|
backdoor darkmoon virus hi all bin neu hier und bekomme immer ne meldung backdoor darkmoon virus gefunden wie bekomme ich den weg ausser neu zu instalieren habe antivir 6 drauf und norten norten vindet den aber wenn ich auf löschen gehe kommt der wieder kann mir einer helfen bitte |
Poste doch mal dein HiJackThis Log. HiJack Anleitung hier. |
Logfile of HijackThis v1.99.1 Scan saved at 17:15:44, on 07.10.2005 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programme\TGTSoft\StyleXP\StyleXPService.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\SPBBC\SPBBCSvc.exe C:\WINDOWS\Explorer.EXE C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe C:\Programme\ICQLite\ICQLite.exe C:\Programme\AVPersonal\AVGNT.EXE C:\Programme\Java\jre1.5.0_02\bin\jusched.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe C:\WINDOWS\System32\ctfmon.exe C:\Programme\MSN Messenger\MsnMsgr.Exe C:\WINDOWS\system32\spoolsv.exe C:\Programme\Gemeinsame Dateien\Ahead\lib\NMBgMonitor.exe C:\WINDOWS\System32\alg.exe C:\Programme\AVPersonal\AVWUPSRV.EXE C:\Programme\Norton AntiVirus\navapsvc.exe C:\Programme\Norton AntiVirus\IWP\NPFMntor.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\oodag.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\System32\wdfmgr.exe C:\Programme\teamspeak2_RC2\TeamSpeak.exe D:\Programme\Valve\Steam\Steam.exe C:\Programme\Steganos AntiSpyware 2006\WRSSSDK.exe C:\Programme\Steganos AntiSpyware 2006\saspy2006.exe C:\PROGRAMME\AVPERSONAL\AVGUARD.EXE C:\Programme\Internet Explorer\IEXPLORE.EXE C:\Programme\TuneUp Utilities 2006\SystemOptimizer.exe C:\Dokumente und Einstellungen\sack\Eigene Dateien\hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = h++p://google.icq.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = h++p://www.google.de/ R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll R3 - URLSearchHook: (no name) - {20929603-21DB-477C-BA6F-0B8E70B3C8A0} - (no file) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programme\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programme\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [Outpost Firewall] C:\Programme\Agnitum\Outpost Firewall\outpost.exe /waitservice O4 - HKLM\..\Run: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -minimize O4 - HKLM\..\Run: [AVGCtrl] "C:\Programme\AVPersonal\AVGNT.EXE" /min O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_02\bin\jusched.exe O4 - HKLM\..\Run: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Center\UsrPrmpt.exe O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [CloneCDTray] "C:\Programme\SlySoft\CloneCD\CloneCDTray.exe" /s O4 - HKLM\..\Run: [Antispyware 2006] "C:\Programme\Steganos AntiSpyware 2006\saspy2006.exe" /startintray O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Programme\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [STYLEXP] C:\Programme\TGTSoft\StyleXP\StyleXP.exe -Hide O4 - HKCU\..\Run: [Steam] "d:\programme\valve\steam\steam.exe" -silent O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programme\Gemeinsame Dateien\Ahead\lib\NMBgMonitor.exe" O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Programme\ICQToolbar\toolbaru.dll/SEARCH.HTML O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_02\bin\npjpi150_02.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_02\bin\npjpi150_02.dll O9 - Extra button: Browser-Anpassung - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Programme\Agnitum\Outpost Firewall\Plugins\BrowserBar\ie_bar.dll O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{04DA0F27-8594-48A5-BB0B-9BB6EEBF625A}: NameServer = 213.168.112.60 194.8.194.60 O17 - HKLM\System\CS1\Services\Tcpip\..\{04DA0F27-8594-48A5-BB0B-9BB6EEBF625A}: NameServer = 213.168.112.60 194.8.194.60 O18 - Protocol: bw+0 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O18 - Protocol: offline-8876480 - {F6FC7B67-53CA-48A4-9503-2CA9FC491FC4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O20 - AppInit_DLLs: C:\PROGRA~1\Agnitum\OUTPOS~1\wl_hook.dll O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\PROGRAMME\AVPERSONAL\AVGUARD.EXE O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Programme\AVPersonal\AVWUPSRV.EXE O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe O23 - Service: cFosSpeed System Service (cFosSpeedS) - Unknown owner - C:\Programme\cFosSpeed\spd.exe" -service (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Programme\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Programme\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\System32\oodag.exe O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum Ltd. - C:\PROGRA~1\Agnitum\OUTPOS~1\outpost.exe O23 - Service: SAVScan - Symantec Corporation - C:\Programme\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\GEMEIN~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: StyleXPService - Unknown owner - C:\Programme\TGTSoft\StyleXP\StyleXPService.exe O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Programme\Steganos AntiSpyware 2006\WRSSSDK.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Programme\TuneUp Utilities 2006\WinStylerThemeSvc.exe |
Ausser einem veraltetem und ungepatchtem System kann ich so keine schädliche Datei finden. Deshalb mache einen escan genau nach anleitung und poste die mit der find.bat erzeugte Datei. http://www.trojaner-board.de/showthread.php?t=17492 |
hi kann die log hie nicht rein machen ist zu gross ist das normal das die 10 mb gros ist hat 1 stunde gedauer Fri Oct 07 23:38:35 2005 => ***** Scanning Registry for errors created because of Adware/Spyware ***** Fri Oct 07 23:38:36 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Programme\Microsoft Games\Fable - The Lost Chapters\data\". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Programme\Microsoft Games\Fable - The Lost Chapters\". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Programme\Microsoft Games\". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Programme\Microsoft Games\Fable - The Lost Chapters\data\lang\". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Programme\Microsoft Games\Fable - The Lost Chapters\data\shaders\". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Programme\Microsoft Games\Fable - The Lost Chapters\data\Bones\". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Programme\Microsoft Games\Fable - The Lost Chapters\data\CompiledDefs\". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Programme\Microsoft Games\Fable - The Lost Chapters\data\Defs\". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Programme\Microsoft Games\Fable - The Lost Chapters\data\EngineCache\". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Programme\Microsoft Games\Fable - The Lost Chapters\data\lang\English\". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Programme\Microsoft Games\Fable - The Lost Chapters\data\LightingTable\". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Programme\Microsoft Games\Fable - The Lost Chapters\data\Misc\LoadProgress\". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Programme\Microsoft Games\Fable - The Lost Chapters\data\Misc\". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Programme\Microsoft Games\Fable - The Lost Chapters\data\shaders\pc\". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Programme\Microsoft Games\Fable - The Lost Chapters\data\Defs\RetailHeaders\". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Programme\Microsoft Games\Fable - The Lost Chapters\data\Tattoos\". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Programme\Microsoft Games\Fable - The Lost Chapters\data\Defs\RetailHeaders\pc\". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Programme\Microsoft Games\Fable - The Lost Chapters\data\Sound\". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Programme\Microsoft Games\Fable - The Lost Chapters\data\Video\". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Programme\Microsoft Games\Fable - The Lost Chapters\data\Levels\". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Programme\Microsoft Games\Fable - The Lost Chapters\data\graphics\". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Programme\Microsoft Games\Fable - The Lost Chapters\data\Misc\pc\". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Programme\Microsoft Games\Fable - The Lost Chapters\data\graphics\pc\". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".$$$". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".adf". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".amx". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".avc". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/steam/". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/steam/cstrike/". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/steam/cstrike/addons/". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/steam/cstrike/addons/adminmod/". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/steam/cstrike/addons/amxmodx/". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/steam/cstrike/addons/amxmodx/configs/". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/steam/cstrike/addons/amxmodx/configs/amxmd/". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/steam/cstrike/addons/amxmodx/configs/amxmd/leagues/". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/steam/cstrike/addons/amxmodx/configs/atac/". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/steam/cstrike/addons/amxmodx/configs/maps/". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/steam/cstrike/addons/amxmodx/configs/uaio/". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/steam/cstrike/addons/amxmodx/data/". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/steam/cstrike/addons/amxmodx/dlls/". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/steam/cstrike/addons/amxmodx/logs/". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/steam/cstrike/addons/amxmodx/modules/". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/steam/cstrike/addons/amxmodx/plugins/". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/steam/cstrike/addons/amxmodx/scripting/". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/steam/cstrike/addons/amxmodx/scripting/uaio_inc/". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/steam/cstrike/addons/clanmod/". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/steam/cstrike/addons/clanmod/addons/". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/steam/cstrike/addons/clanmod/configs/". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/steam/cstrike/addons/clanmod/configs/scripts/". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/steam/cstrike/addons/statsme/". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/steam/cstrike/maps/". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/steam/cstrike/SAVE/". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/steam/cstrike/sound/". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/steam/cstrike/sound/misc/". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/steam/cstrike/sounds/". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".ide". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".media". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".php". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".rom". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".sfv". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".sma". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "BitComet Toolbar". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "cFos". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "cFosSpeed". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "ICQLite". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "kazaalite202_is1". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Nero - Burning Rom!UninstallKey". Action Taken: No Action Taken. Fri Oct 07 23:38:36 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "NimoCorp". Action Taken: No Action Taken. Fri Oct 07 23:38:39 2005 => Entry "HKCR\cFosSpeed.Config" refers to invalid object "{A56B357E-7D66-474A-8CA1-C909109C88AF}". Action Taken: No Action Taken. Fri Oct 07 23:38:39 2005 => Entry "HKCR\cFosSpeed.Config.1" refers to invalid object "{A56B357E-7D66-474A-8CA1-C909109C88AF}". Action Taken: No Action Taken. |
Fri Oct 07 23:19:49 2005 => ********************************************************** Fri Oct 07 23:19:49 2005 => MicroWorld Anti Virus & Spyware Toolkit Utility. Fri Oct 07 23:19:49 2005 => Copyright © 2003-2005, MicroWorld Technologies Inc. Fri Oct 07 23:19:49 2005 => ********************************************************** Fri Oct 07 23:19:49 2005 => Version 7.2.2 (C:\Dokumente und Einstellungen\sack\Eigene Dateien\mwav\mwavscan.com) Fri Oct 07 23:19:49 2005 => Log File: C:\DOKUME~1\sack\EIGENE~1\mwav\MWAV.LOG Fri Oct 07 23:19:49 2005 => Last Scan Date and Time: 07.10.2005 23:04:12 Fri Oct 07 23:19:49 2005 => MWAV Registered: TRUE. Fri Oct 07 23:19:49 2005 => MWAV Mode: Scan and Clean files. Fri Oct 07 23:19:49 2005 => Database Path in KL Key: C:\PROGRA~1\eScan. Fri Oct 07 23:19:49 2005 => Latest Date of files in KL key: 07 Oct 2005 19:56:02. Fri Oct 07 23:19:49 2005 => Latest Date of files inside MWAV: 27 Sep 2005 10:51:30. Fri Oct 07 23:19:49 2005 => eScan Install Directory: C:\PROGRA~1\eScan\ Fri Oct 07 23:19:49 2005 => MailScan Install Directory: C:\PROGRA~1\eScan\ Fri Oct 07 23:19:52 2005 => AV Library Loaded... Fri Oct 07 23:19:52 2005 => MWAV doing self scanning... Fri Oct 07 23:19:52 2005 => Scanning File C:\DOKUME~1\sack\EIGENE~1\mwav\kavss.exe Fri Oct 07 23:19:52 2005 => Scanning File C:\DOKUME~1\sack\EIGENE~1\mwav\Getvlist.exe Fri Oct 07 23:19:52 2005 => Scanning File C:\DOKUME~1\sack\EIGENE~1\mwav\kavss.dll Fri Oct 07 23:19:52 2005 => Scanning File C:\DOKUME~1\sack\EIGENE~1\mwav\kavssdi.dll Fri Oct 07 23:19:52 2005 => Scanning File C:\DOKUME~1\sack\EIGENE~1\mwav\kavssi.dll Fri Oct 07 23:19:52 2005 => Scanning File C:\DOKUME~1\sack\EIGENE~1\mwav\kavvlg.dll Fri Oct 07 23:19:52 2005 => Scanning File C:\DOKUME~1\sack\EIGENE~1\mwav\msvlclnt.dll Fri Oct 07 23:19:52 2005 => Scanning File C:\DOKUME~1\sack\EIGENE~1\mwav\ipc.dll Fri Oct 07 23:19:52 2005 => Scanning File C:\DOKUME~1\sack\EIGENE~1\mwav\main.avi Fri Oct 07 23:19:52 2005 => Scanning File C:\DOKUME~1\sack\EIGENE~1\mwav\virus.avi Fri Oct 07 23:19:52 2005 => MWAV files are clean. Fri Oct 07 23:19:59 2005 => Virus Database Date: 2005/10/07 Fri Oct 07 23:19:59 2005 => Virus Database Count: 148678 Fri Oct 07 23:20:10 2005 => AV Library Unloaded (3)... Fri Oct 07 23:36:38 2005 => ********************************************************** Fri Oct 07 23:36:38 2005 => MicroWorld Anti Virus & Spyware Toolkit Utility. Fri Oct 07 23:36:38 2005 => Copyright © 2003-2005, MicroWorld Technologies Inc. Fri Oct 07 23:36:38 2005 => ********************************************************** Fri Oct 07 23:36:38 2005 => Version 7.2.2 (C:\Dokumente und Einstellungen\sack\Eigene Dateien\mwav\mwavscan.com) Fri Oct 07 23:36:38 2005 => Log File: C:\DOKUME~1\sack\EIGENE~1\mwav\MWAV.LOG Fri Oct 07 23:36:38 2005 => Last Scan Date and Time: 07.10.2005 23:04:12 Fri Oct 07 23:36:38 2005 => MWAV Registered: TRUE. Fri Oct 07 23:36:38 2005 => MWAV Mode: Scan and Clean files. Fri Oct 07 23:36:38 2005 => Database Path in KL Key: C:\PROGRA~1\eScan. Fri Oct 07 23:36:40 2005 => Latest Date of files in KL key: 07 Oct 2005 19:56:02. Fri Oct 07 23:36:42 2005 => Latest Date of files inside MWAV: 27 Sep 2005 10:51:30. Fri Oct 07 23:36:42 2005 => eScan Install Directory: C:\PROGRA~1\eScan\ Fri Oct 07 23:36:42 2005 => MailScan Install Directory: C:\PROGRA~1\eScan\ Fri Oct 07 23:36:44 2005 => AV Library Loaded... Fri Oct 07 23:36:44 2005 => MWAV doing self scanning... Fri Oct 07 23:36:44 2005 => Scanning File C:\DOKUME~1\sack\EIGENE~1\mwav\kavss.exe Fri Oct 07 23:36:44 2005 => Scanning File C:\DOKUME~1\sack\EIGENE~1\mwav\Getvlist.exe Fri Oct 07 23:36:44 2005 => Scanning File C:\DOKUME~1\sack\EIGENE~1\mwav\kavss.dll Fri Oct 07 23:36:44 2005 => Scanning File C:\DOKUME~1\sack\EIGENE~1\mwav\kavssdi.dll Fri Oct 07 23:36:44 2005 => Scanning File C:\DOKUME~1\sack\EIGENE~1\mwav\kavssi.dll Fri Oct 07 23:36:44 2005 => Scanning File C:\DOKUME~1\sack\EIGENE~1\mwav\kavvlg.dll Fri Oct 07 23:36:44 2005 => Scanning File C:\DOKUME~1\sack\EIGENE~1\mwav\msvlclnt.dll Fri Oct 07 23:36:44 2005 => Scanning File C:\DOKUME~1\sack\EIGENE~1\mwav\ipc.dll Fri Oct 07 23:36:44 2005 => Scanning File C:\DOKUME~1\sack\EIGENE~1\mwav\main.avi Fri Oct 07 23:36:44 2005 => Scanning File C:\DOKUME~1\sack\EIGENE~1\mwav\virus.avi Fri Oct 07 23:36:44 2005 => MWAV files are clean. Fri Oct 07 23:36:54 2005 => Virus Database Date: 2005/10/07 Fri Oct 07 23:36:54 2005 => Virus Database Count: 148678 Fri Oct 07 23:37:30 2005 => ********************************************************** Fri Oct 07 23:37:30 2005 => MicroWorld Anti Virus & Spyware Toolkit Utility. Fri Oct 07 23:37:30 2005 => Copyright © 2003-2005, MicroWorld Technologies Inc. Fri Oct 07 23:37:30 2005 => Fri Oct 07 23:37:30 2005 => Support: support@mwti.net Fri Oct 07 23:37:30 2005 => Web: http://www.mwti.net Fri Oct 07 23:37:30 2005 => ********************************************************** Fri Oct 07 23:37:30 2005 => Version 7.2.2 (C:\Dokumente und Einstellungen\sack\Eigene Dateien\mwav\mwavscan.com) Fri Oct 07 23:37:30 2005 => Log File: C:\DOKUME~1\sack\EIGENE~1\mwav\MWAV.LOG Fri Oct 07 23:37:30 2005 => User Account: sack Fri Oct 07 23:37:30 2005 => Windows Root Folder: C:\WINDOWS Fri Oct 07 23:37:30 2005 => Windows Sys32 Folder: C:\WINDOWS\System32 Fri Oct 07 23:37:30 2005 => OS: Windows NT Fri Oct 07 23:37:30 2005 => Database Path in KL Key: C:\PROGRA~1\eScan. Fri Oct 07 23:37:30 2005 => Latest Date of files in KL key: 07 Oct 2005 19:56:02. Fri Oct 07 23:37:30 2005 => Latest Date of files inside MWAV: 27 Sep 2005 10:51:30. Fri Oct 07 23:37:30 2005 => Options Selected by User: Fri Oct 07 23:37:30 2005 => Memory Check: Enabled Fri Oct 07 23:37:30 2005 => Registry Check: Enabled Fri Oct 07 23:37:30 2005 => StartUp Folder Check: Enabled Fri Oct 07 23:37:30 2005 => System Folder Check: Enabled Fri Oct 07 23:37:30 2005 => System Area Check: Disabled Fri Oct 07 23:37:30 2005 => Services Check: Enabled Fri Oct 07 23:37:30 2005 => Drive Check: Disabled Fri Oct 07 23:37:30 2005 => All Drive Check :Enabled Fri Oct 07 23:37:30 2005 => Folder Check: Enabled Fri Oct 07 23:37:30 2005 => Folder Selected = C:\WINDOWS |
Fri Oct 07 23:37:30 2005 => ***** Scanning Memory Files ***** Fri Oct 07 23:37:30 2005 => Scanning File C:\WINDOWS\System32\smss.exe Fri Oct 07 23:37:30 2005 => Scanning File C:\WINDOWS\System32\ntdll.dll Fri Oct 07 23:37:30 2005 => Scanning File C:\WINDOWS\SYSTEM32\CSRSS.EXE Fri Oct 07 23:37:30 2005 => Scanning File C:\WINDOWS\system32\CSRSRV.dll Fri Oct 07 23:37:30 2005 => Scanning File C:\WINDOWS\system32\basesrv.dll Fri Oct 07 23:37:30 2005 => Scanning File C:\WINDOWS\system32\winsrv.dll Fri Oct 07 23:37:30 2005 => Scanning File C:\WINDOWS\system32\USER32.dll Fri Oct 07 23:37:30 2005 => Scanning File C:\WINDOWS\system32\KERNEL32.dll Fri Oct 07 23:37:31 2005 => Scanning File C:\WINDOWS\system32\GDI32.dll Fri Oct 07 23:37:31 2005 => Scanning File C:\WINDOWS\system32\ADVAPI32.dll Fri Oct 07 23:37:31 2005 => Scanning File C:\WINDOWS\system32\RPCRT4.dll Fri Oct 07 23:37:31 2005 => Scanning File C:\WINDOWS\System32\sxs.dll Fri Oct 07 23:37:31 2005 => Scanning File C:\WINDOWS\SYSTEM32\WINLOGON.EXE Fri Oct 07 23:37:31 2005 => Scanning File C:\WINDOWS\system32\AUTHZ.dll Fri Oct 07 23:37:31 2005 => Scanning File C:\WINDOWS\system32\msvcrt.dll Fri Oct 07 23:37:31 2005 => Scanning File C:\WINDOWS\system32\CRYPT32.dll Fri Oct 07 23:37:31 2005 => Scanning File C:\WINDOWS\system32\MSASN1.dll Fri Oct 07 23:37:32 2005 => Scanning File C:\WINDOWS\system32\NDdeApi.dll Fri Oct 07 23:37:32 2005 => Scanning File C:\WINDOWS\system32\PROFMAP.dll Fri Oct 07 23:37:32 2005 => Scanning File C:\WINDOWS\system32\NETAPI32.dll Fri Oct 07 23:37:32 2005 => Scanning File C:\WINDOWS\system32\USERENV.dll Fri Oct 07 23:37:32 2005 => Scanning File C:\WINDOWS\system32\PSAPI.DLL Fri Oct 07 23:37:32 2005 => Scanning File C:\WINDOWS\system32\REGAPI.dll Fri Oct 07 23:37:32 2005 => Scanning File C:\WINDOWS\system32\Secur32.dll Fri Oct 07 23:37:32 2005 => Scanning File C:\WINDOWS\system32\SETUPAPI.dll Fri Oct 07 23:37:33 2005 => Scanning File C:\WINDOWS\system32\sfc_os.dll Fri Oct 07 23:37:33 2005 => Scanning File C:\WINDOWS\system32\WINTRUST.dll Fri Oct 07 23:37:33 2005 => Scanning File C:\WINDOWS\system32\ole32.dll Fri Oct 07 23:37:33 2005 => Scanning File C:\WINDOWS\system32\IMAGEHLP.dll Fri Oct 07 23:37:33 2005 => Scanning File C:\WINDOWS\system32\VERSION.dll Fri Oct 07 23:37:33 2005 => Scanning File C:\WINDOWS\system32\WINSTA.dll Fri Oct 07 23:37:33 2005 => Scanning File C:\WINDOWS\system32\WS2_32.dll Fri Oct 07 23:37:33 2005 => Scanning File C:\WINDOWS\system32\WS2HELP.dll Fri Oct 07 23:37:33 2005 => Scanning File C:\PROGRA~1\Agnitum\OUTPOS~1\wl_hook.dll Fri Oct 07 23:37:34 2005 => Scanning File C:\WINDOWS\system32\dbghelp.dll Fri Oct 07 23:37:34 2005 => Scanning File C:\PROGRA~1\Agnitum\OUTPOS~1\wl_hdlr.dll Fri Oct 07 23:37:34 2005 => Scanning File C:\WINDOWS\system32\MSGINA.dll Fri Oct 07 23:37:34 2005 => Scanning File C:\WINDOWS\system32\SHELL32.dll Fri Oct 07 23:37:34 2005 => Scanning File C:\WINDOWS\system32\SHLWAPI.dll Fri Oct 07 23:37:34 2005 => Scanning File C:\WINDOWS\system32\COMCTL32.dll Fri Oct 07 23:37:35 2005 => Scanning File C:\WINDOWS\system32\ODBC32.dll Fri Oct 07 23:37:35 2005 => Scanning File C:\WINDOWS\system32\comdlg32.dll Fri Oct 07 23:37:35 2005 => Scanning File C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll Fri Oct 07 23:37:35 2005 => Scanning File C:\WINDOWS\system32\odbcint.dll Fri Oct 07 23:37:35 2005 => Scanning File C:\WINDOWS\system32\SHSVCS.dll Fri Oct 07 23:37:35 2005 => Scanning File C:\WINDOWS\system32\sfc.dll Fri Oct 07 23:37:35 2005 => Scanning File C:\WINDOWS\system32\Apphelp.dll Fri Oct 07 23:37:35 2005 => Scanning File C:\WINDOWS\system32\WINMM.dll Fri Oct 07 23:37:35 2005 => Scanning File C:\WINDOWS\system32\cscdll.dll Fri Oct 07 23:37:36 2005 => Scanning File C:\WINDOWS\system32\WlNotify.dll Fri Oct 07 23:37:36 2005 => Scanning File C:\WINDOWS\system32\WinSCard.dll Fri Oct 07 23:37:36 2005 => Scanning File C:\WINDOWS\system32\WTSAPI32.dll Fri Oct 07 23:37:36 2005 => Scanning File C:\WINDOWS\system32\WINSPOOL.DRV Fri Oct 07 23:37:36 2005 => Scanning File C:\WINDOWS\system32\MPR.dll Fri Oct 07 23:37:36 2005 => Scanning File C:\WINDOWS\System32\rsaenh.dll Fri Oct 07 23:37:36 2005 => Scanning File C:\WINDOWS\system32\UxTheme.dll Fri Oct 07 23:37:36 2005 => Scanning File C:\WINDOWS\system32\SAMLIB.dll Fri Oct 07 23:37:37 2005 => Scanning File C:\WINDOWS\system32\NTMARTA.DLL Fri Oct 07 23:37:37 2005 => Scanning File C:\WINDOWS\system32\WLDAP32.dll Fri Oct 07 23:37:37 2005 => Scanning File C:\WINDOWS\system32\COMRes.dll Fri Oct 07 23:37:37 2005 => Scanning File C:\WINDOWS\system32\OLEAUT32.dll Fri Oct 07 23:37:37 2005 => Scanning File C:\WINDOWS\system32\CLBCATQ.DLL Fri Oct 07 23:37:37 2005 => Scanning File C:\WINDOWS\system32\cryptnet.dll Fri Oct 07 23:37:37 2005 => Scanning File C:\WINDOWS\system32\sclgntfy.dll Fri Oct 07 23:37:37 2005 => Scanning File C:\WINDOWS\System32\drprov.dll Fri Oct 07 23:37:37 2005 => Scanning File C:\WINDOWS\System32\ntlanman.dll Fri Oct 07 23:37:38 2005 => Scanning File C:\WINDOWS\System32\NETUI0.dll Fri Oct 07 23:37:38 2005 => Scanning File C:\WINDOWS\System32\NETUI1.dll Fri Oct 07 23:37:38 2005 => Scanning File C:\WINDOWS\System32\NETRAP.dll Fri Oct 07 23:37:38 2005 => Scanning File C:\WINDOWS\System32\davclnt.dll Fri Oct 07 23:37:38 2005 => Scanning File C:\WINDOWS\system32\MPRUI.dll Fri Oct 07 23:37:38 2005 => Scanning File C:\WINDOWS\system32\NETUI2.dll Fri Oct 07 23:37:38 2005 => Scanning File C:\WINDOWS\system32\netmsg.dll Fri Oct 07 23:37:38 2005 => Scanning File C:\WINDOWS\system32\RASAPI32.dll Fri Oct 07 23:37:38 2005 => Scanning File C:\WINDOWS\system32\rasman.dll Fri Oct 07 23:37:39 2005 => Scanning File C:\WINDOWS\system32\TAPI32.dll Fri Oct 07 23:37:39 2005 => Scanning File C:\WINDOWS\system32\rtutils.dll Fri Oct 07 23:37:39 2005 => Scanning File C:\WINDOWS\system32\cscui.dll Fri Oct 07 23:37:39 2005 => Scanning File C:\WINDOWS\system32\services.exe Fri Oct 07 23:37:39 2005 => Scanning File C:\WINDOWS\system32\SCESRV.dll Fri Oct 07 23:37:39 2005 => Scanning File C:\WINDOWS\system32\umpnpmgr.dll Fri Oct 07 23:37:39 2005 => Scanning File C:\WINDOWS\system32\NCObjAPI.DLL Fri Oct 07 23:37:39 2005 => Scanning File C:\WINDOWS\system32\eventlog.dll Fri Oct 07 23:37:40 2005 => Scanning File C:\WINDOWS\system32\lsass.exe Fri Oct 07 23:37:40 2005 => Scanning File C:\WINDOWS\system32\LSASRV.dll Fri Oct 07 23:37:40 2005 => Scanning File C:\WINDOWS\system32\SAMSRV.dll Fri Oct 07 23:37:40 2005 => Scanning File C:\WINDOWS\system32\cryptdll.dll Fri Oct 07 23:37:40 2005 => Scanning File C:\WINDOWS\system32\DNSAPI.dll Fri Oct 07 23:37:40 2005 => Scanning File C:\WINDOWS\system32\NTDSAPI.dll Fri Oct 07 23:37:40 2005 => Scanning File C:\WINDOWS\system32\msprivs.dll Fri Oct 07 23:37:40 2005 => Scanning File C:\WINDOWS\system32\kerberos.dll Fri Oct 07 23:37:41 2005 => Scanning File C:\WINDOWS\system32\msv1_0.dll Fri Oct 07 23:37:41 2005 => Scanning File C:\WINDOWS\system32\netlogon.dll Fri Oct 07 23:37:41 2005 => Scanning File C:\WINDOWS\system32\w32time.dll Fri Oct 07 23:37:41 2005 => Scanning File C:\WINDOWS\system32\MSVCP60.dll Fri Oct 07 23:37:41 2005 => Scanning File C:\WINDOWS\system32\iphlpapi.dll Fri Oct 07 23:37:41 2005 => Scanning File C:\WINDOWS\system32\netman.dll Fri Oct 07 23:37:41 2005 => Scanning File C:\WINDOWS\system32\MPRAPI.dll Fri Oct 07 23:37:41 2005 => Scanning File C:\WINDOWS\system32\ACTIVEDS.dll Fri Oct 07 23:37:42 2005 => Scanning File C:\WINDOWS\system32\adsldpc.dll Fri Oct 07 23:37:42 2005 => Scanning File C:\WINDOWS\system32\ATL.DLL Fri Oct 07 23:37:42 2005 => Scanning File C:\WINDOWS\system32\WZCSvc.DLL Fri Oct 07 23:37:42 2005 => Scanning File C:\WINDOWS\system32\WMI.dll Fri Oct 07 23:37:42 2005 => Scanning File C:\WINDOWS\system32\DHCPCSVC.DLL Fri Oct 07 23:37:42 2005 => Scanning File C:\WINDOWS\system32\schannel.dll Fri Oct 07 23:37:42 2005 => Scanning File C:\WINDOWS\system32\wdigest.dll Fri Oct 07 23:37:42 2005 => Scanning File C:\WINDOWS\system32\scecli.dll Fri Oct 07 23:37:42 2005 => Scanning File C:\WINDOWS\system32\svchost.exe Fri Oct 07 23:37:42 2005 => Scanning File c:\windows\system32\rpcss.dll Fri Oct 07 23:37:42 2005 => Scanning File C:\WINDOWS\system32\mswsock.dll Fri Oct 07 23:37:43 2005 => Scanning File C:\WINDOWS\system32\mwtsp.dll Fri Oct 07 23:37:43 2005 => Scanning File C:\WINDOWS\SPORDER.dll Fri Oct 07 23:37:43 2005 => Scanning File C:\WINDOWS\System32\wshtcpip.dll Fri Oct 07 23:37:43 2005 => Scanning File C:\WINDOWS\System32\winrnr.dll Fri Oct 07 23:37:43 2005 => Scanning File C:\WINDOWS\system32\rasadhlp.dll Fri Oct 07 23:37:43 2005 => Scanning File c:\windows\system32\cryptsvc.dll Fri Oct 07 23:37:43 2005 => Scanning File c:\windows\system32\certcli.dll Fri Oct 07 23:37:43 2005 => Scanning File c:\windows\system32\CRYPTUI.dll Fri Oct 07 23:37:44 2005 => Scanning File C:\WINDOWS\system32\WININET.dll Fri Oct 07 23:37:44 2005 => Scanning File c:\windows\system32\ESENT.dll Fri Oct 07 23:37:44 2005 => Scanning File c:\windows\system32\srsvc.dll Fri Oct 07 23:37:44 2005 => Scanning File c:\windows\system32\wbem\wmisvc.dll Fri Oct 07 23:37:44 2005 => Scanning File c:\windows\system32\wbem\wbemcomn.dll Fri Oct 07 23:37:44 2005 => Scanning File C:\WINDOWS\system32\VSSAPI.DLL Fri Oct 07 23:37:44 2005 => Scanning File C:\WINDOWS\System32\es.dll Fri Oct 07 23:37:45 2005 => Scanning File C:\WINDOWS\System32\wbem\wbemcore.dll Fri Oct 07 23:37:45 2005 => Scanning File C:\WINDOWS\System32\wbem\esscli.dll Fri Oct 07 23:37:45 2005 => Scanning File C:\WINDOWS\System32\wbem\FastProx.dll Fri Oct 07 23:37:45 2005 => Scanning File C:\WINDOWS\System32\wbem\wmiutils.dll Fri Oct 07 23:37:45 2005 => Scanning File C:\WINDOWS\System32\wbem\repdrvfs.dll Fri Oct 07 23:37:45 2005 => Scanning File C:\WINDOWS\System32\wbem\wmiprvsd.dll Fri Oct 07 23:37:45 2005 => Scanning File C:\WINDOWS\System32\wbem\wbemess.dll Fri Oct 07 23:37:46 2005 => Scanning File C:\WINDOWS\System32\wbem\ncprov.dll Fri Oct 07 23:37:46 2005 => Scanning File C:\PROGRA~1\STEGAN~1\WRSSSDK.exe Fri Oct 07 23:37:46 2005 => Scanning File C:\WINDOWS\system32\wsock32.dll Fri Oct 07 23:37:46 2005 => Scanning File C:\WINDOWS\system32\olepro32.dll Fri Oct 07 23:37:46 2005 => Scanning File C:\WINDOWS\system32\vdmdbg.dll Fri Oct 07 23:37:46 2005 => Scanning File C:\WINDOWS\Explorer.EXE Fri Oct 07 23:37:46 2005 => Scanning File C:\WINDOWS\System32\BROWSEUI.dll Fri Oct 07 23:37:47 2005 => Scanning File C:\WINDOWS\System32\SHDOCVW.dll Fri Oct 07 23:37:47 2005 => Scanning File C:\WINDOWS\System32\themeui.dll Fri Oct 07 23:37:47 2005 => Scanning File C:\WINDOWS\System32\MSIMG32.dll Fri Oct 07 23:37:47 2005 => Scanning File C:\WINDOWS\System32\msutb.dll Fri Oct 07 23:37:47 2005 => Scanning File C:\WINDOWS\System32\MSCTF.dll Fri Oct 07 23:37:47 2005 => Scanning File C:\WINDOWS\System32\LINKINFO.dll Fri Oct 07 23:37:47 2005 => Scanning File C:\WINDOWS\System32\ntshrui.dll Fri Oct 07 23:37:47 2005 => Scanning File C:\WINDOWS\system32\NETSHELL.dll Fri Oct 07 23:37:48 2005 => Scanning File C:\WINDOWS\system32\credui.dll Fri Oct 07 23:37:48 2005 => Scanning File C:\WINDOWS\System32\msi.dll Fri Oct 07 23:37:48 2005 => Scanning File C:\PROGRA~1\GEMEIN~1\Ahead\Lib\NERODI~1.DLL Fri Oct 07 23:37:48 2005 => Scanning File C:\PROGRA~1\GEMEIN~1\Ahead\Lib\MFC71.DLL Fri Oct 07 23:37:48 2005 => Scanning File C:\PROGRA~1\GEMEIN~1\Ahead\Lib\MSVCR71.dll Fri Oct 07 23:37:48 2005 => Scanning File C:\PROGRA~1\GEMEIN~1\Ahead\Lib\MSVCP71.dll Fri Oct 07 23:37:49 2005 => Scanning File C:\WINDOWS\System32\nvcpl.dll Fri Oct 07 23:37:49 2005 => Scanning File C:\WINDOWS\System32\OLEACC.dll Fri Oct 07 23:37:49 2005 => Scanning File C:\WINDOWS\System32\NVRSDE.DLL Fri Oct 07 23:37:49 2005 => Scanning File C:\WINDOWS\System32\nvshell.dll Fri Oct 07 23:37:49 2005 => Scanning File C:\WINDOWS\System32\browselc.dll Fri Oct 07 23:37:50 2005 => Scanning File C:\WINDOWS\system32\urlmon.dll Fri Oct 07 23:37:50 2005 => Scanning File C:\PROGRA~1\INTERN~1\iexplore.exe Fri Oct 07 23:37:50 2005 => Scanning File C:\WINDOWS\System32\shdoclc.dll Fri Oct 07 23:37:50 2005 => Scanning File C:\WINDOWS\System32\mlang.dll Fri Oct 07 23:37:50 2005 => Scanning File C:\WINDOWS\System32\mshtml.dll Fri Oct 07 23:37:50 2005 => Scanning File C:\WINDOWS\System32\msimtf.dll Fri Oct 07 23:37:51 2005 => Scanning File C:\WINDOWS\System32\msieftp.dll Fri Oct 07 23:37:51 2005 => Scanning File C:\WINDOWS\System32\IMM32.DLL Fri Oct 07 23:37:51 2005 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\SCRIPT~1\scrauth.dll Fri Oct 07 23:37:51 2005 => Scanning File C:\WINDOWS\System32\MSVCP71.dll Fri Oct 07 23:37:51 2005 => Scanning File C:\WINDOWS\System32\MSVCR71.dll Fri Oct 07 23:37:51 2005 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\SCRIPT~1\ScrBlock.dll Fri Oct 07 23:37:51 2005 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\ccL30.dll Fri Oct 07 23:37:51 2005 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\ccVrTrst.dll Fri Oct 07 23:37:52 2005 => Scanning File c:\windows\system32\jscript.dll Fri Oct 07 23:37:52 2005 => Scanning File C:\WINDOWS\System32\MSLS31.DLL Fri Oct 07 23:37:52 2005 => Scanning File C:\WINDOWS\System32\imgutil.dll Fri Oct 07 23:37:52 2005 => Scanning File C:\DOKUME~1\sack\EIGENE~1\mwav\mwavscan.com Fri Oct 07 23:37:52 2005 => Scanning File C:\DOKUME~1\sack\EIGENE~1\mwav\msvlclnt.dll Fri Oct 07 23:37:52 2005 => Scanning File C:\DOKUME~1\sack\EIGENE~1\mwav\kavssdi.dll Fri Oct 07 23:37:53 2005 => Scanning File C:\DOKUME~1\sack\EIGENE~1\mwav\kavssd.dll Fri Oct 07 23:37:53 2005 => Scanning File C:\DOKUME~1\sack\EIGENE~1\mwav\kavssi.dll Fri Oct 07 23:37:53 2005 => Scanning File C:\DOKUME~1\sack\EIGENE~1\mwav\ipc.dll Fri Oct 07 23:37:53 2005 => Scanning File C:\DOKUME~1\sack\EIGENE~1\mwav\RICHED32.DLL Fri Oct 07 23:37:53 2005 => Scanning File C:\DOKUME~1\sack\EIGENE~1\mwav\PSAPI.DLL Fri Oct 07 23:37:53 2005 => Scanning File C:\DOKUME~1\sack\EIGENE~1\mwav\kavss.exe Fri Oct 07 23:37:53 2005 => Scanning File C:\DOKUME~1\sack\EIGENE~1\mwav\kavss.dll |
Fri Oct 07 23:37:53 2005 => ***** Scanning Registry Files ***** Fri Oct 07 23:37:54 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad Fri Oct 07 23:37:54 2005 => *** File C:\WINDOWS\system32\SHELL32.dll having Size Restriction ***. Filesize 8167 kb > 3072 kb... Fri Oct 07 23:37:54 2005 => Scanning File C:\WINDOWS\system32\SHELL32.dll [**] Fri Oct 07 23:37:54 2005 => *** File C:\WINDOWS\system32\SHELL32.dll having Size Restriction ***. Filesize 8167 kb > 3072 kb... Fri Oct 07 23:37:54 2005 => Scanning File C:\WINDOWS\system32\SHELL32.dll [**] Fri Oct 07 23:37:54 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll Fri Oct 07 23:37:54 2005 => Scanning File C:\WINDOWS\System32\stobject.dll Fri Oct 07 23:37:54 2005 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad Fri Oct 07 23:37:54 2005 => Scanning HKLM\SOFTWARE\Microsoft\Internet Explorer\Plugins\Extension Fri Oct 07 23:37:54 2005 => Scanning HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar Fri Oct 07 23:37:54 2005 => Scanning File C:\WINDOWS\System32\msdxm.ocx Fri Oct 07 23:37:54 2005 => Scanning File C:\Programme\ICQToolbar\toolbaru.dll Fri Oct 07 23:37:54 2005 => Scanning File C:\PROGRA~1\NORTON~1\NavShExt.dll Fri Oct 07 23:37:54 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects Fri Oct 07 23:37:54 2005 => {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} = C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll Fri Oct 07 23:37:54 2005 => Scanning File C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\ActiveX\ACROIE~1.DLL Fri Oct 07 23:37:54 2005 => {53707962-6F74-2D53-2644-206D7942484F} = C:\Programme\Spybot - Search & Destroy\SDHelper.dll Fri Oct 07 23:37:54 2005 => Scanning File C:\PROGRA~1\SPYBOT~1\SDHelper.dll Fri Oct 07 23:37:54 2005 => {BDF3E430-B101-42AD-A544-FADC6B084872} = C:\Programme\Norton AntiVirus\NavShExt.dll Fri Oct 07 23:37:54 2005 => Scanning File C:\PROGRA~1\NORTON~1\NavShExt.dll Fri Oct 07 23:37:54 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler Fri Oct 07 23:37:54 2005 => Scanning File C:\WINDOWS\System32\browseui.dll Fri Oct 07 23:37:55 2005 => Scanning File C:\WINDOWS\System32\browseui.dll Fri Oct 07 23:37:55 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved Fri Oct 07 23:37:55 2005 => Scanning File C:\WINDOWS\system32\mmsys.cpl Fri Oct 07 23:37:55 2005 => Scanning File C:\WINDOWS\system32\icmui.dll Fri Oct 07 23:37:55 2005 => Scanning File C:\WINDOWS\system32\rshx32.dll Fri Oct 07 23:37:55 2005 => Scanning File C:\WINDOWS\system32\docprop.dll Fri Oct 07 23:37:55 2005 => Scanning File C:\WINDOWS\system32\ntshrui.dll Fri Oct 07 23:37:55 2005 => Scanning File C:\WINDOWS\System32\themeui.dll Fri Oct 07 23:37:55 2005 => Scanning File C:\WINDOWS\system32\deskadp.dll Fri Oct 07 23:37:55 2005 => Scanning File C:\WINDOWS\system32\deskmon.dll Fri Oct 07 23:37:55 2005 => Scanning File C:\WINDOWS\system32\dssec.dll Fri Oct 07 23:37:55 2005 => Scanning File C:\WINDOWS\system32\SlayerXP.dll Fri Oct 07 23:37:55 2005 => Scanning File C:\WINDOWS\system32\shscrap.dll Fri Oct 07 23:37:55 2005 => Scanning File C:\WINDOWS\system32\diskcopy.dll Fri Oct 07 23:37:55 2005 => Scanning File C:\WINDOWS\system32\ntlanui2.dll Fri Oct 07 23:37:55 2005 => Scanning File C:\WINDOWS\System32\icmui.dll Fri Oct 07 23:37:55 2005 => Scanning File C:\WINDOWS\system32\icmui.dll Fri Oct 07 23:37:55 2005 => Scanning File C:\WINDOWS\system32\printui.dll Fri Oct 07 23:37:55 2005 => Scanning File C:\WINDOWS\system32\dskquoui.dll Fri Oct 07 23:37:55 2005 => Scanning File C:\WINDOWS\system32\syncui.dll Fri Oct 07 23:37:55 2005 => Scanning File C:\WINDOWS\System32\hticons.dll Fri Oct 07 23:37:55 2005 => Scanning File C:\WINDOWS\system32\fontext.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\system32\icmui.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\system32\rshx32.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\system32\ntshrui.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\system32\deskperf.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\system32\cryptext.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\system32\cryptext.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\system32\NETSHELL.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\system32\NETSHELL.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\system32\wiashext.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\system32\wiashext.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\system32\wiashext.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\system32\wiashext.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\system32\wiashext.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\remotepg.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\wuaueng.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\wshext.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\PROGRA~1\GEMEIN~1\System\OLEDB~1\oledb32.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\mstask.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\mstask.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\mstask.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\shmedia.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\shmedia.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\shmedia.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\shmedia.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\shmedia.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\shmedia.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\browseui.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\browseui.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\browseui.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\browseui.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\browseui.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\browseui.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\browseui.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\browseui.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\browseui.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\browseui.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\browseui.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\browseui.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\browseui.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\browseui.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\browseui.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\browseui.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\browseui.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\browseui.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\browseui.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\browseui.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\browseui.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\browseui.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\browseui.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\browseui.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\browseui.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\browseui.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\browseui.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\browseui.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\browseui.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\sendmail.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\sendmail.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\occache.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\appwiz.cpl Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\appwiz.cpl Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\appwiz.cpl Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\shimgvw.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\shimgvw.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\shimgvw.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\shimgvw.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\shimgvw.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\shimgvw.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\netplwiz.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\netplwiz.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\netplwiz.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\netplwiz.dll Fri Oct 07 23:37:56 2005 => Scanning File C:\WINDOWS\System32\zipfldr.dll Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\zipfldr.dll Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\zipfldr.dll Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\cdfview.dll Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\cdfview.dll Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\cdfview.dll Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\cdfview.dll Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\cdfview.dll Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\msieftp.dll Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\docprop2.dll Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\docprop2.dll Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\docprop2.dll Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\docprop2.dll Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\docprop2.dll Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\docprop2.dll Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\dsquery.dll Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\dsquery.dll Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\dsquery.dll Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\dsquery.dll Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\dsuiext.dll Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\dsuiext.dll Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\mydocs.dll Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\mydocs.dll Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\mydocs.dll Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\cscui.dll Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\cscui.dll Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\cscui.dll Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\msagent\agentpsh.dll Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\dfsshlex.dll Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\photowiz.dll Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\mmcshext.dll Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\system32\cabview.dll Fri Oct 07 23:37:57 2005 => Scanning File C:\PROGRA~1\OUTLOO~1\wabfind.dll Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\wmpshell.dll Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\wmpshell.dll Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\wmpshell.dll Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\Audiodev.dll Fri Oct 07 23:37:57 2005 => Scanning File C:\WINDOWS\System32\Audiodev.dll Fri Oct 07 23:37:57 2005 => Scanning File C:\Programme\ICQLite\ICQLiteShell.dll Fri Oct 07 23:37:57 2005 => Scanning File C:\Programme\WinRAR\rarext.dll Fri Oct 07 23:37:57 2005 => Scanning File C:\PROGRA~1\TUNEUP~1\sdshelex.dll Fri Oct 07 23:37:57 2005 => Scanning File C:\PROGRA~1\ALCOHO~1\ALCOHO~1\AXShlEx.dll Fri Oct 07 23:37:58 2005 => *** File C:\WINDOWS\System32\nvcpl.dll having Size Restriction ***. Filesize 7036 kb > 3072 kb... Fri Oct 07 23:37:58 2005 => Scanning File C:\WINDOWS\System32\nvcpl.dll [**] Fri Oct 07 23:37:58 2005 => Scanning File C:\WINDOWS\System32\nvshell.dll Fri Oct 07 23:37:58 2005 => Scanning File C:\WINDOWS\System32\nvshell.dll Fri Oct 07 23:37:58 2005 => Scanning File C:\WINDOWS\System32\nvshell.dll Fri Oct 07 23:37:58 2005 => Scanning File C:\PROGRA~1\GEMEIN~1\Ahead\Lib\NERODI~1.DLL Fri Oct 07 23:37:58 2005 => Scanning File C:\PROGRA~1\GEMEIN~1\Ahead\Lib\NERODI~1.DLL Fri Oct 07 23:37:58 2005 => *** File C:\WINDOWS\System32\nvcpl.dll having Size Restriction ***. Filesize 7036 kb > 3072 kb... Fri Oct 07 23:37:58 2005 => Scanning File C:\WINDOWS\System32\nvcpl.dll [**] Fri Oct 07 23:37:58 2005 => Scanning File C:\PROGRA~1\STEGAN~1\SSCtxMnu.dll |
Fri Oct 07 23:37:58 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows Fri Oct 07 23:37:58 2005 => Scanning File C:\PROGRA~1\Agnitum\OUTPOS~1\wl_hook.dll Fri Oct 07 23:37:58 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon Fri Oct 07 23:37:58 2005 => Scanning File C:\WINDOWS\Explorer.exe Fri Oct 07 23:37:58 2005 => Scanning File C:\WINDOWS\system32\userinit.exe Fri Oct 07 23:37:58 2005 => Scanning File C:\WINDOWS\system32\dskquota.dll Fri Oct 07 23:37:58 2005 => Scanning File C:\WINDOWS\system32\scecli.dll Fri Oct 07 23:37:58 2005 => Scanning File C:\WINDOWS\system32\iedkcs32.dll Fri Oct 07 23:37:58 2005 => Scanning File C:\WINDOWS\system32\scecli.dll Fri Oct 07 23:37:58 2005 => Scanning File C:\WINDOWS\system32\crypt32.dll Fri Oct 07 23:37:58 2005 => Scanning File C:\WINDOWS\system32\cryptnet.dll Fri Oct 07 23:37:58 2005 => Scanning File C:\WINDOWS\system32\cscdll.dll Fri Oct 07 23:37:58 2005 => Scanning File C:\WINDOWS\system32\wlnotify.dll Fri Oct 07 23:37:58 2005 => Scanning File C:\WINDOWS\system32\wlnotify.dll Fri Oct 07 23:37:58 2005 => Scanning File C:\WINDOWS\system32\sclgntfy.dll Fri Oct 07 23:37:58 2005 => Scanning File C:\WINDOWS\system32\WlNotify.dll Fri Oct 07 23:37:58 2005 => Scanning File C:\WINDOWS\system32\wlnotify.dll Fri Oct 07 23:37:58 2005 => Scanning File C:\WINDOWS\system32\wlnotify.dll Fri Oct 07 23:37:58 2005 => Scanning HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon Fri Oct 07 23:37:59 2005 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System Fri Oct 07 23:37:59 2005 => Scanning HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows Fri Oct 07 23:37:59 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AEDEBUG Fri Oct 07 23:37:59 2005 => Scanning File C:\WINDOWS\system32\drwtsn32.exe Fri Oct 07 23:37:59 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options Fri Oct 07 23:37:59 2005 => Scanning File C:\WINDOWS\system32\ntsd.exe Fri Oct 07 23:37:59 2005 => Scanning HKCU\Control Panel\Desktop Fri Oct 07 23:37:59 2005 => *** File C:\WINDOWS\RESOUR~1\SCREEN~1\SKYROC~1.SCR having Size Restriction ***. Filesize 5768 kb > 3072 kb... Fri Oct 07 23:37:59 2005 => Scanning File C:\WINDOWS\RESOUR~1\SCREEN~1\SKYROC~1.SCR [**] Fri Oct 07 23:37:59 2005 => Scanning HKLM\SYSTEM\CurrentControlSet\Control\WOW Fri Oct 07 23:37:59 2005 => Scanning File C:\WINDOWS\system32\ntvdm.exe Fri Oct 07 23:37:59 2005 => Scanning File C:\WINDOWS\system32\ntvdm.exe Fri Oct 07 23:37:59 2005 => Scanning HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components Fri Oct 07 23:37:59 2005 => Scanning File C:\WINDOWS\inf\unregmp2.exe Fri Oct 07 23:37:59 2005 => Scanning File C:\WINDOWS\system32\RunDLL32.exe Fri Oct 07 23:38:00 2005 => Scanning File C:\WINDOWS\system32\regsvr32.exe Fri Oct 07 23:38:00 2005 => Scanning File C:\PROGRA~1\OUTLOO~1\setup50.exe Fri Oct 07 23:38:00 2005 => Scanning File C:\WINDOWS\system32\rundll32.exe Fri Oct 07 23:38:00 2005 => Scanning File C:\WINDOWS\system32\rundll32.exe Fri Oct 07 23:38:00 2005 => Scanning File C:\WINDOWS\system32\rundll32.exe Fri Oct 07 23:38:00 2005 => Scanning File C:\PROGRA~1\OUTLOO~1\setup50.exe Fri Oct 07 23:38:00 2005 => Scanning File C:\WINDOWS\system32\regsvr32.exe Fri Oct 07 23:38:00 2005 => Scanning File C:\WINDOWS\system32\ie4uinit.exe Fri Oct 07 23:38:00 2005 => Scanning File C:\WINDOWS\system32\rundll32.exe Fri Oct 07 23:38:00 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run Fri Oct 07 23:38:00 2005 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run Fri Oct 07 23:38:00 2005 => Scanning HKLM\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Run Fri Oct 07 23:38:00 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Run Fri Oct 07 23:38:00 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Fri Oct 07 23:38:00 2005 => Scanning File C:\PROGRA~1\Agnitum\OUTPOS~1\outpost.exe Fri Oct 07 23:38:00 2005 => Scanning File C:\Programme\ICQLite\ICQLite.exe Fri Oct 07 23:38:01 2005 => Scanning File C:\Programme\AVPersonal\AVGNT.EXE Fri Oct 07 23:38:01 2005 => Scanning File C:\Programme\Java\jre1.5.0_02\bin\jusched.exe Fri Oct 07 23:38:01 2005 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\SECURI~1\UsrPrmpt.exe Fri Oct 07 23:38:01 2005 => Scanning File C:\PROGRA~1\SYMNET~1\SNDMon.exe Fri Oct 07 23:38:01 2005 => Scanning File C:\WINDOWS\System32\NeroCheck.exe Fri Oct 07 23:38:01 2005 => Scanning File C:\WINDOWS\system32\RUNDLL32.EXE Fri Oct 07 23:38:01 2005 => Scanning File C:\WINDOWS\system32\nwiz.exe Fri Oct 07 23:38:02 2005 => Scanning File C:\WINDOWS\system32\RUNDLL32.EXE Fri Oct 07 23:38:02 2005 => Scanning File C:\Programme\SlySoft\CloneCD\CloneCDTray.exe Fri Oct 07 23:38:02 2005 => *** File C:\PROGRA~1\STEGAN~1\SASPY2~1.EXE having Size Restriction ***. Filesize 3179 kb > 3072 kb... Fri Oct 07 23:38:02 2005 => Scanning File C:\PROGRA~1\STEGAN~1\SASPY2~1.EXE [**] Fri Oct 07 23:38:02 2005 => Scanning File C:\Programme\eScan\LAUNCH.EXE Fri Oct 07 23:38:02 2005 => Scanning File C:\PROGRA~1\eScan\TRAYICOS.EXE Fri Oct 07 23:38:02 2005 => Scanning File C:\PROGRA~1\eScan\AVPMWrap.EXE Fri Oct 07 23:38:02 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce Fri Oct 07 23:38:02 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx Fri Oct 07 23:38:02 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices Fri Oct 07 23:38:02 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce Fri Oct 07 23:38:02 2005 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Fri Oct 07 23:38:02 2005 => Scanning File C:\WINDOWS\System32\ctfmon.exe Fri Oct 07 23:38:03 2005 => *** File C:\PROGRA~1\MSNMES~1\MsnMsgr.Exe having Size Restriction ***. Filesize 6916 kb > 3072 kb... Fri Oct 07 23:38:03 2005 => Scanning File C:\PROGRA~1\MSNMES~1\MsnMsgr.Exe [**] Fri Oct 07 23:38:03 2005 => Scanning File C:\Programme\TGTSoft\StyleXP\StyleXP.exe Fri Oct 07 23:38:03 2005 => Scanning File d:\programme\valve\steam\steam.exe Fri Oct 07 23:38:03 2005 => Scanning File C:\PROGRA~1\GEMEIN~1\Ahead\lib\NMBGMO~1.EXE Fri Oct 07 23:38:03 2005 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce Fri Oct 07 23:38:03 2005 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx Fri Oct 07 23:38:03 2005 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices Fri Oct 07 23:38:03 2005 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\Setup Fri Oct 07 23:38:03 2005 => Scanning HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Fri Oct 07 23:38:03 2005 => Scanning File C:\WINDOWS\System32\CTFMON.EXE Fri Oct 07 23:38:03 2005 => Scanning HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce Fri Oct 07 23:38:03 2005 => Scanning HKCR\txtfile\shell\open\command Fri Oct 07 23:38:04 2005 => Scanning HKCR\comfile\shell\open\command Fri Oct 07 23:38:04 2005 => Scanning HKCR\exefile\shell\open\command Fri Oct 07 23:38:04 2005 => Scanning HKCR\dllfile\shell\open\command Fri Oct 07 23:38:04 2005 => Scanning HKCR\batfile\shell\open\command Fri Oct 07 23:38:04 2005 => Scanning HKCR\piffile\shell\open\command Fri Oct 07 23:38:04 2005 => Scanning HKCR\scrfile\shell\open\command Fri Oct 07 23:38:04 2005 => Scanning HKCR\scrfile\shell\config\command Fri Oct 07 23:38:04 2005 => Scanning HKCR\regfile\shell\open\command Fri Oct 07 23:38:04 2005 => Scanning HKCR\htmlfile\shell\open\command Fri Oct 07 23:38:04 2005 => Scanning File C:\PROGRA~1\INTERN~1\iexplore.exe Fri Oct 07 23:38:04 2005 => Scanning HKCR\htafile\shell\open\command Fri Oct 07 23:38:04 2005 => Scanning File C:\WINDOWS\System32\mshta.exe Fri Oct 07 23:38:04 2005 => Scanning HKCR\jsfile\shell\open\command Fri Oct 07 23:38:04 2005 => Scanning File C:\WINDOWS\System32\WScript.exe Fri Oct 07 23:38:05 2005 => Scanning HKCR\jsefile\shell\open\command Fri Oct 07 23:38:05 2005 => Scanning File C:\WINDOWS\System32\WScript.exe Fri Oct 07 23:38:05 2005 => Scanning HKCR\vbsfile\shell\open\command Fri Oct 07 23:38:05 2005 => Scanning File C:\WINDOWS\System32\WScript.exe Fri Oct 07 23:38:05 2005 => Scanning HKCR\vbefile\shell\open\command Fri Oct 07 23:38:05 2005 => Scanning File C:\WINDOWS\System32\WScript.exe Fri Oct 07 23:38:05 2005 => Scanning HKCR\wshfile\shell\open\command Fri Oct 07 23:38:05 2005 => Scanning File C:\WINDOWS\System32\WScript.exe Fri Oct 07 23:38:05 2005 => Scanning HKCR\wsffile\shell\open\command Fri Oct 07 23:38:05 2005 => Scanning File C:\WINDOWS\System32\WScript.exe |
Fri Oct 07 23:38:05 2005 => ***** Scanning StartUp Folders ***** Fri Oct 07 23:38:05 2005 => ***** Scanning C:\Dokumente und Einstellungen\sack\Startmenü\Programme\Autostart Folder ***** Fri Oct 07 23:38:05 2005 => Scanning Folder: C:\Dokumente und Einstellungen\sack\Startmenü\Programme\Autostart\*.* Fri Oct 07 23:38:05 2005 => Scanning File C:\Dokumente und Einstellungen\sack\Startmenü\Programme\Autostart\desktop.ini [**] Fri Oct 07 23:38:05 2005 => ***** Scanning C:\Dokumente und Einstellungen\sack\Desktop Folder ***** Fri Oct 07 23:38:05 2005 => Scanning Folder: C:\Dokumente und Einstellungen\sack\Desktop\*.* Fri Oct 07 23:38:06 2005 => Scanning File C:\Dokumente und Einstellungen\sack\Desktop\BitComet.lnk Fri Oct 07 23:38:06 2005 => Scanning File C:\Dokumente und Einstellungen\sack\Desktop\BPM Studio 4 Profi.lnk Fri Oct 07 23:38:06 2005 => Scanning File C:\Dokumente und Einstellungen\sack\Desktop\ClearProg.lnk Fri Oct 07 23:38:06 2005 => Scanning File C:\Dokumente und Einstellungen\sack\Desktop\config.cfg [**] Fri Oct 07 23:38:06 2005 => Scanning File C:\Dokumente und Einstellungen\sack\Desktop\Fable.exe.lnk Fri Oct 07 23:38:06 2005 => Scanning File C:\Dokumente und Einstellungen\sack\Desktop\FireBurner.lnk Fri Oct 07 23:38:06 2005 => Scanning File C:\Dokumente und Einstellungen\sack\Desktop\GeForceTweakUtility.lnk Fri Oct 07 23:38:06 2005 => Scanning File C:\Dokumente und Einstellungen\sack\Desktop\IsoBuster.lnk Fri Oct 07 23:38:06 2005 => Scanning File C:\Dokumente und Einstellungen\sack\Desktop\MotoGP URT 3.lnk Fri Oct 07 23:38:06 2005 => Scanning File C:\Dokumente und Einstellungen\sack\Desktop\Neu Textdokument.txt [**] Fri Oct 07 23:38:06 2005 => Scanning File C:\Dokumente und Einstellungen\sack\Desktop\soundmisc1.cfg [**] Fri Oct 07 23:38:06 2005 => Scanning File C:\Dokumente und Einstellungen\sack\Desktop\Spybot - Search & Destroy.lnk Fri Oct 07 23:38:06 2005 => Scanning File C:\Dokumente und Einstellungen\sack\Desktop\Start Gamers.IRC.lnk Fri Oct 07 23:38:06 2005 => Scanning File C:\Dokumente und Einstellungen\sack\Desktop\Steamstarter.lnk Fri Oct 07 23:38:06 2005 => Scanning File C:\Dokumente und Einstellungen\sack\Desktop\TeamSpeak 2 RC2.lnk Fri Oct 07 23:38:06 2005 => Scanning File C:\Dokumente und Einstellungen\sack\Desktop\Verknüpfung mit Azureus.exe.lnk Fri Oct 07 23:38:06 2005 => Scanning File C:\Dokumente und Einstellungen\sack\Desktop\Verknüpfung mit cdeath.lnk Fri Oct 07 23:38:06 2005 => Scanning File C:\Dokumente und Einstellungen\sack\Desktop\Verknüpfung mit hlsw.lnk Fri Oct 07 23:38:06 2005 => Scanning File C:\Dokumente und Einstellungen\sack\Desktop\Verknüpfung mit saspy2006safe_Loader.exe.lnk Fri Oct 07 23:38:06 2005 => Scanning File C:\Dokumente und Einstellungen\sack\Desktop\Verknüpfung mit saspy2006_Loader.exe.lnk Fri Oct 07 23:38:06 2005 => Scanning File C:\Dokumente und Einstellungen\sack\Desktop\Verknüpfung mit Steam.exe.lnk Fri Oct 07 23:38:06 2005 => Scanning File C:\Dokumente und Einstellungen\sack\Desktop\Verknüpfung mit Stronghold2.exe.lnk Fri Oct 07 23:38:06 2005 => Scanning File C:\Dokumente und Einstellungen\sack\Desktop\VirtuallyJenna.lnk Fri Oct 07 23:38:06 2005 => ***** Scanning C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart Folder ***** Fri Oct 07 23:38:06 2005 => Scanning Folder: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\*.* Fri Oct 07 23:38:06 2005 => Scanning File C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini [**] Fri Oct 07 23:38:07 2005 => ***** Scanning Service Files ***** Fri Oct 07 23:38:07 2005 => Scanning HKLM\SYSTEM\CurrentControlSet\Services Fri Oct 07 23:38:07 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\a347bus.sys Fri Oct 07 23:38:07 2005 => Scanning File C:\WINDOWS\System32\Drivers\a347scsi.sys Fri Oct 07 23:38:07 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\ACPI.sys Fri Oct 07 23:38:07 2005 => Scanning File C:\PROGRA~1\AGNITUM\OUTPOS~1\KERNEL\ADBLOCK.DLL Fri Oct 07 23:38:07 2005 => Scanning File C:\WINDOWS\System32\drivers\aec.sys Fri Oct 07 23:38:07 2005 => Scanning File C:\WINDOWS\System32\drivers\afd.sys Fri Oct 07 23:38:07 2005 => Scanning File C:\WINDOWS\System32\drivers\ALCXSENS.SYS Fri Oct 07 23:38:07 2005 => Scanning File C:\WINDOWS\System32\drivers\ALCXWDM.SYS Fri Oct 07 23:38:07 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Oct 07 23:38:07 2005 => Scanning File C:\WINDOWS\System32\alg.exe Fri Oct 07 23:38:07 2005 => Scanning File C:\PROGRAMME\AVPERSONAL\AVGUARD.EXE Fri Oct 07 23:38:07 2005 => Scanning File C:\WINDOWS\system32\svchost.exe Fri Oct 07 23:38:07 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\asyncmac.sys Fri Oct 07 23:38:07 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\atapi.sys Fri Oct 07 23:38:07 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\atmarpc.sys Fri Oct 07 23:38:08 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Oct 07 23:38:08 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\audstub.sys Fri Oct 07 23:38:08 2005 => Scanning File C:\PROGRAMME\AVPERSONAL\AVGNTDW.SYS Fri Oct 07 23:38:08 2005 => Scanning File C:\Programme\AVPersonal\AVWUPSRV.EXE Fri Oct 07 23:38:08 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Oct 07 23:38:08 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Oct 07 23:38:08 2005 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\ccEvtMgr.exe Fri Oct 07 23:38:08 2005 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\ccPwdSvc.exe Fri Oct 07 23:38:08 2005 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\ccSetMgr.exe Fri Oct 07 23:38:08 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\cdrom.sys Fri Oct 07 23:38:08 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\cfosspeed.sys Fri Oct 07 23:38:08 2005 => Scanning File C:\WINDOWS\System32\cisvc.exe Fri Oct 07 23:38:08 2005 => Scanning File C:\WINDOWS\system32\clipsrv.exe Fri Oct 07 23:38:08 2005 => Scanning File C:\WINDOWS\System32\dllhost.exe Fri Oct 07 23:38:08 2005 => Scanning File C:\PROGRA~1\AGNITUM\OUTPOS~1\KERNEL\CONTENT.DLL Fri Oct 07 23:38:08 2005 => Scanning File C:\WINDOWS\system32\svchost.exe Fri Oct 07 23:38:08 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Oct 07 23:38:08 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\disk.sys Fri Oct 07 23:38:08 2005 => Scanning File C:\WINDOWS\System32\dmadmin.exe Fri Oct 07 23:38:08 2005 => Scanning File C:\WINDOWS\System32\drivers\dmboot.sys Fri Oct 07 23:38:08 2005 => Scanning File C:\WINDOWS\System32\drivers\dmio.sys Fri Oct 07 23:38:08 2005 => Scanning File C:\WINDOWS\System32\drivers\dmload.sys Fri Oct 07 23:38:08 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Oct 07 23:38:08 2005 => Scanning File C:\WINDOWS\System32\drivers\DMusic.sys Fri Oct 07 23:38:09 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Oct 07 23:38:09 2005 => Scanning File C:\PROGRA~1\AGNITUM\OUTPOS~1\KERNEL\DNSCACHE.DLL Fri Oct 07 23:38:09 2005 => Scanning File C:\WINDOWS\System32\drivers\drmkaud.sys Fri Oct 07 23:38:09 2005 => Scanning File C:\WINDOWS\System32\Drivers\ElbyCDFL.sys Fri Oct 07 23:38:09 2005 => Scanning File C:\WINDOWS\System32\Drivers\ElbyCDIO.sys Fri Oct 07 23:38:09 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Oct 07 23:38:09 2005 => Scanning File C:\PROGRA~1\eScan\TRAYSSER.EXE Fri Oct 07 23:38:09 2005 => Scanning File C:\WINDOWS\system32\services.exe Fri Oct 07 23:38:09 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Oct 07 23:38:09 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Oct 07 23:38:09 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\fdc.sys Fri Oct 07 23:38:09 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\flpydisk.sys Fri Oct 07 23:38:09 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\ftdisk.sys Fri Oct 07 23:38:09 2005 => Scanning File C:\PROGRA~1\AGNITUM\OUTPOS~1\KERNEL\FTPFILT.DLL Fri Oct 07 23:38:09 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\gameenum.sys Fri Oct 07 23:38:09 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\msgpc.sys Fri Oct 07 23:38:09 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Oct 07 23:38:09 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Oct 07 23:38:09 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\hidusb.sys Fri Oct 07 23:38:09 2005 => Scanning File C:\PROGRA~1\AGNITUM\OUTPOS~1\KERNEL\HTMLFILT.DLL Fri Oct 07 23:38:09 2005 => Scanning File C:\PROGRA~1\AGNITUM\OUTPOS~1\KERNEL\HTTPFILT.DLL Fri Oct 07 23:38:09 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\i8042prt.sys Fri Oct 07 23:38:09 2005 => Scanning File C:\PROGRA~1\GEMEIN~1\INSTAL~1\Driver\1050\INTEL3~1\IDriverT.exe Fri Oct 07 23:38:09 2005 => Scanning File C:\PROGRA~1\AGNITUM\OUTPOS~1\KERNEL\IMAPFILT.DLL Fri Oct 07 23:38:09 2005 => Scanning File C:\WINDOWS\System32\imapi.exe Fri Oct 07 23:38:09 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys Fri Oct 07 23:38:09 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\ipinip.sys Fri Oct 07 23:38:10 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\ipnat.sys Fri Oct 07 23:38:10 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\ipsec.sys Fri Oct 07 23:38:10 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\irenum.sys Fri Oct 07 23:38:10 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\isapnp.sys Fri Oct 07 23:38:10 2005 => Scanning File C:\PROGRA~1\eScan\avpm.exe Fri Oct 07 23:38:10 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\kbdclass.sys Fri Oct 07 23:38:10 2005 => Scanning File C:\WINDOWS\SYSTEM32\DRIVERS\KLIF.SYS Fri Oct 07 23:38:10 2005 => Scanning File C:\WINDOWS\System32\drivers\kmixer.sys Fri Oct 07 23:38:10 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\L8042Kbd.sys Fri Oct 07 23:38:10 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Oct 07 23:38:10 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Oct 07 23:38:10 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\LHidKE.Sys Fri Oct 07 23:38:10 2005 => Scanning File C:\WINDOWS\System32\Drivers\LHidUsbK.Sys Fri Oct 07 23:38:10 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Oct 07 23:38:10 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\LMouKE.Sys Fri Oct 07 23:38:10 2005 => Scanning File C:\PROGRA~1\AGNITUM\OUTPOS~1\KERNEL\MAILFILT.DLL Fri Oct 07 23:38:10 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Oct 07 23:38:10 2005 => Scanning File C:\WINDOWS\System32\mnmsrvc.exe Fri Oct 07 23:38:10 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\mouclass.sys Fri Oct 07 23:38:11 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\mouhid.sys Fri Oct 07 23:38:11 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\mrxdav.sys Fri Oct 07 23:38:11 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\mrxsmb.sys Fri Oct 07 23:38:11 2005 => Scanning File C:\WINDOWS\System32\msdtc.exe Fri Oct 07 23:38:11 2005 => Scanning File C:\WINDOWS\System32\msiexec.exe Fri Oct 07 23:38:11 2005 => Scanning File C:\WINDOWS\System32\drivers\MSKSSRV.sys Fri Oct 07 23:38:11 2005 => Scanning File C:\WINDOWS\System32\drivers\MSPCLOCK.sys Fri Oct 07 23:38:11 2005 => Scanning File C:\WINDOWS\System32\drivers\MSPQM.sys Fri Oct 07 23:38:11 2005 => Scanning File C:\WINDOWS\System32\drivers\msmpu401.sys Fri Oct 07 23:38:11 2005 => Scanning File C:\PROGRA~1\NORTON~1\navapsvc.exe Fri Oct 07 23:38:11 2005 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\VIRUSD~1\20051007.016\NAVENG.SYS Fri Oct 07 23:38:11 2005 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\VIRUSD~1\20051007.016\NAVEX15.SYS Fri Oct 07 23:38:11 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\ndistapi.sys Fri Oct 07 23:38:11 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\ndisuio.sys Fri Oct 07 23:38:11 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\ndiswan.sys Fri Oct 07 23:38:11 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\netbios.sys Fri Oct 07 23:38:11 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\netbt.sys Fri Oct 07 23:38:12 2005 => Scanning File C:\WINDOWS\system32\netdde.exe Fri Oct 07 23:38:12 2005 => Scanning File C:\WINDOWS\system32\netdde.exe Fri Oct 07 23:38:12 2005 => Scanning File C:\WINDOWS\System32\lsass.exe Fri Oct 07 23:38:12 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Oct 07 23:38:12 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Oct 07 23:38:12 2005 => Scanning File C:\PROGRA~1\AGNITUM\OUTPOS~1\KERNEL\NNTPFILT.DLL Fri Oct 07 23:38:12 2005 => Scanning File C:\PROGRA~1\NORTON~1\IWP\NPFMntor.exe Fri Oct 07 23:38:12 2005 => Scanning File C:\WINDOWS\System32\lsass.exe Fri Oct 07 23:38:12 2005 => Scanning File C:\WINDOWS\system32\svchost.exe Fri Oct 07 23:38:12 2005 => *** File C:\WINDOWS\System32\DRIVERS\nv4_mini.sys having Size Restriction ***. Filesize 3408 kb > 3072 kb... |
Fri Oct 07 23:38:12 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [**] Fri Oct 07 23:38:12 2005 => Scanning File C:\WINDOWS\System32\nvsvc32.exe Fri Oct 07 23:38:12 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys Fri Oct 07 23:38:12 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys Fri Oct 07 23:38:12 2005 => Scanning File C:\WINDOWS\System32\oodag.exe Fri Oct 07 23:38:12 2005 => Scanning File C:\PROGRA~1\Agnitum\OUTPOS~1\outpost.exe Fri Oct 07 23:38:12 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\parport.sys Fri Oct 07 23:38:12 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\pci.sys Fri Oct 07 23:38:12 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\pciide.sys Fri Oct 07 23:38:12 2005 => Scanning File C:\WINDOWS\system32\services.exe Fri Oct 07 23:38:12 2005 => Scanning File C:\WINDOWS\System32\lsass.exe Fri Oct 07 23:38:12 2005 => Scanning File C:\PROGRA~1\AGNITUM\OUTPOS~1\KERNEL\POP3FILT.DLL Fri Oct 07 23:38:12 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\raspptp.sys Fri Oct 07 23:38:12 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\processr.sys Fri Oct 07 23:38:12 2005 => Scanning File C:\PROGRA~1\AGNITUM\OUTPOS~1\KERNEL\PROTECT.DLL Fri Oct 07 23:38:12 2005 => Scanning File C:\WINDOWS\system32\lsass.exe Fri Oct 07 23:38:12 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\psched.sys Fri Oct 07 23:38:12 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\ptilink.sys Fri Oct 07 23:38:12 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\PxHelp20.sys Fri Oct 07 23:38:13 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\rasacd.sys Fri Oct 07 23:38:13 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Oct 07 23:38:13 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\rasl2tp.sys Fri Oct 07 23:38:13 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Oct 07 23:38:13 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\raspppoe.sys Fri Oct 07 23:38:13 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\raspti.sys Fri Oct 07 23:38:13 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\rdbss.sys Fri Oct 07 23:38:13 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\RDPCDD.sys Fri Oct 07 23:38:13 2005 => Scanning File C:\WINDOWS\system32\sessmgr.exe Fri Oct 07 23:38:13 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\redbook.sys Fri Oct 07 23:38:13 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Oct 07 23:38:13 2005 => Scanning File C:\WINDOWS\System32\Drivers\RootMdm.sys Fri Oct 07 23:38:13 2005 => Scanning File C:\WINDOWS\System32\locator.exe Fri Oct 07 23:38:13 2005 => Scanning File C:\WINDOWS\system32\svchost.exe Fri Oct 07 23:38:13 2005 => Scanning File C:\WINDOWS\System32\rsvp.exe Fri Oct 07 23:38:13 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\RTL8139.SYS Fri Oct 07 23:38:13 2005 => Scanning File C:\WINDOWS\system32\lsass.exe Fri Oct 07 23:38:13 2005 => Scanning File C:\PROGRA~1\NORTON~1\SAVRT.SYS Fri Oct 07 23:38:13 2005 => Scanning File C:\PROGRA~1\NORTON~1\SAVRTPEL.SYS Fri Oct 07 23:38:13 2005 => Scanning File C:\PROGRA~1\NORTON~1\SAVScan.exe Fri Oct 07 23:38:13 2005 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\SCRIPT~1\SBServ.exe Fri Oct 07 23:38:13 2005 => Scanning File C:\WINDOWS\System32\SCardSvr.exe Fri Oct 07 23:38:13 2005 => Scanning File C:\WINDOWS\System32\SCardSvr.exe Fri Oct 07 23:38:13 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Oct 07 23:38:13 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\secdrv.sys Fri Oct 07 23:38:13 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Oct 07 23:38:13 2005 => Scanning File C:\WINDOWS\system32\svchost.exe Fri Oct 07 23:38:13 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\serenum.sys Fri Oct 07 23:38:13 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\serial.sys Fri Oct 07 23:38:13 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Oct 07 23:38:13 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Oct 07 23:38:13 2005 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\SNDSrvc.exe Fri Oct 07 23:38:14 2005 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\SPBBC\SPBBCDRV.SYS Fri Oct 07 23:38:14 2005 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\SPBBC\SPBBCSvc.exe Fri Oct 07 23:38:14 2005 => Scanning File C:\WINDOWS\System32\drivers\splitter.sys Fri Oct 07 23:38:14 2005 => Scanning File C:\WINDOWS\system32\spoolsv.exe Fri Oct 07 23:38:14 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\sr.sys Fri Oct 07 23:38:14 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Oct 07 23:38:14 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\srv.sys Fri Oct 07 23:38:14 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Oct 07 23:38:14 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Oct 07 23:38:14 2005 => Scanning File C:\PROGRAMME\TGTSOFT\STYLEXP\STYLEXPHELPER.EXE Fri Oct 07 23:38:14 2005 => Scanning File C:\Programme\TGTSoft\StyleXP\StyleXPService.exe Fri Oct 07 23:38:14 2005 => Scanning File C:\PROGRA~1\STEGAN~1\WRSSSDK.exe Fri Oct 07 23:38:14 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\swenum.sys Fri Oct 07 23:38:14 2005 => Scanning File C:\WINDOWS\System32\drivers\swmidi.sys Fri Oct 07 23:38:14 2005 => Scanning File C:\WINDOWS\System32\dllhost.exe Fri Oct 07 23:38:14 2005 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\CCPD-LC\symlcsvc.exe Fri Oct 07 23:38:14 2005 => Scanning File C:\WINDOWS\System32\Drivers\SYMDNS.SYS Fri Oct 07 23:38:14 2005 => Scanning File C:\PROGRAMME\SYMANTEC\SYMEVENT.SYS Fri Oct 07 23:38:15 2005 => Scanning File C:\WINDOWS\System32\Drivers\SYMFW.SYS Fri Oct 07 23:38:15 2005 => Scanning File C:\WINDOWS\System32\Drivers\SYMIDS.SYS Fri Oct 07 23:38:15 2005 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\SYMCDATA\IDS-DI~1\20050901.036\SYMIDSCO.SYS Fri Oct 07 23:38:15 2005 => Scanning File C:\WINDOWS\SYSTEM32\DRIVERS\SYMLCBRD.SYS Fri Oct 07 23:38:15 2005 => Scanning File C:\WINDOWS\System32\Drivers\SYMNDIS.SYS Fri Oct 07 23:38:15 2005 => Scanning File C:\WINDOWS\System32\Drivers\SYMREDRV.SYS Fri Oct 07 23:38:15 2005 => Scanning File C:\WINDOWS\System32\Drivers\SYMTDI.SYS Fri Oct 07 23:38:15 2005 => Scanning File C:\WINDOWS\System32\drivers\sysaudio.sys Fri Oct 07 23:38:15 2005 => Scanning File C:\WINDOWS\system32\smlogsvc.exe Fri Oct 07 23:38:15 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Oct 07 23:38:15 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\tcpip.sys Fri Oct 07 23:38:15 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\termdd.sys Fri Oct 07 23:38:15 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Oct 07 23:38:15 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Oct 07 23:38:15 2005 => Scanning File C:\WINDOWS\system32\svchost.exe Fri Oct 07 23:38:15 2005 => Scanning File C:\PROGRA~1\TUNEUP~1\WINSTY~2.EXE Fri Oct 07 23:38:15 2005 => Scanning File C:\WINDOWS\System32\wdfmgr.exe Fri Oct 07 23:38:15 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\update.sys Fri Oct 07 23:38:15 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Oct 07 23:38:15 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Oct 07 23:38:15 2005 => Scanning File C:\WINDOWS\System32\ups.exe Fri Oct 07 23:38:15 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\usbhub.sys Fri Oct 07 23:38:15 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\usbohci.sys Fri Oct 07 23:38:15 2005 => Scanning File C:\PROGRA~1\AGNITUM\OUTPOS~1\KERNEL\FILTNT.SYS Fri Oct 07 23:38:16 2005 => Scanning File C:\WINDOWS\System32\drivers\vga.sys Fri Oct 07 23:38:16 2005 => Scanning File C:\WINDOWS\System32\vssvc.exe Fri Oct 07 23:38:16 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Oct 07 23:38:16 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\wanarp.sys Fri Oct 07 23:38:16 2005 => Scanning File C:\WINDOWS\System32\drivers\wdmaud.sys Fri Oct 07 23:38:16 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Oct 07 23:38:16 2005 => Scanning File C:\WINDOWS\system32\svchost.exe Fri Oct 07 23:38:16 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Oct 07 23:38:16 2005 => Scanning File C:\WINDOWS\System32\wbem\wmiapsrv.exe Fri Oct 07 23:38:16 2005 => Scanning File C:\WINDOWS\System32\drivers\ws2ifsl.sys Fri Oct 07 23:38:16 2005 => Scanning File C:\WINDOWS\system32\svchost.exe Fri Oct 07 23:38:16 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Oct 07 23:38:16 2005 => Scanning HKLM\SYSTEM\CurrentControlSet\Services\VxD Fri Oct 07 23:38:16 2005 => ***** Scanning Registry and File system for Adware/Spyware ***** Fri Oct 07 23:38:16 2005 => Loading Spyware Signatures from new External Database (Size: 144406). Fri Oct 07 23:38:17 2005 => Indexed Spyware Databases Successfully Created... Fri Oct 07 23:38:18 2005 => Offending Key found: HKLM\Software\gnu !!! Fri Oct 07 23:38:29 2005 => Object "bearshare Spyware/Adware" found in File System! Action Taken: No Action Taken. Fri Oct 07 23:38:29 2005 => Offending Key found: HKLM\Software\kazaa !!! Fri Oct 07 23:38:29 2005 => Object "kazaa Spyware/Adware" found in File System! Action Taken: No Action Taken. Fri Oct 07 23:38:29 2005 => Offending Key found: HKCU\Software\gnu !!! Fri Oct 07 23:38:29 2005 => Object "bearshare Spyware/Adware" found in File System! Action Taken: No Action Taken. Fri Oct 07 23:38:29 2005 => Offending Key found: HKCU\Software\kazaa !!! Fri Oct 07 23:38:29 2005 => Object "kazaa Spyware/Adware" found in File System! Action Taken: No Action Taken. Fri Oct 07 23:38:29 2005 => Offending Key found: HKCU\Software\maxthon !!! Fri Oct 07 23:38:29 2005 => Object "abxtoolbar Spyware/Adware" found in File System! Action Taken: No Action Taken. Fri Oct 07 23:38:31 2005 => Offending file found: C:\Dokumente und Einstellungen\sack\Eigene Dateien\stronghold 2\config.dat Fri Oct 07 23:38:31 2005 => System found infected with startsurfing Spyware/Adware (config.dat)! Action taken: No Action Taken. Fri Oct 07 23:38:32 2005 => Offending file found: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\symantec\common client\settings.dat Fri Oct 07 23:38:32 2005 => System found infected with cydoor.topicks.a Spyware/Adware (settings.dat)! Action taken: No Action Taken. |
hab mal einen kleinen teil hier rein gemacht wenn es dir hefen tut ansonsten habe ich dir ne mail geschrieben und danke für deine hilfe |
Was soll der Unfug? Lese die Anleitung nochmals genau durch und poste dann das mit der Datei find.bat erstellte Log. |
| Alle Zeitangaben in WEZ +1. Es ist jetzt 19:51 Uhr. |
Copyright ©2000-2025, Trojaner-Board