Antivir meldet TR/Dropper.Gen

Search Navipromo version 3.7.6 began on 29.03.2009 at 22:06:32,06

!!! Warning, this report may include legitimate files/programs !!!
!!! Post this report on the forum you are being helped !!!
!!! Don't continue with removal unless instructed by an authorized helper !!!

Fix running from C:\Programme\navilog1

Updated on 14.03.2009 at 18h00 by IL-MAFIOSO

Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) XP 2400+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Torsten-admin ( Administrator )
BOOT : Normal boot

Antivirus : Avira AntiVir PersonalEdition Classic  6.38.1.81
 (Activated)
Firewall  : ZoneAlarm Firewall 8.0.298.000 (Activated)

A:\ (USB)
C:\ (Local Disk) - NTFS - Total:34 Go (Free:16 Go)
D:\ (Local Disk) - NTFS - Total:9 Go (Free:5 Go)
E:\ (CD or DVD)
F:\ (Local Disk) - NTFS - Total:34 Go (Free:30 Go)
G:\ (Local Disk) - NTFS - Total:78 Go (Free:32 Go)
H:\ (Local Disk) - NTFS - Total:151 Go (Free:7 Go)
I:\ (Local Disk) - NTFS - Total:7 Go (Free:7 Go)
J:\ (Local Disk) - NTFS - Total:58 Go (Free:15 Go)
K:\ (CD or DVD)
L:\ (CD or DVD)
M:\ (CD or DVD)
N:\ (CD or DVD)


Search done in normal mode


*** Search folders in "C:\WINDOWS" ***


*** Search folders in "C:\Programme" ***


*** Search folders in "C:\Dokumente und Einstellungen\All Users\startm~1\progra~1" ***


*** Search folders in "C:\Dokumente und Einstellungen\All Users\startm~1" ***


*** Search folders in "c:\dokume~1\alluse~1\anwend~1" ***


*** Search folders in "C:\Dokumente und Einstellungen\Torsten-admin\anwend~1" *** 


*** Search folders in "C:\DOKUME~1\ADMINI~1\anwend~1" *** 


*** Search folders in "C:\DOKUME~1\Guddy\anwend~1" *** 


*** Search folders in "C:\Dokumente und Einstellungen\Torsten-admin\lokale~1\anwend~1" *** 


*** Search folders in "C:\DOKUME~1\ADMINI~1\lokale~1\anwend~1" *** 


*** Search folders in "C:\DOKUME~1\Guddy\lokale~1\anwend~1" *** 


*** Search folders in "C:\Dokumente und Einstellungen\Torsten-admin\startm~1\progra~1" *** 


*** Search folders in "C:\DOKUME~1\ADMINI~1\startm~1\progra~1" *** 


*** Search folders in "C:\DOKUME~1\Guddy\startm~1\progra~1" *** 


*** Search with Catchme-rootkit/stealth malware detector by gmer ***
for more info : http://www.gmer.net



*** Search with GenericNaviSearch ***
!!! Possibility of legitimate files in the result !!!
!!! Must always be checked before manually deleting !!!

* Scan in "C:\WINDOWS\system32" *

* Scan in "C:\Dokumente und Einstellungen\Torsten-admin\lokale~1\anwend~1" * 

* Scan in "C:\DOKUME~1\ADMINI~1\lokale~1\anwend~1" * 

* Scan in "C:\DOKUME~1\Guddy\lokale~1\anwend~1" * 



*** Search files *** 



*** Search specific Registry keys ***
!! Following keys are not certainly all infected !!


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cwawu"="\"c:\\dokumente und einstellungen\\torsten-admin\\lokale einstellungen\\anwendungsdaten\\cwawu.exe\" cwawu"


*** Complementary Search ***
(Search specific files)

1)Search new Instant Access files :


2)Heuristic Search :

* In "C:\WINDOWS\system32" :


* In "C:\Dokumente und Einstellungen\Torsten-admin\lokale~1\anwend~1" : 

cwawu.exe found !
cwawu.dat found !
cwawu_nav.dat found !
cwawu_navps.dat found !

* In "C:\DOKUME~1\ADMINI~1\lokale~1\anwend~1" : 


* In "C:\DOKUME~1\Guddy\lokale~1\anwend~1" : 


3)Certificates Search :

Egroup certificate not found !
Electronic-Group certificate not found !
Montorgueil certificate not found !
OOO-Favorit certificate not found !
Sunny-Day-Design-Ltd certificate not found !

4)Search others known folders and files :



*** Search completed on 29.03.2009 at 22:15:32,98 ***