hi all bin neu hier und bekomme immer ne meldung backdoor darkmoon virus gefunden wie bekomme ich den weg ausser neu zu instalieren habe antivir 6 drauf und norten
norten vindet den aber wenn ich auf löschen gehe kommt der wieder kann mir einer helfen bitte

Poste doch mal dein HijackThis Log.
HiJack Anleitung hier.

Logfile of HijackThis v1.99.1
Scan saved at 17:15:44, on 07.10.2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe
C:\Programme\ICQLite\ICQLite.exe
C:\Programme\AVPersonal\AVGNT.EXE
C:\Programme\Java\jre1.5.0_02\bin\jusched.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Programme\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Gemeinsame Dateien\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\System32\alg.exe
C:\Programme\AVPersonal\AVWUPSRV.EXE
C:\Programme\Norton AntiVirus\navapsvc.exe
C:\Programme\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\oodag.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\Programme\teamspeak2_RC2\TeamSpeak.exe
D:\Programme\Valve\Steam\Steam.exe
C:\Programme\Steganos AntiSpyware 2006\WRSSSDK.exe
C:\Programme\Steganos AntiSpyware 2006\saspy2006.exe
C:\PROGRAMME\AVPERSONAL\AVGUARD.EXE
C:\Programme\Internet Explorer\IEXPLORE.EXE
C:\Programme\TuneUp Utilities 2006\SystemOptimizer.exe
C:\Dokumente und Einstellungen\sack\Eigene Dateien\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = h++p://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = h++p://www.google.de/
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll
R3 - URLSearchHook: (no name) - {20929603-21DB-477C-BA6F-0B8E70B3C8A0} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programme\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programme\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Outpost Firewall] C:\Programme\Agnitum\Outpost Firewall\outpost.exe /waitservice
O4 - HKLM\..\Run: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -minimize
O4 - HKLM\..\Run: [AVGCtrl] "C:\Programme\AVPersonal\AVGNT.EXE" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [CloneCDTray] "C:\Programme\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [Antispyware 2006] "C:\Programme\Steganos AntiSpyware 2006\saspy2006.exe" /startintray
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programme\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [STYLEXP] C:\Programme\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [Steam] "d:\programme\valve\steam\steam.exe" -silent
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programme\Gemeinsame Dateien\Ahead\lib\NMBgMonitor.exe"
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Programme\ICQToolbar\toolbaru.dll/SEARCH.HTML
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Browser-Anpassung - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Programme\Agnitum\Outpost Firewall\Plugins\BrowserBar\ie_bar.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{04DA0F27-8594-48A5-BB0B-9BB6EEBF625A}: NameServer = 213.168.112.60 194.8.194.60
O17 - HKLM\System\CS1\Services\Tcpip\..\{04DA0F27-8594-48A5-BB0B-9BB6EEBF625A}: NameServer = 213.168.112.60 194.8.194.60
O18 - Protocol: bw+0 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Agnitum\OUTPOS~1\wl_hook.dll
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\PROGRAMME\AVPERSONAL\AVGUARD.EXE
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Programme\AVPersonal\AVWUPSRV.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe
O23 - Service: cFosSpeed System Service (cFosSpeedS) - Unknown owner - C:\Programme\cFosSpeed\spd.exe" -service (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Programme\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Programme\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\System32\oodag.exe
O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum Ltd. - C:\PROGRA~1\Agnitum\OUTPOS~1\outpost.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Programme\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\GEMEIN~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: StyleXPService - Unknown owner - C:\Programme\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Programme\Steganos AntiSpyware 2006\WRSSSDK.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Programme\TuneUp Utilities 2006\WinStylerThemeSvc.exe

Ausser einem veraltetem und ungepatchtem System kann ich so keine schädliche Datei finden. Deshalb mache einen escan genau nach anleitung und poste die mit der find.bat erzeugte Datei.
http://www.trojaner-board.de/showthread.php?t=17492

hi kann die log hie nicht rein machen ist zu gross ist das normal das die 10 mb gros ist hat 1 stunde gedauer

Fri Oct 07 23:38:35 2005 => ***** Scanning Registry for errors created because of Adware/Spyware *****
Fri Oct 07 23:38:36 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Programme\Microsoft Games\Fable - The Lost Chapters\data\". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Programme\Microsoft Games\Fable - The Lost Chapters\". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Programme\Microsoft Games\". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Programme\Microsoft Games\Fable - The Lost Chapters\data\lang\". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Programme\Microsoft Games\Fable - The Lost Chapters\data\shaders\". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Programme\Microsoft Games\Fable - The Lost Chapters\data\Bones\". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Programme\Microsoft Games\Fable - The Lost Chapters\data\CompiledDefs\". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Programme\Microsoft Games\Fable - The Lost Chapters\data\Defs\". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Programme\Microsoft Games\Fable - The Lost Chapters\data\EngineCache\". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Programme\Microsoft Games\Fable - The Lost Chapters\data\lang\English\". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Programme\Microsoft Games\Fable - The Lost Chapters\data\LightingTable\". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Programme\Microsoft Games\Fable - The Lost Chapters\data\Misc\LoadProgress\". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Programme\Microsoft Games\Fable - The Lost Chapters\data\Misc\". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Programme\Microsoft Games\Fable - The Lost Chapters\data\shaders\pc\". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Programme\Microsoft Games\Fable - The Lost Chapters\data\Defs\RetailHeaders\". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Programme\Microsoft Games\Fable - The Lost Chapters\data\Tattoos\". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Programme\Microsoft Games\Fable - The Lost Chapters\data\Defs\RetailHeaders\pc\". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Programme\Microsoft Games\Fable - The Lost Chapters\data\Sound\". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Programme\Microsoft Games\Fable - The Lost Chapters\data\Video\". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Programme\Microsoft Games\Fable - The Lost Chapters\data\Levels\". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Programme\Microsoft Games\Fable - The Lost Chapters\data\graphics\". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Programme\Microsoft Games\Fable - The Lost Chapters\data\Misc\pc\". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Programme\Microsoft Games\Fable - The Lost Chapters\data\graphics\pc\". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".$$$". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".adf". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".amx". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".avc". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/steam/". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/steam/cstrike/". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/steam/cstrike/addons/". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/steam/cstrike/addons/adminmod/". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/steam/cstrike/addons/amxmodx/". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/steam/cstrike/addons/amxmodx/configs/". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/steam/cstrike/addons/amxmodx/configs/amxmd/". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/steam/cstrike/addons/amxmodx/configs/amxmd/leagues/". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/steam/cstrike/addons/amxmodx/configs/atac/". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/steam/cstrike/addons/amxmodx/configs/maps/". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/steam/cstrike/addons/amxmodx/configs/uaio/". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/steam/cstrike/addons/amxmodx/data/". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/steam/cstrike/addons/amxmodx/dlls/". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/steam/cstrike/addons/amxmodx/logs/". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/steam/cstrike/addons/amxmodx/modules/". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/steam/cstrike/addons/amxmodx/plugins/". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/steam/cstrike/addons/amxmodx/scripting/". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/steam/cstrike/addons/amxmodx/scripting/uaio_inc/". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/steam/cstrike/addons/clanmod/". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/steam/cstrike/addons/clanmod/addons/". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/steam/cstrike/addons/clanmod/configs/". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/steam/cstrike/addons/clanmod/configs/scripts/". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/steam/cstrike/addons/statsme/". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/steam/cstrike/maps/". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/steam/cstrike/SAVE/". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/steam/cstrike/sound/". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/steam/cstrike/sound/misc/". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/steam/cstrike/sounds/". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".ide". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".media". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".php". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".rom". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".sfv". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".sma". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "BitComet Toolbar". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "cFos". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "cFosSpeed". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "ICQLite". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "kazaalite202_is1". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Nero - Burning Rom!UninstallKey". Action Taken: No Action Taken.

Fri Oct 07 23:38:36 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "NimoCorp". Action Taken: No Action Taken.

Fri Oct 07 23:38:39 2005 => Entry "HKCR\cFosSpeed.Config" refers to invalid object "{A56B357E-7D66-474A-8CA1-C909109C88AF}". Action Taken: No Action Taken.

Fri Oct 07 23:38:39 2005 => Entry "HKCR\cFosSpeed.Config.1" refers to invalid object "{A56B357E-7D66-474A-8CA1-C909109C88AF}". Action Taken: No Action Taken.

Fri Oct 07 23:19:49 2005 => **********************************************************
Fri Oct 07 23:19:49 2005 => MicroWorld Anti Virus & Spyware Toolkit Utility.
Fri Oct 07 23:19:49 2005 => Copyright © 2003-2005, MicroWorld Technologies Inc.
Fri Oct 07 23:19:49 2005 => **********************************************************
Fri Oct 07 23:19:49 2005 => Version 7.2.2 (C:\Dokumente und Einstellungen\sack\Eigene Dateien\mwav\mwavscan.com)
Fri Oct 07 23:19:49 2005 => Log File: C:\DOKUME~1\sack\EIGENE~1\mwav\MWAV.LOG
Fri Oct 07 23:19:49 2005 => Last Scan Date and Time: 07.10.2005 23:04:12
Fri Oct 07 23:19:49 2005 => MWAV Registered: TRUE.
Fri Oct 07 23:19:49 2005 => MWAV Mode: Scan and Clean files.
Fri Oct 07 23:19:49 2005 => Database Path in KL Key: C:\PROGRA~1\eScan.
Fri Oct 07 23:19:49 2005 => Latest Date of files in KL key: 07 Oct 2005 19:56:02.
Fri Oct 07 23:19:49 2005 => Latest Date of files inside MWAV: 27 Sep 2005 10:51:30.
Fri Oct 07 23:19:49 2005 => eScan Install Directory: C:\PROGRA~1\eScan\
Fri Oct 07 23:19:49 2005 => MailScan Install Directory: C:\PROGRA~1\eScan\
Fri Oct 07 23:19:52 2005 => AV Library Loaded...
Fri Oct 07 23:19:52 2005 => MWAV doing self scanning...
Fri Oct 07 23:19:52 2005 => Scanning File C:\DOKUME~1\sack\EIGENE~1\mwav\kavss.exe
Fri Oct 07 23:19:52 2005 => Scanning File C:\DOKUME~1\sack\EIGENE~1\mwav\Getvlist.exe
Fri Oct 07 23:19:52 2005 => Scanning File C:\DOKUME~1\sack\EIGENE~1\mwav\kavss.dll
Fri Oct 07 23:19:52 2005 => Scanning File C:\DOKUME~1\sack\EIGENE~1\mwav\kavssdi.dll
Fri Oct 07 23:19:52 2005 => Scanning File C:\DOKUME~1\sack\EIGENE~1\mwav\kavssi.dll
Fri Oct 07 23:19:52 2005 => Scanning File C:\DOKUME~1\sack\EIGENE~1\mwav\kavvlg.dll
Fri Oct 07 23:19:52 2005 => Scanning File C:\DOKUME~1\sack\EIGENE~1\mwav\msvlclnt.dll
Fri Oct 07 23:19:52 2005 => Scanning File C:\DOKUME~1\sack\EIGENE~1\mwav\ipc.dll
Fri Oct 07 23:19:52 2005 => Scanning File C:\DOKUME~1\sack\EIGENE~1\mwav\main.avi
Fri Oct 07 23:19:52 2005 => Scanning File C:\DOKUME~1\sack\EIGENE~1\mwav\virus.avi
Fri Oct 07 23:19:52 2005 => MWAV files are clean.
Fri Oct 07 23:19:59 2005 => Virus Database Date: 2005/10/07
Fri Oct 07 23:19:59 2005 => Virus Database Count: 148678
Fri Oct 07 23:20:10 2005 => AV Library Unloaded (3)...
Fri Oct 07 23:36:38 2005 => **********************************************************
Fri Oct 07 23:36:38 2005 => MicroWorld Anti Virus & Spyware Toolkit Utility.
Fri Oct 07 23:36:38 2005 => Copyright © 2003-2005, MicroWorld Technologies Inc.
Fri Oct 07 23:36:38 2005 => **********************************************************
Fri Oct 07 23:36:38 2005 => Version 7.2.2 (C:\Dokumente und Einstellungen\sack\Eigene Dateien\mwav\mwavscan.com)
Fri Oct 07 23:36:38 2005 => Log File: C:\DOKUME~1\sack\EIGENE~1\mwav\MWAV.LOG
Fri Oct 07 23:36:38 2005 => Last Scan Date and Time: 07.10.2005 23:04:12
Fri Oct 07 23:36:38 2005 => MWAV Registered: TRUE.
Fri Oct 07 23:36:38 2005 => MWAV Mode: Scan and Clean files.
Fri Oct 07 23:36:38 2005 => Database Path in KL Key: C:\PROGRA~1\eScan.
Fri Oct 07 23:36:40 2005 => Latest Date of files in KL key: 07 Oct 2005 19:56:02.
Fri Oct 07 23:36:42 2005 => Latest Date of files inside MWAV: 27 Sep 2005 10:51:30.
Fri Oct 07 23:36:42 2005 => eScan Install Directory: C:\PROGRA~1\eScan\
Fri Oct 07 23:36:42 2005 => MailScan Install Directory: C:\PROGRA~1\eScan\
Fri Oct 07 23:36:44 2005 => AV Library Loaded...
Fri Oct 07 23:36:44 2005 => MWAV doing self scanning...
Fri Oct 07 23:36:44 2005 => Scanning File C:\DOKUME~1\sack\EIGENE~1\mwav\kavss.exe
Fri Oct 07 23:36:44 2005 => Scanning File C:\DOKUME~1\sack\EIGENE~1\mwav\Getvlist.exe
Fri Oct 07 23:36:44 2005 => Scanning File C:\DOKUME~1\sack\EIGENE~1\mwav\kavss.dll
Fri Oct 07 23:36:44 2005 => Scanning File C:\DOKUME~1\sack\EIGENE~1\mwav\kavssdi.dll
Fri Oct 07 23:36:44 2005 => Scanning File C:\DOKUME~1\sack\EIGENE~1\mwav\kavssi.dll
Fri Oct 07 23:36:44 2005 => Scanning File C:\DOKUME~1\sack\EIGENE~1\mwav\kavvlg.dll
Fri Oct 07 23:36:44 2005 => Scanning File C:\DOKUME~1\sack\EIGENE~1\mwav\msvlclnt.dll
Fri Oct 07 23:36:44 2005 => Scanning File C:\DOKUME~1\sack\EIGENE~1\mwav\ipc.dll
Fri Oct 07 23:36:44 2005 => Scanning File C:\DOKUME~1\sack\EIGENE~1\mwav\main.avi
Fri Oct 07 23:36:44 2005 => Scanning File C:\DOKUME~1\sack\EIGENE~1\mwav\virus.avi
Fri Oct 07 23:36:44 2005 => MWAV files are clean.
Fri Oct 07 23:36:54 2005 => Virus Database Date: 2005/10/07
Fri Oct 07 23:36:54 2005 => Virus Database Count: 148678

Fri Oct 07 23:37:30 2005 => **********************************************************
Fri Oct 07 23:37:30 2005 => MicroWorld Anti Virus & Spyware Toolkit Utility.
Fri Oct 07 23:37:30 2005 => Copyright © 2003-2005, MicroWorld Technologies Inc.
Fri Oct 07 23:37:30 2005 =>
Fri Oct 07 23:37:30 2005 => Support: support@mwti.net
Fri Oct 07 23:37:30 2005 => Web: http://www.mwti.net
Fri Oct 07 23:37:30 2005 => **********************************************************
Fri Oct 07 23:37:30 2005 => Version 7.2.2 (C:\Dokumente und Einstellungen\sack\Eigene Dateien\mwav\mwavscan.com)
Fri Oct 07 23:37:30 2005 => Log File: C:\DOKUME~1\sack\EIGENE~1\mwav\MWAV.LOG
Fri Oct 07 23:37:30 2005 => User Account: sack
Fri Oct 07 23:37:30 2005 => Windows Root Folder: C:\WINDOWS
Fri Oct 07 23:37:30 2005 => Windows Sys32 Folder: C:\WINDOWS\System32
Fri Oct 07 23:37:30 2005 => OS: Windows NT
Fri Oct 07 23:37:30 2005 => Database Path in KL Key: C:\PROGRA~1\eScan.
Fri Oct 07 23:37:30 2005 => Latest Date of files in KL key: 07 Oct 2005 19:56:02.
Fri Oct 07 23:37:30 2005 => Latest Date of files inside MWAV: 27 Sep 2005 10:51:30.

Fri Oct 07 23:37:30 2005 => Options Selected by User:
Fri Oct 07 23:37:30 2005 => Memory Check: Enabled
Fri Oct 07 23:37:30 2005 => Registry Check: Enabled
Fri Oct 07 23:37:30 2005 => StartUp Folder Check: Enabled
Fri Oct 07 23:37:30 2005 => System Folder Check: Enabled
Fri Oct 07 23:37:30 2005 => System Area Check: Disabled
Fri Oct 07 23:37:30 2005 => Services Check: Enabled
Fri Oct 07 23:37:30 2005 => Drive Check: Disabled
Fri Oct 07 23:37:30 2005 => All Drive Check :Enabled
Fri Oct 07 23:37:30 2005 => Folder Check: Enabled
Fri Oct 07 23:37:30 2005 => Folder Selected = C:\WINDOWS

Fri Oct 07 23:37:30 2005 => ***** Scanning Memory Files *****
Fri Oct 07 23:37:30 2005 => Scanning File C:\WINDOWS\System32\smss.exe
Fri Oct 07 23:37:30 2005 => Scanning File C:\WINDOWS\System32\ntdll.dll
Fri Oct 07 23:37:30 2005 => Scanning File C:\WINDOWS\SYSTEM32\CSRSS.EXE
Fri Oct 07 23:37:30 2005 => Scanning File C:\WINDOWS\system32\CSRSRV.dll
Fri Oct 07 23:37:30 2005 => Scanning File C:\WINDOWS\system32\basesrv.dll
Fri Oct 07 23:37:30 2005 => Scanning File C:\WINDOWS\system32\winsrv.dll
Fri Oct 07 23:37:30 2005 => Scanning File C:\WINDOWS\system32\USER32.dll
Fri Oct 07 23:37:30 2005 => Scanning File C:\WINDOWS\system32\KERNEL32.dll
Fri Oct 07 23:37:31 2005 => Scanning File C:\WINDOWS\system32\GDI32.dll
Fri Oct 07 23:37:31 2005 => Scanning File C:\WINDOWS\system32\ADVAPI32.dll
Fri Oct 07 23:37:31 2005 => Scanning File C:\WINDOWS\system32\RPCRT4.dll
Fri Oct 07 23:37:31 2005 => Scanning File C:\WINDOWS\System32\sxs.dll
Fri Oct 07 23:37:31 2005 => Scanning File C:\WINDOWS\SYSTEM32\WINLOGON.EXE
Fri Oct 07 23:37:31 2005 => Scanning File C:\WINDOWS\system32\AUTHZ.dll
Fri Oct 07 23:37:31 2005 => Scanning File C:\WINDOWS\system32\msvcrt.dll
Fri Oct 07 23:37:31 2005 => Scanning File C:\WINDOWS\system32\CRYPT32.dll
Fri Oct 07 23:37:31 2005 => Scanning File C:\WINDOWS\system32\MSASN1.dll
Fri Oct 07 23:37:32 2005 => Scanning File C:\WINDOWS\system32\NDdeApi.dll
Fri Oct 07 23:37:32 2005 => Scanning File C:\WINDOWS\system32\PROFMAP.dll
Fri Oct 07 23:37:32 2005 => Scanning File C:\WINDOWS\system32\NETAPI32.dll
Fri Oct 07 23:37:32 2005 => Scanning File C:\WINDOWS\system32\USERENV.dll
Fri Oct 07 23:37:32 2005 => Scanning File C:\WINDOWS\system32\PSAPI.DLL
Fri Oct 07 23:37:32 2005 => Scanning File C:\WINDOWS\system32\REGAPI.dll
Fri Oct 07 23:37:32 2005 => Scanning File C:\WINDOWS\system32\Secur32.dll
Fri Oct 07 23:37:32 2005 => Scanning File C:\WINDOWS\system32\SETUPAPI.dll
Fri Oct 07 23:37:33 2005 => Scanning File C:\WINDOWS\system32\sfc_os.dll
Fri Oct 07 23:37:33 2005 => Scanning File C:\WINDOWS\system32\WINTRUST.dll
Fri Oct 07 23:37:33 2005 => Scanning File C:\WINDOWS\system32\ole32.dll
Fri Oct 07 23:37:33 2005 => Scanning File C:\WINDOWS\system32\IMAGEHLP.dll
Fri Oct 07 23:37:33 2005 => Scanning File C:\WINDOWS\system32\VERSION.dll
Fri Oct 07 23:37:33 2005 => Scanning File C:\WINDOWS\system32\WINSTA.dll
Fri Oct 07 23:37:33 2005 => Scanning File C:\WINDOWS\system32\WS2_32.dll
Fri Oct 07 23:37:33 2005 => Scanning File C:\WINDOWS\system32\WS2HELP.dll
Fri Oct 07 23:37:33 2005 => Scanning File C:\PROGRA~1\Agnitum\OUTPOS~1\wl_hook.dll
Fri Oct 07 23:37:34 2005 => Scanning File C:\WINDOWS\system32\dbghelp.dll
Fri Oct 07 23:37:34 2005 => Scanning File C:\PROGRA~1\Agnitum\OUTPOS~1\wl_hdlr.dll
Fri Oct 07 23:37:34 2005 => Scanning File C:\WINDOWS\system32\MSGINA.dll
Fri Oct 07 23:37:34 2005 => Scanning File C:\WINDOWS\system32\SHELL32.dll
Fri Oct 07 23:37:34 2005 => Scanning File C:\WINDOWS\system32\SHLWAPI.dll
Fri Oct 07 23:37:34 2005 => Scanning File C:\WINDOWS\system32\COMCTL32.dll
Fri Oct 07 23:37:35 2005 => Scanning File C:\WINDOWS\system32\ODBC32.dll
Fri Oct 07 23:37:35 2005 => Scanning File C:\WINDOWS\system32\comdlg32.dll
Fri Oct 07 23:37:35 2005 => Scanning File C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
Fri Oct 07 23:37:35 2005 => Scanning File C:\WINDOWS\system32\odbcint.dll
Fri Oct 07 23:37:35 2005 => Scanning File C:\WINDOWS\system32\SHSVCS.dll
Fri Oct 07 23:37:35 2005 => Scanning File C:\WINDOWS\system32\sfc.dll
Fri Oct 07 23:37:35 2005 => Scanning File C:\WINDOWS\system32\Apphelp.dll
Fri Oct 07 23:37:35 2005 => Scanning File C:\WINDOWS\system32\WINMM.dll
Fri Oct 07 23:37:35 2005 => Scanning File C:\WINDOWS\system32\cscdll.dll
Fri Oct 07 23:37:36 2005 => Scanning File C:\WINDOWS\system32\WlNotify.dll
Fri Oct 07 23:37:36 2005 => Scanning File C:\WINDOWS\system32\WinSCard.dll
Fri Oct 07 23:37:36 2005 => Scanning File C:\WINDOWS\system32\WTSAPI32.dll
Fri Oct 07 23:37:36 2005 => Scanning File C:\WINDOWS\system32\WINSPOOL.DRV
Fri Oct 07 23:37:36 2005 => Scanning File C:\WINDOWS\system32\MPR.dll
Fri Oct 07 23:37:36 2005 => Scanning File C:\WINDOWS\System32\rsaenh.dll
Fri Oct 07 23:37:36 2005 => Scanning File C:\WINDOWS\system32\UxTheme.dll
Fri Oct 07 23:37:36 2005 => Scanning File C:\WINDOWS\system32\SAMLIB.dll
Fri Oct 07 23:37:37 2005 => Scanning File C:\WINDOWS\system32\NTMARTA.DLL
Fri Oct 07 23:37:37 2005 => Scanning File C:\WINDOWS\system32\WLDAP32.dll
Fri Oct 07 23:37:37 2005 => Scanning File C:\WINDOWS\system32\COMRes.dll
Fri Oct 07 23:37:37 2005 => Scanning File C:\WINDOWS\system32\OLEAUT32.dll
Fri Oct 07 23:37:37 2005 => Scanning File C:\WINDOWS\system32\CLBCATQ.DLL
Fri Oct 07 23:37:37 2005 => Scanning File C:\WINDOWS\system32\cryptnet.dll
Fri Oct 07 23:37:37 2005 => Scanning File C:\WINDOWS\system32\sclgntfy.dll
Fri Oct 07 23:37:37 2005 => Scanning File C:\WINDOWS\System32\drprov.dll
Fri Oct 07 23:37:37 2005 => Scanning File C:\WINDOWS\System32\ntlanman.dll
Fri Oct 07 23:37:38 2005 => Scanning File C:\WINDOWS\System32\NETUI0.dll
Fri Oct 07 23:37:38 2005 => Scanning File C:\WINDOWS\System32\NETUI1.dll
Fri Oct 07 23:37:38 2005 => Scanning File C:\WINDOWS\System32\NETRAP.dll
Fri Oct 07 23:37:38 2005 => Scanning File C:\WINDOWS\System32\davclnt.dll
Fri Oct 07 23:37:38 2005 => Scanning File C:\WINDOWS\system32\MPRUI.dll
Fri Oct 07 23:37:38 2005 => Scanning File C:\WINDOWS\system32\NETUI2.dll
Fri Oct 07 23:37:38 2005 => Scanning File C:\WINDOWS\system32\netmsg.dll
Fri Oct 07 23:37:38 2005 => Scanning File C:\WINDOWS\system32\RASAPI32.dll
Fri Oct 07 23:37:38 2005 => Scanning File C:\WINDOWS\system32\rasman.dll
Fri Oct 07 23:37:39 2005 => Scanning File C:\WINDOWS\system32\TAPI32.dll
Fri Oct 07 23:37:39 2005 => Scanning File C:\WINDOWS\system32\rtutils.dll
Fri Oct 07 23:37:39 2005 => Scanning File C:\WINDOWS\system32\cscui.dll
Fri Oct 07 23:37:39 2005 => Scanning File C:\WINDOWS\system32\services.exe
Fri Oct 07 23:37:39 2005 => Scanning File C:\WINDOWS\system32\SCESRV.dll
Fri Oct 07 23:37:39 2005 => Scanning File C:\WINDOWS\system32\umpnpmgr.dll
Fri Oct 07 23:37:39 2005 => Scanning File C:\WINDOWS\system32\NCObjAPI.DLL
Fri Oct 07 23:37:39 2005 => Scanning File C:\WINDOWS\system32\eventlog.dll
Fri Oct 07 23:37:40 2005 => Scanning File C:\WINDOWS\system32\lsass.exe
Fri Oct 07 23:37:40 2005 => Scanning File C:\WINDOWS\system32\LSASRV.dll
Fri Oct 07 23:37:40 2005 => Scanning File C:\WINDOWS\system32\SAMSRV.dll
Fri Oct 07 23:37:40 2005 => Scanning File C:\WINDOWS\system32\cryptdll.dll
Fri Oct 07 23:37:40 2005 => Scanning File C:\WINDOWS\system32\DNSAPI.dll
Fri Oct 07 23:37:40 2005 => Scanning File C:\WINDOWS\system32\NTDSAPI.dll
Fri Oct 07 23:37:40 2005 => Scanning File C:\WINDOWS\system32\msprivs.dll
Fri Oct 07 23:37:40 2005 => Scanning File C:\WINDOWS\system32\kerberos.dll
Fri Oct 07 23:37:41 2005 => Scanning File C:\WINDOWS\system32\msv1_0.dll
Fri Oct 07 23:37:41 2005 => Scanning File C:\WINDOWS\system32\netlogon.dll
Fri Oct 07 23:37:41 2005 => Scanning File C:\WINDOWS\system32\w32time.dll
Fri Oct 07 23:37:41 2005 => Scanning File C:\WINDOWS\system32\MSVCP60.dll
Fri Oct 07 23:37:41 2005 => Scanning File C:\WINDOWS\system32\iphlpapi.dll
Fri Oct 07 23:37:41 2005 => Scanning File C:\WINDOWS\system32\netman.dll
Fri Oct 07 23:37:41 2005 => Scanning File C:\WINDOWS\system32\MPRAPI.dll
Fri Oct 07 23:37:41 2005 => Scanning File C:\WINDOWS\system32\ACTIVEDS.dll
Fri Oct 07 23:37:42 2005 => Scanning File C:\WINDOWS\system32\adsldpc.dll
Fri Oct 07 23:37:42 2005 => Scanning File C:\WINDOWS\system32\ATL.DLL
Fri Oct 07 23:37:42 2005 => Scanning File C:\WINDOWS\system32\WZCSvc.DLL
Fri Oct 07 23:37:42 2005 => Scanning File C:\WINDOWS\system32\WMI.dll
Fri Oct 07 23:37:42 2005 => Scanning File C:\WINDOWS\system32\DHCPCSVC.DLL
Fri Oct 07 23:37:42 2005 => Scanning File C:\WINDOWS\system32\schannel.dll
Fri Oct 07 23:37:42 2005 => Scanning File C:\WINDOWS\system32\wdigest.dll
Fri Oct 07 23:37:42 2005 => Scanning File C:\WINDOWS\system32\scecli.dll
Fri Oct 07 23:37:42 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Fri Oct 07 23:37:42 2005 => Scanning File c:\windows\system32\rpcss.dll
Fri Oct 07 23:37:42 2005 => Scanning File C:\WINDOWS\system32\mswsock.dll
Fri Oct 07 23:37:43 2005 => Scanning File C:\WINDOWS\system32\mwtsp.dll
Fri Oct 07 23:37:43 2005 => Scanning File C:\WINDOWS\SPORDER.dll
Fri Oct 07 23:37:43 2005 => Scanning File C:\WINDOWS\System32\wshtcpip.dll
Fri Oct 07 23:37:43 2005 => Scanning File C:\WINDOWS\System32\winrnr.dll
Fri Oct 07 23:37:43 2005 => Scanning File C:\WINDOWS\system32\rasadhlp.dll
Fri Oct 07 23:37:43 2005 => Scanning File c:\windows\system32\cryptsvc.dll
Fri Oct 07 23:37:43 2005 => Scanning File c:\windows\system32\certcli.dll
Fri Oct 07 23:37:43 2005 => Scanning File c:\windows\system32\CRYPTUI.dll
Fri Oct 07 23:37:44 2005 => Scanning File C:\WINDOWS\system32\WININET.dll
Fri Oct 07 23:37:44 2005 => Scanning File c:\windows\system32\ESENT.dll
Fri Oct 07 23:37:44 2005 => Scanning File c:\windows\system32\srsvc.dll
Fri Oct 07 23:37:44 2005 => Scanning File c:\windows\system32\wbem\wmisvc.dll
Fri Oct 07 23:37:44 2005 => Scanning File c:\windows\system32\wbem\wbemcomn.dll
Fri Oct 07 23:37:44 2005 => Scanning File C:\WINDOWS\system32\VSSAPI.DLL
Fri Oct 07 23:37:44 2005 => Scanning File C:\WINDOWS\System32\es.dll
Fri Oct 07 23:37:45 2005 => Scanning File C:\WINDOWS\System32\wbem\wbemcore.dll
Fri Oct 07 23:37:45 2005 => Scanning File C:\WINDOWS\System32\wbem\esscli.dll
Fri Oct 07 23:37:45 2005 => Scanning File C:\WINDOWS\System32\wbem\FastProx.dll
Fri Oct 07 23:37:45 2005 => Scanning File C:\WINDOWS\System32\wbem\wmiutils.dll
Fri Oct 07 23:37:45 2005 => Scanning File C:\WINDOWS\System32\wbem\repdrvfs.dll
Fri Oct 07 23:37:45 2005 => Scanning File C:\WINDOWS\System32\wbem\wmiprvsd.dll
Fri Oct 07 23:37:45 2005 => Scanning File C:\WINDOWS\System32\wbem\wbemess.dll
Fri Oct 07 23:37:46 2005 => Scanning File C:\WINDOWS\System32\wbem\ncprov.dll
Fri Oct 07 23:37:46 2005 => Scanning File C:\PROGRA~1\STEGAN~1\WRSSSDK.exe
Fri Oct 07 23:37:46 2005 => Scanning File C:\WINDOWS\system32\wsock32.dll
Fri Oct 07 23:37:46 2005 => Scanning File C:\WINDOWS\system32\olepro32.dll
Fri Oct 07 23:37:46 2005 => Scanning File C:\WINDOWS\system32\vdmdbg.dll
Fri Oct 07 23:37:46 2005 => Scanning File C:\WINDOWS\Explorer.EXE
Fri Oct 07 23:37:46 2005 => Scanning File C:\WINDOWS\System32\BROWSEUI.dll
Fri Oct 07 23:37:47 2005 => Scanning File C:\WINDOWS\System32\SHDOCVW.dll
Fri Oct 07 23:37:47 2005 => Scanning File C:\WINDOWS\System32\themeui.dll
Fri Oct 07 23:37:47 2005 => Scanning File C:\WINDOWS\System32\MSIMG32.dll
Fri Oct 07 23:37:47 2005 => Scanning File C:\WINDOWS\System32\msutb.dll
Fri Oct 07 23:37:47 2005 => Scanning File C:\WINDOWS\System32\MSCTF.dll
Fri Oct 07 23:37:47 2005 => Scanning File C:\WINDOWS\System32\LINKINFO.dll
Fri Oct 07 23:37:47 2005 => Scanning File C:\WINDOWS\System32\ntshrui.dll
Fri Oct 07 23:37:47 2005 => Scanning File C:\WINDOWS\system32\NETSHELL.dll
Fri Oct 07 23:37:48 2005 => Scanning File C:\WINDOWS\system32\credui.dll
Fri Oct 07 23:37:48 2005 => Scanning File C:\WINDOWS\System32\msi.dll
Fri Oct 07 23:37:48 2005 => Scanning File C:\PROGRA~1\GEMEIN~1\Ahead\Lib\NERODI~1.DLL
Fri Oct 07 23:37:48 2005 => Scanning File C:\PROGRA~1\GEMEIN~1\Ahead\Lib\MFC71.DLL
Fri Oct 07 23:37:48 2005 => Scanning File C:\PROGRA~1\GEMEIN~1\Ahead\Lib\MSVCR71.dll
Fri Oct 07 23:37:48 2005 => Scanning File C:\PROGRA~1\GEMEIN~1\Ahead\Lib\MSVCP71.dll
Fri Oct 07 23:37:49 2005 => Scanning File C:\WINDOWS\System32\nvcpl.dll
Fri Oct 07 23:37:49 2005 => Scanning File C:\WINDOWS\System32\OLEACC.dll
Fri Oct 07 23:37:49 2005 => Scanning File C:\WINDOWS\System32\NVRSDE.DLL
Fri Oct 07 23:37:49 2005 => Scanning File C:\WINDOWS\System32\nvshell.dll
Fri Oct 07 23:37:49 2005 => Scanning File C:\WINDOWS\System32\browselc.dll
Fri Oct 07 23:37:50 2005 => Scanning File C:\WINDOWS\system32\urlmon.dll
Fri Oct 07 23:37:50 2005 => Scanning File C:\PROGRA~1\INTERN~1\iexplore.exe
Fri Oct 07 23:37:50 2005 => Scanning File C:\WINDOWS\System32\shdoclc.dll
Fri Oct 07 23:37:50 2005 => Scanning File C:\WINDOWS\System32\mlang.dll
Fri Oct 07 23:37:50 2005 => Scanning File C:\WINDOWS\System32\mshtml.dll
Fri Oct 07 23:37:50 2005 => Scanning File C:\WINDOWS\System32\msimtf.dll
Fri Oct 07 23:37:51 2005 => Scanning File C:\WINDOWS\System32\msieftp.dll
Fri Oct 07 23:37:51 2005 => Scanning File C:\WINDOWS\System32\IMM32.DLL
Fri Oct 07 23:37:51 2005 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\SCRIPT~1\scrauth.dll
Fri Oct 07 23:37:51 2005 => Scanning File C:\WINDOWS\System32\MSVCP71.dll
Fri Oct 07 23:37:51 2005 => Scanning File C:\WINDOWS\System32\MSVCR71.dll
Fri Oct 07 23:37:51 2005 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\SCRIPT~1\ScrBlock.dll
Fri Oct 07 23:37:51 2005 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\ccL30.dll
Fri Oct 07 23:37:51 2005 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\ccVrTrst.dll
Fri Oct 07 23:37:52 2005 => Scanning File c:\windows\system32\jscript.dll
Fri Oct 07 23:37:52 2005 => Scanning File C:\WINDOWS\System32\MSLS31.DLL
Fri Oct 07 23:37:52 2005 => Scanning File C:\WINDOWS\System32\imgutil.dll
Fri Oct 07 23:37:52 2005 => Scanning File C:\DOKUME~1\sack\EIGENE~1\mwav\mwavscan.com
Fri Oct 07 23:37:52 2005 => Scanning File C:\DOKUME~1\sack\EIGENE~1\mwav\msvlclnt.dll
Fri Oct 07 23:37:52 2005 => Scanning File C:\DOKUME~1\sack\EIGENE~1\mwav\kavssdi.dll
Fri Oct 07 23:37:53 2005 => Scanning File C:\DOKUME~1\sack\EIGENE~1\mwav\kavssd.dll
Fri Oct 07 23:37:53 2005 => Scanning File C:\DOKUME~1\sack\EIGENE~1\mwav\kavssi.dll
Fri Oct 07 23:37:53 2005 => Scanning File C:\DOKUME~1\sack\EIGENE~1\mwav\ipc.dll
Fri Oct 07 23:37:53 2005 => Scanning File C:\DOKUME~1\sack\EIGENE~1\mwav\RICHED32.DLL
Fri Oct 07 23:37:53 2005 => Scanning File C:\DOKUME~1\sack\EIGENE~1\mwav\PSAPI.DLL
Fri Oct 07 23:37:53 2005 => Scanning File C:\DOKUME~1\sack\EIGENE~1\mwav\kavss.exe
Fri Oct 07 23:37:53 2005 => Scanning File C:\DOKUME~1\sack\EIGENE~1\mwav\kavss.dll

Fri Oct 07 23:37:53 2005 => ***** Scanning Registry Files *****

Fri Oct 07 23:37:54 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
Fri Oct 07 23:37:54 2005 => *** File C:\WINDOWS\system32\SHELL32.dll having Size Restriction ***. Filesize 8167 kb > 3072 kb...
Fri Oct 07 23:37:54 2005 => Scanning File C:\WINDOWS\system32\SHELL32.dll [**]
Fri Oct 07 23:37:54 2005 => *** File C:\WINDOWS\system32\SHELL32.dll having Size Restriction ***. Filesize 8167 kb > 3072 kb...
Fri Oct 07 23:37:54 2005 => Scanning File C:\WINDOWS\system32\SHELL32.dll [**]
Fri Oct 07 23:37:54 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll
Fri Oct 07 23:37:54 2005 => Scanning File C:\WINDOWS\System32\stobject.dll

Fri Oct 07 23:37:54 2005 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad

Fri Oct 07 23:37:54 2005 => Scanning HKLM\SOFTWARE\Microsoft\Internet Explorer\Plugins\Extension

Fri Oct 07 23:37:54 2005 => Scanning HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar
Fri Oct 07 23:37:54 2005 => Scanning File C:\WINDOWS\System32\msdxm.ocx
Fri Oct 07 23:37:54 2005 => Scanning File C:\Programme\ICQToolbar\toolbaru.dll
Fri Oct 07 23:37:54 2005 => Scanning File C:\PROGRA~1\NORTON~1\NavShExt.dll

Fri Oct 07 23:37:54 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects
Fri Oct 07 23:37:54 2005 => {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} = C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
Fri Oct 07 23:37:54 2005 => Scanning File C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\ActiveX\ACROIE~1.DLL
Fri Oct 07 23:37:54 2005 => {53707962-6F74-2D53-2644-206D7942484F} = C:\Programme\Spybot - Search & Destroy\SDHelper.dll
Fri Oct 07 23:37:54 2005 => Scanning File C:\PROGRA~1\SPYBOT~1\SDHelper.dll
Fri Oct 07 23:37:54 2005 => {BDF3E430-B101-42AD-A544-FADC6B084872} = C:\Programme\Norton AntiVirus\NavShExt.dll
Fri Oct 07 23:37:54 2005 => Scanning File C:\PROGRA~1\NORTON~1\NavShExt.dll

Fri Oct 07 23:37:54 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler
Fri Oct 07 23:37:54 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Fri Oct 07 23:37:55 2005 => Scanning File C:\WINDOWS\System32\browseui.dll

Fri Oct 07 23:37:55 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
Fri Oct 07 23:37:55 2005 => Scanning File C:\WINDOWS\system32\mmsys.cpl
Fri Oct 07 23:37:55 2005 => Scanning File C:\WINDOWS\system32\icmui.dll
Fri Oct 07 23:37:55 2005 => Scanning File C:\WINDOWS\system32\rshx32.dll
Fri Oct 07 23:37:55 2005 => Scanning File C:\WINDOWS\system32\docprop.dll
Fri Oct 07 23:37:55 2005 => Scanning File C:\WINDOWS\system32\ntshrui.dll
Fri Oct 07 23:37:55 2005 => Scanning File C:\WINDOWS\System32\themeui.dll
Fri Oct 07 23:37:55 2005 => Scanning File C:\WINDOWS\system32\deskadp.dll
Fri Oct 07 23:37:55 2005 => Scanning File C:\WINDOWS\system32\deskmon.dll
Fri Oct 07 23:37:55 2005 => Scanning File C:\WINDOWS\system32\dssec.dll
Fri Oct 07 23:37:55 2005 => Scanning File C:\WINDOWS\system32\SlayerXP.dll
Fri Oct 07 23:37:55 2005 => Scanning File C:\WINDOWS\system32\shscrap.dll
Fri Oct 07 23:37:55 2005 => Scanning File C:\WINDOWS\system32\diskcopy.dll
Fri Oct 07 23:37:55 2005 => Scanning File C:\WINDOWS\system32\ntlanui2.dll
Fri Oct 07 23:37:55 2005 => Scanning File C:\WINDOWS\System32\icmui.dll
Fri Oct 07 23:37:55 2005 => Scanning File C:\WINDOWS\system32\icmui.dll
Fri Oct 07 23:37:55 2005 => Scanning File C:\WINDOWS\system32\printui.dll
Fri Oct 07 23:37:55 2005 => Scanning File C:\WINDOWS\system32\dskquoui.dll
Fri Oct 07 23:37:55 2005 => Scanning File C:\WINDOWS\system32\syncui.dll
Fri Oct 07 23:37:55 2005 => Scanning File C:\WINDOWS\System32\hticons.dll
Fri Oct 07 23:37:55 2005 => Scanning File C:\WINDOWS\system32\fontext.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\system32\icmui.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\system32\rshx32.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\system32\ntshrui.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\system32\deskperf.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\system32\cryptext.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\system32\cryptext.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\system32\NETSHELL.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\system32\NETSHELL.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\system32\wiashext.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\system32\wiashext.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\system32\wiashext.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\system32\wiashext.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\system32\wiashext.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\remotepg.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\wuaueng.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\wshext.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\PROGRA~1\GEMEIN~1\System\OLEDB~1\oledb32.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\mstask.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\mstask.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\mstask.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\shmedia.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\shmedia.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\shmedia.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\shmedia.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\shmedia.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\shmedia.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\sendmail.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\sendmail.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\occache.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\appwiz.cpl
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\appwiz.cpl
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\appwiz.cpl
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\shimgvw.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\shimgvw.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\shimgvw.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\shimgvw.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\shimgvw.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\shimgvw.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\netplwiz.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\netplwiz.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\netplwiz.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\netplwiz.dll
Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\zipfldr.dll
Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\zipfldr.dll
Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\zipfldr.dll
Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\cdfview.dll
Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\cdfview.dll
Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\cdfview.dll
Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\cdfview.dll
Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\cdfview.dll
Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\msieftp.dll
Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\docprop2.dll
Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\docprop2.dll
Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\docprop2.dll
Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\docprop2.dll
Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\docprop2.dll
Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\docprop2.dll
Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\dsquery.dll
Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\dsquery.dll
Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\dsquery.dll
Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\dsquery.dll
Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\dsuiext.dll
Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\dsuiext.dll
Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\mydocs.dll
Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\mydocs.dll
Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\mydocs.dll
Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\cscui.dll
Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\cscui.dll
Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\cscui.dll
Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\msagent\agentpsh.dll
Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\dfsshlex.dll
Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\photowiz.dll
Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\mmcshext.dll
Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\system32\cabview.dll
Fri Oct 07 23:37:57 2005 => Scanning File C:\PROGRA~1\OUTLOO~1\wabfind.dll
Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\wmpshell.dll
Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\wmpshell.dll
Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\wmpshell.dll
Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\Audiodev.dll
Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\Audiodev.dll
Fri Oct 07 23:37:57 2005 => Scanning File C:\Programme\ICQLite\ICQLiteShell.dll
Fri Oct 07 23:37:57 2005 => Scanning File C:\Programme\WinRAR\rarext.dll
Fri Oct 07 23:37:57 2005 => Scanning File C:\PROGRA~1\TUNEUP~1\sdshelex.dll
Fri Oct 07 23:37:57 2005 => Scanning File C:\PROGRA~1\ALCOHO~1\ALCOHO~1\AXShlEx.dll
Fri Oct 07 23:37:58 2005 => *** File C:\WINDOWS\System32\nvcpl.dll having Size Restriction ***. Filesize 7036 kb > 3072 kb...
Fri Oct 07 23:37:58 2005 => Scanning File C:\WINDOWS\System32\nvcpl.dll [**]
Fri Oct 07 23:37:58 2005 => Scanning File C:\WINDOWS\System32\nvshell.dll
Fri Oct 07 23:37:58 2005 => Scanning File C:\WINDOWS\System32\nvshell.dll
Fri Oct 07 23:37:58 2005 => Scanning File C:\WINDOWS\System32\nvshell.dll
Fri Oct 07 23:37:58 2005 => Scanning File C:\PROGRA~1\GEMEIN~1\Ahead\Lib\NERODI~1.DLL
Fri Oct 07 23:37:58 2005 => Scanning File C:\PROGRA~1\GEMEIN~1\Ahead\Lib\NERODI~1.DLL
Fri Oct 07 23:37:58 2005 => *** File C:\WINDOWS\System32\nvcpl.dll having Size Restriction ***. Filesize 7036 kb > 3072 kb...
Fri Oct 07 23:37:58 2005 => Scanning File C:\WINDOWS\System32\nvcpl.dll [**]
Fri Oct 07 23:37:58 2005 => Scanning File C:\PROGRA~1\STEGAN~1\SSCtxMnu.dll

Fri Oct 07 23:37:58 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
Fri Oct 07 23:37:58 2005 => Scanning File C:\PROGRA~1\Agnitum\OUTPOS~1\wl_hook.dll

Fri Oct 07 23:37:58 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
Fri Oct 07 23:37:58 2005 => Scanning File C:\WINDOWS\Explorer.exe
Fri Oct 07 23:37:58 2005 => Scanning File C:\WINDOWS\system32\userinit.exe
Fri Oct 07 23:37:58 2005 => Scanning File C:\WINDOWS\system32\dskquota.dll
Fri Oct 07 23:37:58 2005 => Scanning File C:\WINDOWS\system32\scecli.dll
Fri Oct 07 23:37:58 2005 => Scanning File C:\WINDOWS\system32\iedkcs32.dll
Fri Oct 07 23:37:58 2005 => Scanning File C:\WINDOWS\system32\scecli.dll
Fri Oct 07 23:37:58 2005 => Scanning File C:\WINDOWS\system32\crypt32.dll
Fri Oct 07 23:37:58 2005 => Scanning File C:\WINDOWS\system32\cryptnet.dll
Fri Oct 07 23:37:58 2005 => Scanning File C:\WINDOWS\system32\cscdll.dll
Fri Oct 07 23:37:58 2005 => Scanning File C:\WINDOWS\system32\wlnotify.dll
Fri Oct 07 23:37:58 2005 => Scanning File C:\WINDOWS\system32\wlnotify.dll
Fri Oct 07 23:37:58 2005 => Scanning File C:\WINDOWS\system32\sclgntfy.dll
Fri Oct 07 23:37:58 2005 => Scanning File C:\WINDOWS\system32\WlNotify.dll
Fri Oct 07 23:37:58 2005 => Scanning File C:\WINDOWS\system32\wlnotify.dll
Fri Oct 07 23:37:58 2005 => Scanning File C:\WINDOWS\system32\wlnotify.dll

Fri Oct 07 23:37:58 2005 => Scanning HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon

Fri Oct 07 23:37:59 2005 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System

Fri Oct 07 23:37:59 2005 => Scanning HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows

Fri Oct 07 23:37:59 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AEDEBUG
Fri Oct 07 23:37:59 2005 => Scanning File C:\WINDOWS\system32\drwtsn32.exe

Fri Oct 07 23:37:59 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
Fri Oct 07 23:37:59 2005 => Scanning File C:\WINDOWS\system32\ntsd.exe

Fri Oct 07 23:37:59 2005 => Scanning HKCU\Control Panel\Desktop
Fri Oct 07 23:37:59 2005 => *** File C:\WINDOWS\RESOUR~1\SCREEN~1\SKYROC~1.SCR having Size Restriction ***. Filesize 5768 kb > 3072 kb...
Fri Oct 07 23:37:59 2005 => Scanning File C:\WINDOWS\RESOUR~1\SCREEN~1\SKYROC~1.SCR [**]

Fri Oct 07 23:37:59 2005 => Scanning HKLM\SYSTEM\CurrentControlSet\Control\WOW
Fri Oct 07 23:37:59 2005 => Scanning File C:\WINDOWS\system32\ntvdm.exe
Fri Oct 07 23:37:59 2005 => Scanning File C:\WINDOWS\system32\ntvdm.exe

Fri Oct 07 23:37:59 2005 => Scanning HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components
Fri Oct 07 23:37:59 2005 => Scanning File C:\WINDOWS\inf\unregmp2.exe
Fri Oct 07 23:37:59 2005 => Scanning File C:\WINDOWS\system32\RunDLL32.exe
Fri Oct 07 23:38:00 2005 => Scanning File C:\WINDOWS\system32\regsvr32.exe
Fri Oct 07 23:38:00 2005 => Scanning File C:\PROGRA~1\OUTLOO~1\setup50.exe
Fri Oct 07 23:38:00 2005 => Scanning File C:\WINDOWS\system32\rundll32.exe
Fri Oct 07 23:38:00 2005 => Scanning File C:\WINDOWS\system32\rundll32.exe
Fri Oct 07 23:38:00 2005 => Scanning File C:\WINDOWS\system32\rundll32.exe
Fri Oct 07 23:38:00 2005 => Scanning File C:\PROGRA~1\OUTLOO~1\setup50.exe
Fri Oct 07 23:38:00 2005 => Scanning File C:\WINDOWS\system32\regsvr32.exe
Fri Oct 07 23:38:00 2005 => Scanning File C:\WINDOWS\system32\ie4uinit.exe
Fri Oct 07 23:38:00 2005 => Scanning File C:\WINDOWS\system32\rundll32.exe

Fri Oct 07 23:38:00 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run

Fri Oct 07 23:38:00 2005 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run

Fri Oct 07 23:38:00 2005 => Scanning HKLM\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Run

Fri Oct 07 23:38:00 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Run

Fri Oct 07 23:38:00 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Fri Oct 07 23:38:00 2005 => Scanning File C:\PROGRA~1\Agnitum\OUTPOS~1\outpost.exe
Fri Oct 07 23:38:00 2005 => Scanning File C:\Programme\ICQLite\ICQLite.exe
Fri Oct 07 23:38:01 2005 => Scanning File C:\Programme\AVPersonal\AVGNT.EXE
Fri Oct 07 23:38:01 2005 => Scanning File C:\Programme\Java\jre1.5.0_02\bin\jusched.exe
Fri Oct 07 23:38:01 2005 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\SECURI~1\UsrPrmpt.exe
Fri Oct 07 23:38:01 2005 => Scanning File C:\PROGRA~1\SYMNET~1\SNDMon.exe
Fri Oct 07 23:38:01 2005 => Scanning File C:\WINDOWS\System32\NeroCheck.exe
Fri Oct 07 23:38:01 2005 => Scanning File C:\WINDOWS\system32\RUNDLL32.EXE
Fri Oct 07 23:38:01 2005 => Scanning File C:\WINDOWS\system32\nwiz.exe
Fri Oct 07 23:38:02 2005 => Scanning File C:\WINDOWS\system32\RUNDLL32.EXE
Fri Oct 07 23:38:02 2005 => Scanning File C:\Programme\SlySoft\CloneCD\CloneCDTray.exe
Fri Oct 07 23:38:02 2005 => *** File C:\PROGRA~1\STEGAN~1\SASPY2~1.EXE having Size Restriction ***. Filesize 3179 kb > 3072 kb...
Fri Oct 07 23:38:02 2005 => Scanning File C:\PROGRA~1\STEGAN~1\SASPY2~1.EXE [**]
Fri Oct 07 23:38:02 2005 => Scanning File C:\Programme\eScan\LAUNCH.EXE
Fri Oct 07 23:38:02 2005 => Scanning File C:\PROGRA~1\eScan\TRAYICOS.EXE
Fri Oct 07 23:38:02 2005 => Scanning File C:\PROGRA~1\eScan\AVPMWrap.EXE

Fri Oct 07 23:38:02 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce

Fri Oct 07 23:38:02 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx

Fri Oct 07 23:38:02 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices

Fri Oct 07 23:38:02 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce

Fri Oct 07 23:38:02 2005 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Fri Oct 07 23:38:02 2005 => Scanning File C:\WINDOWS\System32\ctfmon.exe
Fri Oct 07 23:38:03 2005 => *** File C:\PROGRA~1\MSNMES~1\MsnMsgr.Exe having Size Restriction ***. Filesize 6916 kb > 3072 kb...
Fri Oct 07 23:38:03 2005 => Scanning File C:\PROGRA~1\MSNMES~1\MsnMsgr.Exe [**]
Fri Oct 07 23:38:03 2005 => Scanning File C:\Programme\TGTSoft\StyleXP\StyleXP.exe
Fri Oct 07 23:38:03 2005 => Scanning File d:\programme\valve\steam\steam.exe
Fri Oct 07 23:38:03 2005 => Scanning File C:\PROGRA~1\GEMEIN~1\Ahead\lib\NMBGMO~1.EXE

Fri Oct 07 23:38:03 2005 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce

Fri Oct 07 23:38:03 2005 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx

Fri Oct 07 23:38:03 2005 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices

Fri Oct 07 23:38:03 2005 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\Setup

Fri Oct 07 23:38:03 2005 => Scanning HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Fri Oct 07 23:38:03 2005 => Scanning File C:\WINDOWS\System32\CTFMON.EXE

Fri Oct 07 23:38:03 2005 => Scanning HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce

Fri Oct 07 23:38:03 2005 => Scanning HKCR\txtfile\shell\open\command

Fri Oct 07 23:38:04 2005 => Scanning HKCR\comfile\shell\open\command

Fri Oct 07 23:38:04 2005 => Scanning HKCR\exefile\shell\open\command

Fri Oct 07 23:38:04 2005 => Scanning HKCR\dllfile\shell\open\command

Fri Oct 07 23:38:04 2005 => Scanning HKCR\batfile\shell\open\command

Fri Oct 07 23:38:04 2005 => Scanning HKCR\piffile\shell\open\command

Fri Oct 07 23:38:04 2005 => Scanning HKCR\scrfile\shell\open\command

Fri Oct 07 23:38:04 2005 => Scanning HKCR\scrfile\shell\config\command

Fri Oct 07 23:38:04 2005 => Scanning HKCR\regfile\shell\open\command

Fri Oct 07 23:38:04 2005 => Scanning HKCR\htmlfile\shell\open\command
Fri Oct 07 23:38:04 2005 => Scanning File C:\PROGRA~1\INTERN~1\iexplore.exe

Fri Oct 07 23:38:04 2005 => Scanning HKCR\htafile\shell\open\command
Fri Oct 07 23:38:04 2005 => Scanning File C:\WINDOWS\System32\mshta.exe

Fri Oct 07 23:38:04 2005 => Scanning HKCR\jsfile\shell\open\command
Fri Oct 07 23:38:04 2005 => Scanning File C:\WINDOWS\System32\WScript.exe

Fri Oct 07 23:38:05 2005 => Scanning HKCR\jsefile\shell\open\command
Fri Oct 07 23:38:05 2005 => Scanning File C:\WINDOWS\System32\WScript.exe

Fri Oct 07 23:38:05 2005 => Scanning HKCR\vbsfile\shell\open\command
Fri Oct 07 23:38:05 2005 => Scanning File C:\WINDOWS\System32\WScript.exe

Fri Oct 07 23:38:05 2005 => Scanning HKCR\vbefile\shell\open\command
Fri Oct 07 23:38:05 2005 => Scanning File C:\WINDOWS\System32\WScript.exe

Fri Oct 07 23:38:05 2005 => Scanning HKCR\wshfile\shell\open\command
Fri Oct 07 23:38:05 2005 => Scanning File C:\WINDOWS\System32\WScript.exe

Fri Oct 07 23:38:05 2005 => Scanning HKCR\wsffile\shell\open\command
Fri Oct 07 23:38:05 2005 => Scanning File C:\WINDOWS\System32\WScript.exe

Fri Oct 07 23:38:05 2005 => ***** Scanning StartUp Folders *****

Fri Oct 07 23:38:05 2005 => ***** Scanning C:\Dokumente und Einstellungen\sack\Startmenü\Programme\Autostart Folder *****
Fri Oct 07 23:38:05 2005 => Scanning Folder: C:\Dokumente und Einstellungen\sack\Startmenü\Programme\Autostart\*.*
Fri Oct 07 23:38:05 2005 => Scanning File C:\Dokumente und Einstellungen\sack\Startmenü\Programme\Autostart\desktop.ini [**]

Fri Oct 07 23:38:05 2005 => ***** Scanning C:\Dokumente und Einstellungen\sack\Desktop Folder *****
Fri Oct 07 23:38:05 2005 => Scanning Folder: C:\Dokumente und Einstellungen\sack\Desktop\*.*
Fri Oct 07 23:38:06 2005 => Scanning File C:\Dokumente und Einstellungen\sack\Desktop\BitComet.lnk
Fri Oct 07 23:38:06 2005 => Scanning File C:\Dokumente und Einstellungen\sack\Desktop\BPM Studio 4 Profi.lnk
Fri Oct 07 23:38:06 2005 => Scanning File C:\Dokumente und Einstellungen\sack\Desktop\ClearProg.lnk
Fri Oct 07 23:38:06 2005 => Scanning File C:\Dokumente und Einstellungen\sack\Desktop\config.cfg [**]
Fri Oct 07 23:38:06 2005 => Scanning File C:\Dokumente und Einstellungen\sack\Desktop\Fable.exe.lnk
Fri Oct 07 23:38:06 2005 => Scanning File C:\Dokumente und Einstellungen\sack\Desktop\FireBurner.lnk
Fri Oct 07 23:38:06 2005 => Scanning File C:\Dokumente und Einstellungen\sack\Desktop\GeForceTweakUtility.lnk
Fri Oct 07 23:38:06 2005 => Scanning File C:\Dokumente und Einstellungen\sack\Desktop\IsoBuster.lnk
Fri Oct 07 23:38:06 2005 => Scanning File C:\Dokumente und Einstellungen\sack\Desktop\MotoGP URT 3.lnk
Fri Oct 07 23:38:06 2005 => Scanning File C:\Dokumente und Einstellungen\sack\Desktop\Neu Textdokument.txt [**]
Fri Oct 07 23:38:06 2005 => Scanning File C:\Dokumente und Einstellungen\sack\Desktop\soundmisc1.cfg [**]
Fri Oct 07 23:38:06 2005 => Scanning File C:\Dokumente und Einstellungen\sack\Desktop\Spybot - Search & Destroy.lnk
Fri Oct 07 23:38:06 2005 => Scanning File C:\Dokumente und Einstellungen\sack\Desktop\Start Gamers.IRC.lnk
Fri Oct 07 23:38:06 2005 => Scanning File C:\Dokumente und Einstellungen\sack\Desktop\Steamstarter.lnk
Fri Oct 07 23:38:06 2005 => Scanning File C:\Dokumente und Einstellungen\sack\Desktop\TeamSpeak 2 RC2.lnk
Fri Oct 07 23:38:06 2005 => Scanning File C:\Dokumente und Einstellungen\sack\Desktop\Verknüpfung mit Azureus.exe.lnk
Fri Oct 07 23:38:06 2005 => Scanning File C:\Dokumente und Einstellungen\sack\Desktop\Verknüpfung mit cdeath.lnk
Fri Oct 07 23:38:06 2005 => Scanning File C:\Dokumente und Einstellungen\sack\Desktop\Verknüpfung mit hlsw.lnk
Fri Oct 07 23:38:06 2005 => Scanning File C:\Dokumente und Einstellungen\sack\Desktop\Verknüpfung mit saspy2006safe_Loader.exe.lnk
Fri Oct 07 23:38:06 2005 => Scanning File C:\Dokumente und Einstellungen\sack\Desktop\Verknüpfung mit saspy2006_Loader.exe.lnk
Fri Oct 07 23:38:06 2005 => Scanning File C:\Dokumente und Einstellungen\sack\Desktop\Verknüpfung mit Steam.exe.lnk
Fri Oct 07 23:38:06 2005 => Scanning File C:\Dokumente und Einstellungen\sack\Desktop\Verknüpfung mit Stronghold2.exe.lnk
Fri Oct 07 23:38:06 2005 => Scanning File C:\Dokumente und Einstellungen\sack\Desktop\VirtuallyJenna.lnk

Fri Oct 07 23:38:06 2005 => ***** Scanning C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart Folder *****
Fri Oct 07 23:38:06 2005 => Scanning Folder: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\*.*
Fri Oct 07 23:38:06 2005 => Scanning File C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini [**]

Fri Oct 07 23:38:07 2005 => ***** Scanning Service Files *****
Fri Oct 07 23:38:07 2005 => Scanning HKLM\SYSTEM\CurrentControlSet\Services
Fri Oct 07 23:38:07 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\a347bus.sys
Fri Oct 07 23:38:07 2005 => Scanning File C:\WINDOWS\System32\Drivers\a347scsi.sys
Fri Oct 07 23:38:07 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\ACPI.sys
Fri Oct 07 23:38:07 2005 => Scanning File C:\PROGRA~1\AGNITUM\OUTPOS~1\KERNEL\ADBLOCK.DLL
Fri Oct 07 23:38:07 2005 => Scanning File C:\WINDOWS\System32\drivers\aec.sys
Fri Oct 07 23:38:07 2005 => Scanning File C:\WINDOWS\System32\drivers\afd.sys
Fri Oct 07 23:38:07 2005 => Scanning File C:\WINDOWS\System32\drivers\ALCXSENS.SYS
Fri Oct 07 23:38:07 2005 => Scanning File C:\WINDOWS\System32\drivers\ALCXWDM.SYS
Fri Oct 07 23:38:07 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Oct 07 23:38:07 2005 => Scanning File C:\WINDOWS\System32\alg.exe
Fri Oct 07 23:38:07 2005 => Scanning File C:\PROGRAMME\AVPERSONAL\AVGUARD.EXE
Fri Oct 07 23:38:07 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Fri Oct 07 23:38:07 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\asyncmac.sys
Fri Oct 07 23:38:07 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\atapi.sys
Fri Oct 07 23:38:07 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\atmarpc.sys
Fri Oct 07 23:38:08 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Oct 07 23:38:08 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\audstub.sys
Fri Oct 07 23:38:08 2005 => Scanning File C:\PROGRAMME\AVPERSONAL\AVGNTDW.SYS
Fri Oct 07 23:38:08 2005 => Scanning File C:\Programme\AVPersonal\AVWUPSRV.EXE
Fri Oct 07 23:38:08 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Oct 07 23:38:08 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Oct 07 23:38:08 2005 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\ccEvtMgr.exe
Fri Oct 07 23:38:08 2005 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\ccPwdSvc.exe
Fri Oct 07 23:38:08 2005 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\ccSetMgr.exe
Fri Oct 07 23:38:08 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\cdrom.sys
Fri Oct 07 23:38:08 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\cfosspeed.sys
Fri Oct 07 23:38:08 2005 => Scanning File C:\WINDOWS\System32\cisvc.exe
Fri Oct 07 23:38:08 2005 => Scanning File C:\WINDOWS\system32\clipsrv.exe
Fri Oct 07 23:38:08 2005 => Scanning File C:\WINDOWS\System32\dllhost.exe
Fri Oct 07 23:38:08 2005 => Scanning File C:\PROGRA~1\AGNITUM\OUTPOS~1\KERNEL\CONTENT.DLL
Fri Oct 07 23:38:08 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Fri Oct 07 23:38:08 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Oct 07 23:38:08 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\disk.sys
Fri Oct 07 23:38:08 2005 => Scanning File C:\WINDOWS\System32\dmadmin.exe
Fri Oct 07 23:38:08 2005 => Scanning File C:\WINDOWS\System32\drivers\dmboot.sys
Fri Oct 07 23:38:08 2005 => Scanning File C:\WINDOWS\System32\drivers\dmio.sys
Fri Oct 07 23:38:08 2005 => Scanning File C:\WINDOWS\System32\drivers\dmload.sys
Fri Oct 07 23:38:08 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Oct 07 23:38:08 2005 => Scanning File C:\WINDOWS\System32\drivers\DMusic.sys
Fri Oct 07 23:38:09 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Oct 07 23:38:09 2005 => Scanning File C:\PROGRA~1\AGNITUM\OUTPOS~1\KERNEL\DNSCACHE.DLL
Fri Oct 07 23:38:09 2005 => Scanning File C:\WINDOWS\System32\drivers\drmkaud.sys
Fri Oct 07 23:38:09 2005 => Scanning File C:\WINDOWS\System32\Drivers\ElbyCDFL.sys
Fri Oct 07 23:38:09 2005 => Scanning File C:\WINDOWS\System32\Drivers\ElbyCDIO.sys
Fri Oct 07 23:38:09 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Oct 07 23:38:09 2005 => Scanning File C:\PROGRA~1\eScan\TRAYSSER.EXE
Fri Oct 07 23:38:09 2005 => Scanning File C:\WINDOWS\system32\services.exe
Fri Oct 07 23:38:09 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Oct 07 23:38:09 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Oct 07 23:38:09 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\fdc.sys
Fri Oct 07 23:38:09 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\flpydisk.sys
Fri Oct 07 23:38:09 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\ftdisk.sys
Fri Oct 07 23:38:09 2005 => Scanning File C:\PROGRA~1\AGNITUM\OUTPOS~1\KERNEL\FTPFILT.DLL
Fri Oct 07 23:38:09 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\gameenum.sys
Fri Oct 07 23:38:09 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\msgpc.sys
Fri Oct 07 23:38:09 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Oct 07 23:38:09 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Oct 07 23:38:09 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\hidusb.sys
Fri Oct 07 23:38:09 2005 => Scanning File C:\PROGRA~1\AGNITUM\OUTPOS~1\KERNEL\HTMLFILT.DLL
Fri Oct 07 23:38:09 2005 => Scanning File C:\PROGRA~1\AGNITUM\OUTPOS~1\KERNEL\HTTPFILT.DLL
Fri Oct 07 23:38:09 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\i8042prt.sys
Fri Oct 07 23:38:09 2005 => Scanning File C:\PROGRA~1\GEMEIN~1\INSTAL~1\Driver\1050\INTEL3~1\IDriverT.exe
Fri Oct 07 23:38:09 2005 => Scanning File C:\PROGRA~1\AGNITUM\OUTPOS~1\KERNEL\IMAPFILT.DLL
Fri Oct 07 23:38:09 2005 => Scanning File C:\WINDOWS\System32\imapi.exe
Fri Oct 07 23:38:09 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys
Fri Oct 07 23:38:09 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\ipinip.sys
Fri Oct 07 23:38:10 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\ipnat.sys
Fri Oct 07 23:38:10 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\ipsec.sys
Fri Oct 07 23:38:10 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\irenum.sys
Fri Oct 07 23:38:10 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\isapnp.sys
Fri Oct 07 23:38:10 2005 => Scanning File C:\PROGRA~1\eScan\avpm.exe
Fri Oct 07 23:38:10 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\kbdclass.sys
Fri Oct 07 23:38:10 2005 => Scanning File C:\WINDOWS\SYSTEM32\DRIVERS\KLIF.SYS
Fri Oct 07 23:38:10 2005 => Scanning File C:\WINDOWS\System32\drivers\kmixer.sys
Fri Oct 07 23:38:10 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\L8042Kbd.sys
Fri Oct 07 23:38:10 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Oct 07 23:38:10 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Oct 07 23:38:10 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\LHidKE.Sys
Fri Oct 07 23:38:10 2005 => Scanning File C:\WINDOWS\System32\Drivers\LHidUsbK.Sys
Fri Oct 07 23:38:10 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Oct 07 23:38:10 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\LMouKE.Sys
Fri Oct 07 23:38:10 2005 => Scanning File C:\PROGRA~1\AGNITUM\OUTPOS~1\KERNEL\MAILFILT.DLL
Fri Oct 07 23:38:10 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Oct 07 23:38:10 2005 => Scanning File C:\WINDOWS\System32\mnmsrvc.exe
Fri Oct 07 23:38:10 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\mouclass.sys
Fri Oct 07 23:38:11 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\mouhid.sys
Fri Oct 07 23:38:11 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\mrxdav.sys
Fri Oct 07 23:38:11 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\mrxsmb.sys
Fri Oct 07 23:38:11 2005 => Scanning File C:\WINDOWS\System32\msdtc.exe
Fri Oct 07 23:38:11 2005 => Scanning File C:\WINDOWS\System32\msiexec.exe
Fri Oct 07 23:38:11 2005 => Scanning File C:\WINDOWS\System32\drivers\MSKSSRV.sys
Fri Oct 07 23:38:11 2005 => Scanning File C:\WINDOWS\System32\drivers\MSPCLOCK.sys
Fri Oct 07 23:38:11 2005 => Scanning File C:\WINDOWS\System32\drivers\MSPQM.sys
Fri Oct 07 23:38:11 2005 => Scanning File C:\WINDOWS\System32\drivers\msmpu401.sys
Fri Oct 07 23:38:11 2005 => Scanning File C:\PROGRA~1\NORTON~1\navapsvc.exe
Fri Oct 07 23:38:11 2005 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\VIRUSD~1\20051007.016\NAVENG.SYS
Fri Oct 07 23:38:11 2005 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\VIRUSD~1\20051007.016\NAVEX15.SYS
Fri Oct 07 23:38:11 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\ndistapi.sys
Fri Oct 07 23:38:11 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\ndisuio.sys
Fri Oct 07 23:38:11 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\ndiswan.sys
Fri Oct 07 23:38:11 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\netbios.sys
Fri Oct 07 23:38:11 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\netbt.sys
Fri Oct 07 23:38:12 2005 => Scanning File C:\WINDOWS\system32\netdde.exe
Fri Oct 07 23:38:12 2005 => Scanning File C:\WINDOWS\system32\netdde.exe
Fri Oct 07 23:38:12 2005 => Scanning File C:\WINDOWS\System32\lsass.exe
Fri Oct 07 23:38:12 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Oct 07 23:38:12 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Oct 07 23:38:12 2005 => Scanning File C:\PROGRA~1\AGNITUM\OUTPOS~1\KERNEL\NNTPFILT.DLL
Fri Oct 07 23:38:12 2005 => Scanning File C:\PROGRA~1\NORTON~1\IWP\NPFMntor.exe
Fri Oct 07 23:38:12 2005 => Scanning File C:\WINDOWS\System32\lsass.exe
Fri Oct 07 23:38:12 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Fri Oct 07 23:38:12 2005 => *** File C:\WINDOWS\System32\DRIVERS\nv4_mini.sys having Size Restriction ***. Filesize 3408 kb > 3072 kb...

Fri Oct 07 23:38:12 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [**]
Fri Oct 07 23:38:12 2005 => Scanning File C:\WINDOWS\System32\nvsvc32.exe
Fri Oct 07 23:38:12 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys
Fri Oct 07 23:38:12 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys
Fri Oct 07 23:38:12 2005 => Scanning File C:\WINDOWS\System32\oodag.exe
Fri Oct 07 23:38:12 2005 => Scanning File C:\PROGRA~1\Agnitum\OUTPOS~1\outpost.exe
Fri Oct 07 23:38:12 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\parport.sys
Fri Oct 07 23:38:12 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\pci.sys
Fri Oct 07 23:38:12 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\pciide.sys
Fri Oct 07 23:38:12 2005 => Scanning File C:\WINDOWS\system32\services.exe
Fri Oct 07 23:38:12 2005 => Scanning File C:\WINDOWS\System32\lsass.exe
Fri Oct 07 23:38:12 2005 => Scanning File C:\PROGRA~1\AGNITUM\OUTPOS~1\KERNEL\POP3FILT.DLL
Fri Oct 07 23:38:12 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\raspptp.sys
Fri Oct 07 23:38:12 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\processr.sys
Fri Oct 07 23:38:12 2005 => Scanning File C:\PROGRA~1\AGNITUM\OUTPOS~1\KERNEL\PROTECT.DLL
Fri Oct 07 23:38:12 2005 => Scanning File C:\WINDOWS\system32\lsass.exe
Fri Oct 07 23:38:12 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\psched.sys
Fri Oct 07 23:38:12 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\ptilink.sys
Fri Oct 07 23:38:12 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\PxHelp20.sys
Fri Oct 07 23:38:13 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\rasacd.sys
Fri Oct 07 23:38:13 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Oct 07 23:38:13 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\rasl2tp.sys
Fri Oct 07 23:38:13 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Oct 07 23:38:13 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\raspppoe.sys
Fri Oct 07 23:38:13 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\raspti.sys
Fri Oct 07 23:38:13 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\rdbss.sys
Fri Oct 07 23:38:13 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
Fri Oct 07 23:38:13 2005 => Scanning File C:\WINDOWS\system32\sessmgr.exe
Fri Oct 07 23:38:13 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\redbook.sys
Fri Oct 07 23:38:13 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Oct 07 23:38:13 2005 => Scanning File C:\WINDOWS\System32\Drivers\RootMdm.sys
Fri Oct 07 23:38:13 2005 => Scanning File C:\WINDOWS\System32\locator.exe
Fri Oct 07 23:38:13 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Fri Oct 07 23:38:13 2005 => Scanning File C:\WINDOWS\System32\rsvp.exe
Fri Oct 07 23:38:13 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\RTL8139.SYS
Fri Oct 07 23:38:13 2005 => Scanning File C:\WINDOWS\system32\lsass.exe
Fri Oct 07 23:38:13 2005 => Scanning File C:\PROGRA~1\NORTON~1\SAVRT.SYS
Fri Oct 07 23:38:13 2005 => Scanning File C:\PROGRA~1\NORTON~1\SAVRTPEL.SYS
Fri Oct 07 23:38:13 2005 => Scanning File C:\PROGRA~1\NORTON~1\SAVScan.exe
Fri Oct 07 23:38:13 2005 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\SCRIPT~1\SBServ.exe
Fri Oct 07 23:38:13 2005 => Scanning File C:\WINDOWS\System32\SCardSvr.exe
Fri Oct 07 23:38:13 2005 => Scanning File C:\WINDOWS\System32\SCardSvr.exe
Fri Oct 07 23:38:13 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Oct 07 23:38:13 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\secdrv.sys
Fri Oct 07 23:38:13 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Oct 07 23:38:13 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Fri Oct 07 23:38:13 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\serenum.sys
Fri Oct 07 23:38:13 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\serial.sys
Fri Oct 07 23:38:13 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Oct 07 23:38:13 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Oct 07 23:38:13 2005 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\SNDSrvc.exe
Fri Oct 07 23:38:14 2005 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\SPBBC\SPBBCDRV.SYS
Fri Oct 07 23:38:14 2005 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\SPBBC\SPBBCSvc.exe
Fri Oct 07 23:38:14 2005 => Scanning File C:\WINDOWS\System32\drivers\splitter.sys
Fri Oct 07 23:38:14 2005 => Scanning File C:\WINDOWS\system32\spoolsv.exe
Fri Oct 07 23:38:14 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\sr.sys
Fri Oct 07 23:38:14 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Oct 07 23:38:14 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\srv.sys
Fri Oct 07 23:38:14 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Oct 07 23:38:14 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Oct 07 23:38:14 2005 => Scanning File C:\PROGRAMME\TGTSOFT\STYLEXP\STYLEXPHELPER.EXE
Fri Oct 07 23:38:14 2005 => Scanning File C:\Programme\TGTSoft\StyleXP\StyleXPService.exe
Fri Oct 07 23:38:14 2005 => Scanning File C:\PROGRA~1\STEGAN~1\WRSSSDK.exe
Fri Oct 07 23:38:14 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\swenum.sys
Fri Oct 07 23:38:14 2005 => Scanning File C:\WINDOWS\System32\drivers\swmidi.sys
Fri Oct 07 23:38:14 2005 => Scanning File C:\WINDOWS\System32\dllhost.exe
Fri Oct 07 23:38:14 2005 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\CCPD-LC\symlcsvc.exe
Fri Oct 07 23:38:14 2005 => Scanning File C:\WINDOWS\System32\Drivers\SYMDNS.SYS
Fri Oct 07 23:38:14 2005 => Scanning File C:\PROGRAMME\SYMANTEC\SYMEVENT.SYS
Fri Oct 07 23:38:15 2005 => Scanning File C:\WINDOWS\System32\Drivers\SYMFW.SYS
Fri Oct 07 23:38:15 2005 => Scanning File C:\WINDOWS\System32\Drivers\SYMIDS.SYS
Fri Oct 07 23:38:15 2005 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\SYMCDATA\IDS-DI~1\20050901.036\SYMIDSCO.SYS
Fri Oct 07 23:38:15 2005 => Scanning File C:\WINDOWS\SYSTEM32\DRIVERS\SYMLCBRD.SYS
Fri Oct 07 23:38:15 2005 => Scanning File C:\WINDOWS\System32\Drivers\SYMNDIS.SYS
Fri Oct 07 23:38:15 2005 => Scanning File C:\WINDOWS\System32\Drivers\SYMREDRV.SYS
Fri Oct 07 23:38:15 2005 => Scanning File C:\WINDOWS\System32\Drivers\SYMTDI.SYS
Fri Oct 07 23:38:15 2005 => Scanning File C:\WINDOWS\System32\drivers\sysaudio.sys
Fri Oct 07 23:38:15 2005 => Scanning File C:\WINDOWS\system32\smlogsvc.exe
Fri Oct 07 23:38:15 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Oct 07 23:38:15 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\tcpip.sys
Fri Oct 07 23:38:15 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\termdd.sys
Fri Oct 07 23:38:15 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Oct 07 23:38:15 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Oct 07 23:38:15 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Fri Oct 07 23:38:15 2005 => Scanning File C:\PROGRA~1\TUNEUP~1\WINSTY~2.EXE
Fri Oct 07 23:38:15 2005 => Scanning File C:\WINDOWS\System32\wdfmgr.exe
Fri Oct 07 23:38:15 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\update.sys
Fri Oct 07 23:38:15 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Oct 07 23:38:15 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Oct 07 23:38:15 2005 => Scanning File C:\WINDOWS\System32\ups.exe
Fri Oct 07 23:38:15 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\usbhub.sys
Fri Oct 07 23:38:15 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\usbohci.sys
Fri Oct 07 23:38:15 2005 => Scanning File C:\PROGRA~1\AGNITUM\OUTPOS~1\KERNEL\FILTNT.SYS
Fri Oct 07 23:38:16 2005 => Scanning File C:\WINDOWS\System32\drivers\vga.sys
Fri Oct 07 23:38:16 2005 => Scanning File C:\WINDOWS\System32\vssvc.exe
Fri Oct 07 23:38:16 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Oct 07 23:38:16 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\wanarp.sys
Fri Oct 07 23:38:16 2005 => Scanning File C:\WINDOWS\System32\drivers\wdmaud.sys
Fri Oct 07 23:38:16 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Oct 07 23:38:16 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Fri Oct 07 23:38:16 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Oct 07 23:38:16 2005 => Scanning File C:\WINDOWS\System32\wbem\wmiapsrv.exe
Fri Oct 07 23:38:16 2005 => Scanning File C:\WINDOWS\System32\drivers\ws2ifsl.sys
Fri Oct 07 23:38:16 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Fri Oct 07 23:38:16 2005 => Scanning File C:\WINDOWS\System32\svchost.exe

Fri Oct 07 23:38:16 2005 => Scanning HKLM\SYSTEM\CurrentControlSet\Services\VxD

Fri Oct 07 23:38:16 2005 => ***** Scanning Registry and File system for Adware/Spyware *****
Fri Oct 07 23:38:16 2005 => Loading Spyware Signatures from new External Database (Size: 144406).
Fri Oct 07 23:38:17 2005 => Indexed Spyware Databases Successfully Created...

Fri Oct 07 23:38:18 2005 => Offending Key found: HKLM\Software\gnu !!!
Fri Oct 07 23:38:29 2005 => Object "bearshare Spyware/Adware" found in File System! Action Taken: No Action Taken.

Fri Oct 07 23:38:29 2005 => Offending Key found: HKLM\Software\kazaa !!!
Fri Oct 07 23:38:29 2005 => Object "kazaa Spyware/Adware" found in File System! Action Taken: No Action Taken.

Fri Oct 07 23:38:29 2005 => Offending Key found: HKCU\Software\gnu !!!
Fri Oct 07 23:38:29 2005 => Object "bearshare Spyware/Adware" found in File System! Action Taken: No Action Taken.

Fri Oct 07 23:38:29 2005 => Offending Key found: HKCU\Software\kazaa !!!
Fri Oct 07 23:38:29 2005 => Object "kazaa Spyware/Adware" found in File System! Action Taken: No Action Taken.

Fri Oct 07 23:38:29 2005 => Offending Key found: HKCU\Software\maxthon !!!
Fri Oct 07 23:38:29 2005 => Object "abxtoolbar Spyware/Adware" found in File System! Action Taken: No Action Taken.

Fri Oct 07 23:38:31 2005 => Offending file found: C:\Dokumente und Einstellungen\sack\Eigene Dateien\stronghold 2\config.dat
Fri Oct 07 23:38:31 2005 => System found infected with startsurfing Spyware/Adware (config.dat)! Action taken: No Action Taken.

Fri Oct 07 23:38:32 2005 => Offending file found: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\symantec\common client\settings.dat
Fri Oct 07 23:38:32 2005 => System found infected with cydoor.topicks.a Spyware/Adware (settings.dat)! Action taken: No Action Taken.

hab mal einen kleinen teil hier rein gemacht wenn es dir hefen tut ansonsten habe ich dir ne mail geschrieben und danke für deine hilfe

Was soll der Unfug?
Lese die Anleitung nochmals genau durch und poste dann das mit der Datei find.bat erstellte Log.