Prosim o kontrolu HJT

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Odpovědět
Uživatelský avatar
marcucci
Level 3
Level 3
Příspěvky: 404
Registrován: duben 05
Bydliště: Ireland
Pohlaví: Nespecifikováno
Stav:
Offline
Kontakt:
Kontaktovat uživatele marcucci

Prosim o kontrolu HJT

Příspěvekod marcucci » 04 črc 2006 20:39

Panove,nejak se mi to tu sype,mrknete mi na to nekdo.Znicehonic,mi zmizela ikona Aviry v systray(a tu tam proste chci!),nespoustel se mi ConMet(vyresil jsem),Firewall byl out(uz taky jde) atd....Ale co to mohlo povypinat?! Nemam jiz vytacene ADSL,jsem ted neustle online,ale zda se ze nic neodesila(pisu to jen pro to ze jsem si vcera hral s crackovanim a lital po "nevhodnych strankach") :oops:. Diky

Logfile of HijackThis v1.99.1
Scan saved at 19:32:17, on 4.7.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5296.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ConMet\ConMet.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Agnitum\Outpost Firewall 1.0\outpost.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\AntiVir PersonalEdition Premium\sched.exe
C:\Program Files\AntiVir PersonalEdition Premium\avguard.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files\AntiVir PersonalEdition Premium\avesvc.exe
C:\Program Files\Rainlendar\Rainlendar.exe
C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AntiVir PersonalEdition Premium\avmailc.exe
C:\WINDOWS\system32\wuauclt.exe
D:\Instalace\Správa PC\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=55245&clcid={SUB_CLCID}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
O4 - HKLM\..\Run: [ConMet] C:\Program Files\ConMet\ConMet.exe
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O4 - Startup: Zástupce - Rainlendar.lnk = C:\Program Files\Rainlendar\Rainlendar.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O4 - Global Startup: Outpost Firewall.lnk = C:\Program Files\Agnitum\Outpost Firewall 1.0\outpost.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O10 - Broken Internet access because of LSP provider 'avsda.dll' missing
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 8142890762
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 8143074277
O20 - AppInit_DLLs: C:\PROGRA~1\Agnitum\OUTPOS~1.0\wl_hook.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AntiVir PersonalEdition Premium MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Premium\avmailc.exe
O23 - Service: AntiVir PersonalEdition Premium Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Premium\sched.exe
O23 - Service: AntiVir PersonalEdition Premium Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Premium\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AntiVir PersonalEdition Premium MailGuard helper service (AVEService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Premium\avesvc.exe
O23 - Service: GhostStartService - Symantec Corporation - C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum Ltd. - C:\PROGRA~1\Agnitum\OUTPOS~1.0\outpost.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
AsusP5B,C2D E6400 2,13@3,0GHz,OCZ OpsEd 667@800Mhz 3×1GB, 250GB Maxtor+4×500GB WD,nVidia8800GTX,SB X-Fi ProGamerFatality,Samsung 22"LCD,Logitech 5.1 Z5500,2×DVD+RW,NZXT Apollo,Corsair 520W,LogitechG5+G7,Vista64bitUltimate+XP32bitHome+LinuxSuse64bit
Nahoru
Reklama
Top
Uživatelský avatar
mikel
Level 5
Level 5
Příspěvky: 2298
Registrován: květen 05
Bydliště: Karviná
Pohlaví: Muž
Stav:
Offline

Příspěvekod mikel » 04 črc 2006 21:12

No ne, ono fakt dojde na každého. :lol:
Můžeš být v klidu, protože tam nic nemáš. Jenom se mi nelíbí toto:
O10 - Broken Internet access because of LSP provider 'avsda.dll' missing
protože avsda.dll je součást Aviry.

Jinak ten tvůj problém se Systrayem může způsobovat nějaké kolize exploreru, StyleXP a ObjectDocku. Zkus třeba vypnout ObjectDock a zkontroluj, jestli se to nezlepší. Pak můžeš zase StyleXP.

Pro jistotu sem můžeš nahodit i log z MWAVu.
Znáte pravidla?
Tipy a triky ve Windows XP
Návody: HijackThis, MWAV, CCleaner (THX to mijaja)
Problémy, které chcete vyřešit pište sem do fóra. Neposílejte je emailem ani po ICQ!
Nahoru
Uživatelský avatar
marcucci
Level 3
Level 3
Příspěvky: 404
Registrován: duben 05
Bydliště: Ireland
Pohlaví: Nespecifikováno
Stav:
Offline
Kontakt:
Kontaktovat uživatele marcucci

Příspěvekod marcucci » 04 črc 2006 22:04

mikel píše:No ne, ono fakt dojde na každého. :lol:

Cos tim jako myslel?Ja nejsem nejakej ... aby se me nic nechytlo :lol: ! Aviru preinstaluju,ale s tim Dockem a XpStyle by nemel byt problem,jelikoz to doted slo,to je cca 6 mesicu v teto soucinosti!Ale presto zkusim...nebo to vyhodim z okna a bude klid...! :evil: Diky Ti
AsusP5B,C2D E6400 2,13@3,0GHz,OCZ OpsEd 667@800Mhz 3×1GB, 250GB Maxtor+4×500GB WD,nVidia8800GTX,SB X-Fi ProGamerFatality,Samsung 22"LCD,Logitech 5.1 Z5500,2×DVD+RW,NZXT Apollo,Corsair 520W,LogitechG5+G7,Vista64bitUltimate+XP32bitHome+LinuxSuse64bit
Nahoru
Uživatelský avatar
mikel
Level 5
Level 5
Příspěvky: 2298
Registrován: květen 05
Bydliště: Karviná
Pohlaví: Muž
Stav:
Offline

Příspěvekod mikel » 04 črc 2006 23:52

marcucci píše:Cos tim jako myslel?

Já? Vůbec nic :twisted: Snad jen, že dojde i na velmi aktivní rádce na fóru. :lol:

marcucci píše:jelikoz to doted slo,to je cca 6 mesicu v teto soucinosti

Sám určitě víš, že i malé zrnko písku dokáže zničit dobře fungující motor, když použiju tohle přirovnání. Úplně stačila malá změna nějakého souboru a jak náchylný na změny je win explorer, si netroufám ani hádat.

A co ten MWAV log?
Znáte pravidla?
Tipy a triky ve Windows XP
Návody: HijackThis, MWAV, CCleaner (THX to mijaja)
Problémy, které chcete vyřešit pište sem do fóra. Neposílejte je emailem ani po ICQ!
Nahoru
Uživatelský avatar
mijaja
Tvůrce článků
Level 6.5
Level 6.5
Příspěvky: 4136
Registrován: září 05
Bydliště: Zlín
Pohlaví: Muž
Stav:
Offline
Kontakt:
Kontaktovat uživatele mijaja

Příspěvekod mijaja » 05 črc 2006 09:46

Hm, zajímavá věc - mě sice Avira v tray liště nabíhá bez problémů, zato zase po přeinstalaci Keria na Sunbelt Kerio se nenabíhá ikonka Keria a vůbec - musím do nabídky start a spustit jej ručně. Přitom je nastaveno tak, aby se spustilo hned po startu. Všechny registry a cesty jsou v pořádku, jen hned po strartu naběhne okno, že aplikace Sunbelt Kerio způsobila chybu. Ale jakmile ji zapnu z nabídky start, běží zcela bez problémů. Reinstal Keria by to možná vyřešil, ale zatím zjišťuju, čím to může být.
Nahoru
Uživatelský avatar
marcucci
Level 3
Level 3
Příspěvky: 404
Registrován: duben 05
Bydliště: Ireland
Pohlaví: Nespecifikováno
Stav:
Offline
Kontakt:
Kontaktovat uživatele marcucci

Příspěvekod marcucci » 05 črc 2006 23:02

TOmijaja:to Kerio mi to udelalo taky,a ZoneAlarm se zhroutil uplne,takze mi nezbylo nez prejit na Outpost a zatim musim rict naprosta spokojenost.

TOmikel:nejsem zas tak casty prispevatel,alespon ne tak jak bych chtel.Moje pracovni vytizeni je momentalne na hrane zvladatelnosti.Ale kdyz vidim Tebe a Mijaju,tak jsem pekna lama,a jednou bych chtel byt takovej "doktor" jak vy (i kdyz me PC nezivi),jeste se mam sakra co ucit :?. Jinak taky je novej HJT,snad uz je to lepsi,alespon ja jsem tam nic nenasel :oops: ,krom
O10 - Broken Internet access because of LSP provider 'avsda.dll' missing!
Ale Aviru jsem preinstaloval.


Logfile of HijackThis v1.99.1
Scan saved at 21:48:26, on 5.7.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5296.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ConMet\ConMet.exe
C:\Program Files\AntiVir PersonalEdition Premium\avgnt.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Agnitum\Outpost Firewall 1.0\outpost.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files\AntiVir PersonalEdition Premium\sched.exe
C:\Program Files\AntiVir PersonalEdition Premium\avguard.exe
C:\Program Files\Rainlendar\Rainlendar.exe
C:\Program Files\AntiVir PersonalEdition Premium\avesvc.exe
C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AntiVir PersonalEdition Premium\avmailc.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Winamp\winamp.exe
D:\Instalace\Správa PC\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=55245&clcid={SUB_CLCID}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
O4 - HKLM\..\Run: [ConMet] C:\Program Files\ConMet\ConMet.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Premium\avgnt.exe" /min
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O4 - Startup: Zástupce - Rainlendar.lnk = C:\Program Files\Rainlendar\Rainlendar.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O4 - Global Startup: Outpost Firewall.lnk = C:\Program Files\Agnitum\Outpost Firewall 1.0\outpost.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O10 - Broken Internet access because of LSP provider 'avsda.dll' missing
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 8142890762
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 8143074277
O20 - AppInit_DLLs: C:\PROGRA~1\Agnitum\OUTPOS~1.0\wl_hook.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AntiVir PersonalEdition Premium MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Premium\avmailc.exe
O23 - Service: AntiVir PersonalEdition Premium Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Premium\sched.exe
O23 - Service: AntiVir PersonalEdition Premium Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Premium\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AntiVir PersonalEdition Premium MailGuard helper service (AVEService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Premium\avesvc.exe
O23 - Service: GhostStartService - Symantec Corporation - C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum Ltd. - C:\PROGRA~1\Agnitum\OUTPOS~1.0\outpost.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe

A z Mwavu vypadlo jen tohle:
Wed Jul 05 21:50:48 2006 => System found infected with cws.loadadv.400 Browser Hijacker ({5e2121ee-0300-11d4-8d3b-444553540000})! Action taken: No Action Taken.
Wed Jul 05 21:50:48 2006 => System found infected with stylexp Spyware/Adware ({c333cf63-767f-4831-94ac-e683d962c63c})! Action taken: No Action Taken.
Wed Jul 05 21:50:48 2006 => System found infected with stylexp Spyware/Adware ({c333cf63-767f-4831-94ac-e683d962c63c})! Action taken: No Action Taken.

Ale to StyleXp je ok,to mam pod kontrolou :idea: .
AsusP5B,C2D E6400 2,13@3,0GHz,OCZ OpsEd 667@800Mhz 3×1GB, 250GB Maxtor+4×500GB WD,nVidia8800GTX,SB X-Fi ProGamerFatality,Samsung 22"LCD,Logitech 5.1 Z5500,2×DVD+RW,NZXT Apollo,Corsair 520W,LogitechG5+G7,Vista64bitUltimate+XP32bitHome+LinuxSuse64bit
Nahoru
Uživatelský avatar
marcucci
Level 3
Level 3
Příspěvky: 404
Registrován: duben 05
Bydliště: Ireland
Pohlaví: Nespecifikováno
Stav:
Offline
Kontakt:
Kontaktovat uživatele marcucci

Příspěvekod marcucci » 05 črc 2006 23:24

Tady je jeste kompletni Mwav:

Wed Jul 05 21:49:20 2006 => **********************************************************
Wed Jul 05 21:49:20 2006 => MicroWorld Anti Virus & Spyware Toolkit Utility.
Wed Jul 05 21:49:20 2006 => Copyright © 2003-2006, MicroWorld Technologies Inc.
Wed Jul 05 21:49:20 2006 => **********************************************************
Wed Jul 05 21:49:20 2006 => Source: C:\DOCUME~1\Marcucci\Plocha\My\mwav.exe
Wed Jul 05 21:49:20 2006 => Version 8.3.4 (C:\DOCUME~1\Marcucci\LOCALS~1\Temp\mexe.com)
Wed Jul 05 21:49:20 2006 => Log File: C:\DOCUME~1\Marcucci\LOCALS~1\Temp\MWAV.LOG
Wed Jul 05 21:49:20 2006 => Last Scan Date and Time: 26.06.2006 20:22:35
Wed Jul 05 21:49:20 2006 => MWAV Registered: FALSE.
Wed Jul 05 21:49:20 2006 => User Account: Marcucci
Wed Jul 05 21:49:20 2006 => OS Type: Windows Workstation
Wed Jul 05 21:49:20 2006 => OS: Windows XP
Wed Jul 05 21:49:20 2006 => Ver: Service Pack 2 (Build 2600)
Wed Jul 05 21:49:20 2006 => Windows Root Folder: C:\WINDOWS
Wed Jul 05 21:49:20 2006 => Windows Sys32 Folder: C:\WINDOWS\system32
Wed Jul 05 21:49:20 2006 => Local Fixed Drives: c:\,d:\,e:\,f:\
Wed Jul 05 21:49:20 2006 => MWAV Mode: Only Scan files.
Wed Jul 05 21:49:20 2006 => Latest Date of files inside MWAV: 12 Jun 2006 06:54:59.
Wed Jul 05 21:49:23 2006 => AV Library Loaded...
Wed Jul 05 21:49:23 2006 => MWAV doing self scanning...
Wed Jul 05 21:49:23 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\kavss.exe
Wed Jul 05 21:49:23 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\Getvlist.exe
Wed Jul 05 21:49:23 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\kavss.dll
Wed Jul 05 21:49:23 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\kavssdi.dll
Wed Jul 05 21:49:23 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\kavssi.dll
Wed Jul 05 21:49:23 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\kavvlg.dll
Wed Jul 05 21:49:23 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\msvlclnt.dll
Wed Jul 05 21:49:23 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\ipc.dll
Wed Jul 05 21:49:23 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\main.avi
Wed Jul 05 21:49:23 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\virus.avi
Wed Jul 05 21:49:23 2006 => MWAV files are clean.
Wed Jul 05 21:49:24 2006 => Virus Database Date: 6/12/2006
Wed Jul 05 21:49:24 2006 => Virus Database Count: 199930

Wed Jul 05 21:49:28 2006 => **********************************************************
Wed Jul 05 21:49:28 2006 => MicroWorld Anti Virus & Spyware Toolkit Utility.
Wed Jul 05 21:49:28 2006 => Copyright © 2003-2006, MicroWorld Technologies Inc.
Wed Jul 05 21:49:28 2006 =>
Wed Jul 05 21:49:28 2006 => Support: support@mwti.net
Wed Jul 05 21:49:28 2006 => Web: http://www.mwti.net
Wed Jul 05 21:49:28 2006 => **********************************************************
Wed Jul 05 21:49:28 2006 => Version 8.3.4 (C:\DOCUME~1\Marcucci\LOCALS~1\Temp\mexe.com)
Wed Jul 05 21:49:28 2006 => Log File: C:\DOCUME~1\Marcucci\LOCALS~1\Temp\MWAV.LOG
Wed Jul 05 21:49:28 2006 => User Account: Marcucci
Wed Jul 05 21:49:28 2006 => Windows Root Folder: C:\WINDOWS
Wed Jul 05 21:49:28 2006 => Windows Sys32 Folder: C:\WINDOWS\system32
Wed Jul 05 21:49:28 2006 => OS: Windows XP
Wed Jul 05 21:49:28 2006 => Ver: Service Pack 2 (Build 2600)
Wed Jul 05 21:49:28 2006 => Latest Date of files inside MWAV: 12 Jun 2006 06:54:59.

Wed Jul 05 21:49:28 2006 => Options Selected by User:
Wed Jul 05 21:49:28 2006 => Memory Check: Enabled
Wed Jul 05 21:49:28 2006 => Registry Check: Enabled
Wed Jul 05 21:49:28 2006 => StartUp Folder Check: Enabled
Wed Jul 05 21:49:28 2006 => System Folder Check: Enabled
Wed Jul 05 21:49:28 2006 => System Area Check: Disabled
Wed Jul 05 21:49:28 2006 => Services Check: Enabled
Wed Jul 05 21:49:28 2006 => Drive Check Option Disabled
Wed Jul 05 21:49:28 2006 => Folder Check: Disabled

Wed Jul 05 21:49:28 2006 => ***** Scanning Memory Files *****
Wed Jul 05 21:49:28 2006 => Scanning File C:\WINDOWS\System32\smss.exe
Wed Jul 05 21:49:28 2006 => Scanning File C:\WINDOWS\system32\ntdll.dll
Wed Jul 05 21:49:28 2006 => Scanning File C:\WINDOWS\SYSTEM32\CSRSS.EXE
Wed Jul 05 21:49:28 2006 => Scanning File C:\WINDOWS\system32\CSRSRV.dll
Wed Jul 05 21:49:28 2006 => Scanning File C:\WINDOWS\system32\basesrv.dll
Wed Jul 05 21:49:28 2006 => Scanning File C:\WINDOWS\system32\winsrv.dll
Wed Jul 05 21:49:28 2006 => Scanning File C:\WINDOWS\system32\GDI32.dll
Wed Jul 05 21:49:28 2006 => Scanning File C:\WINDOWS\system32\KERNEL32.dll
Wed Jul 05 21:49:29 2006 => Scanning File C:\WINDOWS\system32\USER32.dll
Wed Jul 05 21:49:29 2006 => Scanning File C:\WINDOWS\system32\sxs.dll
Wed Jul 05 21:49:29 2006 => Scanning File C:\WINDOWS\system32\ADVAPI32.dll
Wed Jul 05 21:49:29 2006 => Scanning File C:\WINDOWS\system32\RPCRT4.dll
Wed Jul 05 21:49:29 2006 => Scanning File C:\WINDOWS\SYSTEM32\WINLOGON.EXE
Wed Jul 05 21:49:29 2006 => Scanning File C:\WINDOWS\system32\AUTHZ.dll
Wed Jul 05 21:49:29 2006 => Scanning File C:\WINDOWS\system32\msvcrt.dll
Wed Jul 05 21:49:29 2006 => Scanning File C:\WINDOWS\system32\CRYPT32.dll
Wed Jul 05 21:49:29 2006 => Scanning File C:\WINDOWS\system32\MSASN1.dll
Wed Jul 05 21:49:29 2006 => Scanning File C:\WINDOWS\system32\NDdeApi.dll
Wed Jul 05 21:49:29 2006 => Scanning File C:\WINDOWS\system32\PROFMAP.dll
Wed Jul 05 21:49:29 2006 => Scanning File C:\WINDOWS\system32\NETAPI32.dll
Wed Jul 05 21:49:29 2006 => Scanning File C:\WINDOWS\system32\USERENV.dll
Wed Jul 05 21:49:29 2006 => Scanning File C:\WINDOWS\system32\PSAPI.DLL
Wed Jul 05 21:49:29 2006 => Scanning File C:\WINDOWS\system32\REGAPI.dll
Wed Jul 05 21:49:29 2006 => Scanning File C:\WINDOWS\system32\Secur32.dll
Wed Jul 05 21:49:29 2006 => Scanning File C:\WINDOWS\system32\SETUPAPI.dll
Wed Jul 05 21:49:29 2006 => Scanning File C:\WINDOWS\system32\VERSION.dll
Wed Jul 05 21:49:29 2006 => Scanning File C:\WINDOWS\system32\WINSTA.dll
Wed Jul 05 21:49:29 2006 => Scanning File C:\WINDOWS\system32\WINTRUST.dll
Wed Jul 05 21:49:29 2006 => Scanning File C:\WINDOWS\system32\IMAGEHLP.dll
Wed Jul 05 21:49:29 2006 => Scanning File C:\WINDOWS\system32\WS2_32.dll
Wed Jul 05 21:49:29 2006 => Scanning File C:\WINDOWS\system32\WS2HELP.dll
Wed Jul 05 21:49:29 2006 => Scanning File C:\PROGRA~1\Agnitum\OUTPOS~1.0\wl_hook.dll
Wed Jul 05 21:49:29 2006 => Scanning File C:\WINDOWS\system32\MSGINA.dll
Wed Jul 05 21:49:29 2006 => Scanning File C:\WINDOWS\system32\SHELL32.dll
Wed Jul 05 21:49:29 2006 => Scanning File C:\WINDOWS\system32\SHLWAPI.dll
Wed Jul 05 21:49:29 2006 => Scanning File C:\WINDOWS\system32\COMCTL32.dll
Wed Jul 05 21:49:29 2006 => Scanning File C:\WINDOWS\system32\ODBC32.dll
Wed Jul 05 21:49:29 2006 => Scanning File C:\WINDOWS\system32\comdlg32.dll
Wed Jul 05 21:49:29 2006 => Scanning File C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
Wed Jul 05 21:49:29 2006 => Scanning File C:\WINDOWS\system32\odbcint.dll
Wed Jul 05 21:49:29 2006 => Scanning File C:\WINDOWS\system32\SHSVCS.dll
Wed Jul 05 21:49:29 2006 => Scanning File C:\WINDOWS\system32\sfc.dll
Wed Jul 05 21:49:29 2006 => Scanning File C:\WINDOWS\system32\sfc_os.dll
Wed Jul 05 21:49:29 2006 => Scanning File C:\WINDOWS\system32\ole32.dll
Wed Jul 05 21:49:29 2006 => Scanning File C:\WINDOWS\system32\Apphelp.dll
Wed Jul 05 21:49:29 2006 => Scanning File C:\WINDOWS\system32\WINSCARD.DLL
Wed Jul 05 21:49:29 2006 => Scanning File C:\WINDOWS\system32\WTSAPI32.dll
Wed Jul 05 21:49:29 2006 => Scanning File C:\WINDOWS\system32\uxtheme.dll
Wed Jul 05 21:49:29 2006 => Scanning File C:\WINDOWS\system32\WINMM.dll
Wed Jul 05 21:49:29 2006 => Scanning File C:\WINDOWS\system32\Ati2evxx.dll
Wed Jul 05 21:49:29 2006 => Scanning File C:\WINDOWS\system32\cscdll.dll
Wed Jul 05 21:49:30 2006 => Scanning File C:\WINDOWS\system32\WlNotify.dll
Wed Jul 05 21:49:30 2006 => Scanning File C:\WINDOWS\system32\WINSPOOL.DRV
Wed Jul 05 21:49:30 2006 => Scanning File C:\WINDOWS\system32\MPR.dll
Wed Jul 05 21:49:30 2006 => Scanning File C:\WINDOWS\system32\rsaenh.dll
Wed Jul 05 21:49:30 2006 => Scanning File C:\WINDOWS\system32\WgaLogon.dll
Wed Jul 05 21:49:30 2006 => Scanning File C:\WINDOWS\system32\OLEAUT32.dll
Wed Jul 05 21:49:30 2006 => Scanning File C:\WINDOWS\system32\NTMARTA.DLL
Wed Jul 05 21:49:30 2006 => Scanning File C:\WINDOWS\system32\WLDAP32.dll
Wed Jul 05 21:49:30 2006 => Scanning File C:\WINDOWS\system32\SAMLIB.dll
Wed Jul 05 21:49:30 2006 => Scanning File C:\WINDOWS\system32\CLBCATQ.DLL
Wed Jul 05 21:49:30 2006 => Scanning File C:\WINDOWS\system32\COMRes.dll
Wed Jul 05 21:49:30 2006 => Scanning File C:\WINDOWS\system32\WINHTTP.dll
Wed Jul 05 21:49:30 2006 => Scanning File C:\WINDOWS\system32\msv1_0.dll
Wed Jul 05 21:49:30 2006 => Scanning File C:\WINDOWS\system32\iphlpapi.dll
Wed Jul 05 21:49:30 2006 => Scanning File C:\WINDOWS\system32\cscui.dll
Wed Jul 05 21:49:30 2006 => Scanning File C:\WINDOWS\system32\wdmaud.drv
Wed Jul 05 21:49:30 2006 => Scanning File C:\WINDOWS\system32\msacm32.drv
Wed Jul 05 21:49:30 2006 => Scanning File C:\WINDOWS\system32\MSACM32.dll
Wed Jul 05 21:49:30 2006 => Scanning File C:\WINDOWS\system32\midimap.dll
Wed Jul 05 21:49:30 2006 => Scanning File C:\WINDOWS\system32\MPRAPI.dll
Wed Jul 05 21:49:30 2006 => Scanning File C:\WINDOWS\system32\ACTIVEDS.dll
Wed Jul 05 21:49:30 2006 => Scanning File C:\WINDOWS\system32\adsldpc.dll
Wed Jul 05 21:49:30 2006 => Scanning File C:\WINDOWS\system32\ATL.DLL
Wed Jul 05 21:49:30 2006 => Scanning File C:\WINDOWS\system32\rtutils.dll
Wed Jul 05 21:49:30 2006 => Scanning File C:\WINDOWS\system32\xpsp2res.dll
Wed Jul 05 21:49:30 2006 => Scanning File C:\WINDOWS\system32\services.exe
Wed Jul 05 21:49:30 2006 => Scanning File C:\WINDOWS\system32\SCESRV.dll
Wed Jul 05 21:49:30 2006 => Scanning File C:\WINDOWS\system32\umpnpmgr.dll
Wed Jul 05 21:49:30 2006 => Scanning File C:\WINDOWS\system32\NCObjAPI.DLL
Wed Jul 05 21:49:30 2006 => Scanning File C:\WINDOWS\system32\MSVCP60.dll
Wed Jul 05 21:49:30 2006 => Scanning File C:\WINDOWS\system32\ShimEng.dll
Wed Jul 05 21:49:30 2006 => Scanning File C:\WINDOWS\AppPatch\AcGenral.DLL
Wed Jul 05 21:49:30 2006 => Scanning File C:\WINDOWS\system32\eventlog.dll
Wed Jul 05 21:49:30 2006 => Scanning File C:\WINDOWS\system32\lsass.exe
Wed Jul 05 21:49:30 2006 => Scanning File C:\WINDOWS\system32\LSASRV.dll
Wed Jul 05 21:49:30 2006 => Scanning File C:\WINDOWS\system32\NTDSAPI.dll
Wed Jul 05 21:49:30 2006 => Scanning File C:\WINDOWS\system32\DNSAPI.dll
Wed Jul 05 21:49:30 2006 => Scanning File C:\WINDOWS\system32\SAMSRV.dll
Wed Jul 05 21:49:30 2006 => Scanning File C:\WINDOWS\system32\cryptdll.dll
Wed Jul 05 21:49:30 2006 => Scanning File C:\WINDOWS\system32\msprivs.dll
Wed Jul 05 21:49:30 2006 => Scanning File C:\WINDOWS\system32\kerberos.dll
Wed Jul 05 21:49:30 2006 => Scanning File C:\WINDOWS\system32\netlogon.dll
Wed Jul 05 21:49:30 2006 => Scanning File C:\WINDOWS\system32\w32time.dll
Wed Jul 05 21:49:30 2006 => Scanning File C:\WINDOWS\system32\schannel.dll
Wed Jul 05 21:49:30 2006 => Scanning File C:\WINDOWS\system32\wdigest.dll
Wed Jul 05 21:49:30 2006 => Scanning File C:\WINDOWS\system32\scecli.dll
Wed Jul 05 21:49:30 2006 => Scanning File C:\WINDOWS\system32\ipsecsvc.dll
Wed Jul 05 21:49:30 2006 => Scanning File C:\WINDOWS\system32\oakley.DLL
Wed Jul 05 21:49:30 2006 => Scanning File C:\WINDOWS\system32\WINIPSEC.DLL
Wed Jul 05 21:49:31 2006 => Scanning File C:\WINDOWS\system32\pstorsvc.dll
Wed Jul 05 21:49:31 2006 => Scanning File C:\WINDOWS\system32\avsda.dll
Wed Jul 05 21:49:31 2006 => Scanning File C:\WINDOWS\system32\mswsock.dll
Wed Jul 05 21:49:31 2006 => Scanning File C:\WINDOWS\system32\hnetcfg.dll
Wed Jul 05 21:49:31 2006 => Scanning File C:\WINDOWS\System32\wshtcpip.dll
Wed Jul 05 21:49:31 2006 => Scanning File C:\WINDOWS\system32\psbase.dll
Wed Jul 05 21:49:31 2006 => Scanning File C:\WINDOWS\system32\dssenh.dll
Wed Jul 05 21:49:31 2006 => Scanning File C:\WINDOWS\system32\Ati2evxx.exe
Wed Jul 05 21:49:31 2006 => Scanning File C:\WINDOWS\system32\Ati2edxx.dll
Wed Jul 05 21:49:31 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Wed Jul 05 21:49:31 2006 => Scanning File c:\windows\system32\rpcss.dll
Wed Jul 05 21:49:31 2006 => Scanning File c:\windows\system32\termsrv.dll
Wed Jul 05 21:49:31 2006 => Scanning File c:\windows\system32\ICAAPI.dll
Wed Jul 05 21:49:31 2006 => Scanning File c:\windows\system32\mstlsapi.dll
Wed Jul 05 21:49:31 2006 => Scanning File C:\WINDOWS\System32\winrnr.dll
Wed Jul 05 21:49:31 2006 => Scanning File C:\WINDOWS\system32\rasadhlp.dll
Wed Jul 05 21:49:31 2006 => Scanning File c:\windows\system32\dhcpcsvc.dll
Wed Jul 05 21:49:31 2006 => Scanning File c:\windows\system32\wzcsvc.dll
Wed Jul 05 21:49:31 2006 => Scanning File c:\windows\system32\WMI.dll
Wed Jul 05 21:49:31 2006 => Scanning File c:\windows\system32\ESENT.dll
Wed Jul 05 21:49:31 2006 => Scanning File C:\WINDOWS\System32\rastls.dll
Wed Jul 05 21:49:31 2006 => Scanning File C:\WINDOWS\system32\CRYPTUI.dll
Wed Jul 05 21:49:31 2006 => Scanning File C:\WINDOWS\system32\WININET.dll
Wed Jul 05 21:49:31 2006 => Scanning File C:\WINDOWS\system32\Normaliz.dll
Wed Jul 05 21:49:31 2006 => Scanning File C:\WINDOWS\System32\RASAPI32.dll
Wed Jul 05 21:49:31 2006 => Scanning File C:\WINDOWS\System32\rasman.dll
Wed Jul 05 21:49:31 2006 => Scanning File C:\WINDOWS\System32\TAPI32.dll
Wed Jul 05 21:49:31 2006 => Scanning File C:\WINDOWS\System32\raschap.dll
Wed Jul 05 21:49:31 2006 => Scanning File c:\windows\system32\schedsvc.dll
Wed Jul 05 21:49:31 2006 => Scanning File C:\WINDOWS\System32\MSIDLE.DLL
Wed Jul 05 21:49:31 2006 => Scanning File c:\windows\system32\audiosrv.dll
Wed Jul 05 21:49:31 2006 => Scanning File c:\windows\system32\wkssvc.dll
Wed Jul 05 21:49:31 2006 => Scanning File c:\windows\system32\cryptsvc.dll
Wed Jul 05 21:49:31 2006 => Scanning File c:\windows\system32\certcli.dll
Wed Jul 05 21:49:31 2006 => Scanning File c:\windows\system32\ersvc.dll
Wed Jul 05 21:49:31 2006 => Scanning File c:\windows\system32\es.dll
Wed Jul 05 21:49:31 2006 => Scanning File c:\windows\pchealth\helpctr\binaries\pchsvc.dll
Wed Jul 05 21:49:31 2006 => Scanning File c:\windows\system32\hidserv.dll
Wed Jul 05 21:49:31 2006 => Scanning File c:\windows\system32\HID.DLL
Wed Jul 05 21:49:31 2006 => Scanning File c:\windows\system32\srvsvc.dll
Wed Jul 05 21:49:31 2006 => Scanning File c:\windows\system32\netman.dll
Wed Jul 05 21:49:31 2006 => Scanning File c:\windows\system32\netshell.dll
Wed Jul 05 21:49:31 2006 => Scanning File c:\windows\system32\credui.dll
Wed Jul 05 21:49:31 2006 => Scanning File c:\windows\system32\WZCSAPI.DLL
Wed Jul 05 21:49:31 2006 => Scanning File C:\WINDOWS\system32\upnp.dll
Wed Jul 05 21:49:32 2006 => Scanning File C:\WINDOWS\system32\SSDPAPI.dll
Wed Jul 05 21:49:32 2006 => Scanning File C:\WINDOWS\system32\wbem\wbemcomn.dll
Wed Jul 05 21:49:32 2006 => Scanning File c:\windows\system32\seclogon.dll
Wed Jul 05 21:49:32 2006 => Scanning File c:\windows\system32\sens.dll
Wed Jul 05 21:49:32 2006 => Scanning File c:\windows\system32\srsvc.dll
Wed Jul 05 21:49:32 2006 => Scanning File c:\windows\system32\POWRPROF.dll
Wed Jul 05 21:49:32 2006 => Scanning File c:\windows\system32\trkwks.dll
Wed Jul 05 21:49:32 2006 => Scanning File c:\windows\system32\wbem\wmisvc.dll
Wed Jul 05 21:49:32 2006 => Scanning File C:\WINDOWS\system32\VSSAPI.DLL
Wed Jul 05 21:49:32 2006 => Scanning File c:\windows\system32\wuauserv.dll
Wed Jul 05 21:49:32 2006 => Scanning File C:\WINDOWS\system32\wuaueng.dll
Wed Jul 05 21:49:32 2006 => Scanning File C:\WINDOWS\System32\ADVPACK.dll
Wed Jul 05 21:49:32 2006 => Scanning File C:\WINDOWS\System32\SHFOLDER.dll
Wed Jul 05 21:49:32 2006 => Scanning File C:\WINDOWS\System32\Cabinet.dll
Wed Jul 05 21:49:32 2006 => Scanning File C:\WINDOWS\System32\mspatcha.dll
Wed Jul 05 21:49:32 2006 => Scanning File c:\windows\system32\browser.dll
Wed Jul 05 21:49:32 2006 => Scanning File c:\windows\system32\ipnathlp.dll
Wed Jul 05 21:49:32 2006 => Scanning File c:\windows\system32\wscsvc.dll
Wed Jul 05 21:49:32 2006 => Scanning File c:\windows\system32\msi.dll
Wed Jul 05 21:49:32 2006 => Scanning File C:\WINDOWS\System32\Wbem\wbemcore.dll
Wed Jul 05 21:49:32 2006 => Scanning File C:\WINDOWS\System32\Wbem\esscli.dll
Wed Jul 05 21:49:32 2006 => Scanning File C:\WINDOWS\System32\Wbem\FastProx.dll
Wed Jul 05 21:49:32 2006 => Scanning File C:\WINDOWS\system32\comsvcs.dll
Wed Jul 05 21:49:32 2006 => Scanning File C:\WINDOWS\system32\colbact.DLL
Wed Jul 05 21:49:32 2006 => Scanning File C:\WINDOWS\system32\MTXCLU.DLL
Wed Jul 05 21:49:32 2006 => Scanning File C:\WINDOWS\system32\WSOCK32.dll
Wed Jul 05 21:49:32 2006 => Scanning File C:\WINDOWS\System32\CLUSAPI.DLL
Wed Jul 05 21:49:32 2006 => Scanning File C:\WINDOWS\System32\RESUTILS.DLL
Wed Jul 05 21:49:32 2006 => Scanning File C:\WINDOWS\system32\wbem\wbemsvc.dll
Wed Jul 05 21:49:32 2006 => Scanning File C:\WINDOWS\system32\wbem\wmiutils.dll
Wed Jul 05 21:49:32 2006 => Scanning File C:\WINDOWS\system32\wbem\repdrvfs.dll
Wed Jul 05 21:49:32 2006 => Scanning File C:\WINDOWS\system32\wbem\wmiprvsd.dll
Wed Jul 05 21:49:32 2006 => Scanning File C:\WINDOWS\system32\wbem\wbemess.dll
Wed Jul 05 21:49:32 2006 => Scanning File C:\WINDOWS\system32\wbem\ncprov.dll
Wed Jul 05 21:49:32 2006 => Scanning File c:\windows\system32\tapisrv.dll
Wed Jul 05 21:49:32 2006 => Scanning File c:\windows\system32\rasmans.dll
Wed Jul 05 21:49:32 2006 => Scanning File c:\windows\system32\netcfgx.dll
Wed Jul 05 21:49:32 2006 => Scanning File C:\WINDOWS\System32\rastapi.dll
Wed Jul 05 21:49:32 2006 => Scanning File C:\WINDOWS\System32\unimdm.tsp
Wed Jul 05 21:49:32 2006 => Scanning File C:\WINDOWS\System32\uniplat.dll
Wed Jul 05 21:49:33 2006 => Scanning File C:\WINDOWS\System32\unimdmat.dll
Wed Jul 05 21:49:33 2006 => Scanning File C:\WINDOWS\system32\modemui.dll
Wed Jul 05 21:49:33 2006 => Scanning File C:\WINDOWS\System32\kmddsp.tsp
Wed Jul 05 21:49:33 2006 => Scanning File C:\WINDOWS\System32\ndptsp.tsp
Wed Jul 05 21:49:33 2006 => Scanning File C:\WINDOWS\System32\ipconf.tsp
Wed Jul 05 21:49:33 2006 => Scanning File C:\WINDOWS\System32\h323.tsp
Wed Jul 05 21:49:33 2006 => Scanning File C:\WINDOWS\System32\hidphone.tsp
Wed Jul 05 21:49:33 2006 => Scanning File C:\WINDOWS\System32\rasppp.dll
Wed Jul 05 21:49:33 2006 => Scanning File C:\WINDOWS\System32\ntlsapi.dll
Wed Jul 05 21:49:33 2006 => Scanning File C:\WINDOWS\System32\RASDLG.dll
Wed Jul 05 21:49:33 2006 => Scanning File C:\WINDOWS\system32\msxml3.dll
Wed Jul 05 21:49:33 2006 => Scanning File C:\WINDOWS\system32\urlmon.dll
Wed Jul 05 21:49:34 2006 => Scanning File C:\WINDOWS\system32\iertutil.dll
Wed Jul 05 21:49:34 2006 => Scanning File C:\WINDOWS\system32\wups.dll
Wed Jul 05 21:49:34 2006 => Scanning File C:\PROGRA~1\TGTSoft\StyleXP\STYLEX~1.EXE
Wed Jul 05 21:49:34 2006 => Scanning File c:\windows\system32\dnsrslvr.dll
Wed Jul 05 21:49:34 2006 => Scanning File c:\windows\system32\lmhsvc.dll
Wed Jul 05 21:49:34 2006 => Scanning File c:\windows\system32\webclnt.dll
Wed Jul 05 21:49:34 2006 => Scanning File c:\windows\system32\alrsvc.dll
Wed Jul 05 21:49:34 2006 => Scanning File c:\windows\system32\ssdpsrv.dll
Wed Jul 05 21:49:34 2006 => Scanning File C:\WINDOWS\system32\LEXBCES.EXE
Wed Jul 05 21:49:34 2006 => Scanning File C:\WINDOWS\system32\lexp2p32.dll
Wed Jul 05 21:49:34 2006 => Scanning File C:\WINDOWS\system32\lex2kusb.dll
Wed Jul 05 21:49:34 2006 => Scanning File C:\WINDOWS\system32\spoolsv.exe
Wed Jul 05 21:49:34 2006 => Scanning File C:\WINDOWS\system32\SPOOLSS.DLL
Wed Jul 05 21:49:34 2006 => Scanning File C:\WINDOWS\system32\localspl.dll
Wed Jul 05 21:49:34 2006 => Scanning File C:\WINDOWS\system32\cnbjmon.dll
Wed Jul 05 21:49:34 2006 => Scanning File C:\WINDOWS\system32\LEXLMPM.DLL
Wed Jul 05 21:49:34 2006 => Scanning File C:\WINDOWS\system32\LexBce.dll
Wed Jul 05 21:49:34 2006 => Scanning File C:\WINDOWS\system32\mdimon.dll
Wed Jul 05 21:49:34 2006 => Scanning File C:\WINDOWS\system32\pjlmon.dll
Wed Jul 05 21:49:34 2006 => Scanning File C:\WINDOWS\system32\tcpmon.dll
Wed Jul 05 21:49:34 2006 => Scanning File C:\WINDOWS\system32\usbmon.dll
Wed Jul 05 21:49:34 2006 => Scanning File C:\WINDOWS\System32\spool\PRTPROCS\W32X86\DLBCPP5C.dll
Wed Jul 05 21:49:34 2006 => Scanning File C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll
Wed Jul 05 21:49:34 2006 => Scanning File C:\WINDOWS\system32\win32spl.dll
Wed Jul 05 21:49:34 2006 => Scanning File C:\WINDOWS\system32\NETRAP.dll
Wed Jul 05 21:49:34 2006 => Scanning File C:\WINDOWS\system32\inetpp.dll
Wed Jul 05 21:49:34 2006 => Scanning File C:\WINDOWS\system32\DLBCpwr.dll
Wed Jul 05 21:49:34 2006 => Scanning File C:\WINDOWS\system32\LEXPPS.EXE
Wed Jul 05 21:49:34 2006 => Scanning File C:\PROGRA~1\Logitech\SetPoint\lgscroll.dll
Wed Jul 05 21:49:34 2006 => Scanning File C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\MSVCR80.dll
Wed Jul 05 21:49:34 2006 => Scanning File C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\MSVCP80.dll
Wed Jul 05 21:49:34 2006 => Scanning File C:\WINDOWS\Explorer.EXE
Wed Jul 05 21:49:34 2006 => Scanning File C:\WINDOWS\system32\BROWSEUI.dll
Wed Jul 05 21:49:34 2006 => Scanning File C:\WINDOWS\system32\SHDOCVW.dll
Wed Jul 05 21:49:34 2006 => Scanning File C:\WINDOWS\system32\themeui.dll
Wed Jul 05 21:49:34 2006 => Scanning File C:\WINDOWS\system32\MSIMG32.dll
Wed Jul 05 21:49:34 2006 => Scanning File C:\PROGRA~1\WINDOW~2\wmpband.dll
Wed Jul 05 21:49:34 2006 => Scanning File C:\WINDOWS\system32\ntshrui.dll
Wed Jul 05 21:49:35 2006 => Scanning File C:\WINDOWS\system32\LINKINFO.dll
Wed Jul 05 21:49:35 2006 => Scanning File C:\WINDOWS\system32\ieframe.dll
Wed Jul 05 21:49:35 2006 => Scanning File C:\WINDOWS\system32\OLEACC.dll
Wed Jul 05 21:49:35 2006 => Scanning File C:\WINDOWS\system32\IMM32.dll
Wed Jul 05 21:49:35 2006 => Scanning File C:\WINDOWS\system32\MSHTML.dll
Wed Jul 05 21:49:35 2006 => Scanning File C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll
Wed Jul 05 21:49:35 2006 => Scanning File C:\WINDOWS\system32\msls31.dll
Wed Jul 05 21:49:35 2006 => Scanning File C:\WINDOWS\system32\MSRATING.dll
Wed Jul 05 21:49:35 2006 => Scanning File C:\WINDOWS\system32\IEUI.dll
Wed Jul 05 21:49:35 2006 => Scanning File C:\PROGRA~1\Stardock\OBJECT~1\DOCKSH~1.DLL
Wed Jul 05 21:49:35 2006 => Scanning File C:\WINDOWS\system32\webcheck.dll
Wed Jul 05 21:49:35 2006 => Scanning File C:\WINDOWS\system32\stobject.dll
Wed Jul 05 21:49:35 2006 => Scanning File C:\WINDOWS\system32\BatMeter.dll
Wed Jul 05 21:49:35 2006 => Scanning File C:\WINDOWS\System32\drprov.dll
Wed Jul 05 21:49:35 2006 => Scanning File C:\WINDOWS\System32\ntlanman.dll
Wed Jul 05 21:49:35 2006 => Scanning File C:\WINDOWS\System32\NETUI0.dll
Wed Jul 05 21:49:35 2006 => Scanning File C:\WINDOWS\System32\NETUI1.dll
Wed Jul 05 21:49:35 2006 => Scanning File C:\WINDOWS\System32\davclnt.dll
Wed Jul 05 21:49:35 2006 => Scanning File C:\WINDOWS\system32\browselc.dll
Wed Jul 05 21:49:35 2006 => Scanning File C:\PROGRA~1\Adobe\ACROBA~1.0\ActiveX\ACROIE~1.DLL
Wed Jul 05 21:49:35 2006 => Scanning File C:\WINDOWS\system32\MSVCR71.dll
Wed Jul 05 21:49:35 2006 => Scanning File C:\WINDOWS\system32\DUSER.dll
Wed Jul 05 21:49:35 2006 => Scanning File C:\WINDOWS\system32\PortableDeviceApi.dll
Wed Jul 05 21:49:35 2006 => Scanning File C:\WINDOWS\system32\sti.dll
Wed Jul 05 21:49:35 2006 => Scanning File C:\WINDOWS\system32\CFGMGR32.dll
Wed Jul 05 21:49:35 2006 => Scanning File C:\WINDOWS\system32\MLANG.dll
Wed Jul 05 21:49:35 2006 => Scanning File C:\PROGRA~1\COMMON~1\Ahead\lib\NERODI~1.DLL
Wed Jul 05 21:49:35 2006 => Scanning File C:\PROGRA~1\COMMON~1\Ahead\lib\MFC71.DLL
Wed Jul 05 21:49:35 2006 => Scanning File C:\PROGRA~1\COMMON~1\Ahead\lib\MSVCP71.dll
Wed Jul 05 21:49:35 2006 => Scanning File C:\PROGRA~1\AUDIOS~1\AUDIOS~1.DLL
Wed Jul 05 21:49:35 2006 => Scanning File C:\PROGRA~1\Adobe\ACROBA~1.0\ActiveX\PDFShell.dll
Wed Jul 05 21:49:35 2006 => Scanning File C:\WINDOWS\system32\zipfldr.dll
Wed Jul 05 21:49:35 2006 => Scanning File C:\PROGRA~1\Nero\NERO7~1\NEROBA~1\NBShell.dll
Wed Jul 05 21:49:35 2006 => Scanning File C:\PROGRA~1\Nero\NERO7~1\NEROBA~1\MFC71U.DLL
Wed Jul 05 21:49:35 2006 => Scanning File C:\PROGRA~1\WinRAR\rarext.dll
Wed Jul 05 21:49:35 2006 => Scanning File C:\PROGRA~1\WinRAR\rarlng.dll
Wed Jul 05 21:49:35 2006 => Scanning File C:\WINDOWS\system32\actxprxy.dll
Wed Jul 05 21:49:35 2006 => Scanning File C:\PROGRA~1\ConMet\ConMet.exe
Wed Jul 05 21:49:36 2006 => Scanning File C:\WINDOWS\system32\sensapi.dll
Wed Jul 05 21:49:36 2006 => Scanning File C:\PROGRA~1\ANTIVI~1\avgnt.exe
Wed Jul 05 21:49:36 2006 => Scanning File C:\PROGRA~1\ANTIVI~1\MFC71U.DLL
Wed Jul 05 21:49:36 2006 => Scanning File C:\PROGRA~1\ANTIVI~1\MSVCR71.dll
Wed Jul 05 21:49:36 2006 => Scanning File C:\PROGRA~1\ANTIVI~1\avgcmxp.dll
Wed Jul 05 21:49:36 2006 => Scanning File C:\WINDOWS\system32\hhctrl.ocx
Wed Jul 05 21:49:36 2006 => Scanning File C:\WINDOWS\system32\mui\0005\hhctrlui.dll
Wed Jul 05 21:49:36 2006 => Scanning File C:\PROGRA~1\Logitech\SetPoint\SetPoint.exe
Wed Jul 05 21:49:36 2006 => Scanning File C:\WINDOWS\system32\KemXML.dll
Wed Jul 05 21:49:36 2006 => Scanning File C:\WINDOWS\system32\kemutb.dll
Wed Jul 05 21:49:36 2006 => Scanning File C:\WINDOWS\system32\KemUtil.dll
Wed Jul 05 21:49:36 2006 => Scanning File C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\MFC80U.DLL
Wed Jul 05 21:49:36 2006 => Scanning File C:\WINDOWS\system32\KemWnd.dll
Wed Jul 05 21:49:36 2006 => Scanning File C:\PROGRA~1\Logitech\SetPoint\SETPOI~1.DLL
Wed Jul 05 21:49:36 2006 => Scanning File C:\PROGRA~1\Logitech\SetPoint\Macros\MACROC~1.DLL
Wed Jul 05 21:49:36 2006 => Scanning File C:\PROGRA~1\Logitech\SetPoint\IMHook.dll
Wed Jul 05 21:49:36 2006 => Scanning File C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_6e805841\ATL80.DLL
Wed Jul 05 21:49:36 2006 => Scanning File C:\PROGRA~1\COMMON~1\Logitech\KHALSH~1\KhalApi.dll
Wed Jul 05 21:49:36 2006 => Scanning File C:\PROGRA~1\Logitech\SetPoint\kgame.dll
Wed Jul 05 21:49:36 2006 => Scanning File C:\PROGRA~1\Logitech\SetPoint\GameHook.dll
Wed Jul 05 21:49:36 2006 => Scanning File C:\PROGRA~1\Logitech\SetPoint\LCABHA~1.DLL
Wed Jul 05 21:49:36 2006 => Scanning File C:\PROGRA~1\Agnitum\OUTPOS~1.0\outpost.exe
Wed Jul 05 21:49:36 2006 => Scanning File C:\PROGRA~1\Agnitum\OUTPOS~1.0\engine.dll
Wed Jul 05 21:49:36 2006 => Scanning File C:\PROGRA~1\Agnitum\OUTPOS~1.0\op_utils.dll
Wed Jul 05 21:49:36 2006 => Scanning File C:\WINDOWS\system32\MFC42.DLL
Wed Jul 05 21:49:36 2006 => Scanning File C:\WINDOWS\system32\MFC42LOC.DLL
Wed Jul 05 21:49:36 2006 => Scanning File C:\PROGRA~1\Agnitum\OUTPOS~1.0\PSAPI.DLL
Wed Jul 05 21:49:36 2006 => Scanning File C:\PROGRA~1\Agnitum\OUTPOS~1.0\op_data.dll
Wed Jul 05 21:49:36 2006 => Scanning File C:\PROGRA~1\Agnitum\OUTPOS~1.0\netstat.ofp
Wed Jul 05 21:49:36 2006 => Scanning File C:\PROGRA~1\Agnitum\OUTPOS~1.0\Plugins\BrowserBar\op_hdlr.dll
Wed Jul 05 21:49:36 2006 => Scanning File C:\PROGRA~1\Agnitum\OUTPOS~1.0\Plugins\AntiSpyware\sp_ui.ofp
Wed Jul 05 21:49:36 2006 => Scanning File C:\PROGRA~1\Agnitum\OUTPOS~1.0\Plugins\Ads\ad_int.ofp
Wed Jul 05 21:49:36 2006 => Scanning File C:\PROGRA~1\Agnitum\OUTPOS~1.0\Plugins\Content\cnt_int.ofp
Wed Jul 05 21:49:36 2006 => Scanning File C:\PROGRA~1\Agnitum\OUTPOS~1.0\Plugins\Dns\dns_int.ofp
Wed Jul 05 21:49:36 2006 => Scanning File C:\PROGRA~1\Agnitum\OUTPOS~1.0\Plugins\Protect\prot_int.ofp
Wed Jul 05 21:49:36 2006 => Scanning File C:\PROGRA~1\Agnitum\OUTPOS~1.0\Plugins\File\file_int.ofp
Wed Jul 05 21:49:36 2006 => Scanning File C:\PROGRA~1\Agnitum\OUTPOS~1.0\Plugins\Web\web_int.ofp
Wed Jul 05 21:49:36 2006 => Scanning File C:\PROGRA~1\Agnitum\OUTPOS~1.0\Plugins\AntiSpyware\sp_cure.dll
Wed Jul 05 21:49:36 2006 => Scanning File C:\PROGRA~1\Agnitum\OUTPOS~1.0\Plugins\AntiSpyware\sp_mon.dll
Wed Jul 05 21:49:36 2006 => Scanning File C:\WINDOWS\system32\odbccp32.dll
Wed Jul 05 21:49:36 2006 => Scanning File C:\WINDOWS\system32\odbcjt32.dll
Wed Jul 05 21:49:36 2006 => Scanning File C:\WINDOWS\system32\msjet40.dll
Wed Jul 05 21:49:36 2006 => Scanning File C:\WINDOWS\system32\mswstr10.dll
Wed Jul 05 21:49:36 2006 => Scanning File C:\WINDOWS\system32\odbcji32.dll
Wed Jul 05 21:49:36 2006 => Scanning File C:\WINDOWS\system32\msjter40.dll
Wed Jul 05 21:49:37 2006 => Scanning File C:\WINDOWS\system32\MSJINT40.DLL
Wed Jul 05 21:49:37 2006 => Scanning File C:\WINDOWS\system32\msjtes40.dll
Wed Jul 05 21:49:37 2006 => Scanning File C:\WINDOWS\system32\VBAJET32.DLL
Wed Jul 05 21:49:37 2006 => Scanning File C:\WINDOWS\system32\expsrv.dll
Wed Jul 05 21:49:37 2006 => Scanning File C:\PROGRA~1\Agnitum\OUTPOS~1.0\Plugins\AntiSpyware\sp_scan.dll
Wed Jul 05 21:49:37 2006 => Scanning File C:\PROGRA~1\Agnitum\OUTPOS~1.0\zlib.dll
Wed Jul 05 21:49:37 2006 => Scanning File C:\PROGRA~1\Agnitum\OUTPOS~1.0\unrar.dll
Wed Jul 05 21:49:37 2006 => Scanning File C:\PROGRA~1\Agnitum\OUTPOS~1.0\op_cmn.dll
Wed Jul 05 21:49:37 2006 => Scanning File C:\PROGRA~1\Agnitum\OUTPOS~1.0\opst_ui.dll
Wed Jul 05 21:49:37 2006 => Scanning File C:\PROGRA~1\Agnitum\OUTPOS~1.0\op_ctrls.dll
Wed Jul 05 21:49:37 2006 => Scanning File C:\PROGRA~1\Agnitum\OUTPOS~1.0\logo_rc.dll
Wed Jul 05 21:49:37 2006 => Scanning File C:\WINDOWS\system32\VDMDBG.DLL
Wed Jul 05 21:49:37 2006 => Scanning File C:\WINDOWS\system32\wbem\wbemprox.dll
Wed Jul 05 21:49:37 2006 => Scanning File C:\PROGRA~1\COMMON~1\Logitech\KHALSH~1\KHALMNPR.EXE
Wed Jul 05 21:49:37 2006 => Scanning File C:\PROGRA~1\COMMON~1\Logitech\KHALSH~1\KHALITCH.DLL
Wed Jul 05 21:49:37 2006 => Scanning File C:\PROGRA~1\COMMON~1\Logitech\KHALSH~1\KHALMW.DLL
Wed Jul 05 21:49:37 2006 => Scanning File C:\PROGRA~1\COMMON~1\Logitech\KHALSH~1\KHALHPP.DLL
Wed Jul 05 21:49:37 2006 => Scanning File C:\PROGRA~1\Stardock\OBJECT~1\OBJECT~1.EXE
Wed Jul 05 21:49:37 2006 => Scanning File C:\PROGRA~1\Stardock\OBJECT~1\CrashRpt.dll
Wed Jul 05 21:49:37 2006 => Scanning File C:\PROGRA~1\Stardock\OBJECT~1\dbghelp.dll
Wed Jul 05 21:49:37 2006 => Scanning File C:\PROGRA~1\Stardock\OBJECT~1\zlib.dll
Wed Jul 05 21:49:37 2006 => Scanning File C:\WINDOWS\system32\CRTDLL.dll
Wed Jul 05 21:49:37 2006 => Scanning File C:\PROGRA~1\COMMON~1\Stardock\ODImg.dll
Wed Jul 05 21:49:37 2006 => Scanning File C:\PROGRA~1\Stardock\OBJECT~1\MSVCR70.dll
Wed Jul 05 21:49:37 2006 => Scanning File C:\WINDOWS\system32\mscms.dll
Wed Jul 05 21:49:37 2006 => Scanning File C:\PROGRA~1\ANTIVI~1\sched.exe
Wed Jul 05 21:49:37 2006 => Scanning File C:\PROGRA~1\ANTIVI~1\MSVCP71.dll
Wed Jul 05 21:49:37 2006 => Scanning File C:\PROGRA~1\ANTIVI~1\schedr.dll
Wed Jul 05 21:49:37 2006 => Scanning File C:\PROGRA~1\ANTIVI~1\avguard.exe
Wed Jul 05 21:49:37 2006 => Scanning File C:\PROGRA~1\ANTIVI~1\GUARDMSG.DLL
Wed Jul 05 21:49:37 2006 => Scanning File C:\PROGRA~1\ANTIVI~1\AVPREF.DLL
Wed Jul 05 21:49:37 2006 => Scanning File C:\PROGRA~1\ANTIVI~1\SMTPLIB.DLL
Wed Jul 05 21:49:38 2006 => Scanning File C:\PROGRA~1\ANTIVI~1\AVEWIN32.DLL
Wed Jul 05 21:49:38 2006 => Scanning File C:\WINDOWS\system32\FLTLIB.DLL
Wed Jul 05 21:49:38 2006 => Scanning File C:\PROGRA~1\RAINLE~1\RAINLE~1.EXE
Wed Jul 05 21:49:38 2006 => Scanning File C:\PROGRA~1\RAINLE~1\RAINLE~1.DLL
Wed Jul 05 21:49:38 2006 => Scanning File C:\PROGRA~1\RAINLE~1\Plugins\ICALPL~1.DLL
Wed Jul 05 21:49:38 2006 => Scanning File C:\PROGRA~1\RAINLE~1\Plugins\INIFOR~1.DLL
Wed Jul 05 21:49:38 2006 => Scanning File C:\PROGRA~1\RAINLE~1\Plugins\OUTLOO~1.DLL
Wed Jul 05 21:49:38 2006 => Scanning File C:\WINDOWS\system32\mapi32.dll
Wed Jul 05 21:49:38 2006 => Scanning File C:\PROGRA~1\RAINLE~1\Plugins\SERVER~1.DLL
Wed Jul 05 21:49:38 2006 => Scanning File C:\PROGRA~1\ANTIVI~1\avesvc.exe
Wed Jul 05 21:49:38 2006 => Scanning File C:\PROGRA~1\ANTIVI~1\AVESVCR.DLL
Wed Jul 05 21:49:38 2006 => Scanning File C:\PROGRA~1\ANTIVI~1\avpack32.dll
Wed Jul 05 21:49:38 2006 => Scanning File C:\PROGRA~1\ANTIVI~1\unacev2.dll
Wed Jul 05 21:49:38 2006 => Scanning File C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE
Wed Jul 05 21:49:38 2006 => Scanning File C:\PROGRA~1\COMMON~1\MICROS~1\VS7Debug\mdm.exe
Wed Jul 05 21:49:38 2006 => Scanning File c:\windows\system32\wiaservc.dll
Wed Jul 05 21:49:38 2006 => Scanning File C:\WINDOWS\system32\wiavusd.dll
Wed Jul 05 21:49:38 2006 => Scanning File C:\PROGRA~1\ANTIVI~1\avmailc.exe
Wed Jul 05 21:49:38 2006 => Scanning File C:\PROGRA~1\ANTIVI~1\avmailcr.dll
Wed Jul 05 21:49:38 2006 => Scanning File C:\WINDOWS\System32\alg.exe
Wed Jul 05 21:49:38 2006 => Scanning File C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
Wed Jul 05 21:49:39 2006 => Scanning File C:\PROGRA~1\MOZILL~1\js3250.dll
Wed Jul 05 21:49:39 2006 => Scanning File C:\PROGRA~1\MOZILL~1\nspr4.dll
Wed Jul 05 21:49:39 2006 => Scanning File C:\PROGRA~1\MOZILL~1\xpcom_core.dll
Wed Jul 05 21:49:39 2006 => Scanning File C:\PROGRA~1\MOZILL~1\plc4.dll
Wed Jul 05 21:49:39 2006 => Scanning File C:\PROGRA~1\MOZILL~1\plds4.dll
Wed Jul 05 21:49:39 2006 => Scanning File C:\PROGRA~1\MOZILL~1\smime3.dll
Wed Jul 05 21:49:39 2006 => Scanning File C:\PROGRA~1\MOZILL~1\nss3.dll
Wed Jul 05 21:49:39 2006 => Scanning File C:\PROGRA~1\MOZILL~1\softokn3.dll
Wed Jul 05 21:49:39 2006 => Scanning File C:\PROGRA~1\MOZILL~1\ssl3.dll
Wed Jul 05 21:49:39 2006 => Scanning File C:\PROGRA~1\MOZILL~1\xpcom_compat.dll
Wed Jul 05 21:49:39 2006 => Scanning File C:\PROGRA~1\MOZILL~1\components\jar50.dll
Wed Jul 05 21:49:39 2006 => Scanning File C:\WINDOWS\system32\msimtf.dll
Wed Jul 05 21:49:39 2006 => Scanning File C:\WINDOWS\system32\MSCTF.dll
Wed Jul 05 21:49:39 2006 => Scanning File C:\PROGRA~1\MOZILL~1\plugins\npnul32.dll
Wed Jul 05 21:49:39 2006 => Scanning File C:\PROGRA~1\Winamp\winamp.exe
Wed Jul 05 21:49:39 2006 => Scanning File C:\PROGRA~1\Winamp\NSCRT.dll
Wed Jul 05 21:49:39 2006 => Scanning File C:\PROGRA~1\Winamp\Czech.lng
Wed Jul 05 21:49:39 2006 => Scanning File C:\PROGRA~1\Winamp\System\AACPLU~1.W5S
Wed Jul 05 21:49:39 2006 => Scanning File C:\PROGRA~1\Winamp\System\jnetlib.w5s
Wed Jul 05 21:49:39 2006 => Scanning File C:\PROGRA~1\Winamp\System\playlist.w5s
Wed Jul 05 21:49:39 2006 => Scanning File C:\PROGRA~1\Winamp\System\png.w5s
Wed Jul 05 21:49:39 2006 => Scanning File C:\PROGRA~1\Winamp\System\tagz.w5s
Wed Jul 05 21:49:39 2006 => Scanning File C:\PROGRA~1\Winamp\System\watcher.w5s
Wed Jul 05 21:49:39 2006 => Scanning File C:\PROGRA~1\Winamp\System\xml.w5s
Wed Jul 05 21:49:39 2006 => Scanning File C:\PROGRA~1\Winamp\Plugins\in_cdda.dll
Wed Jul 05 21:49:39 2006 => Scanning File C:\PROGRA~1\Winamp\Plugins\in_dshow.dll
Wed Jul 05 21:49:39 2006 => Scanning File C:\PROGRA~1\Winamp\Plugins\IN_LIN~1.DLL
Wed Jul 05 21:49:39 2006 => Scanning File C:\PROGRA~1\Winamp\Plugins\in_midi.dll
Wed Jul 05 21:49:39 2006 => Scanning File C:\PROGRA~1\Winamp\Plugins\READ_F~1.DLL
Wed Jul 05 21:49:39 2006 => Scanning File C:\PROGRA~1\Winamp\Plugins\in_mod.dll
Wed Jul 05 21:49:39 2006 => Scanning File C:\PROGRA~1\Winamp\Plugins\in_mp3.dll
Wed Jul 05 21:49:39 2006 => Scanning File C:\PROGRA~1\Winamp\Plugins\in_mp4.dll
Wed Jul 05 21:49:39 2006 => Scanning File C:\PROGRA~1\Winamp\Plugins\libmp4v2.dll
Wed Jul 05 21:49:39 2006 => Scanning File C:\PROGRA~1\Winamp\Plugins\in_nsv.dll
Wed Jul 05 21:49:39 2006 => Scanning File C:\PROGRA~1\Winamp\Plugins\IN_VOR~1.DLL
Wed Jul 05 21:49:39 2006 => Scanning File C:\PROGRA~1\Winamp\Plugins\in_wave.dll
Wed Jul 05 21:49:39 2006 => Scanning File C:\PROGRA~1\Winamp\LIBSND~1.DLL
Wed Jul 05 21:49:39 2006 => Scanning File C:\PROGRA~1\Winamp\Plugins\in_wm.dll
Wed Jul 05 21:49:39 2006 => Scanning File C:\WINDOWS\system32\wmvcore.dll
Wed Jul 05 21:49:39 2006 => Scanning File C:\WINDOWS\system32\WMASF.DLL
Wed Jul 05 21:49:39 2006 => Scanning File C:\PROGRA~1\Winamp\Plugins\out_disk.dll
Wed Jul 05 21:49:39 2006 => Scanning File C:\PROGRA~1\Winamp\Plugins\out_ds.dll
Wed Jul 05 21:49:39 2006 => Scanning File C:\PROGRA~1\Winamp\Plugins\out_wave.dll
Wed Jul 05 21:49:39 2006 => Scanning File C:\PROGRA~1\Winamp\Plugins\dsp_neq.dll
Wed Jul 05 21:49:40 2006 => Scanning File C:\WINDOWS\system32\ddraw.dll
Wed Jul 05 21:49:40 2006 => Scanning File C:\WINDOWS\system32\DCIMAN32.dll
Wed Jul 05 21:49:40 2006 => Scanning File C:\PROGRA~1\Winamp\Plugins\gen_ff.dll
Wed Jul 05 21:49:40 2006 => Scanning File C:\PROGRA~1\Winamp\Plugins\freeform\wacs\jpgload\jpgload.wac
Wed Jul 05 21:49:40 2006 => Scanning File C:\PROGRA~1\Winamp\Plugins\GEN_HO~1.DLL
Wed Jul 05 21:49:40 2006 => Scanning File C:\PROGRA~1\Winamp\Plugins\GEN_JU~1.DLL
Wed Jul 05 21:49:40 2006 => Scanning File C:\PROGRA~1\Winamp\Plugins\gen_ml.dll
Wed Jul 05 21:49:40 2006 => Scanning File C:\WINDOWS\system32\icm32.dll
Wed Jul 05 21:49:40 2006 => Scanning File C:\PROGRA~1\Winamp\Plugins\ML_NOW~1.DLL
Wed Jul 05 21:49:40 2006 => Scanning File C:\PROGRA~1\Winamp\Plugins\ML_BOO~1.DLL
Wed Jul 05 21:49:40 2006 => Scanning File C:\PROGRA~1\Winamp\Plugins\ML_HIS~1.DLL
Wed Jul 05 21:49:40 2006 => Scanning File C:\PROGRA~1\Winamp\nde.dll
Wed Jul 05 21:49:40 2006 => Scanning File C:\PROGRA~1\Winamp\Plugins\ml_local.dll
Wed Jul 05 21:49:40 2006 => Scanning File C:\PROGRA~1\Winamp\Plugins\ML_PLA~1.DLL
Wed Jul 05 21:49:40 2006 => Scanning File C:\PROGRA~1\Winamp\Plugins\ml_disc.dll
Wed Jul 05 21:49:40 2006 => Scanning File C:\PROGRA~1\Winamp\primosdk.dll
Wed Jul 05 21:49:40 2006 => Scanning File C:\WINDOWS\system32\PX.dll
Wed Jul 05 21:49:40 2006 => Scanning File C:\WINDOWS\system32\PXDRV.DLL
Wed Jul 05 21:49:40 2006 => Scanning File C:\WINDOWS\system32\PXMAS.DLL
Wed Jul 05 21:49:40 2006 => Scanning File C:\WINDOWS\system32\PXSFS.DLL
Wed Jul 05 21:49:40 2006 => Scanning File C:\WINDOWS\system32\PXWAVE.DLL
Wed Jul 05 21:49:40 2006 => Scanning File C:\PROGRA~1\Winamp\Plugins\ML_ONL~1.DLL
Wed Jul 05 21:49:40 2006 => Scanning File C:\PROGRA~1\Winamp\Plugins\ml_pmp.dll
Wed Jul 05 21:49:40 2006 => Scanning File C:\PROGRA~1\Winamp\Plugins\pmp_ipod.dll
Wed Jul 05 21:49:40 2006 => Scanning File C:\PROGRA~1\Winamp\Plugins\pmp_njb.dll
Wed Jul 05 21:49:40 2006 => Scanning File C:\PROGRA~1\Winamp\Plugins\pmp_p4s.dll
Wed Jul 05 21:49:40 2006 => Scanning File C:\PROGRA~1\Winamp\Plugins\ml_wire.dll
Wed Jul 05 21:49:40 2006 => Scanning File C:\WINDOWS\system32\MSWMDM.dll
Wed Jul 05 21:49:40 2006 => Scanning File C:\WINDOWS\system32\MsPMSP.dll
Wed Jul 05 21:49:40 2006 => Scanning File C:\PROGRA~1\Winamp\Plugins\ml_xpdxs.dll
Wed Jul 05 21:49:41 2006 => Scanning File C:\PROGRA~1\Winamp\Plugins\GEN_SR~1.DLL
Wed Jul 05 21:49:41 2006 => Scanning File C:\PROGRA~1\Winamp\Plugins\gen_tray.dll
Wed Jul 05 21:49:41 2006 => Scanning File C:\WINDOWS\system32\cewmdm.dll
Wed Jul 05 21:49:41 2006 => Scanning File C:\PROGRA~1\Nero\NERO7~1\NEROFA~1\NEROBU~1.DLL
Wed Jul 05 21:49:41 2006 => Scanning File C:\PROGRA~1\Nero\NERO7~1\NEROFA~1\MSVCR71.dll
Wed Jul 05 21:49:41 2006 => Scanning File C:\PROGRA~1\Nero\NERO7~1\NEROFA~1\MSVCP71.dll
Wed Jul 05 21:49:41 2006 => Scanning File C:\WINDOWS\system32\WMDMPS.dll
Wed Jul 05 21:49:41 2006 => Scanning File C:\WINDOWS\system32\WMDMLOG.dll
Wed Jul 05 21:49:41 2006 => Scanning File C:\WINDOWS\system32\dsound.dll
Wed Jul 05 21:49:41 2006 => Scanning File C:\WINDOWS\system32\KsUser.dll
Wed Jul 05 21:49:41 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\mexe.com
Wed Jul 05 21:49:42 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\msvlclnt.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\kavssdi.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\kavssd.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\kavssi.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\ipc.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\RICHED32.DLL
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\RICHED20.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\PSAPI.DLL
Wed Jul 05 21:49:42 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\kavss.exe
Wed Jul 05 21:49:42 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\kavss.dll

Wed Jul 05 21:49:42 2006 => ***** Scanning Registry Files *****

Wed Jul 05 21:49:42 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\SHELL32.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\SHELL32.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\webcheck.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\stobject.dll

Wed Jul 05 21:49:42 2006 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad

Wed Jul 05 21:49:42 2006 => Scanning HKLM\SOFTWARE\Microsoft\Internet Explorer\Plugins\Extension

Wed Jul 05 21:49:42 2006 => Scanning HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar

Wed Jul 05 21:49:42 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects
Wed Jul 05 21:49:42 2006 => {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} = C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\PROGRA~1\Adobe\ACROBA~1.0\ActiveX\ACROIE~1.DLL
Wed Jul 05 21:49:42 2006 => {C333CF63-767F-4831-94AC-E683D962C63C} = C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\PROGRA~1\TGTSoft\StyleXP\TGT_BHO.dll

Wed Jul 05 21:49:42 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\ieframe.dll

Wed Jul 05 21:49:42 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\mmsys.cpl
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\icmui.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\rshx32.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\docprop.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\ntshrui.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\themeui.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\deskadp.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\deskmon.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\dssec.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\SlayerXP.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\shscrap.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\diskcopy.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\ntlanui2.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\System32\icmui.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\icmui.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\printui.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\dskquoui.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\syncui.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\hticons.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\fontext.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\icmui.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\rshx32.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\ntshrui.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\deskperf.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\cryptext.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\cryptext.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\NETSHELL.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\NETSHELL.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\wiashext.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\wiashext.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\wiashext.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\wiashext.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\wiashext.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\remotepg.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\wshext.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\PROGRA~1\COMMON~1\System\OLEDB~1\oledb32.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\mstask.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\mstask.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\mstask.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\wuaucpl.cpl
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\twext.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\twext.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\shmedia.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\shmedia.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\shmedia.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\shmedia.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\shmedia.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\shmedia.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Wed Jul 05 21:49:42 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\ieframe.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\ieframe.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\ieframe.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\ieframe.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\ieframe.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\ieframe.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\ieframe.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\ieframe.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\ieframe.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\ieframe.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\sendmail.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\sendmail.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\occache.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\webcheck.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\webcheck.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\webcheck.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\webcheck.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\webcheck.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\webcheck.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\webcheck.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\webcheck.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\webcheck.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\webcheck.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\appwiz.cpl
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\appwiz.cpl
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\appwiz.cpl
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\shimgvw.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\shimgvw.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\shimgvw.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\shimgvw.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\shimgvw.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\shimgvw.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\netplwiz.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\netplwiz.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\netplwiz.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\netplwiz.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\zipfldr.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\zipfldr.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\zipfldr.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\extmgr.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\msieftp.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\docprop2.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\docprop2.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\docprop2.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\docprop2.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\docprop2.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\docprop2.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\dsquery.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\dsquery.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\dsquery.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\dsquery.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\dsuiext.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\dsuiext.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\mydocs.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\mydocs.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\mydocs.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\System32\cscui.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\System32\cscui.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\System32\cscui.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\msagent\agentpsh.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\dfsshlex.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\photowiz.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\System32\mmcshext.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\cabview.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\PROGRA~1\OUTLOO~1\wabfind.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\wmpshell.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\wmpshell.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\wmpshell.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\mscoree.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\PROGRA~1\Logitech\Video\Namespc2.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
Wed Jul 05 21:49:43 2006 => Scanning File C:\PROGRA~1\EASYCD~1\ezcddax9.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\ieframe.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\ieframe.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\ieframe.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\ieframe.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\ieframe.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\ieframe.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\ieframe.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\ieframe.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\ieframe.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\ieframe.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\ieframe.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\ieframe.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\ieframe.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\ieframe.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\ieframe.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\ieframe.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\ieframe.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\ieframe.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\ieframe.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\ieframe.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\ieframe.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\ieframe.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\ieframe.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\ieframe.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\ieframe.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\ieframe.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\ieframe.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\ieframe.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\ieframe.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\ieframe.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\ieframe.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\PROGRA~1\ICQLite\ICQLIT~1.DLL
Wed Jul 05 21:49:43 2006 => Scanning File C:\PROGRA~1\COMMON~1\Ahead\lib\NERODI~1.DLL
Wed Jul 05 21:49:43 2006 => Scanning File C:\PROGRA~1\COMMON~1\Ahead\lib\NERODI~1.DLL
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\dfshim.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\dfshim.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\Audiodev.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\wpdshext.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\WINDOWS\system32\wpdshext.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\PROGRA~1\Symantec\NORTON~1\GhoShExt.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\PROGRA~1\ATITEC~1\ATI.ACE\atiacmxx.dll
Wed Jul 05 21:49:43 2006 => Scanning File C:\PROGRA~1\WinRAR\rarext.dll
Wed Jul 05 21:49:44 2006 => Scanning File C:\PROGRA~1\MICROS~2\OFFICE11\MLSHEXT.DLL
Wed Jul 05 21:49:44 2006 => Scanning File C:\PROGRA~1\MICROS~2\OFFICE11\OLKFSTUB.DLL
Wed Jul 05 21:49:44 2006 => Scanning File C:\PROGRA~1\MICROS~2\OFFICE11\msohev.dll
Wed Jul 05 21:49:44 2006 => Scanning File C:\PROGRA~1\ANTIVI~1\shlext.dll
Wed Jul 05 21:49:44 2006 => Scanning File C:\PROGRA~1\Logitech\SetPoint\kbcplext.dll
Wed Jul 05 21:49:44 2006 => Scanning File C:\PROGRA~1\Logitech\SetPoint\mcplext.dll

Wed Jul 05 21:49:44 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
Wed Jul 05 21:49:44 2006 => Scanning File C:\PROGRA~1\Agnitum\OUTPOS~1.0\wl_hook.dll

Wed Jul 05 21:49:44 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
Wed Jul 05 21:49:44 2006 => Scanning File C:\WINDOWS\Explorer.exe
Wed Jul 05 21:49:44 2006 => Scanning File C:\WINDOWS\system32\userinit.exe
Wed Jul 05 21:49:44 2006 => Scanning File C:\WINDOWS\system32\dskquota.dll
Wed Jul 05 21:49:44 2006 => Scanning File C:\WINDOWS\system32\iedkcs32.dll
Wed Jul 05 21:49:44 2006 => Scanning File C:\WINDOWS\system32\scecli.dll
Wed Jul 05 21:49:44 2006 => Scanning File C:\WINDOWS\system32\iedkcs32.dll
Wed Jul 05 21:49:44 2006 => Scanning File C:\WINDOWS\system32\scecli.dll
Wed Jul 05 21:49:44 2006 => Scanning File C:\WINDOWS\System32\cscui.dll
Wed Jul 05 21:49:44 2006 => Scanning File C:\WINDOWS\system32\Ati2evxx.dll
Wed Jul 05 21:49:44 2006 => Scanning File C:\WINDOWS\system32\crypt32.dll
Wed Jul 05 21:49:44 2006 => Scanning File C:\WINDOWS\system32\cryptnet.dll
Wed Jul 05 21:49:44 2006 => Scanning File C:\WINDOWS\system32\cscdll.dll
Wed Jul 05 21:49:44 2006 => Scanning File C:\WINDOWS\system32\wlnotify.dll
Wed Jul 05 21:49:44 2006 => Scanning File C:\WINDOWS\system32\wlnotify.dll
Wed Jul 05 21:49:44 2006 => Scanning File C:\WINDOWS\system32\sclgntfy.dll
Wed Jul 05 21:49:44 2006 => Scanning File C:\WINDOWS\system32\WlNotify.dll
Wed Jul 05 21:49:44 2006 => Scanning File C:\WINDOWS\system32\wlnotify.dll
Wed Jul 05 21:49:44 2006 => Scanning File C:\WINDOWS\system32\WgaLogon.dll
Wed Jul 05 21:49:44 2006 => Scanning File C:\WINDOWS\system32\wlnotify.dll

Wed Jul 05 21:49:44 2006 => Scanning HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon

Wed Jul 05 21:49:44 2006 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System

Wed Jul 05 21:49:44 2006 => Scanning HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows

Wed Jul 05 21:49:44 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AEDEBUG
Wed Jul 05 21:49:44 2006 => Scanning File C:\WINDOWS\system32\drwtsn32.exe

Wed Jul 05 21:49:44 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
Wed Jul 05 21:49:44 2006 => Scanning File C:\WINDOWS\system32\ntsd.exe

Wed Jul 05 21:49:44 2006 => Scanning HKCU\Control Panel\Desktop

Wed Jul 05 21:49:44 2006 => Scanning HKLM\SYSTEM\CurrentControlSet\Control\WOW
Wed Jul 05 21:49:44 2006 => Scanning File C:\WINDOWS\system32\ntvdm.exe
Wed Jul 05 21:49:44 2006 => Scanning File C:\WINDOWS\system32\ntvdm.exe

Wed Jul 05 21:49:44 2006 => Scanning HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components
Wed Jul 05 21:49:44 2006 => Scanning File C:\WINDOWS\inf\unregmp2.exe
Wed Jul 05 21:49:44 2006 => Scanning File C:\PROGRA~1\INTERN~1\iexplore.exe
Wed Jul 05 21:49:44 2006 => Scanning File C:\WINDOWS\system32\RunDLL32.exe
Wed Jul 05 21:49:44 2006 => Scanning File C:\WINDOWS\system32\shmgrate.exe
Wed Jul 05 21:49:44 2006 => Scanning File C:\WINDOWS\system32\regsvr32.exe
Wed Jul 05 21:49:44 2006 => Scanning File C:\PROGRA~1\OUTLOO~1\setup50.exe
Wed Jul 05 21:49:44 2006 => Scanning File C:\WINDOWS\system32\rundll32.exe
Wed Jul 05 21:49:44 2006 => Scanning File C:\WINDOWS\system32\rundll32.exe
Wed Jul 05 21:49:44 2006 => Scanning File C:\WINDOWS\system32\rundll32.exe
Wed Jul 05 21:49:44 2006 => Scanning File C:\PROGRA~1\OUTLOO~1\setup50.exe
Wed Jul 05 21:49:44 2006 => Scanning File C:\WINDOWS\system32\regsvr32.exe
Wed Jul 05 21:49:44 2006 => Scanning File C:\WINDOWS\system32\ie4uinit.exe
Wed Jul 05 21:49:44 2006 => Scanning File C:\WINDOWS\system32\Rundll32.exe

Wed Jul 05 21:49:44 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run

Wed Jul 05 21:49:44 2006 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run

Wed Jul 05 21:49:44 2006 => Scanning HKLM\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Run

Wed Jul 05 21:49:44 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Run

Wed Jul 05 21:49:44 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Wed Jul 05 21:49:44 2006 => Scanning File C:\PROGRA~1\ConMet\ConMet.exe
Wed Jul 05 21:49:44 2006 => Scanning File C:\PROGRA~1\ANTIVI~1\avgnt.exe
Wed Jul 05 21:49:44 2006 => Scanning File C:\WINDOWS\KHALMNPR.EXE

Wed Jul 05 21:49:44 2
AsusP5B,C2D E6400 2,13@3,0GHz,OCZ OpsEd 667@800Mhz 3×1GB, 250GB Maxtor+4×500GB WD,nVidia8800GTX,SB X-Fi ProGamerFatality,Samsung 22"LCD,Logitech 5.1 Z5500,2×DVD+RW,NZXT Apollo,Corsair 520W,LogitechG5+G7,Vista64bitUltimate+XP32bitHome+LinuxSuse64bit
Nahoru
Uživatelský avatar
mijaja
Tvůrce článků
Level 6.5
Level 6.5
Příspěvky: 4136
Registrován: září 05
Bydliště: Zlín
Pohlaví: Muž
Stav:
Offline
Kontakt:
Kontaktovat uživatele mijaja

Příspěvekod mijaja » 06 črc 2006 10:32

Stáhni si LSPFix a spusť jej. V okně zatrhni čtvereček u volby I know what i'm doing a zaktivují se ti šipečky mezi okny. Potom dole v levém okně označ (zamodři ) to, co bude mít název avsda.dll a šipkama >> jej přesuň do pravého okna. Až to budeš mít, klikni dole na tlačítko Finish. Ale pozor nesmíš přesunout nic jiného, protože by sis mohl zlikvidovat internet.

Až to budeš mít, spusť znovu HijackThis a zaškrtni v něm okénka před řádky:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O4 - Global Startup: Logitech SetPoint.lnk = ?

Fixni to.

K logu z mwavu (že jsi nečetl návod?):evil:

cws.loadadv.400 Browser Hijacker ({5e2121ee-0300-11d4-8d3b-444553540000}) - některý z těchto klíčů (nebo i více) tam bude:

HKCR\CLSID\{5E2121EE-0300-11D4-8D3B-444553540000} High
HKCR\CLSID\{5E2121EE-0300-11D4-8D3B-444553540000}\InprocServer32 High
HKCR\CLSID\{5E2121EE-0300-11D4-8D3B-444553540000}\ProgID High
HKCR\CLSID\{5E2121EE-0300-11D4-8D3B-444553540000}\Programmable High
HKCR\CLSID\{5E2121EE-0300-11D4-8D3B-444553540000}\TypeLib High
HKCR\CLSID\{5E2121EE-0300-11D4-8D3B-444553540000}\VersionIndependentProgID High
HKCR\Interface\(5E2121ED-0300-11D4-8D3B-444553540000)
HKCR\*\shellex\ContextMenuHandlers\sysacpildap(default)(5E2121EE-0300-11D4-8D3B-444553540000)
HKLM\Software\Classes\CLSID\{5E2121EE-0300-11D4-8D3B-444553540000}]
HKLM\Software\Classes\CLSID\{5E2121EE-0300-11D4-8D3B-444553540000}\InprocServer32]
HKLM\Software\Classes\CLSID\{5E2121EE-0300-11D4-8D3B-444553540000}\ProgID]
HKLM\Software\Classes\CLSID\{5E2121EE-0300-11D4-8D3B-444553540000}\Programmable]
HKLM\Software\Classes\CLSID\{5E2121EE-0300-11D4-8D3B-444553540000}\TypeLib]
HKLM\Software\Classes\CLSID\{5E2121EE-0300-11D4-8D3B-444553540000}\TypeLib]
@="{5E2121EE-0300-11D4-8D3B-444553540000}"
HKLM\Software\Classes\CLSID\{5E2121EE-0300-11D4-8D3B-444553540000}\VersionIndependentProgID]
HKLM\Software\Classes\Directory\Background\shellex\ContextMenuHandlers]
@="{5E2121EE-0300-11D4-8D3B-444553540000}"
HKLM\Software\Classes\Directory\Background\shellex\ContextMenuHandlers\ACE]
@="{5E2121EE-0300-11D4-8D3B-444553540000}"
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
"{5E2121EE-0300-11D4-8D3B-444553540000}"="Catalyst Context Menu extension"
[HKCU\S-1-5-21-1632054475-293941465-2208403423-1005\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached]
"{5E2121EE-0300-11D4-8D3B-444553540000} {000214E8-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,36,00,0e,68,28,16,e7,5f,c6,01

Najdi a vymaž.
Tohle je ale jen ten první záznam ze mwavu. Ty další, ohledně styleXP teda řešit nebudeme.:evil:
Ten log (sice neúplný) je jinak bez chyby.

Ale kde je zbytek logu mwavu - hlavně ta konečná tabulka? :evil: :evil: :evil:
Nahoru
Uživatelský avatar
marcucci
Level 3
Level 3
Příspěvky: 404
Registrován: duben 05
Bydliště: Ireland
Pohlaví: Nespecifikováno
Stav:
Offline
Kontakt:
Kontaktovat uživatele marcucci

Příspěvekod marcucci » 06 črc 2006 20:54

Tak tos me dostal!Opravdu jsem navod necetl.Tady je novy HJT,po zasahu LSPFix:

Logfile of HijackThis v1.99.1
Scan saved at 19:44:00, on 6.7.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5296.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ConMet\ConMet.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Agnitum\Outpost Firewall 1.0\outpost.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\Rainlendar\Rainlendar.exe
C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\AntiVir PersonalEdition Premium\avguard.exe
C:\Program Files\AntiVir PersonalEdition Premium\avesvc.exe
C:\Program Files\AntiVir PersonalEdition Premium\avmailc.exe
C:\Program Files\AntiVir PersonalEdition Premium\avgnt.exe
C:\Program Files\AntiVir PersonalEdition Premium\sched.exe
D:\Instalace\Správa PC\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=55245&clcid={SUB_CLCID}
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
O4 - HKLM\..\Run: [ConMet] C:\Program Files\ConMet\ConMet.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Premium\avgnt.exe" /min
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O4 - Startup: Zástupce - Rainlendar.lnk = C:\Program Files\Rainlendar\Rainlendar.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O4 - Global Startup: Outpost Firewall.lnk = C:\Program Files\Agnitum\Outpost Firewall 1.0\outpost.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 8142890762
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 8143074277
O20 - AppInit_DLLs: C:\PROGRA~1\Agnitum\OUTPOS~1.0\wl_hook.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AntiVir PersonalEdition Premium MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Premium\avmailc.exe
O23 - Service: AntiVir PersonalEdition Premium Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Premium\sched.exe
O23 - Service: AntiVir PersonalEdition Premium Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Premium\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AntiVir PersonalEdition Premium MailGuard helper service (AVEService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Premium\avesvc.exe
O23 - Service: GhostStartService - Symantec Corporation - C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum Ltd. - C:\PROGRA~1\Agnitum\OUTPOS~1.0\outpost.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe

A ten O4 - Global Startup: Logitech SetPoint.lnk = ? mazat nebudu,uplne mi to odstavi mys.Uz jsem to jednou udelal.Dal jsem ji preinstalovat,a ona se porad znaci takhle.
A tohle nevim kde mam najit a vymazat,pres MWAV to nejde ne?,a v HJT jsem nic takoveho nenasel:


cws.loadadv.400 Browser Hijacker ({5e2121ee-0300-11d4-8d3b-444553540000}) - některý z těchto klíčů (nebo i více) tam bude:

HKCR\CLSID\{5E2121EE-0300-11D4-8D3B-444553540000} High
HKCR\CLSID\{5E2121EE-0300-11D4-8D3B-444553540000}\InprocServer32 High
HKCR\CLSID\{5E2121EE-0300-11D4-8D3B-444553540000}\ProgID High
HKCR\CLSID\{5E2121EE-0300-11D4-8D3B-444553540000}\Programmable High
HKCR\CLSID\{5E2121EE-0300-11D4-8D3B-444553540000}\TypeLib High
HKCR\CLSID\{5E2121EE-0300-11D4-8D3B-444553540000}\VersionIndependentProgID High
HKCR\Interface\(5E2121ED-0300-11D4-8D3B-444553540000)
HKCR\*\shellex\ContextMenuHandlers\sysacpildap(default)(5E2121EE-0300-11D4-8D3B-444553540000)
HKLM\Software\Classes\CLSID\{5E2121EE-0300-11D4-8D3B-444553540000}]
HKLM\Software\Classes\CLSID\{5E2121EE-0300-11D4-8D3B-444553540000}\InprocServer32]
HKLM\Software\Classes\CLSID\{5E2121EE-0300-11D4-8D3B-444553540000}\ProgID]
HKLM\Software\Classes\CLSID\{5E2121EE-0300-11D4-8D3B-444553540000}\Programmable]
HKLM\Software\Classes\CLSID\{5E2121EE-0300-11D4-8D3B-444553540000}\TypeLib]
HKLM\Software\Classes\CLSID\{5E2121EE-0300-11D4-8D3B-444553540000}\TypeLib]
@="{5E2121EE-0300-11D4-8D3B-444553540000}"
HKLM\Software\Classes\CLSID\{5E2121EE-0300-11D4-8D3B-444553540000}\VersionIndependentProgID]
HKLM\Software\Classes\Directory\Background\shellex\ContextMenuHandlers]
@="{5E2121EE-0300-11D4-8D3B-444553540000}"
HKLM\Software\Classes\Directory\Background\shellex\ContextMenuHandlers\ACE]
@="{5E2121EE-0300-11D4-8D3B-444553540000}"
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
"{5E2121EE-0300-11D4-8D3B-444553540000}"="Catalyst Context Menu extension"
[HKCU\S-1-5-21-1632054475-293941465-2208403423-1005\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached]
"{5E2121EE-0300-11D4-8D3B-444553540000} {000214E8-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,36,00,0e,68,28,16,e7,5f,c6,01

Najdi a vymaž.


A tady je ten druhy zaznam z MWAVu:
Thu Jul 06 19:09:41 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\virus.aviWed Jul 05 21:51:58 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\Spyware.sdb
Wed Jul 05 22:15:35 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\Spyware.sdb
Thu Jul 06 19:16:04 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\riskware.avc
Wed Jul 05 21:49:23 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\virus.avi
Wed Jul 05 21:51:59 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\virus.avi
Wed Jul 05 21:51:59 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\virus004.avc
Wed Jul 05 21:51:59 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\virus005.avc
Wed Jul 05 21:51:59 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\virus006.avc
Wed Jul 05 21:51:59 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\virus007.avc
Wed Jul 05 21:51:59 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\virus008.avc
Wed Jul 05 21:51:59 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\virus009.avc
Wed Jul 05 21:51:59 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\virus010.avc
Wed Jul 05 21:51:59 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\virus011.avc
Wed Jul 05 21:51:59 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\virus012.avc
Wed Jul 05 21:51:59 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\virus013.avc
Wed Jul 05 21:51:59 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\virus014.avc
Wed Jul 05 21:51:59 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\virus015.avc
Wed Jul 05 21:51:59 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\virus016.avc
Wed Jul 05 21:51:59 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\virus017.avc
Wed Jul 05 21:51:59 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\virus018.avc
Wed Jul 05 21:51:59 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\virus019.avc
Wed Jul 05 21:51:59 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\virus020.avc
Wed Jul 05 22:13:25 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\virus.aviWed
Jul 05 22:15:36 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\virus.avi
Wed Jul 05 22:15:36 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\virus004.avc
Wed Jul 05 22:15:36 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\virus005.avc
Wed Jul 05 22:15:36 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\virus006.avc
Wed Jul 05 22:15:36 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\virus007.avc
Wed Jul 05 22:15:36 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\virus008.avc
Wed Jul 05 22:15:36 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\virus009.avc
Wed Jul 05 22:15:36 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\virus010.avc
Wed Jul 05 22:15:36 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\virus011.avc
Wed Jul 05 22:15:36 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\virus012.avc
Wed Jul 05 22:15:36 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\virus013.avc
Wed Jul 05 22:15:36 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\virus014.avc
Wed Jul 05 22:15:36 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\virus015.avc
Wed Jul 05 22:15:36 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\virus016.avc
Wed Jul 05 22:15:36 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\virus017.avc
Wed Jul 05 22:15:36 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\virus018.avc
Wed Jul 05 22:15:36 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\virus019.avc
Wed Jul 05 22:15:36 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\virus020.avc
Thu Jul 06 19:16:06 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\virus.avi
Thu Jul 06 19:16:06 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\virus004.avc
Thu Jul 06 19:16:06 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\virus005.avc
Thu Jul 06 19:16:06 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\virus006.avc
Thu Jul 06 19:16:06 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\virus007.avc
Thu Jul 06 19:16:06 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\virus008.avc
Thu Jul 06 19:16:06 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\virus009.avc
Thu Jul 06 19:16:06 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\virus010.avc
Thu Jul 06 19:16:06 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\virus011.avc
Thu Jul 06 19:16:06 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\virus012.avc
Thu Jul 06 19:16:06 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\virus013.avc
Thu Jul 06 19:16:06 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\virus014.avc
Thu Jul 06 19:16:06 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\virus015.avc
Thu Jul 06 19:16:06 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\virus016.avc
Thu Jul 06 19:16:06 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\virus017.avc
Thu Jul 06 19:16:06 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\virus018.avc
Thu Jul 06 19:16:06 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\virus019.avc
Thu Jul 06 19:16:06 2006 => Scanning File C:\DOCUME~1\Marcucci\LOCALS~1\Temp\virus020.avc



Thu Jul 06 19:16:06 2006 => ***** Scanning complete. *****

Thu Jul 06 19:16:06 2006 => Total Objects Scanned: 15984
Thu Jul 06 19:16:06 2006 => Total Critical Objects: 3
Thu Jul 06 19:16:06 2006 => Total Disinfected Objects: 0
Thu Jul 06 19:16:06 2006 => Total Objects Renamed: 0
Thu Jul 06 19:16:06 2006 => Total Deleted Objects: 0
Thu Jul 06 19:16:06 2006 => Total Errors: 1
Thu Jul 06 19:16:06 2006 => Time Elapsed: 00:02:41
Thu Jul 06 19:16:06 2006 => Virus Database Date: 7/6/2006
Thu Jul 06 19:16:06 2006 => Virus Database Count: 205310

Thu Jul 06 19:16:06 2006 => Scan Completed.

Doufam ze uz je to dobre,v tomhle vypisu MWAVu jsem vynechaval veci ktere se tykali Outpostu a Ad-Aware.Snad jsem neudelal kopanec,kdyztak me nakopni ty :evil: :cry: :evil: !
Zatim dikec
AsusP5B,C2D E6400 2,13@3,0GHz,OCZ OpsEd 667@800Mhz 3×1GB, 250GB Maxtor+4×500GB WD,nVidia8800GTX,SB X-Fi ProGamerFatality,Samsung 22"LCD,Logitech 5.1 Z5500,2×DVD+RW,NZXT Apollo,Corsair 520W,LogitechG5+G7,Vista64bitUltimate+XP32bitHome+LinuxSuse64bit
Nahoru
Uživatelský avatar
mijaja
Tvůrce článků
Level 6.5
Level 6.5
Příspěvky: 4136
Registrován: září 05
Bydliště: Zlín
Pohlaví: Muž
Stav:
Offline
Kontakt:
Kontaktovat uživatele mijaja

Příspěvekod mijaja » 06 črc 2006 21:30

Dobrý, takže je to v pořádku. Log HJT je OK a v Mwavu už taky nic, co bychom nevěděli.

C:\DOCUME~1\Marcucci\LOCALS~1\Temp\Spyware.sdb - celý adresář Temp vyprázdni.

To, co jsem ti napsal, a co jsi citoval (ať to potřetí nekopírujeme) je zápis registrových klíčů. Měl bys spustit editor registrů a v něm ty klíče najít. ALE. Ten záznam z mwavu mluví jen o jeho klíči (cws.loadadvare.400 Browser Hijacker) a ne o přítomnosti nebezpečného souboru, tak bych to s ohledem na to, že bys do registrů šel asi poprvé, raději nechal být. Lze tam totiž nadělat hodně škody a tohle není zas tak zoufalá situace, abychom to riskli. Tenhle šmejd - cws.loadadv.400 Browser Hijacker - je z rodiny CoolWebbSearchu, tak si na něj stáhni CWSHredder a on by si s těmi pozůstatky měl poradit.
Nahoru
Uživatelský avatar
marcucci
Level 3
Level 3
Příspěvky: 404
Registrován: duben 05
Bydliště: Ireland
Pohlaví: Nespecifikováno
Stav:
Offline
Kontakt:
Kontaktovat uživatele marcucci

Příspěvekod marcucci » 06 črc 2006 22:35

CWSHredder mi nic nenasel.V registrech bych poprve nebyl ale nejsem ani odbornik,tak to zatim necham a pokusim se o to az budu mit cas.Ale z C:\DOCUME~1\Marcucci\LOCALS~1\Temp\ mi nejdou odstranit tyhle polozky:
BCG178.tmp
JET4B5F.tmp
Perflib_Perfdata_174
Perflib_Perfdata_f00
Perflib_Perfdata_f0c
Snad to neva.Dik za tvuj cas "doktore"!!!
AsusP5B,C2D E6400 2,13@3,0GHz,OCZ OpsEd 667@800Mhz 3×1GB, 250GB Maxtor+4×500GB WD,nVidia8800GTX,SB X-Fi ProGamerFatality,Samsung 22"LCD,Logitech 5.1 Z5500,2×DVD+RW,NZXT Apollo,Corsair 520W,LogitechG5+G7,Vista64bitUltimate+XP32bitHome+LinuxSuse64bit
Nahoru
Uživatelský avatar
mijaja
Tvůrce článků
Level 6.5
Level 6.5
Příspěvky: 4136
Registrován: září 05
Bydliště: Zlín
Pohlaví: Muž
Stav:
Offline
Kontakt:
Kontaktovat uživatele mijaja

Příspěvekod mijaja » 07 črc 2006 09:33

Tyhle položky už nevadí - mohl bys je sestřelit Killboxem.
Nahoru
Odpovědět

Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 8 hostů