Résistance à SmitfraudFix

[oGu]

Salut yugm !

 

REGLAGES

 

 

 

OTMOVEIT

• 
  
  
• Double clique sur OTMoveIt.exe
  
• Sélectionne et copie la ligne ci-dessous
   
  C:\Program Files\Fichiers Communs\PC Tools
   
  
• Dans OTMoveIt, fais un clic droit dans la fenêtre "Paste List of Files/Folders to be moved" et choisis "coller".
  
• Clic sur le bouton rouge MoveIt
  
• Si un fichier ou un dossier ne peut être déplacé immédiatement, il te sera demander de redémarrer ta machine pour finir l'exécution: si c'est le cas, clic sur "Yes"
  
• Copie et colle le rapport qu'il va te générer (il se trouve dans ce dossier : C:\_OTMoveIt\MovedFiles)
  

On va maintenant nettoyer ton registre des clés orphelines de PCTools et F-SECURE:

 

CCLEANER SLIM

• Télécharge CCleaner SLIM
  
• Installe-le, lance-le et clique sur l'onglet : "Registre"
  
• Clique sur "Rechercher des erreurs" puis "Corriger les erreurs"
  
• Répond "oui" à la demande de sauvegarde proposéeet enregistre-la dans tes documents
  
• Clique sur l'onglet "nettoyeur" puis "lancer le nettoyage"
  

 

 

 

Normalement ton PC devrait être bien plus rapide maintenant, non??

 

 

 

 

Je suis en "McAfee VirusScan Plus"uniquement. Me faut- il autre chose en protection spyware ou malware ou ect......+ le courrier et si oui quoi ?

 

McAFee VirusScan + est très complet (virus, espions, phishing, firewall ). AVComparative le classe comme moyen,et le pare-feu est fragile face aux leaktests, mais cela devrait être suffisant si tu es prudent sur le Web.

 

Pour le courrier rien à ajouter, l'antivirus scanne tes mails et leurs pièces-jointes, comme tous les AV du marché d'ailleurs. Si tu veux combattre les spams, tu peux passer au courrielleur ThunderBird, le petit frère de Firefox.

 

Par contre il ne faut JAMAIS empiler les protections comme tu l'as fait: un seul pare-feu, un seul antivirus, un seul antispyware, un seul HIPS (déconseillé pour les néophytes), un seul antispam etc...Comme McAfee est une suite qui intègre nombre de ces protections, inutile pour toi de rajouter un anti-quelque chose!

 

Si tu le souhaites je pourrais t'indiquer après la désinfection une procédure de sécurisation et une batterie de réflexes pour surfer tranquille. A toi de me dire si cela t'intéresse.

 

Je suis déconnecté plusieurs fois par jour du navigateur Orange (5 à 6 fois)est ce normal ?

 

Normal non, mais très courant: le nabigateur Orange fonctionne mal. Fais une recherche Google pour constater que tu n'es pas le seul à t'en plaindre.

 

Si j'étais toi je le désinstallerais au profit du seul Firefox, plus rapide, plus fiable et plus sûr.

 

 

 

 

 

 

DESINFECTION

 

 

 

HIJACKTHIS

• 
  
• Relance HijackThis
  
• Sélectionne "Do a scan only"
  
• Coche la ligne suivante:
  O2 - BHO: (no name) - {308FA211-78FE-4D86-B405-50E0361AF78F} - C:\WINDOWS\system32\dbmsvin.dll
  
  
• Clique en bas sur "Fix checked"
  
• Redémarre
  
• Poste un dernier rapport.
  

 

 

 

MALWAREBYTES ANTIMALWARE (MBAM)

 

Télécharge Malwarebytes Antimalware

• 
  
• Installe-le puis lance-le
  
• Dans l'onglet "Recherche", sélectionne "Exécuter un examen complet"
  
• Clique sur "Rechercher"
  
• Le scan se lance
  
• A la fin de l'analyse, un message s'affiche indiquant la fin de l'analyse. Clique sur "OK" pour poursuivre.
  
• Si des malwares ont été détectés, leur liste s'affiche.
  En cliquant sur Suppression (ou équivalent) , MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
  
• MBAM va ouvrir le bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport et poste-le
  

 

 

 

EWIDO

 

Télécharge Ewido Micro-Scanner sur ton bureau.

 

• Double-clique sur le fichier ewido_micro.exe pour l'exécuter.
  
• Le programme va demander dès son lancement un accès internet pour se mettre à jour, accepte.
  
• Puis, un nouvel écran apparaît, assure toi que toutes les cases soient cochées.
  
• Clique sur Start Scan et laisse l'outil travailler.
  
• Quand l'outil à fini, clique sur save report et sauvegarde le rapport sur ton bureau.
  
• Poste le dans ta prochaine réponse.
  

• Nb, ne clique pas tout de suite sur Remove infections; nous devons nous assurer que toutes les détections soient infectieuses car certains utilitaires légitimes pourraient apparaître dans le rapport.
  

 

 

 

 

 

eSCAN

 

La procédure est un peu compliquée, lis-la plusieurs fois et fais-la tranquillement

 

 

Télécharge eScan Antivirus Toolkit

• 
  
• Sauvegarde-le sur ton Bureau.
   
  Avant de lancer le programme, il faut le mettre à jour tel qu'indiqué à l'étape 2.
  
• Étape 2:
  Voici comment mettre l'outil à jour :
   
  1.) Double-clique le fichier mwav.exe qui se trouve sur le Bureau ; dézippe les fichiers dans le nouveau dossier suggéré (C:\Kaspersky). Le programme va se lancer, et tu dois le quitter (clique sur "Exit" puis "Exit").
   
   
  
   
   
  2.) Double-clique sur le Poste de travail, puis double-clique sur le lecteur principal (habituellement C:\), double-clique sur le dossier Kaspersky ; ensuite, double-clique sur le fichier kavupd.exe. Tu verras maintenant une fenêtre DOS apparaître, et la mise à jour se complètera en quelques minutes.
   
  3.) Lorsque la mise à jour sera complétée, tu verras "Press any key to continue" ; tape sur une touche pour continuer. Deux nouveaux répertoires (dossiers) ont été créés lors de la mise à jour (C:\Bases et C:\Downloads).
   
  4.) Sélectionne/copie tous les fichiers présents dans le dossier C:\Downloads, puis colle-les dans le dossier C:\Kaspersky. Accepte à l'invite de remplacer les fichiers existants.
   
  Ne pas lancer le scan tout de suite !
   
  
  
• Étape 3:
  Redémarre en mode Sans Échec :
  1) Redémarre ton ordi
  2) Tapote la touche F8 immédiatement, juste après le "Bip"
  3) Tu verras un écran avec options de démarrage apparaître
  4) Choisi la première option : Sans Échec, et valide avec "Entrée". Parfois, le PC met du temps à se lancer (plusieurs minutes), c'est normal.
  5) Choisi ton compte régulier, et non Administrateur
  
• Étape 4:
  Une fois en mode Sans Échec, voici comment utiliser le programme :
   
  1.) Pour lancer "eScan Antivirus Toolkit", trouve le fichier mwavscan.com situé dans le dossier C:\Kaspersky
   
  
   
  2.) Double-clique sur mwavscan.com ; l'interface d'eScan va apparaître à l'écran.
   
  3.) Il est très important de bien cocher ces boîtes sous Scan Option : Memory, Registry, Startup Folders, System Folders, Services.
   
  4.) Juste au-dessous, assure-toi que Scan All Files est coché, et non Program Files.
   
  5.) Clique sur Scan Clean et laisse le tool vérifier tout le disque dur (ça peut être long..). Lorsque terminé, tu verras Scan Completed. Ne pas quitter tout de suite !
   
  6.) Ouvre un nouveau fichier Bloc-notes (clique sur "Démarrer" >> "Programmes" >>"Accessoires" >> "Bloc notes"), puis copie/colle tout le contenu de la fenêtre Virus Log Information (la deuxième, au bas) dans le fichier texte, et sauvegarde le. eScan génère également un rapport complet dans le dossier C:\Kaspersky (nommé mwav.log), mais il est trop lourd pour poster sur le forum.
   
  Ferme le programme. Redémarre ton PC en mode Normal. Poste (copie/colle) le rapport que tu as sauvegardé dans ta prochaine réponse.
  

Modifié le 1 avril 2008 par oGu

[yugm]

Bonjour oGu[/color]

 

Après beaucoup de frayeurs, je peux à nouveau me connecter au web . Est-ce de cause à effet ??car après le fix d'HijackThis et redémarrage je n'ai jamais pu me reconnecter.Ce n'est qu'après 45 mn de téléphone avec le service Orange . en réinitialisant le protocole tcpip, que je peux repartir

Pour les procédures de désinfection et les bons réflexes je te remercie de me les proposer ; en souhaitant que ce ne soit pas trop compliqué .Pour l'instant je reste Orange.

En espérant aller jusquau bout je commence donc par le début

 

en 1 :rapport OTMOVEIT

 

C:\Program Files\Fichiers Communs\PC Tools\Lsp moved successfully.

C:\Program Files\Fichiers Communs\PC Tools moved successfully.

 

OTMoveIt2 by OldTimer - Version 1.0.21 log created on 04012008_143116

 

en 2:CCleaner =fait

 

en 3:rapport HijackThis

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 23:41:48, on 01/04/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16608)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\cisvc.exe

C:\WINDOWS\system32\dllhost.exe

C:\WINDOWS\System32\svchost.exe

C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe

c:\PROGRA~1\FICHIE~1\mcafee\mna\mcnasvc.exe

c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe

C:\PROGRA~1\Wanadoo\TaskBarIcon.exe

C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\McAfee\MPF\MPFSrv.exe

C:\PROGRA~1\McAfee.com\Agent\mcagent.exe

C:\WINDOWS\system32\slserv.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\vssvc.exe

C:\Program Files\Wanadoo\GestionnaireInternet.exe

C:\Program Files\Wanadoo\ComComp.exe

C:\PROGRA~1\Wanadoo\Toaster.exe

C:\PROGRA~1\Wanadoo\Inactivity.exe

C:\PROGRA~1\Wanadoo\PollingModule.exe

C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE

C:\Program Files\Wanadoo\Watch.exe

C:\Program Files\SiteAdvisor\6253\SiteAdv.exe

C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe

C:\WINDOWS\system32\cidaemon.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\WINDOWS\Explorer.EXE

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll

O2 - BHO: (no name) - {308FA211-78FE-4D86-B405-50E0361AF78F} - C:\WINDOWS\system32\dbmsvin.dll

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll

O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll

O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe

O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [DelayShred] "C:\Program Files\McAfee\MSHR\ShrCL.EXE" /P7 /q C:\DOCUME~1\MAHE\LOCALS~1\TEMPOR~1\Content.IE5\MGWIU3H4\BAN_72~1.SH! C:\DOCUME~1\MAHE\LOCALS~1\TEMPOR~1\Content.IE5\PE428S8X\IFRAME~1.SH! C:\DOCUME~1\MAHE\LOCALS~1\TEMPOR~1\Content.IE5\04GXDK6S\HP_1_~1.SH! C:\DOCUME~1\MAHE\LOCALS~1\TEMPOR~1\Content.IE5\04GXDK6S\AP_ADV~1.SH! C:\DOCUME~1\MAHE\LOCALS~1\TEMPOR~1\Content.IE5\04GXDK6S\INDEX_~4.SH! C:\DOCUME~1\MAHE\LOCALS~1\TEMPOR~1\Content.IE5\PE428S8X\AP_CPL~1.SH! C:\DOCUME~1\MAHE\LOCALS~1\TEMPOR~1\Content.IE5\PE428S8X\ADS_9_~1.SH!

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')

O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)

O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll

O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/...235/mcfscan.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{D43F0FA3-C5C4-46FC-B5E6-76E193C76ACA}: NameServer = 81.253.149.1 80.10.246.3

O23 - Service: FireDaemon Service: dll32 (dll32) - Unknown owner - c:\winnt\system32\os2\dll\packs\FireDaemon.EXE (file missing)

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Roxio Inc. - C:\WINDOWS\system32\ImapiRox.exe

O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe

O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mna\mcnasvc.exe

O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe

O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe

O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe

O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe

O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe

O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe

 

--

End of file - 6107 bytes

 

en 4 :MBAM et son rapport

 

Malwarebytes' Anti-Malware 1.09

Version de la base de données: 580

 

Type de recherche: Examen complet (C:\|)

Eléments examinés: 87034

Temps écoulé: 1 hour(s), 5 minute(s), 16 second(s)

 

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 42

Valeur(s) du Registre infectée(s): 0

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 3

Fichier(s) infecté(s): 16

 

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Clé(s) du Registre infectée(s):

HKEY_CLASSES_ROOT\Interface\{0f63d2e1-e217-43ef-aa6d-ec2f6e9683b0} (Rogue.Antivirus.Pro) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{47d5ad4f-a86c-453a-911e-3b99f391011f} (Rogue.Antivirus.Pro) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{ac221aed-1003-444c-9d63-a93d5b4a2717} (Rogue.Antivirus.Pro) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{d2f31bd0-0d75-4aff-9c7f-72304834bf65} (Rogue.Antivirus.Pro) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Typelib\{6361a8d7-5663-4f0f-8036-921a8d392322} (Rogue.Antivirus.Pro) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{06b30a09-5760-4994-a7f2-854644f75254} (Rogue.Antivirus.Pro) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{08001fca-2c97-41e3-9f67-596f499b725f} (Rogue.Antivirus.Pro) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{10ba262b-e944-4240-a9d6-e12accfacbc7} (Rogue.Antivirus.Pro) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{13275562-0968-4428-a926-d61a67fb25a0} (Rogue.Antivirus.Pro) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{1351ed54-2094-40cf-968e-3c7f704be463} (Rogue.Antivirus.Pro) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{2230f9a1-dfbb-400c-85c2-fe854d3f56bc} (Rogue.Antivirus.Pro) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{51ff5e3e-f5e7-43b5-a809-fdfbbdbe4eff} (Rogue.Antivirus.Pro) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{58dd5f8a-b280-4835-8f65-d2b3383ea4e9} (Rogue.Antivirus.Pro) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{5c3d449a-1737-4c87-929d-f3b33c32253d} (Rogue.Antivirus.Pro) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{62f2e72b-8fee-47cf-b337-36d61336e13e} (Rogue.Antivirus.Pro) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{658d9966-2eeb-47ca-abcf-1818db4fdc2d} (Rogue.Antivirus.Pro) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{7a013512-ceaf-4f5f-af1a-8b1b472e714b} (Rogue.Antivirus.Pro) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{86ecaf8e-540c-4960-82aa-1323a5578e2d} (Rogue.Antivirus.Pro) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{8882515d-7e2c-45a9-ae99-ea09a9023a07} (Rogue.Antivirus.Pro) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{8fe48e13-6661-444c-8b23-07623232d1f4} (Rogue.Antivirus.Pro) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{9aad0cdc-7822-4593-9e95-8c7eb256d509} (Rogue.Antivirus.Pro) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{aa8a3463-c37f-4887-b3f3-380938f89a80} (Rogue.Antivirus.Pro) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{aec39567-aa5b-4cfa-a7ea-61f4dfb15fe7} (Rogue.Antivirus.Pro) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{b8e5f903-290c-4422-8ef1-89f4990cd72b} (Rogue.Antivirus.Pro) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{c5bcb43c-514a-4be9-a9e5-e54629f4f131} (Rogue.Antivirus.Pro) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{c7d83b29-f534-484d-9cfa-66b4484cdc53} (Rogue.Antivirus.Pro) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{c8897164-1ce8-45fe-8483-e93f1681f320} (Rogue.Antivirus.Pro) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{d2a39c98-0833-4581-8dc9-c7223561f656} (Rogue.Antivirus.Pro) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{d725ced2-7c0e-4484-aaa4-f186c659f8b8} (Rogue.Antivirus.Pro) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{d847da70-508a-480f-b91e-133d9f60ced8} (Rogue.Antivirus.Pro) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{da163414-a8e2-4907-85f4-b0ec9d4ebb78} (Rogue.Antivirus.Pro) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{ee8df60b-01a8-4143-8d94-41a185a9691e} (Rogue.Antivirus.Pro) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{fe1ecf64-a6c0-4f3a-87f5-3135c517e4aa} (Rogue.Antivirus.Pro) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{ff2de560-d35c-45d4-834f-90654d4e2e3d} (Rogue.Antivirus.Pro) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Typelib\{ca77a455-9f2d-4449-8c5f-1d359e70f00d} (Rogue.Antivirus.Pro) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{daed9266-8c28-4c1c-8b58-5c66eff1d302} (Search.Hijack) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{3935b537-3e6d-04ed-abb3-acb16a699e3b} (Rogue.Multiple) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{9d19a1a9-3cdf-4f15-a5ca-ea3905febded} (Trojan.Zlob) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\AntiSpyKit.EXE (Rogue.AntiSpyKit) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\Software\WinAnonymous (Rogue.WinAnonymous) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\Shell\Secure Delete (Rogue.SecurePCCleaner) -> Quarantined and deleted successfully.

 

Valeur(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

 

Dossier(s) infecté(s):

C:\Documents and Settings\MAHE\Application Data\AdwareAlert (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Documents and Settings\MAHE\Application Data\AdwareAlert\Log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Documents and Settings\MAHE\Application Data\AdwareAlert\Settings (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

 

Fichier(s) infecté(s):

C:\WINDOWS\system32\wcscqa.dll (Trojan.Zlob) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{6D7BE497-DD36-4D90-BB45-5CDEC5349B12}\RP552\A0110557.exe (Trojan.Zlob) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{6D7BE497-DD36-4D90-BB45-5CDEC5349B12}\RP552\A0110607.exe (Rogue.Installer) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{6D7BE497-DD36-4D90-BB45-5CDEC5349B12}\RP552\A0110779.exe (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{6D7BE497-DD36-4D90-BB45-5CDEC5349B12}\RP552\A0110781.exe (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{6D7BE497-DD36-4D90-BB45-5CDEC5349B12}\RP552\A0110782.exe (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{6D7BE497-DD36-4D90-BB45-5CDEC5349B12}\RP552\A0110783.dll (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{6D7BE497-DD36-4D90-BB45-5CDEC5349B12}\RP553\A0111512.Dll (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{6D7BE497-DD36-4D90-BB45-5CDEC5349B12}\RP555\A0113834.exe (Trojan.Zlob) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{6D7BE497-DD36-4D90-BB45-5CDEC5349B12}\RP555\A0113837.dll (Trojan.Zlob) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{6D7BE497-DD36-4D90-BB45-5CDEC5349B12}\RP558\A0115154.exe (Rogue.PCPrivacyTool) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\ide21201.vxd (Adware.Winad) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\sqlite3.dll (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Documents and Settings\MAHE\Application Data\AdwareAlert\Log\2008 Jan 29 - 03_23_47 PM_078.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Documents and Settings\MAHE\Application Data\AdwareAlert\Log\2008 Jan 29 - 03_24_42 PM_250.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Documents and Settings\MAHE\Application Data\AdwareAlert\Settings\ScanResults.pie (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

 

en 5 :Ewido et son rapport

 

__________________________________________________

ewido anti-spyware online scanner

http://www.ewido.net

__________________________________________________

 

 

Name: TrackingCookie.Adviva

Path: C:\Documents and Settings\MAHE\Cookies\mahe@adviva[1].txt

Risk: Medium

 

Name: TrackingCookie.Serving-sys

Path: C:\Documents and Settings\MAHE\Cookies\mahe@bs.serving-sys[2].txt

Risk: Medium

 

Name: TrackingCookie.Doubleclick

Path: C:\Documents and Settings\MAHE\Cookies\mahe@doubleclick[1].txt

Risk: Medium

 

Name: TrackingCookie.Webtrends

Path: C:\Documents and Settings\MAHE\Cookies\mahe@m.webtrends[1].txt

Risk: Medium

 

Name: TrackingCookie.Serving-sys

Path: C:\Documents and Settings\MAHE\Cookies\mahe@serving-sys[2].txt

Risk: Medium

 

Name: TrackingCookie.Tribalfusion

Path: C:\Documents and Settings\MAHE\Cookies\mahe@tribalfusion[2].txt

Risk: Medium

 

Name: TrackingCookie.Tribalfusion

Path: C:\Documents and Settings\MAHE\Cookies\mahe@tribalfusion[3].txt

Risk: Medium

 

Name: TrackingCookie.Weborama

Path: C:\Documents and Settings\MAHE\Cookies\mahe@weborama[1].txt

Risk: Medium

 

Name: TrackingCookie.Abcsearch

Path: C:\Documents and Settings\MAHE\Cookies\mahe@www.abcsearch[1].txt

Risk: Medium

 

Name: Not-A-Virus.Hoax.Win32.Agent.aw

Path: C:\Documents and Settings\MAHE\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.38618

Risk: Low

 

Name: Adware.BHO

Path: C:\Program Files\wanadoo_toolbarsetup.exe/wanadoo_toolbar.dll

Risk: Medium

 

Name: Adware.BHO

Path: C:\Program Files\wanadoo_toolbarsetup.exe/wanadoo_toolbar.dll

Risk: Medium

 

Name: Not-A-Virus.PUP.DrAntispy.bq

Path: C:\System Volume Information\_restore{6D7BE497-DD36-4D90-BB45-5CDEC5349B12}\RP552\A0111204.exe

Risk: Low

 

Name: Not-A-Virus.Adware

Path: C:\System Volume Information\_restore{6D7BE497-DD36-4D90-BB45-5CDEC5349B12}\RP555\A0112657.exe

Risk: Low

 

 

en 6:eSCAN

il me parait encore long ,donc si tu le veux bien je vais me coucher et te complèterai la réponse ds la journée

 

A+tard et merci encore

[oGu]

Salut yugm!

 

 

Après beaucoup de frayeurs, je peux à nouveau me connecter au web . Est-ce de cause à effet ??car après le fix d'HijackThis et redémarrage je n'ai jamais pu me reconnecter.Ce n'est qu'après 45 mn de téléphone avec le service Orange . en réinitialisant le protocole tcpip, que je peux repartir

 

Arf, je suis vraiment navré pour toi! J'ai relu minutieusement la procédure que nous avons effectué, j'ai discuté de ton "cas" avec des membres de notre Espace Sécurité, et je ne pense pas que ce problème soit lié à nos manipulations. Que t'a dit la hotline? A-t-elle expliqué (et justifié tant qu'à faire!) que la perte de tes paramètres TCP IP soit liée à l'infection et/ou à la désinfection?

 

EDIT: il semblerait que ce soit la suppression des restes de PCTools qui ait fait sauter ta connection: il contrôlait un LSP (= un truc nécessaire à ta connection) qui a sauté au passage...Mais comme HijackThis n'indiquait pas que le logiciel PCTools contrôlait ce LSP (d'habitude il apparaît une ligne 010, et pas chez toi ), je n'ai pas pu m'en rendre compte...Désolé...Et bravo à Sham-Rock qui a trouvé l'explication (voir le topic [EN] sur le forum anglais de PCTools)!

Si une telle mésaventure t'arrive et que la restauration système ne résoud rien, tu peux essayer de passer WinsockFix.

 

Néanmoins nous allons quand même être prudent, avant de passer à la suite, pour pallier à tout problème éventuel...Ca coûte rien! Nous allons créer un nouveau point de restauration système:

 

 

 

Créer un nouveau point de restauration système

 

Lancer l'outil de restauration dont le raccourci se trouve ici:

• Menu "démarrer"
  • "Tous les programmes"
    
  • "Accessoires"
    
  • "Outils système"
    
  • "Restauration système"
    

  [*] Le panneau de création apparaît:

  [*] A droite, sélectionner "créer un point de restauration"

  [*]Cliquer sur "Suivant"

  [*]Dans la nouvelle fenêtre, entrer une description explicite de votre point de restauration: ex: "avant procédure désinfection".

  [*]Terminer en cliquant sur "créer".

 

Une fois le point de restauration créé, l'utilitaire indique la date et l"heure de la création de la sauvegarde.L'outil peut alors être fermé.

 

En cas de pépin quand on va s'attaquer à la dll qui semble poser problème, tu pourras revenir en arrière en suivant ce tuto:

 

http://www.ac-nancy-metz.fr/services/monxp...%C3%A8me_xp.htm

 

A priori tout devrait, néanmoins, bien se passer, ne t'en fais pas.

 

 

Pour les procédures de désinfection et les bons réflexes je te remercie de me les proposer ; en souhaitant que ce ne soit pas trop compliqué .Pour l'instant je reste Orange.

 

Ok. On y reviendra en fin de procédure.

 

 

 

HIJACKTHIS

 

Nous devons supprimer la dll dbmsvin.dll, qui est retorse et infectieuse.Elle a résisté à un fix Hijackthis.

 

• DESACTIVE temporairement (jusqu'à nouvel ordre) ta suite McAfee (j'ignore comment faire, je ne connais pas cette suite, fouille dans les options ou clique droit sur l'icône en bas à droite et cherche quelque chose comme "fermer", "désactiver", "suspendre" etc...)
  
• Copie la procédure HijackThis + RegFix + OtMoveIt et colle-la dans ton bloc-note, pour l'avoir sous les yeux.
  
• Ferme ton navigateur et ne le redémarre pas avant que je ne l'indique.
  
• Relance HijackThis
  
• Sélectionne "Do a scan only"
  
• Coche la ligne suivante:
   

  O2 - BHO: (no name) - {308FA211-78FE-4D86-B405-50E0361AF78F} - C:\WINDOWS\system32\dbmsvin.dll

• Clique en bas sur "Fix checked"
  
• NE REDEMARRE PAS
  

 

 

RegFix

• 
  
• Copie ces lignes:
  REGEDIT4
   
  [-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{308FA211-78FE-4D86-B405-50E0361AF78F}]
  
• Ouvre ton bloc-notes et copie ces lignes dedans
  
• Enregistre ce fichier sur ton bureau en le nommant scrupuleusement: yugm.reg
  
• Clique droit sur ce fichier et sélectionne "Fusionner"
  
• Répond "Oui" au message d'alerte généré par Windows
  

 

 

 

OTMOVEIT

• 
  
• Double clic sur OTMoveIt.exe
  
• Sélectionne et copie la ligne ci-dessous
  
• 
  C:\WINDOWS\system32\dbmsvin.dll
   
   
  
  
• Dans OTMoveIt, fais un clic droit dans la fenêtre "Paste List of Files/Folders to be moved" et choisis "coller".
  
• Clic sur le bouton rouge MoveIt
  
• Si un fichier ou un dossier ne peut être déplacé immédiatement, il te sera demander de redémarrer ta machine pour finir l'exécution: si c'est le cas, clic sur "Yes"
  
• Si cela n'est pas demandé...redémarre quand même !
  
• Copie et colle le rapport qu'il va te générer (il se trouve dans ce dossier : C:\_OTMoveIt\MovedFiles)
  

 

 

 

Une fois redémarré, réactive ta suite McAfee. Tu peux à nouveau ouvrir ton navigateur et m'envoyer:

• 
  
• le rapport OtMoveIt
  
• un nouveau rapport HijackThis
  
• dis-moi également si le regfix a bien "fusionné".
  
• donne-moi l'état de santé de ton PC: fonctionne-t-il mieux (à part le tcp ip ), as-tu des alertes de faux antimachins, des ralentissements, un fond d'écran que tu n'as pas choisis etc...??
  

 

EWIDO

 

• Double-clique sur le fichier ewido_micro.exe pour l'exécuter.
  
• Le programme va demander dès son lancement un accès internet pour se mettre à jour, accepte.
  
• Puis, un nouvel écran apparaît, assure toi que toutes les cases soient cochées.
  
• Clique sur Start Scan et laisse l'outil travailler.
  
• Quand l'outil à fini, décoche les lignes suivantes:
   
   

  Name: Not-A-Virus.Hoax.Win32.Agent.aw
  Path: C:\Documents and Settings\MAHE\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.38618
  Risk: Low
   
  Name: Adware.BHO
  Path: C:\Program Files\wanadoo_toolbarsetup.exe/wanadoo_toolbar.dll
  Risk: Medium
   
  Name: Adware.BHO
  Path: C:\Program Files\wanadoo_toolbarsetup.exe/wanadoo_toolbar.dll
  Risk: Medium

• Clique sur Remove infections
  
• Pas de log à envoyer cette fois-ci !
  
  

 

 

en 6:eSCAN

il me parait encore long ,donc si tu le veux bien je vais me coucher et te complèterai la réponse ds la journée

 

Entendu!

 

A+

Modifié le 2 avril 2008 par oGu

[yugm]

Bonjour oGu

Pour l'instant je te poste la suite du programme du 1/04/08 que je n'avais pas terminé.J'y suis arrivé avec peine car apparemment il y avais conflit au démarrage avec "Runonce.msn/Runonce2.aspx "et "www.orange.fr".A chaque fois le premier partait et j'étais obligé de changer l'adresse par "orange".Manipe que m'avait conseillé la hot line sans plus de détails.Ensuite je démarre plusieurs fois pour EScan (car déconnections en série)mais j'y arrive enfin(je tenais à avoir ton programme en parallèle)

Je te poste donc le bloc -note ci-joint

NB:Depuis la dernière manipe pour ESCan (environ 3 h)je n'ai pas été déconnecté.C'est peut être bon!C'est pourquoi je ne touche à ton prog du jour .(faux -je viens à nouveau d'être déconnecté)

Dans l'attente de ta réponse et encore Merci

Wed Apr 02 14:02:00 2008 => **********************************************************

Wed Apr 02 14:02:00 2008 => eScan AntiVirus Toolkit Utility.

Wed Apr 02 14:02:00 2008 => Copyright © 2003-2004, MicroWorld Technologies Inc.

Wed Apr 02 14:02:00 2008 => **********************************************************

Wed Apr 02 14:02:00 2008 => Version 4.4.7

Wed Apr 02 14:02:00 2008 => Log File: C:\KASPER~1\mwav.log

Wed Apr 02 14:02:00 2008 => Latest Date of files inside MWAV: 11 Jan 2008 17:54:58.

Wed Apr 02 14:02:06 2008 => AV Library Loaded...

Wed Apr 02 14:02:06 2008 => Scanning File C:\KASPER~1\kavss.exe

Wed Apr 02 14:02:06 2008 => Scanning File C:\KASPER~1\Getvlist.exe

Wed Apr 02 14:02:07 2008 => Scanning File C:\KASPER~1\kavss.dll

Wed Apr 02 14:02:07 2008 => Scanning File C:\KASPER~1\kavssdi.dll

Wed Apr 02 14:02:07 2008 => Scanning File C:\KASPER~1\kavssi.dll

Wed Apr 02 14:02:07 2008 => Scanning File C:\KASPER~1\kavvlg.dll

Wed Apr 02 14:02:07 2008 => Scanning File C:\KASPER~1\msvlclnt.dll

Wed Apr 02 14:02:07 2008 => Scanning File C:\KASPER~1\ipc.dll

Wed Apr 02 14:02:07 2008 => Scanning File C:\KASPER~1\main.avi

Wed Apr 02 14:02:07 2008 => Scanning File C:\KASPER~1\virus.avi

Wed Apr 02 14:02:08 2008 => Virus Database Date: 2008/01/11

Wed Apr 02 14:02:08 2008 => Virus Database Count: 507730

Wed Apr 02 15:25:34 2008 => **********************************************************

Wed Apr 02 15:25:34 2008 => eScan AntiVirus Toolkit Utility.

Wed Apr 02 15:25:34 2008 => Copyright © 2003-2004, MicroWorld Technologies Inc.

Wed Apr 02 15:25:34 2008 => **********************************************************

Wed Apr 02 15:25:34 2008 => Version 4.4.7

Wed Apr 02 15:25:34 2008 => Log File: C:\KASPER~1\mwav.log

Wed Apr 02 15:25:40 2008 => Latest Date of files inside MWAV: 02 Apr 2008 12:00:35.

Wed Apr 02 15:25:55 2008 => AV Library Loaded...

Wed Apr 02 15:25:55 2008 => Scanning File C:\KASPER~1\kavss.exe

Wed Apr 02 15:25:55 2008 => Scanning File C:\KASPER~1\Getvlist.exe

Wed Apr 02 15:25:55 2008 => Scanning File C:\KASPER~1\kavss.dll

Wed Apr 02 15:25:55 2008 => Scanning File C:\KASPER~1\kavssdi.dll

Wed Apr 02 15:25:55 2008 => Scanning File C:\KASPER~1\kavssi.dll

Wed Apr 02 15:25:55 2008 => Scanning File C:\KASPER~1\kavvlg.dll

Wed Apr 02 15:25:55 2008 => Scanning File C:\KASPER~1\msvlclnt.dll

Wed Apr 02 15:25:56 2008 => Scanning File C:\KASPER~1\ipc.dll

Wed Apr 02 15:25:56 2008 => Scanning File C:\KASPER~1\main.avi

Wed Apr 02 15:25:56 2008 => Scanning File C:\KASPER~1\virus.avi

Wed Apr 02 15:25:56 2008 => Virus Database Date: 2008/04/02

Wed Apr 02 15:25:56 2008 => Virus Database Count: 677768

 

Wed Apr 02 15:26:59 2008 => **********************************************************

Wed Apr 02 15:26:59 2008 => eScan AntiVirus Toolkit Utility.

Wed Apr 02 15:26:59 2008 => Copyright © 2003-2004, MicroWorld Technologies Inc.

Wed Apr 02 15:26:59 2008 =>

Wed Apr 02 15:26:59 2008 => Support: support@mwti.net

Wed Apr 02 15:26:59 2008 => Web: http://www.mwti.net

Wed Apr 02 15:26:59 2008 => **********************************************************

Wed Apr 02 15:26:59 2008 => Version 4.4.7

Wed Apr 02 15:26:59 2008 => Log File: C:\KASPER~1\mwav.log

Wed Apr 02 15:26:59 2008 => Latest Date of files inside MWAV: 02 Apr 2008 12:00:35.

 

Wed Apr 02 15:26:59 2008 => Options Selected by User:

Wed Apr 02 15:26:59 2008 => Memory Check: Enabled

Wed Apr 02 15:26:59 2008 => Registry Check: Enabled

Wed Apr 02 15:26:59 2008 => StartUp Folder Check: Enabled

Wed Apr 02 15:26:59 2008 => System Folder Check: Enabled

Wed Apr 02 15:26:59 2008 => System Area Check: Disabled

Wed Apr 02 15:26:59 2008 => Services Check: Enabled

Wed Apr 02 15:26:59 2008 => Drive Check Option Disabled

Wed Apr 02 15:26:59 2008 => Scanning Type: Scan And Clean

Wed Apr 02 15:26:59 2008 => Folder Check: Disabled

 

Wed Apr 02 15:26:59 2008 => ***** Scanning Memory Files *****

Wed Apr 02 15:26:59 2008 => Scanning File C:\WINDOWS\system32\services.exe

Wed Apr 02 15:26:59 2008 => Scanning File C:\WINDOWS\system32\lsass.exe

Wed Apr 02 15:26:59 2008 => Scanning File C:\WINDOWS\system32\svchost.exe

Wed Apr 02 15:26:59 2008 => Scanning File C:\WINDOWS\system32\svchost.exe

Wed Apr 02 15:26:59 2008 => Scanning File C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe

Wed Apr 02 15:27:00 2008 => Scanning File C:\WINDOWS\Explorer.EXE

Wed Apr 02 15:27:00 2008 => Scanning File C:\PROGRA~1\McAfee.com\Agent\mcagent.exe

Wed Apr 02 15:27:00 2008 => Scanning File C:\WINDOWS\Explorer.EXE

Wed Apr 02 15:27:00 2008 => Scanning File C:\PROGRA~1\McAfee\MSC\mcuimgr.exe

Wed Apr 02 15:27:00 2008 => Scanning File C:\Kaspersky\mwavscan.com

Wed Apr 02 15:27:00 2008 => Scanning File C:\Kaspersky\kavss.exe

 

Wed Apr 02 15:27:00 2008 => ***** Scanning Registry Files *****

 

Wed Apr 02 15:27:00 2008 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad

Wed Apr 02 15:27:00 2008 => *** File C:\WINDOWS\system32\SHELL32.dll having Size Restriction ***

Wed Apr 02 15:27:00 2008 => Scanning File C:\WINDOWS\system32\SHELL32.dll [**]

Wed Apr 02 15:27:00 2008 => *** File C:\WINDOWS\system32\SHELL32.dll having Size Restriction ***

Wed Apr 02 15:27:00 2008 => Scanning File C:\WINDOWS\system32\SHELL32.dll [**]

Wed Apr 02 15:27:00 2008 => Scanning File C:\WINDOWS\system32\webcheck.dll

Wed Apr 02 15:27:01 2008 => Scanning File C:\WINDOWS\system32\stobject.dll

Wed Apr 02 15:27:01 2008 => Scanning File C:\WINDOWS\system32\WPDShServiceObj.dll

 

Wed Apr 02 15:27:01 2008 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects

Wed Apr 02 15:27:01 2008 => {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} = C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

Wed Apr 02 15:27:01 2008 => Scanning File C:\PROGRA~1\FICHIE~1\Adobe\Acrobat\ActiveX\ACROIE~1.DLL

Wed Apr 02 15:27:01 2008 => {089FD14D-132B-48FC-8861-0048AE113215} = C:\Program Files\SiteAdvisor\6253\SiteAdv.dll

Wed Apr 02 15:27:01 2008 => Scanning File C:\PROGRA~1\SITEAD~1\6253\SiteAdv.dll

Wed Apr 02 15:27:01 2008 => {7DB2D5A0-7241-4E79-B68D-6309F01C5231} = C:\Program Files\McAfee\VirusScan\scriptsn.dll

Wed Apr 02 15:27:01 2008 => Scanning File C:\PROGRA~1\McAfee\VIRUSS~1\scriptsn.dll

Wed Apr 02 15:27:01 2008 => {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} = C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

Wed Apr 02 15:27:01 2008 => Scanning File C:\PROGRA~1\EPSON\EPSONW~1\EPSONW~1.DLL

Wed Apr 02 15:27:02 2008 => EWPP = NULL

 

Wed Apr 02 15:27:02 2008 => Scanning HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon

Wed Apr 02 15:27:02 2008 => Scanning File C:\WINDOWS\Explorer.exe

Wed Apr 02 15:27:02 2008 => Scanning File C:\WINDOWS\system32\userinit.exe

 

Wed Apr 02 15:27:02 2008 => Scanning HKCU\Control Panel\Desktop

Wed Apr 02 15:27:02 2008 => Scanning File C:\WINDOWS\System32\logon.scr

 

Wed Apr 02 15:27:02 2008 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Wed Apr 02 15:27:02 2008 => Scanning File C:\PROGRA~1\Wanadoo\Watch.exe

Wed Apr 02 15:27:02 2008 => Scanning File C:\PROGRA~1\Wanadoo\GestMaj.exe

 

Wed Apr 02 15:27:02 2008 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce

 

Wed Apr 02 15:27:02 2008 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx

 

Wed Apr 02 15:27:02 2008 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices

 

Wed Apr 02 15:27:02 2008 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Wed Apr 02 15:27:02 2008 => Scanning File C:\WINDOWS\system32\ctfmon.exe

Wed Apr 02 15:27:03 2008 => Scanning File C:\PROGRA~1\McAfee\MSHR\ShrCL.EXE

 

Wed Apr 02 15:27:03 2008 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce

 

Wed Apr 02 15:27:03 2008 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx

 

Wed Apr 02 15:27:03 2008 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices

 

Wed Apr 02 15:27:03 2008 => Scanning HKCR\txtfile\shell\open\command

 

Wed Apr 02 15:27:03 2008 => Scanning HKCR\comfile\shell\open\command

 

Wed Apr 02 15:27:03 2008 => Scanning HKCR\exefile\shell\open\command

 

Wed Apr 02 15:27:03 2008 => Scanning HKCR\dllfile\shell\open\command

 

Wed Apr 02 15:27:03 2008 => Scanning HKCR\batfile\shell\open\command

 

Wed Apr 02 15:27:03 2008 => Scanning HKCR\piffile\shell\open\command

 

Wed Apr 02 15:27:03 2008 => Scanning HKCR\scrfile\shell\open\command

Wed Apr 02 15:27:03 2008 => Replacing Registry Value

 

Wed Apr 02 15:27:03 2008 => Scanning HKCR\scrfile\shell\config\command

 

Wed Apr 02 15:27:03 2008 => Scanning HKCR\regfile\shell\open\command

Wed Apr 02 15:27:03 2008 => Replacing Registry Value

 

Wed Apr 02 15:27:03 2008 => ***** Scanning StartUp Folders *****

 

Wed Apr 02 15:27:04 2008 => ***** Scanning C:\Documents and Settings\MAHE\Accessoires\Menu Démarrer\Démarrage Folder *****

Wed Apr 02 15:27:04 2008 => Scanning Folder: C:\Documents and Settings\MAHE\Accessoires\Menu Démarrer\Démarrage\*.*

Wed Apr 02 15:27:04 2008 => Scanning File C:\Documents and Settings\MAHE\Accessoires\Menu Démarrer\Démarrage\desktop.ini

 

Wed Apr 02 15:27:04 2008 => ***** Scanning C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage Folder *****

Wed Apr 02 15:27:04 2008 => Scanning Folder: C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\*.*

Wed Apr 02 15:27:04 2008 => Scanning File C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\desktop.ini

 

Wed Apr 02 15:27:04 2008 => ***** Scanning Service Files *****

Wed Apr 02 15:27:04 2008 => Scanning HKLM\SYSTEM\CurrentControlSet\Services

Wed Apr 02 15:27:04 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\ACPI.sys

Wed Apr 02 15:27:04 2008 => Scanning File C:\WINDOWS\system32\drivers\aec.sys

Wed Apr 02 15:27:04 2008 => Scanning File C:\WINDOWS\System32\drivers\afd.sys

Wed Apr 02 15:27:04 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\agp440.sys

Wed Apr 02 15:27:05 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\alcan5wn.sys

Wed Apr 02 15:27:05 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\alcaudsl.sys

Wed Apr 02 15:27:05 2008 => Scanning File C:\WINDOWS\system32\svchost.exe

Wed Apr 02 15:27:05 2008 => Scanning File C:\WINDOWS\System32\alg.exe

Wed Apr 02 15:27:05 2008 => Scanning File C:\WINDOWS\system32\svchost.exe

Wed Apr 02 15:27:05 2008 => Scanning File C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

Wed Apr 02 15:27:05 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\asyncmac.sys

Wed Apr 02 15:27:05 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\atapi.sys

Wed Apr 02 15:27:05 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\ati2mtag.sys

Wed Apr 02 15:27:06 2008 => ERROR!!! Invalid Entry System32\DRIVERS\atimtag.sys in SYSTEM\CurrentControlSet\Services\atimtag...

Wed Apr 02 15:27:06 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\atmarpc.sys

Wed Apr 02 15:27:06 2008 => Scanning File C:\WINDOWS\System32\svchost.exe

Wed Apr 02 15:27:06 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\audstub.sys

Wed Apr 02 15:27:06 2008 => Scanning File C:\WINDOWS\system32\drivers\AVFilter.sys

Wed Apr 02 15:27:06 2008 => Scanning File C:\WINDOWS\system32\drivers\AVHook.sys

Wed Apr 02 15:27:06 2008 => Scanning File C:\WINDOWS\system32\drivers\AVRec.sys

Wed Apr 02 15:27:06 2008 => ERROR!!! Invalid Entry \??\C:\Program Files\Softwin\BitDefender9\bdfdll.sys in SYSTEM\CurrentControlSet\Services\bdfdll...

Wed Apr 02 15:27:06 2008 => Scanning File C:\WINDOWS\system32\svchost.exe

Wed Apr 02 15:27:06 2008 => Scanning File C:\WINDOWS\system32\svchost.exe

Wed Apr 02 15:27:07 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\cdrom.sys

Wed Apr 02 15:27:07 2008 => Scanning File C:\WINDOWS\system32\cisvc.exe

Wed Apr 02 15:27:07 2008 => Scanning File C:\WINDOWS\system32\clipsrv.exe

Wed Apr 02 15:27:07 2008 => Scanning File C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

Wed Apr 02 15:27:07 2008 => Scanning File C:\WINDOWS\system32\drivers\cmaudio.sys

Wed Apr 02 15:27:07 2008 => Scanning File C:\WINDOWS\system32\dllhost.exe

Wed Apr 02 15:27:07 2008 => Scanning File C:\WINDOWS\system32\svchost.exe

Wed Apr 02 15:27:08 2008 => Scanning File C:\WINDOWS\system32\svchost.exe

Wed Apr 02 15:27:08 2008 => Scanning File C:\WINDOWS\system32\svchost.exe

Wed Apr 02 15:27:08 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\disk.sys

Wed Apr 02 15:27:08 2008 => ERROR!!! Invalid Entry c:\winnt\system32\os2\dll\packs\FireDaemon.EXE in SYSTEM\CurrentControlSet\Services\dll32...

Wed Apr 02 15:27:08 2008 => Scanning File C:\WINDOWS\System32\dmadmin.exe

Wed Apr 02 15:27:08 2008 => Scanning File C:\WINDOWS\system32\drivers\dmboot.sys

Wed Apr 02 15:27:09 2008 => Scanning File C:\WINDOWS\System32\svchost.exe

Wed Apr 02 15:27:09 2008 => Scanning File C:\WINDOWS\system32\drivers\DMusic.sys

Wed Apr 02 15:27:09 2008 => Scanning File C:\WINDOWS\system32\svchost.exe

Wed Apr 02 15:27:09 2008 => Scanning File C:\WINDOWS\system32\drivers\drmkaud.sys

Wed Apr 02 15:27:09 2008 => Scanning File C:\WINDOWS\System32\svchost.exe

Wed Apr 02 15:27:09 2008 => Scanning File C:\WINDOWS\system32\services.exe

Wed Apr 02 15:27:09 2008 => Scanning File C:\WINDOWS\system32\svchost.exe

Wed Apr 02 15:27:09 2008 => Scanning File C:\WINDOWS\System32\svchost.exe

Wed Apr 02 15:27:09 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\fdc.sys

Wed Apr 02 15:27:10 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\flpydisk.sys

Wed Apr 02 15:27:10 2008 => Scanning File C:\WINDOWS\system32\drivers\fltmgr.sys

Wed Apr 02 15:27:10 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\ftdisk.sys

Wed Apr 02 15:27:10 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\gameenum.sys

Wed Apr 02 15:27:10 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\msgpc.sys

Wed Apr 02 15:27:10 2008 => Scanning File C:\WINDOWS\System32\svchost.exe

Wed Apr 02 15:27:10 2008 => Scanning File C:\WINDOWS\System32\svchost.exe

Wed Apr 02 15:27:10 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\hidusb.sys

Wed Apr 02 15:27:11 2008 => Scanning File C:\WINDOWS\system32\Drivers\HTTP.sys

Wed Apr 02 15:27:11 2008 => Scanning File C:\WINDOWS\System32\svchost.exe

Wed Apr 02 15:27:11 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\i8042prt.sys

Wed Apr 02 15:27:11 2008 => Scanning File C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\11\INTEL3~1\IDriverT.exe

Wed Apr 02 15:27:11 2008 => Scanning File C:\WINDOWS\system32\drivers\ImapiRox.sys

Wed Apr 02 15:27:11 2008 => Scanning File C:\WINDOWS\system32\ImapiRox.exe

Wed Apr 02 15:27:12 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\intelide.sys

Wed Apr 02 15:27:12 2008 => Scanning File C:\WINDOWS\system32\drivers\ip6fw.sys

Wed Apr 02 15:27:12 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

Wed Apr 02 15:27:12 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\ipinip.sys

Wed Apr 02 15:27:12 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\ipnat.sys

Wed Apr 02 15:27:12 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\ipsec.sys

Wed Apr 02 15:27:12 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\irenum.sys

Wed Apr 02 15:27:12 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\isapnp.sys

Wed Apr 02 15:27:12 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\kbdclass.sys

Wed Apr 02 15:27:13 2008 => Scanning File C:\WINDOWS\system32\drivers\kmixer.sys

Wed Apr 02 15:27:13 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys

Wed Apr 02 15:27:13 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\L8042mou.Sys

Wed Apr 02 15:27:13 2008 => Scanning File C:\WINDOWS\system32\svchost.exe

Wed Apr 02 15:27:13 2008 => Scanning File C:\WINDOWS\system32\svchost.exe

Wed Apr 02 15:27:13 2008 => Scanning File C:\WINDOWS\system32\svchost.exe

Wed Apr 02 15:27:13 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\LMouKE.Sys

Wed Apr 02 15:27:13 2008 => Scanning File C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe

Wed Apr 02 15:27:13 2008 => Scanning File c:\PROGRA~1\FICHIE~1\mcafee\mna\mcnasvc.exe

Wed Apr 02 15:27:14 2008 => Scanning File C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe

Wed Apr 02 15:27:14 2008 => Scanning File c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe

Wed Apr 02 15:27:14 2008 => Scanning File C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe

Wed Apr 02 15:27:14 2008 => Scanning File C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe

Wed Apr 02 15:27:14 2008 => Scanning File C:\WINDOWS\system32\svchost.exe

Wed Apr 02 15:27:14 2008 => Scanning File C:\WINDOWS\system32\drivers\mfeavfk.sys

Wed Apr 02 15:27:14 2008 => Scanning File C:\WINDOWS\system32\drivers\mfebopk.sys

Wed Apr 02 15:27:15 2008 => Scanning File C:\WINDOWS\system32\drivers\mfehidk.sys

Wed Apr 02 15:27:15 2008 => Scanning File C:\WINDOWS\system32\drivers\mferkdk.sys

Wed Apr 02 15:27:15 2008 => Scanning File C:\WINDOWS\system32\drivers\mfesmfk.sys

Wed Apr 02 15:27:15 2008 => Scanning File C:\WINDOWS\System32\mnmsrvc.exe

Wed Apr 02 15:27:15 2008 => Scanning File C:\WINDOWS\system32\drivers\MODEMCSA.sys

Wed Apr 02 15:27:15 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\mouclass.sys

Wed Apr 02 15:27:15 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\mouhid.sys

Wed Apr 02 15:27:15 2008 => Scanning File C:\WINDOWS\system32\Drivers\Mpfp.sys

Wed Apr 02 15:27:15 2008 => Scanning File C:\PROGRA~1\McAfee\MPF\MPFSrv.exe

Wed Apr 02 15:27:16 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\mrxdav.sys

Wed Apr 02 15:27:16 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

Wed Apr 02 15:27:17 2008 => Scanning File C:\WINDOWS\System32\msdtc.exe

Wed Apr 02 15:27:17 2008 => Scanning File C:\WINDOWS\system32\msiexec.exe

Wed Apr 02 15:27:17 2008 => Scanning File C:\WINDOWS\system32\drivers\MSKSSRV.sys

Wed Apr 02 15:27:17 2008 => Scanning File C:\WINDOWS\system32\drivers\MSPCLOCK.sys

Wed Apr 02 15:27:17 2008 => Scanning File C:\WINDOWS\system32\drivers\MSPQM.sys

Wed Apr 02 15:27:17 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\mssmbios.sys

Wed Apr 02 15:27:17 2008 => Scanning File C:\WINDOWS\system32\drivers\msmpu401.sys

Wed Apr 02 15:27:17 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\Mtlmnt5.sys

Wed Apr 02 15:27:17 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\Mtlstrm.sys

Wed Apr 02 15:27:18 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\ndistapi.sys

Wed Apr 02 15:27:18 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\ndisuio.sys

Wed Apr 02 15:27:18 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\ndiswan.sys

Wed Apr 02 15:27:18 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\netbios.sys

Wed Apr 02 15:27:18 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\netbt.sys

Wed Apr 02 15:27:19 2008 => Scanning File C:\WINDOWS\system32\netdde.exe

Wed Apr 02 15:27:19 2008 => Scanning File C:\WINDOWS\system32\netdde.exe

Wed Apr 02 15:27:19 2008 => Scanning File C:\WINDOWS\system32\lsass.exe

Wed Apr 02 15:27:19 2008 => Scanning File C:\WINDOWS\System32\svchost.exe

Wed Apr 02 15:27:19 2008 => Scanning File C:\WINDOWS\system32\svchost.exe

Wed Apr 02 15:27:19 2008 => Scanning File C:\WINDOWS\system32\lsass.exe

Wed Apr 02 15:27:19 2008 => Scanning File C:\WINDOWS\system32\svchost.exe

Wed Apr 02 15:27:19 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\NtMtlFax.sys

Wed Apr 02 15:27:20 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

Wed Apr 02 15:27:20 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

Wed Apr 02 15:27:20 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

Wed Apr 02 15:27:20 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys

Wed Apr 02 15:27:21 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\nwlnknb.sys

Wed Apr 02 15:27:21 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys

Wed Apr 02 15:27:21 2008 => Scanning File C:\WINDOWS\system32\drivers\PalmUSBD.sys

Wed Apr 02 15:27:21 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\parport.sys

Wed Apr 02 15:27:21 2008 => ERROR!!! Invalid Entry \??\C:\WINDOWS\system32\PCAMPR5.SYS in SYSTEM\CurrentControlSet\Services\PCAMPR5...

Wed Apr 02 15:27:21 2008 => Scanning File C:\WINDOWS\SYSTEM32\PCANDIS5.SYS

Wed Apr 02 15:27:21 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\pci.sys

Wed Apr 02 15:27:21 2008 => ERROR!!! Invalid Entry "C:\Program Files\PC Tools AntiVirus\PCTAVSvc.exe" in SYSTEM\CurrentControlSet\Services\PCTAVSvc...

Wed Apr 02 15:27:21 2008 => Scanning File C:\WINDOWS\system32\services.exe

Wed Apr 02 15:27:21 2008 => Scanning File C:\WINDOWS\system32\lsass.exe

Wed Apr 02 15:27:21 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\raspptp.sys

Wed Apr 02 15:27:22 2008 => Scanning File C:\WINDOWS\system32\lsass.exe

Wed Apr 02 15:27:22 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\psched.sys

Wed Apr 02 15:27:22 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\ptilink.sys

Wed Apr 02 15:27:22 2008 => Scanning File C:\WINDOWS\system32\Drivers\PxHelp20.sys

Wed Apr 02 15:27:22 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\rasacd.sys

Wed Apr 02 15:27:22 2008 => Scanning File C:\WINDOWS\system32\svchost.exe

Wed Apr 02 15:27:22 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

Wed Apr 02 15:27:22 2008 => Scanning File C:\WINDOWS\system32\svchost.exe

Wed Apr 02 15:27:22 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\raspppoe.sys

Wed Apr 02 15:27:22 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\raspti.sys

Wed Apr 02 15:27:22 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\rdbss.sys

Wed Apr 02 15:27:23 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

Wed Apr 02 15:27:23 2008 => Scanning File C:\WINDOWS\system32\sessmgr.exe

Wed Apr 02 15:27:23 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\RecAgent.sys

Wed Apr 02 15:27:23 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\redbook.sys

Wed Apr 02 15:27:23 2008 => Scanning File C:\WINDOWS\system32\svchost.exe

Wed Apr 02 15:27:23 2008 => Scanning File C:\WINDOWS\system32\locator.exe

Wed Apr 02 15:27:23 2008 => Scanning File C:\WINDOWS\system32\svchost.exe

Wed Apr 02 15:27:23 2008 => Scanning File C:\WINDOWS\system32\rsvp.exe

Wed Apr 02 15:27:24 2008 => Scanning File C:\WINDOWS\system32\lsass.exe

Wed Apr 02 15:27:24 2008 => Scanning File C:\WINDOWS\System32\SCardSvr.exe

Wed Apr 02 15:27:24 2008 => Scanning File C:\WINDOWS\System32\SCardSvr.exe

Wed Apr 02 15:27:24 2008 => Scanning File C:\WINDOWS\System32\svchost.exe

Wed Apr 02 15:27:24 2008 => Scanning File C:\WINDOWS\system32\drivers\scsiport.sys

Wed Apr 02 15:27:24 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\secdrv.sys

Wed Apr 02 15:27:24 2008 => Scanning File C:\WINDOWS\System32\svchost.exe

Wed Apr 02 15:27:24 2008 => Scanning File C:\WINDOWS\system32\svchost.exe

Wed Apr 02 15:27:24 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\serenum.sys

Wed Apr 02 15:27:24 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\serial.sys

Wed Apr 02 15:27:25 2008 => Scanning File C:\WINDOWS\system32\svchost.exe

Wed Apr 02 15:27:25 2008 => Scanning File C:\WINDOWS\System32\svchost.exe

Wed Apr 02 15:27:25 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\slntamr.sys

Wed Apr 02 15:27:25 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\Slnthal.sys

Wed Apr 02 15:27:25 2008 => Scanning File C:\WINDOWS\system32\slserv.exe

Wed Apr 02 15:27:25 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\SlWdmSup.sys

Wed Apr 02 15:27:26 2008 => Scanning File C:\WINDOWS\system32\drivers\splitter.sys

Wed Apr 02 15:27:26 2008 => Scanning File C:\WINDOWS\system32\spoolsv.exe

Wed Apr 02 15:27:26 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\sr.sys

Wed Apr 02 15:27:26 2008 => Scanning File C:\WINDOWS\system32\svchost.exe

Wed Apr 02 15:27:26 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\srv.sys

Wed Apr 02 15:27:26 2008 => Scanning File C:\WINDOWS\system32\svchost.exe

Wed Apr 02 15:27:26 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\serscan.sys

Wed Apr 02 15:27:26 2008 => Scanning File C:\WINDOWS\system32\svchost.exe

Wed Apr 02 15:27:26 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\swenum.sys

Wed Apr 02 15:27:27 2008 => Scanning File C:\WINDOWS\system32\drivers\swmidi.sys

Wed Apr 02 15:27:27 2008 => Scanning File C:\WINDOWS\system32\dllhost.exe

Wed Apr 02 15:27:27 2008 => Scanning File C:\WINDOWS\system32\drivers\sysaudio.sys

Wed Apr 02 15:27:27 2008 => Scanning File C:\WINDOWS\system32\smlogsvc.exe

Wed Apr 02 15:27:27 2008 => Scanning File C:\WINDOWS\System32\svchost.exe

Wed Apr 02 15:27:27 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\tcpip.sys

Wed Apr 02 15:27:27 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\termdd.sys

Wed Apr 02 15:27:27 2008 => Scanning File C:\WINDOWS\System32\svchost.exe

Wed Apr 02 15:27:27 2008 => Scanning File C:\WINDOWS\System32\svchost.exe

Wed Apr 02 15:27:27 2008 => Scanning File C:\WINDOWS\system32\svchost.exe

Wed Apr 02 15:27:28 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\update.sys

Wed Apr 02 15:27:28 2008 => Scanning File C:\WINDOWS\system32\svchost.exe

Wed Apr 02 15:27:28 2008 => Scanning File C:\WINDOWS\System32\ups.exe

Wed Apr 02 15:27:28 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\usbccgp.sys

Wed Apr 02 15:27:28 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\usbhub.sys

Wed Apr 02 15:27:28 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\usbprint.sys

Wed Apr 02 15:27:28 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\usbscan.sys

Wed Apr 02 15:27:28 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

Wed Apr 02 15:27:28 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\usbuhci.sys

Wed Apr 02 15:27:28 2008 => Scanning File C:\WINDOWS\System32\drivers\vga.sys

Wed Apr 02 15:27:28 2008 => Scanning File C:\WINDOWS\System32\vssvc.exe

Wed Apr 02 15:27:29 2008 => Scanning File C:\WINDOWS\System32\svchost.exe

Wed Apr 02 15:27:29 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\wanarp.sys

Wed Apr 02 15:27:29 2008 => Scanning File C:\WINDOWS\system32\drivers\wdmaud.sys

Wed Apr 02 15:27:29 2008 => Scanning File C:\WINDOWS\system32\svchost.exe

Wed Apr 02 15:27:29 2008 => Scanning File C:\WINDOWS\system32\svchost.exe

Wed Apr 02 15:27:29 2008 => Scanning File C:\WINDOWS\System32\svchost.exe

Wed Apr 02 15:27:29 2008 => Scanning File C:\WINDOWS\system32\wbem\wmiapsrv.exe

Wed Apr 02 15:27:30 2008 => Scanning File C:\PROGRA~1\WINDOW~3\WMPNetwk.exe

Wed Apr 02 15:27:30 2008 => Scanning File C:\WINDOWS\System32\drivers\ws2ifsl.sys

Wed Apr 02 15:27:30 2008 => Scanning File C:\WINDOWS\System32\svchost.exe

Wed Apr 02 15:27:30 2008 => Scanning File C:\WINDOWS\system32\svchost.exe

Wed Apr 02 15:27:30 2008 => Scanning File C:\WINDOWS\system32\DRIVERS\WudfPf.sys

Wed Apr 02 15:27:30 2008 => Scanning File C:\WINDOWS\system32\svchost.exe

Wed Apr 02 15:27:30 2008 => Scanning File C:\WINDOWS\System32\svchost.exe

Wed Apr 02 15:27:30 2008 => Scanning File C:\WINDOWS\System32\svchost.exe

 

Wed Apr 02 15:27:30 2008 => ***** Scanning System32 Folders *****

Wed Apr 02 15:27:30 2008 => Scanning C:\WINDOWS Directory

Wed Apr 02 15:27:30 2008 => Scanning Folder: C:\WINDOWS\*.*

Wed Apr 02 15:27:32 2008 => Scanning File C:\WINDOWS\0.log [**]

Wed Apr 02 15:27:32 2008 => Scanning File C:\WINDOWS\002376_.tmp

Wed Apr 02 15:27:32 2008 => Scanning File C:\WINDOWS\002386_.tmp

Wed Apr 02 15:27:33 2008 => Scanning File C:\WINDOWS\ACROREAD.INI

Wed Apr 02 15:27:33 2008 => Scanning File C:\WINDOWS\ajzedll.exe [**]

Wed Apr 02 15:27:33 2008 => Scanning File C:\WINDOWS\ajzeenc.exe [**]

Wed Apr 02 15:27:33 2008 => Scanning File C:\WINDOWS\ban.dat

Wed Apr 02 15:27:33 2008 => Scanning File C:\WINDOWS\bootstat.dat

Wed Apr 02 15:27:33 2008 => Scanning File C:\WINDOWS\bwUnin-6.1.4.68-8876480L.exe

Wed Apr 02 15:27:33 2008 => Scanning File C:\WINDOWS\CDE DX4000EFDG.ini

Wed Apr 02 15:27:33 2008 => Scanning File C:\WINDOWS\cdplayer.ini

Wed Apr 02 15:27:33 2008 => Scanning File C:\WINDOWS\CFindUninst.exe

Wed Apr 02 15:27:33 2008 => Scanning File C:\WINDOWS\CGLLIOPM.ini

Wed Apr 02 15:27:33 2008 => Scanning File C:\WINDOWS\clock.avi

Wed Apr 02 15:27:33 2008 => Scanning File C:\WINDOWS\cmaudio.dat

Wed Apr 02 15:27:34 2008 => Scanning File C:\WINDOWS\cmijack.dat

Wed Apr 02 15:27:34 2008 => Scanning File C:\WINDOWS\cmuninst.dat

Wed Apr 02 15:27:34 2008 => Scanning File C:\WINDOWS\cmuninst.exe

Wed Apr 02 15:27:34 2008 => Scanning File C:\WINDOWS\control.ini [**]

Wed Apr 02 15:27:34 2008 => Scanning File C:\WINDOWS\desktop.ini

Wed Apr 02 15:27:34 2008 => Scanning File C:\WINDOWS\EPSMTL32.TXT

Wed Apr 02 15:27:34 2008 => Scanning File C:\WINDOWS\err.txt

Wed Apr 02 15:27:34 2008 => Scanning File C:\WINDOWS\EventSystem.log

Wed Apr 02 15:27:34 2008 => Scanning File C:\WINDOWS\explorer.exe

Wed Apr 02 15:27:34 2008 => Scanning File C:\WINDOWS\explorer.scf

Wed Apr 02 15:27:34 2008 => Scanning File C:\WINDOWS\FSAVUNIN.MIF

Wed Apr 02 15:27:34 2008 => Scanning File C:\WINDOWS\FSMAUNIN.MIF

Wed Apr 02 15:27:35 2008 => Scanning File C:\WINDOWS\FSWSS.MIF

Wed Apr 02 15:27:35 2008 => Scanning File C:\WINDOWS\hh.exe

Wed Apr 02 15:27:35 2008 => Scanning File C:\WINDOWS\ieuninst.exe

Wed Apr 02 15:27:35 2008 => Scanning File C:\WINDOWS\ImpotRevenu.ini

Wed Apr 02 15:27:35 2008 => Scanning File C:\WINDOWS\irPreferredFolders.ini

Wed Apr 02 15:27:35 2008 => Scanning File C:\WINDOWS\ISSM0065.DAT

Wed Apr 02 15:27:35 2008 => Scanning File C:\WINDOWS\IsUn040c.exe

Wed Apr 02 15:27:35 2008 => Scanning File C:\WINDOWS\IsUninst.exe

Wed Apr 02 15:27:36 2008 => Scanning File C:\WINDOWS\jautoexp.dat

Wed Apr 02 15:27:36 2008 => Scanning File C:\WINDOWS\lu.dat

Wed Apr 02 15:27:36 2008 => Scanning File C:\WINDOWS\lupd.dat

Wed Apr 02 15:27:36 2008 => Scanning File C:\WINDOWS\mixer.exe

Wed Apr 02 15:27:37 2008 => Scanning File C:\WINDOWS\mixerdef.ini

Wed Apr 02 15:27:37 2008 => Scanning File C:\WINDOWS\ModemLog_Smart Link 56K Voice Modem #2.txt

Wed Apr 02 15:27:37 2008 => Scanning File C:\WINDOWS\ModemLog_Smart Link 56K Voice Modem.txt

Wed Apr 02 15:27:37 2008 => Scanning File C:\WINDOWS\mozver.dat

Wed Apr 02 15:27:37 2008 => Scanning File C:\WINDOWS\msdfmap.ini

Wed Apr 02 15:27:37 2008 => Scanning File C:\WINDOWS\muninst.exe

Wed Apr 02 15:27:37 2008 => Scanning File C:\WINDOWS\MyPhotosNow Screen Saver.FR

Wed Apr 02 15:27:37 2008 => Scanning File C:\WINDOWS\MyPhotosNow Screen Saver.SCR

Wed Apr 02 15:27:38 2008 => Scanning File C:\WINDOWS\Nero PhotoShow.scr

Wed Apr 02 15:27:38 2008 => Scanning File C:\WINDOWS\notepad.exe

Wed Apr 02 15:27:38 2008 => Scanning File C:\WINDOWS\nsreg.dat

Wed Apr 02 15:27:38 2008 => Scanning File C:\WINDOWS\NSUninst.exe

Wed Apr 02 15:27:39 2008 => Scanning File C:\WINDOWS\ntbtlog.txt

Wed Apr 02 15:27:39 2008 => Scanning File C:\WINDOWS\nui.dat

Wed Apr 02 15:27:39 2008 => Scanning File C:\WINDOWS\nxui.dat

Wed Apr 02 15:27:39 2008 => Scanning File C:\WINDOWS\ODBC.INI

Wed Apr 02 15:27:39 2008 => Scanning File C:\WINDOWS\ODBCINST.INI

Wed Apr 02 15:27:39 2008 => Scanning File C:\WINDOWS\oeuninst.exe

Wed Apr 02 15:27:39 2008 => Scanning File C:\WINDOWS\ofxnm.dat

Wed Apr 02 15:27:39 2008 => Scanning File C:\WINDOWS\OpPrintServer.INI [**]

Wed Apr 02 15:27:39 2008 => Scanning File C:\WINDOWS\opuc.dll

Wed Apr 02 15:27:39 2008 => Scanning File C:\WINDOWS\P2kRotate.ini [**]

Wed Apr 02 15:27:39 2008 => Scanning File C:\WINDOWS\POCE98.DLL

Wed Apr 02 15:27:40 2008 => Scanning File C:\WINDOWS\POCELANG.DLL

Wed Apr 02 15:27:40 2008 => Scanning File C:\WINDOWS\PROTOCOL.INI [**]

Wed Apr 02 15:27:40 2008 => Scanning File C:\WINDOWS\Q330994.exe

Wed Apr 02 15:27:40 2008 => Scanning File C:\WINDOWS\QTFont.for

Wed Apr 02 15:27:40 2008 => Scanning File C:\WINDOWS\QTFont.qfn

Wed Apr 02 15:27:40 2008 => Scanning File C:\WINDOWS\QuickInstall.INI [**]

Wed Apr 02 15:27:40 2008 => Scanning File C:\WINDOWS\regedit.exe

Wed Apr 02 15:27:40 2008 => Scanning File C:\WINDOWS\REGLOCS.OLD

Wed Apr 02 15:27:40 2008 => Scanning File C:\WINDOWS\SchedLgU.Txt

Wed Apr 02 15:27:40 2008 => Scanning File C:\WINDOWS\SET3.tmp

Wed Apr 02 15:27:40 2008 => Scanning File C:\WINDOWS\SET51.tmp

Wed Apr 02 15:27:41 2008 => Scanning File C:\WINDOWS\SET52.tmp

Wed Apr 02 15:27:41 2008 => Scanning File C:\WINDOWS\SET54.tmp

Wed Apr 02 15:27:41 2008 => Scanning File C:\WINDOWS\SET5E.tmp

Wed Apr 02 15:27:41 2008 => Scanning File C:\WINDOWS\SET60.tmp

Wed Apr 02 15:27:41 2008 => Scanning File C:\WINDOWS\SET7.tmp

Wed Apr 02 15:27:41 2008 => Scanning File C:\WINDOWS\setdebug.exe

Wed Apr 02 15:27:41 2008 => Scanning File C:\WINDOWS\setupapi.log.0.old

Wed Apr 02 15:27:41 2008 => Scanning File C:\WINDOWS\setupapi.old

Wed Apr 02 15:27:41 2008 => Scanning File C:\WINDOWS\sfwv.dat

Wed Apr 02 15:27:41 2008 => Scanning File C:\WINDOWS\sfxnm.dat

Wed Apr 02 15:27:41 2008 => Scanning File C:\WINDOWS\slrundll.exe

Wed Apr 02 15:27:41 2008 => Scanning File C:\WINDOWS\Sti_Trace.log [**]

Wed Apr 02 15:27:41 2008 => Scanning File C:\WINDOWS\System.ini

Wed Apr 02 15:27:41 2008 => Scanning File C:\WINDOWS\taskman.exe

Wed Apr 02 15:27:41 2008 => Scanning File C:\WINDOWS\TEMPIadHide3.dll

Wed Apr 02 15:27:41 2008 => Scanning File C:\WINDOWS\tfxnm.dat

Wed Apr 02 15:27:41 2008 => Scanning File C:\WINDOWS\Thumbs.db

Wed Apr 02 15:27:42 2008 => Scanning File C:\WINDOWS\twain.dll

Wed Apr 02 15:27:42 2008 => Scanning File C:\WINDOWS\twain_32.dll

Wed Apr 02 15:27:42 2008 => Scanning File C:\WINDOWS\twunk_16.exe

Wed Apr 02 15:27:42 2008 => Scanning File C:\WINDOWS\twunk_32.exe

Wed Apr 02 15:27:42 2008 => Scanning File C:\WINDOWS\uid.dat

Wed Apr 02 15:27:42 2008 => Scanning File C:\WINDOWS\uid24.key

Wed Apr 02 15:27:42 2008 => Scanning File C:\WINDOWS\uid32.key

Wed Apr 02 15:27:42 2008 => Scanning File C:\WINDOWS\uneng.exe

Wed Apr 02 15:27:42 2008 => Scanning File C:\WINDOWS\uninst.exe

Wed Apr 02 15:27:43 2008 => Scanning File C:\WINDOWS\UPGRADE.TXT

Wed Apr 02 15:27:43 2008 => Scanning File C:\WINDOWS\vb.ini

Wed Apr 02 15:27:43 2008 => Scanning File C:\WINDOWS\vbaddin.ini

Wed Apr 02 15:27:43 2008 => Scanning File C:\WINDOWS\vmmreg32.dll

Wed Apr 02 15:27:43 2008 => Scanning File C:\WINDOWS\wiadebug.log

Wed Apr 02 15:27:43 2008 => Scanning File C:\WINDOWS\wiaservc.log

Wed Apr 02 15:27:43 2008 => Scanning File C:\WINDOWS\win.ini

Wed Apr 02 15:27:43 2008 => Scanning File C:\WINDOWS\WindowsShell.Manifest

Wed Apr 02 15:27:43 2008 => Scanning File C:\WINDOWS\WindowsUpdate.log

Wed Apr 02 15:27:43 2008 => Scanning File C:\WINDOWS\winhelp.exe

Wed Apr 02 15:27:43 2008 => Scanning File C:\WINDOWS\winhlp32.exe

Wed Apr 02 15:27:44 2008 => Scanning File C:\WINDOWS\wininit.ini

Wed Apr 02 15:27:44 2008 => Scanning File C:\WINDOWS\winnt.bmp

Wed Apr 02 15:27:44 2008 => Scanning File C:\WINDOWS\winnt256.bmp

Wed Apr 02 15:27:44 2008 => Scanning File C:\WINDOWS\WMSysPr9.prx

Wed Apr 02 15:27:44 2008 => Scanning File C:\WINDOWS\WMSysPrx.prx

Wed Apr 02 15:27:44 2008 => Scanning File C:\WINDOWS\WRServices.dll

Wed Apr 02 15:27:45 2008 => Scanning File C:\WINDOWS\_default.pif

Wed Apr 02 15:27:45 2008 => Scanning File C:\WINDOWS\~GLC0000.TMP

Wed Apr 02 15:27:45 2008 => Scanning File C:\WINDOWS\~GLC0001.TMP

Wed Apr 02 15:27:45 2008 => Scanning File C:\WINDOWS\~GLC0002.TMP

Wed Apr 02 15:27:45 2008 => Scanning File C:\WINDOWS\~GLC0003.TMP

Wed Apr 02 15:27:45 2008 => Scanning C:\WINDOWS\system32 Directory

Wed Apr 02 15:27:45 2008 => Scanning Folder: C:\WINDOWS\system32\*.*

Wed Apr 02 15:27:45 2008 => Scanning File C:\WINDOWS\system32\$winnt$.inf

Wed Apr 02 15:27:45 2008 => Scanning File C:\WINDOWS\system32\12520437.cpx

Wed Apr 02 15:27:45 2008 => Scanning File C:\WINDOWS\system32\12520850.cpx

Wed Apr 02 15:27:45 2008 => Scanning File C:\WINDOWS\system32\6to4svc.dll

Wed Apr 02 15:27:45 2008 => Scanning File C:\WINDOWS\system32\a15.tbl

Wed Apr 02 15:27:46 2008 => Scanning File C:\WINDOWS\system32\a234.tbl

Wed Apr 02 15:27:46 2008 => Scanning File C:\WINDOWS\system32\a3d.dll

Wed Apr 02 15:27:46 2008 => Scanning File C:\WINDOWS\system32\aaaamon.dll

Wed Apr 02 15:27:46 2008 => Scanning File C:\WINDOWS\system32\access.cpl

Wed Apr 02 15:27:46 2008 => Scanning File C:\WINDOWS\system32\acctres.dll

Wed Apr 02 15:27:46 2008 => Scanning File C:\WINDOWS\system32\accwiz.exe

Wed Apr 02 15:27:46 2008 => Scanning File C:\WINDOWS\system32\acelpdec.ax

Wed Apr 02 15:27:46 2008 => Scanning File C:\WINDOWS\system32\acledit.dll

Wed Apr 02 15:27:47 2008 => Scanning File C:\WINDOWS\system32\aclui.dll

Wed Apr 02 15:27:47 2008 => Scanning File C:\WINDOWS\system32\acode.tbl

Wed Apr 02 15:27:47 2008 => Scanning File C:\WINDOWS\system32\activeds.dll

Wed Apr 02 15:27:47 2008 => Scanning File C:\WINDOWS\system32\activeds.tlb

Wed Apr 02 15:27:47 2008 => Scanning File C:\WINDOWS\system32\actmovie.exe

Wed Apr 02 15:27:47 2008 => Scanning File C:\WINDOWS\system32\actxprxy.dll

Wed Apr 02 15:27:47 2008 => Scanning File C:\WINDOWS\system32\admparse.dll

Wed Apr 02 15:27:47 2008 => Scanning File C:\WINDOWS\system32\adptif.dll

Wed Apr 02 15:27:48 2008 => Scanning File C:\WINDOWS\system32\adsldp.dll

Wed Apr 02 15:27:48 2008 => Scanning File C:\WINDOWS\system32\adsldpc.dll

Wed Apr 02 15:27:48 2008 => Scanning File C:\WINDOWS\system32\adsmsext.dll

Wed Apr 02 15:27:48 2008 => Scanning File C:\WINDOWS\system32\adsnt.dll

Wed Apr 02 15:27:48 2008 => Scanning File C:\WINDOWS\system32\advapi32.dll

Wed Apr 02 15:27:48 2008 => Scanning File C:\WINDOWS\system32\advpack.dll

Wed Apr 02 15:27:48 2008 => Scanning File C:\WINDOWS\system32\advpack.dll.mui

Wed Apr 02 15:27:48 2008 => Scanning File C:\WINDOWS\system32\ahui.exe

Wed Apr 02 15:27:49 2008 => Scanning File C:\WINDOWS\system32\alg.exe

Wed Apr 02 15:27:49 2008 => Scanning File C:\WINDOWS\system32\alrsvc.dll

Wed Apr 02 15:27:49 2008 => Scanning File C:\WINDOWS\system32\amcompat.tlb

Wed Apr 02 15:27:49 2008 => Scanning File C:\WINDOWS\system32\amstream.dll

Wed Apr 02 15:27:49 2008 => Scanning File C:\WINDOWS\system32\ansi.sys

Wed Apr 02 15:27:49 2008 => Scanning File C:\WINDOWS\system32\apatch.ocx

Wed Apr 02 15:27:49 2008 => Scanning File C:\WINDOWS\system32\apcups.dll

Wed Apr 02 15:27:49 2008 => Scanning File C:\WINDOWS\system32\append.exe

Wed Apr 02 15:27:50 2008 => Scanning File C:\WINDOWS\system32\apphelp.dll

Wed Apr 02 15:27:50 2008 => Scanning File C:\WINDOWS\system32\appwiz.cpl

Wed Apr 02 15:27:50 2008 => Scanning File C:\WINDOWS\system32\arp.exe

Wed Apr 02 15:27:50 2008 => Scanning File C:\WINDOWS\system32\arphr.tbl

Wed Apr 02 15:27:50 2008 => Scanning File C:\WINDOWS\system32\arptr.tbl

Wed Apr 02 15:27:50 2008 => Scanning File C:\WINDOWS\system32\array30.tab

Wed Apr 02 15:27:50 2008 => Scanning File C:\WINDOWS\system32\arrayhw.tab

Wed Apr 02 15:27:50 2008 => Scanning File C:\WINDOWS\system32\asctrls.ocx

Wed Apr 02 15:27:50 2008 => Scanning File C:\WINDOWS\system32\asferror.dll

Wed Apr 02 15:27:51 2008 => Scanning File C:\WINDOWS\system32\asfsipc.dll

Wed Apr 02 15:27:51 2008 => Scanning File C:\WINDOWS\system32\asycfilt.dll

Wed Apr 02 15:27:51 2008 => Scanning File C:\WINDOWS\system32\at.exe

Wed Apr 02 15:27:51 2008 => Scanning File C:\WINDOWS\system32\ati2cqag.dll

Wed Apr 02 15:27:51 2008 => Scanning File C:\WINDOWS\system32\ati2dvaa.dll

Wed Apr 02 15:27:51 2008 => Scanning File C:\WINDOWS\system32\ati2dvag.dll

Wed Apr 02 15:27:52 2008 => Scanning File C:\WINDOWS\system32\ati3d1ag.dll

Wed Apr 02 15:27:52 2008 => Scanning File C:\WINDOWS\system32\ati3duag.dll

Wed Apr 02 15:27:52 2008 => Scanning File C:\WINDOWS\system32\ativdaxx.ax

Wed Apr 02 15:27:52 2008 => Scanning File C:\WINDOWS\system32\ativmvxx.ax

Wed Apr 02 15:27:52 2008 => Scanning File C:\WINDOWS\system32\ativtmxx.dll

Wed Apr 02 15:27:52 2008 => Scanning File C:\WINDOWS\system32\ativvaxx.dll

Wed Apr 02 15:27:53 2008 => Scanning File C:\WINDOWS\system32\atkctrs.dll

Wed Apr 02 15:27:53 2008 => Scanning File C:\WINDOWS\system32\atl.dll

Wed Apr 02 15:27:53 2008 => Scanning File C:\WINDOWS\system32\atl71.dll

Wed Apr 02 15:27:53 2008 => Scanning File C:\WINDOWS\system32\atmadm.exe

Wed Apr 02 15:27:53 2008 => Scanning File C:\WINDOWS\system32\atmfd.dll

Wed Apr 02 15:27:53 2008 => Scanning File C:\WINDOWS\system32\atmlib.dll

Wed Apr 02 15:27:54 2008 => Scanning File C:\WINDOWS\system32\atmpvcno.dll

Wed Apr 02 15:27:54 2008 => Scanning File C:\WINDOWS\system32\atrace.dll

Wed Apr 02 15:27:54 2008 => Scanning File C:\WINDOWS\system32\attrib.exe

Wed Apr 02 15:27:54 2008 => Scanning File C:\WINDOWS\system32\Audio3D.dll

Wed Apr 02 15:27:54 2008 => Scanning File C:\WINDOWS\system32\audiodev.dll

Wed Apr 02 15:27:54 2008 => Scanning File C:\WINDOWS\system32\audiosrv.dll

Wed Apr 02 15:27:54 2008 => Scanning File C:\WINDOWS\system32\auditusr.exe

Wed Apr 02 15:27:54 2008 => Scanning File C:\WINDOWS\system32\authz.dll

Wed Apr 02 15:27:55 2008 => Scanning File C:\WINDOWS\system32\autochk.exe

Wed Apr 02 15:27:55 2008 => Scanning File C:\WINDOWS\system32\autoconv.exe

Wed Apr 02 15:27:55 2008 => Scanning File C:\WINDOWS\system32\autodisc.dll

Wed Apr 02 15:27:55 2008 => Scanning File C:\WINDOWS\system32\autofmt.exe

Wed Apr 02 15:27:56 2008 => Scanning File C:\WINDOWS\system32\autolfn.exe

Wed Apr 02 15:27:56 2008 => Scanning File C:\WINDOWS\system32\avicap.dll

Wed Apr 02 15:27:56 2008 => Scanning File C:\WINDOWS\system32\avicap32.dll

Wed Apr 02 15:27:56 2008 => Scanning File C:\WINDOWS\system32\avifil32.dll

Wed Apr 02 15:27:56 2008 => Scanning File C:\WINDOWS\system32\avifile.dll

Wed Apr 02 15:27:56 2008 => Scanning File C:\WINDOWS\system32\avmeter.dll

Wed Apr 02 15:27:56 2008 => Scanning File C:\WINDOWS\system32\avtapi.dll

Wed Apr 02 15:27:57 2008 => Scanning File C:\WINDOWS\system32\avwav.dll

Wed Apr 02 15:27:57 2008 => Scanning File C:\WINDOWS\system32\basesrv.dll

Wed Apr 02 15:27:57 2008 => Scanning File C:\WINDOWS\system32\batmeter.dll

Wed Apr 02 15:27:57 2008 => Scanning File C:\WINDOWS\system32\batt.dll

Wed Apr 02 15:27:57 2008 => Scanning File C:\WINDOWS\system32\BDEADMIN.CPL

Wed Apr 02 15:27:57 2008 => Scanning File C:\WINDOWS\system32\bdod.bin

Wed Apr 02 15:27:57 2008 => Scanning File C:\WINDOWS\system32\bidispl.dll

Wed Apr 02 15:27:57 2008 => Scanning File C:\WINDOWS\system32\big5.nls

Wed Apr 02 15:27:57 2008 => Scanning File C:\WINDOWS\system32\bios1.rom

Wed Apr 02 15:27:57 2008 => Scanning File C:\WINDOWS\system32\bios4.rom

Wed Apr 02 15:27:57 2008 => Scanning File C:\WINDOWS\system32\bitsprx2.dll

Wed Apr 02 15:27:58 2008 => Scanning File C:\WINDOWS\system32\bitsprx3.dll

Wed Apr 02 15:27:58 2008 => Scanning File C:\WINDOWS\system32\blackbox.dll

Wed Apr 02 15:27:58 2008 => Scanning File C:\WINDOWS\system32\blastcln.exe

Wed Apr 02 15:27:58 2008 => Scanning File C:\WINDOWS\system32\bootok.exe

Wed Apr 02 15:27:58 2008 => Scanning File C:\WINDOWS\system32\bootvid.dll

Wed Apr 02 15:27:58 2008 => Scanning File C:\WINDOWS\system32\bootvrfy.exe

Wed Apr 02 15:27:58 2008 => Scanning File C:\WINDOWS\system32\bopomofo.nls

Wed Apr 02 15:27:58 2008 => Scanning File C:\WINDOWS\system32\browselc.dll

Wed Apr 02 15:27:59 2008 => Scanning File C:\WINDOWS\system32\browser.dll

Wed Apr 02 15:27:59 2008 => Scanning File C:\WINDOWS\system32\browseui(2).dll

Wed Apr 02 15:27:59 2008 => Scanning File C:\WINDOWS\system32\browseui.dll

Wed Apr 02 15:27:59 2008 => Scanning File C:\WINDOWS\system32\browsewm.dll

Wed Apr 02 15:27:59 2008 => Scanning File C:\WINDOWS\system32\bthci.dll

Wed Apr 02 15:27:59 2008 => Scanning File C:\WINDOWS\system32\bthprops.cpl

Wed Apr 02 15:27:59 2008 => Scanning File C:\WINDOWS\system32\bthserv.dll

Wed Apr 02 15:27:59 2008 => Scanning File C:\WINDOWS\system32\btpanui.dll

Wed Apr 02 15:28:00 2008 => Scanning File C:\WINDOWS\system32\bubbles-ke2.ico

Wed Apr 02 15:28:00 2008 => Scanning File C:\WINDOWS\system32\bubbles-ki.ico

Wed Apr 02 15:28:00 2008 => Scanning File C:\WINDOWS\system32\BUTTER~1.log

Wed Apr 02 15:28:00 2008 => Scanning File C:\WINDOWS\system32\cabinet.dll

Wed Apr 02 15:28:00 2008 => Scanning File C:\WINDOWS\system32\cabview.dll

Wed Apr 02 15:28:00 2008 => Scanning File C:\WINDOWS\system32\cacls.exe

Wed Apr 02 15:28:00 2008 => Scanning File C:\WINDOWS\system32\camocx.dll

Wed Apr 02 15:28:00 2008 => Scanning File C:\WINDOWS\system32\capesnpn.dll

Wed Apr 02 15:28:00 2008 => Scanning File C:\WINDOWS\system32\capicom.dll

Wed Apr 02 15:28:01 2008 => Scanning File C:\WINDOWS\system32\cards.dll

Wed Apr 02 15:28:01 2008 => Scanning File C:\WINDOWS\system32\catsrv.dll

Wed Apr 02 15:28:01 2008 => Scanning File C:\WINDOWS\system32\catsrvps.dll

Wed Apr 02 15:28:01 2008 => Scanning File C:\WINDOWS\system32\catsrvut.dll

Wed Apr 02 15:28:01 2008 => Scanning File C:\WINDOWS\system32\ccfgnt.dll

Wed Apr 02 15:28:01 2008 => Scanning File C:\WINDOWS\system32\ccrpftv6.ocx

Wed Apr 02 15:28:02 2008 => Scanning File C:\WINDOWS\system32\cdfview.dll

Wed Apr 02 15:28:02 2008 => Scanning File C:\WINDOWS\system32\cdm.dll

Wed Apr 02 15:28:02 2008 => Scanning File C:\WINDOWS\system32\cdmodem.dll

Wed Apr 02 15:28:02 2008 => Scanning File C:\WINDOWS\system32\cdosys.dll

Wed Apr 02 15:28:02 2008 => Scanning File C:\WINDOWS\system32\cdplayer.exe.manifest

Wed Apr 02 15:28:02 2008 => Scanning File C:\WINDOWS\system32\cdral.dll

Wed Apr 02 15:28:02 2008 => Scanning File C:\WINDOWS\system32\cdrtc.dll

Wed Apr 02 15:28:03 2008 => Scanning File C:\WINDOWS\system32\certcli.dll

Wed Apr 02 15:28:03 2008 => Scanning File C:\WINDOWS\system32\certmgr.dll

Wed Apr 02 15:28:03 2008 => Scanning File C:\WINDOWS\system32\certmgr.msc

Wed Apr 02 15:28:03 2008 => Scanning File C:\WINDOWS\system32\cewmdm.dll

Wed Apr 02 15:28:03 2008 => Scanning File C:\WINDOWS\system32\cfgbkend.dll

Wed Apr 02 15:28:03 2008 => Scanning File C:\WINDOWS\system32\cfgmgr32.dll

Wed Apr 02 15:28:03 2008 => Scanning File C:\WINDOWS\system32\chajei.ime

Wed Apr 02 15:28:04 2008 => Scanning File C:\WINDOWS\system32\Chaînes.scf

Wed Apr 02 15:28:04 2008 => Scanning File C:\WINDOWS\system32\chcp.com

Wed Apr 02 15:28:04 2008 => Scanning File C:\WINDOWS\system32\chkdsk.exe

Wed Apr 02 15:28:04 2008 => Scanning File C:\WINDOWS\system32\chkntfs.exe

Wed Apr 02 15:28:04 2008 => Scanning File C:\WINDOWS\system32\chsbrkr.dll

Wed Apr 02 15:28:04 2008 => Scanning File C:\WINDOWS\system32\chtbrkr.dll

Wed Apr 02 15:28:04 2008 => Scanning File C:\WINDOWS\system32\ciadmin.dll

Wed Apr 02 15:28:04 2008 => Scanning File C:\WINDOWS\system32\ciadv.msc

Wed Apr 02 15:28:04 2008 => Scanning File C:\WINDOWS\system32\cic.dll

Wed Apr 02 15:28:05 2008 => Scanning File C:\WINDOWS\system32\cidaemon.exe

Wed Apr 02 15:28:05 2008 => Scanning File C:\WINDOWS\system32\ciodm.dll

Wed Apr 02 15:28:05 2008 => Scanning File C:\WINDOWS\system32\cisvc.exe

Wed Apr 02 15:28:05 2008 => Scanning File C:\WINDOWS\system32\ckcnv.exe

Wed Apr 02 15:28:05 2008 => Scanning File C:\WINDOWS\system32\clb.dll

Wed Apr 02 15:28:05 2008 => Scanning File C:\WINDOWS\system32\clbcatex.dll

Wed Apr 02 15:28:05 2008 => Scanning File C:\WINDOWS\system32\clbcatq.dll

Wed Apr 02 15:28:05 2008 => Scanning File C:\WINDOWS\system32\cleanmgr.exe

Wed Apr 02 15:28:05 2008 => Scanning File C:\WINDOWS\system32\cliconf.chm

Wed Apr 02 15:28:07 2008 => Scanning File C:\WINDOWS\system32\cliconfg.dll

Wed Apr 02 15:28:07 2008 => Scanning File C:\WINDOWS\system32\cliconfg.exe

Wed Apr 02 15:28:07 2008 => Scanning File C:\WINDOWS\system32\cliconfg.rll

Wed Apr 02 15:28:08 2008 => Scanning File C:\WINDOWS\system32\clipsrv.exe

Wed Apr 02 15:28:08 2008 => Scanning File C:\WINDOWS\system32\clspack.exe

Wed Apr 02 15:28:08 2008 => Scanning File C:\WINDOWS\system32\clusapi.dll

Wed Apr 02 15:28:08 2008 => Scanning File C:\WINDOWS\system32\cmcfg32.dll

Wed Apr 02 15:28:08 2008 => Scanning File C:\WINDOWS\system32\cmd.exe

Wed Apr 02 15:28:08 2008 => Scanning File C:\WINDOWS\system32\cmdial32.dll

Wed Apr 02 15:28:09 2008 => Scanning File C:\WINDOWS\system32\cmdl32.exe

Wed Apr 02 15:28:09 2008 => Scanning File C:\WINDOWS\system32\cmmgr32.hlp

Wed Apr 02 15:28:09 2008 => Scanning File C:\WINDOWS\system32\cmmon32.exe

Wed Apr 02 15:28:09 2008 => Scanning File C:\WINDOWS\system32\cmnprop.dll

Wed Apr 02 15:28:09 2008 => Scanning File C:\WINDOWS\system32\cmos.ram

Wed Apr 02 15:28:09 2008 => Scanning File C:\WINDOWS\system32\cmpbk32.dll

Wed Apr 02 15:28:09 2008 => Scanning File C:\WINDOWS\system32\cmprops.dll

Wed Apr 02 15:28:09 2008 => Scanning File C:\WINDOWS\system32\cmsetACL.dll

Wed Apr 02 15:28:09 2008 => Scanning File C:\WINDOWS\system32\cmstp.exe

Wed Apr 02 15:28:10 2008 => Scanning File C:\WINDOWS\system32\cmutil.dll

Wed Apr 02 15:28:10 2008 => Scanning File C:\WINDOWS\system32\CNBJHLP2.CNT

Wed Apr 02 15:28:10 2008 => Scanning File C:\WINDOWS\system32\CNBJHLP2.GID

Wed Apr 02 15:28:10 2008 => Scanning File C:\WINDOWS\system32\CNBJHLP2.HLP

Wed Apr 02 15:28:10 2008 => Scanning File C:\WINDOWS\system32\cnbjmon.dll

Wed Apr 02 15:28:10 2008 => Scanning File C:\WINDOWS\system32\CNBJMON2.DLL

Wed Apr 02 15:28:10 2008 => Scanning File C:\WINDOWS\system32\cnetcfg.dll

Wed Apr 02 15:28:10 2008 => Scanning File C:\WINDOWS\system32\cnvfat.dll

Wed Apr 02 15:28:10 2008 => Scanning File C:\WINDOWS\system32\coh.cache

Wed Apr 02 15:28:10 2008 => Scanning File C:\WINDOWS\system32\colbact.dll

Wed Apr 02 15:28:10 2008 => Scanning File C:\WINDOWS\system32\comaddin.dll

Wed Apr 02 15:28:10 2008 => Scanning File C:\WINDOWS\system32\comcat.dll

Wed Apr 02 15:28:10 2008 => Scanning File C:\WINDOWS\system32\comct232.ocx

Wed Apr 02 15:28:11 2008 => Scanning File C:\WINDOWS\system32\comctl32.dll

Wed Apr 02 15:28:11 2008 => Scanning File C:\WINDOWS\system32\COMCTL32.OCA

Wed Apr 02 15:28:11 2008 => Scanning File C:\WINDOWS\system32\comctl32.ocx

Wed Apr 02 15:28:11 2008 => Scanning File C:\WINDOWS\system32\comdlg32.dll

Wed Apr 02 15:28:11 2008 => Scanning File C:\WINDOWS\system32\COMDLG32.OCA

Wed Apr 02 15:28:11 2008 => Scanning File C:\WINDOWS\system32\comdlg32.ocx

Wed Apr 02 15:28:11 2008 => Scanning File C:\WINDOWS\system32\comm.drv

Wed Apr 02 15:28:11 2008 => Scanning File C:\WINDOWS\system32\command.com

Wed Apr 02 15:28:12 2008 => Scanning File C:\WINDOWS\system32\commdlg.dll

Wed Apr 02 15:28:12 2008 => Scanning File C:\WINDOWS\system32\comp.exe

Wed Apr 02 15:28:12 2008 => Scanning File C:\WINDOWS\system32\compact.exe

Wed Apr 02 15:28:12 2008 => Scanning File C:\WINDOWS\system32\compatUI.dll

Wed Apr 02 15:28:12 2008 => Scanning File C:\WINDOWS\system32\compmgmt.msc

Wed Apr 02 15:28:12 2008 => Scanning File C:\WINDOWS\system32\compobj.dll

Wed Apr 02 15:28:12 2008 => Scanning File C:\WINDOWS\system32\compstui.dll

Wed Apr 02 15:28:12 2008 => Scanning File C:\WINDOWS\system32\comrepl.dll

Wed Apr 02 15:28:13 2008 => Scanning File C:\WINDOWS\system32\comres.dll

Wed Apr 02 15:28:13 2008 => Scanning File C:\WINDOWS\system32\comsnap.dll

Wed Apr 02 15:28:13 2008 => Scanning File C:\WINDOWS\system32\comsvcs.dll

Wed Apr 02 15:28:13 2008 => Scanning File C:\WINDOWS\system32\comuid.dll

Wed Apr 02 15:28:13 2008 => Scanning File C:\WINDOWS\system32\Config.MPF

Wed Apr 02 15:28:13 2008 => Scanning File C:\WINDOWS\system32\CONFIG.NT

Wed Apr 02 15:28:13 2008 => Scanning File C:\WINDOWS\system32\CONFIG.TMP

Wed Apr 02 15:28:13 2008 => Scanning File C:\WINDOWS\system32\confmsp.dll

Wed Apr 02 15:28:14 2008 => Scanning File C:\WINDOWS\system32\conime.exe

Wed Apr 02 15:28:14 2008 => Scanning File C:\WINDOWS\system32\console.dll

Wed Apr 02 15:28:14 2008 => Scanning File C:\WINDOWS\system32\control.exe

Wed Apr 02 15:28:14 2008 => Scanning File C:\WINDOWS\system32\convert.exe

Wed Apr 02 15:28:14 2008 => Scanning File C:\WINDOWS\system32\corpol.dll

Wed Apr 02 15:28:14 2008 => Scanning File C:\WINDOWS\system32\country.sys

Wed Apr 02 15:28:14 2008 => Scanning File C:\WINDOWS\system32\credui.dll

Wed Apr 02 15:28:14 2008 => Scanning File C:\WINDOWS\system32\crtdll.dll

Wed Apr 02 15:28:15 2008 => Scanning File C:\WINDOWS\system32\crypt32(2).dll

Wed Apr 02 15:28:15 2008 => Scanning File C:\WINDOWS\system32\crypt32.dll

Wed Apr 02 15:28:15 2008 => Scanning File C:\WINDOWS\system32\cryptdlg.dll

Wed Apr 02 15:28:15 2008 => Scanning File C:\WINDOWS\system32\cryptdll.dll

Wed Apr 02 15:28:15 2008 => Scanning File C:\WINDOWS\system32\cryptext.dll

Wed Apr 02 15:28:15 2008 => Scanning File C:\WINDOWS\system32\cryptnet.dll

Wed Apr 02 15:28:15 2008 => Scanning File C:\WINDOWS\system32\cryptsvc.dll

Wed Apr 02 15:28:15 2008 => Scanning File C:\WINDOWS\system32\cryptui.dll

Wed Apr 02 15:28:15 2008 => Scanning File C:\WINDOWS\system32\cscdll.dll

Wed Apr 02 15:28:16 2008 => Scanning File C:\WINDOWS\system32\cscript.exe

Wed Apr 02 15:28:16 2008 => Scanning File C:\WINDOWS\system32\cscui.dll

Wed Apr 02 15:28:16 2008 => Scanning File C:\WINDOWS\system32\csrsrv.dll

Wed Apr 02 15:28:16 2008 => Scanning File C:\WINDOWS\system32\csrss.exe

Wed Apr 02 15:28:16 2008 => Scanning File C:\WINDOWS\system32\csseqchk.dll

Wed Apr 02 15:28:16 2008 => Scanning File C:\WINDOWS\system32\ctfmon.exe

Wed Apr 02 15:28:16 2008 => Scanning File C:\WINDOWS\system32\ctl3d32.dll

Wed Apr 02 15:28:16 2008 => Scanning File C:\WINDOWS\system32\ctl3dv2.dll

Wed Apr 02 15:28:16 2008 => Scanning File C:\WINDOWS\system32\ctype.nls

Wed Apr 02 15:28:16 2008 => Scanning File C:\WINDOWS\system32\cygregex.dll

Wed Apr 02 15:28:16 2008 => Scanning File C:\WINDOWS\system32\cygwin1.dll

Wed Apr 02 15:28:17 2008 => Scanning File C:\WINDOWS\system32\c_037.nls

Wed Apr 02 15:28:17 2008 => Scanning File C:\WINDOWS\system32\c_10000.nls

Wed Apr 02 15:28:17 2008 => Scanning File C:\WINDOWS\system32\c_10001.nls

Wed Apr 02 15:28:17 2008 => Scanning File C:\WINDOWS\system32\c_10002.nls

Wed Apr 02 15:28:17 2008 => Scanning File C:\WINDOWS\system32\c_10003.nls

Wed Apr 02 15:28:17 2008 => Scanning File C:\WINDOWS\system32\c_10006.nls

Wed Apr 02 15:28:17 2008 => Scanning File C:\WINDOWS\system32\c_10007.nls

Wed Apr 02 15:28:18 2008 => Scanning File C:\WINDOWS\system32\c_10008.nls

Wed Apr 02 15:28:18 2008 => Scanning File C:\WINDOWS\system32\c_10010.nls

Wed Apr 02 15:28:18 2008 => Scanning File C:\WINDOWS\system32\c_10017.nls

Wed Apr 02 15:28:18 2008 => Scanning File C:\WINDOWS\system32\c_10029.nls

Wed Apr 02 15:28:18 2008 => Scanning File C:\WINDOWS\system32\c_10079.nls

Wed Apr 02 15:28:18 2008 => Scanning File C:\WINDOWS\system32\c_10081.nls

Wed Apr 02 15:28:18 2008 => Scanning File C:\WINDOWS\system32\c_10082.nls

Wed Apr 02 15:28:18 2008 => Scanning File C:\WINDOWS\system32\c_1026.nls

Wed Apr 02 15:28:18 2008 => Scanning File C:\WINDOWS\system32\c_1250.nls

Wed Apr 02 15:28:18 2008 => Scanning File C:\WINDOWS\system32\c_1251.nls

Wed Apr 02 15:28:18 2008 => Scanning File C:\WINDOWS\system32\c_1252.nls

Wed Apr 02 15:28:18 2008 => Scanning File C:\WINDOWS\system32\c_1253.nls

Wed Apr 02 15:28:18 2008 => Scanning File C:\WINDOWS\system32\c_1254.nls

Wed Apr 02 15:28:18 2008 => Scanning File C:\WINDOWS\system32\c_1255.nls

Wed Apr 02 15:28:18 2008 => Scanning File C:\WINDOWS\system32\c_1256.nls

Wed Apr 02 15:28:18 2008 => Scanning File C:\WINDOWS\system32\c_1257.nls

Wed Apr 02 15:28:18 2008 => Scanning File C:\WINDOWS\system32\c_1258.nls

Wed Apr 02 15:28:18 2008 => Scanning File C:\WINDOWS\system32\c_1361.nls

Wed Apr 02 15:28:18 2008 => Scanning File C:\WINDOWS\system32\c_20000.nls

Wed Apr 02 15:28:18 2008 => Scanning File C:\WINDOWS\system32\c_20127.nls

Wed Apr 02 15:28:18 2008 => Scanning File C:\WINDOWS\system32\c_20261.nls

Wed Apr 02 15:28:18 2008 => Scanning File C:\WINDOWS\system32\c_20290.nls

Wed Apr 02 15:28:19 2008 => Scanning File C:\WINDOWS\system32\c_20866.nls

Wed Apr 02 15:28:19 2008 => Scanning File C:\WINDOWS\system32\c_20905.nls

Wed Apr 02 15:28:19 2008 => Scanning File C:\WINDOWS\system32\c_20932.nls

Wed Apr 02 15:28:19 2008 => Scanning File C:\WINDOWS\system32\c_20936.nls

Wed Apr 02 15:28:19 2008 => Scanning File C:\WINDOWS\system32\c_20949.nls

Wed Apr 02 15:28:19 2008 => Scanning File C:\WINDOWS\system32\c_21027.nls

Wed Apr 02 15:28:19 2008 => Scanning File C:\WINDOWS\system32\c_21866.nls

Wed Apr 02 15:28:19 2008 => Scanning File C:\WINDOWS\system32\c_28591.nls

Wed Apr 02 15:28:19 2008 => Scanning File C:\WINDOWS\system32\c_28592.nls

Wed Apr 02 15:28:19 2008 => Scanning File C:\WINDOWS\system32\c_28593.nls

Wed Apr 02 15:28:19 2008 => Scanning File C:\WINDOWS\system32\C_28594.NLS

Wed Apr 02 15:28:19 2008 => Scanning File C:\WINDOWS\system32\C_28595.NLS

Wed Apr 02 15:28:19 2008 => Scanning File C:\WINDOWS\system32\C_28597.NLS

Wed Apr 02 15:28:19 2008 => Scanning File C:\WINDOWS\system32\c_28598.nls

Wed Apr 02 15:28:19 2008 => Scanning File C:\WINDOWS\system32\c_28599.nls

Wed Apr 02 15:28:19 2008 => Scanning File C:\WINDOWS\system32\c_28603.nls

Wed Apr 02 15:28:19 2008 => Scanning File C:\WINDOWS\system32\c_28605.nls

Wed Apr 02 15:28:19 2008 => Scanning File C:\WINDOWS\system32\c_437.nls

Wed Apr 02 15:28:19 2008 => Scanning File C:\WINDOWS\system32\c_500.nls

Wed Apr 02 15:28:19 2008 => Scanning File C:\WINDOWS\system32\c_737.nls

Wed Apr 02 15:28:19 2008 => Scanning File C:\WINDOWS\system32\c_775.nls

Wed Apr 02 15:28:19 2008 => Scanning File C:\WINDOWS\system32\c_850.nls

Wed Apr 02 15:28:19 2008 => Scanning File C:\WINDOWS\system32\c_852.nls

Wed Apr 02 15:28:20 2008 => Scanning File C:\WINDOWS\system32\c_855.nls

Wed Apr 02 15:28:20 2008 => Scanning File C:\WINDOWS\system32\c_857.nls

Wed Apr 02 15:28:20 2008 => Scanning File C:\WINDOWS\system32\c_860.nls

Wed Apr 02 15:28:20 2008 => Scanning File C:\WINDOWS\system32\c_861.nls

Wed Apr 02 15:28:20 2008 => Scanning File C:\WINDOWS\system32\c_863.nls

Wed Apr 02 15:28:20 2008 => Scanning File C:\WINDOWS\system32\c_865.nls

Wed Apr 02 15:28:20 2008 => Scanning File C:\WINDOWS\system32\c_866.nls

Wed Apr 02 15:28:20 2008 => Scanning File C:\WINDOWS\system32\c_869.nls

Wed Apr 02 15:28:20 2008 => Scanning File C:\WINDOWS\system32\c_874.nls

Wed Apr 02 15:28:20 2008 => Scanning File C:\WINDOWS\system32\c_875.nls

Wed Apr 02 15:28:20 2008 => Scanning File C:\WINDOWS\system32\c_932.nls

Wed Apr 02 15:28:20 2008 => Scanning File C:\WINDOWS\system32\c_936.nls

Wed Apr 02 15:28:20 2008 => Scanning File C:\WINDOWS\system32\c_949.nls

Wed Apr 02 15:28:20 2008 => Scanning File C:\WINDOWS\system32\c_950.nls

Wed Apr 02 15:28:20 2008 => Scanning File C:\WINDOWS\system32\c_g18030.dll

Wed Apr 02 15:28:20 2008 => Scanning File C:\WINDOWS\system32\c_is2022.dll

Wed Apr 02 15:28:20 2008 => Scanning File C:\WINDOWS\system32\d3d8.dll

Wed Apr 02 15:28:21 2008 => Scanning File C:\WINDOWS\system32\d3d8thk.dll

Wed Apr 02 15:28:21 2008 => Scanning File C:\WINDOWS\system32\d3d9.dll

Wed Apr 02 15:28:21 2008 => Scanning File C:\WINDOWS\system32\d3dim.dll

Wed Apr 02 15:28:21 2008 => Scanning File C:\WINDOWS\system32\d3dim700.dll

Wed Apr 02 15:28:22 2008 => Scanning File C:\WINDOWS\system32\d3dpmesh.dll

Wed Apr 02 15:28:22 2008 => Scanning File C:\WINDOWS\system32\d3dramp.dll

Wed Apr 02 15:28:22 2008 => Scanning File C:\WINDOWS\system32\d3drm.dll

Wed Apr 02 15:28:23 2008 => Scanning File C:\WINDOWS\system32\d3dxof.dll

Wed Apr 02 15:28:23 2008 => Scanning File C:\WINDOWS\system32\danim.dll

Wed Apr 02 15:28:23 2008 => Scanning File C:\WINDOWS\system32\dataclen.dll

Wed Apr 02 15:28:23 2008 => Scanning File C:\WINDOWS\system32\datime.dll

Wed Apr 02 15:28:23 2008 => Scanning File C:\WINDOWS\system32\davclnt.dll

Wed Apr 02 15:28:24 2008 => Scanning File C:\WINDOWS\system32\daxctle.ocx

Wed Apr 02 15:28:24 2008 => Scanning File C:\WINDOWS\system32\dayi.ime

Wed Apr 02 15:28:24 2008 => Scanning File C:\WINDOWS\system32\dayiphr.tbl

Wed Apr 02 15:28:24 2008 => Scanning File C:\WINDOWS\system32\dayiptr.tbl

Wed Apr 02 15:28:24 2008 => Scanning File C:\WINDOWS\system32\DBCLIENT.DLL

Wed Apr 02 15:28:24 2008 => Scanning File C:\WINDOWS\system32\dbgeng.dll

Wed Apr 02 15:28:24 2008 => Scanning File C:\WINDOWS\system32\dbghelp.dll

Wed Apr 02 15:28:25 2008 => Scanning File C:\WINDOWS\system32\dbmsadsn.dll

Wed Apr 02 15:28:25 2008 => Scanning File C:\WINDOWS\system32\dbmsrpcn.dll

Wed Apr 02 15:28:25 2008 => Scanning File C:\WINDOWS\system32\dbmsvin.dll

Wed Apr 02 15:28:25 2008 => Scanning File C:\WINDOWS\system32\dbmsvinn.dLL

Wed Apr 02 15:28:25 2008 => Scanning File C:\WINDOWS\system32\dbnetlib.dll

Wed Apr 02 15:28:25 2008 => Scanning File C:\WINDOWS\system32\dbnmpntw.dll

Wed Apr 02 15:28:25 2008 => Scanning File C:\WINDOWS\system32\Dcache.bin

Wed Apr 02 15:28:26 2008 => Scanning File C:\WINDOWS\system32\dciman32.dll

Wed Apr 02 15:28:26 2008 => Scanning File C:\WINDOWS\system32\dcomcnfg.exe

Wed Apr 02 15:28:26 2008 => Scanning File C:\WINDOWS\system32\DDAO36.DLL

Wed Apr 02 15:28:26 2008 => Scanning File C:\WINDOWS\system32\ddeml.dll

Wed Apr 02 15:28:26 2008 => Scanning File C:\WINDOWS\system32\ddeshare.exe

Wed Apr 02 15:28:26 2008 => Scanning File C:\WINDOWS\system32\ddraw.dll

Wed Apr 02 15:28:27 2008 => Scanning File C:\WINDOWS\system32\ddrawex.dll

Wed Apr 02 15:28:27 2008 => Scanning File C:\WINDOWS\system32\debug.exe

Wed Apr 02 15:28:27 2008 => Scanning File C:\WINDOWS\system32\declrds.ax

Wed Apr 02 15:28:27 2008 => Scanning File C:\WINDOWS\system32\defrag.exe

Wed Apr 02 15:28:27 2008 => Scanning File C:\WINDOWS\system32\desk.cpl

Wed Apr 02 15:28:27 2008 => Scanning File C:\WINDOWS\system32\deskadp.dll

Wed Apr 02 15:28:27 2008 => Scanning File C:\WINDOWS\system32\deskmon.dll

Wed Apr 02 15:28:27 2008 => Scanning File C:\WINDOWS\system32\deskperf.dll

Wed Apr 02 15:28:27 2008 => Scanning File C:\WINDOWS\system32\desktop.ini

Wed Apr 02 15:28:27 2008 => Scanning File C:\WINDOWS\system32\devenum.dll

Wed Apr 02 15:28:28 2008 => Scanning File C:\WINDOWS\system32\devmgmt.msc

Wed Apr 02 15:28:28 2008 => Scanning File C:\WINDOWS\system32\devmgr.dll

Wed Apr 02 15:28:28 2008 => Scanning File C:\WINDOWS\system32\dfrg.msc

Wed Apr 02 15:28:28 2008 => Scanning File C:\WINDOWS\system32\dfrgfat.exe

Wed Apr 02 15:28:28 2008 => Scanning File C:\WINDOWS\system32\dfrgntfs.exe

Wed Apr 02 15:28:28 2008 => Scanning File C:\WINDOWS\system32\dfrgres.dll

Wed Apr 02 15:28:28 2008 => Scanning File C:\WINDOWS\system32\dfrgsnap.dll

Wed Apr 02 15:28:28 2008 => Scanning File C:\WINDOWS\system32\dfrgui.dll

Wed Apr 02 15:28:29 2008 => Scanning File C:\WINDOWS\system32\dfshim.dll

Wed Apr 02 15:28:29 2008 => Scanning File C:\WINDOWS\system32\dfsshlex.dll

Wed Apr 02 15:28:29 2008 => Scanning File C:\WINDOWS\system32\dgnet.dll

Wed Apr 02 15:28:29 2008 => Scanning File C:\WINDOWS\system32\dgrpsetu.dll

Wed Apr 02 15:28:29 2008 => Scanning File C:\WINDOWS\system32\dgsetup.dll

Wed Apr 02 15:28:29 2008 => Scanning File C:\WINDOWS\system32\dhcpcsvc.dll

Wed Apr 02 15:28:30 2008 => Scanning File C:\WINDOWS\system32\dhcpmon.dll

Wed Apr 02 15:28:30 2008 => Scanning File C:\WINDOWS\system32\dhcpsapi.dll

Wed Apr 02 15:28:30 2008 => Scanning File C:\WINDOWS\system32\diactfrm.dll

Wed Apr 02 15:28:30 2008 => Scanning File C:\WINDOWS\system32\diantz.exe

Wed Apr 02 15:28:30 2008 => Scanning File C:\WINDOWS\system32\digest.dll

Wed Apr 02 15:28:30 2008 => Scanning File C:\WINDOWS\system32\dimap.dll

Wed Apr 02 15:28:31 2008 => Scanning File C:\WINDOWS\system32\dinput.dll

Wed Apr 02 15:28:31 2008 => Scanning File C:\WINDOWS\system32\dinput8.dll

Wed Apr 02 15:28:31 2008 => Scanning File C:\WINDOWS\system32\diskcomp.com

Wed Apr 02 15:28:31 2008 => Scanning File C:\WINDOWS\system32\diskcopy.com

Wed Apr 02 15:28:31 2008 => Scanning File C:\WINDOWS\system32\diskcopy.dll

Wed Apr 02 15:28:31 2008 => Scanning File C:\WINDOWS\system32\diskmgmt.msc

Wed Apr 02 15:28:31 2008 => Scanning File C:\WINDOWS\system32\diskpart.exe

Wed Apr 02 15:28:32 2008 => Scanning File C:\WINDOWS\system32\diskperf.exe

Wed Apr 02 15:28:32 2008 => Scanning File C:\WINDOWS\system32\dispex.dll

Wed Apr 02 15:28:32 2008 => Scanning File C:\WINDOWS\system32\dllhost.exe

Wed Apr 02 15:28:32 2008 => Scanning File C:\WINDOWS\system32\dllhst3g.exe

Wed Apr 02 15:28:32 2008 => Scanning File C:\WINDOWS\system32\dmadmin.exe

Wed Apr 02 15:28:32 2008 => Scanning File C:\WINDOWS\system32\dmband.dll

Wed Apr 02 15:28:32 2008 => Scanning File C:\WINDOWS\system32\dmcompos.dll

Wed Apr 02 15:28:32 2008 => Scanning File C:\WINDOWS\system32\dmconfig.dll

Wed Apr 02 15:28:33 2008 => Scanning File C:\WINDOWS\system32\dmdlgs.dll

Wed Apr 02 15:28:33 2008 => Scanning File C:\WINDOWS\system32\dmdskmgr.dll

Wed Apr 02 15:28:33 2008 => Scanning File C:\WINDOWS\system32\dmdskres.dll

Wed Apr 02 15:28:33 2008 => Scanning File C:\WINDOWS\system32\dmime.dll

Wed Apr 02 15:28:34 2008 => Scanning File C:\WINDOWS\system32\dmintf.dll

Wed Apr 02 15:28:34 2008 => Scanning File C:\WINDOWS\system32\dmloader.dll

Wed Apr 02 15:28:34 2008 => Scanning File C:\WINDOWS\system32\dmocx.dll

Wed Apr 02 15:28:34 2008 => Scanning File C:\WINDOWS\system32\dmremote.exe

Wed Apr 02 15:28:34 2008 => Scanning File C:\WINDOWS\system32\dmscript.dll

Wed Apr 02 15:28:34 2008 => Scanning File C:\WINDOWS\system32\dmserver.dll

Wed Apr 02 15:28:34 2008 => Scanning File C:\WINDOWS\system32\dmstyle.dll

Wed Apr 02 15:28:34 2008 => Scanning File C:\WINDOWS\system32\dmsynth.dll

Wed Apr 02 15:28:35 2008 => Scanning File C:\WINDOWS\system32\dmusic.dll

Wed Apr 02 15:28:35 2008 => Scanning File C:\WINDOWS\system32\dmutil.dll

Wed Apr 02 15:28:35 2008 => Scanning File C:\WINDOWS\system32\dmview.ocx

Wed Apr 02 15:28:35 2008 => Scanning File C:\WINDOWS\system32\dnsapi.dll

Wed Apr 02 15:28:35 2008 => Scanning File C:\WINDOWS\system32\dnsrslvr.dll

Wed Apr 02 15:28:35 2008 => Scanning File C:\WINDOWS\system32\docprop.dll

Wed Apr 02 15:28:35 2008 => Scanning File C:\WINDOWS\system32\docprop2.dll

Wed Apr 02 15:28:35 2008 => Scanning File C:\WINDOWS\system32\doskey.exe

Wed Apr 02 15:28:35 2008 => Scanning File C:\WINDOWS\system32\dosx.exe

Wed Apr 02 15:28:35 2008 => Scanning File C:\WINDOWS\system32\dpcdll.dll

Wed Apr 02 15:28:36 2008 => Scanning File C:\WINDOWS\system32\dplay.dll

Wed Apr 02 15:28:36 2008 => Scanning File C:\WINDOWS\system32\dplaysvr.exe

Wed Apr 02 15:28:36 2008 => Scanning File C:\WINDOWS\system32\dplayx.dll

Wed Apr 02 15:28:36 2008 => Scanning File C:\WINDOWS\system32\dpmodemx.dll

Wed Apr 02 15:28:36 2008 => Scanning File C:\WINDOWS\system32\dpnaddr.dll

Wed Apr 02 15:28:36 2008 => Scanning File C:\WINDOWS\system32\dpnet.dll

Wed Apr 02 15:28:36 2008 => Scanning File C:\WINDOWS\system32\dpnhpast.dll

Wed Apr 02 15:28:37 2008 => Scanning File C:\WINDOWS\system32\dpnhupnp.dll

Wed Apr 02 15:28:37 2008 => Scanning File C:\WINDOWS\system32\dpnlobby.dll

Wed Apr 02 15:28:37 2008 => Scanning File C:\WINDOWS\system32\dpnmodem.dll

Wed Apr 02 15:28:37 2008 => Scanning File C:\WINDOWS\system32\dpnsvr.exe

Wed Apr 02 15:28:37 2008 => Scanning File C:\WINDOWS\system32\dpnwsock.dll

Wed Apr 02 15:28:37 2008 => Scanning File C:\WINDOWS\system32\dpserial.dll

Wed Apr 02 15:28:37 2008 => Scanning File C:\WINDOWS\system32\dpvacm.dll

Wed Apr 02 15:28:37 2008 => Scanning File C:\WINDOWS\system32\dpvoice.dll

Wed Apr 02 15:28:37 2008 => Scanning File C:\WINDOWS\system32\dpvsetup.exe

Wed Apr 02 15:28:38 2008 => Scanning File C:\WINDOWS\system32\dpvvox.dll

Wed Apr 02 15:28:38 2008 => Scanning File C:\WINDOWS\system32\dpwsock.dll

Wed Apr 02 15:28:38 2008 => Scanning File C:\WINDOWS\system32\dpwsockx.dll

Wed Apr 02 15:28:38 2008 => Scanning File C:\WINDOWS\system32\drmclien.dll

Wed Apr 02 15:28:38 2008 => Scanning File C:\WINDOWS\system32\DRMServer.exe

Wed Apr 02 15:28:38 2008 => Scanning File C:\WINDOWS\system32\drmstor.dll

Wed Apr 02 15:28:38 2008 => Scanning File C:\WINDOWS\system32\drmupgds.exe

Wed Apr 02 15:28:39 2008 => Scanning File C:\WINDOWS\system32\drmv2clt.dll

Wed Apr 02 15:28:39 2008 => Scanning File C:\WINDOWS\system32\drprov.dll

Wed Apr 02 15:28:39 2008 => Scanning File C:\WINDOWS\system32\drwatson.exe

Wed Apr 02 15:28:39 2008 => Scanning File C:\WINDOWS\system32\drwtsn32.exe

Wed Apr 02 15:28:39 2008 => Scanning File C:\WINDOWS\system32\ds16gt.dLL

Wed Apr 02 15:28:39 2008 => Scanning File C:\WINDOWS\system32\ds32gt.dll

Wed Apr 02 15:28:39 2008 => Scanning File C:\WINDOWS\system32\dsauth.dll

Wed Apr 02 15:28:40 2008 => Scanning File C:\WINDOWS\system32\dsdmo.dll

Wed Apr 02 15:28:40 2008 => Scanning File C:\WINDOWS\system32\dsdmoprp.dll

Wed Apr 02 15:28:40 2008 => Scanning File C:\WINDOWS\system32\dskquota.dll

Wed Apr 02 15:28:40 2008 => Scanning File C:\WINDOWS\system32\dskquoui.dll

Wed Apr 02 15:28:40 2008 => Scanning File C:\WINDOWS\system32\dsound.dll

Wed Apr 02 15:28:40 2008 => Scanning File C:\WINDOWS\system32\dsound.vxd

Wed Apr 02 15:28:40 2008 => Scanning File C:\WINDOWS\system32\dsound3d.dll

Wed Apr 02 15:28:41 2008 => Scanning File C:\WINDOWS\system32\dsprop.dll

Wed Apr 02 15:28:41 2008 => Scanning File C:\WINDOWS\system32\dsprpres.dll

Wed Apr 02 15:28:41 2008 => Scanning File C:\WINDOWS\system32\dsquery.dll

Wed Apr 02 15:28:41 2008 => Scanning File C:\WINDOWS\system32\dssec.dat

Wed Apr 02 15:28:41 2008 => Scanning File C:\WINDOWS\system32\dssec.dll

Wed Apr 02 15:28:42 2008 => Scanning File C:\WINDOWS\system32\dssenh.dll

Wed Apr 02 15:28:42 2008 => Scanning File C:\WINDOWS\system32\dsuiext.dll

Wed Apr 02 15:28:42 2008 => Scanning File C:\WINDOWS\system32\dswave.dll

Wed Apr 02 15:28:42 2008 => Scanning File C:\WINDOWS\system32\dtu_fr.qm

Wed Apr 02 15:28:42 2008 => Scanning File C:\WINDOWS\system32\dumprep.exe

Wed Apr 02 15:28:42 2008 => Scanning File C:\WINDOWS\system32\duser.dll

Wed Apr 02 15:28:42 2008 => Scanning File C:\WINDOWS\system32\dvdplay.exe

Wed Apr 02 15:28:42 2008 => Scanning File C:\WINDOWS\system32\dvdupgrd.exe

Wed Apr 02 15:28:42 2008 => Scanning File C:\WINDOWS\system32\dwwin.exe

Wed Apr 02 15:28:43 2008 => Scanning File C:\WINDOWS\system32\dx3j.dll

Wed Apr 02 15:28:43 2008 => Scanning File C:\WINDOWS\system32\dx7vb.dll

Wed Apr 02 15:28:43 2008 => Scanning File C:\WINDOWS\system32\dx8vb.dll

Wed Apr 02 15:28:43 2008 => Scanning File C:\WINDOWS\system32\dxdiag.exe

Wed Apr 02 15:28:44 2008 => Scanning File C:\WINDOWS\system32\dxdiagn.dll

Wed Apr 02 15:28:44 2008 => Scanning File C:\WINDOWS\system32\dxmasf.dll

Wed Apr 02 15:28:44 2008 => Scanning File C:\WINDOWS\system32\dxtmsft.dll

Wed Apr 02 15:28:45 2008 => Scanning File C:\WINDOWS\system32\dxtmsft3.dll

Wed Apr 02 15:28:45 2008 => Scanning File C:\WINDOWS\system32\dxtrans.dll

Wed Apr 02 15:28:45 2008 => Scanning File C:\WINDOWS\system32\edb500.dll

Wed Apr 02 15:28:45 2008 => Scanning File C:\WINDOWS\system32\edit.com

Wed Apr 02 15:28:45 2008 => Scanning File C:\WINDOWS\system32\edit.hlp

Wed Apr 02 15:28:45 2008 => Scanning File C:\WINDOWS\system32\edlin.exe

Wed Apr 02 15:28:45 2008 => Scanning File C:\WINDOWS\system32\ega.cpi

Wed Apr 02 15:28:46 2008 => Scanning File C:\WINDOWS\system32\els.dll

Wed Apr 02 15:28:46 2008 => Scanning File C:\WINDOWS\system32\emptyregdb.dat

Wed Apr 02 15:28:46 2008 => Scanning File C:\WINDOWS\system32\encapi.dll

Wed Apr 02 15:28:46 2008 => Scanning File C:\WINDOWS\system32\encdec.dll

Wed Apr 02 15:28:46 2008 => Scanning File C:\WINDOWS\system32\EPPICLocal_BP.cfg

Wed Apr 02 15:28:46 2008 => Scanning File C:\WINDOWS\system32\EPPICLocal_CF.cfg

Wed Apr 02 15:28:46 2008 => Scanning File C:\WINDOWS\system32\EPPICLocal_DU.cfg

Wed Apr 02 15:28:46 2008 => Scanning File C:\WINDOWS\system32\EPPICLocal_EN.cfg

Wed Apr 02 15:28:46 2008 => Scanning File C:\WINDOWS\system32\EPPICLocal_ES.cfg

Wed Apr 02 15:28:46 2008 => Scanning File C:\WINDOWS\system32\EPPICLocal_FR.cfg

Wed Apr 02 15:28:46 2008 => Scanning File C:\WINDOWS\system32\EPPICLocal_GE.cfg

Wed Apr 02 15:28:46 2008 => Scanning File C:\WINDOWS\system32\EPPICLocal_IT.cfg

Wed Apr 02 15:28:46 2008 => Scanning File C:\WINDOWS\system32\EPPICLocal_KO.cfg

Wed Apr 02 15:28:46 2008 => Scanning File C:\WINDOWS\system32\EPPICLocal_PT.cfg

Wed Apr 02 15:28:46 2008 => Scanning File C:\WINDOWS\system32\EPPICLocal_RU.cfg

Wed Apr 02 15:28:46 2008 => Scanning File C:\WINDOWS\system32\EPPICLocal_SC.cfg

Wed Apr 02 15:28:46 2008 => Scanning File C:\WINDOWS\system32\EPPICLocal_TC.cfg

Wed Apr 02 15:28:47 2008 => Scanning File C:\WINDOWS\system32\EPPicMgr.dll

Wed Apr 02 15:28:47 2008 => Scanning File C:\WINDOWS\system32\EPPICPattern1.dat

Wed Apr 02 15:28:47 2008 => Scanning File C:\WINDOWS\system32\EPPICPattern121.dat

Wed Apr 02 15:28:47 2008 => Scanning File C:\WINDOWS\system32\EPPICPattern131.dat

Wed Apr 02 15:28:47 2008 => Scanning File C:\WINDOWS\system32\EPPICPattern2.dat

Wed Apr 02 15:28:47 2008 => Scanning File C:\WINDOWS\system32\EPPICPattern3.dat

Wed Apr 02 15:28:47 2008 => Scanning File C:\WINDOWS\system32\EPPICPattern4.dat

Wed Apr 02 15:28:47 2008 => Scanning File C:\WINDOWS\system32\EPPICPattern5.dat

Wed Apr 02 15:28:47 2008 => Scanning File C:\WINDOWS\system32\EPPICPattern6.dat

Wed Apr 02 15:28:47 2008 => Scanning File C:\WINDOWS\system32\EPPICPresetData_BP.dat

Wed Apr 02 15:28:47 2008 => Scanning File C:\WINDOWS\system32\EPPICPresetData_CF.dat

Wed Apr 02 15:28:47 2008 => Scanning File C:\WINDOWS\system32\EPPICPresetData_DU.dat

Wed Apr 02 15:28:47 2008 => Scanning File C:\WINDOWS\system32\EPPICPresetData_EN.dat

Wed Apr 02 15:28:47 2008 => Scanning File C:\WINDOWS\system32\EPPICPresetData_ES.dat

Wed Apr 02 15:28:47 2008 => Scanning File C:\WINDOWS\system32\EPPICPresetData_FR.dat

Wed Apr 02 15:28:47 2008 => Scanning File C:\WINDOWS\system32\EPPICPresetData_GE.dat

Wed Apr 02 15:28:47 2008 => Scanning File C:\WINDOWS\system32\EPPICPresetData_IT.dat

Wed Apr 02 15:28:47 2008 => Scanning File C:\WINDOWS\system32\EPPICPresetData_PT.dat

Wed Apr 02 15:28:47 2008 => Scanning File C:\WINDOWS\system32\EPPICPrinterDB.dat

Wed Apr 02 15:28:47 2008 => Scanning File C:\WINDOWS\system32\EpPicPrt.dll

Wed Apr 02 15:28:48 2008 => Scanning File C:\WINDOWS\system32\EqnClass.Dll

Wed Apr 02 15:28:48 2008 => Scanning File C:\WINDOWS\system32\ersvc.dll

Wed Apr 02 15:28:48 2008 => Scanning File C:\WINDOWS\system32\es.dll

Wed Apr 02 15:28:48 2008 => Scanning File C:\WINDOWS\system32\esccmd.dll

Wed Apr 02 15:28:48 2008 => Scanning File C:\WINDOWS\system32\escimgd.dll

Wed Apr 02 15:28:48 2008 => Scanning File C:\WINDOWS\system32\escwiad.dll

Wed Apr 02 15:28:48 2008 => Scanning File C:\WINDOWS\system32\esent.dll

Wed Apr 02 15:28:48 2008 => Scanning File C:\WINDOWS\system32\esent97.dll

Wed Apr 02 15:28:49 2008 => Scanning File C:\WINDOWS\system32\esentprf.dll

Wed Apr 02 15:28:49 2008 => Scanning File C:\WINDOWS\system32\esentprf.hxx

Wed Apr 02 15:28:49 2008 => Scanning File C:\WINDOWS\system32\esentprf.ini

Wed Apr 02 15:28:49 2008 => Scanning File C:\WINDOWS\system32\esentutl.exe

Wed Apr 02 15:28:49 2008 => Scanning File C:\WINDOWS\system32\eudcedit.exe

Wed Apr 02 15:28:49 2008 => Scanning File C:\WINDOWS\system32\eula.txt

Wed Apr 02 15:28:49 2008 => Scanning File C:\WINDOWS\system32\eventcls.dll

Wed Apr 02 15:28:49 2008 => Scanning File C:\WINDOWS\system32\eventlog.dll

Wed Apr 02 15:28:50 2008 => Scanning File C:\WINDOWS\system32\eventvwr.exe

Wed Apr 02 15:28:50 2008 => Scanning File C:\WINDOWS\system32\eventvwr.msc

Wed Apr 02 15:28:50 2008 => Scanning File C:\WINDOWS\system32\exe2bin.exe

Wed Apr 02 15:28:50 2008 => Scanning File C:\WINDOWS\system32\expand.exe

Wed Apr 02 15:28:50 2008 => Scanning File C:\WINDOWS\system32\expsrv.dll

Wed Apr 02 15:28:50 2008 => Scanning File C:\WINDOWS\system32\EXSEC32.DLL

Wed Apr 02 15:28:50 2008 => Scanning File C:\WINDOWS\system32\extmgr.dll

Wed Apr 02 15:28:50 2008 => Scanning File C:\WINDOWS\system32\extrac32.exe

Wed Apr 02 15:28:51 2008 => Scanning File C:\WINDOWS\system32\exts.dll

Wed Apr 02 15:28:51 2008 => Scanning File C:\WINDOWS\system32\E_DCINST.DLL

Wed Apr 02 15:28:51 2008 => Scanning File C:\WINDOWS\system32\E_FD4BBEE.DLL

Wed Apr 02 15:28:51 2008 => Scanning File C:\WINDOWS\system32\E_FLBBEE.DLL

Wed Apr 02 15:28:51 2008 => Scanning File C:\WINDOWS\system32\f3ahvoas.dll

Wed Apr 02 15:28:51 2008 => Scanning File C:\WINDOWS\system32\fastopen.exe

Wed Apr 02 15:28:51 2008 => Scanning File C:\WINDOWS\system32\faultrep.dll

Wed Apr 02 15:28:51 2008 => Scanning File C:\WINDOWS\system32\faxpatch.exe

Wed Apr 02 15:28:52 2008 => Scanning File C:\WINDOWS\system32\fc.exe

Wed Apr 02 15:28:52 2008 => Scanning File C:\WINDOWS\system32\feclient.dll

Wed Apr 02 15:28:52 2008 => Scanning File C:\WINDOWS\system32\filemgmt.dll

Wed Apr 02 15:28:52 2008 => Scanning File C:\WINDOWS\system32\find.exe

Wed Apr 02 15:28:52 2008 => Scanning File C:\WINDOWS\system32\findstr.exe

Wed Apr 02 15:28:52 2008 => Scanning File C:\WINDOWS\system32\finger.exe

Wed Apr 02 15:28:52 2008 => Scanning File C:\WINDOWS\system32\FireDaemon.exe.xpx

Wed Apr 02 15:28:52 2008 => File C:\WINDOWS\system32\FireDaemon.exe.xpx tagged as not-a-virus:RemoteAdmin.Win32.RA.3826. No Action Taken.

 

Wed Apr 02 15:28:52 2008 => Scanning File C:\WINDOWS\system32\firewall.cpl

Wed Apr 02 15:28:53 2008 => Scanning File C:\WINDOWS\system32\fixmapi.exe

Wed Apr 02 15:28:53 2008 => Scanning File C:\WINDOWS\system32\fldrclnr.dll

Wed Apr 02 15:28:53 2008 => Scanning File C:\WINDOWS\system32\fltlib.dll

Wed Apr 02 15:28:53 2008 => Scanning File C:\WINDOWS\system32\fltmc.exe

Wed Apr 02 15:28:53 2008 => Scanning File C:\WINDOWS\system32\FM20.DLL

Wed Apr 02 15:28:53 2008 => Scanning File C:\WINDOWS\system32\FM20FRA.DLL

Wed Apr 02 15:28:53 2008 => Scanning File C:\WINDOWS\system32\fmifs.dll

Wed Apr 02 15:28:53 2008 => Scanning File C:\WINDOWS\system32\fnfilter.dll

Wed Apr 02 15:28:54 2008 => Scanning File C:\WINDOWS\system32\FNTCACHE.DAT

Wed Apr 02 15:28:54 2008 => Scanning File C:\WINDOWS\system32\fontext.dll

Wed Apr 02 15:28:54 2008 => Scanning File C:\WINDOWS\system32\fontsub.dll

Wed Apr 02 15:28:54 2008 => Scanning File C:\WINDOWS\system32\fontview.exe

Wed Apr 02 15:28:54 2008 => Scanning File C:\WINDOWS\system32\forcedos.exe

Wed Apr 02 15:28:54 2008 => Scanning File C:\WINDOWS\system32\format.com

Wed Apr 02 15:28:54 2008 => Scanning File C:\WINDOWS\system32\framebuf.dll

Wed Apr 02 15:28:54 2008 => Scanning File C:\WINDOWS\system32\fsmgmt.msc

Wed Apr 02 15:28:54 2008 => Scanning File C:\WINDOWS\system32\fsquirt.exe

Wed Apr 02 15:28:55 2008 => Scanning File C:\WINDOWS\system32\fsusd.dll

Wed Apr 02 15:28:55 2008 => Scanning File C:\WINDOWS\system32\fsutil.exe

Wed Apr 02 15:28:55 2008 => Scanning File C:\WINDOWS\system32\ftp.exe

Wed Apr 02 15:28:55 2008 => Scanning File C:\WINDOWS\system32\FTRTSVC.exe

Wed Apr 02 15:28:55 2008 => Scanning File C:\WINDOWS\system32\ftsrch.dll

Wed Apr 02 15:28:55 2008 => Scanning File C:\WINDOWS\system32\fwcfg.dll

Wed Apr 02 15:28:55 2008 => Scanning File C:\WINDOWS\system32\g711codc.ax

Wed Apr 02 15:28:55 2008 => Scanning File C:\WINDOWS\system32\gcdef.dll

Wed Apr 02 15:28:56 2008 => Scanning File C:\WINDOWS\system32\gdi.exe

Wed Apr 02 15:28:56 2008 => Scanning File C:\WINDOWS\system32\gdi32.dll

Wed Apr 02 15:28:56 2008 => Scanning File C:\WINDOWS\system32\gdiplus.dll

Wed Apr 02 15:28:56 2008 => Scanning File C:\WINDOWS\system32\geo.nls

Wed Apr 02 15:28:56 2008 => Scanning File C:\WINDOWS\system32\getfile.dat

Wed Apr 02 15:28:56 2008 => Scanning File C:\WINDOWS\system32\glmf32.dll

Wed Apr 02 15:28:56 2008 => Scanning File C:\WINDOWS\system32\glu32.dll

Wed Apr 02 15:28:56 2008 => Scanning File C:\WINDOWS\system32\gpkcsp.dll

Wed Apr 02 15:28:57 2008 => Scanning File C:\WINDOWS\system32\gpkrsrc.dll

Wed Apr 02 15:28:57 2008 => Scanning File C:\WINDOWS\system32\graftabl.com

Wed Apr 02 15:28:57 2008 => Scanning File C:\WINDOWS\system32\graphics.com

Wed Apr 02 15:28:57 2008 => Scanning File C:\WINDOWS\system32\graphics.pro

Wed Apr 02 15:28:57 2008 => Scanning File C:\WINDOWS\system32\grpconv.exe

Wed Apr 02 15:28:57 2008 => Scanning File C:\WINDOWS\system32\h323.tsp

Wed Apr 02 15:28:57 2008 => Scanning File C:\WINDOWS\system32\h323log.txt [**]

Wed Apr 02 15:28:57 2008 => Scanning File C:\WINDOWS\system32\h323msp.dll

Wed Apr 02 15:28:57 2008 => Scanning File C:\WINDOWS\system32\hal.dll

Wed Apr 02 15:28:58 2008 => Scanning File C:\WINDOWS\system32\hccoin.dll

Wed Apr 02 15:28:58 2008 => Scanning File C:\WINDOWS\system32\hdwwiz.cpl

Wed Apr 02 15:28:58 2008 => Scanning File C:\WINDOWS\system32\help.exe

Wed Apr 02 15:28:58 2008 => Scanning File C:\WINDOWS\system32\hhctrl.ocx

Wed Apr 02 15:28:58 2008 => Scanning File C:\WINDOWS\system32\hhsetup.dll

Wed Apr 02 15:28:58 2008 => Scanning File C:\WINDOWS\system32\hid.dll

Wed Apr 02 15:28:58 2008 => Scanning File C:\WINDOWS\system32\hidphone.tsp

Wed Apr 02 15:28:58 2008 => Scanning File C:\WINDOWS\system32\himem.sys

Wed Apr 02 15:28:58 2008 => Scanning File C:\WINDOWS\system32\hlink.dll

Wed Apr 02 15:28:59 2008 => Scanning File C:\WINDOWS\system32\hnetcfg.dll

Wed Apr 02 15:28:59 2008 => Scanning File C:\WINDOWS\system32\hnetmon.dll

Wed Apr 02 15:28:59 2008 => Scanning File C:\WINDOWS\system32\hnetwiz.dll

Wed Apr 02 15:28:59 2008 => Scanning File C:\WINDOWS\system32\homepage.inf

Wed Apr 02 15:28:59 2008 => Scanning File C:\WINDOWS\system32\hostname.exe

Wed Apr 02 15:28:59 2008 => Scanning File C:\WINDOWS\system32\hotplug.dll

Wed Apr 02 15:28:59 2008 => Scanning File C:\WINDOWS\system32\hsfcisp2.dll

Wed Apr 02 15:28:59 2008 => Scanning File C:\WINDOWS\system32\hticons.dll

Wed Apr 02 15:28:59 2008 => Scanning File C:\WINDOWS\system32\html.iec

Wed Apr 02 15:29:00 2008 => Scanning File C:\WINDOWS\system32\httpapi.dll

Wed Apr 02 15:29:00 2008 => Scanning File C:\WINDOWS\system32\htui.dll

Wed Apr 02 15:29:00 2008 => Scanning File C:\WINDOWS\system32\hypertrm.dll

Wed Apr 02 15:29:00 2008 => Scanning File C:\WINDOWS\system32\iac25_32.ax

Wed Apr 02 15:29:00 2008 => Scanning File C:\WINDOWS\system32\iasacct.dll

Wed Apr 02 15:29:01 2008 => Scanning File C:\WINDOWS\system32\iasads.dll

Wed Apr 02 15:29:01 2008 => Scanning File C:\WINDOWS\system32\iashlpr.dll

Wed Apr 02 15:29:01 2008 => Scanning File C:\WINDOWS\system32\iasnap.dll

Wed Apr 02 15:29:01 2008 => Scanning File C:\WINDOWS\system32\iaspolcy.dll

Wed Apr 02 15:29:01 2008 => Scanning File C:\WINDOWS\system32\iasrad.dll

Wed Apr 02 15:29:01 2008 => Scanning File C:\WINDOWS\system32\iasrecst.dll

Wed Apr 02 15:29:01 2008 => Scanning File C:\WINDOWS\system32\iassam.dll

Wed Apr 02 15:29:02 2008 => Scanning File C:\WINDOWS\system32\iassdo.dll

Wed Apr 02 15:29:02 2008 => Scanning File C:\WINDOWS\system32\iassvcs.dll

Wed Apr 02 15:29:02 2008 => Scanning File C:\WINDOWS\system32\icaapi.dll

Wed Apr 02 15:29:02 2008 => Scanning File C:\WINDOWS\system32\icardie.dll

Wed Apr 02 15:29:02 2008 => Scanning File C:\WINDOWS\system32\iccvid.dll

Wed Apr 02 15:29:02 2008 => Scanning File C:\WINDOWS\system32\icfgnt5.dll

Wed Apr 02 15:29:02 2008 => Scanning File C:\WINDOWS\system32\icm32.dll

Wed Apr 02 15:29:03 2008 => Scanning File C:\WINDOWS\system32\icmp.dll

Wed Apr 02 15:29:03 2008 => Scanning File C:\WINDOWS\system32\icmui.dll

Wed Apr 02 15:29:03 2008 => Scanning File C:\WINDOWS\system32\icrav03.rat

Wed Apr 02 15:29:03 2008 => Scanning File C:\WINDOWS\system32\icwdial.dll

Wed Apr 02 15:29:03 2008 => Scanning File C:\WINDOWS\system32\icwphbk.dll

Wed Apr 02 15:29:03 2008 => Scanning File C:\WINDOWS\system32\idndl.dll

Wed Apr 02 15:29:03 2008 => Scanning File C:\WINDOWS\system32\idq.dll

Wed Apr 02 15:29:03 2008 => Scanning File C:\WINDOWS\system32\ie4uinit.exe

Wed Apr 02 15:29:03 2008 => Scanning File C:\WINDOWS\system32\ieakeng.dll

Wed Apr 02 15:29:03 2008 => Scanning File C:\WINDOWS\system32\ieaksie.dll

Wed Apr 02 15:29:04 2008 => Scanning File C:\WINDOWS\system32\ieakui.dll

Wed Apr 02 15:29:04 2008 => Scanning File C:\WINDOWS\system32\ieapfltr.dat

Wed Apr 02 15:29:04 2008 => Scanning File C:\WINDOWS\system32\ieapfltr.dll

Wed Apr 02 15:29:04 2008 => Scanning File C:\WINDOWS\system32\iedkcs32.dll

Wed Apr 02 15:29:04 2008 => Scanning File C:\WINDOWS\system32\ieencode.dll

Wed Apr 02 15:29:04 2008 => *** File C:\WINDOWS\system32\ieframe.dll having Size Restriction ***

Wed Apr 02 15:29:04 2008 => Scanning File C:\WINDOWS\system32\ieframe.dll [**]

Wed Apr 02 15:29:04 2008 => Scanning File C:\WINDOWS\system32\ieframe.dll.mui

Wed Apr 02 15:29:07 2008 => Scanning File C:\WINDOWS\system32\iepeers.dll

Wed Apr 02 15:29:07 2008 => Scanning File C:\WINDOWS\system32\iernonce.dll

Wed Apr 02 15:29:07 2008 => Scanning File C:\WINDOWS\system32\iertutil.dll

Wed Apr 02 15:29:07 2008 => Scanning File C:\WINDOWS\system32\iesetup.dll

Wed Apr 02 15:29:07 2008 => Scanning File C:\WINDOWS\system32\ieudinit.exe

Wed Apr 02 15:29:07 2008 => Scanning File C:\WINDOWS\system32\ieui.dll

Wed Apr 02 15:29:07 2008 => Scanning File C:\WINDOWS\system32\ieuinit.inf

Wed Apr 02 15:29:08 2008 => Scanning File C:\WINDOWS\system32\iexpress.exe

Wed Apr 02 15:29:08 2008 => Scanning File C:\WINDOWS\system32\IfHelper.dll

Wed Apr 02 15:29:08 2008 => Scanning File C:\WINDOWS\system32\ifmon.dll

Wed Apr 02 15:29:08 2008 => Scanning File C:\WINDOWS\system32\ifsutil.dll

Wed Apr 02 15:29:08 2008 => Scanning File C:\WINDOWS\system32\igmpagnt.dll

Wed Apr 02 15:29:08 2008 => Scanning File C:\WINDOWS\system32\ils.dll

Wed Apr 02 15:29:08 2008 => Scanning File C:\WINDOWS\system32\imaadp32.acm

Wed Apr 02 15:29:08 2008 => Scanning File C:\WINDOWS\system32\imagehlp.dll

Wed Apr 02 15:29:08 2008 => Scanning File C:\WINDOWS\system32\ImagX7.dll

Wed Apr 02 15:29:09 2008 => Scanning File C:\WINDOWS\system32\ImagXpr7.dll

Wed Apr 02 15:29:10 2008 => Scanning File C:\WINDOWS\system32\ImagXR7.dll

Wed Apr 02 15:29:10 2008 => Scanning File C:\WINDOWS\system32\ImagXRA7.dll

Wed Apr 02 15:29:10 2008 => Scanning File C:\WINDOWS\system32\imapi.exe

Wed Apr 02 15:29:11 2008 => Scanning File C:\WINDOWS\system32\ImapiRox.exe

Wed Apr 02 15:29:11 2008 => Scanning File C:\WINDOWS\system32\ImapiRoxPS.dll

Wed Apr 02 15:29:11 2008 => Scanning File C:\WINDOWS\system32\imekr61.ime

Wed Apr 02 15:29:11 2008 => Scanning File C:\WINDOWS\system32\imeshare.dll

Wed Apr 02 15:29:11 2008 => Scanning File C:\WINDOWS\system32\imgutil.dll

Wed Apr 02 15:29:11 2008 => Scanning File C:\WINDOWS\system32\imjp81.ime

Wed Apr 02 15:29:11 2008 => Scanning File C:\WINDOWS\system32\imjp81k.dll

Wed Apr 02 15:29:12 2008 => Scanning File C:\WINDOWS\system32\imm32.dll

Wed Apr 02 15:29:12 2008 => Scanning File C:\WINDOWS\system32\IMMC.EXE

Wed Apr 02 15:29:12 2008 => Scanning File C:\WINDOWS\system32\inetcfg.dll

Wed Apr 02 15:29:13 2008 => Scanning File C:\WINDOWS\system32\inetcomm.dll

Wed Apr 02 15:29:13 2008 => Scanning File C:\WINDOWS\system32\inetcpl.cpl

Wed Apr 02 15:29:13 2008 => Scanning File C:\WINDOWS\system32\inetcplc.dll

Wed Apr 02 15:29:13 2008 => Scanning File C:\WINDOWS\system32\inetmib1.dll

Wed Apr 02 15:29:13 2008 => Scanning File C:\WINDOWS\system32\inetpp.dll

Wed Apr 02 15:29:13 2008 => Scanning File C:\WINDOWS\system32\inetppui.dll

Wed Apr 02 15:29:13 2008 => Scanning File C:\WINDOWS\system32\inetres.dll

Wed Apr 02 15:29:13 2008 => Scanning File C:\WINDOWS\system32\INETWH32.dll

Wed Apr 02 15:29:14 2008 => Scanning File C:\WINDOWS\system32\infosoft.dll

Wed Apr 02 15:29:14 2008 => Scanning File C:\WINDOWS\system32\initpki.dll

Wed Apr 02 15:29:14 2008 => Scanning File C:\WINDOWS\system32\input.dll

Wed Apr 02 15:29:14 2008 => Scanning File C:\WINDOWS\system32\inseng.dll

Wed Apr 02 15:29:14 2008 => Scanning File C:\WINDOWS\system32\instcat.sql

Wed Apr 02 15:29:15 2008 => Scanning File C:\WINDOWS\system32\internet popup blocker1.ico

Wed Apr 02 15:29:15 2008 => Scanning File C:\WINDOWS\system32\intl.cpl

Wed Apr 02 15:29:15 2008 => Scanning File C:\WINDOWS\system32\iologmsg.dll

Wed Apr 02 15:29:15 2008 => Scanning File C:\WINDOWS\system32\ipconf.tsp

Wed Apr 02 15:29:15 2008 => Scanning File C:\WINDOWS\system32\ipconfig.exe

Wed Apr 02 15:29:15 2008 => Scanning File C:\WINDOWS\system32\iphlpapi.dll

Wed Apr 02 15:29:15 2008 => Scanning File C:\WINDOWS\system32\ipmontr.dll

Wed Apr 02 15:29:15 2008 => Scanning File C:\WINDOWS\system32\ipnathlp.dll

Wed Apr 02 15:29:15 2008 => Scanning File C:\WINDOWS\system32\ippromon.dll

Wed Apr 02 15:29:16 2008 => Scanning File C:\WINDOWS\system32\iprop.dll

Wed Apr 02 15:29:16 2008 => Scanning File C:\WINDOWS\system32\iprtprio.dll

Wed Apr 02 15:29:16 2008 => Scanning File C:\WINDOWS\system32\iprtrmgr.dll

Wed Apr 02 15:29:16 2008 => Scanning File C:\WINDOWS\system32\ipsec6.exe

Wed Apr 02 15:29:16 2008 => Scanning File C:\WINDOWS\system32\ipsecsnp.dll

Wed Apr 02 15:29:16 2008 => Scanning File C:\WINDOWS\system32\ipsecsvc.dll

Wed Apr 02 15:29:16 2008 => Scanning File C:\WINDOWS\system32\ipsmsnap.dll

Wed Apr 02 15:29:17 2008 => Scanning File C:\WINDOWS\system32\ipv6.exe

Wed Apr 02 15:29:17 2008 => Scanning File C:\WINDOWS\system32\ipv6mon.dll

Wed Apr 02 15:29:17 2008 => Scanning File C:\WINDOWS\system32\ipxmontr.dll

Wed Apr 02 15:29:17 2008 => Scanning File C:\WINDOWS\system32\ipxpromn.dll

Wed Apr 02 15:29:17 2008 => Scanning File C:\WINDOWS\system32\ipxrip.dll

Wed Apr 02 15:29:17 2008 => Scanning File C:\WINDOWS\system32\ipxroute.exe

Wed Apr 02 15:29:17 2008 => Scanning File C:\WINDOWS\system32\ipxrtmgr.dll

Wed Apr 02 15:29:17 2008 => Scanning File C:\WINDOWS\system32\ipxsap.dll

Wed Apr 02 15:29:17 2008 => Scanning File C:\WINDOWS\system32\ipxwan.dll

Wed Apr 02 15:29:17 2008 => Scanning File C:\WINDOWS\system32\ir32_32.dll

Wed Apr 02 15:29:18 2008 => Scanning File C:\WINDOWS\system32\ir41_32.ax

Wed Apr 02 15:29:18 2008 => Scanning File C:\WINDOWS\system32\ir41_qc.dll

Wed Apr 02 15:29:18 2008 => Scanning File C:\WINDOWS\system32\ir41_qcx.dll

Wed Apr 02 15:29:18 2008 => Scanning File C:\WINDOWS\system32\ir50_32.dll

Wed Apr 02 15:29:19 2008 => Scanning File C:\WINDOWS\system32\ir50_qc.dll

Wed Apr 02 15:29:19 2008 => Scanning File C:\WINDOWS\system32\ir50_qcx.dll

Wed Apr 02 15:29:19 2008 => Scanning File C:\WINDOWS\system32\irclass.dll

Wed Apr 02 15:29:19 2008 => Scanning File C:\WINDOWS\system32\irprops.cpl

Wed Apr 02 15:29:19 2008 => Scanning File C:\WINDOWS\system32\isign32.dll

Wed Apr 02 15:29:19 2008 => Scanning File C:\WINDOWS\system32\isrdbg32.dll

Wed Apr 02 15:29:20 2008 => Scanning File C:\WINDOWS\system32\itircl.dll

Wed Apr 02 15:29:20 2008 => Scanning File C:\WINDOWS\system32\itss.dll

Wed Apr 02 15:29:20 2008 => Scanning File C:\WINDOWS\system32\iuengine.dll

Wed Apr 02 15:29:20 2008 => Scanning File C:\WINDOWS\system32\ivfsrc.ax

Wed Apr 02 15:29:20 2008 => Scanning File C:\WINDOWS\system32\ixsso.dll

Wed Apr 02 15:29:21 2008 => Scanning File C:\WINDOWS\system32\iyuv_32.dll

Wed Apr 02 15:29:21 2008 => Scanning File C:\WINDOWS\system32\java.exe

Wed Apr 02 15:29:21 2008 => Scanning File C:\WINDOWS\system32\javacypt.dll

Wed Apr 02 15:29:21 2008 => Scanning File C:\WINDOWS\system32\javaee.dll

Wed Apr 02 15:29:21 2008 => Scanning File C:\WINDOWS\system32\javaprxy.dll

Wed Apr 02 15:29:21 2008 => Scanning File C:\WINDOWS\system32\javart.dll

Wed Apr 02 15:29:22 2008 => Scanning File C:\WINDOWS\system32\javasup.vxd

Wed Apr 02 15:29:22 2008 => Scanning File C:\WINDOWS\system32\javaw.exe

Wed Apr 02 15:29:22 2008 => Scanning File C:\WINDOWS\system32\javaws.exe

Wed Apr 02 15:29:22 2008 => Scanning File C:\WINDOWS\system32\jdbgmgr.exe

Wed Apr 02 15:29:22 2008 => Scanning File C:\WINDOWS\system32\jet500.dll

Wed Apr 02 15:29:22 2008 => Scanning File C:\WINDOWS\system32\jgaw400.dll

Wed Apr 02 15:29:22 2008 => Scanning File C:\WINDOWS\system32\jgdw400.dll

Wed Apr 02 15:29:23 2008 => Scanning File C:\WINDOWS\system32\jgmd400.dll

Wed Apr 02 15:29:23 2008 => Scanning File C:\WINDOWS\system32\jgpl400.dll

Wed Apr 02 15:29:23 2008 => Scanning File C:\WINDOWS\system32\jgsd400.dll

Wed Apr 02 15:29:23 2008 => Scanning File C:\WINDOWS\system32\jgsh400.dll

Wed Apr 02 15:29:23 2008 => Scanning File C:\WINDOWS\system32\jit.dll

Wed Apr 02 15:29:23 2008 => Scanning File C:\WINDOWS\system32\jobexec.dll

Wed Apr 02 15:29:23 2008 => Scanning File C:\WINDOWS\system32\joy.cpl

Wed Apr 02 15:29:23 2008 => Scanning File C:\WINDOWS\system32\jpatchver.txt

Wed Apr 02 15:29:23 2008 => Scanning File C:\WINDOWS\system32\jpicpl32.cpl

Wed Apr 02 15:29:24 2008 => Scanning File C:\WINDOWS\system32\jscript(2).dll

Wed Apr 02 15:29:24 2008 => Scanning File C:\WINDOWS\system32\jscript.dll

Wed Apr 02 15:29:24 2008 => Scanning File C:\WINDOWS\system32\jsfr.dll

Wed Apr 02 15:29:24 2008 => Scanning File C:\WINDOWS\system32\jsproxy.dll

Wed Apr 02 15:29:24 2008 => Scanning File C:\WINDOWS\system32\jview.exe

Wed Apr 02 15:29:24 2008 => Scanning File C:\WINDOWS\system32\kb16.com

Wed Apr 02 15:29:24 2008 => Scanning File C:\WINDOWS\system32\kbd101.dll

Wed Apr 02 15:29:24 2008 => Scanning File C:\WINDOWS\system32\kbd101a.dll

Wed Apr 02 15:29:25 2008 => Scanning File C:\WINDOWS\system32\kbd101b.dll

Wed Apr 02 15:29:25 2008 => Scanning File C:\WINDOWS\system32\kbd101c.dll

Wed Apr 02 15:29:25 2008 => Scanning File C:\WINDOWS\system32\kbd103.dll

Wed Apr 02 15:29:25 2008 => Scanning File C:\WINDOWS\system32\kbd106.dll

Wed Apr 02 15:29:25 2008 => Scanning File C:\WINDOWS\system32\kbd106n.dll

Wed Apr 02 15:29:25 2008 => Scanning File C:\WINDOWS\system32\kbdal.dll

Wed Apr 02 15:29:25 2008 => Scanning File C:\WINDOWS\system32\kbdax2.dll

Wed Apr 02 15:29:25 2008 => Scanning File C:\WINDOWS\system32\kbdaze.dll

Wed Apr 02 15:29:25 2008 => Scanning File C:\WINDOWS\system32\kbdazel.dll

Wed Apr 02 15:29:25 2008 => Scanning File C:\WINDOWS\system32\kbdbe.dll

Wed Apr 02 15:29:25 2008 => Scanning File C:\WINDOWS\system32\kbdbene.dll

Wed Apr 02 15:29:25 2008 => Scanning File C:\WINDOWS\system32\kbdblr.dll

Wed Apr 02 15:29:25 2008 => Scanning File C:\WINDOWS\system32\kbdbr.dll

Wed Apr 02 15:29:25 2008 => Scanning File C:\WINDOWS\system32\kbdbu.dll

Wed Apr 02 15:29:25 2008 => Scanning File C:\WINDOWS\system32\kbdca.dll

Wed Apr 02 15:29:26 2008 => Scanning File C:\WINDOWS\system32\kbdcan.dll

Wed Apr 02 15:29:26 2008 => Scanning File C:\WINDOWS\system32\kbdcr.dll

Wed Apr 02 15:29:26 2008 => Scanning File C:\WINDOWS\system32\kbdcz.dll

Wed Apr 02 15:29:26 2008 => Scanning File C:\WINDOWS\system32\kbdcz1.dll

Wed Apr 02 15:29:26 2008 => Scanning File C:\WINDOWS\system32\kbdcz2.dll

Wed Apr 02 15:29:26 2008 => Scanning File C:\WINDOWS\system32\kbdda.dll

Wed Apr 02 15:29:26 2008 => Scanning File C:\WINDOWS\system32\kbddv.dll

Wed Apr 02 15:29:26 2008 => Scanning File C:\WINDOWS\system32\kbdes.dll

Wed Apr 02 15:29:26 2008 => Scanning File C:\WINDOWS\system32\kbdest.dll

Wed Apr 02 15:29:26 2008 => Scanning File C:\WINDOWS\system32\kbdfc.dll

Wed Apr 02 15:29:26 2008 => Scanning File C:\WINDOWS\system32\kbdfi.dll

Wed Apr 02 15:29:26 2008 => Scanning File C:\WINDOWS\system32\kbdfi1.dll

Wed Apr 02 15:29:26 2008 => Scanning File C:\WINDOWS\system32\kbdfo.dll

Wed Apr 02 15:29:27 2008 => Scanning File C:\WINDOWS\system32\kbdfr.dll

Wed Apr 02 15:29:27 2008 => Scanning File C:\WINDOWS\system32\kbdgae.dll

Wed Apr 02 15:29:27 2008 => Scanning File C:\WINDOWS\system32\kbdgkl.dll

Wed Apr 02 15:29:27 2008 => Scanning File C:\WINDOWS\system32\kbdgr.dll

Wed Apr 02 15:29:27 2008 => Scanning File C:\WINDOWS\system32\kbdgr1.dll

Wed Apr 02 15:29:27 2008 => Scanning File C:\WINDOWS\system32\kbdhe.dll

Wed Apr 02 15:29:27 2008 => Scanning File C:\WINDOWS\system32\kbdhe220.dll

Wed Apr 02 15:29:27 2008 => Scanning File C:\WINDOWS\system32\kbdhe319.dll

Wed Apr 02 15:29:27 2008 => Scanning File C:\WINDOWS\system32\kbdhela2.dll

Wed Apr 02 15:29:27 2008 => Scanning File C:\WINDOWS\system32\kbdhela3.dll

Wed Apr 02 15:29:27 2008 => Scanning File C:\WINDOWS\system32\kbdhept.dll

Wed Apr 02 15:29:27 2008 => Scanning File C:\WINDOWS\system32\kbdhu.dll

Wed Apr 02 15:29:27 2008 => Scanning File C:\WINDOWS\system32\kbdhu1.dll

Wed Apr 02 15:29:28 2008 => Scanning File C:\WINDOWS\system32\kbdibm02.dll

Wed Apr 02 15:29:28 2008 => Scanning File C:\WINDOWS\system32\kbdic.dll

Wed Apr 02 15:29:28 2008 => Scanning File C:\WINDOWS\system32\kbdinbe1.dll

Wed Apr 02 15:29:28 2008 => Scanning File C:\WINDOWS\system32\kbdinben.dll

Wed Apr 02 15:29:28 2008 => Scanning File C:\WINDOWS\system32\kbdinmal.dll

Wed Apr 02 15:29:28 2008 => Scanning File C:\WINDOWS\system32\kbdir.dll

Wed Apr 02 15:29:28 2008 => Scanning File C:\WINDOWS\system32\kbdit.dll

Wed Apr 02 15:29:28 2008 => Scanning File C:\WINDOWS\system32\kbdit142.dll

Wed Apr 02 15:29:28 2008 => Scanning File C:\WINDOWS\system32\kbdjpn.dll

Wed Apr 02 15:29:28 2008 => Scanning File C:\WINDOWS\system32\kbdkaz.dll

Wed Apr 02 15:29:28 2008 => Scanning File C:\WINDOWS\system32\kbdkor.dll

Wed Apr 02 15:29:28 2008 => Scanning File C:\WINDOWS\system32\kbdkyr.dll

Wed Apr 02 15:29:28 2008 => Scanning File C:\WINDOWS\system32\kbdla.dll

Wed Apr 02 15:29:28 2008 => Scanning File C:\WINDOWS\system32\kbdlk41a.dll

Wed Apr 02 15:29:29 2008 => Scanning File C:\WINDOWS\system32\kbdlk41j.dll

Wed Apr 02 15:29:29 2008 => Scanning File C:\WINDOWS\system32\kbdlt.dll

Wed Apr 02 15:29:29 2008 => Scanning File C:\WINDOWS\system32\kbdlt1.dll

Wed Apr 02 15:29:29 2008 => Scanning File C:\WINDOWS\system32\kbdlv.dll

Wed Apr 02 15:29:29 2008 => Scanning File C:\WINDOWS\system32\kbdlv1.dll

Wed Apr 02 15:29:29 2008 => Scanning File C:\WINDOWS\system32\kbdmac.dll

Wed Apr 02 15:29:29 2008 => Scanning File C:\WINDOWS\system32\kbdmaori.dll

Wed Apr 02 15:29:29 2008 => Scanning File C:\WINDOWS\system32\kbdmlt47.dll

Wed Apr 02 15:29:29 2008 => Scanning File C:\WINDOWS\system32\kbdmlt48.dll

Wed Apr 02 15:29:29 2008 => Scanning File C:\WINDOWS\system32\kbdmon.dll

Wed Apr 02 15:29:29 2008 => Scanning File C:\WINDOWS\system32\kbdne.dll

Wed Apr 02 15:29:29 2008 => Scanning File C:\WINDOWS\system32\kbdnec.dll

Wed Apr 02 15:29:29 2008 => Scanning File C:\WINDOWS\system32\kbdnec95.dll

Wed Apr 02 15:29:30 2008 => Scanning File C:\WINDOWS\system32\kbdnecat.dll

Wed Apr 02 15:29:30 2008 => Scanning File C:\WINDOWS\system32\kbdnecnt.dll

Wed Apr 02 15:29:30 2008 => Scanning File C:\WINDOWS\system32\kbdno.dll

Wed Apr 02 15:29:30 2008 => Scanning File C:\WINDOWS\system32\kbdno1.dll

Wed Apr 02 15:29:30 2008 => Scanning File C:\WINDOWS\system32\kbdpl.dll

Wed Apr 02 15:29:30 2008 => Scanning File C:\WINDOWS\system32\kbdpl1.dll

Wed Apr 02 15:29:30 2008 => Scanning File C:\WINDOWS\system32\kbdpo.dll

Wed Apr 02 15:29:30 2008 => Scanning File C:\WINDOWS\system32\kbdro.dll

Wed Apr 02 15:29:30 2008 => Scanning File C:\WINDOWS\system32\kbdru.dll

Wed Apr 02 15:29:30 2008 => Scanning File C:\WINDOWS\system32\kbdru1.dll

Wed Apr 02 15:29:30 2008 => Scanning File C:\WINDOWS\system32\kbdsf.dll

Wed Apr 02 15:29:30 2008 => Scanning File C:\WINDOWS\system32\kbdsg.dll

Wed Apr 02 15:29:30 2008 => Scanning File C:\WINDOWS\system32\kbdsl.dll

Wed Apr 02 15:29:31 2008 => Scanning File C:\WINDOWS\system32\kbdsl1.dll

Wed Apr 02 15:29:31 2008 => Scanning File C:\WINDOWS\system32\kbdsmsfi.dll

Wed Apr 02 15:29:31 2008 => Scanning File C:\WINDOWS\system32\kbdsmsno.dll

Wed Apr 02 15:29:31 2008 => Scanning File C:\WINDOWS\system32\kbdsp.dll

Wed Apr 02 15:29:31 2008 => Scanning File C:\WINDOWS\system32\kbdsw.dll

Wed Apr 02 15:29:31 2008 => Scanning File C:\WINDOWS\system32\kbdtat.dll

Wed Apr 02 15:29:31 2008 => Scanning File C:\WINDOWS\system32\kbdtuf.dll

Wed Apr 02 15:29:31 2008 => Scanning File C:\WINDOWS\system32\kbdtuq.dll

Wed Apr 02 15:29:31 2008 => Scanning File C:\WINDOWS\system32\kbduk.dll

Wed Apr 02 15:29:31 2008 => Scanning File C:\WINDOWS\system32\kbdukx.dll

Wed Apr 02 15:29:31 2008 => Scanning File C:\WINDOWS\system32\kbdur.dll

Wed Apr 02 15:29:31 2008 => Scanning File C:\WINDOWS\system32\kbdus.dll

Wed Apr 02 15:29:31 2008 => Scanning File C:\WINDOWS\system32\kbdusl.dll

Wed Apr 02 15:29:32 2008 => Scanning File C:\WINDOWS\system32\kbdusr.dll

Wed Apr 02 15:29:32 2008 => Scanning File C:\WINDOWS\system32\kbdusx.dll

Wed Apr 02 15:29:32 2008 => Scanning File C:\WINDOWS\system32\kbduzb.dll

Wed Apr 02 15:29:32 2008 => Scanning File C:\WINDOWS\system32\kbdycc.dll

Wed Apr 02 15:29:32 2008 => Scanning File C:\WINDOWS\system32\kbdycl.dll

Wed Apr 02 15:29:32 2008 => Scanning File C:\WINDOWS\system32\kd1394.dll

Wed Apr 02 15:29:32 2008 => Scanning File C:\WINDOWS\system32\kdcom.dll

Wed Apr 02 15:29:32 2008 => Scanning File C:\WINDOWS\system32\kerberos.dll

Wed Apr 02 15:29:32 2008 => Scanning File C:\WINDOWS\system32\kernel32.dll

Wed Apr 02 15:29:33 2008 => Scanning File C:\WINDOWS\system32\key01.sys

Wed Apr 02 15:29:33 2008 => Scanning File C:\WINDOWS\system32\keyboard.drv

Wed Apr 02 15:29:33 2008 => Scanning File C:\WINDOWS\system32\keyboard.sys

Wed Apr 02 15:29:33 2008 => Scanning File C:\WINDOWS\system32\keymgr.dll

Wed Apr 02 15:29:33 2008 => Scanning File C:\WINDOWS\system32\kmddsp.tsp

Wed Apr 02 15:29:33 2008 => Scanning File C:\WINDOWS\system32\korwbrkr.dll

Wed Apr 02 15:29:33 2008 => Scanning File C:\WINDOWS\system32\korwbrkr.lex

Wed Apr 02 15:29:33 2008 => Scanning File C:\WINDOWS\system32\krnl386.exe

Wed Apr 02 15:29:33 2008 => Scanning File C:\WINDOWS\system32\ksc.nls

Wed Apr 02 15:29:33 2008 => Scanning File C:\WINDOWS\system32\ksproxy.ax

Wed Apr 02 15:29:34 2008 => Scanning File C:\WINDOWS\system32\ksuser.dll

Wed Apr 02 15:29:34 2008 => Scanning File C:\WINDOWS\system32\l3codeca.acm

Wed Apr 02 15:29:34 2008 => Scanning File C:\WINDOWS\system32\l3codecp.acm

Wed Apr 02 15:29:34 2008 => Scanning File C:\WINDOWS\system32\l3codecx.acm

Wed Apr 02 15:29:34 2008 => Scanning File C:\WINDOWS\system32\l3codecx.ax

Wed Apr 02 15:29:35 2008 => Scanning File C:\WINDOWS\system32\label.exe

Wed Apr 02 15:29:35 2008 => Scanning File C:\WINDOWS\system32\langwrbk.dll

Wed Apr 02 15:29:35 2008 => Scanning File C:\WINDOWS\system32\lanman.drv

Wed Apr 02 15:29:35 2008 => Scanning File C:\WINDOWS\system32\LAPRXY.dll

Wed Apr 02 15:29:35 2008 => Scanning File C:\WINDOWS\system32\lcphrase.tbl

Wed Apr 02 15:29:35 2008 => Scanning File C:\WINDOWS\system32\lcptr.tbl

Wed Apr 02 15:29:35 2008 => Scanning File C:\WINDOWS\system32\LegitCheckControl.dll

Wed Apr 02 15:29:36 2008 => Scanning File C:\WINDOWS\system32\libeay32.dll

Wed Apr 02 15:29:36 2008 => Scanning File C:\WINDOWS\system32\licdll.dll

Wed Apr 02 15:29:36 2008 => Scanning File C:\WINDOWS\system32\licmgr10.dll

Wed Apr 02 15:29:36 2008 => Scanning File C:\WINDOWS\system32\licwmi.dll

Wed Apr 02 15:29:37 2008 => Scanning File C:\WINDOWS\system32\lights.exe

Wed Apr 02 15:29:37 2008 => Scanning File C:\WINDOWS\system32\linkinfo.dll

Wed Apr 02 15:29:37 2008 => Scanning File C:\WINDOWS\system32\lmhsvc.dll

Wed Apr 02 15:29:37 2008 => Scanning File C:\WINDOWS\system32\lmrt.dll

Wed Apr 02 15:29:37 2008 => Scanning File C:\WINDOWS\system32\LMRTREND.dll

Wed Apr 02 15:29:37 2008 => Scanning File C:\WINDOWS\system32\lnkstub.exe

Wed Apr 02 15:29:37 2008 => Scanning File C:\WINDOWS\system32\loadfix.com

Wed Apr 02 15:29:37 2008 => Scanning File C:\WINDOWS\system32\loadperf.dll

Wed Apr 02 15:29:37 2008 => Scanning File C:\WINDOWS\system32\locale.nls

Wed Apr 02 15:29:37 2008 => Scanning File C:\WINDOWS\system32\localsec.dll

Wed Apr 02 15:29:38 2008 => Scanning File C:\WINDOWS\system32\localspl.dll

Wed Apr 02 15:29:38 2008 => Scanning File C:\WINDOWS\system32\localui.dll

Wed Apr 02 15:29:38 2008 => Scanning File C:\WINDOWS\system32\locator.exe

Wed Apr 02 15:29:38 2008 => Scanning File C:\WINDOWS\system32\lodctr.exe

Wed Apr 02 15:29:38 2008 => Scanning File C:\WINDOWS\system32\logagent.exe

Wed Apr 02 15:29:38 2008 => Scanning File C:\WINDOWS\system32\loghours.dll

Wed Apr 02 15:29:38 2008 => Scanning File C:\WINDOWS\system32\logman.exe

Wed Apr 02 15:29:38 2008 => Scanning File C:\WINDOWS\system32\logoff.exe

Wed Apr 02 15:29:38 2008 => Scanning File C:\WINDOWS\system32\logon.scr

Wed Apr 02 15:29:38 2008 => Scanning File C:\WINDOWS\system32\logonui.exe

Wed Apr 02 15:29:39 2008 => Scanning File C:\WINDOWS\system32\logonui.exe.manifest

Wed Apr 02 15:29:39 2008 => Scanning File C:\WINDOWS\system32\lpk.dll

Wed Apr 02 15:29:39 2008 => Scanning File C:\WINDOWS\system32\lpq.exe

Wed Apr 02 15:29:39 2008 => Scanning File C:\WINDOWS\system32\lpr.exe

Wed Apr 02 15:29:39 2008 => Scanning File C:\WINDOWS\system32\lprhelp.dll

Wed Apr 02 15:29:39 2008 => Scanning File C:\WINDOWS\system32\lprmonui.dll

Wed Apr 02 15:29:39 2008 => Scanning File C:\WINDOWS\system32\lsasrv.dll

Wed Apr 02 15:29:39 2008 => Scanning File C:\WINDOWS\system32\lsass.exe

Wed Apr 02 15:29:39 2008 => Scanning File C:\WINDOWS\system32\LuResult.txt

Wed Apr 02 15:29:40 2008 => Scanning File C:\WINDOWS\system32\lusrmgr.msc

Wed Apr 02 15:29:40 2008 => Scanning File C:\WINDOWS\system32\lz32.dll

Wed Apr 02 15:29:40 2008 => Scanning File C:\WINDOWS\system32\lzexpand.dll

Wed Apr 02 15:29:40 2008 => Scanning File C:\WINDOWS\system32\l_except.nls

Wed Apr 02 15:29:40 2008 => Scanning File C:\WINDOWS\system32\l_intl.nls

Wed Apr 02 15:29:40 2008 => Scanning File C:\WINDOWS\system32\magnify.exe

Wed Apr 02 15:29:40 2008 => Scanning File C:\WINDOWS\system32\mag_hook.dll

Wed Apr 02 15:29:40 2008 => Scanning File C:\WINDOWS\system32\main.cpl

Wed Apr 02 15:29:40 2008 => Scanning File C:\WINDOWS\system32\makecab.exe

Wed Apr 02 15:29:40 2008 => Scanning File C:\WINDOWS\system32\MAPI.DLL

Wed Apr 02 15:29:41 2008 => Scanning File C:\WINDOWS\system32\mapi32.dll

Wed Apr 02 15:29:41 2008 => Scanning File C:\WINDOWS\system32\MAPISRVR.EXE

Wed Apr 02 15:29:41 2008 => Scanning File C:\WINDOWS\system32\mapistub.dll

Wed Apr 02 15:29:41 2008 => Scanning File C:\WINDOWS\system32\mcastmib.dll

Wed Apr 02 15:29:41 2008 => Scanning File C:\WINDOWS\system32\mcd32.dll

Wed Apr 02 15:29:41 2008 => Scanning File C:\WINDOWS\system32\mcdsrv32.dll

Wed Apr 02 15:29:41 2008 => Scanning File C:\WINDOWS\system32\mchgrcoi.dll

Wed Apr 02 15:29:41 2008 => Scanning File C:\WINDOWS\system32\mciavi.drv

Wed Apr 02 15:29:41 2008 => Scanning File C:\WINDOWS\system32\mciavi32.dll

Wed Apr 02 15:29:41 2008 => Scanning File C:\WINDOWS\system32\mcicda.dll

Wed Apr 02 15:29:41 2008 => Scanning File C:\WINDOWS\system32\mciole16.dll

Wed Apr 02 15:29:42 2008 => Scanning File C:\WINDOWS\system32\mciole32.dll

Wed Apr 02 15:29:42 2008 => Scanning File C:\WINDOWS\system32\mciqtz.drv

Wed Apr 02 15:29:42 2008 => Scanning File C:\WINDOWS\system32\mciqtz32.dll

Wed Apr 02 15:29:42 2008 => Scanning File C:\WINDOWS\system32\mciseq.dll

Wed Apr 02 15:29:42 2008 => Scanning File C:\WINDOWS\system32\mciseq.drv

Wed Apr 02 15:29:42 2008 => Scanning File C:\WINDOWS\system32\mciwave.dll

Wed Apr 02 15:29:42 2008 => Scanning File C:\WINDOWS\system32\mciwave.drv

Wed Apr 02 15:29:42 2008 => Scanning File C:\WINDOWS\system32\mdhcp.dll

Wed Apr 02 15:29:42 2008 => Scanning File C:\WINDOWS\system32\mdminst.dll

Wed Apr 02 15:29:42 2008 => Scanning File C:\WINDOWS\system32\mdmxsdk.dll

Wed Apr 02 15:29:43 2008 => Scanning File C:\WINDOWS\system32\MDT2FW95.DLL

Wed Apr 02 15:29:43 2008 => Scanning File C:\WINDOWS\system32\mdwmdmsp.dll

Wed Apr 02 15:29:43 2008 => Scanning File C:\WINDOWS\system32\mem.exe

Wed Apr 02 15:29:43 2008 => Scanning File C:\WINDOWS\system32\mf3216.dll

Wed Apr 02 15:29:43 2008 => Scanning File C:\WINDOWS\system32\mfc40.dll

Wed Apr 02 15:29:44 2008 => Scanning File C:\WINDOWS\system32\mfc40loc.dll

Wed Apr 02 15:29:44 2008 => Scanning File C:\WINDOWS\system32\mfc40u.dll

Wed Apr 02 15:29:44 2008 => Scanning File C:\WINDOWS\system32\mfc42.dll

Wed Apr 02 15:29:44 2008 => Scanning File C:\WINDOWS\system32\MFC42FRA.DLL

Wed Apr 02 15:29:44 2008 => Scanning File C:\WINDOWS\system32\mfc42loc.dll

Wed Apr 02 15:29:44 2008 => Scanning File C:\WINDOWS\system32\mfc42u.dll

Wed Apr 02 15:29:45 2008 => Scanning File C:\WINDOWS\system32\mfc70.dll

Wed Apr 02 15:29:45 2008 => Scanning File C:\WINDOWS\system32\mfc70u.dll

Wed Apr 02 15:29:46 2008 => Scanning File C:\WINDOWS\system32\mfc71.dll

Wed Apr 02 15:29:46 2008 => Scanning File C:\WINDOWS\system32\mfc71u.dll

Wed Apr 02 15:29:47 2008 => Scanning File C:\WINDOWS\system32\mfcsubs.dll

Wed Apr 02 15:29:47 2008 => Scanning File C:\WINDOWS\system32\MFPLAT.dll

Wed Apr 02 15:29:47 2008 => Scanning File C:\WINDOWS\system32\mgmtapi.dll

Wed Apr 02 15:29:47 2008 => Scanning File C:\WINDOWS\system32\mib.bin

Wed Apr 02 15:29:47 2008 => Scanning File C:\WINDOWS\system32\midimap.dll

Wed Apr 02 15:29:47 2008 => Scanning File C:\WINDOWS\system32\miglibnt.dll

Wed Apr 02 15:29:47 2008 => Scanning File C:\WINDOWS\system32\migpwd.exe

Wed Apr 02 15:29:47 2008 => Scanning File C:\WINDOWS\system32\mimefilt.dll

Wed Apr 02 15:29:47 2008 => Scanning File C:\WINDOWS\system32\mindex.dll

Wed Apr 02 15:29:48 2008 => Scanning File C:\WINDOWS\system32\miniime.tpl

Wed Apr 02 15:29:48 2008 => Scanning File C:\WINDOWS\system32\mlang.dat

Wed Apr 02 15:29:48 2008 => Scanning File C:\WINDOWS\system32\mlang.dll

Wed Apr 02 15:29:48 2008 => Scanning File C:\WINDOWS\system32\mlfcache.dat

Wed Apr 02 15:29:48 2008 => Scanning File C:\WINDOWS\system32\mll_hp.dll

Wed Apr 02 15:29:48 2008 => Scanning File C:\WINDOWS\system32\mll_mtf.dll

Wed Apr 02 15:29:48 2008 => Scanning File C:\WINDOWS\system32\mll_qic.dll

Wed Apr 02 15:29:48 2008 => Scanning File C:\WINDOWS\system32\mmc.exe

Wed Apr 02 15:29:49 2008 => Scanning File C:\WINDOWS\system32\mmcbase.dll

Wed Apr 02 15:29:49 2008 => Scanning File C:\WINDOWS\system32\mmcndmgr.dll

Wed Apr 02 15:29:49 2008 => Scanning File C:\WINDOWS\system32\mmcshext.dll

Wed Apr 02 15:29:49 2008 => Scanning File C:\WINDOWS\system32\mmdriver.inf

Wed Apr 02 15:29:49 2008 => Scanning File C:\WINDOWS\system32\mmdrv.dll

Wed Apr 02 15:29:49 2008 => Scanning File C:\WINDOWS\system32\mmfutil.dll

Wed Apr 02 15:29:49 2008 => Scanning File C:\WINDOWS\system32\mmsys.cpl

Wed Apr 02 15:29:50 2008 => Scanning File C:\WINDOWS\system32\mmsystem.dll

Wed Apr 02 15:29:50 2008 => Scanning File C:\WINDOWS\system32\mmtask.tsk

Wed Apr 02 15:29:50 2008 => Scanning File C:\WINDOWS\system32\mmutilse.dll

Wed Apr 02 15:29:50 2008 => Scanning File C:\WINDOWS\system32\mnmdd.dll

Wed Apr 02 15:29:50 2008 => Scanning File C:\WINDOWS\system32\mnmsrvc.exe

Wed Apr 02 15:29:50 2008 => Scanning File C:\WINDOWS\system32\mobsync.dll

Wed Apr 02 15:29:50 2008 => Scanning File C:\WINDOWS\system32\mobsync.exe

Wed Apr 02 15:29:51 2008 => Scanning File C:\WINDOWS\system32\mode.com

Wed Apr 02 15:29:51 2008 => Scanning File C:\WINDOWS\system32\modemui.dll

Wed Apr 02 15:29:51 2008 => Scanning File C:\WINDOWS\system32\modex.dll

Wed Apr 02 15:29:51 2008 => Scanning File C:\WINDOWS\system32\more.com

Wed Apr 02 15:29:51 2008 => Scanning File C:\WINDOWS\system32\moricons.dll

Wed Apr 02 15:29:51 2008 => Scanning File C:\WINDOWS\system32\mountvol.exe

Wed Apr 02 15:29:51 2008 => Scanning File C:\WINDOWS\system32\mouse.drv

Wed Apr 02 15:29:51 2008 => Scanning File C:\WINDOWS\system32\MP43DECD.dll

Wed Apr 02 15:29:52 2008 => Scanning File C:\WINDOWS\system32\MP43DMOD.dll

Wed Apr 02 15:29:52 2008 => Scanning File C:\WINDOWS\system32\MP4SDECD.dll

Wed Apr 02 15:29:52 2008 => Scanning File C:\WINDOWS\system32\MP4SDMOD.dll

Wed Apr 02 15:29:52 2008 => Scanning File C:\WINDOWS\system32\mpeg2data.ax

Wed Apr 02 15:29:52 2008 => Scanning File C:\WINDOWS\system32\mpg2splt.ax

Wed Apr 02 15:29:52 2008 => Scanning File C:\WINDOWS\system32\MPG4DECD.dll

Wed Apr 02 15:29:52 2008 => Scanning File C:\WINDOWS\system32\MPG4DMOD.dll

Wed Apr 02 15:29:52 2008 => Scanning File C:\WINDOWS\system32\mpg4ds32.ax

Wed Apr 02 15:29:53 2008 => Scanning File C:\WINDOWS\system32\mplay32.exe

Wed Apr 02 15:29:53 2008 => Scanning File C:\WINDOWS\system32\mpnotify.exe

Wed Apr 02 15:29:53 2008 => Scanning File C:\WINDOWS\system32\mpr.dll

Wed Apr 02 15:29:53 2008 => Scanning File C:\WINDOWS\system32\mprapi.dll

Wed Apr 02 15:29:53 2008 => Scanning File C:\WINDOWS\system32\mprddm.dll

Wed Apr 02 15:29:53 2008 => Scanning File C:\WINDOWS\system32\mprdim.dll

Wed Apr 02 15:29:53 2008 => Scanning File C:\WINDOWS\system32\mprmsg.dll

Wed Apr 02 15:29:53 2008 => Scanning File C:\WINDOWS\system32\mprui.dll

Wed Apr 02 15:29:54 2008 => Scanning File C:\WINDOWS\system32\mrinfo.exe

Wed Apr 02 15:29:54 2008 => *** File C:\WINDOWS\system32\MRT.exe having Size Restriction ***

Wed Apr 02 15:29:54 2008 => Scanning File C:\WINDOWS\system32\MRT.exe [**]

Wed Apr 02 15:29:54 2008 => Scanning File C:\WINDOWS\system32\MRT.INI

Wed Apr 02 15:29:54 2008 => Scanning File C:\WINDOWS\system32\msaatext.dll

Wed Apr 02 15:29:54 2008 => Scanning File C:\WINDOWS\system32\msacm.dll

Wed Apr 02 15:29:54 2008 => Scanning File C:\WINDOWS\system32\msacm32.dll

Wed Apr 02 15:29:54 2008 => Scanning File C:\WINDOWS\system32\msacm32.drv

Wed Apr 02 15:29:54 2008 => Scanning File C:\WINDOWS\system32\msadds32.ax

Wed Apr 02 15:29:54 2008 => Scanning File C:\WINDOWS\system32\MSADODC.OCX

Wed Apr 02 15:29:55 2008 => Scanning File C:\WINDOWS\system32\msadp32.acm

Wed Apr 02 15:29:55 2008 => Scanning File C:\WINDOWS\system32\msafd.dll

Wed Apr 02 15:29:55 2008 => Scanning File C:\WINDOWS\system32\msapsspc.dll

Wed Apr 02 15:29:55 2008 => Scanning File C:\WINDOWS\system32\msasn1.dll

Wed Apr 02 15:29:55 2008 => Scanning File C:\WINDOWS\system32\msaud32.acm

Wed Apr 02 15:29:55 2008 => Scanning File C:\WINDOWS\system32\msaudite.dll

Wed Apr 02 15:29:55 2008 => Scanning File C:\WINDOWS\system32\msawt.dll

Wed Apr 02 15:29:56 2008 => Scanning File C:\WINDOWS\system32\mscat32.dll

Wed Apr 02 15:29:56 2008 => Scanning File C:\WINDOWS\system32\mscdexnt.exe

Wed Apr 02 15:29:56 2008 => Scanning File C:\WINDOWS\system32\mscms.dll

Wed Apr 02 15:29:56 2008 => Scanning File C:\WINDOWS\system32\mscomct2.ocx

Wed Apr 02 15:29:56 2008 => Scanning File C:\WINDOWS\system32\MSCOMCTL.OCX

Wed Apr 02 15:29:56 2008 => Scanning File C:\WINDOWS\system32\msconf.dll

Wed Apr 02 15:29:56 2008 => Scanning File C:\WINDOWS\system32\mscoree.dll

Wed Apr 02 15:29:57 2008 => Scanning File C:\WINDOWS\system32\mscorier.dll

Wed Apr 02 15:29:57 2008 => Scanning File C:\WINDOWS\system32\mscories.dll

Wed Apr 02 15:29:57 2008 => Scanning File C:\WINDOWS\system32\mscpx32r.dLL

Wed Apr 02 15:29:57 2008 => Scanning File C:\WINDOWS\system32\mscpxl32.dLL

Wed Apr 02 15:29:57 2008 => Scanning File C:\WINDOWS\system32\MSCTF.dll

Wed Apr 02 15:29:57 2008 => Scanning File C:\WINDOWS\system32\MSCTFIME.IME

Wed Apr 02 15:29:57 2008 => Scanning File C:\WINDOWS\system32\MSCTFP.dll

Wed Apr 02 15:29:57 2008 => Scanning File C:\WINDOWS\system32\msdadiag.dll

Wed Apr 02 15:29:57 2008 => Scanning File C:\WINDOWS\system32\msdart.dll

Wed Apr 02 15:29:58 2008 => Scanning File C:\WINDOWS\system32\MSDATGRD.OCX

Wed Apr 02 15:29:58 2008 => Scanning File C:\WINDOWS\system32\msdatsrc.tlb

Wed Apr 02 15:29:58 2008 => Scanning File C:\WINDOWS\system32\msdayi.tbl

Wed Apr 02 15:29:58 2008 => Scanning File C:\WINDOWS\system32\msdelta.dll

Wed Apr 02 15:29:58 2008 => Scanning File C:\WINDOWS\system32\msdmo.dll

Wed Apr 02 15:29:58 2008 => Scanning File C:\WINDOWS\system32\msdtc.exe

Wed Apr 02 15:29:58 2008 => Scanning File C:\WINDOWS\system32\msdtclog.dll

Wed Apr 02 15:29:59 2008 => Scanning File C:\WINDOWS\system32\msdtcprf.h

Wed Apr 02 15:29:59 2008 => Scanning File C:\WINDOWS\system32\msdtcprf.ini

Wed Apr 02 15:29:59 2008 => Scanning File C:\WINDOWS\system32\msdtcprx.dll

Wed Apr 02 15:29:59 2008 => Scanning File C:\WINDOWS\system32\msdtctm.dll

Wed Apr 02 15:29:59 2008 => Scanning File C:\WINDOWS\system32\msdtcuiu.dll

Wed Apr 02 15:30:00 2008 => Scanning File C:\WINDOWS\system32\msdvdopt.dll

Wed Apr 02 15:30:00 2008 => Scanning File C:\WINDOWS\system32\msdxm.ocx

Wed Apr 02 15:30:00 2008 => Scanning File C:\WINDOWS\system32\msdxmlc.dll

Wed Apr 02 15:30:00 2008 => Scanning File C:\WINDOWS\system32\msencode.dll

Wed Apr 02 15:30:00 2008 => Scanning File C:\WINDOWS\system32\msexch40.dll

Wed Apr 02 15:30:01 2008 => Scanning File C:\WINDOWS\system32\msexcl40.dll

Wed Apr 02 15:30:01 2008 => Scanning File C:\WINDOWS\system32\msfeeds.dll

Wed Apr 02 15:30:01 2008 => Scanning File C:\WINDOWS\system32\msfeedsbs.dll

Wed Apr 02 15:30:01 2008 => Scanning File C:\WINDOWS\system32\msfeedssync.exe

Wed Apr 02 15:30:01 2008 => Scanning File C:\WINDOWS\system32\msftedit.dll

Wed Apr 02 15:30:02 2008 => Scanning File C:\WINDOWS\system32\msg.exe

Wed Apr 02 15:30:02 2008 => Scanning File C:\WINDOWS\system32\msg711.acm

Wed Apr 02 15:30:02 2008 => Scanning File C:\WINDOWS\system32\msg723.acm

Wed Apr 02 15:30:02 2008 => Scanning File C:\WINDOWS\system32\msgina.dll

Wed Apr 02 15:30:02 2008 => Scanning File C:\WINDOWS\system32\msgsm32.acm

Wed Apr 02 15:30:02 2008 => Scanning File C:\WINDOWS\system32\msgsvc.dll

Wed Apr 02 15:30:02 2008 => Scanning File C:\WINDOWS\system32\msh261.drv

Wed Apr 02 15:30:02 2008 => Scanning File C:\WINDOWS\system32\msh263.drv

Wed Apr 02 15:30:03 2008 => Scanning File C:\WINDOWS\system32\mshta.exe

Wed Apr 02 15:30:03 2008 => Scanning File C:\WINDOWS\system32\mshtml(2).dll

Wed Apr 02 15:30:03 2008 => Scanning File C:\WINDOWS\system32\mshtml.dll

Wed Apr 02 15:30:04 2008 => Scanning File C:\WINDOWS\system32\mshtml.tlb

Wed Apr 02 15:30:06 2008 => Scanning File C:\WINDOWS\system32\mshtmled.dll

Wed Apr 02 15:30:06 2008 => Scanning File C:\WINDOWS\system32\mshtmler.dll

Wed Apr 02 15:30:06 2008 => Scanning File C:\WINDOWS\system32\msi.dll

Wed Apr 02 15:30:07 2008 => Scanning File C:\WINDOWS\system32\msident.dll

Wed Apr 02 15:30:07 2008 => Scanning File C:\WINDOWS\system32\msidle.dll

Wed Apr 02 15:30:07 2008 => Scanning File C:\WINDOWS\system32\msidntld.dll

Wed Apr 02 15:30:07 2008 => Scanning File C:\WINDOWS\system32\msieftp.dll

Wed Apr 02 15:30:07 2008 => Scanning File C:\WINDOWS\system32\msiexec.exe

Wed Apr 02 15:30:07 2008 => Scanning File C:\WINDOWS\system32\msihnd.dll

Wed Apr 02 15:30:07 2008 => Scanning File C:\WINDOWS\system32\msimg32.dll

Wed Apr 02 15:30:07 2008 => Scanning File C:\WINDOWS\system32\msimsg.dll

Wed Apr 02 15:30:09 2008 => Scanning File C:\WINDOWS\system32\MSIMTF.dll

Wed Apr 02 15:30:09 2008 => Scanning File C:\WINDOWS\system32\msir3jp.dll

Wed Apr 02 15:30:10 2008 => Scanning File C:\WINDOWS\system32\msir3jp.lex

Wed Apr 02 15:30:10 2008 => Scanning File C:\WINDOWS\system32\msiregmv.exe

Wed Apr 02 15:30:10 2008 => Scanning File C:\WINDOWS\system32\msisam11.dll

Wed Apr 02 15:30:10 2008 => Scanning File C:\WINDOWS\system32\msisip.dll

Wed Apr 02 15:30:10 2008 => Scanning File C:\WINDOWS\system32\msjava.dll

Wed Apr 02 15:30:11 2008 => Scanning File C:\WINDOWS\system32\msjdbc10.dll

Wed Apr 02 15:30:11 2008 => Scanning File C:\WINDOWS\system32\msjet40.dll

Wed Apr 02 15:30:11 2008 => Scanning File C:\WINDOWS\system32\msjetoledb40.dll

Wed Apr 02 15:30:11 2008 => Scanning File C:\WINDOWS\system32\msjint40.dll

Wed Apr 02 15:30:12 2008 => Scanning File C:\WINDOWS\system32\msjter40.dll

Wed Apr 02 15:30:12 2008 => Scanning File C:\WINDOWS\system32\msjtes40.dll

Wed Apr 02 15:30:12 2008 => Scanning File C:\WINDOWS\system32\mslbui.dll

Wed Apr 02 15:30:12 2008 => Scanning File C:\WINDOWS\system32\MSLS2.DLL

Wed Apr 02 15:30:12 2008 => Scanning File C:\WINDOWS\system32\msls31.dll

Wed Apr 02 15:30:12 2008 => Scanning File C:\WINDOWS\system32\msltus40.dll

Wed Apr 02 15:30:13 2008 => Scanning File C:\WINDOWS\system32\msmask32.ocx

Wed Apr 02 15:30:13 2008 => Scanning File C:\WINDOWS\system32\msnetobj.dll

Wed Apr 02 15:30:13 2008 => Scanning File C:\WINDOWS\system32\msnsspc.dll

Wed Apr 02 15:30:13 2008 => Scanning File C:\WINDOWS\system32\msobjs.dll

Wed Apr 02 15:30:13 2008 => Scanning File C:\WINDOWS\system32\msoeacct.dll

Wed Apr 02 15:30:14 2008 => Scanning File C:\WINDOWS\system32\msoert2.dll

Wed Apr 02 15:30:14 2008 => Scanning File C:\WINDOWS\system32\msorc32r.dll

Wed Apr 02 15:30:14 2008 => Scanning File C:\WINDOWS\system32\msorcl32.dll

Wed Apr 02 15:30:14 2008 => Scanning File C:\WINDOWS\system32\mspatcha.dll

Wed Apr 02 15:30:14 2008 => Scanning File C:\WINDOWS\system32\mspbde40.dll

Wed Apr 02 15:30:14 2008 => Scanning File C:\WINDOWS\system32\mspmsnsv.dll

Wed Apr 02 15:30:15 2008 => Scanning File C:\WINDOWS\system32\mspmsp.dll

Wed Apr 02 15:30:15 2008 => Scanning File C:\WINDOWS\system32\mspmspsv.dll

Wed Apr 02 15:30:15 2008 => Scanning File C:\WINDOWS\system32\msports.dll

Wed Apr 02 15:30:15 2008 => Scanning File C:\WINDOWS\system32\msprivs.dll

Wed Apr 02 15:30:15 2008 => Scanning File C:\WINDOWS\system32\MSPRPFR.DLL

Wed Apr 02 15:30:15 2008 => Scanning File C:\WINDOWS\system32\msr2c.dll

Wed Apr 02 15:30:15 2008 => Scanning File C:\WINDOWS\system32\msr2cenu.dll

Wed Apr 02 15:30:15 2008 => Scanning File C:\WINDOWS\system32\msratelc.dll

Wed Apr 02 15:30:15 2008 => Scanning File C:\WINDOWS\system32\msrating.dll

Wed Apr 02 15:30:16 2008 => Scanning File C:\WINDOWS\system32\msrclr40.dll

Wed Apr 02 15:30:16 2008 => Scanning File C:\WINDOWS\system32\msrd2x40.dll

Wed Apr 02 15:30:16 2008 => Scanning File C:\WINDOWS\system32\msrd3x40.dll

Wed Apr 02 15:30:16 2008 => Scanning File C:\WINDOWS\system32\MSRDO20.DLL

Wed Apr 02 15:30:16 2008 => Scanning File C:\WINDOWS\system32\MSRECR40.DLL

Wed Apr 02 15:30:16 2008 => Scanning File C:\WINDOWS\system32\msrepl40.dll

Wed Apr 02 15:30:17 2008 => Scanning File C:\WINDOWS\system32\msrle32.dll

Wed Apr 02 15:30:17 2008 => Scanning File C:\WINDOWS\system32\MSRTEDIT.DLL

Wed Apr 02 15:30:17 2008 => Scanning File C:\WINDOWS\system32\mssap.dll

Wed Apr 02 15:30:17 2008 => Scanning File C:\WINDOWS\system32\msscds32.ax

Wed Apr 02 15:30:17 2008 => Scanning File C:\WINDOWS\system32\msscp.dll

Wed Apr 02 15:30:17 2008 => Scanning File C:\WINDOWS\system32\msscript.ocx

Wed Apr 02 15:30:18 2008 => Scanning File C:\WINDOWS\system32\mssecadv.dll

Wed Apr 02 15:30:18 2008 => Scanning File C:\WINDOWS\system32\mssign32.dll

Wed Apr 02 15:30:18 2008 => Scanning File C:\WINDOWS\system32\mssip32.dll

Wed Apr 02 15:30:18 2008 => Scanning File C:\WINDOWS\system32\msstdfmt.dll

Wed Apr 02 15:30:18 2008 => Scanning File C:\WINDOWS\system32\MSSTKPRP.DLL

Wed Apr 02 15:30:18 2008 => Scanning File C:\WINDOWS\system32\msswch.dll

Wed Apr 02 15:30:18 2008 => Scanning File C:\WINDOWS\system32\msswchx.exe

Wed Apr 02 15:30:18 2008 => Scanning File C:\WINDOWS\system32\mstask.dll

Wed Apr 02 15:30:19 2008 => Scanning File C:\WINDOWS\system32\mstext40.dll

Wed Apr 02 15:30:19 2008 => Scanning File C:\WINDOWS\system32\mstime.dll

Wed Apr 02 15:30:19 2008 => Scanning File C:\WINDOWS\system32\mstinit.exe

Wed Apr 02 15:30:19 2008 => Scanning File C:\WINDOWS\system32\mstlsapi.dll

Wed Apr 02 15:30:19 2008 => Scanning File C:\WINDOWS\system32\mstsc.exe

Wed Apr 02 15:30:19 2008 => Scanning File C:\WINDOWS\system32\mstscax.dll

Wed Apr 02 15:30:20 2008 => Scanning File C:\WINDOWS\system32\mstvca.dll

Wed Apr 02 15:30:20 2008 => Scanning File C:\WINDOWS\system32\mstvgs.dll

Wed Apr 02 15:30:20 2008 => Scanning File C:\WINDOWS\system32\msuni11.dll

Wed Apr 02 15:30:20 2008 => Scanning File C:\WINDOWS\system32\msutb.dll

Wed Apr 02 15:30:20 2008 => Scanning File C:\WINDOWS\system32\msv1_0.dll

Wed Apr 02 15:30:21 2008 => Scanning File C:\WINDOWS\system32\msvbvm50.dll

Wed Apr 02 15:30:21 2008 => Scanning File C:\WINDOWS\system32\msvbvm60.dll

Wed Apr 02 15:30:22 2008 => Scanning File C:\WINDOWS\system32\msvci70.dll

Wed Apr 02 15:30:22 2008 => Scanning File C:\WINDOWS\system32\msvcirt.dll

Wed Apr 02 15:30:22 2008 => Scanning File C:\WINDOWS\system32\msvcp50.dll

Wed Apr 02 15:30:22 2008 => Scanning File C:\WINDOWS\system32\msvcp60.dll

Wed Apr 02 15:30:22 2008 => Scanning File C:\WINDOWS\system32\msvcp70.dll

Wed Apr 02 15:30:22 2008 => Scanning File C:\WINDOWS\system32\msvcp71.dll

Wed Apr 02 15:30:23 2008 => Scanning File C:\WINDOWS\system32\msvcr70.dll

Wed Apr 02 15:30:23 2008 => Scanning File C:\WINDOWS\system32\msvcr71.dll

Wed Apr 02 15:30:23 2008 => Scanning File C:\WINDOWS\system32\msvcrt.dll

Wed Apr 02 15:30:23 2008 => Scanning File C:\WINDOWS\system32\msvcrt20.dll

Wed Apr 02 15:30:23 2008 => Scanning File C:\WINDOWS\system32\msvcrt40.dll

Wed Apr 02 15:30:23 2008 => Scanning File C:\WINDOWS\system32\msvfw32.dll

Wed Apr 02 15:30:24 2008 => Scanning File C:\WINDOWS\system32\msvidc32.dll

Wed Apr 02 15:30:24 2008 => Scanning File C:\WINDOWS\system32\msvidctl.dll

Wed Apr 02 15:30:24 2008 => Scanning File C:\WINDOWS\system32\msvideo.dll

Wed Apr 02 15:30:24 2008 => Scanning File C:\WINDOWS\system32\msw3prt.dll

Wed Apr 02 15:30:24 2008 => Scanning File C:\WINDOWS\system32\mswdat10.dll

Wed Apr 02 15:30:25 2008 => Scanning File C:\WINDOWS\system32\mswebdvd.dll

Wed Apr 02 15:30:25 2008 => Scanning File C:\WINDOWS\system32\MSWINSCK.OCX

Wed Apr 02 15:30:25 2008 => Scanning File C:\WINDOWS\system32\mswmdm.dll

Wed Apr 02 15:30:25 2008 => Scanning File C:\WINDOWS\system32\mswsock.dll

Wed Apr 02 15:30:25 2008 => Scanning File C:\WINDOWS\system32\mswstr10.dll

Wed Apr 02 15:30:25 2008 => Scanning File C:\WINDOWS\system32\msxbde40.dll

Wed Apr 02 15:30:26 2008 => Scanning File C:\WINDOWS\system32\msxml.dll

Wed Apr 02 15:30:26 2008 => Scanning File C:\WINDOWS\system32\msxml2.dll

Wed Apr 02 15:30:26 2008 => Scanning File C:\WINDOWS\system32\msxml2r.dll

Wed Apr 02 15:30:26 2008 => Scanning File C:\WINDOWS\system32\msxml3.dll

Wed Apr 02 15:30:27 2008 => Scanning File C:\WINDOWS\system32\msxml3a.dll

Wed Apr 02 15:30:27 2008 => Scanning File C:\WINDOWS\system32\msxml3r.dll

Wed Apr 02 15:30:27 2008 => Scanning File C:\WINDOWS\system32\msxml4.dll

Wed Apr 02 15:30:27 2008 => Scanning File C:\WINDOWS\system32\msxml4a.dll

Wed Apr 02 15:30:27 2008 => Scanning File C:\WINDOWS\system32\msxml4r.dll

Wed Apr 02 15:30:27 2008 => Scanning File C:\WINDOWS\system32\msxml6.dll

Wed Apr 02 15:30:27 2008 => Scanning File C:\WINDOWS\system32\msxml6r.dll

Wed Apr 02 15:30:27 2008 => Scanning File C:\WINDOWS\system32\msxmlr.dll

Wed Apr 02 15:30:27 2008 => Scanning File C:\WINDOWS\system32\msyuv.dll

Wed Apr 02 15:30:27 2008 => Scanning File C:\WINDOWS\system32\mtxclu.dll

Wed Apr 02 15:30:28 2008 => Scanning File C:\WINDOWS\system32\mtxdm.dll

Wed Apr 02 15:30:28 2008 => Scanning File C:\WINDOWS\system32\mtxex.dll

Wed Apr 02 15:30:28 2008 => Scanning File C:\WINDOWS\system32\mtxlegih.dll

Wed Apr 02 15:30:28 2008 => Scanning File C:\WINDOWS\system32\mtxoci.dll

Wed Apr 02 15:30:28 2008 => Scanning File C:\WINDOWS\system32\mtxparhd.dll

Wed Apr 02 15:30:28 2008 => Scanning File C:\WINDOWS\system32\mycomput.dll

Wed Apr 02 15:30:28 2008 => Scanning File C:\WINDOWS\system32\mydocs.dll

Wed Apr 02 15:30:28 2008 => Scanning File C:\WINDOWS\system32\narrator.exe

Wed Apr 02 15:30:29 2008 => Scanning File C:\WINDOWS\system32\narrhook.dll

Wed Apr 02 15:30:29 2008 => Scanning File C:\WINDOWS\system32\nbtstat.exe

Wed Apr 02 15:30:29 2008 => Scanning File C:\WINDOWS\system32\ncobjapi.dll

Wed Apr 02 15:30:29 2008 => Scanning File C:\WINDOWS\system32\ncpa.cpl

Wed Apr 02 15:30:29 2008 => Scanning File C:\WINDOWS\system32\ncpa.cpl.manifest

Wed Apr 02 15:30:29 2008 => Scanning File C:\WINDOWS\system32\ncxpnt.dll

Wed Apr 02 15:30:29 2008 => Scanning File C:\WINDOWS\system32\nddeapi.dll

Wed Apr 02 15:30:29 2008 => Scanning File C:\WINDOWS\system32\nddeapir.exe

Wed Apr 02 15:30:29 2008 => Scanning File C:\WINDOWS\system32\nddenb32.dll

Wed Apr 02 15:30:29 2008 => Scanning File C:\WINDOWS\system32\ndptsp.tsp

Wed Apr 02 15:30:29 2008 => Scanning File C:\WINDOWS\system32\net.exe

Wed Apr 02 15:30:30 2008 => Scanning File C:\WINDOWS\system32\net.hlp

Wed Apr 02 15:30:30 2008 => Scanning File C:\WINDOWS\system32\net1.exe

Wed Apr 02 15:30:30 2008 => Scanning File C:\WINDOWS\system32\netapi.dll

Wed Apr 02 15:30:30 2008 => Scanning File C:\WINDOWS\system32\netapi32.dll

Wed Apr 02 15:30:30 2008 => Scanning File C:\WINDOWS\system32\netcfgx.dll

Wed Apr 02 15:30:30 2008 => Scanning File C:\WINDOWS\system32\netdde.exe

Wed Apr 02 15:30:30 2008 => Scanning File C:\WINDOWS\system32\netevent.dll

Wed Apr 02 15:30:30 2008 => Scanning File C:\WINDOWS\system32\netfxperf.dll

Wed Apr 02 15:30:31 2008 => Scanning File C:\WINDOWS\system32\neth.dll

Wed Apr 02 15:30:31 2008 => Scanning File C:\WINDOWS\system32\netid.dll

Wed Apr 02 15:30:31 2008 => Scanning File C:\WINDOWS\system32\netlogon.dll

Wed Apr 02 15:30:31 2008 => Scanning File C:\WINDOWS\system32\netman.dll

Wed Apr 02 15:30:31 2008 => Scanning File C:\WINDOWS\system32\netmsg.dll

Wed Apr 02 15:30:31 2008 => Scanning File C:\WINDOWS\system32\netplwiz.dll

Wed Apr 02 15:30:32 2008 => Scanning File C:\WINDOWS\system32\netrap.dll

Wed Apr 02 15:30:32 2008 => Scanning File C:\WINDOWS\system32\netsetup.cpl

Wed Apr 02 15:30:32 2008 => Scanning File C:\WINDOWS\system32\netsetup.exe

Wed Apr 02 15:30:33 2008 => Scanning File C:\WINDOWS\system32\netsh.exe

Wed Apr 02 15:30:33 2008 => Scanning File C:\WINDOWS\system32\netshell.dll

Wed Apr 02 15:30:33 2008 => Scanning File C:\WINDOWS\system32\netstat.exe

Wed Apr 02 15:30:33 2008 => Scanning File C:\WINDOWS\system32\netui0.dll

Wed Apr 02 15:30:33 2008 => Scanning File C:\WINDOWS\system32\netui1.dll

Wed Apr 02 15:30:33 2008 => Scanning File C:\WINDOWS\system32\netui2.dll

Wed Apr 02 15:30:34 2008 => Scanning File C:\WINDOWS\system32\newdev.dll

Wed Apr 02 15:30:34 2008 => Scanning File C:\WINDOWS\system32\nlhtml.dll

Wed Apr 02 15:30:34 2008 => Scanning File C:\WINDOWS\system32\nlsdl.dll

Wed Apr 02 15:30:34 2008 => Scanning File C:\WINDOWS\system32\nlsfunc.exe

Wed Apr 02 15:30:34 2008 => Scanning File C:\WINDOWS\system32\nmevtmsg.dll

Wed Apr 02 15:30:34 2008 => Scanning File C:\WINDOWS\system32\nmmkcert.dll

Wed Apr 02 15:30:34 2008 => Scanning File C:\WINDOWS\system32\noise.chs

Wed Apr 02 15:30:34 2008 => Scanning File C:\WINDOWS\system32\noise.cht

Wed Apr 02 15:30:34 2008 => Scanning File C:\WINDOWS\system32\noise.dat

Wed Apr 02 15:30:35 2008 => Scanning File C:\WINDOWS\system32\noise.deu

Wed Apr 02 15:30:35 2008 => Scanning File C:\WINDOWS\system32\noise.eng

Wed Apr 02 15:30:35 2008 => Scanning File C:\WINDOWS\system32\noise.enu

Wed Apr 02 15:30:35 2008 => Scanning File C:\WINDOWS\system32\noise.esn

Wed Apr 02 15:30:35 2008 => Scanning File C:\WINDOWS\system32\noise.fra

Wed Apr 02 15:30:35 2008 => Scanning File C:\WINDOWS\system32\noise.ita

Wed Apr 02 15:30:35 2008 => Scanning File C:\WINDOWS\system32\noise.jpn

Wed Apr 02 15:30:35 2008 => Scanning File C:\WINDOWS\system32\noise.kor

Wed Apr 02 15:30:35 2008 => Scanning File C:\WINDOWS\system32\noise.nld

Wed Apr 02 15:30:35 2008 => Scanning File C:\WINDOWS\system32\noise.sve

Wed Apr 02 15:30:35 2008 => Scanning File C:\WINDOWS\system32\noise.tha

Wed Apr 02 15:30:35 2008 => Scanning File C:\WINDOWS\system32\normaliz.dll

Wed Apr 02 15:30:35 2008 => Scanning File C:\WINDOWS\system32\normidna.nls

Wed Apr 02 15:30:35 2008 => Scanning File C:\WINDOWS\system32\normnfc.nls

Wed Apr 02 15:30:35 2008 => Scanning File C:\WINDOWS\system32\normnfd.nls

Wed Apr 02 15:30:35 2008 => Scanning File C:\WINDOWS\system32\normnfkc.nls

Wed Apr 02 15:30:36 2008 => Scanning File C:\WINDOWS\system32\normnfkd.nls

Wed Apr 02 15:30:36 2008 => Scanning File C:\WINDOWS\system32\notepad.exe

Wed Apr 02 15:30:36 2008 => Scanning File C:\WINDOWS\system32\npptools.dll

Wed Apr 02 15:30:36 2008 => Scanning File C:\WINDOWS\system32\npwmsdrm.dll

Wed Apr 02 15:30:36 2008 => Scanning File C:\WINDOWS\system32\nscompat.tlb

Wed Apr 02 15:30:36 2008 => Scanning File C:\WINDOWS\system32\nslookup.exe

Wed Apr 02 15:30:36 2008 => Scanning File C:\WINDOWS\system32\ntdll.dll

Wed Apr 02 15:30:36 2008 => Scanning File C:\WINDOWS\system32\ntdos.sys

Wed Apr 02 15:30:36 2008 => Scanning File C:\WINDOWS\system32\ntdos404.sys

Wed Apr 02 15:30:36 2008 => Scanning File C:\WINDOWS\system32\ntdos411.sys

Wed Apr 02 15:30:37 2008 => Scanning File C:\WINDOWS\system32\ntdos412.sys

Wed Apr 02 15:30:37 2008 => Scanning File C:\WINDOWS\system32\ntdos804.sys

Wed Apr 02 15:30:37 2008 => Scanning File C:\WINDOWS\system32\ntdsapi.dll

Wed Apr 02 15:30:37 2008 => Scanning File C:\WINDOWS\system32\ntimage.gif

Wed Apr 02 15:30:37 2008 => Scanning File C:\WINDOWS\system32\ntio.sys

Wed Apr 02 15:30:37 2008 => Scanning File C:\WINDOWS\system32\ntio404.sys

Wed Apr 02 15:30:37 2008 => Scanning File C:\WINDOWS\system32\ntio411.sys

Wed Apr 02 15:30:37 2008 => Scanning File C:\WINDOWS\system32\ntio412.sys

Wed Apr 02 15:30:37 2008 => Scanning File C:\WINDOWS\system32\ntio804.sys

Wed Apr 02 15:30:37 2008 => Scanning File C:\WINDOWS\system32\ntkrnlpa.exe

Wed Apr 02 15:30:38 2008 => Scanning File C:\WINDOWS\system32\ntlanman.dll

Wed Apr 02 15:30:38 2008 => Scanning File C:\WINDOWS\system32\ntlanui.dll

Wed Apr 02 15:30:38 2008 => Scanning File C:\WINDOWS\system32\ntlanui2.dll

Wed Apr 02 15:30:38 2008 => Scanning File C:\WINDOWS\system32\ntlsapi.dll

Wed Apr 02 15:30:38 2008 => Scanning File C:\WINDOWS\system32\ntmarta.dll

Wed Apr 02 15:30:38 2008 => Scanning File C:\WINDOWS\system32\ntmsapi.dll

Wed Apr 02 15:30:38 2008 => Scanning File C:\WINDOWS\system32\ntmsdba.dll

Wed Apr 02 15:30:39 2008 => Scanning File C:\WINDOWS\system32\ntmsevt.dll

Wed Apr 02 15:30:39 2008 => Scanning File C:\WINDOWS\system32\ntmsmgr.dll

Wed Apr 02 15:30:39 2008 => Scanning File C:\WINDOWS\system32\ntmsmgr.msc

Wed Apr 02 15:30:39 2008 => Scanning File C:\WINDOWS\system32\ntmsoprq.msc

Wed Apr 02 15:30:39 2008 => Scanning File C:\WINDOWS\system32\ntmssvc.dll

Wed Apr 02 15:30:39 2008 => Scanning File C:\WINDOWS\system32\ntoskrnl.exe

Wed Apr 02 15:30:40 2008 => Scanning File C:\WINDOWS\system32\ntprint.dll

Wed Apr 02 15:30:40 2008 => Scanning File C:\WINDOWS\system32\ntsd.exe

Wed Apr 02 15:30:40 2008 => Scanning File C:\WINDOWS\system32\ntsdexts.dll

Wed Apr 02 15:30:40 2008 => Scanning File C:\WINDOWS\system32\ntshrui.dll

Wed Apr 02 15:30:41 2008 => Scanning File C:\WINDOWS\system32\ntvdm.exe

Wed Apr 02 15:30:41 2008 => Scanning File C:\WINDOWS\system32\ntvdmd.dll

Wed Apr 02 15:30:41 2008 => Scanning File C:\WINDOWS\system32\nusrmgr.cpl

Wed Apr 02 15:30:41 2008 => Scanning File C:\WINDOWS\system32\nv4_disp.dll

Wed Apr 02 15:30:41 2008 => Scanning File C:\WINDOWS\system32\nwc.cpl.manifest

Wed Apr 02 15:30:41 2008 => Scanning File C:\WINDOWS\system32\nwprovau.dll

Wed Apr 02 15:30:42 2008 => Scanning File C:\WINDOWS\system32\oakley.dll

Wed Apr 02 15:30:42 2008 => Scanning File C:\WINDOWS\system32\objsel.dll

Wed Apr 02 15:30:42 2008 => Scanning File C:\WINDOWS\system32\occache.dll

Wed Apr 02 15:30:42 2008 => Scanning File C:\WINDOWS\system32\ocmanage.dll

Wed Apr 02 15:30:42 2008 => Scanning File C:\WINDOWS\system32\odbc16gt.dll

Wed Apr 02 15:30:42 2008 => Scanning File C:\WINDOWS\system32\odbc32(2).dll

Wed Apr 02 15:30:42 2008 => Scanning File C:\WINDOWS\system32\odbc32.dll

Wed Apr 02 15:30:43 2008 => Scanning File C:\WINDOWS\system32\odbc32gt.dll

Wed Apr 02 15:30:43 2008 => Scanning File C:\WINDOWS\system32\odbcad32.exe

Wed Apr 02 15:30:43 2008 => Scanning File C:\WINDOWS\system32\odbcbcp.dll

Wed Apr 02 15:30:43 2008 => Scanning File C:\WINDOWS\system32\odbcconf.dll

Wed Apr 02 15:30:43 2008 => Scanning File C:\WINDOWS\system32\odbcconf.exe

Wed Apr 02 15:30:43 2008 => Scanning File C:\WINDOWS\system32\odbcconf.rsp

Wed Apr 02 15:30:43 2008 => Scanning File C:\WINDOWS\system32\odbccp32.cpl

Wed Apr 02 15:30:43 2008 => Scanning File C:\WINDOWS\system32\odbccp32.dll

Wed Apr 02 15:30:43 2008 => Scanning File C:\WINDOWS\system32\odbccr32.dll

Wed Apr 02 15:30:44 2008 => Scanning File C:\WINDOWS\system32\odbccu32.dll

Wed Apr 02 15:30:44 2008 => Scanning File C:\WINDOWS\system32\odbcint.dll

Wed Apr 02 15:30:44 2008 => Scanning File C:\WINDOWS\system32\odbcji32.dll

Wed Apr 02 15:30:44 2008 => Scanning File C:\WINDOWS\system32\odbcjt32.dll

Wed Apr 02 15:30:44 2008 => Scanning File C:\WINDOWS\system32\odbcp32r.dll

Wed Apr 02 15:30:44 2008 => Scanning File C:\WINDOWS\system32\odbctrac.dll

Wed Apr 02 15:30:44 2008 => Scanning File C:\WINDOWS\system32\oddbse32.dll

Wed Apr 02 15:30:44 2008 => Scanning File C:\WINDOWS\system32\odexl32.dll

Wed Apr 02 15:30:44 2008 => Scanning File C:\WINDOWS\system32\odfox32.dll

Wed Apr 02 15:30:45 2008 => Scanning File C:\WINDOWS\system32\odpdx32.dll

Wed Apr 02 15:30:45 2008 => Scanning File C:\WINDOWS\system32\odtext32.dll

Wed Apr 02 15:30:45 2008 => *** File C:\WINDOWS\system32\oembios.bin having Size Restriction ***

Wed Apr 02 15:30:45 2008 => Scanning File C:\WINDOWS\system32\oembios.bin [**]

Wed Apr 02 15:30:45 2008 => Scanning File C:\WINDOWS\system32\oembios.dat

Wed Apr 02 15:30:45 2008 => Scanning File C:\WINDOWS\system32\oembios.sig

Wed Apr 02 15:30:45 2008 => Scanning File C:\WINDOWS\system32\offfilt.dll

Wed Apr 02 15:30:45 2008 => Scanning File C:\WINDOWS\system32\OGACheckControl.DLL

Wed Apr 02 15:30:45 2008 => Scanning File C:\WINDOWS\system32\ole2.dll

Wed Apr 02 15:30:45 2008 => Scanning File C:\WINDOWS\system32\ole2disp.dll

Wed Apr 02 15:30:46 2008 => Scanning File C:\WINDOWS\system32\ole2nls.dll

Wed Apr 02 15:30:46 2008 => Scanning File C:\WINDOWS\system32\ole32.dll

Wed Apr 02 15:30:46 2008 => Scanning File C:\WINDOWS\system32\oleacc.dll

Wed Apr 02 15:30:46 2008 => Scanning File C:\WINDOWS\system32\oleaccrc.dll

Wed Apr 02 15:30:46 2008 => Scanning File C:\WINDOWS\system32\oleaut32.dll

Wed Apr 02 15:30:46 2008 => Scanning File C:\WINDOWS\system32\olecli.dll

Wed Apr 02 15:30:46 2008 => Scanning File C:\WINDOWS\system32\olecli32.dll

Wed Apr 02 15:30:46 2008 => Scanning File C:\WINDOWS\system32\olecnv32.dll

Wed Apr 02 15:30:46 2008 => Scanning File C:\WINDOWS\system32\oledlg.dll

Wed Apr 02 15:30:46 2008 => Scanning File C:\WINDOWS\system32\oleprn.dll

Wed Apr 02 15:30:47 2008 => Scanning File C:\WINDOWS\system32\olepro32.dll

Wed Apr 02 15:30:47 2008 => Scanning File C:\WINDOWS\system32\olesvr.dll

Wed Apr 02 15:30:47 2008 => Scanning File C:\WINDOWS\system32\olesvr32.dll

Wed Apr 02 15:30:47 2008 => Scanning File C:\WINDOWS\system32\olethk32.dll

Wed Apr 02 15:30:47 2008 => Scanning File C:\WINDOWS\system32\opengl32.dll

Wed Apr 02 15:30:47 2008 => Scanning File C:\WINDOWS\system32\osk.exe

Wed Apr 02 15:30:48 2008 => Scanning File C:\WINDOWS\system32\osuninst.dll

Wed Apr 02 15:30:48 2008 => Scanning File C:\WINDOWS\system32\osuninst.exe

Wed Apr 02 15:30:48 2008 => Scanning File C:\WINDOWS\system32\OUTLWAB.DLL

Wed Apr 02 15:30:48 2008 => Scanning File C:\WINDOWS\system32\p2p.dll

Wed Apr 02 15:30:48 2008 => Scanning File C:\WINDOWS\system32\p2pgasvc.dll

Wed Apr 02 15:30:48 2008 => Scanning File C:\WINDOWS\system32\p2pgraph.dll

Wed Apr 02 15:30:48 2008 => Scanning File C:\WINDOWS\system32\p2pnetsh.dll

Wed Apr 02 15:30:48 2008 => Scanning File C:\WINDOWS\system32\p2psvc.dll

Wed Apr 02 15:30:49 2008 => Scanning File C:\WINDOWS\system32\packager.exe

Wed Apr 02 15:30:49 2008 => Scanning File C:\WINDOWS\system32\panmap.dll

Wed Apr 02 15:30:49 2008 => Scanning File C:\WINDOWS\system32\paqsp.dll

Wed Apr 02 15:30:49 2008 => Scanning File C:\WINDOWS\system32\patchver.txt

Wed Apr 02 15:30:49 2008 => Scanning File C:\WINDOWS\system32\pathping.exe

Wed Apr 02 15:30:49 2008 => Scanning File C:\WINDOWS\system32\pautoenr.dll

Wed Apr 02 15:30:49 2008 => Scanning File C:\WINDOWS\system32\PCANDIS5.SYS

Wed Apr 02 15:30:50 2008 => Scanning File C:\WINDOWS\system32\PCDLIB32.DLL

Wed Apr 02 15:30:50 2008 => Scanning File C:\WINDOWS\system32\pcl.sep

Wed Apr 02 15:30:50 2008 => Scanning File C:\WINDOWS\system32\pdh.dll

Wed Apr 02 15:30:50 2008 => Scanning File C:\WINDOWS\system32\pentnt.exe

Wed Apr 02 15:30:50 2008 => Scanning File C:\WINDOWS\system32\perfci.h

Wed Apr 02 15:30:50 2008 => Scanning File C:\WINDOWS\system32\perfci.ini

Wed Apr 02 15:30:50 2008 => Scanning File C:\WINDOWS\system32\perfctrs.dll

Wed Apr 02 15:30:50 2008 => Scanning File C:\WINDOWS\system32\perfd009.dat

Wed Apr 02 15:30:50 2008 => Scanning File C:\WINDOWS\system32\perfd00C.dat

Wed Apr 02 15:30:50 2008 => Scanning File C:\WINDOWS\system32\perfdisk.dll

Wed Apr 02 15:30:51 2008 => Scanning File C:\WINDOWS\system32\perffilt.h

Wed Apr 02 15:30:51 2008 => Scanning File C:\WINDOWS\system32\perffilt.ini

Wed Apr 02 15:30:51 2008 => Scanning File C:\WINDOWS\system32\perfi009.dat

Wed Apr 02 15:30:51 2008 => Scanning File C:\WINDOWS\system32\perfi00C.dat

Wed Apr 02 15:30:51 2008 => Scanning File C:\WINDOWS\system32\perfmon.exe

Wed Apr 02 15:30:51 2008 => Scanning File C:\WINDOWS\system32\perfmon.msc

Wed Apr 02 15:30:51 2008 => Scanning File C:\WINDOWS\system32\perfnet.dll

Wed Apr 02 15:30:51 2008 => Scanning File C:\WINDOWS\system32\perfos.dll

Wed Apr 02 15:30:51 2008 => Scanning File C:\WINDOWS\system32\perfproc.dll

Wed Apr 02 15:30:51 2008 => Scanning File C:\WINDOWS\system32\PerfStringBackup.INI

Wed Apr 02 15:30:51 2008 => Scanning File C:\WINDOWS\system32\PerfStringBackup.TMP

Wed Apr 02 15:30:51 2008 => Scanning File C:\WINDOWS\system32\perfts.dll

Wed Apr 02 15:30:51 2008 => Scanning File C:\WINDOWS\system32\perfwci.h

Wed Apr 02 15:30:52 2008 => Scanning File C:\WINDOWS\system32\perfwci.ini

Wed Apr 02 15:30:52 2008 => Scanning File C:\WINDOWS\system32\phon.ime

Wed Apr 02 15:30:52 2008 => Scanning File C:\WINDOWS\system32\phon.tbl

Wed Apr 02 15:30:52 2008 => Scanning File C:\WINDOWS\system32\phoncode.tbl

Wed Apr 02 15:30:52 2008 => Scanning File C:\WINDOWS\system32\phonptr.tbl

Wed Apr 02 15:30:52 2008 => Scanning File C:\WINDOWS\system32\photowiz.dll

Wed Apr 02 15:30:52 2008 => Scanning File C:\WINDOWS\system32\PICEntry.dll

Wed Apr 02 15:30:52 2008 => Scanning File C:\WINDOWS\system32\picn20.dll

Wed Apr 02 15:30:52 2008 => Scanning File C:\WINDOWS\system32\PICSDK.dll

Wed Apr 02 15:30:52 2008 => Scanning File C:\WINDOWS\system32\PICSDK.ini

Wed Apr 02 15:30:53 2008 => Scanning File C:\WINDOWS\system32\PICSDK2.dll

Wed Apr 02 15:30:53 2008 => Scanning File C:\WINDOWS\system32\pid.dll

Wed Apr 02 15:30:53 2008 => Scanning File C:\WINDOWS\system32\pidgen.dll

Wed Apr 02 15:30:53 2008 => Scanning File C:\WINDOWS\system32\pifmgr.dll

Wed Apr 02 15:30:53 2008 => Scanning File C:\WINDOWS\system32\ping.exe

Wed Apr 02 15:30:53 2008 => Scanning File C:\WINDOWS\system32\ping6.exe

Wed Apr 02 15:30:53 2008 => Scanning File C:\WINDOWS\system32\pjlmon.dll

Wed Apr 02 15:30:54 2008 => Scanning File C:\WINDOWS\system32\plustab.dll

Wed Apr 02 15:30:54 2008 => Scanning File C:\WINDOWS\system32\pmspl.dll

Wed Apr 02 15:30:54 2008 => Scanning File C:\WINDOWS\system32\pngfilt.dll

Wed Apr 02 15:30:54 2008 => Scanning File C:\WINDOWS\system32\pnrpnsp.dll

Wed Apr 02 15:30:54 2008 => Scanning File C:\WINDOWS\system32\polstore.dll

Wed Apr 02 15:30:54 2008 => Scanning File C:\WINDOWS\system32\popupblocker231.ico

Wed Apr 02 15:30:54 2008 => Scanning File C:\WINDOWS\system32\PortableDeviceApi.dll

Wed Apr 02 15:30:54 2008 => Scanning File C:\WINDOWS\system32\PortableDeviceClassExtension.dll

Wed Apr 02 15:30:54 2008 => Scanning File C:\WINDOWS\system32\PortableDeviceTypes.dll

Wed Apr 02 15:30:54 2008 => Scanning File C:\WINDOWS\system32\PortableDeviceWiaCompat.dll

Wed Apr 02 15:30:55 2008 => Scanning File C:\WINDOWS\system32\PortableDeviceWMDRM.dll

Wed Apr 02 15:30:55 2008 => Scanning File C:\WINDOWS\system32\powercfg.cpl

Wed Apr 02 15:30:55 2008 => Scanning File C:\WINDOWS\system32\powercfg.exe

Wed Apr 02 15:30:55 2008 => Scanning File C:\WINDOWS\system32\powrprof.dll

Wed Apr 02 15:30:55 2008 => Scanning File C:\WINDOWS\system32\prc.nls

Wed Apr 02 15:30:55 2008 => Scanning File C:\WINDOWS\system32\prcp.nls

Wed Apr 02 15:30:55 2008 => Scanning File C:\WINDOWS\system32\prflbmsg.dll

Wed Apr 02 15:30:55 2008 => Scanning File C:\WINDOWS\system32\print.exe

Wed Apr 02 15:30:55 2008 => Scanning File C:\WINDOWS\system32\printui.dll

Wed Apr 02 15:30:56 2008 => Scanning File C:\WINDOWS\system32\proctexe.ocx

Wed Apr 02 15:30:56 2008 => Scanning File C:\WINDOWS\system32\prodspec.ini

Wed Apr 02 15:30:56 2008 => Scanning File C:\WINDOWS\system32\profmap.dll

Wed Apr 02 15:30:56 2008 => Scanning File C:\WINDOWS\system32\progman.exe

Wed Apr 02 15:30:56 2008 => Scanning File C:\WINDOWS\system32\proquota.exe

Wed Apr 02 15:30:56 2008 => Scanning File C:\WINDOWS\system32\proxycfg.exe

Wed Apr 02 15:30:56 2008 => Scanning File C:\WINDOWS\system32\psapi.dll

Wed Apr 02 15:30:56 2008 => Scanning File C:\WINDOWS\system32\psbase.dll

Wed Apr 02 15:30:56 2008 => Scanning File C:\WINDOWS\system32\pschdcnt.h

Wed Apr 02 15:30:56 2008 => Scanning File C:\WINDOWS\system32\pschdprf.dll

Wed Apr 02 15:30:57 2008 => Scanning File C:\WINDOWS\system32\pschdprf.ini

Wed Apr 02 15:30:57 2008 => Scanning File C:\WINDOWS\system32\pscript.sep

Wed Apr 02 15:30:57 2008 => Scanning File C:\WINDOWS\system32\psnppagn.dll

Wed Apr 02 15:30:57 2008 => Scanning File C:\WINDOWS\system32\pstorec.dll

Wed Apr 02 15:30:57 2008 => Scanning File C:\WINDOWS\system32\pstorsvc.dll

Wed Apr 02 15:30:57 2008 => Scanning File C:\WINDOWS\system32\ptpusb.dll

Wed Apr 02 15:30:57 2008 => Scanning File C:\WINDOWS\system32\ptpusd.dll

Wed Apr 02 15:30:57 2008 => Scanning File C:\WINDOWS\system32\PUB3BRSH.ANI

Wed Apr 02 15:30:57 2008 => Scanning File C:\WINDOWS\system32\PUBDLG.DLL

Wed Apr 02 15:30:57 2008 => Scanning File C:\WINDOWS\system32\pubprn.vbs

Wed Apr 02 15:30:57 2008 => Scanning File C:\WINDOWS\system32\px.dll

Wed Apr 02 15:30:58 2008 => Scanning File C:\WINDOWS\system32\PxCpyA64.exe

Wed Apr 02 15:30:58 2008 => Scanning File C:\WINDOWS\system32\PxCpyI64.exe

Wed Apr 02 15:30:58 2008 => Scanning File C:\WINDOWS\system32\pxdrv.dll

Wed Apr 02 15:30:58 2008 => Scanning File C:\WINDOWS\system32\pxhpinst.exe

Wed Apr 02 15:30:58 2008 => Scanning File C:\WINDOWS\system32\PxInsA64.exe

Wed Apr 02 15:30:58 2008 => Scanning File C:\WINDOWS\system32\PxInsI64.exe

Wed Apr 02 15:30:59 2008 => Scanning File C:\WINDOWS\system32\pxmas.dll

Wed Apr 02 15:30:59 2008 => Scanning File C:\WINDOWS\system32\pxsfs.dll

Wed Apr 02 15:30:59 2008 => Scanning File C:\WINDOWS\system32\pxwave.dll

Wed Apr 02 15:31:00 2008 => Scanning File C:\WINDOWS\system32\qappsrv.exe

Wed Apr 02 15:31:00 2008 => Scanning File C:\WINDOWS\system32\qasf.dll

Wed Apr 02 15:31:00 2008 => Scanning File C:\WINDOWS\system32\qcap.dll

Wed Apr 02 15:31:00 2008 => Scanning File C:\WINDOWS\system32\qcut.dll

Wed Apr 02 15:31:00 2008 => Scanning File C:\WINDOWS\system32\qdv.dll

Wed Apr 02 15:31:00 2008 => Scanning File C:\WINDOWS\system32\qdvd.dll

Wed Apr 02 15:31:01 2008 => Scanning File C:\WINDOWS\system32\qedit.dll

Wed Apr 02 15:31:01 2008 => Scanning File C:\WINDOWS\system32\qedwipes.dll

Wed Apr 02 15:31:02 2008 => Scanning File C:\WINDOWS\system32\qmgr.dll

Wed Apr 02 15:31:02 2008 => Scanning File C:\WINDOWS\system32\qmgrprxy.dll

Wed Apr 02 15:31:02 2008 => Scanning File C:\WINDOWS\system32\qosname.dll

Wed Apr 02 15:31:02 2008 => Scanning File C:\WINDOWS\system32\qprocess.exe

Wed Apr 02 15:31:02 2008 => Scanning File C:\WINDOWS\system32\qt-dx331.dll

Wed Apr 02 15:31:03 2008 => Scanning File C:\WINDOWS\system32\quartz.dll

Wed Apr 02 15:31:03 2008 => Scanning File C:\WINDOWS\system32\quartz.vxd

Wed Apr 02 15:31:03 2008 => Scanning File C:\WINDOWS\system32\query.dll

Wed Apr 02 15:31:03 2008 => Scanning File C:\WINDOWS\system32\quick.ime

Wed Apr 02 15:31:03 2008 => Scanning File C:\WINDOWS\system32\QuickTime.qtp

Wed Apr 02 15:31:03 2008 => Scanning File C:\WINDOWS\system32\qwinsta.exe

Wed Apr 02 15:31:03 2008 => Scanning File C:\WINDOWS\system32\Raccourci vers notepad.exe.lnk

Wed Apr 02 15:31:03 2008 => Scanning File C:\WINDOWS\system32\racpldlg.dll

Wed Apr 02 15:31:03 2008 => Scanning File C:\WINDOWS\system32\rasadhlp.dll

Wed Apr 02 15:31:04 2008 => Scanning File C:\WINDOWS\system32\rasapi32.dll

Wed Apr 02 15:31:04 2008 => Scanning File C:\WINDOWS\system32\rasauto.dll

Wed Apr 02 15:31:04 2008 => Scanning File C:\WINDOWS\system32\rasautou.exe

Wed Apr 02 15:31:04 2008 => Scanning File C:\WINDOWS\system32\raschap.dll

Wed Apr 02 15:31:04 2008 => Scanning File C:\WINDOWS\system32\rasctrnm.h

Wed Apr 02 15:31:04 2008 => Scanning File C:\WINDOWS\system32\rasctrs.dll

Wed Apr 02 15:31:04 2008 => Scanning File C:\WINDOWS\system32\rasctrs.ini

Wed Apr 02 15:31:04 2008 => Scanning File C:\WINDOWS\system32\rasdial.exe

Wed Apr 02 15:31:04 2008 => Scanning File C:\WINDOWS\system32\rasdlg.dll

Wed Apr 02 15:31:04 2008 => Scanning File C:\WINDOWS\system32\rasman.dll

Wed Apr 02 15:31:04 2008 => Scanning File C:\WINDOWS\system32\rasmans.dll

Wed Apr 02 15:31:05 2008 => Scanning File C:\WINDOWS\system32\rasmontr.dll

Wed Apr 02 15:31:05 2008 => Scanning File C:\WINDOWS\system32\rasmxs.dll

Wed Apr 02 15:31:05 2008 => Scanning File C:\WINDOWS\system32\rasphone.exe

Wed Apr 02 15:31:05 2008 => Scanning File C:\WINDOWS\system32\rasppp.dll

Wed Apr 02 15:31:05 2008 => Scanning File C:\WINDOWS\system32\rasrad.dll

Wed Apr 02 15:31:05 2008 => Scanning File C:\WINDOWS\system32\rassapi.dll

Wed Apr 02 15:31:05 2008 => Scanning File C:\WINDOWS\system32\rasser.dll

Wed Apr 02 15:31:05 2008 => Scanning File C:\WINDOWS\system32\rastapi.dll

Wed Apr 02 15:31:05 2008 => Scanning File C:\WINDOWS\system32\rastls.dll

Wed Apr 02 15:31:05 2008 => Scanning File C:\WINDOWS\system32\rcbdyctl.dll

Wed Apr 02 15:31:06 2008 => Scanning File C:\WINDOWS\system32\rcimlby.exe

Wed Apr 02 15:31:06 2008 => Scanning File C:\WINDOWS\system32\rcp.exe

Wed Apr 02 15:31:06 2008 => Scanning File C:\WINDOWS\system32\rdchost.dll

Wed Apr 02 15:31:06 2008 => Scanning File C:\WINDOWS\system32\RDOCURS.DLL

Wed Apr 02 15:31:06 2008 => Scanning File C:\WINDOWS\system32\rdpcfgex.dll

Wed Apr 02 15:31:06 2008 => Scanning File C:\WINDOWS\system32\rdpclip.exe

Wed Apr 02 15:31:06 2008 => Scanning File C:\WINDOWS\system32\rdpdd.dll

Wed Apr 02 15:31:06 2008 => Scanning File C:\WINDOWS\system32\rdpsnd.dll

Wed Apr 02 15:31:07 2008 => Scanning File C:\WINDOWS\system32\rdpwsx.dll

Wed Apr 02 15:31:07 2008 => Scanning File C:\WINDOWS\system32\rdsaddin.exe

Wed Apr 02 15:31:07 2008 => Scanning File C:\WINDOWS\system32\rdshost.exe

Wed Apr 02 15:31:07 2008 => Scanning File C:\WINDOWS\system32\recover.exe

Wed Apr 02 15:31:07 2008 => Scanning File C:\WINDOWS\system32\redir.exe

Wed Apr 02 15:31:07 2008 => Scanning File C:\WINDOWS\system32\reg.exe

Wed Apr 02 15:31:07 2008 => Scanning File C:\WINDOWS\system32\regapi.dll

Wed Apr 02 15:31:07 2008 => Scanning File C:\WINDOWS\system32\regedt32.exe

Wed Apr 02 15:31:07 2008 => Scanning File C:\WINDOWS\system32\regini.exe

Wed Apr 02 15:31:07 2008 => Scanning File C:\WINDOWS\system32\regsvc.dll

Wed Apr 02 15:31:07 2008 => Scanning File C:\WINDOWS\system32\regsvr32.exe

Wed Apr 02 15:31:08 2008 => Scanning File C:\WINDOWS\system32\regwiz.exe

Wed Apr 02 15:31:08 2008 => Scanning File C:\WINDOWS\system32\regwizc.dll

Wed Apr 02 15:31:08 2008 => Scanning File C:\WINDOWS\system32\remotepg.dll

Wed Apr 02 15:31:08 2008 => Scanning File C:\WINDOWS\system32\remotesp.tsp

Wed Apr 02 15:31:08 2008 => Scanning File C:\WINDOWS\system32\rend.dll

Wed Apr 02 15:31:08 2008 => Scanning File C:\WINDOWS\system32\replace.exe

Wed Apr 02 15:31:08 2008 => Scanning File C:\WINDOWS\system32\reset.exe

Wed Apr 02 15:31:08 2008 => Scanning File C:\WINDOWS\system32\resutils.dll

Wed Apr 02 15:31:08 2008 => Scanning File C:\WINDOWS\system32\rexec.exe

Wed Apr 02 15:31:09 2008 => Scanning File C:\WINDOWS\system32\riched20.dll

Wed Apr 02 15:31:09 2008 => Scanning File C:\WINDOWS\system32\riched32.dll

Wed Apr 02 15:31:09 2008 => Scanning File C:\WINDOWS\system32\Richtx32.ocx

Wed Apr 02 15:31:09 2008 => Scanning File C:\WINDOWS\system32\river.log

Wed Apr 02 15:31:09 2008 => Scanning File C:\WINDOWS\system32\rnaph.dll [**]

Wed Apr 02 15:31:09 2008 => Scanning File C:\WINDOWS\system32\rnr20.dll

Wed Apr 02 15:31:09 2008 => Scanning File C:\WINDOWS\system32\Roboex32.dll

Wed Apr 02 15:31:10 2008 => Scanning File C:\WINDOWS\system32\romanime.ime

Wed Apr 02 15:31:10 2008 => Scanning File C:\WINDOWS\system32\route.exe

Wed Apr 02 15:31:10 2008 => Scanning File C:\WINDOWS\system32\routemon.exe

Wed Apr 02 15:31:10 2008 => Scanning File C:\WINDOWS\system32\routetab.dll

Wed Apr 02 15:31:10 2008 => Scanning File C:\WINDOWS\system32\rpcns4.dll

Wed Apr 02 15:31:10 2008 => Scanning File C:\WINDOWS\system32\rpcrt4.dll

Wed Apr 02 15:31:11 2008 => Scanning File C:\WINDOWS\system32\rpcss.dll

Wed Apr 02 15:31:11 2008 => Scanning File C:\WINDOWS\system32\rsaci.rat

Wed Apr 02 15:31:11 2008 => Scanning File C:\WINDOWS\system32\rsaenh.dll

Wed Apr 02 15:31:11 2008 => Scanning File C:\WINDOWS\system32\rsh.exe

Wed Apr 02 15:31:11 2008 => Scanning File C:\WINDOWS\system32\rshx32.dll

Wed Apr 02 15:31:11 2008 => Scanning File C:\WINDOWS\system32\rsm.exe

Wed Apr 02 15:31:11 2008 => Scanning File C:\WINDOWS\system32\rsmps.dll

Wed Apr 02 15:31:11 2008 => Scanning File C:\WINDOWS\system32\rsmsink.exe

Wed Apr 02 15:31:11 2008 => Scanning File C:\WINDOWS\system32\rsmui.exe

Wed Apr 02 15:31:11 2008 => Scanning File C:\WINDOWS\system32\rsvp.exe

Wed Apr 02 15:31:11 2008 => Scanning File C:\WINDOWS\system32\rsvp.ini

Wed Apr 02 15:31:11 2008 => Scanning File C:\WINDOWS\system32\rsvpcnts.h

Wed Apr 02 15:31:12 2008 => Scanning File C:\WINDOWS\system32\rsvpmsg.dll

Wed Apr 02 15:31:12 2008 => Scanning File C:\WINDOWS\system32\rsvpperf.dll

Wed Apr 02 15:31:12 2008 => Scanning File C:\WINDOWS\system32\rsvpsp.dll

Wed Apr 02 15:31:12 2008 => Scanning File C:\WINDOWS\system32\RTCRES.dll

Wed Apr 02 15:31:12 2008 => Scanning File C:\WINDOWS\system32\rtcshare.exe

Wed Apr 02 15:31:12 2008 => Scanning File C:\WINDOWS\system32\rtipxmib.dll

Wed Apr 02 15:31:12 2008 => Scanning File C:\WINDOWS\system32\rtl60.bpl

Wed Apr 02 15:31:13 2008 => Scanning File C:\WINDOWS\system32\rtm.dll

Wed Apr 02 15:31:13 2008 => Scanning File C:\WINDOWS\system32\rtutils.dll

Wed Apr 02 15:31:13 2008 => Scanning File C:\WINDOWS\system32\runas.exe

Wed Apr 02 15:31:13 2008 => Scanning File C:\WINDOWS\system32\rundll32.exe

Wed Apr 02 15:31:13 2008 => Scanning File C:\WINDOWS\system32\runonce.exe

Wed Apr 02 15:31:13 2008 => Scanning File C:\WINDOWS\system32\rwinsta.exe

Wed Apr 02 15:31:13 2008 => Scanning File C:\WINDOWS\system32\s3gnb.dll

Wed Apr 02 15:31:14 2008 => Scanning File C:\WINDOWS\system32\safrcdlg.dll

Wed Apr 02 15:31:14 2008 => Scanning File C:\WINDOWS\system32\safrdm.dll

Wed Apr 02 15:31:14 2008 => Scanning File C:\WINDOWS\system32\safrslv.dll

Wed Apr 02 15:31:14 2008 => Scanning File C:\WINDOWS\system32\samlib.dll

Wed Apr 02 15:31:14 2008 => Scanning File C:\WINDOWS\system32\samsrv.dll

Wed Apr 02 15:31:14 2008 => Scanning File C:\WINDOWS\system32\sapi.cpl.manifest

Wed Apr 02 15:31:14 2008 => Scanning File C:\WINDOWS\system32\sarehpltba.exe.xpx

Wed Apr 02 15:31:14 2008 => Scanning File C:\WINDOWS\system32\savedump.exe

Wed Apr 02 15:31:15 2008 => Scanning File C:\WINDOWS\system32\sbe.dll

Wed Apr 02 15:31:15 2008 => Scanning File C:\WINDOWS\system32\sbeio.dll

Wed Apr 02 15:31:15 2008 => Scanning File C:\WINDOWS\system32\sc.exe

Wed Apr 02 15:31:15 2008 => Scanning File C:\WINDOWS\system32\scarddlg.dll

Wed Apr 02 15:31:15 2008 => Scanning File C:\WINDOWS\system32\scardssp.dll

Wed Apr 02 15:31:15 2008 => Scanning File C:\WINDOWS\system32\scardsvr.exe

Wed Apr 02 15:31:15 2008 => Scanning File C:\WINDOWS\system32\sccbase.dll

Wed Apr 02 15:31:16 2008 => Scanning File C:\WINDOWS\system32\sccsccp.dll

Wed Apr 02 15:31:16 2008 => Scanning File C:\WINDOWS\system32\scecli.dll

Wed Apr 02 15:31:16 2008 => Scanning File C:\WINDOWS\system32\scesrv.dll

Wed Apr 02 15:31:16 2008 => Scanning File C:\WINDOWS\system32\schannel.dll

Wed Apr 02 15:31:16 2008 => Scanning File C:\WINDOWS\system32\schedsvc.dll

Wed Apr 02 15:31:16 2008 => Scanning File C:\WINDOWS\system32\sclgntfy.dll

Wed Apr 02 15:31:16 2008 => Scanning File C:\WINDOWS\system32\scofr.dll

Wed Apr 02 15:31:16 2008 => Scanning File C:\WINDOWS\system32\SCP32.DLL

Wed Apr 02 15:31:16 2008 => Scanning File C:\WINDOWS\system32\scredir.dll

Wed Apr 02 15:31:17 2008 => Scanning File C:\WINDOWS\system32\scripto.dll

Wed Apr 02 15:31:17 2008 => Scanning File C:\WINDOWS\system32\scrnsave.scr

Wed Apr 02 15:31:17 2008 => Scanning File C:\WINDOWS\system32\scrobj.dll

Wed Apr 02 15:31:17 2008 => Scanning File C:\WINDOWS\system32\scrrnfr.dll

Wed Apr 02 15:31:17 2008 => Scanning File C:\WINDOWS\system32\scrrun.dll

Wed Apr 02 15:31:17 2008 => Scanning File C:\WINDOWS\system32\scrrun.dll.tmp

Wed Apr 02 15:31:17 2008 => Scanning File C:\WINDOWS\system32\sdbinst.exe

Wed Apr 02 15:31:18 2008 => Scanning File C:\WINDOWS\system32\sdhcinst.dll

Wed Apr 02 15:31:18 2008 => Scanning File C:\WINDOWS\system32\sdpblb.dll

Wed Apr 02 15:31:18 2008 => Scanning File C:\WINDOWS\system32\seclogon.dll

Wed Apr 02 15:31:18 2008 => Scanning File C:\WINDOWS\system32\secupd.dat

Wed Apr 02 15:31:18 2008 => Scanning File C:\WINDOWS\system32\secupd.sig

Wed Apr 02 15:31:18 2008 => Scanning File C:\WINDOWS\system32\secur32.dll

Wed Apr 02 15:31:18 2008 => Scanning File C:\WINDOWS\system32\security.dll

Wed Apr 02 15:31:18 2008 => Scanning File C:\WINDOWS\system32\sendcmsg.dll

Wed Apr 02 15:31:18 2008 => Scanning File C:\WINDOWS\system32\sendmail.dll

Wed Apr 02 15:31:18 2008 => Scanning File C:\WINDOWS\system32\sens.dll

Wed Apr 02 15:31:19 2008 => Scanning File C:\WINDOWS\system32\sensapi.dll

Wed Apr 02 15:31:19 2008 => Scanning File C:\WINDOWS\system32\senscfg.dll

Wed Apr 02 15:31:19 2008 => Scanning File C:\WINDOWS\system32\serialui.dll

Wed Apr 02 15:31:19 2008 => Scanning File C:\WINDOWS\system32\servdeps.dll

Wed Apr 02 15:31:19 2008 => Scanning File C:\WINDOWS\system32\services.exe

Wed Apr 02 15:31:19 2008 => Scanning File C:\WINDOWS\system32\services.msc

Wed Apr 02 15:31:19 2008 => Scanning File C:\WINDOWS\system32\serwvdrv.dll

Wed Apr 02 15:31:19 2008 => Scanning File C:\WINDOWS\system32\sessmgr.exe

Wed Apr 02 15:31:19 2008 => Scanning File C:\WINDOWS\system32\sethc.exe

Wed Apr 02 15:31:19 2008 => Scanning File C:\WINDOWS\system32\setup.bmp

Wed Apr 02 15:31:19 2008 => Scanning File C:\WINDOWS\system32\setup.exe

Wed Apr 02 15:31:19 2008 => Scanning File C:\WINDOWS\system32\setupapi.dll

Wed Apr 02 15:31:20 2008 => Scanning File C:\WINDOWS\system32\setupdll.dll

Wed Apr 02 15:31:20 2008 => Scanning File C:\WINDOWS\system32\setver.exe

Wed Apr 02 15:31:20 2008 => Scanning File C:\WINDOWS\system32\sfc.dll

Wed Apr 02 15:31:20 2008 => Scanning File C:\WINDOWS\system32\sfc.exe

Wed Apr 02 15:31:20 2008 => Scanning File C:\WINDOWS\system32\sfcfiles.dll

Wed Apr 02 15:31:20 2008 => Scanning File C:\WINDOWS\system32\sfc_os.dll

Wed Apr 02 15:31:20 2008 => Scanning File C:\WINDOWS\system32\sfmapi.dll

Wed Apr 02 15:31:20 2008 => Scanning File C:\WINDOWS\system32\shadow.exe

Wed Apr 02 15:31:20 2008 => Scanning File C:\WINDOWS\system32\share.exe

Wed Apr 02 15:31:21 2008 => Scanning File C:\WINDOWS\system32\shdoclc(2).dll

Wed Apr 02 15:31:23 2008 => Scanning File C:\WINDOWS\system32\shdoclc.dll

Wed Apr 02 15:31:25 2008 => Scanning File C:\WINDOWS\system32\shdocvw(2).dll

Wed Apr 02 15:31:26 2008 => Scanning File C:\WINDOWS\system32\shdocvw.dll

Wed Apr 02 15:31:26 2008 => Scanning File C:\WINDOWS\system32\shell.dll

Wed Apr 02 15:31:26 2008 => *** File C:\WINDOWS\system32\shell32.dll having Size Restriction ***

Wed Apr 02 15:31:26 2008 => Scanning File C:\WINDOWS\system32\shell32.dll [**]

Wed Apr 02 15:31:26 2008 => Scanning File C:\WINDOWS\system32\shellstyle.dll

Wed Apr 02 15:31:26 2008 => Scanning File C:\WINDOWS\system32\shfolder.dll

Wed Apr 02 15:31:26 2008 => Scanning File C:\WINDOWS\system32\shgina.dll

Wed Apr 02 15:31:26 2008 => Scanning File C:\WINDOWS\system32\shimeng.dll

Wed Apr 02 15:31:26 2008 => Scanning File C:\WINDOWS\system32\shimgvw.dll

Wed Apr 02 15:31:26 2008 => Scanning File C:\WINDOWS\system32\shlwapi(2).dll

Wed Apr 02 15:31:27 2008 => Scanning File C:\WINDOWS\system32\shlwapi.dll

Wed Apr 02 15:31:27 2008 => Scanning File C:\WINDOWS\system32\shmedia.dll

Wed Apr 02 15:31:27 2008 => Scanning File C:\WINDOWS\system32\shmgrate.exe

Wed Apr 02 15:31:27 2008 => Scanning File C:\WINDOWS\system32\shrpubw.exe

Wed Apr 02 15:31:27 2008 => Scanning File C:\WINDOWS\system32\shscrap.dll

Wed Apr 02 15:31:27 2008 => Scanning File C:\WINDOWS\system32\shsvcs.dll

Wed Apr 02 15:31:27 2008 => Scanning File C:\WINDOWS\system32\shutdown.exe

Wed Apr 02 15:31:27 2008 => Scanning File C:\WINDOWS\system32\sigtab.dll

Wed Apr 02 15:31:27 2008 => Scanning File C:\WINDOWS\system32\sigverif.exe

Wed Apr 02 15:31:28 2008 => Scanning File C:\WINDOWS\system32\simpdata.tlb

Wed Apr 02 15:31:28 2008 => Scanning File C:\WINDOWS\system32\simptcp.dll

Wed Apr 02 15:31:28 2008 => Scanning File C:\WINDOWS\system32\sisbkup.dll

Wed Apr 02 15:31:28 2008 => Scanning File C:\WINDOWS\system32\skdll.dll

Wed Apr 02 15:31:28 2008 => Scanning File C:\WINDOWS\system32\skeys.exe

Wed Apr 02 15:31:28 2008 => Scanning File C:\WINDOWS\system32\slayerxp.dll

Wed Apr 02 15:31:28 2008 => Scanning File C:\WINDOWS\system32\slbcsp.dll

Wed Apr 02 15:31:28 2008 => Scanning File C:\WINDOWS\system32\slbiop.dll

Wed Apr 02 15:31:28 2008 => Scanning File C:\WINDOWS\system32\slbrccsp.dll

Wed Apr 02 15:31:29 2008 => Scanning File C:\WINDOWS\system32\slcoinst.dll

Wed Apr 02 15:31:29 2008 => Scanning File C:\WINDOWS\system32\slextspk.dll

Wed Apr 02 15:31:29 2008 => Scanning File C:\WINDOWS\system32\slgen.dll

Wed Apr 02 15:31:30 2008 => Scanning File C:\WINDOWS\system32\slrundll.exe

Wed Apr 02 15:31:30 2008 => Scanning File C:\WINDOWS\system32\slserv.exe

Wed Apr 02 15:31:30 2008 => Scanning File C:\WINDOWS\system32\sl_anet.acm

Wed Apr 02 15:31:30 2008 => Scanning File C:\WINDOWS\system32\smbinst.exe

Wed Apr 02 15:31:30 2008 => Scanning File C:\WINDOWS\system32\smlogcfg.dll

Wed Apr 02 15:31:30 2008 => Scanning File C:\WINDOWS\system32\smlogsvc.exe

Wed Apr 02 15:31:30 2008 => Scanning File C:\WINDOWS\system32\smss.exe

Wed Apr 02 15:31:30 2008 => Scanning File C:\WINDOWS\system32\sndrec32.exe

Wed Apr 02 15:31:31 2008 => Scanning File C:\WINDOWS\system32\sndvol32.exe

Wed Apr 02 15:31:31 2008 => Scanning File C:\WINDOWS\system32\snmpapi.dll

Wed Apr 02 15:31:31 2008 => Scanning File C:\WINDOWS\system32\snmpsnap.dll

Wed Apr 02 15:31:31 2008 => Scanning File C:\WINDOWS\system32\softpub.dll

Wed Apr 02 15:31:31 2008 => Scanning File C:\WINDOWS\system32\SONYHCY.DLL

Wed Apr 02 15:31:32 2008 => Scanning File C:\WINDOWS\system32\sort.exe

Wed Apr 02 15:31:32 2008 => Scanning File C:\WINDOWS\system32\sortkey.nls

Wed Apr 02 15:31:32 2008 => Scanning File C:\WINDOWS\system32\sorttbls.nls

Wed Apr 02 15:31:32 2008 => Scanning File C:\WINDOWS\system32\sound.drv

Wed Apr 02 15:31:32 2008 => Scanning File C:\WINDOWS\system32\spdwnwxp.exe

Wed Apr 02 15:31:32 2008 => Scanning File C:\WINDOWS\system32\spdwnwxp.log

Wed Apr 02 15:31:32 2008 => Scanning File C:\WINDOWS\system32\spmsg.dll

Wed Apr 02 15:31:32 2008 => Scanning File C:\WINDOWS\system32\spnike.dll

Wed Apr 02 15:31:32 2008 => Scanning File C:\WINDOWS\system32\spnpinst.exe

Wed Apr 02 15:31:32 2008 => Scanning File C:\WINDOWS\system32\spoolss.dll

Wed Apr 02 15:31:32 2008 => Scanning File C:\WINDOWS\system32\spoolsv.exe

Wed Apr 02 15:31:32 2008 => Scanning File C:\WINDOWS\system32\sprestrt.exe

Wed Apr 02 15:31:33 2008 => Scanning File C:\WINDOWS\system32\sprio600.dll

Wed Apr 02 15:31:33 2008 => Scanning File C:\WINDOWS\system32\sprio800.dll

Wed Apr 02 15:31:33 2008 => Scanning File C:\WINDOWS\system32\spupdsvc.exe

Wed Apr 02 15:31:33 2008 => Scanning File C:\WINDOWS\system32\spupdwxp.exe

Wed Apr 02 15:31:33 2008 => Scanning File C:\WINDOWS\system32\spupdwxp.log

Wed Apr 02 15:31:33 2008 => Scanning File C:\WINDOWS\system32\spxcoins.dll

Wed Apr 02 15:31:33 2008 => Scanning File C:\WINDOWS\system32\sqlsodbc.chm

Wed Apr 02 15:31:34 2008 => Scanning File C:\WINDOWS\system32\sqlsrv32.dll

Wed Apr 02 15:31:34 2008 => Scanning File C:\WINDOWS\system32\sqlsrv32.rll

Wed Apr 02 15:31:34 2008 => Scanning File C:\WINDOWS\system32\sqlunirl.dll

Wed Apr 02 15:31:35 2008 => Scanning File C:\WINDOWS\system32\sqlwid.dll

Wed Apr 02 15:31:35 2008 => Scanning File C:\WINDOWS\system32\sqlwoa.dll

Wed Apr 02 15:31:35 2008 => Scanning File C:\WINDOWS\system32\srclient.dll

Wed Apr 02 15:31:35 2008 => Scanning File C:\WINDOWS\system32\srrstr.dll

Wed Apr 02 15:31:35 2008 => Scanning File C:\WINDOWS\system32\srsvc.dll

Wed Apr 02 15:31:35 2008 => Scanning File C:\WINDOWS\system32\srusd.dll

Wed Apr 02 15:31:35 2008 => Scanning File C:\WINDOWS\system32\srvsvc.dll

Wed Apr 02 15:31:36 2008 => Scanning File C:\WINDOWS\system32\ss3dfo.scr

Wed Apr 02 15:31:36 2008 => Scanning File C:\WINDOWS\system32\ssbezier.scr

Wed Apr 02 15:31:36 2008 => Scanning File C:\WINDOWS\system32\ssdpapi.dll

Wed Apr 02 15:31:36 2008 => Scanning File C:\WINDOWS\system32\ssdpsrv.dll

Wed Apr 02 15:31:36 2008 => Scanning File C:\WINDOWS\system32\ssflwbox.scr

Wed Apr 02 15:31:37 2008 => Scanning File C:\WINDOWS\system32\ssleay32.dll

Wed Apr 02 15:31:37 2008 => Scanning File C:\WINDOWS\system32\ssmarque.scr

Wed Apr 02 15:31:37 2008 => Scanning File C:\WINDOWS\system32\ssmypics.scr

Wed Apr 02 15:31:37 2008 => Scanning File C:\WINDOWS\system32\ssmyst.scr

Wed Apr 02 15:31:37 2008 => Scanning File C:\WINDOWS\system32\sspipes.scr

Wed Apr 02 15:31:38 2008 => Scanning File C:\WINDOWS\system32\ssstars.scr

Wed Apr 02 15:31:38 2008 => Scanning File C:\WINDOWS\system32\sstext3d.scr

Wed Apr 02 15:31:38 2008 => Scanning File C:\WINDOWS\system32\stci.dll

Wed Apr 02 15:31:39 2008 => Scanning File C:\WINDOWS\system32\stclient.dll

Wed Apr 02 15:31:39 2008 => Scanning File C:\WINDOWS\system32\stdole2.tlb

Wed Apr 02 15:31:39 2008 => Scanning File C:\WINDOWS\system32\stdole32.tlb

Wed Apr 02 15:31:39 2008 => Scanning File C:\WINDOWS\system32\sti.dll

Wed Apr 02 15:31:39 2008 => Scanning File C:\WINDOWS\system32\stimon.exe

Wed Apr 02 15:31:39 2008 => Scanning File C:\WINDOWS\system32\sti_ci.dll

Wed Apr 02 15:31:39 2008 => Scanning File C:\WINDOWS\system32\STKIT432.DLL

Wed Apr 02 15:31:39 2008 => Scanning File C:\WINDOWS\system32\stobject.dll

Wed Apr 02 15:31:39 2008 => Scanning File C:\WINDOWS\system32\storage.dll

Wed Apr 02 15:31:39 2008 => Scanning File C:\WINDOWS\system32\storprop.dll

Wed Apr 02 15:31:39 2008 => Scanning File C:\WINDOWS\system32\streamci.dll

Wed Apr 02 15:31:40 2008 => Scanning File C:\WINDOWS\system32\strmdll.dll

Wed Apr 02 15:31:40 2008 => Scanning File C:\WINDOWS\system32\strmfilt.dll

Wed Apr 02 15:31:40 2008 => Scanning File C:\WINDOWS\system32\subst.exe

Wed Apr 02 15:31:40 2008 => Scanning File C:\WINDOWS\system32\svchost.exe

Wed Apr 02 15:31:40 2008 => Scanning File C:\WINDOWS\system32\svcpack.dll

Wed Apr 02 15:31:40 2008 => Scanning File C:\WINDOWS\system32\swprv.dll

Wed Apr 02 15:31:40 2008 => Scanning File C:\WINDOWS\system32\sxs.dll

Wed Apr 02 15:31:41 2008 => Scanning File C:\WINDOWS\system32\syncapp.exe

Wed Apr 02 15:31:41 2008 => Scanning File C:\WINDOWS\system32\synceng.dll

Wed Apr 02 15:31:41 2008 => Scanning File C:\WINDOWS\system32\syncui.dll

Wed Apr 02 15:31:41 2008 => Scanning File C:\WINDOWS\system32\sysdm.cpl

Wed Apr 02 15:31:41 2008 => Scanning File C:\WINDOWS\system32\sysedit.exe

Wed Apr 02 15:31:41 2008 => Scanning File C:\WINDOWS\system32\sysinv.dll

Wed Apr 02 15:31:41 2008 => Scanning File C:\WINDOWS\system32\syskey.exe

Wed Apr 02 15:31:41 2008 => Scanning File C:\WINDOWS\system32\sysmon.ocx

Wed Apr 02 15:31:42 2008 => Scanning File C:\WINDOWS\system32\sysocmgr.exe

Wed Apr 02 15:31:42 2008 => Scanning File C:\WINDOWS\system32\sysprint.sep

Wed Apr 02 15:31:42 2008 => Scanning File C:\WINDOWS\system32\sysprtj.sep

Wed Apr 02 15:31:42 2008 => Scanning File C:\WINDOWS\system32\syssetup.dll

Wed Apr 02 15:31:42 2008 => Scanning File C:\WINDOWS\system32\system.drv

Wed Apr 02 15:31:42 2008 => Scanning File C:\WINDOWS\system32\systray.exe

Wed Apr 02 15:31:42 2008 => Scanning File C:\WINDOWS\system32\t2embed.dll

Wed Apr 02 15:31:43 2008 => Scanning File C:\WINDOWS\system32\TABCTL32.OCX

Wed Apr 02 15:31:43 2008 => Scanning File C:\WINDOWS\system32\tapi.dll

Wed Apr 02 15:31:43 2008 => Scanning File C:\WINDOWS\system32\tapi3.dll

Wed Apr 02 15:31:43 2008 => Scanning File C:\WINDOWS\system32\tapi32.dll

Wed Apr 02 15:31:43 2008 => Scanning File C:\WINDOWS\system32\tapiperf.dll

Wed Apr 02 15:31:43 2008 => Scanning File C:\WINDOWS\system32\tapisrv.dll

Wed Apr 02 15:31:44 2008 => Scanning File C:\WINDOWS\system32\tapiui.dll

Wed Apr 02 15:31:44 2008 => Scanning File C:\WINDOWS\system32\taskman.exe

Wed Apr 02 15:31:44 2008 => Scanning File C:\WINDOWS\system32\taskmgr.exe

Wed Apr 02 15:31:44 2008 => Scanning File C:\WINDOWS\system32\tcmsetup.exe

Wed Apr 02 15:31:44 2008 => Scanning File C:\WINDOWS\system32\tcpmib.dll

Wed Apr 02 15:31:44 2008 => Scanning File C:\WINDOWS\system32\tcpmon.dll

Wed Apr 02 15:31:44 2008 => Scanning File C:\WINDOWS\system32\tcpmon.ini

Wed Apr 02 15:31:44 2008 => Scanning File C:\WINDOWS\system32\tcpmonui.dll

Wed Apr 02 15:31:44 2008 => Scanning File C:\WINDOWS\system32\tcpsvcs.exe

Wed Apr 02 15:31:45 2008 => Scanning File C:\WINDOWS\system32\tdc.ocx

Wed Apr 02 15:31:45 2008 => Scanning File C:\WINDOWS\system32\telephon.cpl

Wed Apr 02 15:31:45 2008 => Scanning File C:\WINDOWS\system32\telnet.exe

Wed Apr 02 15:31:45 2008 => Scanning File C:\WINDOWS\system32\termmgr.dll

Wed Apr 02 15:31:45 2008 => Scanning File C:\WINDOWS\system32\termsrv.dll

Wed Apr 02 15:31:45 2008 => Scanning File C:\WINDOWS\system32\tftp.exe

Wed Apr 02 15:31:45 2008 => Scanning File C:\WINDOWS\system32\themeui.dll

Wed Apr 02 15:31:45 2008 => Scanning File C:\WINDOWS\system32\ticrf.rat

Wed Apr 02 15:31:45 2008 => Scanning File C:\WINDOWS\system32\timedate.cpl

Wed Apr 02 15:31:46 2008 => Scanning File C:\WINDOWS\system32\timer.drv

Wed Apr 02 15:31:46 2008 => Scanning File C:\WINDOWS\system32\tm20dec.ax

Wed Apr 02 15:31:46 2008 => Scanning File C:\WINDOWS\system32\tmp.reg

Wed Apr 02 15:31:46 2008 => Scanning File C:\WINDOWS\system32\tmp.txt [**]

Wed Apr 02 15:31:46 2008 => Scanning File C:\WINDOWS\system32\toolhelp.dll

Wed Apr 02 15:31:46 2008 => Scanning File C:\WINDOWS\system32\tourstart.exe

Wed Apr 02 15:31:46 2008 => Scanning File C:\WINDOWS\system32\tr.bat

Wed Apr 02 15:31:46 2008 => Scanning File C:\WINDOWS\system32\tracert.exe

Wed Apr 02 15:31:46 2008 => Scanning File C:\WINDOWS\system32\tracert6.exe

Wed Apr 02 15:31:47 2008 => Scanning File C:\WINDOWS\system32\traffic.dll

Wed Apr 02 15:31:47 2008 => Scanning File C:\WINDOWS\system32\tree.com

Wed Apr 02 15:31:47 2008 => Scanning File C:\WINDOWS\system32\trkwks.dll

Wed Apr 02 15:31:47 2008 => Scanning File C:\WINDOWS\system32\tsappcmp.dll

Wed Apr 02 15:31:47 2008 => Scanning File C:\WINDOWS\system32\tsbyuv.dll

Wed Apr 02 15:31:47 2008 => Scanning File C:\WINDOWS\system32\tscfgwmi.dll

Wed Apr 02 15:31:47 2008 => Scanning File C:\WINDOWS\system32\tscon.exe

Wed Apr 02 15:31:47 2008 => Scanning File C:\WINDOWS\system32\tscupgrd.exe

Wed Apr 02 15:31:47 2008 => Scanning File C:\WINDOWS\system32\tsd32.dll

Wed Apr 02 15:31:47 2008 => Scanning File C:\WINDOWS\system32\tsddd.dll

Wed Apr 02 15:31:47 2008 => Scanning File C:\WINDOWS\system32\tsdiscon.exe

Wed Apr 02 15:31:48 2008 => Scanning File C:\WINDOWS\system32\tskill.exe

Wed Apr 02 15:31:48 2008 => Scanning File C:\WINDOWS\system32\tslabels.h

Wed Apr 02 15:31:48 2008 => Scanning File C:\WINDOWS\system32\tslabels.ini

Wed Apr 02 15:31:48 2008 => Scanning File C:\WINDOWS\system32\tsshutdn.exe

Wed Apr 02 15:31:48 2008 => Scanning File C:\WINDOWS\system32\tssoft32.acm

Wed Apr 02 15:31:48 2008 => Scanning File C:\WINDOWS\system32\twext.dll

Wed Apr 02 15:31:48 2008 => Scanning File C:\WINDOWS\system32\TwnLib20.dll

Wed Apr 02 15:31:48 2008 => Scanning File C:\WINDOWS\system32\TwnLib4.dll

Wed Apr 02 15:31:49 2008 => Scanning File C:\WINDOWS\system32\txflog.dll

Wed Apr 02 15:31:49 2008 => Scanning File C:\WINDOWS\system32\typelib.dll

Wed Apr 02 15:31:49 2008 => Scanning File C:\WINDOWS\system32\tzchange.exe

Wed Apr 02 15:31:49 2008 => Scanning File C:\WINDOWS\system32\udfrunin.exe

Wed Apr 02 15:31:49 2008 => Scanning File C:\WINDOWS\system32\udhisapi.dll

Wed Apr 02 15:31:49 2008 => Scanning File C:\WINDOWS\system32\ufat.dll

Wed Apr 02 15:31:49 2008 => Scanning File C:\WINDOWS\system32\ulib.dll

Wed Apr 02 15:31:50 2008 => Scanning File C:\WINDOWS\system32\umandlg.dll

Wed Apr 02 15:31:50 2008 => Scanning File C:\WINDOWS\system32\umdmxfrm.dll

Wed Apr 02 15:31:50 2008 => Scanning File C:\WINDOWS\system32\umpnpmgr.dll

Wed Apr 02 15:31:50 2008 => Scanning File C:\WINDOWS\system32\unam4ie.exe

Wed Apr 02 15:31:50 2008 => Scanning File C:\WINDOWS\system32\unicdime.ime

Wed Apr 02 15:31:50 2008 => Scanning File C:\WINDOWS\system32\unicode.nls

Wed Apr 02 15:31:50 2008 => Scanning File C:\WINDOWS\system32\uniime.dll

Wed Apr 02 15:31:50 2008 => Scanning File C:\WINDOWS\system32\unimdm.tsp

Wed Apr 02 15:31:50 2008 => Scanning File C:\WINDOWS\system32\unimdmat.dll

Wed Apr 02 15:31:50 2008 => Scanning File C:\WINDOWS\system32\uniplat.dll

Wed Apr 02 15:31:51 2008 => Scanning File C:\WINDOWS\system32\unlodctr.exe

Wed Apr 02 15:31:51 2008 => Scanning File C:\WINDOWS\system32\untfs.dll

Wed Apr 02 15:31:51 2008 => Scanning File C:\WINDOWS\system32\upnp.dll

Wed Apr 02 15:31:51 2008 => Scanning File C:\WINDOWS\system32\upnpcont.exe

Wed Apr 02 15:31:51 2008 => Scanning File C:\WINDOWS\system32\upnphost.dll

Wed Apr 02 15:31:51 2008 => Scanning File C:\WINDOWS\system32\upnpui.dll

Wed Apr 02 15:31:51 2008 => Scanning File C:\WINDOWS\system32\ups.exe

Wed Apr 02 15:31:51 2008 => Scanning File C:\WINDOWS\system32\ureg.dll

Wed Apr 02 15:31:51 2008 => Scanning File C:\WINDOWS\system32\url(2).dll

Wed Apr 02 15:31:52 2008 => Scanning File C:\WINDOWS\system32\url.dll

Wed Apr 02 15:31:52 2008 => Scanning File C:\WINDOWS\system32\urlmon(2).dll

Wed Apr 02 15:31:52 2008 => Scanning File C:\WINDOWS\system32\urlmon.dll

Wed Apr 02 15:31:52 2008 => Scanning File C:\WINDOWS\system32\usaplatinum.ico

Wed Apr 02 15:31:52 2008 => Scanning File C:\WINDOWS\system32\usaplatinum609.ico

Wed Apr 02 15:31:52 2008 => Scanning File C:\WINDOWS\system32\usaplatinum61.ico

Wed Apr 02 15:31:52 2008 => Scanning File C:\WINDOWS\system32\usbmon.dll

Wed Apr 02 15:31:52 2008 => Scanning File C:\WINDOWS\system32\usbui.dll

Wed Apr 02 15:31:52 2008 => Scanning File C:\WINDOWS\system32\user.exe

Wed Apr 02 15:31:52 2008 => Scanning File C:\WINDOWS\system32\user32.dll

Wed Apr 02 15:31:53 2008 => Scanning File C:\WINDOWS\system32\userenv.dll

Wed Apr 02 15:31:53 2008 => Scanning File C:\WINDOWS\system32\userinit.exe

Wed Apr 02 15:31:53 2008 => Scanning File C:\WINDOWS\system32\userlist.config

Wed Apr 02 15:31:53 2008 => Scanning File C:\WINDOWS\system32\usp10.dll

Wed Apr 02 15:31:53 2008 => Scanning File C:\WINDOWS\system32\usrcntra.dll

Wed Apr 02 15:31:53 2008 => Scanning File C:\WINDOWS\system32\usrcoina.dll

Wed Apr 02 15:31:53 2008 => Scanning File C:\WINDOWS\system32\usrdpa.dll

Wed Apr 02 15:31:53 2008 => Scanning File C:\WINDOWS\system32\usrdtea.dll

Wed Apr 02 15:31:54 2008 => Scanning File C:\WINDOWS\system32\usrfaxa.dll

Wed Apr 02 15:31:54 2008 => Scanning File C:\WINDOWS\system32\usrlbva.dll

Wed Apr 02 15:31:54 2008 => Scanning File C:\WINDOWS\system32\usrlogon.cmd

Wed Apr 02 15:31:54 2008 => Scanning File C:\WINDOWS\system32\usrmlnka.exe

Wed Apr 02 15:31:54 2008 => Scanning File C:\WINDOWS\system32\usrprbda.exe

Wed Apr 02 15:31:54 2008 => Scanning File C:\WINDOWS\system32\usrrtosa.dll

Wed Apr 02 15:31:55 2008 => Scanning File C:\WINDOWS\system32\usrsdpia.dll

Wed Apr 02 15:31:55 2008 => Scanning File C:\WINDOWS\system32\usrshuta.exe

Wed Apr 02 15:31:55 2008 => Scanning File C:\WINDOWS\system32\usrsvpia.dll

Wed Apr 02 15:31:55 2008 => Scanning File C:\WINDOWS\system32\usrv42a.dll

Wed Apr 02 15:31:55 2008 => Scanning File C:\WINDOWS\system32\usrv80a.dll

Wed Apr 02 15:31:55 2008 => Scanning File C:\WINDOWS\system32\usrvoica.dll

Wed Apr 02 15:31:55 2008 => Scanning File C:\WINDOWS\system32\usrvpa.dll

Wed Apr 02 15:31:55 2008 => Scanning File C:\WINDOWS\system32\utildll.dll

Wed Apr 02 15:31:56 2008 => Scanning File C:\WINDOWS\system32\utilman.exe

Wed Apr 02 15:31:56 2008 => Scanning File C:\WINDOWS\system32\uwdf.exe

Wed Apr 02 15:31:56 2008 => Scanning File C:\WINDOWS\system32\uxtheme.dll

Wed Apr 02 15:31:56 2008 => Scanning File C:\WINDOWS\system32\v7vga.rom

Wed Apr 02 15:31:56 2008 => Scanning File C:\WINDOWS\system32\VB5DB.DLL

Wed Apr 02 15:31:56 2008 => Scanning File C:\WINDOWS\system32\VB6FR.DLL

Wed Apr 02 15:31:56 2008 => Scanning File C:\WINDOWS\system32\VBAEN32.OLB

Wed Apr 02 15:31:56 2008 => Scanning File C:\WINDOWS\system32\VBAEND32.OLB

Wed Apr 02 15:31:56 2008 => Scanning File C:\WINDOWS\system32\VBAFR32.OLB

Wed Apr 02 15:31:56 2008 => Scanning File C:\WINDOWS\system32\vbajet32.dll

Wed Apr 02 15:31:57 2008 => Scanning File C:\WINDOWS\system32\VBAME.DLL

Wed Apr 02 15:31:57 2008 => Scanning File C:\WINDOWS\system32\vbisurf.ax

Wed Apr 02 15:31:57 2008 => Scanning File C:\WINDOWS\system32\vbscript(2).dll

Wed Apr 02 15:31:57 2008 => Scanning File C:\WINDOWS\system32\vbscript.dll

Wed Apr 02 15:31:57 2008 => Scanning File C:\WINDOWS\system32\vbsfr.dll

Wed Apr 02 15:31:57 2008 => Scanning File C:\WINDOWS\system32\vcdex.dll

Wed Apr 02 15:31:57 2008 => Scanning File C:\WINDOWS\system32\vcl60.bpl

Wed Apr 02 15:31:59 2008 => Scanning File C:\WINDOWS\system32\vdmdbg.dll

Wed Apr 02 15:31:59 2008 => Scanning File C:\WINDOWS\system32\vdmredir.dll

Wed Apr 02 15:31:59 2008 => Scanning File C:\WINDOWS\system32\VEN2232.OLB

Wed Apr 02 15:31:59 2008 => Scanning File C:\WINDOWS\system32\ver.dll

Wed Apr 02 15:31:59 2008 => Scanning File C:\WINDOWS\system32\verclsid.exe

Wed Apr 02 15:31:59 2008 => Scanning File C:\WINDOWS\system32\verifier.dll

Wed Apr 02 15:31:59 2008 => Scanning File C:\WINDOWS\system32\verifier.exe

Wed Apr 02 15:31:59 2008 => Scanning File C:\WINDOWS\system32\version.dll

Wed Apr 02 15:31:59 2008 => Scanning File C:\WINDOWS\system32\vfpodbc.dll

Wed Apr 02 15:31:59 2008 => Scanning File C:\WINDOWS\system32\vga.dll

Wed Apr 02 15:31:59 2008 => Scanning File C:\WINDOWS\system32\vga.drv

Wed Apr 02 15:31:59 2008 => Scanning File C:\WINDOWS\system32\vga256.dll

Wed Apr 02 15:32:00 2008 => Scanning File C:\WINDOWS\system32\vga64k.dll

Wed Apr 02 15:32:00 2008 => Scanning File C:\WINDOWS\system32\vidcap.ax

Wed Apr 02 15:32:00 2008 => Scanning File C:\WINDOWS\system32\vidx16.dll

Wed Apr 02 15:32:00 2008 => Scanning File C:\WINDOWS\system32\vip-card1.ico

Wed Apr 02 15:32:00 2008 => Scanning File C:\WINDOWS\system32\vjoy.dll

Wed Apr 02 15:32:00 2008 => Scanning File C:\WINDOWS\system32\vmhelper.dll

Wed Apr 02 15:32:00 2008 => Scanning File C:\WINDOWS\system32\VSFLEX3.OCX

Wed Apr 02 15:32:00 2008 => Scanning File C:\WINDOWS\system32\vssadmin.exe

Wed Apr 02 15:32:00 2008 => Scanning File C:\WINDOWS\system32\vssapi.dll

Wed Apr 02 15:32:01 2008 => Scanning File C:\WINDOWS\system32\vssvc.exe

Wed Apr 02 15:32:01 2008 => Scanning File C:\WINDOWS\system32\vss_ps.dll

Wed Apr 02 15:32:01 2008 => Scanning File C:\WINDOWS\system32\vxblock.dll

Wed Apr 02 15:32:01 2008 => Scanning File C:\WINDOWS\system32\W32n50.dll

Wed Apr 02 15:32:01 2008 => Scanning File C:\WINDOWS\system32\w32time.dll

Wed Apr 02 15:32:01 2008 => Scanning File C:\WINDOWS\system32\w32tm.exe

Wed Apr 02 15:32:01 2008 => Scanning File C:\WINDOWS\system32\w32topl.dll

Wed Apr 02 15:32:01 2008 => Scanning File C:\WINDOWS\system32\w3ssl.dll

Wed Apr 02 15:32:01 2008 => Scanning File C:\WINDOWS\system32\w95inf16.dll

Wed Apr 02 15:32:01 2008 => Scanning File C:\WINDOWS\system32\w95inf32.dll

Wed Apr 02 15:32:02 2008 => Scanning File C:\WINDOWS\system32\watchdog.sys

Wed Apr 02 15:32:02 2008 => Scanning File C:\WINDOWS\system32\wavemsp.dll

Wed Apr 02 15:32:02 2008 => Scanning File C:\WINDOWS\system32\wbcache.deu

Wed Apr 02 15:32:02 2008 => Scanning File C:\WINDOWS\system32\wbcache.enu

Wed Apr 02 15:32:02 2008 => Scanning File C:\WINDOWS\system32\wbcache.esn

Wed Apr 02 15:32:02 2008 => Scanning File C:\WINDOWS\system32\wbcache.fra

Wed Apr 02 15:32:02 2008 => Scanning File C:\WINDOWS\system32\wbcache.ita

Wed Apr 02 15:32:02 2008 => Scanning File C:\WINDOWS\system32\wbcache.nld

Wed Apr 02 15:32:02 2008 => Scanning File C:\WINDOWS\system32\wbcache.sve

Wed Apr 02 15:32:02 2008 => Scanning File C:\WINDOWS\system32\wbdbase.deu

Wed Apr 02 15:32:02 2008 => Scanning File C:\WINDOWS\system32\wbdbase.enu

Wed Apr 02 15:32:02 2008 => Scanning File C:\WINDOWS\system32\wbdbase.esn

Wed Apr 02 15:32:03 2008 => Scanning File C:\WINDOWS\system32\wbdbase.fra

Wed Apr 02 15:32:03 2008 => Scanning File C:\WINDOWS\system32\wbdbase.ita

Wed Apr 02 15:32:03 2008 => Scanning File C:\WINDOWS\system32\wbdbase.nld

Wed Apr 02 15:32:03 2008 => Scanning File C:\WINDOWS\system32\wbdbase.sve

Wed Apr 02 15:32:03 2008 => Scanning File C:\WINDOWS\system32\wdfapi.dll

Wed Apr 02 15:32:03 2008 => Scanning File C:\WINDOWS\system32\wdfmgr.exe

Wed Apr 02 15:32:03 2008 => Scanning File C:\WINDOWS\system32\wdigest.dll

Wed Apr 02 15:32:03 2008 => Scanning File C:\WINDOWS\system32\wdl.trm

Wed Apr 02 15:32:03 2008 => Scanning File C:\WINDOWS\system32\wdmaud(2).drv

Wed Apr 02 15:32:04 2008 => Scanning File C:\WINDOWS\system32\wdmaud.drv

Wed Apr 02 15:32:04 2008 => Scanning File C:\WINDOWS\system32\webcheck.dll

Wed Apr 02 15:32:04 2008 => Scanning File C:\WINDOWS\system32\webclnt.dll

Wed Apr 02 15:32:04 2008 => Scanning File C:\WINDOWS\system32\webfldrs.msi

Wed Apr 02 15:32:05 2008 => Scanning File C:\WINDOWS\system32\webhits.dll

Wed Apr 02 15:32:06 2008 => Scanning File C:\WINDOWS\system32\webvw.dll

Wed Apr 02 15:32:06 2008 => Scanning File C:\WINDOWS\system32\wextract.exe

Wed Apr 02 15:32:06 2008 => Scanning File C:\WINDOWS\system32\wfwnet.drv

Wed Apr 02 15:32:06 2008 => Scanning File C:\WINDOWS\system32\WgaLogon.dll

Wed Apr 02 15:32:06 2008 => Scanning File C:\WINDOWS\system32\WgaTray.exe

Wed Apr 02 15:32:06 2008 => Scanning File C:\WINDOWS\system32\wiaacmgr.exe

Wed Apr 02 15:32:07 2008 => Scanning File C:\WINDOWS\system32\wiadefui.dll

Wed Apr 02 15:32:07 2008 => Scanning File C:\WINDOWS\system32\wiadss.dll

Wed Apr 02 15:32:07 2008 => Scanning File C:\WINDOWS\system32\wiascr.dll

Wed Apr 02 15:32:07 2008 => Scanning File C:\WINDOWS\system32\wiaservc.dll

Wed Apr 02 15:32:07 2008 => Scanning File C:\WINDOWS\system32\wiasf.ax

Wed Apr 02 15:32:07 2008 => Scanning File C:\WINDOWS\system32\wiashext.dll

Wed Apr 02 15:32:08 2008 => Scanning File C:\WINDOWS\system32\wiavideo.dll

Wed Apr 02 15:32:08 2008 => Scanning File C:\WINDOWS\system32\wiavusd.dll

Wed Apr 02 15:32:08 2008 => Scanning File C:\WINDOWS\system32\wifeman.dll

Wed Apr 02 15:32:08 2008 => Scanning File C:\WINDOWS\system32\win.com

Wed Apr 02 15:32:08 2008 => Scanning File C:\WINDOWS\system32\win32k.sys

Wed Apr 02 15:32:08 2008 => Scanning File C:\WINDOWS\system32\win32spl.dll

Wed Apr 02 15:32:08 2008 => Scanning File C:\WINDOWS\system32\win87em.dll

Wed Apr 02 15:32:08 2008 => Scanning File C:\WINDOWS\system32\winar30.ime

Wed Apr 02 15:32:08 2008 => Scanning File C:\WINDOWS\system32\winbrand.dll

Wed Apr 02 15:32:09 2008 => Scanning File C:\WINDOWS\system32\winchat.exe

Wed Apr 02 15:32:09 2008 => Scanning File C:\WINDOWS\system32\WindowsLogon.manifest

Wed Apr 02 15:32:09 2008 => Scanning File C:\WINDOWS\system32\winfax.dll

Wed Apr 02 15:32:09 2008 => Scanning File C:\WINDOWS\system32\WinFXDocObj.exe

Wed Apr 02 15:32:09 2008 => Scanning File C:\WINDOWS\system32\WINGB.IME

Wed Apr 02 15:32:09 2008 => Scanning File C:\WINDOWS\system32\winhelp.hlp

Wed Apr 02 15:32:09 2008 => Scanning File C:\WINDOWS\system32\winhlp32.exe

Wed Apr 02 15:32:10 2008 => Scanning File C:\WINDOWS\system32\winhttp.dll

Wed Apr 02 15:32:10 2008 => Scanning File C:\WINDOWS\system32\winime.ime

Wed Apr 02 15:32:10 2008 => Scanning File C:\WINDOWS\system32\wininet(2).dll

Wed Apr 02 15:32:10 2008 => Scanning File C:\WINDOWS\system32\wininet.dll

Wed Apr 02 15:32:10 2008 => Scanning File C:\WINDOWS\system32\winipsec.dll

Wed Apr 02 15:32:11 2008 => Scanning File C:\WINDOWS\system32\winlogon.exe

Wed Apr 02 15:32:11 2008 => Scanning File C:\WINDOWS\system32\winmm.dll

Wed Apr 02 15:32:11 2008 => Scanning File C:\WINDOWS\system32\winmsd.exe

Wed Apr 02 15:32:11 2008 => Scanning File C:\WINDOWS\system32\winnls.dll

Wed Apr 02 15:32:11 2008 => Scanning File C:\WINDOWS\system32\winntbbu.dll

Wed Apr 02 15:32:11 2008 => Scanning File C:\WINDOWS\system32\winoldap.mod

Wed Apr 02 15:32:11 2008 => Scanning File C:\WINDOWS\system32\winpy.ime

Wed Apr 02 15:32:11 2008 => Scanning File C:\WINDOWS\system32\WINPY.MB

Wed Apr 02 15:32:11 2008 => Scanning File C:\WINDOWS\system32\winrnr.dll

Wed Apr 02 15:32:11 2008 => Scanning File C:\WINDOWS\system32\winscard.dll

Wed Apr 02 15:32:12 2008 => Scanning File C:\WINDOWS\system32\winshfhc.dll

Wed Apr 02 15:32:12 2008 => Scanning File C:\WINDOWS\system32\winsock.dll

Wed Apr 02 15:32:12 2008 => Scanning File C:\WINDOWS\system32\winsp.ime

Wed Apr 02 15:32:12 2008 => Scanning File C:\WINDOWS\system32\WINSP.MB

Wed Apr 02 15:32:12 2008 => Scanning File C:\WINDOWS\system32\winspool.drv

Wed Apr 02 15:32:12 2008 => Scanning File C:\WINDOWS\system32\winspool.exe

Wed Apr 02 15:32:12 2008 => Scanning File C:\WINDOWS\system32\winsrv.dll

Wed Apr 02 15:32:12 2008 => Scanning File C:\WINDOWS\system32\winsta.dll

Wed Apr 02 15:32:12 2008 => Scanning File C:\WINDOWS\system32\winstrm.dll

Wed Apr 02 15:32:12 2008 => Scanning File C:\WINDOWS\system32\wintrust.dll

Wed Apr 02 15:32:13 2008 => Scanning File C:\WINDOWS\system32\winver.exe

Wed Apr 02 15:32:13 2008 => Scanning File C:\WINDOWS\system32\winzm.ime

Wed Apr 02 15:32:13 2008 => Scanning File C:\WINDOWS\system32\WINZM.MB

Wed Apr 02 15:32:13 2008 => Scanning File C:\WINDOWS\system32\wjview.exe

Wed Apr 02 15:32:13 2008 => Scanning File C:\WINDOWS\system32\wkssvc.dll

Wed Apr 02 15:32:13 2008 => Scanning File C:\WINDOWS\system32\wldap32.dll

Wed Apr 02 15:32:13 2008 => Scanning File C:\WINDOWS\system32\wlnotify.dll

Wed Apr 02 15:32:13 2008 => Scanning File C:\WINDOWS\system32\WMADMOD.dll

Wed Apr 02 15:32:14 2008 => Scanning File C:\WINDOWS\system32\WMADMOE.dll

Wed Apr 02 15:32:14 2008 => Scanning File C:\WINDOWS\system32\wmasf.dll

Wed Apr 02 15:32:14 2008 => Scanning File C:\WINDOWS\system32\wmdmlog.dll

Wed Apr 02 15:32:14 2008 => Scanning File C:\WINDOWS\system32\wmdmps.dll

Wed Apr 02 15:32:14 2008 => Scanning File C:\WINDOWS\system32\wmdrmdev.dll

Wed Apr 02 15:32:14 2008 => Scanning File C:\WINDOWS\system32\wmdrmnet.dll

Wed Apr 02 15:32:14 2008 => Scanning File C:\WINDOWS\system32\wmdrmsdk.dll

Wed Apr 02 15:32:15 2008 => Scanning File C:\WINDOWS\system32\wmerrFRA.dll

Wed Apr 02 15:32:15 2008 => Scanning File C:\WINDOWS\system32\wmerror.dll

Wed Apr 02 15:32:15 2008 => Scanning File C:\WINDOWS\system32\wmi.dll

Wed Apr 02 15:32:15 2008 => Scanning File C:\WINDOWS\system32\wmidx.dll

Wed Apr 02 15:32:15 2008 => Scanning File C:\WINDOWS\system32\wmidx.ocx

Wed Apr 02 15:32:15 2008 => Scanning File C:\WINDOWS\system32\wmimgmt.msc

Wed Apr 02 15:32:15 2008 => Scanning File C:\WINDOWS\system32\wmiprop.dll

Wed Apr 02 15:32:15 2008 => Scanning File C:\WINDOWS\system32\wmnetmgr.dll

Wed Apr 02 15:32:16 2008 => *** File C:\WINDOWS\system32\wmp.dll having Size Restriction ***

Wed Apr 02 15:32:16 2008 => Scanning File C:\WINDOWS\system32\wmp.dll [**]

Wed Apr 02 15:32:16 2008 => Scanning File C:\WINDOWS\system32\wmp.ocx

Wed Apr 02 15:32:16 2008 => Scanning File C:\WINDOWS\system32\wmpasf.dll

Wed Apr 02 15:32:16 2008 => Scanning File C:\WINDOWS\system32\wmpcd.dll

Wed Apr 02 15:32:16 2008 => Scanning File C:\WINDOWS\system32\wmpcore.dll

Wed Apr 02 15:32:16 2008 => Scanning File C:\WINDOWS\system32\wmpdxm.dll

Wed Apr 02 15:32:16 2008 => Scanning File C:\WINDOWS\system32\wmpeffects.dll

Wed Apr 02 15:32:17 2008 => Scanning File C:\WINDOWS\system32\wmpencen.dll

Wed Apr 02 15:32:17 2008 => *** File C:\WINDOWS\system32\wmploc.dll having Size Restriction ***

Wed Apr 02 15:32:17 2008 => Scanning File C:\WINDOWS\system32\wmploc.dll [**]

Wed Apr 02 15:32:17 2008 => Scanning File C:\WINDOWS\system32\wmpmde.dll

Wed Apr 02 15:32:17 2008 => Scanning File C:\WINDOWS\system32\wmpns.dll

Wed Apr 02 15:32:17 2008 => Scanning File C:\WINDOWS\system32\wmpps.dll

Wed Apr 02 15:32:18 2008 => Scanning File C:\WINDOWS\system32\wmpscheme.xml

Wed Apr 02 15:32:18 2008 => Scanning File C:\WINDOWS\system32\wmpshell.dll

Wed Apr 02 15:32:18 2008 => Scanning File C:\WINDOWS\system32\wmpsrcwp.dll

Wed Apr 02 15:32:18 2008 => Scanning File C:\WINDOWS\system32\wmpstub.exe

Wed Apr 02 15:32:18 2008 => Scanning File C:\WINDOWS\system32\wmpui.dll

Wed Apr 02 15:32:18 2008 => Scanning File C:\WINDOWS\system32\wmsdmod.dll

Wed Apr 02 15:32:18 2008 => Scanning File C:\WINDOWS\system32\wmsdmoe.dll

Wed Apr 02 15:32:19 2008 => Scanning File C:\WINDOWS\system32\wmsdmoe2.dll

Wed Apr 02 15:32:19 2008 => Scanning File C:\WINDOWS\system32\wmserror.dll

Wed Apr 02 15:32:19 2008 => Scanning File C:\WINDOWS\system32\WMSPDMOD.dll

Wed Apr 02 15:32:19 2008 => Scanning File C:\WINDOWS\system32\WMSPDMOE.dll

Wed Apr 02 15:32:19 2008 => Scanning File C:\WINDOWS\system32\wmstream.dll

Wed Apr 02 15:32:20 2008 => Scanning File C:\WINDOWS\system32\wmv8dmod.dll

Wed Apr 02 15:32:20 2008 => Scanning File C:\WINDOWS\system32\wmv8ds32.ax

Wed Apr 02 15:32:20 2008 => Scanning File C:\WINDOWS\system32\WMVADVD.dll

Wed Apr 02 15:32:20 2008 => Scanning File C:\WINDOWS\system32\WMVADVE.DLL

Wed Apr 02 15:32:20 2008 => Scanning File C:\WINDOWS\system32\wmvcore.dll

Wed Apr 02 15:32:21 2008 => Scanning File C:\WINDOWS\system32\WMVDECOD.dll

Wed Apr 02 15:32:21 2008 => Scanning File C:\WINDOWS\system32\wmvdmod.dll

Wed Apr 02 15:32:21 2008 => Scanning File C:\WINDOWS\system32\wmvdmoe.dll

Wed Apr 02 15:32:21 2008 => Scanning File C:\WINDOWS\system32\wmvdmoe2.dll

Wed Apr 02 15:32:21 2008 => Scanning File C:\WINDOWS\system32\wmvds32.ax

Wed Apr 02 15:32:21 2008 => Scanning File C:\WINDOWS\system32\WMVENCOD.dll

Wed Apr 02 15:32:22 2008 => Scanning File C:\WINDOWS\system32\WMVSDECD.dll

Wed Apr 02 15:32:22 2008 => Scanning File C:\WINDOWS\system32\WMVSENCD.dll

Wed Apr 02 15:32:22 2008 => Scanning File C:\WINDOWS\system32\WMVXENCD.dll

Wed Apr 02 15:32:22 2008 => Scanning File C:\WINDOWS\system32\WooDial2000.dll

Wed Apr 02 15:32:22 2008 => Scanning File C:\WINDOWS\system32\wow32.dll

Wed Apr 02 15:32:23 2008 => Scanning File C:\WINDOWS\system32\wowdeb.exe

Wed Apr 02 15:32:23 2008 => Scanning File C:\WINDOWS\system32\wowexec.exe

Wed Apr 02 15:32:23 2008 => Scanning File C:\WINDOWS\system32\wowfax.dll

Wed Apr 02 15:32:23 2008 => Scanning File C:\WINDOWS\system32\wowfaxui.dll

Wed Apr 02 15:32:23 2008 => Scanning File C:\WINDOWS\system32\wpa.bak

Wed Apr 02 15:32:23 2008 => Scanning File C:\WINDOWS\system32\wpa.dbl

Wed Apr 02 15:32:23 2008 => Scanning File C:\WINDOWS\system32\wpabaln.exe

Wed Apr 02 15:32:23 2008 => Scanning File C:\WINDOWS\system32\wpdconns.dll

Wed Apr 02 15:32:23 2008 => Scanning File C:\WINDOWS\system32\wpdmtp.dll

Wed Apr 02 15:32:23 2008 => Scanning File C:\WINDOWS\system32\wpdmtpdr.dll

Wed Apr 02 15:32:24 2008 => Scanning File C:\WINDOWS\system32\wpdmtpus.dll

Wed Apr 02 15:32:24 2008 => Scanning File C:\WINDOWS\system32\WpdShext.dll

Wed Apr 02 15:32:24 2008 => Scanning File C:\WINDOWS\system32\wpdshextautoplay.exe

Wed Apr 02 15:32:24 2008 => Scanning File C:\WINDOWS\system32\wpdshextres.dll

Wed Apr 02 15:32:24 2008 => Scanning File C:\WINDOWS\system32\WPDShServiceObj.dll

Wed Apr 02 15:32:24 2008 => Scanning File C:\WINDOWS\system32\wpdsp.dll

Wed Apr 02 15:32:24 2008 => Scanning File C:\WINDOWS\system32\wpdtrace.dll

Wed Apr 02 15:32:25 2008 => Scanning File C:\WINDOWS\system32\wpd_ci.dll

Wed Apr 02 15:32:25 2008 => Scanning File C:\WINDOWS\system32\wpnpinst.exe

Wed Apr 02 15:32:25 2008 => Scanning File C:\WINDOWS\system32\write.exe

Wed Apr 02 15:32:25 2008 => Scanning File C:\WINDOWS\system32\ws2help.dll

Wed Apr 02 15:32:25 2008 => Scanning File C:\WINDOWS\system32\ws2_32.dll

Wed Apr 02 15:32:25 2008 => Scanning File C:\WINDOWS\system32\wscntfy.exe

Wed Apr 02 15:32:25 2008 => Scanning File C:\WINDOWS\system32\wscript.exe

Wed Apr 02 15:32:25 2008 => Scanning File C:\WINDOWS\system32\wscsvc.dll

Wed Apr 02 15:32:26 2008 => Scanning File C:\WINDOWS\system32\wscui.cpl

Wed Apr 02 15:32:26 2008 => Scanning File C:\WINDOWS\system32\wshatm.dll

Wed Apr 02 15:32:26 2008 => Scanning File C:\WINDOWS\system32\wshbth.dll

Wed Apr 02 15:32:26 2008 => Scanning File C:\WINDOWS\system32\wshcon.dll

Wed Apr 02 15:32:26 2008 => Scanning File C:\WINDOWS\system32\wshext.dll

Wed Apr 02 15:32:26 2008 => Scanning File C:\WINDOWS\system32\wshfr.dll

Wed Apr 02 15:32:26 2008 => Scanning File C:\WINDOWS\system32\wship6.dll

Wed Apr 02 15:32:26 2008 => Scanning File C:\WINDOWS\system32\wshisn.dll

Wed Apr 02 15:32:26 2008 => Scanning File C:\WINDOWS\system32\wshnetbs.dll

Wed Apr 02 15:32:26 2008 => Scanning File C:\WINDOWS\system32\wshom.ocx

Wed Apr 02 15:32:27 2008 => Scanning File C:\WINDOWS\system32\WshRm.dll

Wed Apr 02 15:32:27 2008 => Scanning File C:\WINDOWS\system32\wshtcpip.dll

Wed Apr 02 15:32:27 2008 => Scanning File C:\WINDOWS\system32\wsnmp32.dll

Wed Apr 02 15:32:27 2008 => Scanning File C:\WINDOWS\system32\wsock32.dll

Wed Apr 02 15:32:27 2008 => Scanning File C:\WINDOWS\system32\wstdecod.dll

Wed Apr 02 15:32:27 2008 => Scanning File C:\WINDOWS\system32\wtsapi32.dll

Wed Apr 02 15:32:27 2008 => Scanning File C:\WINDOWS\system32\wuapi.dll

Wed Apr 02 15:32:27 2008 => Scanning File C:\WINDOWS\system32\wuapi.dll.mui

Wed Apr 02 15:32:27 2008 => Scanning File C:\WINDOWS\system32\wuauclt.exe

Wed Apr 02 15:32:27 2008 => Scanning File C:\WINDOWS\system32\wuauclt1.exe

Wed Apr 02 15:32:28 2008 => Scanning File C:\WINDOWS\system32\wuaucpl.cpl

Wed Apr 02 15:32:28 2008 => Scanning File C:\WINDOWS\system32\wuaucpl.cpl.manifest

Wed Apr 02 15:32:28 2008 => Scanning File C:\WINDOWS\system32\wuaucpl.cpl.mui

Wed Apr 02 15:32:28 2008 => Scanning File C:\WINDOWS\system32\wuaueng.dll

Wed Apr 02 15:32:28 2008 => Scanning File C:\WINDOWS\system32\wuaueng.dll.mui

Wed Apr 02 15:32:28 2008 => Scanning File C:\WINDOWS\system32\wuaueng1.dll

Wed Apr 02 15:32:29 2008 => Scanning File C:\WINDOWS\system32\wuauserv.dll

Wed Apr 02 15:32:29 2008 => Scanning File C:\WINDOWS\system32\wucltui.dll

Wed Apr 02 15:32:29 2008 => Scanning File C:\WINDOWS\system32\wucltui.dll.mui

Wed Apr 02 15:32:29 2008 => Scanning File C:\WINDOWS\system32\WUDFCoinstaller.dll

Wed Apr 02 15:32:29 2008 => Scanning File C:\WINDOWS\system32\WudfHost.exe

Wed Apr 02 15:32:29 2008 => Scanning File C:\WINDOWS\system32\WudfPlatform.dll

Wed Apr 02 15:32:29 2008 => Scanning File C:\WINDOWS\system32\WudfSvc.dll

Wed Apr 02 15:32:30 2008 => Scanning File C:\WINDOWS\system32\WUDFx.dll

Wed Apr 02 15:32:30 2008 => Scanning File C:\WINDOWS\system32\wupdmgr.exe

Wed Apr 02 15:32:30 2008 => Scanning File C:\WINDOWS\system32\wups.dll

Wed Apr 02 15:32:30 2008 => Scanning File C:\WINDOWS\system32\wups2.dll

Wed Apr 02 15:32:30 2008 => Scanning File C:\WINDOWS\system32\wuweb.dll

Wed Apr 02 15:32:30 2008 => Scanning File C:\WINDOWS\system32\wzcdlg.dll

Wed Apr 02 15:32:30 2008 => Scanning File C:\WINDOWS\system32\wzcsapi.dll

Wed Apr 02 15:32:30 2008 => Scanning File C:\WINDOWS\system32\wzcsvc.dll

Wed Apr 02 15:32:31 2008 => Scanning File C:\WINDOWS\system32\xactsrv.dll

Wed Apr 02 15:32:31 2008 => Scanning File C:\WINDOWS\system32\xcopy.exe

Wed Apr 02 15:32:31 2008 => Scanning File C:\WINDOWS\system32\xenroll.dll

Wed Apr 02 15:32:31 2008 => Scanning File C:\WINDOWS\system32\xjis.nls

Wed Apr 02 15:32:31 2008 => Scanning File C:\WINDOWS\system32\xmllite.dll

Wed Apr 02 15:32:31 2008 => Scanning File C:\WINDOWS\system32\xmlprov.dll

Wed Apr 02 15:32:32 2008 => Scanning File C:\WINDOWS\system32\xmlprovi.dll

Wed Apr 02 15:32:32 2008 => Scanning File C:\WINDOWS\system32\xolehlp.dll

Wed Apr 02 15:32:32 2008 => Scanning File C:\WINDOWS\system32\xpob2res.dll

Wed Apr 02 15:32:32 2008 => Scanning File C:\WINDOWS\system32\xpsp1hfm.exe

Wed Apr 02 15:32:32 2008 => Scanning File C:\WINDOWS\system32\xpsp1res.dll

Wed Apr 02 15:32:32 2008 => Scanning File C:\WINDOWS\system32\xpsp2res.dll

Wed Apr 02 15:32:34 2008 => Scanning File C:\WINDOWS\system32\xpsp3res.dll

Wed Apr 02 15:32:34 2008 => Scanning File C:\WINDOWS\system32\zipfldr.dll

Wed Apr 02 15:32:34 2008 => Scanning File C:\WINDOWS\system32\zonedoff.reg

Wed Apr 02 15:32:34 2008 => Scanning File C:\WINDOWS\system32\zonedon.reg

 

Wed Apr 02 15:32:34 2008 => ***** Checking for specific ITW Viruses *****

Wed Apr 02 15:32:34 2008 => Checking for Welchia Virus...

Wed Apr 02 15:32:35 2008 => Checking for LovGate Virus...

Wed Apr 02 15:32:35 2008 => Checking for CodeRed Virus...

Wed Apr 02 15:32:35 2008 => Checking for OpaServ Virus...

Wed Apr 02 15:32:35 2008 => Checking for Sobig.e Virus...

Wed Apr 02 15:32:35 2008 => Checking for Winupie Virus...

Wed Apr 02 15:32:35 2008 => Checking for Swen Virus...

Wed Apr 02 15:32:35 2008 => Checking for JS.Fortnight Virus...

Wed Apr 02 15:32:35 2008 => Checking for Novarg Virus...

Wed Apr 02 15:32:35 2008 => Checking for Pagabot Virus...

Wed Apr 02 15:32:35 2008 => Checking for Parite.b Virus...

Wed Apr 02 15:32:35 2008 => Checking for Parite.a Virus...

 

Wed Apr 02 15:32:35 2008 => ***** Scanning complete. *****

 

Wed Apr 02 15:32:35 2008 => Total Number of Files Scanned: 2499

Wed Apr 02 15:32:35 2008 => Total Number of Virus(es) Found: 1

Wed Apr 02 15:32:35 2008 => Total Number of Disinfected Files: 0

Wed Apr 02 15:32:35 2008 => Total Number of Files Renamed: 0

Wed Apr 02 15:32:35 2008 => Total Number of Deleted Files: 0

Wed Apr 02 15:32:35 2008 => Total Number of Errors: 5

Wed Apr 02 15:32:36 2008 => Time Elapsed: 00:05:36

Wed Apr 02 15:32:36 2008 => Virus Database Date: 2008/04/02

Wed Apr 02 15:32:36 2008 => Virus Database Count: 677768

 

Wed Apr 02 15:32:36 2008 => Scan Completed.

 

 

[oGu]

Pour l'instant je te poste la suite du programme du 1/04/08 que je n'avais pas terminé.J'y suis arrivé avec peine car apparemment il y avais conflit au démarrage avec "Runonce.msn/Runonce2.aspx "et "www.orange.fr".A chaque fois le premier partait et j'étais obligé de changer l'adresse par "orange".Manipe que m'avait conseillé la hot line sans plus de détails.

 

Etrange...En tout cas le scan eScan ne montre rien (à part un faux-positif!), donc c'est cool!

 

 

NB:Depuis la dernière manipe pour ESCan (environ 3 h)je n'ai pas été déconnecté.C'est peut être bon!(faux -je viens à nouveau d'être déconnecté)

 

On verra en fin de procédure si tes connections se sont rétablies, si non on verra ce qu'on peut faire. T'es en Wifi ou ethernet au fait?

 

C'est pourquoi je ne touche à ton prog du jour

 

?? Je n'ai pas compris !!

[yugm]

Raison de ne pas toucher à ton prog du jour?

Simplement que je n'avais pas fait le prog n-1 en entier et qu'il pouvait te manquer des infos pour continuer

Si t'es d'accord pas de prob ;pour demain sans doute

A+ nGu

[oGu]

Ah Ok, j'avais pas saisi! Bon réflexe de ta part néanmoins!

 

A demain alors!

[yugm]

Bjr oGu

Voici donc les réponses de l'élève à son prof informatique

en 1:rapport otmoveit

 

C:\WINDOWS\system32\dbmsvin.dll unregistered successfully.

File move failed. C:\WINDOWS\system32\dbmsvin.dll scheduled to be moved on reboot.

 

OTMoveIt2 by OldTimer - Version 1.0.21 log created on 04032008_180549

 

en 2 :rapport hijackthis

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 18:21:44, on 03/04/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16608)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\cisvc.exe

C:\WINDOWS\system32\dllhost.exe

C:\WINDOWS\System32\svchost.exe

C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe

c:\PROGRA~1\FICHIE~1\mcafee\mna\mcnasvc.exe

c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe

C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe

C:\Program Files\McAfee\MPF\MPFSrv.exe

C:\PROGRA~1\McAfee.com\Agent\mcagent.exe

C:\WINDOWS\system32\slserv.exe

C:\WINDOWS\system32\ctfmon.exe

C:\PROGRA~1\Wanadoo\TaskBarIcon.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\vssvc.exe

C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe

C:\Program Files\Wanadoo\GestionnaireInternet.exe

C:\Program Files\Wanadoo\ComComp.exe

C:\PROGRA~1\Wanadoo\Toaster.exe

C:\PROGRA~1\Wanadoo\Inactivity.exe

C:\PROGRA~1\Wanadoo\PollingModule.exe

C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE

C:\Program Files\Wanadoo\Watch.exe

C:\PROGRA~1\Wanadoo\WOOBrowser\WOOBrowser.exe

C:\WINDOWS\system32\cidaemon.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll

O2 - BHO: (no name) - {308FA211-78FE-4D86-B405-50E0361AF78F} - C:\WINDOWS\system32\dbmsvin.dll

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll

O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll

O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe

O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [DelayShred] "C:\Program Files\McAfee\MSHR\ShrCL.EXE" /P7 /q C:\DOCUME~1\MAHE\LOCALS~1\TEMPOR~1\Content.IE5\MGWIU3H4\BAN_72~1.SH! C:\DOCUME~1\MAHE\LOCALS~1\TEMPOR~1\Content.IE5\PE428S8X\IFRAME~1.SH! C:\DOCUME~1\MAHE\LOCALS~1\TEMPOR~1\Content.IE5\04GXDK6S\HP_1_~1.SH! C:\DOCUME~1\MAHE\LOCALS~1\TEMPOR~1\Content.IE5\04GXDK6S\AP_ADV~1.SH! C:\DOCUME~1\MAHE\LOCALS~1\TEMPOR~1\Content.IE5\04GXDK6S\INDEX_~4.SH! C:\DOCUME~1\MAHE\LOCALS~1\TEMPOR~1\Content.IE5\PE428S8X\AP_CPL~1.SH! C:\DOCUME~1\MAHE\LOCALS~1\TEMPOR~1\Content.IE5\PE428S8X\ADS_9_~1.SH!

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')

O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)

O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll

O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/...235/mcfscan.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{D43F0FA3-C5C4-46FC-B5E6-76E193C76ACA}: NameServer = 80.10.246.1 81.253.149.2

O23 - Service: FireDaemon Service: dll32 (dll32) - Unknown owner - c:\winnt\system32\os2\dll\packs\FireDaemon.EXE (file missing)

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Roxio Inc. - C:\WINDOWS\system32\ImapiRox.exe

O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe

O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mna\mcnasvc.exe

O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe

O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe

O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe

O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe

O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe

O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe

 

--

End of file - 6033 bytes

 

 

en 3:Explicatons diverses

 

-Regfix:fallait-il un prog?car "Impossible d'importer C:\....\bureau\yugm.reg ,le fichier spécifié n'est pas un script de Registre

Vous pouvez uniqt importer des fichiers du registre binaires à partir de l'éditeur du registre"

-pas d'alarmes et act démarrage + rapide

 

A+

[oGu]

Salut Yugm!

 

Hélas! OtMoveIt a bien programmé de supprimer dbmsvin.dll au redémarrage:

 

C:\WINDOWS\system32\dbmsvin.dll unregistered successfully.

File move failed. C:\WINDOWS\system32\dbmsvin.dll scheduled to be moved on reboot.

 

 

Mais la dll est coriace et résiste à la suppression (ou se recrée, ce qu irevient au même!):

 

Logfile of Trend Micro HijackThis v2.0.2

 

O2 - BHO: (no name) - {308FA211-78FE-4D86-B405-50E0361AF78F} - C:\WINDOWS\system32\dbmsvin.dll

 

 

 

Pour ta question:

 

-Regfix:fallait-il un prog?car "Impossible d'importer C:\....\bureau\yugm.reg ,le fichier spécifié n'est pas un script de Registre

Vous pouvez uniqt importer des fichiers du registre binaires à partir de l'éditeur du registre"

 

Non, il suffisait de créer le fichier .reg et de le fusionner. Mais n'ai pas de regret, cela n'aurait pas suffi de toute façon, la dll est plus solide que ça. On va maintenant utiliser un outil beaucoup plus puissant que OtMoveIt.

 

 

 

COMBOFIX

 

 

Télécharge Combofix de sUBs

• Enregistre-le impérativement sur ton bureau.
  
• Déconnecte-toi du net et désactive ton antivirus (juste le temps de la procédure).
  
• Ferme toutes les fenêtres.
  
• Double-clique sur combofix.exe (ne clique pas sur la fenêtre qui s'ouvre).
  
• Appuie sur Y pour lancer le scan.
  
• A la fin du scan (cela peut prendre du temps), un rapport sera créé.
  
• Poste ce rapport dans ton / tes prochain(s) message(s).
  

[yugm]

Rebonjour oGu

voici donc le rapport Combofix

NB:j'avais programmé l'activation auto de McAfee au redémarrage de l'ordi.J'espère que cela n'a pas nui à ce rapport

 

A+

 

ComboFix 08-04-03.3 - MAHE 2008-04-03 20:01:49.1 - NTFSx86

Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.146 [GMT 2:00]

Endroit: C:\Documents and Settings\MAHE\Accessoires\Bureau\combofix.exe

* Création d'un nouveau point de restauration

 

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!

.

 

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))

.

 

C:\WINDOWS\Downloaded Program Files\UGA6PV_0001_N122M1202NetInstaller.exe

 

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

 

-------\Legacy_TASKMON.SYS

 

 

((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-03-03 to 2008-04-03 ))))))))))))))))))))))))))))))))))))

.

 

2008-04-03 17:36 . 2008-04-03 17:36 136 --a------ C:\WINDOWS\system32\yugm.reg

2008-04-02 14:10 . 2008-04-02 15:08 <REP> d-------- C:\Downloads

2008-04-02 14:10 . 2008-04-02 15:08 <REP> d-------- C:\Bases

2008-04-02 14:01 . 2008-04-02 15:14 <REP> d-------- C:\Kaspersky

2008-04-01 22:19 . 2008-04-01 22:19 <REP> d-------- C:\Documents and Settings\MAHE\Application Data\Malwarebytes

2008-04-01 22:18 . 2008-04-01 22:18 <REP> d-------- C:\Malwarebytes' Anti-Malware

2008-04-01 22:18 . 2008-04-01 22:18 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes

2008-03-31 21:08 . 2008-03-31 21:08 <REP> d-------- C:\VundoFix Backups

2008-03-30 18:09 . 2008-03-30 18:09 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\PC Tools

2008-03-30 15:10 . 2008-03-30 15:10 583 --a------ C:\WINDOWS\system32\Raccourci vers notepad.exe.lnk

2008-03-30 00:35 . 2008-03-30 00:35 <REP> d-------- C:\_OTMoveIt

2008-03-27 19:49 . 2008-03-27 20:21 <REP> d-------- C:\Program Files\Navilog1

2008-03-27 19:39 . 2008-04-03 18:13 3,218 --a------ C:\WINDOWS\system32\PerfStringBackup.TMP

2008-03-27 19:22 . 2008-03-29 23:49 1,298 --a------ C:\WINDOWS\system32\tmp.reg

2008-03-27 12:44 . 2008-03-28 18:04 13,030 --a------ C:\PDOXUSRS.NET

2008-03-27 12:43 . 2008-03-27 12:43 <REP> d-------- C:\Program Files\Fichiers communs\Borland Shared

2008-03-27 12:43 . 1999-01-20 06:01 210,032 --a------ C:\WINDOWS\system32\DBCLIENT.DLL

2008-03-27 12:43 . 1999-11-12 06:11 183,808 --a------ C:\WINDOWS\system32\BDEADMIN.CPL

2008-03-27 12:42 . 2008-03-27 12:43 <REP> d-------- C:\Program Files\ZebHelpProcess 2

2008-03-25 11:44 . 2008-03-25 11:44 <REP> d-------- C:\Program Files\Trend Micro

2008-03-21 19:13 . 2007-12-06 17:51 28,568 --a------ C:\WINDOWS\system32\drivers\AVHook.sys

2008-03-21 19:13 . 2007-12-06 17:51 21,912 --a------ C:\WINDOWS\system32\drivers\AVRec.sys

2008-03-21 19:13 . 2008-02-12 12:44 21,904 --a------ C:\WINDOWS\system32\drivers\AVFilter.sys

2008-03-21 18:07 . 2008-03-30 14:31 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\fssg

2008-03-08 18:59 . 2008-03-09 11:13 <REP> d-------- C:\WINDOWS\SxsCaPendDel

2008-03-06 20:33 . 2008-03-06 20:33 1,271,557 --------- C:\Program Files\wrar371fr.exe

2008-03-04 11:50 . 2008-03-04 11:50 <REP> d-------- C:\Documents and Settings\MAHE\Application Data\ItsLabel

 

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-04-03 18:09 --------- d-----w C:\Program Files\Wanadoo

2008-04-01 20:15 --------- d---a-w C:\Program Files\Common Files

2008-04-01 18:23 --------- d-----w C:\Documents and Settings\MAHE\Application Data\SiteAdvisor

2008-03-31 11:38 --------- d-----w C:\Program Files\jv16 PowerTools

2008-03-30 15:57 --------- d-----w C:\Program Files\Common

2008-03-26 15:15 --------- d-----w C:\Program Files\CCleaner

2008-03-22 14:10 --------- d-----w C:\Program Files\AlertInfo

2008-03-08 16:59 --------- d-----w C:\Program Files\Fichiers communs\Adobe

2008-03-01 08:51 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\McAfee

2008-02-27 08:07 --------- d-----w C:\Program Files\SiteAdvisor

2008-02-26 08:01 --------- d-----w C:\Program Files\fsupport

2008-02-26 08:01 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard

2008-02-23 14:35 --------- d-----w C:\Program Files\McAfee

2008-02-23 10:29 19,584 ----a-w C:\WINDOWS\system32\drivers\arjkevag.dat

2008-02-23 09:11 --------- d-----w C:\Documents and Settings\NetworkService.AUTORITE NT.001\Application Data\SiteAdvisor

2008-02-22 14:45 --------- d-----w C:\Documents and Settings\MAHE\Application Data\AlertInfo

2008-02-22 12:42 --------- d-----w C:\Documents and Settings\LocalService.AUTORITE NT.001\Application Data\SiteAdvisor

2008-02-22 12:42 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\SiteAdvisor

2008-02-22 12:38 --------- d-----w C:\Program Files\Fichiers communs\McAfee

2008-02-22 12:37 --------- d-----w C:\Program Files\McAfee.com

2008-02-22 09:50 --------- d-----w C:\Documents and Settings\MAHE\Application Data\McAfee

2006-08-24 09:08 9,258,851 -c--a-w C:\Program Files\gestionnaire_internethd.exe

2006-08-01 15:07 1,465,856 -c--a-w C:\Program Files\DSLTest.exe

2006-07-05 16:09 5,290,525 ----a-w C:\Program Files\Photo3D.exe

2006-06-29 07:21 576 -c--a-w C:\Program Files\INSTALL.LOG

2006-06-20 13:55 2,883,214 -c--a-w C:\Program Files\UpgradeFranceOfficev9.1.zip

2006-06-03 10:18 9,663,232 -c--a-w C:\Program Files\OutlookExpress506FRA.bin

2006-02-16 13:26 12,814,336 -c--a-w C:\Program Files\mp10setup.exe

2006-01-24 08:43 3,530,812 -c--a-w C:\Program Files\looksnavigateur.exe

2006-01-07 16:47 578,560 -c--a-w C:\Program Files\wanadoo_toolbarsetup.exe

2005-11-02 13:54 11,120,472 -c--a-w C:\Program Files\DivXPlay.exe

.

 

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

REGEDIT4

*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{308FA211-78FE-4D86-B405-50E0361AF78F}]

2008-03-04 20:51 98048 --a------ C:\WINDOWS\system32\dbmsvin.dll

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 14:00 15360]

"DelayShred"="C:\Program Files\McAfee\MSHR\ShrCL.exe" [2007-07-25 16:10 111904]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"EoEngine"="" []

"WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 14:49 20480]

"WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 16:55 32768]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-05 14:00 15360]

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

"SpecifyDefaultButtons"= 0 (0x0)

"Btn_Search"= 0 (0x0)

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Notification Packages REG_MULTI_SZ :\WINDOWS\system32\srrstr.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]

C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ajzedll]

--a--c--- 2005-06-22 21:45 0 C:\WINDOWS\ajzedll.EXE

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ajzeenc]

--a--c--- 2005-06-22 21:45 0 C:\WINDOWS\ajzeenc.EXE

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus DX4000 Series]

--a--c--- 2006-02-21 06:00 131072 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]

--a--c--- 2004-08-05 14:00 208952 C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC-Checkup]

C:\Program Files\Speeditup Free\PCCheckUp\PCCheckUp.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

--a------ 2006-04-04 16:12 77824 C:\Program Files\QuickTime\qttask.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOKIT]

--------- 2004-10-14 16:55 32768 C:\Program Files\Wanadoo\GestMaj.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOTASKBARICON]

--------- 2004-10-14 16:55 32768 C:\PROGRA~1\Wanadoo\GestMaj.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]

"DisableMonitoring"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]

"DisableMonitoring"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

"DisableNotifications"= 1 (0x1)

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"C:\\Program Files\\Wanadoo\\WOOBrowser\\WOOBrowser.exe"=

"C:\\WINDOWS\\system32\\rundll32.exe"=

"C:\\WINDOWS\\explorer.exe"=

"C:\\Program Files\\Fichiers communs\\McAfee\\MNA\\McNASvc.exe"=

 

R0 lvqolsms;lvqolsms;C:\WINDOWS\system32\drivers\arjkevag.dat []

S2 dll32;FireDaemon Service: dll32;c:\winnt\system32\os2\dll\packs\FireDaemon.EXE []

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2bc232cc-3035-11d9-b0e7-806d6172696f}]

\Shell\AutoRun\command - C:\ATI\SUPPORT\wxp-w2k-catalyst-7-94-030917m-011434c\Setup.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{605a9d26-b78e-11dc-b622-0090d0a8ed6f}]

\Shell\AutoRun\command - explorer.exe

 

.

Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'

"2008-04-01 23:04:08 C:\WINDOWS\Tasks\McQcTask.job"

- c:\PROGRA~1\mcafee\mqc\QcConsol.exe.1262 7

.

**************************************************************************

 

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-04-03 20:09:48

Windows 5.1.2600 Service Pack 2 NTFS

 

Balayage processus cach‚s ...

 

Balayage cach‚ autostart entries ...

 

Balayage des fichiers cach‚s ...

 

Scan termin‚ avec succŠs

Les fichiers cach‚s: 0

 

**************************************************************************

 

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\lvqolsms]

"ImagePath"="system32\drivers\arjkevag.dat"

.

------------------------ Other Running Processes ------------------------

.

C:\WINDOWS\system32\dllhost.exe

C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe

c:\PROGRA~1\FICHIE~1\mcafee\mna\mcnasvc.exe

c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe

C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe

C:\Program Files\McAfee\MPF\MPFSrv.exe

C:\WINDOWS\system32\locator.exe

C:\WINDOWS\System32\vssvc.exe

C:\PROGRA~1\McAfee.com\Agent\mcagent.exe

C:\PROGRA~1\Wanadoo\TaskBarIcon.exe

C:\Program Files\McAfee\MSC\mcuimgr.exe

.

**************************************************************************

.

Temps d'accomplissement: 2008-04-03 20:13:24 - machine was rebooted

ComboFix-quarantined-files.txt 2008-04-03 18:13:16

Pre-Run: 10,365,497,344 octets libres

Post-Run: 10,309,709,824 octets libres

.

2008-03-12 20:10:50 --- E O F ---