\July14_loader.exe - Free Antivirus Forum

\July14_loader.exe

BullGuard Antivirus Forum > Virus Removal > Removal Help > \July14_loader.exe

Forum Quick Jump

$Post reply to : \July14_loader.exe$ $Printable version of : \July14_loader.exe$

[ << Previous Thread | Next Thread >> ]

Mick 2
New Member

Date Joined Oct 2004
Total Posts : 10

Posted 10-16-2004 5:11 (GMT +1)

$Quote: \July14_loader.exe$ $Alert an admin about: \July14_loader.exe$

Hello all,

My first time here. I found this site by Googling my problem. Spent a little time perusing and thought I would join.

My issue is with this virus: July14_loader.exe. I have Windows XP home version. I also have Norton professional, Adware 6.0, Spybot, AVG and Zonealarm. All except Norton are the free versions. Yes, I have read some threads concerning the effectivness of freeware. Or the lack of.

AVG notified me of the virus. When I ran the program it suggested sending it to their holding bin or whatever it is called. I can't remember at the moment. When I agreed to that it said it could not get rid of it. It might be in use or right protected. I went to it's location on the C drive and tried deleting it directly. Nope. I kept getting the warning from AVG even while I was performing the scan. It continues. I left Norton running to try and catch it as I had to go to work today. I have seen a couple suggestions posted by Touch for hijackthis and the vil.nai site. Should I try those to get rid of this thing or is there something else? I believe I am considering trying the Bullguard program and see how that works.

I am Very open to suggestions.
Thanks,

Mick 2

Touch
Forum Moderator

Date Joined Jun 2004
Total Posts : 14290

Posted 10-16-2004 7:44 (GMT +1)

$Quote: \July14_loader.exe$ $Alert an admin about: \July14_loader.exe$

Hey

Try Bullguard yeah

Or else-

Download Hijackthis: http://www.spywareinfo.com/~merijn/downloads.html
http://www.spychecker.com/program/hijackthis.html

Unzip to own permanent folder. Scan, scan button change to-save log. Post log here
It is probably in registry too, thats why you can´t delete it

Touch

Mick 2
New Member

Date Joined Oct 2004
Total Posts : 10

Posted 10-17-2004 2:37 (GMT +1)

$Quote: \July14_loader.exe$ $Alert an admin about: \July14_loader.exe$

Hey Touch,

I did the Hijackthis thing. Boy is it fast. Here is what it found. Oh, my AVG Resident shield detected another Trojan Horse; Downloader.Aprop.P Apparently located in my C:\system file info folder. What do I do next?

Thanks a lot

Mick 2

Logfile of HijackThis v1.97.7
Scan saved at 9:39:31 AM, on 10/16/2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\Dell\EUSW\Support.exe
C:\WINDOWS\system32\PELMICED.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe
C:\Program Files\Lexmark X74-X75\lxbbbmon.exe
C:\documents and settings\michael shaw\local settings\temp\F40yPRa.exe
C:\documents and settings\michael shaw\local settings\temp\22tq.exe
C:\documents and settings\michael shaw\local settings\temp\F40yPRa.exe
C:\documents and settings\michael shaw\local settings\temp\22tq.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\system32\BOOTVID1.exe
C:\PROGRA~1\COMMON~1\WinTools\WToolsA.exe
C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\System32\cisvc.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\system32\ScsiAccess.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\WinTools\WToolsS.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Common Files\WinTools\WSup.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\tases.exe
C:\WINDOWS\system32\tssifier.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
C:\Program Files\Dell\Support\Alert\bin\NotifyAlert.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Documents and Settings\Michael Shaw\Application Data\ttuh.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Michael Shaw\Desktop\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft Money\System\urlmap.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = file://C:\WINDOWS\system32\SearchBar.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://rd.yahoo.com/customize/ymsgr/defaults/*http://my.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = 203
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 203
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.comcast.net/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {8952A998-1E7E-4716-B23D-3DBE03910972} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {87766247-311C-43B4-8499-3D5FEC94A183} - C:\PROGRA~1\COMMON~1\WinTools\WToolsB.dll
O2 - BHO: (no name) - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBarBHO.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {C5183ABC-EB6E-4E05-B8C9-500A16B6CF94} - (no file)
O2 - BHO: Search Help - {E8EAEB34-F7B5-4C55-87FF-720FAF53D841} - C:\Documents and Settings\Michael Shaw\Local Settings\Temp\sJ.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll
O4 - HKLM\..\Run: [DwlClient] C:\Program Files\Common Files\Dell\EUSW\Support.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] PELMICED.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [prsdqwcs] C:\WINDOWS\iqoplypk.exe
O4 - HKLM\..\Run: [SQInstaller] SQInstaller.exe
O4 - HKLM\..\Run: [Lexmark X74-X75] "C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe"
O4 - HKLM\..\Run: [OVCIFMS] C:\WINDOWS\OVCIFMS.exe
O4 - HKLM\..\Run: [zzb] c:\WINDOWS\System32\zzb.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [AVG_CC] C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe /STARTUP
O4 - HKLM\..\Run: [F40yPRa] C:\documents and settings\michael shaw\local settings\temp\F40yPRa.exe
O4 - HKLM\..\Run: [I] C:\documents and settings\michael shaw\local settings\temp\I.exe
O4 - HKLM\..\Run: [Bakra] C:\WINDOWS\System32\IEHost.exe
O4 - HKLM\..\Run: [22tq] c:\documents and settings\michael shaw\local settings\temp\22tq.exe
O4 - HKLM\..\Run: [I.exe] C:\documents and settings\michael shaw\local settings\temp\I.exe
O4 - HKLM\..\Run: [F40yPRa.exe] C:\documents and settings\michael shaw\local settings\temp\F40yPRa.exe
O4 - HKLM\..\Run: [22tq.exe] C:\documents and settings\michael shaw\local settings\temp\22tq.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [5vQB4Y.exe] C:\documents and settings\michael shaw\local settings\temp\5vQB4Y.exe
O4 - HKLM\..\Run: [25499891242a] C:\WINDOWS\system32\BOOTVID1.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [0s8T3FV] tases.exe
O4 - HKLM\..\Run: [AutoUpdater] "C:\Program Files\AutoUpdate\AutoUpdate.exe"
O4 - HKLM\..\Run: [WinTools] C:\PROGRA~1\COMMON~1\WinTools\WToolsA.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [] c:\WINDOWS\System32\
O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
O4 - HKCU\..\Run: [HBr3RPZnh] tssifier.exe
O4 - HKCU\..\Run: [Aida] C:\Documents and Settings\Michael Shaw\Application Data\ttuh.exe
O4 - HKLM\..\RunOnce: [Ad-aware] "C:\Program Files\Lavasoft\Ad-aware 6\Ad-aware.exe" "+b1"
O4 - HKCU\..\RunOnce: [Web Offer] C:\ezStub.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O8 - Extra context menu item: &Viewpoint Search - res://C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll/CXTSEARCH.HTML
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra 'Tools' menuitem: MaxSpeed (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
O9 - Extra button: ICQ Pro (HKLM)
O9 - Extra 'Tools' menuitem: ICQ (HKLM)
O9 - Extra button: AIM (HKLM)
O9 - Extra button: Real.com (HKLM)
O9 - Extra button: MoneySide (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windupdates.com/get_file.php?bt=ie&p=f3c76ad4d998605eff65430886af025a169c0e9dbc06baf26675d63c6197c16284a237c3871e2060edbd3c18bbe981749d421081:5e9a21598b906bcca50cc710c13738cd
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/Swdir_Alt_Pub.cab
O16 - DPF: {2359626E-7524-4F87-B04E-22CD38A0C88C} (ICSScannerLight Class) - http://download.zonelabs.com/bin/free/cm/ICSCM.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://download.yahoo.com/dl/installs/yinst.cab
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine) - http://office.microsoft.com/officeupdate/content/opuc.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/20021205/qtinstall.info.apple.com/borris/us/win/QuickTimeInstaller.exe
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX25.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37661.7568865741
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/essentials/ymmapi_0727.dll
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/win/ActiveXPlugin.cab
O16 - DPF: {B942A249-D1E7-4C11-98AE-FCB76B08747F} (RealArcadeRdxIE Class) - http://games-dl.real.com/gameconsole/Bundler/CAB/RealArcadeRdxIE.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - http://us.dl1.yimg.com/download.yahoo.com/dl/toolbar/yiebio5_1_1_0.cab
O16 - DPF: {F54C1137-5E34-4B95-95A5-BA56D4D8D743} (Secure Delivery) - http://www.gamespot.com/KDX/kdx.cab
O16 - DPF: {FF65677A-8977-48CA-916A-DFF81B037DF3} - http://download.overpro.com/WildApp.cab

Zix
Junior Member

Date Joined Oct 2004
Total Posts : 62

Posted 10-17-2004 2:47 (GMT +1)

$Quote: \July14_loader.exe$ $Alert an admin about: \July14_loader.exe$

holy .;............ just wow yeah

Touch
Forum Moderator

Date Joined Jun 2004
Total Posts : 14290

Posted 10-17-2004 5:14 (GMT +1)

$Quote: \July14_loader.exe$ $Alert an admin about: \July14_loader.exe$

Hey Mick 2 cool

It is a very interesting mix of infections smilewinkgrin

Download this scanner: http://home9.inet.tele.dk/le01/mwav.exe
Activate all in settings, run it

It can take a couple of hours to run it. If it stop,shut it down and run again. Same goes for Spybot and Adware

Download newest Spybot Search and Destroy here : http://www.safer-networking.org/index.php?page=mirrors if it is not already installed on your computer
Install the program and then start it. Once the program has started make sure you are in the Spybot-S&D section. Click on the "Search for Updates" button. Download all updates. In some cases the program will restart after an update. When updated, click on the Immunize "Scan System" button. When the Check is over, fix all marked with red

Adware: http://www.lavasoftusa.com/support/download/#free

we need to configure Ad-aware SE for a full scan. Some of them should be enabled by default, while others you will need to set yourself (see below).

Click on the Gear icon (second from the left) to access the preferences/settings window

In the General window make sure the following are selected:
Automatically save logfile
Automatically quarantine objects prior to removal
Safe Mode (always request confirmation)
Click on the Scanning button on the left and select :
Scan within archives
Scan active processes
Scan registry
-Deep-scan registry
Scan my IE Favorites for banned URLs
Scan my Hosts file
Under Select drives & folders to scan, choose:
Select all of your hard drives that are not selected already
Click on the Advanced button on the left and select:
Include additional object information
Include negligible objects information
Include environment information
Click the Tweak button and select:
Under the Scanning Engine:

Unload recognized processes & modules during scan
Under the Cleaning Engine:Let Windows remove files in use at next reboot
Click on Proceed to save the settings.

Click Start and on the next screen choose:
Use custom scanning options
Click Next and Ad-aware will scan your hard drive(s) with the options you have selected.

Save the log file when it asks and then click Finish.
When finished, mark everything for removal and get rid of it. (Right-click on any of the entries and choose Select All from the drop down menu and click Next).

Plug-Ins for Ad-Aware (VX2 Cleaner)
Download the free VX2 Cleaner here : http://www.lavasoftusa.com/software/addons/vx2cleaner.shtml

Close Ad-Aware SE build 1.04 and Ad-Watch (if running)
Install the VX2 Cleaner
Start Ad-Aware SE build 1.04
Go to “Plug-ins”
Select the VX2 Cleaner plug-in and click “Run Plugin”
If your computer isn’t infected, click “Close”.

If your computer is infected:

Select “Clean System”
Reboot your computer
Scan your computer with Ad-Aware
Remove any VX2 objects detected
Reboot your computer again
Run a second scan to make sure the files have been removed from your computer

Cwshredder: http://www.spywareinfo.com/~merijn/downloads.html

Or: http://www.softpedia.com/public/cat/10/17/10-17-150.shtml

Unzip to own folder,check for updates if needed, close all other windows-Fix

Delete files/folder from the following directories (But not the directory itself, for example delete all files/folder IN temp.
C:\Windows\Temp\
C:\Documents and Settings\<Your Profile>\Local Settings\Temp\
C:\Documents and Settings\<All other users Profile>\Local Settings\Temp\
C:\Documents and Settings\<Your Profile>\Local Settings\Temporary Internet Files\ <<<This will delete your files in your internet cache--including cookies.
C:\Documents and Settings\<All other users Profile>\Local Settings\Temporary Internet Files\
Empty your "Recycle Bin"

There are usally a couple of files that you will not be able to delete..this is normal.

Reboot, then post a new HijackThis log and tell how things are running.

Touch

Member of - Alliance of Security Analysis Professionals

Mick 2
New Member

Date Joined Oct 2004
Total Posts : 10

Posted 10-18-2004 12:39 (GMT +1)

$Quote: \July14_loader.exe$ $Alert an admin about: \July14_loader.exe$

Hey Touch,

I attempted to do all the things you suggested in your email. Some were successful, some were not.

The escan thing worked very well. Fortunately or unfortunately it found 17 viruses. It has a huge log which I will attempt to post here.

Sat Oct 16 21:05:55 2004 => **********************************************************
Sat Oct 16 21:05:55 2004 => eScan AntiVirus Toolkit Utility.
Sat Oct 16 21:05:55 2004 => Copyright © 2003-2004, MicroWorld Technologies Inc.
Sat Oct 16 21:05:55 2004 => **********************************************************
Sat Oct 16 21:05:55 2004 => Version 4.5.5 (C:\DOCUME~1\MICHAE~1\LOCALS~1\Temp\mwavscan.com)
Sat Oct 16 21:05:55 2004 => Log File: C:\DOCUME~1\MICHAE~1\LOCALS~1\Temp\mwav.log
Sat Oct 16 21:05:56 2004 => Latest Date of files inside MWAV: 16 Oct 2004 12:00:51.
Sat Oct 16 21:05:58 2004 => AV Library Loaded...
Sat Oct 16 21:05:58 2004 => Scanning File C:\DOCUME~1\MICHAE~1\LOCALS~1\Temp\kavss.exe
Sat Oct 16 21:05:58 2004 => Scanning File C:\DOCUME~1\MICHAE~1\LOCALS~1\Temp\Getvlist.exe
Sat Oct 16 21:05:58 2004 => Scanning File C:\DOCUME~1\MICHAE~1\LOCALS~1\Temp\kavss.dll
Sat Oct 16 21:05:58 2004 => Scanning File C:\DOCUME~1\MICHAE~1\LOCALS~1\Temp\kavssdi.dll
Sat Oct 16 21:05:58 2004 => Scanning File C:\DOCUME~1\MICHAE~1\LOCALS~1\Temp\kavssi.dll
Sat Oct 16 21:05:58 2004 => Scanning File C:\DOCUME~1\MICHAE~1\LOCALS~1\Temp\kavvlg.dll
Sat Oct 16 21:05:58 2004 => Scanning File C:\DOCUME~1\MICHAE~1\LOCALS~1\Temp\msvlclnt.dll
Sat Oct 16 21:05:58 2004 => Scanning File C:\DOCUME~1\MICHAE~1\LOCALS~1\Temp\ipc.dll
Sat Oct 16 21:05:58 2004 => Scanning File C:\DOCUME~1\MICHAE~1\LOCALS~1\Temp\main.avi
Sat Oct 16 21:05:58 2004 => Scanning File C:\DOCUME~1\MICHAE~1\LOCALS~1\Temp\virus.avi
Sat Oct 16 21:05:59 2004 => Virus Database Date: 2004/10/16
Sat Oct 16 21:05:59 2004 => Virus Database Count: 106689

Sat Oct 16 21:06:45 2004 => **********************************************************
Sat Oct 16 21:06:45 2004 => eScan AntiVirus Toolkit Utility.
Sat Oct 16 21:06:45 2004 => Copyright © 2003-2004, MicroWorld Technologies Inc.
Sat Oct 16 21:06:45 2004 =>
Sat Oct 16 21:06:45 2004 => Support: support@mwti.net
Sat Oct 16 21:06:45 2004 => Web: http://www.mwti.net
Sat Oct 16 21:06:45 2004 => **********************************************************
Sat Oct 16 21:06:45 2004 => Version 4.5.5 (C:\DOCUME~1\MICHAE~1\LOCALS~1\Temp\mwavscan.com)
Sat Oct 16 21:06:45 2004 => Log File: C:\DOCUME~1\MICHAE~1\LOCALS~1\Temp\mwav.log
Sat Oct 16 21:06:45 2004 => Latest Date of files inside MWAV: 16 Oct 2004 12:00:51.

Sat Oct 16 21:06:45 2004 => Options Selected by User:
Sat Oct 16 21:06:45 2004 => Memory Check: Enabled
Sat Oct 16 21:06:45 2004 => Registry Check: Enabled
Sat Oct 16 21:06:45 2004 => StartUp Folder Check: Enabled
Sat Oct 16 21:06:45 2004 => System Folder Check: Enabled
Sat Oct 16 21:06:45 2004 => System Area Check: Disabled
Sat Oct 16 21:06:45 2004 => Services Check: Enabled
Sat Oct 16 21:06:45 2004 => Drive Check Option Disabled
Sat Oct 16 21:06:45 2004 => Folder Check: Disabled

Sat Oct 16 21:06:47 2004 => ***** Scanning Memory Files *****
Sat Oct 16 21:06:47 2004 => Scanning File C:\WINDOWS\System32\smss.exe
Sat Oct 16 21:06:47 2004 => Scanning File C:\WINDOWS\system32\ntdll.dll
Sat Oct 16 21:06:47 2004 => Scanning File C:\WINDOWS\SYSTEM32\WINLOGON.EXE
Sat Oct 16 21:06:47 2004 => Scanning File C:\WINDOWS\system32\kernel32.dll
Sat Oct 16 21:06:47 2004 => Scanning File C:\WINDOWS\system32\ADVAPI32.dll
Sat Oct 16 21:06:47 2004 => Scanning File C:\WINDOWS\system32\RPCRT4.dll
Sat Oct 16 21:06:47 2004 => Scanning File C:\WINDOWS\system32\AUTHZ.dll
Sat Oct 16 21:06:47 2004 => Scanning File C:\WINDOWS\system32\msvcrt.dll
Sat Oct 16 21:06:47 2004 => Scanning File C:\WINDOWS\system32\CRYPT32.dll
Sat Oct 16 21:06:47 2004 => Scanning File C:\WINDOWS\system32\USER32.dll
Sat Oct 16 21:06:48 2004 => Scanning File C:\WINDOWS\system32\GDI32.dll
Sat Oct 16 21:06:48 2004 => Scanning File C:\WINDOWS\system32\MSASN1.dll
Sat Oct 16 21:06:48 2004 => Scanning File C:\WINDOWS\system32\NDdeApi.dll
Sat Oct 16 21:06:48 2004 => Scanning File C:\WINDOWS\system32\PROFMAP.dll
Sat Oct 16 21:06:48 2004 => Scanning File C:\WINDOWS\system32\NETAPI32.dll
Sat Oct 16 21:06:48 2004 => Scanning File C:\WINDOWS\system32\USERENV.dll
Sat Oct 16 21:06:48 2004 => Scanning File C:\WINDOWS\system32\PSAPI.DLL
Sat Oct 16 21:06:48 2004 => Scanning File C:\WINDOWS\system32\REGAPI.dll
Sat Oct 16 21:06:48 2004 => Scanning File C:\WINDOWS\system32\Secur32.dll
Sat Oct 16 21:06:48 2004 => Scanning File C:\WINDOWS\system32\SETUPAPI.dll
Sat Oct 16 21:06:48 2004 => Scanning File C:\WINDOWS\system32\VERSION.dll
Sat Oct 16 21:06:48 2004 => Scanning File C:\WINDOWS\system32\WINSTA.dll
Sat Oct 16 21:06:48 2004 => Scanning File C:\WINDOWS\system32\WINTRUST.dll
Sat Oct 16 21:06:49 2004 => Scanning File C:\WINDOWS\system32\IMAGEHLP.dll
Sat Oct 16 21:06:49 2004 => Scanning File C:\WINDOWS\system32\WS2_32.dll
Sat Oct 16 21:06:49 2004 => Scanning File C:\WINDOWS\system32\WS2HELP.dll
Sat Oct 16 21:06:49 2004 => Scanning File C:\WINDOWS\system32\IMM32.DLL
Sat Oct 16 21:06:49 2004 => Scanning File C:\WINDOWS\system32\LPK.DLL
Sat Oct 16 21:06:49 2004 => Scanning File C:\WINDOWS\system32\USP10.dll
Sat Oct 16 21:06:49 2004 => Scanning File C:\WINDOWS\system32\MSGINA.dll
Sat Oct 16 21:06:49 2004 => Scanning File C:\WINDOWS\system32\SHELL32.dll
Sat Oct 16 21:06:49 2004 => Scanning File C:\WINDOWS\system32\SHLWAPI.dll
Sat Oct 16 21:06:49 2004 => Scanning File C:\WINDOWS\system32\COMCTL32.dll
Sat Oct 16 21:06:49 2004 => Scanning File C:\WINDOWS\system32\ODBC32.dll
Sat Oct 16 21:06:49 2004 => Scanning File C:\WINDOWS\system32\comdlg32.dll
Sat Oct 16 21:06:49 2004 => Scanning File C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
Sat Oct 16 21:06:49 2004 => Scanning File C:\WINDOWS\system32\odbcint.dll
Sat Oct 16 21:06:50 2004 => Scanning File C:\WINDOWS\system32\SHSVCS.dll
Sat Oct 16 21:06:50 2004 => Scanning File C:\WINDOWS\system32\sfc.dll
Sat Oct 16 21:06:50 2004 => Scanning File C:\WINDOWS\system32\sfc_os.dll
Sat Oct 16 21:06:50 2004 => Scanning File C:\WINDOWS\system32\ole32.dll
Sat Oct 16 21:06:50 2004 => Scanning File C:\WINDOWS\system32\Apphelp.dll
Sat Oct 16 21:06:50 2004 => Scanning File C:\WINDOWS\system32\msctfime.ime
Sat Oct 16 21:06:50 2004 => Scanning File C:\WINDOWS\system32\WINSCARD.DLL
Sat Oct 16 21:06:50 2004 => Scanning File C:\WINDOWS\system32\WTSAPI32.dll
Sat Oct 16 21:06:50 2004 => Scanning File C:\WINDOWS\system32\sxs.dll
Sat Oct 16 21:06:50 2004 => Scanning File C:\WINDOWS\system32\WINMM.dll
Sat Oct 16 21:06:50 2004 => Scanning File C:\WINDOWS\system32\serwvdrv.dll
Sat Oct 16 21:06:50 2004 => Scanning File C:\WINDOWS\system32\umdmxfrm.dll
Sat Oct 16 21:06:50 2004 => Scanning File C:\WINDOWS\system32\uxtheme.dll
Sat Oct 16 21:06:50 2004 => Scanning File C:\WINDOWS\system32\cscdll.dll
Sat Oct 16 21:06:51 2004 => Scanning File C:\WINDOWS\system32\WlNotify.dll
Sat Oct 16 21:06:51 2004 => Scanning File C:\WINDOWS\system32\WINSPOOL.DRV
Sat Oct 16 21:06:51 2004 => Scanning File C:\WINDOWS\system32\MPR.dll
Sat Oct 16 21:06:51 2004 => Scanning File C:\WINDOWS\system32\rsaenh.dll
Sat Oct 16 21:06:51 2004 => Scanning File C:\WINDOWS\system32\SAMLIB.dll
Sat Oct 16 21:06:51 2004 => Scanning File C:\WINDOWS\system32\msv1_0.dll
Sat Oct 16 21:06:51 2004 => Scanning File C:\WINDOWS\system32\iphlpapi.dll
Sat Oct 16 21:06:51 2004 => Scanning File C:\WINDOWS\system32\cscui.dll
Sat Oct 16 21:06:51 2004 => Scanning File C:\WINDOWS\system32\xpsp2res.dll
Sat Oct 16 21:06:52 2004 => Scanning File C:\WINDOWS\system32\NTMARTA.DLL
Sat Oct 16 21:06:52 2004 => Scanning File C:\WINDOWS\system32\WLDAP32.dll
Sat Oct 16 21:06:52 2004 => Scanning File C:\WINDOWS\system32\wdmaud.drv
Sat Oct 16 21:06:52 2004 => Scanning File C:\WINDOWS\system32\msacm32.drv
Sat Oct 16 21:06:52 2004 => Scanning File C:\WINDOWS\system32\MSACM32.dll
Sat Oct 16 21:06:52 2004 => Scanning File C:\WINDOWS\system32\midimap.dll
Sat Oct 16 21:06:52 2004 => Scanning File C:\WINDOWS\system32\COMRes.dll
Sat Oct 16 21:06:52 2004 => Scanning File C:\WINDOWS\system32\OLEAUT32.dll
Sat Oct 16 21:06:52 2004 => Scanning File C:\WINDOWS\system32\CLBCATQ.DLL
Sat Oct 16 21:06:53 2004 => Scanning File C:\WINDOWS\system32\services.exe
Sat Oct 16 21:06:53 2004 => Scanning File C:\WINDOWS\system32\SCESRV.dll
Sat Oct 16 21:06:53 2004 => Scanning File C:\WINDOWS\system32\umpnpmgr.dll
Sat Oct 16 21:06:53 2004 => Scanning File C:\WINDOWS\system32\NCObjAPI.DLL
Sat Oct 16 21:06:53 2004 => Scanning File C:\WINDOWS\system32\MSVCP60.dll
Sat Oct 16 21:06:53 2004 => Scanning File C:\WINDOWS\system32\ShimEng.dll
Sat Oct 16 21:06:53 2004 => Scanning File C:\WINDOWS\AppPatch\AcGenral.DLL
Sat Oct 16 21:06:53 2004 => Scanning File C:\WINDOWS\system32\eventlog.dll
Sat Oct 16 21:06:53 2004 => Scanning File C:\WINDOWS\system32\lsass.exe
Sat Oct 16 21:06:53 2004 => Scanning File C:\WINDOWS\system32\LSASRV.dll
Sat Oct 16 21:06:53 2004 => Scanning File C:\WINDOWS\system32\SAMSRV.dll
Sat Oct 16 21:06:54 2004 => Scanning File C:\WINDOWS\system32\cryptdll.dll
Sat Oct 16 21:06:54 2004 => Scanning File C:\WINDOWS\system32\DNSAPI.dll
Sat Oct 16 21:06:54 2004 => Scanning File C:\WINDOWS\system32\NTDSAPI.dll
Sat Oct 16 21:06:54 2004 => Scanning File C:\WINDOWS\system32\msprivs.dll
Sat Oct 16 21:06:54 2004 => Scanning File C:\WINDOWS\system32\kerberos.dll
Sat Oct 16 21:06:54 2004 => Scanning File C:\WINDOWS\system32\netlogon.dll
Sat Oct 16 21:06:54 2004 => Scanning File C:\WINDOWS\system32\w32time.dll
Sat Oct 16 21:06:54 2004 => Scanning File C:\WINDOWS\system32\schannel.dll
Sat Oct 16 21:06:54 2004 => Scanning File C:\WINDOWS\system32\wdigest.dll
Sat Oct 16 21:06:54 2004 => Scanning File C:\WINDOWS\system32\scecli.dll
Sat Oct 16 21:06:54 2004 => Scanning File C:\WINDOWS\system32\ipsecsvc.dll
Sat Oct 16 21:06:54 2004 => Scanning File C:\WINDOWS\system32\oakley.DLL
Sat Oct 16 21:06:54 2004 => Scanning File C:\WINDOWS\system32\WINIPSEC.DLL
Sat Oct 16 21:06:55 2004 => Scanning File C:\WINDOWS\system32\pstorsvc.dll
Sat Oct 16 21:06:55 2004 => Scanning File C:\WINDOWS\system32\mswsock.dll
Sat Oct 16 21:06:55 2004 => Scanning File C:\WINDOWS\system32\hnetcfg.dll
Sat Oct 16 21:06:55 2004 => Scanning File C:\WINDOWS\system32\psbase.dll
Sat Oct 16 21:06:55 2004 => Scanning File C:\WINDOWS\System32\wshtcpip.dll
Sat Oct 16 21:06:55 2004 => Scanning File C:\WINDOWS\system32\dssenh.dll
Sat Oct 16 21:06:55 2004 => Scanning File C:\WINDOWS\system32\svchost.exe
Sat Oct 16 21:06:55 2004 => Scanning File c:\windows\system32\rpcss.dll
Sat Oct 16 21:06:55 2004 => Scanning File c:\windows\system32\termsrv.dll
Sat Oct 16 21:06:55 2004 => Scanning File c:\windows\system32\ICAAPI.dll
Sat Oct 16 21:06:55 2004 => Scanning File c:\windows\system32\mstlsapi.dll
Sat Oct 16 21:06:55 2004 => Scanning File c:\windows\system32\ACTIVEDS.dll
Sat Oct 16 21:06:55 2004 => Scanning File c:\windows\system32\adsldpc.dll
Sat Oct 16 21:06:55 2004 => Scanning File c:\windows\system32\ATL.DLL
Sat Oct 16 21:06:55 2004 => Scanning File C:\WINDOWS\system32\msi.dll
Sat Oct 16 21:06:55 2004 => Scanning File c:\windows\system32\dhcpcsvc.dll
Sat Oct 16 21:06:56 2004 => Scanning File c:\windows\system32\wzcsvc.dll
Sat Oct 16 21:06:56 2004 => Scanning File c:\windows\system32\rtutils.dll
Sat Oct 16 21:06:56 2004 => Scanning File c:\windows\system32\WMI.dll
Sat Oct 16 21:06:56 2004 => Scanning File c:\windows\system32\ESENT.dll
Sat Oct 16 21:06:56 2004 => Scanning File C:\WINDOWS\System32\rastls.dll
Sat Oct 16 21:06:56 2004 => Scanning File C:\WINDOWS\system32\CRYPTUI.dll
Sat Oct 16 21:06:56 2004 => Scanning File C:\WINDOWS\system32\WININET.dll
Sat Oct 16 21:06:56 2004 => Scanning File C:\WINDOWS\System32\MPRAPI.dll
Sat Oct 16 21:06:56 2004 => Scanning File C:\WINDOWS\System32\RASAPI32.dll
Sat Oct 16 21:06:56 2004 => Scanning File C:\WINDOWS\System32\rasman.dll
Sat Oct 16 21:06:56 2004 => Scanning File C:\WINDOWS\System32\TAPI32.dll
Sat Oct 16 21:06:56 2004 => Scanning File C:\WINDOWS\System32\raschap.dll
Sat Oct 16 21:06:56 2004 => Scanning File c:\windows\system32\schedsvc.dll
Sat Oct 16 21:06:57 2004 => Scanning File C:\WINDOWS\System32\MSIDLE.DLL
Sat Oct 16 21:06:57 2004 => Scanning File c:\windows\system32\audiosrv.dll
Sat Oct 16 21:06:57 2004 => Scanning File c:\windows\system32\wkssvc.dll
Sat Oct 16 21:06:57 2004 => Scanning File c:\windows\system32\cryptsvc.dll
Sat Oct 16 21:06:57 2004 => Scanning File c:\windows\system32\certcli.dll
Sat Oct 16 21:06:57 2004 => Scanning File c:\windows\system32\es.dll
Sat Oct 16 21:06:57 2004 => Scanning File c:\windows\system32\ersvc.dll
Sat Oct 16 21:06:57 2004 => Scanning File c:\windows\pchealth\helpctr\binaries\pchsvc.dll
Sat Oct 16 21:06:57 2004 => Scanning File c:\windows\system32\srvsvc.dll
Sat Oct 16 21:06:57 2004 => Scanning File c:\windows\system32\netman.dll
Sat Oct 16 21:06:57 2004 => Scanning File c:\windows\system32\netshell.dll
Sat Oct 16 21:06:58 2004 => Scanning File c:\windows\system32\credui.dll
Sat Oct 16 21:06:58 2004 => Scanning File c:\windows\system32\WZCSAPI.DLL
Sat Oct 16 21:06:58 2004 => Scanning File c:\windows\system32\seclogon.dll
Sat Oct 16 21:06:58 2004 => Scanning File c:\windows\system32\sens.dll
Sat Oct 16 21:06:58 2004 => Scanning File C:\WINDOWS\System32\upnp.dll
Sat Oct 16 21:06:58 2004 => Scanning File C:\WINDOWS\System32\WINHTTP.dll
Sat Oct 16 21:06:58 2004 => Scanning File C:\WINDOWS\System32\SSDPAPI.dll
Sat Oct 16 21:06:58 2004 => Scanning File c:\windows\system32\srsvc.dll
Sat Oct 16 21:06:58 2004 => Scanning File c:\windows\system32\POWRPROF.dll
Sat Oct 16 21:06:58 2004 => Scanning File C:\WINDOWS\System32\wbem\wbemcomn.dll
Sat Oct 16 21:06:58 2004 => Scanning File c:\windows\system32\tapisrv.dll
Sat Oct 16 21:06:58 2004 => Scanning File c:\windows\system32\trkwks.dll
Sat Oct 16 21:06:58 2004 => Scanning File c:\windows\system32\wbem\wmisvc.dll
Sat Oct 16 21:06:58 2004 => Scanning File C:\WINDOWS\system32\VSSAPI.DLL
Sat Oct 16 21:06:59 2004 => Scanning File C:\WINDOWS\system32\comsvcs.dll
Sat Oct 16 21:06:59 2004 => Scanning File C:\WINDOWS\system32\MTXCLU.DLL
Sat Oct 16 21:06:59 2004 => Scanning File C:\WINDOWS\system32\WSOCK32.dll
Sat Oct 16 21:06:59 2004 => Scanning File C:\WINDOWS\system32\colbact.DLL
Sat Oct 16 21:06:59 2004 => Scanning File C:\WINDOWS\System32\CLUSAPI.DLL
Sat Oct 16 21:06:59 2004 => Scanning File C:\WINDOWS\System32\RESUTILS.DLL
Sat Oct 16 21:06:59 2004 => Scanning File c:\windows\system32\browser.dll
Sat Oct 16 21:06:59 2004 => Scanning File c:\windows\system32\6to4svc.dll
Sat Oct 16 21:06:59 2004 => Scanning File c:\windows\system32\wuauserv.dll
Sat Oct 16 21:06:59 2004 => Scanning File c:\windows\system32\wscsvc.dll
Sat Oct 16 21:07:00 2004 => Scanning File C:\WINDOWS\system32\wuaueng.dll
Sat Oct 16 21:07:00 2004 => Scanning File C:\WINDOWS\System32\ADVPACK.dll
Sat Oct 16 21:07:00 2004 => Scanning File C:\WINDOWS\System32\SHFOLDER.dll
Sat Oct 16 21:07:00 2004 => Scanning File C:\WINDOWS\System32\Cabinet.dll
Sat Oct 16 21:07:00 2004 => Scanning File C:\WINDOWS\System32\mspatcha.dll
Sat Oct 16 21:07:00 2004 => Scanning File c:\windows\system32\ipnathlp.dll
Sat Oct 16 21:07:00 2004 => Scanning File C:\WINDOWS\System32\Wbem\wbemcore.dll
Sat Oct 16 21:07:00 2004 => Scanning File C:\WINDOWS\System32\Wbem\esscli.dll
Sat Oct 16 21:07:00 2004 => Scanning File C:\WINDOWS\System32\Wbem\FastProx.dll
Sat Oct 16 21:07:00 2004 => Scanning File C:\WINDOWS\System32\rasadhlp.dll
Sat Oct 16 21:07:00 2004 => Scanning File C:\WINDOWS\System32\wship6.dll
Sat Oct 16 21:07:00 2004 => Scanning File C:\WINDOWS\System32\wbem\wmiutils.dll
Sat Oct 16 21:07:01 2004 => Scanning File C:\WINDOWS\System32\wbem\repdrvfs.dll
Sat Oct 16 21:07:01 2004 => Scanning File C:\WINDOWS\System32\wbem\wmiprvsd.dll
Sat Oct 16 21:07:01 2004 => Scanning File C:\WINDOWS\System32\wbem\wbemess.dll
Sat Oct 16 21:07:01 2004 => Scanning File C:\WINDOWS\System32\wbem\ncprov.dll
Sat Oct 16 21:07:01 2004 => Scanning File C:\WINDOWS\System32\netcfgx.dll
Sat Oct 16 21:07:01 2004 => Scanning File C:\WINDOWS\System32\rasmans.dll
Sat Oct 16 21:07:01 2004 => Scanning File C:\WINDOWS\System32\rastapi.dll
Sat Oct 16 21:07:01 2004 => Scanning File C:\WINDOWS\System32\unimdm.tsp
Sat Oct 16 21:07:01 2004 => Scanning File C:\WINDOWS\System32\uniplat.dll
Sat Oct 16 21:07:01 2004 => Scanning File C:\WINDOWS\System32\unimdmat.dll
Sat Oct 16 21:07:01 2004 => Scanning File C:\WINDOWS\system32\modemui.dll
Sat Oct 16 21:07:02 2004 => Scanning File C:\WINDOWS\System32\kmddsp.tsp
Sat Oct 16 21:07:02 2004 => Scanning File C:\WINDOWS\System32\ndptsp.tsp
Sat Oct 16 21:07:02 2004 => Scanning File C:\WINDOWS\System32\ipconf.tsp
Sat Oct 16 21:07:02 2004 => Scanning File C:\WINDOWS\System32\h323.tsp
Sat Oct 16 21:07:02 2004 => Scanning File C:\WINDOWS\System32\hidphone.tsp
Sat Oct 16 21:07:02 2004 => Scanning File C:\WINDOWS\System32\HID.DLL
Sat Oct 16 21:07:02 2004 => Scanning File C:\WINDOWS\System32\rasppp.dll
Sat Oct 16 21:07:02 2004 => Scanning File C:\WINDOWS\System32\ntlsapi.dll
Sat Oct 16 21:07:02 2004 => Scanning File C:\WINDOWS\System32\RASDLG.dll
Sat Oct 16 21:07:02 2004 => Scanning File c:\windows\system32\qmgr.dll
Sat Oct 16 21:07:02 2004 => Scanning File C:\WINDOWS\System32\qmgrprxy.dll
Sat Oct 16 21:07:02 2004 => Scanning File C:\WINDOWS\System32\catsrvut.dll
Sat Oct 16 21:07:02 2004 => Scanning File C:\WINDOWS\System32\MfcSubs.dll
Sat Oct 16 21:07:03 2004 => Scanning File C:\WINDOWS\system32\urlmon.dll
Sat Oct 16 21:07:03 2004 => Scanning File C:\WINDOWS\System32\catsrv.dll
Sat Oct 16 21:07:03 2004 => Scanning File C:\WINDOWS\SYSTEM32\MSXML3.DLL
Sat Oct 16 21:07:03 2004 => Scanning File C:\WINDOWS\System32\winrnr.dll
Sat Oct 16 21:07:03 2004 => Scanning File C:\WINDOWS\System32\cryptnet.dll
Sat Oct 16 21:07:03 2004 => Scanning File C:\WINDOWS\System32\SensApi.dll
Sat Oct 16 21:07:03 2004 => Scanning File C:\WINDOWS\System32\wbem\wbemsvc.dll
Sat Oct 16 21:07:03 2004 => Scanning File C:\WINDOWS\System32\wups.dll
Sat Oct 16 21:07:03 2004 => Scanning File C:\WINDOWS\System32\wuapi.dll
Sat Oct 16 21:07:03 2004 => Scanning File C:\WINDOWS\system32\LEXBCES.EXE
Sat Oct 16 21:07:03 2004 => Scanning File C:\WINDOWS\system32\lexp2p32.dll
Sat Oct 16 21:07:04 2004 => Scanning File C:\WINDOWS\system32\lex2kusb.dll
Sat Oct 16 21:07:04 2004 => Scanning File C:\WINDOWS\system32\spoolsv.exe
Sat Oct 16 21:07:04 2004 => Scanning File C:\WINDOWS\system32\SPOOLSS.DLL
Sat Oct 16 21:07:04 2004 => Scanning File C:\WINDOWS\system32\localspl.dll
Sat Oct 16 21:07:04 2004 => Scanning File C:\WINDOWS\system32\cnbjmon.dll
Sat Oct 16 21:07:04 2004 => Scanning File C:\WINDOWS\system32\LEXLMPM.DLL
Sat Oct 16 21:07:04 2004 => Scanning File C:\WINDOWS\system32\LexBce.dll
Sat Oct 16 21:07:04 2004 => Scanning File C:\WINDOWS\system32\FXSMON.DLL
Sat Oct 16 21:07:04 2004 => Scanning File C:\WINDOWS\system32\FXSEVENT.dll
Sat Oct 16 21:07:04 2004 => Scanning File C:\WINDOWS\system32\pjlmon.dll
Sat Oct 16 21:07:04 2004 => Scanning File C:\WINDOWS\system32\tcpmon.dll
Sat Oct 16 21:07:04 2004 => Scanning File C:\WINDOWS\system32\usbmon.dll
Sat Oct 16 21:07:04 2004 => Scanning File C:\WINDOWS\System32\spool\PRTPROCS\W32X86\LXBBPP5C.dll
Sat Oct 16 21:07:05 2004 => Scanning File C:\WINDOWS\system32\win32spl.dll
Sat Oct 16 21:07:05 2004 => Scanning File C:\WINDOWS\system32\NETRAP.dll
Sat Oct 16 21:07:05 2004 => Scanning File C:\WINDOWS\system32\inetpp.dll
Sat Oct 16 21:07:05 2004 => Scanning File C:\WINDOWS\system32\LXBBpwr.dll
Sat Oct 16 21:07:05 2004 => Scanning File C:\WINDOWS\system32\LEXPPS.EXE
Sat Oct 16 21:07:06 2004 => Scanning File C:\PROGRA~1\COMMON~1\Dell\EUSW\Support.exe
Sat Oct 16 21:07:06 2004 => Scanning File C:\PROGRA~1\COMMON~1\Dell\EUSW\DellUtil.dll
Sat Oct 16 21:07:06 2004 => Scanning File C:\PROGRA~1\COMMON~1\Dell\EUSW\DDSM.dll
Sat Oct 16 21:07:06 2004 => Scanning File C:\WINDOWS\temp\IadHide3.dll
Sat Oct 16 21:07:06 2004 => Scanning File C:\PROGRA~1\COMMON~1\WinTools\WToolsB.dll
Sat Oct 16 21:07:15 2004 => File C:\PROGRA~1\COMMON~1\WinTools\WToolsB.dll infected by "not-a-virus:AdvWare.Wintol.o" Virus. Action Taken: No Action Taken.

Sat Oct 16 21:07:15 2004 => Scanning File C:\WINDOWS\system32\mlang.dll
Sat Oct 16 21:07:16 2004 => Scanning File C:\WINDOWS\system32\PELMICED.EXE
Sat Oct 16 21:07:16 2004 => Scanning File C:\WINDOWS\system32\PELUTIL.dll
Sat Oct 16 21:07:16 2004 => Scanning File C:\WINDOWS\system32\PELCOMM.dll
Sat Oct 16 21:07:16 2004 => Scanning File C:\WINDOWS\system32\pelhooks.dll
Sat Oct 16 21:07:16 2004 => Scanning File C:\WINDOWS\system32\Pelzoom.dll
Sat Oct 16 21:07:16 2004 => Scanning File C:\WINDOWS\system32\pelscrll.dll
Sat Oct 16 21:07:16 2004 => Scanning File C:\PROGRA~1\QUICKT~1\qttask.exe
Sat Oct 16 21:07:16 2004 => Scanning File C:\WINDOWS\system32\QuickTime.qts
Sat Oct 16 21:07:17 2004 => Scanning File C:\WINDOWS\system32\OLEPRO32.DLL
Sat Oct 16 21:07:17 2004 => Scanning File C:\WINDOWS\system32\ddraw.dll
Sat Oct 16 21:07:17 2004 => Scanning File C:\WINDOWS\system32\DCIMAN32.dll
Sat Oct 16 21:07:17 2004 => Scanning File C:\WINDOWS\SYSTEM32\QuickTime\QuickTimeAuthoring.qtx
Sat Oct 16 21:07:17 2004 => Scanning File C:\WINDOWS\SYSTEM32\QuickTime\QuickTimeEssentials.qtx
Sat Oct 16 21:07:17 2004 => Scanning File C:\WINDOWS\SYSTEM32\QuickTime\QuickTimeInternetExtras.qtx
Sat Oct 16 21:07:17 2004 => Scanning File C:\WINDOWS\SYSTEM32\QuickTime\QuickTimeMPEG.qtx
Sat Oct 16 21:07:17 2004 => Scanning File C:\WINDOWS\SYSTEM32\QuickTime\QuickTimeMPEG4.qtx
Sat Oct 16 21:07:18 2004 => Scanning File C:\WINDOWS\SYSTEM32\QuickTime\QuickTimeMusic.qtx
Sat Oct 16 21:07:18 2004 => Scanning File C:\WINDOWS\SYSTEM32\QuickTime\QuickTimeStreaming.qtx
Sat Oct 16 21:07:18 2004 => Scanning File C:\WINDOWS\SYSTEM32\QuickTime\QuickTimeStreamingAuthoring.qtx
Sat Oct 16 21:07:18 2004 => Scanning File C:\WINDOWS\SYSTEM32\QuickTime\QuickTimeStreamingExtras.qtx
Sat Oct 16 21:07:18 2004 => Scanning File C:\PROGRA~1\Roxio\EASYCD~1\DirectCD\DirectCD.exe
Sat Oct 16 21:07:18 2004 => Scanning File C:\PROGRA~1\Roxio\EASYCD~1\DirectCD\CDUDFLIB.dll
Sat Oct 16 21:07:18 2004 => Scanning File C:\PROGRA~1\Roxio\EASYCD~1\DirectCD\UDFRWLIB.dll
Sat Oct 16 21:07:18 2004 => Scanning File C:\WINDOWS\system32\oledlg.dll
Sat Oct 16 21:07:18 2004 => Scanning File C:\WINDOWS\system32\LINKINFO.dll
Sat Oct 16 21:07:18 2004 => Scanning File C:\WINDOWS\system32\ntshrui.dll
Sat Oct 16 21:07:19 2004 => Scanning File C:\PROGRA~1\LEXMAR~1\lxbbbmgr.exe
Sat Oct 16 21:07:19 2004 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\ccApp.exe
Sat Oct 16 21:07:19 2004 => Scanning File C:\WINDOWS\system32\MSVCP70.dll
Sat Oct 16 21:07:19 2004 => Scanning File C:\WINDOWS\system32\MSVCR70.dll
Sat Oct 16 21:07:19 2004 => Scanning File C:\PROGRA~1\Symantec\LIVEUP~1\PRODUC~1.DLL
Sat Oct 16 21:07:19 2004 => Scanning File C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.DLL
Sat Oct 16 21:07:19 2004 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\ccVrTrst.dll
Sat Oct 16 21:07:19 2004 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\CCALERT.DLL
Sat Oct 16 21:07:19 2004 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\CCEMLPXY.DLL
Sat Oct 16 21:07:20 2004 => Scanning File C:\WINDOWS\system32\SYMREDIR.dll
Sat Oct 16 21:07:20 2004 => Scanning File C:\PROGRA~1\NORTON~1\CCIMSCAN.DLL
Sat Oct 16 21:07:20 2004 => Scanning File C:\WINDOWS\system32\ATL70.DLL
Sat Oct 16 21:07:20 2004 => Scanning File C:\PROGRA~1\NORTON~1\DEFALERT.DLL
Sat Oct 16 21:07:20 2004 => Scanning File C:\PROGRA~1\NORTON~1\NAVAPW32.DLL
Sat Oct 16 21:07:20 2004 => Scanning File C:\PROGRA~1\NORTON~1\apwutil.dll
Sat Oct 16 21:07:20 2004 => Scanning File C:\PROGRA~1\NORTON~1\SAVRT32.DLL
Sat Oct 16 21:07:20 2004 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\ccSetEvt.dll
Sat Oct 16 21:07:21 2004 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\ccProSub.dll
Sat Oct 16 21:07:21 2004 => Scanning File C:\PROGRA~1\NORTON~1\NAVOPTRF.DLL
Sat Oct 16 21:07:21 2004 => Scanning File C:\PROGRA~1\NORTON~1\apwcmdnt.dll
Sat Oct 16 21:07:21 2004 => Scanning File C:\PROGRA~1\NORTON~1\NavEmail.dll
Sat Oct 16 21:07:21 2004 => Scanning File C:\PROGRA~1\NORTON~1\NAVOpts.dll
Sat Oct 16 21:07:21 2004 => Scanning File C:\PROGRA~1\NORTON~1\N32Exclu.dll
Sat Oct 16 21:07:22 2004 => Scanning File C:\PROGRA~1\NORTON~1\S32NAVO.DLL
Sat Oct 16 21:07:22 2004 => Scanning File C:\PROGRA~1\NORTON~1\NAVError.dll
Sat Oct 16 21:07:22 2004 => Scanning File C:\PROGRA~1\NORTON~1\NAVAPSCR.dll
Sat Oct 16 21:07:22 2004 => Scanning File C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe
Sat Oct 16 21:07:22 2004 => Scanning File C:\PROGRA~1\Grisoft\AVG6\MFC42.DLL
Sat Oct 16 21:07:22 2004 => Scanning File C:\PROGRA~1\Grisoft\AVG6\avgk32.dll
Sat Oct 16 21:07:22 2004 => Scanning File C:\PROGRA~1\Grisoft\AVG6\AVGRES.dll
Sat Oct 16 21:07:22 2004 => Scanning File C:\PROGRA~1\LEXMAR~1\lxbbbmon.exe
Sat Oct 16 21:07:22 2004 => Scanning File C:\DOCUME~1\MICHAE~1\LOCALS~1\temp\F40yPRa.exe
Sat Oct 16 21:07:23 2004 => File C:\DOCUME~1\MICHAE~1\LOCALS~1\temp\F40yPRa.exe infected by "not-a-virus:AdvWare.WinFetcher.e" Virus. Action Taken: No Action Taken.

Sat Oct 16 21:07:23 2004 => Scanning File C:\WINDOWS\System32\mscoree.dll
Sat Oct 16 21:07:23 2004 => Scanning File C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscorie.dll
Sat Oct 16 21:07:23 2004 => Scanning File C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\MSVCR70.dll
Sat Oct 16 21:07:23 2004 => Scanning File C:\DOCUME~1\MICHAE~1\LOCALS~1\temp\22tq.exe
Sat Oct 16 21:07:23 2004 => Scanning File C:\DOCUME~1\MICHAE~1\LOCALS~1\temp\22tq.exe
Sat Oct 16 21:07:24 2004 => Scanning File C:\PROGRA~1\VIEWPO~1\VIEWPO~2\ViewMgr.exe
Sat Oct 16 21:07:24 2004 => Scanning File C:\WINDOWS\system32\BOOTVID1.exe
Sat Oct 16 21:07:24 2004 => Scanning File C:\WINDOWS\system32\MSVBVM60.DLL
Sat Oct 16 21:07:24 2004 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Sat Oct 16 21:07:24 2004 => Scanning File C:\PROGRA~1\COMMON~1\WinTools\WToolsA.exe
Sat Oct 16 21:07:24 2004 => File C:\PROGRA~1\COMMON~1\WinTools\WToolsA.exe infected by "TrojanDownloader.Win32.WinTool" Virus. Action Taken: No Action Taken.

Sat Oct 16 21:07:24 2004 => Scanning File C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
Sat Oct 16 21:07:24 2004 => Scanning File C:\WINDOWS\System32\wbem\wbemprox.dll
Sat Oct 16 21:07:24 2004 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\ccSetMgr.exe
Sat Oct 16 21:07:24 2004 => Scanning File C:\WINDOWS\System32\cisvc.exe
Sat Oct 16 21:07:24 2004 => Scanning File C:\WINDOWS\System32\query.dll
Sat Oct 16 21:07:25 2004 => Scanning File C:\PROGRA~1\Yahoo!\MESSEN~1\YMSGR_~1.EXE
Sat Oct 16 21:07:25 2004 => Scanning File C:\PROGRA~1\Yahoo!\MESSEN~1\res_msgr.dll
Sat Oct 16 21:07:25 2004 => Scanning File C:\PROGRA~1\NORTON~1\navapsvc.exe
Sat Oct 16 21:07:25 2004 => Scanning File C:\PROGRA~1\NORTON~1\SAVRT32.DLL
Sat Oct 16 21:07:25 2004 => Scanning File C:\PROGRA~1\NORTON~1\AdvTools\NPROTECT.EXE
Sat Oct 16 21:07:26 2004 => Scanning File C:\PROGRA~1\NORTON~1\AdvTools\S32KRNLL.DLL
Sat Oct 16 21:07:26 2004 => Scanning File C:\PROGRA~1\NORTON~1\AdvTools\NUMISC.DLL
Sat Oct 16 21:07:26 2004 => Scanning File C:\PROGRA~1\NORTON~1\AdvTools\S32UTILL.DLL
Sat Oct 16 21:07:26 2004 => Scanning File C:\PROGRA~1\NORTON~1\AdvTools\NPComSvr.DLL
Sat Oct 16 21:07:26 2004 => Scanning File C:\PROGRA~1\NORTON~1\SAVScan.exe
Sat Oct 16 21:07:26 2004 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\ccScan.dll
Sat Oct 16 21:07:26 2004 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\ecmldr32.DLL
Sat Oct 16 21:07:26 2004 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20041013.032\ecmsvr32.dll
Sat Oct 16 21:07:26 2004 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20041013.032\NAVEX32a.DLL
Sat Oct 16 21:07:26 2004 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20041013.032\NAVENG32.DLL
Sat Oct 16 21:07:26 2004 => Scanning File C:\PROGRA~1\NORTON~1\NAVAP32.DLL
Sat Oct 16 21:07:26 2004 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\DECOMP~1\DECSDK.DLL
Sat Oct 16 21:07:27 2004 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\DECOMP~1\Dec2.dll
Sat Oct 16 21:07:27 2004 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\DECOMP~1\Dec2ID.dll
Sat Oct 16 21:07:27 2004 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\DECOMP~1\Dec2Zip.dll
Sat Oct 16 21:07:27 2004 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\DECOMP~1\Dec2SS.dll
Sat Oct 16 21:07:27 2004 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\DECOMP~1\Dec2GZIP.dll
Sat Oct 16 21:07:27 2004 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\DECOMP~1\Dec2CAB.dll
Sat Oct 16 21:07:27 2004 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\DECOMP~1\Dec2LHA.dll
Sat Oct 16 21:07:27 2004 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\DECOMP~1\Dec2RAR.dll
Sat Oct 16 21:07:27 2004 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\DECOMP~1\Dec2ARJ.dll
Sat Oct 16 21:07:27 2004 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\DECOMP~1\Dec2EXE.dll
Sat Oct 16 21:07:27 2004 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\DECOMP~1\Dec2TNEF.dll
Sat Oct 16 21:07:27 2004 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\DECOMP~1\Dec2LZ.dll
Sat Oct 16 21:07:27 2004 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\DECOMP~1\Dec2AMG.dll
Sat Oct 16 21:07:28 2004 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\DECOMP~1\Dec2TAR.dll
Sat Oct 16 21:07:28 2004 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\DECOMP~1\Dec2RTF.dll
Sat Oct 16 21:07:28 2004 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\DECOMP~1\Dec2Text.dll
Sat Oct 16 21:07:28 2004 => Scanning File C:\WINDOWS\system32\ScsiAccess.EXE
Sat Oct 16 21:07:28 2004 => Scanning File c:\windows\system32\wiaservc.dll
Sat Oct 16 21:07:28 2004 => Scanning File c:\windows\system32\CFGMGR32.dll
Sat Oct 16 21:07:28 2004 => Scanning File c:\windows\system32\mscms.dll
Sat Oct 16 21:07:28 2004 => Scanning File C:\WINDOWS\System32\WIAFBDRV.DLL
Sat Oct 16 21:07:28 2004 => Scanning File C:\PROGRA~1\LEXMAR~1\lxbbmcro.dll
Sat Oct 16 21:07:28 2004 => Scanning File C:\PROGRA~1\LEXMAR~1\ConvDIB.dll
Sat Oct 16 21:07:29 2004 => Scanning File C:\PROGRA~1\LEXMAR~1\rtscan.dll
Sat Oct 16 21:07:29 2004 => Scanning File C:\WINDOWS\System32\ACTXPRXY.DLL
Sat Oct 16 21:07:29 2004 => Scanning File C:\WINDOWS\System32\sti.dll
Sat Oct 16 21:07:29 2004 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
Sat Oct 16 21:07:29 2004 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcnet.dll
Sat Oct 16 21:07:29 2004 => Scanning File C:\PROGRA~1\COMMON~1\WinTools\WToolsS.exe
Sat Oct 16 21:07:29 2004 => File C:\PROGRA~1\COMMON~1\WinTools\WToolsS.exe infected by "TrojanDownloader.Win32.Wintool.b" Virus. Action Taken: No Action Taken.

Sat Oct 16 21:07:29 2004 => Scanning File C:\WINDOWS\System32\MsPMSPSv.exe
Sat Oct 16 21:07:30 2004 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\ccEvtMgr.exe
Sat Oct 16 21:07:30 2004 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\CCSETEVT.DLL
Sat Oct 16 21:07:30 2004 => Scanning File C:\PROGRA~1\NORTON~1\NAVEVENT.DLL
Sat Oct 16 21:07:30 2004 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\SECURI~1\SymWSC.exe
Sat Oct 16 21:07:30 2004 => Scanning File C:\WINDOWS\system32\DBGHELP.DLL
Sat Oct 16 21:07:30 2004 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\SECURI~1\WSCHlpr.dll
Sat Oct 16 21:07:30 2004 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\SECURI~1\sscnis7.dll
Sat Oct 16 21:07:30 2004 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\SECURI~1\sscnis56.dll
Sat Oct 16 21:07:31 2004 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\SECURI~1\sscnav.dll
Sat Oct 16 21:07:31 2004 => Scanning File C:\PROGRA~1\Symantec\LIVEUP~1\NETDET~1.DLL
Sat Oct 16 21:07:31 2004 => Scanning File C:\WINDOWS\System32\mstask.dll
Sat Oct 16 21:07:31 2004 => Scanning File C:\PROGRA~1\COMMON~1\WinTools\WSup.exe
Sat Oct 16 21:07:31 2004 => File C:\PROGRA~1\COMMON~1\WinTools\WSup.exe infected by "TrojanDownloader.Win32.WinTool" Virus. Action Taken: No Action Taken.

Sat Oct 16 21:07:31 2004 => Scanning File C:\PROGRA~1\DIGITA~1\DLG.exe
Sat Oct 16 21:07:31 2004 => Scanning File C:\PROGRA~1\DIGITA~1\BVRPDIAG.dll
Sat Oct 16 21:07:31 2004 => Scanning File C:\WINDOWS\system32\MdmXSdk.dll
Sat Oct 16 21:07:31 2004 => Scanning File C:\PROGRA~1\Kodak\KODAKE~1\bin\EASYSH~1.EXE
Sat Oct 16 21:07:32 2004 => Scanning File C:\PROGRA~1\Kodak\KODAKE~1\bin\SPIFFY~1.DLL
Sat Oct 16 21:07:32 2004 => Scanning File C:\WINDOWS\system32\MFC42.DLL
Sat Oct 16 21:07:32 2004 => Scanning File C:\PROGRA~1\Kodak\KODAKE~1\bin\VistaDB.dll
Sat Oct 16 21:07:32 2004 => Scanning File C:\PROGRA~1\Kodak\KODAKE~1\bin\Atlas.dll
Sat Oct 16 21:07:32 2004 => Scanning File C:\PROGRA~1\Kodak\KODAKE~1\bin\pjObjDB.dll
Sat Oct 16 21:07:32 2004 => Scanning File C:\PROGRA~1\Kodak\KODAKE~1\bin\MEDIAE~1.DLL
Sat Oct 16 21:07:33 2004 => Scanning File C:\PROGRA~1\Kodak\KODAKE~1\bin\ipworks5.dll
Sat Oct 16 21:07:33 2004 => Scanning File C:\PROGRA~1\Kodak\KODAKE~1\bin\VISTAI~1.DLL
Sat Oct 16 21:07:33 2004 => Scanning File C:\PROGRA~1\Kodak\KODAKE~1\bin\KCat40.dll
Sat Oct 16 21:07:33 2004 => Scanning File C:\PROGRA~1\Kodak\KODAKE~1\bin\kcor40.dll
Sat Oct 16 21:07:33 2004 => Scanning File C:\PROGRA~1\Kodak\KODAKE~1\bin\LTDIS10N.dll
Sat Oct 16 21:07:33 2004 => Scanning File C:\PROGRA~1\Kodak\KODAKE~1\bin\LTKRN10N.dll
Sat Oct 16 21:07:33 2004 => Scanning File C:\PROGRA~1\Kodak\KODAKE~1\bin\LTFIL10N.DLL
Sat Oct 16 21:07:33 2004 => Scanning File C:\PROGRA~1\Kodak\KODAKE~1\bin\LTIMG10N.dll
Sat Oct 16 21:07:34 2004 => Scanning File C:\PROGRA~1\Kodak\KODAKE~1\bin\LTEFX10N.dll
Sat Oct 16 21:07:34 2004 => Scanning File C:\PROGRA~1\Kodak\KODAKE~1\bin\VISTAC~2.DLL
Sat Oct 16 21:07:34 2004 => Scanning File C:\WINDOWS\system32\ICMP.dll
Sat Oct 16 21:07:34 2004 => Scanning File C:\PROGRA~1\Kodak\KODAKE~1\bin\LocVista.dll
Sat Oct 16 21:07:34 2004 => Scanning File C:\WINDOWS\system32\RICHED32.DLL
Sat Oct 16 21:07:34 2004 => Scanning File C:\WINDOWS\system32\RICHED20.dll
Sat Oct 16 21:07:34 2004 => Scanning File C:\PROGRA~1\Kodak\KODAKE~1\bin\VISTAC~1.DLL
Sat Oct 16 21:07:34 2004 => Scanning File C:\PROGRA~1\Kodak\KODAKE~1\bin\VISTAC~3.DLL
Sat Oct 16 21:07:34 2004 => Scanning File C:\PROGRA~1\Kodak\KODAKE~1\bin\LO5593~1.DLL
Sat Oct 16 21:07:35 2004 => Scanning File C:\PROGRA~1\Kodak\KODAKE~1\bin\AcqMod.dll
Sat Oct 16 21:07:35 2004 => Scanning File C:\PROGRA~1\Kodak\KODAKE~1\bin\KPCDIN~1.DLL
Sat Oct 16 21:07:35 2004 => Scanning File C:\PROGRA~1\Kodak\KODAKE~1\bin\LOCACQ~1.DLL
Sat Oct 16 21:07:35 2004 => Scanning File C:\PROGRA~1\Kodak\KODAKE~1\bin\LOCVIS~1.DLL
Sat Oct 16 21:07:35 2004 => Scanning File C:\PROGRA~1\Kodak\KODAKE~1\bin\VISTAP~1.DLL
Sat Oct 16 21:07:35 2004 => Scanning File C:\PROGRA~1\Kodak\KODAKE~1\bin\kpri40.dll
Sat Oct 16 21:07:35 2004 => Scanning File C:\PROGRA~1\Kodak\KODAKE~1\bin\LOCVIS~3.DLL
Sat Oct 16 21:07:35 2004 => Scanning File C:\PROGRA~1\Kodak\KODAKE~1\bin\kLocPri.dll
Sat Oct 16 21:07:36 2004 => Scanning File C:\PROGRA~1\Kodak\KODAKE~1\bin\VISTAP~2.DLL
Sat Oct 16 21:07:36 2004 => Scanning File C:\PROGRA~1\Kodak\KODAKE~1\bin\VPRINT~2.DLL
Sat Oct 16 21:07:36 2004 => Scanning File C:\PROGRA~1\Kodak\KODAKE~1\bin\VPRINT~1.DLL
Sat Oct 16 21:07:36 2004 => Scanning File C:\PROGRA~1\Kodak\KODAKE~1\bin\LOCVIS~4.DLL
Sat Oct 16 21:07:36 2004 => Scanning File C:\PROGRA~1\Kodak\KODAKE~1\bin\VISTAE~2.DLL
Sat Oct 16 21:07:36 2004 => Scanning File C:\PROGRA~1\Kodak\KODAKE~1\bin\keml40.dll
Sat Oct 16 21:07:36 2004 => Scanning File C:\PROGRA~1\Kodak\KODAKE~1\bin\LO1258~1.DLL
Sat Oct 16 21:07:36 2004 => Scanning File C:\PROGRA~1\Kodak\KODAKE~1\bin\CAMERA~1.SYX
Sat Oct 16 21:07:36 2004 => Scanning File C:\PROGRA~1\Kodak\KODAKE~1\bin\LOCCAM~1.DLL
Sat Oct 16 21:07:36 2004 => Scanning File C:\PROGRA~1\Kodak\KODAKE~1\bin\PCDLAU~1.SYX
Sat Oct 16 21:07:37 2004 => Scanning File C:\PROGRA~1\Kodak\KODAKE~1\bin\PCDSYSX.syx
Sat Oct 16 21:07:37 2004 => Scanning File C:\PROGRA~1\Kodak\KODAKE~1\bin\LOCPCD~1.DLL
Sat Oct 16 21:07:37 2004 => Scanning File C:\PROGRA~1\Kodak\KODAKE~1\bin\VISTAC~1.SYX
Sat Oct 16 21:07:37 2004 => Scanning File C:\PROGRA~1\Kodak\KODAKE~1\bin\LO9997~1.DLL
Sat Oct 16 21:07:37 2004 => Scanning File C:\WINDOWS\system32\dsound.dll
Sat Oct 16 21:07:37 2004 => Scanning File C:\WINDOWS\system32\KsUser.dll
Sat Oct 16 21:07:37 2004 => Scanning File C:\WINDOWS\SYSTEM32\QuickTimeVR.qtx
Sat Oct 16 21:07:37 2004 => Scanning File C:\PROGRA~1\Kodak\KODAKE~1\bin\Escom.dll
Sat Oct 16 21:07:37 2004 => Scanning File C:\PROGRA~1\Kodak\KODAKE~1\AddIn\VistaPCD.cyx
Sat Oct 16 21:07:38 2004 => Scanning File C:\PROGRA~1\Kodak\KODAKE~1\AddIn\LOCVIS~1.DLL
Sat Oct 16 21:07:38 2004 => Scanning File C:\PROGRA~1\Kodak\KODAKE~1\AddIn\VPCD.dll
Sat Oct 16 21:07:38 2004 => Scanning File C:\PROGRA~1\Kodak\KODAKE~1\AddIn\VISTAR~1.CYX
Sat Oct 16 21:07:38 2004 => Scanning File C:\PROGRA~1\Kodak\KODAKE~1\AddIn\KRdS50.dll
Sat Oct 16 21:07:38 2004 => Scanning File C:\PROGRA~1\Kodak\KODAKE~1\AddIn\LOCVIS~2.DLL
Sat Oct 16 21:07:38 2004 => Scanning File C:\PROGRA~1\Kodak\KODAKS~1\7288971\Program\BACKWE~1.EXE
Sat Oct 16 21:07:38 2004 => Scanning File C:\PROGRA~1\Kodak\KODAKS~1\7288971\614~1.37-\Program\backWeb.dll
Sat Oct 16 21:07:38 2004 => Scanning File C:\PROGRA~1\Kodak\KODAKS~1\7288971\614~1.37-\Program\clntutil.dll
Sat Oct 16 21:07:39 2004 => Scanning File C:\PROGRA~1\Kodak\KODAKS~1\7288971\614~1.37-\Program\bwsec.dll
Sat Oct 16 21:07:39 2004 => Scanning File C:\WINDOWS\system32\snmpapi.dll
Sat Oct 16 21:07:39 2004 => Scanning File C:\PROGRA~1\Kodak\KODAKS~1\7288971\614~1.37-\program\EN\ClientRC.dll
Sat Oct 16 21:07:39 2004 => Scanning File C:\PROGRA~1\Kodak\KODAKS~1\7288971\Program\BWFILE~1.DLL
Sat Oct 16 21:07:39 2004 => Scanning File C:\PROGRA~1\Kodak\KODAKS~1\7288971\614~1.37-\Program\BWfiles.dll
Sat Oct 16 21:07:39 2004 => Scanning File C:\WINDOWS\system32\inetmib1.dll
Sat Oct 16 21:07:39 2004 => Scanning File C:\PROGRA~1\Kodak\KODAKS~1\7288971\Program\FREXT-~1.DLL
Sat Oct 16 21:07:39 2004 => Scanning File C:\PROGRA~1\Kodak\KODAKS~1\7288971\614~1.37-\Program\frext.dll
Sat Oct 16 21:07:39 2004 => Scanning File C:\PROGRA~1\Kodak\KODAKS~1\7288971\Program\BWTARG~1.DLL
Sat Oct 16 21:07:39 2004 => Scanning File C:\PROGRA~1\COMMON~1\MICROS~1\WORKSS~1\wkcalrem.exe
Sat Oct 16 21:07:40 2004 => Scanning File C:\WINDOWS\explorer.exe
Sat Oct 16 21:07:40 2004 => Scanning File C:\WINDOWS\system32\BROWSEUI.dll
Sat Oct 16 21:07:40 2004 => Scanning File C:\WINDOWS\System32\themeui.dll
Sat Oct 16 21:07:40 2004 => Scanning File C:\WINDOWS\System32\MSIMG32.dll
Sat Oct 16 21:07:40 2004 => Scanning File C:\WINDOWS\System32\webcheck.dll
Sat Oct 16 21:07:40 2004 => Scanning File C:\WINDOWS\System32\stobject.dll
Sat Oct 16 21:07:40 2004 => Scanning File C:\WINDOWS\System32\BatMeter.dll
Sat Oct 16 21:07:40 2004 => Scanning File C:\WINDOWS\system32\fxsst.dll
Sat Oct 16 21:07:41 2004 => Scanning File C:\WINDOWS\system32\FXSAPI.dll
Sat Oct 16 21:07:41 2004 => Scanning File C:\WINDOWS\System32\drprov.dll
Sat Oct 16 21:07:41 2004 => Scanning File C:\WINDOWS\System32\ntlanman.dll
Sat Oct 16 21:07:41 2004 => Scanning File C:\WINDOWS\System32\NETUI0.dll
Sat Oct 16 21:07:41 2004 => Scanning File C:\WINDOWS\System32\NETUI1.dll
Sat Oct 16 21:07:41 2004 => Scanning File C:\WINDOWS\System32\davclnt.dll
Sat Oct 16 21:07:41 2004 => Scanning File C:\WINDOWS\system32\shdoclc.dll
Sat Oct 16 21:07:41 2004 => Scanning File C:\WINDOWS\DOWNLO~1\ymmapi.dll
Sat Oct 16 21:07:41 2004 => Scanning File C:\PROGRA~1\WinRAR\rarext.dll
Sat Oct 16 21:07:42 2004 => Scanning File C:\PROGRA~1\NORTON~1\NavShExt.dll
Sat Oct 16 21:07:42 2004 => Scanning File C:\PROGRA~1\GLOBAL~1\CuteFTP\CUTESH~1.DLL
Sat Oct 16 21:07:42 2004 => Scanning File C:\PROGRA~1\Grisoft\AVG6\avgse.dll
Sat Oct 16 21:07:42 2004 => Scanning File C:\PROGRA~1\AIM95\idlemon.dll
Sat Oct 16 21:07:42 2004 => Scanning File C:\WINDOWS\system32\cidaemon.exe
Sat Oct 16 21:07:42 2004 => Scanning File C:\WINDOWS\system32\tases.exe
Sat Oct 16 21:07:42 2004 => Scanning File C:\WINDOWS\system32\tssifier.exe
Sat Oct 16 21:07:42 2004 => Scanning File C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
Sat Oct 16 21:07:43 2004 => Scanning File C:\WINDOWS\system32\VSUTIL.dll
Sat Oct 16 21:07:43 2004 => Scanning File C:\WINDOWS\system32\VSINIT.dll
Sat Oct 16 21:07:43 2004 => Scanning File C:\WINDOWS\system32\VSPUBAPI.dll
Sat Oct 16 21:07:43 2004 => Scanning File C:\PROGRA~1\ZONELA~1\ZONEAL~1\framewrk.dll
Sat Oct 16 21:07:43 2004 => Scanning File C:\WINDOWS\system32\vsdata.dll
Sat Oct 16 21:07:43 2004 => Scanning File C:\WINDOWS\system32\vsmonapi.dll
Sat Oct 16 21:07:43 2004 => Scanning File C:\WINDOWS\system32\zlcomm.dll
Sat Oct 16 21:07:43 2004 => Scanning File C:\WINDOWS\system32\ZLCommDB.dll
Sat Oct 16 21:07:44 2004 => Scanning File C:\WINDOWS\system32\vsxml.dll
Sat Oct 16 21:07:44 2004 => Scanning File C:\PROGRA~1\ZONELA~1\ZONEAL~1\alert.zap
Sat Oct 16 21:07:44 2004 => Scanning File C:\PROGRA~1\ZONELA~1\ZONEAL~1\email.zap
Sat Oct 16 21:07:44 2004 => Scanning File C:\PROGRA~1\ZONELA~1\ZONEAL~1\filter.zap
Sat Oct 16 21:07:44 2004 => Scanning File C:\PROGRA~1\ZONELA~1\ZONEAL~1\firewall.zap
Sat Oct 16 21:07:44 2004 => Scanning File C:\PROGRA~1\ZONELA~1\ZONEAL~1\idlock.zap
Sat Oct 16 21:07:44 2004 => Scanning File C:\PROGRA~1\ZONELA~1\ZONEAL~1\privacy.zap
Sat Oct 16 21:07:44 2004 => Scanning File C:\PROGRA~1\ZONELA~1\ZONEAL~1\programs.zap
Sat Oct 16 21:07:44 2004 => Scanning File C:\PROGRA~1\ZONELA~1\ZONEAL~1\security.zap
Sat Oct 16 21:07:44 2004 => Scanning File C:\PROGRA~1\ZONELA~1\ZONEAL~1\zav.zap
Sat Oct 16 21:07:44 2004 => Scanning File C:\WINDOWS\system32\ZoneLabs\camupd.dll
Sat Oct 16 21:07:44 2004 => Scanning File C:\WINDOWS\system32\ZoneLabs\zlparser.dll
Sat Oct 16 21:07:45 2004 => Scanning File C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
Sat Oct 16 21:07:45 2004 => Scanning File C:\WINDOWS\SYSTEM32\ZoneLabs\SSLEAY32.dll
Sat Oct 16 21:07:45 2004 => Scanning File C:\WINDOWS\SYSTEM32\ZoneLabs\VSRULEDB.DLL
Sat Oct 16 21:07:46 2004 => Scanning File C:\WINDOWS\SYSTEM32\ZoneLabs\vsdb.dll
Sat Oct 16 21:07:46 2004 => Scanning File C:\WINDOWS\SYSTEM32\ZoneLabs\vsvault.dll
Sat Oct 16 21:07:46 2004 => Scanning File C:\WINDOWS\system32\vsregexp.dll
Sat Oct 16 21:07:46 2004 => Scanning File C:\WINDOWS\SYSTEM32\ZoneLabs\html.tdr
Sat Oct 16 21:07:46 2004 => Scanning File C:\WINDOWS\SYSTEM32\ZoneLabs\vsavpro.dll
Sat Oct 16 21:07:46 2004 => Scanning File C:\PROGRA~1\Dell\Support\Alert\bin\NOTIFY~1.EXE
Sat Oct 16 21:07:46 2004 => Scanning File C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscorwks.dll
Sat Oct 16 21:07:46 2004 => Scanning File C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\fusion.dll
Sat Oct 16 21:07:47 2004 => Scanning File c:\windows\microsoft.net\framework\v1.0.3705\mscorlib.dll
Sat Oct 16 21:07:47 2004 => Scanning File c:\windows\assembly\nativeimages1_v1.0.3705\mscorlib\1.0.3300.0__b77a5c561934e089_5f82505f\mscorlib.dll
Sat Oct 16 21:07:47 2004 => Scanning File C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscorsn.dll
Sat Oct 16 21:07:47 2004 => Scanning File c:\windows\assembly\gac\system.windows.forms\1.0.3300.0__b77a5c561934e089\system.windows.forms.dll
Sat Oct 16 21:07:48 2004 => Scanning File c:\windows\assembly\nativeimages1_v1.0.3705\system.windows.forms\1.0.3300.0__b77a5c561934e089_11386ec1\system.windows.forms.dll
Sat Oct 16 21:07:48 2004 => Scanning File c:\windows\assembly\gac\system\1.0.3300.0__b77a5c561934e089\system.dll
Sat Oct 16 21:07:48 2004 => Scanning File c:\windows\assembly\nativeimages1_v1.0.3705\system\1.0.3300.0__b77a5c561934e089_70fafd86\system.dll
Sat Oct 16 21:07:48 2004 => Scanning File C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\MSCORJIT.DLL
Sat Oct 16 21:07:48 2004 => Scanning File c:\PROGRA~1\dell\support\alert\bin\euswutil.dll
Sat Oct 16 21:07:48 2004 => Scanning File C:\WINDOWS\system32\netfxperf.dll
Sat Oct 16 21:07:48 2004 => Scanning File C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\perfcounter.dll
Sat Oct 16 21:07:48 2004 => Scanning File c:\windows\assembly\gac\system.xml\1.0.3300.0__b77a5c561934e089\system.xml.dll
Sat Oct 16 21:07:49 2004 => Scanning File c:\windows\assembly\nativeimages1_v1.0.3705\system.xml\1.0.3300.0__b77a5c561934e089_66ce5066\system.xml.dll
Sat Oct 16 21:07:49 2004 => Scanning File C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\CorperfmonExt.dll
Sat Oct 16 21:07:49 2004 => Scanning File C:\WINDOWS\system32\fxsperf.dll
Sat Oct 16 21:07:49 2004 => Scanning File C:\WINDOWS\system32\perfdisk.dll
Sat Oct 16 21:07:49 2004 => Scanning File C:\WINDOWS\system32\perfnet.dll
Sat Oct 16 21:07:49 2004 => Scanning File C:\WINDOWS\system32\perfos.dll
Sat Oct 16 21:07:49 2004 => Scanning File C:\WINDOWS\system32\perfproc.dll
Sat Oct 16 21:07:49 2004 => Scanning File C:\WINDOWS\system32\pschdprf.dll
Sat Oct 16 21:07:49 2004 => Scanning File C:\WINDOWS\system32\TRAFFIC.dll
Sat Oct 16 21:07:49 2004 => Scanning File C:\WINDOWS\System32\rasctrs.dll
Sat Oct 16 21:07:50 2004 => Scanning File C:\WINDOWS\System32\rsvpperf.dll
Sat Oct 16 21:07:50 2004 => Scanning File C:\WINDOWS\system32\tapiperf.dll
Sat Oct 16 21:07:50 2004 => Scanning File C:\WINDOWS\system32\Perfctrs.dll
Sat Oct 16 21:07:50 2004 => Scanning File C:\WINDOWS\system32\perfts.dll
Sat Oct 16 21:07:50 2004 => Scanning File C:\WINDOWS\system32\UTILDLL.dll
Sat Oct 16 21:07:50 2004 => Scanning File C:\WINDOWS\System32\wbem\wmiaprpl.dll
Sat Oct 16 21:07:50 2004 => Scanning File C:\WINDOWS\system32\loadperf.dll
Sat Oct 16 21:07:50 2004 => Scanning File c:\windows\assembly\gac\system.drawing\1.0.3300.0__b03f5f7f11d50a3a\system.drawing.dll
Sat Oct 16 21:07:50 2004 => Scanning File c:\windows\assembly\nativeimages1_v1.0.3705\system.drawing\1.0.3300.0__b03f5f7f11d50a3a_e41b06b6\system.drawing.dll
Sat Oct 16 21:07:50 2004 => Scanning File c:\PROGRA~1\dell\support\alert\bin\en-us\NOTIFY~1.DLL
Sat Oct 16 21:07:50 2004 => Scanning File c:\PROGRA~1\dell\support\alert\bin\en\NOTIFY~1.DLL
Sat Oct 16 21:07:50 2004 => Scanning File C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll
Sat Oct 16 21:07:51 2004 => Scanning File C:\PROGRA~1\COMMON~1\Real\UPDATE~1\REALSC~1.EXE
Sat Oct 16 21:07:51 2004 => Scanning File C:\DOCUME~1\MICHAE~1\APPLIC~1\ttuh.exe
Sat Oct 16 21:07:51 2004 => File C:\DOCUME~1\MICHAE~1\APPLIC~1\ttuh.exe infected by "not-a-virus:AdvWare.PurityScan.w" Virus. Action Taken: No Action Taken.

Sat Oct 16 21:07:51 2004 => Scanning File C:\PROGRA~1\AIM95\aim.exe
Sat Oct 16 21:07:51 2004 => Scanning File C:\PROGRA~1\AIM95\xmlparse.dll
Sat Oct 16 21:07:51 2004 => Scanning File C:\PROGRA~1\AIM95\Xprt.dll
Sat Oct 16 21:07:52 2004 => Scanning File C:\PROGRA~1\AIM95\oscore.dll
Sat Oct 16 21:07:52 2004 => Scanning File C:\PROGRA~1\AIM95\Xpcs.dll
Sat Oct 16 21:07:52 2004 => Scanning File C:\PROGRA~1\AIM95\Xptl.dll
Sat Oct 16 21:07:52 2004 => Scanning File C:\PROGRA~1\AIM95\ATE32.dll
Sat Oct 16 21:07:52 2004 => Scanning File C:\PROGRA~1\AIM95\oscres.dll
Sat Oct 16 21:07:52 2004 => Scanning File C:\PROGRA~1\AIM95\DUNZIP32.dll
Sat Oct 16 21:07:52 2004 => Scanning File C:\PROGRA~1\AIM95\COOLSO~1.DLL
Sat Oct 16 21:07:52 2004 => Scanning File C:\PROGRA~1\AIM95\aimres.dll
Sat Oct 16 21:07:52 2004 => Scanning File C:\PROGRA~1\AIM95\COOLBU~1.DLL
Sat Oct 16 21:07:52 2004 => Scanning File C:\PROGRA~1\AIM95\CoolBos.dll
Sat Oct 16 21:07:52 2004 => Scanning File C:\PROGRA~1\AIM95\AIMCOR~1.DLL
Sat Oct 16 21:07:53 2004 => Scanning File C:\PROGRA~1\AIM95\AIMSEC~1.DLL
Sat Oct 16 21:07:53 2004 => Scanning File C:\PROGRA~1\AIM95\oscarui.dll
Sat Oct 16 21:07:53 2004 => Scanning File C:\PROGRA~1\AIM95\proto.ocm
Sat Oct 16 21:07:53 2004 => Scanning File C:\PROGRA~1\AIM95\WNDUTILS.dll
Sat Oct 16 21:07:53 2004 => Scanning File C:\PROGRA~1\AIM95\AIMAX.dll
Sat Oct 16 21:07:53 2004 => Scanning File C:\PROGRA~1\AIM95\CoolHttp.dll
Sat Oct 16 21:07:53 2004 => Scanning File C:\PROGRA~1\AIM95\startup.ocm
Sat Oct 16 21:07:53 2004 => Scanning File C:\PROGRA~1\AIM95\buddyui.ocm
Sat Oct 16 21:07:53 2004 => Scanning File C:\PROGRA~1\AIM95\advert.ocm
Sat Oct 16 21:07:54 2004 => Scanning File C:\PROGRA~1\AIM95\icbmui.ocm
Sat Oct 16 21:07:54 2004 => Scanning File C:\PROGRA~1\AIM95\locateui.ocm
Sat Oct 16 21:07:54 2004 => Scanning File C:\PROGRA~1\AIM95\browse.ocm
Sat Oct 16 21:07:54 2004 => Scanning File C:\PROGRA~1\AIM95\chatui.ocm
Sat Oct 16 21:07:54 2004 => Scanning File C:\PROGRA~1\AIM95\ticker.ocm
Sat Oct 16 21:07:54 2004 => Scanning File C:\PROGRA~1\AIM95\alertui.ocm
Sat Oct 16 21:07:54 2004 => Scanning File C:\PROGRA~1\AIM95\oscmain.ocm
Sat Oct 16 21:07:54 2004 => Scanning File C:\PROGRA~1\AIM95\miscui.ocm
Sat Oct 16 21:07:54 2004 => Scanning File C:\PROGRA~1\AIM95\stats.ocm
Sat Oct 16 21:07:54 2004 => Scanning File C:\PROGRA~1\AIM95\osclogin.ocm
Sat Oct 16 21:07:54 2004 => Scanning File C:\PROGRA~1\AIM95\popup.ocm
Sat Oct 16 21:07:55 2004 => Scanning File C:\PROGRA~1\AIM95\oscsrch.ocm
Sat Oct 16 21:07:55 2004 => Scanning File C:\PROGRA~1\AIM95\rvapps.ocm
Sat Oct 16 21:07:55 2004 => Scanning File C:\PROGRA~1\AIM95\oscmail.ocm
Sat Oct 16 21:07:55 2004 => Scanning File C:\PROGRA~1\AIM95\NTP.ocm
Sat Oct 16 21:07:55 2004 => Scanning File C:\PROGRA~1\AIM95\ateima32.dll
Sat Oct 16 21:07:55 2004 => Scanning File C:\PROGRA~1\AIM95\COOLSE~1.DLL
Sat Oct 16 21:07:55 2004 => Scanning File C:\PROGRA~1\AIM95\nss3.dll
Sat Oct 16 21:07:55 2004 => Scanning File C:\PROGRA~1\AIM95\softokn3.dll
Sat Oct 16 21:07:55 2004 => Scanning File C:\PROGRA~1\AIM95\plc4.dll
Sat Oct 16 21:07:55 2004 => Scanning File C:\PROGRA~1\AIM95\nspr4.dll
Sat Oct 16 21:07:55 2004 => Scanning File C:\PROGRA~1\AIM95\plds4.dll
Sat Oct 16 21:07:55 2004 => Scanning File C:\PROGRA~1\AIM95\ssl3.dll
Sat Oct 16 21:07:56 2004 => Scanning File C:\PROGRA~1\AIM95\smime3.dll
Sat Oct 16 21:07:56 2004 => Scanning File C:\PROGRA~1\AIM95\nssckbi.dll
Sat Oct 16 21:07:56 2004 => Scanning File C:\PROGRA~1\AIM95\POPUPS~1.DLL
Sat Oct 16 21:07:56 2004 => Scanning File C:\PROGRA~1\AIM95\STATSS~1.DLL
Sat Oct 16 21:07:56 2004 => Scanning File C:\WINDOWS\System32\mshtml.dll
Sat Oct 16 21:07:56 2004 => Scanning File C:\WINDOWS\System32\msls31.dll
Sat Oct 16 21:07:56 2004 => Scanning File C:\WINDOWS\System32\msimtf.dll
Sat Oct 16 21:07:56 2004 => Scanning File C:\WINDOWS\System32\MSCTF.dll
Sat Oct 16 21:07:56 2004 => Scanning File C:\PROGRA~1\AIM95\INETSO~1.DLL
Sat Oct 16 21:07:56 2004 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\scrauth.dll
Sat Oct 16 21:07:57 2004 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\ScrBlock.dll
Sat Oct 16 21:07:57 2004 => Scanning File c:\windows\system32\jscript.dll
Sat Oct 16 21:07:57 2004 => Scanning File c:\windows\system32\vbscript.dll
Sat Oct 16 21:07:57 2004 => Scanning File C:\WINDOWS\System32\macromed\flash\Flash.ocx
Sat Oct 16 21:07:57 2004 => Scanning File C:\PROGRA~1\VIEWPO~1\VIEWPO~1\AXMETA~2.DLL
Sat Oct 16 21:07:57 2004 => Scanning File C:\WINDOWS\system32\MSVCIRT.dll
Sat Oct 16 21:07:57 2004 => Scanning File C:\WINDOWS\System32\iepeers.dll
Sat Oct 16 21:07:57 2004 => Scanning File C:\WINDOWS\System32\ddrawex.dll
Sat Oct 16 21:07:57 2004 => Scanning File C:\WINDOWS\system32\MSRATING.dll
Sat Oct 16 21:07:57 2004 => Scanning File C:\WINDOWS\system32\msratelc.dll
Sat Oct 16 21:07:57 2004 => Scanning File C:\PROGRA~1\INTERN~1\iexplore.exe
Sat Oct 16 21:07:57 2004 => Scanning File C:\WINDOWS\system32\browselc.dll
Sat Oct 16 21:07:58 2004 => Scanning File C:\PROGRA~1\SPYBOT~1\SDHelper.dll
Sat Oct 16 21:07:58 2004 => Scanning File C:\DOCUME~1\MICHAE~1\LOCALS~1\Temp\sJ.dll
Sat Oct 16 21:07:58 2004 => Scanning File C:\PROGRA~1\MICROS~4\Office10\msohev.dll
Sat Oct 16 21:07:58 2004 => Scanning File C:\WINDOWS\System32\mshtmled.dll
Sat Oct 16 21:07:58 2004 => Scanning File C:\WINDOWS\System32\msieftp.dll
Sat Oct 16 21:07:58 2004 => Scanning File C:\WINDOWS\system32\plugin.ocx
Sat Oct 16 21:07:58 2004 => Scanning File C:\WINDOWS\System32\dxtrans.dll
Sat Oct 16 21:07:58 2004 => Scanning File C:\WINDOWS\System32\dxtmsft.dll
Sat Oct 16 21:07:58 2004 => Scanning File C:\DOCUME~1\MICHAE~1\LOCALS~1\Temp\mwavscan.com
Sat Oct 16 21:07:59 2004 => Scanning File C:\DOCUME~1\MICHAE~1\LOCALS~1\Temp\msvlclnt.dll
Sat Oct 16 21:07:59 2004 => Scanning File C:\DOCUME~1\MICHAE~1\LOCALS~1\Temp\kavssdi.dll
Sat Oct 16 21:07:59 2004 => Scanning File C:\DOCUME~1\MICHAE~1\LOCALS~1\Temp\kavssd.dll
Sat Oct 16 21:07:59 2004 => Scanning File C:\DOCUME~1\MICHAE~1\LOCALS~1\Temp\kavssi.dll
Sat Oct 16 21:07:59 2004 => Scanning File C:\DOCUME~1\MICHAE~1\LOCALS~1\Temp\ipc.dll
Sat Oct 16 21:07:59 2004 => Scanning File C:\DOCUME~1\MICHAE~1\LOCALS~1\Temp\RICHED32.DLL
Sat Oct 16 21:07:59 2004 => Scanning File C:\DOCUME~1\MICHAE~1\LOCALS~1\Temp\PSAPI.DLL
Sat Oct 16 21:07:59 2004 => Scanning File C:\WINDOWS\system32\VDMDBG.DLL
Sat Oct 16 21:07:59 2004 => Scanning File C:\DOCUME~1\MICHAE~1\LOCALS~1\Temp\kavss.exe
Sat Oct 16 21:07:59 2004 => Scanning File C:\DOCUME~1\MICHAE~1\LOCALS~1\Temp\kavss.dll
Sat Oct 16 21:08:00 2004 => Scanning File C:\WINDOWS\system32\atiiiexx.exe

Sat Oct 16 21:08:00 2004 => ***** Scanning Registry Files *****

Sat Oct 16 21:08:00 2004 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
Sat Oct 16 21:08:00 2004 => *** File C:\WINDOWS\system32\SHELL32.dll having Size Restriction ***
Sat Oct 16 21:08:00 2004 => Scanning File C:\WINDOWS\system32\SHELL32.dll [**]
Sat Oct 16 21:08:00 2004 => *** File C:\WINDOWS\system32\SHELL32.dll having Size Restriction ***
Sat Oct 16 21:08:00 2004 => Scanning File C:\WINDOWS\system32\SHELL32.dll [**]
Sat Oct 16 21:08:00 2004 => Scanning File C:\WINDOWS\System32\webcheck.dll
Sat Oct 16 21:08:00 2004 => Scanning File C:\WINDOWS\System32\stobject.dll

Sat Oct 16 21:08:00 2004 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects
Sat Oct 16 21:08:00 2004 => {53707962-6F74-2D53-2644-206D7942484F} = C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
Sat Oct 16 21:08:00 2004 => Scanning File C:\PROGRA~1\SPYBOT~1\SDHelper.dll
Sat Oct 16 21:08:00 2004 => {87766247-311C-43B4-8499-3D5FEC94A183} = C:\PROGRA~1\COMMON~1\WinTools\WToolsB.dll
Sat Oct 16 21:08:00 2004 => Scanning File C:\PROGRA~1\COMMON~1\WinTools\WToolsB.dll
Sat Oct 16 21:08:00 2004 => File C:\PROGRA~1\COMMON~1\WinTools\WToolsB.dll infected by "not-a-virus:AdvWare.Wintol.o" Virus. Action Taken: No Action Taken.

Sat Oct 16 21:08:00 2004 => {A7327C09-B521-4EDB-8509-7D2660C9EC98} = C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBarBHO.dll
Sat Oct 16 21:08:00 2004 => Scanning File C:\PROGRA~1\VIEWPO~1\VIEWPO~3\VIEWBA~1.DLL
Sat Oct 16 21:08:00 2004 => {BDF3E430-B101-42AD-A544-FADC6B084872} = C:\Program Files\Norton AntiVirus\NavShExt.dll
Sat Oct 16 21:08:00 2004 => Scanning File C:\PROGRA~1\NORTON~1\NavShExt.dll
Sat Oct 16 21:08:00 2004 => {C5183ABC-EB6E-4E05-B8C9-500A16B6CF94} = NULL
Sat Oct 16 21:08:00 2004 => {E8EAEB34-F7B5-4C55-87FF-720FAF53D841} = C:\Documents and Settings\Michael Shaw\Local Settings\Temp\sJ.dll
Sat Oct 16 21:08:00 2004 => Scanning File C:\DOCUME~1\MICHAE~1\LOCALS~1\Temp\sJ.dll
Sat Oct 16 21:08:00 2004 => {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} = C:\Program Files\Microsoft Money\System\mnyviewer.dll
Sat Oct 16 21:08:00 2004 => Scanning File C:\PROGRA~1\MICAC0~1\System\MNYVIE~1.DLL

Sat Oct 16 21:08:00 2004 => Scanning HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
Sat Oct 16 21:08:00 2004 => Scanning File C:\WINDOWS\Explorer.exe
Sat Oct 16 21:08:00 2004 => Scanning File C:\WINDOWS\system32\userinit.exe

Sat Oct 16 21:08:00 2004 => Scanning HKCU\Control Panel\Desktop
Sat Oct 16 21:08:00 2004 => Scanning File C:\WINDOWS\System32\ssbezier.scr

Sat Oct 16 21:08:00 2004 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Sat Oct 16 21:08:00 2004 => Scanning File C:\PROGRA~1\COMMON~1\Dell\EUSW\Support.exe
Sat Oct 16 21:08:01 2004 => Scanning File C:\WINDOWS\system32\PELMICED.EXE
Sat Oct 16 21:08:01 2004 => Scanning File C:\PROGRA~1\QUICKT~1\qttask.exe
Sat Oct 16 21:08:01 2004 => Scanning File C:\PROGRA~1\Roxio\EASYCD~1\DirectCD\DirectCD.exe
Sat Oct 16 21:08:01 2004 => ERROR!!! Invalid Entry SQInstaller = SQInstaller.exe. Removing it.
Sat Oct 16 21:08:01 2004 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\ccApp.exe
Sat Oct 16 21:08:01 2004 => Scanning File C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
Sat Oct 16 21:08:02 2004 => Scanning File C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe
Sat Oct 16 21:08:02 2004 => Scanning File C:\DOCUME~1\MICHAE~1\LOCALS~1\temp\F40yPRa.exe
Sat Oct 16 21:08:02 2004 => File C:\DOCUME~1\MICHAE~1\LOCALS~1\temp\F40yPRa.exe infected by "not-a-virus:AdvWare.WinFetcher.e" Virus. Action Taken: No Action Taken.

Sat Oct 16 21:08:02 2004 => ERROR!!! Invalid Entry I = C:\documents and settings\michael shaw\local settings\temp\I.exe. Removing it.
Sat Oct 16 21:08:02 2004 => Scanning File c:\DOCUME~1\MICHAE~1\LOCALS~1\temp\22tq.exe
Sat Oct 16 21:08:02 2004 => ERROR!!! Invalid Entry I.exe = C:\documents and settings\michael shaw\local settings\temp\I.exe. Removing it.
Sat Oct 16 21:08:02 2004 => Scanning File C:\DOCUME~1\MICHAE~1\LOCALS~1\temp\22tq.exe
Sat Oct 16 21:08:02 2004 => Scanning File C:\PROGRA~1\COMMON~1\Real\UPDATE~1\REALSC~1.EXE
Sat Oct 16 21:08:03 2004 => Scanning File C:\PROGRA~1\VIEWPO~1\VIEWPO~2\ViewMgr.exe
Sat Oct 16 21:08:03 2004 => Scanning File C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
Sat Oct 16 21:08:03 2004 => Scanning File C:\DOCUME~1\MICHAE~1\LOCALS~1\temp\5vQB4Y.exe
Sat Oct 16 21:08:04 2004 => File C:\DOCUME~1\MICHAE~1\LOCALS~1\temp\5vQB4Y.exe infected by "not-a-virus:AdvWare.Midadle.b" Virus. Action Taken: No Action Taken.

Sat Oct 16 21:08:04 2004 => Scanning File C:\WINDOWS\system32\BOOTVID1.exe
Sat Oct 16 21:08:04 2004 => Scanning File C:\WINDOWS\system32\dumprep.exe
Sat Oct 16 21:08:04 2004 => Scanning File C:\WINDOWS\system32\tases.exe
Sat Oct 16 21:08:04 2004 => ERROR!!! Invalid Entry AutoUpdater = "C:\Program Files\AutoUpdate\AutoUpdate.exe". Removing it.

Sat Oct 16 21:08:04 2004 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
Sat Oct 16 21:08:04 2004 => Scanning File C:\PROGRA~1\Lavasoft\AD-AWA~1\Ad-aware.exe

Sat Oct 16 21:08:07 2004 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx

Sat Oct 16 21:08:07 2004 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices

Sat Oct 16 21:08:07 2004 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Sat Oct 16 21:08:07 2004 => Scanning File C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe
Sat Oct 16 21:08:10 2004 => Scanning File C:\PROGRA~1\MESSEN~1\msmsgs.exe
Sat Oct 16 21:08:10 2004 => ERROR!!! Invalid Entry = c:\WINDOWS\System32\. Removing it.
Sat Oct 16 21:08:10 2004 => Scanning File C:\PROGRA~1\MICAC0~1\System\MONEYE~1.EXE
Sat Oct 16 21:08:10 2004 => Scanning File C:\WINDOWS\system32\tssifier.exe
Sat Oct 16 21:08:10 2004 => Scanning File C:\DOCUME~1\MICHAE~1\APPLIC~1\ttuh.exe
Sat Oct 16 21:08:10 2004 => File C:\DOCUME~1\MICHAE~1\APPLIC~1\ttuh.exe infected by "not-a-virus:AdvWare.PurityScan.w" Virus. Action Taken: No Action Taken.

Sat Oct 16 21:08:10 2004 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
Sat Oct 16 21:08:10 2004 => ERROR!!! Invalid Entry Web Offer = C:\ezStub.exe. Removing it.

Sat Oct 16 21:08:10 2004 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx

Sat Oct 16 21:08:10 2004 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices

Sat Oct 16 21:08:10 2004 => Scanning HKCR\txtfile\shell\open\command

Sat Oct 16 21:08:10 2004 => Scanning HKCR\comfile\shell\open\command

Sat Oct 16 21:08:10 2004 => Scanning HKCR\exefile\shell\open\command

Sat Oct 16 21:08:10 2004 => Scanning HKCR\dllfile\shell\open\command

Sat Oct 16 21:08:11 2004 => Scanning HKCR\batfile\shell\open\command

Sat Oct 16 21:08:11 2004 => Scanning HKCR\piffile\shell\open\command

Sat Oct 16 21:08:11 2004 => Scanning HKCR\scrfile\shell\open\command

Sat Oct 16 21:08:11 2004 => Scanning HKCR\scrfile\shell\config\command

Sat Oct 16 21:08:11 2004 => Scanning HKCR\regfile\shell\open\command

Sat Oct 16 21:08:11 2004 => ***** Scanning StartUp Folders *****

Sat Oct 16 21:08:11 2004 => ***** Scanning C:\Documents and Settings\Michael Shaw\Start Menu\Programs\Startup Folder *****
Sat Oct 16 21:08:11 2004 => Scanning Folder: C:\Documents and Settings\Michael Shaw\Start Menu\Programs\Startup\*.*
Sat Oct 16 21:08:11 2004 => Scanning File C:\Documents and Settings\Michael Shaw\Start Menu\Programs\Startup\DESKTOP.INI

Sat Oct 16 21:08:11 2004 => ***** Scanning C:\Documents and Settings\All Users\Start Menu\Programs\Startup Folder *****
Sat Oct 16 21:08:11 2004 => Scanning Folder: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\*.*
Sat Oct 16 21:08:11 2004 => Scanning File C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
Sat Oct 16 21:08:11 2004 => Scanning File C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DESKTOP.INI
Sat Oct 16 21:08:11 2004 => Scanning File C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk
Sat Oct 16 21:08:11 2004 => Scanning File C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk
Sat Oct 16 21:08:11 2004 => Scanning File C:\Documents and Settings\All Users\Start Menu\Programs\Startup\KODAK Software Updater.lnk
Sat Oct 16 21:08:11 2004 => Scanning File C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Works Calendar Reminders.lnk

Sat Oct 16 21:08:11 2004 => ***** Scanning C:\Documents and Settings\Administrator\Start menu\Programs\Startup Folder *****
Sat Oct 16 21:08:11 2004 => Scanning Folder: C:\DOCUME~1\ADMINI~1\STARTM~1\Programs\Startup\*.*
Sat Oct 16 21:08:11 2004 => Scanning File C:\DOCUME~1\ADMINI~1\STARTM~1\Programs\Startup\DESKTOP.INI

Sat Oct 16 21:08:11 2004 => ***** Scanning C:\Documents and Settings\Default User\Start menu\Programs\Startup Folder *****
Sat Oct 16 21:08:11 2004 => Scanning Folder: C:\DOCUME~1\DEFAUL~1\STARTM~1\Programs\Startup\*.*
Sat Oct 16 21:08:12 2004 => Scanning File C:\DOCUME~1\DEFAUL~1\STARTM~1\Programs\Startup\DESKTOP.INI

Sat Oct 16 21:08:12 2004 => ***** Scanning Service Files *****
Sat Oct 16 21:08:12 2004 => Scanning HKLM\SYSTEM\CurrentControlSet\Services
Sat Oct 16 21:08:12 2004 => Scanning File C:\WINDOWS\System32\svchost.exe
Sat Oct 16 21:08:12 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\ABP480N5.SYS
Sat Oct 16 21:08:12 2004 => Scanning File C:\WINDOWS\system32\DRIVERS\ACPI.sys
Sat Oct 16 21:08:12 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\adpu160m.sys
Sat Oct 16 21:08:12 2004 => Scanning File C:\WINDOWS\system32\drivers\aec.sys
Sat Oct 16 21:08:12 2004 => Scanning File C:\WINDOWS\System32\drivers\afd.sys
Sat Oct 16 21:08:12 2004 => Scanning File C:\WINDOWS\system32\DRIVERS\agp440.sys
Sat Oct 16 21:08:12 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\agpCPQ.sys
Sat Oct 16 21:08:12 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\aha154x.sys
Sat Oct 16 21:08:12 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\aic78u2.sys
Sat Oct 16 21:08:13 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\aic78xx.sys
Sat Oct 16 21:08:13 2004 => Scanning File C:\WINDOWS\System32\svchost.exe
Sat Oct 16 21:08:13 2004 => Scanning File C:\WINDOWS\System32\alg.exe
Sat Oct 16 21:08:13 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\aliide.sys
Sat Oct 16 21:08:13 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\alim1541.sys
Sat Oct 16 21:08:13 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\amdagp.sys
Sat Oct 16 21:08:13 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\amsint.sys
Sat Oct 16 21:08:13 2004 => Scanning File C:\WINDOWS\system32\svchost.exe
Sat Oct 16 21:08:13 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\asc.sys
Sat Oct 16 21:08:13 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\asc3350p.sys
Sat Oct 16 21:08:13 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\asc3550.sys
Sat Oct 16 21:08:13 2004 => Scanning File C:\WINDOWS\system32\DRIVERS\asyncmac.sys
Sat Oct 16 21:08:13 2004 => Scanning File C:\WINDOWS\system32\DRIVERS\atapi.sys
Sat Oct 16 21:08:13 2004 => Scanning File C:\WINDOWS\system32\DRIVERS\ati2mpaa.sys
Sat Oct 16 21:08:13 2004 => Scanning File C:\WINDOWS\system32\DRIVERS\ati2mtaa.sys
Sat Oct 16 21:08:14 2004 => Scanning File C:\WINDOWS\system32\DRIVERS\atmarpc.sys
Sat Oct 16 21:08:14 2004 => Scanning File C:\WINDOWS\System32\svchost.exe
Sat Oct 16 21:08:14 2004 => Scanning File C:\WINDOWS\system32\DRIVERS\audstub.sys
Sat Oct 16 21:08:14 2004 => Scanning File C:\PROGRA~1\GRISOFT\AVG6\AVGCORE.SYS
Sat Oct 16 21:08:14 2004 => Scanning File C:\PROGRA~1\GRISOFT\AVG6\AVGFSH.SYS
Sat Oct 16 21:08:14 2004 => Scanning File C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
Sat Oct 16 21:08:14 2004 => Scanning File C:\WINDOWS\system32\DRIVERS\HSF_BSC2.sys
Sat Oct 16 21:08:14 2004 => Scanning File C:\WINDOWS\System32\svchost.exe
Sat Oct 16 21:08:14 2004 => Scanning File C:\WINDOWS\System32\svchost.exe
Sat Oct 16 21:08:14 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\cbidf2k.sys
Sat Oct 16 21:08:14 2004 => Scanning File C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
Sat Oct 16 21:08:14 2004 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\ccEvtMgr.exe
Sat Oct 16 21:08:14 2004 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\ccPwdSvc.exe
Sat Oct 16 21:08:15 2004 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\ccSetMgr.exe
Sat Oct 16 21:08:15 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\cd20xrnt.sys
Sat Oct 16 21:08:15 2004 => Scanning File C:\WINDOWS\system32\DRIVERS\cdrom.sys
Sat Oct 16 21:08:15 2004 => Scanning File C:\WINDOWS\System32\cisvc.exe
Sat Oct 16 21:08:15 2004 => Scanning File C:\WINDOWS\system32\clipsrv.exe
Sat Oct 16 21:08:15 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\cmdide.sys
Sat Oct 16 21:08:15 2004 => Scanning File C:\WINDOWS\System32\dllhost.exe
Sat Oct 16 21:08:15 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\cpqarray.sys
Sat Oct 16 21:08:15 2004 => Scanning File C:\WINDOWS\system32\svchost.exe
Sat Oct 16 21:08:15 2004 => Scanning File C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys
Sat Oct 16 21:08:15 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\dac2w2k.sys
Sat Oct 16 21:08:15 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\dac960nt.sys
Sat Oct 16 21:08:15 2004 => Scanning File C:\WINDOWS\system32\svchost.exe
Sat Oct 16 21:08:16 2004 => Scanning File C:\WINDOWS\System32\svchost.exe
Sat Oct 16 21:08:16 2004 => Scanning File C:\WINDOWS\system32\DRIVERS\disk.sys
Sat Oct 16 21:08:16 2004 => Scanning File C:\WINDOWS\System32\dmadmin.exe
Sat Oct 16 21:08:16 2004 => Scanning File C:\WINDOWS\system32\drivers\dmboot.sys
Sat Oct 16 21:08:16 2004 => Scanning File C:\WINDOWS\system32\drivers\dmio.sys
Sat Oct 16 21:08:17 2004 => Scanning File C:\WINDOWS\system32\drivers\dmload.sys
Sat Oct 16 21:08:17 2004 => Scanning File C:\WINDOWS\System32\svchost.exe
Sat Oct 16 21:08:17 2004 => Scanning File C:\WINDOWS\system32\drivers\DMusic.sys
Sat Oct 16 21:08:17 2004 => Scanning File C:\WINDOWS\System32\svchost.exe
Sat Oct 16 21:08:17 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\dpti2o.sys
Sat Oct 16 21:08:17 2004 => Scanning File C:\WINDOWS\system32\drivers\drmkaud.sys
Sat Oct 16 21:08:17 2004 => Scanning File C:\WINDOWS\system32\DRIVERS\e100b325.sys
Sat Oct 16 21:08:17 2004 => Scanning File C:\WINDOWS\system32\DRIVERS\el90xbc5.sys
Sat Oct 16 21:08:17 2004 => Scanning File C:\WINDOWS\System32\svchost.exe
Sat Oct 16 21:08:17 2004 => Scanning File C:\WINDOWS\system32\services.exe
Sat Oct 16 21:08:18 2004 => Scanning File C:\WINDOWS\System32\svchost.exe
Sat Oct 16 21:08:18 2004 => Scanning File C:\WINDOWS\system32\DRIVERS\HSF_FALL.sys
Sat Oct 16 21:08:18 2004 => Scanning File C:\WINDOWS\System32\svchost.exe
Sat Oct 16 21:08:18 2004 => Scanning File C:\WINDOWS\system32\fxssvc.exe
Sat Oct 16 21:08:18 2004 => Scanning File C:\WINDOWS\system32\DRIVERS\fdc.sys
Sat Oct 16 21:08:18 2004 => Scanning File C:\WINDOWS\system32\DRIVERS\flpydisk.sys
Sat Oct 16 21:08:18 2004 => Scanning File C:\WINDOWS\system32\drivers\fltmgr.sys
Sat Oct 16 21:08:18 2004 => Scanning File C:\WINDOWS\system32\DRIVERS\HSF_FSKS.sys
Sat Oct 16 21:08:19 2004 => Scanning File C:\WINDOWS\system32\DRIVERS\ftdisk.sys
Sat Oct 16 21:08:19 2004 => Scanning File C:\WINDOWS\system32\DRIVERS\gameenum.sys
Sat Oct 16 21:08:19 2004 => Scanning File C:\WINDOWS\system32\DRIVERS\msgpc.sys
Sat Oct 16 21:08:19 2004 => Scanning File C:\WINDOWS\System32\svchost.exe
Sat Oct 16 21:08:19 2004 => Scanning File C:\WINDOWS\System32\svchost.exe
Sat Oct 16 21:08:19 2004 => Scanning File C:\WINDOWS\system32\DRIVERS\hidusb.sys
Sat Oct 16 21:08:19 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\hpn.sys
Sat Oct 16 21:08:19 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\hpt3xx.sys
Sat Oct 16 21:08:19 2004 => Scanning File C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
Sat Oct 16 21:08:19 2004 => Scanning File C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
Sat Oct 16 21:08:20 2004 => Scanning File C:\WINDOWS\system32\DRIVERS\HSF_MSFT.sys
Sat Oct 16 21:08:20 2004 => Scanning File C:\WINDOWS\system32\Drivers\HTTP.sys
Sat Oct 16 21:08:20 2004 => Scanning File C:\WINDOWS\System32\svchost.exe
Sat Oct 16 21:08:20 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\i2omp.sys
Sat Oct 16 21:08:20 2004 => Scanning File C:\WINDOWS\system32\DRIVERS\i8042prt.sys
Sat Oct 16 21:08:21 2004 => Scanning File C:\WINDOWS\System32\imapi.exe
Sat Oct 16 21:08:21 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\ini910u.sys
Sat Oct 16 21:08:21 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\intelide.sys
Sat Oct 16 21:08:21 2004 => Scanning File C:\WINDOWS\system32\DRIVERS\intelppm.sys
Sat Oct 16 21:08:21 2004 => Scanning File C:\WINDOWS\system32\drivers\ip6fw.sys
Sat Oct 16 21:08:21 2004 => Scanning File C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
Sat Oct 16 21:08:22 2004 => Scanning File C:\WINDOWS\system32\DRIVERS\ipinip.sys
Sat Oct 16 21:08:22 2004 => Scanning File C:\WINDOWS\system32\DRIVERS\ipnat.sys
Sat Oct 16 21:08:22 2004 => Scanning File C:\WINDOWS\system32\DRIVERS\ipsec.sys
Sat Oct 16 21:08:22 2004 => Scanning File C:\WINDOWS\system32\DRIVERS\irenum.sys
Sat Oct 16 21:08:22 2004 => Scanning File C:\WINDOWS\system32\DRIVERS\isapnp.sys
Sat Oct 16 21:08:22 2004 => Scanning File C:\WINDOWS\system32\DRIVERS\HSF_K56K.sys
Sat Oct 16 21:08:22 2004 => Scanning File C:\WINDOWS\system32\DRIVERS\kbdclass.sys
Sat Oct 16 21:08:22 2004 => Scanning File C:\WINDOWS\system32\drivers\kmixer.sys
Sat Oct 16 21:08:22 2004 => Scanning File C:\WINDOWS\System32\svchost.exe
Sat Oct 16 21:08:22 2004 => Scanning File C:\WINDOWS\System32\svchost.exe
Sat Oct 16 21:08:22 2004 => Scanning File C:\WINDOWS\system32\LEXBCES.EXE
Sat Oct 16 21:08:22 2004 => Scanning File C:\WINDOWS\System32\svchost.exe
Sat Oct 16 21:08:23 2004 => Scanning File C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
Sat Oct 16 21:08:23 2004 => Scanning File C:\WINDOWS\System32\svchost.exe
Sat Oct 16 21:08:23 2004 => Scanning File C:\WINDOWS\System32\mnmsrvc.exe
Sat Oct 16 21:08:23 2004 => Scanning File C:\WINDOWS\system32\drivers\MODEMCSA.sys
Sat Oct 16 21:08:23 2004 => Scanning File C:\WINDOWS\system32\DRIVERS\mouclass.sys
Sat Oct 16 21:08:23 2004 => Scanning File C:\WINDOWS\system32\DRIVERS\mouhid.sys
Sat Oct 16 21:08:23 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\mraid35x.sys
Sat Oct 16 21:08:23 2004 => Scanning File C:\WINDOWS\system32\DRIVERS\mrxdav.sys
Sat Oct 16 21:08:23 2004 => Scanning File C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
Sat Oct 16 21:08:24 2004 => Scanning File C:\WINDOWS\System32\msdtc.exe
Sat Oct 16 21:08:24 2004 => Scanning File C:\WINDOWS\System32\msiexec.exe
Sat Oct 16 21:08:24 2004 => Scanning File C:\WINDOWS\system32\drivers\MSKSSRV.sys
Sat Oct 16 21:08:24 2004 => Scanning File C:\WINDOWS\system32\drivers\MSPCLOCK.sys
Sat Oct 16 21:08:24 2004 => Scanning File C:\WINDOWS\system32\drivers\MSPQM.sys
Sat Oct 16 21:08:24 2004 => Scanning File C:\WINDOWS\system32\DRIVERS\mssmbios.sys
Sat Oct 16 21:08:24 2004 => Scanning File C:\WINDOWS\system32\drivers\MSTEE.sys
Sat Oct 16 21:08:24 2004 => Scanning File C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
Sat Oct 16 21:08:24 2004 => Scanning File C:\PROGRA~1\NORTON~1\navapsvc.exe
Sat Oct 16 21:08:24 2004 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20041013.032\NAVENG.SYS
Sat Oct 16 21:08:25 2004 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20041013.032\NAVEX15.SYS
Sat Oct 16 21:08:25 2004 => Scanning File C:\WINDOWS\system32\DRIVERS\NdisIP.sys
Sat Oct 16 21:08:25 2004 => Scanning File C:\WINDOWS\system32\DRIVERS\ndistapi.sys
Sat Oct 16 21:08:25 2004 => Scanning File C:\WINDOWS\system32\DRIVERS\ndisuio.sys
Sat Oct 16 21:08:25 2004 => Scanning File C:\WINDOWS\system32\DRIVERS\ndiswan.sys
Sat Oct 16 21:08:25 2004 => Scanning File C:\WINDOWS\system32\DRIVERS\netbios.sys
Sat Oct 16 21:08:25 2004 => Scanning File C:\WINDOWS\system32\DRIVERS\netbt.sys
Sat Oct 16 21:08:25 2004 => Scanning File C:\WINDOWS\system32\netdde.exe
Sat Oct 16 21:08:25 2004 => Scanning File C:\WINDOWS\system32\netdde.exe
Sat Oct 16 21:08:25 2004 => Scanning File C:\WINDOWS\System32\lsass.exe
Sat