BitDefender Online Scanner
Scan report generated at: Sat, Oct 28, 2006 - 11:58:23
Scan path: A:\;C:\;D:\;E:\;
Statistics
Time
01:53:47
Files
524141
Folders
5752
Boot Sectors
3
Archives
6394
Packed Files
54036
Results
Identified Viruses
1
Infected Files
2
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
2
Engines Info
Virus Definitions
479252
Engine build
AVCORE v1.0 (build 2310) (i386) (Apr 17 2006 16:24:38)
Scan plugins
13
Archive plugins
38
Unpack plugins
6
E-mail plugins
6
System plugins
1
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
C:\Documents and Settings\Owner\Application Data\Thunderbird\Profiles\bcmbf8so.default\Mail\Local Folders\Junk=>(message 330)=>[Subject: the file]=>(MIME part)=>eBook.Uu
Infected with: Win32.Nyxem.E@mm
C:\Documents and Settings\Owner\Application Data\Thunderbird\Profiles\bcmbf8so.default\Mail\Local Folders\Junk=>(message 330)=>[Subject: the file]=>(MIME part)=>eBook.Uu
Disinfection failed
C:\Documents and Settings\Owner\Application Data\Thunderbird\Profiles\bcmbf8so.default\Mail\Local Folders\Junk=>(message 330)=>[Subject: the file]=>(MIME part)=>eBook.Uu
Deleted
C:\Documents and Settings\Owner\Application Data\Thunderbird\Profiles\bcmbf8so.default\Mail\Local Folders\Junk=>(message 330)=>[Subject: the file]=>(MIME part)
Updated
C:\Documents and Settings\Owner\Application Data\Thunderbird\Profiles\bcmbf8so.default\Mail\Local Folders\Junk=>(message 330)
Updated
C:\Documents and Settings\Owner\Application Data\Thunderbird\Profiles\bcmbf8so.default\Mail\Local Folders\Junk
Updated
C:\Documents and Settings\Owner\Application Data\Thunderbird\Profiles\bcmbf8so.default\Mail\localhost-3\Inbox=>(message 145)=>[Subject: the file]=>(MIME part)=>eBook.Uu
Infected with: Win32.Nyxem.E@mm
C:\Documents and Settings\Owner\Application Data\Thunderbird\Profiles\bcmbf8so.default\Mail\localhost-3\Inbox=>(message 145)=>[Subject: the file]=>(MIME part)=>eBook.Uu
Disinfection failed
C:\Documents and Settings\Owner\Application Data\Thunderbird\Profiles\bcmbf8so.default\Mail\localhost-3\Inbox=>(message 145)=>[Subject: the file]=>(MIME part)=>eBook.Uu
Deleted
C:\Documents and Settings\Owner\Application Data\Thunderbird\Profiles\bcmbf8so.default\Mail\localhost-3\Inbox=>(message 145)=>[Subject: the file]=>(MIME part)
Updated
C:\Documents and Settings\Owner\Application Data\Thunderbird\Profiles\bcmbf8so.default\Mail\localhost-3\Inbox=>(message 145)
Updated
C:\Documents and Settings\Owner\Application Data\Thunderbird\Profiles\bcmbf8so.default\Mail\localhost-3\Inbox
Updated
C:\WINDOWS\inf\WD_VIR~1.PNF
Clean
C:\WINDOWS\inf\wfp0.inf
Clean
C:\WINDOWS\inf\wfp0.PNF
Clean
C:\WINDOWS\inf\wfp1.inf
Clean
C:\WINDOWS\inf\wfp1.PNF
Clean
C:\WINDOWS\inf\wfp2.inf
Clean
C:\WINDOWS\inf\wfp2.PNF
Clean
C:\WINDOWS\inf\wfp3.inf
Clean
C:\WINDOWS\inf\wfp3.PNF
Clean
C:\WINDOWS\inf\wfp4.inf
Clean
C:\WINDOWS\inf\wfp4.PNF
Clean
C:\WINDOWS\inf\wfp5.inf
Clean
C:\WINDOWS\inf\wfp5.PNF
Clean
C:\WINDOWS\inf\wfp6.inf
Clean
C:\WINDOWS\inf\wfp6.PNF
Clean
C:\WINDOWS\inf\wfp7.inf
Clean
C:\WINDOWS\inf\wfp7.PNF
Clean
C:\WINDOWS\inf\wfp8.inf
Clean
C:\WINDOWS\inf\wfp8.PNF
Clean
C:\WINDOWS\inf\windowsdefender.adm
Clean
C:\WINDOWS\inf\windowsdefender.adm=>(unicode)
Clean
C:\WINDOWS\inf\windrvr6.PNF
Clean
C:\WINDOWS\inf\wm819639.inf
Clean
C:\WINDOWS\inf\wm819639.PNF
Clean
C:\WINDOWS\inf\wmaccess.inf
Clean
C:\WINDOWS\inf\wmaccess.PNF
Clean
C:\WINDOWS\inf\wmad.inf
Clean
C:\WINDOWS\inf\wmad.PNF
Clean
C:\WINDOWS\inf\wmdm.inf
Clean
C:\WINDOWS\inf\wmdm.PNF
Clean
C:\WINDOWS\inf\WMDM10.inf
Clean
C:\WINDOWS\inf\WMDM10.PNF
Clean
C:\WINDOWS\inf\wmexpack.inf
Clean
C:\WINDOWS\inf\wmexpack.PNF
Clean
C:\WINDOWS\inf\wmfsdk.inf
Clean
C:\WINDOWS\inf\WMFSDK.PNF
Clean
C:\WINDOWS\inf\WMFSDK10.inf
Clean
C:\WINDOWS\inf\WMFSDK10.PNF
Clean
C:\WINDOWS\inf\wmp.inf
Clean
C:\WINDOWS\inf\wmp.PNF
Clean
C:\WINDOWS\inf\WMP10.inf
Clean
C:\WINDOWS\inf\WMP10.PNF
Clean
C:\WINDOWS\inf\wmplayer.adm
Clean
C:\WINDOWS\inf\wmplayer.adm=>(unicode)
Clean
C:\WINDOWS\inf\wmpocm.inf
Clean
C:\WINDOWS\inf\wmpocm.PNF
Clean
C:\WINDOWS\inf\WMSET10.inf
Clean
C:\WINDOWS\inf\WMSET10.PNF
Clean
C:\WINDOWS\inf\wmsetsdk.inf
Clean
C:\WINDOWS\inf\wmsetsdk.PNF
Clean
C:\WINDOWS\inf\wmtour.inf
Clean
C:\WINDOWS\inf\wmtour.PNF
Clean
C:\WINDOWS\inf\wmv9vcm.inf
Clean
C:\WINDOWS\inf\wmv9vcm.PNF
Clean
C:\WINDOWS\inf\wordpad.inf
Clean
C:\WINDOWS\inf\wordpad.PNF
Clean
C:\WINDOWS\inf\wpd10.inf
Clean
C:\WINDOWS\inf\WPD10.PNF
Clean
C:\WINDOWS\inf\wpdmtp.inf
Clean
C:\WINDOWS\inf\wpdmtp.PNF
Clean
C:\WINDOWS\inf\wsh.inf
Clean
C:\WINDOWS\inf\wsh.PNF
Clean
C:\WINDOWS\inf\wstcodec.inf
Clean
C:\WINDOWS\inf\wstcodec.PNF
Clean
C:\WINDOWS\inf\wtv0.inf
Clean
C:\WINDOWS\inf\wtv0.PNF
Clean
C:\WINDOWS\inf\wtv1.inf
Clean
C:\WINDOWS\inf\wtv1.PNF
Clean
C:\WINDOWS\inf\wtv2.inf
Clean
C:\WINDOWS\inf\wtv2.PNF
Clean
C:\WINDOWS\inf\wtv3.inf
Clean
C:\WINDOWS\inf\wtv3.PNF
Clean
C:\WINDOWS\inf\wtv4.inf
Clean
C:\WINDOWS\inf\wtv4.PNF
Clean
C:\WINDOWS\inf\wtv5.inf
Clean
C:\WINDOWS\inf\wtv5.PNF
Clean
C:\WINDOWS\inf\wuau.adm
Clean
C:\WINDOWS\inf\wuau.adm=>(unicode)
Clean
C:\WINDOWS\inf\xact2_1_x86.inf
Clean
C:\WINDOWS\inf\xact2_1_x86.PNF
Clean
C:\WINDOWS\inf\xact2_2_x86.inf
Clean
C:\WINDOWS\inf\xact2_2_x86.PNF
Clean
C:\WINDOWS\inf\xact_x86.inf
Clean
C:\WINDOWS\inf\xact_x86.PNF
Clean
C:\WINDOWS\inf\xinput1_1_x86.inf
Clean
C:\WINDOWS\inf\xinput1_1_x86.PNF
Clean
C:\WINDOWS\inf\xinput9_1_0_x86.inf
Clean
C:\WINDOWS\inf\xinput9_1_0_x86.PNF
Clean
C:\WINDOWS\inf\xscan_xp.inf
Clean
C:\WINDOWS\inf\xscan_xp.PNF
Clean
C:\WINDOWS\Installer\$PatchCache$\Managed\D6461317C3DC4F04799BDCE9E42626FE\2.0.50727\FL_aspnet_filter_dll_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
Clean
C:\WINDOWS\Installer\$PatchCache$\Managed\D6461317C3DC4F04799BDCE9E42626FE\2.0.50727\FL_aspnet_wp_exe_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
Clean
C:\WINDOWS\Installer\$PatchCache$\Managed\D6461317C3DC4F04799BDCE9E42626FE\2.0.50727\FL_webengine_dll_135889_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
Clean
C:\WINDOWS\Installer\$PatchCache$\Managed\D6461317C3DC4F04799BDCE9E42626FE\2.0.50727\System.Web_dll_5_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
Clean
C:\WINDOWS\Installer\$PatchCache$\Managed\D6461317C3DC4F04799BDCE9E42626FE\CacheSize.txt
Clean
C:\WINDOWS\Installer\10225eb.msi
Clean
C:\WINDOWS\Installer\10225eb.msi=>(Embedded EXE)
Clean
C:\WINDOWS\Installer\10225eb.msi=>(Embedded EXE)
Clean
C:\WINDOWS\Installer\10225eb.msi=>(Embedded EXE)
Clean
C:\WINDOWS\Installer\10225eb.msi=>(Embedded EXE)
Clean
C:\WINDOWS\Installer\103bd5.msp
Clean
C:\WINDOWS\Installer\103bd5.msp=>(Embedded CAB)
Clean
C:\WINDOWS\Installer\103bd5.msp=>(Embedded CAB)=>cdoex.dll.D0DF3458_A845_11D3_8D0A_0050046416B9
Clean
C:\WINDOWS\Installer\103bd5.msp=>(Embedded CAB)=>F525_pkmws.dll.662E5E6B_7913_4DEE_84E0_F9A52DB890D1
Clean
C:\WINDOWS\Installer\103bd5.msp=>(Embedded CAB)=>fKeycate.3A69.D8F5FB96_64D2_4A23_A500_8BEBF2FF592F
Clean
C:\WINDOWS\Installer\103bd5.msp=>(Embedded CAB)=>fKeyclas.AAB6.D8F5FB96_64D2_4A23_A500_8BEBF2FF592F
Clean
C:\WINDOWS\Installer\103bd5.msp=>(Embedded CAB)=>fKeymana.E480.D8F5FB96_64D2_4A23_A500_8BEBF2FF592F
Clean
C:\WINDOWS\Installer\103bd5.msp=>(Embedded CAB)=>fKeypkmr.469E.76FACAA8_4C38_49B4_B59C_6698F3D0BB4F
Clean
C:\WINDOWS\Installer\103bd5.msp=>(Embedded CAB)=>fKeypkms.4ADF.76FACAA8_4C38_49B4_B59C_6698F3D0BB4F
Clean
C:\WINDOWS\Installer\103bd5.msp=>(Embedded CAB)=>fKeysche.392D.D8F5FB96_64D2_4A23_A500_8BEBF2FF592F
Clean
C:\WINDOWS\Installer\103bd5.msp=>(Embedded CAB)=>fKeysear.0AFE.D8F5FB96_64D2_4A23_A500_8BEBF2FF592F
Clean
C:\WINDOWS\Installer\103bd5.msp=>(Embedded CAB)=>fKeysmar.0440.D8F5FB96_64D2_4A23_A500_8BEBF2FF592F
Clean
C:\WINDOWS\Installer\103bd5.msp=>(Embedded CAB)=>fKeywork.3C85.D8F5FB96_64D2_4A23_A500_8BEBF2FF592F
Clean
C:\WINDOWS\Installer\103bd5.msp=>(Embedded CAB)=>F_athprxy.dll.78AD3BD4_846F_4B0D_9154_FC23623FA74B
Clean
C:\WINDOWS\Installer\103bd5.msp=>(Embedded CAB)=>F_mssadmin.dll.78AD3BD4_846F_4B0D_9154_FC23623FA74B
Clean
C:\WINDOWS\Installer\103bd5.msp=>(Embedded CAB)=>F_mssadmws.dll.78AD3BD4_846F_4B0D_9154_FC23623FA74B
Clean
C:\WINDOWS\Installer\103bd5.msp=>(Embedded CAB)=>F_msserror.dll.78AD3BD4_846F_4B0D_9154_FC23623FA74B
Clean
C:\WINDOWS\Installer\103bd5.msp=>(Embedded CAB)=>F_mssitlb.dll.78AD3BD4_846F_4B0D_9154_FC23623FA74B
Clean
C:\WINDOWS\Installer\103bd5.msp=>(Embedded CAB)=>F_srchadm.dll.78AD3BD4_846F_4B0D_9154_FC23623FA74B
Clean
C:\WINDOWS\Installer\103bd5.msp=>(Embedded CAB)=>msdaippd.955A.E8D71C4B_62C9_4D1B_A02F_C916CAE50331
Clean
C:\WINDOWS\Installer\103bd5.msp=>(Embedded CAB)=>msdapmld.3807.E8D71C4B_62C9_4D1B_A02F_C916CAE50331
Clean
C:\WINDOWS\Installer\103bd5.msp=>(Embedded CAB)=>MSONSEXT.DLL
Clean
C:\WINDOWS\Installer\103bd5.msp=>(Embedded CAB)=>mssrchad.7288.78AD3BD4_846F_4B0D_9154_FC23623FA74B
Clean
C:\WINDOWS\Installer\103bd5.msp=>(Embedded CAB)=>NSEXTINT.DLL
Clean
C:\WINDOWS\Installer\103bd5.msp=>(Embedded CAB)=>pkmaxctl.1156.D8F5FB96_64D2_4A23_A500_8BEBF2FF592F
Clean
C:\WINDOWS\Installer\103bd5.msp=>(Embedded CAB)=>pkmcdodl.910C.76FACAA8_4C38_49B4_B59C_6698F3D0BB4F
Clean
C:\WINDOWS\Installer\103bd5.msp=>(Embedded CAB)=>PkmCored.EEF1.76FACAA8_4C38_49B4_B59C_6698F3D0BB4F
Clean
C:\WINDOWS\Installer\103bd5.msp=>(Embedded CAB)=>Pkmormsd.5F4F.76FACAA8_4C38_49B4_B59C_6698F3D0BB4F
Clean
C:\WINDOWS\Installer\103bd5.msp=>(Embedded CAB)=>PkmTrace.D314.76FACAA8_4C38_49B4_B59C_6698F3D0BB4F
Clean
C:\WINDOWS\Installer\103bd5.msp=>(Embedded CAB)=>promotes.5E36.76FACAA8_4C38_49B4_B59C_6698F3D0BB4F
Clean
C:\WINDOWS\Installer\103bd5.msp=>(Embedded CAB)=>secmanag.CF96.76FACAA8_4C38_49B4_B59C_6698F3D0BB4F
Clean
C:\WINDOWS\Installer\103bd5.msp=>(Embedded CAB)=>SrchAdmS.4B01.78AD3BD4_846F_4B0D_9154_FC23623FA74B
Clean
C:\WINDOWS\Installer\103bd5.msp=>(Embedded CAB)=>vaiddman.1EB9.76FACAA8_4C38_49B4_B59C_6698F3D0BB4F
Clean
C:\WINDOWS\Installer\103bd5.msp=>(Embedded CAB)=>vaipkmme.7CC4.76FACAA8_4C38_49B4_B59C_6698F3D0BB4F
Clean
C:\WINDOWS\Installer\103bfa.msp
Clean
C:\WINDOWS\Installer\103bfa.msp=>(Embedded CAB)
Clean
C:\WINDOWS\Installer\103bfa.msp=>(Embedded CAB)=>htmeddll.CAB3.3643236F_FC70_11D3_A536_0090278A1BB8
Clean
C:\WINDOWS\Installer\103bfa.msp=>(Embedded CAB)=>mdmexeX8.67AC.3643236F_FC70_11D3_A536_0090278A1BB8
Clean
C:\WINDOWS\Installer\103bfa.msp=>(Embedded CAB)=>mdmuidll.3A63.3643236F_FC70_11D3_A536_0090278A1BB8
Clean
C:\WINDOWS\Installer\103bfa.msp=>(Embedded CAB)=>msdbg2dl.2BF3.3643236F_FC70_11D3_A536_0090278A1BB8
Clean
C:\WINDOWS\Installer\103bfa.msp=>(Embedded CAB)=>msenvdll.CAB3.3643236F_FC70_11D3_A536_0090278A1BB8
Clean
C:\WINDOWS\Installer\103bfa.msp=>(Embedded CAB)=>pdmdllX8.67AC.3643236F_FC70_11D3_A536_0090278A1BB8
Clean
C:\WINDOWS\Installer\103bfa.msp=>(Embedded CAB)=>cpdejite.B4BA.3643236F_FC70_11D3_A536_0090278A1BB8
Clean
C:\WINDOWS\Installer\103bfa.msp=>(Embedded CAB)=>vsbrowse.4F33.3643236F_FC70_11D3_A536_0090278A1BB8
Clean
C:\WINDOWS\Installer\103bfa.msp=>(Embedded CAB)=>vsdebugd.221A.3643236F_FC70_11D3_A536_0090278A1BB8
Clean
C:\WINDOWS\Installer\103c1d.msp
Clean
C:\WINDOWS\Installer\103c1d.msp=>(Embedded CAB)
Clean
C:\WINDOWS\Installer\103c1d.msp=>(Embedded CAB)=>CDO.DLL_0001
Clean
C:\WINDOWS\Installer\103c1d.msp=>(Embedded CAB)=>CDO.DLL_0004
Clean
C:\WINDOWS\Installer\103c1d.msp=>(Embedded CAB)=>CONTAB32.DLL
Clean
C:\WINDOWS\Installer\103c1d.msp=>(Embedded CAB)=>EMABLT32.DLL
Clean
C:\WINDOWS\Installer\103c1d.msp=>(Embedded CAB)=>EMSABP32.DLL_0005
Clean
C:\WINDOWS\Installer\103c1d.msp=>(Embedded CAB)=>EMSMDB32.DLL_0005
Clean
C:\WINDOWS\Installer\103c1d.msp=>(Embedded CAB)=>MSMAPI32.DLL_0001
Clean
C:\WINDOWS\Installer\103c1d.msp=>(Embedded CAB)=>OUTEX.DLL
Clean
C:\WINDOWS\Installer\103c1d.msp=>(Embedded CAB)=>OUTLLIBR.DLL
Clean
C:\WINDOWS\Installer\103c32.msp
Clean
C:\WINDOWS\Installer\103c32.msp=>(Embedded CAB)
Clean
C:\WINDOWS\Installer\103c32.msp=>(Embedded CAB)=>WINWORD.EXE
Clean
C:\WINDOWS\Installer\103c49.msp
Clean
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_p3.cab=>rcBuddy.cab=>rcstatus.htm=>(JAVASCRIPT 1)
Clean
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_p3.cab=>rcBuddy.cab=>rcstatus.htm=>(JAVASCRIPT 8)
Clean
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_p3.cab=>rcBuddy.cab=>rcscreen1.htm
Clean
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_p3.cab=>rcBuddy.cab=>rcscreen1.htm=>(JAVASCRIPT 1)
Clean
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_p3.cab=>rcBuddy.cab=>rcscreen1.htm=>(JAVASCRIPT 4)
Clean
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_p3.cab=>rcBuddy.cab=>rcscreen2.htm
Clean
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_p3.cab=>rcBuddy.cab=>rcscreen2.htm=>(JAVASCRIPT 1)
Clean
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_p3.cab=>rcBuddy.cab=>rcscreen2.htm=>(JAVASCRIPT 6)
Clean
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_p3.cab=>rcBuddy.cab=>rcscreen3.htm
Clean
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_p3.cab=>rcBuddy.cab=>rcConnection.htm
Clean
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_p3.cab=>rcBuddy.cab=>rcConnection.htm=>(JAVASCRIPT 1)
Clean
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_p3.cab=>rcBuddy.cab=>rcConnection.htm=>(JAVASCRIPT 3)
Clean
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_p3.cab=>rcBuddy.cab=>rcConnection.htm=>(JAVASCRIPT 5)
Clean
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_p3.cab=>rcBuddy.cab=>Remote_Assistance_Graphic.png
Clean
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_p3.cab=>rcBuddy.cab=>monitor_left.gif
Clean
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_p3.cab=>rcBuddy.cab=>monitor_right.gif
Clean
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_p3.cab=>rcBuddy.cab=>address_book.gif
Clean
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_p3.cab=>rcBuddy.cab=>attention.gif
Clean
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_p3.cab=>rcBuddy.cab=>arrow.gif
Clean
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_p3.cab=>rcBuddy.cab=>buddy.gif
Clean
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_p3.cab=>rcBuddy.cab=>buddy_attention.gif
Clean
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_p3.cab=>rcBuddy.cab=>logon_anim.gif
Clean
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_p3.cab=>rcBuddy.cab=>buddy_away.gif
Clean
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_p3.cab=>rcBuddy.cab=>buddy_busy.gif
Clean
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_p3.cab=>rcBuddy.cab=>buddy_none.gif
Clean
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_p3.cab=>rcBuddy.cab=>buddy_offline.gif
Clean
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_p3.cab=>rcBuddy.cab=>generic_mail.gif
Clean
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_p3.cab=>rcBuddy.cab=>info.gif
Clean
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_p3.cab=>rcBuddy.cab=>messenger_big.gif
Clean
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_p3.cab=>rcBuddy.cab=>square_bullet.gif
Clean
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_p3.cab=>rcBuddy.cab=>outlook.gif
Clean
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_p3.cab=>rcBuddy.cab=>outlook_express.gif
Clean
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_p3.cab=>rcBuddy.cab=>Envelope.gif
Clean
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_p3.cab=>rcBuddy.cab=>floppy.gif
Clean
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_p3.cab=>rcBuddy.cab=>IM_icon.gif
Clean
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_p3.cab=>rcBuddy.cab=>icon_extweb.gif
Clean
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_p3.cab=>rcBuddy.cab=>rcscreen4.htm
Clean
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_p3.cab=>rcBuddy.cab=>rcscreen4.htm=>(JAVASCRIPT 1)
Clean
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_p3.cab=>rcBuddy.cab=>rcscreen4.htm=>(JAVASCRIPT 4)
Clean
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_p3.cab=>rcBuddy.cab=>rcscreen5.htm
Clean
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_p3.cab=>rcBuddy.cab=>rcscreen5.htm=>(JAVASCRIPT 1)
Clean
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_p3.cab=>rcBuddy.cab=>rcscreen5.htm=>(JAVASCRIPT 7)
Clean
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_p3.cab=>rcBuddy.cab=>rcscreen6.htm
Clean
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_p3.cab=>rcBuddy.cab=>rcscreen6.htm=>(JAVASCRIPT 2)
Clean
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_p3.cab=>rcBuddy.cab=>rcscreen6.htm=>(JAVASCRIPT 3)
Clean
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_p3.cab=>rcBuddy.cab=>rcscreen6.htm=>(JAVASCRIPT 4)
Clean
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_p3.cab=>rcBuddy.cab=>rcscreen6.htm=>(JAVASCRIPT 5)
Clean
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_p3.cab=>rcBuddy.cab=>rcscreen6.htm=>(JAVASCRIPT 6)
Clean
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_p3.cab=>rcBuddy.cab=>rcscreen6.htm=>(VBSCRIPT 1)
Clean
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_p3.cab=>rcBuddy.cab=>rcscreen6.htm=>(JAVASCRIPT 7)
Clean
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_p3.cab=>rcBuddy.cab=>rcscreen6.htm=>(JAVASCRIPT 7)=>(JAVASCRIPT 1)
Clean
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_p3.cab=>rcBuddy.cab=>rcscreen6.htm=>(JAVASCRIPT 7)=>(JAVASCRIPT 4)
Clean
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_p3.cab=>rcBuddy.cab=>rcscreen6.htm=>(JAVASCRIPT 15)
Clean
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_p3.cab=>rcBuddy.cab=>rcscreen6.htm=>(JAVASCRIPT)
Clean
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_p3.cab=>rcBuddy.cab=>rcscreen6.htm=>(JAVASCRIPT)=>(JAVASCRIPT 1)
Clean
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_p3.cab=>rcBuddy.cab=>rcscreen6.htm=>(JAVASCRIPT)=>(JAVASCRIPT 4)
Clean
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_p3.cab=>rcBuddy.cab=>rcscreen6_head.htm
Clean
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_p3.cab=>rcBuddy.cab=>rcscreen6_head.htm=>(JAVASCRIPT 3)
Clean
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_p3.cab=>rcBuddy.cab=>rcInviteStatus.htm
Clean
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_p3.cab=>rcBuddy.cab=>rcInviteStatus.htm=>(JAVASCRIPT 1)
Clean
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_p3.cab=>rcBuddy.cab=>rcInviteStatus.htm=>(JAVASCRIPT 5)
Clean
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_p3.cab=>rcBuddy.cab=>rcscreen7.htm
Clean
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_p3.cab=>rcBuddy.cab=>rcscreen7.htm=>(JAVASCRIPT 1)
Clean
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_p3.cab=>rcBuddy.cab=>rcscreen7.htm=>(JAVASCRIPT 7)
Clean
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_p3.cab=>rcBuddy.cab=>rcscreen8.htm
Clean
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_p3.cab=>rcBuddy.cab=>rcscreen8.htm=>(JAVASCRIPT 1)
Clean
Logfile of HijackThis v1.99.1
Scan saved at 12:08:01 PM, on 10/28/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Kerio\Personal Firewall\persfw.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\Network\Wireless 802.11 USB Adapter\WlanMonitor.exe
C:\Program Files\MessengerDiscovery\MessengerDiscovery Live.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MessengerDiscovery\MessengerDiscovery Live.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\PROGRA~1\MOZILL~2\FIREFOX.EXE
C:\Documents and Settings\Owner\My Documents\Malware Removal Tools\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.yahoo.com.sg
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.yahoo.com.sg
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ntu.edu.sg
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: WLAN Monitor Utility.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Download All by FlashGet - C:\PROGRA~1\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\PROGRA~1\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
http://messenger.zon...kr.cab31267.cabO16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) -
http://messenger.zon...er.cab31267.cabO16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) -
http://download.bitd...can8/oscan8.cabO16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) -
http://www.can.com.sg/mwf/mgaxctrl.cabO16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.micros...b?1141222762406O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) -
http://messenger.zon...nt.cab31267.cabO16 - DPF: {92024A2B-5245-4B2F-80FF-0B35F115D339} (APEXImageViewer.APEXImgViewer) -
https://www2.hdb.gov...ImageViewer.CABO16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://acs.pandasoft...free/asinst.cabO16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} -
http://us.dl1.yimg.c...utocomplete.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{8BE05CC2-EEA0-4C45-A413-A5BA5E861B89}: NameServer = 165.21.83.88,165.21.100.88
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter: text/x-mrml - {C51721BE-858B-4A66-A8BF-D2882FF49820} - C:\Program Files\YAMAHA\MidRadio Player\midradio.ocx
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kerio Personal Firewall (PersFw) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall\persfw.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe