Deze website maakt gebruik van cookies. Waarom? Klik hier voor ons privacy- en cookiebeleid. Door op akkoord te klikken of door gebruik te blijven maken van deze website geeft u aan akkoord te zijn met het gebruik van cookies.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

topsearch10

None
17 antwoorden
  • ik heb lastt van bovenstaand programma

    kan momenteel niet te veel typen, sorry

    hoe krijg ik dit weg!
  • oh en Search & Destroy haalt het dus niet weg…

    telkens als ik een explorer scherm opstart krijg ik tig van die schermen van topsearch10..

    vriendelijk bedankt!
  • copier de volgende code:
    [code:1:cd17b60b0a]
    regedit /e C:\run..txt "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"
    start C:\run.txt[/code:1:cd17b60b0a]
    Plak dit in notepad en sla het op als [b:cd17b60b0a]run.bat[/b:cd17b60b0a]
    Opslaan als type: [b:cd17b60b0a]Alle bestanden[/b:cd17b60b0a]

    Start run.bat en post de inhoud.
  • hij kan het document run.txt niet vinden zegt ie
  • heb en typo gemaakt. Je hebt waarschijnlijk W98
    [code:1:85b316e96d]
    regedit /e C:\run.txt "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"
    notepad C:\run.txt[/code:1:85b316e96d]

    opslaan als run.bat en starten
    maakt een C:\run.txt aan die automatisch wordt getoond.
  • indows Registry Editor Version 5.00

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Apoint"="C:\\Program Files\\Apoint2K\\Apoint.exe"
    "AGRSMMSG"="AGRSMMSG.exe"
    "NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\System32\\NvCpl.dll,NvStartup"
    "nwiz"="nwiz.exe /install"
    "SunJavaUpdateSched"="C:\\Program Files\\Java\\j2re1.4.2_03\\bin\\jusched.exe"
    "QuickTime Task"=""C:\\Program Files\\QuickTime\\qttask.exe" -atboottime"
    "eabconfg.cpl"="C:\\Program Files\\HPQ\\Quick Launch Buttons\\EabServr.exe /Start"
    "UpdateManager"=""C:\\Program Files\\Common Files\\Sonic\\Update Manager\\sgtray.exe"
    "
    "HPHUPD05"="c:\\Program Files\\Hewlett-Packard\\{45B6180B-DCAB-4093-8EE8-6164457517F0}\\hphupd05.exe"
    "HP Software Update"=""c:\\Program Files\\Hewlett-Packard\\HP Software Update\\HPWuSchd.exe""
    "HPHmon05"="C:\\WINDOWS\\System32\\hphmon05.exe"
    "Cpqset"="C:\\Program Files\\HPQ\\Default Settings\\cpqset.exe"
    "{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="C:\\Program Files\\Google\\Gmail Notifier\\gnotify.exe"
    "ccApp"=""C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe""
    "Symantec NetDriver Monitor"="C:\\PROGRA~1\\SYMNET~1\\SNDMon.exe"
    "AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgcc.exe /STARTUP"
    "AVG7_EMC"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgemc.exe"
    "WebSearch"="C:\\WINDOWS\\System32\\WebSrch2.exe"

    dank je!
  • xp trouwens
  • Maak een scan met microworld http://www.mwti.net/antivirus/mwav.asp

    post het resultaat tesamen met een hijackthislog
  • hijack this voor scan

    Logfile of HijackThis v1.99.1
    Scan saved at 13:19:26, on 29-4-2005
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Norton AntiVirus
    avapsvc.exe
    C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    C:\WINDOWS\System32
    vsvc32.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Apoint2K\Apoint.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\Program Files\Apoint2K\Apntex.exe
    C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
    C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
    C:\WINDOWS\System32\hphmon05.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    C:\WINDOWS\System32\WebSrch2.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Documents and Settings\boom\Local Settings\Temporary Internet Files\Content.IE5\61JSLWRA\HijackThis[1].exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://forum.computertotaal.nl/phpBB/viewtopic.php?p=966351
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs
    dr?TYPE=3&tp=iehome&locale=NL_NL&c=Q304&bd=presario&pf=laptop
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs
    dr?TYPE=3&tp=iehome&locale=NL_NL&c=Q304&bd=presario&pf=laptop
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O1 - Hosts: om #[Adware.Searchforit]
    O1 - Hosts: 127.0.27.0.0.1 stx7.sextracker.com
    O1 - Hosts: 127.0..sextracker.com
    O1 - Hosts: om #[Adware.Searchforit]
    O1 - Hosts: 127.0.27.0.0.1 stx7.sextracker.com
    O1 - Hosts: 127.0..sextracker.com
    O1 - Hosts: om #[Adware.Searchforit]
    O1 - Hosts: 127.0.27.0.0.1 stx7.sextracker.com
    O1 - Hosts: 127.0..sextracker.com
    O1 - Hosts: om #[Adware.Searchforit]
    O1 - Hosts: com
    O1 - Hosts: com
    O1 - Hosts: 127.0.0.
    O1 - Hosts: er.com
    O1 - Hosts: er.com
    O1 - Hosts: er.com
    O1 - Hosts: 127.0
    O1 - Hosts: m
    O1 - Hosts: izer.com
    O1 - Hosts: m
    O1 - Hosts: izer.com
    O1 - Hosts: 127.0.0.
    O1 - Hosts: com
    O1 - Hosts: com
    O1 - Hosts: optimizer.com
    O1 - Hosts: .i-lookup.com
    O1 - Hosts: com
    O1 - Hosts: optimizer.com
    O1 - Hosts: 127.0.0.
    O1 - Hosts: olbar.com
    O1 - Hosts: et-optimizer.com
    O1 - Hosts: olbar.com
    O1 - Hosts: et-optimizer.com
    O1 - Hosts: 127
    O1 - Hosts: chtoolbar.com
    O1 - Hosts: ernet-optimizer.com
    O1 - Hosts: chtoolbar.com
    O1 - Hosts: ernet-optimizer.com
    O1 - Hosts: 127.0.0.
    O1 - Hosts: nternet-optimizer.com
    O1 - Hosts: 127.0.0.om.edgesuite.net
    O1 - Hosts: nternet-optimizer.com
    O1 - Hosts: .internet-optimizer.com
    O1 - Hosts: .internet-optimizer.com
    O1 - Hosts: w.internet-optimizer.com
    O1 - Hosts: w.internet-optimizer.com
    O1 - Hosts: m
    O1 - Hosts: w.internet-optimizer.com
    O1 - Hosts: m
    O1 - Hosts: w.internet-optimizer.com
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: MSEvents Object - {44240BB5-BD7D-4D49-A1AA-8AB0F3D3CB44} - C:\WINDOWS\MICROS~1.NET\imginfo.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: (no name) - {8E13DDE1-E013-47ec-9C4C-27C2F78BDD26} - C:\WINDOWS\System32\req.dll (file missing)
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
    O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe"

    O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
    O4 - HKLM\..\Run: [HP Software Update] "c:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
    O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
    O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
    O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    O4 - HKLM\..\Run: [WebSearch] C:\WINDOWS\System32\WebSrch2.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - Global Startup: SpySubtract.lnk = C:\Program Files\interMute\SpySubtract\SpySub.exe
    O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
    O8 - Extra context menu item: Gelijkwaardige pagina's - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
    O8 - Extra context menu item: Koppelingspagina's - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
    O8 - Extra context menu item: Opgeslagen momentopname van de pagina - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin
    pjpi142_03.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin
    pjpi142_03.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs
    dr?TYPE=3&tp=iehome&locale=NL_NL&c=Q304&bd=presario&pf=laptop
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
    O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/6247971CanadaInc/ie/bridge-c11.cab
    O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
    O16 - DPF: {6E2D6932-3885-4FA2-8DD4-DB63FFE33797} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkCnv.cab
    O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab
    O16 - DPF: {841A9192-5690-11D4-A258-0040954A01BE} - http://dialxs.nl/install/dialxs.ocx
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
    O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697517} (NsvPlayX Control) - http://www.nullsoft.com/nsv/embed/nsvplayx_vp3_aac.cab
    O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
    O20 - Winlogon Notify: imginfo - C:\WINDOWS\MICROS~1.NET\imginfo.dll
    O20 - Winlogon Notify: req - C:\WINDOWS\System32\req.dll (file missing)
    O21 - SSODL: NTDBGTOOL - {55D00E05-F65B-4882-9DAE-251A3723B779} - C:\WINDOWS\System32\unictxdm.dll
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus
    avapsvc.exe
    O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32
    vsvc32.exe
    O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
  • Heb je Norton Antivirus of AVG al eens gedraaid? want er zit nog al wat virussen en spyware- programma's op je pc als Internet Optimalizer, Web search en DialXS

    Probeer eens Hitman Pro en nog wat, zet je HijackThis in een aparte folder en niet in tijdelijke internetbestanden omdat HijackThis back-ups maakt! Dus bijv. C:\Program Files\HijackThis

    Post na deze actie weer een nieuwe log!
  • Fri Apr 29 13:24:29 2005 => **********************************************************
    Fri Apr 29 13:24:29 2005 => MicroWorld AntiVirus Toolkit Utility.
    Fri Apr 29 13:24:29 2005 => Copyright © 2003-2005, MicroWorld Technologies Inc.
    Fri Apr 29 13:24:29 2005 => **********************************************************
    Fri Apr 29 13:24:29 2005 => Version 6.1.2 (C:\DOCUME~1\boom\LOCALS~1\Temp\mwavscan.com)
    Fri Apr 29 13:24:29 2005 => Log File: C:\DOCUME~1\boom\LOCALS~1\Temp\MWAV.LOG
    Fri Apr 29 13:24:29 2005 => MWAV Registered: FALSE.
    Fri Apr 29 13:24:29 2005 => MWAV Mode: Only Scan files.
    Fri Apr 29 13:24:31 2005 => Latest Date of files inside MWAV: 28 Apr 2005 15:45:44.
    Fri Apr 29 13:24:41 2005 => AV Library Loaded…
    Fri Apr 29 13:24:42 2005 => MWAV doing self scanning…
    Fri Apr 29 13:24:42 2005 => Scanning File C:\DOCUME~1\boom\LOCALS~1\Temp\kavss.exe
    Fri Apr 29 13:24:42 2005 => Scanning File C:\DOCUME~1\boom\LOCALS~1\Temp\Getvlist.exe
    Fri Apr 29 13:24:43 2005 => Scanning File C:\DOCUME~1\boom\LOCALS~1\Temp\kavss.dll
    Fri Apr 29 13:24:43 2005 => Scanning File C:\DOCUME~1\boom\LOCALS~1\Temp\kavssdi.dll
    Fri Apr 29 13:24:43 2005 => Scanning File C:\DOCUME~1\boom\LOCALS~1\Temp\kavssi.dll
    Fri Apr 29 13:24:43 2005 => Scanning File C:\DOCUME~1\boom\LOCALS~1\Temp\kavvlg.dll
    Fri Apr 29 13:24:44 2005 => Scanning File C:\DOCUME~1\boom\LOCALS~1\Temp\msvlclnt.dll
    Fri Apr 29 13:24:44 2005 => Scanning File C:\DOCUME~1\boom\LOCALS~1\Temp\ipc.dll
    Fri Apr 29 13:24:44 2005 => Scanning File C:\DOCUME~1\boom\LOCALS~1\Temp\main.avi
    Fri Apr 29 13:24:44 2005 => Scanning File C:\DOCUME~1\boom\LOCALS~1\Temp\virus.avi
    Fri Apr 29 13:24:44 2005 => MWAV files are clean.
    Fri Apr 29 13:24:54 2005 => Virus Database Date: 2005/04/28
    Fri Apr 29 13:24:54 2005 => Virus Database Count: 127611

    Fri Apr 29 13:25:17 2005 => **********************************************************
    Fri Apr 29 13:25:17 2005 => MicroWorld AntiVirus Toolkit Utility.
    Fri Apr 29 13:25:17 2005 => Copyright © 2003-2005, MicroWorld Technologies Inc.
    Fri Apr 29 13:25:17 2005 =>
    Fri Apr 29 13:25:17 2005 => Support: support@mwti.net
    Fri Apr 29 13:25:17 2005 => Web: http://www.mwti.net
    Fri Apr 29 13:25:17 2005 => **********************************************************
    Fri Apr 29 13:25:17 2005 => Version 6.1.2 (C:\DOCUME~1\boom\LOCALS~1\Temp\mwavscan.com)
    Fri Apr 29 13:25:17 2005 => Log File: C:\DOCUME~1\boom\LOCALS~1\Temp\MWAV.LOG
    Fri Apr 29 13:25:17 2005 => User Account: boom
    Fri Apr 29 13:25:17 2005 => Windows Root Folder: C:\WINDOWS
    Fri Apr 29 13:25:17 2005 => Windows Sys32 Folder: C:\WINDOWS\system32
    Fri Apr 29 13:25:17 2005 => OS: Windows NT
    Fri Apr 29 13:25:18 2005 => Latest Date of files inside MWAV: 28 Apr 2005 15:45:44.

    Fri Apr 29 13:25:20 2005 => Options Selected by User:
    Fri Apr 29 13:25:20 2005 => Memory Check: Enabled
    Fri Apr 29 13:25:20 2005 => Registry Check: Enabled
    Fri Apr 29 13:25:20 2005 => StartUp Folder Check: Enabled
    Fri Apr 29 13:25:20 2005 => System Folder Check: Enabled
    Fri Apr 29 13:25:20 2005 => System Area Check: Disabled
    Fri Apr 29 13:25:20 2005 => Services Check: Enabled
    Fri Apr 29 13:25:20 2005 => Drive Check: Disabled
    Fri Apr 29 13:25:20 2005 => All Drive Check :Enabled
    Fri Apr 29 13:25:20 2005 => Folder Check: Disabled

    Fri Apr 29 13:25:23 2005 => ***** Scanning Memory Files *****
    Fri Apr 29 13:25:23 2005 => Scanning File C:\WINDOWS\System32\smss.exe
    Fri Apr 29 13:25:23 2005 => Scanning File C:\WINDOWS\system32
    tdll.dll
    Fri Apr 29 13:25:24 2005 => Scanning File C:\WINDOWS\SYSTEM32\CSRSS.EXE
    Fri Apr 29 13:25:24 2005 => Scanning File C:\WINDOWS\system32\CSRSRV.dll
    Fri Apr 29 13:25:24 2005 => Scanning File C:\WINDOWS\system32\basesrv.dll
    Fri Apr 29 13:25:24 2005 => Scanning File C:\WINDOWS\system32\winsrv.dll
    Fri Apr 29 13:25:25 2005 => Scanning File C:\WINDOWS\system32\GDI32.dll
    Fri Apr 29 13:25:26 2005 => Scanning File C:\WINDOWS\system32\KERNEL32.dll
    Fri Apr 29 13:25:28 2005 => Scanning File C:\WINDOWS\system32\USER32.dll
    Fri Apr 29 13:25:29 2005 => Scanning File C:\WINDOWS\system32\sxs.dll
    Fri Apr 29 13:25:30 2005 => Scanning File C:\WINDOWS\system32\ADVAPI32.dll
    Fri Apr 29 13:25:31 2005 => Scanning File C:\WINDOWS\system32\RPCRT4.dll
    Fri Apr 29 13:25:32 2005 => Scanning File C:\WINDOWS\system32\Apphelp.dll
    Fri Apr 29 13:25:32 2005 => Scanning File C:\WINDOWS\system32\VERSION.dll
    Fri Apr 29 13:25:32 2005 => Scanning File C:\WINDOWS\SYSTEM32\WINLOGON.EXE
    Fri Apr 29 13:25:34 2005 => Scanning File C:\WINDOWS\system32\AUTHZ.dll
    Fri Apr 29 13:25:34 2005 => Scanning File C:\WINDOWS\system32\msvcrt.dll
    Fri Apr 29 13:25:34 2005 => Scanning File C:\WINDOWS\system32\CRYPT32.dll
    Fri Apr 29 13:25:35 2005 => Scanning File C:\WINDOWS\system32\MSASN1.dll
    Fri Apr 29 13:25:36 2005 => Scanning File C:\WINDOWS\system32\NDdeApi.dll
    Fri Apr 29 13:25:36 2005 => Scanning File C:\WINDOWS\system32\PROFMAP.dll
    Fri Apr 29 13:25:36 2005 => Scanning File C:\WINDOWS\system32\NETAPI32.dll
    Fri Apr 29 13:25:37 2005 => Scanning File C:\WINDOWS\system32\USERENV.dll
    Fri Apr 29 13:25:38 2005 => Scanning File C:\WINDOWS\system32\PSAPI.DLL
    Fri Apr 29 13:25:38 2005 => Scanning File C:\WINDOWS\system32\REGAPI.dll
    Fri Apr 29 13:25:39 2005 => Scanning File C:\WINDOWS\system32\Secur32.dll
    Fri Apr 29 13:25:39 2005 => Scanning File C:\WINDOWS\system32\SETUPAPI.dll
    Fri Apr 29 13:25:41 2005 => Scanning File C:\WINDOWS\system32\WINSTA.dll
    Fri Apr 29 13:25:41 2005 => Scanning File C:\WINDOWS\system32\WINTRUST.dll
    Fri Apr 29 13:25:42 2005 => Scanning File C:\WINDOWS\system32\IMAGEHLP.dll
    Fri Apr 29 13:25:42 2005 => Scanning File C:\WINDOWS\system32\WS2_32.dll
    Fri Apr 29 13:25:43 2005 => Scanning File C:\WINDOWS\system32\WS2HELP.dll
    Fri Apr 29 13:25:43 2005 => Scanning File C:\WINDOWS\system32\MSGINA.dll
    Fri Apr 29 13:25:45 2005 => Scanning File C:\WINDOWS\system32\SHELL32.dll
    Fri Apr 29 13:25:47 2005 => Scanning File C:\WINDOWS\system32\SHLWAPI.dll
    Fri Apr 29 13:25:48 2005 => Scanning File C:\WINDOWS\system32\COMCTL32.dll
    Fri Apr 29 13:25:49 2005 => Scanning File C:\WINDOWS\system32\ODBC32.dll
    Fri Apr 29 13:25:49 2005 => Scanning File C:\WINDOWS\system32\comdlg32.dll
    Fri Apr 29 13:25:50 2005 => Scanning File C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
    Fri Apr 29 13:25:52 2005 => Scanning File C:\WINDOWS\system32\odbcint.dll
    Fri Apr 29 13:25:53 2005 => Scanning File C:\WINDOWS\system32\SHSVCS.dll
    Fri Apr 29 13:25:53 2005 => Scanning File C:\WINDOWS\system32\sfc.dll
    Fri Apr 29 13:25:53 2005 => Scanning File C:\WINDOWS\system32\sfc_os.dll
    Fri Apr 29 13:25:54 2005 => Scanning File C:\WINDOWS\system32\ole32.dll
    Fri Apr 29 13:25:55 2005 => Scanning File C:\WINDOWS\system32\WINSCARD.DLL
    Fri Apr 29 13:25:55 2005 => Scanning File C:\WINDOWS\system32\WTSAPI32.dll
    Fri Apr 29 13:25:56 2005 => Scanning File C:\WINDOWS\system32\uxtheme.dll
    Fri Apr 29 13:25:56 2005 => Scanning File C:\WINDOWS\system32\WINMM.dll
    Fri Apr 29 13:25:57 2005 => Scanning File C:\WINDOWS\system32\SYNCOR11.DLL
    Fri Apr 29 13:25:57 2005 => Scanning File C:\WINDOWS\system32\cscdll.dll
    Fri Apr 29 13:25:58 2005 => Scanning File C:\WINDOWS\MICROS~1.NET\imginfo.dll
    Fri Apr 29 13:25:59 2005 => Scanning File C:\WINDOWS\system32\shfolder.dll
    Fri Apr 29 13:25:59 2005 => Scanning File C:\WINDOWS\system32\wininet.dll
    Fri Apr 29 13:26:00 2005 => Scanning File C:\WINDOWS\system32\OLEAUT32.dll
    Fri Apr 29 13:26:01 2005 => Scanning File C:\WINDOWS\system32\wsock32.dll
    Fri Apr 29 13:26:01 2005 => Scanning File C:\WINDOWS\system32\urlmon.dll
    Fri Apr 29 13:26:02 2005 => Scanning File C:\WINDOWS\system32\rsaenh.dll
    Fri Apr 29 13:26:02 2005 => Scanning File C:\WINDOWS\system32\WlNotify.dll
    Fri Apr 29 13:26:03 2005 => Scanning File C:\WINDOWS\system32\WINSPOOL.DRV
    Fri Apr 29 13:26:03 2005 => Scanning File C:\WINDOWS\system32\MPR.dll
    Fri Apr 29 13:26:03 2005 => Scanning File C:\WINDOWS\system32\SAMLIB.dll
    Fri Apr 29 13:26:04 2005 => Scanning File C:\WINDOWS\system32\msv1_0.dll
    Fri Apr 29 13:26:04 2005 => Scanning File C:\WINDOWS\system32\iphlpapi.dll
    Fri Apr 29 13:26:05 2005 => Scanning File C:\WINDOWS\system32\RASAPI32.dll
    Fri Apr 29 13:26:05 2005 => Scanning File C:\WINDOWS\system32\rasman.dll
    Fri Apr 29 13:26:06 2005 => Scanning File C:\WINDOWS\system32\TAPI32.dll
    Fri Apr 29 13:26:06 2005 => Scanning File C:\WINDOWS\system32\rtutils.dll
    Fri Apr 29 13:26:06 2005 => Scanning File C:\WINDOWS\system32\cscui.dll
    Fri Apr 29 13:26:07 2005 => Scanning File C:\WINDOWS\system32\xpsp2res.dll
    Fri Apr 29 13:26:20 2005 => Scanning File C:\WINDOWS\system32\COMRes.dll
    Fri Apr 29 13:26:20 2005 => Scanning File C:\WINDOWS\system32\CLBCATQ.DLL
    Fri Apr 29 13:26:20 2005 => Scanning File C:\WINDOWS\system32\NTMARTA.DLL
    Fri Apr 29 13:26:21 2005 => Scanning File C:\WINDOWS\system32\WLDAP32.dll
    Fri Apr 29 13:26:21 2005 => Scanning File C:\WINDOWS\system32\wdmaud.drv
    Fri Apr 29 13:26:21 2005 => Scanning File C:\WINDOWS\system32\msacm32.drv
    Fri Apr 29 13:26:22 2005 => Scanning File C:\WINDOWS\system32\MSACM32.dll
    Fri Apr 29 13:26:22 2005 => Scanning File C:\WINDOWS\system32\midimap.dll
    Fri Apr 29 13:26:22 2005 => Scanning File C:\WINDOWS\system32\services.exe
    Fri Apr 29 13:26:22 2005 => Scanning File C:\WINDOWS\system32\SCESRV.dll
    Fri Apr 29 13:26:23 2005 => Scanning File C:\WINDOWS\system32\umpnpmgr.dll
    Fri Apr 29 13:26:24 2005 => Scanning File C:\WINDOWS\system32\NCObjAPI.DLL
    Fri Apr 29 13:26:24 2005 => Scanning File C:\WINDOWS\system32\MSVCP60.dll
    Fri Apr 29 13:26:25 2005 => Scanning File C:\WINDOWS\system32\ShimEng.dll
    Fri Apr 29 13:26:25 2005 => Scanning File C:\WINDOWS\AppPatch\AcGenral.DLL
    Fri Apr 29 13:26:27 2005 => Scanning File C:\WINDOWS\system32\eventlog.dll
    Fri Apr 29 13:26:27 2005 => Scanning File C:\WINDOWS\system32\lsass.exe
    Fri Apr 29 13:26:28 2005 => Scanning File C:\WINDOWS\system32\LSASRV.dll
    Fri Apr 29 13:26:28 2005 => Scanning File C:\WINDOWS\system32\NTDSAPI.dll
    Fri Apr 29 13:26:28 2005 => Scanning File C:\WINDOWS\system32\DNSAPI.dll
    Fri Apr 29 13:26:29 2005 => Scanning File C:\WINDOWS\system32\SAMSRV.dll
    Fri Apr 29 13:26:29 2005 => Scanning File C:\WINDOWS\system32\cryptdll.dll
    Fri Apr 29 13:26:29 2005 => Scanning File C:\WINDOWS\system32\msprivs.dll
    Fri Apr 29 13:26:30 2005 => Scanning File C:\WINDOWS\system32\kerberos.dll
    Fri Apr 29 13:26:30 2005 => Scanning File C:\WINDOWS\system32
    etlogon.dll
    Fri Apr 29 13:26:31 2005 => Scanning File C:\WINDOWS\system32\w32time.dll
    Fri Apr 29 13:26:31 2005 => Scanning File C:\WINDOWS\system32\schannel.dll
    Fri Apr 29 13:26:31 2005 => Scanning File C:\WINDOWS\system32\wdigest.dll
    Fri Apr 29 13:26:32 2005 => Scanning File C:\WINDOWS\system32\scecli.dll
    Fri Apr 29 13:26:32 2005 => Scanning File C:\WINDOWS\system32\ipsecsvc.dll
    Fri Apr 29 13:26:33 2005 => Scanning File C:\WINDOWS\system32\oakley.DLL
    Fri Apr 29 13:26:33 2005 => Scanning File C:\WINDOWS\system32\WINIPSEC.DLL
    Fri Apr 29 13:26:34 2005 => Scanning File C:\WINDOWS\system32\pstorsvc.dll
    Fri Apr 29 13:26:34 2005 => Scanning File C:\WINDOWS\system32\mswsock.dll
    Fri Apr 29 13:26:34 2005 => Scanning File C:\WINDOWS\system32\hnetcfg.dll
    Fri Apr 29 13:26:35 2005 => Scanning File C:\WINDOWS\System32\wshtcpip.dll
    Fri Apr 29 13:26:35 2005 => Scanning File C:\WINDOWS\system32\psbase.dll
    Fri Apr 29 13:26:36 2005 => Scanning File C:\WINDOWS\system32\dssenh.dll
    Fri Apr 29 13:26:36 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
    Fri Apr 29 13:26:36 2005 => Scanning File c:\windows\system32\rpcss.dll
    Fri Apr 29 13:26:37 2005 => Scanning File c:\windows\system32\termsrv.dll
    Fri Apr 29 13:26:38 2005 => Scanning File c:\windows\system32\ICAAPI.dll
    Fri Apr 29 13:26:38 2005 => Scanning File c:\windows\system32\mstlsapi.dll
    Fri Apr 29 13:26:38 2005 => Scanning File c:\windows\system32\ACTIVEDS.dll
    Fri Apr 29 13:26:39 2005 => Scanning File c:\windows\system32\adsldpc.dll
    Fri Apr 29 13:26:39 2005 => Scanning File c:\windows\system32\ATL.DLL
    Fri Apr 29 13:26:40 2005 => Scanning File C:\WINDOWS\System32\winrnr.dll
    Fri Apr 29 13:26:40 2005 => Scanning File C:\WINDOWS\system32\rasadhlp.dll
    Fri Apr 29 13:26:40 2005 => Scanning File c:\windows\system32\dhcpcsvc.dll
    Fri Apr 29 13:26:40 2005 => Scanning File c:\windows\system32\wzcsvc.dll
    Fri Apr 29 13:26:41 2005 => Scanning File c:\windows\system32\WMI.dll
    Fri Apr 29 13:26:41 2005 => Scanning File c:\windows\system32\ESENT.dll
    Fri Apr 29 13:26:42 2005 => Scanning File C:\WINDOWS\System32\rastls.dll
    Fri Apr 29 13:26:42 2005 => Scanning File C:\WINDOWS\system32\CRYPTUI.dll
    Fri Apr 29 13:26:44 2005 => Scanning File C:\WINDOWS\System32\MPRAPI.dll
    Fri Apr 29 13:26:44 2005 => Scanning File C:\WINDOWS\System32\raschap.dll
    Fri Apr 29 13:26:44 2005 => Scanning File c:\windows\system32\schedsvc.dll
    Fri Apr 29 13:26:44 2005 => Scanning File C:\WINDOWS\System32\MSIDLE.DLL
    Fri Apr 29 13:26:45 2005 => Scanning File c:\windows\system32\audiosrv.dll
    Fri Apr 29 13:26:45 2005 => Scanning File c:\windows\system32\wkssvc.dll
    Fri Apr 29 13:26:45 2005 => Scanning File c:\windows\system32\qmgr.dll
    Fri Apr 29 13:26:46 2005 => Scanning File c:\windows\system32\WINHTTP.dll
    Fri Apr 29 13:26:47 2005 => Scanning File c:\windows\system32\cryptsvc.dll
    Fri Apr 29 13:26:47 2005 => Scanning File c:\windows\system32\certcli.dll
    Fri Apr 29 13:26:48 2005 => Scanning File c:\windows\system32\ersvc.dll
    Fri Apr 29 13:26:48 2005 => Scanning File c:\windows\system32\es.dll
    Fri Apr 29 13:26:48 2005 => Scanning File c:\windows\pchealth\helpctr\binaries\pchsvc.dll
    Fri Apr 29 13:26:48 2005 => Scanning File c:\windows\system32\srvsvc.dll
    Fri Apr 29 13:26:49 2005 => Scanning File c:\windows\system32
    etman.dll
    Fri Apr 29 13:26:50 2005 => Scanning File c:\windows\system32
    etshell.dll
    Fri Apr 29 13:26:51 2005 => Scanning File c:\windows\system32\credui.dll
    Fri Apr 29 13:26:52 2005 => Scanning File c:\windows\system32\WZCSAPI.DLL
    Fri Apr 29 13:26:52 2005 => Scanning File c:\windows\system32\seclogon.dll
    Fri Apr 29 13:26:52 2005 => Scanning File c:\windows\system32\sens.dll
    Fri Apr 29 13:26:52 2005 => Scanning File c:\windows\system32\srsvc.dll
    Fri Apr 29 13:26:53 2005 => Scanning File c:\windows\system32\POWRPROF.dll
    Fri Apr 29 13:26:53 2005 => Scanning File c:\windows\system32\trkwks.dll
    Fri Apr 29 13:26:53 2005 => Scanning File c:\windows\system32\browser.dll
    Fri Apr 29 13:26:53 2005 => Scanning File c:\windows\system32\wuauserv.dll
    Fri Apr 29 13:26:53 2005 => Scanning File c:\windows\system32\wbem\wmisvc.dll
    Fri Apr 29 13:26:54 2005 => Scanning File C:\WINDOWS\system32\VSSAPI.DLL
    Fri Apr 29 13:26:54 2005 => Scanning File C:\WINDOWS\system32\wuaueng.dll
    Fri Apr 29 13:26:56 2005 => Scanning File C:\WINDOWS\System32\ADVPACK.dll
    Fri Apr 29 13:26:56 2005 => Scanning File C:\WINDOWS\System32\Cabinet.dll
    Fri Apr 29 13:26:57 2005 => Scanning File C:\WINDOWS\System32\mspatcha.dll
    Fri Apr 29 13:26:57 2005 => Scanning File C:\WINDOWS\system32\comsvcs.dll
    Fri Apr 29 13:26:58 2005 => Scanning File C:\WINDOWS\system32\MTXCLU.DLL
    Fri Apr 29 13:26:58 2005 => Scanning File C:\WINDOWS\system32\colbact.DLL
    Fri Apr 29 13:26:58 2005 => Scanning File C:\WINDOWS\System32\CLUSAPI.DLL
    Fri Apr 29 13:26:59 2005 => Scanning File C:\WINDOWS\System32\RESUTILS.DLL
    Fri Apr 29 13:26:59 2005 => Scanning File c:\windows\system32\ipnathlp.dll
    Fri Apr 29 13:27:00 2005 => Scanning File c:\windows\system32\wscsvc.dll
    Fri Apr 29 13:27:00 2005 => Scanning File c:\windows\system32\msi.dll
    Fri Apr 29 13:27:00 2005 => Scanning File C:\WINDOWS\System32\wbem\wbemcomn.dll
    Fri Apr 29 13:27:01 2005 => Scanning File C:\WINDOWS\System32\Wbem\wbemcore.dll
    Fri Apr 29 13:27:02 2005 => Scanning File C:\WINDOWS\System32\Wbem\esscli.dll
    Fri Apr 29 13:27:02 2005 => Scanning File C:\WINDOWS\System32\Wbem\FastProx.dll
    Fri Apr 29 13:27:04 2005 => Scanning File C:\WINDOWS\System32\wbem\wmiutils.dll
    Fri Apr 29 13:27:04 2005 => Scanning File C:\WINDOWS\System32\wbem\repdrvfs.dll
    Fri Apr 29 13:27:05 2005 => Scanning File C:\WINDOWS\System32\wbem\wmiprvsd.dll
    Fri Apr 29 13:27:05 2005 => Scanning File C:\WINDOWS\System32\wbem\wbemess.dll
    Fri Apr 29 13:27:06 2005 => Scanning File C:\WINDOWS\System32\wbem
    cprov.dll
    Fri Apr 29 13:27:06 2005 => Scanning File C:\WINDOWS\System32
    etcfgx.dll
    Fri Apr 29 13:27:07 2005 => Scanning File c:\windows\system32\tapisrv.dll
    Fri Apr 29 13:27:08 2005 => Scanning File c:\windows\system32\rasmans.dll
    Fri Apr 29 13:27:08 2005 => Scanning File C:\WINDOWS\System32\rastapi.dll
    Fri Apr 29 13:27:08 2005 => Scanning File C:\WINDOWS\System32\unimdm.tsp
    Fri Apr 29 13:27:09 2005 => Scanning File C:\WINDOWS\System32\uniplat.dll
    Fri Apr 29 13:27:09 2005 => Scanning File C:\WINDOWS\System32\unimdmat.dll
    Fri Apr 29 13:27:09 2005 => Scanning File C:\WINDOWS\system32\modemui.dll
    Fri Apr 29 13:27:10 2005 => Scanning File C:\WINDOWS\System32\kmddsp.tsp
    Fri Apr 29 13:27:10 2005 => Scanning File C:\WINDOWS\System32
    dptsp.tsp
    Fri Apr 29 13:27:10 2005 => Scanning File C:\WINDOWS\System32\ipconf.tsp
    Fri Apr 29 13:27:10 2005 => Scanning File C:\WINDOWS\System32\h323.tsp
    Fri Apr 29 13:27:11 2005 => Scanning File C:\WINDOWS\System32\hidphone.tsp
    Fri Apr 29 13:27:11 2005 => Scanning File C:\WINDOWS\System32\HID.DLL
    Fri Apr 29 13:27:12 2005 => Scanning File C:\WINDOWS\System32\rasppp.dll
    Fri Apr 29 13:27:12 2005 => Scanning File C:\WINDOWS\System32
    tlsapi.dll
    Fri Apr 29 13:27:12 2005 => Scanning File c:\windows\system32\rasauto.dll
    Fri Apr 29 13:27:13 2005 => Scanning File C:\WINDOWS\System32\icmp.dll
    Fri Apr 29 13:27:13 2005 => Scanning File C:\WINDOWS\system32\upnphost.dll
    Fri Apr 29 13:27:13 2005 => Scanning File C:\WINDOWS\system32\SSDPAPI.dll
    Fri Apr 29 13:27:13 2005 => Scanning File C:\WINDOWS\System32\RASDLG.dll
    Fri Apr 29 13:27:15 2005 => Scanning File C:\WINDOWS\System32\upnp.dll
    Fri Apr 29 13:27:15 2005 => Scanning File C:\WINDOWS\System32\wbem\wbemsvc.dll
    Fri Apr 29 13:27:16 2005 => Scanning File C:\WINDOWS\System32\wuapi.dll
    Fri Apr 29 13:27:17 2005 => Scanning File C:\WINDOWS\System32\mlang.dll
    Fri Apr 29 13:27:18 2005 => Scanning File C:\WINDOWS\System32\xmlprovi.dll
    Fri Apr 29 13:27:18 2005 => Scanning File c:\windows\system32\dnsrslvr.dll
    Fri Apr 29 13:27:18 2005 => Scanning File c:\windows\system32\lmhsvc.dll
    Fri Apr 29 13:27:18 2005 => Scanning File c:\windows\system32\webclnt.dll
    Fri Apr 29 13:27:18 2005 => Scanning File c:\windows\system32\ssdpsrv.dll
    Fri Apr 29 13:27:19 2005 => Scanning File C:\WINDOWS\System32\msxml3.dll
    Fri Apr 29 13:27:19 2005 => Scanning File C:\WINDOWS\System32\httpapi.dll
    Fri Apr 29 13:27:20 2005 => Scanning File C:\WINDOWS\system32\spoolsv.exe
    Fri Apr 29 13:27:20 2005 => Scanning File C:\WINDOWS\system32\SPOOLSS.DLL
    Fri Apr 29 13:27:20 2005 => Scanning File C:\WINDOWS\system32\localspl.dll
    Fri Apr 29 13:27:21 2005 => Scanning File C:\WINDOWS\system32\cnbjmon.dll
    Fri Apr 29 13:27:21 2005 => Scanning File C:\WINDOWS\system32\pjlmon.dll
    Fri Apr 29 13:27:21 2005 => Scanning File C:\WINDOWS\system32\tcpmon.dll
    Fri Apr 29 13:27:21 2005 => Scanning File C:\WINDOWS\system32\usbmon.dll
    Fri Apr 29 13:27:22 2005 => Scanning File C:\WINDOWS\system32\win32spl.dll
    Fri Apr 29 13:27:22 2005 => Scanning File C:\WINDOWS\system32\NETRAP.dll
    Fri Apr 29 13:27:22 2005 => Scanning File C:\WINDOWS\system32\inetpp.dll
    Fri Apr 29 13:27:22 2005 => Scanning File C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    Fri Apr 29 13:27:26 2005 => Scanning File C:\WINDOWS\system32\MSVCP71.dll
    Fri Apr 29 13:27:29 2005 => Scanning File C:\WINDOWS\system32\MSVCR71.dll

    Fri Apr 29 13:39:34 2005 => **********************************************************
    Fri Apr 29 13:39:35 2005 => MicroWorld AntiVirus Toolkit Utility.
    Fri Apr 29 13:39:35 2005 => Copyright © 2003-2005, MicroWorld Technologies Inc.
    Fri Apr 29 13:39:35 2005 => **********************************************************
    Fri Apr 29 13:39:35 2005 => Version 6.1.2 (C:\DOCUME~1\boom\LOCALS~1\Temp\mwavscan.com)
    Fri Apr 29 13:39:35 2005 => Log File: C:\DOCUME~1\boom\LOCALS~1\Temp\MWAV.LOG
    Fri Apr 29 13:39:35 2005 => Last Scan Date and Time: 29.04.2005 13:25:18
    Fri Apr 29 13:39:35 2005 => MWAV Registered: FALSE.
    Fri Apr 29 13:39:35 2005 => MWAV Mode: Only Scan files.
    Fri Apr 29 13:39:38 2005 => Latest Date of files inside MWAV: 28 Apr 2005 15:45:44.
    Fri Apr 29 13:39:54 2005 => AV Library Loaded…
    Fri Apr 29 13:39:54 2005 => MWAV doing self scanning…
    Fri Apr 29 13:39:54 2005 => Scanning File C:\DOCUME~1\boom\LOCALS~1\Temp\kavss.exe
    Fri Apr 29 13:39:54 2005 => Scanning File C:\DOCUME~1\boom\LOCALS~1\Temp\Getvlist.exe
    Fri Apr 29 13:39:54 2005 => Scanning File C:\DOCUME~1\boom\LOCALS~1\Temp\kavss.dll
    Fri Apr 29 13:39:55 2005 => Scanning File C:\DOCUME~1\boom\LOCALS~1\Temp\kavssdi.dll
    Fri Apr 29 13:39:55 2005 => Scanning File C:\DOCUME~1\boom\LOCALS~1\Temp\kavssi.dll
    Fri Apr 29 13:39:55 2005 => Scanning File C:\DOCUME~1\boom\LOCALS~1\Temp\kavvlg.dll
    Fri Apr 29 13:39:55 2005 => Scanning File C:\DOCUME~1\boom\LOCALS~1\Temp\msvlclnt.dll
    Fri Apr 29 13:39:55 2005 => Scanning File C:\DOCUME~1\boom\LOCALS~1\Temp\ipc.dll
    Fri Apr 29 13:39:55 2005 => Scanning File C:\DOCUME~1\boom\LOCALS~1\Temp\main.avi
    Fri Apr 29 13:39:55 2005 => Scanning File C:\DOCUME~1\boom\LOCALS~1\Temp\virus.avi
    Fri Apr 29 13:39:55 2005 => MWAV files are clean.
    Fri Apr 29 13:40:04 2005 => Virus Database Date: 2005/04/28
    Fri Apr 29 13:40:04 2005 => Virus Database Count: 127611

    Fri Apr 29 13:40:14 2005 => **********************************************************
    Fri Apr 29 13:40:14 2005 => MicroWorld AntiVirus Toolkit Utility.
    Fri Apr 29 13:40:14 2005 => Copyright © 2003-2005, MicroWorld Technologies Inc.
    Fri Apr 29 13:40:14 2005 =>
    Fri Apr 29 13:40:14 2005 => Support: support@mwti.net
    Fri Apr 29 13:40:14 2005 => Web: http://www.mwti.net
    Fri Apr 29 13:40:14 2005 => **********************************************************
    Fri Apr 29 13:40:14 2005 => Version 6.1.2 (C:\DOCUME~1\boom\LOCALS~1\Temp\mwavscan.com)
    Fri Apr 29 13:40:14 2005 => Log File: C:\DOCUME~1\boom\LOCALS~1\Temp\MWAV.LOG
    Fri Apr 29 13:40:14 2005 => User Account: boom
    Fri Apr 29 13:40:14 2005 => Windows Root Folder: C:\WINDOWS
    Fri Apr 29 13:40:14 2005 => Windows Sys32 Folder: C:\WINDOWS\system32
    Fri Apr 29 13:40:14 2005 => OS: Windows NT
    Fri Apr 29 13:40:14 2005 => Latest Date of files inside MWAV: 28 Apr 2005 15:45:44.

    Fri Apr 29 13:40:14 2005 => Options Selected by User:
    Fri Apr 29 13:40:14 2005 => Memory Check: Enabled
    Fri Apr 29 13:40:14 2005 => Registry Check: Enabled
    Fri Apr 29 13:40:14 2005 => StartUp Folder Check: Enabled
    Fri Apr 29 13:40:14 2005 => System Folder Check: Enabled
    Fri Apr 29 13:40:14 2005 => System Area Check: Disabled
    Fri Apr 29 13:40:14 2005 => Services Check: Enabled
    Fri Apr 29 13:40:14 2005 => Drive Check Option Disabled
    Fri Apr 29 13:40:14 2005 => Folder Check: Disabled

    Fri Apr 29 13:40:14 2005 => ***** Scanning Memory Files *****
    Fri Apr 29 13:40:14 2005 => Scanning File C:\WINDOWS\System32\smss.exe
    Fri Apr 29 13:40:14 2005 => Scanning File C:\WINDOWS\system32
    tdll.dll
    Fri Apr 29 13:40:15 2005 => Scanning File C:\WINDOWS\SYSTEM32\CSRSS.EXE
    Fri Apr 29 13:40:15 2005 => Scanning File C:\WINDOWS\system32\CSRSRV.dll
    Fri Apr 29 13:40:15 2005 => Scanning File C:\WINDOWS\system32\basesrv.dll
    Fri Apr 29 13:40:15 2005 => Scanning File C:\WINDOWS\system32\winsrv.dll
    Fri Apr 29 13:40:15 2005 => Scanning File C:\WINDOWS\system32\GDI32.dll
    Fri Apr 29 13:40:15 2005 => Scanning File C:\WINDOWS\system32\KERNEL32.dll
    Fri Apr 29 13:40:15 2005 => Scanning File C:\WINDOWS\system32\USER32.dll
    Fri Apr 29 13:40:16 2005 => Scanning File C:\WINDOWS\system32\sxs.dll
    Fri Apr 29 13:40:16 2005 => Scanning File C:\WINDOWS\system32\ADVAPI32.dll
    Fri Apr 29 13:40:16 2005 => Scanning File C:\WINDOWS\system32\RPCRT4.dll
    Fri Apr 29 13:40:16 2005 => Scanning File C:\WINDOWS\system32\Apphelp.dll
    Fri Apr 29 13:40:16 2005 => Scanning File C:\WINDOWS\system32\VERSION.dll
    Fri Apr 29 13:40:16 2005 => Scanning File C:\WINDOWS\SYSTEM32\WINLOGON.EXE
    Fri Apr 29 13:40:16 2005 => Scanning File C:\WINDOWS\system32\AUTHZ.dll
    Fri Apr 29 13:40:16 2005 => Scanning File C:\WINDOWS\system32\msvcrt.dll
    Fri Apr 29 13:40:16 2005 => Scanning File C:\WINDOWS\system32\CRYPT32.dll
    Fri Apr 29 13:40:16 2005 => Scanning File C:\WINDOWS\system32\MSASN1.dll
    Fri Apr 29 13:40:17 2005 => Scanning File C:\WINDOWS\system32\NDdeApi.dll
    Fri Apr 29 13:40:17 2005 => Scanning File C:\WINDOWS\system32\PROFMAP.dll
    Fri Apr 29 13:40:17 2005 => Scanning File C:\WINDOWS\system32\NETAPI32.dll
    Fri Apr 29 13:40:17 2005 => Scanning File C:\WINDOWS\system32\USERENV.dll
    Fri Apr 29 13:40:17 2005 => Scanning File C:\WINDOWS\system32\PSAPI.DLL
    Fri Apr 29 13:40:17 2005 => Scanning File C:\WINDOWS\system32\REGAPI.dll
    Fri Apr 29 13:40:17 2005 => Scanning File C:\WINDOWS\system32\Secur32.dll
    Fri Apr 29 13:40:17 2005 => Scanning File C:\WINDOWS\system32\SETUPAPI.dll
    Fri Apr 29 13:40:17 2005 => Scanning File C:\WINDOWS\system32\WINSTA.dll
    Fri Apr 29 13:40:17 2005 => Scanning File C:\WINDOWS\system32\WINTRUST.dll
    Fri Apr 29 13:40:17 2005 => Scanning File C:\WINDOWS\system32\IMAGEHLP.dll
    Fri Apr 29 13:40:17 2005 => Scanning File C:\WINDOWS\system32\WS2_32.dll
    Fri Apr 29 13:40:17 2005 => Scanning File C:\WINDOWS\system32\WS2HELP.dll
    Fri Apr 29 13:40:17 2005 => Scanning File C:\WINDOWS\system32\MSGINA.dll
    Fri Apr 29 13:40:18 2005 => Scanning File C:\WINDOWS\system32\SHELL32.dll
    Fri Apr 29 13:40:19 2005 => Scanning File C:\WINDOWS\system32\SHLWAPI.dll
    Fri Apr 29 13:40:19 2005 => Scanning File C:\WINDOWS\system32\COMCTL32.dll
    Fri Apr 29 13:40:19 2005 => Scanning File C:\WINDOWS\system32\ODBC32.dll
    Fri Apr 29 13:40:19 2005 => Scanning File C:\WINDOWS\system32\comdlg32.dll
    Fri Apr 29 13:40:19 2005 => Scanning File C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
    Fri Apr 29 13:40:19 2005 => Scanning File C:\WINDOWS\system32\odbcint.dll
    Fri Apr 29 13:40:19 2005 => Scanning File C:\WINDOWS\system32\SHSVCS.dll
    Fri Apr 29 13:40:19 2005 => Scanning File C:\WINDOWS\system32\sfc.dll
    Fri Apr 29 13:40:19 2005 => Scanning File C:\WINDOWS\system32\sfc_os.dll
    Fri Apr 29 13:40:19 2005 => Scanning File C:\WINDOWS\system32\ole32.dll
    Fri Apr 29 13:40:20 2005 => Scanning File C:\WINDOWS\system32\WINSCARD.DLL
    Fri Apr 29 13:40:20 2005 => Scanning File C:\WINDOWS\system32\WTSAPI32.dll
    Fri Apr 29 13:40:20 2005 => Scanning File C:\WINDOWS\system32\uxtheme.dll
    Fri Apr 29 13:40:20 2005 => Scanning File C:\WINDOWS\system32\WINMM.dll
    Fri Apr 29 13:40:20 2005 => Scanning File C:\WINDOWS\system32\SYNCOR11.DLL
    Fri Apr 29 13:40:20 2005 => Scanning File C:\WINDOWS\system32\cscdll.dll
    Fri Apr 29 13:40:20 2005 => Scanning File C:\WINDOWS\MICROS~1.NET\imginfo.dll
    Fri Apr 29 13:40:20 2005 => Scanning File C:\WINDOWS\system32\shfolder.dll
    Fri Apr 29 13:40:20 2005 => Scanning File C:\WINDOWS\system32\wininet.dll
    Fri Apr 29 13:40:20 2005 => Scanning File C:\WINDOWS\system32\OLEAUT32.dll
    Fri Apr 29 13:40:20 2005 => Scanning File C:\WINDOWS\system32\wsock32.dll
    Fri Apr 29 13:40:20 2005 => Scanning File C:\WINDOWS\system32\urlmon.dll
    Fri Apr 29 13:40:20 2005 => Scanning File C:\WINDOWS\system32\rsaenh.dll
    Fri Apr 29 13:40:21 2005 => Scanning File C:\WINDOWS\system32\WlNotify.dll
    Fri Apr 29 13:40:21 2005 => Scanning File C:\WINDOWS\system32\WINSPOOL.DRV
    Fri Apr 29 13:40:21 2005 => Scanning File C:\WINDOWS\system32\MPR.dll
    Fri Apr 29 13:40:21 2005 => Scanning File C:\WINDOWS\system32\SAMLIB.dll
    Fri Apr 29 13:40:21 2005 => Scanning File C:\WINDOWS\system32\msv1_0.dll
    Fri Apr 29 13:40:21 2005 => Scanning File C:\WINDOWS\system32\iphlpapi.dll
    Fri Apr 29 13:40:21 2005 => Scanning File C:\WINDOWS\system32\cscui.dll
    Fri Apr 29 13:40:21 2005 => Scanning File C:\WINDOWS\system32\xpsp2res.dll
    Fri Apr 29 13:40:22 2005 => Scanning File C:\WINDOWS\system32\COMRes.dll
    Fri Apr 29 13:40:22 2005 => Scanning File C:\WINDOWS\system32\NTMARTA.DLL
    Fri Apr 29 13:40:22 2005 => Scanning File C:\WINDOWS\system32\WLDAP32.dll
    Fri Apr 29 13:40:22 2005 => Scanning File C:\WINDOWS\system32\CLBCATQ.DLL
    Fri Apr 29 13:40:22 2005 => Scanning File C:\WINDOWS\system32\wdmaud.drv
    Fri Apr 29 13:40:22 2005 => Scanning File C:\WINDOWS\system32\msacm32.drv
    Fri Apr 29 13:40:22 2005 => Scanning File C:\WINDOWS\system32\MSACM32.dll
    Fri Apr 29 13:40:22 2005 => Scanning File C:\WINDOWS\system32\midimap.dll
    Fri Apr 29 13:40:22 2005 => Scanning File C:\WINDOWS\system32\services.exe
    Fri Apr 29 13:40:22 2005 => Scanning File C:\WINDOWS\system32\SCESRV.dll
    Fri Apr 29 13:40:22 2005 => Scanning File C:\WINDOWS\system32\umpnpmgr.dll
    Fri Apr 29 13:40:22 2005 => Scanning File C:\WINDOWS\system32\NCObjAPI.DLL
    Fri Apr 29 13:40:23 2005 => Scanning File C:\WINDOWS\system32\MSVCP60.dll
    Fri Apr 29 13:40:23 2005 => Scanning File C:\WINDOWS\system32\ShimEng.dll
    Fri Apr 29 13:40:23 2005 => Scanning File C:\WINDOWS\AppPatch\AcGenral.DLL
    Fri Apr 29 13:40:23 2005 => Scanning File C:\WINDOWS\system32\eventlog.dll
    Fri Apr 29 13:40:23 2005 => Scanning File C:\WINDOWS\system32\lsass.exe
    Fri Apr 29 13:40:23 2005 => Scanning File C:\WINDOWS\system32\LSASRV.dll
    Fri Apr 29 13:40:23 2005 => Scanning File C:\WINDOWS\system32\NTDSAPI.dll
    Fri Apr 29 13:40:23 2005 => Scanning File C:\WINDOWS\system32\DNSAPI.dll
    Fri Apr 29 13:40:23 2005 => Scanning File C:\WINDOWS\system32\SAMSRV.dll
    Fri Apr 29 13:40:23 2005 => Scanning File C:\WINDOWS\system32\cryptdll.dll
    Fri Apr 29 13:40:23 2005 => Scanning File C:\WINDOWS\system32\msprivs.dll
    Fri Apr 29 13:40:23 2005 => Scanning File C:\WINDOWS\system32\kerberos.dll
    Fri Apr 29 13:40:23 2005 => Scanning File C:\WINDOWS\system32
    etlogon.dll
    Fri Apr 29 13:40:24 2005 => Scanning File C:\WINDOWS\system32\w32time.dll
    Fri Apr 29 13:40:24 2005 => Scanning File C:\WINDOWS\system32\schannel.dll
    Fri Apr 29 13:40:24 2005 => Scanning File C:\WINDOWS\system32\wdigest.dll
    Fri Apr 29 13:40:24 2005 => Scanning File C:\WINDOWS\system32\scecli.dll
    Fri Apr 29 13:40:24 2005 => Scanning File C:\WINDOWS\system32\ipsecsvc.dll
    Fri Apr 29 13:40:24 2005 => Scanning File C:\WINDOWS\system32\oakley.DLL
    Fri Apr 29 13:40:24 2005 => Scanning File C:\WINDOWS\system32\WINIPSEC.DLL
    Fri Apr 29 13:40:24 2005 => Scanning File C:\WINDOWS\system32\mswsock.dll
    Fri Apr 29 13:40:24 2005 => Scanning File C:\WINDOWS\system32\hnetcfg.dll
    Fri Apr 29 13:40:24 2005 => Scanning File C:\WINDOWS\System32\wshtcpip.dll
    Fri Apr 29 13:40:24 2005 => Scanning File C:\WINDOWS\system32\pstorsvc.dll
    Fri Apr 29 13:40:24 2005 => Scanning File C:\WINDOWS\system32\dssenh.dll
    Fri Apr 29 13:40:24 2005 => Scanning File C:\WINDOWS\system32\psbase.dll
    Fri Apr 29 13:40:24 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
    Fri Apr 29 13:40:24 2005 => Scanning File c:\windows\system32\rpcss.dll
    Fri Apr 29 13:40:25 2005 => Scanning File c:\windows\system32\termsrv.dll
    Fri Apr 29 13:40:25 2005 => Scanning File c:\windows\system32\ICAAPI.dll
    Fri Apr 29 13:40:25 2005 => Scanning File c:\windows\system32\mstlsapi.dll
    Fri Apr 29 13:40:25 2005 => Scanning File c:\windows\system32\ACTIVEDS.dll
    Fri Apr 29 13:40:25 2005 => Scanning File c:\windows\system32\adsldpc.dll
    Fri Apr 29 13:40:25 2005 => Scanning File c:\windows\system32\ATL.DLL
    Fri Apr 29 13:40:25 2005 => Scanning File C:\WINDOWS\System32\winrnr.dll
    Fri Apr 29 13:40:25 2005 => Scanning File C:\WINDOWS\system32\rasadhlp.dll
    Fri Apr 29 13:40:25 2005 => Scanning File c:\windows\system32\dhcpcsvc.dll
    Fri Apr 29 13:40:25 2005 => Scanning File c:\windows\system32\wzcsvc.dll
    Fri Apr 29 13:40:25 2005 => Scanning File c:\windows\system32\rtutils.dll
    Fri Apr 29 13:40:25 2005 => Scanning File c:\windows\system32\WMI.dll
    Fri Apr 29 13:40:25 2005 => Scanning File c:\windows\system32\ESENT.dll
    Fri Apr 29 13:40:25 2005 => Scanning File C:\WINDOWS\System32\rastls.dll
    Fri Apr 29 13:40:25 2005 => Scanning File C:\WINDOWS\system32\CRYPTUI.dll
    Fri Apr 29 13:40:25 2005 => Scanning File C:\WINDOWS\System32\MPRAPI.dll
    Fri Apr 29 13:40:26 2005 => Scanning File C:\WINDOWS\System32\RASAPI32.dll
    Fri Apr 29 13:40:26 2005 => Scanning File C:\WINDOWS\System32\rasman.dll
    Fri Apr 29 13:40:26 2005 => Scanning File C:\WINDOWS\System32\TAPI32.dll
    Fri Apr 29 13:40:26 2005 => Scanning File C:\WINDOWS\System32\raschap.dll
    Fri Apr 29 13:40:26 2005 => Scanning File c:\windows\system32\schedsvc.dll
    Fri Apr 29 13:40:26 2005 => Scanning File C:\WINDOWS\System32\MSIDLE.DLL
    Fri Apr 29 13:40:26 2005 => Scanning File c:\windows\system32\audiosrv.dll
    Fri Apr 29 13:40:26 2005 => Scanning File c:\windows\system32\wkssvc.dll
    Fri Apr 29 13:40:26 2005 => Scanning File c:\windows\system32\qmgr.dll
    Fri Apr 29 13:40:26 2005 => Scanning File c:\windows\system32\WINHTTP.dll
    Fri Apr 29 13:40:26 2005 => Scanning File c:\windows\system32\cryptsvc.dll
    Fri Apr 29 13:40:26 2005 => Scanning File c:\windows\system32\certcli.dll
    Fri Apr 29 13:40:26 2005 => Scanning File c:\windows\system32\ersvc.dll
    Fri Apr 29 13:40:26 2005 => Scanning File c:\windows\system32\es.dll
    Fri Apr 29 13:40:27 2005 => Scanning File c:\windows\pchealth\helpctr\binaries\pchsvc.dll
    Fri Apr 29 13:40:27 2005 => Scanning File c:\windows\system32\srvsvc.dll
    Fri Apr 29 13:40:27 2005 => Scanning File c:\windows\system32
    etman.dll
    Fri Apr 29 13:40:27 2005 => Scanning File c:\windows\system32
    etshell.dll
    Fri Apr 29 13:40:28 2005 => Scanning File c:\windows\system32\credui.dll
    Fri Apr 29 13:40:28 2005 => Scanning File c:\windows\system32\WZCSAPI.DLL
    Fri Apr 29 13:40:28 2005 => Scanning File c:\windows\system32\seclogon.dll
    Fri Apr 29 13:40:28 2005 => Scanning File c:\windows\system32\sens.dll
    Fri Apr 29 13:40:28 2005 => Scanning File c:\windows\system32\srsvc.dll
    Fri Apr 29 13:40:28 2005 => Scanning File c:\windows\system32\POWRPROF.dll
    Fri Apr 29 13:40:29 2005 => Scanning File c:\windows\system32\trkwks.dll
    Fri Apr 29 13:40:29 2005 => Scanning File c:\windows\system32\wbem\wmisvc.dll
    Fri Apr 29 13:40:29 2005 => Scanning File C:\WINDOWS\system32\VSSAPI.DLL
    Fri Apr 29 13:40:29 2005 => Scanning File c:\windows\system32\browser.dll
    Fri Apr 29 13:40:29 2005 => Scanning File c:\windows\system32\wuauserv.dll
    Fri Apr 29 13:40:29 2005 => Scanning File C:\WINDOWS\system32\wuaueng.dll
    Fri Apr 29 13:40:29 2005 => Scanning File C:\WINDOWS\System32\ADVPACK.dll
    Fri Apr 29 13:40:29 2005 => Scanning File C:\WINDOWS\System32\Cabinet.dll
    Fri Apr 29 13:40:29 2005 => Scanning File C:\WINDOWS\System32\mspatcha.dll
    Fri Apr 29 13:40:29 2005 => Scanning File C:\WINDOWS\system32\comsvcs.dll
    Fri Apr 29 13:40:29 2005 => Scanning File C:\WINDOWS\system32\MTXCLU.DLL
    Fri Apr 29 13:40:29 2005 => Scanning File C:\WINDOWS\system32\colbact.DLL
    Fri Apr 29 13:40:29 2005 => Scanning File C:\WINDOWS\System32\CLUSAPI.DLL
    Fri Apr 29 13:40:30 2005 => Scanning File C:\WINDOWS\System32\RESUTILS.DLL
    Fri Apr 29 13:40:30 2005 => Scanning File c:\windows\system32\ipnathlp.dll
    Fri Apr 29 13:40:30 2005 => Scanning File c:\windows\system32\wscsvc.dll
    Fri Apr 29 13:40:30 2005 => Scanning File c:\windows\system32\msi.dll
    Fri Apr 29 13:40:30 2005 => Scanning File C:\WINDOWS\System32\wbem\wbemcomn.dll
    Fri Apr 29 13:40:30 2005 => Scanning File C:\WINDOWS\System32\Wbem\wbemcore.dll
    Fri Apr 29 13:40:30 2005 => Scanning File C:\WINDOWS\System32\Wbem\esscli.dll
    Fri Apr 29 13:40:30 2005 => Scanning File C:\WINDOWS\System32\Wbem\FastProx.dll
    Fri Apr 29 13:40:30 2005 => Scanning File C:\WINDOWS\System32\wbem\wmiutils.dll
    Fri Apr 29 13:40:30 2005 => Scanning File C:\WINDOWS\System32\wbem\repdrvfs.dll
    Fri Apr 29 13:40:30 2005 => Scanning File C:\WINDOWS\System32\wbem\wmiprvsd.dll
    Fri Apr 29 13:40:30 2005 => Scanning File C:\WINDOWS\System32\wbem\wbemess.dll
    Fri Apr 29 13:40:30 2005 => Scanning File C:\WINDOWS\System32\wbem
    cprov.dll
    Fri Apr 29 13:40:31 2005 => Scanning File C:\WINDOWS\System32
    etcfgx.dll
    Fri Apr 29 13:40:31 2005 => Scanning File c:\windows\system32\tapisrv.dll
    Fri Apr 29 13:40:31 2005 => Scanning File c:\windows\system32\rasmans.dll
    Fri Apr 29 13:40:31 2005 => Scanning File C:\WINDOWS\System32\rastapi.dll
    Fri Apr 29 13:40:31 2005 => Scanning File C:\WINDOWS\System32\unimdm.tsp
    Fri Apr 29 13:40:31 2005 => Scanning File C:\WINDOWS\System32\uniplat.dll
    Fri Apr 29 13:40:31 2005 => Scanning File C:\WINDOWS\System32\unimdmat.dll
    Fri Apr 29 13:40:31 2005 => Scanning File C:\WINDOWS\system32\modemui.dll
    Fri Apr 29 13:40:31 2005 => Scanning File C:\WINDOWS\System32\kmddsp.tsp
    Fri Apr 29 13:40:31 2005 => Scanning File C:\WINDOWS\System32
    dptsp.tsp
    Fri Apr 29 13:40:31 2005 => Scanning File C:\WINDOWS\System32\ipconf.tsp
    Fri Apr 29 13:40:31 2005 => Scanning File C:\WINDOWS\System32\h323.tsp
    Fri Apr 29 13:40:31 2005 => Scanning File C:\WINDOWS\System32\hidphone.tsp
    Fri Apr 29 13:40:31 2005 => Scanning File C:\WINDOWS\System32\HID.DLL
    Fri Apr 29 13:40:31 2005 => Scanning File C:\WINDOWS\System32\rasppp.dll
    Fri Apr 29 13:40:32 2005 => Scanning File C:\WINDOWS\System32
    tlsapi.dll
    Fri Apr 29 13:40:32 2005 => Scanning File c:\windows\system32\rasauto.dll
    Fri Apr 29 13:40:32 2005 => Scanning File C:\WINDOWS\System32\icmp.dll
    Fri Apr 29 13:40:32 2005 => Scanning File C:\WINDOWS\system32\upnphost.dll
    Fri Apr 29 13:40:32 2005 => Scanning File C:\WINDOWS\system32\SSDPAPI.dll
    Fri Apr 29 13:40:32 2005 => Scanning File C:\WINDOWS\System32\RASDLG.dll
    Fri Apr 29 13:40:32 2005 => Scanning File C:\WINDOWS\System32\upnp.dll
    Fri Apr 29 13:40:32 2005 => Scanning File C:\WINDOWS\System32\wups.dll
    Fri Apr 29 13:40:32 2005 => Scanning File C:\WINDOWS\System32\wbem\wbemsvc.dll
    Fri Apr 29 13:40:32 2005 => Scanning File C:\WINDOWS\System32\msxml3.dll
    Fri Apr 29 13:40:32 2005 => Scanning File C:\WINDOWS\System32\mlang.dll
    Fri Apr 29 13:40:32 2005 => Scanning File C:\WINDOWS\System32\xmlprovi.dll
    Fri Apr 29 13:40:32 2005 => Scanning File c:\windows\system32\dnsrslvr.dll
    Fri Apr 29 13:40:32 2005 => Scanning File c:\windows\system32\lmhsvc.dll
    Fri Apr 29 13:40:32 2005 => Scanning File c:\windows\system32\webclnt.dll
    Fri Apr 29 13:40:33 2005 => Scanning File c:\windows\system32\ssdpsrv.dll
    Fri Apr 29 13:40:33 2005 => Scanning File C:\WINDOWS\System32\httpapi.dll
    Fri Apr 29 13:40:33 2005 => Scanning File C:\WINDOWS\system32\udhisapi.dll
    Fri Apr 29 13:40:33 2005 => Scanning File C:\WINDOWS\system32\spoolsv.exe
    Fri Apr 29 13:40:33 2005 => Scanning File C:\WINDOWS\system32\SPOOLSS.DLL
    Fri Apr 29 13:40:33 2005 => Scanning File C:\WINDOWS\system32\localspl.dll
    Fri Apr 29 13:40:33 2005 => Scanning File C:\WINDOWS\system32\cnbjmon.dll
    Fri Apr 29 13:40:33 2005 => Scanning File C:\WINDOWS\system32\pjlmon.dll
    Fri Apr 29 13:40:33 2005 => Scanning File C:\WINDOWS\system32\tcpmon.dll
    Fri Apr 29 13:40:33 2005 => Scanning File C:\WINDOWS\system32\usbmon.dll
    Fri Apr 29 13:40:33 2005 => Scanning File C:\WINDOWS\system32\win32spl.dll
    Fri Apr 29 13:40:33 2005 => Scanning File C:\WINDOWS\system32\NETRAP.dll
    Fri Apr 29 13:40:33 2005 => Scanning File C:\WINDOWS\system32\inetpp.dll
    Fri Apr 29 13:40:33 2005 => Scanning File C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    Fri Apr 29 13:40:33 2005 => Scanning File C:\WINDOWS\system32\MSVCP71.dll
    Fri Apr 29 13:40:34 2005 => Scanning File C:\WINDOWS\system32\MSVCR71.dll
    Fri Apr 29 13:40:34 2005 => Scanning File C:\PROGRA~1\Grisoft\AVGFRE~1\avglog.dll
    Fri Apr 29 13:40:34 2005 => Scanning File C:\PROGRA~1\Grisoft\AVGFRE~1\avgcfg.dll
    Fri Apr 29 13:40:34 2005 => Scanning File C:\PROGRA~1\Grisoft\AVGFRE~1\avgklib.dll
    Fri Apr 29 13:40:34 2005 => Scanning File C:\WINDOWS\System32\wbem\wbemprox.dll
    Fri Apr 29 13:40:34 2005 => Scanning File C:\PROGRA~1\Grisoft\AVGFRE~1\avglng.dll
    Fri Apr 29 13:40:34 2005 => Scanning File C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    Fri Apr 29 13:40:34 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\ccSetMgr.exe
    Fri Apr 29 13:40:34 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\ccL30.dll
    Fri Apr 29 13:40:35 2005 => Scanning File C:\WINDOWS\system32\DBGHELP.DLL
    Fri Apr 29 13:40:35 2005 => Scanning File C:\WINDOWS\system32\IMM32.DLL
    Fri Apr 29 13:40:35 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\ccVrTrst.dll
    Fri Apr 29 13:40:35 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\ccSetEvt.dll
    Fri Apr 29 13:40:35 2005 => Scanning File C:\PROGRA~1\NORTON~1
    avapsvc.exe
    Fri Apr 29 13:40:35 2005 => Scanning File C:\PROGRA~1\NORTON~1\SAVRT32.DLL
    Fri Apr 29 13:40:35 2005 => Scanning File C:\PROGRA~1\NORTON~1\IWP\NPFMntor.exe
    Fri Apr 29 13:40:35 2005 => Scanning File C:\WINDOWS\System32
    vsvc32.exe
    Fri Apr 29 13:40:35 2005 => Scanning File C:\PROGRA~1\ANALOG~1\SoundMAX\SMAgent.exe
    Fri Apr 29 13:40:35 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\SPBBC\SPBBCSvc.exe
    Fri Apr 29 13:40:35 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\ccSet.dll
    Fri Apr 29 13:40:36 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\SPBBC\SPBBCEvt.dll
    Fri Apr 29 13:40:36 2005 => Scanning File c:\windows\system32\wiaservc.dll
    Fri Apr 29 13:40:36 2005 => Scanning File c:\windows\system32\CFGMGR32.dll
    Fri Apr 29 13:40:36 2005 => Scanning File c:\windows\system32\mscms.dll
    Fri Apr 29 13:40:36 2005 => Scanning File C:\WINDOWS\System32\actxprxy.dll
    Fri Apr 29 13:40:36 2005 => Scanning File C:\WINDOWS\System32\sti.dll
    Fri Apr 29 13:40:36 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
    Fri Apr 29 13:40:36 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcnet.dll
    Fri Apr 29 13:40:36 2005 => Scanning File C:\WINDOWS\System32\wdfmgr.exe
    Fri Apr 29 13:40:37 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\ccEvtMgr.exe
    Fri Apr 29 13:40:37 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\SPBBC\SPBBCEVT.DLL
    Fri Apr 29 13:40:37 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\CCLOGIN.DLL
    Fri Apr 29 13:40:37 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\CCSETEVT.DLL
    Fri Apr 29 13:40:37 2005 => Scanning File C:\PROGRA~1\NORTON~1\NAVEVENT.DLL
    Fri Apr 29 13:40:37 2005 => Scanning File C:\WINDOWS\SYSTEM32\SYMNETI.DLL
    Fri Apr 29 13:40:37 2005 => Scanning File C:\WINDOWS\System32\alg.exe
    Fri Apr 29 13:40:37 2005 => Scanning File C:\WINDOWS\Explorer.EXE
    Fri Apr 29 13:40:37 2005 => Scanning File C:\WINDOWS\system32\BROWSEUI.dll
    Fri Apr 29 13:40:37 2005 => Scanning File C:\WINDOWS\system32\SHDOCVW.dll
    Fri Apr 29 13:40:38 2005 => Scanning File C:\WINDOWS\System32\themeui.dll
    Fri Apr 29 13:40:38 2005 => Scanning File C:\WINDOWS\System32\MSIMG32.dll
    Fri Apr 29 13:40:38 2005 => Scanning File C:\PROGRA~1\WINDOW~1\wmpband.dll
    Fri Apr 29 13:40:38 2005 => Scanning File C:\WINDOWS\System32\msutb.dll
    Fri Apr 29 13:40:38 2005 => Scanning File C:\WINDOWS\System32\MSCTF.dll
    Fri Apr 29 13:40:38 2005 => Scanning File C:\WINDOWS\system32\sensapi.dll
    Fri Apr 29 13:40:38 2005 => Scanning File C:\WINDOWS\system32\LINKINFO.dll
    Fri Apr 29 13:40:38 2005 => Scanning File C:\WINDOWS\system32
    tshrui.dll
    Fri Apr 29 13:40:38 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll
    Fri Apr 29 13:40:38 2005 => Scanning File C:\WINDOWS\System32\stobject.dll
    Fri Apr 29 13:40:38 2005 => Scanning File C:\WINDOWS\System32\BatMeter.dll
    Fri Apr 29 13:40:38 2005 => Scanning File C:\WINDOWS\System32\unictxdm.dll
    Fri Apr 29 13:40:39 2005 => Scanning File C:\WINDOWS\System32\WebSrch2.dll
    Fri Apr 29 13:40:39 2005 => Scanning File C:\WINDOWS\System32\drprov.dll
    Fri Apr 29 13:40:39 2005 => Scanning File C:\WINDOWS\System32
    tlanman.dll
    Fri Apr 29 13:40:39 2005 => Scanning File C:\WINDOWS\System32\NETUI0.dll
    Fri Apr 29 13:40:39 2005 => Scanning File C:\WINDOWS\System32\NETUI1.dll
    Fri Apr 29 13:40:39 2005 => Scanning File C:\WINDOWS\System32\davclnt.dll
    Fri Apr 29 13:40:39 2005 => Scanning File c:\windows\system32\w3ssl.dll
    Fri Apr 29 13:40:39 2005 => Scanning File C:\WINDOWS\System32\strmfilt.dll
    Fri Apr 29 13:40:39 2005 => Scanning File C:\WINDOWS\system32\wscntfy.exe
    Fri Apr 29 13:40:39 2005 => Scanning File C:\PROGRA~1\Apoint2K\Apoint.exe
    Fri Apr 29 13:40:39 2005 => Scanning File C:\PROGRA~1\Apoint2K\ApResNL.dll
    Fri Apr 29 13:40:40 2005 => Scanning File C:\WINDOWS\system32\VXDIF.DLL
    Fri Apr 29 13:40:40 2005 => Scanning File C:\PROGRA~1\Apoint2K\Apoint.DLL
    Fri Apr 29 13:40:40 2005 => Scanning File C:\PROGRA~1\Apoint2K\EzAuto.dll
    Fri Apr 29 13:40:40 2005 => Scanning File C:\PROGRA~1\Apoint2K\EzLaunch.DLL
    Fri Apr 29 13:40:40 2005 => Scanning File C:\WINDOWS\AGRSMMSG.exe
    Fri Apr 29 13:40:40 2005 => Scanning File C:\PROGRA~1\Java\J2RE14~1.2_~\bin\jusched.exe
    Fri Apr 29 13:40:40 2005 => Scanning File C:\PROGRA~1\Apoint2K\Apntex.exe
    Fri Apr 29 13:40:40 2005 => Scanning File C:\PROGRA~1\QUICKT~1\qttask.exe
    Fri Apr 29 13:40:40 2005 => Scanning File C:\PROGRA~1\HPQ\QUICKL~1\EabServr.exe
    Fri Apr 29 13:40:40 2005 => Scanning File C:\PROGRA~1\HPQ\QUICKL~1\CPQINFO.DLL
    Fri Apr 29 13:40:41 2005 => Scanning File C:\PROGRA~1\HEWLET~1\HPSOFT~1\HPWuSchd.exe
    Fri Apr 29 13:40:41 2005 => Scanning File C:\WINDOWS\System32\hphmon05.exe
    Fri Apr 29 13:40:41 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\ccApp.exe
    Fri Apr 29 13:40:41 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\CCALERT.DLL
    Fri Apr 29 13:40:41 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\CCEMLPXY.DLL
    Fri Apr 29 13:40:41 2005 => Scanning File C:\PROGRA~1\NORTON~1\CCIMSCAN.DLL
    Fri Apr 29 13:40:41 2005 => Scanning File C:\WINDOWS\system32\ATL71.DLL
    Fri Apr 29 13:40:41 2005 => Scanning File C:\PROGRA~1\NORTON~1\DEFALERT.DLL
    Fri Apr 29 13:40:41 2005 => Scanning File C:\PROGRA~1\NORTON~1\IWP\IWP.DLL
    Fri Apr 29 13:40:41 2005 => Scanning File C:\PROGRA~1\NORTON~1\NAVAPW32.DLL
    Fri Apr 29 13:40:42 2005 => Scanning File C:\PROGRA~1\NORTON~1\apwutil.dll
    Fri Apr 29 13:40:42 2005 => Scanning File C:\PROGRA~1\NORTON~1\SAVRT32.DLL
    Fri Apr 29 13:40:42 2005 => Scanning File C:\PROGRA~1\NORTON~1\NAVOPTRF.DLL
    Fri Apr 29 13:40:42 2005 => Scanning File C:\WINDOWS\system32\SYMREDIR.DLL
    Fri Apr 29 13:40:42 2005 => Scanning File C:\PROGRA~1\NORTON~1\STATUSHP.DLL
    Fri Apr 29 13:40:42 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\ccProSub.dll
    Fri Apr 29 13:40:42 2005 => Scanning File C:\PROGRA~1\Symantec\LIVEUP~1\NETDET~1.DLL
    Fri Apr 29 13:40:42 2005 => Scanning File C:\PROGRA~1\NORTON~1\NAVTasks.dll
    Fri Apr 29 13:40:42 2005 => Scanning File C:\WINDOWS\System32\mstask.dll
    Fri Apr 29 13:40:43 2005 => Scanning File C:\PROGRA~1\NORTON~1\NAVError.dll
    Fri Apr 29 13:40:43 2005 => Scanning File C:\PROGRA~1\NORTON~1\NAVAPSCR.dll
    Fri Apr 29 13:40:43 2005 => Scanning File C:\PROGRA~1\NORTON~1\apwcmdnt.dll
    Fri Apr 29 13:40:43 2005 => Scanning File C:\PROGRA~1\NORTON~1\ccAVMail.dll
    Fri Apr 29 13:40:43 2005 => Scanning File C:\PROGRA~1\NORTON~1\NAVOpts.dll
    Fri Apr 29 13:40:43 2005 => Scanning File C:\PROGRA~1\NORTON~1\N32Exclu.dll
    Fri Apr 29 13:40:43 2005 => Scanning File C:\PROGRA~1\NORTON~1\S32NAVO.DLL
    Fri Apr 29 13:40:43 2005 => Scanning File C:\PROGRA~1\Symantec\LIVEUP~1\PRODUC~1.DLL
    Fri Apr 29 13:40:43 2005 => Scanning File C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.DLL
    Fri Apr 29 13:40:44 2005 => Scanning File C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
    Fri Apr 29 13:40:44 2005 => Scanning File C:\PROGRA~1\Grisoft\AVGFRE~1\AvgAbout.dll
    Fri Apr 29 13:40:44 2005 => Scanning File C:\PROGRA~1\Grisoft\AVGFRE~1\AvgCtrl.dll
    Fri Apr 29 13:40:44 2005 => Scanning File C:\WINDOWS\system32\MFC71.DLL
    Fri Apr 29 13:40:44 2005 => Scanning File C:\WINDOWS\system32\MSVFW32.dll
    Fri Apr 29 13:40:44 2005 => Scanning File C:\PROGRA~1\Grisoft\AVGFRE~1\AvgTest.dll
    Fri Apr 29 13:40:44 2005 => Scanning File C:\PROGRA~1\Grisoft\AVGFRE~1\AvgTMgr.dll
    Fri Apr 29 13:40:45 2005 => Scanning File C:\PROGRA~1\Grisoft\AVGFRE~1\AvgTRes.dll
    Fri Apr 29 13:40:45 2005 => Scanning File C:\PROGRA~1\Grisoft\AVGFRE~1\AvgSet.dll
    Fri Apr 29 13:40:45 2005 => Scanning File C:\PROGRA~1\Grisoft\AVGFRE~1\avgf.dll
    Fri Apr 29 13:40:45 2005 => Scanning File C:\PROGRA~1\Grisoft\AVGFRE~1\AVGRES.DLL
    Fri Apr 29 13:40:45 2005 => Scanning File C:\PROGRA~1\Grisoft\AVGFRE~1\avgcckrn.dll
    Fri Apr 29 13:40:45 2005 => Scanning File C:\PROGRA~1\Grisoft\AVGFRE~1\avgvault.dll
    Fri Apr 29 13:40:45 2005 => Scanning File C:\PROGRA~1\Grisoft\AVGFRE~1\avgscan.dll
    Fri Apr 29 13:40:45 2005 => Scanning File C:\PROGRA~1\Grisoft\AVGFRE~1\avgunarc.dll
    Fri Apr 29 13:40:45 2005 => Scanning File C:\PROGRA~1\Grisoft\AVGFRE~1\avgrep.dll
    Fri Apr 29 13:40:45 2005 => Scanning File C:\PROGRA~1\Grisoft\AVGFRE~1\avgemsui.dll
    Fri Apr 29 13:40:45 2005 => Scanning File C:\PROGRA~1\Grisoft\AVGFRE~1\avgemcps.dll
    Fri Apr 29 13:40:45 2005 => Scanning File C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    Fri Apr 29 13:40:46 2005 => Scanning File C:\PROGRA~1\Grisoft\AVGFRE~1\libsasl.dll
    Fri Apr 29 13:40:46 2005 => Scanning File C:\PROGRA~1\Grisoft\AVGFRE~1\saslcrammd5.dll
    Fri Apr 29 13:40:46 2005 => Scanning File C:\PROGRA~1\Grisoft\AVGFRE~1\sasldigestmd5.dll
    Fri Apr 29 13:40:46 2005 => Scanning File C:\PROGRA~1\Grisoft\AVGFRE~1\sasllogin.dll
    Fri Apr 29 13:40:46 2005 => Scanning File C:\PROGRA~1\Grisoft\AVGFRE~1\saslplain.dll
    Fri Apr 29 13:40:46 2005 => Scanning File C:\PROGRA~1\Grisoft\AVGFRE~1\avgmail.dll
    Fri Apr 29 13:40:46 2005 => Scanning File C:\WINDOWS\System32\WebSrch2.exe
    Fri Apr 29 13:40:46 2005 => Scanning File C:\WINDOWS\system32\ctfmon.exe
    Fri Apr 29 13:40:46 2005 => Scanning File C:\PROGRA~1\INTERM~1\SPYSUB~1\SpySub.exe
    Fri Apr 29 13:40:46 2005 => Scanning File C:\WINDOWS\system32\oledlg.dll
    Fri Apr 29 13:40:46 2005 => Scanning File C:\WINDOWS\system32\OLEACC.dll
    Fri Apr 29 13:40:46 2005 => Scanning File c:\PROGRA~1\INTERM~1\SPYSUB~1\en-us.dll
    Fri Apr 29 13:40:46 2005 => Scanning File C:\WINDOWS\system32\RICHED32.DLL
    Fri Apr 29 13:40:46 2005 => Scanning File C:\WINDOWS\system32\RICHED20.dll
    Fri Apr 29 13:40:47 2005 => Scanning File c:\PROGRA~1\INTERM~1\SPYSUB~1\ssengine.dll
    Fri Apr 29 13:40:47 2005 => Scanning File C:\WINDOWS\System32\shdoclc.dll
    Fri Apr 29 13:40:47 2005 => Scanning File C:\WINDOWS\System32\mshtml.dll
    Fri Apr 29 13:40:47 2005 => Scanning File C:\WINDOWS\System32\msls31.dll
    Fri Apr 29 13:40:48 2005 => Scanning File C:\PROGRA~1\COMMON~1\System\ado\msado15.dll
    Fri Apr 29 13:40:48 2005 => Scanning File C:\WINDOWS\system32\MSDART.DLL
    Fri Apr 29 13:40:48 2005 => Scanning File C:\PROGRA~1\COMMON~1\System\OLEDB~1\oledb32.dll
    Fri Apr 29 13:40:48 2005 => Scanning File C:\PROGRA~1\COMMON~1\System\OLEDB~1\OLEDB32R.DLL
    Fri Apr 29 13:40:48 2005 => Scanning File C:\WINDOWS\System32\msjetoledb40.dll
    Fri Apr 29 13:40:48 2005 => Scanning File C:\WINDOWS\System32\msjet40.dll
    Fri Apr 29 13:40:48 2005 => Scanning File C:\WINDOWS\System32\mswstr10.dll
    Fri Apr 29 13:40:49 2005 => Scanning File C:\WINDOWS\System32\msjter40.dll
    Fri Apr 29 13:40:49 2005 => Scanning File C:\WINDOWS\System32\MSJINT40.DLL
    Fri Apr 29 13:40:49 2005 => Scanning File C:\WINDOWS\System32\msjtes40.dll
    Fri Apr 29 13:40:49 2005 => Scanning File C:\WINDOWS\system32\VBAJET32.DLL
    Fri Apr 29 13:40:49 2005 => Scanning File C:\WINDOWS\system32\expsrv.dll
    Fri Apr 29 13:40:49 2005 => Scanning File C:\PROGRA~1\COMMON~1\System\ado\msadrh15.dll
    Fri Apr 29 13:40:49 2005 => Scanning File C:\WINDOWS\System32\msimtf.dll
    Fri Apr 29 13:40:49 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\scrauth.dll
    Fri Apr 29 13:40:49 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\ScrBlock.dll
    Fri Apr 29 13:40:49 2005 => Scanning File c:\windows\system32\jscript.dll
    Fri Apr 29 13:40:49 2005 => Scanning File C:\DOCUME~1\boom\LOCALS~1\Temp\mwavscan.com
    Fri Apr 29 13:40:50 2005 => Scanning File C:\DOCUME~1\boom\LOCALS~1\Temp\msvlclnt.dll
    Fri Apr 29 13:40:50 2005 => Scanning File C:\DOCUME~1\boom\LOCALS~1\Temp\kavssdi.dll
    Fri Apr 29 13:40:50 2005 => Scanning File C:\DOCUME~1\boom\LOCALS~1\Temp\kavssd.dll
    Fri Apr 29 13:40:50 2005 => Scanning File C:\DOCUME~1\boom\LOCALS~1\Temp\kavssi.dll
    Fri Apr 29 13:40:50 2005 => Scanning File C:\DOCUME~1\boom\LOCALS~1\Temp\ipc.dll
    Fri Apr 29 13:40:51 2005 => Scanning File C:\DOCUME~1\boom\LOCALS~1\Temp\RICHED32.DLL
    Fri Apr 29 13:40:51 2005 => Scanning File C:\DOCUME~1\boom\LOCALS~1\Temp\PSAPI.DLL
    Fri Apr 29 13:40:51 2005 => Scanning File C:\WINDOWS\system32\VDMDBG.DLL
    Fri Apr 29 13:40:51 2005 => Scanning File C:\DOCUME~1\boom\LOCALS~1\Temp\kavss.exe
    Fri Apr 29 13:40:51 2005 => Scanning File C:\DOCUME~1\boom\LOCALS~1\Temp\kavss.dll

    Fri Apr 29 13:40:51 2005 => ***** Scanning Registry Files *****

    Fri Apr 29 13:40:51 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
    Fri Apr 29 13:40:51 2005 => Scanning File C:\WINDOWS\system32\SHELL32.dll
    Fri Apr 29 13:40:51 2005 => Scanning File C:\WINDOWS\system32\SHELL32.dll
    Fri Apr 29 13:40:51 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll
    Fri Apr 29 13:40:51 2005 => Scanning File C:\WINDOWS\System32\stobject.dll
    Fri Apr 29 13:40:52 2005 => Scanning File C:\WINDOWS\System32\unictxdm.dll

    Fri Apr 29 13:40:52 2005 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad

    Fri Apr 29 13:40:52 2005 => Scanning HKLM\SOFTWARE\Microsoft\Internet Explorer\Plugins\Extension

    Fri Apr 29 13:40:52 2005 => Scanning HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar
    Fri Apr 29 13:40:52 2005 => Scanning File C:\PROGRA~1\NORTON~1\NavShExt.dll
    Fri Apr 29 13:40:52 2005 => Scanning File c:\PROGRA~1\google\GOOGLE~2.DLL

    Fri Apr 29 13:40:52 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects
    Fri Apr 29 13:40:52 2005 => {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} = C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    Fri Apr 29 13:40:52 2005 => Scanning File C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\ActiveX\ACROIE~1.DLL
    Fri Apr 29 13:40:52 2005 => {44240BB5-BD7D-4D49-A1AA-8AB0F3D3CB44} = C:\WINDOWS\MICROS~1.NET\imginfo.dll
    Fri Apr 29 13:40:52 2005 => Scanning File C:\WINDOWS\MICROS~1.NET\imginfo.dll
    Fri Apr 29 13:40:52 2005 => {53707962-6F74-2D53-2644-206D7942484F} = C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    Fri Apr 29 13:40:52 2005 => Scanning File C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    Fri Apr 29 13:40:53 2005 => {8E13DDE1-E013-47ec-9C4C-27C2F78BDD26} = C:\WINDOWS\System32\req.dll
    Fri Apr 29 13:40:53 2005 => ERROR!!! Invalid Entry = C:\WINDOWS\System32\req.dll (in key Software\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{8E13DDE1-E013-47ec-9C4C-27C2F78BDD26}). Removing it.
    Fri Apr 29 13:40:53 2005 => {AA58ED58-01DD-4d91-8333-CF10577473F7} = c:\program files\google\googletoolbar2.dll
    Fri Apr 29 13:40:53 2005 => Scanning File c:\PROGRA~1\google\GOOGLE~2.DLL
    Fri Apr 29 13:40:53 2005 => {BDF3E430-B101-42AD-A544-FADC6B084872} = C:\Program Files\Norton AntiVirus\NavShExt.dll
    Fri Apr 29 13:40:53 2005 => Scanning File C:\PROGRA~1\NORTON~1\NavShExt.dll

    Fri Apr 29 13:40:53 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler
    Fri Apr 29 13:40:53 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
    Fri Apr 29 13:40:53 2005 => Scanning File C:\WINDOWS\System32\browseui.dll

    Fri Apr 29 13:40:53 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
    Fri Apr 29 13:40:53 2005 => Scanning File C:\WINDOWS\system32\mmsys.cpl
    Fri Apr 29 13:40:53 2005 => Scanning File C:\WINDOWS\system32\icmui.dll
    Fri Apr 29 13:40:53 2005 => Scanning File C:\WINDOWS\system32\rshx32.dll
    Fri Apr 29 13:40:54 2005 => Scanning File C:\WINDOWS\system32\docprop.dll
    Fri Apr 29 13:40:54 2005 => Scanning File C:\WINDOWS\system32
    tshrui.dll
    Fri Apr 29 13:40:54 2005 => Scanning File C:\WINDOWS\System32\themeui.dll
    Fri Apr 29 13:40:54 2005 => Scanning File C:\WINDOWS\system32\deskadp.dll
    Fri Apr 29 13:40:54 2005 => Scanning File C:\WINDOWS\system32\deskmon.dll
    Fri Apr 29 13:40:54 2005 => Scanning File C:\WINDOWS\system32\dssec.dll
    Fri Apr 29 13:40:54 2005 => Scanning File C:\WINDOWS\system32\SlayerXP.dll
    Fri Apr 29 13:40:54 2005 => Scanning File C:\WINDOWS\system32\shscrap.dll
    Fri Apr 29 13:40:54 2005 => Scanning File C:\WINDOWS\system32\diskcopy.dll
    Fri Apr 29 13:40:54 2005 => Scanning File C:\WINDOWS\system32
    tlanui2.dll
    Fri Apr 29 13:40:55 2005 => Scanning File C:\WINDOWS\System32\icmui.dll
    Fri Apr 29 13:40:55 2005 => Scanning File C:\WINDOWS\system32\icmui.dll
    Fri Apr 29 13:40:55 2005 => Scanning File C:\WINDOWS\system32\printui.dll
    Fri Apr 29 13:40:55 2005 => Scanning File C:\WINDOWS\system32\dskquoui.dll
    Fri Apr 29 13:40:55 2005 => Scanning File C:\WINDOWS\system32\syncui.dll
    Fri Apr 29 13:40:55 2005 => Scanning File C:\WINDOWS\System32\hticons.dll
    Fri Apr 29 13:40:55 2005 => Scanning File C:\WINDOWS\system32\fontext.dll
    Fri Apr 29 13:40:55 2005 => Scanning File C:\WINDOWS\system32\icmui.dll
    Fri Apr 29 13:40:55 2005 => Scanning File C:\WINDOWS\system32\rshx32.dll
    Fri Apr 29 13:40:55 2005 => Scanning File C:\WINDOWS\system32
    tshrui.dll
    Fri Apr 29 13:40:55 2005 => Scanning File C:\WINDOWS\system32\deskperf.dll
    Fri Apr 29 13:40:56 2005 => Scanning File C:\WINDOWS\system32\cryptext.dll
    Fri Apr 29 13:40:56 2005 => Scanning File C:\WINDOWS\system32\cryptext.dll
    Fri Apr 29 13:40:56 2005 => Scanning File C:\WINDOWS\system32\NETSHELL.dll
    Fri Apr 29 13:40:56 2005 => Scanning File C:\WINDOWS\system32\NETSHELL.dll
    Fri Apr 29 13:40:56 2005 => Scanning File C:\WINDOWS\system32\wiashext.dll
    Fri Apr 29 13:40:56 2005 => Scanning File C:\WINDOWS\system32\wiashext.dll
    Fri Apr 29 13:40:56 2005 => Scanning File C:\WINDOWS\system32\wiashext.dll
    Fri Apr 29 13:40:56 2005 => Scanning File C:\WINDOWS\system32\wiashext.dll
    Fri Apr 29 13:40:56 2005 => Scanning File C:\WINDOWS\system32\wiashext.dll
    Fri Apr 29 13:40:56 2005 => Scanning File C:\WINDOWS\System32\remotepg.dll
    Fri Apr 29 13:40:56 2005 => Scanning File C:\WINDOWS\system32\wuaucpl.cpl
    Fri Apr 29 13:40:56 2005 => Scanning File C:\WINDOWS\System32\wshext.dll
    Fri Apr 29 13:40:56 2005 => Scanning File C:\PROGRA~1\COMMON~1\System\OLEDB~1\oledb32.dll
    Fri Apr 29 13:40:56 2005 => Scanning File C:\WINDOWS\System32\mstask.dll
    Fri Apr 29 13:40:56 2005 => Scanning File C:\WINDOWS\System32\mstask.dll
    Fri Apr 29 13:40:56 2005 => Scanning File C:\WINDOWS\System32\mstask.dll
    Fri Apr 29 13:40:56 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
    Fri Apr 29 13:40:56 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
    Fri Apr 29 13:40:56 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
    Fri Apr 29 13:40:56 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
    Fri Apr 29 13:40:56 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
    Fri Apr 29 13:40:56 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
    Fri Apr 29 13:40:56 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
    Fri Apr 29 13:40:56 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
    Fri Apr 29 13:40:56 2005 => Scanning File C:\WINDOWS\System32\shmedia.dll
    Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\shmedia.dll
    Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\shmedia.dll
    Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\shmedia.dll
    Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\shmedia.dll
    Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\shmedia.dll
    Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
    Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
    Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
    Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
    Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
    Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
    Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
    Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
    Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
    Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
    Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
    Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
    Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
    Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
    Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
    Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
    Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
    Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
    Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
    Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
    Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
    Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
    Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
    Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
    Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
    Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
    Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
    Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
    Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
    Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
    Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
    Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
    Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
    Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
    Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
    Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
    Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
    Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
    Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
    Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
    Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
    Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
    Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
    Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
    Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
    Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\sendmail.dll
    Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\sendmail.dll
    Fri Apr 29 13:40:
  • Had even geen rekening gehouden dat het log zo groot zou worden.

    Download Hoster

    Pak het uit en start het programma.
    Kies "Restore Original Hosts" en druk op "OK".
    Sluit het programma af.

    Plaats Hijackthis in een aparte map.
    Start Hijackthis op en kies voor 'Do a system scan only'
    Selecteer alleen de items die hieronder zijn genoemd:
    [b:3fd5069711]O4 - HKLM\..\Run: [WebSearch] C:\WINDOWS\System32\WebSrch2.exe
    O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/6247971CanadaInc/ie/bridge-c11.cab
    O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697517} (NsvPlayX Control) - http://www.nullsoft.com/nsv/embed/nsvplayx_vp3_aac.cab
    O16 - DPF: {841A9192-5690-11D4-A258-0040954A01BE} - http://dialxs.nl/install/dialxs.ocx
    O20 - Winlogon Notify: req - C:\WINDOWS\System32\req.dll (file missing)
    [/b:3fd5069711]Klik op 'Fix checked' om de items te verwijderen

    Verwijder het volgende bestand:
    [b:3fd5069711]C:\WINDOWS\System32\WebSrch2.exe[/b:3fd5069711]

    Download dialxs_remove.zip pak het uit op je bureablad.
    Dubbelklik klik op dialxs_remove.reg en laat de wijzigingen aan het register toevoegen.
    Het bestand mag daarna weer worden verwijderd.

    Over de volgende items ben in niet zeker:
    O2 - BHO: MSEvents Object - {44240BB5-BD7D-4D49-A1AA-8AB0F3D3CB44} - C:\WINDOWS\MICROS~1.NET\imginfo.dll
    O20 - Winlogon Notify: imginfo - C:\WINDOWS\MICROS~1.NET\imginfo.dll
    O21 - SSODL: NTDBGTOOL - {55D00E05-F65B-4882-9DAE-251A3723B779} - C:\WINDOWS\System32\unictxdm.dll

    Die laat ik nog even staan, mogelijk dat M@rc hier nog een antwoord op heeft.

    Maak de Temp-map leeg: Start -> Uitvoeren tik in: %TEMP%
    Selecteer alle bestanden en verwijder deze.

    Post een nieuw log van hijackthis en vertel of de PC nu beter is geworden.
  • Logfile of HijackThis v1.99.1
    Scan saved at 18:22:54, on 29-4-2005
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Norton AntiVirus
    avapsvc.exe
    C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    C:\WINDOWS\System32
    vsvc32.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\WINDOWS\System32\wdfmgr.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\Apoint2K\Apoint.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
    C:\Program Files\Apoint2K\Apntex.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
    C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
    C:\WINDOWS\System32\hphmon05.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    C:\WINDOWS\System32\WebSrch2.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\interMute\SpySubtract\SpySub.exe
    C:\Program Files\Hitman Pro\hitmanpro2.exe
    C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
    C:\Documents and Settings\boom\Bureaublad\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://forum.computertotaal.nl/phpBB/viewtopic.php?p=966351
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs
    dr?TYPE=3&tp=iehome&locale=NL_NL&c=Q304&bd=presario&pf=laptop
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs
    dr?TYPE=3&tp=iehome&locale=NL_NL&c=Q304&bd=presario&pf=laptop
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: MSEvents Object - {44240BB5-BD7D-4D49-A1AA-8AB0F3D3CB44} - C:\WINDOWS\MICROS~1.NET\imginfo.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
    O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe"

    O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
    O4 - HKLM\..\Run: [HP Software Update] "c:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
    O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
    O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
    O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - Global Startup: SpySubtract.lnk = C:\Program Files\interMute\SpySubtract\SpySub.exe
    O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
    O8 - Extra context menu item: Gelijkwaardige pagina's - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
    O8 - Extra context menu item: Koppelingspagina's - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
    O8 - Extra context menu item: Opgeslagen momentopname van de pagina - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin
    pjpi142_03.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin
    pjpi142_03.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs
    dr?TYPE=3&tp=iehome&locale=NL_NL&c=Q304&bd=presario&pf=laptop
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
    O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
    O16 - DPF: {6E2D6932-3885-4FA2-8DD4-DB63FFE33797} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkCnv.cab
    O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
    O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
    O20 - Winlogon Notify: imginfo - C:\WINDOWS\MICROS~1.NET\imginfo.dll
    O21 - SSODL: NTDBGTOOL - {55D00E05-F65B-4882-9DAE-251A3723B779} - C:\WINDOWS\System32\unictxdm.dll
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus
    avapsvc.exe
    O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32
    vsvc32.exe
    O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

    [b:cb0f3f10d1]Verscheidene files kon ik niet verwijderen, die waren in gebruik zei ie.[/b:cb0f3f10d1]

    van het originele probleem heb ik nog steeds last
  • [quote:a99b37bdf7]Verscheidene files kon ik niet verwijderen, die waren in gebruik zei ie[/quote:a99b37bdf7]Ik neem aan dat het dan om bestanden in de Temp-directory ging.
    Die kunnen in de veilige mode worden verwijderd.
    Kijk hier hoe dat moet.

    Herstart de PC dus in Veilige mode.

    De volgende regel mag nog worden gefixed:
    [b:a99b37bdf7]O21 - SSODL: NTDBGTOOL - {55D00E05-F65B-4882-9DAE-251A3723B779} - C:\WINDOWS\System32\unictxdm.dll[/b:a99b37bdf7]

    Verwijder daarna het volgende bestand:
    [b:a99b37bdf7]C:\WINDOWS\System32\WebSrch2.exe
    C:\WINDOWS\System32\unictxdm.dll[/b:a99b37bdf7]

    Maak de Temp-directory leeg

    Kijk ook of de volgende bestanden op je PC staan:
    DMCICAAA.DLL
    MSNET64.DLL

    Die mogen dan ook worden verwijderd.
    Herstart de PC in normale mode.

    Download Silent Runners
    Unzip het naar een eigen map.
    Start SilentRunners.vbs
    Wanneer je antivirusprogramma een melding geeft, sta je toe om dit script uit te voeren.
    Er wordt een logje geplaatst in de map van waar je Silentrunners gestart hebt. Post de inhoud van dit logje.
  • Kan je me dit bestand even zippen en mailen: C:\WINDOWS\MICROS~1.NET\[b:6c6230f67b]imginfo.dll[/b:6c6230f67b]

    Mailto: marckie[b:6c6230f67b]AT[/b:6c6230f67b]bleumedicine.be ([b:6c6230f67b]AT[/b:6c6230f67b] vervang je door [b:6c6230f67b]@[/b:6c6230f67b])
  • Als je me dat bestandje gemaild heb doe je het volgende:

    (print deze instructies uit of sla ze op in tekstbestandje op je bureaublad)
    Als je de progjes hebt verbreek je de verbinding met het internet.

    Download en unzip Process Explorer: http://www.sysinternals.com/files/procexpnt.zip
    Download Pocket Killbox: http://www.atribune.org/downloads/KillBox.exe
    Unzip Process explorer en klik op procexp.exe.
    In het bovenste venster dubbelklik je op winlogon.exe.
    Nu opent het venster Eigenschappen van winlogon.exe.
    Klik op de tab “Threads”.
    In het venster dat verschijnt, zoek je naar [b:46be766f70]imginfo.dll[/b:46be766f70]. Dit kan meerdere keren voorkomen.
    Selecteer deze en klik vervolgens op de knop “Kill”. (Doe dit voor elke verwijzing naar
    [b:46be766f70]imginfo.dll[/b:46be766f70])
    Wanneer je ze allemaal 'gekilled' hebt, klik je op "OK".
    Dubbelklik op explorer.exe, ga naar het tabblad “Threads”, en zoek hier ook alle verwijzingen naar [b:46be766f70]imginfo.dll[/b:46be766f70].
    Selecteer één voor één de verwijzingen naar [b:46be766f70]imginfo.dll[/b:46be766f70] en klik op de knop “Kill”.
    Als dit klaar is klik je op “OK”.

    Start Hijackthis en fix de volgende sleutels:
    [b:46be766f70]O2 - BHO: MSEvents Object - {44240BB5-BD7D-4D49-A1AA-8AB0F3D3CB44} - C:\WINDOWS\MICROS~1.NET\imginfo.dll

    O20 - Winlogon Notify: imginfo - C:\WINDOWS\MICROS~1.NET\imginfo.dll

    O21 - SSODL: NTDBGTOOL - {55D00E05-F65B-4882-9DAE-251A3723B779} - C:\WINDOWS\System32\unictxdm.dll
    [/b:46be766f70]

    Open een klablokbestand.
    Kopieer onderstaande in dit kladblokbestand.
    Ga naar Bestand - Opslaan als.
    Bij "Opslaan in" kies je: Bureaublad
    Bij "Bestandsnaam" zet je: fix.reg
    Bij "Opslaan als type" selecteer je: Alle bestanden (*.*).
    Klik op de knop Opslaan.
    [code:1:46be766f70]REGEDIT4

    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{44240BB5-BD7D-4D49-A1AA-8AB0F3D3CB44}]

    [-HKEY_CLASSES_ROOT\CLSID\{44240BB5-BD7D-4D49-A1AA-8AB0F3D3CB44}]

    [-HKEY_CLASSES_ROOT\MSEvents.MSEvents]

    [-HKEY_CLASSES_ROOT\MSEvents.MSEvents.1]

    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MSEvents.MSEvents]

    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MSEvents.MSEvents.1][/code:1:46be766f70]

    Dubbelklik op de fix.reg file en laat de wijzigingen aan het register oevoegen.

    Start Killbox.exe
    Selecteer de optie “Delete on reboot”.
    In het veld “Full path of file to delete" Kopieer en plak je het volgende:
    [code:1:46be766f70]C:\WINDOWS\MICROS~1.NET\imginfo.dll[/code:1:46be766f70]
    Klik op de knop met de rode cirkel en het witte kruis.
    Wanneer het programma vraagt om nu te rebooten, geef je hier toestemming voor. Klik op de knop "YES".

    Maak een nieuwe Hijackthislog en post deze.
  • ik ga er morgenavond even naar kijken!

    alvast hartelijk bedankt!

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.