Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

MWAV e scan log / What does this log mean?

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

MWAV e scan log / What does this log mean?

Unread postby cathdeb » October 14th, 2005, 1:22 am

Can someone help me?I think my computer has a virus.Fri Oct 14
Fri Oct 14 00:37:28 2005 => **********************************************************
Fri Oct 14 00:37:28 2005 => MicroWorld Anti Virus & Spyware Toolkit Utility.
Fri Oct 14 00:37:28 2005 => Copyright © 2003-2005, MicroWorld Technologies Inc.
Fri Oct 14 00:37:28 2005 => **********************************************************
Fri Oct 14 00:37:28 2005 => Version 7.2.4 (C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\mwavscan.com)
Fri Oct 14 00:37:28 2005 => Log File: C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\MWAV.LOG
Fri Oct 14 00:37:28 2005 => MWAV Registered: FALSE.
Fri Oct 14 00:37:28 2005 => MWAV Mode: Only Scan files.
Fri Oct 14 00:37:28 2005 => Latest Date of files inside MWAV: 08 Oct 2005 12:15:33.
Fri Oct 14 00:37:30 2005 => AV Library Loaded...
Fri Oct 14 00:37:30 2005 => MWAV doing self scanning...
Fri Oct 14 00:37:30 2005 => Scanning File C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\kavss.exe
Fri Oct 14 00:37:30 2005 => Scanning File C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\Getvlist.exe
Fri Oct 14 00:37:30 2005 => Scanning File C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\kavss.dll
Fri Oct 14 00:37:30 2005 => Scanning File C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\kavssdi.dll
Fri Oct 14 00:37:30 2005 => Scanning File C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\kavssi.dll
Fri Oct 14 00:37:30 2005 => Scanning File C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\kavvlg.dll
Fri Oct 14 00:37:30 2005 => Scanning File C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\msvlclnt.dll
Fri Oct 14 00:37:30 2005 => Scanning File C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\ipc.dll
Fri Oct 14 00:37:30 2005 => Scanning File C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\main.avi
Fri Oct 14 00:37:30 2005 => Scanning File C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\virus.avi
Fri Oct 14 00:37:30 2005 => MWAV files are clean.
Fri Oct 14 00:37:38 2005 => Virus Database Date: 2005/10/08
Fri Oct 14 00:37:38 2005 => Virus Database Count: 152936

Fri Oct 14 00:40:20 2005 => **********************************************************
Fri Oct 14 00:40:20 2005 => MicroWorld Anti Virus & Spyware Toolkit Utility.
Fri Oct 14 00:40:20 2005 => Copyright © 2003-2005, MicroWorld Technologies Inc.
Fri Oct 14 00:40:20 2005 =>
Fri Oct 14 00:40:20 2005 => Support: support@mwti.net
Fri Oct 14 00:40:20 2005 => Web: http://www.mwti.net
Fri Oct 14 00:40:20 2005 => **********************************************************
Fri Oct 14 00:40:20 2005 => Version 7.2.4 (C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\mwavscan.com)
Fri Oct 14 00:40:20 2005 => Log File: C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\MWAV.LOG
Fri Oct 14 00:40:20 2005 => User Account: DEBORAHO
Fri Oct 14 00:40:20 2005 => Windows Root Folder: C:\WINDOWS
Fri Oct 14 00:40:20 2005 => Windows Sys32 Folder: C:\WINDOWS\system32
Fri Oct 14 00:40:20 2005 => OS: Windows NT
Fri Oct 14 00:40:20 2005 => Latest Date of files inside MWAV: 08 Oct 2005 12:15:33.

Fri Oct 14 00:40:20 2005 => Options Selected by User:
Fri Oct 14 00:40:20 2005 => Memory Check: Enabled
Fri Oct 14 00:40:20 2005 => Registry Check: Enabled
Fri Oct 14 00:40:20 2005 => StartUp Folder Check: Enabled
Fri Oct 14 00:40:20 2005 => System Folder Check: Enabled
Fri Oct 14 00:40:20 2005 => System Area Check: Disabled
Fri Oct 14 00:40:20 2005 => Services Check: Enabled
Fri Oct 14 00:40:20 2005 => Drive Check: Disabled
Fri Oct 14 00:40:20 2005 => All Drive Check :Enabled
Fri Oct 14 00:40:20 2005 => Folder Check: Enabled
Fri Oct 14 00:40:20 2005 => Folder Selected = C:\WINDOWS

Fri Oct 14 00:40:21 2005 => ***** Scanning Memory Files *****
Fri Oct 14 00:40:21 2005 => Scanning File C:\WINDOWS\System32\smss.exe
Fri Oct 14 00:40:21 2005 => Scanning File C:\WINDOWS\system32\ntdll.dll
Fri Oct 14 00:40:21 2005 => Scanning File C:\WINDOWS\SYSTEM32\CSRSS.EXE
Fri Oct 14 00:40:21 2005 => Scanning File C:\WINDOWS\system32\CSRSRV.dll
Fri Oct 14 00:40:21 2005 => Scanning File C:\WINDOWS\system32\basesrv.dll
Fri Oct 14 00:40:21 2005 => Scanning File C:\WINDOWS\system32\winsrv.dll
Fri Oct 14 00:40:21 2005 => Scanning File C:\WINDOWS\system32\GDI32.dll
Fri Oct 14 00:40:21 2005 => Scanning File C:\WINDOWS\system32\KERNEL32.dll
Fri Oct 14 00:40:21 2005 => Scanning File C:\WINDOWS\system32\USER32.dll
Fri Oct 14 00:40:21 2005 => Scanning File C:\WINDOWS\system32\sxs.dll
Fri Oct 14 00:40:21 2005 => Scanning File C:\WINDOWS\system32\ADVAPI32.dll
Fri Oct 14 00:40:21 2005 => Scanning File C:\WINDOWS\system32\RPCRT4.dll
Fri Oct 14 00:40:21 2005 => Scanning File C:\WINDOWS\SYSTEM32\WINLOGON.EXE
Fri Oct 14 00:40:21 2005 => Scanning File C:\WINDOWS\system32\AUTHZ.dll
Fri Oct 14 00:40:21 2005 => Scanning File C:\WINDOWS\system32\msvcrt.dll
Fri Oct 14 00:40:22 2005 => Scanning File C:\WINDOWS\system32\CRYPT32.dll
Fri Oct 14 00:40:22 2005 => Scanning File C:\WINDOWS\system32\MSASN1.dll
Fri Oct 14 00:40:22 2005 => Scanning File C:\WINDOWS\system32\NDdeApi.dll
Fri Oct 14 00:40:22 2005 => Scanning File C:\WINDOWS\system32\PROFMAP.dll
Fri Oct 14 00:40:22 2005 => Scanning File C:\WINDOWS\system32\NETAPI32.dll
Fri Oct 14 00:40:22 2005 => Scanning File C:\WINDOWS\system32\USERENV.dll
Fri Oct 14 00:40:22 2005 => Scanning File C:\WINDOWS\system32\PSAPI.DLL
Fri Oct 14 00:40:22 2005 => Scanning File C:\WINDOWS\system32\REGAPI.dll
Fri Oct 14 00:40:22 2005 => Scanning File C:\WINDOWS\system32\Secur32.dll
Fri Oct 14 00:40:22 2005 => Scanning File C:\WINDOWS\system32\SETUPAPI.dll
Fri Oct 14 00:40:22 2005 => Scanning File C:\WINDOWS\system32\VERSION.dll
Fri Oct 14 00:40:22 2005 => Scanning File C:\WINDOWS\system32\WINSTA.dll
Fri Oct 14 00:40:22 2005 => Scanning File C:\WINDOWS\system32\WINTRUST.dll
Fri Oct 14 00:40:22 2005 => Scanning File C:\WINDOWS\system32\IMAGEHLP.dll
Fri Oct 14 00:40:22 2005 => Scanning File C:\WINDOWS\system32\WS2_32.dll
Fri Oct 14 00:40:22 2005 => Scanning File C:\WINDOWS\system32\WS2HELP.dll
Fri Oct 14 00:40:22 2005 => Scanning File C:\WINDOWS\system32\MSGINA.dll
Fri Oct 14 00:40:22 2005 => Scanning File C:\WINDOWS\system32\SHELL32.dll
Fri Oct 14 00:40:23 2005 => Scanning File C:\WINDOWS\system32\SHLWAPI.dll
Fri Oct 14 00:40:23 2005 => Scanning File C:\WINDOWS\system32\COMCTL32.dll
Fri Oct 14 00:40:23 2005 => Scanning File C:\WINDOWS\system32\ODBC32.dll
Fri Oct 14 00:40:23 2005 => Scanning File C:\WINDOWS\system32\comdlg32.dll
Fri Oct 14 00:40:23 2005 => Scanning File C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
Fri Oct 14 00:40:23 2005 => Scanning File C:\WINDOWS\system32\odbcint.dll
Fri Oct 14 00:40:23 2005 => Scanning File C:\WINDOWS\system32\SHSVCS.dll
Fri Oct 14 00:40:23 2005 => Scanning File C:\WINDOWS\system32\sfc.dll
Fri Oct 14 00:40:23 2005 => Scanning File C:\WINDOWS\system32\sfc_os.dll
Fri Oct 14 00:40:23 2005 => Scanning File C:\WINDOWS\system32\ole32.dll
Fri Oct 14 00:40:23 2005 => Scanning File C:\WINDOWS\system32\Apphelp.dll
Fri Oct 14 00:40:23 2005 => Scanning File C:\WINDOWS\system32\WINSCARD.DLL
Fri Oct 14 00:40:23 2005 => Scanning File C:\WINDOWS\system32\WTSAPI32.dll
Fri Oct 14 00:40:23 2005 => Scanning File C:\WINDOWS\system32\uxtheme.dll
Fri Oct 14 00:40:23 2005 => Scanning File C:\WINDOWS\system32\WINMM.dll
Fri Oct 14 00:40:23 2005 => Scanning File C:\WINDOWS\system32\cscdll.dll
Fri Oct 14 00:40:23 2005 => Scanning File C:\WINDOWS\system32\WlNotify.dll
Fri Oct 14 00:40:23 2005 => Scanning File C:\WINDOWS\system32\WINSPOOL.DRV
Fri Oct 14 00:40:24 2005 => Scanning File C:\WINDOWS\system32\MPR.dll
Fri Oct 14 00:40:24 2005 => Scanning File C:\WINDOWS\system32\rsaenh.dll
Fri Oct 14 00:40:24 2005 => Scanning File C:\WINDOWS\system32\SAMLIB.dll
Fri Oct 14 00:40:24 2005 => Scanning File C:\WINDOWS\system32\msv1_0.dll
Fri Oct 14 00:40:24 2005 => Scanning File C:\WINDOWS\system32\iphlpapi.dll
Fri Oct 14 00:40:24 2005 => Scanning File C:\WINDOWS\system32\wldap32.dll
Fri Oct 14 00:40:24 2005 => Scanning File C:\WINDOWS\system32\cscui.dll
Fri Oct 14 00:40:24 2005 => Scanning File C:\WINDOWS\system32\MPRAPI.dll
Fri Oct 14 00:40:24 2005 => Scanning File C:\WINDOWS\system32\ACTIVEDS.dll
Fri Oct 14 00:40:24 2005 => Scanning File C:\WINDOWS\system32\adsldpc.dll
Fri Oct 14 00:40:24 2005 => Scanning File C:\WINDOWS\system32\ATL.DLL
Fri Oct 14 00:40:24 2005 => Scanning File C:\WINDOWS\system32\OLEAUT32.dll
Fri Oct 14 00:40:24 2005 => Scanning File C:\WINDOWS\system32\rtutils.dll
Fri Oct 14 00:40:24 2005 => Scanning File C:\WINDOWS\system32\xpsp2res.dll
Fri Oct 14 00:40:25 2005 => Scanning File C:\WINDOWS\system32\COMRes.dll
Fri Oct 14 00:40:25 2005 => Scanning File C:\WINDOWS\system32\CLBCATQ.DLL
Fri Oct 14 00:40:25 2005 => Scanning File C:\WINDOWS\system32\NTMARTA.DLL
Fri Oct 14 00:40:25 2005 => Scanning File C:\WINDOWS\system32\services.exe
Fri Oct 14 00:40:25 2005 => Scanning File C:\WINDOWS\system32\SCESRV.dll
Fri Oct 14 00:40:25 2005 => Scanning File C:\WINDOWS\system32\umpnpmgr.dll
Fri Oct 14 00:40:25 2005 => Scanning File C:\WINDOWS\system32\NCObjAPI.DLL
Fri Oct 14 00:40:25 2005 => Scanning File C:\WINDOWS\system32\MSVCP60.dll
Fri Oct 14 00:40:25 2005 => Scanning File C:\WINDOWS\system32\ShimEng.dll
Fri Oct 14 00:40:25 2005 => Scanning File C:\WINDOWS\AppPatch\AcGenral.DLL
Fri Oct 14 00:40:25 2005 => Scanning File C:\WINDOWS\system32\MSACM32.dll
Fri Oct 14 00:40:25 2005 => Scanning File C:\WINDOWS\system32\eventlog.dll
Fri Oct 14 00:40:25 2005 => Scanning File C:\WINDOWS\system32\lsass.exe
Fri Oct 14 00:40:25 2005 => Scanning File C:\WINDOWS\system32\LSASRV.dll
Fri Oct 14 00:40:25 2005 => Scanning File C:\WINDOWS\system32\NTDSAPI.dll
Fri Oct 14 00:40:25 2005 => Scanning File C:\WINDOWS\system32\DNSAPI.dll
Fri Oct 14 00:40:25 2005 => Scanning File C:\WINDOWS\system32\SAMSRV.dll
Fri Oct 14 00:40:26 2005 => Scanning File C:\WINDOWS\system32\cryptdll.dll
Fri Oct 14 00:40:26 2005 => Scanning File C:\WINDOWS\system32\msprivs.dll
Fri Oct 14 00:40:26 2005 => Scanning File C:\WINDOWS\system32\kerberos.dll
Fri Oct 14 00:40:26 2005 => Scanning File C:\WINDOWS\system32\netlogon.dll
Fri Oct 14 00:40:26 2005 => Scanning File C:\WINDOWS\system32\w32time.dll
Fri Oct 14 00:40:26 2005 => Scanning File C:\WINDOWS\system32\schannel.dll
Fri Oct 14 00:40:26 2005 => Scanning File C:\WINDOWS\system32\wdigest.dll
Fri Oct 14 00:40:26 2005 => Scanning File C:\WINDOWS\system32\scecli.dll
Fri Oct 14 00:40:26 2005 => Scanning File C:\WINDOWS\system32\ipsecsvc.dll
Fri Oct 14 00:40:26 2005 => Scanning File C:\WINDOWS\system32\oakley.DLL
Fri Oct 14 00:40:26 2005 => Scanning File C:\WINDOWS\system32\WINIPSEC.DLL
Fri Oct 14 00:40:26 2005 => Scanning File C:\WINDOWS\system32\pstorsvc.dll
Fri Oct 14 00:40:26 2005 => Scanning File C:\WINDOWS\system32\mswsock.dll
Fri Oct 14 00:40:26 2005 => Scanning File C:\WINDOWS\system32\hnetcfg.dll
Fri Oct 14 00:40:26 2005 => Scanning File C:\WINDOWS\System32\wshtcpip.dll
Fri Oct 14 00:40:26 2005 => Scanning File C:\WINDOWS\system32\psbase.dll
Fri Oct 14 00:40:26 2005 => Scanning File C:\WINDOWS\system32\dssenh.dll
Fri Oct 14 00:40:27 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Fri Oct 14 00:40:27 2005 => Scanning File c:\windows\system32\rpcss.dll
Fri Oct 14 00:40:27 2005 => Scanning File c:\windows\system32\termsrv.dll
Fri Oct 14 00:40:27 2005 => Scanning File c:\windows\system32\ICAAPI.dll
Fri Oct 14 00:40:27 2005 => Scanning File c:\windows\system32\mstlsapi.dll
Fri Oct 14 00:40:27 2005 => Scanning File C:\WINDOWS\System32\winrnr.dll
Fri Oct 14 00:40:27 2005 => Scanning File C:\WINDOWS\system32\rasadhlp.dll
Fri Oct 14 00:40:27 2005 => Scanning File c:\windows\system32\dhcpcsvc.dll
Fri Oct 14 00:40:27 2005 => Scanning File c:\windows\system32\wzcsvc.dll
Fri Oct 14 00:40:27 2005 => Scanning File c:\windows\system32\WMI.dll
Fri Oct 14 00:40:27 2005 => Scanning File c:\windows\system32\ESENT.dll
Fri Oct 14 00:40:27 2005 => Scanning File C:\WINDOWS\System32\rastls.dll
Fri Oct 14 00:40:27 2005 => Scanning File C:\WINDOWS\system32\CRYPTUI.dll
Fri Oct 14 00:40:27 2005 => Scanning File C:\WINDOWS\system32\WININET.dll
Fri Oct 14 00:40:27 2005 => Scanning File C:\WINDOWS\System32\RASAPI32.dll
Fri Oct 14 00:40:27 2005 => Scanning File C:\WINDOWS\System32\rasman.dll
Fri Oct 14 00:40:27 2005 => Scanning File C:\WINDOWS\System32\TAPI32.dll
Fri Oct 14 00:40:27 2005 => Scanning File C:\WINDOWS\System32\raschap.dll
Fri Oct 14 00:40:27 2005 => Scanning File c:\windows\system32\schedsvc.dll
Fri Oct 14 00:40:27 2005 => Scanning File C:\WINDOWS\System32\MSIDLE.DLL
Fri Oct 14 00:40:27 2005 => Scanning File c:\windows\system32\audiosrv.dll
Fri Oct 14 00:40:28 2005 => Scanning File c:\windows\system32\wkssvc.dll
Fri Oct 14 00:40:28 2005 => Scanning File c:\windows\system32\cryptsvc.dll
Fri Oct 14 00:40:28 2005 => Scanning File c:\windows\system32\certcli.dll
Fri Oct 14 00:40:28 2005 => Scanning File c:\windows\system32\dmserver.dll
Fri Oct 14 00:40:28 2005 => Scanning File c:\windows\system32\ersvc.dll
Fri Oct 14 00:40:28 2005 => Scanning File c:\windows\system32\es.dll
Fri Oct 14 00:40:28 2005 => Scanning File c:\windows\pchealth\helpctr\binaries\pchsvc.dll
Fri Oct 14 00:40:28 2005 => Scanning File c:\windows\system32\srvsvc.dll
Fri Oct 14 00:40:28 2005 => Scanning File c:\windows\system32\netman.dll
Fri Oct 14 00:40:28 2005 => Scanning File c:\windows\system32\netshell.dll
Fri Oct 14 00:40:28 2005 => Scanning File c:\windows\system32\credui.dll
Fri Oct 14 00:40:28 2005 => Scanning File c:\windows\system32\WZCSAPI.DLL
Fri Oct 14 00:40:28 2005 => Scanning File c:\windows\system32\srsvc.dll
Fri Oct 14 00:40:28 2005 => Scanning File c:\windows\system32\POWRPROF.dll
Fri Oct 14 00:40:28 2005 => Scanning File c:\windows\system32\wuauserv.dll
Fri Oct 14 00:40:28 2005 => Scanning File C:\WINDOWS\system32\wuaueng.dll
Fri Oct 14 00:40:28 2005 => Scanning File C:\WINDOWS\System32\ADVPACK.dll
Fri Oct 14 00:40:28 2005 => Scanning File C:\WINDOWS\System32\SHFOLDER.dll
Fri Oct 14 00:40:28 2005 => Scanning File C:\WINDOWS\System32\WINHTTP.dll
Fri Oct 14 00:40:29 2005 => Scanning File C:\WINDOWS\System32\Cabinet.dll
Fri Oct 14 00:40:29 2005 => Scanning File C:\WINDOWS\System32\mspatcha.dll
Fri Oct 14 00:40:29 2005 => Scanning File c:\windows\system32\sens.dll
Fri Oct 14 00:40:29 2005 => Scanning File c:\windows\system32\wbem\wmisvc.dll
Fri Oct 14 00:40:29 2005 => Scanning File C:\WINDOWS\system32\VSSAPI.DLL
Fri Oct 14 00:40:29 2005 => Scanning File c:\windows\system32\trkwks.dll
Fri Oct 14 00:40:29 2005 => Scanning File c:\windows\system32\seclogon.dll
Fri Oct 14 00:40:29 2005 => Scanning File c:\windows\system32\wscsvc.dll
Fri Oct 14 00:40:29 2005 => Scanning File c:\windows\system32\msi.dll
Fri Oct 14 00:40:29 2005 => Scanning File C:\WINDOWS\system32\wbem\wbemcomn.dll
Fri Oct 14 00:40:29 2005 => Scanning File c:\windows\system32\ipnathlp.dll
Fri Oct 14 00:40:29 2005 => Scanning File C:\WINDOWS\System32\Wbem\wbemcore.dll
Fri Oct 14 00:40:29 2005 => Scanning File C:\WINDOWS\System32\Wbem\esscli.dll
Fri Oct 14 00:40:29 2005 => Scanning File C:\WINDOWS\System32\Wbem\FastProx.dll
Fri Oct 14 00:40:29 2005 => Scanning File C:\WINDOWS\system32\wbem\wmiutils.dll
Fri Oct 14 00:40:29 2005 => Scanning File C:\WINDOWS\system32\wbem\repdrvfs.dll
Fri Oct 14 00:40:29 2005 => Scanning File C:\WINDOWS\system32\wbem\wmiprvsd.dll
Fri Oct 14 00:40:29 2005 => Scanning File C:\WINDOWS\system32\comsvcs.dll
Fri Oct 14 00:40:29 2005 => Scanning File C:\WINDOWS\system32\colbact.DLL
Fri Oct 14 00:40:30 2005 => Scanning File C:\WINDOWS\system32\MTXCLU.DLL
Fri Oct 14 00:40:30 2005 => Scanning File C:\WINDOWS\system32\WSOCK32.dll
Fri Oct 14 00:40:30 2005 => Scanning File C:\WINDOWS\System32\CLUSAPI.DLL
Fri Oct 14 00:40:30 2005 => Scanning File C:\WINDOWS\System32\RESUTILS.DLL
Fri Oct 14 00:40:30 2005 => Scanning File C:\WINDOWS\system32\wbem\wbemess.dll
Fri Oct 14 00:40:30 2005 => Scanning File c:\windows\system32\browser.dll
Fri Oct 14 00:40:30 2005 => Scanning File C:\WINDOWS\system32\wbem\ncprov.dll
Fri Oct 14 00:40:30 2005 => Scanning File C:\WINDOWS\System32\RASDLG.dll
Fri Oct 14 00:40:30 2005 => Scanning File C:\WINDOWS\system32\upnp.dll
Fri Oct 14 00:40:30 2005 => Scanning File C:\WINDOWS\system32\SSDPAPI.dll
Fri Oct 14 00:40:30 2005 => Scanning File C:\WINDOWS\system32\wups.dll
Fri Oct 14 00:40:30 2005 => Scanning File C:\WINDOWS\system32\urlmon.dll
Fri Oct 14 00:40:30 2005 => Scanning File C:\WINDOWS\System32\mlang.dll
Fri Oct 14 00:40:30 2005 => Scanning File C:\WINDOWS\system32\netcfgx.dll
Fri Oct 14 00:40:30 2005 => Scanning File c:\windows\system32\dnsrslvr.dll
Fri Oct 14 00:40:30 2005 => Scanning File c:\windows\system32\lmhsvc.dll
Fri Oct 14 00:40:30 2005 => Scanning File c:\windows\system32\webclnt.dll
Fri Oct 14 00:40:30 2005 => Scanning File c:\windows\system32\regsvc.dll
Fri Oct 14 00:40:31 2005 => Scanning File c:\windows\system32\ssdpsrv.dll
Fri Oct 14 00:40:31 2005 => Scanning File C:\WINDOWS\system32\spoolsv.exe
Fri Oct 14 00:40:31 2005 => Scanning File C:\WINDOWS\system32\SPOOLSS.DLL
Fri Oct 14 00:40:31 2005 => Scanning File C:\WINDOWS\system32\localspl.dll
Fri Oct 14 00:40:31 2005 => Scanning File C:\WINDOWS\system32\cnbjmon.dll
Fri Oct 14 00:40:31 2005 => Scanning File C:\WINDOWS\system32\pjlmon.dll
Fri Oct 14 00:40:31 2005 => Scanning File C:\WINDOWS\system32\tcpmon.dll
Fri Oct 14 00:40:31 2005 => Scanning File C:\WINDOWS\system32\usbmon.dll
Fri Oct 14 00:40:31 2005 => Scanning File C:\WINDOWS\system32\win32spl.dll
Fri Oct 14 00:40:31 2005 => Scanning File C:\WINDOWS\system32\NETRAP.dll
Fri Oct 14 00:40:31 2005 => Scanning File C:\WINDOWS\system32\inetpp.dll
Fri Oct 14 00:40:31 2005 => Scanning File C:\WINDOWS\System32\alg.exe
Fri Oct 14 00:40:31 2005 => Scanning File C:\WINDOWS\Explorer.EXE
Fri Oct 14 00:40:31 2005 => Scanning File C:\WINDOWS\system32\BROWSEUI.dll
Fri Oct 14 00:40:31 2005 => Scanning File C:\WINDOWS\system32\SHDOCVW.dll
Fri Oct 14 00:40:31 2005 => Scanning File C:\WINDOWS\system32\themeui.dll
Fri Oct 14 00:40:31 2005 => Scanning File C:\WINDOWS\system32\MSIMG32.dll
Fri Oct 14 00:40:31 2005 => Scanning File C:\WINDOWS\system32\mshtml.dll
Fri Oct 14 00:40:32 2005 => Scanning File C:\WINDOWS\system32\msls31.dll
Fri Oct 14 00:40:32 2005 => Scanning File C:\WINDOWS\system32\sensapi.dll
Fri Oct 14 00:40:32 2005 => Scanning File C:\WINDOWS\system32\ntshrui.dll
Fri Oct 14 00:40:32 2005 => Scanning File C:\WINDOWS\system32\shdoclc.dll
Fri Oct 14 00:40:32 2005 => Scanning File C:\WINDOWS\system32\msimtf.dll
Fri Oct 14 00:40:32 2005 => Scanning File C:\WINDOWS\system32\MSCTF.dll
Fri Oct 14 00:40:32 2005 => Scanning File C:\WINDOWS\system32\IMM32.DLL
Fri Oct 14 00:40:32 2005 => Scanning File C:\WINDOWS\system32\webcheck.dll
Fri Oct 14 00:40:32 2005 => Scanning File C:\WINDOWS\system32\stobject.dll
Fri Oct 14 00:40:32 2005 => Scanning File C:\WINDOWS\system32\BatMeter.dll
Fri Oct 14 00:40:32 2005 => Scanning File C:\WINDOWS\System32\drprov.dll
Fri Oct 14 00:40:32 2005 => Scanning File C:\WINDOWS\System32\ntlanman.dll
Fri Oct 14 00:40:32 2005 => Scanning File C:\WINDOWS\System32\NETUI0.dll
Fri Oct 14 00:40:32 2005 => Scanning File C:\WINDOWS\System32\NETUI1.dll
Fri Oct 14 00:40:32 2005 => Scanning File C:\WINDOWS\System32\davclnt.dll
Fri Oct 14 00:40:32 2005 => Scanning File C:\WINDOWS\system32\browselc.dll
Fri Oct 14 00:40:32 2005 => Scanning File C:\WINDOWS\system32\DUSER.dll
Fri Oct 14 00:40:33 2005 => Scanning File C:\WINDOWS\system32\LINKINFO.dll
Fri Oct 14 00:40:33 2005 => Scanning File C:\PROGRA~1\MESSEN~1\msmsgs.exe
Fri Oct 14 00:40:33 2005 => Scanning File C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll
Fri Oct 14 00:40:33 2005 => Scanning File C:\WINDOWS\system32\XPOB2RES.DLL
Fri Oct 14 00:40:33 2005 => Scanning File C:\PROGRA~1\INTERN~1\iexplore.exe
Fri Oct 14 00:40:33 2005 => Scanning File C:\WINDOWS\system32\actxprxy.dll
Fri Oct 14 00:40:33 2005 => Scanning File C:\WINDOWS\system32\mshtmled.dll
Fri Oct 14 00:40:33 2005 => Scanning File C:\WINDOWS\system32\jscript.dll
Fri Oct 14 00:40:33 2005 => Scanning File C:\WINDOWS\system32\ImgUtil.dll
Fri Oct 14 00:40:33 2005 => Scanning File C:\WINDOWS\system32\pngfilt.dll
Fri Oct 14 00:40:33 2005 => Scanning File C:\WINDOWS\system32\plugin.ocx
Fri Oct 14 00:40:33 2005 => Scanning File C:\WINDOWS\system32\corpol.dll
Fri Oct 14 00:40:33 2005 => Scanning File C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\mwavscan.com
Fri Oct 14 00:40:34 2005 => Scanning File C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\msvlclnt.dll
Fri Oct 14 00:40:34 2005 => Scanning File C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\kavssdi.dll
Fri Oct 14 00:40:34 2005 => Scanning File C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\kavssd.dll
Fri Oct 14 00:40:34 2005 => Scanning File C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\kavssi.dll
Fri Oct 14 00:40:34 2005 => Scanning File C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\ipc.dll
Fri Oct 14 00:40:34 2005 => Scanning File C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\RICHED32.DLL
Fri Oct 14 00:40:34 2005 => Scanning File C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\PSAPI.DLL
Fri Oct 14 00:40:34 2005 => Scanning File C:\WINDOWS\system32\VDMDBG.DLL
Fri Oct 14 00:40:34 2005 => Scanning File C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\kavss.exe
Fri Oct 14 00:40:34 2005 => Scanning File C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\kavss.dll

Fri Oct 14 00:40:34 2005 => ***** Scanning Registry Files *****

Fri Oct 14 00:40:34 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
Fri Oct 14 00:40:34 2005 => Scanning File C:\WINDOWS\system32\SHELL32.dll
Fri Oct 14 00:40:34 2005 => Scanning File C:\WINDOWS\system32\SHELL32.dll
Fri Oct 14 00:40:34 2005 => Scanning File C:\WINDOWS\system32\webcheck.dll
Fri Oct 14 00:40:34 2005 => Scanning File C:\WINDOWS\system32\stobject.dll

Fri Oct 14 00:40:34 2005 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad

Fri Oct 14 00:40:34 2005 => Scanning HKLM\SOFTWARE\Microsoft\Internet Explorer\Plugins\Extension

Fri Oct 14 00:40:34 2005 => Scanning HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar

Fri Oct 14 00:40:34 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects

Fri Oct 14 00:40:34 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler
Fri Oct 14 00:40:34 2005 => Scanning File C:\WINDOWS\system32\browseui.dll
Fri Oct 14 00:40:34 2005 => Scanning File C:\WINDOWS\system32\browseui.dll

Fri Oct 14 00:40:34 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
Fri Oct 14 00:40:34 2005 => Scanning File C:\WINDOWS\system32\mmsys.cpl
Fri Oct 14 00:40:35 2005 => Scanning File C:\WINDOWS\system32\icmui.dll
Fri Oct 14 00:40:35 2005 => Scanning File C:\WINDOWS\system32\rshx32.dll
Fri Oct 14 00:40:35 2005 => Scanning File C:\WINDOWS\system32\docprop.dll
Fri Oct 14 00:40:35 2005 => Scanning File C:\WINDOWS\system32\ntshrui.dll
Fri Oct 14 00:40:35 2005 => Scanning File C:\WINDOWS\system32\themeui.dll
Fri Oct 14 00:40:35 2005 => Scanning File C:\WINDOWS\system32\deskadp.dll
Fri Oct 14 00:40:35 2005 => Scanning File C:\WINDOWS\system32\deskmon.dll
Fri Oct 14 00:40:35 2005 => Scanning File C:\WINDOWS\system32\dssec.dll
Fri Oct 14 00:40:35 2005 => Scanning File C:\WINDOWS\system32\SlayerXP.dll
Fri Oct 14 00:40:35 2005 => Scanning File C:\WINDOWS\system32\shscrap.dll
Fri Oct 14 00:40:35 2005 => Scanning File C:\WINDOWS\system32\diskcopy.dll
Fri Oct 14 00:40:35 2005 => Scanning File C:\WINDOWS\system32\ntlanui2.dll
Fri Oct 14 00:40:35 2005 => Scanning File C:\WINDOWS\System32\icmui.dll
Fri Oct 14 00:40:35 2005 => Scanning File C:\WINDOWS\system32\icmui.dll
Fri Oct 14 00:40:35 2005 => Scanning File C:\WINDOWS\system32\printui.dll
Fri Oct 14 00:40:35 2005 => Scanning File C:\WINDOWS\system32\dskquoui.dll
Fri Oct 14 00:40:35 2005 => Scanning File C:\WINDOWS\system32\syncui.dll
Fri Oct 14 00:40:35 2005 => Scanning File C:\WINDOWS\system32\hticons.dll
Fri Oct 14 00:40:35 2005 => Scanning File C:\WINDOWS\system32\fontext.dll
Fri Oct 14 00:40:35 2005 => Scanning File C:\WINDOWS\system32\icmui.dll
Fri Oct 14 00:40:35 2005 => Scanning File C:\WINDOWS\system32\rshx32.dll
Fri Oct 14 00:40:35 2005 => Scanning File C:\WINDOWS\system32\ntshrui.dll
Fri Oct 14 00:40:35 2005 => Scanning File C:\WINDOWS\system32\deskperf.dll
Fri Oct 14 00:40:35 2005 => Scanning File C:\WINDOWS\system32\cryptext.dll
Fri Oct 14 00:40:35 2005 => Scanning File C:\WINDOWS\system32\cryptext.dll
Fri Oct 14 00:40:35 2005 => Scanning File C:\WINDOWS\system32\NETSHELL.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\NETSHELL.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\wiashext.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\wiashext.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\wiashext.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\wiashext.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\wiashext.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\remotepg.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\wshext.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\PROGRA~1\COMMON~1\System\OLEDB~1\oledb32.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\mstask.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\mstask.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\mstask.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\wuaucpl.cpl
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\twext.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\twext.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\shmedia.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\shmedia.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\shmedia.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\shmedia.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\shmedia.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\shmedia.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\browseui.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\browseui.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\browseui.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\browseui.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\browseui.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\browseui.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\browseui.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\browseui.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\browseui.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\browseui.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\browseui.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\browseui.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\browseui.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\browseui.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\browseui.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\browseui.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\browseui.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\browseui.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\browseui.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\browseui.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\browseui.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\browseui.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\browseui.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\browseui.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\browseui.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\browseui.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\browseui.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\sendmail.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\sendmail.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\occache.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\webcheck.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\webcheck.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\webcheck.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\webcheck.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\webcheck.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\webcheck.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\webcheck.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\webcheck.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\webcheck.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\webcheck.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\appwiz.cpl
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\appwiz.cpl
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\appwiz.cpl
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\shimgvw.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\shimgvw.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\shimgvw.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\shimgvw.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\shimgvw.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\shimgvw.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\NETPLWIZ.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\NETPLWIZ.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\NETPLWIZ.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\NETPLWIZ.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\zipfldr.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\zipfldr.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\zipfldr.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\cdfview.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\cdfview.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\cdfview.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\cdfview.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\cdfview.dll
Fri Oct 14 00:40:36 2005 => Scanning File C:\WINDOWS\system32\extmgr.dll
Fri Oct 14 00:40:37 2005 => Scanning File C:\WINDOWS\system32\msieftp.dll
Fri Oct 14 00:40:37 2005 => Scanning File C:\WINDOWS\system32\docprop2.dll
Fri Oct 14 00:40:37 2005 => Scanning File C:\WINDOWS\system32\docprop2.dll
Fri Oct 14 00:40:37 2005 => Scanning File C:\WINDOWS\system32\docprop2.dll
Fri Oct 14 00:40:37 2005 => Scanning File C:\WINDOWS\system32\docprop2.dll
Fri Oct 14 00:40:37 2005 => Scanning File C:\WINDOWS\system32\docprop2.dll
Fri Oct 14 00:40:37 2005 => Scanning File C:\WINDOWS\system32\docprop2.dll
Fri Oct 14 00:40:37 2005 => Scanning File C:\WINDOWS\system32\dsquery.dll
Fri Oct 14 00:40:37 2005 => Scanning File C:\WINDOWS\system32\dsquery.dll
Fri Oct 14 00:40:37 2005 => Scanning File C:\WINDOWS\system32\dsquery.dll
Fri Oct 14 00:40:37 2005 => Scanning File C:\WINDOWS\system32\dsquery.dll
Fri Oct 14 00:40:37 2005 => Scanning File C:\WINDOWS\system32\dsuiext.dll
Fri Oct 14 00:40:37 2005 => Scanning File C:\WINDOWS\system32\dsuiext.dll
Fri Oct 14 00:40:37 2005 => Scanning File C:\WINDOWS\system32\mydocs.dll
Fri Oct 14 00:40:37 2005 => Scanning File C:\WINDOWS\system32\mydocs.dll
Fri Oct 14 00:40:37 2005 => Scanning File C:\WINDOWS\system32\mydocs.dll
Fri Oct 14 00:40:37 2005 => Scanning File C:\WINDOWS\System32\cscui.dll
Fri Oct 14 00:40:37 2005 => Scanning File C:\WINDOWS\System32\cscui.dll
Fri Oct 14 00:40:37 2005 => Scanning File C:\WINDOWS\System32\cscui.dll
Fri Oct 14 00:40:37 2005 => Scanning File C:\WINDOWS\msagent\agentpsh.dll
Fri Oct 14 00:40:37 2005 => Scanning File C:\WINDOWS\system32\dfsshlex.dll
Fri Oct 14 00:40:37 2005 => Scanning File C:\WINDOWS\system32\photowiz.dll
Fri Oct 14 00:40:37 2005 => Scanning File C:\WINDOWS\System32\mmcshext.dll
Fri Oct 14 00:40:37 2005 => Scanning File C:\WINDOWS\system32\cabview.dll
Fri Oct 14 00:40:37 2005 => Scanning File C:\PROGRA~1\OUTLOO~1\wabfind.dll
Fri Oct 14 00:40:37 2005 => Scanning File C:\WINDOWS\system32\wmpshell.dll
Fri Oct 14 00:40:37 2005 => Scanning File C:\WINDOWS\system32\wmpshell.dll
Fri Oct 14 00:40:37 2005 => Scanning File C:\WINDOWS\system32\wmpshell.dll

Fri Oct 14 00:40:37 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows

Fri Oct 14 00:40:37 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
Fri Oct 14 00:40:37 2005 => Scanning File C:\WINDOWS\Explorer.exe
Fri Oct 14 00:40:37 2005 => Scanning File C:\WINDOWS\system32\userinit.exe
Fri Oct 14 00:40:37 2005 => Scanning File C:\WINDOWS\system32\gptext.dll
Fri Oct 14 00:40:37 2005 => Scanning File C:\WINDOWS\system32\fdeploy.dll
Fri Oct 14 00:40:37 2005 => Scanning File C:\WINDOWS\system32\dskquota.dll
Fri Oct 14 00:40:37 2005 => Scanning File C:\WINDOWS\system32\gptext.dll
Fri Oct 14 00:40:37 2005 => Scanning File C:\WINDOWS\system32\gptext.dll
Fri Oct 14 00:40:37 2005 => Scanning File C:\WINDOWS\system32\iedkcs32.dll
Fri Oct 14 00:40:37 2005 => Scanning File C:\WINDOWS\system32\scecli.dll
Fri Oct 14 00:40:38 2005 => Scanning File C:\WINDOWS\system32\iedkcs32.dll
Fri Oct 14 00:40:38 2005 => Scanning File C:\WINDOWS\system32\scecli.dll
Fri Oct 14 00:40:38 2005 => Scanning File C:\WINDOWS\System32\cscui.dll
Fri Oct 14 00:40:38 2005 => Scanning File C:\WINDOWS\system32\appmgmts.dll
Fri Oct 14 00:40:38 2005 => Scanning File C:\WINDOWS\system32\gptext.dll
Fri Oct 14 00:40:38 2005 => Scanning File C:\WINDOWS\system32\crypt32.dll
Fri Oct 14 00:40:38 2005 => Scanning File C:\WINDOWS\system32\cryptnet.dll
Fri Oct 14 00:40:38 2005 => Scanning File C:\WINDOWS\system32\cscdll.dll
Fri Oct 14 00:40:38 2005 => Scanning File C:\WINDOWS\system32\wlnotify.dll
Fri Oct 14 00:40:38 2005 => Scanning File C:\WINDOWS\system32\wlnotify.dll
Fri Oct 14 00:40:38 2005 => Scanning File C:\WINDOWS\system32\sclgntfy.dll
Fri Oct 14 00:40:38 2005 => Scanning File C:\WINDOWS\system32\WlNotify.dll
Fri Oct 14 00:40:38 2005 => Scanning File C:\WINDOWS\system32\wlnotify.dll
Fri Oct 14 00:40:38 2005 => Scanning File C:\WINDOWS\system32\wlnotify.dll

Fri Oct 14 00:40:38 2005 => Scanning HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon

Fri Oct 14 00:40:38 2005 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System

Fri Oct 14 00:40:38 2005 => Scanning HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows

Fri Oct 14 00:40:38 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AEDEBUG
Fri Oct 14 00:40:38 2005 => Scanning File C:\WINDOWS\system32\drwtsn32.exe

Fri Oct 14 00:40:38 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
Fri Oct 14 00:40:38 2005 => Scanning File C:\WINDOWS\system32\ntsd.exe

Fri Oct 14 00:40:38 2005 => Scanning HKCU\Control Panel\Desktop
Fri Oct 14 00:40:38 2005 => Scanning File C:\WINDOWS\system32\logon.scr

Fri Oct 14 00:40:38 2005 => Scanning HKLM\SYSTEM\CurrentControlSet\Control\WOW
Fri Oct 14 00:40:38 2005 => Scanning File C:\WINDOWS\system32\ntvdm.exe
Fri Oct 14 00:40:38 2005 => Scanning File C:\WINDOWS\system32\ntvdm.exe

Fri Oct 14 00:40:38 2005 => Scanning HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components
Fri Oct 14 00:40:38 2005 => Scanning File C:\WINDOWS\inf\unregmp2.exe
Fri Oct 14 00:40:38 2005 => Scanning File C:\WINDOWS\system32\shmgrate.exe
Fri Oct 14 00:40:38 2005 => Scanning File C:\WINDOWS\system32\RunDLL32.exe
Fri Oct 14 00:40:38 2005 => Scanning File C:\WINDOWS\system32\shmgrate.exe
Fri Oct 14 00:40:38 2005 => Scanning File C:\WINDOWS\system32\regsvr32.exe
Fri Oct 14 00:40:38 2005 => Scanning File C:\PROGRA~1\OUTLOO~1\setup50.exe
Fri Oct 14 00:40:38 2005 => Scanning File C:\WINDOWS\system32\rundll32.exe
Fri Oct 14 00:40:38 2005 => Scanning File C:\WINDOWS\System32\rundll32.exe
Fri Oct 14 00:40:38 2005 => Scanning File C:\WINDOWS\system32\rundll32.exe
Fri Oct 14 00:40:38 2005 => Scanning File C:\WINDOWS\system32\rundll32.exe
Fri Oct 14 00:40:38 2005 => Scanning File C:\PROGRA~1\OUTLOO~1\setup50.exe
Fri Oct 14 00:40:38 2005 => Scanning File C:\WINDOWS\system32\regsvr32.exe
Fri Oct 14 00:40:38 2005 => Scanning File C:\WINDOWS\system32\ie4uinit.exe

Fri Oct 14 00:40:38 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run

Fri Oct 14 00:40:38 2005 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run

Fri Oct 14 00:40:38 2005 => Scanning HKLM\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Run

Fri Oct 14 00:40:38 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Run

Fri Oct 14 00:40:38 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Fri Oct 14 00:40:38 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce

Fri Oct 14 00:40:38 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx

Fri Oct 14 00:40:38 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices

Fri Oct 14 00:40:38 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce

Fri Oct 14 00:40:38 2005 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Fri Oct 14 00:40:39 2005 => Scanning File C:\PROGRA~1\MESSEN~1\msmsgs.exe

Fri Oct 14 00:40:39 2005 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce

Fri Oct 14 00:40:39 2005 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx

Fri Oct 14 00:40:39 2005 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices

Fri Oct 14 00:40:39 2005 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\Setup

Fri Oct 14 00:40:39 2005 => Scanning HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Fri Oct 14 00:40:39 2005 => Scanning HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce

Fri Oct 14 00:40:39 2005 => Scanning HKCR\txtfile\shell\open\command

Fri Oct 14 00:40:39 2005 => Scanning HKCR\comfile\shell\open\command

Fri Oct 14 00:40:39 2005 => Scanning HKCR\exefile\shell\open\command

Fri Oct 14 00:40:39 2005 => Scanning HKCR\dllfile\shell\open\command

Fri Oct 14 00:40:39 2005 => Scanning HKCR\batfile\shell\open\command

Fri Oct 14 00:40:39 2005 => Scanning HKCR\piffile\shell\open\command

Fri Oct 14 00:40:39 2005 => Scanning HKCR\scrfile\shell\open\command

Fri Oct 14 00:40:39 2005 => Scanning HKCR\scrfile\shell\config\command

Fri Oct 14 00:40:39 2005 => Scanning HKCR\regfile\shell\open\command

Fri Oct 14 00:40:39 2005 => Scanning HKCR\htmlfile\shell\open\command
Fri Oct 14 00:40:39 2005 => Scanning File C:\PROGRA~1\INTERN~1\iexplore.exe

Fri Oct 14 00:40:39 2005 => Scanning HKCR\htafile\shell\open\command
Fri Oct 14 00:40:39 2005 => Scanning File C:\WINDOWS\system32\mshta.exe

Fri Oct 14 00:40:39 2005 => Scanning HKCR\jsfile\shell\open\command
Fri Oct 14 00:40:39 2005 => Scanning File C:\WINDOWS\System32\WScript.exe

Fri Oct 14 00:40:39 2005 => Scanning HKCR\jsefile\shell\open\command
Fri Oct 14 00:40:39 2005 => Scanning File C:\WINDOWS\System32\WScript.exe

Fri Oct 14 00:40:39 2005 => Scanning HKCR\vbsfile\shell\open\command
Fri Oct 14 00:40:39 2005 => Scanning File C:\WINDOWS\System32\WScript.exe

Fri Oct 14 00:40:39 2005 => Scanning HKCR\vbefile\shell\open\command
Fri Oct 14 00:40:39 2005 => Scanning File C:\WINDOWS\System32\WScript.exe

Fri Oct 14 00:40:39 2005 => Scanning HKCR\wshfile\shell\open\command
Fri Oct 14 00:40:39 2005 => Scanning File C:\WINDOWS\System32\WScript.exe

Fri Oct 14 00:40:39 2005 => Scanning HKCR\wsffile\shell\open\command
Fri Oct 14 00:40:39 2005 => Scanning File C:\WINDOWS\System32\WScript.exe

Fri Oct 14 00:40:39 2005 => ***** Scanning StartUp Folders *****

Fri Oct 14 00:40:39 2005 => ***** Scanning C:\Documents and Settings\DEBORAHO\Start Menu\Programs\Startup Folder *****
Fri Oct 14 00:40:39 2005 => Scanning Folder: C:\Documents and Settings\DEBORAHO\Start Menu\Programs\Startup\*.*
Fri Oct 14 00:40:39 2005 => Scanning File C:\Documents and Settings\DEBORAHO\Start Menu\Programs\Startup\desktop.ini

Fri Oct 14 00:40:39 2005 => ***** Scanning C:\Documents and Settings\DEBORAHO\Desktop Folder *****
Fri Oct 14 00:40:39 2005 => Scanning Folder: C:\Documents and Settings\DEBORAHO\Desktop\*.*
Fri Oct 14 00:40:39 2005 => Scanning File C:\Documents and Settings\DEBORAHO\Desktop\Document.rtf
Fri Oct 14 00:40:39 2005 => Scanning File C:\Documents and Settings\DEBORAHO\Desktop\E-mail.lnk

Fri Oct 14 00:40:39 2005 => ***** Scanning C:\Documents and Settings\All Users\Start Menu\Programs\Startup Folder *****
Fri Oct 14 00:40:39 2005 => Scanning Folder: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\*.*
Fri Oct 14 00:40:39 2005 => Scanning File C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini

Fri Oct 14 00:40:39 2005 => ***** Scanning C:\Documents and Settings\Default User\Start menu\Programs\Startup Folder *****
Fri Oct 14 00:40:39 2005 => Scanning Folder: C:\DOCUME~1\DEFAUL~1\STARTM~1\Programs\Startup\*.*
Fri Oct 14 00:40:39 2005 => Scanning File C:\DOCUME~1\DEFAUL~1\STARTM~1\Programs\Startup\desktop.ini

Fri Oct 14 00:40:39 2005 => ***** Scanning Service Files *****
Fri Oct 14 00:40:39 2005 => Scanning HKLM\SYSTEM\CurrentControlSet\Services
Fri Oct 14 00:40:39 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\ACPI.sys
Fri Oct 14 00:40:39 2005 => Scanning File C:\WINDOWS\System32\drivers\afd.sys
Fri Oct 14 00:40:40 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Fri Oct 14 00:40:40 2005 => Scanning File C:\WINDOWS\System32\alg.exe
Fri Oct 14 00:40:40 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Fri Oct 14 00:40:40 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\arp1394.sys
Fri Oct 14 00:40:40 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\asyncmac.sys
Fri Oct 14 00:40:40 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\atapi.sys
Fri Oct 14 00:40:40 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\atmarpc.sys
Fri Oct 14 00:40:40 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Oct 14 00:40:40 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\audstub.sys
Fri Oct 14 00:40:40 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Fri Oct 14 00:40:40 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Fri Oct 14 00:40:40 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\cdrom.sys
Fri Oct 14 00:40:40 2005 => Scanning File C:\WINDOWS\system32\cisvc.exe
Fri Oct 14 00:40:40 2005 => Scanning File C:\WINDOWS\system32\clipsrv.exe
Fri Oct 14 00:40:40 2005 => Scanning File C:\WINDOWS\system32\dllhost.exe
Fri Oct 14 00:40:40 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Fri Oct 14 00:40:40 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Fri Oct 14 00:40:40 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Fri Oct 14 00:40:40 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\disk.sys
Fri Oct 14 00:40:40 2005 => Scanning File C:\WINDOWS\System32\dmadmin.exe
Fri Oct 14 00:40:40 2005 => Scanning File C:\WINDOWS\system32\drivers\dmboot.sys
Fri Oct 14 00:40:40 2005 => Scanning File C:\WINDOWS\system32\drivers\dmio.sys
Fri Oct 14 00:40:40 2005 => Scanning File C:\WINDOWS\system32\drivers\dmload.sys
Fri Oct 14 00:40:40 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Oct 14 00:40:40 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Fri Oct 14 00:40:40 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Oct 14 00:40:40 2005 => Scanning File C:\WINDOWS\system32\services.exe
Fri Oct 14 00:40:40 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Fri Oct 14 00:40:40 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Oct 14 00:40:40 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\fltMgr.sys
Fri Oct 14 00:40:40 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\ftdisk.sys
Fri Oct 14 00:40:40 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\msgpc.sys
Fri Oct 14 00:40:40 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Oct 14 00:40:40 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Oct 14 00:40:40 2005 => Scanning File C:\WINDOWS\system32\Drivers\HTTP.sys
Fri Oct 14 00:40:40 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Oct 14 00:40:40 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\i8042prt.sys
Fri Oct 14 00:40:40 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\imapi.sys
Fri Oct 14 00:40:40 2005 => Scanning File C:\WINDOWS\system32\imapi.exe
Fri Oct 14 00:40:41 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\intelide.sys
Fri Oct 14 00:40:41 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\intelppm.sys
Fri Oct 14 00:40:41 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
Fri Oct 14 00:40:41 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
Fri Oct 14 00:40:41 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\ipinip.sys
Fri Oct 14 00:40:41 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\ipnat.sys
Fri Oct 14 00:40:41 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\ipsec.sys
Fri Oct 14 00:40:41 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\irenum.sys
Fri Oct 14 00:40:41 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\isapnp.sys
Fri Oct 14 00:40:41 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\kbdclass.sys
Fri Oct 14 00:40:41 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Fri Oct 14 00:40:41 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Fri Oct 14 00:40:41 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Fri Oct 14 00:40:41 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Fri Oct 14 00:40:41 2005 => Scanning File C:\WINDOWS\system32\mnmsrvc.exe
Fri Oct 14 00:40:41 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\mouclass.sys
Fri Oct 14 00:40:41 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\mrxdav.sys
Fri Oct 14 00:40:41 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
Fri Oct 14 00:40:41 2005 => Scanning File C:\WINDOWS\system32\msdtc.exe
Fri Oct 14 00:40:41 2005 => Scanning File C:\WINDOWS\system32\msiexec.exe
Fri Oct 14 00:40:41 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\mssmbios.sys
Fri Oct 14 00:40:41 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\ndistapi.sys
Fri Oct 14 00:40:41 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\ndisuio.sys
Fri Oct 14 00:40:41 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\ndiswan.sys
Fri Oct 14 00:40:41 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\netbios.sys
Fri Oct 14 00:40:41 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\netbt.sys
Fri Oct 14 00:40:41 2005 => Scanning File C:\WINDOWS\system32\netdde.exe
Fri Oct 14 00:40:42 2005 => Scanning File C:\WINDOWS\system32\netdde.exe
Fri Oct 14 00:40:42 2005 => Scanning File C:\WINDOWS\system32\lsass.exe
Fri Oct 14 00:40:42 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Oct 14 00:40:42 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\nic1394.sys
Fri Oct 14 00:40:42 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Fri Oct 14 00:40:42 2005 => Scanning File C:\WINDOWS\system32\lsass.exe
Fri Oct 14 00:40:42 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Fri Oct 14 00:40:42 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
Fri Oct 14 00:40:42 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
Fri Oct 14 00:40:42 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\ohci1394.sys
Fri Oct 14 00:40:42 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\parport.sys
Fri Oct 14 00:40:42 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\pci.sys
Fri Oct 14 00:40:42 2005 => Scanning File C:\WINDOWS\system32\services.exe
Fri Oct 14 00:40:42 2005 => Scanning File C:\WINDOWS\system32\lsass.exe
Fri Oct 14 00:40:42 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\raspptp.sys
Fri Oct 14 00:40:42 2005 => Scanning File C:\WINDOWS\system32\lsass.exe
Fri Oct 14 00:40:42 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\psched.sys
Fri Oct 14 00:40:42 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\ptilink.sys
Fri Oct 14 00:40:42 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\rasacd.sys
Fri Oct 14 00:40:42 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Fri Oct 14 00:40:42 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
Fri Oct 14 00:40:42 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Fri Oct 14 00:40:42 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\raspppoe.sys
Fri Oct 14 00:40:42 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\raspti.sys
Fri Oct 14 00:40:42 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\rdbss.sys
Fri Oct 14 00:40:42 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
Fri Oct 14 00:40:42 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\rdpdr.sys
Fri Oct 14 00:40:42 2005 => Scanning File C:\WINDOWS\system32\sessmgr.exe
Fri Oct 14 00:40:42 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\redbook.sys
Fri Oct 14 00:40:42 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Fri Oct 14 00:40:42 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Fri Oct 14 00:40:42 2005 => Scanning File C:\WINDOWS\system32\locator.exe
Fri Oct 14 00:40:42 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Fri Oct 14 00:40:42 2005 => Scanning File C:\WINDOWS\system32\rsvp.exe
Fri Oct 14 00:40:42 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
Fri Oct 14 00:40:42 2005 => Scanning File C:\WINDOWS\system32\lsass.exe
Fri Oct 14 00:40:42 2005 => Scanning File C:\WINDOWS\System32\SCardSvr.exe
Fri Oct 14 00:40:42 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Oct 14 00:40:42 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\secdrv.sys
Fri Oct 14 00:40:42 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Oct 14 00:40:42 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Fri Oct 14 00:40:42 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Fri Oct 14 00:40:42 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Oct 14 00:40:42 2005 => Scanning File C:\WINDOWS\system32\spoolsv.exe
Fri Oct 14 00:40:42 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\sr.sys
Fri Oct 14 00:40:43 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Fri Oct 14 00:40:43 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\srv.sys
Fri Oct 14 00:40:43 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Fri Oct 14 00:40:43 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Fri Oct 14 00:40:43 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\swenum.sys
Fri Oct 14 00:40:43 2005 => Scanning File C:\WINDOWS\system32\dllhost.exe
Fri Oct 14 00:40:43 2005 => Scanning File C:\WINDOWS\system32\smlogsvc.exe
Fri Oct 14 00:40:43 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Oct 14 00:40:43 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\tcpip.sys
Fri Oct 14 00:40:43 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\termdd.sys
Fri Oct 14 00:40:43 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Oct 14 00:40:43 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Oct 14 00:40:43 2005 => Scanning File C:\WINDOWS\system32\tlntsvr.exe
Fri Oct 14 00:40:43 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Fri Oct 14 00:40:43 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\update.sys
Fri Oct 14 00:40:43 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Fri Oct 14 00:40:43 2005 => Scanning File C:\WINDOWS\System32\ups.exe
Fri Oct 14 00:40:43 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\usbehci.sys
Fri Oct 14 00:40:43 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\usbhub.sys
Fri Oct 14 00:40:43 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
Fri Oct 14 00:40:43 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\usbuhci.sys
Fri Oct 14 00:40:43 2005 => Scanning File C:\WINDOWS\System32\drivers\vga.sys
Fri Oct 14 00:40:43 2005 => Scanning File C:\WINDOWS\System32\vssvc.exe
Fri Oct 14 00:40:43 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Oct 14 00:40:43 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\wanarp.sys
Fri Oct 14 00:40:43 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Fri Oct 14 00:40:43 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Fri Oct 14 00:40:43 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Oct 14 00:40:43 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Oct 14 00:40:43 2005 => Scanning File C:\WINDOWS\system32\wbem\wmiapsrv.exe
Fri Oct 14 00:40:43 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Oct 14 00:40:43 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Fri Oct 14 00:40:43 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Oct 14 00:40:43 2005 => Scanning File C:\WINDOWS\System32\svchost.exe

Fri Oct 14 00:40:43 2005 => Scanning HKLM\SYSTEM\CurrentControlSet\Services\VxD

Fri Oct 14 00:40:43 2005 => ***** Scanning Registry and File system for Adware/Spyware *****
Fri Oct 14 00:40:43 2005 => Loading Spyware Signatures from new External Database (Size: 145065).
Fri Oct 14 00:40:45 2005 => Indexed Spyware Databases Successfully Created...

Fri Oct 14 00:40:59 2005 => Offending file found: C:\Documents and Settings\DEBORAHO\Local Settings\temporary internet files\content.ie5\klmxwxg1\common[1].js
Fri Oct 14 00:40:59 2005 => System found infected with whenu.savenow Spyware/Adware (common[1].js)! Action taken: No Action Taken.

Fri Oct 14 00:40:59 2005 => Offending file found: C:\Documents and Settings\DEBORAHO\Local Settings\temporary internet files\content.ie5\mxq1ub8z\show_ads[2].js
Fri Oct 14 00:40:59 2005 => System found infected with whenu.savenow Spyware/Adware (show_ads[2].js)! Action taken: No Action Taken.

Fri Oct 14 00:40:59 2005 => Offending file found: C:\Documents and Settings\DEBORAHO\Local Settings\temporary internet files\content.ie5\ubgba76l\formie[1].css
Fri Oct 14 00:40:59 2005 => System found infected with whenu.savenow Spyware/Adware (formie[1].css)! Action taken: No Action Taken.

Fri Oct 14 00:40:59 2005 => Offending file found: C:\Documents and Settings\DEBORAHO\Local Settings\temporary internet files\content.ie5\ubgba76l\stylesheet[1].css
Fri Oct 14 00:40:59 2005 => System found infected with whenu.savenow Spyware/Adware (stylesheet[1].css)! Action taken: No Action Taken.

Fri Oct 14 00:41:00 2005 => Offending file found: C:\Documents and Settings\DEBORAHO\Local Settings\Temporary Internet Files\content.ie5\klmxwxg1\common[1].js
Fri Oct 14 00:41:00 2005 => System found infected with whenu.savenow Spyware/Adware (common[1].js)! Action taken: No Action Taken.

Fri Oct 14 00:41:00 2005 => Offending file found: C:\Documents and Settings\DEBORAHO\Local Settings\Temporary Internet Files\content.ie5\mxq1ub8z\show_ads[2].js
Fri Oct 14 00:41:00 2005 => System found infected with whenu.savenow Spyware/Adware (show_ads[2].js)! Action taken: No Action Taken.

Fri Oct 14 00:41:00 2005 => Offending file found: C:\Documents and Settings\DEBORAHO\Local Settings\Temporary Internet Files\content.ie5\ubgba76l\formie[1].css
Fri Oct 14 00:41:00 2005 => System found infected with whenu.savenow Spyware/Adware (formie[1].css)! Action taken: No Action Taken.

Fri Oct 14 00:41:00 2005 => Offending file found: C:\Documents and Settings\DEBORAHO\Local Settings\Temporary Internet Files\content.ie5\ubgba76l\stylesheet[1].css
Fri Oct 14 00:41:00 2005 => System found infected with whenu.savenow Spyware/Adware (stylesheet[1].css)! Action taken: No Action Taken.


Fri Oct 14 00:41:03 2005 => ***** Scanning Registry for errors created because of Adware/Spyware *****
Fri Oct 14 00:41:03 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\cmmgr32.exe" refers to invalid object "C:\WINDOWS\system32\cmmgr32.exe". Action Taken: No Action Taken.

Fri Oct 14 00:41:05 2005 => Entry "HKCR\Connection Manager Profile\shell\open\command" refers to invalid object "C:\WINDOWS\system32\CMMGR32.EXE "%1"". Action Taken: No Action Taken.


Fri Oct 14 00:41:06 2005 => ***** Scanning System32 Folders *****
Fri Oct 14 00:41:06 2005 => Scanning C:\WINDOWS Directory
Fri Oct 14 00:41:06 2005 => Scanning Folder: C:\WINDOWS\*.*
Fri Oct 14 00:41:06 2005 => Scanning File C:\WINDOWS\0.log [**]
Fri Oct 14 00:41:06 2005 => Scanning File C:\WINDOWS\Blue Lace 16.bmp
Fri Oct 14 00:41:06 2005 => Scanning File C:\WINDOWS\bootstat.dat
Fri Oct 14 00:41:06 2005 => Scanning File C:\WINDOWS\clock.avi
Fri Oct 14 00:41:06 2005 => Scanning File C:\WINDOWS\cmsetacl.log
Fri Oct 14 00:41:06 2005 => Scanning File C:\WINDOWS\Coffee Bean.bmp
Fri Oct 14 00:41:06 2005 => Scanning File C:\WINDOWS\comsetup.log
Fri Oct 14 00:41:07 2005 => Scanning File C:\WINDOWS\control.ini [**]
Fri Oct 14 00:41:07 2005 => Scanning File C:\WINDOWS\desktop.ini
Fri Oct 14 00:41:07 2005 => Scanning File C:\WINDOWS\DtcInstall.log
Fri Oct 14 00:41:07 2005 => Scanning File C:\WINDOWS\explorer.exe
Fri Oct 14 00:41:07 2005 => Scanning File C:\WINDOWS\explorer.scf
Fri Oct 14 00:41:07 2005 => Scanning File C:\WINDOWS\FaxSetup.log
Fri Oct 14 00:41:07 2005 => Scanning File C:\WINDOWS\FeatherTexture.bmp
Fri Oct 14 00:41:07 2005 => Scanning File C:\WINDOWS\Gone Fishing.bmp
Fri Oct 14 00:41:07 2005 => Scanning File C:\WINDOWS\Greenstone.bmp
Fri Oct 14 00:41:07 2005 => Scanning File C:\WINDOWS\hh.exe
Fri Oct 14 00:41:07 2005 => Scanning File C:\WINDOWS\iis6.log
Fri Oct 14 00:41:07 2005 => Scanning File C:\WINDOWS\imsins.BAK
Fri Oct 14 00:41:07 2005 => Scanning File C:\WINDOWS\imsins.log
Fri Oct 14 00:41:07 2005 => Scanning File C:\WINDOWS\KB873339.log
Fri Oct 14 00:41:07 2005 => Scanning File C:\WINDOWS\KB885250.log
Fri Oct 14 00:41:07 2005 => Scanning File C:\WINDOWS\KB885835.log
Fri Oct 14 00:41:07 2005 => Scanning File C:\WINDOWS\KB885836.log
Fri Oct 14 00:41:07 2005 => Scanning File C:\WINDOWS\KB886185.log
Fri Oct 14 00:41:07 2005 => Scanning File C:\WINDOWS\KB887472.log
Fri Oct 14 00:41:08 2005 => Scanning File C:\WINDOWS\KB887742.log
Fri Oct 14 00:41:08 2005 => Scanning File C:\WINDOWS\KB888113.log
Fri Oct 14 00:41:08 2005 => Scanning File C:\WINDOWS\KB888302.log
Fri Oct 14 00:41:08 2005 => Scanning File C:\WINDOWS\KB890046.log
Fri Oct 14 00:41:08 2005 => Scanning File C:\WINDOWS\KB890859.log
Fri Oct 14 00:41:08 2005 => Scanning File C:\WINDOWS\KB891781.log
Fri Oct 14 00:41:08 2005 => Scanning File C:\WINDOWS\KB893066.log
Fri Oct 14 00:41:08 2005 => Scanning File C:\WINDOWS\KB893756.log
Fri Oct 14 00:41:08 2005 => Scanning File C:\WINDOWS\KB893803v2.log
Fri Oct 14 00:41:08 2005 => Scanning File C:\WINDOWS\KB894391.log
Fri Oct 14 00:41:08 2005 => Scanning File C:\WINDOWS\KB896358.log
Fri Oct 14 00:41:08 2005 => Scanning File C:\WINDOWS\KB896422.log
Fri Oct 14 00:41:08 2005 => Scanning File C:\WINDOWS\KB896423.log
Fri Oct 14 00:41:08 2005 => Scanning File C:\WINDOWS\KB896428.log
Fri Oct 14 00:41:08 2005 => Scanning File C:\WINDOWS\KB896688.log
Fri Oct 14 00:41:08 2005 => Scanning File C:\WINDOWS\KB898461.log
Fri Oct 14 00:41:08 2005 => Scanning File C:\WINDOWS\KB899587.log
Fri Oct 14 00:41:08 2005 => Scanning File C:\WINDOWS\KB899588.log
Fri Oct 14 00:41:08 2005 => Scanning File C:\WINDOWS\KB899589.log
Fri Oct 14 00:41:08 2005 => Scanning File C:\WINDOWS\KB899591.log
Fri Oct 14 00:41:08 2005 => Scanning File C:\WINDOWS\KB900725.log
Fri Oct 14 00:41:08 2005 => Scanning File C:\WINDOWS\KB901017.log
Fri Oct 14 00:41:09 2005 => Scanning File C:\WINDOWS\KB901214.log
Fri Oct 14 00:41:09 2005 => Scanning File C:\WINDOWS\KB902400.log
Fri Oct 14 00:41:09 2005 => Scanning File C:\WINDOWS\KB904706.log
Fri Oct 14 00:41:09 2005 => Scanning File C:\WINDOWS\KB905414.log
Fri Oct 14 00:41:09 2005 => Scanning File C:\WINDOWS\KB905749.log
Fri Oct 14 00:41:09 2005 => Scanning File C:\WINDOWS\Lic.xxx [**]
Fri Oct 14 00:41:09 2005 => Scanning File C:\WINDOWS\MedCtrOC.log
Fri Oct 14 00:41:09 2005 => Scanning File C:\WINDOWS\msdfmap.ini
Fri Oct 14 00:41:09 2005 => Scanning File C:\WINDOWS\msgsocm.log
Fri Oct 14 00:41:09 2005 => Scanning File C:\WINDOWS\msmqinst.log
Fri Oct 14 00:41:09 2005 => Scanning File C:\WINDOWS\netfx
cathdeb
Regular Member
 
Posts: 47
Joined: October 13th, 2005, 8:48 am
Location: fort lauderdale,florida
Advertisement
Register to Remove

Unread postby dobhar » October 14th, 2005, 1:13 pm

Hi...

My name is dobhar and I will be helping you out but I need you to help me out. I need for you to post a HijackThis log ASAP for me to look at...

Please download a self extracting copy of HijackThis from here and save it to your desktop. Double-click on the file hijackthis_sfx.exe file and it will self extract into it's own folder in C:\Program Files\HijackThis.

If you have any questions please post back as a reply to this Thread\Topic and I will be advised by email so I can return and help you. Please do not start another Thread\Topic.

Thank You and Surf Safe...
User avatar
dobhar
MRU Honors Grad Emeritus
 
Posts: 961
Joined: March 3rd, 2005, 3:00 am
Location: Winnipeg

Logfile of HijackThis v1.99.1

Unread postby cathdeb » October 14th, 2005, 3:30 pm

Sorry about that.I didn't mean to start a new post on the 2nd email.Thanks in advance for any help you can give me.

Logfile of HijackThis v1.99.1
Scan saved at 3:24:44 PM, on 10/14/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\WinZip\WINZIP32.EXE
C:\PROGRA~1\WINZIP\wzqkpick.exe
C:\Documents and Settings\DEBORAHO\Local Settings\Temp\HijackThis.exe

O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftup ... 9123462893
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 9123456283
O16 - DPF: {D42ED9FF-DF46-4AD9-A3FE-46BAF896466E} (CountSpies.SpyCounter) - http://www.sunbelt-software.com/dell/CounterSpy.CAB
cathdeb
Regular Member
 
Posts: 47
Joined: October 13th, 2005, 8:48 am
Location: fort lauderdale,florida

Unread postby dobhar » October 14th, 2005, 4:03 pm

Hi

Welcome to MRW

Your running HijackThis from a Temp folder and that is not good as one of the fixes we do is to clean out the Temp folders. Please use the instructions in my previous post to you to get HijackThis into it's own folder.

Post back a new log from the new location.

Thanks,
User avatar
dobhar
MRU Honors Grad Emeritus
 
Posts: 961
Joined: March 3rd, 2005, 3:00 am
Location: Winnipeg

Logfile of HijackThis

Unread postby cathdeb » October 15th, 2005, 5:07 am

Logfile of HijackThis v1.99.1
Scan saved at 4:54:16 AM, on 10/15/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\WinZip\WZQKPICK.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\HijackThis\HijackThis.exe

O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftup ... 9123462893
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 9123456283
O16 - DPF: {D42ED9FF-DF46-4AD9-A3FE-46BAF896466E} (CountSpies.SpyCounter) - http://www.sunbelt-software.com/dell/CounterSpy.CAB
cathdeb
Regular Member
 
Posts: 47
Joined: October 13th, 2005, 8:48 am
Location: fort lauderdale,florida

Unread postby dobhar » October 15th, 2005, 4:09 pm

Hi cathdeb...

This HJT log is quite sparse. I saw in your other post that you just formated and re-installed your PC which is probably the reason for your Sparse log but to play safe I need to see if you have anything in HJT Ignorelist and to make sure you have configured correctly.

Please HijackThis.exe from your C:\Program Files\HijackThis folder.
Click on "Config..." button...
- Make sure "Include list of running processes in logfiles" is selected\checked
- Make sure "Make backups before fixing items" is selected\checked

Click on "Ignorelist" button...
- Is there anything listed?

Click on "Misc Tools" button
- Click on "Open Uninstall Manager..." button
- Click on "Save List" button
- Save the "uninstall_list.txt" file to your Desktop
- Paste the contents of the file in your next reply

___________________________________

I see in your present HJT log that you have no Anitvirus programs running and that is not good. You need to install an AV Program ASAP. I can recommend a good "FREE" program called AVG 7.0. I actually have this installed on my other PC and it does quite a good job.

- You can download AVG 7.0 from here
- You can download a Reference guide here. Note: You will need Adobe Acrobat Reader to view the guide.

============================================================

***IMPORTANT***
Please make sure you have AVG 7.0 or another AV installed before continuing with the items below.

Let's run a few scans...
_____________________________________________________

Please print out or copy these instructions\tutorials to Notepad as the internet will be unavailble to you at certain points of the removal process. Make sure to work through all the Steps in the exact order in which they are listed below. If there's anything that you don't understand, ask your question(s) before moving on with the fixes.
_____________________________________________________

Step 1.
==========

Please download and install CCleaner from here
(Note: DO NOT run this program yet)

Step 2.
==========

Please download Ewido Security Suite from here
  1. Install ewido security suite
  2. When installing the program, under "Additonal Options" uncheck...
    • Install background guard
    • Install scan via context menu
  3. Launch ewido, there should now be an icon on your desktop, double-click it.
  4. The program will now open to the main screen.
  5. When you run ewido for the first time, you may get a warning "Database could not be found!". Click OK. We will fix this in a moment.
  6. You will need to update ewido to the latest definition files:
    • On the left hand side of the main screen click update.
    • Then click on Start Update.
  7. The update will start and a progress bar will show the updates being installed.
    (the status bar at the bottom will display "Update successful")
  8. Close Ewido Security Suite
If you are having problems with the updater, you can use this link to manually update ewido.
Ewido manual updates

Step 3.
==========

If you have not already installed Ad-Aware SE 1.06, follow these download and setup instructions, otherwise, check for updates:
Ad-Aware SE Setup instructions can be found here
(Note: Please do NOT run it yet!)

Step 4.
==========

- Reboot computer into "Safe Mode" Using the F8 method:
- As soon as the BIOS is loaded begin tapping the F8 key until the Boot Menu appears
- Use the arrow keys to select the Safe Mode menu item
(Note: For additional help in booting into Safe Mode, see the following site - here)

Step 5.
==========

We need to make sure all hidden files are showing...
  • Open "My Computer".
  • Click on "Tools" and from the drop down menu select "Folder Options".
  • Select the "View" tab.
  • Under the "Hidden files and folders" heading SELECT "Show hidden files and folders".
  • UNCHECK the "Hide file extensions for known types option".
  • UNCHECK the "Hide protected operating system files (recommended) option".
  • Click "Yes" to confirm.
  • Click "OK".
Step 6.
==========

We now need to cleanup all the Temp, Temorary Internet Files, Recycle Bin, etc...
- Start the CCleaner program
- Get into "Options" => Select "Advanced" => Deselect\uncheck "Only delete files in Windows Temp folders older than 48 hours"
- We are only going to work with the "Cleaner" section. (Note: Do not use the "Issues" section)
- click on the "Run Cleaner button in the lower right-hand corner
- After complete close program
- Make sure Recycle Bin is empty

Step 7.
==========

- Start Ewido Security Suite
  • Click on scanner. (Note: Do not start any programs or open any windows while Ewido is scanning)
  • Click on Complete System Scan, the scan will now begin.
  • While the scan is in progress you will be promted to clean files, click OK.
  • When it asks if you want to clean the first file, put a checkmark in the lower left corner of the box that says "Perform action on all infections", then choose clean and click OK.
  • Once the scan has completed, there will be a button located at the bottom of the screen named Save Report.
  • Click Save Report.
  • Now save the report .txt file to your desktop.
  • Close Ewido Security Suite
Step 8.
==========

- Start Ad-aware SE 1.06 and do a full scan
- Remove all it finds

Step 9.
==========

- Reboot computer into "Normal Mode" and run Panda's ActiveScan from here and perform a full system scan.
- Once you are on the Panda site click the "Scan your PC" button
- A new window will open...click the big "Check Now" button
- Enter your Country
- Enter your State/Province
- Enter your e-mail address and click send
- Select either Home User or Company
- Click the big Scan Now button
- If it wants to install an ActiveX component allow it
- It will start downloading the files it requires for the scan (Note: It will take a couple minutes)
- Click on "Local Disks" to start the scan
- When the scan completes, if anything malicious is detected, click the See Report button, then Save Report and save it to a convenient location.
- Post Panda scan results in your next reply

Step 10.
==========

- Post back a new fresh "HijackThis" log
- Post back Ewido log
- Post back the Panda scan log

Step 11.
==========

After posting the logs above please go to Windows Update and install all the Critical Updates. Click here for Windows Update
(Note: You can skip this step if you have already installed all the latest Citical Updates for SP2)

After installing all the Patches and updates, reboot, then post a fresh Hijack This log.
User avatar
dobhar
MRU Honors Grad Emeritus
 
Posts: 961
Joined: March 3rd, 2005, 3:00 am
Location: Winnipeg

Part of AVG DAT File

Unread postby cathdeb » October 15th, 2005, 6:46 pm

Thank You for taking the time to help me.I hope to pass it on one day soon through the help of this wonderful website.Do you know what this is?it was in AVG 7 QT DAT File .



g F i l e I n f o Ô  0 4 0 9 0 4 B 0 L   C o m p a n y N a m e M i c r o s o f t C o r p o r a t i o n N   F i l e D e s c r i p t i o n N T K e r n e l & S y s t e m r )  F i l e V e r s i o n 5 . 1 . 2 6 0 0 . 2 6 2 2 ( x p s p _ s p 2 _ g d r . 0 5 0 3 0 1 - 1 5 1 9 ) :
 I n t e r n a l N a m e n t k r n l m p . e x e € .  L e g a l C o p y r i g h t © M i c r o s o f t C o r p o r a t i o n . A l l r i g h t s r e s e r v e d . B
 O r i g i n a l F i l e n a m e n t k r n l m p . e x e j %  P r o d u c t N a m e M i c r o s o f t ® W i n d o w s ® O p e r a t i n g S y s t e m @   P r o d u c t V e r s i o n 5 . 1 . 2 6 0 0 . 2 6 2 2 D  V a r F i l e I n f o $  T r a n s l a t i o n °  { Ãœ } † „ ‹ ‹ L Ž Å“ | Ÿ ¬ ` ´ Ñ Ó Ãœ „- Þ í p0 ï ï Ã
cathdeb
Regular Member
 
Posts: 47
Joined: October 13th, 2005, 8:48 am
Location: fort lauderdale,florida

Unread postby dobhar » October 15th, 2005, 7:04 pm

Hi...

Did or are you getting an error msg after installing AVG? Did you get a BSOD (Blue Screen Of Death)? What is the problem you are having???

Did you reboot after installing AVG. Have you rebooted after getting this error.

Please continue with the other fixes and we will worry about this after.

Thanks,
User avatar
dobhar
MRU Honors Grad Emeritus
 
Posts: 961
Joined: March 3rd, 2005, 3:00 am
Location: Winnipeg

hijack this log

Unread postby cathdeb » October 16th, 2005, 9:20 am

Logfile of HijackThis v1.99.1
Scan saved at 9:08:01 AM, on 10/16/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\HijackThis\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/in ... er_gmn.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftup ... 9123462893
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 9123456283
O16 - DPF: {D42ED9FF-DF46-4AD9-A3FE-46BAF896466E} (CountSpies.SpyCounter) - http://www.sunbelt-software.com/dell/CounterSpy.CAB
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
cathdeb
Regular Member
 
Posts: 47
Joined: October 13th, 2005, 8:48 am
Location: fort lauderdale,florida

ewido security suite - Scan report

Unread postby cathdeb » October 16th, 2005, 9:30 am

---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 9:29:48 AM, 10/16/2005
+ Report-Checksum: EC1CCE78

+ Scan result:

No infected objects found.


::Report End
cathdeb
Regular Member
 
Posts: 47
Joined: October 13th, 2005, 8:48 am
Location: fort lauderdale,florida

hijack this log

Unread postby cathdeb » October 16th, 2005, 12:52 pm

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\HijackThis\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/in ... er_gmn.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftup ... 9123462893
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 9123456283
O16 - DPF: {D42ED9FF-DF46-4AD9-A3FE-46BAF896466E} (CountSpies.SpyCounter) - http://www.sunbelt-software.com/dell/CounterSpy.CAB
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
cathdeb
Regular Member
 
Posts: 47
Joined: October 13th, 2005, 8:48 am
Location: fort lauderdale,florida

Unread postby dobhar » October 16th, 2005, 3:16 pm

Hi cathdeb...

I still need some info that I have requested...
Please HijackThis.exe from your C:\Program Files\HijackThis folder.
Click on "Config..." button...
- Make sure "Include list of running processes in logfiles" is selected\checked
- Make sure "Make backups before fixing items" is selected\checked

Click on "Ignorelist" button...
- Is there anything listed?

Click on "Misc Tools" button
- Click on "Open Uninstall Manager..." button
- Click on "Save List" button
- Save the "uninstall_list.txt" file to your Desktop
- Paste the contents of the file in your next reply

I also need to see the Panda scan log as per Step 10.

Thanks,
User avatar
dobhar
MRU Honors Grad Emeritus
 
Posts: 961
Joined: March 3rd, 2005, 3:00 am
Location: Winnipeg

uninstall _list_Notepad

Unread postby cathdeb » October 16th, 2005, 5:39 pm

Hello,
Is this what you need from hijack this?I am still working on the panda instructions for you.I have been having a hard time as my computer keeps acting up.God willing I will be posting the results for panda shortly:)
Debbie

HijackThis 1.99.1
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893066)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB896688)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899589)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Windows Genuine Advantage v1.3.0254.0
Windows Installer 3.1 (KB893803)
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
WinZip
cathdeb
Regular Member
 
Posts: 47
Joined: October 13th, 2005, 8:48 am
Location: fort lauderdale,florida

panda active scan

Unread postby cathdeb » October 16th, 2005, 6:01 pm

Dobhar,
I clicked on Panda active scan from your link (here) and when it starts to scan My Computer the window is minimized.It won't allow me to maximize it as those options are shaded out so I am not able to see if there is a save button for log.My computer is acting weird it feels like something is controling my settings.The scan didn't seem to detect anything.
cathdeb
cathdeb
Regular Member
 
Posts: 47
Joined: October 13th, 2005, 8:48 am
Location: fort lauderdale,florida

CCleaner IE Temporary Internet Files log

Unread postby cathdeb » October 16th, 2005, 6:21 pm

Hi Dobhar,
Is this anything???

CLEANING COMPLETE - (1.275 secs)
------------------------------------------------------------------------------------------
55.7MB removed.


Details of files deleted
------------------------------------------------------------------------------------------
IE Temporary Internet Files (650 files) 4.91MB
Cookie:deboraho@pcworld.com/(&H100001) 143 bytes
Cookie:deboraho@www.malwareremoval.com/forum/(&H100001) 194 bytes
Cookie:deboraho@mediaplex.com/(&H100001) 78 bytes
Cookie:deboraho@metrics.adobe.com/(&H100001) 2.32KB
Cookie:deboraho@doubleclick.net/(&H100001) 83 bytes
Cookie:deboraho@ehg-idg.hitbox.com/(&H100001) 324 bytes
Cookie:deboraho@www.adobe.com/(&H100001) 169 bytes
Cookie:deboraho@msn.com/(&H100001) 291 bytes
Cookie:deboraho@www.msn.com/(&H100001) 69 bytes
Cookie:deboraho@questionmarket.com/(&H100001) 105 bytes
Cookie:deboraho@www.pandasoftware.com/activescan/activescan/(&H100001) 142 bytes
Cookie:deboraho@hitbox.com/(&H100001) 152 bytes
Cookie:deboraho@www.pcworld.com/(&H100001) 72 bytes
Cookie:deboraho@edge.ru4.com/(&H100001) 643 bytes
Cookie:deboraho@search.pcworld.com/(&H100001) 75 bytes
C:\Documents and Settings\DEBORAHO\Local Settings\History\History.IE5\desktop.ini 113 bytes
Marked for deletion: C:\Documents and Settings\DEBORAHO\Local Settings\Temporary Internet Files\Content.IE5\index.dat
Marked for deletion: C:\Documents and Settings\DEBORAHO\Cookies\index.dat
Marked for deletion: C:\Documents and Settings\DEBORAHO\Local Settings\History\History.IE5\index.dat
Marked for deletion: C:\Documents and Settings\DEBORAHO\Local Settings\History\History.IE5\mshist012005101620051017\index.dat
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\000B45EB.key 1.04KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\000B45EE.key 1.02KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\about.bmp 57.16KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\avg7inst.log 0.45MB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\avp.klb 11.14KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\avp.set 1.53KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\avp.vnd 6.43KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\bitmap1.bmp 57.16KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\ca.avc 69.08KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\cdver.dat 304 bytes
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\Cid.sdb 0.54MB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\config.lan 9.48KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\daily-ex.avc 687 bytes
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\daily-x.avc 571 bytes
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\daily.avc 3.50KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\DCS_REPORT.DAT 0 bytes
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\Dir.sdb 0.37MB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\Download.exe 0.46MB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\Download.lan 4.64KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\eicar.avc 1.92KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\English.Age 40.59KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\English.con 9.48KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\English.dow 4.64KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\English.lan 9.38KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\English.lic 7.24KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\English.tcp 1.65KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\esupdate.exe 0.31MB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\ext001.avc 47.98KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\ext002.avc 47.08KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\ext003.avc 47.04KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\ext004.avc 46.96KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\ext005.avc 24.63KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\ext999.avc 17.31KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\fa.avc 20.51KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\File1.sdb 1.61MB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\File2.sdb 0.11MB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\Finnish.Age 42.61KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\Finnish.con 9.82KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\Finnish.dow 4.83KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\finnish.lan 9.75KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\Finnish.lic 6.48KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\Finnish.tcp 1.71KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\French.Age 45.30KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\French.con 10.13KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\French.dow 5.29KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\french.lan 9.81KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\French.lic 7.02KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\French.tcp 1.84KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\gen001.avc 33.95KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\gen002.avc 46.20KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\gen003.avc 40.57KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\gen004.avc 28.64KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\gen999.avc 42.03KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\German.Age 54.87KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\German.con 9.47KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\German.dow 4.84KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\german.lan 9.40KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\German.lic 7.02KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\German.tcp 1.68KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\Getvlist.exe 40.06KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\h2r18.tmp 29.25KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\HCC.tmp 146 bytes
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\hcScan.html 3.35KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\hijackthis.log 1.52KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\hpzcoi00.log 596 bytes
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\hpzcoi01.log 596 bytes
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\hpzcoi02.log 3.10KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\hpzcon00.log 598 bytes
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\hpzghoul00.log 424 bytes
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\hpzghoul01.log 387 bytes
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\hpzpin00.log 480 bytes
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\hpzpin01.log 379 bytes
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\hpzpnp000.log 205 bytes
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\HPZset000.log 861 bytes
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT21.xml 1.95KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT22.xml 426 bytes
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT23.xml 0.67MB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT25.xml 1.95KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT26.xml 426 bytes
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT27.xml 0.67MB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT36.xml 1.95KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT37.xml 426 bytes
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT38.xml 0.67MB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT3B.xml 1.95KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT3C.xml 426 bytes
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT3D.xml 0.67MB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT3E.xml 1.95KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT3F.xml 426 bytes
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT40.xml 0.67MB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT41.xml 1.95KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT42.xml 426 bytes
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT43.xml 0.67MB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT65.xml 1.95KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT66.xml 426 bytes
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT67.xml 0.67MB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT68.xml 1.95KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT69.xml 426 bytes
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT6A.xml 0.67MB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT6B.xml 1.95KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT6C.xml 426 bytes
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT6D.xml 0.67MB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT6E.xml 1.95KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT6F.xml 426 bytes
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT70.xml 0.67MB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT71.xml 1.95KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT72.xml 426 bytes
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT73.xml 0.67MB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT74.xml 1.95KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT75.xml 426 bytes
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT76.xml 0.67MB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT77.xml 1.95KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT78.xml 426 bytes
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT79.xml 0.67MB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT7A.xml 1.95KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT7B.xml 426 bytes
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT7C.xml 0.67MB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT7D.xml 1.95KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT7E.xml 426 bytes
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT7F.xml 0.67MB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT80.xml 1.95KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT81.xml 426 bytes
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT82.xml 0.67MB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT83.xml 2.13MB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT84.dtd 1022 bytes
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT85.xml 1.95KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT86.xml 426 bytes
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT87.xml 0.67MB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT88.xml 1.95KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT89.xml 426 bytes
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT8A.xml 0.67MB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT8B.xml 1.95KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT8C.xml 426 bytes
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT8D.xml 0.67MB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT8E.xml 1.95KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT8F.xml 426 bytes
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT90.xml 0.67MB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT92.xml 1.95KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT93.xml 426 bytes
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT94.xml 0.67MB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT97.xml 1.95KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT98.xml 426 bytes
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT99.xml 0.67MB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT9B.xml 1.95KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT9C.xml 426 bytes
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT9D.xml 0.67MB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMT9F.xml 1.95KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMTA0.xml 426 bytes
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMTA1.xml 0.67MB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMTA2.xml 1.95KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMTA3.xml 426 bytes
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMTA4.xml 0.67MB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMTA5.xml 1.83KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMTA6.xml 1.95KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMTA7.xml 426 bytes
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMTA8.xml 0.67MB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMTA9.xml 1.95KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMTAA.xml 426 bytes
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMTAB.xml 0.67MB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMTAD.xml 1.95KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMTAE.xml 426 bytes
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMTAF.xml 0.67MB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMTB0.xml 1.95KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMTB1.xml 426 bytes
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMTB2.xml 0.67MB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMTB3.xml 1.95KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMTB4.xml 426 bytes
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMTB5.xml 0.67MB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMTB6.xml 1.95KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMTB7.xml 426 bytes
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMTB8.xml 0.67MB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMTB9.xml 2.13MB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMTBA.dtd 1022 bytes
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMTBB.xml 1.95KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMTBC.xml 426 bytes
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMTBD.xml 0.67MB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMTBE.xml 1.95KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMTBF.xml 426 bytes
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMTC0.xml 0.67MB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMTC1.xml 1.95KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMTC2.xml 426 bytes
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMTC3.xml 0.67MB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMTD3.xml 1.95KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMTD4.xml 426 bytes
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMTD5.xml 0.67MB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMTE1.xml 1.95KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMTE2.xml 426 bytes
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\IMTE3.xml 0.67MB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\InstHelp.dll 56.00KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\ipc.dll 36.06KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\Italian.Age 53.07KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\Italian.con 9.48KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\Italian.dow 4.92KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\italian.lan 9.41KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\Italian.lic 7.02KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\Italian.tcp 1.68KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\kavsign.exe 96.00KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\kavss.dat 20.05KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\kavss.dll 0.14MB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\kavss.exe 20.05KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\kavssd.dll 0.15MB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\kavssdi.dll 52.06KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\kavssi.dll 36.06KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\KAVUpd.dll 0.28MB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\KAVUpd.exe 52.00KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\kavvlg.dll 100.08KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\kernel.avc 8.51KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\keyid.dat 304 bytes
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\krn001.avc 43.26KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\krndos.avc 5.15KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\krnengn.avc 26.18KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\krnexe.avc 32.05KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\krnexe32.avc 47.60KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\krnjava.avc 36.74KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\krnmacro.avc 86.42KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\krnunp.avc 60.73KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\language.ini 40.59KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\LatinSpanish.lan 7.34KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\license.txt 7.24KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\mail.avc 13.78KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\main.avi 7.76KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\malw001.avc 58.54KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\malw002.avc 53.42KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\malw003.avc 47.18KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\malw004.avc 40.87KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\MicroWorld Toolkit Utility.txt 788 bytes
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\MPC12.tmp 19.33KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\MPCED.tmp 19.26KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\msvlclnt.dll 0.11MB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\mwav.ini 2.55KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\MWAV.LOG 2.77MB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\MWAVL.exe 94.50KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\MWAVReg.EXE 0.32MB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\mwavscan.com 0.36MB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\mwti.sgn 313 bytes
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\mwXface.log 783 bytes
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\MYDB.DLL 0.23MB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\nos200\nos20.tmp 44.00KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\ocr.avc 11.54KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\Polish.Age 40.21KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\Polish.con 9.43KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\Polish.dow 4.64KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\polish.lan 7.84KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\Polish.lic 14.04KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\Polish.tcp 1.65KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\Portuguese.Age 45.27KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\Portuguese.con 10.41KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\Portuguese.dow 5.23KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\portuguese.lan 10.10KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\Portuguese.lic 7.66KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\Portuguese.tcp 1.85KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\product.bmp 15.31KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\psapi.dll 28.27KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\riched32.dll 0.17MB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\Romanian.Age 41.78KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\Romanian.con 9.83KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\Romanian.dow 4.90KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\romanian.lan 9.76KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\Romanian.lic 7.02KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\Romanian.tcp 1.68KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\smart.avc 5.04KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\Spanish.Age 46.08KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\Spanish.con 10.16KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\Spanish.dow 5.28KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\spanish.lan 10.09KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\Spanish.lic 7.02KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\Spanish.tcp 1.68KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\spydb.avs 0.14MB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\spydb.old 0.14MB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\Spyware.sdb 0.13MB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\SymNRT 10-14-2005 8h35m48s.log 4.91MB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\sysr.txt 1.67KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\Temporary Directory 1 for hijackthis[1].zip\hijackthis.log 1.31KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\TMVAINFO.xml 0 bytes
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\troj001.avc 98.85KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\troj002.avc 50.54KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\troj003.avc 0.10MB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\troj004.avc 51.21KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\troj005.avc 50.26KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\troj006.avc 50.18KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\troj007.avc 49.49KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\troj008.avc 49.30KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\troj009.avc 49.68KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\troj010.avc 49.03KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\troj011.avc 50.59KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\troj012.avc 48.46KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\troj013.avc 48.94KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\troj014.avc 49.67KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\troj015.avc 48.79KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\troj016.avc 49.22KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\troj017.avc 48.95KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\troj018.avc 49.28KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\troj019.avc 48.82KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\troj020.avc 49.05KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\troj021.avc 49.05KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\troj022.avc 55.29KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\troj023.avc 54.36KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\troj024.avc 55.02KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\troj025.avc 50.24KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\troj026.avc 45.97KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\troj027.avc 42.36KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\troj028.avc 40.48KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\troj029.avc 49.31KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\troj030.avc 47.58KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\troj031.avc 48.88KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\troj032.avc 48.13KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\troj033.avc 48.44KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\troj034.avc 0.14MB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\unp000.avc 8.08KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\unp001.avc 49.55KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\unp002.avc 70.05KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\unp003.avc 53.68KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\unp004.avc 26.39KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\unp005.avc 60.43KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\unp006.avc 55.02KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\unp007.avc 79.82KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\unp008.avc 55.30KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\unp009.avc 50.88KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\unp010.avc 66.87KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\unp011.avc 54.14KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\unp012.avc 35.36KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\unp013.avc 56.61KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\unp014.avc 59.68KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\unp015.avc 60.93KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\unp016.avc 69.22KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\unp017.avc 32.42KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\unp018.avc 43.44KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\unp019.avc 78.40KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\unp020.avc 38.18KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\unp021.avc 29.70KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\unp022.avc 49.47KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\unp023.avc 79.40KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\unp024.avc 42.21KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\unp025.avc 40.73KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\unp026.avc 0.14MB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\viewtcp.exe 0.34MB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\ViewTcp.lan 1.65KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\viewtcp.old 1.66KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\virus.avi 9.00KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\virus001.avc 74.79KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\virus002.avc 74.71KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\virus003.avc 71.99KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\virus004.avc 77.10KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\virus005.avc 71.71KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\virus006.avc 74.33KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\virus007.avc 72.39KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\virus008.avc 73.43KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\virus009.avc 69.76KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\virus010.avc 72.47KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\virus011.avc 76.61KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\virus012.avc 75.57KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\virus013.avc 76.39KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\virus014.avc 73.27KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\virus015.avc 74.50KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\virus016.avc 78.94KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\virus017.avc 77.41KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\virus018.avc 75.00KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\virus019.avc 55.03KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\virus020.avc 35.22KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\WIN.PRO 4 bytes
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\worm001.avc 49.07KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\worm002.avc 51.26KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\worm003.avc 50.53KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\worm004.avc 52.46KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\worm005.avc 48.29KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\worm006.avc 27.34KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\worm999.avc 5.21KB
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\WST.txt 26 bytes
C:\DOCUME~1\DEBORAHO\LOCALS~1\Temp\x-files.avc 30.59KB
C:\WINDOWS\system32\wbem\Logs\FrameWork.log 2.74KB
C:\WINDOWS\system32\wbem\Logs\wbemess.log 42.63KB
C:\WINDOWS\system32\wbem\Logs\wbemprox.log 75 bytes
C:\WINDOWS\system32\wbem\Logs\wmiprov.log 670 bytes
C:\WINDOWS\0.log 0 bytes
C:\WINDOWS\comsetup.log 3.44KB
C:\WINDOWS\FaxSetup.log 9.26KB
C:\WINDOWS\iis6.log 25.87KB
C:\WINDOWS\imsins.log 3.70KB
C:\WINDOWS\MedCtrOC.log 1.04KB
C:\WINDOWS\msgsocm.log 743 bytes
C:\WINDOWS\msmqinst.log 8.97KB
C:\WINDOWS\netfxocm.log 1.82KB
C:\WINDOWS\ntdtcsetup.log 2.85KB
C:\WINDOWS\ocgen.log 12.63KB
C:\WINDOWS\ocmsn.log 891 bytes
C:\WINDOWS\setupact.log 0 bytes
C:\WINDOWS\setupapi.log 91.69KB
C:\WINDOWS\setuperr.log 0 bytes
C:\WINDOWS\tabletoc.log 311 bytes
C:\WINDOWS\tsoc.log 6.54KB
C:\WINDOWS\ntbtlog.txt 71.90KB
C:\WINDOWS\Debug\UserMode\userenv.log 9.54KB
C:\WINDOWS\security\logs\scecomp.old 33.00KB
C:\Documents and Settings\DEBORAHO\Application Data\Lavasoft\Ad-Aware\Logs\Ad-Aware log2005-10-16 01-18-07.txt 19.24KB
C:\Documents and Settings\DEBORAHO\Application Data\Lavasoft\Ad-Aware\Logs\Ad-Aware log2005-10-16 01-27-13.txt 3.53KB
C:\Program Files\Ewido\Security Suite\logfile.txt 902 bytes
------------------------------------------------------------------------------------------
cathdeb
Regular Member
 
Posts: 47
Joined: October 13th, 2005, 8:48 am
Location: fort lauderdale,florida
Advertisement
Register to Remove

Next

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 112 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware