c:\PROGRA~1\PANDAS~1\PANDAA~1\PavTrc.dll
Sun Feb 25 19:40:52 2007 => Scanning File C:\WINDOWS\system32\WSOCK32.dll
Sun Feb 25 19:40:52 2007 => Scanning File C:\WINDOWS\system32\mswsock.dll
Sun Feb 25 19:40:52 2007 => Scanning File C:\WINDOWS\system32\hnetcfg.dll
Sun Feb 25 19:40:52 2007 => Scanning File C:\WINDOWS\System32\wshtcpip.dll
Sun Feb 25 19:40:52 2007 => Scanning File C:\WINDOWS\system32\psbase.dll
Sun Feb 25 19:40:52 2007 => Scanning File C:\WINDOWS\system32\dssenh.dll
Sun Feb 25 19:40:52 2007 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Feb 25 19:40:52 2007 => Scanning File c:\windows\system32\rpcss.dll
Sun Feb 25 19:40:52 2007 => Scanning File c:\windows\system32\termsrv.dll
Sun Feb 25 19:40:52 2007 => Scanning File c:\windows\system32\ICAAPI.dll
Sun Feb 25 19:40:52 2007 => Scanning File c:\windows\system32\mstlsapi.dll
Sun Feb 25 19:40:52 2007 => Scanning File c:\windows\system32\ACTIVEDS.dll
Sun Feb 25 19:40:52 2007 => Scanning File c:\windows\system32\adsldpc.dll
Sun Feb 25 19:40:52 2007 => Scanning File c:\windows\system32\ATL.DLL
Sun Feb 25 19:40:52 2007 => Scanning File C:\WINDOWS\system32\msi.dll
Sun Feb 25 19:40:52 2007 => Scanning File C:\WINDOWS\System32\wship6.dll
Sun Feb 25 19:40:52 2007 => Scanning File C:\WINDOWS\System32\wshisn.dll
Sun Feb 25 19:40:52 2007 => Scanning File C:\WINDOWS\System32\winrnr.dll
Sun Feb 25 19:40:52 2007 => Scanning File C:\WINDOWS\system32\rasadhlp.dll
Sun Feb 25 19:40:52 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\pavsrv51.exe
Sun Feb 25 19:40:52 2007 => Scanning File C:\WINDOWS\system32\VDMDBG.dll
Sun Feb 25 19:40:52 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\avengdll.dll
Sun Feb 25 19:40:52 2007 => Scanning File C:\PROGRA~1\COMMON~1\PANDAS~1\PavShld\PAVSHLD.DLL
Sun Feb 25 19:40:52 2007 => Scanning File C:\PROGRA~1\COMMON~1\PANDAS~1\PavShld\PROCPROT.DLL
Sun Feb 25 19:40:53 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\PavCntrs.dll
Sun Feb 25 19:40:53 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\AVENGINE.EXE
Sun Feb 25 19:40:53 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\pskas.dll
Sun Feb 25 19:40:53 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\PSKUTIL.dll
Sun Feb 25 19:40:53 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\PSKVFILE.dll
Sun Feb 25 19:40:53 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\PSKALLOC.dll
Sun Feb 25 19:40:53 2007 => Scanning File C:\WINDOWS\system32\MSVCR71.dll
Sun Feb 25 19:40:53 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\pskvfs.dll
Sun Feb 25 19:40:53 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\PSKCMP.dll
Sun Feb 25 19:40:53 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\PSKPACK.DLL
Sun Feb 25 19:40:53 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\pskvm.dll
Sun Feb 25 19:40:53 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\PSKHTML.dll
Sun Feb 25 19:40:53 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\pskmdfs.dll
Sun Feb 25 19:40:53 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\memvfile.dll
Sun Feb 25 19:40:53 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\pskavs.dll
Sun Feb 25 19:40:53 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\pskscs.dll
Sun Feb 25 19:40:53 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\pskfss.dll
Sun Feb 25 19:40:53 2007 => Scanning File c:\windows\system32\cryptsvc.dll
Sun Feb 25 19:40:53 2007 => Scanning File c:\windows\system32\certcli.dll
Sun Feb 25 19:40:53 2007 => Scanning File C:\WINDOWS\system32\CRYPTUI.dll
Sun Feb 25 19:40:53 2007 => Scanning File C:\WINDOWS\system32\WININET.dll
Sun Feb 25 19:40:54 2007 => Scanning File C:\WINDOWS\system32\Normaliz.dll
Sun Feb 25 19:40:54 2007 => Scanning File C:\WINDOWS\system32\iertutil.dll
Sun Feb 25 19:40:54 2007 => Scanning File c:\windows\system32\ESENT.dll
Sun Feb 25 19:40:54 2007 => Scanning File c:\windows\system32\dhcpcsvc.dll
Sun Feb 25 19:40:54 2007 => Scanning File c:\windows\system32\wzcsvc.dll
Sun Feb 25 19:40:54 2007 => Scanning File c:\windows\system32\WMI.dll
Sun Feb 25 19:40:54 2007 => Scanning File C:\WINDOWS\System32\rastls.dll
Sun Feb 25 19:40:54 2007 => Scanning File C:\WINDOWS\system32\MPRAPI.dll
Sun Feb 25 19:40:54 2007 => Scanning File C:\WINDOWS\System32\WZCSAPI.DLL
Sun Feb 25 19:40:54 2007 => Scanning File C:\WINDOWS\System32\raschap.dll
Sun Feb 25 19:40:54 2007 => Scanning File c:\windows\system32\schedsvc.dll
Sun Feb 25 19:40:54 2007 => Scanning File C:\WINDOWS\system32\MSIDLE.DLL
Sun Feb 25 19:40:54 2007 => Scanning File c:\windows\system32\audiosrv.dll
Sun Feb 25 19:40:54 2007 => Scanning File c:\windows\system32\wkssvc.dll
Sun Feb 25 19:40:54 2007 => Scanning File c:\windows\system32\nwwks.dll
Sun Feb 25 19:40:54 2007 => Scanning File c:\windows\system32\NWAPI32.dll
Sun Feb 25 19:40:54 2007 => Scanning File c:\windows\system32\dmserver.dll
Sun Feb 25 19:40:54 2007 => Scanning File c:\windows\system32\ersvc.dll
Sun Feb 25 19:40:54 2007 => Scanning File c:\windows\pchealth\helpctr\binaries\pchsvc.dll
Sun Feb 25 19:40:54 2007 => Scanning File c:\windows\system32\hidserv.dll
Sun Feb 25 19:40:54 2007 => Scanning File c:\windows\system32\HID.DLL
Sun Feb 25 19:40:54 2007 => Scanning File c:\windows\system32\es.dll
Sun Feb 25 19:40:54 2007 => Scanning File c:\windows\system32\srvsvc.dll
Sun Feb 25 19:40:54 2007 => Scanning File c:\windows\system32\netman.dll
Sun Feb 25 19:40:54 2007 => Scanning File c:\windows\system32\netshell.dll
Sun Feb 25 19:40:54 2007 => Scanning File c:\windows\system32\credui.dll
Sun Feb 25 19:40:55 2007 => Scanning File c:\windows\system32\seclogon.dll
Sun Feb 25 19:40:55 2007 => Scanning File c:\windows\system32\sens.dll
Sun Feb 25 19:40:55 2007 => Scanning File c:\windows\system32\srsvc.dll
Sun Feb 25 19:40:55 2007 => Scanning File c:\windows\system32\POWRPROF.dll
Sun Feb 25 19:40:55 2007 => Scanning File c:\windows\system32\trkwks.dll
Sun Feb 25 19:40:55 2007 => Scanning File c:\windows\system32\wuauserv.dll
Sun Feb 25 19:40:55 2007 => Scanning File C:\WINDOWS\system32\wuaueng.dll
Sun Feb 25 19:40:55 2007 => Scanning File C:\WINDOWS\system32\ADVPACK.dll
Sun Feb 25 19:40:55 2007 => Scanning File C:\WINDOWS\system32\SHFOLDER.dll
Sun Feb 25 19:40:55 2007 => Scanning File C:\WINDOWS\system32\WINHTTP.dll
Sun Feb 25 19:40:55 2007 => Scanning File C:\WINDOWS\system32\Cabinet.dll
Sun Feb 25 19:40:55 2007 => Scanning File C:\WINDOWS\system32\mspatcha.dll
Sun Feb 25 19:40:55 2007 => Scanning File c:\windows\system32\browser.dll
Sun Feb 25 19:40:55 2007 => Scanning File c:\windows\system32\wbem\wmisvc.dll
Sun Feb 25 19:40:55 2007 => Scanning File C:\WINDOWS\system32\VSSAPI.DLL
Sun Feb 25 19:40:55 2007 => Scanning File c:\windows\system32\6to4svc.dll
Sun Feb 25 19:40:55 2007 => Scanning File c:\windows\system32\wscsvc.dll
Sun Feb 25 19:40:55 2007 => Scanning File c:\windows\system32\ipnathlp.dll
Sun Feb 25 19:40:55 2007 => Scanning File C:\WINDOWS\system32\wbem\wbemcomn.dll
Sun Feb 25 19:40:55 2007 => Scanning File C:\WINDOWS\System32\Wbem\wbemcore.dll
Sun Feb 25 19:40:55 2007 => Scanning File C:\WINDOWS\System32\Wbem\esscli.dll
Sun Feb 25 19:40:55 2007 => Scanning File C:\WINDOWS\System32\Wbem\FastProx.dll
Sun Feb 25 19:40:55 2007 => Scanning File C:\WINDOWS\system32\wbem\wbemsvc.dll
Sun Feb 25 19:40:55 2007 => Scanning File C:\WINDOWS\system32\comsvcs.dll
Sun Feb 25 19:40:55 2007 => Scanning File C:\WINDOWS\system32\colbact.DLL
Sun Feb 25 19:40:56 2007 => Scanning File C:\WINDOWS\system32\MTXCLU.DLL
Sun Feb 25 19:40:56 2007 => Scanning File C:\WINDOWS\system32\CLUSAPI.DLL
Sun Feb 25 19:40:56 2007 => Scanning File C:\WINDOWS\system32\RESUTILS.DLL
Sun Feb 25 19:40:56 2007 => Scanning File C:\WINDOWS\system32\wbem\wmiutils.dll
Sun Feb 25 19:40:56 2007 => Scanning File C:\WINDOWS\system32\wbem\repdrvfs.dll
Sun Feb 25 19:40:56 2007 => Scanning File C:\WINDOWS\system32\wbem\wmiprvsd.dll
Sun Feb 25 19:40:56 2007 => Scanning File C:\WINDOWS\system32\wbem\wbemess.dll
Sun Feb 25 19:40:56 2007 => Scanning File C:\WINDOWS\system32\wbem\ncprov.dll
Sun Feb 25 19:40:56 2007 => Scanning File c:\windows\system32\tapisrv.dll
Sun Feb 25 19:40:56 2007 => Scanning File c:\windows\system32\rasmans.dll
Sun Feb 25 19:40:56 2007 => Scanning File c:\windows\system32\netcfgx.dll
Sun Feb 25 19:40:56 2007 => Scanning File C:\WINDOWS\system32\rastapi.dll
Sun Feb 25 19:40:56 2007 => Scanning File C:\WINDOWS\system32\unimdm.tsp
Sun Feb 25 19:40:56 2007 => Scanning File C:\WINDOWS\system32\uniplat.dll
Sun Feb 25 19:40:56 2007 => Scanning File C:\WINDOWS\system32\unimdmat.dll
Sun Feb 25 19:40:56 2007 => Scanning File C:\WINDOWS\system32\modemui.dll
Sun Feb 25 19:40:56 2007 => Scanning File C:\WINDOWS\system32\kmddsp.tsp
Sun Feb 25 19:40:56 2007 => Scanning File C:\WINDOWS\system32\ndptsp.tsp
Sun Feb 25 19:40:56 2007 => Scanning File C:\WINDOWS\system32\ipconf.tsp
Sun Feb 25 19:40:56 2007 => Scanning File C:\WINDOWS\system32\h323.tsp
Sun Feb 25 19:40:56 2007 => Scanning File C:\WINDOWS\system32\hidphone.tsp
Sun Feb 25 19:40:56 2007 => Scanning File C:\WINDOWS\system32\rasppp.dll
Sun Feb 25 19:40:56 2007 => Scanning File C:\WINDOWS\system32\ntlsapi.dll
Sun Feb 25 19:40:56 2007 => Scanning File C:\WINDOWS\system32\ipxwan.dll
Sun Feb 25 19:40:56 2007 => Scanning File C:\WINDOWS\system32\adptif.dll
Sun Feb 25 19:40:56 2007 => Scanning File C:\WINDOWS\system32\upnp.dll
Sun Feb 25 19:40:56 2007 => Scanning File C:\WINDOWS\system32\SSDPAPI.dll
Sun Feb 25 19:40:56 2007 => Scanning File C:\WINDOWS\system32\MSXML3.DLL
Sun Feb 25 19:40:56 2007 => Scanning File C:\WINDOWS\system32\urlmon.dll
Sun Feb 25 19:40:57 2007 => Scanning File C:\WINDOWS\system32\RASDLG.dll
Sun Feb 25 19:40:57 2007 => Scanning File c:\windows\system32\qmgr.dll
Sun Feb 25 19:40:57 2007 => Scanning File C:\WINDOWS\system32\qmgrprxy.dll
Sun Feb 25 19:40:57 2007 => Scanning File C:\WINDOWS\system32\mlang.dll
Sun Feb 25 19:40:57 2007 => Scanning File C:\WINDOWS\System32\xmlprovi.dll
Sun Feb 25 19:40:57 2007 => Scanning File C:\WINDOWS\system32\actxprxy.dll
Sun Feb 25 19:40:57 2007 => Scanning File C:\WINDOWS\system32\wbem\wbemprox.dll
Sun Feb 25 19:40:57 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\TPSrv.exe
Sun Feb 25 19:40:57 2007 => Scanning File C:\WINDOWS\system32\pavipc.dll
Sun Feb 25 19:40:57 2007 => Scanning File C:\WINDOWS\system32\TpUtil.dll
Sun Feb 25 19:40:57 2007 => Scanning File C:\WINDOWS\system32\MSVCP71.dll
Sun Feb 25 19:40:57 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\PavVT.dll
Sun Feb 25 19:40:57 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\pfsf.dll
Sun Feb 25 19:40:57 2007 => Scanning File C:\WINDOWS\system32\systools.dll
Sun Feb 25 19:40:57 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\pskudna.dll
Sun Feb 25 19:40:57 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\PavSRU.dll
Sun Feb 25 19:40:57 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\PavTPU.dll
Sun Feb 25 19:40:57 2007 => Scanning File C:\WINDOWS\system32\acs.exe
Sun Feb 25 19:40:57 2007 => Scanning File C:\WINDOWS\system32\athcfg11.dll
Sun Feb 25 19:40:58 2007 => Scanning File C:\WINDOWS\system32\CFGMGR32.dll
Sun Feb 25 19:40:58 2007 => Scanning File C:\WINDOWS\system32\MFC42.DLL
Sun Feb 25 19:40:58 2007 => Scanning File C:\WINDOWS\system32\MSVCIRT.dll
Sun Feb 25 19:40:58 2007 => Scanning File C:\WINDOWS\system32\AegisE5.dll
Sun Feb 25 19:40:58 2007 => Scanning File C:\WINDOWS\SYSTEM32\PAVSHOOK.DLL
Sun Feb 25 19:40:58 2007 => Scanning File c:\windows\system32\dnsrslvr.dll
Sun Feb 25 19:40:58 2007 => Scanning File c:\windows\system32\lmhsvc.dll
Sun Feb 25 19:40:58 2007 => Scanning File c:\windows\system32\webclnt.dll
Sun Feb 25 19:40:58 2007 => Scanning File c:\windows\system32\regsvc.dll
Sun Feb 25 19:40:58 2007 => Scanning File c:\PROGRA~1\PANDAS~1\PANDAA~1\firewall\PNMSRV.EXE
Sun Feb 25 19:40:58 2007 => Scanning File c:\PROGRA~1\PANDAS~1\PANDAA~1\firewall\netflt.dll
Sun Feb 25 19:40:58 2007 => Scanning File c:\PROGRA~1\PANDAS~1\PANDAA~1\firewall\apflctrl.dll
Sun Feb 25 19:40:58 2007 => Scanning File c:\PROGRA~1\PANDAS~1\PANDAA~1\firewall\IdsFlt.dll
Sun Feb 25 19:40:58 2007 => Scanning File c:\PROGRA~1\PANDAS~1\PANDAA~1\firewall\dsaflt.dll
Sun Feb 25 19:40:58 2007 => Scanning File c:\PROGRA~1\PANDAS~1\PANDAA~1\firewall\fnetctrl.dll
Sun Feb 25 19:40:58 2007 => Scanning File c:\PROGRA~1\PANDAS~1\PANDAA~1\firewall\smsflt.dll
Sun Feb 25 19:40:58 2007 => Scanning File c:\PROGRA~1\PANDAS~1\PANDAA~1\firewall\wnmflt.dll
Sun Feb 25 19:40:58 2007 => Scanning File c:\PROGRA~1\PANDAS~1\PANDAA~1\firewall\PNMATDI.dll
Sun Feb 25 19:40:59 2007 => Scanning File C:\WINDOWS\system32\spoolsv.exe
Sun Feb 25 19:40:59 2007 => Scanning File C:\WINDOWS\system32\SPOOLSS.DLL
Sun Feb 25 19:40:59 2007 => Scanning File C:\WINDOWS\system32\localspl.dll
Sun Feb 25 19:40:59 2007 => Scanning File C:\WINDOWS\system32\cnbjmon.dll
Sun Feb 25 19:40:59 2007 => Scanning File C:\WINDOWS\system32\HpTcpMon.dll
Sun Feb 25 19:40:59 2007 => Scanning File C:\WINDOWS\system32\hpzjrd01.dll
Sun Feb 25 19:40:59 2007 => Scanning File C:\WINDOWS\system32\HPTcpMUI.dll
Sun Feb 25 19:40:59 2007 => Scanning File C:\WINDOWS\system32\hptcpmib.dll
Sun Feb 25 19:40:59 2007 => Scanning File C:\WINDOWS\system32\mgmtapi.dll
Sun Feb 25 19:40:59 2007 => Scanning File C:\WINDOWS\system32\snmpapi.dll
Sun Feb 25 19:40:59 2007 => Scanning File C:\WINDOWS\system32\wsnmp32.dll
Sun Feb 25 19:40:59 2007 => Scanning File C:\WINDOWS\system32\FXSMON.DLL
Sun Feb 25 19:40:59 2007 => Scanning File C:\WINDOWS\system32\FXSEVENT.dll
Sun Feb 25 19:40:59 2007 => Scanning File C:\WINDOWS\system32\pjlmon.dll
Sun Feb 25 19:40:59 2007 => Scanning File C:\WINDOWS\system32\tcpmon.dll
Sun Feb 25 19:40:59 2007 => Scanning File C:\WINDOWS\system32\usbmon.dll
Sun Feb 25 19:40:59 2007 => Scanning File C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll
Sun Feb 25 19:40:59 2007 => Scanning File C:\WINDOWS\system32\win32spl.dll
Sun Feb 25 19:40:59 2007 => Scanning File C:\WINDOWS\system32\NETRAP.dll
Sun Feb 25 19:40:59 2007 => Scanning File C:\WINDOWS\system32\inetpp.dll
Sun Feb 25 19:40:59 2007 => Scanning File C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\hpzntp07.dll
Sun Feb 25 19:40:59 2007 => Scanning File C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\hpz2ku07.dll
Sun Feb 25 19:40:59 2007 => Scanning File C:\WINDOWS\arservice.exe
Sun Feb 25 19:40:59 2007 => Scanning File C:\PROGRA~1\Grisoft\AVGANT~1.5\guard.exe
Sun Feb 25 19:40:59 2007 => Scanning File C:\PROGRA~1\Grisoft\AVGANT~1.5\engine.dll
Sun Feb 25 19:40:59 2007 => Scanning File C:\PROGRA~1\COMMON~1\COMMAN~1\dvpapi.exe
Sun Feb 25 19:40:59 2007 => Scanning File C:\WINDOWS\eHome\ehRecvr.exe
Sun Feb 25 19:40:59 2007 => Scanning File C:\WINDOWS\system32\faultrep.DLL
Sun Feb 25 19:40:59 2007 => Scanning File C:\WINDOWS\eHome\ehTrace.dll
Sun Feb 25 19:40:59 2007 => Scanning File C:\WINDOWS\system32\sbe.dll
Sun Feb 25 19:41:00 2007 => Scanning File C:\WINDOWS\system32\msvidctl.dll
Sun Feb 25 19:41:00 2007 => Scanning File C:\WINDOWS\system32\quartz.dll
Sun Feb 25 19:41:00 2007 => Scanning File C:\WINDOWS\system32\devenum.dll
Sun Feb 25 19:41:00 2007 => Scanning File C:\WINDOWS\system32\msdmo.dll
Sun Feb 25 19:41:00 2007 => Scanning File C:\WINDOWS\eHome\ehSched.exe
Sun Feb 25 19:41:00 2007 => Scanning File C:\WINDOWS\eHome\ehProxy.dll
Sun Feb 25 19:41:00 2007 => Scanning File C:\PROGRA~1\COMMON~1\LIGHTS~1\LSSrvc.exe
Sun Feb 25 19:41:00 2007 => Scanning File C:\PROGRA~1\COMMON~1\LIGHTS~1\MSVCR71.dll
Sun Feb 25 19:41:00 2007 => Scanning File C:\PROGRA~1\COMMON~1\LIGHTS~1\MSVCP71.dll
Sun Feb 25 19:41:00 2007 => Scanning File C:\PROGRA~1\COMMON~1\MICROS~1\VS7DEBUG\MDM.EXE
Sun Feb 25 19:41:00 2007 => Scanning File C:\WINDOWS\system32\nvsvc32.exe
Sun Feb 25 19:41:00 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\PavFnSvr.exe
Sun Feb 25 19:41:00 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\Plats.dll
Sun Feb 25 19:41:00 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\PROTEXC.DLL
Sun Feb 25 19:41:00 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\libxml2.dll
Sun Feb 25 19:41:00 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\TPConf.dll
Sun Feb 25 19:41:00 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\AVCIC.DLL
Sun Feb 25 19:41:00 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\Psscan.dll
Sun Feb 25 19:41:00 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\ParserFW.dll
Sun Feb 25 19:41:00 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\Firewall\PNMApi.dll
Sun Feb 25 19:41:00 2007 => Scanning File c:\PROGRA~1\PANDAS~1\PANDAA~1\firewall\DPIFTran.dll
Sun Feb 25 19:41:01 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\CPDLL.DLL
Sun Feb 25 19:41:01 2007 => Scanning File C:\PROGRA~1\COMMON~1\PANDAS~1\PavShld\pavprsrv.exe
Sun Feb 25 19:41:01 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\PsImSvc.exe
Sun Feb 25 19:41:01 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\PSImFltr.dll
Sun Feb 25 19:41:01 2007 => Scanning File C:\WINDOWS\System32\snmp.exe
Sun Feb 25 19:41:01 2007 => Scanning File C:\WINDOWS\System32\lmmib2.dll
Sun Feb 25 19:41:01 2007 => Scanning File C:\WINDOWS\System32\inetmib1.dll
Sun Feb 25 19:41:01 2007 => Scanning File C:\WINDOWS\System32\hostmib.dll
Sun Feb 25 19:41:01 2007 => Scanning File C:\WINDOWS\System32\snmpmib.dll
Sun Feb 25 19:41:01 2007 => Scanning File C:\WINDOWS\System32\evntagnt.dll
Sun Feb 25 19:41:01 2007 => Scanning File C:\WINDOWS\System32\igmpagnt.dll
Sun Feb 25 19:41:01 2007 => Scanning File C:\WINDOWS\System32\mcastmib.dll
Sun Feb 25 19:41:01 2007 => Scanning File C:\WINDOWS\System32\rtipxmib.dll
Sun Feb 25 19:41:01 2007 => Scanning File C:\WINDOWS\System32\perfos.dll
Sun Feb 25 19:41:01 2007 => Scanning File c:\windows\system32\ssdpsrv.dll
Sun Feb 25 19:41:01 2007 => Scanning File C:\WINDOWS\system32\httpapi.dll
Sun Feb 25 19:41:01 2007 => Scanning File c:\windows\system32\wiaservc.dll
Sun Feb 25 19:41:01 2007 => Scanning File c:\windows\system32\mscms.dll
Sun Feb 25 19:41:01 2007 => Scanning File C:\WINDOWS\system32\escwian.dll
Sun Feb 25 19:41:01 2007 => Scanning File C:\WINDOWS\system32\sti.dll
Sun Feb 25 19:41:01 2007 => Scanning File C:\WINDOWS\ehome\mcrdsvc.exe
Sun Feb 25 19:41:01 2007 => Scanning File C:\WINDOWS\system32\dllhost.exe
Sun Feb 25 19:41:01 2007 => Scanning File C:\WINDOWS\system32\txflog.dll
Sun Feb 25 19:41:01 2007 => Scanning File C:\WINDOWS\Explorer.EXE
Sun Feb 25 19:41:02 2007 => Scanning File C:\WINDOWS\system32\BROWSEUI.dll
Sun Feb 25 19:41:02 2007 => Scanning File C:\WINDOWS\system32\SHDOCVW.dll
Sun Feb 25 19:41:02 2007 => Scanning File C:\WINDOWS\system32\themeui.dll
Sun Feb 25 19:41:02 2007 => Scanning File C:\WINDOWS\system32\MSIMG32.dll
Sun Feb 25 19:41:02 2007 => Scanning File C:\WINDOWS\system32\LINKINFO.dll
Sun Feb 25 19:41:02 2007 => Scanning File C:\WINDOWS\system32\ntshrui.dll
Sun Feb 25 19:41:02 2007 => Scanning File C:\WINDOWS\system32\ieframe.dll
Sun Feb 25 19:41:02 2007 => Scanning File C:\WINDOWS\system32\webcheck.dll
Sun Feb 25 19:41:02 2007 => Scanning File C:\WINDOWS\system32\stobject.dll
Sun Feb 25 19:41:02 2007 => Scanning File C:\WINDOWS\system32\BatMeter.dll
Sun Feb 25 19:41:02 2007 => Scanning File C:\WINDOWS\system32\upnpui.dll
Sun Feb 25 19:41:02 2007 => Scanning File C:\WINDOWS\system32\WPDShServiceObj.dll
Sun Feb 25 19:41:02 2007 => Scanning File C:\WINDOWS\system32\ftpxext.dll
Sun Feb 25 19:41:02 2007 => Scanning File C:\WINDOWS\system32\mydocs.dll
Sun Feb 25 19:41:02 2007 => Scanning File C:\WINDOWS\system32\PortableDeviceTypes.dll
Sun Feb 25 19:41:02 2007 => Scanning File C:\WINDOWS\system32\PortableDeviceApi.dll
Sun Feb 25 19:41:02 2007 => Scanning File C:\WINDOWS\system32\fxsst.dll
Sun Feb 25 19:41:02 2007 => Scanning File C:\WINDOWS\system32\FXSAPI.dll
Sun Feb 25 19:41:02 2007 => Scanning File C:\WINDOWS\system32\MSCTF.dll
Sun Feb 25 19:41:02 2007 => Scanning File C:\WINDOWS\system32\mslbui.dll
Sun Feb 25 19:41:02 2007 => Scanning File C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\IadHide5.dll
Sun Feb 25 19:41:02 2007 => Scanning File C:\WINDOWS\system32\browselc.dll
Sun Feb 25 19:41:03 2007 => Scanning File C:\PROGRA~1\Adobe\ACROBA~1.0\ActiveX\ACROIE~1.DLL
Sun Feb 25 19:41:03 2007 => Scanning File C:\PROGRA~1\SPYBOT~1\SDHelper.dll
Sun Feb 25 19:41:03 2007 => Scanning File C:\WINDOWS\system32\olepro32.dll
Sun Feb 25 19:41:03 2007 => Scanning File C:\WINDOWS\system32\DUSER.dll
Sun Feb 25 19:41:03 2007 => Scanning File C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll
Sun Feb 25 19:41:03 2007 => Scanning File C:\WINDOWS\system32\cryptnet.dll
Sun Feb 25 19:41:03 2007 => Scanning File C:\WINDOWS\system32\SensApi.dll
Sun Feb 25 19:41:03 2007 => Scanning File C:\PROGRA~1\WinRAR\rarext.dll
Sun Feb 25 19:41:03 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\ShellTit.DLL
Sun Feb 25 19:41:03 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\PSWLabel.dll
Sun Feb 25 19:41:03 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\PSWLRes.dll
Sun Feb 25 19:41:03 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\TitCfg.dll
Sun Feb 25 19:41:03 2007 => Scanning File C:\WINDOWS\system32\printui.dll
Sun Feb 25 19:41:03 2007 => Scanning File C:\WINDOWS\System32\drprov.dll
Sun Feb 25 19:41:03 2007 => Scanning File C:\WINDOWS\System32\ntlanman.dll
Sun Feb 25 19:41:03 2007 => Scanning File C:\WINDOWS\System32\NETUI0.dll
Sun Feb 25 19:41:03 2007 => Scanning File C:\WINDOWS\System32\NETUI1.dll
Sun Feb 25 19:41:03 2007 => Scanning File C:\WINDOWS\System32\davclnt.dll
Sun Feb 25 19:41:03 2007 => Scanning File C:\WINDOWS\system32\zipfldr.dll
Sun Feb 25 19:41:04 2007 => Scanning File C:\WINDOWS\system32\wzcdlg.dll
Sun Feb 25 19:41:04 2007 => Scanning File C:\WINDOWS\system32\xpsp3res.dll
Sun Feb 25 19:41:04 2007 => Scanning File C:\PROGRA~1\Grisoft\AVGANT~1.5\SHELLE~1.DLL
Sun Feb 25 19:41:04 2007 => Scanning File C:\WINDOWS\System32\alg.exe
Sun Feb 25 19:41:04 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\apvxdwin.exe
Sun Feb 25 19:41:04 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\RsdnApi.dll
Sun Feb 25 19:41:04 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\PSAEng.dll
Sun Feb 25 19:41:04 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\PAV2WSC.dll
Sun Feb 25 19:41:04 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\PAVSRVDL.DLL
Sun Feb 25 19:41:04 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\Icl_mtr.dll
Sun Feb 25 19:41:04 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\PSAUI.dll
Sun Feb 25 19:41:04 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\VCL50.BPL
Sun Feb 25 19:41:05 2007 => Scanning File C:\WINDOWS\system32\oledlg.dll
Sun Feb 25 19:41:05 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\VCLX50.BPL
Sun Feb 25 19:41:05 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\PNDCTRLA.BPL
Sun Feb 25 19:41:05 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\BORLNDMM.DLL
Sun Feb 25 19:41:05 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\CC3250MT.DLL
Sun Feb 25 19:41:05 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\ComFltNT.dll
Sun Feb 25 19:41:05 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\icl_trf.dll
Sun Feb 25 19:41:05 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\PavScr.dll
Sun Feb 25 19:41:05 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\pavim.dll
Sun Feb 25 19:41:05 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\Platc.DLL
Sun Feb 25 19:41:05 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\ZiUpdate.dll
Sun Feb 25 19:41:05 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\WHISTLER.BPL
Sun Feb 25 19:41:05 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\LangM5.dll
Sun Feb 25 19:41:05 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\Asmdat.dll
Sun Feb 25 19:41:05 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\LTForms.dll
Sun Feb 25 19:41:05 2007 => Scanning File C:\WINDOWS\ehome\ehtray.exe
Sun Feb 25 19:41:05 2007 => Scanning File C:\WINDOWS\RTHDCPL.EXE
Sun Feb 25 19:41:06 2007 => Scanning File C:\WINDOWS\system32\HHCTRL.OCX
Sun Feb 25 19:41:06 2007 => Scanning File C:\WINDOWS\system32\DSOUND.DLL
Sun Feb 25 19:41:06 2007 => Scanning File C:\WINDOWS\system32\KsUser.dll
Sun Feb 25 19:41:06 2007 => Scanning File C:\WINDOWS\eHome\ehmsas.exe
Sun Feb 25 19:41:06 2007 => Scanning File C:\WINDOWS\armcex.dll
Sun Feb 25 19:41:06 2007 => Scanning File c:\windows\system32\fpalsu.dll
Sun Feb 25 19:41:06 2007 => Scanning File C:\WINDOWS\ARPWRMSG.EXE
Sun Feb 25 19:41:06 2007 => Scanning File C:\WINDOWS\system32\wbem\wmiprvse.exe
Sun Feb 25 19:41:06 2007 => Scanning File C:\WINDOWS\System32\Wbem\framedyn.dll
Sun Feb 25 19:41:06 2007 => Scanning File C:\WINDOWS\system32\wbem\cimwin32.dll
Sun Feb 25 19:41:06 2007 => Scanning File c:\windows\system32\w3ssl.dll
Sun Feb 25 19:41:06 2007 => Scanning File C:\WINDOWS\System32\strmfilt.dll
Sun Feb 25 19:41:06 2007 => Scanning File C:\PROGRA~1\DISC\DISCover.exe
Sun Feb 25 19:41:06 2007 => Scanning File C:\PROGRA~1\DISC\DiscDLL.dll
Sun Feb 25 19:41:06 2007 => Scanning File C:\PROGRA~1\DISC\StdDisc.dll
Sun Feb 25 19:41:07 2007 => Scanning File C:\WINDOWS\system32\DINPUT8.dll
Sun Feb 25 19:41:07 2007 => Scanning File C:\PROGRA~1\DISC\MYTDLIB.dll
Sun Feb 25 19:41:07 2007 => Scanning File C:\PROGRA~1\DISC\DOWNLO~1.DLL
Sun Feb 25 19:41:07 2007 => Scanning File c:\PROGRA~1\PANDAS~1\PANDAA~1\WebProxy.exe
Sun Feb 25 19:41:07 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\Pavpop3.dll
Sun Feb 25 19:41:07 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\PavAmw.dll
Sun Feb 25 19:41:07 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\PavMiCli.dll
Sun Feb 25 19:41:07 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\PavSInet.dll
Sun Feb 25 19:41:07 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\PavSmtp.dll
Sun Feb 25 19:41:07 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\PavNntp.dll
Sun Feb 25 19:41:07 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\PavHttp.dll
Sun Feb 25 19:41:07 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\PavWMAIL.dll
Sun Feb 25 19:41:07 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\PavTftp.dll
Sun Feb 25 19:41:07 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\PavFtp.dll
Sun Feb 25 19:41:07 2007 => Scanning File c:\PROGRA~1\PANDAS~1\PANDAA~1\pskads.dll
Sun Feb 25 19:41:07 2007 => Scanning File c:\PROGRA~1\PANDAS~1\PANDAA~1\pskmfs.dll
Sun Feb 25 19:41:07 2007 => Scanning File C:\PROGRA~1\DISC\DISCUP~1.EXE
Sun Feb 25 19:41:07 2007 => Scanning File C:\WINDOWS\system32\mscoree.dll
Sun Feb 25 19:41:07 2007 => Scanning File C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
Sun Feb 25 19:41:07 2007 => Scanning File C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\fusion.dll
Sun Feb 25 19:41:07 2007 => Scanning File c:\windows\microsoft.net\framework\v1.1.4322\mscorlib.dll
Sun Feb 25 19:41:07 2007 => Scanning File c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_aad9c783\mscorlib.dll
Sun Feb 25 19:41:07 2007 => Scanning File C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
Sun Feb 25 19:41:07 2007 => Scanning File c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll
Sun Feb 25 19:41:08 2007 => Scanning File c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_126831be\system.windows.forms.dll
Sun Feb 25 19:41:08 2007 => Scanning File c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll
Sun Feb 25 19:41:08 2007 => Scanning File c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_35c3f4d0\system.dll
Sun Feb 25 19:41:08 2007 => Scanning File C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MSCORJIT.DLL
Sun Feb 25 19:41:08 2007 => Scanning File c:\PROGRA~1\disc\DISCOB~1.DLL
Sun Feb 25 19:41:08 2007 => Scanning File c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll
Sun Feb 25 19:41:08 2007 => Scanning File c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_495f7e7e\system.drawing.dll
Sun Feb 25 19:41:08 2007 => Scanning File C:\PROGRA~1\HPDIGI~1\DMASCH~1.EXE
Sun Feb 25 19:41:08 2007 => Scanning File C:\PROGRA~1\HPDIGI~1\MSVCR71.dll
Sun Feb 25 19:41:08 2007 => Scanning File C:\PROGRA~1\HPDIGI~1\MSVCP71.dll
Sun Feb 25 19:41:08 2007 => Scanning File c:\PROGRA~1\COMMON~1\SONICS~1\SONICC~1\Engine\PxWrap.dll
Sun Feb 25 19:41:08 2007 => Scanning File C:\WINDOWS\system32\PX.dll
Sun Feb 25 19:41:08 2007 => Scanning File C:\WINDOWS\system32\wmp.dll
Sun Feb 25 19:41:09 2007 => Scanning File C:\WINDOWS\system32\MSVFW32.dll
Sun Feb 25 19:41:09 2007 => Scanning File C:\WINDOWS\system32\dbghelp.dll
Sun Feb 25 19:41:09 2007 => Scanning File C:\WINDOWS\system32\wmploc.dll
Sun Feb 25 19:41:09 2007 => Scanning File C:\WINDOWS\system32\MFPlat.DLL
Sun Feb 25 19:41:09 2007 => Scanning File C:\WINDOWS\system32\PXDRV.DLL
Sun Feb 25 19:41:09 2007 => Scanning File C:\WINDOWS\system32\PXMAS.DLL
Sun Feb 25 19:41:09 2007 => Scanning File C:\WINDOWS\system32\PXSFS.DLL
Sun Feb 25 19:41:09 2007 => Scanning File C:\WINDOWS\system32\PXWAVE.DLL
Sun Feb 25 19:41:10 2007 => Scanning File C:\WINDOWS\system32\VXBLOCK.DLL
Sun Feb 25 19:41:10 2007 => Scanning File c:\PROGRA~1\HPDIGI~1\EAFUNC~1.DLL
Sun Feb 25 19:41:10 2007 => Scanning File C:\WINDOWS\system32\mstask.dll
Sun Feb 25 19:41:10 2007 => Scanning File C:\PROGRA~1\HP\HPSOFT~1\HPWUSC~1.EXE
Sun Feb 25 19:41:10 2007 => Scanning File C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
Sun Feb 25 19:41:10 2007 => Scanning File C:\WINDOWS\system32\spool\drivers\w32x86\3\HPZR3207.DLL
Sun Feb 25 19:41:10 2007 => Scanning File C:\WINDOWS\system32\hphmon04.exe
Sun Feb 25 19:41:10 2007 => Scanning File C:\PROGRA~1\DISC\DISCST~1.EXE
Sun Feb 25 19:41:10 2007 => Scanning File c:\PROGRA~1\disc\BITSDO~1.DLL
Sun Feb 25 19:41:10 2007 => Scanning File c:\PROGRA~1\disc\YUMMYP~1.DLL
Sun Feb 25 19:41:10 2007 => Scanning File c:\PROGRA~1\disc\EBGAME~1.DLL
Sun Feb 25 19:41:10 2007 => Scanning File c:\PROGRA~1\disc\SOCKET~1.DLL
Sun Feb 25 19:41:10 2007 => Scanning File c:\PROGRA~1\disc\INTERO~1.DLL
Sun Feb 25 19:41:10 2007 => Scanning File c:\windows\assembly\gac\system.web.services\1.0.5000.0__b03f5f7f11d50a3a\system.web.services.dll
Sun Feb 25 19:41:10 2007 => Scanning File c:\PROGRA~1\disc\SECURE~1.DLL
Sun Feb 25 19:41:10 2007 => Scanning File c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll
Sun Feb 25 19:41:10 2007 => Scanning File c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_457183a4\system.xml.dll
Sun Feb 25 19:41:10 2007 => Scanning File c:\windows\assembly\gac\system.web\1.0.5000.0__b03f5f7f11d50a3a\system.web.dll
Sun Feb 25 19:41:11 2007 => Scanning File c:\windows\assembly\gac\system.enterpriseservices\1.0.5000.0__b03f5f7f11d50a3a\system.enterpriseservices.dll
Sun Feb 25 19:41:11 2007 => Scanning File c:\PROGRA~1\disc\MICROS~1.DLL
Sun Feb 25 19:41:11 2007 => Scanning File c:\PROGRA~1\disc\DASHBO~1.DLL
Sun Feb 25 19:41:11 2007 => Scanning File c:\PROGRA~1\disc\BACKGR~1.DLL
Sun Feb 25 19:41:11 2007 => Scanning File c:\windows\assembly\gac\microsoft.visualbasic\7.0.5000.0__b03f5f7f11d50a3a\microsoft.visualbasic.dll
Sun Feb 25 19:41:11 2007 => Scanning File c:\PROGRA~1\disc\LOGITE~1.DLL
Sun Feb 25 19:41:11 2007 => Scanning File C:\PROGRA~1\HP\HPSHAR~1\hpgs2wnd.exe
Sun Feb 25 19:41:11 2007 => Scanning File C:\PROGRA~1\HP\HPSHAR~1\S2WNSRES.DLL
Sun Feb 25 19:41:11 2007 => Scanning File C:\PROGRA~1\HP\HPSHAR~1\HPGS2W~1.DLL
Sun Feb 25 19:41:11 2007 => Scanning File C:\PROGRA~1\Winamp\winampa.exe
Sun Feb 25 19:41:11 2007 => Scanning File C:\PROGRA~1\Winamp\NSCRT.dll
Sun Feb 25 19:41:11 2007 => Scanning File C:\PROGRA~1\QUICKT~1\qttask.exe
Sun Feb 25 19:41:11 2007 => Scanning File C:\PROGRA~1\COMMON~1\Real\UPDATE~1\REALSC~1.EXE
Sun Feb 25 19:41:11 2007 => Scanning File C:\HP\KBD\KBD.EXE
Sun Feb 25 19:41:11 2007 => Scanning File C:\HP\KBD\led.dll
Sun Feb 25 19:41:11 2007 => Scanning File C:\HP\KBD\USB.dll
Sun Feb 25 19:41:11 2007 => Scanning File C:\HP\KBD\ps2.dll
Sun Feb 25 19:41:11 2007 => Scanning File C:\HP\KBD\msg.dll
Sun Feb 25 19:41:11 2007 => Scanning File C:\HP\KBD\osd.dll
Sun Feb 25 19:41:11 2007 => Scanning File C:\HP\KBD\sct.dll
Sun Feb 25 19:41:11 2007 => Scanning File C:\HP\KBD\onl.dll
Sun Feb 25 19:41:11 2007 => Scanning File C:\HP\KBD\aol.dll
Sun Feb 25 19:41:12 2007 => Scanning File C:\HP\KBD\url.dll
Sun Feb 25 19:41:12 2007 => Scanning File C:\HP\KBD\cfg.dll
Sun Feb 25 19:41:12 2007 => Scanning File C:\HP\KBD\MSIKBDIF.DLL
Sun Feb 25 19:41:12 2007 => Scanning File C:\PROGRA~1\HP\HPSHAR~1\hpgs2wnf.exe
Sun Feb 25 19:41:12 2007 => Scanning File C:\PROGRA~1\Grisoft\AVGANT~1.5\avgas.exe
Sun Feb 25 19:41:12 2007 => Scanning File C:\WINDOWS\system32\ctfmon.exe
Sun Feb 25 19:41:12 2007 => Scanning File C:\WINDOWS\system32\MSUTB.dll
Sun Feb 25 19:41:12 2007 => Scanning File C:\PROGRA~1\MESSEN~1\msmsgs.exe
Sun Feb 25 19:41:12 2007 => Scanning File C:\WINDOWS\system32\XPOB2RES.DLL
Sun Feb 25 19:41:12 2007 => Scanning File C:\PROGRA~1\DWL-G5~1\AIRPLUS.exe
Sun Feb 25 19:41:12 2007 => Scanning File C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe
Sun Feb 25 19:41:12 2007 => Scanning File C:\PROGRA~1\HP\DIGITA~1\bin\MSVCP71.dll
Sun Feb 25 19:41:12 2007 => Scanning File C:\PROGRA~1\HP\DIGITA~1\bin\MSVCR71.dll
Sun Feb 25 19:41:12 2007 => Scanning File c:\hp\drivers\printers\deskjet\PROGRA~1\HP\DIGITA~1\bin\hpqcxm08.dll
Sun Feb 25 19:41:12 2007 => Scanning File c:\PROGRA~1\HP\DIGITA~1\bin\hpquio08.dll
Sun Feb 25 19:41:12 2007 => Scanning File C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.rsc
Sun Feb 25 19:41:12 2007 => Scanning File c:\PROGRA~1\HP\DIGITA~1\bin\hpqtao08.dll
Sun Feb 25 19:41:12 2007 => Scanning File c:\PROGRA~1\HP\DIGITA~1\Unload\hpnkhTA.dll
Sun Feb 25 19:41:12 2007 => Scanning File C:\WINDOWS\system32\MFC71.DLL
Sun Feb 25 19:41:12 2007 => Scanning File C:\WINDOWS\system32\ATL71.DLL
Sun Feb 25 19:41:13 2007 => Scanning File C:\WINDOWS\system32\MFC71ENU.DLL
Sun Feb 25 19:41:13 2007 => Scanning File c:\PROGRA~1\HP\DIGITA~1\bin\hpotra08.dll
Sun Feb 25 19:41:13 2007 => Scanning File c:\PROGRA~1\HP\DIGITA~1\bin\hpotra08.rsc
Sun Feb 25 19:41:13 2007 => Scanning File c:\PROGRA~1\HP\DIGITA~1\bin\hpotradd.dll
Sun Feb 25 19:41:13 2007 => Scanning File c:\PROGRA~1\HP\DIGITA~1\Unload\hpiCamTA.dll
Sun Feb 25 19:41:13 2007 => Scanning File c:\PROGRA~1\HP\DIGITA~1\Unload\HpqUnRes.dll
Sun Feb 25 19:41:13 2007 => Scanning File c:\PROGRA~1\HP\DIGITA~1\bin\hpqmif08.dll
Sun Feb 25 19:41:13 2007 => Scanning File c:\PROGRA~1\HP\DIGITA~1\bin\hphtra08.dll
Sun Feb 25 19:41:13 2007 => Scanning File C:\PROGRA~1\HP\DIGITA~1\bin\HpqUtil.dll
Sun Feb 25 19:41:13 2007 => Scanning File c:\PROGRA~1\HP\DIGITA~1\bin\hpodvd09.dll
Sun Feb 25 19:41:13 2007 => Scanning File C:\PROGRA~1\HP\DIGITA~1\bin\HPODDC~1.DLL
Sun Feb 25 19:41:13 2007 => Scanning File C:\PROGRA~1\UPDATE~1\9972322\Program\UPDATE~1.EXE
Sun Feb 25 19:41:13 2007 => Scanning File C:\PROGRA~1\UPDATE~1\9972322\632~1.116\Program\BackWeb.dll
Sun Feb 25 19:41:13 2007 => Scanning File C:\PROGRA~1\UPDATE~1\9972322\632~1.116\Program\bwsec.dll
Sun Feb 25 19:41:13 2007 => Scanning File C:\PROGRA~1\UPDATE~1\9972322\632~1.116\Program\clntutil.dll
Sun Feb 25 19:41:13 2007 => Scanning File C:\PROGRA~1\UPDATE~1\9972322\632~1.116\program\EN\ClientRC.dll
Sun Feb 25 19:41:13 2007 => Scanning File C:\WINDOWS\system32\feclient.dll
Sun Feb 25 19:41:13 2007 => Scanning File C:\PROGRA~1\UPDATE~1\9972322\Program\BWFILE~1.DLL
Sun Feb 25 19:41:13 2007 => Scanning File C:\PROGRA~1\UPDATE~1\9972322\632~1.116\Program\BWfiles.dll
Sun Feb 25 19:41:14 2007 => Scanning File C:\PROGRA~1\UPDATE~1\9972322\Program\FREXT-~1.DLL
Sun Feb 25 19:41:14 2007 => Scanning File C:\PROGRA~1\UPDATE~1\9972322\632~1.116\Program\frext.dll
Sun Feb 25 19:41:14 2007 => Scanning File C:\PROGRA~1\UPDATE~1\9972322\Program\HPCLIE~1.DLL
Sun Feb 25 19:41:14 2007 => Scanning File c:\windows\system\hpsysdrv.exe
Sun Feb 25 19:41:14 2007 => Scanning File C:\PROGRA~1\Java\JRE15~1.0_0\bin\jusched.exe
Sun Feb 25 19:41:14 2007 => Scanning File C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\issch.exe
Sun Feb 25 19:41:14 2007 => Scanning File C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\mexe.com
Sun Feb 25 19:41:14 2007 => Scanning File C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\PSAPI.DLL
Sun Feb 25 19:41:14 2007 => Scanning File C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\msvl64.dll
Sun Feb 25 19:41:14 2007 => Scanning File C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\kave.dll
Sun Feb 25 19:41:14 2007 => Scanning File C:\WINDOWS\system32\RICHED32.DLL
Sun Feb 25 19:41:14 2007 => Scanning File C:\WINDOWS\system32\RICHED20.dll
Sun Feb 25 19:41:14 2007 => Scanning File C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\ScanningProcess.exe
Sun Feb 25 19:41:14 2007 => Scanning File C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\prloader.dll
Sun Feb 25 19:41:14 2007 => Scanning File C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\prkernel.ppl
Sun Feb 25 19:41:14 2007 => Scanning File c:\docume~1\hp_adm~1\locals~1\temp\avpmgr.ppl
Sun Feb 25 19:41:14 2007 => Scanning File c:\docume~1\hp_adm~1\locals~1\temp\wdiskio.ppl
Sun Feb 25 19:41:14 2007 => Scanning File c:\docume~1\hp_adm~1\locals~1\temp\nfio.ppl
Sun Feb 25 19:41:14 2007 => Scanning File c:\docume~1\hp_adm~1\locals~1\temp\avlib.ppl
Sun Feb 25 19:41:14 2007 => Scanning File c:\docume~1\hp_adm~1\locals~1\temp\dtreg.ppl
Sun Feb 25 19:41:14 2007 => Scanning File c:\docume~1\hp_adm~1\locals~1\temp\prutil.ppl
Sun Feb 25 19:41:14 2007 => Scanning File c:\docume~1\hp_adm~1\locals~1\temp\avp1.ppl
Sun Feb 25 19:41:14 2007 => Scanning File c:\docume~1\hp_adm~1\locals~1\temp\l_llio.ppl
Sun Feb 25 19:41:15 2007 => Scanning File c:\docume~1\hp_adm~1\locals~1\temp\ichk2.ppl
Sun Feb 25 19:41:15 2007 => Scanning File c:\docume~1\hp_adm~1\locals~1\temp\sfdb.ppl
Sun Feb 25 19:41:15 2007 => Scanning File c:\docume~1\hp_adm~1\locals~1\temp\icheckersa.ppl
Sun Feb 25 19:41:15 2007 => Scanning File c:\docume~1\hp_adm~1\locals~1\temp\hashmd5.ppl
Sun Feb 25 19:41:15 2007 => Scanning File c:\docume~1\hp_adm~1\locals~1\temp\hashcont.ppl
Sun Feb 25 19:41:15 2007 => Scanning File c:\docume~1\hp_adm~1\locals~1\temp\hccmp.ppl
Sun Feb 25 19:41:15 2007 => Scanning File c:\docume~1\hp_adm~1\locals~1\temp\iwgen.ppl

MWAV Part 2:

Sun Feb 25 19:41:15 2007 => ***** Scanning Registry Files *****

Sun Feb 25 19:41:15 2007 => Scanning HKLM\SOFTWARE\

#8 tberger

tberger
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:08:18 AM

Posted 26 February 2007 - 12:06 AM

Part 2:

Sun Feb 25 19:41:15 2007 => ***** Scanning Registry Files *****

Sun Feb 25 19:41:15 2007 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
Sun Feb 25 19:41:15 2007 => *** File C:\WINDOWS\system32\SHELL32.dll having Size Restriction ***. Filesize 8255 kb > 3072 kb...
Sun Feb 25 19:41:15 2007 => Scanning File C:\WINDOWS\system32\SHELL32.dll [**]
Sun Feb 25 19:41:15 2007 => *** File C:\WINDOWS\system32\SHELL32.dll having Size Restriction ***. Filesize 8255 kb > 3072 kb...
Sun Feb 25 19:41:15 2007 => Scanning File C:\WINDOWS\system32\SHELL32.dll [**]
Sun Feb 25 19:41:15 2007 => Scanning File C:\WINDOWS\system32\webcheck.dll
Sun Feb 25 19:41:15 2007 => Scanning File C:\WINDOWS\system32\stobject.dll
Sun Feb 25 19:41:15 2007 => Scanning File C:\WINDOWS\system32\upnpui.dll
Sun Feb 25 19:41:15 2007 => Scanning File C:\WINDOWS\system32\WPDShServiceObj.dll

Sun Feb 25 19:41:15 2007 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad

Sun Feb 25 19:41:15 2007 => Scanning HKLM\SOFTWARE\Microsoft\Internet Explorer\Plugins\Extension

Sun Feb 25 19:41:15 2007 => Scanning HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar
Sun Feb 25 19:41:15 2007 => Scanning File c:\PROGRA~1\google\GOOGLE~2.DLL

Sun Feb 25 19:41:15 2007 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects
Sun Feb 25 19:41:15 2007 => {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} = C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
Sun Feb 25 19:41:15 2007 => Scanning File C:\PROGRA~1\Adobe\ACROBA~1.0\ActiveX\ACROIE~1.DLL
Sun Feb 25 19:41:15 2007 => {53707962-6F74-2D53-2644-206D7942484F} = C:\PROGRA~1\SPYBOT~1\SDHelper.dll
Sun Feb 25 19:41:15 2007 => Scanning File C:\PROGRA~1\SPYBOT~1\SDHelper.dll
Sun Feb 25 19:41:15 2007 => {AA58ED58-01DD-4d91-8333-CF10577473F7} = c:\program files\google\googletoolbar2.dll
Sun Feb 25 19:41:15 2007 => Scanning File c:\PROGRA~1\google\GOOGLE~2.DLL
Sun Feb 25 19:41:15 2007 => {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} = C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\webhelper.dll
Sun Feb 25 19:41:15 2007 => ERROR!!! Invalid Entry = C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\webhelper.dll (in key Software\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{AAAE832A-5FFF-4661-9C8F-369692D1DCB9}). Removing it.

Sun Feb 25 19:43:08 2007 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler
Sun Feb 25 19:43:08 2007 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Feb 25 19:43:08 2007 => Scanning File C:\WINDOWS\system32\browseui.dll

Sun Feb 25 19:43:08 2007 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
Sun Feb 25 19:43:08 2007 => Scanning File C:\WINDOWS\system32\mmsys.cpl
Sun Feb 25 19:43:08 2007 => Scanning File C:\WINDOWS\system32\icmui.dll
Sun Feb 25 19:43:08 2007 => Scanning File C:\WINDOWS\system32\rshx32.dll
Sun Feb 25 19:43:08 2007 => Scanning File C:\WINDOWS\system32\docprop.dll
Sun Feb 25 19:43:08 2007 => Scanning File C:\WINDOWS\system32\ntshrui.dll
Sun Feb 25 19:43:08 2007 => Scanning File C:\WINDOWS\system32\themeui.dll
Sun Feb 25 19:43:08 2007 => Scanning File C:\WINDOWS\system32\deskadp.dll
Sun Feb 25 19:43:08 2007 => Scanning File C:\WINDOWS\system32\deskmon.dll
Sun Feb 25 19:43:08 2007 => Scanning File C:\WINDOWS\system32\dssec.dll
Sun Feb 25 19:43:08 2007 => Scanning File C:\WINDOWS\system32\SlayerXP.dll
Sun Feb 25 19:43:08 2007 => Scanning File C:\WINDOWS\system32\shscrap.dll
Sun Feb 25 19:43:08 2007 => Scanning File C:\WINDOWS\system32\diskcopy.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\ntlanui2.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\System32\icmui.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\icmui.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\printui.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\dskquoui.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\syncui.dll
Sun Feb 25 19:43:09 2007 => ERROR!!! Invalid Entry {88895560-9AA2-1069-930E-00AA0030EBC8} = C:\WINDOWS\system32\hticons.dll (in key SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved). Removing it.
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\fontext.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\icmui.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\rshx32.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\ntshrui.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\deskperf.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\cryptext.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\cryptext.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\NETSHELL.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\NETSHELL.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\wiashext.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\wiashext.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\wiashext.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\wiashext.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\wiashext.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\remotepg.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\mscoree.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\wshext.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\PROGRA~1\COMMON~1\System\OLEDB~1\oledb32.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\mstask.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\mstask.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\mstask.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\wuaucpl.cpl
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\twext.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\twext.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\shmedia.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\shmedia.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\shmedia.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\shmedia.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\shmedia.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\shmedia.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Feb 25 19:43:09 2007 => *** File C:\WINDOWS\system32\ieframe.dll having Size Restriction ***. Filesize 5912 kb > 3072 kb...
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\ieframe.dll [**]
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Feb 25 19:43:09 2007 => *** File C:\WINDOWS\system32\ieframe.dll having Size Restriction ***. Filesize 5912 kb > 3072 kb...
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\ieframe.dll [**]
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Feb 25 19:43:09 2007 => *** File C:\WINDOWS\system32\ieframe.dll having Size Restriction ***. Filesize 5912 kb > 3072 kb...
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\ieframe.dll [**]
Sun Feb 25 19:43:09 2007 => *** File C:\WINDOWS\system32\ieframe.dll having Size Restriction ***. Filesize 5912 kb > 3072 kb...
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\ieframe.dll [**]
Sun Feb 25 19:43:09 2007 => *** File C:\WINDOWS\system32\ieframe.dll having Size Restriction ***. Filesize 5912 kb > 3072 kb...
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\ieframe.dll [**]
Sun Feb 25 19:43:09 2007 => *** File C:\WINDOWS\system32\ieframe.dll having Size Restriction ***. Filesize 5912 kb > 3072 kb...
Sun Feb 25 19:43:09 2007 => Scanning File C:\WINDOWS\system32\ieframe.dll [**]
Sun Feb 25 19:43:09 2007 => *** File C:\WINDOWS\system32\ieframe.dll having Size Restriction ***. Filesize 5912 kb > 3072 kb...
Sun Feb 25 19:43:10 2007 => Scanning File C:\WINDOWS\system32\ieframe.dll [**]
Sun Feb 25 19:43:10 2007 => *** File C:\WINDOWS\system32\ieframe.dll having Size Restriction ***. Filesize 5912 kb > 3072 kb...
Sun Feb 25 19:43:10 2007 => Scanning File C:\WINDOWS\system32\ieframe.dll [**]
Sun Feb 25 19:43:10 2007 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Feb 25 19:43:10 2007 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Feb 25 19:43:10 2007 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Feb 25 19:43:10 2007 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Feb 25 19:43:10 2007 => *** File C:\WINDOWS\system32\ieframe.dll having Size Restriction ***. Filesize 5912 kb > 3072 kb...
Sun Feb 25 19:43:10 2007 => Scanning File C:\WINDOWS\system32\ieframe.dll [**]
Sun Feb 25 19:43:10 2007 => *** File C:\WINDOWS\system32\ieframe.dll having Size Restriction ***. Filesize 5912 kb > 3072 kb...
Sun Feb 25 19:43:10 2007 => Scanning File C:\WINDOWS\system32\ieframe.dll [**]
Sun Feb 25 19:43:10 2007 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Feb 25 19:43:10 2007 => Scanning File C:\WINDOWS\system32\sendmail.dll
Sun Feb 25 19:43:10 2007 => Scanning File C:\WINDOWS\system32\sendmail.dll
Sun Feb 25 19:43:10 2007 => Scanning File C:\WINDOWS\system32\occache.dll
Sun Feb 25 19:43:10 2007 => Scanning File C:\WINDOWS\system32\webcheck.dll
Sun Feb 25 19:43:10 2007 => Scanning File C:\WINDOWS\system32\webcheck.dll
Sun Feb 25 19:43:10 2007 => Scanning File C:\WINDOWS\system32\webcheck.dll
Sun Feb 25 19:43:10 2007 => Scanning File C:\WINDOWS\system32\webcheck.dll
Sun Feb 25 19:43:10 2007 => Scanning File C:\WINDOWS\system32\webcheck.dll
Sun Feb 25 19:43:10 2007 => Scanning File C:\WINDOWS\system32\webcheck.dll
Sun Feb 25 19:43:10 2007 => Scanning File C:\WINDOWS\system32\webcheck.dll
Sun Feb 25 19:43:10 2007 => Scanning File C:\WINDOWS\system32\webcheck.dll
Sun Feb 25 19:43:10 2007 => Scanning File C:\WINDOWS\system32\webcheck.dll
Sun Feb 25 19:43:10 2007 => Scanning File C:\WINDOWS\system32\webcheck.dll
Sun Feb 25 19:43:10 2007 => Scanning File C:\WINDOWS\system32\appwiz.cpl
Sun Feb 25 19:43:10 2007 => Scanning File C:\WINDOWS\system32\appwiz.cpl
Sun Feb 25 19:43:10 2007 => Scanning File C:\WINDOWS\system32\appwiz.cpl
Sun Feb 25 19:43:10 2007 => Scanning File C:\WINDOWS\system32\shimgvw.dll
Sun Feb 25 19:43:10 2007 => Scanning File C:\WINDOWS\system32\shimgvw.dll
Sun Feb 25 19:43:10 2007 => Scanning File C:\WINDOWS\system32\shimgvw.dll
Sun Feb 25 19:43:10 2007 => Scanning File C:\WINDOWS\system32\shimgvw.dll
Sun Feb 25 19:43:10 2007 => Scanning File C:\WINDOWS\system32\shimgvw.dll
Sun Feb 25 19:43:10 2007 => Scanning File C:\WINDOWS\system32\shimgvw.dll
Sun Feb 25 19:43:10 2007 => Scanning File C:\WINDOWS\system32\netplwiz.dll
Sun Feb 25 19:43:10 2007 => Scanning File C:\WINDOWS\system32\netplwiz.dll
Sun Feb 25 19:43:10 2007 => Scanning File C:\WINDOWS\system32\netplwiz.dll
Sun Feb 25 19:43:10 2007 => Scanning File C:\WINDOWS\system32\netplwiz.dll
Sun Feb 25 19:43:10 2007 => Scanning File C:\WINDOWS\system32\zipfldr.dll
Sun Feb 25 19:43:10 2007 => Scanning File C:\WINDOWS\system32\zipfldr.dll
Sun Feb 25 19:43:10 2007 => Scanning File C:\WINDOWS\system32\zipfldr.dll
Sun Feb 25 19:43:10 2007 => Scanning File C:\WINDOWS\system32\extmgr.dll
Sun Feb 25 19:43:10 2007 => Scanning File C:\WINDOWS\system32\msieftp.dll
Sun Feb 25 19:43:10 2007 => Scanning File C:\WINDOWS\system32\docprop2.dll
Sun Feb 25 19:43:10 2007 => Scanning File C:\WINDOWS\system32\docprop2.dll
Sun Feb 25 19:43:10 2007 => Scanning File C:\WINDOWS\system32\docprop2.dll
Sun Feb 25 19:43:10 2007 => Scanning File C:\WINDOWS\system32\docprop2.dll
Sun Feb 25 19:43:10 2007 => Scanning File C:\WINDOWS\system32\docprop2.dll
Sun Feb 25 19:43:10 2007 => Scanning File C:\WINDOWS\system32\docprop2.dll
Sun Feb 25 19:43:10 2007 => Scanning File C:\WINDOWS\system32\dsquery.dll
Sun Feb 25 19:43:10 2007 => Scanning File C:\WINDOWS\system32\dsquery.dll
Sun Feb 25 19:43:10 2007 => Scanning File C:\WINDOWS\system32\dsquery.dll
Sun Feb 25 19:43:10 2007 => Scanning File C:\WINDOWS\system32\dsquery.dll
Sun Feb 25 19:43:10 2007 => Scanning File C:\WINDOWS\system32\dsuiext.dll
Sun Feb 25 19:43:10 2007 => Scanning File C:\WINDOWS\system32\dsuiext.dll
Sun Feb 25 19:43:10 2007 => Scanning File C:\WINDOWS\system32\mydocs.dll
Sun Feb 25 19:43:10 2007 => Scanning File C:\WINDOWS\system32\mydocs.dll
Sun Feb 25 19:43:10 2007 => Scanning File C:\WINDOWS\system32\mydocs.dll
Sun Feb 25 19:43:10 2007 => Scanning File C:\WINDOWS\System32\cscui.dll
Sun Feb 25 19:43:10 2007 => Scanning File C:\WINDOWS\System32\cscui.dll
Sun Feb 25 19:43:10 2007 => Scanning File C:\WINDOWS\System32\cscui.dll
Sun Feb 25 19:43:10 2007 => Scanning File C:\WINDOWS\msagent\agentpsh.dll
Sun Feb 25 19:43:10 2007 => Scanning File C:\WINDOWS\system32\dfsshlex.dll
Sun Feb 25 19:43:10 2007 => Scanning File C:\WINDOWS\system32\photowiz.dll
Sun Feb 25 19:43:10 2007 => Scanning File C:\WINDOWS\System32\mmcshext.dll
Sun Feb 25 19:43:10 2007 => Scanning File C:\WINDOWS\system32\cabview.dll
Sun Feb 25 19:43:11 2007 => Scanning File C:\PROGRA~1\OUTLOO~1\wabfind.dll
Sun Feb 25 19:43:11 2007 => Scanning File C:\WINDOWS\system32\wmpshell.dll
Sun Feb 25 19:43:11 2007 => Scanning File C:\WINDOWS\system32\wmpshell.dll
Sun Feb 25 19:43:11 2007 => Scanning File C:\WINDOWS\system32\wmpshell.dll
Sun Feb 25 19:43:11 2007 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Feb 25 19:43:11 2007 => Scanning File C:\WINDOWS\arpower.dll
Sun Feb 25 19:43:11 2007 => *** File C:\WINDOWS\system32\nvcpl.dll having Size Restriction ***. Filesize 7140 kb > 3072 kb...
Sun Feb 25 19:43:11 2007 => Scanning File C:\WINDOWS\system32\nvcpl.dll [**]
Sun Feb 25 19:43:11 2007 => *** File C:\WINDOWS\system32\nvcpl.dll having Size Restriction ***. Filesize 7140 kb > 3072 kb...
Sun Feb 25 19:43:11 2007 => Scanning File C:\WINDOWS\system32\nvcpl.dll [**]
Sun Feb 25 19:43:11 2007 => Scanning File C:\WINDOWS\system32\nvshell.dll
Sun Feb 25 19:43:11 2007 => Scanning File C:\WINDOWS\system32\nvshell.dll
Sun Feb 25 19:43:11 2007 => Scanning File C:\WINDOWS\system32\nvshell.dll
Sun Feb 25 19:43:11 2007 => Scanning File C:\PROGRA~1\Real\REALPL~1\rpshell.dll
Sun Feb 25 19:43:11 2007 => Scanning File C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
Sun Feb 25 19:43:11 2007 => Scanning File C:\WINDOWS\system32\ShellvRTF.dll
Sun Feb 25 19:43:11 2007 => Scanning File C:\PROGRA~1\MIFF2D~1\Office\soa800.dll
Sun Feb 25 19:43:11 2007 => Scanning File C:\WINDOWS\system32\nwprovau.dll
Sun Feb 25 19:43:11 2007 => Scanning File C:\WINDOWS\system32\nwprovau.dll
Sun Feb 25 19:43:11 2007 => Scanning File C:\WINDOWS\system32\nwprovau.dll
Sun Feb 25 19:43:11 2007 => Scanning File C:\WINDOWS\system32\upnpui.dll
Sun Feb 25 19:43:11 2007 => Scanning File C:\WINDOWS\system32\Audiodev.dll
Sun Feb 25 19:43:11 2007 => Scanning File C:\WINDOWS\system32\wpdshext.dll
Sun Feb 25 19:43:11 2007 => Scanning File C:\WINDOWS\system32\wpdshext.dll
Sun Feb 25 19:43:11 2007 => Scanning File C:\PROGRA~1\WinRAR\rarext.dll
Sun Feb 25 19:43:11 2007 => *** File C:\WINDOWS\system32\ieframe.dll having Size Restriction ***. Filesize 5912 kb > 3072 kb...
Sun Feb 25 19:43:11 2007 => Scanning File C:\WINDOWS\system32\ieframe.dll [**]
Sun Feb 25 19:43:11 2007 => *** File C:\WINDOWS\system32\ieframe.dll having Size Restriction ***. Filesize 5912 kb > 3072 kb...
Sun Feb 25 19:43:11 2007 => Scanning File C:\WINDOWS\system32\ieframe.dll [**]
Sun Feb 25 19:43:11 2007 => *** File C:\WINDOWS\system32\ieframe.dll having Size Restriction ***. Filesize 5912 kb > 3072 kb...
Sun Feb 25 19:43:11 2007 => Scanning File C:\WINDOWS\system32\ieframe.dll [**]
Sun Feb 25 19:43:11 2007 => *** File C:\WINDOWS\system32\ieframe.dll having Size Restriction ***. Filesize 5912 kb > 3072 kb...
Sun Feb 25 19:43:11 2007 => Scanning File C:\WINDOWS\system32\ieframe.dll [**]
Sun Feb 25 19:43:11 2007 => *** File C:\WINDOWS\system32\ieframe.dll having Size Restriction ***. Filesize 5912 kb > 3072 kb...
Sun Feb 25 19:43:11 2007 => Scanning File C:\WINDOWS\system32\ieframe.dll [**]
Sun Feb 25 19:43:11 2007 => *** File C:\WINDOWS\system32\ieframe.dll having Size Restriction ***. Filesize 5912 kb > 3072 kb...
Sun Feb 25 19:43:11 2007 => Scanning File C:\WINDOWS\system32\ieframe.dll [**]
Sun Feb 25 19:43:11 2007 => *** File C:\WINDOWS\system32\ieframe.dll having Size Restriction ***. Filesize 5912 kb > 3072 kb...
Sun Feb 25 19:43:11 2007 => Scanning File C:\WINDOWS\system32\ieframe.dll [**]
Sun Feb 25 19:43:11 2007 => *** File C:\WINDOWS\system32\ieframe.dll having Size Restriction ***. Filesize 5912 kb > 3072 kb...
Sun Feb 25 19:43:11 2007 => Scanning File C:\WINDOWS\system32\ieframe.dll [**]
Sun Feb 25 19:43:11 2007 => *** File C:\WINDOWS\system32\ieframe.dll having Size Restriction ***. Filesize 5912 kb > 3072 kb...
Sun Feb 25 19:43:11 2007 => Scanning File C:\WINDOWS\system32\ieframe.dll [**]
Sun Feb 25 19:43:11 2007 => *** File C:\WINDOWS\system32\ieframe.dll having Size Restriction ***. Filesize 5912 kb > 3072 kb...
Sun Feb 25 19:43:11 2007 => Scanning File C:\WINDOWS\system32\ieframe.dll [**]
Sun Feb 25 19:43:11 2007 => *** File C:\WINDOWS\system32\ieframe.dll having Size Restriction ***. Filesize 5912 kb > 3072 kb...
Sun Feb 25 19:43:11 2007 => Scanning File C:\WINDOWS\system32\ieframe.dll [**]
Sun Feb 25 19:43:11 2007 => *** File C:\WINDOWS\system32\ieframe.dll having Size Restriction ***. Filesize 5912 kb > 3072 kb...
Sun Feb 25 19:43:11 2007 => Scanning File C:\WINDOWS\system32\ieframe.dll [**]
Sun Feb 25 19:43:11 2007 => *** File C:\WINDOWS\system32\ieframe.dll having Size Restriction ***. Filesize 5912 kb > 3072 kb...
Sun Feb 25 19:43:11 2007 => Scanning File C:\WINDOWS\system32\ieframe.dll [**]
Sun Feb 25 19:43:11 2007 => *** File C:\WINDOWS\system32\ieframe.dll having Size Restriction ***. Filesize 5912 kb > 3072 kb...
Sun Feb 25 19:43:11 2007 => Scanning File C:\WINDOWS\system32\ieframe.dll [**]
Sun Feb 25 19:43:11 2007 => *** File C:\WINDOWS\system32\ieframe.dll having Size Restriction ***. Filesize 5912 kb > 3072 kb...
Sun Feb 25 19:43:11 2007 => Scanning File C:\WINDOWS\system32\ieframe.dll [**]
Sun Feb 25 19:43:11 2007 => *** File C:\WINDOWS\system32\ieframe.dll having Size Restriction ***. Filesize 5912 kb > 3072 kb...
Sun Feb 25 19:43:11 2007 => Scanning File C:\WINDOWS\system32\ieframe.dll [**]
Sun Feb 25 19:43:11 2007 => *** File C:\WINDOWS\system32\ieframe.dll having Size Restriction ***. Filesize 5912 kb > 3072 kb...
Sun Feb 25 19:43:11 2007 => Scanning File C:\WINDOWS\system32\ieframe.dll [**]
Sun Feb 25 19:43:11 2007 => *** File C:\WINDOWS\system32\ieframe.dll having Size Restriction ***. Filesize 5912 kb > 3072 kb...
Sun Feb 25 19:43:11 2007 => Scanning File C:\WINDOWS\system32\ieframe.dll [**]
Sun Feb 25 19:43:11 2007 => *** File C:\WINDOWS\system32\ieframe.dll having Size Restriction ***. Filesize 5912 kb > 3072 kb...
Sun Feb 25 19:43:11 2007 => Scanning File C:\WINDOWS\system32\ieframe.dll [**]
Sun Feb 25 19:43:11 2007 => *** File C:\WINDOWS\system32\ieframe.dll having Size Restriction ***. Filesize 5912 kb > 3072 kb...
Sun Feb 25 19:43:11 2007 => Scanning File C:\WINDOWS\system32\ieframe.dll [**]
Sun Feb 25 19:43:11 2007 => *** File C:\WINDOWS\system32\ieframe.dll having Size Restriction ***. Filesize 5912 kb > 3072 kb...
Sun Feb 25 19:43:11 2007 => Scanning File C:\WINDOWS\system32\ieframe.dll [**]
Sun Feb 25 19:43:11 2007 => *** File C:\WINDOWS\system32\ieframe.dll having Size Restriction ***. Filesize 5912 kb > 3072 kb...
Sun Feb 25 19:43:11 2007 => Scanning File C:\WINDOWS\system32\ieframe.dll [**]
Sun Feb 25 19:43:11 2007 => Scanning File C:\WINDOWS\system32\ftpxext.dll
Sun Feb 25 19:43:11 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\ShellTit.DLL

Sun Feb 25 19:43:11 2007 => Scanning HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows

Sun Feb 25 19:43:11 2007 => Scanning HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
Sun Feb 25 19:43:11 2007 => Scanning File C:\WINDOWS\Explorer.exe
Sun Feb 25 19:43:11 2007 => Scanning File C:\WINDOWS\system32\userinit.exe
Sun Feb 25 19:43:11 2007 => Scanning File C:\WINDOWS\system32\gptext.dll
Sun Feb 25 19:43:12 2007 => Scanning File C:\WINDOWS\system32\fdeploy.dll
Sun Feb 25 19:43:12 2007 => Scanning File C:\WINDOWS\system32\dskquota.dll
Sun Feb 25 19:43:12 2007 => Scanning File C:\WINDOWS\system32\gptext.dll
Sun Feb 25 19:43:12 2007 => Scanning File C:\WINDOWS\system32\gptext.dll
Sun Feb 25 19:43:12 2007 => Scanning File C:\WINDOWS\system32\iedkcs32.dll
Sun Feb 25 19:43:12 2007 => Scanning File C:\WINDOWS\system32\scecli.dll
Sun Feb 25 19:43:12 2007 => Scanning File C:\WINDOWS\system32\iedkcs32.dll
Sun Feb 25 19:43:12 2007 => Scanning File C:\WINDOWS\system32\scecli.dll
Sun Feb 25 19:43:12 2007 => Scanning File C:\WINDOWS\System32\cscui.dll
Sun Feb 25 19:43:12 2007 => Scanning File C:\WINDOWS\system32\appmgmts.dll
Sun Feb 25 19:43:12 2007 => Scanning File C:\WINDOWS\system32\gptext.dll
Sun Feb 25 19:43:12 2007 => Scanning File C:\WINDOWS\system32\avldr.dll
Sun Feb 25 19:43:12 2007 => Scanning File C:\WINDOWS\system32\crypt32.dll
Sun Feb 25 19:43:12 2007 => Scanning File C:\WINDOWS\system32\cryptnet.dll
Sun Feb 25 19:43:12 2007 => Scanning File C:\WINDOWS\system32\cscdll.dll
Sun Feb 25 19:43:12 2007 => Scanning File C:\WINDOWS\system32\wlnotify.dll
Sun Feb 25 19:43:12 2007 => Scanning File C:\WINDOWS\system32\wlnotify.dll
Sun Feb 25 19:43:12 2007 => Scanning File C:\WINDOWS\system32\sclgntfy.dll
Sun Feb 25 19:43:12 2007 => Scanning File C:\WINDOWS\system32\WlNotify.dll
Sun Feb 25 19:43:12 2007 => Scanning File C:\WINDOWS\system32\wlnotify.dll
Sun Feb 25 19:43:12 2007 => Scanning File C:\WINDOWS\system32\WgaLogon.dll
Sun Feb 25 19:43:12 2007 => Scanning File C:\WINDOWS\system32\wlnotify.dll

Sun Feb 25 19:43:12 2007 => Scanning HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon

Sun Feb 25 19:43:12 2007 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System

Sun Feb 25 19:43:12 2007 => Scanning HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows

Sun Feb 25 19:43:12 2007 => Scanning HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AEDEBUG
Sun Feb 25 19:43:12 2007 => Scanning File C:\WINDOWS\system32\drwtsn32.exe

Sun Feb 25 19:43:12 2007 => Scanning HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
Sun Feb 25 19:43:12 2007 => Scanning File C:\WINDOWS\system32\ntsd.exe

Sun Feb 25 19:43:12 2007 => Scanning HKCU\Control Panel\Desktop

Sun Feb 25 19:43:12 2007 => Scanning HKLM\SYSTEM\CurrentControlSet\Control\WOW
Sun Feb 25 19:43:12 2007 => Scanning File C:\WINDOWS\system32\ntvdm.exe
Sun Feb 25 19:43:12 2007 => Scanning File C:\WINDOWS\system32\ntvdm.exe

Sun Feb 25 19:43:12 2007 => Scanning HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components
Sun Feb 25 19:43:12 2007 => Scanning File C:\WINDOWS\system32\ieudinit.exe
Sun Feb 25 19:43:12 2007 => Scanning File C:\WINDOWS\inf\unregmp2.exe
Sun Feb 25 19:43:12 2007 => Scanning File C:\WINDOWS\system32\ie4uinit.exe
Sun Feb 25 19:43:12 2007 => Scanning File C:\WINDOWS\system32\RunDLL32.exe
Sun Feb 25 19:43:12 2007 => Scanning File C:\WINDOWS\system32\shmgrate.exe
Sun Feb 25 19:43:13 2007 => Scanning File C:\WINDOWS\system32\rundll32.exe
Sun Feb 25 19:43:13 2007 => Scanning File C:\WINDOWS\system32\regsvr32.exe
Sun Feb 25 19:43:13 2007 => Scanning File C:\WINDOWS\System32\rundll32.exe
Sun Feb 25 19:43:13 2007 => Scanning File C:\PROGRA~1\OUTLOO~1\setup50.exe
Sun Feb 25 19:43:13 2007 => Scanning File C:\WINDOWS\system32\rundll32.exe
Sun Feb 25 19:43:13 2007 => Scanning File C:\WINDOWS\system32\rundll32.exe
Sun Feb 25 19:43:13 2007 => Scanning File C:\WINDOWS\system32\rundll32.exe
Sun Feb 25 19:43:13 2007 => Scanning File C:\PROGRA~1\OUTLOO~1\setup50.exe
Sun Feb 25 19:43:13 2007 => Scanning File C:\WINDOWS\system32\regsvr32.exe
Sun Feb 25 19:43:13 2007 => Scanning File C:\WINDOWS\system32\ie4uinit.exe
Sun Feb 25 19:43:13 2007 => Scanning File C:\WINDOWS\system32\Rundll32.exe
Sun Feb 25 19:43:13 2007 => Scanning File C:\WINDOWS\system32\rundll32.exe

Sun Feb 25 19:43:13 2007 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
Sun Feb 25 19:43:13 2007 => ERROR!!! Invalid Entry user32.dll = C:\Program Files\Video Access ActiveX Object\isamntr.exe (in key SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run). Removing it.
Sun Feb 25 19:43:13 2007 => ERROR!!! Invalid Entry rare = C:\Program Files\Video Access ActiveX Object\pmsnrr.exe (in key SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run). Removing it.

Sun Feb 25 19:43:13 2007 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run

Sun Feb 25 19:43:13 2007 => Scanning HKLM\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Run

Sun Feb 25 19:43:13 2007 => Scanning HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Run

Sun Feb 25 19:43:13 2007 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Sun Feb 25 19:43:13 2007 => Scanning File C:\WINDOWS\ehome\ehtray.exe
Sun Feb 25 19:43:13 2007 => *** File C:\WINDOWS\RTHDCPL.EXE having Size Restriction ***. Filesize 15635 kb > 3072 kb...
Sun Feb 25 19:43:13 2007 => Scanning File C:\WINDOWS\RTHDCPL.EXE [**]
Sun Feb 25 19:43:13 2007 => Scanning File C:\WINDOWS\ARPWRMSG.EXE
Sun Feb 25 19:43:13 2007 => Scanning File C:\WINDOWS\system32\RUNDLL32.EXE
Sun Feb 25 19:43:13 2007 => Scanning File C:\WINDOWS\system32\nwiz.exe
Sun Feb 25 19:43:13 2007 => Scanning File c:\PROGRA~1\HP\DIGITA~1\{33D6C~1\hphupd08.exe
Sun Feb 25 19:43:13 2007 => Scanning File C:\PROGRA~1\DISC\DISCover.exe
Sun Feb 25 19:43:13 2007 => Scanning File C:\PROGRA~1\DISC\DISCUP~1.EXE
Sun Feb 25 19:43:13 2007 => Scanning File c:\PROGRA~1\HPDIGI~1\DMASCH~1.EXE
Sun Feb 25 19:43:13 2007 => Scanning File C:\WINDOWS\SMINST\RECGUARD.EXE
Sun Feb 25 19:43:13 2007 => Scanning File C:\PROGRA~1\HEWLET~1\HPBOOT~1\HPBootOp.exe
Sun Feb 25 19:43:13 2007 => Scanning File C:\PROGRA~1\HP\HPSOFT~1\HPWUSC~1.EXE
Sun Feb 25 19:43:13 2007 => Scanning File C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
Sun Feb 25 19:43:13 2007 => Scanning File C:\WINDOWS\system32\hphmon04.exe
Sun Feb 25 19:43:13 2007 => Scanning File C:\PROGRA~1\HPPHOT~1\HPHINS~1\UniPatch\hphupd04.exe
Sun Feb 25 19:43:13 2007 => Scanning File C:\PROGRA~1\HP\HPSHAR~1\hpgs2wnd.exe
Sun Feb 25 19:43:13 2007 => Scanning File C:\PROGRA~1\Winamp\winampa.exe
Sun Feb 25 19:43:13 2007 => Scanning File C:\PROGRA~1\QUICKT~1\qttask.exe
Sun Feb 25 19:43:13 2007 => Scanning File C:\PROGRA~1\Cox\APPLIC~1\app\start.exe
Sun Feb 25 19:43:13 2007 => Scanning File C:\PROGRA~1\COMMON~1\Real\UPDATE~1\REALSC~1.EXE
Sun Feb 25 19:43:13 2007 => Scanning File C:\HP\KBD\KBD.EXE
Sun Feb 25 19:43:13 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\APVXDWIN.EXE
Sun Feb 25 19:43:13 2007 => Scanning File C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
Sun Feb 25 19:43:13 2007 => *** File C:\PROGRA~1\Grisoft\AVGANT~1.5\avgas.exe having Size Restriction ***. Filesize 6120 kb > 3072 kb...
Sun Feb 25 19:43:13 2007 => Scanning File C:\PROGRA~1\Grisoft\AVGANT~1.5\avgas.exe [**]

Sun Feb 25 19:43:13 2007 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce

Sun Feb 25 19:43:13 2007 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx

Sun Feb 25 19:43:13 2007 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices

Sun Feb 25 19:43:13 2007 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce

Sun Feb 25 19:43:13 2007 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Sun Feb 25 19:43:13 2007 => Scanning File C:\WINDOWS\system32\ctfmon.exe
Sun Feb 25 19:43:13 2007 => Scanning File C:\PROGRA~1\MESSEN~1\msmsgs.exe

Sun Feb 25 19:43:13 2007 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce

Sun Feb 25 19:43:13 2007 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx

Sun Feb 25 19:43:13 2007 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices

Sun Feb 25 19:43:13 2007 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\Setup

Sun Feb 25 19:43:13 2007 => Scanning HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Sun Feb 25 19:43:14 2007 => Scanning HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce

Sun Feb 25 19:43:14 2007 => Scanning HKCR\txtfile\shell\open\command

Sun Feb 25 19:43:14 2007 => Scanning HKCR\comfile\shell\open\command

Sun Feb 25 19:43:14 2007 => Scanning HKCR\exefile\shell\open\command

Sun Feb 25 19:43:14 2007 => Scanning HKCR\dllfile\shell\open\command

Sun Feb 25 19:43:14 2007 => Scanning HKCR\batfile\shell\open\command

Sun Feb 25 19:43:14 2007 => Scanning HKCR\piffile\shell\open\command

Sun Feb 25 19:43:14 2007 => Scanning HKCR\scrfile\shell\open\command

Sun Feb 25 19:43:14 2007 => Scanning HKCR\scrfile\shell\config\command

Sun Feb 25 19:43:14 2007 => Scanning HKCR\regfile\shell\open\command

Sun Feb 25 19:43:14 2007 => Scanning HKCR\htmlfile\shell\open\command
Sun Feb 25 19:43:14 2007 => Scanning File C:\PROGRA~1\INTERN~1\IEXPLORE.EXE

Sun Feb 25 19:43:14 2007 => Scanning HKCR\htafile\shell\open\command
Sun Feb 25 19:43:14 2007 => Scanning File C:\WINDOWS\system32\mshta.exe

Sun Feb 25 19:43:14 2007 => Scanning HKCR\jsfile\shell\open\command
Sun Feb 25 19:43:14 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\PavScrip.exe
Sun Feb 25 19:43:14 2007 => Scanning File C:\WINDOWS\System32\WScript.exe

Sun Feb 25 19:43:14 2007 => Scanning HKCR\jsefile\shell\open\command
Sun Feb 25 19:43:14 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\PavScrip.exe
Sun Feb 25 19:43:14 2007 => Scanning File C:\WINDOWS\System32\WScript.exe

Sun Feb 25 19:43:14 2007 => Scanning HKCR\vbsfile\shell\open\command
Sun Feb 25 19:43:14 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\PavScrip.exe
Sun Feb 25 19:43:14 2007 => Scanning File C:\WINDOWS\System32\WScript.exe

Sun Feb 25 19:43:14 2007 => Scanning HKCR\vbefile\shell\open\command
Sun Feb 25 19:43:14 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\PavScrip.exe
Sun Feb 25 19:43:14 2007 => Scanning File C:\WINDOWS\System32\WScript.exe

Sun Feb 25 19:43:14 2007 => Scanning HKCR\wshfile\shell\open\command
Sun Feb 25 19:43:14 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\PavScrip.exe
Sun Feb 25 19:43:14 2007 => Scanning File C:\WINDOWS\System32\WScript.exe

Sun Feb 25 19:43:14 2007 => Scanning HKCR\wsffile\shell\open\command
Sun Feb 25 19:43:14 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\PavScrip.exe
Sun Feb 25 19:43:14 2007 => Scanning File C:\WINDOWS\System32\WScript.exe

Sun Feb 25 19:43:14 2007 => ***** Scanning StartUp Folders *****

Sun Feb 25 19:43:14 2007 => ***** Scanning C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Startup Folder *****
Sun Feb 25 19:43:14 2007 => Scanning Folder: C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Startup\*.*
Sun Feb 25 19:43:14 2007 => Scanning File C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Startup\desktop.ini [**]

Sun Feb 25 19:43:14 2007 => ***** Scanning C:\Documents and Settings\HP_Administrator\Desktop Folder *****
Sun Feb 25 19:43:14 2007 => Scanning Folder: C:\Documents and Settings\HP_Administrator\Desktop\*.*
Sun Feb 25 19:43:14 2007 => Scanning File C:\Documents and Settings\HP_Administrator\Desktop\100_2679.JPG [**]
Sun Feb 25 19:43:14 2007 => Scanning File C:\Documents and Settings\HP_Administrator\Desktop\100_2758.JPG [**]
Sun Feb 25 19:43:14 2007 => Scanning File C:\Documents and Settings\HP_Administrator\Desktop\E-mail.lnk
Sun Feb 25 19:43:14 2007 => *** File C:\Documents and Settings\HP_Administrator\Desktop\mwav.exe having Size Restriction ***. Filesize 13916 kb > 3072 kb...
Sun Feb 25 19:43:14 2007 => Scanning File C:\Documents and Settings\HP_Administrator\Desktop\mwav.exe [**]
Sun Feb 25 19:43:14 2007 => Scanning File C:\Documents and Settings\HP_Administrator\Desktop\Quicken 2006.lnk
Sun Feb 25 19:43:14 2007 => Scanning File C:\Documents and Settings\HP_Administrator\Desktop\Shortcut to Windows Firewall.lnk

Sun Feb 25 19:43:14 2007 => ***** Scanning C:\Documents and Settings\All Users\Start Menu\Programs\Startup Folder *****
Sun Feb 25 19:43:14 2007 => Scanning Folder: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\*.*
Sun Feb 25 19:43:14 2007 => Scanning File C:\Documents and Settings\All Users\Start Menu\Programs\Startup\D-Link REG Utility.lnk
Sun Feb 25 19:43:14 2007 => Scanning File C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini [**]
Sun Feb 25 19:43:14 2007 => Scanning File C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DWL-G520M Wireless 108G MIMO PCI Adapter Utility.lnk
Sun Feb 25 19:43:14 2007 => Scanning File C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
Sun Feb 25 19:43:14 2007 => Scanning File C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Updates From HP.lnk

Sun Feb 25 19:43:14 2007 => ***** Scanning C:\Documents and Settings\Administrator\Start menu\Programs\Startup Folder *****
Sun Feb 25 19:43:14 2007 => Scanning Folder: C:\DOCUME~1\ADMINI~1\STARTM~1\Programs\Startup\*.*
Sun Feb 25 19:43:14 2007 => Scanning File C:\DOCUME~1\ADMINI~1\STARTM~1\Programs\Startup\desktop.ini [**]

Sun Feb 25 19:43:14 2007 => ***** Scanning C:\Documents and Settings\Default User\Start menu\Programs\Startup Folder *****
Sun Feb 25 19:43:14 2007 => Scanning Folder: C:\DOCUME~1\DEFAUL~1\STARTM~1\Programs\Startup\*.*
Sun Feb 25 19:43:15 2007 => Scanning File C:\DOCUME~1\DEFAUL~1\STARTM~1\Programs\Startup\desktop.ini [**]
Sun Feb 25 19:43:15 2007 => Scanning File C:\DOCUME~1\DEFAUL~1\STARTM~1\Programs\Startup\Pin.lnk

#9 tberger

tberger
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:08:18 AM

Posted 26 February 2007 - 12:08 AM

Part 3:

Sun Feb 25 19:43:15 2007 => ***** Scanning Service Files *****
Sun Feb 25 19:43:15 2007 => Scanning HKLM\SYSTEM\CurrentControlSet\Services
Sun Feb 25 19:43:15 2007 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Feb 25 19:43:15 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\ACPI.sys
Sun Feb 25 19:43:15 2007 => Scanning File C:\WINDOWS\system32\acs.exe
Sun Feb 25 19:43:15 2007 => Scanning File C:\WINDOWS\system32\drivers\aec.sys
Sun Feb 25 19:43:15 2007 => Scanning File C:\WINDOWS\System32\drivers\afd.sys
Sun Feb 25 19:43:15 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\AGRSM.sys
Sun Feb 25 19:43:15 2007 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Feb 25 19:43:15 2007 => Scanning File C:\WINDOWS\System32\alg.exe
Sun Feb 25 19:43:15 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\AmdK8.sys
Sun Feb 25 19:43:15 2007 => Scanning File C:\WINDOWS\SYSTEM32\DRIVERS\APPFLT.SYS
Sun Feb 25 19:43:15 2007 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Feb 25 19:43:15 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\ar5513.sys
Sun Feb 25 19:43:15 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\aracpi.sys
Sun Feb 25 19:43:15 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\arhidfltr.sys
Sun Feb 25 19:43:15 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\arkbcfltr.sys
Sun Feb 25 19:43:15 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\armoucfltr.sys
Sun Feb 25 19:43:15 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\arp1394.sys
Sun Feb 25 19:43:15 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\arpolicy.sys
Sun Feb 25 19:43:15 2007 => Scanning File C:\WINDOWS\arservice.exe
Sun Feb 25 19:43:15 2007 => Scanning File C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
Sun Feb 25 19:43:15 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\asyncmac.sys
Sun Feb 25 19:43:15 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\atapi.sys
Sun Feb 25 19:43:15 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\atmarpc.sys
Sun Feb 25 19:43:15 2007 => Scanning File C:\WINDOWS\System32\svchost.exe
Sun Feb 25 19:43:15 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\audstub.sys
Sun Feb 25 19:43:15 2007 => ERROR!!! Invalid Entry \SystemRoot\system32\drivers\av5flt.sys. Removing SYSTEM\CurrentControlSet\Services\AvFlt...
Sun Feb 25 19:43:15 2007 => Scanning File C:\PROGRA~1\GRISOFT\AVGANT~1.5\GUARD.SYS
Sun Feb 25 19:43:15 2007 => Scanning File C:\PROGRA~1\Grisoft\AVGANT~1.5\guard.exe
Sun Feb 25 19:43:15 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\AvgAsCln.sys
Sun Feb 25 19:43:15 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\bb-run.sys
Sun Feb 25 19:43:15 2007 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Feb 25 19:43:15 2007 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Feb 25 19:43:15 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\cdrom.sys
Sun Feb 25 19:43:16 2007 => Scanning File C:\WINDOWS\system32\cisvc.exe
Sun Feb 25 19:43:16 2007 => Scanning File C:\WINDOWS\system32\clipsrv.exe
Sun Feb 25 19:43:16 2007 => ERROR!!! Invalid Entry \??\C:\WINDOWS\system32\DRIVERS\COMFiltr.sys. Removing SYSTEM\CurrentControlSet\Services\ComFiltr...
Sun Feb 25 19:43:16 2007 => Scanning File C:\WINDOWS\system32\dllhost.exe
Sun Feb 25 19:43:16 2007 => Scanning File C:\WINDOWS\system32\Drivers\cpoint.sys
Sun Feb 25 19:43:16 2007 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Feb 25 19:43:16 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\css-dvp.sys
Sun Feb 25 19:43:16 2007 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Feb 25 19:43:16 2007 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Feb 25 19:43:16 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\disk.sys
Sun Feb 25 19:43:16 2007 => Scanning File C:\WINDOWS\System32\dmadmin.exe
Sun Feb 25 19:43:16 2007 => Scanning File C:\WINDOWS\system32\drivers\dmboot.sys
Sun Feb 25 19:43:16 2007 => Scanning File C:\WINDOWS\system32\drivers\dmio.sys
Sun Feb 25 19:43:16 2007 => Scanning File C:\WINDOWS\system32\drivers\dmload.sys
Sun Feb 25 19:43:16 2007 => Scanning File C:\WINDOWS\System32\svchost.exe
Sun Feb 25 19:43:16 2007 => Scanning File C:\WINDOWS\system32\drivers\DMusic.sys
Sun Feb 25 19:43:16 2007 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Feb 25 19:43:16 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\hphid411.sys
Sun Feb 25 19:43:16 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\hphipr11.sys
Sun Feb 25 19:43:16 2007 => Scanning File C:\WINDOWS\system32\drivers\hphius11.sys
Sun Feb 25 19:43:16 2007 => Scanning File C:\WINDOWS\system32\drivers\drmkaud.sys
Sun Feb 25 19:43:16 2007 => Scanning File C:\WINDOWS\SYSTEM32\DRIVERS\DSAFLT.SYS
Sun Feb 25 19:43:16 2007 => Scanning File C:\PROGRA~1\COMMON~1\COMMAN~1\dvpapi.exe
Sun Feb 25 19:43:16 2007 => Scanning File C:\WINDOWS\eHome\ehRecvr.exe
Sun Feb 25 19:43:16 2007 => Scanning File C:\WINDOWS\eHome\ehSched.exe
Sun Feb 25 19:43:16 2007 => Scanning File C:\WINDOWS\System32\svchost.exe
Sun Feb 25 19:43:16 2007 => Scanning File C:\WINDOWS\system32\services.exe
Sun Feb 25 19:43:16 2007 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Feb 25 19:43:16 2007 => Scanning File C:\WINDOWS\System32\svchost.exe
Sun Feb 25 19:43:16 2007 => Scanning File C:\WINDOWS\system32\fxssvc.exe
Sun Feb 25 19:43:16 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\fltMgr.sys
Sun Feb 25 19:43:17 2007 => Scanning File C:\WINDOWS\SYSTEM32\DRIVERS\FNETMON.SYS
Sun Feb 25 19:43:17 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\ftdisk.sys
Sun Feb 25 19:43:17 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\ftsata2.sys
Sun Feb 25 19:43:17 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\msgpc.sys
Sun Feb 25 19:43:17 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
Sun Feb 25 19:43:17 2007 => Scanning File C:\WINDOWS\System32\svchost.exe
Sun Feb 25 19:43:17 2007 => Scanning File C:\WINDOWS\System32\svchost.exe
Sun Feb 25 19:43:17 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\hidusb.sys
Sun Feb 25 19:43:17 2007 => Scanning File C:\WINDOWS\system32\Drivers\HTTP.sys
Sun Feb 25 19:43:17 2007 => Scanning File C:\WINDOWS\System32\svchost.exe
Sun Feb 25 19:43:17 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\i8042prt.sys
Sun Feb 25 19:43:17 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\iaStor.sys
Sun Feb 25 19:43:17 2007 => Scanning File C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriverT.exe
Sun Feb 25 19:43:17 2007 => Scanning File C:\WINDOWS\SYSTEM32\DRIVERS\IDSFLT.SYS
Sun Feb 25 19:43:17 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\imapi.sys
Sun Feb 25 19:43:17 2007 => Scanning File C:\WINDOWS\system32\imapi.exe
Sun Feb 25 19:43:17 2007 => *** File C:\WINDOWS\system32\drivers\RtkHDAud.sys having Size Restriction ***. Filesize 4146 kb > 3072 kb...
Sun Feb 25 19:43:17 2007 => Scanning File C:\WINDOWS\system32\drivers\RtkHDAud.sys [**]
Sun Feb 25 19:43:17 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\intelide.sys
Sun Feb 25 19:43:17 2007 => ERROR!!! Invalid Entry system32\DRIVERS\intelppm.sys. Removing SYSTEM\CurrentControlSet\Services\intelppm...
Sun Feb 25 19:43:17 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
Sun Feb 25 19:43:17 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
Sun Feb 25 19:43:17 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\ipinip.sys
Sun Feb 25 19:43:17 2007 => ERROR!!! Invalid Entry system32\DRIVERS\i2220ntx.sys. Removing SYSTEM\CurrentControlSet\Services\IPN2220...
Sun Feb 25 19:43:17 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\ipnat.sys
Sun Feb 25 19:43:17 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\ipsec.sys
Sun Feb 25 19:43:17 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\irenum.sys
Sun Feb 25 19:43:17 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\isapnp.sys
Sun Feb 25 19:43:17 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\kbdclass.sys
Sun Feb 25 19:43:17 2007 => Scanning File C:\WINDOWS\system32\drivers\kmixer.sys
Sun Feb 25 19:43:17 2007 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Feb 25 19:43:17 2007 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Feb 25 19:43:17 2007 => Scanning File C:\PROGRA~1\COMMON~1\LIGHTS~1\LSSrvc.exe
Sun Feb 25 19:43:17 2007 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Feb 25 19:43:17 2007 => Scanning File C:\WINDOWS\ehome\mcrdsvc.exe
Sun Feb 25 19:43:17 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\mdc8021x.sys
Sun Feb 25 19:43:18 2007 => Scanning File C:\PROGRA~1\COMMON~1\MICROS~1\VS7DEBUG\MDM.EXE
Sun Feb 25 19:43:18 2007 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Feb 25 19:43:18 2007 => Scanning File C:\WINDOWS\System32\svchost.exe
Sun Feb 25 19:43:18 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\mhndrv.sys
Sun Feb 25 19:43:18 2007 => Scanning File C:\WINDOWS\system32\mnmsrvc.exe
Sun Feb 25 19:43:18 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\mouclass.sys
Sun Feb 25 19:43:18 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\mrxdav.sys
Sun Feb 25 19:43:18 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
Sun Feb 25 19:43:18 2007 => Scanning File C:\WINDOWS\system32\msiexec.exe
Sun Feb 25 19:43:18 2007 => Scanning File C:\WINDOWS\system32\drivers\MSKSSRV.sys
Sun Feb 25 19:43:18 2007 => Scanning File C:\WINDOWS\system32\drivers\MSPCLOCK.sys
Sun Feb 25 19:43:18 2007 => Scanning File C:\WINDOWS\system32\drivers\MSPQM.sys
Sun Feb 25 19:43:18 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\mssmbios.sys
Sun Feb 25 19:43:18 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\ndistapi.sys
Sun Feb 25 19:43:18 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\ndisuio.sys
Sun Feb 25 19:43:18 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\ndiswan.sys
Sun Feb 25 19:43:18 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\netbios.sys
Sun Feb 25 19:43:18 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\netbt.sys
Sun Feb 25 19:43:18 2007 => Scanning File C:\WINDOWS\system32\netdde.exe
Sun Feb 25 19:43:18 2007 => Scanning File C:\WINDOWS\system32\netdde.exe
Sun Feb 25 19:43:18 2007 => Scanning File C:\WINDOWS\system32\Drivers\NETFLT.SYS
Sun Feb 25 19:43:18 2007 => Scanning File C:\WINDOWS\SYSTEM32\DRIVERS\NETFLTDI.SYS
Sun Feb 25 19:43:18 2007 => Scanning File C:\WINDOWS\system32\lsass.exe
Sun Feb 25 19:43:18 2007 => Scanning File C:\WINDOWS\System32\svchost.exe
Sun Feb 25 19:43:18 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\nic1394.sys
Sun Feb 25 19:43:18 2007 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Feb 25 19:43:18 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\NMnt.sys
Sun Feb 25 19:43:18 2007 => Scanning File C:\WINDOWS\system32\lsass.exe
Sun Feb 25 19:43:18 2007 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Feb 25 19:43:18 2007 => *** File C:\WINDOWS\system32\DRIVERS\nv4_mini.sys having Size Restriction ***. Filesize 3452 kb > 3072 kb...
Sun Feb 25 19:43:18 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [**]
Sun Feb 25 19:43:18 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
Sun Feb 25 19:43:18 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
Sun Feb 25 19:43:18 2007 => Scanning File C:\WINDOWS\system32\nvsvc32.exe
Sun Feb 25 19:43:18 2007 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Feb 25 19:43:18 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
Sun Feb 25 19:43:18 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
Sun Feb 25 19:43:19 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
Sun Feb 25 19:43:19 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
Sun Feb 25 19:43:19 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
Sun Feb 25 19:43:19 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\nwrdr.sys
Sun Feb 25 19:43:19 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\ohci1394.sys
Sun Feb 25 19:43:19 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\parport.sys
Sun Feb 25 19:43:19 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\pavdrv51.sys
Sun Feb 25 19:43:19 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\PavFnSvr.exe
Sun Feb 25 19:43:19 2007 => Scanning File C:\WINDOWS\SYSTEM32\DRIVERS\PAVPROC.SYS
Sun Feb 25 19:43:19 2007 => Scanning File C:\PROGRA~1\COMMON~1\PANDAS~1\PavShld\pavprsrv.exe
Sun Feb 25 19:43:19 2007 => ERROR!!! Invalid Entry \??\C:\WINDOWS\system32\PavSRK.sys. Removing SYSTEM\CurrentControlSet\Services\PavSRK.sys...
Sun Feb 25 19:43:19 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\pavsrv51.exe
Sun Feb 25 19:43:19 2007 => ERROR!!! Invalid Entry \??\C:\WINDOWS\system32\PavTPK.sys. Removing SYSTEM\CurrentControlSet\Services\PavTPK.sys...
Sun Feb 25 19:43:19 2007 => ERROR!!! Invalid Entry \??\C:\WINDOWS\system32\PCANDIS5.SYS. Removing SYSTEM\CurrentControlSet\Services\PCANDIS5...
Sun Feb 25 19:43:19 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\pci.sys
Sun Feb 25 19:43:19 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\pciide.sys
Sun Feb 25 19:43:19 2007 => Scanning File C:\WINDOWS\system32\services.exe
Sun Feb 25 19:43:19 2007 => Scanning File C:\WINDOWS\system32\HPHipm11.exe
Sun Feb 25 19:43:19 2007 => Scanning File c:\PROGRA~1\PANDAS~1\PANDAA~1\firewall\PNMSRV.EXE
Sun Feb 25 19:43:19 2007 => Scanning File C:\WINDOWS\system32\lsass.exe
Sun Feb 25 19:43:19 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\raspptp.sys
Sun Feb 25 19:43:19 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\processr.sys
Sun Feb 25 19:43:19 2007 => Scanning File C:\WINDOWS\system32\lsass.exe
Sun Feb 25 19:43:19 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\PS2.sys
Sun Feb 25 19:43:19 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\psched.sys
Sun Feb 25 19:43:19 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\PsImSvc.exe
Sun Feb 25 19:43:19 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\ptilink.sys
Sun Feb 25 19:43:19 2007 => Scanning File C:\WINDOWS\system32\Drivers\PxHelp20.sys
Sun Feb 25 19:43:19 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\rasacd.sys
Sun Feb 25 19:43:19 2007 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Feb 25 19:43:19 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
Sun Feb 25 19:43:19 2007 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Feb 25 19:43:19 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\raspppoe.sys
Sun Feb 25 19:43:19 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\raspti.sys
Sun Feb 25 19:43:19 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\rdbss.sys
Sun Feb 25 19:43:19 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
Sun Feb 25 19:43:19 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\rdpdr.sys
Sun Feb 25 19:43:20 2007 => Scanning File C:\WINDOWS\system32\sessmgr.exe
Sun Feb 25 19:43:20 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\redbook.sys
Sun Feb 25 19:43:20 2007 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Feb 25 19:43:20 2007 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Feb 25 19:43:20 2007 => Scanning File C:\WINDOWS\system32\locator.exe
Sun Feb 25 19:43:20 2007 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Feb 25 19:43:20 2007 => Scanning File C:\WINDOWS\system32\rsvp.exe
Sun Feb 25 19:43:20 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\rt73.sys
Sun Feb 25 19:43:20 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
Sun Feb 25 19:43:20 2007 => Scanning File C:\WINDOWS\system32\lsass.exe
Sun Feb 25 19:43:20 2007 => Scanning File C:\WINDOWS\System32\SCardSvr.exe
Sun Feb 25 19:43:20 2007 => Scanning File C:\WINDOWS\System32\svchost.exe
Sun Feb 25 19:43:20 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\secdrv.sys
Sun Feb 25 19:43:20 2007 => Scanning File C:\WINDOWS\System32\svchost.exe
Sun Feb 25 19:43:20 2007 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Feb 25 19:43:20 2007 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Feb 25 19:43:20 2007 => Scanning File C:\WINDOWS\System32\svchost.exe
Sun Feb 25 19:43:20 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\ShldDrv.sys
Sun Feb 25 19:43:20 2007 => Scanning File C:\WINDOWS\SYSTEM32\DRIVERS\SMSFLT.SYS
Sun Feb 25 19:43:20 2007 => Scanning File C:\WINDOWS\System32\snmp.exe
Sun Feb 25 19:43:20 2007 => Scanning File C:\WINDOWS\System32\snmptrap.exe
Sun Feb 25 19:43:20 2007 => Scanning File C:\WINDOWS\system32\drivers\splitter.sys
Sun Feb 25 19:43:20 2007 => Scanning File C:\WINDOWS\system32\spoolsv.exe
Sun Feb 25 19:43:20 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\sr.sys
Sun Feb 25 19:43:20 2007 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Feb 25 19:43:20 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\srv.sys
Sun Feb 25 19:43:20 2007 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Feb 25 19:43:20 2007 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Feb 25 19:43:20 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\ss.sys
Sun Feb 25 19:43:20 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\swenum.sys
Sun Feb 25 19:43:20 2007 => Scanning File C:\WINDOWS\system32\drivers\swmidi.sys
Sun Feb 25 19:43:20 2007 => Scanning File C:\WINDOWS\system32\dllhost.exe
Sun Feb 25 19:43:20 2007 => Scanning File C:\PROGRA~1\SYMANTEC\SYMEVENT.SYS
Sun Feb 25 19:43:20 2007 => ERROR!!! Invalid Entry \SystemRoot\System32\Drivers\SYMTDI.SYS. Removing SYSTEM\CurrentControlSet\Services\SYMTDI...
Sun Feb 25 19:43:20 2007 => Scanning File C:\WINDOWS\system32\drivers\sysaudio.sys
Sun Feb 25 19:43:21 2007 => Scanning File C:\WINDOWS\system32\smlogsvc.exe
Sun Feb 25 19:43:21 2007 => Scanning File C:\WINDOWS\System32\svchost.exe
Sun Feb 25 19:43:21 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\tcpip.sys
Sun Feb 25 19:43:21 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\tcpip6.sys
Sun Feb 25 19:43:21 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\termdd.sys
Sun Feb 25 19:43:21 2007 => Scanning File C:\WINDOWS\System32\svchost.exe
Sun Feb 25 19:43:21 2007 => Scanning File C:\WINDOWS\System32\svchost.exe
Sun Feb 25 19:43:21 2007 => Scanning File C:\WINDOWS\system32\tlntsvr.exe
Sun Feb 25 19:43:21 2007 => Scanning File C:\PROGRA~1\PANDAS~1\PANDAA~1\TPSrv.exe
Sun Feb 25 19:43:21 2007 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Feb 25 19:43:21 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\tunmp.sys
Sun Feb 25 19:43:21 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\update.sys
Sun Feb 25 19:43:21 2007 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Feb 25 19:43:21 2007 => Scanning File C:\WINDOWS\System32\ups.exe
Sun Feb 25 19:43:21 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\usbccgp.sys
Sun Feb 25 19:43:21 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\usbehci.sys
Sun Feb 25 19:43:21 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\usbhub.sys
Sun Feb 25 19:43:21 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\usbohci.sys
Sun Feb 25 19:43:21 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\usbprint.sys
Sun Feb 25 19:43:21 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\usbscan.sys
Sun Feb 25 19:43:21 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
Sun Feb 25 19:43:21 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\usbuhci.sys
Sun Feb 25 19:43:21 2007 => Scanning File C:\WINDOWS\System32\drivers\vga.sys
Sun Feb 25 19:43:21 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\viaide.sys
Sun Feb 25 19:43:21 2007 => Scanning File C:\WINDOWS\System32\vssvc.exe
Sun Feb 25 19:43:21 2007 => Scanning File C:\WINDOWS\System32\svchost.exe
Sun Feb 25 19:43:21 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\wanarp.sys
Sun Feb 25 19:43:21 2007 => Scanning File C:\WINDOWS\system32\drivers\wdmaud.sys
Sun Feb 25 19:43:22 2007 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Feb 25 19:43:22 2007 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Feb 25 19:43:22 2007 => Scanning File C:\WINDOWS\System32\svchost.exe
Sun Feb 25 19:43:22 2007 => Scanning File C:\WINDOWS\System32\svchost.exe
Sun Feb 25 19:43:22 2007 => Scanning File C:\WINDOWS\system32\wbem\wmiapsrv.exe
Sun Feb 25 19:43:22 2007 => Scanning File C:\PROGRA~1\WINDOW~1\WMPNetwk.exe
Sun Feb 25 19:43:22 2007 => Scanning File C:\WINDOWS\SYSTEM32\DRIVERS\WNMFLT.SYS
Sun Feb 25 19:43:22 2007 => Scanning File C:\WINDOWS\System32\drivers\ws2ifsl.sys
Sun Feb 25 19:43:22 2007 => Scanning File C:\WINDOWS\System32\svchost.exe
Sun Feb 25 19:43:22 2007 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Feb 25 19:43:22 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\WudfPf.sys
Sun Feb 25 19:43:22 2007 => Scanning File C:\WINDOWS\system32\DRIVERS\wudfrd.sys
Sun Feb 25 19:43:22 2007 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Feb 25 19:43:22 2007 => Scanning File C:\WINDOWS\System32\svchost.exe
Sun Feb 25 19:43:22 2007 => Scanning File C:\WINDOWS\System32\svchost.exe

Sun Feb 25 19:43:22 2007 => Scanning HKLM\SYSTEM\CurrentControlSet\Services\VxD

Sun Feb 25 19:43:22 2007 => ***** Scanning Registry and File system for Adware/Spyware *****
Sun Feb 25 19:43:22 2007 => ERROR!!! Unable to make directory C:\WINDOWS\logo1_.exe!
Sun Feb 25 19:43:22 2007 => Loading Spyware Signatures from new External Database [Name: C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\spydb.avs, Size: 211409].
Sun Feb 25 19:43:25 2007 => Possible Error In InsertIntoDB of value [{661173ee-fa31-4769-97d4-b556b5d09bda}]...
Sun Feb 25 19:43:25 2007 => InsertIntoDBFile Err: the key is unduplicated
Sun Feb 25 19:43:25 2007 => Possible Error In InsertIntoDB of value [spydawn]...
Sun Feb 25 19:43:25 2007 => InsertIntoDBFile Err: the key is unduplicated
Sun Feb 25 19:43:25 2007 => Possible Error In InsertIntoDB of value [%programfiles%\spydawn\spydawn.exe]...
Sun Feb 25 19:43:25 2007 => InsertIntoDBFile Err: the key is unduplicated
Sun Feb 25 19:43:25 2007 => Indexed Spyware Databases Successfully Created...

Sun Feb 25 19:43:27 2007 => Offending Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\video activex object !!!
Sun Feb 25 19:43:27 2007 => Deleting Registry Key: HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\video activex object
Sun Feb 25 19:43:27 2007 => Object "video activex object Trojan" found in File System! Action Taken: Entries Removed.

Sun Feb 25 19:43:27 2007 => Offending Key found: HKCU\software\microsoft\windows\currentversion\explorer\menuorder\start menu2\programs\antiverminser !!!
Sun Feb 25 19:43:27 2007 => Deleting Registry Key: HKCU\software\microsoft\windows\currentversion\explorer\menuorder\start menu2\programs\antiverminser
Sun Feb 25 19:43:27 2007 => Object "antivermins Corrupted Adware/Spyware" found in File System! Action Taken: Entries Removed.

Sun Feb 25 19:43:27 2007 => Offending Key found: HKCU\software\microsoft\windows\currentversion\explorer\menuorder\start menu2\programs\spydawn !!!
Sun Feb 25 19:43:27 2007 => Deleting Registry Key: HKCU\software\microsoft\windows\currentversion\explorer\menuorder\start menu2\programs\spydawn
Sun Feb 25 19:43:27 2007 => Object "spydawn Corrupted Adware/Spyware" found in File System! Action Taken: Entries Removed.

Sun Feb 25 19:43:52 2007 => Offending file found: C:\DOCUME~1\HP_ADM~1\LOCALS~1\APPLIC~1\hp\DIGITA~1\cache\1.dat
Sun Feb 25 19:43:52 2007 => System found infected with wareout Adware (1.dat)! Action taken: Entries Removed.
Sun Feb 25 19:43:52 2007 => Object "wareout Adware" found in File System! Action Taken: Entries Removed.

Sun Feb 25 19:43:55 2007 => Offending file found: C:\DOCUME~1\ALLUSE~1\APPLIC~1\intuit\quicken\inet\common\domains.txt
Sun Feb 25 19:43:55 2007 => System found infected with zango toolbar 4.8.2.3209 Browser Hijacker (domains.txt)! Action taken: Entries Removed.
Sun Feb 25 19:43:55 2007 => Object "zango toolbar 4.8.2.3209 Browser Hijacker" found in File System! Action Taken: Entries Removed.

Sun Feb 25 19:44:03 2007 => Checking MountPoints2 Registry Key...
Sun Feb 25 19:44:03 2007 => Executable Command Found in D\Shell\AutoRun\command: C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480
Sun Feb 25 19:44:03 2007 => Offending Key found: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\D !!!
Sun Feb 25 19:44:03 2007 => Deleting Registry Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\D
Sun Feb 25 19:44:03 2007 => Object "Possible Fujacks-type Worm" found in File System! Action Taken: Entries Removed.

Sun Feb 25 19:44:03 2007 => Invalid Command Found in {2f4785b4-a9aa-11db-b128-001731ed27ff}\Shell\Autoplay\DropTarget\AutoRun\command: F:\JDLightning\Windows\JDLightning.exe
Sun Feb 25 19:44:03 2007 => Offending Key found: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2f4785b4-a9aa-11db-b128-001731ed27ff} !!!
Sun Feb 25 19:44:03 2007 => Deleting Registry Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2f4785b4-a9aa-11db-b128-001731ed27ff}
Sun Feb 25 19:44:03 2007 => Object "Possible Fujacks-type Worm" found in File System! Action Taken: Entries Removed.

Sun Feb 25 19:44:03 2007 => Invalid Command Found in {2f9ace7d-3c94-11db-b055-001731ed27ff}\Shell\AutoRun\command: K:\LaunchU3.exe
Sun Feb 25 19:44:03 2007 => Offending Key found: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2f9ace7d-3c94-11db-b055-001731ed27ff} !!!
Sun Feb 25 19:44:03 2007 => Deleting Registry Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2f9ace7d-3c94-11db-b055-001731ed27ff}
Sun Feb 25 19:44:03 2007 => Object "Possible Fujacks-type Worm" found in File System! Action Taken: Entries Removed.

Sun Feb 25 19:44:03 2007 => Invalid Command Found in {310bcfdf-a058-11db-b110-001731ed27ff}\Shell\Autoplay\DropTarget\AutoRun\command: F:\JDLightning\Windows\JDLightning.exe
Sun Feb 25 19:44:03 2007 => Offending Key found: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{310bcfdf-a058-11db-b110-001731ed27ff} !!!
Sun Feb 25 19:44:03 2007 => Deleting Registry Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{310bcfdf-a058-11db-b110-001731ed27ff}
Sun Feb 25 19:44:03 2007 => Object "Possible Fujacks-type Worm" found in File System! Action Taken: Entries Removed.

Sun Feb 25 19:44:03 2007 => Executable Command Found in {923ea90d-3c7e-11db-b053-806d6172696f}\Shell\AutoRun\command: C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480
Sun Feb 25 19:44:03 2007 => Offending Key found: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{923ea90d-3c7e-11db-b053-806d6172696f} !!!
Sun Feb 25 19:44:03 2007 => Deleting Registry Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{923ea90d-3c7e-11db-b053-806d6172696f}
Sun Feb 25 19:44:03 2007 => Object "Possible Fujacks-type Worm" found in File System! Action Taken: Entries Removed.

Sun Feb 25 19:44:03 2007 => Checking CLSID Reference Entries...
Sun Feb 25 19:44:03 2007 => Entry "HKCR\DirectAnimation.PathControl" refers to invalid object "{D7A7D7C3-D47F-11D0-89D3-00A0C90833E6}". Action Taken: Entries Removed.

Sun Feb 25 19:44:03 2007 => Entry "HKCR\DirectAnimation.Sequence" refers to invalid object "{4F241DB1-EE9F-11D0-9824-006097C99E51}". Action Taken: Entries Removed.

Sun Feb 25 19:44:03 2007 => Entry "HKCR\DirectAnimation.SequencerControl" refers to invalid object "{B0A6BAE2-AAF0-11D0-A152-00A0C908DB96}". Action Taken: Entries Removed.

Sun Feb 25 19:44:03 2007 => Entry "HKCR\DirectAnimation.SpriteControl" refers to invalid object "{FD179533-D86E-11D0-89D6-00A0C90833E6}". Action Taken: Entries Removed.

Sun Feb 25 19:44:03 2007 => Entry "HKCR\DirectAnimation.StructuredGraphicsControl" refers to invalid object "{369303C2-D7AC-11D0-89D5-00A0C90833E6}". Action Taken: Entries Removed.

Sun Feb 25 19:44:05 2007 => Entry "HKCR\PowerPoint.Application.8" refers to invalid object "{91493441-5A91-11CF-8700-00AA0060263B}". Action Taken: Entries Removed.

Sun Feb 25 19:44:05 2007 => Entry "HKCR\SymWriter.pdb" refers to invalid object "{520DC67A-752E-11D3-8D56-00C04F680B2B}". Action Taken: Entries Removed.

Sun Feb 25 19:44:06 2007 => Entry "HKCR\YPager.Messenger" refers to invalid object "{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96}". Action Taken: Entries Removed.

Sun Feb 25 19:44:06 2007 => Checking Module Usage Entries...
Sun Feb 25 19:44:06 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\SpSubRx.exe". Action Taken: Entries Removed.

Sun Feb 25 19:44:06 2007 => Checking User Trusted External App Entries...
Sun Feb 25 19:44:06 2007 => Entry "HKCU\Software\Netscape\Netscape Navigator\User Trusted External Applications" refers to invalid object ""C:\PROGRA~1\WINDOW~3\wmplayer.exe"". Action Taken: Entries Removed.

Sun Feb 25 19:44:06 2007 => Entry "HKCU\Software\Netscape\Netscape Navigator\User Trusted External Applications" refers to invalid object "C:\PROGRA~1\WINDOW~3\wmplayer.exe". Action Taken: Entries Removed.

Sun Feb 25 19:44:06 2007 => Checking Shared DLL Entries...
Sun Feb 25 19:44:08 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "c:\WINDOWS\system32\msxml3a.dll". Action Taken: Entries Removed.

Sun Feb 25 19:44:10 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\HP\Digital Imaging\hpis\temp\Install.wse.exe". Action Taken: Entries Removed.

Sun Feb 25 19:44:10 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\HP\Digital Imaging\hpis\temp\config.ini". Action Taken: Entries Removed.

Sun Feb 25 19:44:10 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\HP\Digital Imaging\hpis\temp\templates.zip". Action Taken: Entries Removed.

Sun Feb 25 19:44:10 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\system32\pxinsi64.exe". Action Taken: Entries Removed.

Sun Feb 25 19:44:10 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\system32\pxcpyi64.exe". Action Taken: Entries Removed.

Sun Feb 25 19:44:10 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\Downloaded Program Files\SpSubRx.exe". Action Taken: Entries Removed.

Sun Feb 25 19:44:10 2007 => Checking Installer Entries...
Sun Feb 25 19:44:10 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "c:\Documents and Settings\All Users\Documents\My Music\Rosie Thomas\Only With Laughter Can You Win\". Action Taken: Entries Removed.

Sun Feb 25 19:44:10 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "c:\Documents and Settings\All Users\Documents\My Music\Rosie Thomas\". Action Taken: Entries Removed.

Sun Feb 25 19:44:10 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "c:\Documents and Settings\All Users\Documents\My Music\The Shins\Chutes Too Narrow\". Action Taken: Entries Removed.

Sun Feb 25 19:44:10 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "c:\Documents and Settings\All Users\Documents\My Music\The Shins\". Action Taken: Entries Removed.

Sun Feb 25 19:44:10 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "c:\Documents and Settings\All Users\Documents\My Music\Alanis Morissette\Everything - Single\". Action Taken: Entries Removed.

Sun Feb 25 19:44:10 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "c:\Documents and Settings\All Users\Documents\My Music\Alanis Morissette\". Action Taken: Entries Removed.

Sun Feb 25 19:44:10 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "c:\Documents and Settings\All Users\Documents\My Music\Deardorf Peterson Group\Portal\". Action Taken: Entries Removed.

Sun Feb 25 19:44:10 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "c:\Documents and Settings\All Users\Documents\My Music\Deardorf Peterson Group\". Action Taken: Entries Removed.

Sun Feb 25 19:44:10 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "c:\Documents and Settings\All Users\Documents\My Music\King Sunny Ade & His African Beats\Synchro Series\". Action Taken: Entries Removed.

Sun Feb 25 19:44:10 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "c:\Documents and Settings\All Users\Documents\My Music\King Sunny Ade & His African Beats\". Action Taken: Entries Removed.

Sun Feb 25 19:44:10 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "c:\Documents and Settings\All Users\Documents\My Music\Robert Randolph & the Family Band\Unclassified\". Action Taken: Entries Removed.

Sun Feb 25 19:44:10 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "c:\Documents and Settings\All Users\Documents\My Music\Robert Randolph & the Family Band\". Action Taken: Entries Removed.

Sun Feb 25 19:44:10 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "c:\Documents and Settings\All Users\Documents\My Music\Mark Knopfler\shangri-la\". Action Taken: Entries Removed.

Sun Feb 25 19:44:11 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "c:\Documents and Settings\All Users\Documents\My Music\Mark Knopfler\". Action Taken: Entries Removed.

Sun Feb 25 19:44:11 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "c:\Documents and Settings\All Users\Documents\My Pictures\Impressionism - GalleryPlayer\". Action Taken: Entries Removed.

Sun Feb 25 19:44:11 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "c:\Documents and Settings\All Users\Documents\My Pictures\Landscapes - GalleryPlayer\". Action Taken: Entries Removed.

Sun Feb 25 19:44:11 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "c:\Documents and Settings\All Users\Documents\My Pictures\Masterpieces - GalleryPlayer\". Action Taken: Entries Removed.

Sun Feb 25 19:44:11 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "c:\Documents and Settings\All Users\Documents\My Pictures\Nature - GalleryPlayer\". Action Taken: Entries Removed.

Sun Feb 25 19:44:11 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "c:\Documents and Settings\All Users\Documents\My Pictures\Travel - GalleryPlayer\". Action Taken: Entries Removed.

Sun Feb 25 19:44:11 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "c:\Documents and Settings\All Users\Documents\My Pictures\Vintage - GalleryPlayer\". Action Taken: Entries Removed.

Sun Feb 25 19:44:11 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "D:\bin\". Action Taken: Entries Removed.

Sun Feb 25 19:44:11 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "c:\Documents and Settings\All Users\Application Data\Symantec\Common Client\". Action Taken: Entries Removed.

Sun Feb 25 19:44:11 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "c:\Program Files\Norton Internet Security\". Action Taken: Entries Removed.

Sun Feb 25 19:44:11 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "c:\Program Files\Norton Internet Security\Norton AntiVirus\Savrt\". Action Taken: Entries Removed.

Sun Feb 25 19:44:11 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\Temporary File Cache\". Action Taken: Entries Removed.

Sun Feb 25 19:44:11 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Program Files\HP\Digital Imaging\hpis\temp\". Action Taken: Entries Removed.

Sun Feb 25 19:44:11 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Program Files\HP\Digital Imaging\hpis\". Action Taken: Entries Removed.

Sun Feb 25 19:44:12 2007 => Checking Shared Tools Entries...
Sun Feb 25 19:44:12 2007 => Checking File Extension Entries...
Sun Feb 25 19:44:12 2007 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".CH_". Action Taken: Entries Removed.

Sun Feb 25 19:44:12 2007 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".doc?attach=1". Action Taken: Entries Removed.

Sun Feb 25 19:44:12 2007 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".HL_". Action Taken: Entries Removed.

Sun Feb 25 19:44:12 2007 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".nra". Action Taken: Entries Removed.

Sun Feb 25 19:44:12 2007 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".pf". Action Taken: Entries Removed.

Sun Feb 25 19:44:12 2007 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".rp". Action Taken: Entries Removed.

Sun Feb 25 19:44:12 2007 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".rt". Action Taken: Entries Removed.

Sun Feb 25 19:44:12 2007 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".SMS". Action Taken: Entries Removed.

Sun Feb 25 19:44:12 2007 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".torrent". Action Taken: Entries Removed.

Sun Feb 25 19:44:12 2007 => Checking Application Cache Entries...
Sun Feb 25 19:44:12 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Internet Explorer Security Plugin 2006". Action Taken: Entries Removed.

Sun Feb 25 19:44:12 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Internet Security Add-On". Action Taken: Entries Removed.

Sun Feb 25 19:44:13 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Netscape Browser". Action Taken: Entries Removed.

Sun Feb 25 19:44:13 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Public Messenger ver 2.03". Action Taken: Entries Removed.

Sun Feb 25 19:44:13 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "WeBlocker". Action Taken: Entries Removed.

Sun Feb 25 19:44:13 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "WildTangent CDA". Action Taken: Entries Removed.

Sun Feb 25 19:44:13 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "YInstHelper". Action Taken: Entries Removed.

Sun Feb 25 19:44:13 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{08959f19-fa0d-4ec6-807c-918d59568e51}". Action Taken: Entries Removed.

Sun Feb 25 19:44:13 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{1F0F5A25-F18D-4B36-AD82-4B452A72AC4B}". Action Taken: Entries Removed.



Part 4:

Sun Feb 25 19:44:13 2007 => ***** Scanning Registry Files *****

Sun Feb 25 19:44:13 2007 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
Sun Feb 25 19:44:13 2007 => *** File C:\WINDOWS\system32\SHELL32.dll having Size Restriction ***. Filesize 8255 kb > 3072 kb...
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\SHELL32.dll [**]
Sun Feb 25 19:44:13 2007 => *** File C:\WINDOWS\system32\SHELL32.dll having Size Restriction ***. Filesize 8255 kb > 3072 kb...
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\SHELL32.dll [**]
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\webcheck.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\stobject.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\upnpui.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\WPDShServiceObj.dll

Sun Feb 25 19:44:13 2007 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad

Sun Feb 25 19:44:13 2007 => Scanning HKLM\SOFTWARE\Microsoft\Internet Explorer\Plugins\Extension

Sun Feb 25 19:44:13 2007 => Scanning HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar
Sun Feb 25 19:44:13 2007 => Scanning File c:\PROGRA~1\google\GOOGLE~2.DLL

Sun Feb 25 19:44:13 2007 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects
Sun Feb 25 19:44:13 2007 => {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} = C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\PROGRA~1\Adobe\ACROBA~1.0\ActiveX\ACROIE~1.DLL
Sun Feb 25 19:44:13 2007 => {53707962-6F74-2D53-2644-206D7942484F} = C:\PROGRA~1\SPYBOT~1\SDHelper.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\PROGRA~1\SPYBOT~1\SDHelper.dll
Sun Feb 25 19:44:13 2007 => {AA58ED58-01DD-4d91-8333-CF10577473F7} = c:\program files\google\googletoolbar2.dll
Sun Feb 25 19:44:13 2007 => Scanning File c:\PROGRA~1\google\GOOGLE~2.DLL

Sun Feb 25 19:44:13 2007 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\browseui.dll

Sun Feb 25 19:44:13 2007 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\mmsys.cpl
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\icmui.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\rshx32.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\docprop.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\ntshrui.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\themeui.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\deskadp.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\deskmon.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\dssec.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\SlayerXP.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\shscrap.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\diskcopy.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\ntlanui2.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\System32\icmui.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\icmui.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\printui.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\dskquoui.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\syncui.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\fontext.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\icmui.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\rshx32.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\ntshrui.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\deskperf.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\cryptext.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\cryptext.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\NETSHELL.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\NETSHELL.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\wiashext.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\wiashext.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\wiashext.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\wiashext.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\wiashext.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\remotepg.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\mscoree.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\wshext.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\PROGRA~1\COMMON~1\System\OLEDB~1\oledb32.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\mstask.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\mstask.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\mstask.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\wuaucpl.cpl
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\twext.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\twext.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\shmedia.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\shmedia.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\shmedia.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\shmedia.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\shmedia.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\shmedia.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Feb 25 19:44:13 2007 => *** File C:\WINDOWS\system32\ieframe.dll having Size Restriction ***. Filesize 5912 kb > 3072 kb...
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\ieframe.dll [**]
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Feb 25 19:44:13 2007 => *** File C:\WINDOWS\system32\ieframe.dll having Size Restriction ***. Filesize 5912 kb > 3072 kb...
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system32\ieframe.dll [**]
Sun Feb 25 19:44:13 2007 => Scanning File C:\WINDOWS\system3

#10 tberger

tberger
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:08:18 AM

Posted 26 February 2007 - 12:10 AM

Part 5:

Sun Feb 25 19:56:00 2007 => ***** Scanning System32 Folders *****
Sun Feb 25 19:56:00 2007 => Scanning C:\WINDOWS Directory
Sun Feb 25 19:56:00 2007 => Scanning Folder: C:\WINDOWS\*.*
Sun Feb 25 19:56:00 2007 => Scanning File C:\WINDOWS\ADE.DLL
Sun Feb 25 19:56:00 2007 => Scanning File C:\WINDOWS\Ade001.bin
Sun Feb 25 19:56:00 2007 => Scanning File C:\WINDOWS\agrsmdel.exe
Sun Feb 25 19:56:00 2007 => Scanning File C:\WINDOWS\ALCMTR.EXE
Sun Feb 25 19:56:00 2007 => Scanning File C:\WINDOWS\ALCWZRD.EXE
Sun Feb 25 19:56:01 2007 => Scanning File C:\WINDOWS\armcex.dll
Sun Feb 25 19:56:01 2007 => Scanning File C:\WINDOWS\arpower.dll
Sun Feb 25 19:56:01 2007 => Scanning File C:\WINDOWS\arpwrmsg.exe
Sun Feb 25 19:56:01 2007 => Scanning File C:\WINDOWS\arservice.exe
Sun Feb 25 19:56:01 2007 => Scanning File C:\WINDOWS\ARTGALRY.CAG [**]
Sun Feb 25 19:56:01 2007 => Scanning File C:\WINDOWS\bdoscandel.exe
Sun Feb 25 19:56:01 2007 => Scanning File C:\WINDOWS\bdoscandellang.ini [**]
Sun Feb 25 19:56:01 2007 => Scanning File C:\WINDOWS\Blue Lace 16.bmp [**]
Sun Feb 25 19:56:01 2007 => Scanning File C:\WINDOWS\bootstat.dat [**]
Sun Feb 25 19:56:01 2007 => Scanning File C:\WINDOWS\cdplayer.ini [**]
Sun Feb 25 19:56:01 2007 => Scanning File C:\WINDOWS\clock.avi [**]
Sun Feb 25 19:56:01 2007 => Scanning File C:\WINDOWS\Coffee Bean.bmp [**]
Sun Feb 25 19:56:01 2007 => Scanning File C:\WINDOWS\control.ini [**]
Sun Feb 25 19:56:01 2007 => Scanning File C:\WINDOWS\DEBUGSM.INI [**]
Sun Feb 25 19:56:01 2007 => Scanning File C:\WINDOWS\desktop.ini [**]
Sun Feb 25 19:56:01 2007 => Scanning File C:\WINDOWS\EPSON 1250 Installer.ini [**]
Sun Feb 25 19:56:01 2007 => Scanning File C:\WINDOWS\exchng.ini [**]
Sun Feb 25 19:56:01 2007 => Scanning File C:\WINDOWS\explorer.exe
Sun Feb 25 19:56:01 2007 => Scanning File C:\WINDOWS\explorer.scf [**]
Sun Feb 25 19:56:01 2007 => Scanning File C:\WINDOWS\Faxcpp.ini [**]
Sun Feb 25 19:56:01 2007 => Scanning File C:\WINDOWS\Faxcpp1.ini [**]
Sun Feb 25 19:56:01 2007 => Scanning File C:\WINDOWS\FeatherTexture.bmp [**]
Sun Feb 25 19:56:01 2007 => Scanning File C:\WINDOWS\Film Factory.scr
Sun Feb 25 19:56:01 2007 => Scanning File C:\WINDOWS\Gone Fishing.bmp [**]
Sun Feb 25 19:56:01 2007 => Scanning File C:\WINDOWS\Greenstone.bmp [**]
Sun Feb 25 19:56:01 2007 => Scanning File C:\WINDOWS\hh.exe
Sun Feb 25 19:56:01 2007 => Scanning File C:\WINDOWS\HPCPCUninstaller-6.3.2.116-9972322.exe
Sun Feb 25 19:56:01 2007 => Scanning File C:\WINDOWS\hpfsched.exe
Sun Feb 25 19:56:01 2007 => Scanning File C:\WINDOWS\hpfsched.ini [**]
Sun Feb 25 19:56:01 2007 => Scanning File C:\WINDOWS\HPHins08.dat [**]
Sun Feb 25 19:56:01 2007 => Scanning File C:\WINDOWS\hphmdl08.dat [**]
Sun Feb 25 19:56:01 2007 => Scanning File C:\WINDOWS\hphmdl11.dat [**]
Sun Feb 25 19:56:01 2007 => Scanning File C:\WINDOWS\hpiins01.dat [**]
Sun Feb 25 19:56:01 2007 => Scanning File C:\WINDOWS\hpimdl01.dat [**]
Sun Feb 25 19:56:01 2007 => Scanning File C:\WINDOWS\hpoins07.dat [**]
Sun Feb 25 19:56:01 2007 => Scanning File C:\WINDOWS\hpoins08.dat [**]
Sun Feb 25 19:56:01 2007 => Scanning File C:\WINDOWS\hpomdl07.dat [**]
Sun Feb 25 19:56:01 2007 => Scanning File C:\WINDOWS\hpomdl08.dat [**]
Sun Feb 25 19:56:01 2007 => Scanning File C:\WINDOWS\hpqins69.dat [**]
Sun Feb 25 19:56:01 2007 => Scanning File C:\WINDOWS\HP_48BitScanUpdatePatch.ini [**]
Sun Feb 25 19:56:01 2007 => Scanning File C:\WINDOWS\HP_Administrator.acl [**]
Sun Feb 25 19:56:01 2007 => Scanning File C:\WINDOWS\HP_Administrator.pcb [**]
Sun Feb 25 19:56:01 2007 => Scanning File C:\WINDOWS\HP_CounterReport_Update_HPSU.ini [**]
Sun Feb 25 19:56:01 2007 => Scanning File C:\WINDOWS\hsc.ico [**]
Sun Feb 25 19:56:01 2007 => Scanning File C:\WINDOWS\imsins.BAK [**]
Sun Feb 25 19:56:01 2007 => Scanning File C:\WINDOWS\IsUninst.exe
Sun Feb 25 19:56:01 2007 => Scanning File C:\WINDOWS\Jakob.acl [**]
Sun Feb 25 19:56:01 2007 => Scanning File C:\WINDOWS\JDLightning.chm [**]
Sun Feb 25 19:56:01 2007 => Scanning File C:\WINDOWS\kb913800.exe
Sun Feb 25 19:56:01 2007 => Scanning File C:\WINDOWS\Lic.xxx [**]
Sun Feb 25 19:56:01 2007 => Scanning File C:\WINDOWS\LxrJDLApp.exe
Sun Feb 25 19:56:02 2007 => Scanning File C:\WINDOWS\LxrSGe11e.dll
Sun Feb 25 19:56:02 2007 => Scanning File C:\WINDOWS\LxrSgeEnc.ico [**]
Sun Feb 25 19:56:02 2007 => Scanning File C:\WINDOWS\mdm.ini [**]
Sun Feb 25 19:56:02 2007 => Scanning File C:\WINDOWS\MicCal.exe
Sun Feb 25 19:56:02 2007 => Scanning File C:\WINDOWS\ModemLog_Agere Systems PCI-SV92PP Soft Modem.txt [**]
Sun Feb 25 19:56:02 2007 => Scanning File C:\WINDOWS\mozver.dat [**]
Sun Feb 25 19:56:02 2007 => Scanning File C:\WINDOWS\msdfmap.ini [**]
Sun Feb 25 19:56:02 2007 => Scanning File C:\WINDOWS\MSO97.ACL [**]
Sun Feb 25 19:56:02 2007 => Scanning File C:\WINDOWS\NOTEPAD.EXE
Sun Feb 25 19:56:02 2007 => Scanning File C:\WINDOWS\nsreg.dat [**]
Sun Feb 25 19:56:02 2007 => Scanning File C:\WINDOWS\NSSetDefaultBrowser.EXE
Sun Feb 25 19:56:02 2007 => Scanning File C:\WINDOWS\NSSetDefaultBrowser.ini [**]
Sun Feb 25 19:56:02 2007 => Scanning File C:\WINDOWS\ntbtlog.txt [**]
Sun Feb 25 19:56:02 2007 => Scanning File C:\WINDOWS\ODBC.INI [**]
Sun Feb 25 19:56:02 2007 => Scanning File C:\WINDOWS\ODBCINST.INI [**]
Sun Feb 25 19:56:02 2007 => Scanning File C:\WINDOWS\OEWABLog.txt [**]
Sun Feb 25 19:56:02 2007 => Scanning File C:\WINDOWS\orun32.ini [**]
Sun Feb 25 19:56:02 2007 => Scanning File C:\WINDOWS\orun32.isu [**]
Sun Feb 25 19:56:02 2007 => Scanning File C:\WINDOWS\OUTLOOK.PRF [**]
Sun Feb 25 19:56:02 2007 => Scanning File C:\WINDOWS\photoimpression.ini [**]
Sun Feb 25 19:56:02 2007 => Scanning File C:\WINDOWS\Prairie Wind.bmp [**]
Sun Feb 25 19:56:02 2007 => Scanning File C:\WINDOWS\QTFont.for
Sun Feb 25 19:56:02 2007 => Scanning File C:\WINDOWS\QTFont.qfn [**]
Sun Feb 25 19:56:02 2007 => Scanning File C:\WINDOWS\QUICKEN.INI [**]
Sun Feb 25 19:56:02 2007 => Scanning File C:\WINDOWS\R.COM
Sun Feb 25 19:56:02 2007 => Scanning File C:\WINDOWS\r007 [**]
Sun Feb 25 19:56:02 2007 => *** File C:\WINDOWS\REGBK00.ZIP having Size Restriction ***. Filesize 6347 kb > 3072 kb...
Sun Feb 25 19:56:02 2007 => Scanning File C:\WINDOWS\REGBK00.ZIP [**]
Sun Feb 25 19:56:02 2007 => Scanning File C:\WINDOWS\REGEDIT.COM
Sun Feb 25 19:56:02 2007 => Scanning File C:\WINDOWS\regedit.exe
Sun Feb 25 19:56:02 2007 => Scanning File C:\WINDOWS\REGLOCS.OLD [**]
Sun Feb 25 19:56:02 2007 => Scanning File C:\WINDOWS\Rhododendron.bmp [**]
Sun Feb 25 19:56:02 2007 => Scanning File C:\WINDOWS\River Sumida.bmp [**]
Sun Feb 25 19:56:02 2007 => *** File C:\WINDOWS\RTHDCPL.EXE having Size Restriction ***. Filesize 15635 kb > 3072 kb...
Sun Feb 25 19:56:02 2007 => Scanning File C:\WINDOWS\RTHDCPL.EXE [**]
Sun Feb 25 19:56:02 2007 => *** File C:\WINDOWS\RTLCPL.EXE having Size Restriction ***. Filesize 9485 kb > 3072 kb...
Sun Feb 25 19:56:02 2007 => Scanning File C:\WINDOWS\RTLCPL.EXE [**]
Sun Feb 25 19:56:02 2007 => Scanning File C:\WINDOWS\RtlUpd.exe
Sun Feb 25 19:56:02 2007 => Scanning File C:\WINDOWS\Santa Fe Stucco.bmp [**]
Sun Feb 25 19:56:02 2007 => Scanning File C:\WINDOWS\SchedLgU.Txt [**]
Sun Feb 25 19:56:02 2007 => Scanning File C:\WINDOWS\setupapi.log.0.old [**]
Sun Feb 25 19:56:02 2007 => Scanning File C:\WINDOWS\setuplog.txt [**]
Sun Feb 25 19:56:02 2007 => Scanning File C:\WINDOWS\SIGVERIF.TXT [**]
Sun Feb 25 19:56:02 2007 => Scanning File C:\WINDOWS\SlantAdj.dll
Sun Feb 25 19:56:02 2007 => Scanning File C:\WINDOWS\smscfg.ini [**]
Sun Feb 25 19:56:02 2007 => Scanning File C:\WINDOWS\Soap Bubbles.bmp [**]
Sun Feb 25 19:56:02 2007 => Scanning File C:\WINDOWS\SOUNDMAN.EXE
Sun Feb 25 19:56:03 2007 => Scanning File C:\WINDOWS\Sti_Trace.log [**]
Sun Feb 25 19:56:03 2007 => Scanning File C:\WINDOWS\system.ini [**]
Sun Feb 25 19:56:03 2007 => Scanning File C:\WINDOWS\TASKMAN.EXE
Sun Feb 25 19:56:03 2007 => Scanning File C:\WINDOWS\twain.dll
Sun Feb 25 19:56:03 2007 => Scanning File C:\WINDOWS\twain_32.dll
Sun Feb 25 19:56:03 2007 => Scanning File C:\WINDOWS\Twunk_16.dll
Sun Feb 25 19:56:03 2007 => Scanning File C:\WINDOWS\twunk_16.exe
Sun Feb 25 19:56:03 2007 => Scanning File C:\WINDOWS\Twunk_32.dll
Sun Feb 25 19:56:03 2007 => Scanning File C:\WINDOWS\twunk_32.exe
Sun Feb 25 19:56:03 2007 => Scanning File C:\WINDOWS\uninst.exe
Sun Feb 25 19:56:03 2007 => Scanning File C:\WINDOWS\UPGRADE.TXT [**]
Sun Feb 25 19:56:03 2007 => Scanning File C:\WINDOWS\vb.ini [**]
Sun Feb 25 19:56:03 2007 => Scanning File C:\WINDOWS\vbaddin.ini [**]
Sun Feb 25 19:56:03 2007 => Scanning File C:\WINDOWS\vmmreg32.dll
Sun Feb 25 19:56:03 2007 => Scanning File C:\WINDOWS\wiadebug.log [**]
Sun Feb 25 19:56:03 2007 => Scanning File C:\WINDOWS\wiaservc.log [**]
Sun Feb 25 19:56:03 2007 => Scanning File C:\WINDOWS\win.ini [**]
Sun Feb 25 19:56:03 2007 => Scanning File C:\WINDOWS\WindowsShell.Manifest [**]
Sun Feb 25 19:56:03 2007 => Scanning File C:\WINDOWS\WindowsUpdate.log [**]
Sun Feb 25 19:56:03 2007 => Scanning File C:\WINDOWS\winhelp.exe
Sun Feb 25 19:56:03 2007 => Scanning File C:\WINDOWS\winhlp32.exe
Sun Feb 25 19:56:03 2007 => Scanning File C:\WINDOWS\WININIT.INI [**]
Sun Feb 25 19:56:03 2007 => Scanning File C:\WINDOWS\winnt.bmp [**]
Sun Feb 25 19:56:03 2007 => Scanning File C:\WINDOWS\winnt256.bmp [**]
Sun Feb 25 19:56:03 2007 => Scanning File C:\WINDOWS\WMSysPr9.prx [**]
Sun Feb 25 19:56:03 2007 => Scanning File C:\WINDOWS\Zapotec.bmp [**]
Sun Feb 25 19:56:03 2007 => Scanning File C:\WINDOWS\_default.pif
Sun Feb 25 19:56:03 2007 => Scanning C:\WINDOWS\system32 Directory
Sun Feb 25 19:56:03 2007 => Scanning Folder: C:\WINDOWS\system32\*.*
Sun Feb 25 19:56:03 2007 => Scanning File C:\WINDOWS\system32\$ncsp$.inf
Sun Feb 25 19:56:03 2007 => Scanning File C:\WINDOWS\system32\$winnt$.inf
Sun Feb 25 19:56:03 2007 => Scanning File C:\WINDOWS\system32\12520437.cpx [**]
Sun Feb 25 19:56:03 2007 => Scanning File C:\WINDOWS\system32\12520850.cpx [**]
Sun Feb 25 19:56:03 2007 => Scanning File C:\WINDOWS\system32\24wwxsp1.txt [**]
Sun Feb 25 19:56:03 2007 => Scanning File C:\WINDOWS\system32\6to4svc.dll
Sun Feb 25 19:56:03 2007 => Scanning File C:\WINDOWS\system32\aaaamon.dll
Sun Feb 25 19:56:03 2007 => Scanning File C:\WINDOWS\system32\accserv.mib [**]
Sun Feb 25 19:56:03 2007 => Scanning File C:\WINDOWS\system32\acctres.dll
Sun Feb 25 19:56:03 2007 => Scanning File C:\WINDOWS\system32\ACCWIZ.DLL
Sun Feb 25 19:56:03 2007 => Scanning File C:\WINDOWS\system32\acelpdec.ax
Sun Feb 25 19:56:03 2007 => Scanning File C:\WINDOWS\system32\acledit.dll
Sun Feb 25 19:56:03 2007 => Scanning File C:\WINDOWS\system32\aclui.dll
Sun Feb 25 19:56:04 2007 => Scanning File C:\WINDOWS\system32\acs.exe
Sun Feb 25 19:56:04 2007 => Scanning File C:\WINDOWS\system32\activeds.dll
Sun Feb 25 19:56:04 2007 => Scanning File C:\WINDOWS\system32\activeds.tlb
Sun Feb 25 19:56:04 2007 => Scanning File C:\WINDOWS\system32\actmovie.exe
Sun Feb 25 19:56:04 2007 => Scanning File C:\WINDOWS\system32\actxprxy.dll
Sun Feb 25 19:56:04 2007 => Scanning File C:\WINDOWS\system32\admparse.dll
Sun Feb 25 19:56:04 2007 => Scanning File C:\WINDOWS\system32\adptif.dll
Sun Feb 25 19:56:04 2007 => Scanning File C:\WINDOWS\system32\adsldp.dll
Sun Feb 25 19:56:04 2007 => Scanning File C:\WINDOWS\system32\adsldpc.dll
Sun Feb 25 19:56:04 2007 => Scanning File C:\WINDOWS\system32\adsmsext.dll
Sun Feb 25 19:56:04 2007 => Scanning File C:\WINDOWS\system32\adsnds.dll
Sun Feb 25 19:56:04 2007 => Scanning File C:\WINDOWS\system32\adsnt.dll
Sun Feb 25 19:56:04 2007 => Scanning File C:\WINDOWS\system32\adsnw.dll
Sun Feb 25 19:56:04 2007 => Scanning File C:\WINDOWS\system32\advapi32.dll
Sun Feb 25 19:56:04 2007 => Scanning File C:\WINDOWS\system32\advpack.dll
Sun Feb 25 19:56:04 2007 => Scanning File C:\WINDOWS\system32\advpack.dll.mui
Sun Feb 25 19:56:04 2007 => Scanning File C:\WINDOWS\system32\AegisE2.dll
Sun Feb 25 19:56:04 2007 => Scanning File C:\WINDOWS\system32\AegisE4.dll
Sun Feb 25 19:56:04 2007 => Scanning File C:\WINDOWS\system32\AegisE5.dll
Sun Feb 25 19:56:04 2007 => Scanning File C:\WINDOWS\system32\AegisI2.exe
Sun Feb 25 19:56:04 2007 => Scanning File C:\WINDOWS\system32\AegisI5.exe
Sun Feb 25 19:56:04 2007 => Scanning File C:\WINDOWS\system32\ahui.exe
Sun Feb 25 19:56:04 2007 => Scanning File C:\WINDOWS\system32\alg.exe
Sun Feb 25 19:56:04 2007 => Scanning File C:\WINDOWS\system32\alrsvc.dll
Sun Feb 25 19:56:04 2007 => Scanning File C:\WINDOWS\system32\ALSNDMGR.CPL
Sun Feb 25 19:56:04 2007 => Scanning File C:\WINDOWS\system32\amcompat.tlb
Sun Feb 25 19:56:04 2007 => Scanning File C:\WINDOWS\system32\amstream.dll
Sun Feb 25 19:56:05 2007 => Scanning File C:\WINDOWS\system32\ansi.sys
Sun Feb 25 19:56:05 2007 => Scanning File C:\WINDOWS\system32\apcups.dll
Sun Feb 25 19:56:05 2007 => Scanning File C:\WINDOWS\system32\append.exe
Sun Feb 25 19:56:05 2007 => Scanning File C:\WINDOWS\system32\apphelp.dll
Sun Feb 25 19:56:05 2007 => Scanning File C:\WINDOWS\system32\appmgmts.dll
Sun Feb 25 19:56:05 2007 => Scanning File C:\WINDOWS\system32\appmgr.dll
Sun Feb 25 19:56:05 2007 => Scanning File C:\WINDOWS\system32\appwiz.cpl
Sun Feb 25 19:56:05 2007 => Scanning File C:\WINDOWS\system32\APPXEC32.DLL
Sun Feb 25 19:56:05 2007 => Scanning File C:\WINDOWS\system32\arccsel.dat [**]
Sun Feb 25 19:56:05 2007 => Scanning File C:\WINDOWS\system32\arp.exe
Sun Feb 25 19:56:05 2007 => Scanning File C:\WINDOWS\system32\asctrls.ocx
Sun Feb 25 19:56:05 2007 => Scanning File C:\WINDOWS\system32\asferror.dll
Sun Feb 25 19:56:05 2007 => Scanning File C:\WINDOWS\system32\asfiles.txt [**]
Sun Feb 25 19:56:05 2007 => Scanning File C:\WINDOWS\system32\asinst.cfg [**]
Sun Feb 25 19:56:05 2007 => Scanning File C:\WINDOWS\system32\asr_fmt.exe
Sun Feb 25 19:56:05 2007 => Scanning File C:\WINDOWS\system32\asr_ldm.exe
Sun Feb 25 19:56:05 2007 => Scanning File C:\WINDOWS\system32\asr_pfu.exe
Sun Feb 25 19:56:05 2007 => Scanning File C:\WINDOWS\system32\asuninst.exe
Sun Feb 25 19:56:05 2007 => Scanning File C:\WINDOWS\system32\asycfilt.dll
Sun Feb 25 19:56:05 2007 => Scanning File C:\WINDOWS\system32\at.exe
Sun Feb 25 19:56:05 2007 => Scanning File C:\WINDOWS\system32\athcfg11.dll
Sun Feb 25 19:56:05 2007 => Scanning File C:\WINDOWS\system32\atkctrs.dll
Sun Feb 25 19:56:05 2007 => Scanning File C:\WINDOWS\system32\atl.dll
Sun Feb 25 19:56:05 2007 => Scanning File C:\WINDOWS\system32\atl71.dll
Sun Feb 25 19:56:05 2007 => Scanning File C:\WINDOWS\system32\atmadm.exe
Sun Feb 25 19:56:05 2007 => Scanning File C:\WINDOWS\system32\atmfd.dll
Sun Feb 25 19:56:05 2007 => Scanning File C:\WINDOWS\system32\atmlib.dll
Sun Feb 25 19:56:05 2007 => Scanning File C:\WINDOWS\system32\atmpvcno.dll
Sun Feb 25 19:56:05 2007 => Scanning File C:\WINDOWS\system32\atrace.dll
Sun Feb 25 19:56:05 2007 => Scanning File C:\WINDOWS\system32\attrib.exe
Sun Feb 25 19:56:06 2007 => Scanning File C:\WINDOWS\system32\audiodev.dll
Sun Feb 25 19:56:06 2007 => Scanning File C:\WINDOWS\system32\audiosrv.dll
Sun Feb 25 19:56:06 2007 => Scanning File C:\WINDOWS\system32\auditusr.exe
Sun Feb 25 19:56:06 2007 => Scanning File C:\WINDOWS\system32\authcrypt.dll
Sun Feb 25 19:56:06 2007 => Scanning File C:\WINDOWS\system32\authserv.mib [**]
Sun Feb 25 19:56:06 2007 => Scanning File C:\WINDOWS\system32\authz.dll
Sun Feb 25 19:56:06 2007 => Scanning File C:\WINDOWS\system32\autochk.exe
Sun Feb 25 19:56:06 2007 => Scanning File C:\WINDOWS\system32\autoconv.exe
Sun Feb 25 19:56:06 2007 => Scanning File C:\WINDOWS\system32\autodisc.dll
Sun Feb 25 19:56:06 2007 => Scanning File C:\WINDOWS\system32\AUTOEXEC.NT [**]
Sun Feb 25 19:56:06 2007 => Scanning File C:\WINDOWS\system32\autofmt.exe
Sun Feb 25 19:56:06 2007 => Scanning File C:\WINDOWS\system32\autolfn.exe
Sun Feb 25 19:56:06 2007 => Scanning File C:\WINDOWS\system32\avicap.dll
Sun Feb 25 19:56:06 2007 => Scanning File C:\WINDOWS\system32\avicap32.dll
Sun Feb 25 19:56:06 2007 => Scanning File C:\WINDOWS\system32\avifil32.dll
Sun Feb 25 19:56:06 2007 => Scanning File C:\WINDOWS\system32\avifile.dll
Sun Feb 25 19:56:06 2007 => Scanning File C:\WINDOWS\system32\avldr.dll
Sun Feb 25 19:56:06 2007 => Scanning File C:\WINDOWS\system32\avmontr.dll
Sun Feb 25 19:56:06 2007 => Scanning File C:\WINDOWS\system32\basesrv.dll
Sun Feb 25 19:56:06 2007 => Scanning File C:\WINDOWS\system32\batmeter.dll
Sun Feb 25 19:56:06 2007 => Scanning File C:\WINDOWS\system32\batt.dll
Sun Feb 25 19:56:06 2007 => Scanning File C:\WINDOWS\system32\bcbmm.dll
Sun Feb 25 19:56:06 2007 => Scanning File C:\WINDOWS\system32\bcbsmp50.bpl
Sun Feb 25 19:56:06 2007 => Scanning File C:\WINDOWS\system32\bdco1.dll
Sun Feb 25 19:56:06 2007 => Scanning File C:\WINDOWS\system32\bdco1ins.dll
Sun Feb 25 19:56:06 2007 => Scanning File C:\WINDOWS\system32\bfc42.dll
Sun Feb 25 19:56:07 2007 => Scanning File C:\WINDOWS\system32\bfc42d.dll
Sun Feb 25 19:56:07 2007 => Scanning File C:\WINDOWS\system32\bidispl.dll
Sun Feb 25 19:56:07 2007 => Scanning File C:\WINDOWS\system32\bios1.rom [**]
Sun Feb 25 19:56:07 2007 => Scanning File C:\WINDOWS\system32\bios4.rom [**]
Sun Feb 25 19:56:07 2007 => Scanning File C:\WINDOWS\system32\bitsprx2.dll
Sun Feb 25 19:56:07 2007 => Scanning File C:\WINDOWS\system32\bitsprx3.dll
Sun Feb 25 19:56:07 2007 => Scanning File C:\WINDOWS\system32\blackbox.dll
Sun Feb 25 19:56:07 2007 => Scanning File C:\WINDOWS\system32\blastcln.exe
Sun Feb 25 19:56:07 2007 => Scanning File C:\WINDOWS\system32\bootcfg.exe
Sun Feb 25 19:56:07 2007 => Scanning File C:\WINDOWS\system32\bootok.exe
Sun Feb 25 19:56:07 2007 => Scanning File C:\WINDOWS\system32\bootvid.dll
Sun Feb 25 19:56:07 2007 => Scanning File C:\WINDOWS\system32\bootvrfy.exe
Sun Feb 25 19:56:07 2007 => Scanning File C:\WINDOWS\system32\bopomofo.uce [**]
Sun Feb 25 19:56:07 2007 => Scanning File C:\WINDOWS\system32\borlndmm.dll
Sun Feb 25 19:56:07 2007 => Scanning File C:\WINDOWS\system32\browselc.dll
Sun Feb 25 19:56:07 2007 => Scanning File C:\WINDOWS\system32\browser.dll
Sun Feb 25 19:56:07 2007 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Feb 25 19:56:07 2007 => Scanning File C:\WINDOWS\system32\browsewm.dll
Sun Feb 25 19:56:07 2007 => Scanning File C:\WINDOWS\system32\bthci.dll
Sun Feb 25 19:56:07 2007 => Scanning File C:\WINDOWS\system32\bthprops.cpl
Sun Feb 25 19:56:07 2007 => Scanning File C:\WINDOWS\system32\bthserv.dll
Sun Feb 25 19:56:07 2007 => Scanning File C:\WINDOWS\system32\btpanui.dll
Sun Feb 25 19:56:07 2007 => Scanning File C:\WINDOWS\system32\cabinet.dll
Sun Feb 25 19:56:07 2007 => Scanning File C:\WINDOWS\system32\cabview.dll
Sun Feb 25 19:56:07 2007 => Scanning File C:\WINDOWS\system32\cacls.exe
Sun Feb 25 19:56:07 2007 => Scanning File C:\WINDOWS\system32\calc.exe
Sun Feb 25 19:56:08 2007 => Scanning File C:\WINDOWS\system32\camocx.dll
Sun Feb 25 19:56:08 2007 => Scanning File C:\WINDOWS\system32\capesnpn.dll
Sun Feb 25 19:56:08 2007 => Scanning File C:\WINDOWS\system32\capicom.dll
Sun Feb 25 19:56:08 2007 => Scanning File C:\WINDOWS\system32\cards.dll
Sun Feb 25 19:56:08 2007 => Scanning File C:\WINDOWS\system32\catsrv.dll
Sun Feb 25 19:56:08 2007 => Scanning File C:\WINDOWS\system32\catsrvps.dll
Sun Feb 25 19:56:08 2007 => Scanning File C:\WINDOWS\system32\catsrvut.dll
Sun Feb 25 19:56:08 2007 => Scanning File C:\WINDOWS\system32\cc3250.dll
Sun Feb 25 19:56:08 2007 => Scanning File C:\WINDOWS\system32\cc3250mt.dll
Sun Feb 25 19:56:08 2007 => Scanning File C:\WINDOWS\system32\ccfgnt.dll
Sun Feb 25 19:56:08 2007 => Scanning File C:\WINDOWS\system32\cdfview.dll
Sun Feb 25 19:56:08 2007 => Scanning File C:\WINDOWS\system32\cdintf250.dll
Sun Feb 25 19:56:08 2007 => Scanning File C:\WINDOWS\system32\cdm.dll
Sun Feb 25 19:56:08 2007 => Scanning File C:\WINDOWS\system32\cdmodem.dll
Sun Feb 25 19:56:09 2007 => Scanning File C:\WINDOWS\system32\cdosys.dll
Sun Feb 25 19:56:09 2007 => Scanning File C:\WINDOWS\system32\cdplayer.exe.manifest [**]
Sun Feb 25 19:56:09 2007 => Scanning File C:\WINDOWS\system32\certcli.dll
Sun Feb 25 19:56:09 2007 => Scanning File C:\WINDOWS\system32\certmgr.dll
Sun Feb 25 19:56:09 2007 => Scanning File C:\WINDOWS\system32\certmgr.msc
Sun Feb 25 19:56:09 2007 => Scanning File C:\WINDOWS\system32\cewmdm.dll
Sun Feb 25 19:56:09 2007 => Scanning File C:\WINDOWS\system32\cfgbkend.dll
Sun Feb 25 19:56:09 2007 => Scanning File C:\WINDOWS\system32\cfgmgr32.dll
Sun Feb 25 19:56:09 2007 => Scanning File C:\WINDOWS\system32\charmap.exe
Sun Feb 25 19:56:09 2007 => Scanning File C:\WINDOWS\system32\chcp.com
Sun Feb 25 19:56:09 2007 => Scanning File C:\WINDOWS\system32\chkdsk.exe
Sun Feb 25 19:56:09 2007 => Scanning File C:\WINDOWS\system32\chkntfs.exe
Sun Feb 25 19:56:09 2007 => Scanning File C:\WINDOWS\system32\CHODDI.SYS
Sun Feb 25 19:56:09 2007 => Scanning File C:\WINDOWS\system32\ciadmin.dll
Sun Feb 25 19:56:09 2007 => Scanning File C:\WINDOWS\system32\ciadv.msc
Sun Feb 25 19:56:09 2007 => Scanning File C:\WINDOWS\system32\cic.dll
Sun Feb 25 19:56:09 2007 => Scanning File C:\WINDOWS\system32\cidaemon.exe
Sun Feb 25 19:56:09 2007 => Scanning File C:\WINDOWS\system32\ciodm.dll
Sun Feb 25 19:56:09 2007 => Scanning File C:\WINDOWS\system32\cipher.exe
Sun Feb 25 19:56:09 2007 => Scanning File C:\WINDOWS\system32\cisvc.exe
Sun Feb 25 19:56:09 2007 => Scanning File C:\WINDOWS\system32\ckcnv.exe
Sun Feb 25 19:56:09 2007 => Scanning File C:\WINDOWS\system32\clb.dll
Sun Feb 25 19:56:09 2007 => Scanning File C:\WINDOWS\system32\clbcatex.dll
Sun Feb 25 19:56:09 2007 => Scanning File C:\WINDOWS\system32\clbcatq.dll
Sun Feb 25 19:56:09 2007 => Scanning File C:\WINDOWS\system32\cleanmgr.exe
Sun Feb 25 19:56:09 2007 => Scanning File C:\WINDOWS\system32\cliconf.chm [**]
Sun Feb 25 19:56:09 2007 => Scanning File C:\WINDOWS\system32\cliconfg.dll
Sun Feb 25 19:56:09 2007 => Scanning File C:\WINDOWS\system32\cliconfg.exe
Sun Feb 25 19:56:09 2007 => Scanning File C:\WINDOWS\system32\cliconfg.rll
Sun Feb 25 19:56:09 2007 => Scanning File C:\WINDOWS\system32\clipbrd.exe
Sun Feb 25 19:56:10 2007 => Scanning File C:\WINDOWS\system32\clipsrv.exe
Sun Feb 25 19:56:10 2007 => Scanning File C:\WINDOWS\system32\clusapi.dll
Sun Feb 25 19:56:10 2007 => Scanning File C:\WINDOWS\system32\CMC.DLL
Sun Feb 25 19:56:10 2007 => Scanning File C:\WINDOWS\system32\cmcfg32.dll
Sun Feb 25 19:56:10 2007 => Scanning File C:\WINDOWS\system32\cmd.exe
Sun Feb 25 19:56:10 2007 => Scanning File C:\WINDOWS\system32\cmdial32.dll
Sun Feb 25 19:56:10 2007 => Scanning File C:\WINDOWS\system32\cmdl32.exe
Sun Feb 25 19:56:10 2007 => Scanning File C:\WINDOWS\system32\cmdlib.wsc
Sun Feb 25 19:56:10 2007 => Scanning File C:\WINDOWS\system32\cmmgr32.hlp [**]
Sun Feb 25 19:56:10 2007 => Scanning File C:\WINDOWS\system32\cmmon32.exe
Sun Feb 25 19:56:10 2007 => Scanning File C:\WINDOWS\system32\cmos.ram [**]
Sun Feb 25 19:56:10 2007 => Scanning File C:\WINDOWS\system32\cmpbk32.dll
Sun Feb 25 19:56:10 2007 => Scanning File C:\WINDOWS\system32\cmprops.dll
Sun Feb 25 19:56:10 2007 => Scanning File C:\WINDOWS\system32\cmsetACL.dll
Sun Feb 25 19:56:10 2007 => Scanning File C:\WINDOWS\system32\cmstp.exe
Sun Feb 25 19:56:10 2007 => Scanning File C:\WINDOWS\system32\cmutil.dll
Sun Feb 25 19:56:10 2007 => Scanning File C:\WINDOWS\system32\cnbjmon.dll
Sun Feb 25 19:56:10 2007 => Scanning File C:\WINDOWS\system32\cnetcfg.dll
Sun Feb 25 19:56:10 2007 => Scanning File C:\WINDOWS\system32\CNFNOT32.EXE
Sun Feb 25 19:56:10 2007 => Scanning File C:\WINDOWS\system32\cnvfat.dll
Sun Feb 25 19:56:10 2007 => Scanning File C:\WINDOWS\system32\colbact.dll
Sun Feb 25 19:56:10 2007 => Scanning File C:\WINDOWS\system32\comaddin.dll
Sun Feb 25 19:56:10 2007 => Scanning File C:\WINDOWS\system32\comcat.dll
Sun Feb 25 19:56:10 2007 => Scanning File C:\WINDOWS\system32\comctl32.dll
Sun Feb 25 19:56:10 2007 => Scanning File C:\WINDOWS\system32\comctl32.ocx
Sun Feb 25 19:56:10 2007 => Scanning File C:\WINDOWS\system32\comdlg32.dll
Sun Feb 25 19:56:10 2007 => Scanning File C:\WINDOWS\system32\COMDLG32.OCX
Sun Feb 25 19:56:10 2007 => Scanning File C:\WINDOWS\system32\comm.drv
Sun Feb 25 19:56:10 2007 => Scanning File C:\WINDOWS\system32\command.com
Sun Feb 25 19:56:11 2007 => Scanning File C:\WINDOWS\system32\commdlg.dll
Sun Feb 25 19:56:11 2007 => Scanning File C:\WINDOWS\system32\COMMTB32.DLL
Sun Feb 25 19:56:11 2007 => Scanning File C:\WINDOWS\system32\COMMTB32.HLP [**]
Sun Feb 25 19:56:11 2007 => Scanning File C:\WINDOWS\system32\comp.exe
Sun Feb 25 19:56:11 2007 => Scanning File C:\WINDOWS\system32\compact.exe
Sun Feb 25 19:56:11 2007 => Scanning File C:\WINDOWS\system32\compatUI.dll
Sun Feb 25 19:56:11 2007 => Scanning File C:\WINDOWS\system32\compmgmt.msc
Sun Feb 25 19:56:11 2007 => Scanning File C:\WINDOWS\system32\compobj.dll
Sun Feb 25 19:56:11 2007 => Scanning File C:\WINDOWS\system32\compstui.dll
Sun Feb 25 19:56:11 2007 => Scanning File C:\WINDOWS\system32\comrepl.dll
Sun Feb 25 19:56:11 2007 => Scanning File C:\WINDOWS\system32\comres.dll
Sun Feb 25 19:56:11 2007 => Scanning File C:\WINDOWS\system32\comsnap.dll
Sun Feb 25 19:56:11 2007 => Scanning File C:\WINDOWS\system32\comsvcs.dll
Sun Feb 25 19:56:11 2007 => Scanning File C:\WINDOWS\system32\comuid.dll
Sun Feb 25 19:56:11 2007 => Scanning File C:\WINDOWS\system32\CONFIG.NT [**]
Sun Feb 25 19:56:11 2007 => Scanning File C:\WINDOWS\system32\CONFIG.TMP
Sun Feb 25 19:56:11 2007 => Scanning File C:\WINDOWS\system32\confmsp.dll
Sun Feb 25 19:56:11 2007 => Scanning File C:\WINDOWS\system32\conime.exe
Sun Feb 25 19:56:11 2007 => Scanning File C:\WINDOWS\system32\console.dll
Sun Feb 25 19:56:11 2007 => Scanning File C:\WINDOWS\system32\CONTAB32.DLL
Sun Feb 25 19:56:11 2007 => Scanning File C:\WINDOWS\system32\control.exe
Sun Feb 25 19:56:11 2007 => Scanning File C:\WINDOWS\system32\CONVDSN.EXE
Sun Feb 25 19:56:11 2007 => Scanning File C:\WINDOWS\system32\convert.exe
Sun Feb 25 19:56:11 2007 => Scanning File C:\WINDOWS\system32\corpol.dll
Sun Feb 25 19:56:11 2007 => Scanning File C:\WINDOWS\system32\country.sys
Sun Feb 25 19:56:11 2007 => Scanning File C:\WINDOWS\system32\cPC_DMIRD.dll
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\credui.dll
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\crtdll.dll
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\crypt32.dll
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\cryptdlg.dll
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\cryptdll.dll
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\cryptext.dll
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\cryptnet.dll
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\cryptsvc.dll
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\cryptui.dll
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\cscdll.dll
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\cscript.exe
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\cscui.dll
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\csrsrv.dll
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\csrss.exe
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\csseqchk.dll
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\ctButton.ocx
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\ctfmon.exe
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\ctl3d32.dll
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\ctl3dv2.dll
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\ctTray.ocx
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\ctype.nls [**]
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\c_037.nls [**]
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\c_10000.nls [**]
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\c_10006.nls [**]
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\c_10007.nls [**]
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\c_10010.nls [**]
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\c_10017.nls [**]
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\c_10029.nls [**]
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\c_10079.nls [**]
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\c_10081.nls [**]
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\c_10082.nls [**]
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\c_1026.nls [**]
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\c_1250.nls [**]
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\c_1251.nls [**]
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\c_1252.nls [**]
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\c_1253.nls [**]
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\c_1254.nls [**]
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\c_1255.nls [**]
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\c_1256.nls [**]
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\c_1257.nls [**]
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\c_1258.nls [**]
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\c_20127.nls [**]
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\c_20261.nls [**]
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\c_20866.nls [**]
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\c_20905.nls [**]
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\c_21866.nls [**]
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\c_28591.nls [**]
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\c_28592.nls [**]
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\c_28593.nls [**]
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\C_28594.NLS [**]
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\C_28595.NLS [**]
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\C_28597.NLS [**]
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\c_28598.nls [**]
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\c_28599.nls [**]
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\c_28603.nls [**]
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\c_28605.nls [**]
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\c_437.nls [**]
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\c_500.nls [**]
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\c_737.nls [**]
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\c_775.nls [**]
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\c_850.nls [**]
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\c_852.nls [**]
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\c_855.nls [**]
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\c_857.nls [**]
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\c_860.nls [**]
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\c_861.nls [**]
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\c_863.nls [**]
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\c_865.nls [**]
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\c_866.nls [**]
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\c_869.nls [**]
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\c_874.nls [**]
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\c_875.nls [**]
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\c_932.nls [**]
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\c_936.nls [**]
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\c_949.nls [**]
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\c_950.nls [**]
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\d3d8.dll
Sun Feb 25 19:56:12 2007 => Scanning File C:\WINDOWS\system32\d3d8thk.dll
Sun Feb 25 19:56:13 2007 => Scanning File C:\WINDOWS\system32\d3d9.dll
Sun Feb 25 19:56:13 2007 => Scanning File C:\WINDOWS\system32\d3dim.dll
Sun Feb 25 19:56:13 2007 => Scanning File C:\WINDOWS\system32\d3dim700.dll
Sun Feb 25 19:56:13 2007 => Scanning File C:\WINDOWS\system32\d3dpmesh.dll
Sun Feb 25 19:56:13 2007 => Scanning File C:\WINDOWS\system32\d3dramp.dll
Sun Feb 25 19:56:13 2007 => Scanning File C:\WINDOWS\system32\d3drm.dll
Sun Feb 25 19:56:13 2007 => Scanning File C:\WINDOWS\system32\d3dxof.dll
Sun Feb 25 19:56:13 2007 => Scanning File C:\WINDOWS\system32\danim.dll
Sun Feb 25 19:56:13 2007 => Scanning File C:\WINDOWS\system32\DartSock.dll
Sun Feb 25 19:56:13 2007 => Scanning File C:\WINDOWS\system32\dataclen.dll
Sun Feb 25 19:56:13 2007 => Scanning File C:\WINDOWS\system32\datime.dll
Sun Feb 25 19:56:13 2007 => Scanning File C:\WINDOWS\system32\davclnt.dll
Sun Feb 25 19:56:13 2007 => Scanning File C:\WINDOWS\system32\daxctle.ocx
Sun Feb 25 19:56:13 2007 => Scanning File C:\WINDOWS\system32\dbgeng.dll
Sun Feb 25 19:56:13 2007 => Scanning File C:\WINDOWS\system32\dbghelp.dll
Sun Feb 25 19:56:13 2007 => Scanning File C:\WINDOWS\system32\dbmsrpcn.dll
Sun Feb 25 19:56:13 2007 => Scanning File C:\WINDOWS\system32\dbnetlib.dll
Sun Feb 25 19:56:13 2007 => Scanning File C:\WINDOWS\system32\dbnmpntw.dll
Sun Feb 25 19:56:13 2007 => Scanning File C:\WINDOWS\system32\Dcache.bin
Sun Feb 25 19:56:13 2007 => Scanning File C:\WINDOWS\system32\dciman32.dll
Sun Feb 25 19:56:14 2007 => Scanning File C:\WINDOWS\system32\dcomcnfg.exe
Sun Feb 25 19:56:14 2007 => Scanning File C:\WINDOWS\system32\ddeml.dll
Sun Feb 25 19:56:14 2007 => Scanning File C:\WINDOWS\system32\ddeshare.exe
Sun Feb 25 19:56:14 2007 => Scanning File C:\WINDOWS\system32\ddraw.dll
Sun Feb 25 19:56:14 2007 => Scanning File C:\WINDOWS\system32\ddrawex.dll
Sun Feb 25 19:56:14 2007 => Scanning File C:\WINDOWS\system32\debug.exe
Sun Feb 25 19:56:14 2007 => Scanning File C:\WINDOWS\system32\defrag.exe
Sun Feb 25 19:56:14 2007 => Scanning File C:\WINDOWS\system32\delphimm.dll
Sun Feb 25 19:56:14 2007 => Scanning File C:\WINDOWS\system32\desk.cpl
Sun Feb 25 19:56:14 2007 => Scanning File C:\WINDOWS\system32\deskadp.dll
Sun Feb 25 19:56:14 2007 => Scanning File C:\WINDOWS\system32\deskmon.dll
Sun Feb 25 19:56:14 2007 => Scanning File C:\WINDOWS\system32\deskperf.dll
Sun Feb 25 19:56:14 2007 => Scanning File C:\WINDOWS\system32\desktop.ini [**]
Sun Feb 25 19:56:14 2007 => Scanning File C:\WINDOWS\system32\devenum.dll
Sun Feb 25 19:56:14 2007 => Scanning File C:\WINDOWS\system32\devmgmt.msc
Sun Feb 25 19:56:14 2007 => Scanning File C:\WINDOWS\system32\devmgr.dll
Sun Feb 25 19:56:14 2007 => Scanning File C:\WINDOWS\system32\dfrg.msc
Sun Feb 25 19:56:14 2007 => Scanning File C:\WINDOWS\system32\dfrgfat.exe
Sun Feb 25 19:56:14 2007 => Scanning File C:\WINDOWS\system32\dfrgntfs.exe
Sun Feb 25 19:56:14 2007 => Scanning File C:\WINDOWS\system32\dfrgres.dll
Sun Feb 25 19:56:14 2007 => Scanning File C:\WINDOWS\system32\dfrgsnap.dll
Sun Feb 25 19:56:14 2007 => Scanning File C:\WINDOWS\system32\dfrgui.dll
Sun Feb 25 19:56:14 2007 => Scanning File C:\WINDOWS\system32\dfsshlex.dll
Sun Feb 25 19:56:14 2007 => Scanning File C:\WINDOWS\system32\dgnet.dll
Sun Feb 25 19:56:14 2007 => Scanning File C:\WINDOWS\system32\dgrpsetu.dll
Sun Feb 25 19:56:14 2007 => Scanning File C:\WINDOWS\system32\dgsetup.dll
Sun Feb 25 19:56:14 2007 => Scanning File C:\WINDOWS\system32\dhcp.mib [**]
Sun Feb 25 19:56:14 2007 => Scanning File C:\WINDOWS\system32\dhcpcsvc.dll
Sun Feb 25 19:56:14 2007 => Scanning File C:\WINDOWS\system32\dhcpmon.dll
Sun Feb 25 19:56:14 2007 => Scanning File C:\WINDOWS\system32\dhcpsapi.dll
Sun Feb 25 19:56:14 2007 => Scanning File C:\WINDOWS\system32\diactfrm.dll
Sun Feb 25 19:56:15 2007 => Scanning File C:\WINDOWS\system32\diantz.exe
Sun Feb 25 19:56:15 2007 => Scanning File C:\WINDOWS\system32\digest.dll
Sun Feb 25 19:56:15 2007 => Scanning File C:\WINDOWS\system32\dimap.dll
Sun Feb 25 19:56:15 2007 => Scanning File C:\WINDOWS\system32\dinput.dll
Sun Feb 25 19:56:15 2007 => Scanning File C:\WINDOWS\system32\dinput8.dll
Sun Feb 25 19:56:15 2007 => Scanning File C:\WINDOWS\system32\diskcomp.com
Sun Feb 25 19:56:15 2007 => Scanning File C:\WINDOWS\system32\diskcopy.com
Sun Feb 25 19:56:15 2007 => Scanning File C:\WINDOWS\system32\diskcopy.dll
Sun Feb 25 19:56:15 2007 => Scanning File C:\WINDOWS\system32\diskmgmt.msc
Sun Feb 25 19:56:15 2007 => Scanning File C:\WINDOWS\system32\diskpart.exe
Sun Feb 25 19:56:15 2007 => Scanning File C:\WINDOWS\system32\diskperf.exe
Sun Feb 25 19:56:15 2007 => Scanning File C:\WINDOWS\system32\dispex.dll
Sun Feb 25 19:56:15 2007 => Scanning File C:\WINDOWS\system32\dllhost.exe
Sun Feb 25 19:56:15 2007 => Scanning File C:\WINDOWS\system32\dllhst3g.exe
Sun Feb 25 19:56:15 2007 => Scanning File C:\WINDOWS\system32\dmadmin.exe
Sun Feb 25 19:56:15 2007 => Scanning File C:\WINDOWS\system32\dmband.dll
Sun Feb 25 19:56:15 2007 => Scanning File C:\WINDOWS\system32\dmcompos.dll
Sun Feb 25 19:56:15 2007 => Scanning File C:\WINDOWS\system32\dmconfig.dll
Sun Feb 25 19:56:15 2007 => Scanning File C:\WINDOWS\system32\dmdlgs.dll
Sun Feb 25 19:56:15 2007 => Scanning File C:\WINDOWS\system32\dmdskmgr.dll
Sun Feb 25 19:56:15 2007 => Scanning File C:\WINDOWS\system32\dmdskres.dll
Sun Feb 25 19:56:15 2007 => Scanning File C:\WINDOWS\system32\dmime.dll
Sun Feb 25 19:56:15 2007 => Scanning File C:\WINDOWS\system32\dmintf.dll
Sun Feb 25 19:56:15 2007 => Scanning File C:\WINDOWS\system32\dmloader.dll
Sun Feb 25 19:56:15 2007 => Scanning File C:\WINDOWS\system32\dmocx.dll
Sun Feb 25 19:56:15 2007 => Scanning File C:\WINDOWS\system32\dmremote.exe
Sun Feb 25 19:56:15 2007 => Scanning File C:\WINDOWS\system32\dmscript.dll
Sun Feb 25 19:56:15 2007 => Scanning File C:\WINDOWS\system32\dmserver.dll
Sun Feb 25 19:56:15 2007 => Scanning File C:\WINDOWS\system32\dmstyle.dll
Sun Feb 25 19:56:15 2007 => Scanning File C:\WINDOWS\system32\dmsynth.dll
Sun Feb 25 19:56:16 2007 => Scanning File C:\WINDOWS\system32\dmusic.dll
Sun Feb 25 19:56:16 2007 => Scanning File C:\WINDOWS\system32\dmutil.dll
Sun Feb 25 19:56:16 2007 => Scanning File C:\WINDOWS\system32\dmview.ocx
Sun Feb 25 19:56:16 2007 => Scanning File C:\WINDOWS\system32\dnsapi.dll
Sun Feb 25 19:56:16 2007 => Scanning File C:\WINDOWS\system32\dnsrslvr.dll
Sun Feb 25 19:56:16 2007 => Scanning File C:\WINDOWS\system32\doc.ico [**]
Sun Feb 25 19:56:16 2007 => Scanning File C:\WINDOWS\system32\DOCOBJ.DLL
Sun Feb 25 19:56:16 2007 => Scanning File C:\WINDOWS\system32\docprop.dll
Sun Feb 25 19:56:16 2007 => Scanning File C:\WINDOWS\system32\docprop2.dll
Sun Feb 25 19:56:16 2007 => Scanning File C:\WINDOWS\system32\doskey.exe
Sun Feb 25 19:56:16 2007 => Scanning File C:\WINDOWS\system32\dosx.exe
Sun Feb 25 19:56:16 2007 => Scanning File C:\WINDOWS\system32\dpcdll.dll
Sun Feb 25 19:56:16 2007 => Scanning File C:\WINDOWS\system32\dplay.dll
Sun Feb 25 19:56:16 2007 => Scanning File C:\WINDOWS\system32\dplaysvr.exe
Sun Feb 25 19:56:16 2007 => Scanning File C:\WINDOWS\system32\dplayx.dll
Sun Feb 25 19:56:16 2007 => Scanning File C:\WINDOWS\system32\dpmodemx.dll
Sun Feb 25 19:56:16 2007 => Scanning File C:\WINDOWS\system32\dpnaddr.dll
Sun Feb 25 19:56:16 2007 => Scanning File C:\WINDOWS\system32\dpnet.dll
Sun Feb 25 19:56:16 2007 => Scanning File C:\WINDOWS\system32\dpnhpast.dll
Sun Feb 25 19:56:16 2007 => Scanning File C:\WINDOWS\system32\dpnhupnp.dll
Sun Feb 25 19:56:16 2007 => Scanning File C:\WINDOWS\system32\dpnlobby.dll
Sun Feb 25 19:56:16 2007 => Scanning File C:\WINDOWS\system32\dpnmodem.dll
Sun Feb 25 19:56:16 2007 => Scanning File C:\WINDOWS\system32\dpnsvr.exe
Sun Feb 25 19:56:16 2007 => Scanning File C:\WINDOWS\system32\dpnwsock.dll
Sun Feb 25 19:56:16 2007 => Scanning File C:\WINDOWS\system32\dpserial.dll
Sun Feb 25 19:56:16 2007 => Scanning File C:\WINDOWS\system32\dpvacm.dll
Sun Feb 25 19:56:16 2007 => Scanning File C:\WINDOWS\system32\dpvoice.dll
Sun Feb 25 19:56:16 2007 => Scanning File C:\WINDOWS\system32\dpvsetup.exe
Sun Feb 25 19:56:16 2007 => Scanning File C:\WINDOWS\system32\dpvvox.dll
Sun Feb 25 19:56:16 2007 => Scanning File C:\WINDOWS\system32\dpwsock.dll
Sun Feb 25 19:56:17 2007 => Scanning File C:\WINDOWS\system32\dpwsockx.dll
Sun Feb 25 19:56:17 2007 => Scanning File C:\WINDOWS\system32\driverquery.exe
Sun Feb 25 19:56:17 2007 => Scanning File C:\WINDOWS\system32\drmclien.dll
Sun Feb 25 19:56:17 2007 => Scanning File C:\WINDOWS\system32\drmstor.dll
Sun Feb 25 19:56:17 2007 => Scanning File C:\WINDOWS\system32\drmupgds.exe
Sun Feb 25 19:56:17 2007 => Scanning File C:\WINDOWS\system32\drmv2clt.dll
Sun Feb 25 19:56:17 2007 => Scanning File C:\WINDOWS\system32\drprov.dll
Sun Feb 25 19:56:17 2007 => Scanning File C:\WINDOWS\system32\DRVSSRVR.HLP [**]
Sun Feb 25 19:56:17 2007 => Scanning File C:\WINDOWS\system32\drwatson.exe
Sun Feb 25 19:56:17 2007 => Scanning File C:\WINDOWS\system32\drwtsn32.exe
Sun Feb 25 19:56:17 2007 => Scanning File C:\WINDOWS\system32\ds16gt.dLL
Sun Feb 25 19:56:17 2007 => Scanning File C:\WINDOWS\system32\ds32gt.dll
Sun Feb 25 19:56:17 2007 => Scanning File C:\WINDOWS\system32\dsauth.dll
Sun Feb 25 19:56:17 2007 => Scanning File C:\WINDOWS\system32\dsdmo.dll
Sun Feb 25 19:56:17 2007 => Scanning File C:\WINDOWS\system32\dsdmoprp.dll
Sun Feb 25 19:56:17 2007 => Scanning File C:\WINDOWS\system32\dskquota.dll
Sun Feb 25 19:56:17 2007 => Scanning File C:\WINDOWS\system32\dskquoui.dll
Sun Feb 25 19:56:17 2007 => Scanning File C:\WINDOWS\system32\dsound.dll
Sun Feb 25 19:56:17 2007 => Scanning File C:\WINDOWS\system32\dsound.vxd
Sun Feb 25 19:56:17 2007 => Scanning File C:\WINDOWS\system32\dsound3d.dll
Sun Feb 25 19:56:17 2007 => Scanning File C:\WINDOWS\system32\dsprop.dll
Sun Feb 25 19:56:17 2007 => Scanning File C:\WINDOWS\system32\dsprpres.dll
Sun Feb 25 19:56:17 2007 => Scanning File C:\WINDOWS\system32\dsquery.dll
Sun Feb 25 19:56:17 2007 => Scanning File C:\WINDOWS\system32\dssec.dat [**]
Sun Feb 25 19:56:17 2007 => Scanning File C:\WINDOWS\system32\dssec.dll
Sun Feb 25 19:56:17 2007 => Scanning File C:\WINDOWS\system32\dssenh.dll
Sun Feb 25 19:56:17 2007 => Scanning File C:\WINDOWS\system32\dsuiext.dll
Sun Feb 25 19:56:17 2007 => Scanning File C:\WINDOWS\system32\dswave.dll
Sun Feb 25 19:56:17 2007 => Scanning File C:\WINDOWS\system32\DTSToolTip.ocx
Sun Feb 25 19:56:17 2007 => Scanning File C:\WINDOWS\system32\dumphive.exe
Sun Feb 25 19:56:17 2007 => Scanning File C:\WINDOWS\system32\dumprep.exe
Sun Feb 25 19:56:17 2007 => Scanning File C:\WINDOWS\system32\duser.dll
Sun Feb 25 19:56:17 2007 => Scanning File C:\WINDOWS\system32\dvdplay.exe
Sun Feb 25 19:56:17 2007 => Scanning File C:\WINDOWS\system32\dvdupgrd.exe
Sun Feb 25 19:56:17 2007 => Scanning File C:\WINDOWS\system32\dwBkThrd.dll
Sun Feb 25 19:56:18 2007 => Scanning File C:\WINDOWS\system32\dwNTServ.tlb
Sun Feb 25 19:56:18 2007 => Scanning File C:\WINDOWS\system32\DWSBC32.ocx
Sun Feb 25 19:56:18 2007 => Scanning File C:\WINDOWS\system32\DWSBC36.ocx
Sun Feb 25 19:56:18 2007 => Scanning File C:\WINDOWS\system32\dwSock6.dll
Sun Feb 25 19:56:18 2007 => Scanning File C:\WINDOWS\system32\dwspy32.dll
Sun Feb 25 19:56:18 2007 => Scanning File C:\WINDOWS\system32\DWSPY36.dll
Sun Feb 25 19:56:18 2007 => Scanning File C:\WINDOWS\system32\dwspyvb6.dll
Sun Feb 25 19:56:18 2007 => Scanning File C:\WINDOWS\system32\dwwin.exe
Sun Feb 25 19:56:18 2007 => Scanning File C:\WINDOWS\system32\dx7vb.dll
Sun Feb 25 19:56:18 2007 => Scanning File C:\WINDOWS\system32\dx8vb.dll
Sun Feb 25 19:56:18 2007 => Scanning File C:\WINDOWS\system32\dxdiag.exe
Sun Feb 25 19:56:18 2007 => Scanning File C:\WINDOWS\system32\dxdiagn.dll
Sun Feb 25 19:56:18 2007 => Scanning File C:\WINDOWS\system32\dxmasf.dll
Sun Feb 25 19:56:18 2007 => Scanning File C:\WINDOWS\system32\dxtmsft.dll
Sun Feb 25 19:56:18 2007 => Scanning File C:\WINDOWS\system32\dxtrans.dll
Sun Feb 25 19:56:19 2007 => Scanning File C:\WINDOWS\system32\edit.com
Sun Feb 25 19:56:19 2007 => Scanning File C:\WINDOWS\system32\edit.hlp [**]
Sun Feb 25 19:56:19 2007 => Scanning File C:\WINDOWS\system32\edlin.exe
Sun Feb 25 19:56:19 2007 => Scanning File C:\WINDOWS\system32\efsadu.dll
Sun Feb 25 19:56:19 2007 => Scanning File C:\WINDOWS\system32\ega.cpi [**]
Sun Feb 25 19:56:19 2007 => Scanning File C:\WINDOWS\system32\els.dll
Sun Feb 25 19:56:19 2007 => Scanning File C:\WINDOWS\system32\emptyregdb.dat [**]
Sun Feb 25 19:56:19 2007 => Scanning File C:\WINDOWS\system32\EMSABP32.DLL
Sun Feb 25 19:56:19 2007 => Scanning File C:\WINDOWS\system32\EMSMDB32.DLL
Sun Feb 25 19:56:19 2007 => Scanning File C:\WINDOWS\system32\EMSUI32.DLL
Sun Feb 25 19:56:19 2007 => Scanning File C:\WINDOWS\system32\EMSUIX32.DLL
Sun Feb 25 19:56:19 2007 => Scanning File C:\WINDOWS\system32\encapi.dll
Sun Feb 25 19:56:19 2007 => Scanning File C:\WINDOWS\system32\encdec.dll
Sun Feb 25 19:56:19 2007 => Scanning File C:\WINDOWS\system32\epcomdd.dll
Sun Feb 25 19:56:19 2007 => Scanning File C:\WINDOWS\system32\epDPE.ini [**]
Sun Feb 25 19:56:19 2007 => Scanning File C:\WINDOWS\system32\Epfb5cpl.dll
Sun Feb 25 19:56:19 2007 => Scanning File C:\WINDOWS\system32\EqnClass.Dll
Sun Feb 25 19:56:19 2007 => Scanning File C:\WINDOWS\system32\ersvc.dll
Sun Feb 25 19:56:19 2007 => Scanning File C:\WINDOWS\system32\es.dll
Sun Feb 25 19:56:19 2007 => Scanning File C:\WINDOWS\system32\esccm.dll
Sun Feb 25 19:56:19 2007 => Scanning File C:\WINDOWS\system32\esccmd.dll
Sun Feb 25 19:56:19 2007 => Scanning File C:\WINDOWS\system32\esccmn.dll
Sun Feb 25 19:56:19 2007 => Scanning File C:\WINDOWS\system32\escimg.dll
Sun Feb 25 19:56:19 2007 => Scanning File C:\WINDOWS\system32\escimgd.dll
Sun Feb 25 19:56:20 2007 => Scanning File C:\WINDOWS\system32\escimgn.dll
Sun Feb 25 19:56:20 2007 => Scanning File C:\WINDOWS\system32\escwiab.dll
Sun Feb 25 19:56:20 2007 => Scanning File C:\WINDOWS\system32\escwiad.dll
Sun Feb 25 19:56:20 2007 => Scanning File C:\WINDOWS\system32\escwian.dll
Sun Feb 25 19:56:20 2007 => Scanning File C:\WINDOWS\system32\ESDTR.dll
Sun Feb 25 19:56:20 2007 => Scanning File C:\WINDOWS\system32\esent.dll
Sun Feb 25 19:56:20 2007 => Scanning File C:\WINDOWS\system32\esent97.dll
Sun Feb 25 19:56:20 2007 => Scanning File C:\WINDOWS\system32\esentprf.dll
Sun Feb 25 19:56:20 2007 => Scanning File C:\WINDOWS\system32\esentprf.hxx [**]
Sun Feb 25 19:56:20 2007 => Scanning File C:\WINDOWS\system32\esentprf.ini [**]
Sun Feb 25 19:56:20 2007 => Scanning File C:\WINDOWS\system32\esentutl.exe
Sun Feb 25 19:56:20 2007 => Scanning File C:\WINDOWS\system32\ESICM.dll
Sun Feb 25 19:56:20 2007 => Scanning File C:\WINDOWS\system32\Esintpl.dll
Sun Feb 25 19:56:20 2007 => Scanning File C:\WINDOWS\system32\ETEXCH32.DLL
Sun Feb 25 19:56:20 2007 => Scanning File C:\WINDOWS\system32\eudcedit.exe
Sun Feb 25 19:56:20 2007 => Scanning File C:\WINDOWS\system32\eula.txt [**]
Sun Feb 25 19:56:20 2007 => Scanning File C:\WINDOWS\system32\eventcls.dll
Sun Feb 25 19:56:20 2007 => Scanning File C:\WINDOWS\system32\eventcreate.exe
Sun Feb 25 19:56:20 2007 => Scanning File C:\WINDOWS\system32\eventlog.dll
Sun Feb 25 19:56:20 2007 => Scanning File C:\WINDOWS\system32\eventquery.vbs
Sun Feb 25 19:56:20 2007 => Scanning File C:\WINDOWS\system32\eventtriggers.exe
Sun Feb 25 19:56:21 2007 => Scanning File C:\WINDOWS\system32\eventvwr.exe

Part 6:

Sun Feb 25 19:56:21 2007 => Scanning File C:\WINDOWS\system32\eventvwr.msc
Sun Feb 25 19:56:21 2007 => Scanning File C:\WINDOWS\system32\evntagnt.dll
Sun Feb 25 19:56:21 2007 => Scanning File C:\WINDOWS\system32\evntcmd.exe
Sun Feb 25 19:56:21 2007 => Scanning File C:\WINDOWS\system32\evntwin.exe
Sun Feb 25 19:56:21 2007 => Scanning File C:\WINDOWS\system32\ExComboBox.dll
Sun Feb 25 19:56:21 2007 => Scanning File C:\WINDOWS\system32\exe2bin.exe
Sun Feb 25 19:56:21 2007 => Scanning File C:\WINDOWS\system32\expand.exe
Sun Feb 25 19:56:21 2007 => Scanning File C:\WINDOWS\system32\expsrv.dll
Sun Feb 25 19:56:21 2007 => Scanning File C:\WINDOWS\system32\extmgr.dll
Sun Feb 25 19:56:21 2007 => Scanning File C:\WINDOWS\system32\extrac32.exe
Sun Feb 25 19:56:21 2007 => Scanning File C:\WINDOWS\system32\exts.dll
Sun Feb 25 19:56:21 2007 => Scanning File C:\WINDOWS\system32\fastopen.exe
Sun Feb 25 19:56:21 2007 => Scanning File C:\WINDOWS\system32\faultrep.dll
Sun Feb 25 19:56:21 2007 => Scanning File C:\WINDOWS\system32\fc.exe
Sun Feb 25 19:56:21 2007 => Scanning File C:\WINDOWS\system32\fdco1.dll
Sun Feb 25 19:56:21 2007 => Scanning File C:\WINDOWS\system32\fdco1ins.dll
Sun Feb 25 19:56:21 2007 => Scanning File C:\WINDOWS\system32\fdco_l1028.dll
Sun Feb 25 19:56:21 2007 => Scanning File C:\WINDOWS\system32\fdco_l1031.dll
Sun Feb 25 19:56:21 2007 => Scanning File C:\WINDOWS\system32\fdco_l1034.dll
Sun Feb 25 19:56:21 2007 => Scanning File C:\WINDOWS\system32\fdco_l1036.dll
Sun Feb 25 19:56:21 2007 => Scanning File C:\WINDOWS\system32\fdco_l1040.dll
Sun Feb 25 19:56:21 2007 => Scanning File C:\WINDOWS\system32\fdco_l1041.dll
Sun Feb 25 19:56:22 2007 => Scanning File C:\WINDOWS\system32\fdco_l1042.dll
Sun Feb 25 19:56:22 2007 => Scanning File C:\WINDOWS\system32\fdco_l1046.dll
Sun Feb 25 19:56:22 2007 => Scanning File C:\WINDOWS\system32\fdco_l2052.dll
Sun Feb 25 19:56:22 2007 => Scanning File C:\WINDOWS\system32\fde.dll
Sun Feb 25 19:56:22 2007 => Scanning File C:\WINDOWS\system32\fdeploy.dll
Sun Feb 25 19:56:22 2007 => Scanning File C:\WINDOWS\system32\feclient.dll
Sun Feb 25 19:56:22 2007 => Scanning File C:\WINDOWS\system32\FFASTLOG.TXT [**]
Sun Feb 25 19:56:22 2007 => Scanning File C:\WINDOWS\system32\filemgmt.dll
Sun Feb 25 19:56:22 2007 => Scanning File C:\WINDOWS\system32\find.exe
Sun Feb 25 19:56:22 2007 => Scanning File C:\WINDOWS\system32\FINDFAST.CPL
Sun Feb 25 19:56:22 2007 => Scanning File C:\WINDOWS\system32\findstr.exe
Sun Feb 25 19:56:22 2007 => Scanning File C:\WINDOWS\system32\finger.exe
Sun Feb 25 19:56:22 2007 => Scanning File C:\WINDOWS\system32\firewall.cpl
Sun Feb 25 19:56:22 2007 => Scanning File C:\WINDOWS\system32\fixmapi.exe
Sun Feb 25 19:56:22 2007 => Scanning File C:\WINDOWS\system32\fldrclnr.dll
Sun Feb 25 19:56:22 2007 => Scanning File C:\WINDOWS\system32\FlexBag.dll
Sun Feb 25 19:56:22 2007 => Scanning File C:\WINDOWS\system32\fltlib.dll
Sun Feb 25 19:56:22 2007 => Scanning File C:\WINDOWS\system32\fltmc.exe
Sun Feb 25 19:56:22 2007 => Scanning File C:\WINDOWS\system32\FM20.DLL
Sun Feb 25 19:56:22 2007 => Scanning File C:\WINDOWS\system32\FM20ENU.DL

#11 tberger

tberger
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:08:18 AM

Posted 26 February 2007 - 12:13 AM

Sun Feb 25 19:57:04 2007 => *** File C:\WINDOWS\system32\oembios.bin having Size Restriction ***. Filesize 12800 kb > 3072 kb...
Sun Feb 25 19:57:04 2007 => Scanning File C:\WINDOWS\system32\oembios.bin [**]
Sun Feb 25 19:57:04 2007 => Scanning File C:\WINDOWS\system32\oembios.dat [**]
Sun Feb 25 19:57:04 2007 => Scanning File C:\WINDOWS\system32\oembios.sig [**]
Sun Feb 25 19:57:04 2007 => Scanning File C:\WINDOWS\system32\OemInfo.dll
Sun Feb 25 19:57:04 2007 => Scanning File C:\WINDOWS\system32\oeminfo.ini [**]
Sun Feb 25 19:57:04 2007 => Scanning File C:\WINDOWS\system32\oemlogo.bmp [**]
Sun Feb 25 19:57:04 2007 => Scanning File C:\WINDOWS\system32\oemres.dll
Sun Feb 25 19:57:04 2007 => Scanning File C:\WINDOWS\system32\offfilt.dll
Sun Feb 25 19:57:04 2007 => Scanning File C:\WINDOWS\system32\ole2.dll
Sun Feb 25 19:57:04 2007 => Scanning File C:\WINDOWS\system32\ole2disp.dll
Sun Feb 25 19:57:04 2007 => Scanning File C:\WINDOWS\system32\ole2nls.dll
Sun Feb 25 19:57:04 2007 => Scanning File C:\WINDOWS\system32\ole32.dll
Sun Feb 25 19:57:04 2007 => Scanning File C:\WINDOWS\system32\oleacc.dll
Sun Feb 25 19:57:04 2007 => Scanning File C:\WINDOWS\system32\oleaccrc.dll
Sun Feb 25 19:57:04 2007 => Scanning File C:\WINDOWS\system32\oleaut32.dll
Sun Feb 25 19:57:04 2007 => Scanning File C:\WINDOWS\system32\olecli.dll
Sun Feb 25 19:57:05 2007 => Scanning File C:\WINDOWS\system32\olecli32.dll
Sun Feb 25 19:57:05 2007 => Scanning File C:\WINDOWS\system32\olecnv32.dll
Sun Feb 25 19:57:05 2007 => Scanning File C:\WINDOWS\system32\oledlg.dll
Sun Feb 25 19:57:05 2007 => Scanning File C:\WINDOWS\system32\OLEMSG.DLL
Sun Feb 25 19:57:05 2007 => Scanning File C:\WINDOWS\system32\OLEMSG32.DLL
Sun Feb 25 19:57:05 2007 => Scanning File C:\WINDOWS\system32\OLEMSG32.REG
Sun Feb 25 19:57:05 2007 => Scanning File C:\WINDOWS\system32\oleprn.dll
Sun Feb 25 19:57:05 2007 => Scanning File C:\WINDOWS\system32\olepro32.dll
Sun Feb 25 19:57:05 2007 => Scanning File C:\WINDOWS\system32\olesvr.dll
Sun Feb 25 19:57:05 2007 => Scanning File C:\WINDOWS\system32\olesvr32.dll
Sun Feb 25 19:57:05 2007 => Scanning File C:\WINDOWS\system32\olethk32.dll
Sun Feb 25 19:57:05 2007 => Scanning File C:\WINDOWS\system32\omano.dll
Sun Feb 25 19:57:05 2007 => Scanning File C:\WINDOWS\system32\openfiles.exe
Sun Feb 25 19:57:05 2007 => Scanning File C:\WINDOWS\system32\opengl32.dll
Sun Feb 25 19:57:05 2007 => Scanning File C:\WINDOWS\system32\ORG10.TLB
Sun Feb 25 19:57:05 2007 => Scanning File C:\WINDOWS\system32\ORG11SVR.EXE
Sun Feb 25 19:57:05 2007 => Scanning File C:\WINDOWS\system32\ORG21.TLB
Sun Feb 25 19:57:05 2007 => Scanning File C:\WINDOWS\system32\ORG21SVR.EXE
Sun Feb 25 19:57:05 2007 => Scanning File C:\WINDOWS\system32\ORGAPI.DLL
Sun Feb 25 19:57:05 2007 => Scanning File C:\WINDOWS\system32\ORGCSW10.TLB
Sun Feb 25 19:57:05 2007 => Scanning File C:\WINDOWS\system32\osk.exe
Sun Feb 25 19:57:05 2007 => Scanning File C:\WINDOWS\system32\osuninst.dll
Sun Feb 25 19:57:05 2007 => Scanning File C:\WINDOWS\system32\osuninst.exe
Sun Feb 25 19:57:05 2007 => Scanning File C:\WINDOWS\system32\OUTLCOMM.DLL
Sun Feb 25 19:57:05 2007 => Scanning File C:\WINDOWS\system32\p2p.dll
Sun Feb 25 19:57:06 2007 => Scanning File C:\WINDOWS\system32\p2pgasvc.dll
Sun Feb 25 19:57:06 2007 => Scanning File C:\WINDOWS\system32\p2pgraph.dll
Sun Feb 25 19:57:06 2007 => Scanning File C:\WINDOWS\system32\p2pnetsh.dll
Sun Feb 25 19:57:06 2007 => Scanning File C:\WINDOWS\system32\p2psvc.dll
Sun Feb 25 19:57:06 2007 => Scanning File C:\WINDOWS\system32\packager.exe
Sun Feb 25 19:57:06 2007 => Scanning File C:\WINDOWS\system32\pagefileconfig.vbs
Sun Feb 25 19:57:06 2007 => Scanning File C:\WINDOWS\system32\panmap.dll
Sun Feb 25 19:57:06 2007 => Scanning File C:\WINDOWS\system32\paqsp.dll
Sun Feb 25 19:57:06 2007 => Scanning File C:\WINDOWS\system32\pathping.exe
Sun Feb 25 19:57:06 2007 => Scanning File C:\WINDOWS\system32\pautoenr.dll
Sun Feb 25 19:57:06 2007 => Scanning File C:\WINDOWS\system32\pavas.ico [**]
Sun Feb 25 19:57:06 2007 => Scanning File C:\WINDOWS\system32\pavipc.dll
Sun Feb 25 19:57:06 2007 => Scanning File C:\WINDOWS\system32\PavSHook.dll
Sun Feb 25 19:57:06 2007 => Scanning File C:\WINDOWS\system32\PCDLIB32.DLL
Sun Feb 25 19:57:06 2007 => Scanning File C:\WINDOWS\system32\pcl.sep [**]
Sun Feb 25 19:57:06 2007 => Scanning File C:\WINDOWS\system32\pdh.dll
Sun Feb 25 19:57:06 2007 => Scanning File C:\WINDOWS\system32\PDM.DLL
Sun Feb 25 19:57:06 2007 => Scanning File C:\WINDOWS\system32\pentnt.exe
Sun Feb 25 19:57:06 2007 => Scanning File C:\WINDOWS\system32\perfc009.dat [**]
Sun Feb 25 19:57:06 2007 => Scanning File C:\WINDOWS\system32\perfci.h [**]
Sun Feb 25 19:57:06 2007 => Scanning File C:\WINDOWS\system32\perfci.ini [**]
Sun Feb 25 19:57:06 2007 => Scanning File C:\WINDOWS\system32\perfctrs.dll
Sun Feb 25 19:57:06 2007 => Scanning File C:\WINDOWS\system32\perfd009.dat [**]
Sun Feb 25 19:57:06 2007 => Scanning File C:\WINDOWS\system32\perfdisk.dll
Sun Feb 25 19:57:06 2007 => Scanning File C:\WINDOWS\system32\perffilt.h [**]
Sun Feb 25 19:57:06 2007 => Scanning File C:\WINDOWS\system32\perffilt.ini [**]
Sun Feb 25 19:57:06 2007 => Scanning File C:\WINDOWS\system32\perfh009.dat [**]
Sun Feb 25 19:57:06 2007 => Scanning File C:\WINDOWS\system32\perfi009.dat [**]
Sun Feb 25 19:57:06 2007 => Scanning File C:\WINDOWS\system32\perfmon.exe
Sun Feb 25 19:57:06 2007 => Scanning File C:\WINDOWS\system32\perfmon.msc
Sun Feb 25 19:57:06 2007 => Scanning File C:\WINDOWS\system32\perfnet.dll
Sun Feb 25 19:57:06 2007 => Scanning File C:\WINDOWS\system32\perfnw.dll
Sun Feb 25 19:57:06 2007 => Scanning File C:\WINDOWS\system32\perfos.dll
Sun Feb 25 19:57:07 2007 => Scanning File C:\WINDOWS\system32\perfproc.dll
Sun Feb 25 19:57:07 2007 => Scanning File C:\WINDOWS\system32\PerfStringBackup.INI [**]
Sun Feb 25 19:57:07 2007 => Scanning File C:\WINDOWS\system32\perfts.dll
Sun Feb 25 19:57:07 2007 => Scanning File C:\WINDOWS\system32\perfwci.h [**]
Sun Feb 25 19:57:07 2007 => Scanning File C:\WINDOWS\system32\perfwci.ini [**]
Sun Feb 25 19:57:07 2007 => Scanning File C:\WINDOWS\system32\photowiz.dll
Sun Feb 25 19:57:07 2007 => Scanning File C:\WINDOWS\system32\PICSTORE.DLL
Sun Feb 25 19:57:07 2007 => Scanning File C:\WINDOWS\system32\pid.dll
Sun Feb 25 19:57:07 2007 => Scanning File C:\WINDOWS\system32\pidgen.dll
Sun Feb 25 19:57:07 2007 => Scanning File C:\WINDOWS\system32\pifmgr.dll
Sun Feb 25 19:57:07 2007 => Scanning File C:\WINDOWS\system32\ping.exe
Sun Feb 25 19:57:07 2007 => Scanning File C:\WINDOWS\system32\ping6.exe
Sun Feb 25 19:57:07 2007 => Scanning File C:\WINDOWS\system32\pjlmon.dll
Sun Feb 25 19:57:07 2007 => Scanning File C:\WINDOWS\system32\plustab.dll
Sun Feb 25 19:57:07 2007 => Scanning File C:\WINDOWS\system32\pmspl.dll
Sun Feb 25 19:57:07 2007 => Scanning File C:\WINDOWS\system32\pncrt.dll
Sun Feb 25 19:57:07 2007 => Scanning File C:\WINDOWS\system32\pndx5016.dll
Sun Feb 25 19:57:07 2007 => Scanning File C:\WINDOWS\system32\pndx5032.dll
Sun Feb 25 19:57:07 2007 => Scanning File C:\WINDOWS\system32\pngfilt.dll
Sun Feb 25 19:57:07 2007 => Scanning File C:\WINDOWS\system32\pnrpnsp.dll
Sun Feb 25 19:57:07 2007 => Scanning File C:\WINDOWS\system32\polstore.dll
Sun Feb 25 19:57:07 2007 => Scanning File C:\WINDOWS\system32\PortableDeviceApi.dll
Sun Feb 25 19:57:07 2007 => Scanning File C:\WINDOWS\system32\PortableDeviceClassExtension.dll
Sun Feb 25 19:57:07 2007 => Scanning File C:\WINDOWS\system32\PortableDeviceTypes.dll
Sun Feb 25 19:57:07 2007 => Scanning File C:\WINDOWS\system32\PortableDeviceWiaCompat.dll
Sun Feb 25 19:57:07 2007 => Scanning File C:\WINDOWS\system32\PortableDeviceWMDRM.dll
Sun Feb 25 19:57:07 2007 => Scanning File C:\WINDOWS\system32\powercfg.cpl
Sun Feb 25 19:57:07 2007 => Scanning File C:\WINDOWS\system32\powercfg.exe
Sun Feb 25 19:57:08 2007 => Scanning File C:\WINDOWS\system32\powrprof.dll
Sun Feb 25 19:57:08 2007 => Scanning File C:\WINDOWS\system32\prflbmsg.dll
Sun Feb 25 19:57:08 2007 => Scanning File C:\WINDOWS\system32\print.exe
Sun Feb 25 19:57:08 2007 => Scanning File C:\WINDOWS\system32\printui.dll
Sun Feb 25 19:57:08 2007 => Scanning File C:\WINDOWS\system32\prncnfg.vbs
Sun Feb 25 19:57:08 2007 => Scanning File C:\WINDOWS\system32\prndrvr.vbs
Sun Feb 25 19:57:08 2007 => Scanning File C:\WINDOWS\system32\prnjobs.vbs
Sun Feb 25 19:57:08 2007 => Scanning File C:\WINDOWS\system32\prnmngr.vbs
Sun Feb 25 19:57:08 2007 => Scanning File C:\WINDOWS\system32\prnport.vbs
Sun Feb 25 19:57:08 2007 => Scanning File C:\WINDOWS\system32\prnqctl.vbs
Sun Feb 25 19:57:08 2007 => Scanning File C:\WINDOWS\system32\Process.exe
Sun Feb 25 19:57:08 2007 => Scanning File C:\WINDOWS\system32\proctexe.ocx
Sun Feb 25 19:57:08 2007 => Scanning File C:\WINDOWS\system32\prodspec.ini [**]
Sun Feb 25 19:57:08 2007 => Scanning File C:\WINDOWS\system32\profmap.dll
Sun Feb 25 19:57:08 2007 => Scanning File C:\WINDOWS\system32\progman.exe
Sun Feb 25 19:57:08 2007 => Scanning File C:\WINDOWS\system32\proquota.exe
Sun Feb 25 19:57:08 2007 => Scanning File C:\WINDOWS\system32\proxycfg.exe
Sun Feb 25 19:57:08 2007 => Scanning File C:\WINDOWS\system32\psapi.dll
Sun Feb 25 19:57:08 2007 => Scanning File C:\WINDOWS\system32\psbase.dll
Sun Feb 25 19:57:08 2007 => Scanning File C:\WINDOWS\system32\pschdcnt.h [**]
Sun Feb 25 19:57:08 2007 => Scanning File C:\WINDOWS\system32\pschdprf.dll
Sun Feb 25 19:57:08 2007 => Scanning File C:\WINDOWS\system32\pschdprf.ini [**]
Sun Feb 25 19:57:08 2007 => Scanning File C:\WINDOWS\system32\pscript.sep [**]
Sun Feb 25 19:57:08 2007 => Scanning File C:\WINDOWS\system32\psisdecd.dll
Sun Feb 25 19:57:08 2007 => Scanning File C:\WINDOWS\system32\psisrndr.ax
Sun Feb 25 19:57:08 2007 => Scanning File C:\WINDOWS\system32\psnppagn.dll
Sun Feb 25 19:57:08 2007 => Scanning File C:\WINDOWS\system32\pstorec.dll
Sun Feb 25 19:57:08 2007 => Scanning File C:\WINDOWS\system32\pstorsvc.dll
Sun Feb 25 19:57:08 2007 => Scanning File C:\WINDOWS\system32\PUBDLG.DLL
Sun Feb 25 19:57:08 2007 => Scanning File C:\WINDOWS\system32\PUBOLE32.DLL
Sun Feb 25 19:57:09 2007 => Scanning File C:\WINDOWS\system32\pubprn.vbs
Sun Feb 25 19:57:09 2007 => Scanning File C:\WINDOWS\system32\Px.dll
Sun Feb 25 19:57:09 2007 => Scanning File C:\WINDOWS\system32\px.ini [**]
Sun Feb 25 19:57:09 2007 => Scanning File C:\WINDOWS\system32\pxcpya64.exe
Sun Feb 25 19:57:09 2007 => Scanning File C:\WINDOWS\system32\pxdrv.dll
Sun Feb 25 19:57:09 2007 => Scanning File C:\WINDOWS\system32\pxhpinst.exe
Sun Feb 25 19:57:09 2007 => Scanning File C:\WINDOWS\system32\pxinsa64.exe
Sun Feb 25 19:57:09 2007 => Scanning File C:\WINDOWS\system32\PxMas.dll
Sun Feb 25 19:57:09 2007 => Scanning File C:\WINDOWS\system32\PxSFS.DLL
Sun Feb 25 19:57:09 2007 => Scanning File C:\WINDOWS\system32\PxWave.dll
Sun Feb 25 19:57:09 2007 => Scanning File C:\WINDOWS\system32\pxwma.dll
Sun Feb 25 19:57:09 2007 => Scanning File C:\WINDOWS\system32\python22.dll
Sun Feb 25 19:57:09 2007 => Scanning File C:\WINDOWS\system32\pythoncom22.dll
Sun Feb 25 19:57:09 2007 => Scanning File C:\WINDOWS\system32\pywintypes22.dll
Sun Feb 25 19:57:09 2007 => Scanning File C:\WINDOWS\system32\qappsrv.exe
Sun Feb 25 19:57:09 2007 => Scanning File C:\WINDOWS\system32\qasf.dll
Sun Feb 25 19:57:09 2007 => Scanning File C:\WINDOWS\system32\qcap.dll
Sun Feb 25 19:57:09 2007 => Scanning File C:\WINDOWS\system32\qdv.dll
Sun Feb 25 19:57:09 2007 => Scanning File C:\WINDOWS\system32\qdvd.dll
Sun Feb 25 19:57:09 2007 => Scanning File C:\WINDOWS\system32\qedit.dll
Sun Feb 25 19:57:09 2007 => Scanning File C:\WINDOWS\system32\qedwipes.dll
Sun Feb 25 19:57:09 2007 => Scanning File C:\WINDOWS\system32\qmgr.dll
Sun Feb 25 19:57:09 2007 => Scanning File C:\WINDOWS\system32\qmgrprxy.dll
Sun Feb 25 19:57:09 2007 => Scanning File C:\WINDOWS\system32\qosname.dll
Sun Feb 25 19:57:09 2007 => Scanning File C:\WINDOWS\system32\qprocess.exe
Sun Feb 25 19:57:09 2007 => Scanning File C:\WINDOWS\system32\qrpt50.bpl
Sun Feb 25 19:57:10 2007 => Scanning File C:\WINDOWS\system32\quartz.dll
Sun Feb 25 19:57:10 2007 => Scanning File C:\WINDOWS\system32\query.dll
Sun Feb 25 19:57:10 2007 => Scanning File C:\WINDOWS\system32\QuickTime.qts
Sun Feb 25 19:57:10 2007 => Scanning File C:\WINDOWS\system32\QuickTimeVR.qtx
Sun Feb 25 19:57:10 2007 => Scanning File C:\WINDOWS\system32\qwinsta.exe
Sun Feb 25 19:57:10 2007 => Scanning File C:\WINDOWS\system32\racpldlg.dll
Sun Feb 25 19:57:10 2007 => Scanning File C:\WINDOWS\system32\rasadhlp.dll
Sun Feb 25 19:57:10 2007 => Scanning File C:\WINDOWS\system32\rasapi32.dll
Sun Feb 25 19:57:10 2007 => Scanning File C:\WINDOWS\system32\rasauto.dll
Sun Feb 25 19:57:10 2007 => Scanning File C:\WINDOWS\system32\rasautou.exe
Sun Feb 25 19:57:10 2007 => Scanning File C:\WINDOWS\system32\raschap.dll
Sun Feb 25 19:57:10 2007 => Scanning File C:\WINDOWS\system32\rasctrnm.h [**]
Sun Feb 25 19:57:10 2007 => Scanning File C:\WINDOWS\system32\rasctrs.dll
Sun Feb 25 19:57:10 2007 => Scanning File C:\WINDOWS\system32\rasctrs.ini [**]
Sun Feb 25 19:57:10 2007 => Scanning File C:\WINDOWS\system32\rasdial.exe
Sun Feb 25 19:57:10 2007 => Scanning File C:\WINDOWS\system32\rasdlg.dll
Sun Feb 25 19:57:10 2007 => Scanning File C:\WINDOWS\system32\rasman.dll
Sun Feb 25 19:57:10 2007 => Scanning File C:\WINDOWS\system32\rasmans.dll
Sun Feb 25 19:57:10 2007 => Scanning File C:\WINDOWS\system32\rasmontr.dll
Sun Feb 25 19:57:11 2007 => Scanning File C:\WINDOWS\system32\rasmxs.dll
Sun Feb 25 19:57:11 2007 => Scanning File C:\WINDOWS\system32\rasphone.exe
Sun Feb 25 19:57:11 2007 => Scanning File C:\WINDOWS\system32\rasppp.dll
Sun Feb 25 19:57:11 2007 => Scanning File C:\WINDOWS\system32\rasrad.dll
Sun Feb 25 19:57:11 2007 => Scanning File C:\WINDOWS\system32\rassapi.dll
Sun Feb 25 19:57:11 2007 => Scanning File C:\WINDOWS\system32\rasser.dll
Sun Feb 25 19:57:11 2007 => Scanning File C:\WINDOWS\system32\rastapi.dll
Sun Feb 25 19:57:11 2007 => Scanning File C:\WINDOWS\system32\rastls.dll
Sun Feb 25 19:57:11 2007 => Scanning File C:\WINDOWS\system32\rcbdyctl.dll
Sun Feb 25 19:57:11 2007 => Scanning File C:\WINDOWS\system32\rcimlby.exe
Sun Feb 25 19:57:11 2007 => Scanning File C:\WINDOWS\system32\rcp.exe
Sun Feb 25 19:57:11 2007 => Scanning File C:\WINDOWS\system32\RDBios32.dll
Sun Feb 25 19:57:11 2007 => Scanning File C:\WINDOWS\system32\rdchost.dll
Sun Feb 25 19:57:11 2007 => Scanning File C:\WINDOWS\system32\RDOCURS.DLL
Sun Feb 25 19:57:11 2007 => Scanning File C:\WINDOWS\system32\rdpcfgex.dll
Sun Feb 25 19:57:11 2007 => Scanning File C:\WINDOWS\system32\rdpclip.exe
Sun Feb 25 19:57:11 2007 => Scanning File C:\WINDOWS\system32\rdpdd.dll
Sun Feb 25 19:57:11 2007 => Scanning File C:\WINDOWS\system32\rdpsnd.dll
Sun Feb 25 19:57:11 2007 => Scanning File C:\WINDOWS\system32\rdpwsx.dll
Sun Feb 25 19:57:11 2007 => Scanning File C:\WINDOWS\system32\rdsaddin.exe
Sun Feb 25 19:57:11 2007 => Scanning File C:\WINDOWS\system32\rdshost.exe
Sun Feb 25 19:57:11 2007 => Scanning File C:\WINDOWS\system32\RECNCL.DLL
Sun Feb 25 19:57:11 2007 => Scanning File C:\WINDOWS\system32\recover.exe
Sun Feb 25 19:57:11 2007 => Scanning File C:\WINDOWS\system32\redir.exe
Sun Feb 25 19:57:11 2007 => Scanning File C:\WINDOWS\system32\REFEDIT.DLL
Sun Feb 25 19:57:12 2007 => Scanning File C:\WINDOWS\system32\reg.exe
Sun Feb 25 19:57:12 2007 => Scanning File C:\WINDOWS\system32\regapi.dll
Sun Feb 25 19:57:12 2007 => Scanning File C:\WINDOWS\system32\regedt32.exe
Sun Feb 25 19:57:12 2007 => Scanning File C:\WINDOWS\system32\regini.exe
Sun Feb 25 19:57:12 2007 => Scanning File C:\WINDOWS\system32\regsvc.dll
Sun Feb 25 19:57:12 2007 => Scanning File C:\WINDOWS\system32\regsvr32.exe
Sun Feb 25 19:57:12 2007 => Scanning File C:\WINDOWS\system32\regwiz.exe
Sun Feb 25 19:57:12 2007 => Scanning File C:\WINDOWS\system32\regwizc.dll
Sun Feb 25 19:57:12 2007 => Scanning File C:\WINDOWS\system32\relog.exe
Sun Feb 25 19:57:12 2007 => Scanning File C:\WINDOWS\system32\remotepg.dll
Sun Feb 25 19:57:12 2007 => Scanning File C:\WINDOWS\system32\remotesp.tsp
Sun Feb 25 19:57:12 2007 => Scanning File C:\WINDOWS\system32\rend.dll
Sun Feb 25 19:57:12 2007 => Scanning File C:\WINDOWS\system32\replace.exe
Sun Feb 25 19:57:12 2007 => Scanning File C:\WINDOWS\system32\reset.exe
Sun Feb 25 19:57:12 2007 => Scanning File C:\WINDOWS\system32\results.txt [**]
Sun Feb 25 19:57:12 2007 => Scanning File C:\WINDOWS\system32\resutils.dll
Sun Feb 25 19:57:12 2007 => Scanning File C:\WINDOWS\system32\rexec.exe
Sun Feb 25 19:57:12 2007 => Scanning File C:\WINDOWS\system32\riched20.dll
Sun Feb 25 19:57:12 2007 => Scanning File C:\WINDOWS\system32\riched32.dll
Sun Feb 25 19:57:12 2007 => Scanning File C:\WINDOWS\system32\richtx32.ocx
Sun Feb 25 19:57:12 2007 => Scanning File C:\WINDOWS\system32\rmoc3260.dll
Sun Feb 25 19:57:12 2007 => Scanning File C:\WINDOWS\system32\rnr20.dll
Sun Feb 25 19:57:12 2007 => Scanning File C:\WINDOWS\system32\route.exe
Sun Feb 25 19:57:12 2007 => Scanning File C:\WINDOWS\system32\routemon.exe
Sun Feb 25 19:57:12 2007 => Scanning File C:\WINDOWS\system32\routetab.dll
Sun Feb 25 19:57:12 2007 => Scanning File C:\WINDOWS\system32\rpcns4.dll
Sun Feb 25 19:57:12 2007 => Scanning File C:\WINDOWS\system32\rpcrt4.dll
Sun Feb 25 19:57:12 2007 => Scanning File C:\WINDOWS\system32\rpcss.dll
Sun Feb 25 19:57:12 2007 => Scanning File C:\WINDOWS\system32\rsaci.rat [**]
Sun Feb 25 19:57:12 2007 => Scanning File C:\WINDOWS\system32\rsaenh.dll
Sun Feb 25 19:57:12 2007 => Scanning File C:\WINDOWS\system32\rsfsaps.dll
Sun Feb 25 19:57:12 2007 => Scanning File C:\WINDOWS\system32\rsh.exe
Sun Feb 25 19:57:13 2007 => Scanning File C:\WINDOWS\system32\rshx32.dll
Sun Feb 25 19:57:13 2007 => Scanning File C:\WINDOWS\system32\rsm.exe
Sun Feb 25 19:57:13 2007 => Scanning File C:\WINDOWS\system32\rsmps.dll
Sun Feb 25 19:57:13 2007 => Scanning File C:\WINDOWS\system32\rsmsink.exe
Sun Feb 25 19:57:13 2007 => Scanning File C:\WINDOWS\system32\rsmui.exe
Sun Feb 25 19:57:13 2007 => Scanning File C:\WINDOWS\system32\rsnotify.exe
Sun Feb 25 19:57:13 2007 => Scanning File C:\WINDOWS\system32\rsop.msc
Sun Feb 25 19:57:13 2007 => Scanning File C:\WINDOWS\system32\rsopprov.exe
Sun Feb 25 19:57:13 2007 => Scanning File C:\WINDOWS\system32\rsvp.exe
Sun Feb 25 19:57:13 2007 => Scanning File C:\WINDOWS\system32\rsvp.ini [**]
Sun Feb 25 19:57:13 2007 => Scanning File C:\WINDOWS\system32\rsvpcnts.h [**]
Sun Feb 25 19:57:13 2007 => Scanning File C:\WINDOWS\system32\rsvpmsg.dll
Sun Feb 25 19:57:13 2007 => Scanning File C:\WINDOWS\system32\rsvpperf.dll
Sun Feb 25 19:57:13 2007 => Scanning File C:\WINDOWS\system32\rsvpsp.dll
Sun Feb 25 19:57:13 2007 => Scanning File C:\WINDOWS\system32\rtcshare.exe
Sun Feb 25 19:57:13 2007 => Scanning File C:\WINDOWS\system32\rtipxmib.dll
Sun Feb 25 19:57:13 2007 => Scanning File C:\WINDOWS\system32\rtm.dll
Sun Feb 25 19:57:13 2007 => Scanning File C:\WINDOWS\system32\RTSndMgr.CPL
Sun Feb 25 19:57:13 2007 => Scanning File C:\WINDOWS\system32\rtutils.dll
Sun Feb 25 19:57:13 2007 => Scanning File C:\WINDOWS\system32\runas.exe
Sun Feb 25 19:57:13 2007 => Scanning File C:\WINDOWS\system32\runclose.ocx
Sun Feb 25 19:57:13 2007 => Scanning File C:\WINDOWS\system32\rundll32.exe
Sun Feb 25 19:57:13 2007 => Scanning File C:\WINDOWS\system32\runonce.exe
Sun Feb 25 19:57:13 2007 => Scanning File C:\WINDOWS\system32\rwinsta.exe
Sun Feb 25 19:57:13 2007 => Scanning File C:\WINDOWS\system32\S32EVNT1.DLL
Sun Feb 25 19:57:13 2007 => Scanning File C:\WINDOWS\system32\safrcdlg.dll
Sun Feb 25 19:57:13 2007 => Scanning File C:\WINDOWS\system32\safrdm.dll
Sun Feb 25 19:57:13 2007 => Scanning File C:\WINDOWS\system32\safrslv.dll
Sun Feb 25 19:57:13 2007 => Scanning File C:\WINDOWS\system32\samlib.dll
Sun Feb 25 19:57:13 2007 => Scanning File C:\WINDOWS\system32\samsrv.dll
Sun Feb 25 19:57:13 2007 => Scanning File C:\WINDOWS\system32\sapi.cpl.manifest [**]
Sun Feb 25 19:57:13 2007 => Scanning File C:\WINDOWS\system32\savedump.exe
Sun Feb 25 19:57:14 2007 => Scanning File C:\WINDOWS\system32\sbe.dll
Sun Feb 25 19:57:14 2007 => Scanning File C:\WINDOWS\system32\sbeio.dll
Sun Feb 25 19:57:14 2007 => Scanning File C:\WINDOWS\system32\sc.exe
Sun Feb 25 19:57:14 2007 => Scanning File C:\WINDOWS\system32\SCANPST.HLP [**]
Sun Feb 25 19:57:14 2007 => Scanning File C:\WINDOWS\system32\scarddlg.dll
Sun Feb 25 19:57:14 2007 => Scanning File C:\WINDOWS\system32\scardssp.dll
Sun Feb 25 19:57:14 2007 => Scanning File C:\WINDOWS\system32\scardsvr.exe
Sun Feb 25 19:57:14 2007 => Scanning File C:\WINDOWS\system32\sccbase.dll
Sun Feb 25 19:57:14 2007 => Scanning File C:\WINDOWS\system32\sccsccp.dll
Sun Feb 25 19:57:14 2007 => Scanning File C:\WINDOWS\system32\scecli.dll
Sun Feb 25 19:57:14 2007 => Scanning File C:\WINDOWS\system32\scesrv.dll
Sun Feb 25 19:57:14 2007 => Scanning File C:\WINDOWS\system32\schannel.dll
Sun Feb 25 19:57:14 2007 => Scanning File C:\WINDOWS\system32\schedsvc.dll
Sun Feb 25 19:57:14 2007 => Scanning File C:\WINDOWS\system32\schtasks.exe
Sun Feb 25 19:57:14 2007 => Scanning File C:\WINDOWS\system32\sclgntfy.dll
Sun Feb 25 19:57:14 2007 => Scanning File C:\WINDOWS\system32\SCP32.DLL
Sun Feb 25 19:57:14 2007 => Scanning File C:\WINDOWS\system32\scredir.dll
Sun Feb 25 19:57:14 2007 => Scanning File C:\WINDOWS\system32\SCRIPTLE.DLL
Sun Feb 25 19:57:14 2007 => Scanning File C:\WINDOWS\system32\scriptpw.dll
Sun Feb 25 19:57:14 2007 => Scanning File C:\WINDOWS\system32\scrnsave.scr
Sun Feb 25 19:57:14 2007 => Scanning File C:\WINDOWS\system32\scrobj.dll
Sun Feb 25 19:57:14 2007 => Scanning File C:\WINDOWS\system32\scrrun.dll
Sun Feb 25 19:57:14 2007 => Scanning File C:\WINDOWS\system32\sdbinst.exe
Sun Feb 25 19:57:14 2007 => Scanning File C:\WINDOWS\system32\sdhcinst.dll
Sun Feb 25 19:57:14 2007 => Scanning File C:\WINDOWS\system32\sdpblb.dll
Sun Feb 25 19:57:14 2007 => Scanning File C:\WINDOWS\system32\secedit.exe
Sun Feb 25 19:57:14 2007 => Scanning File C:\WINDOWS\system32\seclogon.dll
Sun Feb 25 19:57:14 2007 => Scanning File C:\WINDOWS\system32\secpol.msc
Sun Feb 25 19:57:15 2007 => Scanning File C:\WINDOWS\system32\secupd.dat [**]
Sun Feb 25 19:57:15 2007 => Scanning File C:\WINDOWS\system32\secupd.sig [**]
Sun Feb 25 19:57:15 2007 => Scanning File C:\WINDOWS\system32\secur32.dll
Sun Feb 25 19:57:15 2007 => Scanning File C:\WINDOWS\system32\security.dll
Sun Feb 25 19:57:15 2007 => Scanning File C:\WINDOWS\system32\SELFREG.DLL
Sun Feb 25 19:57:15 2007 => Scanning File C:\WINDOWS\system32\sendcmsg.dll
Sun Feb 25 19:57:15 2007 => Scanning File C:\WINDOWS\system32\sendmail.dll
Sun Feb 25 19:57:15 2007 => Scanning File C:\WINDOWS\system32\sens.dll
Sun Feb 25 19:57:15 2007 => Scanning File C:\WINDOWS\system32\sensapi.dll
Sun Feb 25 19:57:15 2007 => Scanning File C:\WINDOWS\system32\senscfg.dll
Sun Feb 25 19:57:15 2007 => Scanning File C:\WINDOWS\system32\serialui.dll
Sun Feb 25 19:57:15 2007 => Scanning File C:\WINDOWS\system32\servdeps.dll
Sun Feb 25 19:57:15 2007 => Scanning File C:\WINDOWS\system32\services.exe
Sun Feb 25 19:57:15 2007 => Scanning File C:\WINDOWS\system32\services.msc
Sun Feb 25 19:57:15 2007 => Scanning File C:\WINDOWS\system32\serwvdrv.dll
Sun Feb 25 19:57:15 2007 => Scanning File C:\WINDOWS\system32\sessmgr.exe
Sun Feb 25 19:57:15 2007 => *** File C:\WINDOWS\system32\SET204.tmp having Size Restriction ***. Filesize 10599 kb > 3072 kb...
Sun Feb 25 19:57:15 2007 => Scanning File C:\WINDOWS\system32\SET204.tmp [**]
Sun Feb 25 19:57:15 2007 => *** File C:\WINDOWS\system32\SET209.tmp having Size Restriction ***. Filesize 8142 kb > 3072 kb...
Sun Feb 25 19:57:15 2007 => Scanning File C:\WINDOWS\system32\SET209.tmp [**]
Sun Feb 25 19:57:15 2007 => Scanning File C:\WINDOWS\system32\sethc.exe
Sun Feb 25 19:57:15 2007 => Scanning File C:\WINDOWS\system32\setup.bmp [**]
Sun Feb 25 19:57:15 2007 => Scanning File C:\WINDOWS\system32\setup.exe
Sun Feb 25 19:57:15 2007 => Scanning File C:\WINDOWS\system32\setupapi.dll
Sun Feb 25 19:57:15 2007 => Scanning File C:\WINDOWS\system32\setupdll.dll
Sun Feb 25 19:57:15 2007 => Scanning File C:\WINDOWS\system32\setver.exe
Sun Feb 25 19:57:15 2007 => Scanning File C:\WINDOWS\system32\sfc.dll
Sun Feb 25 19:57:15 2007 => Scanning File C:\WINDOWS\system32\sfc.exe
Sun Feb 25 19:57:15 2007 => Scanning File C:\WINDOWS\system32\sfcfiles.dll
Sun Feb 25 19:57:15 2007 => Scanning File C:\WINDOWS\system32\sfc_os.dll
Sun Feb 25 19:57:15 2007 => Scanning File C:\WINDOWS\system32\sfmapi.dll
Sun Feb 25 19:57:15 2007 => Scanning File C:\WINDOWS\system32\sgRegExp.dll
Sun Feb 25 19:57:15 2007 => Scanning File C:\WINDOWS\system32\shadow.exe
Sun Feb 25 19:57:15 2007 => Scanning File C:\WINDOWS\system32\share.exe
Sun Feb 25 19:57:15 2007 => Scanning File C:\WINDOWS\system32\shdoclc.dll
Sun Feb 25 19:57:16 2007 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Feb 25 19:57:16 2007 => Scanning File C:\WINDOWS\system32\shell.dll
Sun Feb 25 19:57:16 2007 => *** File C:\WINDOWS\system32\shell32.dll having Size Restriction ***. Filesize 8255 kb > 3072 kb...
Sun Feb 25 19:57:16 2007 => Scanning File C:\WINDOWS\system32\shell32.dll [**]
Sun Feb 25 19:57:16 2007 => Scanning File C:\WINDOWS\system32\shellstyle.dll
Sun Feb 25 19:57:16 2007 => Scanning File C:\WINDOWS\system32\ShellvRTF.dll
Sun Feb 25 19:57:16 2007 => Scanning File C:\WINDOWS\system32\ShellvRTF64.dll
Sun Feb 25 19:57:16 2007 => Scanning File C:\WINDOWS\system32\shfolder.dll
Sun Feb 25 19:57:16 2007 => Scanning File C:\WINDOWS\system32\shgina.dll
Sun Feb 25 19:57:16 2007 => Scanning File C:\WINDOWS\system32\shiftjis.uce [**]
Sun Feb 25 19:57:16 2007 => Scanning File C:\WINDOWS\system32\shimeng.dll
Sun Feb 25 19:57:16 2007 => Scanning File C:\WINDOWS\system32\shimgvw.dll
Sun Feb 25 19:57:16 2007 => Scanning File C:\WINDOWS\system32\shlwapi.dll
Sun Feb 25 19:57:16 2007 => Scanning File C:\WINDOWS\system32\shmedia.dll
Sun Feb 25 19:57:16 2007 => Scanning File C:\WINDOWS\system32\shmgrate.exe
Sun Feb 25 19:57:16 2007 => Scanning File C:\WINDOWS\system32\shrpubw.exe
Sun Feb 25 19:57:16 2007 => Scanning File C:\WINDOWS\system32\shscrap.dll
Sun Feb 25 19:57:16 2007 => Scanning File C:\WINDOWS\system32\shsvcs.dll
Sun Feb 25 19:57:16 2007 => Scanning File C:\WINDOWS\system32\shutdown.exe
Sun Feb 25 19:57:16 2007 => Scanning File C:\WINDOWS\system32\sigtab.dll
Sun Feb 25 19:57:16 2007 => Scanning File C:\WINDOWS\system32\sigverif.exe
Sun Feb 25 19:57:16 2007 => Scanning File C:\WINDOWS\system32\simpdata.tlb
Sun Feb 25 19:57:16 2007 => Scanning File C:\WINDOWS\system32\sisbkup.dll
Sun Feb 25 19:57:16 2007 => Scanning File C:\WINDOWS\system32\skdll.dll
Sun Feb 25 19:57:16 2007 => Scanning File C:\WINDOWS\system32\skeys.exe
Sun Feb 25 19:57:16 2007 => Scanning File C:\WINDOWS\system32\slayerxp.dll
Sun Feb 25 19:57:16 2007 => Scanning File C:\WINDOWS\system32\slbcsp.dll
Sun Feb 25 19:57:16 2007 => Scanning File C:\WINDOWS\system32\slbiop.dll
Sun Feb 25 19:57:16 2007 => Scanning File C:\WINDOWS\system32\slbrccsp.dll
Sun Feb 25 19:57:16 2007 => Scanning File C:\WINDOWS\system32\sl_anet.acm
Sun Feb 25 19:57:16 2007 => Scanning File C:\WINDOWS\system32\SmartUI2.ocx
Sun Feb 25 19:57:17 2007 => Scanning File C:\WINDOWS\system32\smbinst.exe
Sun Feb 25 19:57:17 2007 => Scanning File C:\WINDOWS\system32\smi.mib [**]
Sun Feb 25 19:57:17 2007 => Scanning File C:\WINDOWS\system32\smlogcfg.dll
Sun Feb 25 19:57:17 2007 => Scanning File C:\WINDOWS\system32\smlogsvc.exe
Sun Feb 25 19:57:17 2007 => Scanning File C:\WINDOWS\system32\smss.exe
Sun Feb 25 19:57:17 2007 => Scanning File C:\WINDOWS\system32\snmp.exe
Sun Feb 25 19:57:17 2007 => Scanning File C:\WINDOWS\system32\snmpapi.dll
Sun Feb 25 19:57:17 2007 => Scanning File C:\WINDOWS\system32\snmpmib.dll
Sun Feb 25 19:57:17 2007 => Scanning File C:\WINDOWS\system32\snmpsnap.dll
Sun Feb 25 19:57:17 2007 => Scanning File C:\WINDOWS\system32\snmptrap.exe
Sun Feb 25 19:57:17 2007 => Scanning File C:\WINDOWS\system32\SockIntf.dll
Sun Feb 25 19:57:17 2007 => Scanning File C:\WINDOWS\system32\softpub.dll
Sun Feb 25 19:57:17 2007 => Scanning File C:\WINDOWS\system32\sort.exe
Sun Feb 25 19:57:17 2007 => Scanning File C:\WINDOWS\system32\sortkey.nls [**]
Sun Feb 25 19:57:17 2007 => Scanning File C:\WINDOWS\system32\sorttbls.nls [**]
Sun Feb 25 19:57:17 2007 => Scanning File C:\WINDOWS\system32\sound.drv
Sun Feb 25 19:57:17 2007 => Scanning File C:\WINDOWS\system32\space.scr.old
Sun Feb 25 19:57:17 2007 => Scanning File C:\WINDOWS\system32\spiisupd.exe
Sun Feb 25 19:57:17 2007 => Scanning File C:\WINDOWS\system32\spmsg.dll
Sun Feb 25 19:57:17 2007 => Scanning File C:\WINDOWS\system32\spnike.dll
Sun Feb 25 19:57:17 2007 => Scanning File C:\WINDOWS\system32\spnpinst.exe
Sun Feb 25 19:57:17 2007 => Scanning File C:\WINDOWS\system32\spoolss.dll
Sun Feb 25 19:57:17 2007 => Scanning File C:\WINDOWS\system32\spoolsv.exe
Sun Feb 25 19:57:17 2007 => Scanning File C:\WINDOWS\system32\sprestrt.exe
Sun Feb 25 19:57:17 2007 => Scanning File C:\WINDOWS\system32\sprio600.dll
Sun Feb 25 19:57:17 2007 => Scanning File C:\WINDOWS\system32\sprio800.dll
Sun Feb 25 19:57:17 2007 => Scanning File C:\WINDOWS\system32\spupdsvc.exe
Sun Feb 25 19:57:17 2007 => Scanning File C:\WINDOWS\system32\spxcoins.dll
Sun Feb 25 19:57:18 2007 => Scanning File C:\WINDOWS\system32\sqlsodbc.chm [**]
Sun Feb 25 19:57:18 2007 => Scanning File C:\WINDOWS\system32\sqlsrv32.dll
Sun Feb 25 19:57:18 2007 => Scanning File C:\WINDOWS\system32\sqlsrv32.rll
Sun Feb 25 19:57:18 2007 => Scanning File C:\WINDOWS\system32\sqlunirl.dll
Sun Feb 25 19:57:18 2007 => Scanning File C:\WINDOWS\system32\sqlwid.dll
Sun Feb 25 19:57:18 2007 => Scanning File C:\WINDOWS\system32\sqlwoa.dll
Sun Feb 25 19:57:18 2007 => Scanning File C:\WINDOWS\system32\SrchSTS.exe
Sun Feb 25 19:57:18 2007 => Scanning File C:\WINDOWS\system32\srclient.dll
Sun Feb 25 19:57:18 2007 => Scanning File C:\WINDOWS\system32\srrstr.dll
Sun Feb 25 19:57:18 2007 => Scanning File C:\WINDOWS\system32\srsvc.dll
Sun Feb 25 19:57:18 2007 => Scanning File C:\WINDOWS\system32\srvsvc.dll
Sun Feb 25 19:57:18 2007 => Scanning File C:\WINDOWS\system32\ss3dfo.scr
Sun Feb 25 19:57:18 2007 => Scanning File C:\WINDOWS\system32\ssbezier.scr
Sun Feb 25 19:57:18 2007 => Scanning File C:\WINDOWS\system32\ssdpapi.dll
Sun Feb 25 19:57:18 2007 => Scanning File C:\WINDOWS\system32\ssdpsrv.dll
Sun Feb 25 19:57:18 2007 => Scanning File C:\WINDOWS\system32\ssflwbox.scr
Sun Feb 25 19:57:18 2007 => Scanning File C:\WINDOWS\system32\ssleay32.dll
Sun Feb 25 19:57:18 2007 => Scanning File C:\WINDOWS\system32\ssmarque.scr
Sun Feb 25 19:57:18 2007 => Scanning File C:\WINDOWS\system32\ssmypics.scr
Sun Feb 25 19:57:19 2007 => Scanning File C:\WINDOWS\system32\ssmyst.scr
Sun Feb 25 19:57:19 2007 => Scanning File C:\WINDOWS\system32\sspipes.scr
Sun Feb 25 19:57:19 2007 => Scanning File C:\WINDOWS\system32\ssstars.scr
Sun Feb 25 19:57:19 2007 => Scanning File C:\WINDOWS\system32\sstext3d.scr
Sun Feb 25 19:57:19 2007 => Scanning File C:\WINDOWS\system32\stclient.dll
Sun Feb 25 19:57:19 2007 => Scanning File C:\WINDOWS\system32\stdole2.tlb
Sun Feb 25 19:57:19 2007 => Scanning File C:\WINDOWS\system32\stdole32.tlb
Sun Feb 25 19:57:19 2007 => Scanning File C:\WINDOWS\system32\sti.dll
Sun Feb 25 19:57:19 2007 => Scanning File C:\WINDOWS\system32\stimon.exe
Sun Feb 25 19:57:19 2007 => Scanning File C:\WINDOWS\system32\sti_ci.dll
Sun Feb 25 19:57:19 2007 => Scanning File C:\WINDOWS\system32\stobject.dll
Sun Feb 25 19:57:19 2007 => Scanning File C:\WINDOWS\system32\storage.dll
Sun Feb 25 19:57:19 2007 => Scanning File C:\WINDOWS\system32\storprop.dll
Sun Feb 25 19:57:19 2007 => Scanning File C:\WINDOWS\system32\streamci.dll
Sun Feb 25 19:57:19 2007 => Scanning File C:\WINDOWS\system32\strmdll.dll
Sun Feb 25 19:57:19 2007 => Scanning File C:\WINDOWS\system32\strmfilt.dll
Sun Feb 25 19:57:19 2007 => Scanning File C:\WINDOWS\system32\subrange.uce [**]
Sun Feb 25 19:57:19 2007 => Scanning File C:\WINDOWS\system32\subst.exe
Sun Feb 25 19:57:19 2007 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Feb 25 19:57:19 2007 => Scanning File C:\WINDOWS\system32\svcpack.dll
Sun Feb 25 19:57:19 2007 => Scanning File C:\WINDOWS\system32\SWEDISH.TRN [**]
Sun Feb 25 19:57:19 2007 => Scanning File C:\WINDOWS\system32\swprv.dll
Sun Feb 25 19:57:19 2007 => Scanning File C:\WINDOWS\system32\swreg.exe
Sun Feb 25 19:57:19 2007 => Scanning File C:\WINDOWS\system32\swsc.exe
Sun Feb 25 19:57:20 2007 => Scanning File C:\WINDOWS\system32\swxcacls.exe
Sun Feb 25 19:57:20 2007 => Scanning File C:\WINDOWS\system32\sxs.dll
Sun Feb 25 19:57:20 2007 => Scanning File C:\WINDOWS\system32\syncapp.exe
Sun Feb 25 19:57:20 2007 => Scanning File C:\WINDOWS\system32\synceng.dll
Sun Feb 25 19:57:20 2007 => Scanning File C:\WINDOWS\system32\syncui.dll
Sun Feb 25 19:57:20 2007 => Scanning File C:\WINDOWS\system32\SysCheck2.dll
Sun Feb 25 19:57:20 2007 => Scanning File C:\WINDOWS\system32\syschkvc.dll
Sun Feb 25 19:57:20 2007 => Scanning File C:\WINDOWS\system32\sysdm.cpl
Sun Feb 25 19:57:20 2007 => Scanning File C:\WINDOWS\system32\sysedit.exe
Sun Feb 25 19:57:20 2007 => Scanning File C:\WINDOWS\system32\sysinv.dll
Sun Feb 25 19:57:20 2007 => Scanning File C:\WINDOWS\system32\syskey.exe
Sun Feb 25 19:57:20 2007 => Scanning File C:\WINDOWS\system32\sysmon.ocx
Sun Feb 25 19:57:20 2007 => Scanning File C:\WINDOWS\system32\sysocmgr.exe
Sun Feb 25 19:57:20 2007 => Scanning File C:\WINDOWS\system32\sysprint.sep
Sun Feb 25 19:57:20 2007 => Scanning File C:\WINDOWS\system32\sysprtj.sep
Sun Feb 25 19:57:21 2007 => Scanning File C:\WINDOWS\system32\syssetup.dll
Sun Feb 25 19:57:21 2007 => Scanning File C:\WINDOWS\system32\system.drv
Sun Feb 25 19:57:21 2007 => Scanning File C:\WINDOWS\system32\system.mdw
Sun Feb 25 19:57:21 2007 => Scanning File C:\WINDOWS\system32\SYSTEM1X.MDW
Sun Feb 25 19:57:21 2007 => Scanning File C:\WINDOWS\system32\systeminfo.exe
Sun Feb 25 19:57:21 2007 => Scanning File C:\WINDOWS\system32\SYSTOOLS.DLL
Sun Feb 25 19:57:21 2007 => Scanning File C:\WINDOWS\system32\systray.exe
Sun Feb 25 19:57:21 2007 => Scanning File C:\WINDOWS\system32\T.COM
Sun Feb 25 19:57:21 2007 => Scanning File C:\WINDOWS\system32\t2embed.dll
Sun Feb 25 19:57:21 2007 => Scanning File C:\WINDOWS\system32\T2EMBED.SRG [**]
Sun Feb 25 19:57:21 2007 => Scanning File C:\WINDOWS\system32\tapi.dll
Sun Feb 25 19:57:21 2007 => Scanning File C:\WINDOWS\system32\tapi3.dll
Sun Feb 25 19:57:21 2007 => Scanning File C:\WINDOWS\system32\tapi32.dll
Sun Feb 25 19:57:21 2007 => Scanning File C:\WINDOWS\system32\tapiperf.dll
Sun Feb 25 19:57:21 2007 => Scanning File C:\WINDOWS\system32\tapisrv.dll
Sun Feb 25 19:57:21 2007 => Scanning File C:\WINDOWS\system32\tapiui.dll
Sun Feb 25 19:57:21 2007 => Scanning File C:\WINDOWS\system32\taskkill.exe
Sun Feb 25 19:57:21 2007 => Scanning File C:\WINDOWS\system32\tasklist.exe
Sun Feb 25 19:57:21 2007 => Scanning File C:\WINDOWS\system32\taskman.exe
Sun Feb 25 19:57:21 2007 => Scanning File C:\WINDOWS\system32\TASKMGR.COM
Sun Feb 25 19:57:21 2007 => Scanning File C:\WINDOWS\system32\taskmgr.exe
Sun Feb 25 19:57:21 2007 => Scanning File C:\WINDOWS\system32\tcmsetup.exe
Sun Feb 25 19:57:21 2007 => Scanning File C:\WINDOWS\system32\tcpmib.dll
Sun Feb 25 19:57:21 2007 => Scanning File C:\WINDOWS\system32\tcpmon.dll
Sun Feb 25 19:57:21 2007 => Scanning File C:\WINDOWS\system32\tcpmon.ini [**]
Sun Feb 25 19:57:21 2007 => Scanning File C:\WINDOWS\system32\tcpmonui.dll
Sun Feb 25 19:57:22 2007 => Scanning File C:\WINDOWS\system32\tcpsvcs.exe
Sun Feb 25 19:57:22 2007 => Scanning File C:\WINDOWS\system32\tdc.ocx
Sun Feb 25 19:57:22 2007 => Scanning File C:\WINDOWS\system32\tdifmon.log [**]
Sun Feb 25 19:57:22 2007 => Scanning File C:\WINDOWS\system32\tee50.bpl
Sun Feb 25 19:57:22 2007 => Scanning File C:\WINDOWS\system32\teedb50.bpl
Sun Feb 25 19:57:22 2007 => Scanning File C:\WINDOWS\system32\teeqr50.bpl
Sun Feb 25 19:57:22 2007 => Scanning File C:\WINDOWS\system32\teeui50.bpl
Sun Feb 25 19:57:22 2007 => Scanning File C:\WINDOWS\system32\telephon.cpl
Sun Feb 25 19:57:22 2007 => Scanning File C:\WINDOWS\system32\telnet.exe
Sun Feb 25 19:57:22 2007 => Scanning File C:\WINDOWS\system32\termcap [**]
Sun Feb 25 19:57:22 2007 => Scanning File C:\WINDOWS\system32\termmgr.dll
Sun Feb 25 19:57:22 2007 => Scanning File C:\WINDOWS\system32\termsrv.dll
Sun Feb 25 19:57:22 2007 => Scanning File C:\WINDOWS\system32\tftp.exe
Sun Feb 25 19:57:22 2007 => Scanning File C:\WINDOWS\system32\themeui.dll
Sun Feb 25 19:57:22 2007 => Scanning File C:\WINDOWS\system32\ticrf.rat [**]
Sun Feb 25 19:57:22 2007 => Scanning File C:\WINDOWS\system32\timedate.cpl
Sun Feb 25 19:57:22 2007 => Scanning File C:\WINDOWS\system32\timer.drv
Sun Feb 25 19:57:22 2007 => Scanning File C:\WINDOWS\system32\TLBINF32.DLL
Sun Feb 25 19:57:22 2007 => Scanning File C:\WINDOWS\system32\tlntadmn.exe
Sun Feb 25 19:57:22 2007 => Scanning File C:\WINDOWS\system32\tlntsess.exe
Sun Feb 25 19:57:22 2007 => Scanning File C:\WINDOWS\system32\tlntsvr.exe
Sun Feb 25 19:57:22 2007 => Scanning File C:\WINDOWS\system32\tlntsvrp.dll
Sun Feb 25 19:57:22 2007 => Scanning File C:\WINDOWS\system32\TMOGComm.dll
Sun Feb 25 19:57:23 2007 => Scanning File C:\WINDOWS\system32\tmp.reg
Sun Feb 25 19:57:23 2007 => Scanning File C:\WINDOWS\system32\tmp.txt [**]
Sun Feb 25 19:57:23 2007 => Scanning File C:\WINDOWS\system32\TMShortCut.dll
Sun Feb 25 19:57:23 2007 => Scanning File C:\WINDOWS\system32\TMSSLogo.ico [**]
Sun Feb 25 19:57:23 2007 => Scanning File C:\WINDOWS\system32\TMSSReport.zip
Sun Feb 25 19:57:23 2007 => Scanning File C:\WINDOWS\system32\TMSSReportX.ocx
Sun Feb 25 19:57:23 2007 => Scanning File C:\WINDOWS\system32\TMSSUninstall.zip
Sun Feb 25 19:57:23 2007 => Scanning File C:\WINDOWS\system32\tmssunzip.dll
Sun Feb 25 19:57:23 2007 => Scanning File C:\WINDOWS\system32\toolhelp.dll
Sun Feb 25 19:57:23 2007 => Scanning File C:\WINDOWS\system32\tourstart.exe
Sun Feb 25 19:57:23 2007 => Scanning File C:\WINDOWS\system32\TpUtil.dll
Sun Feb 25 19:57:23 2007 => Scanning File C:\WINDOWS\system32\tracerpt.exe
Sun Feb 25 19:57:23 2007 => Scanning File C:\WINDOWS\system32\tracert.exe
Sun Feb 25 19:57:23 2007 => Scanning File C:\WINDOWS\system32\tracert6.exe
Sun Feb 25 19:57:24 2007 => Scanning File C:\WINDOWS\system32\traffic.dll
Sun Feb 25 19:57:24 2007 => Scanning File C:\WINDOWS\system32\tree.com
Sun Feb 25 19:57:24 2007 => Scanning File C:\WINDOWS\system32\trkwks.dll
Sun Feb 25 19:57:24 2007 => Scanning File C:\WINDOWS\system32\tsappcmp.dll
Sun Feb 25 19:57:24 2007 => Scanning File C:\WINDOWS\system32\tsbyuv.dll
Sun Feb 25 19:57:24 2007 => Scanning File C:\WINDOWS\system32\tscfgwmi.dll
Sun Feb 25 19:57:24 2007 => Scanning File C:\WINDOWS\system32\tscon.exe
Sun Feb 25 19:57:24 2007 => Scanning File C:\WINDOWS\system32\tscupgrd.exe
Sun Feb 25 19:57:24 2007 => Scanning File C:\WINDOWS\system32\tsd32.dll
Sun Feb 25 19:57:24 2007 => Scanning File C:\WINDOWS\system32\tsddd.dll
Sun Feb 25 19:57:24 2007 => Scanning File C:\WINDOWS\system32\tsdiscon.exe
Sun Feb 25 19:57:24 2007 => Scanning File C:\WINDOWS\system32\tskill.exe
Sun Feb 25 19:57:24 2007 => Scanning File C:\WINDOWS\system32\tslabels.h [**]
Sun Feb 25 19:57:24 2007 => Scanning File C:\WINDOWS\system32\tslabels.ini [**]
Sun Feb 25 19:57:24 2007 => Scanning File C:\WINDOWS\system32\tsshutdn.exe
Sun Feb 25 19:57:24 2007 => Scanning File C:\WINDOWS\system32\tssoft32.acm
Sun Feb 25 19:57:24 2007 => Scanning File C:\WINDOWS\system32\TWAIN_32.DLL
Sun Feb 25 19:57:24 2007 => Scanning File C:\WINDOWS\system32\twext.dll
Sun Feb 25 19:57:24 2007 => Scanning File C:\WINDOWS\system32\txflog.dll
Sun Feb 25 19:57:24 2007 => Scanning File C:\WINDOWS\system32\typelib.dll
Sun Feb 25 19:57:24 2007 => Scanning File C:\WINDOWS\system32\typeperf.exe
Sun Feb 25 19:57:24 2007 => Scanning File C:\WINDOWS\system32\tzchange.exe
Sun Feb 25 19:57:24 2007 => Scanning File C:\WINDOWS\system32\TZLog.log [**]
Sun Feb 25 19:57:24 2007 => Scanning File C:\WINDOWS\system32\udhisapi.dll
Sun Feb 25 19:57:24 2007 => Scanning File C:\WINDOWS\system32\ufat.dll
Sun Feb 25 19:57:24 2007 => Scanning File C:\WINDOWS\system32\Uhoh.wav
Sun Feb 25 19:57:24 2007 => Scanning File C:\WINDOWS\system32\ulib.dll
Sun Feb 25 19:57:24 2007 => Scanning File C:\WINDOWS\system32\umandlg.dll
Sun Feb 25 19:57:24 2007 => Scanning File C:\WINDOWS\system32\umdmxfrm.dll
Sun Feb 25 19:57:24 2007 => Scanning File C:\WINDOWS\system32\UMLoader.dll
Sun Feb 25 19:57:25 2007 => Scanning File C:\WINDOWS\system32\umpnpmgr.dll
Sun Feb 25 19:57:25 2007 => Scanning File C:\WINDOWS\system32\unicode.nls [**]
Sun Feb 25 19:57:25 2007 => Scanning File C:\WINDOWS\system32\unimdm.tsp
Sun Feb 25 19:57:25 2007 => Scanning File C:\WINDOWS\system32\unimdmat.dll
Sun Feb 25 19:57:25 2007 => Scanning File C:\WINDOWS\system32\Uninstall.ico [**]
Sun Feb 25 19:57:25 2007 => Scanning File C:\WINDOWS\system32\uniplat.dll
Sun Feb 25 19:57:25 2007 => Scanning File C:\WINDOWS\system32\unlodctr.exe
Sun Feb 25 19:57:25 2007 => Scanning File C:\WINDOWS\system32\untfs.dll
Sun Feb 25 19:57:25 2007 => Scanning File C:\WINDOWS\system32\upnp.dll
Sun Feb 25 19:57:25 2007 => Scanning File C:\WINDOWS\system32\upnpcont.exe
Sun Feb 25 19:57:25 2007 => Scanning File C:\WINDOWS\system32\upnphost.dll
Sun Feb 25 19:57:25 2007 => Scanning File C:\WINDOWS\system32\upnpui.dll
Sun Feb 25 19:57:25 2007 => Scanning File C:\WINDOWS\system32\ups.exe
Sun Feb 25 19:57:25 2007 => Scanning File C:\WINDOWS\system32\ureg.dll
Sun Feb 25 19:57:25 2007 => Scanning File C:\WINDOWS\system32\url.dll
Sun Feb 25 19:57:25 2007 => Scanning File C:\WINDOWS\system32\urlmon.dll
Sun Feb 25 19:57:25 2007 => Scanning File C:\WINDOWS\system32\USASCII.TRN [**]
Sun Feb 25 19:57:25 2007 => Scanning File C:\WINDOWS\system32\usbmon.dll
Sun Feb 25 19:57:25 2007 => Scanning File C:\WINDOWS\system32\usbui.dll
Sun Feb 25 19:57:25 2007 => Scanning File C:\WINDOWS\system32\user.exe
Sun Feb 25 19:57:25 2007 => Scanning File C:\WINDOWS\system32\user32.dll
Sun Feb 25 19:57:25 2007 => Scanning File C:\WINDOWS\system32\userenv.dll
Sun Feb 25 19:57:25 2007 => Scanning File C:\WINDOWS\system32\userinit.exe
Sun Feb 25 19:57:25 2007 => Scanning File C:\WINDOWS\system32\usp10.dll
Sun Feb 25 19:57:25 2007 => Scanning File C:\WINDOWS\system32\usrcntra.dll
Sun Feb 25 19:57:25 2007 => Scanning File C:\WINDOWS\system32\usrcoina.dll
Sun Feb 25 19:57:25 2007 => Scanning File C:\WINDOWS\system32\usrdpa.dll
Sun Feb 25 19:57:25 2007 => Scanning File C:\WINDOWS\system32\usrdtea.dll
Sun Feb 25 19:57:25 2007 => Scanning File C:\WINDOWS\system32\usrfaxa.dll
Sun Feb 25 19:57:25 2007 => Scanning File C:\WINDOWS\system32\usrlbva.dll
Sun Feb 25 19:57:25 2007 => Scanning File C:\WINDOWS\system32\usrlogon.cmd
Sun Feb 25 19:57:26 2007 => Scanning File C:\WINDOWS\system32\usrmlnka.exe
Sun Feb 25 19:57:26 2007 => Scanning File C:\WINDOWS\system32\usrprbda.exe
Sun Feb 25 19:57:26 2007 => Scanning File C:\WINDOWS\system32\usrrtosa.dll
Sun Feb 25 19:57:26 2007 => Scanning File C:\WINDOWS\system32\usrsdpia.dll
Sun Feb 25 19:57:26 2007 => Scanning File C:\WINDOWS\system32\usrshuta.exe
Sun Feb 25 19:57:26 2007 => Scanning File C:\WINDOWS\system32\usrsvpia.dll
Sun Feb 25 19:57:26 2007 => Scanning File C:\WINDOWS\system32\usrv42a.dll
Sun Feb 25 19:57:26 2007 => Scanning File C:\WINDOWS\system32\usrv80a.dll
Sun Feb 25 19:57:26 2007 => Scanning File C:\WINDOWS\system32\usrvoica.dll
Sun Feb 25 19:57:26 2007 => Scanning File C:\WINDOWS\system32\usrvpa.dll
Sun Feb 25 19:57:26 2007 => Scanning File C:\WINDOWS\system32\utildll.dll
Sun Feb 25 19:57:26 2007 => Scanning File C:\WINDOWS\system32\utilman.exe
Sun Feb 25 19:57:26 2007 => Scanning File C:\WINDOWS\system32\uwdf.exe
Sun Feb 25 19:57:26 2007 => Scanning File C:\WINDOWS\system32\uxtheme.dll
Sun Feb 25 19:57:26 2007 => Scanning File C:\WINDOWS\system32\v7vga.rom [**]
Sun Feb 25 19:57:26 2007 => Scanning File C:\WINDOWS\system32\VBAEN32.OLB
Sun Feb 25 19:57:26 2007 => Scanning File C:\WINDOWS\system32\VBAEND32.OLB
Sun Feb 25 19:57:26 2007 => Scanning File C:\WINDOWS\system32\vbajet32.dll
Sun Feb 25 19:57:26 2007 => Scanning File C:\WINDOWS\system32\VBAME.DLL
Sun Feb 25 19:57:26 2007 => Scanning File C:\WINDOWS\system32\VBAR332.DLL
Sun Feb 25 19:57:26 2007 => Scanning File C:\WINDOWS\system32\VBICodec.ax
Sun Feb 25 19:57:26 2007 => Scanning File C:\WINDOWS\system32\vbisurf.ax
Sun Feb 25 19:57:26 2007 => Scanning File C:\WINDOWS\system32\vbscript.dll
Sun Feb 25 19:57:27 2007 => Scanning File C:\WINDOWS\system32\vcdex.dll
Sun Feb 25 19:57:27 2007 => Scanning File C:\WINDOWS\system32\vcl50.bpl
Sun Feb 25 19:57:27 2007 => Scanning File C:\WINDOWS\system32\vclbde50.bpl
Sun Feb 25 19:57:27 2007 => Scanning File C:\WINDOWS\system32\vcldb50.bpl
Sun Feb 25 19:57:27 2007 => Scanning File C:\WINDOWS\system32\vcldbx50.bpl
Sun Feb 25 19:57:27 2007 => Scanning File C:\WINDOWS\system32\vclib50.bpl
Sun Feb 25 19:57:27 2007 => Scanning File C:\WINDOWS\system32\vclie50.bpl
Sun Feb 25 19:57:27 2007 => Scanning File C:\WINDOWS\system32\vcljpg50.bpl
Sun Feb 25 19:57:27 2007 => Scanning File C:\WINDOWS\system32\vclsmp50.bpl
Sun Feb 25 19:57:27 2007 => Scanning File C:\WINDOWS\system32\vclx50.bpl
Sun Feb 25 19:57:27 2007 => Scanning File C:\WINDOWS\system32\vdmdbg.dll
Sun Feb 25 19:57:27 2007 => Scanning File C:\WINDOWS\system32\vdmredir.dll
Sun Feb 25 19:57:27 2007 => Scanning File C:\WINDOWS\system32\VEN2232.OLB
Sun Feb 25 19:57:27 2007 => Scanning File C:\WINDOWS\system32\ver.dll
Sun Feb 25 19:57:27 2007 => Scanning File C:\WINDOWS\system32\verclsid.exe
Sun Feb 25 19:57:27 2007 => Scanning File C:\WINDOWS\system32\verifier.dll
Sun Feb 25 19:57:28 2007 => Scanning File C:\WINDOWS\system32\verifier.exe
Sun Feb 25 19:57:28 2007 => Scanning File C:\WINDOWS\system32\version.dll
Sun Feb 25 19:57:28 2007 => Scanning File C:\WINDOWS\system32\vfpodbc.dll
Sun Feb 25 19:57:28 2007 => Scanning File C:\WINDOWS\system32\vga.dll
Sun Feb 25 19:57:28 2007 => Scanning File C:\WINDOWS\system32\vga.drv
Sun Feb 25 19:57:28 2007 => Scanning File C:\WINDOWS\system32\vga256.dll
Sun Feb 25 19:57:28 2007 => Scanning File C:\WINDOWS\system32\vga64k.dll
Sun Feb 25 19:57:28 2007 => Scanning File C:\WINDOWS\system32\View Channels.scf [**]
Sun Feb 25 19:57:28 2007 => Scanning File C:\WINDOWS\system32\vjoy.dll
Sun Feb 25 19:57:28 2007 => Scanning File C:\WINDOWS\system32\VSFLEX3.OCX
Sun Feb 25 19:57:28 2007 => Scanning File C:\WINDOWS\system32\Vsflex7L.ocx
Sun Feb 25 19:57:28 2007 => Scanning File C:\WINDOWS\system32\vssadmin.exe
Sun Feb 25 19:57:28 2007 => Scanning File C:\WINDOWS\system32\vssapi.dll
Sun Feb 25 19:57:28 2007 => Scanning File C:\WINDOWS\system32\vssvc.exe
Sun Feb 25 19:57:28 2007 => Scanning File C:\WINDOWS\system32\vss_ps.dll
Sun Feb 25 19:57:28 2007 => Scanning File C:\WINDOWS\system32\vwipxspx.dll
Sun Feb 25 19:57:28 2007 => Scanning File C:\WINDOWS\system32\vwipxspx.exe
Sun Feb 25 19:57:28 2007 => Scanning File C:\WINDOWS\system32\VXBLOCK.dll
Sun Feb 25 19:57:28 2007 => Scanning File C:\WINDOWS\system32\w32time.dll
Sun Feb 25 19:57:28 2007 => Scanning File C:\WINDOWS\system32\w32tm.exe
Sun Feb 25 19:57:28 2007 => Scanning File C:\WINDOWS\system32\w32topl.dll
Sun Feb 25 19:57:28 2007 => Scanning File C:\WINDOWS\system32\w3ssl.dll
Sun Feb 25 19:57:28 2007 => Scanning File C:\WINDOWS\system32\watchdog.sys
Sun Feb 25 19:57:28 2007 => Scanning File C:\WINDOWS\system32\wavemsp.dll
Sun Feb 25 19:57:28 2007 => Scanning File C:\WINDOWS\system32\wbcache.deu [**]
Sun Feb 25 19:57:28 2007 => Scanning File C:\WINDOWS\system32\wbcache.enu [**]
Sun Feb 25 19:57:28 2007 => Scanning File C:\WINDOWS\system32\wbcache.esn [**]
Sun Feb 25 19:57:28 2007 => Scanning File C:\WINDOWS\system32\wbcache.fra [**]
Sun Feb 25 19:57:28 2007 => Scanning File C:\WINDOWS\system32\wbcache.ita [**]
Sun Feb 25 19:57:28 2007 => Scanning File C:\WINDOWS\system32\wbcache.nld [**]
Sun Feb 25 19:57:28 2007 => Scanning File C:\WINDOWS\system32\wbcache.sve [**]
Sun Feb 25 19:57:28 2007 => Scanning File C:\WINDOWS\system32\wbdbase.deu [**]
Sun Feb 25 19:57:28 2007 => Scanning File C:\WINDOWS\system32\wbdbase.enu [**]
Sun Feb 25 19:57:28 2007 => Scanning File C:\WINDOWS\system32\wbdbase.esn [**]
Sun Feb 25 19:57:28 2007 => Scanning File C:\WINDOWS\system32\wbdbase.fra [**]
Sun Feb 25 19:57:28 2007 => Scanning File C:\WINDOWS\system32\wbdbase.ita [**]
Sun Feb 25 19:57:28 2007 => Scanning File C:\WINDOWS\system32\wbdbase.nld [**]
Sun Feb 25 19:57:28 2007 => Scanning File C:\WINDOWS\system32\wbdbase.sve [**]
Sun Feb 25 19:57:28 2007 => Scanning File C:\WINDOWS\system32\WBDBT32I.DLL
Sun Feb 25 19:57:29 2007 => Scanning File C:\WINDOWS\system32\WBDBV32I.DLL
Sun Feb 25 19:57:29 2007 => Scanning File C:\WINDOWS\system32\wdfapi.dll
Sun Feb 25 19:57:29 2007 => Scanning File C:\WINDOWS\system32\wdfmgr.exe
Sun Feb 25 19:57:29 2007 => Scanning File C:\WINDOWS\system32\wdigest.dll
Sun Feb 25 19:57:29 2007 => Scanning File C:\WINDOWS\system32\wdl.trm [**]
Sun Feb 25 19:57:29 2007 => Scanning File C:\WINDOWS\system32\wdmaud.drv
Sun Feb 25 19:57:29 2007 => Scanning File C:\WINDOWS\system32\webcheck.dll
Sun Feb 25 19:57:29 2007 => Scanning File C:\WINDOWS\system32\webclnt.dll
Sun Feb 25 19:57:29 2007 => Scanning File C:\WINDOWS\system32\webfldrs.msi [**]
Sun Feb 25 19:57:29 2007 => Scanning File C:\WINDOWS\system32\webhits.dll
Sun Feb 25 19:57:29 2007 => Scanning File C:\WINDOWS\system32\webvw.dll
Sun Feb 25 19:57:29 2007 => Scanning File C:\WINDOWS\system32\WeHelp.GID [**]
Sun Feb 25 19:57:29 2007 => Scanning File C:\WINDOWS\system32\WeUninstall.exe
Sun Feb 25 19:57:30 2007 => Scanning File C:\WINDOWS\system32\wextract.exe
Sun Feb 25 19:57:30 2007 => Scanning File C:\WINDOWS\system32\wfospf.mib [**]
Sun Feb 25 19:57:30 2007 => Scanning File C:\WINDOWS\system32\wfwnet.drv
Sun Feb 25 19:57:30 2007 => Scanning File C:\WINDOWS\system32\WgaLogon.dll
Sun Feb 25 19:57:30 2007 => Scanning File C:\WINDOWS\system32\WgaTray.exe
Sun Feb 25 19:57:30 2007 => Scanning File C:\WINDOWS\system32\wiaacmgr.exe
Sun Feb 25 19:57:30 2007 => Scanning File C:\WINDOWS\system32\wiadefui.dll
Sun Feb 25 19:57:30 2007 => Scanning File C:\WINDOWS\system32\wiadss.dll
Sun Feb

#12 tberger

tberger
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:08:18 AM

Posted 26 February 2007 - 12:16 AM

That MWAV file was huge. I couldn't put it into one message.

I hope I did it right.

Here is the HJT file:

Logfile of HijackThis v1.99.1
Scan saved at 8:35:21 PM, on 2/25/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\pavsrv51.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\AVENGINE.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\TPSrv.exe
C:\WINDOWS\system32\acs.exe
c:\program files\panda software\panda antivirus + firewall 2007\firewall\PNMSRV.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\arservice.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Common Files\Command Software\dvpapi.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PavFnSvr.exe
C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PsImSvc.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\apvxdwin.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\ARPWRMSG.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\DISC\DISCover.exe
c:\program files\panda software\panda antivirus + firewall 2007\WebProxy.exe
C:\Program Files\DISC\DiscUpdMgr.exe
C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
C:\WINDOWS\system32\hphmon04.exe
C:\Program Files\DISC\DiscStreamHub.exe
C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\HP\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\DWL-G520M Wireless 108G MIMO PCI Adapter\AIRPLUS.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\avciman.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\psimreal.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:6711
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [DISCover] C:\Program Files\DISC\DISCover.exe
O4 - HKLM\..\Run: [DiscUpdateManager] C:\Program Files\DISC\DiscUpdMgr.exe
O4 - HKLM\..\Run: [DMAScheduler] "c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [HPHmon04] C:\WINDOWS\system32\hphmon04.exe
O4 - HKLM\..\Run: [HPHUPD04] "C:\Program Files\HP Photosmart 11\hphinstall\UniPatch\hphupd04.exe"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ESP] C:\Program Files\Cox\Applications\app\start.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: D-Link REG Utility.lnk = C:\Program Files\DWL-G520M Wireless 108G MIMO PCI Adapter\Reg.exe
O4 - Global Startup: DWL-G520M Wireless 108G MIMO PCI Adapter Utility.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Updates From HP.lnk = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {410A8B3C-7CCB-40E8-8B11-28B099E5C488} (Trend Micro Security Services Control) - http://tmss.trendmicro.com/Dashboard/contr...TMSSReportW.CAB
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B1826A9F-4AA0-4510-BA77-9013E74E4B9B} - http://www.trendmicro.com/spyware-scan/as4web.cab
O20 - Winlogon Notify: avldr - C:\WINDOWS\SYSTEM32\avldr.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: DvpApi (dvpapi) - Command Software Systems, Inc. - C:\Program Files\Common Files\Command Software\dvpapi.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\pavsrv51.exe
O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\system32\HPHipm11.exe
O23 - Service: Panda Network Manager (PNMSRV) - Panda Software International - c:\program files\panda software\panda antivirus + firewall 2007\firewall\PNMSRV.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PsImSvc.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Software - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\TPSrv.exe

#13 RichieUK

RichieUK

    Malware Assassin


  • Malware Response Team
  • 13,614 posts
  • OFFLINE
  •  
  • Local time:05:18 PM

Posted 26 February 2007 - 04:34 AM

Your log is clean :thumbsup:
If all's ok,please do the following:

Clear your 'System Restore' points by doing the following:
Right-click on 'My Computer' and select 'Properties'.
Select 'System Restore'.
Select 'Turn Off System Restore On All Drives'.
Select 'Apply'.
You will then get the following warning:
"You have chosen to turn off System Restore.
If you continue,all existing restore points will be deleted,and you will not be able to track or undo changes to your computer.
Do you want to turn off System Restore?".
Then select 'Yes',your 'System Restore' directories will be purged.

Turn 'System Restore' back on:
Right click on 'My Computer' and select 'Properties'.
Select 'System Restore'.
Unselect 'Turn Off System Restore On All Drives'.
Select 'Apply',then click 'Ok'.

Create a new 'System Restore' point:
Click on Start/All Programs/Accessories/System Tools/System Restore.
In the 'System Restore' window,click 'Create a Restore Point' button,then click 'Next'.
In the window that appears,enter a description,then click on 'Create',then click 'Close'.
The date and time is created automatically.

You should now go to Windows Update and install any available critical/high priority updates.

Read through the info found here,to help you prevent any possible future infections.
How did I get infected?
http://www.bleepingcomputer.com/forums/t/2520/how-did-i-get-infected/

Please Note:
Your version of Sun Java is out of date.
Older versions have vulnerabilities that malware can use to infect your system.
Please follow these steps to remove older versions of Sun Java,and then update.
1. Download the latest version of Java Runtime Environment (JRE)
2. Scroll down to where it says 'Java Runtime Environment (JRE) 6.0'.
3. Click the "Download" button to the right.
4. Check the box that says: "Accept License Agreement".
5. The page will refresh.
6. Click on the link to download 'Windows Offline Installation, Multi-language' and save to your desktop.
7. Close any programs you may have running - especially your web browser.
8. Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
9. Check any item with Java Runtime Environment (JRE or J2SE) in the name.
10. Click the Change/Remove button.
11. Repeat as many times as necessary to remove each Java versions.
12. Reboot your computer once all Java components are removed.
13. Then from your desktop double-click on jre-6-windows-i586.exe to install the newest version.
Posted Image
Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users