Content Top
DAL Computer Help » Internet Issues Including Security » Spyware, Adware, Viruses and HijackThis Logs » New member need some help....(RESOLVED)

New member need some help....(RESOLVED)

HEY! You're not logged in which is fine if you simply want to browse for answers, however if you want to post your own Questions and hangout here you need to Register! ...Registration takes 2 minutes and is completely free. If you have already registered simply log in using the form to the right.

Reply
Page 1 of 3 1 23 >
Thread Tools
Spyware, Adware, Viruses and HijackThis Logs
Old 30-07-2006, 04:38 AM   #1 (permalink)
D-A-L Newbie
 
Status: Newbie
Join Date: Jul 2006
Posts: 15
 Discusman Is a beginner here at D-A-L



Discusman is offline  
New member need some help....(RESOLVED)
Hi guys,

I'm new here and my computer has been hit alot of spywares also windows hijack.

I have also tried many spyware remover programs such as Adware Personal Edition, HiJackThis and CleanUp, etc.

But one entry in HiJackThis logfile can't never go away..

O2 - BHO: Vision - {6671A431-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\mmsass~1.dll (file missing)


Can anyone help me remove it? Thanks.


Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote

Advertisement - Register to remove Ads its free!

Old 30-07-2006, 10:33 PM   #2 (permalink)
 
Neal's Avatar
 
Status: Senior Member
Join Date: Sep 2005
Posts: 5,016
 Neal is beginning to become part of the furnitureNeal is beginning to become part of the furnitureNeal is beginning to become part of the furnitureNeal is beginning to become part of the furnitureNeal is beginning to become part of the furnitureNeal is beginning to become part of the furnitureNeal is beginning to become part of the furnitureNeal is beginning to become part of the furnitureNeal is beginning to become part of the furnitureNeal is beginning to become part of the furnitureNeal is beginning to become part of the furniture



Neal is offline  
Re: New member need some help....
Welcome to DAL,


Go here Read This First - IMPORTANT Instructions


Post a hijackthis log from the link provided there so we can take a look.
__________________
Stalking and killing Spyware

Have we helped you? Please consider a donation to help keep D-A-L free. Click on donate below



MALWARE: READ FIRST Procedures:
|_ SpyBot V1.5 _|_ HijackThis Log __V2.0.2 _|



ASAP: promoting a high standard and quality of security support no matter where you seek help.



Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
Old 31-07-2006, 02:49 AM   #3 (permalink)
D-A-L Newbie
 
Status: Newbie
Join Date: Jul 2006
Posts: 15
 Discusman Is a beginner here at D-A-L



Discusman is offline  
Re: New member need some help....
Quote:
Originally Posted by Neal
Welcome to DAL,


Go here Read This First - IMPORTANT Instructions


Post a hijackthis log from the link provided there so we can take a look.
Ok, I have followed the instructions posted on the other thread and scanned my pc with spybot. It founds several entries. It couldn't delete one because it says it is in memory. I rebooted the pc and tried to remove it before it finish loading the window, but it still couldn't remove it. It's Adware.MMSAssist.

I scanned the pc with hijackthis, here is the logfile:
Logfile of HijackThis v1.99.1
Scan saved at 9:39:59 PM, on 7/30/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\HiJackThisProgram\HijackThis.exe

N3 - Netscape 7: user_pref("browser.startup.homepage", "http://www.nyc-discusfanatics.com/face/dragonball/Forum/ForumIndex.asp"); (C:\Documents and Settings\Vincent\Application Data\Mozilla\Profiles\default\wlcrlkcq.slt\prefs.j s)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csea rchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\Vincent\Application Data\Mozilla\Profiles\default\wlcrlkcq.slt\prefs.j s)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Vision - {6671A431-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\mmsass~1.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [YLive.exe] C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [OfotoNow USB Detection] C:\WINDOWS\system32\RunDLL32.exe C:\PROGRA~1\Ofoto\OfotoNow\OFUSBS.DLL,WatchForConn ection OfotoNow
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Search - http://km.bar.need2find.com/KM/menusearch.html?p=KM
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Open using &Advanced JPEG Compressor - C:\Program Files\Advanced JPEG Compressor\ajcieex.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www.snapfish.com/SnapfishActivia.cab
O16 - DPF: {488A4255-3236-44B3-8F27-FA1AECAA8844} (CEditCtrl Object) - https://img.alipay.com/download/1007/aliedit.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/acti..._v1-0-3-36.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://derlingalexandra.spaces.msn.c...d/MsnPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.co...?1094655009578
O16 - DPF: {65FDEDF3-8ED9-4F5B-825E-18C2D44191A7} (OneCCCtl Class) - https://as00.estara.com/UI/proxyhttp...45515OneCC.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {97438FE9-D361-4279-BA82-98CC0877A717} (Cubis Control) - http://www.worldwinner.com/games/v55/cubis/cubis.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab
O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/radio/amp...1.11_en_dl.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10...o.cab34246.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yaho...tocomplete.cab
O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://zone.msn.com/bingame/feed/def...utLauncher.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://zone.msn.com/bingame/zuma/def...ploader_v6.cab
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by105fd.bay105.hotmail.msn.co...x/HMAtchmt.ocx
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

I also went to BitDefender website did an online scan.
It found this:

Scan Info

Scanned Files 320970

Infected Files 98



Virus Detected

Win32.Sober.P@mm 4

MemScan:Adware.Betterinternet.BD 1

Trojan.Clicker.Agent.AM 90

Application.ProcKill.Jk 1

Trojan.Clicker.Agent.GV 2


Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
Old 31-07-2006, 04:55 AM   #4 (permalink)
 
Neal's Avatar
 
Status: Senior Member
Join Date: Sep 2005
Posts: 5,016
 Neal is beginning to become part of the furnitureNeal is beginning to become part of the furnitureNeal is beginning to become part of the furnitureNeal is beginning to become part of the furnitureNeal is beginning to become part of the furnitureNeal is beginning to become part of the furnitureNeal is beginning to become part of the furnitureNeal is beginning to become part of the furnitureNeal is beginning to become part of the furnitureNeal is beginning to become part of the furnitureNeal is beginning to become part of the furniture



Neal is offline  
Re: New member need some help....
Hi and thanks,


I need to see the scan logs from BitDefender and Ewido. If you did not save them please re-scan and post the logs so I can make sure everything was deleted and what was found. Certain infections will come back after the computer is rebooted. Thanks.
__________________
Stalking and killing Spyware

Have we helped you? Please consider a donation to help keep D-A-L free. Click on donate below



MALWARE: READ FIRST Procedures:
|_ SpyBot V1.5 _|_ HijackThis Log __V2.0.2 _|



ASAP: promoting a high standard and quality of security support no matter where you seek help.



Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
Old 31-07-2006, 05:18 PM   #5 (permalink)
D-A-L Newbie
 
Status: Newbie
Join Date: Jul 2006
Posts: 15
 Discusman Is a beginner here at D-A-L



Discusman is offline  
Re: New member need some help....
---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 12:02:22 PM 7/31/2006

+ Scan result:



HKLM\SOFTWARE\Classes\CLSID\{6671A431-5C3D-463d-A7CF-5587F9B7E191} -> Adware.Generic : No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{6671A431-5C3D-463d-A7CF-5587F9B7E191} -> Adware.Generic : No action taken.
HKU\S-1-5-21-776561741-299502267-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{6671A431-5C3D-463D-A7CF-5587F9B7E191} -> Adware.Generic : No action taken.
:mozilla.52:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\ah8y5g4e.default\coo kies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.53:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\ah8y5g4e.default\coo kies.txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Vincent\Cookies\vincent@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
:mozilla.69:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\ah8y5g4e.default\coo kies.txt -> TrackingCookie.Adserver : No action taken.
:mozilla.70:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\ah8y5g4e.default\coo kies.txt -> TrackingCookie.Adserver : No action taken.
:mozilla.43:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\ah8y5g4e.default\coo kies.txt -> TrackingCookie.Atdmt : No action taken.
C:\Documents and Settings\Vincent\Cookies\vincent@atdmt[2].txt -> TrackingCookie.Atdmt : No action taken.
:mozilla.9:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\ah8y5g4e.default\coo kies.txt -> TrackingCookie.Doubleclick : No action taken.
C:\Documents and Settings\Vincent\Cookies\vincent@doubleclick[1].txt -> TrackingCookie.Doubleclick : No action taken.
:mozilla.95:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\ah8y5g4e.default\coo kies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.46:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\ah8y5g4e.default\coo kies.txt -> TrackingCookie.Mediaplex : No action taken.
:mozilla.10:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\ah8y5g4e.default\coo kies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.11:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\ah8y5g4e.default\coo kies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.12:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\ah8y5g4e.default\coo kies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.78:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\ah8y5g4e.default\coo kies.txt -> TrackingCookie.Questionmarket : No action taken.
:mozilla.79:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\ah8y5g4e.default\coo kies.txt -> TrackingCookie.Questionmarket : No action taken.
:mozilla.22:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\ah8y5g4e.default\coo kies.txt -> TrackingCookie.Tribalfusion : No action taken.
:mozilla.23:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\ah8y5g4e.default\coo kies.txt -> TrackingCookie.Tribalfusion : No action taken.
:mozilla.89:C:\Documents and Settings\Vincent\Application Data\Mozilla\Firefox\Profiles\ah8y5g4e.default\coo kies.txt -> TrackingCookie.Tribalfusion : No action taken.


::Report end

I saved logfile from BitDefender as txt file.
Now I see all the html tags.
Does this website allow html tags in posting?
Thanks.


Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
Old 31-07-2006, 05:24 PM   #6 (permalink)
D-A-L Newbie
 
Status: Newbie
Join Date: Jul 2006
Posts: 15
 Discusman Is a beginner here at D-A-L



Discusman is offline  
Re: New member need some help....
here is the logfile from the BitDefender. I don't know if you can see it or not.


HTML Code:
<HTML>
<HEAD>
<TITLE>BitDefender Online Scanner -Scan Report</TITLE>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<meta name="generator" content="Namo WebEditor v5.0(Trial)">
</HEAD>
<BODY BGCOLOR=#FFFFFF  leftmargin="10" marginwidth="0" topmargin="20" marginheight="0" >


<table align="center" border="0" cellpadding="0" cellspacing="0" width="90%">
    <tr>
        <td width="458">
            <p><font face="Arial" color=red><span style="font-size:14pt;"><b>BitDefender 
            Online Scanner</b></span></font></p>
        </td>
        <td width="40%">
            <p>&nbsp;</p>
        </td>
        <td width="10%">
            <p>&nbsp;</p>
        </td>
    </tr>
    <tr>
        <td colspan="3" width="912">
            <p><font face="Arial"><span style="font-size:11pt;"><B>Scan report generated 
            at: Mon, Jul 31, 2006 - 11:17:50</b></span></font></p>
        </td>
    </tr>

	<tr>
        <td width="458">
            <p><font face="Arial"><span style="font-size:11pt;"><B>&nbsp;</b></span></font></p>
        </td>
        <td width="40%">
            <p>&nbsp;</p>
        </td>
        <td width="10%">
            <p>&nbsp;</p>
        </td>
    </tr>

	<tr>
        <td width="458">
            <p><font face="Arial"><span style="font-size:11pt;"><B>Scan 
            path: </b></span><span style="font-size:10pt;">A:\;C:\;D:\;E:\;F:\;</span></font></p>
        </td>
        <td width="40%">
            <p>&nbsp;</p>
        </td>
        <td width="10%">
            <p>&nbsp;</p>
        </td>
    </tr>

	<tr>
        <td width="458">
            <p><font face="Arial"><span style="font-size:11pt;"><B>&nbsp;</b></span></font></p>
        </td>
        <td width="40%">
            <p>&nbsp;</p>
        </td>
        <td width="10%">
            <p>&nbsp;</p>
        </td>
    </tr>

    <tr>
        <td width="458">
                <table border="1" cellspacing="0" bordercolordark="white" bordercolorlight="black" width="100%">
                    <tr>
                        <td width="451" colspan="2" bgcolor="#CCCCCC">
                            <p><font face="Arial" size="2"><B>Statistics</b></font></p>
                        </td>
                    </tr>
                    <tr>
                        <td width="57%">
                            <p><font face="Arial" size="2">Time</font></p>
                        </td>
                        <td width="43%" align="right">
                            <p><font face="Arial" size="2">01:42:02</font></p>
                        </td>
                    </tr>
                    <tr>
                        <td width="57%">
                            <p><font face="Arial" size="2">Files</font></p>
                        </td>
                        <td width="43%" align="right">
                            <p><font face="Arial" size="2">321139</font></p>
                        </td>
                    </tr>
                    <tr>
                        <td width="57%">
                            <p><font face="Arial" size="2">Folders</font></p>
                        </td>
                        <td width="43%" align="right">
                            <p><font face="Arial" size="2">5925</font></p>
                        </td>
                    </tr>
                    <tr>
                        <td width="57%">
                            <p><font face="Arial" size="2">Boot Sectors</font></p>
                        </td>
                        <td width="43%" align="right">
                            <p><font face="Arial" size="2">4</font></p>
                        </td>
                    </tr>
                    <tr>
                        <td width="57%">
                            <p><font face="Arial" size="2">Archives</font></p>
                        </td>
                        <td width="43%" align="right">
                            <p><font face="Arial" size="2">4271</font></p>
                        </td>
                    </tr>
                    <tr>
                        <td width="57%">
                            <p><font face="Arial" size="2">Packed Files</font></p>
                        </td>
                        <td width="43%" align="right">
                            <p><font face="Arial" size="2">20754</font></p>
                        </td>
                    </tr>
                </table>
        </td>
        <td width="40%">
            <p>&nbsp;</p>
        </td>
        <td width="10%">
            <p>&nbsp;</p>
        </td>
    </tr>

   

	<tr>
        <td width="458">
                <table border="1" cellspacing="0" bordercolordark="white" bordercolorlight="black" width="100%">
                    <tr>
                        <td width="451" colspan="2" bgcolor="#CCCCCC">
                            <p><font face="Arial" size="2"><B>Results</b></font></p>
                        </td>
                    </tr>
                    <tr>
                        <td width="57%">
                        <p><font face="Arial" size="2">Identified Viruses </font></p>
                        </td>
                        <td width="43%" align="right">
                            <p><font face="Arial" size="2">2</font></p>
                        </td>
                    </tr>
                    <tr>
                        <td width="57%">
                        <p><font face="Arial" size="2">Infected Files </font></p>
                        </td>
                        <td width="43%" align="right">
                            <p><font face="Arial" size="2">5</font></p>
                        </td>
                    </tr>
                    <tr>
                        <td width="57%">
                        <p><font face="Arial" size="2">Suspect&nbsp;Files </font></p>
                        </td>
                        <td width="43%" align="right">
                            <p><font face="Arial" size="2">0</font></p>
                        </td>
                    </tr>
                    <tr>
                        <td width="57%">
                            <p><font face="Arial" size="2">Warnings</font></p>
                        </td>
                        <td width="43%" align="right">
                            <p><font face="Arial" size="2">0</font></p>
                        </td>
                    </tr>
                    <tr>
                        <td width="57%">
                            <p><font face="Arial" size="2">Disinfected</font></p>
                        </td>
                        <td width="43%" align="right">
                            <p><font face="Arial" size="2">0</font></p>
                        </td>
                    </tr>
                    <tr>
                        <td width="57%">
                            <p><font face="Arial" size="2">Deleted Files</font></p>
                        </td>
                        <td width="43%" align="right">
                            <p><font face="Arial" size="2">5</font></p>
                        </td>
                    </tr>
                </table>
        </td>
        <td width="40%">
            <p>&nbsp;</p>
        </td>
        <td width="10%">
            <p>&nbsp;</p>
        </td>
    </tr>

	<tr>
        <td width="458">
                <table border="1" cellspacing="0" bordercolordark="white" bordercolorlight="black" width="100%">
                    <tr>
                        <td width="451" colspan="2" bgcolor="#CCCCCC">
                            <p><font face="Arial" size="2"><B>Engines Info</b></font></p>
                        </td>
                    </tr>
                    <tr>
                        <td width="57%">
                        <p><font face="Arial" size="2">Virus Definitions</font></p>
                        </td>
                        <td width="43%" align="right">
                            <p><font face="Arial" size="2">425545</font></p>
                        </td>
                    </tr>
                    <tr>
                        <td width="57%">
                        <p><font face="Arial" size="2">Engine build</font></p>
                        </td>
                        <td width="43%" align="right">
                            <p><font face="Arial" size="2">AVCORE v1.0 (build 2310) (i386) (Apr 17 2006 16:24:38)</font></p>
                        </td>
                    </tr>
                    <tr>
                        <td width="57%">
                            <p><font face="Arial" size="2">Scan plugins</font></p>
                        </td>
                        <td width="43%" align="right">
                            <p><font face="Arial" size="2">13</font></p>
                        </td>
                    </tr>
                    <tr>
                        <td width="57%">
                            <p><font face="Arial" size="2">Archive plugins</font></p>
                        </td>
                        <td width="43%" align="right">
                            <p><font face="Arial" size="2">39</font></p>
                        </td>
                    </tr>
                    <tr>
                        <td width="57%">
                            <p><font face="Arial" size="2">Unpack plugins</font></p>
                        </td>
                        <td width="43%" align="right">
                            <p><font face="Arial" size="2">5</font></p>
                        </td>
                    </tr>
                    <tr>
                        <td width="57%">
                            <p><font face="Arial" size="2">E-mail plugins</font></p>
                        </td>
                        <td width="43%" align="right">
                            <p><font face="Arial" size="2">6</font></p>
                        </td>
                    </tr>
                    <tr>
                        <td width="57%">
                            <p><font face="Arial" size="2">System&nbsp;plugins</font></p>
                        </td>
                        <td width="43%" align="right">
                            <p><font face="Arial" size="2">1</font></p>
                        </td>
                    </tr>
                </table>
        </td>
        <td width="40%">
            <p>&nbsp;</p>
        </td>
        <td width="10%">
            <p>&nbsp;</p>
        </td>
    </tr>

	<tr>
        <td width="458">
                <table border="1" cellspacing="0" bordercolordark="white" bordercolorlight="black" width="100%">
                    <tr>
                        <td width="451" colspan="2" bgcolor="#CCCCCC">
                            <p><font face="Arial" size="2"><B>Scan Settings</b></font></p>
                        </td>
                    </tr>
                    <tr>
                        <td width="57%">
                        <p><font face="Arial" size="2">First Action</font></p>
                        </td>
                        <td width="43%" align="right">
                            <p><font face="Arial" size="2">Disinfect</font></p>
                        </td>
                    </tr>
                    <tr>
                        <td width="57%">
                        <p><font face="Arial" size="2">Second Action</font></p>
                        </td>
                        <td width="43%" align="right">
                            <p><font face="Arial" size="2">Delete</font></p>
                        </td>
                    </tr>
                    <tr>
                        <td width="57%">
                            <p><font face="Arial" size="2">Heuristics</font></p>
                        </td>
                        <td width="43%" align="right">
                            <p><font face="Arial" size="2">Yes</font></p>
                        </td>
                    </tr>
                    <tr>
                        <td width="57%">
                            <p><font face="Arial" size="2">Enable Warnings</font></p>
                        </td>
                        <td width="43%" align="right">
                            <p><font face="Arial" size="2">Yes</font></p>
                        </td>
                    </tr>
	                <tr>
                        <td width="57%">
                            <p><font face="Arial" size="2">Scanned Extensions</font></p>
                        </td>
                        <td width="43%" align="right">
                            <p><font face="Arial" size="2">*;</font></p>
                        </td>
                    </tr>

                    <tr>
                        <td width="57%">
                            <p><font face="Arial" size="2">Exclude Extensions</font></p>
                        </td>
                        <td width="43%" align="right">
                            <p><font face="Arial" size="2">&nbsp;</font></p>
                        </td>
                    </tr>
                    <tr>
                        <td width="57%">
                            <p><font face="Arial" size="2">Scan Emails</font></p>
                        </td>
                        <td width="43%" align="right">
                            <p><font face="Arial" size="2">Yes</font></p>
                        </td>
                    </tr>
                    <tr>
                        <td width="57%">
                            <p><font face="Arial" size="2">Scan Archives</font></p>
                        </td>
                        <td width="43%" align="right">
                            <p><font face="Arial" size="2">Yes</font></p>
                        </td>
                    </tr>
                    <tr>
                        <td width="57%">
                            <p><font face="Arial" size="2">Scan Packed</font></p>
                        </td>
                        <td width="43%" align="right">
                            <p><font face="Arial" size="2">Yes</font></p>
                        </td>
                    </tr>
                    <tr>
                        <td width="57%">
                            <p><font face="Arial" size="2">Scan Files</font></p>
                        </td>
                        <td width="43%" align="right">
                            <p><font face="Arial" size="2">Yes</font></p>
                        </td>
                    </tr>
                    <tr>
                        <td width="57%">
                            <p><font face="Arial" size="2">Scan Boot</font></p>
                        </td>
                        <td width="43%" align="right">
                            <p><font face="Arial" size="2">Yes</font></p>
                        </td>
                    </tr>
                </table>
        </td>
        <td width="40%">
            <p>&nbsp;</p>
        </td>
        <td width="10%">
            <p>&nbsp;</p>
        </td>
    </tr>

	<tr>
        <td colspan=2> &nbsp;
                <table border="1" cellspacing="0" bordercolordark="white" bordercolorlight="black" width="100%">
                    <tr>
                        <td width="252" bgcolor="#CCCCCC">
                            <p><font face="Arial" size="2"><B>Scanned File</b></font></p>
                        </td>
                        <td width="195" bgcolor="#CCCCCC" align="right">
                        <p align="left"><b><font size="2" face="Arial">&nbsp;Status</font></b></p>
                        </td>
                    </tr>
                    <tr>
	<td width="57%">
	<p><font face="Arial" size="2">C:\Documents and Settings\Vincent\Local Settings\Application Data\Identities\{9510D638-8B64-4D36-926A-6939BD000C00}\Microsoft\Outlook Express\Deleted Items.dbx=>(message 999)=>[Subject: mailing error][Date: Mon, 02 May 2005 23:55:23 GMT]=>(MIME part)=>error-mail_info.zip=>Winzipped-Text_Data.txt           .pif</font></p>
	</td>
	<td width="43%" align="left">
		<p><font face="Arial" size="2">Infected with: Win32.Sober.P@mm</font></p>
	</td>
</tr><tr>
	<td width="57%">
	<p><font face="Arial" size="2">C:\Documents and Settings\Vincent\Local Settings\Application Data\Identities\{9510D638-8B64-4D36-926A-6939BD000C00}\Microsoft\Outlook Express\Deleted Items.dbx=>(message 999)=>[Subject: mailing error][Date: Mon, 02 May 2005 23:55:23 GMT]=>(MIME part)=>error-mail_info.zip=>Winzipped-Text_Data.txt           .pif</font></p>
	</td>
	<td width="43%" align="left">
		<p><font face="Arial" size="2">Disinfection failed</font></p>
	</td>
</tr><tr>
	<td width="57%">
	<p><font face="Arial" size="2">C:\Documents and Settings\Vincent\Local Settings\Application Data\Identities\{9510D638-8B64-4D36-926A-6939BD000C00}\Microsoft\Outlook Express\Deleted Items.dbx=>(message 999)=>[Subject: mailing error][Date: Mon, 02 May 2005 23:55:23 GMT]=>(MIME part)=>error-mail_info.zip=>Winzipped-Text_Data.txt           .pif</font></p>
	</td>
	<td width="43%" align="left">
		<p><font face="Arial" size="2">Deleted</font></p>
	</td>
</tr><tr>
	<td width="57%">
	<p><font face="Arial" size="2">C:\Documents and Settings\Vincent\Local Settings\Application Data\Identities\{9510D638-8B64-4D36-926A-6939BD000C00}\Microsoft\Outlook Express\Deleted Items.dbx=>(message 999)=>[Subject: mailing error][Date: Mon, 02 May 2005 23:55:23 GMT]=>(MIME part)=>error-mail_info.zip</font></p>
	</td>
	<td width="43%" align="left">
		<p><font face="Arial" size="2">Updated</font></p>
	</td>
</tr><tr>
	<td width="57%">
	<p><font face="Arial" size="2">C:\Documents and Settings\Vincent\Local Settings\Application Data\Identities\{9510D638-8B64-4D36-926A-6939BD000C00}\Microsoft\Outlook Express\Deleted Items.dbx=>(message 999)=>[Subject: mailing error][Date: Mon, 02 May 2005 23:55:23 GMT]=>(MIME part)</font></p>
	</td>
	<td width="43%" align="left">
		<p><font face="Arial" size="2">Updated</font></p>
	</td>
</tr><tr>
	<td width="57%">
	<p><font face="Arial" size="2">C:\Documents and Settings\Vincent\Local Settings\Application Data\Identities\{9510D638-8B64-4D36-926A-6939BD000C00}\Microsoft\Outlook Express\Deleted Items.dbx=>(message 999)</font></p>
	</td>
	<td width="43%" align="left">
		<p><font face="Arial" size="2">Updated</font></p>
	</td>
</tr><tr>
	<td width="57%"