Virus Agent.ay geht nicht mehr weg!

Underkill · 15.03.2006, 17:20

hiho!

Hab seit 2 Tagen oder so dieses Agent.ay Virus! AntiVir meldet mir alle 5 min, dass er was gefunden hat!

Jetzt hab ich gestern und heute so ein look2me Fix bei mir gemacht, nur kam vorhin der Virus wieder!

Deswegen wollte ich ma mein HiJack Logfile posten, damit ihr ma drüber gucken könnt, ob der Virus jetzt wirklich weg ist, oder was ich noch löschen muss!

Vielen Dank im Voraus!

Log-File:

Logfile of HijackThis v1.99.1
Scan saved at 17:21:06, on 15.03.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\sstray.exe
C:\Programme\ATI Technologies\ATI.ACE\cli.exe
C:\Programme\Microsoft IntelliPoint\point32.exe
C:\Programme\Java\jre1.5.0_06\bin\jusched.exe
C:\Programme\popupxpert\popupex.exe
C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
C:\Programme\ATI Technologies\ATI.ACE\CLI.exe
C:\Programme\Logitech\SetPoint\SetPoint.exe
C:\Programme\Gemeinsame Dateien\Logitech\KHAL\KHALMNPR.EXE
C:\Programme\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Real\RealPlayer\realplay.exe
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
C:\Programme\ICQLite\ICQLite.exe
C:\Programme\MSN Messenger\msnmsgr.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\Microsoft Office\Office10\OUTLOOK.EXE
C:\Programme\Microsoft Office\Office10\WINWORD.EXE
C:\Programme\Jap\jap.exe
C:\Programme\Java\jre1.5.0_06\bin\javaw.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\unzipped\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = localhost:4001
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [ATICCC] "C:\Programme\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [IntelliPoint] "C:\Programme\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [PopUpXPert] C:\Programme\popupxpert\popupex.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -trayboot
O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: ATI CATALYST-Infobereich.lnk = C:\Programme\ATI Technologies\ATI.ACE\CLI.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe (file missing)
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: AntiVir Scheduler (AntiVirScheduler) - H+BEDV Datentechnik GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

hoerni26 · 15.03.2006, 18:04

hallo,

also ich kann nix im log entdecken..
aber zur sicherheit mach mal noch einen Escan halte dich genau an die anleitung..
lass die sprache auf englisch stehen..
teile zum schluss das ergebniss der find.bat hier mit..

BataAlexander · 15.03.2006, 19:56

Hallo,

kurz einmisch:
scan mal
C:\WINDOWS\system32\Ati2evxx.exe

online bei Jotti oder http://www.virustotal.com

Poste das Ergebnis hier.

Gruß

Schrulli

Underkill · 15.03.2006, 23:16

ich werde nie wieder eScan installieren, mein ganzer PC ging eben gar nicht mehr!

naja hier trotzdem die logdatei, hoffe es ist die richtige:

ist sehr sehr groß ...

Wed Mar 15 22:52:25 2006 => ***** Scanning Memory Files *****
Wed Mar 15 22:52:25 2006 => Scanning File C:\WINDOWS\System32\smss.exe
Wed Mar 15 22:52:25 2006 => Scanning File C:\WINDOWS\system32\ntdll.dll
Wed Mar 15 22:52:25 2006 => Scanning File C:\WINDOWS\SYSTEM32\CSRSS.EXE
Wed Mar 15 22:52:25 2006 => Scanning File C:\WINDOWS\system32\CSRSRV.dll
Wed Mar 15 22:52:25 2006 => Scanning File C:\WINDOWS\system32\basesrv.dll
Wed Mar 15 22:52:25 2006 => Scanning File C:\WINDOWS\system32\winsrv.dll
Wed Mar 15 22:52:25 2006 => Scanning File C:\WINDOWS\system32\GDI32.dll
Wed Mar 15 22:52:25 2006 => Scanning File C:\WINDOWS\system32\KERNEL32.dll
Wed Mar 15 22:52:25 2006 => Scanning File C:\WINDOWS\system32\USER32.dll
Wed Mar 15 22:52:25 2006 => Scanning File C:\WINDOWS\system32\sxs.dll
Wed Mar 15 22:52:25 2006 => Scanning File C:\WINDOWS\system32\ADVAPI32.dll
Wed Mar 15 22:52:25 2006 => Scanning File C:\WINDOWS\system32\RPCRT4.dll
Wed Mar 15 22:52:25 2006 => Scanning File C:\WINDOWS\SYSTEM32\WINLOGON.EXE
Wed Mar 15 22:52:26 2006 => Scanning File C:\WINDOWS\system32\AUTHZ.dll
Wed Mar 15 22:52:26 2006 => Scanning File C:\WINDOWS\system32\msvcrt.dll
Wed Mar 15 22:52:26 2006 => Scanning File C:\WINDOWS\system32\CRYPT32.dll
Wed Mar 15 22:52:26 2006 => Scanning File C:\WINDOWS\system32\MSASN1.dll
Wed Mar 15 22:52:26 2006 => Scanning File C:\WINDOWS\system32\NDdeApi.dll
Wed Mar 15 22:52:26 2006 => Scanning File C:\WINDOWS\system32\PROFMAP.dll
Wed Mar 15 22:52:26 2006 => Scanning File C:\WINDOWS\system32\NETAPI32.dll
Wed Mar 15 22:52:26 2006 => Scanning File C:\WINDOWS\system32\USERENV.dll
Wed Mar 15 22:52:26 2006 => Scanning File C:\WINDOWS\system32\PSAPI.DLL
Wed Mar 15 22:52:26 2006 => Scanning File C:\WINDOWS\system32\REGAPI.dll
Wed Mar 15 22:52:27 2006 => Scanning File C:\WINDOWS\system32\Secur32.dll
Wed Mar 15 22:52:27 2006 => Scanning File C:\WINDOWS\system32\SETUPAPI.dll
Wed Mar 15 22:52:27 2006 => Scanning File C:\WINDOWS\system32\VERSION.dll
Wed Mar 15 22:52:27 2006 => Scanning File C:\WINDOWS\system32\WINSTA.dll
Wed Mar 15 22:52:27 2006 => Scanning File C:\WINDOWS\system32\WINTRUST.dll
Wed Mar 15 22:52:27 2006 => Scanning File C:\WINDOWS\system32\IMAGEHLP.dll
Wed Mar 15 22:52:27 2006 => Scanning File C:\WINDOWS\system32\WS2_32.dll
Wed Mar 15 22:52:27 2006 => Scanning File C:\WINDOWS\system32\WS2HELP.dll
Wed Mar 15 22:52:27 2006 => Scanning File C:\WINDOWS\system32\MSGINA.dll
Wed Mar 15 22:52:27 2006 => Scanning File C:\WINDOWS\system32\SHELL32.dll
Wed Mar 15 22:52:27 2006 => Scanning File C:\WINDOWS\system32\SHLWAPI.dll
Wed Mar 15 22:52:27 2006 => Scanning File C:\WINDOWS\system32\COMCTL32.dll
Wed Mar 15 22:52:28 2006 => Scanning File C:\WINDOWS\system32\ODBC32.dll
Wed Mar 15 22:52:28 2006 => Scanning File C:\WINDOWS\system32\comdlg32.dll
Wed Mar 15 22:52:28 2006 => Scanning File C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
Wed Mar 15 22:52:28 2006 => Scanning File C:\WINDOWS\system32\odbcint.dll
Wed Mar 15 22:52:28 2006 => Scanning File C:\WINDOWS\system32\SHSVCS.dll
Wed Mar 15 22:52:28 2006 => Scanning File C:\WINDOWS\system32\sfc.dll
Wed Mar 15 22:52:28 2006 => Scanning File C:\WINDOWS\system32\sfc_os.dll
Wed Mar 15 22:52:28 2006 => Scanning File C:\WINDOWS\system32\ole32.dll
Wed Mar 15 22:52:28 2006 => Scanning File C:\WINDOWS\system32\Apphelp.dll
Wed Mar 15 22:52:28 2006 => Scanning File C:\WINDOWS\system32\WINMM.dll
Wed Mar 15 22:52:28 2006 => Scanning File C:\WINDOWS\system32\Ati2evxx.dll
Wed Mar 15 22:52:28 2006 => Scanning File C:\WINDOWS\system32\cscdll.dll
Wed Mar 15 22:52:28 2006 => Scanning File C:\WINDOWS\system32\rsaenh.dll
Wed Mar 15 22:52:29 2006 => Scanning File C:\WINDOWS\system32\WlNotify.dll
Wed Mar 15 22:52:29 2006 => Scanning File C:\WINDOWS\system32\WinSCard.dll
Wed Mar 15 22:52:29 2006 => Scanning File C:\WINDOWS\system32\WTSAPI32.dll
Wed Mar 15 22:52:29 2006 => Scanning File C:\WINDOWS\system32\WINSPOOL.DRV
Wed Mar 15 22:52:29 2006 => Scanning File C:\WINDOWS\system32\MPR.dll
Wed Mar 15 22:52:29 2006 => Scanning File C:\WINDOWS\system32\UxTheme.dll
Wed Mar 15 22:52:29 2006 => Scanning File C:\WINDOWS\system32\SAMLIB.dll
Wed Mar 15 22:52:29 2006 => Scanning File C:\WINDOWS\system32\cscui.dll
Wed Mar 15 22:52:29 2006 => Scanning File C:\WINDOWS\system32\NTMARTA.DLL
Wed Mar 15 22:52:29 2006 => Scanning File C:\WINDOWS\system32\WLDAP32.dll
Wed Mar 15 22:52:29 2006 => Scanning File C:\WINDOWS\system32\COMRes.dll
Wed Mar 15 22:52:29 2006 => Scanning File C:\WINDOWS\system32\OLEAUT32.dll
Wed Mar 15 22:52:29 2006 => Scanning File C:\WINDOWS\system32\CLBCATQ.DLL
Wed Mar 15 22:52:30 2006 => Scanning File C:\WINDOWS\system32\xpsp2res.dll
Wed Mar 15 22:52:30 2006 => Scanning File C:\WINDOWS\system32\services.exe
Wed Mar 15 22:52:30 2006 => Scanning File C:\WINDOWS\system32\SCESRV.dll
Wed Mar 15 22:52:30 2006 => Scanning File C:\WINDOWS\system32\umpnpmgr.dll
Wed Mar 15 22:52:30 2006 => Scanning File C:\WINDOWS\system32\NCObjAPI.DLL
Wed Mar 15 22:52:30 2006 => Scanning File C:\WINDOWS\system32\MSVCP60.dll
Wed Mar 15 22:52:30 2006 => Scanning File C:\WINDOWS\system32\ShimEng.dll
Wed Mar 15 22:52:30 2006 => Scanning File C:\WINDOWS\AppPatch\AcGenral.DLL
Wed Mar 15 22:52:30 2006 => Scanning File C:\WINDOWS\system32\MSACM32.dll
Wed Mar 15 22:52:30 2006 => Scanning File C:\WINDOWS\system32\eventlog.dll
Wed Mar 15 22:52:30 2006 => Scanning File C:\WINDOWS\system32\lsass.exe
Wed Mar 15 22:52:31 2006 => Scanning File C:\WINDOWS\system32\LSASRV.dll
Wed Mar 15 22:52:31 2006 => Scanning File C:\WINDOWS\system32\NTDSAPI.dll
Wed Mar 15 22:52:31 2006 => Scanning File C:\WINDOWS\system32\DNSAPI.dll
Wed Mar 15 22:52:31 2006 => Scanning File C:\WINDOWS\system32\SAMSRV.dll
Wed Mar 15 22:52:31 2006 => Scanning File C:\WINDOWS\system32\cryptdll.dll
Wed Mar 15 22:52:31 2006 => Scanning File C:\WINDOWS\system32\msprivs.dll
Wed Mar 15 22:52:31 2006 => Scanning File C:\WINDOWS\system32\kerberos.dll
Wed Mar 15 22:52:31 2006 => Scanning File C:\WINDOWS\system32\msv1_0.dll
Wed Mar 15 22:52:31 2006 => Scanning File C:\WINDOWS\system32\iphlpapi.dll
Wed Mar 15 22:52:31 2006 => Scanning File C:\WINDOWS\system32\netlogon.dll
Wed Mar 15 22:52:31 2006 => Scanning File C:\WINDOWS\system32\w32time.dll
Wed Mar 15 22:52:31 2006 => Scanning File C:\WINDOWS\system32\schannel.dll
Wed Mar 15 22:52:31 2006 => Scanning File C:\WINDOWS\system32\wdigest.dll
Wed Mar 15 22:52:32 2006 => Scanning File C:\WINDOWS\system32\scecli.dll
Wed Mar 15 22:52:32 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Wed Mar 15 22:52:32 2006 => Scanning File c:\windows\system32\rpcss.dll
Wed Mar 15 22:52:32 2006 => Scanning File C:\WINDOWS\system32\mswsock.dll
Wed Mar 15 22:52:32 2006 => Scanning File C:\WINDOWS\system32\mwtsp.dll
Wed Mar 15 22:52:32 2006 => Scanning File C:\WINDOWS\SPORDER.dll
Wed Mar 15 22:52:32 2006 => Scanning File C:\WINDOWS\system32\hnetcfg.dll
Wed Mar 15 22:52:32 2006 => Scanning File C:\WINDOWS\System32\wshtcpip.dll
Wed Mar 15 22:52:32 2006 => Scanning File C:\WINDOWS\System32\winrnr.dll
Wed Mar 15 22:52:32 2006 => Scanning File C:\WINDOWS\system32\wshbth.dll
Wed Mar 15 22:52:32 2006 => Scanning File C:\WINDOWS\system32\rasadhlp.dll
Wed Mar 15 22:52:32 2006 => Scanning File c:\windows\system32\cryptsvc.dll
Wed Mar 15 22:52:33 2006 => Scanning File c:\windows\system32\certcli.dll
Wed Mar 15 22:52:33 2006 => Scanning File c:\windows\system32\ATL.DLL
Wed Mar 15 22:52:33 2006 => Scanning File C:\WINDOWS\system32\CRYPTUI.dll
Wed Mar 15 22:52:33 2006 => Scanning File C:\WINDOWS\system32\WININET.dll
Wed Mar 15 22:52:33 2006 => Scanning File c:\windows\system32\ESENT.dll
Wed Mar 15 22:52:33 2006 => Scanning File c:\windows\system32\wbem\wmisvc.dll
Wed Mar 15 22:52:33 2006 => Scanning File C:\WINDOWS\system32\VSSAPI.DLL
Wed Mar 15 22:52:33 2006 => Scanning File c:\windows\system32\srsvc.dll
Wed Mar 15 22:52:33 2006 => Scanning File c:\windows\system32\POWRPROF.dll
Wed Mar 15 22:52:33 2006 => Scanning File C:\WINDOWS\System32\Wbem\wbemcore.dll
Wed Mar 15 22:52:33 2006 => Scanning File C:\WINDOWS\System32\Wbem\esscli.dll
Wed Mar 15 22:52:33 2006 => Scanning File C:\WINDOWS\System32\Wbem\wbemcomn.dll
Wed Mar 15 22:52:33 2006 => Scanning File C:\WINDOWS\System32\Wbem\FastProx.dll
Wed Mar 15 22:52:33 2006 => Scanning File C:\WINDOWS\System32\wbem\wmiutils.dll
Wed Mar 15 22:52:33 2006 => Scanning File C:\WINDOWS\System32\wbem\repdrvfs.dll
Wed Mar 15 22:52:34 2006 => Scanning File C:\WINDOWS\System32\wbem\wmiprvsd.dll
Wed Mar 15 22:52:34 2006 => Scanning File C:\WINDOWS\System32\wbem\wbemess.dll
Wed Mar 15 22:52:34 2006 => Scanning File C:\WINDOWS\System32\wbem\ncprov.dll
Wed Mar 15 22:52:34 2006 => Scanning File C:\WINDOWS\Explorer.EXE
Wed Mar 15 22:52:34 2006 => Scanning File C:\WINDOWS\system32\BROWSEUI.dll
Wed Mar 15 22:52:34 2006 => Scanning File C:\WINDOWS\system32\SHDOCVW.dll
Wed Mar 15 22:52:34 2006 => Scanning File C:\WINDOWS\System32\themeui.dll
Wed Mar 15 22:52:34 2006 => Scanning File C:\WINDOWS\System32\MSIMG32.dll
Wed Mar 15 22:52:34 2006 => Scanning File C:\WINDOWS\system32\LINKINFO.dll
Wed Mar 15 22:52:34 2006 => Scanning File C:\WINDOWS\system32\ntshrui.dll
Wed Mar 15 22:52:34 2006 => Scanning File C:\WINDOWS\system32\NETSHELL.dll
Wed Mar 15 22:52:34 2006 => Scanning File C:\WINDOWS\system32\rtutils.dll
Wed Mar 15 22:52:34 2006 => Scanning File C:\WINDOWS\system32\credui.dll
Wed Mar 15 22:52:35 2006 => Scanning File C:\WINDOWS\system32\msi.dll
Wed Mar 15 22:52:35 2006 => Scanning File C:\WINDOWS\system32\urlmon.dll
Wed Mar 15 22:52:35 2006 => Scanning File C:\PROGRA~1\Adobe\ACROBA~1.0\ActiveX\PDFShell.dll
Wed Mar 15 22:52:35 2006 => Scanning File C:\WINDOWS\System32\drprov.dll
Wed Mar 15 22:52:35 2006 => Scanning File C:\WINDOWS\System32\ntlanman.dll
Wed Mar 15 22:52:35 2006 => Scanning File C:\WINDOWS\System32\NETUI0.dll
Wed Mar 15 22:52:35 2006 => Scanning File C:\WINDOWS\System32\NETUI1.dll
Wed Mar 15 22:52:35 2006 => Scanning File C:\WINDOWS\System32\NETRAP.dll
Wed Mar 15 22:52:35 2006 => Scanning File C:\WINDOWS\System32\davclnt.dll
Wed Mar 15 22:52:35 2006 => Scanning File C:\WINDOWS\system32\browselc.dll
Wed Mar 15 22:52:35 2006 => Scanning File C:\Programme\eScan\escanwin.exe
Wed Mar 15 22:52:36 2006 => Scanning File C:\WINDOWS\system32\wsock32.dll
Wed Mar 15 22:52:36 2006 => Scanning File C:\WINDOWS\system32\HHCTRL.OCX
Wed Mar 15 22:52:36 2006 => Scanning File C:\WINDOWS\system32\mui\0007\HHCTRLui.dll

Underkill · 15.03.2006, 23:17

Wed Mar 15 22:52:36 2006 => Scanning File C:\Programme\eScan\msvlclnt.dll
Wed Mar 15 22:52:36 2006 => Scanning File C:\Programme\eScan\kavssdi.dll
Wed Mar 15 22:52:36 2006 => Scanning File C:\Programme\eScan\kavssd.dll
Wed Mar 15 22:52:36 2006 => Scanning File C:\Programme\eScan\kavssi.dll
Wed Mar 15 22:52:36 2006 => Scanning File C:\Programme\eScan\ipc.dll
Wed Mar 15 22:52:36 2006 => Scanning File C:\Programme\eScan\kavss.exe
Wed Mar 15 22:52:36 2006 => Scanning File C:\Programme\eScan\kavss.dll
Wed Mar 15 22:52:36 2006 => Scanning File C:\Programme\eScan\mwavscan.com
Wed Mar 15 22:52:37 2006 => Scanning File C:\PROGRA~1\eScan\msvlclnt.dll
Wed Mar 15 22:52:37 2006 => Scanning File C:\WINDOWS\system32\RICHED32.DLL
Wed Mar 15 22:52:37 2006 => Scanning File C:\WINDOWS\system32\RICHED20.dll
Wed Mar 15 22:52:37 2006 => Scanning File C:\WINDOWS\system32\VDMDBG.DLL

Wed Mar 15 22:52:37 2006 => ***** Scanning Registry Files *****

Wed Mar 15 22:52:37 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
Wed Mar 15 22:52:37 2006 => *** File C:\WINDOWS\system32\SHELL32.dll having Size Restriction ***. Filesize 8292 kb > 2560 kb...
Wed Mar 15 22:52:37 2006 => Scanning File C:\WINDOWS\system32\SHELL32.dll [**]
Wed Mar 15 22:52:37 2006 => *** File C:\WINDOWS\system32\SHELL32.dll having Size Restriction ***. Filesize 8292 kb > 2560 kb...
Wed Mar 15 22:52:37 2006 => Scanning File C:\WINDOWS\system32\SHELL32.dll [**]
Wed Mar 15 22:52:37 2006 => Scanning File C:\WINDOWS\System32\webcheck.dll
Wed Mar 15 22:52:37 2006 => Scanning File C:\WINDOWS\System32\stobject.dll

Wed Mar 15 22:52:37 2006 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad

Wed Mar 15 22:52:37 2006 => Scanning HKLM\SOFTWARE\Microsoft\Internet Explorer\Plugins\Extension

Wed Mar 15 22:52:37 2006 => Scanning HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar

Wed Mar 15 22:52:38 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects
Wed Mar 15 22:52:38 2006 => {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} = C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
Wed Mar 15 22:52:38 2006 => Scanning File C:\PROGRA~1\Adobe\ACROBA~1.0\ActiveX\AcroIEHelper.dll
Wed Mar 15 22:52:38 2006 => {53707962-6F74-2D53-2644-206D7942484F} = C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
Wed Mar 15 22:52:38 2006 => Scanning File C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
Wed Mar 15 22:52:38 2006 => {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} = C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
Wed Mar 15 22:52:38 2006 => Scanning File C:\Programme\Java\jre1.5.0_06\bin\ssv.dll

Wed Mar 15 22:52:38 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler
Wed Mar 15 22:52:38 2006 => Scanning File C:\WINDOWS\System32\browseui.dll
Wed Mar 15 22:52:38 2006 => Scanning File C:\WINDOWS\System32\browseui.dll

Wed Mar 15 22:52:38 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
Wed Mar 15 22:52:38 2006 => Scanning File C:\WINDOWS\system32\mmsys.cpl
Wed Mar 15 22:52:38 2006 => Scanning File C:\WINDOWS\system32\icmui.dll
Wed Mar 15 22:52:38 2006 => Scanning File C:\WINDOWS\system32\rshx32.dll
Wed Mar 15 22:52:38 2006 => Scanning File C:\WINDOWS\system32\docprop.dll
Wed Mar 15 22:52:38 2006 => Scanning File C:\WINDOWS\system32\ntshrui.dll
Wed Mar 15 22:52:38 2006 => Scanning File C:\WINDOWS\System32\themeui.dll
Wed Mar 15 22:52:38 2006 => Scanning File C:\WINDOWS\system32\deskadp.dll
Wed Mar 15 22:52:38 2006 => Scanning File C:\WINDOWS\system32\deskmon.dll
Wed Mar 15 22:52:38 2006 => Scanning File C:\WINDOWS\system32\dssec.dll
Wed Mar 15 22:52:38 2006 => Scanning File C:\WINDOWS\system32\SlayerXP.dll
Wed Mar 15 22:52:38 2006 => Scanning File C:\WINDOWS\system32\shscrap.dll
Wed Mar 15 22:52:38 2006 => Scanning File C:\WINDOWS\system32\diskcopy.dll
Wed Mar 15 22:52:38 2006 => Scanning File C:\WINDOWS\system32\ntlanui2.dll
Wed Mar 15 22:52:38 2006 => Scanning File C:\WINDOWS\System32\icmui.dll
Wed Mar 15 22:52:38 2006 => Scanning File C:\WINDOWS\system32\icmui.dll
Wed Mar 15 22:52:38 2006 => Scanning File C:\WINDOWS\system32\printui.dll
Wed Mar 15 22:52:38 2006 => Scanning File C:\WINDOWS\system32\dskquoui.dll
Wed Mar 15 22:52:38 2006 => Scanning File C:\WINDOWS\system32\syncui.dll
Wed Mar 15 22:52:38 2006 => Scanning File C:\WINDOWS\System32\hticons.dll
Wed Mar 15 22:52:38 2006 => Scanning File C:\WINDOWS\system32\fontext.dll
Wed Mar 15 22:52:38 2006 => Scanning File C:\WINDOWS\system32\icmui.dll
Wed Mar 15 22:52:38 2006 => Scanning File C:\WINDOWS\system32\rshx32.dll
Wed Mar 15 22:52:38 2006 => Scanning File C:\WINDOWS\system32\ntshrui.dll
Wed Mar 15 22:52:38 2006 => Scanning File C:\WINDOWS\system32\deskperf.dll
Wed Mar 15 22:52:38 2006 => Scanning File C:\WINDOWS\system32\cryptext.dll
Wed Mar 15 22:52:38 2006 => Scanning File C:\WINDOWS\system32\cryptext.dll
Wed Mar 15 22:52:38 2006 => Scanning File C:\WINDOWS\system32\NETSHELL.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\system32\NETSHELL.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\system32\wiashext.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\system32\wiashext.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\system32\wiashext.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\system32\wiashext.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\system32\wiashext.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\remotepg.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\system32\wuaucpl.cpl
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\wshext.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\PROGRA~1\GEMEIN~1\System\OLEDB~1\oledb32.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\mstask.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\mstask.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\mstask.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\shmedia.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\shmedia.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\shmedia.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\shmedia.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\shmedia.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\shmedia.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\browseui.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\browseui.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\browseui.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\browseui.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\browseui.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\browseui.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\browseui.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\browseui.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\browseui.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\browseui.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\browseui.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\browseui.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\browseui.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\browseui.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\browseui.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\browseui.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\browseui.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\browseui.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\browseui.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\browseui.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\browseui.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\browseui.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\browseui.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\browseui.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\browseui.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\browseui.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\browseui.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\browseui.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\sendmail.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\sendmail.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\occache.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\webcheck.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\webcheck.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\webcheck.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\webcheck.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\webcheck.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\webcheck.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\webcheck.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\webcheck.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\webcheck.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\webcheck.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\appwiz.cpl
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\appwiz.cpl
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\appwiz.cpl
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\shimgvw.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\shimgvw.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\shimgvw.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\shimgvw.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\shimgvw.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\shimgvw.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\netplwiz.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\netplwiz.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\netplwiz.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\netplwiz.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\zipfldr.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\zipfldr.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\zipfldr.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\cdfview.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\cdfview.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\cdfview.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\cdfview.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\cdfview.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\msieftp.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\docprop2.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\docprop2.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\docprop2.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\docprop2.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\docprop2.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\docprop2.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\dsquery.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\dsquery.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\dsquery.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\dsquery.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\dsuiext.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\dsuiext.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\mydocs.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\mydocs.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\mydocs.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\cscui.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\cscui.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\cscui.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\msagent\agentpsh.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\dfsshlex.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\photowiz.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\mmcshext.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\system32\cabview.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\PROGRA~1\OUTLOO~1\wabfind.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\system32\wmpshell.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\system32\wmpshell.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\system32\wmpshell.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\twext.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\twext.dll
Wed Mar 15 22:52:39 2006 => Scanning File C:\WINDOWS\System32\extmgr.dll
Wed Mar 15 22:52:40 2006 => Scanning File C:\PROGRA~1\ANTIVI~1\shlext.dll
Wed Mar 15 22:52:40 2006 => Scanning File C:\WINDOWS\system32\mscoree.dll
Wed Mar 15 22:52:40 2006 => Scanning File C:\PROGRA~1\ATITEC~1\ATI.ACE\atiacmxx.dll
Wed Mar 15 22:52:40 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Wed Mar 15 22:52:40 2006 => Scanning File C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
Wed Mar 15 22:52:40 2006 => Scanning File C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
Wed Mar 15 22:52:40 2006 => Scanning File C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
Wed Mar 15 22:52:40 2006 => Scanning File C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
Wed Mar 15 22:52:40 2006 => Scanning File C:\Programme\WinRAR\rarext.dll
Wed Mar 15 22:52:40 2006 => Scanning File C:\Programme\Real\RealPlayer\rpshell.dll
Wed Mar 15 22:52:40 2006 => Scanning File C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
Wed Mar 15 22:52:40 2006 => Scanning File C:\Programme\ICQLite\ICQLiteShell.dll
Wed Mar 15 22:52:40 2006 => Scanning File C:\PROGRA~1\MICROS~3\ipcplwir.dll
Wed Mar 15 22:52:40 2006 => Scanning File C:\PROGRA~1\MICROS~3\ipcplwhl.dll
Wed Mar 15 22:52:40 2006 => Scanning File C:\PROGRA~1\MICROS~3\ipcplact.dll
Wed Mar 15 22:52:40 2006 => Scanning File C:\PROGRA~1\MICROS~3\ipcplbtn.dll
Wed Mar 15 22:52:40 2006 => Scanning File C:\PROGRA~1\Microsoft Office\Office10\OLKFSTUB.DLL
Wed Mar 15 22:52:40 2006 => Scanning File C:\PROGRA~1\Microsoft Office\Office10\msohev.dll

Wed Mar 15 22:52:40 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows

Wed Mar 15 22:52:40 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
Wed Mar 15 22:52:40 2006 => Scanning File C:\WINDOWS\Explorer.exe
Wed Mar 15 22:52:40 2006 => Scanning File C:\WINDOWS\system32\userinit.exe
Wed Mar 15 22:52:40 2006 => Scanning File C:\WINDOWS\system32\dskquota.dll
Wed Mar 15 22:52:41 2006 => Scanning File C:\WINDOWS\system32\iedkcs32.dll
Wed Mar 15 22:52:41 2006 => Scanning File C:\WINDOWS\system32\scecli.dll
Wed Mar 15 22:52:41 2006 => Scanning File C:\WINDOWS\system32\iedkcs32.dll
Wed Mar 15 22:52:41 2006 => Scanning File C:\WINDOWS\system32\scecli.dll
Wed Mar 15 22:52:41 2006 => Scanning File C:\WINDOWS\system32\Ati2evxx.dll
Wed Mar 15 22:52:41 2006 => Scanning File C:\WINDOWS\system32\crypt32.dll
Wed Mar 15 22:52:41 2006 => Scanning File C:\WINDOWS\system32\cryptnet.dll
Wed Mar 15 22:52:41 2006 => Scanning File C:\WINDOWS\system32\cscdll.dll
Wed Mar 15 22:52:41 2006 => Scanning File C:\WINDOWS\system32\wlnotify.dll
Wed Mar 15 22:52:41 2006 => Scanning File C:\WINDOWS\system32\wlnotify.dll
Wed Mar 15 22:52:41 2006 => Scanning File C:\WINDOWS\system32\sclgntfy.dll
Wed Mar 15 22:52:41 2006 => Scanning File C:\WINDOWS\system32\WlNotify.dll
Wed Mar 15 22:52:41 2006 => Scanning File C:\WINDOWS\system32\wlnotify.dll
Wed Mar 15 22:52:41 2006 => Scanning File C:\WINDOWS\system32\wlnotify.dll

Wed Mar 15 22:52:41 2006 => Scanning HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon

Wed Mar 15 22:52:41 2006 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System

Wed Mar 15 22:52:41 2006 => Scanning HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows

Wed Mar 15 22:52:41 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AEDEBUG
Wed Mar 15 22:52:41 2006 => Scanning File C:\WINDOWS\system32\drwtsn32.exe

Wed Mar 15 22:52:41 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
Wed Mar 15 22:52:41 2006 => Scanning File C:\WINDOWS\system32\ntsd.exe

Underkill · 15.03.2006, 23:20

Wed Mar 15 22:52:41 2006 => Scanning HKCU\Control Panel\Desktop
Wed Mar 15 22:52:41 2006 => Scanning File C:\WINDOWS\System32\logon.scr

Wed Mar 15 22:52:41 2006 => Scanning HKLM\SYSTEM\CurrentControlSet\Control\WOW
Wed Mar 15 22:52:41 2006 => Scanning File C:\WINDOWS\system32\ntvdm.exe
Wed Mar 15 22:52:41 2006 => Scanning File C:\WINDOWS\system32\ntvdm.exe

Wed Mar 15 22:52:41 2006 => Scanning HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components
Wed Mar 15 22:52:41 2006 => Scanning File C:\WINDOWS\inf\unregmp2.exe
Wed Mar 15 22:52:41 2006 => Scanning File C:\WINDOWS\system32\shmgrate.exe
Wed Mar 15 22:52:41 2006 => Scanning File C:\WINDOWS\system32\RunDLL32.exe
Wed Mar 15 22:52:41 2006 => Scanning File C:\WINDOWS\system32\shmgrate.exe
Wed Mar 15 22:52:41 2006 => Scanning File C:\WINDOWS\system32\regsvr32.exe
Wed Mar 15 22:52:41 2006 => Scanning File C:\PROGRA~1\OUTLOO~1\setup50.exe
Wed Mar 15 22:52:41 2006 => Scanning File C:\WINDOWS\system32\rundll32.exe
Wed Mar 15 22:52:41 2006 => Scanning File C:\WINDOWS\system32\rundll32.exe
Wed Mar 15 22:52:41 2006 => Scanning File C:\WINDOWS\system32\rundll32.exe
Wed Mar 15 22:52:41 2006 => Scanning File C:\PROGRA~1\OUTLOO~1\setup50.exe
Wed Mar 15 22:52:41 2006 => Scanning File C:\WINDOWS\system32\regsvr32.exe
Wed Mar 15 22:52:41 2006 => Scanning File C:\WINDOWS\system32\ie4uinit.exe
Wed Mar 15 22:52:42 2006 => Scanning File C:\WINDOWS\system32\Rundll32.exe

Wed Mar 15 22:52:42 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run

Wed Mar 15 22:52:42 2006 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run

Wed Mar 15 22:52:42 2006 => Scanning HKLM\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Run

Wed Mar 15 22:52:42 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Run

Wed Mar 15 22:52:42 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Wed Mar 15 22:52:42 2006 => Scanning File C:\WINDOWS\system32\rundll32.exe
Wed Mar 15 22:52:42 2006 => Scanning File C:\PROGRA~1\ANTIVI~1\avgnt.exe
Wed Mar 15 22:52:42 2006 => Scanning File C:\WINDOWS\system32\sstray.exe
Wed Mar 15 22:52:42 2006 => Scanning File C:\PROGRA~1\ATITEC~1\ATI.ACE\cli.exe
Wed Mar 15 22:52:42 2006 => Scanning File C:\PROGRA~1\MICROS~3\point32.exe
Wed Mar 15 22:52:42 2006 => Scanning File C:\Programme\Java\jre1.5.0_06\bin\jusched.exe
Wed Mar 15 22:52:42 2006 => Scanning File C:\WINDOWS\system32\NeroCheck.exe
Wed Mar 15 22:52:42 2006 => Scanning File C:\PROGRA~1\GEMEIN~1\Real\UPDATE~1\REALSC~1.EXE
Wed Mar 15 22:52:42 2006 => Scanning File C:\Programme\eScan\LAUNCH.EXE
Wed Mar 15 22:52:42 2006 => Scanning File C:\PROGRA~1\eScan\TRAYICOS.EXE
Wed Mar 15 22:52:42 2006 => Scanning File C:\PROGRA~1\eScan\AVPMWrap.EXE

Wed Mar 15 22:52:42 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce

Wed Mar 15 22:52:42 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx

Wed Mar 15 22:52:43 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices

Wed Mar 15 22:52:43 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce

Wed Mar 15 22:52:43 2006 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Wed Mar 15 22:52:43 2006 => Scanning File C:\WINDOWS\System32\CTFMON.EXE

Wed Mar 15 22:52:43 2006 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce

Wed Mar 15 22:52:43 2006 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx

Wed Mar 15 22:52:43 2006 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices

Wed Mar 15 22:52:43 2006 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\Setup

Wed Mar 15 22:52:43 2006 => Scanning HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Wed Mar 15 22:52:43 2006 => Scanning File C:\WINDOWS\System32\CTFMON.EXE

Wed Mar 15 22:52:43 2006 => Scanning HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce

Wed Mar 15 22:52:43 2006 => Scanning HKCR\txtfile\shell\open\command

Wed Mar 15 22:52:43 2006 => Scanning HKCR\comfile\shell\open\command

Wed Mar 15 22:52:43 2006 => Scanning HKCR\exefile\shell\open\command

Wed Mar 15 22:52:43 2006 => Scanning HKCR\dllfile\shell\open\command

Wed Mar 15 22:52:43 2006 => Scanning HKCR\batfile\shell\open\command

Wed Mar 15 22:52:43 2006 => Scanning HKCR\piffile\shell\open\command

Wed Mar 15 22:52:43 2006 => Scanning HKCR\scrfile\shell\open\command

Wed Mar 15 22:52:43 2006 => Scanning HKCR\scrfile\shell\config\command

Wed Mar 15 22:52:43 2006 => Scanning HKCR\regfile\shell\open\command

Wed Mar 15 22:52:43 2006 => Scanning HKCR\htmlfile\shell\open\command
Wed Mar 15 22:52:44 2006 => Scanning File C:\PROGRA~1\INTERN~1\iexplore.exe

Wed Mar 15 22:52:44 2006 => Scanning HKCR\htafile\shell\open\command
Wed Mar 15 22:52:44 2006 => Scanning File C:\WINDOWS\System32\mshta.exe

Wed Mar 15 22:52:44 2006 => Scanning HKCR\jsfile\shell\open\command
Wed Mar 15 22:52:44 2006 => Scanning File C:\WINDOWS\System32\WScript.exe

Wed Mar 15 22:52:44 2006 => Scanning HKCR\jsefile\shell\open\command
Wed Mar 15 22:52:44 2006 => Scanning File C:\WINDOWS\System32\WScript.exe

Wed Mar 15 22:52:44 2006 => Scanning HKCR\vbsfile\shell\open\command
Wed Mar 15 22:52:44 2006 => Scanning File C:\WINDOWS\System32\WScript.exe

Wed Mar 15 22:52:44 2006 => Scanning HKCR\vbefile\shell\open\command
Wed Mar 15 22:52:44 2006 => Scanning File C:\WINDOWS\System32\WScript.exe

Wed Mar 15 22:52:44 2006 => Scanning HKCR\wshfile\shell\open\command
Wed Mar 15 22:52:44 2006 => Scanning File C:\WINDOWS\System32\WScript.exe

Wed Mar 15 22:52:44 2006 => Scanning HKCR\wsffile\shell\open\command
Wed Mar 15 22:52:44 2006 => Scanning File C:\WINDOWS\System32\WScript.exe

Wed Mar 15 22:52:44 2006 => ***** Scanning StartUp Folders *****

Wed Mar 15 22:52:44 2006 => ***** Scanning C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Autostart Folder *****
Wed Mar 15 22:52:44 2006 => Scanning Folder: C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Autostart\*.*
Wed Mar 15 22:52:44 2006 => Scanning File C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Autostart\desktop.ini [**]

Wed Mar 15 22:52:44 2006 => ***** Scanning C:\Dokumente und Einstellungen\Administrator\Desktop Folder *****
Wed Mar 15 22:52:44 2006 => Scanning Folder: C:\Dokumente und Einstellungen\Administrator\Desktop\*.*

Wed Mar 15 22:52:44 2006 => ***** Scanning C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart Folder *****
Wed Mar 15 22:52:44 2006 => Scanning Folder: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\*.*
Wed Mar 15 22:52:44 2006 => Scanning File C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Reader - Schnellstart.lnk
Wed Mar 15 22:52:44 2006 => Scanning File C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\ATI CATALYST-Infobereich.lnk
Wed Mar 15 22:52:44 2006 => Scanning File C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini [**]
Wed Mar 15 22:52:44 2006 => Scanning File C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Logitech SetPoint.lnk
Wed Mar 15 22:52:44 2006 => Scanning File C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Microsoft Office.lnk

Wed Mar 15 22:52:45 2006 => ***** Scanning Service Files *****
Wed Mar 15 22:52:45 2006 => Scanning HKLM\SYSTEM\CurrentControlSet\Services
Wed Mar 15 22:52:45 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\ACPI.sys
Wed Mar 15 22:52:45 2006 => Scanning File C:\WINDOWS\system32\drivers\aec.sys
Wed Mar 15 22:52:45 2006 => Scanning File C:\WINDOWS\System32\drivers\afd.sys
Wed Mar 15 22:52:45 2006 => Scanning File C:\WINDOWS\System32\svchost.exe
Wed Mar 15 22:52:45 2006 => Scanning File C:\WINDOWS\System32\alg.exe
Wed Mar 15 22:52:45 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\amdk7.sys
Wed Mar 15 22:52:45 2006 => Scanning File C:\PROGRA~1\ANTIVI~1\sched.exe
Wed Mar 15 22:52:45 2006 => Scanning File C:\PROGRA~1\ANTIVI~1\avguard.exe
Wed Mar 15 22:52:45 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Wed Mar 15 22:52:45 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\arp1394.sys
Wed Mar 15 22:52:45 2006 => Scanning File C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
Wed Mar 15 22:52:45 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\asyncmac.sys
Wed Mar 15 22:52:45 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\atapi.sys
Wed Mar 15 22:52:45 2006 => Scanning File C:\WINDOWS\system32\Ati2evxx.exe
Wed Mar 15 22:52:45 2006 => Scanning File C:\WINDOWS\system32\ati2sgag.exe
Wed Mar 15 22:52:45 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
Wed Mar 15 22:52:45 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\atmarpc.sys
Wed Mar 15 22:52:45 2006 => Scanning File C:\WINDOWS\System32\svchost.exe
Wed Mar 15 22:52:45 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\audstub.sys
Wed Mar 15 22:52:45 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\avgntdd.sys
Wed Mar 15 22:52:45 2006 => Scanning File C:\WINDOWS\system32\drivers\avgntmgr.sys
Wed Mar 15 22:52:45 2006 => Scanning File C:\WINDOWS\System32\svchost.exe
Wed Mar 15 22:52:45 2006 => Scanning File C:\WINDOWS\System32\svchost.exe
Wed Mar 15 22:52:45 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\BthEnum.sys
Wed Mar 15 22:52:45 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\bthpan.sys
Wed Mar 15 22:52:45 2006 => Scanning File C:\WINDOWS\system32\Drivers\BTHport.sys
Wed Mar 15 22:52:45 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Wed Mar 15 22:52:45 2006 => Scanning File C:\WINDOWS\system32\Drivers\BTHUSB.sys
Wed Mar 15 22:52:45 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\cdrom.sys
Wed Mar 15 22:52:46 2006 => Scanning File C:\WINDOWS\System32\cisvc.exe
Wed Mar 15 22:52:46 2006 => Scanning File C:\WINDOWS\system32\clipsrv.exe
Wed Mar 15 22:52:46 2006 => Scanning File C:\WINDOWS\System32\dllhost.exe
Wed Mar 15 22:52:46 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Wed Mar 15 22:52:46 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Wed Mar 15 22:52:46 2006 => Scanning File C:\WINDOWS\System32\svchost.exe
Wed Mar 15 22:52:46 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\disk.sys
Wed Mar 15 22:52:46 2006 => Scanning File C:\WINDOWS\System32\dmadmin.exe
Wed Mar 15 22:52:46 2006 => Scanning File C:\WINDOWS\system32\drivers\dmboot.sys
Wed Mar 15 22:52:46 2006 => Scanning File C:\WINDOWS\system32\drivers\dmio.sys
Wed Mar 15 22:52:46 2006 => Scanning File C:\WINDOWS\system32\drivers\dmload.sys
Wed Mar 15 22:52:46 2006 => Scanning File C:\WINDOWS\System32\svchost.exe
Wed Mar 15 22:52:46 2006 => Scanning File C:\WINDOWS\system32\drivers\DMusic.sys
Wed Mar 15 22:52:46 2006 => Scanning File C:\WINDOWS\System32\svchost.exe
Wed Mar 15 22:52:46 2006 => Scanning File C:\WINDOWS\system32\drivers\drmkaud.sys
Wed Mar 15 22:52:46 2006 => Scanning File C:\WINDOWS\System32\Drivers\dtscsi.sys
Wed Mar 15 22:52:46 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\el90Xbc5.SYS
Wed Mar 15 22:52:46 2006 => Scanning File C:\WINDOWS\System32\svchost.exe
Wed Mar 15 22:52:46 2006 => Scanning File C:\PROGRA~1\eScan\TRAYSSER.EXE
Wed Mar 15 22:52:46 2006 => Scanning File C:\WINDOWS\system32\services.exe
Wed Mar 15 22:52:46 2006 => Scanning File C:\WINDOWS\System32\svchost.exe
Wed Mar 15 22:52:46 2006 => Scanning File C:\WINDOWS\System32\svchost.exe
Wed Mar 15 22:52:46 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\fdc.sys
Wed Mar 15 22:52:46 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\flpydisk.sys
Wed Mar 15 22:52:46 2006 => Scanning File C:\WINDOWS\system32\drivers\fltmgr.sys
Wed Mar 15 22:52:46 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\ftdisk.sys
Wed Mar 15 22:52:46 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\gameenum.sys
Wed Mar 15 22:52:46 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\msgpc.sys
Wed Mar 15 22:52:46 2006 => Scanning File C:\WINDOWS\System32\svchost.exe
Wed Mar 15 22:52:46 2006 => Scanning File C:\WINDOWS\System32\svchost.exe
Wed Mar 15 22:52:46 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\hidusb.sys
Wed Mar 15 22:52:46 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\HPZid412.sys
Wed Mar 15 22:52:46 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
Wed Mar 15 22:52:46 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\HPZius12.sys
Wed Mar 15 22:52:46 2006 => Scanning File C:\WINDOWS\system32\Drivers\HTTP.sys
Wed Mar 15 22:52:46 2006 => Scanning File C:\WINDOWS\System32\svchost.exe
Wed Mar 15 22:52:46 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\i8042prt.sys
Wed Mar 15 22:52:46 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\imapi.sys
Wed Mar 15 22:52:46 2006 => Scanning File C:\WINDOWS\System32\imapi.exe
Wed Mar 15 22:52:46 2006 => Scanning File C:\WINDOWS\system32\drivers\ip6fw.sys
Wed Mar 15 22:52:47 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
Wed Mar 15 22:52:47 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\ipinip.sys
Wed Mar 15 22:52:47 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\ipnat.sys
Wed Mar 15 22:52:47 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\ipsec.sys

BataAlexander · 16.03.2006, 12:01

Hallo,

Zitat:

Zitat von hoerni26

halte dich genau an die anleitung...

lesen ist schwer

! Poste den Inhalt der escan_neu.txt.
Wo Du diese findest, steht hier

Gruß

Schrulli

Underkill · 16.03.2006, 13:07

bei mir sah das aber eben anders aus und ging nicht nach der Anleitung, weil Escan eine Installationsdatei war und dann wurde das Programm einfach komplett installiert...

hoerni26 · 16.03.2006, 13:10

daher schrieb ich ja auch genau an die anleitung halten und vorher in ruhe lesen..

Underkill · 16.03.2006, 13:12

sorry, hab nicht gesehen, dass man bei der Produktauswahl ganz runter scrollen muss, um das Programm runterzuladen!

Ich mach dann jetzt ma den Scan und poste die LOG Datei! :-)

Underkill · 16.03.2006, 14:36

so, ist das normal das der Scan solange dauert? War über ne Stunde be mir!

hier jetzt ma die Auszüge:

Thu Mar 16 13:19:32 2006 => ***** Scanning Registry and File system for Adware/Spyware *****
Thu Mar 16 13:19:32 2006 => Loading Spyware Signatures from new External Database (Size: 153719).
Thu Mar 16 13:19:33 2006 => Indexed Spyware Databases Successfully Created...

Thu Mar 16 13:19:41 2006 => System found infected with cws.loadadv.400 Browser Hijacker ({5e2121ee-0300-11d4-8d3b-444553540000})! Action taken: No Action Taken.
Thu Mar 16 13:19:43 2006 => Offending Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\uninstall\limewire !!!
Thu Mar 16 13:19:43 2006 => Object "limewire Spyware/Adware" found in File System! Action Taken: No Action Taken.

Thu Mar 16 13:19:43 2006 => Offending Key found: HKLM\Software\magnet\handlers\limewire !!!
Thu Mar 16 13:19:43 2006 => Object "limewire Spyware/Adware" found in File System! Action Taken: No Action Taken.

Thu Mar 16 13:19:43 2006 => Offending Key found: HKLM\Software\limewire !!!
Thu Mar 16 13:19:43 2006 => Object "limewire Spyware/Adware" found in File System! Action Taken: No Action Taken.

Thu Mar 16 13:19:44 2006 => Offending Folder found: C:\Programme\limewire
Thu Mar 16 13:19:44 2006 => Object "limewire Spyware/Adware" found in File System! Action Taken: No Action Taken.

Thu Mar 16 14:13:11 2006 => File E:\Download\cracksearcher.zip infected by "HackTool.Win32.CrackSearch.a" Virus! Action Taken: No Action Taken.

Endstatus:

Thu Mar 16 14:24:37 2006 => ***** Scanning complete. *****

Thu Mar 16 14:24:37 2006 => Total Objects Scanned: 52295
Thu Mar 16 14:24:37 2006 => Total Critical Objects: 7
Thu Mar 16 14:24:37 2006 => Total Disinfected Objects: 0
Thu Mar 16 14:24:37 2006 => Total Objects Renamed: 0
Thu Mar 16 14:24:37 2006 => Total Deleted Objects: 0
Thu Mar 16 14:24:37 2006 => Total Errors: 29
Thu Mar 16 14:24:37 2006 => Time Elapsed: 01:05:25
Thu Mar 16 14:24:37 2006 => Virus Database Date: 3/14/2006
Thu Mar 16 14:24:37 2006 => Virus Database Count: 182276

Thu Mar 16 14:24:37 2006 => Scan Completed.

ich hoffe, das ist jetzt richtig! Wenn nicht, dann sagt mir nochma wie es geht!

LimeWire ist von mir installiert!

edit:

wie kann ich dann fixen, wollte ich gleich schonmal vorab fragen!

Ist der Virus endlich weg?

Hab ja schon mehrmals jetzt diesen look2me fix gestartet!

oder ist eher schon zwingend notwendig, XP neu aufzusetzen! Hab das nur gerade vor 2 Wochen schon hiter mich gebracht und wollte das nicht unbedingt gleich nochma machen!

BataAlexander · 16.03.2006, 15:51

Hallo,

nun der Mist auf Deinem Rechner kommt unter anderem dann auch von Limewire.
Wenn Du diese Sachen nicht vom Rechner weg läßt kommt das eh immer wieder.

Gruß

Schrulli

Underkill · 16.03.2006, 18:39

die Frage ist, was mit den Sachen außer LimeWire denn ist?

Sind die in Ordnung?

Ich mein LimWire ist doch eigentlich "nur" ein Filesharing Programm, oder?

BataAlexander · 16.03.2006, 21:24

Hallo,

es ist ganz normal das ein eScan so lange dauert.
Warum limewire und konsorten Dein System verseucht?

Zitat:

Zitat von Underkill

Thu Mar 16 13:19:43 2006 => Offending Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\uninstall\limewire !!!
Thu Mar 16 13:19:43 2006 => Object "limewire Spyware/Adware" found in File System! Action Taken: No Action Taken.
Thu Mar 16 13:19:43 2006 => Offending Key found: HKLM\Software\magnet\handlers\limewire !!!
Thu Mar 16 13:19:43 2006 => Object "limewire Spyware/Adware" found in File System! Action Taken: No Action Taken.
Thu Mar 16 13:19:43 2006 => Offending Key found: HKLM\Software\limewire !!!
Thu Mar 16 13:19:43 2006 => Object "limewire Spyware/Adware" found in File System! Action Taken: No Action Taken.
Thu Mar 16 13:19:44 2006 => Offending Folder found: C:\Programme\limewire
Thu Mar 16 13:19:44 2006 => Object "limewire Spyware/Adware" found in File System! Action Taken: No Action Taken.
Thu Mar 16 14:13:11 2006 => File E:\Download\cracksearcher.zip infected by "HackTool.Win32.CrackSearch.a" Virus! Action Taken: No Action Taken.

Alles klar?
Wenn nicht limewire runterschmeissen und alles, was Du darüber bezogen hast!
Wenn Dir das widersagt, bist Du mit dem Support in diesem Board am Ende.
Ein sauberes System und P2P Benutzung funktioniert nicht.

[edit]Hab mich mal schlau gemacht( ja geht

). Du hast damit (5e2121ee-0300-11d4-8d3b-444553540000) diesen Schelm auf den Rechner geladen, daher ist Dir nur zu Raten den Rechner neu Aufzusetzen!
Beachte dabei die in meiner Signatur verlinkte Anleitung dazu![/edit]

Gruß

Schrulli

Underkill · 17.03.2006, 16:44

alles klar, ich setz ihn neu auf

15.03.2006, 19:56	#3
BataAlexander > MalwareDB	Virus Agent.ay geht nicht mehr weg! Hallo, kurz einmisch: scan mal C:\WINDOWS\system32\Ati2evxx.exe online bei Jotti oder http://www.virustotal.com Poste das Ergebnis hier. Gruß Schrulli __________________ __________________

Virus Agent.ay geht nicht mehr weg!

Log-Analyse und Auswertung: Virus Agent.ay geht nicht mehr weg!