Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

DrWatsons Problem

Started by Pantrwrstl , Mar 18 2005 01:02 PM

  • Please log in to reply

#46
Michelle
Posted 07 April 2005 - 01:26 PM

Michelle

    Malware Removal Goddess

  • Retired Staff
  • 8,928 posts
Your log is clean, so you may have corrupt system file(s).

Let's try this:

Go to Start > Run > then type in:

sfc /scannow

*make sure there is a space between sfc and /

Click OK.

It will pull up a box that says "windows file protection" just let it do what it does.

Edited by bananafanafo, 08 April 2005 - 12:48 PM.

  • 0

Advertisements

#47
Pantrwrstl
Posted 07 April 2005 - 02:20 PM

Pantrwrstl

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 172 posts
thanks michelle your the man, dont let anyone try to tell you different
  • 0

#48
Michelle
Posted 07 April 2005 - 02:24 PM

Michelle

    Malware Removal Goddess

  • Retired Staff
  • 8,928 posts
You're very welcome! I'm happy to help :tazz:

Edited by bananafanafo, 08 April 2005 - 11:54 AM.

  • 0

#49
Pantrwrstl
Posted 07 April 2005 - 03:07 PM

Pantrwrstl

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 172 posts
ok sorry one more thing, its still crashing when i do what i said before, i ran sfc /scannow twice and still does not work
  • 0

#50
Michelle
Posted 07 April 2005 - 04:56 PM

Michelle

    Malware Removal Goddess

  • Retired Staff
  • 8,928 posts
Please download, install, and run MWav

Make sure when you run it to check all the boxes for files in order to make sure it scans all files and not just program files. Then click on "Scan Clean". This will take a number of hours to complete.

Please let me know the results of the scan.
  • 0

#51
Pantrwrstl
Posted 08 April 2005 - 02:11 AM

Pantrwrstl

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 172 posts
upon completion of the scan i get a notice, Virus Dectected!!! you will need to buy escan or this tool in order to eliminate this virus from your System. Click on Buy ESCAN OR THIS TOOL to go to our webstore...
Here is my log

Thu Apr 07 23:58:08 2005 => **********************************************************
Thu Apr 07 23:58:08 2005 => MicroWorld AntiVirus Toolkit Utility.
Thu Apr 07 23:58:08 2005 => Copyright © 2003-2005, MicroWorld Technologies Inc.
Thu Apr 07 23:58:08 2005 => **********************************************************
Thu Apr 07 23:58:08 2005 => Version 6.0.6 (C:\DOCUME~1\user\LOCALS~1\Temp\mwavscan.com)
Thu Apr 07 23:58:08 2005 => Log File: C:\DOCUME~1\user\LOCALS~1\Temp\MWAV.LOG
Thu Apr 07 23:58:08 2005 => MWAV Registered: FALSE.
Thu Apr 07 23:58:08 2005 => MWAV Mode: Only Scan files.
Thu Apr 07 23:58:08 2005 => Latest Date of files inside MWAV: 06 Apr 2005 11:39:28.
Thu Apr 07 23:58:11 2005 => AV Library Loaded...
Thu Apr 07 23:58:11 2005 => MWAV doing self scanning...
Thu Apr 07 23:58:11 2005 => Scanning File C:\DOCUME~1\user\LOCALS~1\Temp\kavss.exe
Thu Apr 07 23:58:11 2005 => Scanning File C:\DOCUME~1\user\LOCALS~1\Temp\Getvlist.exe
Thu Apr 07 23:58:11 2005 => Scanning File C:\DOCUME~1\user\LOCALS~1\Temp\kavss.dll
Thu Apr 07 23:58:11 2005 => Scanning File C:\DOCUME~1\user\LOCALS~1\Temp\kavssdi.dll
Thu Apr 07 23:58:11 2005 => Scanning File C:\DOCUME~1\user\LOCALS~1\Temp\kavssi.dll
Thu Apr 07 23:58:11 2005 => Scanning File C:\DOCUME~1\user\LOCALS~1\Temp\kavvlg.dll
Thu Apr 07 23:58:12 2005 => Scanning File C:\DOCUME~1\user\LOCALS~1\Temp\msvlclnt.dll
Thu Apr 07 23:58:12 2005 => Scanning File C:\DOCUME~1\user\LOCALS~1\Temp\ipc.dll
Thu Apr 07 23:58:12 2005 => Scanning File C:\DOCUME~1\user\LOCALS~1\Temp\main.avi
Thu Apr 07 23:58:12 2005 => Scanning File C:\DOCUME~1\user\LOCALS~1\Temp\virus.avi
Thu Apr 07 23:58:12 2005 => MWAV files are clean.
Thu Apr 07 23:58:12 2005 => Virus Database Date: 2005/04/06
Thu Apr 07 23:58:12 2005 => Virus Database Count: 124827

Thu Apr 07 23:58:52 2005 => **********************************************************
Thu Apr 07 23:58:52 2005 => MicroWorld AntiVirus Toolkit Utility.
Thu Apr 07 23:58:52 2005 => Copyright © 2003-2005, MicroWorld Technologies Inc.
Thu Apr 07 23:58:52 2005 =>
Thu Apr 07 23:58:52 2005 => Support: [email protected]
Thu Apr 07 23:58:52 2005 => Web: http://www.mwti.net
Thu Apr 07 23:58:52 2005 => **********************************************************
Thu Apr 07 23:58:52 2005 => Version 6.0.6 (C:\DOCUME~1\user\LOCALS~1\Temp\mwavscan.com)
Thu Apr 07 23:58:52 2005 => Log File: C:\DOCUME~1\user\LOCALS~1\Temp\MWAV.LOG
Thu Apr 07 23:58:52 2005 => User Account: user
Thu Apr 07 23:58:52 2005 => Windows Root Folder: C:\WINDOWS
Thu Apr 07 23:58:52 2005 => Windows Sys32 Folder: C:\WINDOWS\system32
Thu Apr 07 23:58:52 2005 => OS: Windows NT
Thu Apr 07 23:58:52 2005 => Latest Date of files inside MWAV: 06 Apr 2005 11:39:28.

Thu Apr 07 23:58:52 2005 => Options Selected by User:
Thu Apr 07 23:58:52 2005 => Memory Check: Enabled
Thu Apr 07 23:58:52 2005 => Registry Check: Enabled
Thu Apr 07 23:58:52 2005 => StartUp Folder Check: Enabled
Thu Apr 07 23:58:52 2005 => System Folder Check: Enabled
Thu Apr 07 23:58:52 2005 => System Area Check: Disabled
Thu Apr 07 23:58:52 2005 => Services Check: Enabled
Thu Apr 07 23:58:52 2005 => Drive Check: Disabled
Thu Apr 07 23:58:52 2005 => All Drive Check :Enabled
Thu Apr 07 23:58:52 2005 => Folder Check: Disabled

Thu Apr 07 23:58:52 2005 => ***** Scanning Memory Files *****
Thu Apr 07 23:58:52 2005 => Scanning File C:\WINDOWS\System32\smss.exe
Thu Apr 07 23:58:52 2005 => Scanning File C:\WINDOWS\system32\ntdll.dll
Thu Apr 07 23:58:52 2005 => Scanning File C:\WINDOWS\SYSTEM32\CSRSS.EXE
Thu Apr 07 23:58:52 2005 => Scanning File C:\WINDOWS\system32\CSRSRV.dll
Thu Apr 07 23:58:52 2005 => Scanning File C:\WINDOWS\system32\basesrv.dll
Thu Apr 07 23:58:53 2005 => Scanning File C:\WINDOWS\system32\winsrv.dll
Thu Apr 07 23:58:53 2005 => Scanning File C:\WINDOWS\system32\USER32.dll
Thu Apr 07 23:58:53 2005 => Scanning File C:\WINDOWS\system32\KERNEL32.dll
Thu Apr 07 23:58:53 2005 => Scanning File C:\WINDOWS\system32\GDI32.dll
Thu Apr 07 23:58:53 2005 => Scanning File C:\WINDOWS\system32\sxs.dll
Thu Apr 07 23:58:53 2005 => Scanning File C:\WINDOWS\system32\ADVAPI32.dll
Thu Apr 07 23:58:53 2005 => Scanning File C:\WINDOWS\system32\RPCRT4.dll
Thu Apr 07 23:58:53 2005 => Scanning File C:\WINDOWS\system32\Apphelp.dll
Thu Apr 07 23:58:53 2005 => Scanning File C:\WINDOWS\system32\VERSION.dll
Thu Apr 07 23:58:53 2005 => Scanning File C:\WINDOWS\SYSTEM32\WINLOGON.EXE
Thu Apr 07 23:58:53 2005 => Scanning File C:\WINDOWS\system32\AUTHZ.dll
Thu Apr 07 23:58:54 2005 => Scanning File C:\WINDOWS\system32\msvcrt.dll
Thu Apr 07 23:58:54 2005 => Scanning File C:\WINDOWS\system32\CRYPT32.dll
Thu Apr 07 23:58:54 2005 => Scanning File C:\WINDOWS\system32\MSASN1.dll
Thu Apr 07 23:58:54 2005 => Scanning File C:\WINDOWS\system32\NDdeApi.dll
Thu Apr 07 23:58:54 2005 => Scanning File C:\WINDOWS\system32\PROFMAP.dll
Thu Apr 07 23:58:54 2005 => Scanning File C:\WINDOWS\system32\NETAPI32.dll
Thu Apr 07 23:58:54 2005 => Scanning File C:\WINDOWS\system32\USERENV.dll
Thu Apr 07 23:58:54 2005 => Scanning File C:\WINDOWS\system32\PSAPI.DLL
Thu Apr 07 23:58:54 2005 => Scanning File C:\WINDOWS\system32\REGAPI.dll
Thu Apr 07 23:58:54 2005 => Scanning File C:\WINDOWS\system32\Secur32.dll
Thu Apr 07 23:58:54 2005 => Scanning File C:\WINDOWS\system32\SETUPAPI.dll
Thu Apr 07 23:58:55 2005 => Scanning File C:\WINDOWS\system32\WINSTA.dll
Thu Apr 07 23:58:55 2005 => Scanning File C:\WINDOWS\system32\WINTRUST.dll
Thu Apr 07 23:58:55 2005 => Scanning File C:\WINDOWS\system32\IMAGEHLP.dll
Thu Apr 07 23:58:55 2005 => Scanning File C:\WINDOWS\system32\WS2_32.dll
Thu Apr 07 23:58:55 2005 => Scanning File C:\WINDOWS\system32\WS2HELP.dll
Thu Apr 07 23:58:55 2005 => Scanning File C:\WINDOWS\system32\MSGINA.dll
Thu Apr 07 23:58:55 2005 => Scanning File C:\WINDOWS\system32\SHELL32.dll
Thu Apr 07 23:58:55 2005 => Scanning File C:\WINDOWS\system32\SHLWAPI.dll
Thu Apr 07 23:58:55 2005 => Scanning File C:\WINDOWS\system32\COMCTL32.dll
Thu Apr 07 23:58:56 2005 => Scanning File C:\WINDOWS\system32\ODBC32.dll
Thu Apr 07 23:58:56 2005 => Scanning File C:\WINDOWS\system32\comdlg32.dll
Thu Apr 07 23:58:56 2005 => Scanning File C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
Thu Apr 07 23:58:56 2005 => Scanning File C:\WINDOWS\system32\odbcint.dll
Thu Apr 07 23:58:56 2005 => Scanning File C:\WINDOWS\system32\SHSVCS.dll
Thu Apr 07 23:58:56 2005 => Scanning File C:\WINDOWS\system32\sfc.dll
Thu Apr 07 23:58:56 2005 => Scanning File C:\WINDOWS\system32\sfc_os.dll
Thu Apr 07 23:58:56 2005 => Scanning File C:\WINDOWS\system32\ole32.dll
Thu Apr 07 23:58:56 2005 => Scanning File C:\WINDOWS\system32\WINSCARD.DLL
Thu Apr 07 23:58:56 2005 => Scanning File C:\WINDOWS\system32\WTSAPI32.dll
Thu Apr 07 23:58:56 2005 => Scanning File C:\WINDOWS\system32\uxtheme.dll
Thu Apr 07 23:58:57 2005 => Scanning File C:\WINDOWS\system32\WINMM.dll
Thu Apr 07 23:58:57 2005 => Scanning File C:\WINDOWS\SYSTEM32\cscdll.dll
Thu Apr 07 23:58:57 2005 => Scanning File C:\WINDOWS\SYSTEM32\WlNotify.dll
Thu Apr 07 23:58:57 2005 => Scanning File C:\WINDOWS\system32\WINSPOOL.DRV
Thu Apr 07 23:58:57 2005 => Scanning File C:\WINDOWS\system32\MPR.dll
Thu Apr 07 23:58:57 2005 => Scanning File C:\WINDOWS\system32\rsaenh.dll
Thu Apr 07 23:58:57 2005 => Scanning File C:\WINDOWS\system32\SAMLIB.dll
Thu Apr 07 23:58:57 2005 => Scanning File C:\WINDOWS\system32\msv1_0.dll
Thu Apr 07 23:58:57 2005 => Scanning File C:\WINDOWS\system32\iphlpapi.dll
Thu Apr 07 23:58:57 2005 => Scanning File C:\WINDOWS\system32\wldap32.dll
Thu Apr 07 23:58:57 2005 => Scanning File C:\WINDOWS\system32\RASAPI32.dll
Thu Apr 07 23:58:58 2005 => Scanning File C:\WINDOWS\system32\rasman.dll
Thu Apr 07 23:58:58 2005 => Scanning File C:\WINDOWS\system32\TAPI32.dll
Thu Apr 07 23:58:58 2005 => Scanning File C:\WINDOWS\system32\rtutils.dll
Thu Apr 07 23:58:58 2005 => Scanning File C:\WINDOWS\system32\cscui.dll
Thu Apr 07 23:58:58 2005 => Scanning File C:\WINDOWS\system32\MPRAPI.dll
Thu Apr 07 23:58:58 2005 => Scanning File C:\WINDOWS\system32\ACTIVEDS.dll
Thu Apr 07 23:58:58 2005 => Scanning File C:\WINDOWS\system32\adsldpc.dll
Thu Apr 07 23:58:58 2005 => Scanning File C:\WINDOWS\system32\ATL.DLL
Thu Apr 07 23:58:58 2005 => Scanning File C:\WINDOWS\system32\OLEAUT32.dll
Thu Apr 07 23:58:58 2005 => Scanning File C:\WINDOWS\system32\xpsp2res.dll
Thu Apr 07 23:58:59 2005 => Scanning File C:\WINDOWS\system32\COMRes.dll
Thu Apr 07 23:58:59 2005 => Scanning File C:\WINDOWS\system32\NTMARTA.DLL
Thu Apr 07 23:58:59 2005 => Scanning File C:\WINDOWS\system32\CLBCATQ.DLL
Thu Apr 07 23:58:59 2005 => Scanning File C:\WINDOWS\system32\wdmaud.drv
Thu Apr 07 23:58:59 2005 => Scanning File C:\WINDOWS\system32\msacm32.drv
Thu Apr 07 23:58:59 2005 => Scanning File C:\WINDOWS\system32\MSACM32.dll
Thu Apr 07 23:58:59 2005 => Scanning File C:\WINDOWS\system32\midimap.dll
Thu Apr 07 23:58:59 2005 => Scanning File C:\WINDOWS\System32\wbem\wbemprox.dll
Thu Apr 07 23:58:59 2005 => Scanning File C:\WINDOWS\System32\wbem\wbemcomn.dll
Thu Apr 07 23:59:00 2005 => Scanning File C:\WINDOWS\System32\wbem\wbemsvc.dll
Thu Apr 07 23:59:00 2005 => Scanning File C:\WINDOWS\System32\wbem\fastprox.dll
Thu Apr 07 23:59:00 2005 => Scanning File C:\WINDOWS\system32\MSVCP60.dll
Thu Apr 07 23:59:00 2005 => Scanning File C:\WINDOWS\system32\NTDSAPI.dll
Thu Apr 07 23:59:00 2005 => Scanning File C:\WINDOWS\system32\DNSAPI.dll
Thu Apr 07 23:59:00 2005 => Scanning File C:\WINDOWS\system32\services.exe
Thu Apr 07 23:59:00 2005 => Scanning File C:\WINDOWS\system32\SCESRV.dll
Thu Apr 07 23:59:00 2005 => Scanning File C:\WINDOWS\system32\umpnpmgr.dll
Thu Apr 07 23:59:00 2005 => Scanning File C:\WINDOWS\system32\NCObjAPI.DLL
Thu Apr 07 23:59:00 2005 => Scanning File C:\WINDOWS\system32\ShimEng.dll
Thu Apr 07 23:59:00 2005 => Scanning File C:\WINDOWS\AppPatch\AcGenral.DLL
Thu Apr 07 23:59:01 2005 => Scanning File C:\WINDOWS\system32\eventlog.dll
Thu Apr 07 23:59:01 2005 => Scanning File C:\WINDOWS\system32\lsass.exe
Thu Apr 07 23:59:01 2005 => Scanning File C:\WINDOWS\system32\LSASRV.dll
Thu Apr 07 23:59:01 2005 => Scanning File C:\WINDOWS\system32\SAMSRV.dll
Thu Apr 07 23:59:01 2005 => Scanning File C:\WINDOWS\system32\cryptdll.dll
Thu Apr 07 23:59:01 2005 => Scanning File C:\WINDOWS\system32\msprivs.dll
Thu Apr 07 23:59:01 2005 => Scanning File C:\WINDOWS\system32\kerberos.dll
Thu Apr 07 23:59:01 2005 => Scanning File C:\WINDOWS\system32\netlogon.dll
Thu Apr 07 23:59:01 2005 => Scanning File C:\WINDOWS\system32\w32time.dll
Thu Apr 07 23:59:01 2005 => Scanning File C:\WINDOWS\system32\schannel.dll
Thu Apr 07 23:59:01 2005 => Scanning File C:\WINDOWS\system32\wdigest.dll
Thu Apr 07 23:59:01 2005 => Scanning File C:\WINDOWS\system32\scecli.dll
Thu Apr 07 23:59:02 2005 => Scanning File C:\WINDOWS\system32\ipsecsvc.dll
Thu Apr 07 23:59:02 2005 => Scanning File C:\WINDOWS\system32\oakley.DLL
Thu Apr 07 23:59:02 2005 => Scanning File C:\WINDOWS\system32\WINIPSEC.DLL
Thu Apr 07 23:59:02 2005 => Scanning File C:\WINDOWS\system32\mswsock.dll
Thu Apr 07 23:59:02 2005 => Scanning File C:\WINDOWS\system32\hnetcfg.dll
Thu Apr 07 23:59:02 2005 => Scanning File C:\WINDOWS\System32\wshtcpip.dll
Thu Apr 07 23:59:02 2005 => Scanning File C:\WINDOWS\system32\dssenh.dll
Thu Apr 07 23:59:02 2005 => Scanning File C:\WINDOWS\system32\pstorsvc.dll
Thu Apr 07 23:59:02 2005 => Scanning File C:\WINDOWS\system32\psbase.dll
Thu Apr 07 23:59:02 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Thu Apr 07 23:59:02 2005 => Scanning File c:\windows\system32\rpcss.dll
Thu Apr 07 23:59:02 2005 => Scanning File c:\windows\system32\termsrv.dll
Thu Apr 07 23:59:02 2005 => Scanning File c:\windows\system32\ICAAPI.dll
Thu Apr 07 23:59:02 2005 => Scanning File c:\windows\system32\mstlsapi.dll
Thu Apr 07 23:59:03 2005 => Scanning File C:\WINDOWS\System32\winrnr.dll
Thu Apr 07 23:59:03 2005 => Scanning File C:\WINDOWS\system32\rasadhlp.dll
Thu Apr 07 23:59:03 2005 => Scanning File c:\windows\system32\dhcpcsvc.dll
Thu Apr 07 23:59:03 2005 => Scanning File c:\windows\system32\wzcsvc.dll
Thu Apr 07 23:59:03 2005 => Scanning File c:\windows\system32\WMI.dll
Thu Apr 07 23:59:03 2005 => Scanning File c:\windows\system32\ESENT.dll
Thu Apr 07 23:59:03 2005 => Scanning File C:\WINDOWS\System32\rastls.dll
Thu Apr 07 23:59:03 2005 => Scanning File C:\WINDOWS\system32\CRYPTUI.dll
Thu Apr 07 23:59:03 2005 => Scanning File C:\WINDOWS\system32\WININET.dll
Thu Apr 07 23:59:03 2005 => Scanning File C:\WINDOWS\System32\raschap.dll
Thu Apr 07 23:59:03 2005 => Scanning File c:\windows\system32\schedsvc.dll
Thu Apr 07 23:59:03 2005 => Scanning File C:\WINDOWS\System32\MSIDLE.DLL
Thu Apr 07 23:59:03 2005 => Scanning File c:\windows\system32\audiosrv.dll
Thu Apr 07 23:59:03 2005 => Scanning File c:\windows\system32\wkssvc.dll
Thu Apr 07 23:59:04 2005 => Scanning File c:\windows\system32\cryptsvc.dll
Thu Apr 07 23:59:04 2005 => Scanning File c:\windows\system32\certcli.dll
Thu Apr 07 23:59:04 2005 => Scanning File c:\windows\system32\dmserver.dll
Thu Apr 07 23:59:04 2005 => Scanning File c:\windows\system32\srvsvc.dll
Thu Apr 07 23:59:04 2005 => Scanning File c:\windows\pchealth\helpctr\binaries\pchsvc.dll
Thu Apr 07 23:59:04 2005 => Scanning File c:\windows\system32\es.dll
Thu Apr 07 23:59:04 2005 => Scanning File c:\windows\system32\ersvc.dll
Thu Apr 07 23:59:04 2005 => Scanning File c:\windows\system32\netman.dll
Thu Apr 07 23:59:04 2005 => Scanning File c:\windows\system32\netshell.dll
Thu Apr 07 23:59:04 2005 => Scanning File c:\windows\system32\credui.dll
Thu Apr 07 23:59:04 2005 => Scanning File c:\windows\system32\WZCSAPI.DLL
Thu Apr 07 23:59:04 2005 => Scanning File c:\windows\system32\srsvc.dll
Thu Apr 07 23:59:05 2005 => Scanning File c:\windows\system32\POWRPROF.dll
Thu Apr 07 23:59:05 2005 => Scanning File c:\windows\system32\seclogon.dll
Thu Apr 07 23:59:05 2005 => Scanning File c:\windows\system32\trkwks.dll
Thu Apr 07 23:59:05 2005 => Scanning File c:\windows\system32\wbem\wmisvc.dll
Thu Apr 07 23:59:05 2005 => Scanning File C:\WINDOWS\system32\VSSAPI.DLL
Thu Apr 07 23:59:05 2005 => Scanning File c:\windows\system32\sens.dll
Thu Apr 07 23:59:05 2005 => Scanning File c:\windows\system32\wuauserv.dll
Thu Apr 07 23:59:05 2005 => Scanning File c:\windows\system32\wscsvc.dll
Thu Apr 07 23:59:05 2005 => Scanning File c:\windows\system32\msi.dll
Thu Apr 07 23:59:05 2005 => Scanning File C:\WINDOWS\system32\wuaueng.dll
Thu Apr 07 23:59:05 2005 => Scanning File C:\WINDOWS\System32\ADVPACK.dll
Thu Apr 07 23:59:05 2005 => Scanning File C:\WINDOWS\System32\SHFOLDER.dll
Thu Apr 07 23:59:05 2005 => Scanning File C:\WINDOWS\System32\WINHTTP.dll
Thu Apr 07 23:59:05 2005 => Scanning File C:\WINDOWS\System32\Cabinet.dll
Thu Apr 07 23:59:06 2005 => Scanning File C:\WINDOWS\System32\mspatcha.dll
Thu Apr 07 23:59:06 2005 => Scanning File c:\windows\system32\ipnathlp.dll
Thu Apr 07 23:59:06 2005 => Scanning File C:\WINDOWS\SYSTEM32\WBEM\wbemcore.dll
Thu Apr 07 23:59:06 2005 => Scanning File C:\WINDOWS\SYSTEM32\WBEM\esscli.dll
Thu Apr 07 23:59:06 2005 => Scanning File C:\WINDOWS\system32\comsvcs.dll
Thu Apr 07 23:59:06 2005 => Scanning File C:\WINDOWS\system32\MTXCLU.DLL
Thu Apr 07 23:59:06 2005 => Scanning File C:\WINDOWS\system32\WSOCK32.dll
Thu Apr 07 23:59:06 2005 => Scanning File C:\WINDOWS\system32\colbact.DLL
Thu Apr 07 23:59:06 2005 => Scanning File C:\WINDOWS\System32\CLUSAPI.DLL
Thu Apr 07 23:59:06 2005 => Scanning File C:\WINDOWS\System32\RESUTILS.DLL
Thu Apr 07 23:59:06 2005 => Scanning File C:\WINDOWS\System32\wbem\wmiutils.dll
Thu Apr 07 23:59:06 2005 => Scanning File C:\WINDOWS\System32\wbem\repdrvfs.dll
Thu Apr 07 23:59:06 2005 => Scanning File C:\WINDOWS\System32\wbem\wmiprvsd.dll
Thu Apr 07 23:59:07 2005 => Scanning File C:\WINDOWS\System32\wbem\wbemess.dll
Thu Apr 07 23:59:07 2005 => Scanning File C:\WINDOWS\System32\wbem\ncprov.dll
Thu Apr 07 23:59:07 2005 => Scanning File C:\WINDOWS\System32\netcfgx.dll
Thu Apr 07 23:59:07 2005 => Scanning File c:\windows\system32\tapisrv.dll
Thu Apr 07 23:59:07 2005 => Scanning File c:\windows\system32\rasmans.dll
Thu Apr 07 23:59:07 2005 => Scanning File C:\WINDOWS\System32\rastapi.dll
Thu Apr 07 23:59:07 2005 => Scanning File C:\WINDOWS\System32\unimdm.tsp
Thu Apr 07 23:59:07 2005 => Scanning File C:\WINDOWS\System32\uniplat.dll
Thu Apr 07 23:59:07 2005 => Scanning File C:\WINDOWS\System32\unimdmat.dll
Thu Apr 07 23:59:07 2005 => Scanning File C:\WINDOWS\system32\modemui.dll
Thu Apr 07 23:59:07 2005 => Scanning File C:\WINDOWS\System32\kmddsp.tsp
Thu Apr 07 23:59:07 2005 => Scanning File C:\WINDOWS\System32\ndptsp.tsp
Thu Apr 07 23:59:08 2005 => Scanning File C:\WINDOWS\System32\ipconf.tsp
Thu Apr 07 23:59:08 2005 => Scanning File C:\WINDOWS\System32\h323.tsp
Thu Apr 07 23:59:08 2005 => Scanning File C:\WINDOWS\System32\hidphone.tsp
Thu Apr 07 23:59:08 2005 => Scanning File C:\WINDOWS\System32\HID.DLL
Thu Apr 07 23:59:08 2005 => Scanning File C:\WINDOWS\System32\rasppp.dll
Thu Apr 07 23:59:08 2005 => Scanning File C:\WINDOWS\System32\ntlsapi.dll
Thu Apr 07 23:59:08 2005 => Scanning File c:\windows\system32\rasauto.dll
Thu Apr 07 23:59:08 2005 => Scanning File C:\WINDOWS\System32\icmp.dll
Thu Apr 07 23:59:08 2005 => Scanning File C:\WINDOWS\system32\upnphost.dll
Thu Apr 07 23:59:08 2005 => Scanning File C:\WINDOWS\system32\SSDPAPI.dll
Thu Apr 07 23:59:08 2005 => Scanning File C:\WINDOWS\System32\RASDLG.dll
Thu Apr 07 23:59:08 2005 => Scanning File C:\WINDOWS\System32\upnp.dll
Thu Apr 07 23:59:08 2005 => Scanning File c:\windows\system32\browser.dll
Thu Apr 07 23:59:08 2005 => Scanning File C:\WINDOWS\System32\wups.dll
Thu Apr 07 23:59:08 2005 => Scanning File C:\WINDOWS\system32\msxml3.dll
Thu Apr 07 23:59:09 2005 => Scanning File C:\WINDOWS\System32\cryptnet.dll
Thu Apr 07 23:59:09 2005 => Scanning File C:\WINDOWS\System32\SensApi.dll
Thu Apr 07 23:59:09 2005 => Scanning File C:\WINDOWS\System32\catsrvut.dll
Thu Apr 07 23:59:09 2005 => Scanning File C:\WINDOWS\System32\MfcSubs.dll
Thu Apr 07 23:59:09 2005 => Scanning File C:\WINDOWS\system32\urlmon.dll
Thu Apr 07 23:59:09 2005 => Scanning File C:\WINDOWS\System32\catsrv.dll
Thu Apr 07 23:59:09 2005 => Scanning File c:\windows\system32\dnsrslvr.dll
Thu Apr 07 23:59:09 2005 => Scanning File c:\windows\system32\lmhsvc.dll
Thu Apr 07 23:59:09 2005 => Scanning File c:\windows\system32\webclnt.dll
Thu Apr 07 23:59:09 2005 => Scanning File c:\windows\system32\regsvc.dll
Thu Apr 07 23:59:09 2005 => Scanning File c:\windows\system32\ssdpsrv.dll
Thu Apr 07 23:59:09 2005 => Scanning File C:\WINDOWS\System32\mlang.dll
Thu Apr 07 23:59:10 2005 => Scanning File C:\WINDOWS\System32\httpapi.dll
Thu Apr 07 23:59:10 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\ccSetMgr.exe
Thu Apr 07 23:59:10 2005 => Scanning File C:\WINDOWS\system32\MSVCP70.dll
Thu Apr 07 23:59:10 2005 => Scanning File C:\WINDOWS\system32\MSVCR70.dll
Thu Apr 07 23:59:10 2005 => Scanning File C:\WINDOWS\system32\IMM32.DLL
Thu Apr 07 23:59:10 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\ccVrTrst.dll
Thu Apr 07 23:59:10 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\ccSetEvt.dll
Thu Apr 07 23:59:10 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\SNDSrvc.exe
Thu Apr 07 23:59:10 2005 => Scanning File C:\WINDOWS\system32\SymNeti.DLL
Thu Apr 07 23:59:10 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\ccEvtMgr.exe
Thu Apr 07 23:59:10 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\CCLOGIN.DLL
Thu Apr 07 23:59:10 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\CCPXYEVT.DLL
Thu Apr 07 23:59:10 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\CCSETEVT.DLL
Thu Apr 07 23:59:10 2005 => Scanning File C:\PROGRA~1\SYMANT~1\SYMANT~1\LOGFWDER.DLL
Thu Apr 07 23:59:10 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\ccSet.dll
Thu Apr 07 23:59:11 2005 => Scanning File C:\PROGRA~1\SYMANT~1\SYMANT~1\NisEvt.dll
Thu Apr 07 23:59:11 2005 => Scanning File C:\PROGRA~1\SYMANT~1\SYMANT~2\Cliproxy.dll
Thu Apr 07 23:59:11 2005 => Scanning File C:\WINDOWS\system32\CTL3D32.dll
Thu Apr 07 23:59:11 2005 => Scanning File C:\PROGRA~1\SYMANT~1\SYMANT~2\NAVNTUTL.DLL
Thu Apr 07 23:59:11 2005 => Scanning File C:\PROGRA~1\SYMANT~1\SYMANT~1\SNLog.dll
Thu Apr 07 23:59:11 2005 => Scanning File C:\WINDOWS\system32\LEXBCES.EXE
Thu Apr 07 23:59:11 2005 => Scanning File C:\WINDOWS\system32\lexp2p32.dll
Thu Apr 07 23:59:11 2005 => Scanning File C:\WINDOWS\system32\lex2kusb.dll
Thu Apr 07 23:59:11 2005 => Scanning File C:\WINDOWS\system32\LEXPPS.EXE
Thu Apr 07 23:59:11 2005 => Scanning File C:\WINDOWS\system32\LEXBCE.DLL
Thu Apr 07 23:59:11 2005 => Scanning File C:\WINDOWS\system32\spoolsv.exe
Thu Apr 07 23:59:12 2005 => Scanning File C:\WINDOWS\system32\SPOOLSS.DLL
Thu Apr 07 23:59:12 2005 => Scanning File C:\WINDOWS\system32\localspl.dll
Thu Apr 07 23:59:12 2005 => Scanning File C:\WINDOWS\system32\cnbjmon.dll
Thu Apr 07 23:59:12 2005 => Scanning File C:\WINDOWS\system32\LEXLMPM.DLL
Thu Apr 07 23:59:12 2005 => Scanning File C:\WINDOWS\system32\pjlmon.dll
Thu Apr 07 23:59:12 2005 => Scanning File C:\WINDOWS\system32\tcpmon.dll
Thu Apr 07 23:59:12 2005 => Scanning File C:\WINDOWS\system32\usbmon.dll
Thu Apr 07 23:59:12 2005 => Scanning File C:\WINDOWS\System32\spool\PRTPROCS\W32X86\LXBAPP5C.dll
Thu Apr 07 23:59:12 2005 => Scanning File C:\WINDOWS\System32\spool\PRTPROCS\W32X86\WfxPrint2000.dll
Thu Apr 07 23:59:12 2005 => Scanning File C:\WINDOWS\system32\win32spl.dll
Thu Apr 07 23:59:12 2005 => Scanning File C:\WINDOWS\system32\NETRAP.dll
Thu Apr 07 23:59:12 2005 => Scanning File C:\WINDOWS\system32\inetpp.dll
Thu Apr 07 23:59:12 2005 => Scanning File C:\WINDOWS\system32\LXBApwr.dll
Thu Apr 07 23:59:12 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\ccProxy.exe
Thu Apr 07 23:59:12 2005 => Scanning File C:\WINDOWS\system32\SYMREDIR.dll
Thu Apr 07 23:59:12 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\DPHTML.dll
Thu Apr 07 23:59:12 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\SymIConv.dll
Thu Apr 07 23:59:13 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\DPJS.dll
Thu Apr 07 23:59:13 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\DPVBS.dll
Thu Apr 07 23:59:13 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\PFAdBlk.dll
Thu Apr 07 23:59:13 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\PFMisc.dll
Thu Apr 07 23:59:13 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\PFPriv.dll
Thu Apr 07 23:59:13 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\StrmFilt.dll
Thu Apr 07 23:59:13 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\PFSec.dll
Thu Apr 07 23:59:13 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\PxyHTTP.dll
Thu Apr 07 23:59:13 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\DPHTTP.dll
Thu Apr 07 23:59:13 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\PxyIM.dll
Thu Apr 07 23:59:13 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\PxyNNTP.dll
Thu Apr 07 23:59:13 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\ccProSub.dll
Thu Apr 07 23:59:13 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\ccPxyEvt.dll
Thu Apr 07 23:59:13 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\ccLogin.dll
Thu Apr 07 23:59:13 2005 => Scanning File C:\PROGRA~1\SYMANT~1\SYMANT~2\DefWatch.exe
Thu Apr 07 23:59:14 2005 => Scanning File c:\windows\system32\wiaservc.dll
Thu Apr 07 23:59:14 2005 => Scanning File c:\windows\system32\CFGMGR32.dll
Thu Apr 07 23:59:14 2005 => Scanning File c:\windows\system32\mscms.dll
Thu Apr 07 23:59:14 2005 => Scanning File C:\WINDOWS\system32\WIAFBDRV.DLL
Thu Apr 07 23:59:14 2005 => Scanning File C:\PROGRA~1\LEXMAR~1\lxbamcro.dll
Thu Apr 07 23:59:14 2005 => Scanning File C:\PROGRA~1\LEXMAR~1\ConvDIB.dll
Thu Apr 07 23:59:14 2005 => Scanning File C:\WINDOWS\System32\actxprxy.dll
Thu Apr 07 23:59:14 2005 => Scanning File C:\WINDOWS\System32\sti.dll
Thu Apr 07 23:59:14 2005 => Scanning File C:\PROGRA~1\SYMANT~1\SYMANT~2\Rtvscan.exe
Thu Apr 07 23:59:15 2005 => Scanning File C:\WINDOWS\system32\CBA.DLL
Thu Apr 07 23:59:15 2005 => Scanning File C:\WINDOWS\system32\MsgSys.dll
Thu Apr 07 23:59:15 2005 => Scanning File C:\WINDOWS\system32\NTS.dll
Thu Apr 07 23:59:15 2005 => Scanning File C:\WINDOWS\system32\PDS.DLL
Thu Apr 07 23:59:15 2005 => Scanning File C:\PROGRA~1\SYMANT~1\SYMANT~2\NAVLU.dll
Thu Apr 07 23:59:15 2005 => Scanning File C:\WINDOWS\system32\MFC42.DLL
Thu Apr 07 23:59:15 2005 => Scanning File C:\PROGRA~1\SYMANT~1\SYMANT~2\I2ldvp3.dll
Thu Apr 07 23:59:15 2005 => Scanning File C:\PROGRA~1\SYMANT~1\SYMANT~2\ecmldr32.DLL
Thu Apr 07 23:59:15 2005 => Scanning File C:\PROGRA~1\SYMANT~1\SYMANT~2\SAVRT32.DLL
Thu Apr 07 23:59:16 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20050331.019\ecmsvr32.dll
Thu Apr 07 23:59:16 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20050331.019\NAVEX32a.DLL
Thu Apr 07 23:59:16 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20050331.019\NAVENG32.DLL
Thu Apr 07 23:59:16 2005 => Scanning File C:\PROGRA~1\SYMANT~1\SYMANT~2\IMail.dll
Thu Apr 07 23:59:16 2005 => Scanning File C:\PROGRA~1\SYMANT~1\SYMANT~2\NotesExt.dll
Thu Apr 07 23:59:16 2005 => Scanning File C:\PROGRA~1\SYMANT~1\SYMANT~2\vpmsece2.dll
Thu Apr 07 23:59:16 2005 => Scanning File C:\PROGRA~1\SYMANT~1\SYMANT~2\DecSDK.dll
Thu Apr 07 23:59:16 2005 => Scanning File C:\PROGRA~1\SYMANT~1\SYMANT~2\Dec2.dll
Thu Apr 07 23:59:16 2005 => Scanning File C:\PROGRA~1\SYMANT~1\SYMANT~2\Dec2ID.dll
Thu Apr 07 23:59:16 2005 => Scanning File C:\PROGRA~1\SYMANT~1\SYMANT~2\Dec2ZIP.dll
Thu Apr 07 23:59:16 2005 => Scanning File C:\PROGRA~1\SYMANT~1\SYMANT~2\Dec2SS.dll
Thu Apr 07 23:59:16 2005 => Scanning File C:\PROGRA~1\SYMANT~1\SYMANT~2\Dec2GZIP.dll
Thu Apr 07 23:59:17 2005 => Scanning File C:\PROGRA~1\SYMANT~1\SYMANT~2\Dec2CAB.dll
Thu Apr 07 23:59:17 2005 => Scanning File C:\PROGRA~1\SYMANT~1\SYMANT~2\Dec2LHA.dll
Thu Apr 07 23:59:17 2005 => Scanning File C:\PROGRA~1\SYMANT~1\SYMANT~2\Dec2ARJ.dll
Thu Apr 07 23:59:17 2005 => Scanning File C:\PROGRA~1\SYMANT~1\SYMANT~2\Dec2TNEF.dll
Thu Apr 07 23:59:17 2005 => Scanning File C:\PROGRA~1\SYMANT~1\SYMANT~2\Dec2LZ.dll
Thu Apr 07 23:59:17 2005 => Scanning File C:\PROGRA~1\SYMANT~1\SYMANT~2\Dec2AMG.dll
Thu Apr 07 23:59:17 2005 => Scanning File C:\PROGRA~1\SYMANT~1\SYMANT~2\Dec2TAR.dll
Thu Apr 07 23:59:17 2005 => Scanning File C:\PROGRA~1\SYMANT~1\SYMANT~2\Dec2RTF.dll
Thu Apr 07 23:59:17 2005 => Scanning File C:\PROGRA~1\SYMANT~1\SYMANT~2\Dec2Text.dll
Thu Apr 07 23:59:17 2005 => Scanning File C:\PROGRA~1\SYMANT~1\SYMANT~1\SymSPort.exe
Thu Apr 07 23:59:17 2005 => Scanning File C:\WINDOWS\system32\wdfmgr.exe
Thu Apr 07 23:59:17 2005 => Scanning File C:\WINDOWS\System32\alg.exe
Thu Apr 07 23:59:17 2005 => Scanning File c:\windows\system32\w3ssl.dll
Thu Apr 07 23:59:18 2005 => Scanning File C:\WINDOWS\System32\strmfilt.dll
Thu Apr 07 23:59:18 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\ccApp.exe
Thu Apr 07 23:59:18 2005 => Scanning File C:\PROGRA~1\Symantec\LIVEUP~1\PRODUC~1.DLL
Thu Apr 07 23:59:18 2005 => Scanning File C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.DLL
Thu Apr 07 23:59:18 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\CCALERT.DLL
Thu Apr 07 23:59:18 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\CCEMLPXY.DLL
Thu Apr 07 23:59:18 2005 => Scanning File C:\PROGRA~1\SYMANT~1\SYMANT~1\ISLALERT.DLL
Thu Apr 07 23:59:18 2005 => Scanning File C:\PROGRA~1\SYMANT~1\SYMANT~1\NISRES.DLL
Thu Apr 07 23:59:18 2005 => Scanning File C:\PROGRA~1\SYMANT~1\SYMANT~1\NISPROD.DLL
Thu Apr 07 23:59:18 2005 => Scanning File C:\PROGRA~1\SYMANT~1\SYMANT~1\SYMFWAGT.DLL
Thu Apr 07 23:59:18 2005 => Scanning File C:\PROGRA~1\SYMANT~1\SYMANT~1\NISALERT.DLL
Thu Apr 07 23:59:18 2005 => Scanning File C:\PROGRA~1\SYMANT~1\SYMANT~1\ccFWRuls.dll
Thu Apr 07 23:59:18 2005 => Scanning File C:\PROGRA~1\SYMANT~1\SYMANT~1\TLevel.dll
Thu Apr 07 23:59:18 2005 => Scanning File C:\PROGRA~1\SYMANT~1\SYMANT~1\NISLCOM.dll
Thu Apr 07 23:59:19 2005 => Scanning File C:\PROGRA~1\SYMANT~1\SYMANT~2\SavEmail.dll
Thu Apr 07 23:59:19 2005 => Scanning File C:\PROGRA~1\SYMANT~1\SYMANT~1\NisEmail.dll
Thu Apr 07 23:59:19 2005 => Scanning File C:\WINDOWS\system32\Msimg32.dll
Thu Apr 07 23:59:19 2005 => Scanning File C:\PROGRA~1\SYMANT~1\SYMANT~2\VPTray.exe
Thu Apr 07 23:59:19 2005 => Scanning File C:\PROGRA~1\SYMANT~1\SYMANT~2\NAVNTUTL.DLL
Thu Apr 07 23:59:19 2005 => Scanning File C:\PROGRA~1\SYMANT~1\SYMANT~2\Cliscan.dll
Thu Apr 07 23:59:19 2005 => Scanning File C:\PROGRA~1\KMaestro\KMaestro.exe
Thu Apr 07 23:59:19 2005 => Scanning File C:\PROGRA~1\KMaestro\HidKeybd.dll
Thu Apr 07 23:59:19 2005 => Scanning File C:\WINDOWS\explorer.exe
Thu Apr 07 23:59:19 2005 => Scanning File C:\WINDOWS\system32\BROWSEUI.dll
Thu Apr 07 23:59:19 2005 => Scanning File C:\WINDOWS\system32\SHDOCVW.dll
Thu Apr 07 23:59:20 2005 => Scanning File C:\WINDOWS\System32\themeui.dll
Thu Apr 07 23:59:20 2005 => Scanning File C:\WINDOWS\system32\LINKINFO.dll
Thu Apr 07 23:59:20 2005 => Scanning File C:\WINDOWS\system32\ntshrui.dll
Thu Apr 07 23:59:20 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll
Thu Apr 07 23:59:20 2005 => Scanning File C:\WINDOWS\System32\stobject.dll
Thu Apr 07 23:59:20 2005 => Scanning File C:\WINDOWS\System32\BatMeter.dll
Thu Apr 07 23:59:20 2005 => Scanning File C:\WINDOWS\System32\drprov.dll
Thu Apr 07 23:59:20 2005 => Scanning File C:\WINDOWS\System32\ntlanman.dll
Thu Apr 07 23:59:20 2005 => Scanning File C:\WINDOWS\System32\NETUI0.dll
Thu Apr 07 23:59:20 2005 => Scanning File C:\WINDOWS\System32\NETUI1.dll
Thu Apr 07 23:59:20 2005 => Scanning File C:\WINDOWS\System32\davclnt.dll
Thu Apr 07 23:59:20 2005 => Scanning File C:\WINDOWS\system32\shdoclc.dll
Thu Apr 07 23:59:21 2005 => Scanning File C:\PROGRA~1\INTERN~1\iexplore.exe
Thu Apr 07 23:59:21 2005 => Scanning File C:\WINDOWS\system32\browselc.dll
Thu Apr 07 23:59:21 2005 => Scanning File C:\PROGRA~1\YAHOO!\COMPAN~1\INSTALLS\CPN\YCOMP5~1.DLL
Thu Apr 07 23:59:21 2005 => Scanning File C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\ActiveX\ACROIE~1.DLL
Thu Apr 07 23:59:21 2005 => Scanning File C:\WINDOWS\System32\mshtml.dll
Thu Apr 07 23:59:21 2005 => Scanning File C:\WINDOWS\System32\msls31.dll
Thu Apr 07 23:59:21 2005 => Scanning File C:\WINDOWS\System32\msimtf.dll
Thu Apr 07 23:59:22 2005 => Scanning File C:\WINDOWS\System32\MSCTF.dll
Thu Apr 07 23:59:22 2005 => Scanning File c:\windows\system32\jscript.dll
Thu Apr 07 23:59:22 2005 => Scanning File C:\WINDOWS\System32\iepeers.dll
Thu Apr 07 23:59:22 2005 => Scanning File C:\WINDOWS\System32\mshtmled.dll
Thu Apr 07 23:59:22 2005 => Scanning File C:\PROGRA~1\YAHOO!\COMPAN~1\INSTALLS\CPN\PUBMOD.DLL
Thu Apr 07 23:59:22 2005 => Scanning File C:\PROGRA~1\YAHOO!\COMPAN~1\INSTALLS\CPN\YPUBC.DLL
Thu Apr 07 23:59:22 2005 => Scanning File C:\WINDOWS\system32\ImgUtil.dll
Thu Apr 07 23:59:22 2005 => Scanning File C:\WINDOWS\system32\plugin.ocx
Thu Apr 07 23:59:22 2005 => Scanning File C:\WINDOWS\system32\corpol.dll
Thu Apr 07 23:59:22 2005 => Scanning File C:\WINDOWS\system32\SOFTPUB.DLL
Thu Apr 07 23:59:22 2005 => Scanning File C:\DOCUME~1\user\LOCALS~1\Temp\mwavscan.com
Thu Apr 07 23:59:23 2005 => Scanning File C:\DOCUME~1\user\LOCALS~1\Temp\msvlclnt.dll
Thu Apr 07 23:59:23 2005 => Scanning File C:\DOCUME~1\user\LOCALS~1\Temp\kavssdi.dll
Thu Apr 07 23:59:23 2005 => Scanning File C:\DOCUME~1\user\LOCALS~1\Temp\kavssd.dll
Thu Apr 07 23:59:23 2005 => Scanning File C:\DOCUME~1\user\LOCALS~1\Temp\kavssi.dll
Thu Apr 07 23:59:23 2005 => Scanning File C:\DOCUME~1\user\LOCALS~1\Temp\ipc.dll
Thu Apr 07 23:59:23 2005 => Scanning File C:\DOCUME~1\user\LOCALS~1\Temp\RICHED32.DLL
Thu Apr 07 23:59:23 2005 => Scanning File C:\DOCUME~1\user\LOCALS~1\Temp\PSAPI.DLL
Thu Apr 07 23:59:23 2005 => Scanning File C:\WINDOWS\system32\VDMDBG.DLL
Thu Apr 07 23:59:23 2005 => Scanning File C:\DOCUME~1\user\LOCALS~1\Temp\kavss.exe
Thu Apr 07 23:59:23 2005 => Scanning File C:\DOCUME~1\user\LOCALS~1\Temp\kavss.dll

Thu Apr 07 23:59:23 2005 => ***** Scanning Registry Files *****

Thu Apr 07 23:59:23 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
Thu Apr 07 23:59:23 2005 => Scanning File C:\WINDOWS\system32\SHELL32.dll
Thu Apr 07 23:59:23 2005 => Scanning File C:\WINDOWS\system32\SHELL32.dll
Thu Apr 07 23:59:23 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll
Thu Apr 07 23:59:23 2005 => Scanning File C:\WINDOWS\System32\stobject.dll

Thu Apr 07 23:59:23 2005 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad

Thu Apr 07 23:59:23 2005 => Scanning HKLM\SOFTWARE\Microsoft\Internet Explorer\Plugins\Extension

Thu Apr 07 23:59:23 2005 => Scanning HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar
Thu Apr 07 23:59:23 2005 => Scanning File C:\PROGRA~1\YAHOO!\COMPAN~1\INSTALLS\CPN\YCOMP5~1.DLL

Thu Apr 07 23:59:23 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects
Thu Apr 07 23:59:23 2005 => {02478D38-C3F9-4efb-9B51-7695ECA05670} = C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN\YCOMP5_5_7_0.DLL
Thu Apr 07 23:59:23 2005 => Scanning File C:\PROGRA~1\YAHOO!\COMPAN~1\INSTALLS\CPN\YCOMP5~1.DLL
Thu Apr 07 23:59:23 2005 => {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} = C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
Thu Apr 07 23:59:23 2005 => Scanning File C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\ActiveX\ACROIE~1.DLL

Thu Apr 07 23:59:23 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler
Thu Apr 07 23:59:23 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Thu Apr 07 23:59:24 2005 => Scanning File C:\WINDOWS\System32\browseui.dll

Thu Apr 07 23:59:24 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
Thu Apr 07 23:59:24 2005 => Scanning File C:\WINDOWS\SYSTEM32\mmsys.cpl
Thu Apr 07 23:59:24 2005 => Scanning File C:\WINDOWS\SYSTEM32\icmui.dll
Thu Apr 07 23:59:24 2005 => Scanning File C:\WINDOWS\SYSTEM32\rshx32.dll
Thu Apr 07 23:59:24 2005 => Scanning File C:\WINDOWS\SYSTEM32\docprop.dll
Thu Apr 07 23:59:24 2005 => Scanning File C:\WINDOWS\SYSTEM32\ntshrui.dll
Thu Apr 07 23:59:24 2005 => Scanning File C:\WINDOWS\System32\themeui.dll
Thu Apr 07 23:59:24 2005 => Scanning File C:\WINDOWS\SYSTEM32\deskadp.dll
Thu Apr 07 23:59:24 2005 => Scanning File C:\WINDOWS\SYSTEM32\deskmon.dll
Thu Apr 07 23:59:24 2005 => Scanning File C:\WINDOWS\SYSTEM32\dssec.dll
Thu Apr 07 23:59:24 2005 => Scanning File C:\WINDOWS\SYSTEM32\SlayerXP.dll
Thu Apr 07 23:59:24 2005 => Scanning File C:\WINDOWS\SYSTEM32\shscrap.dll
Thu Apr 07 23:59:24 2005 => Scanning File C:\WINDOWS\SYSTEM32\diskcopy.dll
Thu Apr 07 23:59:25 2005 => Scanning File C:\WINDOWS\SYSTEM32\ntlanui2.dll
Thu Apr 07 23:59:25 2005 => Scanning File C:\WINDOWS\System32\icmui.dll
Thu Apr 07 23:59:25 2005 => Scanning File C:\WINDOWS\system32\icmui.dll
Thu Apr 07 23:59:25 2005 => Scanning File C:\WINDOWS\SYSTEM32\printui.dll
Thu Apr 07 23:59:25 2005 => Scanning File C:\WINDOWS\SYSTEM32\dskquoui.dll
Thu Apr 07 23:59:25 2005 => Scanning File C:\WINDOWS\SYSTEM32\syncui.dll
Thu Apr 07 23:59:25 2005 => Scanning File C:\WINDOWS\System32\hticons.dll
Thu Apr 07 23:59:25 2005 => Scanning File C:\WINDOWS\SYSTEM32\fontext.dll
Thu Apr 07 23:59:25 2005 => Scanning File C:\WINDOWS\system32\icmui.dll
Thu Apr 07 23:59:25 2005 => Scanning File C:\WINDOWS\SYSTEM32\rshx32.dll
Thu Apr 07 23:59:25 2005 => Scanning File C:\WINDOWS\SYSTEM32\ntshrui.dll
Thu Apr 07 23:59:25 2005 => Scanning File C:\WINDOWS\SYSTEM32\deskperf.dll
Thu Apr 07 23:59:25 2005 => Scanning File C:\WINDOWS\system32\cryptext.dll
Thu Apr 07 23:59:26 2005 => Scanning File C:\WINDOWS\system32\cryptext.dll
Thu Apr 07 23:59:26 2005 => Scanning File C:\WINDOWS\system32\NETSHELL.dll
Thu Apr 07 23:59:26 2005 => Scanning File C:\WINDOWS\system32\NETSHELL.dll
Thu Apr 07 23:59:26 2005 => Scanning File C:\WINDOWS\SYSTEM32\wiashext.dll
Thu Apr 07 23:59:26 2005 => Scanning File C:\WINDOWS\SYSTEM32\wiashext.dll
Thu Apr 07 23:59:26 2005 => Scanning File C:\WINDOWS\SYSTEM32\wiashext.dll
Thu Apr 07 23:59:26 2005 => Scanning File C:\WINDOWS\SYSTEM32\wiashext.dll
Thu Apr 07 23:59:26 2005 => Scanning File C:\WINDOWS\SYSTEM32\wiashext.dll
Thu Apr 07 23:59:26 2005 => Scanning File C:\WINDOWS\System32\remotepg.dll
Thu Apr 07 23:59:26 2005 => Scanning File C:\WINDOWS\system32\wuaucpl.cpl
Thu Apr 07 23:59:26 2005 => Scanning File C:\WINDOWS\System32\wshext.dll
Thu Apr 07 23:59:26 2005 => Scanning File C:\PROGRA~1\COMMON~1\System\OLEDB~1\oledb32.dll
Thu Apr 07 23:59:26 2005 => Scanning File C:\WINDOWS\System32\mstask.dll
Thu Apr 07 23:59:26 2005 => Scanning File C:\WINDOWS\System32\mstask.dll
Thu Apr 07 23:59:26 2005 => Scanning File C:\WINDOWS\System32\mstask.dll
Thu Apr 07 23:59:26 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Thu Apr 07 23:59:26 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Thu Apr 07 23:59:26 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Thu Apr 07 23:59:26 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Thu Apr 07 23:59:26 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Thu Apr 07 23:59:26 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Thu Apr 07 23:59:26 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Thu Apr 07 23:59:26 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Thu Apr 07 23:59:26 2005 => Scanning File C:\WINDOWS\System32\shmedia.dll
Thu Apr 07 23:59:26 2005 => Scanning File C:\WINDOWS\System32\shmedia.dll
Thu Apr 07 23:59:26 2005 => Scanning File C:\WINDOWS\System32\shmedia.dll
Thu Apr 07 23:59:26 2005 => Scanning File C:\WINDOWS\System32\shmedia.dll
Thu Apr 07 23:59:26 2005 => Scanning File C:\WINDOWS\System32\shmedia.dll
Thu Apr 07 23:59:26 2005 => Scanning File C:\WINDOWS\System32\shmedia.dll
Thu Apr 07 23:59:26 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\SYSTEM32\shdocvw.dll
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\System32\sendmail.dll
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\System32\sendmail.dll
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\System32\occache.dll
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\System32\appwiz.cpl
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\System32\appwiz.cpl
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\System32\appwiz.cpl
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\System32\shimgvw.dll
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\System32\shimgvw.dll
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\System32\shimgvw.dll
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\System32\shimgvw.dll
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\System32\shimgvw.dll
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\System32\shimgvw.dll
Thu Apr 07 23:59:27 2005 => Scanning File C:\WINDOWS\System32\netplwiz.dll
Thu Apr 07 23:59:28 2005 => Scanning File C:\WINDOWS\System32\netplwiz.dll
Thu Apr 07 23:59:28 2005 => Scanning File C:\WINDOWS\System32\netplwiz.dll
Thu Apr 07 23:59:28 2005 => Scanning File C:\WINDOWS\System32\netplwiz.dll
Thu Apr 07 23:59:28 2005 => Scanning File C:\WINDOWS\System32\zipfldr.dll
Thu Apr 07 23:59:28 2005 => Scanning File C:\WINDOWS\System32\zipfldr.dll
Thu Apr 07 23:59:28 2005 => Scanning File C:\WINDOWS\System32\zipfldr.dll
Thu Apr 07 23:59:28 2005 => Scanning File C:\WINDOWS\System32\cdfview.dll
Thu Apr 07 23:59:28 2005 => Scanning File C:\WINDOWS\System32\cdfview.dll
Thu Apr 07 23:59:28 2005 => Scanning File C:\WINDOWS\System32\cdfview.dll
Thu Apr 07 23:59:28 2005 => Scanning File C:\WINDOWS\System32\cdfview.dll
Thu Apr 07 23:59:28 2005 => Scanning File C:\WINDOWS\System32\cdfview.dll
Thu Apr 07 23:59:28 2005 => Scanning File C:\WINDOWS\System32\msieftp.dll
Thu Apr 07 23:59:28 2005 => Scanning File C:\WINDOWS\System32\docprop2.dll
Thu Apr 07 23:59:28 2005 => Scanning File C:\WINDOWS\System32\docprop2.dll
Thu Apr 07 23:59:28 2005 => Scanning File C:\WINDOWS\System32\docprop2.dll
Thu Apr 07 23:59:28 2005 => Scanning File C:\WINDOWS\System32\docprop2.dll
Thu Apr 07 23:59:28 2005 => Scanning File C:\WINDOWS\System32\docprop2.dll
Thu Apr 07 23:59:28 2005 => Scanning File C:\WINDOWS\System32\docprop2.dll
Thu Apr 07 23:59:28 2005 => Scanning File C:\WINDOWS\System32\dsquery.dll
Thu Apr 07 23:59:28 2005 => Scanning File C:\WINDOWS\System32\dsquery.dll
Thu Apr 07 23:59:28 2005 => Scanning File C:\WINDOWS\System32\dsquery.dll
Thu Apr 07 23:59:28 2005 => Scanning File C:\WINDOWS\System32\dsquery.dll
Thu Apr 07 23:59:28 2005 => Scanning File C:\WINDOWS\System32\dsuiext.dll
Thu Apr 07 23:59:28 2005 => Scanning File C:\WINDOWS\System32\dsuiext.dll
Thu Apr 07 23:59:28 2005 => Scanning File C:\WINDOWS\System32\mydocs.dll
Thu Apr 07 23:59:28 2005 => Scanning File C:\WINDOWS\System32\mydocs.dll
Thu Apr 07 23:59:28 2005 => Scanning File C:\WINDOWS\System32\mydocs.dll
Thu Apr 07 23:59:28 2005 => Scanning File C:\WINDOWS\System32\cscui.dll
Thu Apr 07 23:59:28 2005 => Scanning File C:\WINDOWS\System32\cscui.dll
Thu Apr 07 23:59:28 2005 => Scanning File C:\WINDOWS\System32\cscui.dll
Thu Apr 07 23:59:28 2005 => Scanning File C:\WINDOWS\msagent\agentpsh.dll
Thu Apr 07 23:59:28 2005 => Scanning File C:\WINDOWS\System32\dfsshlex.dll
Thu Apr 07 23:59:29 2005 => Scanning File C:\WINDOWS\System32\photowiz.dll
Thu Apr 07 23:59:29 2005 => Scanning File C:\WINDOWS\System32\mmcshext.dll
Thu Apr 07 23:59:29 2005 => Scanning File C:\WINDOWS\SYSTEM32\cabview.dll
Thu Apr 07 23:59:29 2005 => Scanning File C:\PROGRA~1\OUTLOO~1\wabfind.dll
Thu Apr 07 23:59:29 2005 => Scanning File C:\WINDOWS\system32\wmpshell.dll
Thu Apr 07 23:59:29 2005 => Scanning File C:\WINDOWS\system32\wmpshell.dll
Thu Apr 07 23:59:29 2005 => Scanning File C:\WINDOWS\system32\wmpshell.dll
Thu Apr 07 23:59:29 2005 => Scanning File C:\WINDOWS\SYSTEM32\BROWSEUI.DLL
Thu Apr 07 23:59:29 2005 => Scanning File C:\WINDOWS\system32\SHELL32.dll
Thu Apr 07 23:59:29 2005 => Scanning File C:\WINDOWS\system32\SHELL32.dll
Thu Apr 07 23:59:29 2005 => Scanning File C:\WINDOWS\system32\SHELL32.dll
Thu Apr 07 23:59:29 2005 => Scanning File C:\WINDOWS\system32\SHELL32.dll
Thu Apr 07 23:59:29 2005 => Scanning File C:\WINDOWS\system32\SHELL32.dll
Thu Apr 07 23:59:29 2005 => Scanning File C:\WINDOWS\system32\SHELL32.dll
Thu Apr 07 23:59:29 2005 => Scanning File C:\WINDOWS\system32\SHELL32.dll
Thu Apr 07 23:59:29 2005 => Scanning File C:\WINDOWS\system32\SHELL32.dll
Thu Apr 07 23:59:29 2005 => Scanning File C:\WINDOWS\SYSTEM32\SHELL32.DLL
Thu Apr 07 23:59:29 2005 => Scanning File C:\WINDOWS\system32\SHELL32.dll
Thu Apr 07 23:59:29 2005 => Scanning File C:\WINDOWS\system32\SHELL32.dll
Thu Apr 07 23:59:29 2005 => Scanning File C:\WINDOWS\system32\SHELL32.dll
Thu Apr 07 23:59:29 2005 => Scanning File C:\WINDOWS\system32\SHELL32.dll
Thu Apr 07 23:59:29 2005 => Scanning File C:\WINDOWS\system32\SHELL32.dll
Thu Apr 07 23:59:29 2005 => Scanning File C:\WINDOWS\system32\SHELL32.dll
Thu Apr 07 23:59:29 2005 => Scanning File C:\WINDOWS\system32\SHELL32.dll
Thu Apr 07 23:59:29 2005 => Scanning File C:\WINDOWS\system32\SHELL32.dll
Thu Apr 07 23:59:29 2005 => Scanning File C:\WINDOWS\system32\SHELL32.dll
Thu Apr 07 23:59:29 2005 => Scanning File C:\WINDOWS\system32\SHELL32.dll
Thu Apr 07 23:59:29 2005 => Scanning File C:\WINDOWS\system32\SHELL32.dll
Thu Apr 07 23:59:29 2005 => Scanning File C:\WINDOWS\system32\SHELL32.dll
Thu Apr 07 23:59:29 2005 => Scanning File C:\WINDOWS\system32\SHELL32.dll
Thu Apr 07 23:59:29 2005 => Scanning File C:\WINDOWS\system32\SHELL32.dll
Thu Apr 07 23:59:29 2005 => Scanning File C:\WINDOWS\system32\SHELL32.dll
Thu Apr 07 23:59:29 2005 => Scanning File C:\WINDOWS\system32\SHELL32.dll
Thu Apr 07 23:59:29 2005 => Scanning File C:\WINDOWS\system32\SHELL32.dll
Thu Apr 07 23:59:29 2005 => Scanning File C:\WINDOWS\system32\SHELL32.dll
Thu Apr 07 23:59:29 2005 => Scanning File C:\WINDOWS\system32\SHELL32.dll
Thu Apr 07 23:59:29 2005 => Scanning File C:\WINDOWS\system32\SHELL32.dll
Thu Apr 07 23:59:29 2005 => Scanning File C:\WINDOWS\SYSTEM32\NVCPL.DLL
Thu Apr 07 23:59:32 2005 => Scanning File C:\WINDOWS\SYSTEM32\NVSHELL.DLL
Thu Apr 07 23:59:32 2005 => Scanning File C:\WINDOWS\SYSTEM32\NVSHELL.DLL
Thu Apr 07 23:59:32 2005 => Scanning File C:\WINDOWS\SYSTEM32\NVSHELL.DLL
Thu Apr 07 23:59:32 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Thu Apr 07 23:59:32 2005 => Scanning File C:\WINDOWS\System32\twext.dll
Thu Apr 07 23:59:33 2005 => Scanning File C:\WINDOWS\System32\twext.dll
Thu Apr 07 23:59:33 2005 => Scanning File C:\WINDOWS\System32\extmgr.dll
Thu Apr 07 23:59:33 2005 => Scanning File C:\PROGRA~1\WinRAR\rarext.dll
Thu Apr 07 23:59:33 2005 => Scanning File C:\WINDOWS\system32\Audiodev.dll
Thu Apr 07 23:59:33 2005 => Scanning File C:\WINDOWS\system32\Audiodev.dll
Thu Apr 07 23:59:33 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\SSC\vpshell2.dll

Thu Apr 07 23:59:33 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows

Thu Apr 07 23:59:33 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
Thu Apr 07 23:59:33 2005 => Scanning File C:\WINDOWS\Explorer.exe
Thu Apr 07 23:59:33 2005 => Scanning File C:\WINDOWS\system32\userinit.exe
Thu Apr 07 23:59:33 2005 => Scanning File C:\WINDOWS\SYSTEM32\gptext.dll
Thu Apr 07 23:59:33 2005 => Scanning File C:\WINDOWS\SYSTEM32\fdeploy.dll
Thu Apr 07 23:59:33 2005 => Scanning File C:\WINDOWS\SYSTEM32\dskquota.dll
Thu Apr 07 23:59:33 2005 => Scanning File C:\WINDOWS\SYSTEM32\gptext.dll
Thu Apr 07 23:59:33 2005 => Scanning File C:\WINDOWS\SYSTEM32\gptext.dll
Thu Apr 07 23:59:33 2005 => Scanning File C:\
  • 0

#52
Pantrwrstl
Posted 08 April 2005 - 02:22 AM

Pantrwrstl

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 172 posts
File System Found infected by "BetterInternet Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "BetterInternet Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "BetterInternet Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "BetterInternet Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "ameopt Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "VB and VBA Program Settings Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "dlmax Spyware/Adware" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\wupdsnff.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\donmmarv.exe infected by "Trojan-Clicker.Win32.Agent.cy" Virus. Action Taken: No Action Taken.
  • 0

#53
Pantrwrstl
Posted 08 April 2005 - 02:26 AM

Pantrwrstl

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 172 posts
oh s*** that scan may have never finished... i suck
  • 0

#54
Pantrwrstl
Posted 08 April 2005 - 02:52 AM

Pantrwrstl

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 172 posts
Rebooted in safe mode with networking, ran active scan...results:

Incident Status Location

Spyware:Spyware/ISTbar No disinfected Windows Registry
running mwav again right now will post results in morning
hijack this scan after activescan:

Logfile of HijackThis v1.99.1
Scan saved at 4:50:42 AM, on 4/8/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\DOCUME~1\user\LOCALS~1\Temp\mwavscan.com
C:\DOCUME~1\user\LOCALS~1\Temp\kavss.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\user\Desktop\hijackthis\HijackThis.exe

O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN\YCOMP5_5_7_0.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN\YCOMP5_5_7_0.DLL
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~2\VPTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [BtcMaestro] C:\Program Files\KMaestro\KMaestro.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Royal Vegas Poker - {FA4904B4-1FAF-4afd-886C-C19D2297BA62} - C:\Program Files\royalvegasMPP\MPPoker.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: Yahoo! Poker - http://download.game...nts/y/pt3_x.cab
O16 - DPF: Yahoo! Pool 2 - http://download.game...ts/y/pote_x.cab
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall-bet...all/xscan60.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.c...nst_current.cab
O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.micr...ActiveX/odc.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by102fd.bay10...es/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupd...b?1101264785109
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft.../as5/asinst.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1....loadManager.ocx
O17 - HKLM\System\CCS\Services\Tcpip\..\{E4940B58-3477-435E-9902-34E9FF328239}: NameServer = 209.47.15.118,64.157.143.38,
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec Client Security\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Symantec SecurePort (SymSecurePort) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe
  • 0

#55
Michelle
Posted 08 April 2005 - 10:08 AM

Michelle

    Malware Removal Goddess

  • Retired Staff
  • 8,928 posts
*double-click on Killbox.exe to start the program.
*In the killbox program, select the Delete on Reboot option.
*In the field labeled Full Path of File to Delete enter the items listed below (EXACTLY as it appears! I would just copy each file path and paste it in the field):

C:\WINDOWS\wupdsnff.exe
C:\WINDOWS\system32\donmmarv.exe

Press the button that looks like a red circle with a white X in it after each one. When it asks if you would like to delete on reboot, press the YES button, when it asks if you want to reboot now, press the NO button. Do this after each one until you have entered the LAST file path I have listed above. After that LAST file path has been entered press the YES button at both prompts so that your computer restarts.

If Mwav finds anymore infected items, we'll kill them this way as well.
  • 0

Advertisements

#56
Michelle
Posted 08 April 2005 - 10:40 AM

Michelle

    Malware Removal Goddess

  • Retired Staff
  • 8,928 posts
This virus is hiding out because your log is completely clean. Were you able to locate and delete this file a few days ago when we were cleaning your system? This way I know if it is coming back or if you weren't able to find it to delete it.

C:\WINDOWS\system32\donmmarv.exe

Michelle
  • 0

#57
Pantrwrstl
Posted 08 April 2005 - 12:00 PM

Pantrwrstl

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 172 posts
I was pretty sure i deleted that file... anyway heres a new log rom mwav
Virus log:
File System Found infected by "BetterInternet Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "ameopt Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "VB and VBA Program Settings Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "dlmax Spyware/Adware" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\wupdsnff.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\donmmarv.exe infected by "Trojan-Clicker.Win32.Agent.cy" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM32\donmmarv.exe infected by "Trojan-Clicker.Win32.Agent.cy" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\wupdsnff.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\Program Files\Yahoo!\YPSR\Quarantine\ppq20B.tmp infected by "Trojan-Downloader.Win32.IstBar.hs" Virus. Action Taken: No Action Taken.
File C:\Program Files\Yahoo!\YPSR\Quarantine\ppq23F.tmp infected by "Trojan-Downloader.Win32.Apropo.s" Virus. Action Taken: No Action Taken.
File C:\Program Files\Yahoo!\YPSR\Quarantine\ppq25.tmp infected by "Trojan-Downloader.Win32.Intexp.c" Virus. Action Taken: No Action Taken.
File C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0F440000.VBN infected by "Trojan-Downloader.Win32.Agent.ic" Virus. Action Taken: No Action Taken.
File C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0F440001.VBN infected by "Trojan-Downloader.Win32.Agent.ic" Virus. Action Taken: No Action Taken.
File C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0F440002.VBN infected by "not-a-virus:AdWare.ComedyPlanet.a" Virus. Action Taken: No Action Taken.
File C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0F440003.VBN infected by "not-a-virus:AdWare.ComedyPlanet.a" Virus. Action Taken: No Action Taken.
File C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0F440004.VBN infected by "not-a-virus:AdWare.ComedyPlanet.a" Virus. Action Taken: No Action Taken.
File C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0F440005.VBN infected by "not-a-virus:AdWare.ComedyPlanet.a" Virus. Action Taken: No Action Taken.
File C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0F440006.VBN infected by "Trojan.Win32.Agent.aw" Virus. Action Taken: No Action Taken.
File C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0F440007.VBN infected by "Trojan.Win32.Agent.aw" Virus. Action Taken: No Action Taken.
File C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0F440008.VBN infected by "Trojan.Win32.Agent.aw" Virus. Action Taken: No Action Taken.
File C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0F440009.VBN infected by "Trojan.Win32.Agent.aw" Virus. Action Taken: No Action Taken.
File C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0F44000A.VBN infected by "Trojan.Win32.Agent.aw" Virus. Action Taken: No Action Taken.
File C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0F44000B.VBN infected by "Trojan.Win32.Agent.aw" Virus. Action Taken: No Action Taken.
File C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0F44000C.VBN infected by "Trojan-Downloader.Win32.Agent.ic" Virus. Action Taken: No Action Taken.
File C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0F44000D.VBN infected by "Trojan-Downloader.Win32.Agent.ic" Virus. Action Taken: No Action Taken.
File C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0AE80000.VBN infected by "Trojan.Win32.Agent.aw" Virus. Action Taken: No Action Taken.
File C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0AE80001.VBN infected by "Trojan-Dropper.Win32.Agent.fu" Virus. Action Taken: No Action Taken.
File C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0AE80002.VBN infected by "Trojan.Win32.Agent.aw" Virus. Action Taken: No Action Taken.
File C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0AE80003.VBN infected by "Trojan.Win32.Agent.aw" Virus. Action Taken: No Action Taken.
File C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0AE80004.VBN infected by "Trojan.Win32.Agent.aw" Virus. Action Taken: No Action Taken.
File C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0AE80005.VBN infected by "Trojan.Win32.Agent.aw" Virus. Action Taken: No Action Taken.
File C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0AE80006.VBN infected by "Trojan.Win32.Agent.aw" Virus. Action Taken: No Action Taken.
File C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0AE80007.VBN infected by "Trojan.Win32.Agent.aw" Virus. Action Taken: No Action Taken.
File C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0AE80008.VBN infected by "Trojan-Dropper.Win32.Agent.fu" Virus. Action Taken: No Action Taken.
File C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0A380000.VBN infected by "Virus.Win32.Hidrag.a" Virus. Action Taken: No Action Taken.
File C:\Documents and Settings\user\Application Data\iace.exe infected by "not-a-virus:AdWare.PurityScan.ap" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP109\A0012606.exe infected by "not-a-virus:AdWare.BargainBuddy.n" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP109\A0012608.exe infected by "not-a-virus:AdWare.WebRebates.d" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP109\A0012610.dll infected by "not-a-virus:AdWare.ToolBar.VB.f" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP109\A0012632.exe infected by "not-a-virus:AdWare.WinAD.ab" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP109\A0012635.dll infected by "not-a-virus:AdWare.WinAD.ab" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP109\A0012641.dll infected by "not-a-virus:AdWare.Apropos.e" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP109\A0012642.exe infected by "not-a-virus:AdWare.Apropos.f" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP109\A0012643.dll infected by "not-a-virus:AdWare.Apropos.e" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP110\A0012649.exe infected by "not-a-virus:AdWare.Apropos.f" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP110\A0012661.exe infected by "not-a-virus:AdWare.BargainBuddy.q" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP110\A0012664.dll infected by "not-a-virus:AdWare.ToolBar.VB.f" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP110\A0012666.dll infected by "not-a-virus:AdWare.Sahat.l" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP110\A0012667.exe infected by "not-a-virus:AdWare.Sahat.o" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP110\A0012668.exe infected by "Trojan-Downloader.Win32.Agent.ji" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP110\A0012676.dll infected by "not-a-virus:AdWare.ToolBar.YourSiteBar.c" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP110\A0012737.exe infected by "not-a-virus:AdWare.ToolBar.ImiBar.d" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP110\A0012738.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP110\A0012740.dll infected by "not-a-virus:AdWare.Apropos.e" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP110\A0012741.exe infected by "not-a-virus:AdWare.Apropos.f" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP110\A0012749.EXE infected by "Trojan-Downloader.Win32.Agent.ji" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP111\A0012763.DLL infected by "not-a-virus:AdWare.BiSpy.t" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP111\A0012921.exe infected by "not-a-virus:AdWare.180Solutions" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP111\A0012923.DLL infected by "not-a-virus:AdWare.Sahat.l" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP111\A0012924.EXE infected by "not-a-virus:AdWare.Sahat.o" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP111\A0012925.EXE infected by "not-a-virus:AdWare.Sahat.o" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP111\A0012929.DLL infected by "not-a-virus:AdWare.Sahat.q" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP111\A0012934.exe infected by "not-a-virus:AdWare.BargainBuddy.n" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP111\A0012935.exe infected by "not-a-virus:AdWare.BargainBuddy.n" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP111\A0012936.EXE infected by "not-a-virus:AdWare.BargainBuddy.n" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP111\A0012937.exe infected by "not-a-virus:AdWare.BargainBuddy.q" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP111\A0012947.exe infected by "not-a-virus:AdWare.WebRebates.a" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP111\A0012952.exe infected by "Trojan-Downloader.Win32.Dyfuca.du" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP111\A0012959.VXD infected by "not-a-virus:AdWare.BargainBuddy.q" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP111\A0012960.exe infected by "not-a-virus:AdWare.WebRebates.a" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP111\A0012964.EXE infected by "not-a-virus:AdWare.MDH.a" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP111\A0012970.EXE infected by "not-a-virus:AdWare.ToolBar.VB.f" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP111\A0012981.DLL infected by "not-a-virus:AdWare.WinAD.z" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP111\A0012982.EXE infected by "not-a-virus:AdWare.WinAD.k" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP111\A0012983.EXE infected by "not-a-virus:AdWare.WinAD.z" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP111\A0013073.EXE infected by "not-a-virus:AdWare.Suggestor.g" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP111\A0013074.dll infected by "not-a-virus:AdWare.WebSpecial.a" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP111\A0013077.exe infected by "not-a-virus:AdWare.180Solutions" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP111\A0013078.srg infected by "not-a-virus:AdWare.BargainBuddy.q" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP111\A0013079.exe infected by "not-a-virus:AdWare.BargainBuddy.q" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP111\A0013080.exe infected by "not-a-virus:AdWare.BargainBuddy.q" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP111\A0013088.VXD infected by "not-a-virus:AdWare.BargainBuddy.q" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP111\A0013090.exe infected by "not-a-virus:AdWare.BargainBuddy.n" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP111\A0013091.exe infected by "not-a-virus:AdWare.BargainBuddy.n" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP111\A0013101.exe infected by "not-a-virus:AdWare.Sahat.o" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP111\A0013102.exe infected by "not-a-virus:AdWare.Sahat.o" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP111\A0013107.DLL infected by "not-a-virus:AdWare.Apropos.e" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP111\A0013109.DLL infected by "not-a-virus:AdWare.Apropos.f" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP111\A0013110.EXE infected by "not-a-virus:AdWare.Apropos.f" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP111\A0013144.exe infected by "Trojan-Downloader.Win32.Intexp.c" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP111\A0013146.DLL infected by "not-a-virus:AdWare.BiSpy.t" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP111\A0013148.DLL infected by "Trojan.Win32.Keenval.a" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP111\A0013152.EXE infected by "not-a-virus:AdWare.ToolBar.VB.f" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP111\A0013154.DLL infected by "Trojan.Win32.Keenval.a" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP111\A0013171.DLL infected by "not-a-virus:AdWare.WinAD.w" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP111\A0013172.EXE infected by "not-a-virus:AdWare.WinAD.ab" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP111\A0013173.DLL infected by "not-a-virus:AdWare.WinAD.ab" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP111\A0013185.DLL infected by "not-a-virus:AdWare.Apropos.f" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP111\A0013186.EXE infected by "not-a-virus:AdWare.Apropos.f" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP111\A0013438.DLL infected by "not-a-virus:AdWare.BiSpy.t" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP111\A0013456.dll infected by "not-a-virus:AdWare.BiSpy.t" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP111\A0013462.exe tagged as not-a-virus:RiskWare.PSWTool.OEPass.b. No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP112\A0014368.dll infected by "Trojan.Win32.Golid.f" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP112\A0014372.exe infected by "not-a-virus:AdWare.ToolBar.ImiBar.d" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP112\A0014385.exe infected by "not-a-virus:AdWare.MDH.a" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP113\A0014402.dll infected by "not-a-virus:AdWare.Apropos.f" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP113\A0015393.exe infected by "not-a-virus:AdWare.Apropos.f" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP113\A0015394.dll infected by "not-a-virus:AdWare.Apropos.e" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP113\A0015395.exe infected by "not-a-virus:AdWare.Apropos.f" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP113\A0015397.dll infected by "not-a-virus:AdWare.Apropos.e" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP125\A0016864.DLL infected by "Trojan.Win32.Golid.f" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP128\A0016933.exe infected by "not-a-virus:AdWare.WebSpecial.a" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP136\A0017160.exe infected by "Trojan-Downloader.Win32.Apropo.t" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP136\A0017161.exe infected by "Trojan-Downloader.Win32.Apropo.t" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP136\A0017162.exe infected by "Trojan-Downloader.Win32.Keenval.o" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP138\A0017555.exe infected by "Trojan-Downloader.Win32.Dyfuca.du" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP145\A0017657.rbf infected by "Trojan-Downloader.Win32.Dyfuca.du" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP145\A0017668.exe infected by "not-a-virus:AdWare.WinAD.af" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP145\A0017678.dll infected by "not-a-virus:AdWare.PurityScan.ak" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP145\A0017750.dll infected by "not-a-virus:AdWare.DlMax.a" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP145\A0017751.exe infected by "not-a-virus:AdWare.MDH.a" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP145\A0017753.dll infected by "Trojan.Win32.Keenval.a" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{C2BE38F1-178C-4122-BA0C-AD9F9CE2161A}\RP146\A0017868.dll infected by "not-a-virus:AdWare.PurityScan.ak" Virus. Action Taken: No Action Taken.
  • 0

#58
Pantrwrstl
Posted 08 April 2005 - 12:06 PM

Pantrwrstl

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 172 posts
The full log was too large to copy and paste and my computer kept crashing, so this is just the virus log
  • 0

#59
Michelle
Posted 08 April 2005 - 12:08 PM

Michelle

    Malware Removal Goddess

  • Retired Staff
  • 8,928 posts
First, I need you to disable System Restore:

On the Desktop, right-click "My Computer".
Click Properties.
Click the System Restore tab.
Check "Turn off System Restore".
Click Apply, and then click OK.

Then, I need you to open Norton. Go to view reports, then go into the quarantine folder and delete all of those viruses.

Also, I need you to download TrojanHunter (30 day free trial), run it.

Let me know the results of the scan.
  • 0

#60
Pantrwrstl
Posted 08 April 2005 - 12:48 PM

Pantrwrstl

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 172 posts
It cleaned to things in the registy keys, then said i didnt have any trojans, i accidently deleted the results and names of the files, but it says im clean now
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP