Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

backdoor trojan windows XP


  • Please log in to reply

#16
kristinsara

kristinsara

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
im having trouble posting my escan results
  • 0

Advertisements


#17
kristinsara

kristinsara

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
Mon Jul 07 22:01:23 2008 => **********************************************************
Mon Jul 07 22:01:23 2008 => eScan AntiVirus Toolkit Utility.
Mon Jul 07 22:01:23 2008 => Copyright © 2003-2004, MicroWorld Technologies Inc.
Mon Jul 07 22:01:23 2008 => **********************************************************
Mon Jul 07 22:01:23 2008 => Version 4.4.7
Mon Jul 07 22:01:23 2008 => Log File: C:\KASPER~1\mwav.log
Mon Jul 07 22:01:23 2008 => Latest Date of files inside MWAV: 13 May 2008 13:51:31.
Mon Jul 07 22:01:31 2008 => AV Library Loaded...
Mon Jul 07 22:01:31 2008 => Scanning File C:\KASPER~1\kavss.exe
Mon Jul 07 22:01:31 2008 => Scanning File C:\KASPER~1\Getvlist.exe
Mon Jul 07 22:01:32 2008 => Scanning File C:\KASPER~1\kavss.dll
Mon Jul 07 22:01:33 2008 => Scanning File C:\KASPER~1\kavssdi.dll
Mon Jul 07 22:01:33 2008 => Scanning File C:\KASPER~1\kavssi.dll
Mon Jul 07 22:01:33 2008 => Scanning File C:\KASPER~1\kavvlg.dll
Mon Jul 07 22:01:33 2008 => Scanning File C:\KASPER~1\msvlclnt.dll
Mon Jul 07 22:01:33 2008 => Scanning File C:\KASPER~1\ipc.dll
Mon Jul 07 22:01:34 2008 => Scanning File C:\KASPER~1\main.avi
Mon Jul 07 22:01:34 2008 => Scanning File C:\KASPER~1\virus.avi
Mon Jul 07 22:01:35 2008 => Virus Database Date: 2008/05/13
Mon Jul 07 22:01:35 2008 => Virus Database Count: 769683
Mon Jul 07 22:13:47 2008 => AV Library Unloaded (3)...
Mon Jul 07 22:19:31 2008 => **********************************************************
Mon Jul 07 22:19:31 2008 => eScan AntiVirus Toolkit Utility.
Mon Jul 07 22:19:31 2008 => Copyright © 2003-2004, MicroWorld Technologies Inc.
Mon Jul 07 22:19:31 2008 => **********************************************************
Mon Jul 07 22:19:31 2008 => Version 4.4.7
Mon Jul 07 22:19:31 2008 => Log File: C:\KASPER~1\mwav.log
Mon Jul 07 22:19:38 2008 => Latest Date of files inside MWAV: 08 Jul 2008 01:46:18.
Mon Jul 07 22:19:53 2008 => AV Library Loaded...
Mon Jul 07 22:19:54 2008 => Scanning File C:\KASPER~1\kavss.exe
Mon Jul 07 22:19:54 2008 => Scanning File C:\KASPER~1\Getvlist.exe
Mon Jul 07 22:19:54 2008 => Scanning File C:\KASPER~1\kavss.dll
Mon Jul 07 22:19:54 2008 => Scanning File C:\KASPER~1\kavssdi.dll
Mon Jul 07 22:19:54 2008 => Scanning File C:\KASPER~1\kavssi.dll
Mon Jul 07 22:19:54 2008 => Scanning File C:\KASPER~1\kavvlg.dll
Mon Jul 07 22:19:54 2008 => Scanning File C:\KASPER~1\msvlclnt.dll
Mon Jul 07 22:19:54 2008 => Scanning File C:\KASPER~1\ipc.dll
Mon Jul 07 22:19:54 2008 => Scanning File C:\KASPER~1\main.avi
Mon Jul 07 22:19:55 2008 => Scanning File C:\KASPER~1\virus.avi
Mon Jul 07 22:19:55 2008 => Virus Database Date: 2008/07/08
Mon Jul 07 22:19:55 2008 => Virus Database Count: 924412

Mon Jul 07 22:22:37 2008 => **********************************************************
Mon Jul 07 22:22:37 2008 => eScan AntiVirus Toolkit Utility.
Mon Jul 07 22:22:37 2008 => Copyright © 2003-2004, MicroWorld Technologies Inc.
Mon Jul 07 22:22:37 2008 =>
Mon Jul 07 22:22:37 2008 => Support: [email protected]
Mon Jul 07 22:22:37 2008 => Web: http://www.mwti.net
Mon Jul 07 22:22:37 2008 => **********************************************************
Mon Jul 07 22:22:37 2008 => Version 4.4.7
Mon Jul 07 22:22:37 2008 => Log File: C:\KASPER~1\mwav.log
Mon Jul 07 22:22:37 2008 => Latest Date of files inside MWAV: 08 Jul 2008 01:46:18.

Mon Jul 07 22:22:37 2008 => Options Selected by User:
Mon Jul 07 22:22:37 2008 => Memory Check: Enabled
Mon Jul 07 22:22:37 2008 => Registry Check: Enabled
Mon Jul 07 22:22:37 2008 => StartUp Folder Check: Enabled
Mon Jul 07 22:22:37 2008 => System Folder Check: Enabled
Mon Jul 07 22:22:37 2008 => System Area Check: Disabled
Mon Jul 07 22:22:37 2008 => Services Check: Enabled
Mon Jul 07 22:22:37 2008 => Drive Check: Disabled
Mon Jul 07 22:22:37 2008 => All Drive Check :Enabled
Mon Jul 07 22:22:37 2008 => Scanning Type: Scan And Clean
Mon Jul 07 22:22:37 2008 => Folder Check: Disabled

Mon Jul 07 22:22:37 2008 => ***** Scanning Memory Files *****
Mon Jul 07 22:22:37 2008 => Scanning File C:\WINDOWS\system32\services.exe
Mon Jul 07 22:22:37 2008 => Scanning File C:\WINDOWS\system32\lsass.exe
Mon Jul 07 22:22:38 2008 => Scanning File C:\WINDOWS\system32\svchost.exe
Mon Jul 07 22:22:38 2008 => Scanning File C:\WINDOWS\system32\svchost.exe
Mon Jul 07 22:22:38 2008 => Scanning File C:\WINDOWS\Explorer.EXE
Mon Jul 07 22:22:38 2008 => Scanning File C:\Kaspersky\mwavscan.com
Mon Jul 07 22:22:38 2008 => Scanning File C:\Kaspersky\kavss.exe

Mon Jul 07 22:22:38 2008 => ***** Scanning Registry Files *****

Mon Jul 07 22:22:38 2008 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
Mon Jul 07 22:22:38 2008 => *** File C:\WINDOWS\system32\SHELL32.dll having Size Restriction ***
Mon Jul 07 22:22:38 2008 => Scanning File C:\WINDOWS\system32\SHELL32.dll [**]
Mon Jul 07 22:22:38 2008 => *** File C:\WINDOWS\system32\SHELL32.dll having Size Restriction ***
Mon Jul 07 22:22:38 2008 => Scanning File C:\WINDOWS\system32\SHELL32.dll [**]
Mon Jul 07 22:22:38 2008 => Scanning File C:\WINDOWS\System32\webcheck.dll
Mon Jul 07 22:22:38 2008 => Scanning File C:\WINDOWS\System32\stobject.dll

Mon Jul 07 22:22:38 2008 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects
Mon Jul 07 22:22:38 2008 => {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} = C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
Mon Jul 07 22:22:38 2008 => Scanning File C:\PROGRA~1\Adobe\ACROBA~2.0\ActiveX\ACROIE~1.DLL
Mon Jul 07 22:22:38 2008 => {5CA3D70E-1895-11CF-8E15-001234567890} = C:\WINDOWS\system32\dla\tfswshx.dll
Mon Jul 07 22:22:38 2008 => Scanning File C:\WINDOWS\system32\dla\tfswshx.dll
Mon Jul 07 22:22:39 2008 => {63F7460B-C831-4142-A4AA-5EC303EC4343} = C:\Program Files\Bat\Bat.dll
Mon Jul 07 22:22:39 2008 => ERROR!!! Invalid Entry = C:\Program Files\Bat\Bat.dll. Removing it.
Mon Jul 07 22:22:39 2008 => {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} = C:\Program Files\Java\jre1.5.0_03\bin\ssv.dll
Mon Jul 07 22:22:39 2008 => ERROR!!! Invalid Entry = C:\Program Files\Java\jre1.5.0_03\bin\ssv.dll. Removing it.

Mon Jul 07 22:22:39 2008 => Scanning HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
Mon Jul 07 22:22:39 2008 => Scanning File C:\WINDOWS\Explorer.exe
Mon Jul 07 22:22:39 2008 => Scanning File C:\WINDOWS\system32\userinit.exe

Mon Jul 07 22:22:39 2008 => Scanning HKCU\Control Panel\Desktop
Mon Jul 07 22:22:39 2008 => Scanning File C:\WINDOWS\System32\logon.scr

Mon Jul 07 22:22:39 2008 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Mon Jul 07 22:22:39 2008 => Scanning File C:\PROGRA~1\Apoint2K\Apoint.exe
Mon Jul 07 22:22:39 2008 => Scanning File C:\WINDOWS\system32\dla\tfswctrl.exe
Mon Jul 07 22:22:39 2008 => Scanning File C:\PROGRA~1\EzButton\EzButton.EXE
Mon Jul 07 22:22:39 2008 => Scanning File C:\PROGRA~1\TOSHIBA\POWERM~1\CePMTray.exe
Mon Jul 07 22:22:40 2008 => Scanning File C:\PROGRA~1\TOSHIBA\TOUCHA~1\PadExe.exe
Mon Jul 07 22:22:40 2008 => Scanning File C:\PROGRA~1\TOSHIBA\TouchPad\TPTray.exe
Mon Jul 07 22:22:40 2008 => Scanning File C:\WINDOWS\System32\igfxtray.exe
Mon Jul 07 22:22:40 2008 => Scanning File C:\WINDOWS\System32\hkcmd.exe
Mon Jul 07 22:22:40 2008 => Scanning File C:\WINDOWS\system32\WDBtnMgr.exe
Mon Jul 07 22:22:40 2008 => Scanning File C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
Mon Jul 07 22:22:40 2008 => Scanning File C:\PROGRA~1\iTunes\ITUNES~1.EXE
Mon Jul 07 22:22:41 2008 => Scanning File C:\PROGRA~1\Java\JRE15~1.0_0\bin\jusched.exe
Mon Jul 07 22:22:41 2008 => Scanning File C:\WINDOWS\system32\NeroCheck.exe
Mon Jul 07 22:22:41 2008 => Scanning File C:\PROGRA~1\Ahead\ODDTOO~1\DVDTray.exe
Mon Jul 07 22:22:41 2008 => Scanning File C:\WINDOWS\CY_BG.EXE

Mon Jul 07 22:22:41 2008 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce

Mon Jul 07 22:22:41 2008 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx

Mon Jul 07 22:22:41 2008 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices

Mon Jul 07 22:22:41 2008 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Mon Jul 07 22:22:41 2008 => Scanning File C:\PROGRA~1\MESSEN~1\msmsgs.exe
Mon Jul 07 22:22:41 2008 => Scanning File C:\PROGRA~1\TOSHIBA\TOSCDSPD\toscdspd.exe
Mon Jul 07 22:22:42 2008 => Scanning File C:\PROGRA~1\AIM\aim.exe
Mon Jul 07 22:22:42 2008 => Scanning File C:\PROGRA~1\MICROS~3\wcescomm.exe
Mon Jul 07 22:22:42 2008 => ERROR!!! Invalid Entry pzpmktmz = C:\WINDOWS\system32\yfgvqjgr.exe. Removing it.

Mon Jul 07 22:22:42 2008 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce

Mon Jul 07 22:22:42 2008 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx

Mon Jul 07 22:22:42 2008 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices

Mon Jul 07 22:22:42 2008 => Scanning HKCR\txtfile\shell\open\command

Mon Jul 07 22:22:42 2008 => Scanning HKCR\comfile\shell\open\command

Mon Jul 07 22:22:42 2008 => Scanning HKCR\exefile\shell\open\command

Mon Jul 07 22:22:42 2008 => Scanning HKCR\dllfile\shell\open\command

Mon Jul 07 22:22:42 2008 => Scanning HKCR\batfile\shell\open\command

Mon Jul 07 22:22:42 2008 => Scanning HKCR\piffile\shell\open\command

Mon Jul 07 22:22:42 2008 => Scanning HKCR\scrfile\shell\open\command

Mon Jul 07 22:22:42 2008 => Scanning HKCR\scrfile\shell\config\command

Mon Jul 07 22:22:42 2008 => Scanning HKCR\regfile\shell\open\command

Mon Jul 07 22:22:42 2008 => ***** Scanning StartUp Folders *****

Mon Jul 07 22:22:42 2008 => ***** Scanning C:\Documents and Settings\ryan miller\Start Menu\Programs\Startup Folder *****
Mon Jul 07 22:22:42 2008 => Scanning Folder: C:\Documents and Settings\ryan miller\Start Menu\Programs\Startup\*.*
Mon Jul 07 22:22:42 2008 => Scanning File C:\Documents and Settings\ryan miller\Start Menu\Programs\Startup\Bat - Auto Update.lnk
Mon Jul 07 22:22:42 2008 => Scanning File C:\Documents and Settings\ryan miller\Start Menu\Programs\Startup\desktop.ini

Mon Jul 07 22:22:42 2008 => ***** Scanning C:\Documents and Settings\All Users\Start Menu\Programs\Startup Folder *****
Mon Jul 07 22:22:42 2008 => Scanning Folder: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\*.*
Mon Jul 07 22:22:42 2008 => Scanning File C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
Mon Jul 07 22:22:42 2008 => Scanning File C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini
Mon Jul 07 22:22:42 2008 => Scanning File C:\Documents and Settings\All Users\Start Menu\Programs\Startup\RAMASST.lnk

Mon Jul 07 22:22:43 2008 => ***** Scanning C:\Documents and Settings\Default User\Start menu\Programs\Startup Folder *****
Mon Jul 07 22:22:43 2008 => Scanning Folder: C:\DOCUME~1\DEFAUL~1\STARTM~1\Programs\Startup\*.*
Mon Jul 07 22:22:43 2008 => Scanning File C:\DOCUME~1\DEFAUL~1\STARTM~1\Programs\Startup\desktop.ini
  • 0

#18
kristinsara

kristinsara

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
Mon Jul 07 22:22:43 2008 => ***** Scanning Service Files *****
Mon Jul 07 22:22:43 2008 => Scanning HKLM\SYSTEM\CurrentControlSet\Services
Mon Jul 07 22:22:43 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\ACPI.sys
Mon Jul 07 22:22:43 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
Mon Jul 07 22:22:43 2008 => Scanning File C:\WINDOWS\system32\drivers\aec.sys
Mon Jul 07 22:22:43 2008 => Scanning File C:\WINDOWS\System32\drivers\afd.sys
Mon Jul 07 22:22:43 2008 => Scanning File C:\WINDOWS\system32\drivers\ALCXSENS.SYS
Mon Jul 07 22:22:43 2008 => Scanning File C:\WINDOWS\system32\drivers\ALCXWDM.SYS
Mon Jul 07 22:22:43 2008 => Scanning File C:\WINDOWS\System32\svchost.exe
Mon Jul 07 22:22:43 2008 => Scanning File C:\WINDOWS\System32\alg.exe
Mon Jul 07 22:22:43 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
Mon Jul 07 22:22:43 2008 => Scanning File C:\WINDOWS\system32\svchost.exe
Mon Jul 07 22:22:44 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\arp1394.sys
Mon Jul 07 22:22:44 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\asyncmac.sys
Mon Jul 07 22:22:44 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\atapi.sys
Mon Jul 07 22:22:44 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\atmarpc.sys
Mon Jul 07 22:22:44 2008 => Scanning File C:\WINDOWS\System32\svchost.exe
Mon Jul 07 22:22:44 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\audstub.sys
Mon Jul 07 22:22:44 2008 => Scanning File C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
Mon Jul 07 22:22:44 2008 => Scanning File C:\WINDOWS\System32\Drivers\avg7core.sys
Mon Jul 07 22:22:44 2008 => Scanning File C:\WINDOWS\System32\Drivers\avg7rsw.sys
Mon Jul 07 22:22:44 2008 => Scanning File C:\WINDOWS\System32\Drivers\avg7rsxp.sys
Mon Jul 07 22:22:44 2008 => Scanning File C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
Mon Jul 07 22:22:45 2008 => Scanning File C:\WINDOWS\system32\drivers\avgclean.sys
Mon Jul 07 22:22:45 2008 => Scanning File C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
Mon Jul 07 22:22:45 2008 => Scanning File C:\WINDOWS\System32\Drivers\avgtdi.sys
Mon Jul 07 22:22:45 2008 => Scanning File C:\WINDOWS\System32\svchost.exe
Mon Jul 07 22:22:45 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\bridge.sys
Mon Jul 07 22:22:45 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\bridge.sys
Mon Jul 07 22:22:45 2008 => Scanning File C:\WINDOWS\System32\svchost.exe
Mon Jul 07 22:22:45 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\cdrom.sys
Mon Jul 07 22:22:45 2008 => Scanning File C:\PROGRA~1\TOSHIBA\POWERM~1\CEEPWR~1.EXE
Mon Jul 07 22:22:45 2008 => Scanning File C:\WINDOWS\system32\cisvc.exe
Mon Jul 07 22:22:45 2008 => Scanning File C:\WINDOWS\system32\clipsrv.exe
Mon Jul 07 22:22:45 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\CmBatt.sys
Mon Jul 07 22:22:45 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\compbatt.sys
Mon Jul 07 22:22:45 2008 => Scanning File C:\WINDOWS\System32\dllhost.exe
Mon Jul 07 22:22:46 2008 => Scanning File C:\WINDOWS\system32\svchost.exe
Mon Jul 07 22:22:46 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\CY_X00.SYS
Mon Jul 07 22:22:46 2008 => Scanning File C:\WINDOWS\system32\svchost.exe
Mon Jul 07 22:22:46 2008 => Scanning File C:\WINDOWS\System32\svchost.exe
Mon Jul 07 22:22:46 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\disk.sys
Mon Jul 07 22:22:46 2008 => Scanning File C:\WINDOWS\system32\Drivers\DKbFltr.sys
Mon Jul 07 22:22:46 2008 => Scanning File C:\WINDOWS\System32\dmadmin.exe
Mon Jul 07 22:22:46 2008 => Scanning File C:\WINDOWS\system32\drivers\dmboot.sys
Mon Jul 07 22:22:46 2008 => Scanning File C:\WINDOWS\system32\drivers\dmio.sys
Mon Jul 07 22:22:47 2008 => Scanning File C:\WINDOWS\system32\drivers\dmload.sys
Mon Jul 07 22:22:47 2008 => Scanning File C:\WINDOWS\System32\svchost.exe
Mon Jul 07 22:22:47 2008 => Scanning File C:\WINDOWS\system32\drivers\DMusic.sys
Mon Jul 07 22:22:47 2008 => Scanning File C:\WINDOWS\System32\svchost.exe
Mon Jul 07 22:22:47 2008 => Scanning File C:\WINDOWS\system32\drivers\drmkaud.sys
Mon Jul 07 22:22:47 2008 => Scanning File C:\WINDOWS\system32\drivers\drvmcdb.sys
Mon Jul 07 22:22:47 2008 => Scanning File C:\WINDOWS\system32\drivers\drvnddm.sys
Mon Jul 07 22:22:47 2008 => Scanning File C:\WINDOWS\System32\DVDRAMSV.exe
Mon Jul 07 22:22:47 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\dvd43llh.sys
Mon Jul 07 22:22:47 2008 => Scanning File C:\WINDOWS\system32\Drivers\hkdrv.sys
Mon Jul 07 22:22:47 2008 => Scanning File C:\WINDOWS\System32\svchost.exe
Mon Jul 07 22:22:47 2008 => Scanning File C:\WINDOWS\system32\services.exe
Mon Jul 07 22:22:47 2008 => Scanning File C:\WINDOWS\System32\svchost.exe
Mon Jul 07 22:22:47 2008 => Scanning File C:\WINDOWS\System32\svchost.exe
Mon Jul 07 22:22:47 2008 => Scanning File C:\WINDOWS\system32\drivers\fltmgr.sys
Mon Jul 07 22:22:48 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\ftdisk.sys
Mon Jul 07 22:22:48 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
Mon Jul 07 22:22:48 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\msgpc.sys
Mon Jul 07 22:22:48 2008 => Scanning File C:\WINDOWS\System32\svchost.exe
Mon Jul 07 22:22:48 2008 => Scanning File C:\WINDOWS\System32\svchost.exe
Mon Jul 07 22:22:48 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\hidusb.sys
Mon Jul 07 22:22:48 2008 => Scanning File C:\WINDOWS\system32\Drivers\HTTP.sys
Mon Jul 07 22:22:48 2008 => Scanning File C:\WINDOWS\System32\svchost.exe
Mon Jul 07 22:22:48 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\i8042prt.sys
Mon Jul 07 22:22:48 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
Mon Jul 07 22:22:48 2008 => Scanning File C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriverT.exe
Mon Jul 07 22:22:48 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\imapi.sys
Mon Jul 07 22:22:49 2008 => Scanning File C:\WINDOWS\System32\imapi.exe
Mon Jul 07 22:22:49 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\intelide.sys
Mon Jul 07 22:22:49 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\intelppm.sys
Mon Jul 07 22:22:49 2008 => Scanning File C:\WINDOWS\system32\drivers\ip6fw.sys
Mon Jul 07 22:22:49 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
Mon Jul 07 22:22:49 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\ipinip.sys
Mon Jul 07 22:22:49 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\ipnat.sys
Mon Jul 07 22:22:49 2008 => Scanning File C:\PROGRA~1\iPod\bin\IPODSE~1.EXE
Mon Jul 07 22:22:49 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\ipsec.sys
Mon Jul 07 22:22:49 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\irenum.sys
Mon Jul 07 22:22:50 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\isapnp.sys
Mon Jul 07 22:22:50 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\kbdclass.sys
Mon Jul 07 22:22:50 2008 => Scanning File C:\WINDOWS\system32\drivers\kmixer.sys
Mon Jul 07 22:22:50 2008 => Scanning File C:\WINDOWS\System32\svchost.exe
Mon Jul 07 22:22:50 2008 => Scanning File C:\WINDOWS\System32\svchost.exe
Mon Jul 07 22:22:50 2008 => Scanning File C:\PROGRA~1\COMMON~1\LIGHTS~1\LSSrvc.exe
Mon Jul 07 22:22:50 2008 => Scanning File C:\WINDOWS\System32\svchost.exe
Mon Jul 07 22:22:50 2008 => Scanning File C:\WINDOWS\system32\Drivers\meiudf.sys
Mon Jul 07 22:22:50 2008 => Scanning File C:\WINDOWS\System32\svchost.exe
Mon Jul 07 22:22:50 2008 => Scanning File C:\WINDOWS\System32\mnmsrvc.exe
Mon Jul 07 22:22:50 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\mouclass.sys
Mon Jul 07 22:22:50 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\mrxdav.sys
Mon Jul 07 22:22:51 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
Mon Jul 07 22:22:51 2008 => Scanning File C:\WINDOWS\System32\msdtc.exe
Mon Jul 07 22:22:51 2008 => Scanning File C:\WINDOWS\system32\msiexec.exe
Mon Jul 07 22:22:51 2008 => Scanning File C:\WINDOWS\system32\drivers\MSKSSRV.sys
Mon Jul 07 22:22:51 2008 => Scanning File C:\WINDOWS\system32\drivers\MSPCLOCK.sys
Mon Jul 07 22:22:51 2008 => Scanning File C:\WINDOWS\system32\drivers\MSPQM.sys
Mon Jul 07 22:22:51 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\mssmbios.sys
Mon Jul 07 22:22:51 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\ndistapi.sys
Mon Jul 07 22:22:51 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\ndisuio.sys
Mon Jul 07 22:22:51 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\ndiswan.sys
Mon Jul 07 22:22:51 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\netbios.sys
Mon Jul 07 22:22:52 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\netbt.sys
Mon Jul 07 22:22:52 2008 => Scanning File C:\WINDOWS\system32\netdde.exe
Mon Jul 07 22:22:52 2008 => Scanning File C:\WINDOWS\system32\netdde.exe
Mon Jul 07 22:22:52 2008 => Scanning File C:\WINDOWS\System32\lsass.exe
Mon Jul 07 22:22:52 2008 => Scanning File C:\WINDOWS\System32\svchost.exe
Mon Jul 07 22:22:52 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\nic1394.sys
Mon Jul 07 22:22:52 2008 => Scanning File C:\WINDOWS\System32\svchost.exe
Mon Jul 07 22:22:52 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\NMnt.sys
Mon Jul 07 22:22:52 2008 => Scanning File C:\WINDOWS\System32\lsass.exe
Mon Jul 07 22:22:52 2008 => Scanning File C:\WINDOWS\system32\svchost.exe
Mon Jul 07 22:22:52 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
Mon Jul 07 22:22:52 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
Mon Jul 07 22:22:52 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\ohci1394.sys
Mon Jul 07 22:22:52 2008 => Scanning File C:\PROGRA~1\COMMON~1\MICROS~1\SOURCE~1\OSE.EXE
Mon Jul 07 22:22:53 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\pci.sys
Mon Jul 07 22:22:53 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\pcmcia.sys
Mon Jul 07 22:22:53 2008 => Scanning File C:\WINDOWS\system32\Drivers\pcouffin.sys
Mon Jul 07 22:22:53 2008 => Scanning File C:\WINDOWS\system32\services.exe
Mon Jul 07 22:22:53 2008 => Scanning File C:\WINDOWS\System32\lsass.exe
Mon Jul 07 22:22:53 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\raspptp.sys
Mon Jul 07 22:22:53 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\processr.sys
Mon Jul 07 22:22:53 2008 => Scanning File C:\WINDOWS\system32\lsass.exe
Mon Jul 07 22:22:53 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\psched.sys
Mon Jul 07 22:22:53 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\ptilink.sys
Mon Jul 07 22:22:53 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\rasacd.sys
Mon Jul 07 22:22:53 2008 => Scanning File C:\WINDOWS\System32\svchost.exe
Mon Jul 07 22:22:53 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
Mon Jul 07 22:22:53 2008 => Scanning File C:\WINDOWS\System32\svchost.exe
Mon Jul 07 22:22:53 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\raspppoe.sys
Mon Jul 07 22:22:54 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\raspti.sys
Mon Jul 07 22:22:54 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\rdbss.sys
Mon Jul 07 22:22:54 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
Mon Jul 07 22:22:54 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\rdpdr.sys
Mon Jul 07 22:22:54 2008 => Scanning File C:\WINDOWS\system32\sessmgr.exe
Mon Jul 07 22:22:54 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\redbook.sys
Mon Jul 07 22:22:54 2008 => Scanning File C:\WINDOWS\System32\svchost.exe
Mon Jul 07 22:22:54 2008 => Scanning File C:\WINDOWS\system32\svchost.exe
Mon Jul 07 22:22:54 2008 => Scanning File C:\PROGRA~1\Dantz\RETROS~1\retrorun.exe
Mon Jul 07 22:22:54 2008 => Scanning File C:\PROGRA~1\Dantz\RETROS~1\rthlpsvc.exe
Mon Jul 07 22:22:54 2008 => Scanning File C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe
Mon Jul 07 22:22:54 2008 => Scanning File C:\WINDOWS\System32\locator.exe
Mon Jul 07 22:22:54 2008 => Scanning File C:\WINDOWS\system32\svchost.exe
Mon Jul 07 22:22:55 2008 => Scanning File C:\WINDOWS\System32\rsvp.exe
Mon Jul 07 22:22:55 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\Rtlnic51.sys
Mon Jul 07 22:22:55 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
Mon Jul 07 22:22:55 2008 => Scanning File C:\WINDOWS\system32\lsass.exe
Mon Jul 07 22:22:55 2008 => Scanning File C:\WINDOWS\System32\SCardSvr.exe
Mon Jul 07 22:22:55 2008 => Scanning File C:\WINDOWS\System32\svchost.exe
Mon Jul 07 22:22:55 2008 => Scanning File C:\WINDOWS\system32\drivers\scsiport.sys
Mon Jul 07 22:22:55 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\secdrv.sys
Mon Jul 07 22:22:55 2008 => Scanning File C:\WINDOWS\System32\svchost.exe
Mon Jul 07 22:22:55 2008 => Scanning File C:\WINDOWS\system32\svchost.exe
Mon Jul 07 22:22:55 2008 => Scanning File C:\WINDOWS\System32\svchost.exe
Mon Jul 07 22:22:55 2008 => Scanning File C:\WINDOWS\System32\svchost.exe
Mon Jul 07 22:22:55 2008 => Scanning File C:\WINDOWS\system32\drivers\splitter.sys
Mon Jul 07 22:22:56 2008 => Scanning File C:\WINDOWS\system32\spoolsv.exe
Mon Jul 07 22:22:56 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\sr.sys
Mon Jul 07 22:22:56 2008 => Scanning File C:\WINDOWS\System32\svchost.exe
Mon Jul 07 22:22:56 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\srv.sys
Mon Jul 07 22:22:56 2008 => Scanning File C:\WINDOWS\system32\Drivers\ECioctl.sys
Mon Jul 07 22:22:56 2008 => Scanning File C:\WINDOWS\system32\Drivers\EPIoMngr.sys
Mon Jul 07 22:22:56 2008 => Scanning File C:\WINDOWS\system32\Drivers\TPIoMngr.sys
Mon Jul 07 22:22:56 2008 => Scanning File C:\WINDOWS\system32\drivers\sscdbhk5.sys
Mon Jul 07 22:22:56 2008 => Scanning File C:\WINDOWS\System32\svchost.exe
Mon Jul 07 22:22:56 2008 => Scanning File C:\WINDOWS\system32\drivers\ssrtln.sys
Mon Jul 07 22:22:56 2008 => Scanning File C:\WINDOWS\System32\svchost.exe
Mon Jul 07 22:22:56 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\swenum.sys
Mon Jul 07 22:22:56 2008 => Scanning File C:\WINDOWS\system32\drivers\swmidi.sys
Mon Jul 07 22:22:57 2008 => Scanning File C:\WINDOWS\System32\dllhost.exe
Mon Jul 07 22:22:57 2008 => Scanning File C:\WINDOWS\system32\drivers\sysaudio.sys
Mon Jul 07 22:22:57 2008 => Scanning File C:\WINDOWS\system32\smlogsvc.exe
Mon Jul 07 22:22:57 2008 => Scanning File C:\WINDOWS\System32\svchost.exe
Mon Jul 07 22:22:57 2008 => ERROR!!! Invalid Entry system32\drivers\tbhsd.sys in SYSTEM\CurrentControlSet\Services\tbhsd...
Mon Jul 07 22:22:57 2008 => Scanning File C:\WINDOWS\SYSTEM32\DRIVERS\TBIOSDRV.SYS
Mon Jul 07 22:22:57 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\tcpip.sys
Mon Jul 07 22:22:57 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\termdd.sys
Mon Jul 07 22:22:57 2008 => Scanning File C:\WINDOWS\System32\svchost.exe
Mon Jul 07 22:22:57 2008 => Scanning File C:\WINDOWS\system32\dla\tfsnboio.sys
Mon Jul 07 22:22:57 2008 => Scanning File C:\WINDOWS\system32\dla\tfsncofs.sys
Mon Jul 07 22:22:57 2008 => Scanning File C:\WINDOWS\system32\dla\tfsndrct.sys
Mon Jul 07 22:22:57 2008 => Scanning File C:\WINDOWS\system32\dla\tfsndres.sys
Mon Jul 07 22:22:57 2008 => Scanning File C:\WINDOWS\system32\dla\tfsnifs.sys
Mon Jul 07 22:22:58 2008 => Scanning File C:\WINDOWS\system32\dla\tfsnopio.sys
Mon Jul 07 22:22:58 2008 => Scanning File C:\WINDOWS\system32\dla\tfsnpool.sys
Mon Jul 07 22:22:58 2008 => Scanning File C:\WINDOWS\system32\dla\tfsnudf.sys
Mon Jul 07 22:22:58 2008 => Scanning File C:\WINDOWS\system32\dla\tfsnudfa.sys
Mon Jul 07 22:22:58 2008 => Scanning File C:\WINDOWS\System32\svchost.exe
Mon Jul 07 22:22:58 2008 => Scanning File C:\WINDOWS\System32\tlntsvr.exe
Mon Jul 07 22:22:58 2008 => Scanning File C:\WINDOWS\system32\svchost.exe
Mon Jul 07 22:22:58 2008 => Scanning File C:\WINDOWS\System32\wdfmgr.exe
Mon Jul 07 22:22:58 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\update.sys
Mon Jul 07 22:22:58 2008 => Scanning File C:\WINDOWS\System32\svchost.exe
Mon Jul 07 22:22:58 2008 => Scanning File C:\WINDOWS\System32\ups.exe
Mon Jul 07 22:22:58 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\usbccgp.sys
Mon Jul 07 22:22:58 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\usbehci.sys
Mon Jul 07 22:22:58 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\usbhub.sys
Mon Jul 07 22:22:59 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
Mon Jul 07 22:22:59 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\usbuhci.sys
Mon Jul 07 22:22:59 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\usb8023x.sys
Mon Jul 07 22:22:59 2008 => Scanning File C:\WINDOWS\System32\drivers\vga.sys
Mon Jul 07 22:22:59 2008 => Scanning File C:\WINDOWS\System32\vssvc.exe
Mon Jul 07 22:22:59 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\w22n51.sys
Mon Jul 07 22:22:59 2008 => Scanning File C:\WINDOWS\System32\svchost.exe
Mon Jul 07 22:22:59 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\wanarp.sys
Mon Jul 07 22:23:00 2008 => Scanning File C:\WINDOWS\system32\drivers\wdmaud.sys
Mon Jul 07 22:23:00 2008 => Scanning File C:\WINDOWS\System32\svchost.exe
Mon Jul 07 22:23:00 2008 => Scanning File C:\WINDOWS\system32\svchost.exe
Mon Jul 07 22:23:00 2008 => Scanning File C:\WINDOWS\System32\svchost.exe
Mon Jul 07 22:23:00 2008 => Scanning File C:\WINDOWS\System32\svchost.exe
Mon Jul 07 22:23:00 2008 => Scanning File C:\WINDOWS\System32\wbem\wmiapsrv.exe
Mon Jul 07 22:23:00 2008 => Scanning File C:\WINDOWS\System32\drivers\ws2ifsl.sys
Mon Jul 07 22:23:00 2008 => Scanning File C:\WINDOWS\System32\svchost.exe
Mon Jul 07 22:23:00 2008 => Scanning File C:\WINDOWS\system32\svchost.exe
Mon Jul 07 22:23:00 2008 => Scanning File C:\WINDOWS\System32\svchost.exe
Mon Jul 07 22:23:00 2008 => Scanning File C:\WINDOWS\System32\svchost.exe
Mon Jul 07 22:23:00 2008 => Scanning File C:\WINDOWS\system32\drivers\ialmsbw.sys
Mon Jul 07 22:23:00 2008 => Scanning File C:\WINDOWS\system32\drivers\ialmkchw.sys
Mon Jul 07 22:23:00 2008 => Scanning File C:\WINDOWS\system32\drivers\wA301a.sys

Mon Jul 07 22:23:00 2008 => ***** Scanning System32 Folders *****
Mon Jul 07 22:23:01 2008 => Scanning C:\WINDOWS Directory
Mon Jul 07 22:23:01 2008 => Scanning Folder: C:\WINDOWS\*.*
Mon Jul 07 22:23:02 2008 => Scanning File C:\WINDOWS\$_hpcst$.hpc
Mon Jul 07 22:23:02 2008 => Scanning File C:\WINDOWS\0.log [**]
Mon Jul 07 22:23:02 2008 => Scanning File C:\WINDOWS\002474_.tmp
Mon Jul 07 22:23:02 2008 => Scanning File C:\WINDOWS\alcrmv.exe
Mon Jul 07 22:23:03 2008 => Scanning File C:\WINDOWS\alcupd.exe
Mon Jul 07 22:23:03 2008 => Scanning File C:\WINDOWS\atid.ini
Mon Jul 07 22:23:03 2008 => Scanning File C:\WINDOWS\AviSplitter.INI
Mon Jul 07 22:23:03 2008 => Scanning File C:\WINDOWS\base64.tmp
Mon Jul 07 22:23:03 2008 => Scanning File C:\WINDOWS\Blue Lace 16.bmp
Mon Jul 07 22:23:03 2008 => Scanning File C:\WINDOWS\bootstat.dat
Mon Jul 07 22:23:03 2008 => Scanning File C:\WINDOWS\cdplayer.ini
Mon Jul 07 22:23:03 2008 => Scanning File C:\WINDOWS\CePMTray.INI [**]
Mon Jul 07 22:23:03 2008 => Scanning File C:\WINDOWS\clock.avi
Mon Jul 07 22:23:03 2008 => Scanning File C:\WINDOWS\cmsetacl.log
Mon Jul 07 22:23:03 2008 => Scanning File C:\WINDOWS\Coffee Bean.bmp
Mon Jul 07 22:23:03 2008 => Scanning File C:\WINDOWS\comsetup.log
Mon Jul 07 22:23:04 2008 => Scanning File C:\WINDOWS\conf.inf
Mon Jul 07 22:23:04 2008 => Scanning File C:\WINDOWS\control.ini [**]
Mon Jul 07 22:23:04 2008 => Scanning File C:\WINDOWS\CY_BG.EXE
Mon Jul 07 22:23:04 2008 => Scanning File C:\WINDOWS\CY_NINT.EXE
Mon Jul 07 22:23:04 2008 => Scanning File C:\WINDOWS\desktop.ini
Mon Jul 07 22:23:04 2008 => Scanning File C:\WINDOWS\DirectX.log
Mon Jul 07 22:23:04 2008 => Scanning File C:\WINDOWS\dla.exe
Mon Jul 07 22:23:04 2008 => Scanning File C:\WINDOWS\DtcInstall.log
Mon Jul 07 22:23:04 2008 => Scanning File C:\WINDOWS\explorer.exe
Mon Jul 07 22:23:04 2008 => Scanning File C:\WINDOWS\explorer.scf
Mon Jul 07 22:23:04 2008 => Scanning File C:\WINDOWS\EzButton.UNI
Mon Jul 07 22:23:04 2008 => Scanning File C:\WINDOWS\FaxSetup.log
Mon Jul 07 22:23:04 2008 => Scanning File C:\WINDOWS\FeatherTexture.bmp
Mon Jul 07 22:23:04 2008 => Scanning File C:\WINDOWS\GEARInstall.log
Mon Jul 07 22:23:04 2008 => Scanning File C:\WINDOWS\Gone Fishing.bmp
Mon Jul 07 22:23:05 2008 => Scanning File C:\WINDOWS\Greenstone.bmp
Mon Jul 07 22:23:05 2008 => Scanning File C:\WINDOWS\hh.exe
Mon Jul 07 22:23:05 2008 => Scanning File C:\WINDOWS\ie7_main.log
Mon Jul 07 22:23:05 2008 => Scanning File C:\WINDOWS\iis6.log
Mon Jul 07 22:23:05 2008 => Scanning File C:\WINDOWS\imsins.BAK
Mon Jul 07 22:23:05 2008 => Scanning File C:\WINDOWS\imsins.log
Mon Jul 07 22:23:05 2008 => Scanning File C:\WINDOWS\InstDrvr.exe
Mon Jul 07 22:23:05 2008 => Scanning File C:\WINDOWS\iPlayer.INI [**]
Mon Jul 07 22:23:05 2008 => Scanning File C:\WINDOWS\IsUninst.exe
Mon Jul 07 22:23:06 2008 => Scanning File C:\WINDOWS\jautoexp.dat
Mon Jul 07 22:23:06 2008 => Scanning File C:\WINDOWS\KB828741.log
Mon Jul 07 22:23:06 2008 => Scanning File C:\WINDOWS\KB833407.log
Mon Jul 07 22:23:06 2008 => Scanning File C:\WINDOWS\KB833987.log
Mon Jul 07 22:23:06 2008 => Scanning File C:\WINDOWS\KB835732.log
Mon Jul 07 22:23:06 2008 => Scanning File C:\WINDOWS\KB841356.log
Mon Jul 07 22:23:06 2008 => Scanning File C:\WINDOWS\KB842773.log
Mon Jul 07 22:23:06 2008 => Scanning File C:\WINDOWS\KB867282-IE6SP1-20050127.163319.log
Mon Jul 07 22:23:06 2008 => Scanning File C:\WINDOWS\KB867282.log
Mon Jul 07 22:23:06 2008 => Scanning File C:\WINDOWS\KB871250.log
Mon Jul 07 22:23:06 2008 => Scanning File C:\WINDOWS\KB873333.log
Mon Jul 07 22:23:06 2008 => Scanning File C:\WINDOWS\KB873339.log
Mon Jul 07 22:23:07 2008 => Scanning File C:\WINDOWS\KB883939.log
Mon Jul 07 22:23:07 2008 => Scanning File C:\WINDOWS\KB885250.log
Mon Jul 07 22:23:07 2008 => Scanning File C:\WINDOWS\KB885835.log
Mon Jul 07 22:23:07 2008 => Scanning File C:\WINDOWS\KB885836.log
Mon Jul 07 22:23:07 2008 => Scanning File C:\WINDOWS\KB886185.log
Mon Jul 07 22:23:07 2008 => Scanning File C:\WINDOWS\KB887472.log
Mon Jul 07 22:23:07 2008 => Scanning File C:\WINDOWS\KB887742.log
Mon Jul 07 22:23:08 2008 => Scanning File C:\WINDOWS\KB888113.log
Mon Jul 07 22:23:08 2008 => Scanning File C:\WINDOWS\KB888302.log
Mon Jul 07 22:23:08 2008 => Scanning File C:\WINDOWS\KB890046.log
Mon Jul 07 22:23:08 2008 => Scanning File C:\WINDOWS\KB890047.log
Mon Jul 07 22:23:08 2008 => Scanning File C:\WINDOWS\KB890175.log
Mon Jul 07 22:23:08 2008 => Scanning File C:\WINDOWS\KB890859.log
Mon Jul 07 22:23:08 2008 => Scanning File C:\WINDOWS\KB890923.log
Mon Jul 07 22:23:08 2008 => Scanning File C:\WINDOWS\KB891711.log
Mon Jul 07 22:23:08 2008 => Scanning File C:\WINDOWS\KB891781.log
Mon Jul 07 22:23:08 2008 => Scanning File C:\WINDOWS\KB893066.log
Mon Jul 07 22:23:09 2008 => Scanning File C:\WINDOWS\KB893086.log
Mon Jul 07 22:23:09 2008 => Scanning File C:\WINDOWS\KB893756.log
Mon Jul 07 22:23:09 2008 => Scanning File C:\WINDOWS\KB893803.log
Mon Jul 07 22:23:09 2008 => Scanning File C:\WINDOWS\KB893803v2.log
Mon Jul 07 22:23:09 2008 => Scanning File C:\WINDOWS\KB893803v2Uninst.log
Mon Jul 07 22:23:09 2008 => Scanning File C:\WINDOWS\KB894391.log
Mon Jul 07 22:23:09 2008 => Scanning File C:\WINDOWS\KB894476.log
Mon Jul 07 22:23:09 2008 => Scanning File C:\WINDOWS\KB896358.log
Mon Jul 07 22:23:09 2008 => Scanning File C:\WINDOWS\KB896422.log
Mon Jul 07 22:23:09 2008 => Scanning File C:\WINDOWS\KB896423.log
Mon Jul 07 22:23:09 2008 => Scanning File C:\WINDOWS\KB896424.log
Mon Jul 07 22:23:09 2008 => Scanning File C:\WINDOWS\KB896428.log
Mon Jul 07 22:23:09 2008 => Scanning File C:\WINDOWS\KB896688.log
Mon Jul 07 22:23:10 2008 => Scanning File C:\WINDOWS\KB896727.log
Mon Jul 07 22:23:10 2008 => Scanning File C:\WINDOWS\KB898461.log
Mon Jul 07 22:23:10 2008 => Scanning File C:\WINDOWS\KB899587.log
Mon Jul 07 22:23:10 2008 => Scanning File C:\WINDOWS\KB899588.log
Mon Jul 07 22:23:10 2008 => Scanning File C:\WINDOWS\KB899589.log
Mon Jul 07 22:23:10 2008 => Scanning File C:\WINDOWS\KB899591.log
Mon Jul 07 22:23:10 2008 => Scanning File C:\WINDOWS\KB900485.log
Mon Jul 07 22:23:10 2008 => Scanning File C:\WINDOWS\KB900725.log
Mon Jul 07 22:23:10 2008 => Scanning File C:\WINDOWS\KB901017.log
Mon Jul 07 22:23:10 2008 => Scanning File C:\WINDOWS\KB901214.log
Mon Jul 07 22:23:11 2008 => Scanning File C:\WINDOWS\KB902400.log
Mon Jul 07 22:23:11 2008 => Scanning File C:\WINDOWS\KB903235.log
Mon Jul 07 22:23:11 2008 => Scanning File C:\WINDOWS\KB904706.log
Mon Jul 07 22:23:11 2008 => Scanning File C:\WINDOWS\KB905414.log
Mon Jul 07 22:23:11 2008 => Scanning File C:\WINDOWS\KB905749.log
Mon Jul 07 22:23:11 2008 => Scanning File C:\WINDOWS\KB905915.log
Mon Jul 07 22:23:11 2008 => Scanning File C:\WINDOWS\KB908519.log
Mon Jul 07 22:23:11 2008 => Scanning File C:\WINDOWS\KB908531.log
Mon Jul 07 22:23:11 2008 => Scanning File C:\WINDOWS\KB909394.log
Mon Jul 07 22:23:11 2008 => Scanning File C:\WINDOWS\KB910437.log
Mon Jul 07 22:23:11 2008 => Scanning File C:\WINDOWS\KB911280.log
Mon Jul 07 22:23:11 2008 => Scanning File C:\WINDOWS\KB911562.log
Mon Jul 07 22:23:12 2008 => Scanning File C:\WINDOWS\KB911564.log
Mon Jul 07 22:23:12 2008 => Scanning File C:\WINDOWS\KB911565.log
Mon Jul 07 22:23:12 2008 => Scanning File C:\WINDOWS\KB911567.log
Mon Jul 07 22:23:12 2008 => Scanning File C:\WINDOWS\KB911927.log
Mon Jul 07 22:23:12 2008 => Scanning File C:\WINDOWS\KB912812.log
Mon Jul 07 22:23:12 2008 => Scanning File C:\WINDOWS\KB912919.log
Mon Jul 07 22:23:12 2008 => Scanning File C:\WINDOWS\KB913446.log
Mon Jul 07 22:23:12 2008 => Scanning File C:\WINDOWS\KB913580.log
Mon Jul 07 22:23:12 2008 => Scanning File C:\WINDOWS\KB914388.log
Mon Jul 07 22:23:12 2008 => Scanning File C:\WINDOWS\KB914389.log
Mon Jul 07 22:23:12 2008 => Scanning File C:\WINDOWS\KB916281.log
Mon Jul 07 22:23:13 2008 => Scanning File C:\WINDOWS\KB916595.log
Mon Jul 07 22:23:13 2008 => Scanning File C:\WINDOWS\KB917159.log
Mon Jul 07 22:23:13 2008 => Scanning File C:\WINDOWS\KB917344.log
Mon Jul 07 22:23:13 2008 => Scanning File C:\WINDOWS\KB917422.log
Mon Jul 07 22:23:13 2008 => Scanning File C:\WINDOWS\KB917734.log
Mon Jul 07 22:23:13 2008 => Scanning File C:\WINDOWS\KB917953.log
Mon Jul 07 22:23:13 2008 => Scanning File C:\WINDOWS\KB918118.log
Mon Jul 07 22:23:13 2008 => Scanning File C:\WINDOWS\KB918439.log
Mon Jul 07 22:23:13 2008 => Scanning File C:\WINDOWS\KB918899.log
Mon Jul 07 22:23:13 2008 => Scanning File C:\WINDOWS\KB919007.log
Mon Jul 07 22:23:13 2008 => Scanning File C:\WINDOWS\KB920213.log
Mon Jul 07 22:23:14 2008 => Scanning File C:\WINDOWS\KB920214.log
Mon Jul 07 22:23:14 2008 => Scanning File C:\WINDOWS\KB920670.log
Mon Jul 07 22:23:14 2008 => Scanning File C:\WINDOWS\KB920683.log
Mon Jul 07 22:23:14 2008 => Scanning File C:\WINDOWS\KB920685.log
Mon Jul 07 22:23:14 2008 => Scanning File C:\WINDOWS\KB920872.log
Mon Jul 07 22:23:14 2008 => Scanning File C:\WINDOWS\KB921398.log
Mon Jul 07 22:23:14 2008 => Scanning File C:\WINDOWS\KB921503.log
Mon Jul 07 22:23:14 2008 => Scanning File C:\WINDOWS\KB921883.log
Mon Jul 07 22:23:14 2008 => Scanning File C:\WINDOWS\KB922582.log
Mon Jul 07 22:23:15 2008 => Scanning File C:\WINDOWS\KB922616.log
Mon Jul 07 22:23:15 2008 => Scanning File C:\WINDOWS\KB922760.log
Mon Jul 07 22:23:15 2008 => Scanning File C:\WINDOWS\KB922819.log
Mon Jul 07 22:23:15 2008 => Scanning File C:\WINDOWS\KB923191.log
Mon Jul 07 22:23:15 2008 => Scanning File C:\WINDOWS\KB923414.log
Mon Jul 07 22:23:15 2008 => Scanning File C:\WINDOWS\KB923689.log
Mon Jul 07 22:23:15 2008 => Scanning File C:\WINDOWS\KB923694.log
Mon Jul 07 22:23:15 2008 => Scanning File C:\WINDOWS\KB923980.log
Mon Jul 07 22:23:15 2008 => Scanning File C:\WINDOWS\KB924191.log
Mon Jul 07 22:23:15 2008 => Scanning File C:\WINDOWS\KB924270.log
Mon Jul 07 22:23:15 2008 => Scanning File C:\WINDOWS\KB924496.log
Mon Jul 07 22:23:15 2008 => Scanning File C:\WINDOWS\KB924667.log
Mon Jul 07 22:23:15 2008 => Scanning File C:\WINDOWS\KB925398.log
Mon Jul 07 22:23:16 2008 => Scanning File C:\WINDOWS\KB925454.log
Mon Jul 07 22:23:16 2008 => Scanning File C:\WINDOWS\KB925486.log
Mon Jul 07 22:23:16 2008 => Scanning File C:\WINDOWS\KB925902.log
Mon Jul 07 22:23:16 2008 => Scanning File C:\WINDOWS\KB926255.log
Mon Jul 07 22:23:16 2008 => Scanning File C:\WINDOWS\KB926436.log
Mon Jul 07 22:23:16 2008 => Scanning File C:\WINDOWS\KB927779.log
Mon Jul 07 22:23:16 2008 => Scanning File C:\WINDOWS\KB927802.log
Mon Jul 07 22:23:16 2008 => Scanning File C:\WINDOWS\KB927891.log
Mon Jul 07 22:23:16 2008 => Scanning File C:\WINDOWS\KB928090.log
Mon Jul 07 22:23:16 2008 => Scanning File C:\WINDOWS\KB928255.log
Mon Jul 07 22:23:17 2008 => Scanning File C:\WINDOWS\KB928843.log
Mon Jul 07 22:23:17 2008 => Scanning File C:\WINDOWS\KB929123.log
Mon Jul 07 22:23:17 2008 => Scanning File C:\WINDOWS\KB929338.log
Mon Jul 07 22:23:17 2008 => Scanning File C:\WINDOWS\KB929969.log
Mon Jul 07 22:23:17 2008 => Scanning File C:\WINDOWS\KB930178.log
Mon Jul 07 22:23:17 2008 => Scanning File C:\WINDOWS\KB930916.log
Mon Jul 07 22:23:17 2008 => Scanning File C:\WINDOWS\KB931261.log
Mon Jul 07 22:23:17 2008 => Scanning File C:\WINDOWS\KB931768.log
Mon Jul 07 22:23:17 2008 => Scanning File C:\WINDOWS\KB931784.log
Mon Jul 07 22:23:17 2008 => Scanning File C:\WINDOWS\KB931836.log
Mon Jul 07 22:23:17 2008 => Scanning File C:\WINDOWS\KB932168.log
Mon Jul 07 22:23:18 2008 => Scanning File C:\WINDOWS\KB933360.log
Mon Jul 07 22:23:18 2008 => Scanning File C:\WINDOWS\KB933566.log
Mon Jul 07 22:23:18 2008 => Scanning File C:\WINDOWS\KB933729.log
Mon Jul 07 22:23:18 2008 => Scanning File C:\WINDOWS\KB935839.log
Mon Jul 07 22:23:18 2008 => Scanning File C:\WINDOWS\KB935840.log
Mon Jul 07 22:23:18 2008 => Scanning File C:\WINDOWS\KB936021.log
Mon Jul 07 22:23:18 2008 => Scanning File C:\WINDOWS\KB936357.log
Mon Jul 07 22:23:18 2008 => Scanning File C:\WINDOWS\KB936782.log
Mon Jul 07 22:23:18 2008 => Scanning File C:\WINDOWS\KB937143.log
Mon Jul 07 22:23:18 2008 => Scanning File C:\WINDOWS\KB937894.log
Mon Jul 07 22:23:19 2008 => Scanning File C:\WINDOWS\KB938127.log
Mon Jul 07 22:23:19 2008 => Scanning File C:\WINDOWS\KB938828.log
Mon Jul 07 22:23:19 2008 => Scanning File C:\WINDOWS\KB938829.log
Mon Jul 07 22:23:19 2008 => Scanning File C:\WINDOWS\KB939653.log
Mon Jul 07 22:23:19 2008 => Scanning File C:\WINDOWS\KB941202.log
Mon Jul 07 22:23:19 2008 => Scanning File C:\WINDOWS\KB941568.log
Mon Jul 07 22:23:19 2008 => Scanning File C:\WINDOWS\KB941569.log
Mon Jul 07 22:23:19 2008 => Scanning File C:\WINDOWS\KB941644.log
Mon Jul 07 22:23:19 2008 => Scanning File C:\WINDOWS\KB941693.log
Mon Jul 07 22:23:19 2008 => Scanning File C:\WINDOWS\KB942615.log
Mon Jul 07 22:23:19 2008 => Scanning File C:\WINDOWS\KB942763.log
Mon Jul 07 22:23:20 2008 => Scanning File C:\WINDOWS\KB942840.log
Mon Jul 07 22:23:20 2008 => Scanning File C:\WINDOWS\KB943055.log
Mon Jul 07 22:23:20 2008 => Scanning File C:\WINDOWS\KB943460.log
Mon Jul 07 22:23:20 2008 => Scanning File C:\WINDOWS\KB943485.log
Mon Jul 07 22:23:20 2008 => Scanning File C:\WINDOWS\KB944338.log
Mon Jul 07 22:23:20 2008 => Scanning File C:\WINDOWS\KB944533.log
Mon Jul 07 22:23:20 2008 => Scanning File C:\WINDOWS\KB944653.log
Mon Jul 07 22:23:20 2008 => Scanning File C:\WINDOWS\KB945553.log
Mon Jul 07 22:23:20 2008 => Scanning File C:\WINDOWS\KB946026.log
Mon Jul 07 22:23:20 2008 => Scanning File C:\WINDOWS\KB946627.log
Mon Jul 07 22:23:20 2008 => Scanning File C:\WINDOWS\KB947864.log
Mon Jul 07 22:23:21 2008 => Scanning File C:\WINDOWS\KB948590.log
Mon Jul 07 22:23:21 2008 => Scanning File C:\WINDOWS\KB948881.log
Mon Jul 07 22:23:21 2008 => Scanning File C:\WINDOWS\KB950749.log
Mon Jul 07 22:23:21 2008 => Scanning File C:\WINDOWS\KB950759.log
Mon Jul 07 22:23:21 2008 => Scanning File C:\WINDOWS\KB950760.log
Mon Jul 07 22:23:21 2008 => Scanning File C:\WINDOWS\KB950762.log
Mon Jul 07 22:23:21 2008 => Scanning File C:\WINDOWS\KB951376-v2.log
Mon Jul 07 22:23:21 2008 => Scanning File C:\WINDOWS\KB951376.log
Mon Jul 07 22:23:21 2008 => Scanning File C:\WINDOWS\KB951698.log
Mon Jul 07 22:23:22 2008 => Scanning File C:\WINDOWS\ky.sxc
Mon Jul 07 22:23:22 2008 => Scanning File C:\WINDOWS\MedCtrOC.log
Mon Jul 07 22:23:22 2008 => Scanning File C:\WINDOWS\mozver.dat
Mon Jul 07 22:23:22 2008 => Scanning File C:\WINDOWS\mscon.sio
Mon Jul 07 22:23:22 2008 => Scanning File C:\WINDOWS\msdfmap.ini
Mon Jul 07 22:23:22 2008 => Scanning File C:\WINDOWS\msgsocm.log
Mon Jul 07 22:23:22 2008 => Scanning File C:\WINDOWS\msmqinst.log
Mon Jul 07 22:23:22 2008 => Scanning File C:\WINDOWS\msxml4-KB936181-enu.LOG
Mon Jul 07 22:23:22 2008 => Scanning File C:\WINDOWS\NeroDigital.ini
Mon Jul 07 22:23:22 2008 => Scanning File C:\WINDOWS\netfxocm.log
Mon Jul 07 22:23:22 2008 => Scanning File C:\WINDOWS\notepad.exe
Mon Jul 07 22:23:22 2008 => Scanning File C:\WINDOWS\nsreg.dat
Mon Jul 07 22:23:22 2008 => Scanning File C:\WINDOWS\nsw.log
Mon Jul 07 22:23:23 2008 => Scanning File C:\WINDOWS\ntbtlog.txt
Mon Jul 07 22:23:23 2008 => Scanning File C:\WINDOWS\ntdtcsetup.log
Mon Jul 07 22:23:23 2008 => Scanning File C:\WINDOWS\ocgen.log
Mon Jul 07 22:23:23 2008 => Scanning File C:\WINDOWS\ocmsn.log
Mon Jul 07 22:23:23 2008 => Scanning File C:\WINDOWS\ODBC.INI
Mon Jul 07 22:23:23 2008 => Scanning File C:\WINDOWS\ODBCINST.INI
Mon Jul 07 22:23:23 2008 => Scanning File C:\WINDOWS\OEWABLog.txt
Mon Jul 07 22:23:24 2008 => Scanning File C:\WINDOWS\pcfriend.INI [**]
Mon Jul 07 22:23:24 2008 => Scanning File C:\WINDOWS\PhotoSnapViewer.INI
Mon Jul 07 22:23:24 2008 => Scanning File C:\WINDOWS\Prairie Wind.bmp
Mon Jul 07 22:23:24 2008 => Scanning File C:\WINDOWS\regedit.exe
Mon Jul 07 22:23:24 2008 => Scanning File C:\WINDOWS\REGLOCS.OLD
Mon Jul 07 22:23:24 2008 => Scanning File C:\WINDOWS\regopt.log
Mon Jul 07 22:23:24 2008 => Scanning File C:\WINDOWS\Rhododendron.bmp
Mon Jul 07 22:23:24 2008 => Scanning File C:\WINDOWS\River Sumida.bmp
Mon Jul 07 22:23:24 2008 => Scanning File C:\WINDOWS\Santa Fe Stucco.bmp
Mon Jul 07 22:23:24 2008 => Scanning File C:\WINDOWS\SchedLgU.Txt
Mon Jul 07 22:23:24 2008 => Scanning File C:\WINDOWS\sessmgr.setup.log
Mon Jul 07 22:23:24 2008 => Scanning File C:\WINDOWS\SET3.tmp
Mon Jul 07 22:23:24 2008 => Scanning File C:\WINDOWS\SETA.tmp
Mon Jul 07 22:23:24 2008 => Scanning File C:\WINDOWS\setdebug.exe
Mon Jul 07 22:23:24 2008 => Scanning File C:\WINDOWS\setupact.log
Mon Jul 07 22:23:25 2008 => Scanning File C:\WINDOWS\setupapi.log
Mon Jul 07 22:23:25 2008 => Scanning File C:\WINDOWS\setupapi.log.0.old
Mon Jul 07 22:23:25 2008 => Scanning File C:\WINDOWS\setuperr.log [**]
Mon Jul 07 22:23:25 2008 => Scanning File C:\WINDOWS\slrundll.exe
Mon Jul 07 22:23:25 2008 => Scanning File C:\WINDOWS\Soap Bubbles.bmp
Mon Jul 07 22:23:25 2008 => Scanning File C:\WINDOWS\spupdsvc.log
Mon Jul 07 22:23:25 2008 => Scanning File C:\WINDOWS\Sti_Trace.log [**]
Mon Jul 07 22:23:25 2008 => Scanning File C:\WINDOWS\svcpack.log
Mon Jul 07 22:23:25 2008 => Scanning File C:\WINDOWS\system.ini
Mon Jul 07 22:23:25 2008 => Scanning File C:\WINDOWS\tabletoc.log
Mon Jul 07 22:23:25 2008 => Scanning File C:\WINDOWS\TASKMAN.EXE
Mon Jul 07 22:23:25 2008 => Scanning File C:\WINDOWS\TPTray.INI [**]
Mon Jul 07 22:23:25 2008 => Scanning File C:\WINDOWS\tsoc.log
Mon Jul 07 22:23:26 2008 => Scanning File C:\WINDOWS\twain.dll
Mon Jul 07 22:23:26 2008 => Scanning File C:\WINDOWS\twain_32.dll
Mon Jul 07 22:23:26 2008 => Scanning File C:\WINDOWS\twunk_16.exe
Mon Jul 07 22:23:26 2008 => Scanning File C:\WINDOWS\twunk_32.exe
Mon Jul 07 22:23:26 2008 => Scanning File C:\WINDOWS\UNINST32.EXE
Mon Jul 07 22:23:26 2008 => Scanning File C:\WINDOWS\UNNeroVision.cfg
Mon Jul 07 22:23:26 2008 => Scanning File C:\WINDOWS\UNNeroVision.exe
Mon Jul 07 22:23:26 2008 => Scanning File C:\WINDOWS\UNNMP.cfg
Mon Jul 07 22:23:26 2008 => Scanning File C:\WINDOWS\UNNMP.exe
Mon Jul 07 22:23:27 2008 => Scanning File C:\WINDOWS\updspapi.log
Mon Jul 07 22:23:27 2008 => Scanning File C:\WINDOWS\vb.ini
Mon Jul 07 22:23:27 2008 => Scanning File C:\WINDOWS\vbaddin.ini
Mon Jul 07 22:23:27 2008 => Scanning File C:\WINDOWS\vminst.log
Mon Jul 07 22:23:27 2008 => Scanning File C:\WINDOWS\vmmreg32.dll
Mon Jul 07 22:23:27 2008 => Scanning File C:\WINDOWS\WBDBV32I.DLL
Mon Jul 07 22:23:28 2008 => Scanning File C:\WINDOWS\WgaNotify.log
Mon Jul 07 22:23:28 2008 => Scanning File C:\WINDOWS\wiadebug.log
Mon Jul 07 22:23:28 2008 => Scanning File C:\WINDOWS\wiaservc.log
Mon Jul 07 22:23:28 2008 => Scanning File C:\WINDOWS\win.ini
Mon Jul 07 22:23:28 2008 => Scanning File C:\WINDOWS\winamp.ini
Mon Jul 07 22:23:28 2008 => Scanning File C:\WINDOWS\Windows Update.log
Mon Jul 07 22:23:28 2008 => Scanning File C:\WINDOWS\WindowsShell.Manifest
Mon Jul 07 22:23:28 2008 => Scanning File C:\WINDOWS\WindowsUpdate.log
Mon Jul 07 22:23:28 2008 => Scanning File C:\WINDOWS\winhelp.exe
Mon Jul 07 22:23:28 2008 => Scanning File C:\WINDOWS\winhlp32.exe
Mon Jul 07 22:23:29 2008 => Scanning File C:\WINDOWS\wininit.ini
Mon Jul 07 22:23:29 2008 => Scanning File C:\WINDOWS\winnt.bmp
Mon Jul 07 22:23:29 2008 => Scanning File C:\WINDOWS\winnt256.bmp
Mon Jul 07 22:23:29 2008 => Scanning File C:\WINDOWS\wmsetup.log
Mon Jul 07 22:23:29 2008 => Scanning File C:\WINDOWS\wmsetup10.log
Mon Jul 07 22:23:29 2008 => Scanning File C:\WINDOWS\WMSysPr8.prx
Mon Jul 07 22:23:29 2008 => Scanning File C:\WINDOWS\WMSysPr9.prx
Mon Jul 07 22:23:29 2008 => Scanning File C:\WINDOWS\WMSysPrx.prx
Mon Jul 07 22:23:29 2008 => Scanning File C:\WINDOWS\xpsp1hfm.log
Mon Jul 07 22:23:29 2008 => Scanning File C:\WINDOWS\Zapotec.bmp
Mon Jul 07 22:23:29 2008 => Scanning File C:\WINDOWS\zip1.tmp
Mon Jul 07 22:23:29 2008 => Scanning File C:\WINDOWS\zip2.tmp
Mon Jul 07 22:23:29 2008 => Scanning File C:\WINDOWS\zip3.tmp
Mon Jul 07 22:23:29 2008 => Scanning File C:\WINDOWS\zipped.tmp
Mon Jul 07 22:23:29 2008 => Scanning File C:\WINDOWS\_default.pif
Mon Jul 07 22:23:30 2008 => Scanning C:\WINDOWS\system32 Directory
Mon Jul 07 22:23:30 2008 => Scanning Folder: C:\WINDOWS\system32\*.*
Mon Jul 07 22:23:30 2008 => Scanning File C:\WINDOWS\system32\$winnt$.inf
Mon Jul 07 22:23:30 2008 => Scanning File C:\WINDOWS\system32\12520437.cpx
Mon Jul 07 22:23:30 2008 => Scanning File C:\WINDOWS\system32\12520850.cpx
Mon Jul 07 22:23:30 2008 => Scanning File C:\WINDOWS\system32\6to4svc.dll
Mon Jul 07 22:23:30 2008 => Scanning File C:\WINDOWS\system32\a3d.dll
Mon Jul 07 22:23:30 2008 => Scanning File C:\WINDOWS\system32\aaaamon.dll
Mon Jul 07 22:23:30 2008 => Scanning File C:\WINDOWS\system32\AC3ACM.acm
Mon Jul 07 22:23:30 2008 => Scanning File C:\WINDOWS\system32\access.cpl
Mon Jul 07 22:23:30 2008 => Scanning File C:\WINDOWS\system32\acctres.dll
Mon Jul 07 22:23:30 2008 => Scanning File C:\WINDOWS\system32\accwiz.exe
Mon Jul 07 22:23:30 2008 => Scanning File C:\WINDOWS\system32\acelpdec.ax
Mon Jul 07 22:23:31 2008 => Scanning File C:\WINDOWS\system32\acledit.dll
Mon Jul 07 22:23:31 2008 => Scanning File C:\WINDOWS\system32\aclui.dll
Mon Jul 07 22:23:31 2008 => Scanning File C:\WINDOWS\system32\activeds.dll
Mon Jul 07 22:23:31 2008 => Scanning File C:\WINDOWS\system32\activeds.tlb
Mon Jul 07 22:23:31 2008 => Scanning File C:\WINDOWS\system32\actmovie.exe
Mon Jul 07 22:23:31 2008 => Scanning File C:\WINDOWS\system32\actskn43.ocx
Mon Jul 07 22:23:31 2008 => Scanning File C:\WINDOWS\system32\actsplash.ocx
Mon Jul 07 22:23:32 2008 => Scanning File C:\WINDOWS\system32\actxprxy.dll
Mon Jul 07 22:23:32 2008 => Scanning File C:\WINDOWS\system32\AddRemove.ico
Mon Jul 07 22:23:32 2008 => Scanning File C:\WINDOWS\system32\admparse.dll
Mon Jul 07 22:23:32 2008 => Scanning File C:\WINDOWS\system32\adptif.dll
Mon Jul 07 22:23:32 2008 => Scanning File C:\WINDOWS\system32\adsldp.dll
Mon Jul 07 22:23:32 2008 => Scanning File C:\WINDOWS\system32\adsldpc.dll
Mon Jul 07 22:23:32 2008 => Scanning File C:\WINDOWS\system32\adsmsext.dll
Mon Jul 07 22:23:32 2008 => Scanning File C:\WINDOWS\system32\adsnds.dll
Mon Jul 07 22:23:32 2008 => Scanning File C:\WINDOWS\system32\adsnt.dll
Mon Jul 07 22:23:33 2008 => Scanning File C:\WINDOWS\system32\adsnw.dll
Mon Jul 07 22:23:33 2008 => Scanning File C:\WINDOWS\system32\advapi32.dll
Mon Jul 07 22:23:33 2008 => Scanning File C:\WINDOWS\system32\advddr32.exe
Mon Jul 07 22:23:33 2008 => Scanning File C:\WINDOWS\system32\advpack.dll
Mon Jul 07 22:23:33 2008 => Scanning File C:\WINDOWS\system32\ahui.exe
Mon Jul 07 22:23:34 2008 => Scanning File C:\WINDOWS\system32\alf2cd.acm
Mon Jul 07 22:23:34 2008 => Scanning File C:\WINDOWS\system32\alg.exe
Mon Jul 07 22:23:34 2008 => Scanning File C:\WINDOWS\system32\alrsvc.dll
Mon Jul 07 22:23:34 2008 => Scanning File C:\WINDOWS\system32\amcompat.tlb
Mon Jul 07 22:23:34 2008 => Scanning File C:\WINDOWS\system32\amstream.dll
Mon Jul 07 22:23:34 2008 => Scanning File C:\WINDOWS\system32\ansi.sys
Mon Jul 07 22:23:34 2008 => Scanning File C:\WINDOWS\system32\apcups.dll
Mon Jul 07 22:23:34 2008 => Scanning File C:\WINDOWS\system32\append.exe
Mon Jul 07 22:23:34 2008 => Scanning File C:\WINDOWS\system32\apphelp.dll
Mon Jul 07 22:23:34 2008 => Scanning File C:\WINDOWS\system32\appmgmts.dll
Mon Jul 07 22:23:35 2008 => Scanning File C:\WINDOWS\system32\appmgr.dll
Mon Jul 07 22:23:35 2008 => Scanning File C:\WINDOWS\system32\appwiz.cpl
Mon Jul 07 22:23:35 2008 => Scanning File C:\WINDOWS\system32\arp.exe
Mon Jul 07 22:23:35 2008 => Scanning File C:\WINDOWS\system32\AS-Exp2.ocx
Mon Jul 07 22:23:35 2008 => Scanning File C:\WINDOWS\system32\asctrls.ocx
Mon Jul 07 22:23:36 2008 => Scanning File C:\WINDOWS\system32\asferror.dll
Mon Jul 07 22:23:36 2008 => Scanning File C:\WINDOWS\system32\asfsipc.dll
Mon Jul 07 22:23:36 2008 => Scanning File C:\WINDOWS\system32\asr_fmt.exe
Mon Jul 07 22:23:36 2008 => Scanning File C:\WINDOWS\system32\asr_ldm.exe
Mon Jul 07 22:23:36 2008 => Scanning File C:\WINDOWS\system32\asr_pfu.exe
Mon Jul 07 22:23:36 2008 => Scanning File C:\WINDOWS\system32\asycfilt.dll
Mon Jul 07 22:23:36 2008 => Scanning File C:\WINDOWS\system32\at.exe
Mon Jul 07 22:23:36 2008 => Scanning File C:\WINDOWS\system32\ati2cqag.dll
Mon Jul 07 22:23:36 2008 => Scanning File C:\WINDOWS\system32\ati2dvaa.dll
Mon Jul 07 22:23:37 2008 => Scanning File C:\WINDOWS\system32\ati2dvag.dll
Mon Jul 07 22:23:37 2008 => Scanning File C:\WINDOWS\system32\ati3d1ag.dll
Mon Jul 07 22:23:37 2008 => Scanning File C:\WINDOWS\system32\ati3duag.dll
Mon Jul 07 22:23:37 2008 => Scanning File C:\WINDOWS\system32\ativdaxx.ax
Mon Jul 07 22:23:37 2008 => Scanning File C:\WINDOWS\system32\ativmvxx.ax
Mon Jul 07 22:23:38 2008 => Scanning File C:\WINDOWS\system32\ativtmxx.dll
Mon Jul 07 22:23:38 2008 => Scanning File C:\WINDOWS\system32\ativvaxx.dll
Mon Jul 07 22:23:38 2008 => Scanning File C:\WINDOWS\system32\atkctrs.dll
Mon Jul 07 22:23:38 2008 => Scanning File C:\WINDOWS\system32\atl.dll
Mon Jul 07 22:23:38 2008 => Scanning File C:\WINDOWS\system32\atl70.dll
Mon Jul 07 22:23:38 2008 => Scanning File C:\WINDOWS\system32\atl71.dll
Mon Jul 07 22:23:38 2008 => Scanning File C:\WINDOWS\system32\atmadm.exe
Mon Jul 07 22:23:39 2008 => Scanning File C:\WINDOWS\system32\atmfd.dll
Mon Jul 07 22:23:39 2008 => Scanning File C:\WINDOWS\system32\atmlib.dll
Mon Jul 07 22:23:39 2008 => Scanning File C:\WINDOWS\system32\atmpvcno.dll
Mon Jul 07 22:23:39 2008 => Scanning File C:\WINDOWS\system32\atrace.dll
Mon Jul 07 22:23:39 2008 => Scanning File C:\WINDOWS\system32\attrib.exe
Mon Jul 07 22:23:39 2008 => Scanning File C:\WINDOWS\system32\AudFile.dll
Mon Jul 07 22:23:39 2008 => Scanning File C:\WINDOWS\system32\Audio3D.dll
Mon Jul 07 22:23:39 2008 => Scanning File C:\WINDOWS\system32\Audiodev.dll
Mon Jul 07 22:23:39 2008 => Scanning File C:\WINDOWS\system32\AudioInfos.dll
Mon Jul 07 22:23:40 2008 => Scanning File C:\WINDOWS\system32\audiosrv.dll
Mon Jul 07 22:23:40 2008 => Scanning File C:\WINDOWS\system32\auditusr.exe
Mon Jul 07 22:23:40 2008 => Scanning File C:\WINDOWS\system32\authz.dll
Mon Jul 07 22:23:40 2008 => Scanning File C:\WINDOWS\system32\autochk.exe
Mon Jul 07 22:23:40 2008 => Scanning File C:\WINDOWS\system32\autoconv.exe
Mon Jul 07 22:23:40 2008 => Scanning File C:\WINDOWS\system32\autodisc.dll
Mon Jul 07 22:23:40 2008 => Scanning File C:\WINDOWS\system32\AUTOEXEC.NT
Mon Jul 07 22:23:40 2008 => Scanning File C:\WINDOWS\system32\autofmt.exe
Mon Jul 07 22:23:41 2008 => Scanning File C:\WINDOWS\system32\autolfn.exe
Mon Jul 07 22:23:41 2008 => Scanning File C:\WINDOWS\system32\avicap.dll
Mon Jul 07 22:23:41 2008 => Scanning File C:\WINDOWS\system32\avicap32.dll
Mon Jul 07 22:23:41 2008 => Scanning File C:\WINDOWS\system32\avifil32.dll
Mon Jul 07 22:23:41 2008 => Scanning File C:\WINDOWS\system32\avifile.dll
Mon Jul 07 22:23:41 2008 => Scanning File C:\WINDOWS\system32\avmeter.dll
Mon Jul 07 22:23:41 2008 => Scanning File C:\WINDOWS\system32\avtapi.dll
Mon Jul 07 22:23:42 2008 => Scanning File C:\WINDOWS\system32\avwav.dll
Mon Jul 07 22:23:42 2008 => Scanning File C:\WINDOWS\system32\b4fm.dll
Mon Jul 07 22:23:42 2008 => Scanning File C:\WINDOWS\system32\basesrv.dll
Mon Jul 07 22:23:42 2008 => Scanning File C:\WINDOWS\system32\batmeter.dll
Mon Jul 07 22:23:43 2008 => Scanning File C:\WINDOWS\system32\batt.dll
Mon Jul 07 22:23:43 2008 => Scanning File C:\WINDOWS\system32\bdaplgin.ax
Mon Jul 07 22:23:43 2008 => Scanning File C:\WINDOWS\system32\bidispl.dll
Mon Jul 07 22:23:43 2008 => Scanning File C:\WINDOWS\system32\bios1.rom
Mon Jul 07 22:23:43 2008 => Scanning File C:\WINDOWS\system32\bios4.rom
Mon Jul 07 22:23:43 2008 => Scanning File C:\WINDOWS\system32\bitsprx2.dll
Mon Jul 07 22:23:43 2008 => Scanning File C:\WINDOWS\system32\bitsprx3.dll
Mon Jul 07 22:23:43 2008 => Scanning File C:\WINDOWS\system32\blackbox.dll
Mon Jul 07 22:23:43 2008 => Scanning File C:\WINDOWS\system32\blastcln.exe
Mon Jul 07 22:23:43 2008 => Scanning File C:\WINDOWS\system32\bootcfg.exe
Mon Jul 07 22:23:44 2008 => Scanning File C:\WINDOWS\system32\bootok.exe
Mon Jul 07 22:23:44 2008 => Scanning File C:\WINDOWS\system32\bootvid.dll
Mon Jul 07 22:23:44 2008 => Scanning File C:\WINDOWS\system32\bootvrfy.exe
Mon Jul 07 22:23:44 2008 => Scanning File C:\WINDOWS\system32\bopomofo.uce
Mon Jul 07 22:23:44 2008 => Scanning File C:\WINDOWS\system32\browselc.dll
Mon Jul 07 22:23:44 2008 => Scanning File C:\WINDOWS\system32\browser.dll
Mon Jul 07 22:23:44 2008 => Scanning File C:\WINDOWS\system32\browseui.dll
Mon Jul 07 22:23:44 2008 => Scanning File C:\WINDOWS\system32\browsewm.dll
Mon Jul 07 22:23:44 2008 => Scanning File C:\WINDOWS\system32\bthci.dll
Mon Jul 07 22:23:45 2008 => Scanning File C:\WINDOWS\system32\bthprops.cpl
Mon Jul 07 22:23:45 2008 => Scanning File C:\WINDOWS\system32\bthserv.dll
Mon Jul 07 22:23:45 2008 => Scanning File C:\WINDOWS\system32\btpanui.dll
Mon Jul 07 22:23:45 2008 => Scanning File C:\WINDOWS\system32\cabinet.dll
Mon Jul 07 22:23:45 2008 => Scanning File C:\WINDOWS\system32\cabview.dll
Mon Jul 07 22:23:45 2008 => Scanning File C:\WINDOWS\system32\cacls.exe
Mon Jul 07 22:23:45 2008 => Scanning File C:\WINDOWS\system32\calc.exe
Mon Jul 07 22:23:45 2008 => Scanning File C:\WINDOWS\system32\camocx.dll
Mon Jul 07 22:23:45 2008 => Scanning File C:\WINDOWS\system32\capesnpn.dll
Mon Jul 07 22:23:45 2008 => Scanning File C:\WINDOWS\system32\cards.dll
Mon Jul 07 22:23:46 2008 => Scanning File C:\WINDOWS\system32\catsrv.dll
Mon Jul 07 22:23:46 2008 => Scanning File C:\WINDOWS\system32\catsrvps.dll
Mon Jul 07 22:23:46 2008 => Scanning File C:\WINDOWS\system32\catsrvut.dll
Mon Jul 07 22:23:46 2008 => Scanning File C:\WINDOWS\system32\ccfgnt.dll
Mon Jul 07 22:23:46 2008 => Scanning File C:\WINDOWS\system32\cdfview.dll
Mon Jul 07 22:23:46 2008 => Scanning File C:\WINDOWS\system32\cdm.dll
Mon Jul 07 22:23:46 2008 => Scanning File C:\WINDOWS\system32\cdmodem.dll
Mon Jul 07 22:23:46 2008 => Scanning File C:\WINDOWS\system32\cdosys.dll
Mon Jul 07 22:23:47 2008 => Scanning File C:\WINDOWS\system32\cdplayer.exe.manifest
Mon Jul 07 22:23:47 2008 => Scanning File C:\WINDOWS\system32\CDRipperX.ocx
Mon Jul 07 22:23:47 2008 => Scanning File C:\WINDOWS\system32\CDWriterXP.ocx
Mon Jul 07 22:23:47 2008 => Scanning File C:\WINDOWS\system32\CeEPDefDat.dll
Mon Jul 07 22:23:47 2008 => Scanning File C:\WINDOWS\system32\CeEPPolicy.dll
Mon Jul 07 22:23:47 2008 => Scanning File C:\WINDOWS\system32\CePMTab.dll
Mon Jul 07 22:23:47 2008 => Scanning File C:\WINDOWS\system32\certcli.dll
Mon Jul 07 22:23:48 2008 => Scanning File C:\WINDOWS\system32\certmgr.dll
Mon Jul 07 22:23:48 2008 => Scanning File C:\WINDOWS\system32\certmgr.msc
Mon Jul 07 22:23:48 2008 => Scanning File C:\WINDOWS\system32\CeTPPolicy.dll
Mon Jul 07 22:23:48 2008 => Scanning File C:\WINDOWS\system32\ceutil.dll
Mon Jul 07 22:23:48 2008 => Scanning File C:\WINDOWS\system32\CEWMDM.dll
Mon Jul 07 22:23:48 2008 => Scanning File C:\WINDOWS\system32\cfgbkend.dll
Mon Jul 07 22:23:48 2008 => Scanning File C:\WINDOWS\system32\cfgmgr32.dll
Mon Jul 07 22:23:48 2008 => Scanning File C:\WINDOWS\system32\charmap.exe
Mon Jul 07 22:23:49 2008 => Scanning File C:\WINDOWS\system32\chcp.com
Mon Jul 07 22:23:49 2008 => Scanning File C:\WINDOWS\system32\chkdsk.exe
Mon Jul 07 22:23:49 2008 => Scanning File C:\WINDOWS\system32\chkntfs.exe
Mon Jul 07 22:23:49 2008 => Scanning File C:\WINDOWS\system32\ciadmin.dll
Mon Jul 07 22:23:49 2008 => Scanning File C:\WINDOWS\system32\ciadv.msc
Mon Jul 07 22:23:49 2008 => Scanning File C:\WINDOWS\system32\cic.dll
Mon Jul 07 22:23:49 2008 => Scanning File C:\WINDOWS\system32\cidaemon.exe
Mon Jul 07 22:23:49 2008 => Scanning File C:\WINDOWS\system32\ciodm.dll
Mon Jul 07 22:23:49 2008 => Scanning File C:\WINDOWS\system32\cipher.exe
Mon Jul 07 22:23:49 2008 => Scanning File C:\WINDOWS\system32\cisvc.exe
Mon Jul 07 22:23:49 2008 => Scanning File C:\WINDOWS\system32\ckcnv.exe
Mon Jul 07 22:23:49 2008 => Scanning File C:\WINDOWS\system32\clb.dll
Mon Jul 07 22:23:49 2008 => Scanning File C:\WINDOWS\system32\clbcatex.dll
Mon Jul 07 22:23:50 2008 => Scanning File C:\WINDOWS\system32\clbcatq.dll
Mon Jul 07 22:23:50 2008 => Scanning File C:\WINDOWS\system32\cleanmgr.exe
Mon Jul 07 22:23:50 2008 => Scanning File C:\WINDOWS\system32\cliconf.chm
Mon Jul 07 22:23:52 2008 => Scanning File C:\WINDOWS\system32\cliconfg.dll
Mon Jul 07 22:23:52 2008 => Scanning File C:\WINDOWS\system32\cliconfg.exe
Mon Jul 07 22:23:52 2008 => Scanning File C:\WINDOWS\system32\cliconfg.rll
Mon Jul 07 22:23:52 2008 => Scanning File C:\WINDOWS\system32\clipbrd.exe
Mon Jul 07 22:23:52 2008 => Scanning File C:\WINDOWS\system32\clipsrv.exe
Mon Jul 07 22:23:52 2008 => Scanning File C:\WINDOWS\system32\CloseACU.exe
Mon Jul 07 22:23:52 2008 => Scann
  • 0

#19
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Hi actually it would have been the results displayed when the scan was done.
It showed only the infected files not every file.
Don't worry about posting anymore of that one.

Please download ATF Cleaner by Atribune.
Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.
If you use Firefox browserClick Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
If you use Opera browserClick Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.
For Technical Support, double-click the e-mail address located at the bottom of each menu.
==============================================
Please do a scan with Kaspersky Online Scanner

Note: If you are using Windows Vista, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.

Click on the Accept button and install any components it needs.
  • The program will install and then begin downloading the latest definition files.
  • After the files have been downloaded on the left side of the page in the Scan section select My Computer
  • This will start the program and scan your system.
  • The scan will take a while, so be patient and let it run.
  • Once the scan is complete, click on View scan report
  • Now, click on the Save Report as button.
  • Save the file to your desktop.
  • Copy and paste that information in your next post.

  • 0

#20
kristinsara

kristinsara

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
every time i try to download the kaspersky online scanner mozilla just closes itself out. i have tried about 10 times now and it will get to about 300 kb and then it will just close. i dont know what is going on, what should i do?
  • 0

#21
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Download Dr.Web CureIt to the desktop:
ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe
  • Doubleclick the drweb-cureit.exe file and Allow to run the express scan
  • This will scan the files currently running in memory and when something is found, click the yes button when it asks you if you want to cure it. This is only a short scan.
  • Once the short scan has finished, mark the drives that you want to scan.
  • Select all drives. A red dot shows which drives have been chosen.
  • Click the green arrow at the right, and the scan will start.
  • Click 'Yes to all' if it asks if you want to cure/move the file.
  • When the scan has finished, in the menu, click file and choose save report list
  • Save the report to your desktop. The report will be called DrWeb.csv
  • Close Dr.Web Cureit.
  • Post that log in your next reply.

(Note if you cannot open the log it produces then right click on it and choose rename.
Rename it to .txt and you will be able to open it)

  • 0

#22
kristinsara

kristinsara

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
File C:\Deckard\System Scanner\20080705202703\backup\DOCUME~1\RYANMI~1\LOCALS~1\Temp\BatSetup.exe tagged as not-a-virus:AdWare.Win32.Rabio.m. No Action Taken.
File C:\Deckard\System Scanner\20080705202703\backup\DOCUME~1\RYANMI~1\LOCALS~1\Temp\syswcc32.exe tagged as not-a-virus:AdWare.Win32.WebHancer.423. No Action Taken.
File C:\WINDOWS\PerfInfo\Up9bFgJIOZwp.exe tagged as not-a-virus:AdWare.Win32.Agent.bvl. No Action Taken.
  • 0

#23
kristinsara

kristinsara

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
i now have 0 bytes on my c:/ drive and atf cleaner won't work anymore, it says there is an invalid picture error
  • 0

#24
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
  • Please double-click OTMoveIt2.exe to run it. (Vista users, please right click on OTMoveit2.exe and select "Run as an Administrator")
  • Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

    C:\WINDOWS\PerfInfo\Up9bFgJIOZwp.exe
    emptytemp
  • Return to OTMoveIt2, right click in the "Paste List of Files/Folders to be Moved" window (under the light Yellow bar) and choose Paste.
  • Click the red Moveit! button.
  • OTMoveit2 will create a log of moved files in the C:\_OTMoveIt\MovedFiles folder. The log's name will appear as the date and time it was created, with the format mmddyyyy_hhmmss.log. Open this log in Notepad and post its contents in your next reply.
  • Close OTMoveIt2
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.
============
Delete these folders
C:\Kaspersky
C:\Downloads
Also the dr.web folder it is in your MY Documents folder.
Empty your recycle bin.
=======================
Post the OT Move it log and a new dss log.
  • 0

#25
kristinsara

kristinsara

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
C:\WINDOWS\PerfInfo\Up9bFgJIOZwp.exe moved successfully.
< emptytemp >
File delete failed. C:\DOCUME~1\RYANMI~1\LOCALS~1\Temp\WCESLog.log scheduled to be deleted on reboot.
Temp folders emptied.
IE temp folders emptied.

OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 07162008_140558

Files moved on Reboot...
File C:\DOCUME~1\RYANMI~1\LOCALS~1\Temp\WCESLog.log not found!















Deckard's System Scanner v20071014.68
Run by ryan miller on 2008-07-16 14:14:03
Computer is in Normal Mode.
--------------------------------------------------------------------------------

Percentage of Memory in Use: 76% (more than 75%).
Total Physical Memory: 223 MiB (512 MiB recommended).
System Drive C: has 0.07 GiB (less than 15%) free.


-- HijackThis (run as ryan miller.exe) -----------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:14:29 PM, on 7/16/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\notepad.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\EzButton\EzButton.EXE
C:\Program Files\TOSHIBA\Power Management\CePMTray.exe
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\system32\WDBtnMgr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\Program Files\Java\jre1.5.0_03\bin\jucheck.exe
C:\Program Files\Ahead\ODD Toolkit\DVDTray.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\WINDOWS\CY_BG.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\WINDOWS\system32\RAMASST.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\TOSHIBA\Power Management\CeEPwrSvc.exe
C:\WINDOWS\System32\DVDRAMSV.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Dantz\Retrospect\retrorun.exe
C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\ryan miller\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\RYANMI~1.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c.../search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [EzButton] C:\Program Files\EzButton\EzButton.EXE
O4 - HKLM\..\Run: [CeEPOWER] C:\Program Files\TOSHIBA\Power Management\CePMTray.exe
O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [DVDTray] C:\Program Files\Ahead\ODD Toolkit\DVDTray.exe
O4 - HKLM\..\Run: [CY_BG] C:\WINDOWS\CY_BG.EXE
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - Startup: Bat - Auto Update.lnk = C:\Program Files\Bat\Bat.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {53D40FAA-4E21-459F-AA87-E4D97FC3245A} (InstallShield Setup Player V12) - http://www.respondus...m/LDB/setup.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: CeEPwrSvc - COMPAL ELECTRONIC INC. - C:\Program Files\TOSHIBA\Power Management\CeEPwrSvc.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\System32\DVDRAMSV.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Retrospect Launcher (RetroLauncher) - Dantz Development Corporation - C:\Program Files\Dantz\Retrospect\retrorun.exe
O23 - Service: Retrospect Helper - Dantz Development Corporation - C:\Program Files\Dantz\Retrospect\rthlpsvc.exe
O23 - Service: Retrospect WD Service (RetroWDSvc) - Dantz Development Corporation - C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe

--
End of file - 6956 bytes

-- Files created between 2008-06-16 and 2008-07-16 -----------------------------

2008-07-16 14:11:12 0 d-------- C:\WINDOWS\LastGood
2008-07-07 22:05:08 0 d-------- C:\Bases
2008-07-05 20:27:29 0 d-------- C:\Program Files\Trend Micro
2008-07-04 03:00:31 0 d-------- C:\Program Files\MSXML 4.0
2008-07-02 18:01:51 0 d-------- C:\Documents and Settings\ryan miller\Application Data\DeepBurner
2008-07-02 18:01:10 0 d-------- C:\Program Files\Astonsoft
2008-07-02 17:20:14 348160 --a------ C:\WINDOWS\system32\WMAFile.dll <Not Verified; NCT Company Ltd.; NCTWMAFile2 ActiveX DLL>
2008-07-02 17:20:14 1212416 --a------ C:\WINDOWS\system32\AudioInfos.dll <Not Verified; NCT Company Ltd.; NCTAudioInformation2 ActiveX DLL>
2008-07-02 17:20:13 1986560 --a------ C:\WINDOWS\system32\AudFile.dll <Not Verified; NCT Company Ltd.; NCTAudioFile2 ActiveX DLL>
2008-07-02 17:20:12 40960 --a------ C:\WINDOWS\system32\SSubTmr6.dll <Not Verified; vbAccelerator; SSubTmr6>
2008-07-02 17:20:09 82432 --a------ C:\WINDOWS\system32\msxml4r.dll <Not Verified; Microsoft Corporation; Microsoft® MSXML 4.0 SP1>
2008-07-02 17:20:08 44544 --a------ C:\WINDOWS\system32\msxml4a.dll <Not Verified; Microsoft Corporation; Microsoft® MSXML 4.0 SP1>


-- Find3M Report ---------------------------------------------------------------

2008-07-09 08:29:39 0 d-------- C:\Documents and Settings\ryan miller\Application Data\AVG7
2008-07-07 20:58:51 0 d-------- C:\Program Files\GRETECH
2008-07-07 20:57:57 0 d-------- C:\Program Files\Common Files
2008-07-07 20:57:52 0 d-------- C:\Documents and Settings\ryan miller\Application Data\Lavasoft
2008-07-05 11:08:21 0 d-------- C:\Program Files\Soulseek
2008-06-11 20:51:32 0 d-------- C:\Documents and Settings\ryan miller\Application Data\Vso
2008-06-11 20:51:32 34 --a------ C:\Documents and Settings\ryan miller\Application Data\pcouffin.log
2008-06-11 20:51:10 47360 --a------ C:\Documents and Settings\ryan miller\Application Data\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
2008-06-11 20:51:10 1144 --a------ C:\Documents and Settings\ryan miller\Application Data\pcouffin.inf
2008-06-11 20:51:10 7887 --a------ C:\Documents and Settings\ryan miller\Application Data\pcouffin.cat
2008-04-30 17:04:33 1160 --a------ C:\WINDOWS\mozver.dat


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="C:\Program Files\Apoint2K\Apoint.exe" [10/30/2003 05:46 PM]
"EzButton"="C:\Program Files\EzButton\EzButton.EXE" [07/07/2004 05:25 PM]
"CeEPOWER"="C:\Program Files\TOSHIBA\Power Management\CePMTray.exe" [08/19/2004 07:14 PM]
"@"="" []
"PadTouch"="C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe" [02/03/2004 03:47 PM]
"TPNF"="C:\Program Files\TOSHIBA\TouchPad\TPTray.exe" [07/28/2004 05:23 PM]
"IgfxTray"="C:\WINDOWS\System32\igfxtray.exe" [11/18/2003 02:24 AM]
"HotKeysCmds"="C:\WINDOWS\System32\hkcmd.exe" [11/18/2003 02:11 AM]
"WD Button Manager"="WDBtnMgr.exe" [01/05/2006 09:57 PM C:\WINDOWS\system32\WDBtnMgr.exe]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" [04/15/2008 09:57 AM]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [03/14/2007 07:05 PM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe" [04/13/2005 03:48 AM]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [07/09/2001 11:50 AM]
"DVDTray"="C:\Program Files\Ahead\ODD Toolkit\DVDTray.exe" [09/03/2004 04:58 AM]
"CY_BG"="C:\WINDOWS\CY_BG.EXE" [04/20/2003 10:11 PM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [10/13/2004 12:24 PM]
"TOSCDSPD"="C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe" [09/05/2003 04:24 AM]
"AIM"="C:\Program Files\AIM\aim.exe" [08/01/2006 04:35 PM]
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe" [06/20/2006 11:36 PM]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoChangeStartMenu"=0 (0x0)
"NoClose"=0 (0x0)
"NoLogOff"=0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"




-- End of Deckard's System Scanner: finished at 2008-07-16 14:15:19 ------------
  • 0

Advertisements


#26
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Delete this folder as well >C:\Bases

As far as your drive space your total drive size is 20 gb's do you have any programs,pictures, or Music that can be burned to disks?
If so please do so and then delete the content from off of your hard drive.
================================================
Cleanup::
  • Make sure you have an Internet Connection.
  • Double-click OTMoveIt2.exe to run it. (Vista users, please right click on OTMoveit2.exe and select "Run as an Administrator")
  • Click on the CleanUp! button
  • A list of tool components used in the Cleanup of malware will be downloaded.
  • If your Firewall or Real Time protection attempts to block OtMoveit2 to reach the Internet, please allow the application to do so.
  • Click Yes to begin the Cleanup process and remove these components, including this application.
  • You will be asked to reboot the machine to finish the Cleanup process. If you are asked to reboot the machine choose Yes.
===============
Upgrading Java:
  • Download the latest version of Java Runtime Environment (JRE) 6 Update 7.
  • Scroll down to where it says "The J2SE Runtime Environment (JRE) allows end-users to run Java applications".
  • Click the "Download" button to the right.
  • Select your Platform and check the box that says: "I agree to the Java SE Runtime Environment 7 License Agreement.".
  • Click on Continue.
  • Click on the link to download Windows Offline Installation (jre-6u6-windows-i586-p.exe) and save it to your desktop. Do NOT use the Sun Download Manager..
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Control Panel, double-click on Add/Remove programs and remove all older versions of Java.
  • Check any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java version.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on the download to install the newest version.

=============================
Delete\uninstall anything else that we have used.

System Restore
Then I will need you to reset your System Restore points.
The link below shows how to create a clean restore point.
How to Turn On and Turn Off System Restore in Windows XP
http://support.micro...kb/310405/en-us
=====================================
After that your log is clean. :)

The following is a list of tools and utilities that I like to suggest to people.
You do not have to have all or any of them they are only suggestions.
This list is full of great tools and utilities to help you understand how you got infected and how to keep from getting infected again.

Spybot Search & Destroy-Uber powerful tool which can search and annhilate nasties that make it onto your system. Now with an Immunize section that will help prevent future infections.

Spyware Blaster - Great prevention tool to keep nasties from installing on your system.

Spywareguard-Works as a Spyware "Shield" to protect your computer from getting malware in the first place.

IE-SPYAD- puts over 5000 sites in your restricted zone so you'll be protected when you visit innocent-looking sites that aren't actually innocent at all.

Windows Updates - It is very important to make sure that both Internet Explorer and Windows are kept current with the latest critical security patches from Microsoft. To do this just start Internet Explorer and select Tools > Windows Update, and follow the online instructions from there.

Tony Klein article To find out more information about how you got infected in the first place and some great guidelines to follow to prevent future infections you can read this article by Tony Klein.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP