| |
| |||||||
Log-Analyse und Auswertung: Hilfe habe einen Hijacker von ner ganz üblen SorteWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
28.06.2004, 16:15
| #6 |
| |  Hilfe habe einen Hijacker von ner ganz üblen Sorte Sun Jun 27 16:27:14 2004 => ********************************************************** Sun Jun 27 16:27:14 2004 => eScan AntiVirus Toolkit Utility. Sun Jun 27 16:27:14 2004 => Copyright © 2003-2004, MicroWorld Technologies Inc. Sun Jun 27 16:27:14 2004 => ********************************************************** Sun Jun 27 16:27:14 2004 => Version 4.2.4 Sun Jun 27 16:27:14 2004 => Log File: C:\DOKUME~1\Henning\LOKALE~1\Temp\mwav.log Sun Jun 27 16:27:14 2004 => Command Line Options Given: /s Sun Jun 27 16:27:28 2004 => Latest Date of files inside MWAV: 20 Jun 2004 15:17:25. Sun Jun 27 16:27:42 2004 => AV Library Loaded... Sun Jun 27 16:27:42 2004 => Scanning File C:\DOKUME~1\Henning\LOKALE~1\Temp\kavss.exe Sun Jun 27 16:27:42 2004 => Scanning File C:\DOKUME~1\Henning\LOKALE~1\Temp\Getvlist.exe Sun Jun 27 16:27:44 2004 => Scanning File C:\DOKUME~1\Henning\LOKALE~1\Temp\kavss.dll Sun Jun 27 16:27:45 2004 => Scanning File C:\DOKUME~1\Henning\LOKALE~1\Temp\kavssdi.dll Sun Jun 27 16:27:45 2004 => Scanning File C:\DOKUME~1\Henning\LOKALE~1\Temp\kavssi.dll Sun Jun 27 16:27:45 2004 => Scanning File C:\DOKUME~1\Henning\LOKALE~1\Temp\kavvlg.dll Sun Jun 27 16:27:46 2004 => Scanning File C:\DOKUME~1\Henning\LOKALE~1\Temp\msvlclnt.dll Sun Jun 27 16:27:46 2004 => Scanning File C:\DOKUME~1\Henning\LOKALE~1\Temp\ipc.dll Sun Jun 27 16:27:46 2004 => Scanning File C:\DOKUME~1\Henning\LOKALE~1\Temp\main.avi Sun Jun 27 16:27:46 2004 => Scanning File C:\DOKUME~1\Henning\LOKALE~1\Temp\virus.avi Sun Jun 27 16:27:48 2004 => ********************************************************** Sun Jun 27 16:27:48 2004 => eScan AntiVirus Toolkit Utility. Sun Jun 27 16:27:48 2004 => Copyright © 2003-2004, MicroWorld Technologies Inc. Sun Jun 27 16:27:48 2004 => Sun Jun 27 16:27:48 2004 => Support: support@mwti.net Sun Jun 27 16:27:48 2004 => Web: http://www.mwti.net Sun Jun 27 16:27:48 2004 => ********************************************************** Sun Jun 27 16:27:48 2004 => Version 4.2.4 Sun Jun 27 16:27:48 2004 => Log File: C:\DOKUME~1\Henning\LOKALE~1\Temp\mwav.log Sun Jun 27 16:27:48 2004 => Latest Date of files inside MWAV: 20 Jun 2004 15:17:25. Sun Jun 27 16:27:48 2004 => Options Selected by User: Sun Jun 27 16:27:48 2004 => Memory Check: Disabled Sun Jun 27 16:27:48 2004 => Registry Check: Disabled Sun Jun 27 16:27:48 2004 => StartUp Folder Check: Disabled Sun Jun 27 16:27:48 2004 => System Folder Check: Disabled Sun Jun 27 16:27:48 2004 => System Area Check: Disabled Sun Jun 27 16:27:48 2004 => Services Check: Disabled Sun Jun 27 16:27:48 2004 => Drive Check Option Disabled Sun Jun 27 16:27:48 2004 => Scanning Type: Scan And Clean Sun Jun 27 16:27:48 2004 => Folder Check: Disabled Sun Jun 27 16:27:50 2004 => ***** Scanning Memory Files ***** Sun Jun 27 16:27:50 2004 => Scanning File C:\WINDOWS\system32\services.exe Sun Jun 27 16:27:50 2004 => Scanning File C:\WINDOWS\system32\lsass.exe Sun Jun 27 16:27:50 2004 => Scanning File C:\WINDOWS\system32\svchost.exe Sun Jun 27 16:27:50 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Sun Jun 27 16:27:50 2004 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\ccSetMgr.exe Sun Jun 27 16:27:50 2004 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\ccEvtMgr.exe Sun Jun 27 16:27:50 2004 => Scanning File C:\WINDOWS\system32\spoolsv.exe Sun Jun 27 16:27:50 2004 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\ccProxy.exe Sun Jun 27 16:27:50 2004 => Scanning File C:\PROGRA~1\GEMEIN~1\EPSON\EBAPI\SAgent2.exe Sun Jun 27 16:27:50 2004 => Scanning File C:\PROGRA~1\NORTON~2\NORTON~4\GHOSTS~2.EXE Sun Jun 27 16:27:50 2004 => Scanning File C:\PROGRA~1\NORTON~2\NORTON~1\navapsvc.exe Sun Jun 27 16:27:51 2004 => Scanning File C:\PROGRA~1\NORTON~2\NORTON~2\NPROTECT.EXE Sun Jun 27 16:27:51 2004 => Scanning File C:\WINDOWS\System32\nvsvc32.exe Sun Jun 27 16:27:51 2004 => Scanning File C:\PROGRA~1\NORTON~2\NORTON~2\SPEEDD~1\NOPDB.EXE Sun Jun 27 16:27:52 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Sun Jun 27 16:27:52 2004 => Scanning File C:\PROGRA~1\NORTON~2\NORTON~1\SAVScan.exe Sun Jun 27 16:27:52 2004 => Scanning File C:\WINDOWS\Explorer.EXE Sun Jun 27 16:27:52 2004 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\ccApp.exe Sun Jun 27 16:27:52 2004 => Scanning File C:\DOKUME~1\Henning\LOKALE~1\Temp\mwavscan.com Sun Jun 27 16:27:52 2004 => Scanning File C:\PROGRA~1\Symantec\LIVEUP~1\SNDMon.EXE Sun Jun 27 16:27:52 2004 => Scanning File C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE Sun Jun 27 16:27:53 2004 => Scanning File C:\DOKUME~1\Henning\LOKALE~1\Temp\kavss.exe Sun Jun 27 16:27:53 2004 => ***** Scanning Registry Files ***** Sun Jun 27 16:27:53 2004 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Sun Jun 27 16:27:53 2004 => Scanning File C:\WINDOWS\system32\RUNDLL32.EXE Sun Jun 27 16:27:53 2004 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\ccApp.exe Sun Jun 27 16:27:53 2004 => Scanning File C:\DOKUME~1\Henning\LOKALE~1\Temp\mwavscan.com Sun Jun 27 16:27:53 2004 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce Sun Jun 27 16:27:53 2004 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx Sun Jun 27 16:27:53 2004 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices Sun Jun 27 16:27:53 2004 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Sun Jun 27 16:27:53 2004 => Scanning File C:\PROGRA~1\Symantec\LIVEUP~1\SNDMon.EXE Sun Jun 27 16:27:53 2004 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce Sun Jun 27 16:27:53 2004 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx Sun Jun 27 16:27:53 2004 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices Sun Jun 27 16:27:53 2004 => Scanning HKCR\txtfile\shell\open\command Sun Jun 27 16:27:53 2004 => Scanning HKCR\comfile\shell\open\command Sun Jun 27 16:27:53 2004 => Scanning HKCR\exefile\shell\open\command Sun Jun 27 16:27:53 2004 => Scanning HKCR\dllfile\shell\open\command Sun Jun 27 16:27:53 2004 => Scanning HKCR\batfile\shell\open\command Sun Jun 27 16:27:53 2004 => Scanning HKCR\piffile\shell\open\command Sun Jun 27 16:27:53 2004 => Scanning HKCR\scrfile\shell\open\command Sun Jun 27 16:27:53 2004 => Scanning HKCR\scrfile\shell\config\command Sun Jun 27 16:27:53 2004 => Scanning HKCR\regfile\shell\open\command Sun Jun 27 16:27:53 2004 => ***** Scanning StartUp Folders ***** Sun Jun 27 16:27:53 2004 => ***** Scanning C:\Dokumente und Einstellungen\Henning\Startmenü\Programme\Autostart Folder ***** Sun Jun 27 16:27:53 2004 => Scanning Folder: C:\Dokumente und Einstellungen\Henning\Startmenü\Programme\Autostart\*.* Sun Jun 27 16:27:53 2004 => Scanning File C:\Dokumente und Einstellungen\Henning\Startmenü\Programme\Autostart\desktop.ini [**] Sun Jun 27 16:27:53 2004 => ***** Scanning C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart Folder ***** Sun Jun 27 16:27:53 2004 => Scanning Folder: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\*.* Sun Jun 27 16:27:53 2004 => Scanning File C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini [**] Sun Jun 27 16:27:53 2004 => ***** Scanning Service Files ***** Sun Jun 27 16:27:53 2004 => Scanning HKLM\SYSTEM\CurrentControlSet\Services Sun Jun 27 16:27:53 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\ACPI.sys Sun Jun 27 16:27:54 2004 => Scanning File C:\WINDOWS\System32\drivers\aec.sys Sun Jun 27 16:27:54 2004 => Scanning File C:\WINDOWS\System32\drivers\afd.sys Sun Jun 27 16:27:55 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Sun Jun 27 16:27:55 2004 => Scanning File C:\WINDOWS\System32\alg.exe Sun Jun 27 16:27:55 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\amdk7.sys Sun Jun 27 16:27:55 2004 => Scanning File C:\WINDOWS\system32\svchost.exe Sun Jun 27 16:27:55 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\asyncmac.sys Sun Jun 27 16:27:55 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\atapi.sys Sun Jun 27 16:27:55 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\atmarpc.sys Sun Jun 27 16:27:56 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Sun Jun 27 16:27:56 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\audstub.sys Sun Jun 27 16:27:56 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Sun Jun 27 16:27:56 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Sun Jun 27 16:27:56 2004 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\ccEvtMgr.exe Sun Jun 27 16:27:56 2004 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\ccProxy.exe Sun Jun 27 16:27:56 2004 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\ccPwdSvc.exe Sun Jun 27 16:27:56 2004 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\ccSetMgr.exe Sun Jun 27 16:27:56 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\cdrom.sys Sun Jun 27 16:27:57 2004 => Scanning File C:\WINDOWS\system32\cisvc.exe Sun Jun 27 16:27:57 2004 => Scanning File C:\WINDOWS\system32\clipsrv.exe Sun Jun 27 16:27:57 2004 => Scanning File C:\WINDOWS\System32\drivers\cmuda.sys Sun Jun 27 16:27:58 2004 => Scanning File C:\WINDOWS\System32\dllhost.exe Sun Jun 27 16:27:58 2004 => Scanning File C:\WINDOWS\system32\svchost.exe Sun Jun 27 16:27:58 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Sun Jun 27 16:27:58 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\disk.sys Sun Jun 27 16:27:59 2004 => Scanning File C:\WINDOWS\System32\dmadmin.exe Sun Jun 27 16:27:59 2004 => Scanning File C:\WINDOWS\System32\drivers\dmboot.sys Sun Jun 27 16:27:59 2004 => Scanning File C:\WINDOWS\System32\drivers\dmio.sys Sun Jun 27 16:28:00 2004 => Scanning File C:\WINDOWS\System32\drivers\dmload.sys Sun Jun 27 16:28:00 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Sun Jun 27 16:28:00 2004 => Scanning File C:\WINDOWS\System32\drivers\DMusic.sys Sun Jun 27 16:28:00 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Sun Jun 27 16:28:00 2004 => Scanning File C:\WINDOWS\System32\drivers\drmkaud.sys Sun Jun 27 16:28:00 2004 => Scanning File C:\WINDOWS\System32\Drivers\ElbyCDFL.sys Sun Jun 27 16:28:00 2004 => Scanning File C:\WINDOWS\System32\Drivers\ElbyCDIO.sys Sun Jun 27 16:28:00 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\ElbyVCD.sys Sun Jun 27 16:28:00 2004 => Scanning File C:\PROGRA~1\GEMEIN~1\EPSON\EBAPI\SAgent2.exe Sun Jun 27 16:28:00 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Sun Jun 27 16:28:00 2004 => Scanning File C:\WINDOWS\system32\services.exe Sun Jun 27 16:28:01 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Sun Jun 27 16:28:01 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Sun Jun 27 16:28:01 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\fdc.sys Sun Jun 27 16:28:01 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\fetnd5.sys Sun Jun 27 16:28:01 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\flpydisk.sys Sun Jun 27 16:28:01 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\ftdisk.sys Sun Jun 27 16:28:01 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\gameenum.sys Sun Jun 27 16:28:01 2004 => Scanning File C:\PROGRA~1\NORTON~2\NORTON~4\GHOSTS~2.EXE Sun Jun 27 16:28:01 2004 => Scanning File C:\PROGRA~1\NORTON~2\NORTON~4\GHPCIS~1.SYS Sun Jun 27 16:28:02 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\msgpc.sys Sun Jun 27 16:28:02 2004 => Scanning File C:\WINDOWS\System32\Drivers\gt680x.sys Sun Jun 27 16:28:02 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Sun Jun 27 16:28:02 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Sun Jun 27 16:28:02 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\i8042prt.sys Sun Jun 27 16:28:02 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\imapi.sys Sun Jun 27 16:28:02 2004 => Scanning File C:\WINDOWS\System32\imapi.exe Sun Jun 27 16:28:02 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\Ip6Fw.sys Sun Jun 27 16:28:02 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Sun Jun 27 16:28:03 2004 => Total Number of Files Scanned: 87 Sun Jun 27 16:28:03 2004 => Total Number of Virus(es) Found: 0 Sun Jun 27 16:28:03 2004 => Total Number of Disinfected Files: 0 Sun Jun 27 16:28:03 2004 => Total Number of Files Renamed: 0 Sun Jun 27 16:28:04 2004 => Total Number of Deleted Files: 0 Sun Jun 27 16:28:04 2004 => Total Number of Errors: 0 Sun Jun 27 16:28:04 2004 => Time Elapsed: 00:00:14 Sun Jun 27 16:28:04 2004 => ***** Scanning complete. ***** Sun Jun 27 16:28:04 2004 => Virus Database Date: 2004/06/20 Sun Jun 27 16:28:04 2004 => Virus Database Count: 95240 Sun Jun 27 16:28:04 2004 => Scan Completed. Sun Jun 27 16:28:04 2004 => AV Library Unloaded (3)... Mon Jun 28 17:00:44 2004 => ********************************************************** Mon Jun 28 17:00:44 2004 => eScan AntiVirus Toolkit Utility. Mon Jun 28 17:00:44 2004 => Copyright © 2003-2004, MicroWorld Technologies Inc. Mon Jun 28 17:00:44 2004 => ********************************************************** Mon Jun 28 17:00:44 2004 => Version 4.2.4 Mon Jun 28 17:00:44 2004 => Log File: C:\DOKUME~1\Henning\LOKALE~1\Temp\mwav.log Mon Jun 28 17:00:44 2004 => Latest Date of files inside MWAV: 20 Jun 2004 15:17:25. Mon Jun 28 17:00:46 2004 => AV Library Loaded... Mon Jun 28 17:00:46 2004 => Scanning File C:\DOKUME~1\Henning\LOKALE~1\Temp\kavss.exe Mon Jun 28 17:00:46 2004 => Scanning File C:\DOKUME~1\Henning\LOKALE~1\Temp\Getvlist.exe Mon Jun 28 17:00:46 2004 => Scanning File C:\DOKUME~1\Henning\LOKALE~1\Temp\kavss.dll Mon Jun 28 17:00:46 2004 => Scanning File C:\DOKUME~1\Henning\LOKALE~1\Temp\kavssdi.dll Mon Jun 28 17:00:46 2004 => Scanning File C:\DOKUME~1\Henning\LOKALE~1\Temp\kavssi.dll Mon Jun 28 17:00:46 2004 => Scanning File C:\DOKUME~1\Henning\LOKALE~1\Temp\kavvlg.dll Mon Jun 28 17:00:46 2004 => Scanning File C:\DOKUME~1\Henning\LOKALE~1\Temp\msvlclnt.dll Mon Jun 28 17:00:46 2004 => Scanning File C:\DOKUME~1\Henning\LOKALE~1\Temp\ipc.dll Mon Jun 28 17:00:46 2004 => Scanning File C:\DOKUME~1\Henning\LOKALE~1\Temp\main.avi Mon Jun 28 17:00:46 2004 => Scanning File C:\DOKUME~1\Henning\LOKALE~1\Temp\virus.avi Mon Jun 28 17:00:46 2004 => Virus Database Date: 2004/06/20 Mon Jun 28 17:00:46 2004 => Virus Database Count: 95240 Mon Jun 28 17:00:48 2004 => Generating Virus List... getvlist.exe C:\DOKUME~1\Henning\LOKALE~1\Temp\vlist.txt Mon Jun 28 17:00:55 2004 => ********************************************************** Mon Jun 28 17:00:55 2004 => eScan AntiVirus Toolkit Utility. Mon Jun 28 17:00:55 2004 => Copyright © 2003-2004, MicroWorld Technologies Inc. Mon Jun 28 17:00:55 2004 => Mon Jun 28 17:00:55 2004 => Support: support@mwti.net Mon Jun 28 17:00:55 2004 => Web: http://www.mwti.net Mon Jun 28 17:00:55 2004 => ********************************************************** Mon Jun 28 17:00:55 2004 => Version 4.2.4 Mon Jun 28 17:00:55 2004 => Log File: C:\DOKUME~1\Henning\LOKALE~1\Temp\mwav.log Mon Jun 28 17:00:55 2004 => Latest Date of files inside MWAV: 20 Jun 2004 15:17:25. Mon Jun 28 17:00:55 2004 => Options Selected by User: Mon Jun 28 17:00:55 2004 => Memory Check: Enabled Mon Jun 28 17:00:55 2004 => Registry Check: Enabled Mon Jun 28 17:00:55 2004 => StartUp Folder Check: Enabled Mon Jun 28 17:00:55 2004 => System Folder Check: Disabled Mon Jun 28 17:00:55 2004 => System Area Check: Disabled Mon Jun 28 17:00:55 2004 => Services Check: Enabled Mon Jun 28 17:00:55 2004 => Drive Check Option Disabled Mon Jun 28 17:00:55 2004 => Scanning Type: Scan And Clean Mon Jun 28 17:00:55 2004 => Folder Check: Disabled Mon Jun 28 17:00:56 2004 => ***** Scanning Memory Files ***** Mon Jun 28 17:00:56 2004 => Scanning File C:\WINDOWS\system32\services.exe Mon Jun 28 17:00:56 2004 => Scanning File C:\WINDOWS\system32\lsass.exe Mon Jun 28 17:00:56 2004 => Scanning File C:\WINDOWS\system32\svchost.exe Mon Jun 28 17:00:56 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:00:56 2004 => Scanning File C:\WINDOWS\Explorer.EXE Mon Jun 28 17:00:56 2004 => Scanning File C:\DOKUME~1\Henning\LOKALE~1\Temp\mwavscan.com Mon Jun 28 17:00:56 2004 => Scanning File C:\DOKUME~1\Henning\LOKALE~1\Temp\kavss.exe Mon Jun 28 17:00:56 2004 => ***** Scanning Registry Files ***** Mon Jun 28 17:00:56 2004 => Scanning HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon Mon Jun 28 17:00:56 2004 => Scanning File C:\WINDOWS\Explorer.exe Mon Jun 28 17:00:57 2004 => Scanning File C:\WINDOWS\system32\userinit.exe Mon Jun 28 17:00:57 2004 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Mon Jun 28 17:00:57 2004 => Scanning File C:\WINDOWS\system32\RUNDLL32.EXE Mon Jun 28 17:00:57 2004 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\ccApp.exe Mon Jun 28 17:00:57 2004 => Scanning File C:\DOKUME~1\Henning\LOKALE~1\Temp\mwavscan.com Mon Jun 28 17:00:57 2004 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce Mon Jun 28 17:00:57 2004 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx Mon Jun 28 17:00:57 2004 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices Mon Jun 28 17:00:57 2004 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Mon Jun 28 17:00:57 2004 => Scanning File C:\PROGRA~1\Symantec\LIVEUP~1\SNDMon.EXE Mon Jun 28 17:00:57 2004 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce Mon Jun 28 17:00:58 2004 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx Mon Jun 28 17:00:58 2004 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices Mon Jun 28 17:00:58 2004 => Scanning HKCR\txtfile\shell\open\command Mon Jun 28 17:00:58 2004 => Scanning HKCR\comfile\shell\open\command Mon Jun 28 17:00:58 2004 => Scanning HKCR\exefile\shell\open\command Mon Jun 28 17:00:58 2004 => Scanning HKCR\dllfile\shell\open\command Mon Jun 28 17:00:58 2004 => Scanning HKCR\batfile\shell\open\command Mon Jun 28 17:00:58 2004 => Scanning HKCR\piffile\shell\open\command Mon Jun 28 17:00:58 2004 => Scanning HKCR\scrfile\shell\open\command Mon Jun 28 17:00:58 2004 => Scanning HKCR\scrfile\shell\config\command Mon Jun 28 17:00:58 2004 => Scanning HKCR\regfile\shell\open\command Mon Jun 28 17:00:59 2004 => ***** Scanning StartUp Folders ***** Mon Jun 28 17:00:59 2004 => ***** Scanning C:\Dokumente und Einstellungen\Henning\Startmenü\Programme\Autostart Folder ***** Mon Jun 28 17:00:59 2004 => Scanning Folder: C:\Dokumente und Einstellungen\Henning\Startmenü\Programme\Autostart\*.* Mon Jun 28 17:00:59 2004 => Scanning File C:\Dokumente und Einstellungen\Henning\Startmenü\Programme\Autostart\desktop.ini [**] Mon Jun 28 17:00:59 2004 => ***** Scanning C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart Folder ***** Mon Jun 28 17:00:59 2004 => Scanning Folder: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\*.* Mon Jun 28 17:00:59 2004 => Scanning File C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini [**] Mon Jun 28 17:00:59 2004 => ***** Scanning Service Files ***** Mon Jun 28 17:00:59 2004 => Scanning HKLM\SYSTEM\CurrentControlSet\Services Mon Jun 28 17:00:59 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\ACPI.sys Mon Jun 28 17:01:00 2004 => Scanning File C:\WINDOWS\System32\drivers\aec.sys Mon Jun 28 17:01:00 2004 => Scanning File C:\WINDOWS\System32\drivers\afd.sys Mon Jun 28 17:01:00 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:00 2004 => Scanning File C:\WINDOWS\System32\alg.exe Mon Jun 28 17:01:00 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\amdk7.sys Mon Jun 28 17:01:00 2004 => Scanning File C:\WINDOWS\system32\svchost.exe Mon Jun 28 17:01:00 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\asyncmac.sys Mon Jun 28 17:01:00 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\atapi.sys Mon Jun 28 17:01:00 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\atmarpc.sys Mon Jun 28 17:01:00 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:00 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\audstub.sys Mon Jun 28 17:01:00 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:00 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:00 2004 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\ccEvtMgr.exe Mon Jun 28 17:01:00 2004 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\ccProxy.exe Mon Jun 28 17:01:00 2004 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\ccPwdSvc.exe Mon Jun 28 17:01:00 2004 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\ccSetMgr.exe Mon Jun 28 17:01:00 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\cdrom.sys Mon Jun 28 17:01:00 2004 => Scanning File C:\WINDOWS\system32\cisvc.exe Mon Jun 28 17:01:00 2004 => Scanning File C:\WINDOWS\system32\clipsrv.exe Mon Jun 28 17:01:00 2004 => Scanning File C:\WINDOWS\System32\drivers\cmuda.sys Mon Jun 28 17:01:01 2004 => Scanning File C:\WINDOWS\System32\dllhost.exe Mon Jun 28 17:01:01 2004 => Scanning File C:\WINDOWS\system32\svchost.exe Mon Jun 28 17:01:01 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:01 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\disk.sys Mon Jun 28 17:01:01 2004 => Scanning File C:\WINDOWS\System32\dmadmin.exe Mon Jun 28 17:01:01 2004 => Scanning File C:\WINDOWS\System32\drivers\dmboot.sys Mon Jun 28 17:01:01 2004 => Scanning File C:\WINDOWS\System32\drivers\dmio.sys Mon Jun 28 17:01:02 2004 => Scanning File C:\WINDOWS\System32\drivers\dmload.sys Mon Jun 28 17:01:02 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:02 2004 => Scanning File C:\WINDOWS\System32\drivers\DMusic.sys Mon Jun 28 17:01:02 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:02 2004 => Scanning File C:\WINDOWS\System32\drivers\drmkaud.sys Mon Jun 28 17:01:02 2004 => Scanning File C:\WINDOWS\System32\Drivers\ElbyCDFL.sys Mon Jun 28 17:01:02 2004 => Scanning File C:\WINDOWS\System32\Drivers\ElbyCDIO.sys Mon Jun 28 17:01:02 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\ElbyVCD.sys Mon Jun 28 17:01:02 2004 => Scanning File C:\PROGRA~1\GEMEIN~1\EPSON\EBAPI\SAgent2.exe Mon Jun 28 17:01:03 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:03 2004 => Scanning File C:\WINDOWS\system32\services.exe Mon Jun 28 17:01:03 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:03 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:03 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\fdc.sys Mon Jun 28 17:01:03 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\fetnd5.sys Mon Jun 28 17:01:03 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\flpydisk.sys Mon Jun 28 17:01:03 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\ftdisk.sys Mon Jun 28 17:01:03 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\gameenum.sys Mon Jun 28 17:01:03 2004 => Scanning File C:\PROGRA~1\NORTON~2\NORTON~4\GHOSTS~2.EXE Mon Jun 28 17:01:04 2004 => Scanning File C:\PROGRA~1\NORTON~2\NORTON~4\GHPCIS~1.SYS Mon Jun 28 17:01:04 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\msgpc.sys Mon Jun 28 17:01:04 2004 => Scanning File C:\WINDOWS\System32\Drivers\gt680x.sys Mon Jun 28 17:01:04 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:04 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:04 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\i8042prt.sys Mon Jun 28 17:01:04 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\imapi.sys Mon Jun 28 17:01:04 2004 => Scanning File C:\WINDOWS\System32\imapi.exe Mon Jun 28 17:01:05 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\Ip6Fw.sys Mon Jun 28 17:01:05 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:05 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys Mon Jun 28 17:01:05 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\ipinip.sys Mon Jun 28 17:01:05 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\ipnat.sys Mon Jun 28 17:01:05 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\ipsec.sys Mon Jun 28 17:01:05 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\irenum.sys Mon Jun 28 17:01:06 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\isapnp.sys Mon Jun 28 17:01:06 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\kbdclass.sys Mon Jun 28 17:01:06 2004 => Scanning File C:\WINDOWS\System32\drivers\kmixer.sys Mon Jun 28 17:01:06 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:06 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:06 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:06 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:06 2004 => Scanning File C:\WINDOWS\System32\mnmsrvc.exe Mon Jun 28 17:01:06 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\mouclass.sys Mon Jun 28 17:01:06 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\mrxdav.sys Mon Jun 28 17:01:06 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\mrxsmb.sys Mon Jun 28 17:01:07 2004 => Scanning File C:\WINDOWS\System32\msdtc.exe Mon Jun 28 17:01:07 2004 => Scanning File C:\WINDOWS\System32\msiexec.exe Mon Jun 28 17:01:07 2004 => Scanning File C:\WINDOWS\System32\drivers\MSKSSRV.sys Mon Jun 28 17:01:07 2004 => Scanning File C:\WINDOWS\System32\drivers\MSPCLOCK.sys Mon Jun 28 17:01:08 2004 => Scanning File C:\WINDOWS\System32\drivers\MSPQM.sys Mon Jun 28 17:01:08 2004 => Scanning File C:\WINDOWS\System32\drivers\msmpu401.sys Mon Jun 28 17:01:08 2004 => Scanning File C:\PROGRA~1\NORTON~2\NORTON~1\navapsvc.exe Mon Jun 28 17:01:08 2004 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\VIRUSD~1\20040623.017\NAVENG.SYS Mon Jun 28 17:01:09 2004 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\VIRUSD~1\20040623.017\NAVEX15.SYS Mon Jun 28 17:01:09 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\ndistapi.sys Mon Jun 28 17:01:09 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\ndisuio.sys Mon Jun 28 17:01:09 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\ndiswan.sys Mon Jun 28 17:01:10 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\netbios.sys Mon Jun 28 17:01:10 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\netbt.sys Mon Jun 28 17:01:10 2004 => Scanning File C:\WINDOWS\system32\netdde.exe Mon Jun 28 17:01:10 2004 => Scanning File C:\WINDOWS\system32\netdde.exe Mon Jun 28 17:01:10 2004 => Scanning File C:\WINDOWS\System32\lsass.exe Mon Jun 28 17:01:10 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:10 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:10 2004 => Scanning File C:\WINDOWS\SYSTEM32\DRIVERS\NPDRIVER.SYS Mon Jun 28 17:01:10 2004 => Scanning File C:\PROGRA~1\NORTON~2\NORTON~2\NPROTECT.EXE Mon Jun 28 17:01:10 2004 => Scanning File C:\WINDOWS\System32\lsass.exe Mon Jun 28 17:01:10 2004 => Scanning File C:\WINDOWS\system32\svchost.exe Mon Jun 28 17:01:10 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\nv4_mini.sys Mon Jun 28 17:01:11 2004 => Scanning File C:\WINDOWS\System32\nvsvc32.exe Mon Jun 28 17:01:11 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys Mon Jun 28 17:01:11 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys Mon Jun 28 17:01:11 2004 => Scanning File C:\WINDOWS\System32\drivers\PalmUSBD.sys Mon Jun 28 17:01:11 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\parport.sys Mon Jun 28 17:01:11 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\pci.sys Mon Jun 28 17:01:11 2004 => Scanning File C:\WINDOWS\system32\services.exe Mon Jun 28 17:01:11 2004 => Scanning File C:\WINDOWS\System32\lsass.exe Mon Jun 28 17:01:11 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\raspptp.sys Mon Jun 28 17:01:11 2004 => Scanning File C:\WINDOWS\system32\lsass.exe Mon Jun 28 17:01:11 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\psched.sys Mon Jun 28 17:01:11 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\ptilink.sys Mon Jun 28 17:01:12 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\rasacd.sys Mon Jun 28 17:01:12 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:12 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\rasl2tp.sys Mon Jun 28 17:01:12 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:12 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\raspppoe.sys Mon Jun 28 17:01:12 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\raspti.sys Mon Jun 28 17:01:12 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\rdbss.sys Mon Jun 28 17:01:12 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\RDPCDD.sys Mon Jun 28 17:01:12 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\rdpdr.sys Mon Jun 28 17:01:12 2004 => Scanning File C:\WINDOWS\system32\sessmgr.exe Mon Jun 28 17:01:12 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\redbook.sys Mon Jun 28 17:01:12 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:12 2004 => Scanning File C:\WINDOWS\system32\svchost.exe Mon Jun 28 17:01:12 2004 => Scanning File C:\WINDOWS\System32\locator.exe Mon Jun 28 17:01:12 2004 => Scanning File C:\WINDOWS\system32\svchost.exe Mon Jun 28 17:01:12 2004 => Scanning File C:\WINDOWS\System32\rsvp.exe Mon Jun 28 17:01:12 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\RTL8139.SYS Mon Jun 28 17:01:12 2004 => Scanning File C:\WINDOWS\system32\lsass.exe Mon Jun 28 17:01:13 2004 => Scanning File C:\PROGRA~1\NORTON~2\NORTON~1\SAVRT.SYS Mon Jun 28 17:01:13 2004 => Scanning File C:\PROGRA~1\NORTON~2\NORTON~1\SAVRTPEL.SYS Mon Jun 28 17:01:13 2004 => Scanning File C:\PROGRA~1\NORTON~2\NORTON~1\SAVScan.exe Mon Jun 28 17:01:13 2004 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\SCRIPT~1\SBServ.exe Mon Jun 28 17:01:13 2004 => Scanning File C:\WINDOWS\System32\SCardSvr.exe Mon Jun 28 17:01:13 2004 => Scanning File C:\WINDOWS\System32\SCardSvr.exe Mon Jun 28 17:01:13 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:13 2004 => Scanning File C:\WINDOWS\SYSTEM32\DRIVERS\SDDRIVER.SYS Mon Jun 28 17:01:14 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\secdrv.sys Mon Jun 28 17:01:14 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:14 2004 => Scanning File C:\WINDOWS\system32\svchost.exe Mon Jun 28 17:01:14 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\serenum.sys Mon Jun 28 17:01:14 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\serial.sys Mon Jun 28 17:01:14 2004 => Scanning File C:\WINDOWS\system32\SetupNT.sys Mon Jun 28 17:01:14 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:14 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:14 2004 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\SNDSrvc.exe Mon Jun 28 17:01:14 2004 => Scanning File C:\PROGRA~1\NORTON~2\NORTON~2\SPEEDD~1\NOPDB.EXE Mon Jun 28 17:01:14 2004 => Scanning File C:\WINDOWS\System32\drivers\splitter.sys Mon Jun 28 17:01:14 2004 => Scanning File C:\WINDOWS\system32\spoolsv.exe Mon Jun 28 17:01:14 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\sr.sys Mon Jun 28 17:01:14 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:14 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\srv.sys Mon Jun 28 17:01:14 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:14 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:14 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\swenum.sys Mon Jun 28 17:01:14 2004 => Scanning File C:\WINDOWS\System32\drivers\swmidi.sys Mon Jun 28 17:01:15 2004 => Scanning File C:\WINDOWS\System32\dllhost.exe Mon Jun 28 17:01:15 2004 => Scanning File C:\WINDOWS\System32\Drivers\SYMDNS.SYS Mon Jun 28 17:01:15 2004 => Scanning File C:\PROGRAMME\SYMANTEC\SYMEVENT.SYS Mon Jun 28 17:01:15 2004 => Scanning File C:\WINDOWS\System32\Drivers\SYMFW.SYS Mon Jun 28 17:01:15 2004 => Scanning File C:\WINDOWS\System32\Drivers\SYMIDS.SYS Mon Jun 28 17:01:15 2004 => Scanning File C:\WINDOWS\System32\Drivers\SYMIDSCO.SYS Mon Jun 28 17:01:15 2004 => Scanning File C:\WINDOWS\System32\Drivers\SYMNDIS.SYS Mon Jun 28 17:01:15 2004 => Scanning File C:\WINDOWS\System32\Drivers\SYMREDRV.SYS Mon Jun 28 17:01:15 2004 => Scanning File C:\WINDOWS\System32\Drivers\SYMTDI.SYS Mon Jun 28 17:01:15 2004 => Scanning File C:\WINDOWS\System32\drivers\sysaudio.sys Mon Jun 28 17:01:15 2004 => Scanning File C:\WINDOWS\system32\smlogsvc.exe Mon Jun 28 17:01:15 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:15 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\tcpip.sys Mon Jun 28 17:01:15 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\termdd.sys Mon Jun 28 17:01:16 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:16 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:16 2004 => Scanning File C:\WINDOWS\System32\tlntsvr.exe Mon Jun 28 17:01:16 2004 => Scanning File C:\WINDOWS\system32\svchost.exe Mon Jun 28 17:01:16 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\update.sys Mon Jun 28 17:01:16 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:16 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:16 2004 => Scanning File C:\WINDOWS\System32\ups.exe Mon Jun 28 17:01:16 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\usbehci.sys Mon Jun 28 17:01:16 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\usbhub.sys Mon Jun 28 17:01:16 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\usbprint.sys Mon Jun 28 17:01:16 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS Mon Jun 28 17:01:16 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\usbuhci.sys Mon Jun 28 17:01:16 2004 => Scanning File C:\WINDOWS\System32\drivers\vga.sys Mon Jun 28 17:01:16 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\viaide.sys Mon Jun 28 17:01:16 2004 => Scanning File C:\WINDOWS\System32\vssvc.exe Mon Jun 28 17:01:16 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:16 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\wanarp.sys Mon Jun 28 17:01:16 2004 => Scanning File C:\WINDOWS\System32\drivers\wdmaud.sys Mon Jun 28 17:01:16 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:16 2004 => Scanning File C:\WINDOWS\system32\svchost.exe Mon Jun 28 17:01:16 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:16 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:16 2004 => Scanning File C:\WINDOWS\System32\wbem\wmiapsrv.exe Mon Jun 28 17:01:17 2004 => Scanning File C:\WINDOWS\system32\svchost.exe Mon Jun 28 17:01:17 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:17 2004 => ***** Scanning Important System Files ***** Mon Jun 28 17:01:17 2004 => Scanning File C:\WINDOWS\System32\winsock.dll Mon Jun 28 17:01:17 2004 => Scanning File C:\WINDOWS\System32\ws2help.dll Mon Jun 28 17:01:17 2004 => Scanning File C:\WINDOWS\System32\ws2_32.dll Mon Jun 28 17:01:17 2004 => Scanning File C:\WINDOWS\System32\wscript.exe Mon Jun 28 17:01:17 2004 => Scanning File C:\WINDOWS\System32\wsecedit.dll Mon Jun 28 17:01:17 2004 => Scanning File C:\WINDOWS\System32\wshatm.dll Mon Jun 28 17:01:17 2004 => Scanning File C:\WINDOWS\System32\wshbth.dll Mon Jun 28 17:01:17 2004 => Scanning File C:\WINDOWS\System32\wshcon.dll Mon Jun 28 17:01:17 2004 => Scanning File C:\WINDOWS\System32\wshde.dll Mon Jun 28 17:01:17 2004 => Scanning File C:\WINDOWS\System32\wshext.dll Mon Jun 28 17:01:18 2004 => Scanning File C:\WINDOWS\System32\wship6.dll Mon Jun 28 17:01:18 2004 => Scanning File C:\WINDOWS\System32\wshisn.dll Mon Jun 28 17:01:18 2004 => Scanning File C:\WINDOWS\System32\wshnetbs.dll Mon Jun 28 17:01:18 2004 => Scanning File C:\WINDOWS\System32\wshom.ocx Mon Jun 28 17:01:18 2004 => Scanning File C:\WINDOWS\System32\WshRm.dll Mon Jun 28 17:01:18 2004 => Scanning File C:\WINDOWS\System32\wshtcpip.dll Mon Jun 28 17:01:18 2004 => Scanning File C:\WINDOWS\System32\wsnmp32.dll Mon Jun 28 17:01:18 2004 => Scanning File C:\WINDOWS\System32\wsock32.dll Mon Jun 28 17:01:18 2004 => Scanning File C:\WINDOWS\System32\wstdecod.dll Mon Jun 28 17:01:18 2004 => Scanning File C:\WINDOWS\explorer.exe Mon Jun 28 17:01:18 2004 => Scanning File C:\WINDOWS\explorer.scf Mon Jun 28 17:01:18 2004 => Scanning File C:\WINDOWS\NOTEPAD.EXE Mon Jun 28 17:01:18 2004 => Scanning File C:\WINDOWS\System32\notepad.exe Mon Jun 28 17:01:18 2004 => Scanning File C:\WINDOWS\System32\cmd.exe Mon Jun 28 17:01:19 2004 => Scanning File C:\WINDOWS\System32\kernel32.dll Mon Jun 28 17:01:19 2004 => Scanning File C:\WINDOWS\System32\ntoskrnl.exe Mon Jun 28 17:01:19 2004 => Scanning File C:\WINDOWS\System32\ntkrnlpa.exe Mon Jun 28 17:01:19 2004 => Scanning File C:\WINDOWS\System32\hal.dll Mon Jun 28 17:01:19 2004 => Scanning File C:\WINDOWS\System32\win32k.sys Mon Jun 28 17:01:19 2004 => Scanning File C:\WINDOWS\System32\ntdll.dll Mon Jun 28 17:01:20 2004 => Scanning File C:\WINDOWS\System32\advapi32.dll Mon Jun 28 17:01:20 2004 => Scanning File C:\WINDOWS\System32\user32.dll Mon Jun 28 17:01:20 2004 => Scanning File C:\WINDOWS\System32\gdi32.dll Mon Jun 28 17:01:20 2004 => Scanning File C:\WINDOWS\System32\bootvid.dll Mon Jun 28 17:01:20 2004 => Scanning File C:\WINDOWS\System32\command.com Mon Jun 28 17:01:20 2004 => ***** Checking for specific ITW Viruses ***** Mon Jun 28 17:01:20 2004 => Checking for Welchia Virus... Mon Jun 28 17:01:20 2004 => Checking for LovGate Virus... Mon Jun 28 17:01:20 2004 => Checking for CodeRed Virus... Mon Jun 28 17:01:21 2004 => Checking for OpaServ Virus... Mon Jun 28 17:01:21 2004 => Checking for Sobig.e Virus... Mon Jun 28 17:01:21 2004 => Checking for Winupie Virus... Mon Jun 28 17:01:21 2004 => Checking for Swen Virus... Mon Jun 28 17:01:21 2004 => Checking for JS.Fortnight Virus... Mon Jun 28 17:01:21 2004 => Checking for Novarg Virus... Mon Jun 28 17:01:21 2004 => ***** Scanning complete. ***** Mon Jun 28 17:01:21 2004 => Total Number of Files Scanned: 245 Mon Jun 28 17:01:21 2004 => Total Number of Virus(es) Found: 0 Mon Jun 28 17:01:21 2004 => Total Number of Disinfected Files: 0 Mon Jun 28 17:01:21 2004 => Total Number of Files Renamed: 0 Mon Jun 28 17:01:22 2004 => Total Number of Deleted Files: 0 Mon Jun 28 17:01:22 2004 => Total Number of Errors: 0 Mon Jun 28 17:01:22 2004 => Time Elapsed: 00:00:26 Mon Jun 28 17:01:22 2004 => Virus Database Date: 2004/06/20 Mon Jun 28 17:01:22 2004 => Virus Database Count: 95240 Mon Jun 28 17:01:22 2004 => Scan Completed. Mon Jun 28 17:01:28 2004 => Options Selected by User: Mon Jun 28 17:01:28 2004 => Memory Check: Enabled Mon Jun 28 17:01:28 2004 => Registry Check: Enabled Mon Jun 28 17:01:28 2004 => StartUp Folder Check: Enabled Mon Jun 28 17:01:28 2004 => System Folder Check: Disabled Mon Jun 28 17:01:28 2004 => System Area Check: Disabled Mon Jun 28 17:01:28 2004 => Services Check: Enabled Mon Jun 28 17:01:28 2004 => Drive Check Option Disabled Mon Jun 28 17:01:28 2004 => Scanning Type: Scan And Clean Mon Jun 28 17:01:28 2004 => Folder Check: Disabled Mon Jun 28 17:01:28 2004 => ***** Scanning Memory Files ***** Mon Jun 28 17:01:28 2004 => Scanning File C:\WINDOWS\system32\services.exe Mon Jun 28 17:01:28 2004 => Scanning File C:\WINDOWS\system32\lsass.exe Mon Jun 28 17:01:28 2004 => Scanning File C:\WINDOWS\system32\svchost.exe Mon Jun 28 17:01:28 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:28 2004 => Scanning File C:\WINDOWS\Explorer.EXE Mon Jun 28 17:01:29 2004 => Scanning File C:\DOKUME~1\Henning\LOKALE~1\Temp\mwavscan.com Mon Jun 28 17:01:29 2004 => Scanning File C:\DOKUME~1\Henning\LOKALE~1\Temp\kavss.exe Mon Jun 28 17:01:29 2004 => Scanning File C:\WINDOWS\PCHealth\HelpCtr\Binaries\HelpSvc.exe Mon Jun 28 17:01:29 2004 => ***** Scanning Registry Files ***** Mon Jun 28 17:01:29 2004 => Scanning HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon Mon Jun 28 17:01:29 2004 => Scanning File C:\WINDOWS\Explorer.exe Mon Jun 28 17:01:29 2004 => Scanning File C:\WINDOWS\system32\userinit.exe Mon Jun 28 17:01:29 2004 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Mon Jun 28 17:01:29 2004 => Scanning File C:\WINDOWS\system32\RUNDLL32.EXE Mon Jun 28 17:01:29 2004 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\ccApp.exe Mon Jun 28 17:01:29 2004 => Scanning File C:\DOKUME~1\Henning\LOKALE~1\Temp\mwavscan.com Mon Jun 28 17:01:29 2004 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce Mon Jun 28 17:01:29 2004 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx Mon Jun 28 17:01:29 2004 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices Mon Jun 28 17:01:29 2004 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Mon Jun 28 17:01:30 2004 => Scanning File C:\PROGRA~1\Symantec\LIVEUP~1\SNDMon.EXE Mon Jun 28 17:01:30 2004 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce Mon Jun 28 17:01:30 2004 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx Mon Jun 28 17:01:30 2004 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices Mon Jun 28 17:01:30 2004 => Scanning HKCR\txtfile\shell\open\command Mon Jun 28 17:01:30 2004 => Scanning HKCR\comfile\shell\open\command Mon Jun 28 17:01:30 2004 => Scanning HKCR\exefile\shell\open\command Mon Jun 28 17:01:30 2004 => Scanning HKCR\dllfile\shell\open\command Mon Jun 28 17:01:30 2004 => Scanning HKCR\batfile\shell\open\command Mon Jun 28 17:01:30 2004 => Scanning HKCR\piffile\shell\open\command Mon Jun 28 17:01:30 2004 => Scanning HKCR\scrfile\shell\open\command Mon Jun 28 17:01:30 2004 => Scanning HKCR\scrfile\shell\config\command Mon Jun 28 17:01:30 2004 => Scanning HKCR\regfile\shell\open\command Mon Jun 28 17:01:31 2004 => ***** Scanning StartUp Folders ***** Mon Jun 28 17:01:31 2004 => ***** Scanning C:\Dokumente und Einstellungen\Henning\Startmenü\Programme\Autostart Folder ***** Mon Jun 28 17:01:31 2004 => Scanning Folder: C:\Dokumente und Einstellungen\Henning\Startmenü\Programme\Autostart\*.* Mon Jun 28 17:01:31 2004 => Scanning File C:\Dokumente und Einstellungen\Henning\Startmenü\Programme\Autostart\desktop.ini [**] Mon Jun 28 17:01:31 2004 => ***** Scanning C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart Folder ***** Mon Jun 28 17:01:31 2004 => Scanning Folder: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\*.* Mon Jun 28 17:01:31 2004 => Scanning File C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini [**] Mon Jun 28 17:01:31 2004 => ***** Scanning Service Files ***** Mon Jun 28 17:01:31 2004 => Scanning HKLM\SYSTEM\CurrentControlSet\Services Mon Jun 28 17:01:31 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\ACPI.sys Mon Jun 28 17:01:31 2004 => Scanning File C:\WINDOWS\System32\drivers\aec.sys Mon Jun 28 17:01:31 2004 => Scanning File C:\WINDOWS\System32\drivers\afd.sys Mon Jun 28 17:01:31 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:31 2004 => Scanning File C:\WINDOWS\System32\alg.exe Mon Jun 28 17:01:32 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\amdk7.sys Mon Jun 28 17:01:32 2004 => Scanning File C:\WINDOWS\system32\svchost.exe Mon Jun 28 17:01:32 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\asyncmac.sys Mon Jun 28 17:01:32 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\atapi.sys Mon Jun 28 17:01:32 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\atmarpc.sys Mon Jun 28 17:01:32 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:32 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\audstub.sys Mon Jun 28 17:01:32 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:32 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:32 2004 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\ccEvtMgr.exe Mon Jun 28 17:01:32 2004 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\ccProxy.exe Mon Jun 28 17:01:32 2004 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\ccPwdSvc.exe Mon Jun 28 17:01:32 2004 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\ccSetMgr.exe Mon Jun 28 17:01:32 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\cdrom.sys Mon Jun 28 17:01:32 2004 => Scanning File C:\WINDOWS\system32\cisvc.exe Mon Jun 28 17:01:32 2004 => Scanning File C:\WINDOWS\system32\clipsrv.exe Mon Jun 28 17:01:32 2004 => Scanning File C:\WINDOWS\System32\drivers\cmuda.sys Mon Jun 28 17:01:32 2004 => Scanning File C:\WINDOWS\System32\dllhost.exe Mon Jun 28 17:01:32 2004 => Scanning File C:\WINDOWS\system32\svchost.exe Mon Jun 28 17:01:32 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:32 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\disk.sys Mon Jun 28 17:01:32 2004 => Scanning File C:\WINDOWS\System32\dmadmin.exe Mon Jun 28 17:01:32 2004 => Scanning File C:\WINDOWS\System32\drivers\dmboot.sys Mon Jun 28 17:01:32 2004 => Scanning File C:\WINDOWS\System32\drivers\dmio.sys Mon Jun 28 17:01:32 2004 => Scanning File C:\WINDOWS\System32\drivers\dmload.sys Mon Jun 28 17:01:32 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:32 2004 => Scanning File C:\WINDOWS\System32\drivers\DMusic.sys Mon Jun 28 17:01:32 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:32 2004 => Scanning File C:\WINDOWS\System32\drivers\drmkaud.sys Mon Jun 28 17:01:32 2004 => Scanning File C:\WINDOWS\System32\Drivers\ElbyCDFL.sys Mon Jun 28 17:01:32 2004 => Scanning File C:\WINDOWS\System32\Drivers\ElbyCDIO.sys Mon Jun 28 17:01:32 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\ElbyVCD.sys Mon Jun 28 17:01:32 2004 => Scanning File C:\PROGRA~1\GEMEIN~1\EPSON\EBAPI\SAgent2.exe Mon Jun 28 17:01:32 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:32 2004 => Scanning File C:\WINDOWS\system32\services.exe Mon Jun 28 17:01:32 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:32 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:32 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\fdc.sys Mon Jun 28 17:01:32 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\fetnd5.sys Mon Jun 28 17:01:32 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\flpydisk.sys Mon Jun 28 17:01:32 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\ftdisk.sys Mon Jun 28 17:01:32 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\gameenum.sys Mon Jun 28 17:01:32 2004 => Scanning File C:\PROGRA~1\NORTON~2\NORTON~4\GHOSTS~2.EXE Mon Jun 28 17:01:32 2004 => Scanning File C:\PROGRA~1\NORTON~2\NORTON~4\GHPCIS~1.SYS Mon Jun 28 17:01:32 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\msgpc.sys Mon Jun 28 17:01:32 2004 => Scanning File C:\WINDOWS\System32\Drivers\gt680x.sys Mon Jun 28 17:01:32 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:32 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:32 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\i8042prt.sys Mon Jun 28 17:01:32 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\imapi.sys Mon Jun 28 17:01:33 2004 => Scanning File C:\WINDOWS\System32\imapi.exe Mon Jun 28 17:01:33 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\Ip6Fw.sys Mon Jun 28 17:01:33 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:33 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys Mon Jun 28 17:01:33 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\ipinip.sys Mon Jun 28 17:01:33 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\ipnat.sys Mon Jun 28 17:01:33 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\ipsec.sys Mon Jun 28 17:01:33 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\irenum.sys Mon Jun 28 17:01:33 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\isapnp.sys Mon Jun 28 17:01:33 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\kbdclass.sys Mon Jun 28 17:01:33 2004 => Scanning File C:\WINDOWS\System32\drivers\kmixer.sys Mon Jun 28 17:01:33 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:33 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:33 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:33 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:33 2004 => Scanning File C:\WINDOWS\System32\mnmsrvc.exe Mon Jun 28 17:01:33 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\mouclass.sys Mon Jun 28 17:01:33 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\mrxdav.sys Mon Jun 28 17:01:33 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\mrxsmb.sys Mon Jun 28 17:01:33 2004 => Scanning File C:\WINDOWS\System32\msdtc.exe Mon Jun 28 17:01:33 2004 => Scanning File C:\WINDOWS\System32\msiexec.exe Mon Jun 28 17:01:33 2004 => Scanning File C:\WINDOWS\System32\drivers\MSKSSRV.sys Mon Jun 28 17:01:33 2004 => Scanning File C:\WINDOWS\System32\drivers\MSPCLOCK.sys Mon Jun 28 17:01:33 2004 => Scanning File C:\WINDOWS\System32\drivers\MSPQM.sys Mon Jun 28 17:01:33 2004 => Scanning File C:\WINDOWS\System32\drivers\msmpu401.sys Mon Jun 28 17:01:33 2004 => Scanning File C:\PROGRA~1\NORTON~2\NORTON~1\navapsvc.exe Mon Jun 28 17:01:33 2004 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\VIRUSD~1\20040623.017\NAVENG.SYS Mon Jun 28 17:01:33 2004 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\VIRUSD~1\20040623.017\NAVEX15.SYS Mon Jun 28 17:01:33 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\ndistapi.sys Mon Jun 28 17:01:33 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\ndisuio.sys Mon Jun 28 17:01:33 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\ndiswan.sys Mon Jun 28 17:01:33 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\netbios.sys Mon Jun 28 17:01:33 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\netbt.sys Mon Jun 28 17:01:33 2004 => Scanning File C:\WINDOWS\system32\netdde.exe Mon Jun 28 17:01:33 2004 => Scanning File C:\WINDOWS\system32\netdde.exe Mon Jun 28 17:01:33 2004 => Scanning File C:\WINDOWS\System32\lsass.exe Mon Jun 28 17:01:33 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:33 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:33 2004 => Scanning File C:\WINDOWS\SYSTEM32\DRIVERS\NPDRIVER.SYS Mon Jun 28 17:01:33 2004 => Scanning File C:\PROGRA~1\NORTON~2\NORTON~2\NPROTECT.EXE Mon Jun 28 17:01:33 2004 => Scanning File C:\WINDOWS\System32\lsass.exe Mon Jun 28 17:01:33 2004 => Scanning File C:\WINDOWS\system32\svchost.exe Mon Jun 28 17:01:33 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\nv4_mini.sys Mon Jun 28 17:01:33 2004 => Scanning File C:\WINDOWS\System32\nvsvc32.exe Mon Jun 28 17:01:33 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys Mon Jun 28 17:01:33 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys Mon Jun 28 17:01:33 2004 => Scanning File C:\WINDOWS\System32\drivers\PalmUSBD.sys Mon Jun 28 17:01:33 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\parport.sys Mon Jun 28 17:01:33 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\pci.sys Mon Jun 28 17:01:33 2004 => Scanning File C:\WINDOWS\system32\services.exe Mon Jun 28 17:01:33 2004 => Scanning File C:\WINDOWS\System32\lsass.exe Mon Jun 28 17:01:33 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\raspptp.sys Mon Jun 28 17:01:34 2004 => Scanning File C:\WINDOWS\system32\lsass.exe Mon Jun 28 17:01:34 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\psched.sys Mon Jun 28 17:01:34 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\ptilink.sys Mon Jun 28 17:01:34 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\rasacd.sys Mon Jun 28 17:01:34 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:34 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\rasl2tp.sys Mon Jun 28 17:01:34 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:34 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\raspppoe.sys Mon Jun 28 17:01:34 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\raspti.sys Mon Jun 28 17:01:34 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\rdbss.sys Mon Jun 28 17:01:34 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\RDPCDD.sys Mon Jun 28 17:01:34 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\rdpdr.sys Mon Jun 28 17:01:34 2004 => Scanning File C:\WINDOWS\system32\sessmgr.exe Mon Jun 28 17:01:34 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\redbook.sys Mon Jun 28 17:01:34 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:34 2004 => Scanning File C:\WINDOWS\system32\svchost.exe Mon Jun 28 17:01:34 2004 => Scanning File C:\WINDOWS\System32\locator.exe Mon Jun 28 17:01:34 2004 => Scanning File C:\WINDOWS\system32\svchost.exe Mon Jun 28 17:01:34 2004 => Scanning File C:\WINDOWS\System32\rsvp.exe Mon Jun 28 17:01:34 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\RTL8139.SYS Mon Jun 28 17:01:34 2004 => Scanning File C:\WINDOWS\system32\lsass.exe Mon Jun 28 17:01:34 2004 => Scanning File C:\PROGRA~1\NORTON~2\NORTON~1\SAVRT.SYS Mon Jun 28 17:01:34 2004 => Scanning File C:\PROGRA~1\NORTON~2\NORTON~1\SAVRTPEL.SYS Mon Jun 28 17:01:34 2004 => Scanning File C:\PROGRA~1\NORTON~2\NORTON~1\SAVScan.exe Mon Jun 28 17:01:34 2004 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\SCRIPT~1\SBServ.exe Mon Jun 28 17:01:34 2004 => Scanning File C:\WINDOWS\System32\SCardSvr.exe Mon Jun 28 17:01:34 2004 => Scanning File C:\WINDOWS\System32\SCardSvr.exe Mon Jun 28 17:01:34 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:34 2004 => Scanning File C:\WINDOWS\SYSTEM32\DRIVERS\SDDRIVER.SYS Mon Jun 28 17:01:34 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\secdrv.sys Mon Jun 28 17:01:34 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:34 2004 => Scanning File C:\WINDOWS\system32\svchost.exe Mon Jun 28 17:01:34 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\serenum.sys Mon Jun 28 17:01:34 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\serial.sys Mon Jun 28 17:01:34 2004 => Scanning File C:\WINDOWS\system32\SetupNT.sys Mon Jun 28 17:01:34 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:34 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:34 2004 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\SNDSrvc.exe Mon Jun 28 17:01:34 2004 => Scanning File C:\PROGRA~1\NORTON~2\NORTON~2\SPEEDD~1\NOPDB.EXE Mon Jun 28 17:01:34 2004 => Scanning File C:\WINDOWS\System32\drivers\splitter.sys Mon Jun 28 17:01:34 2004 => Scanning File C:\WINDOWS\system32\spoolsv.exe Mon Jun 28 17:01:34 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\sr.sys Mon Jun 28 17:01:34 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:34 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\srv.sys Mon Jun 28 17:01:34 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:34 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:34 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\swenum.sys Mon Jun 28 17:01:34 2004 => Scanning File C:\WINDOWS\System32\drivers\swmidi.sys Mon Jun 28 17:01:34 2004 => Scanning File C:\WINDOWS\System32\dllhost.exe Mon Jun 28 17:01:34 2004 => Scanning File C:\WINDOWS\System32\Drivers\SYMDNS.SYS Mon Jun 28 17:01:34 2004 => Scanning File C:\PROGRAMME\SYMANTEC\SYMEVENT.SYS Mon Jun 28 17:01:35 2004 => Scanning File C:\WINDOWS\System32\Drivers\SYMFW.SYS Mon Jun 28 17:01:35 2004 => Scanning File C:\WINDOWS\System32\Drivers\SYMIDS.SYS Mon Jun 28 17:01:35 2004 => Scanning File C:\WINDOWS\System32\Drivers\SYMIDSCO.SYS Mon Jun 28 17:01:35 2004 => Scanning File C:\WINDOWS\System32\Drivers\SYMNDIS.SYS Mon Jun 28 17:01:35 2004 => Scanning File C:\WINDOWS\System32\Drivers\SYMREDRV.SYS Mon Jun 28 17:01:35 2004 => Scanning File C:\WINDOWS\System32\Drivers\SYMTDI.SYS Mon Jun 28 17:01:35 2004 => Scanning File C:\WINDOWS\System32\drivers\sysaudio.sys Mon Jun 28 17:01:35 2004 => Scanning File C:\WINDOWS\system32\smlogsvc.exe Mon Jun 28 17:01:35 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:35 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\tcpip.sys Mon Jun 28 17:01:35 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\termdd.sys Mon Jun 28 17:01:35 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:35 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:35 2004 => Scanning File C:\WINDOWS\System32\tlntsvr.exe Mon Jun 28 17:01:35 2004 => Scanning File C:\WINDOWS\system32\svchost.exe Mon Jun 28 17:01:35 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\update.sys Mon Jun 28 17:01:35 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:35 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:35 2004 => Scanning File C:\WINDOWS\System32\ups.exe Mon Jun 28 17:01:35 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\usbehci.sys Mon Jun 28 17:01:35 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\usbhub.sys Mon Jun 28 17:01:35 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\usbprint.sys Mon Jun 28 17:01:35 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS Mon Jun 28 17:01:35 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\usbuhci.sys Mon Jun 28 17:01:35 2004 => Scanning File C:\WINDOWS\System32\drivers\vga.sys Mon Jun 28 17:01:35 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\viaide.sys Mon Jun 28 17:01:35 2004 => Scanning File C:\WINDOWS\System32\vssvc.exe Mon Jun 28 17:01:35 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:35 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\wanarp.sys Mon Jun 28 17:01:35 2004 => Scanning File C:\WINDOWS\System32\drivers\wdmaud.sys Mon Jun 28 17:01:35 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:35 2004 => Scanning File C:\WINDOWS\system32\svchost.exe Mon Jun 28 17:01:35 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:35 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:35 2004 => Scanning File C:\WINDOWS\System32\wbem\wmiapsrv.exe Mon Jun 28 17:01:35 2004 => Scanning File C:\WINDOWS\system32\svchost.exe Mon Jun 28 17:01:35 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Jun 28 17:01:35 2004 => ***** Scanning Important System Files ***** Mon Jun 28 17:01:35 2004 => Scanning File C:\WINDOWS\System32\winsock.dll Mon Jun 28 17:01:35 2004 => Scanning File C:\WINDOWS\System32\ws2help.dll Mon Jun 28 17:01:35 2004 => Scanning File C:\WINDOWS\System32\ws2_32.dll Mon Jun 28 17:01:35 2004 => Scanning File C:\WINDOWS\System32\wscript.exe Mon Jun 28 17:01:35 2004 => Scanning File C:\WINDOWS\System32\wsecedit.dll Mon Jun 28 17:01:35 2004 => Scanning File C:\WINDOWS\System32\wshatm.dll Mon Jun 28 17:01:35 2004 => Scanning File C:\WINDOWS\System32\wshbth.dll Mon Jun 28 17:01:35 2004 => Scanning File C:\WINDOWS\System32\wshcon.dll Mon Jun 28 17:01:35 2004 => Scanning File C:\WINDOWS\System32\wshde.dll Mon Jun 28 17:01:35 2004 => Scanning File C:\WINDOWS\System32\wshext.dll Mon Jun 28 17:01:36 2004 => Scanning File C:\WINDOWS\System32\wship6.dll Mon Jun 28 17:01:36 2004 => Scanning File C:\WINDOWS\System32\wshisn.dll Mon Jun 28 17:01:36 2004 => Scanning File C:\WINDOWS\System32\wshnetbs.dll Mon Jun 28 17:01:36 2004 => Scanning File C:\WINDOWS\System32\wshom.ocx Mon Jun 28 17:01:36 2004 => Scanning File C:\WINDOWS\System32\WshRm.dll Mon Jun 28 17:01:36 2004 => Scanning File C:\WINDOWS\System32\wshtcpip.dll Mon Jun 28 17:01:36 2004 => Scanning File C:\WINDOWS\System32\wsnmp32.dll Mon Jun 28 17:01:36 2004 => Scanning File C:\WINDOWS\System32\wsock32.dll Mon Jun 28 17:01:36 2004 => Scanning File C:\WINDOWS\System32\wstdecod.dll Mon Jun 28 17:01:36 2004 => Scanning File C:\WINDOWS\explorer.exe Mon Jun 28 17:01:36 2004 => Scanning File C:\WINDOWS\explorer.scf Mon Jun 28 17:01:36 2004 => Scanning File C:\WINDOWS\NOTEPAD.EXE Mon Jun 28 17:01:36 2004 => Scanning File C:\WINDOWS\System32\notepad.exe Mon Jun 28 17:01:36 2004 => Scanning File C:\WINDOWS\System32\cmd.exe Mon Jun 28 17:01:36 2004 => Scanning File C:\WINDOWS\System32\kernel32.dll Mon Jun 28 17:01:36 2004 => Scanning File C:\WINDOWS\System32\ntoskrnl.exe Mon Jun 28 17:01:36 2004 => Scanning File C:\WINDOWS\System32\ntkrnlpa.exe Mon Jun 28 17:01:36 2004 => Scanning File C:\WINDOWS\System32\hal.dll Mon Jun 28 17:01:36 2004 => Scanning File C:\WINDOWS\System32\win32k.sys Mon Jun 28 17:01:36 2004 => Scanning File C:\WINDOWS\System32\ntdll.dll Mon Jun 28 17:01:36 2004 => Scanning File C:\WINDOWS\System32\advapi32.dll Mon Jun 28 17:01:36 2004 => Scanning File C:\WINDOWS\System32\user32.dll Mon Jun 28 17:01:36 2004 => Scanning File C:\WINDOWS\System32\gdi32.dll Mon Jun 28 17:01:36 2004 => Scanning File C:\WINDOWS\System32\bootvid.dll Mon Jun 28 17:01:36 2004 => Scanning File C:\WINDOWS\System32\command.com Mon Jun 28 17:01:36 2004 => ***** Checking for specific ITW Viruses ***** Mon Jun 28 17:01:36 2004 => Checking for Welchia Virus... Mon Jun 28 17:01:36 2004 => Checking for LovGate Virus... Mon Jun 28 17:01:36 2004 => Checking for CodeRed Virus... Mon Jun 28 17:01:36 2004 => Checking for OpaServ Virus... Mon Jun 28 17:01:36 2004 => Checking for Sobig.e Virus... Mon Jun 28 17:01:37 2004 => Checking for Winupie Virus... Mon Jun 28 17:01:37 2004 => Checking for Swen Virus... Mon Jun 28 17:01:37 2004 => Checking for JS.Fortnight Virus... Mon Jun 28 17:01:37 2004 => Checking for Novarg Virus... Mon Jun 28 17:01:37 2004 => ***** Scanning complete. ***** Mon Jun 28 17:01:37 2004 => Total Number of Files Scanned: 246 Mon Jun 28 17:01:37 2004 => Total Number of Virus(es) Found: 0 Mon Jun 28 17:01:37 2004 => Total Number of Disinfected Files: 0 Mon Jun 28 17:01:37 2004 => Total Number of Files Renamed: 0 Mon Jun 28 17:01:37 2004 => Total Number of Deleted Files: 0 Mon Jun 28 17:01:37 2004 => Total Number of Errors: 0 Mon Jun 28 17:01:37 2004 => Time Elapsed: 00:00:09 Mon Jun 28 17:01:38 2004 => Virus Database Date: 2004/06/20 Mon Jun 28 17:01:38 2004 => Virus Database Count: 95240 Mon Jun 28 17:01:38 2004 => Scan Completed. Logfile of HijackThis v1.97.7 Scan saved at 17:04:11, on 28.06.2004 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Dokumente und Einstellungen\Henning\Desktop\Anti Spy\HijackThis.exe C:\Programme\Microsoft Office\Office\WINWORD.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Programme\Gemeinsame Dateien\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programme\Norton SystemWorks\Norton Antivirus\NavShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programme\Norton SystemWorks\Norton Antivirus\NavShExt.dll O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Programme\Gemeinsame Dateien\Symantec Shared\AdBlocking\NISShExt.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [mwavscan] "C:\DOKUME~1\Henning\LOKALE~1\Temp\mwavscan.com" /s O4 - HKCU\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\Symantec\LIVEUP~1\SNDMon.EXE O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present |
| Themen zu Hilfe habe einen Hijacker von ner ganz üblen Sorte |
| antivirus, bho, bla, dateien, explorer, folge, format, hijacker, icq, immer wieder, internet, internet explorer, kommt immer wieder, meinem, microsoft, monitor, nvcpl.dll, obfuscated, rundll, rundll32.exe, seite, services, software, spybot, startseite, suche, symantec, system, system32, tcpip, windows |
Baum-Darstellung