|
kacke trojaner Logfile of HijackThis v1.98.2 Scan saved at 23:09:46, on 09.09.2004 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programme\Sygate\SPF\smc.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\Dit.exe C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\System32\RunDll32.exe C:\Programme\AVPersonal\AVGNT.EXE C:\WINDOWS\CNYHKey.exe C:\WINDOWS\DitExp.exe C:\Programme\AVPersonal\AVGUARD.EXE C:\Programme\AVPersonal\AVWUPSRV.EXE C:\Programme\CA\SharedComponents\CA_LIC\LogWatNT.exe C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\taskmgr.exe C:\Programme\Internet Explorer\IEXPLORE.EXE C:\Programme\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\System32\wuauclt.exe C:\Dokumente und Einstellungen\ben\Lokale Einstellungen\Temp\Temporäres Verzeichnis 1 für hijackthis_198.zip\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.medion.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.aldi.com O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [Dit] Dit.exe O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe O4 - HKLM\..\Run: [CHotkey] mHotkey.exe O4 - HKLM\..\Run: [PCMService] "C:\Programme\Medion Home Cinema XL II\PowerCinema\PCMService.exe" O4 - HKLM\..\Run: [ATIPTA] C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [PRISMSTA.EXE] PRISMSTA.EXE START O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui O4 - HKLM\..\Run: [AVGCtrl] "C:\Programme\AVPersonal\AVGNT.EXE" /min O4 - Global Startup: Kontrollfeld für die kabellose Tastatur.lnk = C:\WINDOWS\CNYHKey.exe O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra button: MedionShop - {36669D80-D50C-45FA-9675-2A46C5698A6E} - http://www.medionshop.de/ (file missing) (HKCU) O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.co...?1094674518984 also ich hatte/habe sygate persoanl firewall pro oben, netgear rooter, trojancheck, antivir, spybot, adaware (wobei ich die letzen 2 atm nicht drauf hab wegen format c) etc. ich hab halt den pc angelassen aber war nicht im inet. ich komm heim, zig progs am laufen und die maus fährt übern bildschirm. ok erschtmal schock. hab telekom angerufen aber kein traffic über die leitung gegangen. ich hab so nen medion aldi pc. der hat wlan integriert. das hab ich aber auf RADIO OFF gemacht und im netzwerk auch deaktiviert. naja der scheiss trojaner (der dumme kerl hinter dem trojaner) is immernoch da. auch nachdem format c. sygate zeigt 0 in und 0 out aber die maus bewegt sich trotzdem durch die gegend. ich weiss echt nimmer was ich tun soll. das einzige was eben sein kann is das der über wlan rein geht. nun gut ich wohn in nem kl. dorf. btw fällt mir grad auf das der cursor so komisch blinkt. der hat wahrscheinlich nen keylogger laufen. naja zurück zum thema. also soviele die sich auskennen mit wlan dürfte es in meiner umgebung nicht geben. bitte helft mir ich bin echt verzweifelt. :( //edit spybot hat auch DSO EXPLOIT gefunden aber ich hab eigentlich nur mit opera gesurft nur ab und zu mit IE und dann nur auf "VERTRAUENWÜRDIGEN SITES" |
*push* bitte um hilfe!!! ich weiss nimmer weiter! soviel wie ich an hab und trotzdem nen trojaner der net runter will!!! nochmal ne neue jh log: Logfile of HijackThis v1.98.2 Scan saved at 00:44:59, on 10.09.2004 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programme\Sygate\SPF\smc.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\Dit.exe C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\System32\RunDll32.exe C:\Programme\AVPersonal\AVGNT.EXE C:\WINDOWS\DitExp.exe C:\Programme\AVPersonal\AVWUPSRV.EXE C:\Programme\CA\SharedComponents\CA_LIC\LogWatNT.exe C:\WINDOWS\System32\taskmgr.exe C:\Programme\AVPersonal\AVGUARD.EXE D:\Benni\mIRC\mirc.exe C:\WINDOWS\System32\wisptis.exe C:\Programme\Mozilla Firefox\firefox.exe C:\Dokumente und Einstellungen\ben\Desktop\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.medion.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.aldi.com O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [Dit] Dit.exe O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe O4 - HKLM\..\Run: [CHotkey] mHotkey.exe O4 - HKLM\..\Run: [PCMService] "C:\Programme\Medion Home Cinema XL II\PowerCinema\PCMService.exe" O4 - HKLM\..\Run: [ATIPTA] C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [PRISMSTA.EXE] PRISMSTA.EXE START O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui O4 - HKLM\..\Run: [AVGCtrl] "C:\Programme\AVPersonal\AVGNT.EXE" /min O4 - Global Startup: Kontrollfeld für die kabellose Tastatur.lnk = C:\WINDOWS\CNYHKey.exe O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.co...?1094674518984 |
Hallo Bensen, wie kommst Du auf die Idee, dass Du einen Trojaner auf dem System hast? Lade Dir bitte den eScan - entsprechend der Anleitung in diesem Thread runter, erstelle einen Ordner (=Verzeichnis) c:\bases, update den eScan online und führe ihn offline im abgesicherten Modus aus. Du findest eine genaue, bebilderte Anleitung im Thread: Thread-6083 Teile uns dann bitte das Ergebnis des eScan mit: wieviel Viren wurden auf Deinem Rechner gefunden, wie heißen die Viren, wieviele Viren wurden gelöscht, wieviele Dateien wurden umbenannt - es sieht so aus: =>Total Number of Files Scanned: =>Total Number of Virus(es) Found: =>Total Number of Disinfected Files: =>Total Number of Files Renamed: =>Total Number of Deleted Files: =>Total Number of Errors: Ich schau mir derweil Dein Logfile an. [edit] Poste nach dem eScan bitte ein neues Hijack This-Logfile. SD |
weil zig programme gestartet wurden als ich net da war und die maus sich ziemlich extrem bewegt hat. also net nurn bisschen sondern richtige kreise etc etc. //edit ok werd das mal mit escan machen |
@ bensen also, ich sehe nichts Auffälliges in Deinem Logfile. Aber Dein System ist nicht auf dem aktuellen Stand. Lade Dir bitte das aktuelle Service Pack runter: www.windowsupdate.com und teile uns dann bitte das Ergebnis des eScan mit. SD |
@bensen : Auch ich sehe mit meinen Augen nix verdächtiges oder schlimmes. Dem Zufolge, kann das als folgen mehreres haben :
Gruß Andy |
also eScan hat nix gefunden! ich kann die log hier net posten :( irgend nen mysql fehler //edit log Fri Sep 10 17:01:35 2004 => ********************************************************** Fri Sep 10 17:01:35 2004 => eScan AntiVirus Toolkit Utility. Fri Sep 10 17:01:35 2004 => Copyright © 2003-2004, MicroWorld Technologies Inc. Fri Sep 10 17:01:35 2004 => ********************************************************** Fri Sep 10 17:01:35 2004 => Version 4.4.7 Fri Sep 10 17:01:35 2004 => Log File: C:\DOKUME~1\ben\LOKALE~1\Temp\mwav.log Fri Sep 10 17:01:35 2004 => Latest Date of files inside MWAV: 08 Sep 2004 12:01:44. Fri Sep 10 17:01:36 2004 => AV Library Loaded... Fri Sep 10 17:01:36 2004 => Scanning File C:\DOKUME~1\ben\LOKALE~1\Temp\kavss.exe Fri Sep 10 17:01:36 2004 => Scanning File C:\DOKUME~1\ben\LOKALE~1\Temp\Getvlist.exe Fri Sep 10 17:01:36 2004 => Scanning File C:\DOKUME~1\ben\LOKALE~1\Temp\kavss.dll Fri Sep 10 17:01:36 2004 => Scanning File C:\DOKUME~1\ben\LOKALE~1\Temp\kavssdi.dll Fri Sep 10 17:01:36 2004 => Scanning File C:\DOKUME~1\ben\LOKALE~1\Temp\kavssi.dll Fri Sep 10 17:01:36 2004 => Scanning File C:\DOKUME~1\ben\LOKALE~1\Temp\kavvlg.dll Fri Sep 10 17:01:36 2004 => Scanning File C:\DOKUME~1\ben\LOKALE~1\Temp\msvlclnt.dll Fri Sep 10 17:01:36 2004 => Scanning File C:\DOKUME~1\ben\LOKALE~1\Temp\ipc.dll Fri Sep 10 17:01:36 2004 => Scanning File C:\DOKUME~1\ben\LOKALE~1\Temp\main.avi Fri Sep 10 17:01:36 2004 => Scanning File C:\DOKUME~1\ben\LOKALE~1\Temp\virus.avi Fri Sep 10 17:01:36 2004 => Virus Database Date: 2004/09/08 Fri Sep 10 17:01:36 2004 => Virus Database Count: 103467 Fri Sep 10 17:01:43 2004 => AV Library Unloaded (3)... Fri Sep 10 17:04:18 2004 => ********************************************************** Fri Sep 10 17:04:18 2004 => eScan AntiVirus Toolkit Utility. Fri Sep 10 17:04:18 2004 => Copyright © 2003-2004, MicroWorld Technologies Inc. Fri Sep 10 17:04:18 2004 => ********************************************************** Fri Sep 10 17:04:18 2004 => Version 4.4.7 Fri Sep 10 17:04:18 2004 => Log File: C:\DOKUME~1\ben\LOKALE~1\Temp\mwav.log Fri Sep 10 17:04:18 2004 => Latest Date of files inside MWAV: 08 Sep 2004 12:01:44. Fri Sep 10 17:04:19 2004 => AV Library Loaded... Fri Sep 10 17:04:19 2004 => Scanning File C:\DOKUME~1\ben\LOKALE~1\Temp\kavss.exe Fri Sep 10 17:04:19 2004 => Scanning File C:\DOKUME~1\ben\LOKALE~1\Temp\Getvlist.exe Fri Sep 10 17:04:19 2004 => Scanning File C:\DOKUME~1\ben\LOKALE~1\Temp\kavss.dll Fri Sep 10 17:04:19 2004 => Scanning File C:\DOKUME~1\ben\LOKALE~1\Temp\kavssdi.dll Fri Sep 10 17:04:20 2004 => Scanning File C:\DOKUME~1\ben\LOKALE~1\Temp\kavssi.dll Fri Sep 10 17:04:20 2004 => Scanning File C:\DOKUME~1\ben\LOKALE~1\Temp\kavvlg.dll Fri Sep 10 17:04:20 2004 => Scanning File C:\DOKUME~1\ben\LOKALE~1\Temp\msvlclnt.dll Fri Sep 10 17:04:20 2004 => Scanning File C:\DOKUME~1\ben\LOKALE~1\Temp\ipc.dll Fri Sep 10 17:04:20 2004 => Scanning File C:\DOKUME~1\ben\LOKALE~1\Temp\main.avi Fri Sep 10 17:04:20 2004 => Scanning File C:\DOKUME~1\ben\LOKALE~1\Temp\virus.avi Fri Sep 10 17:04:20 2004 => Virus Database Date: 2004/09/08 Fri Sep 10 17:04:20 2004 => Virus Database Count: 103467 |
Fri Sep 10 17:04:29 2004 => ********************************************************** Fri Sep 10 17:04:29 2004 => eScan AntiVirus Toolkit Utility. Fri Sep 10 17:04:29 2004 => Copyright © 2003-2004, MicroWorld Technologies Inc. Fri Sep 10 17:04:29 2004 => Fri Sep 10 17:04:29 2004 => Support: support@mwti.net Fri Sep 10 17:04:29 2004 => Web: http://www.mwti.net Fri Sep 10 17:04:29 2004 => ********************************************************** Fri Sep 10 17:04:29 2004 => Version 4.4.7 Fri Sep 10 17:04:29 2004 => Log File: C:\DOKUME~1\ben\LOKALE~1\Temp\mwav.log Fri Sep 10 17:04:29 2004 => Latest Date of files inside MWAV: 08 Sep 2004 12:01:44. Fri Sep 10 17:04:30 2004 => Options Selected by User: Fri Sep 10 17:04:30 2004 => Memory Check: Enabled Fri Sep 10 17:04:30 2004 => Registry Check: Enabled Fri Sep 10 17:04:30 2004 => StartUp Folder Check: Enabled Fri Sep 10 17:04:30 2004 => System Folder Check: Enabled Fri Sep 10 17:04:30 2004 => System Area Check: Disabled Fri Sep 10 17:04:30 2004 => Services Check: Enabled Fri Sep 10 17:04:30 2004 => Drive Check Option Disabled Fri Sep 10 17:04:30 2004 => Scanning Type: Scan And Clean Fri Sep 10 17:04:30 2004 => Folder Check: Disabled Fri Sep 10 17:04:30 2004 => ***** Scanning Memory Files ***** Fri Sep 10 17:04:30 2004 => Scanning File C:\WINDOWS\system32\services.exe Fri Sep 10 17:04:30 2004 => Scanning File C:\WINDOWS\system32\lsass.exe Fri Sep 10 17:04:30 2004 => Scanning File C:\WINDOWS\system32\svchost.exe Fri Sep 10 17:04:30 2004 => Scanning File C:\WINDOWS\system32\svchost.exe Fri Sep 10 17:04:30 2004 => Scanning File C:\WINDOWS\system32\userinit.exe Fri Sep 10 17:04:30 2004 => Scanning File C:\WINDOWS\Explorer.EXE Fri Sep 10 17:04:30 2004 => Scanning File C:\DOKUME~1\ben\LOKALE~1\Temp\mwavscan.com Fri Sep 10 17:04:30 2004 => Scanning File C:\DOKUME~1\ben\LOKALE~1\Temp\kavss.exe Fri Sep 10 17:04:30 2004 => ***** Scanning Registry Files ***** Fri Sep 10 17:04:30 2004 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad Fri Sep 10 17:04:30 2004 => *** File C:\WINDOWS\system32\SHELL32.dll having Size Restriction *** Fri Sep 10 17:04:30 2004 => Scanning File C:\WINDOWS\system32\SHELL32.dll [**] Fri Sep 10 17:04:30 2004 => *** File C:\WINDOWS\system32\SHELL32.dll having Size Restriction *** Fri Sep 10 17:04:30 2004 => Scanning File C:\WINDOWS\system32\SHELL32.dll [**] Fri Sep 10 17:04:30 2004 => Scanning File C:\WINDOWS\System32\webcheck.dll Fri Sep 10 17:04:31 2004 => Scanning File C:\WINDOWS\System32\stobject.dll Fri Sep 10 17:04:31 2004 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects Fri Sep 10 17:04:31 2004 => {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} = C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll Fri Sep 10 17:04:31 2004 => Scanning File C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\ActiveX\ACROIE~1.DLL Fri Sep 10 17:04:31 2004 => {53707962-6F74-2D53-2644-206D7942484F} = C:\PROGRA~1\SPYBOT~1\SDHelper.dll Fri Sep 10 17:04:31 2004 => Scanning File C:\PROGRA~1\SPYBOT~1\SDHelper.dll Fri Sep 10 17:04:31 2004 => {C333CF63-767F-4831-94AC-E683D962C63C} = C:\Programme\TGTSoft\StyleXP\TGT_BHO.dll Fri Sep 10 17:04:31 2004 => Scanning File C:\Programme\TGTSoft\StyleXP\TGT_BHO.dll Fri Sep 10 17:04:31 2004 => Scanning HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon Fri Sep 10 17:04:31 2004 => Scanning File C:\WINDOWS\Explorer.exe Fri Sep 10 17:04:31 2004 => Scanning File C:\WINDOWS\system32\userinit.exe Fri Sep 10 17:04:31 2004 => Scanning HKCU\Control Panel\Desktop Fri Sep 10 17:04:31 2004 => Scanning File C:\WINDOWS\System32\logon.scr Fri Sep 10 17:04:31 2004 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Fri Sep 10 17:04:31 2004 => Scanning File C:\WINDOWS\Dit.exe Fri Sep 10 17:04:31 2004 => Scanning File C:\WINDOWS\System32\PSDrvCheck.exe Fri Sep 10 17:04:31 2004 => Scanning File C:\WINDOWS\mHotkey.exe Fri Sep 10 17:04:32 2004 => Scanning File C:\PROGRA~1\MEDION~1\POWERC~1\PCMSER~1.EXE Fri Sep 10 17:04:32 2004 => Scanning File C:\PROGRA~1\ATITEC~1\ATICON~1\atiptaxx.exe Fri Sep 10 17:04:32 2004 => Scanning File C:\WINDOWS\system32\RunDll32.exe Fri Sep 10 17:04:32 2004 => Scanning File C:\WINDOWS\system32\NeroCheck.exe Fri Sep 10 17:04:32 2004 => Scanning File C:\WINDOWS\system32\PRISMSTA.EXE Fri Sep 10 17:04:32 2004 => Scanning File C:\Programme\AVPersonal\AVGNT.EXE Fri Sep 10 17:04:32 2004 => *** File C:\PROGRA~1\Sygate\SPF\smc.exe having Size Restriction *** Fri Sep 10 17:04:32 2004 => Scanning File C:\PROGRA~1\Sygate\SPF\smc.exe [**] Fri Sep 10 17:04:32 2004 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce Fri Sep 10 17:04:32 2004 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx Fri Sep 10 17:04:32 2004 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices Fri Sep 10 17:04:32 2004 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Fri Sep 10 17:04:32 2004 => *** File C:\Programme\TGTSoft\StyleXP\StyleXP.exe having Size Restriction *** Fri Sep 10 17:04:32 2004 => Scanning File C:\Programme\TGTSoft\StyleXP\StyleXP.exe [**] Fri Sep 10 17:04:32 2004 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce Fri Sep 10 17:04:32 2004 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx Fri Sep 10 17:04:32 2004 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices Fri Sep 10 17:04:33 2004 => Scanning HKCR\txtfile\shell\open\command Fri Sep 10 17:04:33 2004 => Scanning HKCR\comfile\shell\open\command Fri Sep 10 17:04:33 2004 => Scanning HKCR\exefile\shell\open\command Fri Sep 10 17:04:33 2004 => Scanning HKCR\dllfile\shell\open\command Fri Sep 10 17:04:33 2004 => Scanning HKCR\batfile\shell\open\command Fri Sep 10 17:04:33 2004 => Scanning HKCR\piffile\shell\open\command Fri Sep 10 17:04:33 2004 => Scanning HKCR\scrfile\shell\open\command Fri Sep 10 17:04:33 2004 => Scanning HKCR\scrfile\shell\config\command Fri Sep 10 17:04:33 2004 => Scanning HKCR\regfile\shell\open\command Fri Sep 10 17:04:33 2004 => ***** Scanning StartUp Folders ***** Fri Sep 10 17:04:33 2004 => ***** Scanning C:\Dokumente und Einstellungen\ben\Startmenü\Programme\Autostart Folder ***** Fri Sep 10 17:04:33 2004 => Scanning Folder: C:\Dokumente und Einstellungen\ben\Startmenü\Programme\Autostart\*.* Fri Sep 10 17:04:33 2004 => Scanning File C:\Dokumente und Einstellungen\ben\Startmenü\Programme\Autostart\desktop.ini [**] Fri Sep 10 17:04:33 2004 => ***** Scanning C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart Folder ***** Fri Sep 10 17:04:33 2004 => Scanning Folder: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\*.* Fri Sep 10 17:04:33 2004 => Scanning File C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini [**] Fri Sep 10 17:04:33 2004 => Scanning File C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Kontrollfeld für die kabellose Tastatur.lnk |
Fri Sep 10 17:04:29 2004 => ********************************************************** Fri Sep 10 17:04:29 2004 => eScan AntiVirus Toolkit Utility. Fri Sep 10 17:04:29 2004 => Copyright © 2003-2004, MicroWorld Technologies Inc. Fri Sep 10 17:04:29 2004 => Fri Sep 10 17:04:29 2004 => Support: support@mwti.net Fri Sep 10 17:04:29 2004 => Web: http://www.mwti.net Fri Sep 10 17:04:29 2004 => ********************************************************** Fri Sep 10 17:04:29 2004 => Version 4.4.7 Fri Sep 10 17:04:29 2004 => Log File: C:\DOKUME~1\ben\LOKALE~1\Temp\mwav.log Fri Sep 10 17:04:29 2004 => Latest Date of files inside MWAV: 08 Sep 2004 12:01:44. Fri Sep 10 17:04:30 2004 => Options Selected by User: Fri Sep 10 17:04:30 2004 => Memory Check: Enabled Fri Sep 10 17:04:30 2004 => Registry Check: Enabled Fri Sep 10 17:04:30 2004 => StartUp Folder Check: Enabled Fri Sep 10 17:04:30 2004 => System Folder Check: Enabled Fri Sep 10 17:04:30 2004 => System Area Check: Disabled Fri Sep 10 17:04:30 2004 => Services Check: Enabled Fri Sep 10 17:04:30 2004 => Drive Check Option Disabled Fri Sep 10 17:04:30 2004 => Scanning Type: Scan And Clean Fri Sep 10 17:04:30 2004 => Folder Check: Disabled Fri Sep 10 17:04:30 2004 => ***** Scanning Memory Files ***** Fri Sep 10 17:04:30 2004 => Scanning File C:\WINDOWS\system32\services.exe Fri Sep 10 17:04:30 2004 => Scanning File C:\WINDOWS\system32\lsass.exe Fri Sep 10 17:04:30 2004 => Scanning File C:\WINDOWS\system32\svchost.exe Fri Sep 10 17:04:30 2004 => Scanning File C:\WINDOWS\system32\svchost.exe Fri Sep 10 17:04:30 2004 => Scanning File C:\WINDOWS\system32\userinit.exe Fri Sep 10 17:04:30 2004 => Scanning File C:\WINDOWS\Explorer.EXE Fri Sep 10 17:04:30 2004 => Scanning File C:\DOKUME~1\ben\LOKALE~1\Temp\mwavscan.com Fri Sep 10 17:04:30 2004 => Scanning File C:\DOKUME~1\ben\LOKALE~1\Temp\kavss.exe Fri Sep 10 17:04:30 2004 => ***** Scanning Registry Files ***** Fri Sep 10 17:04:30 2004 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad Fri Sep 10 17:04:30 2004 => *** File C:\WINDOWS\system32\SHELL32.dll having Size Restriction *** Fri Sep 10 17:04:30 2004 => Scanning File C:\WINDOWS\system32\SHELL32.dll [**] Fri Sep 10 17:04:30 2004 => *** File C:\WINDOWS\system32\SHELL32.dll having Size Restriction *** Fri Sep 10 17:04:30 2004 => Scanning File C:\WINDOWS\system32\SHELL32.dll [**] Fri Sep 10 17:04:30 2004 => Scanning File C:\WINDOWS\System32\webcheck.dll Fri Sep 10 17:04:31 2004 => Scanning File C:\WINDOWS\System32\stobject.dll Fri Sep 10 17:04:31 2004 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects Fri Sep 10 17:04:31 2004 => {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} = C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll Fri Sep 10 17:04:31 2004 => Scanning File C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\ActiveX\ACROIE~1.DLL Fri Sep 10 17:04:31 2004 => {53707962-6F74-2D53-2644-206D7942484F} = C:\PROGRA~1\SPYBOT~1\SDHelper.dll Fri Sep 10 17:04:31 2004 => Scanning File C:\PROGRA~1\SPYBOT~1\SDHelper.dll Fri Sep 10 17:04:31 2004 => {C333CF63-767F-4831-94AC-E683D962C63C} = C:\Programme\TGTSoft\StyleXP\TGT_BHO.dll Fri Sep 10 17:04:31 2004 => Scanning File C:\Programme\TGTSoft\StyleXP\TGT_BHO.dll Fri Sep 10 17:04:31 2004 => Scanning HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon Fri Sep 10 17:04:31 2004 => Scanning File C:\WINDOWS\Explorer.exe Fri Sep 10 17:04:31 2004 => Scanning File C:\WINDOWS\system32\userinit.exe Fri Sep 10 17:04:31 2004 => Scanning HKCU\Control Panel\Desktop Fri Sep 10 17:04:31 2004 => Scanning File C:\WINDOWS\System32\logon.scr Fri Sep 10 17:04:31 2004 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Fri Sep 10 17:04:31 2004 => Scanning File C:\WINDOWS\Dit.exe Fri Sep 10 17:04:31 2004 => Scanning File C:\WINDOWS\System32\PSDrvCheck.exe Fri Sep 10 17:04:31 2004 => Scanning File C:\WINDOWS\mHotkey.exe Fri Sep 10 17:04:32 2004 => Scanning File C:\PROGRA~1\MEDION~1\POWERC~1\PCMSER~1.EXE Fri Sep 10 17:04:32 2004 => Scanning File C:\PROGRA~1\ATITEC~1\ATICON~1\atiptaxx.exe Fri Sep 10 17:04:32 2004 => Scanning File C:\WINDOWS\system32\RunDll32.exe Fri Sep 10 17:04:32 2004 => Scanning File C:\WINDOWS\system32\NeroCheck.exe Fri Sep 10 17:04:32 2004 => Scanning File C:\WINDOWS\system32\PRISMSTA.EXE Fri Sep 10 17:04:32 2004 => Scanning File C:\Programme\AVPersonal\AVGNT.EXE Fri Sep 10 17:04:32 2004 => *** File C:\PROGRA~1\Sygate\SPF\smc.exe having Size Restriction *** Fri Sep 10 17:04:32 2004 => Scanning File C:\PROGRA~1\Sygate\SPF\smc.exe [**] |
Fri Sep 10 17:04:32 2004 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce Fri Sep 10 17:04:32 2004 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx Fri Sep 10 17:04:32 2004 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices Fri Sep 10 17:04:32 2004 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Fri Sep 10 17:04:32 2004 => *** File C:\Programme\TGTSoft\StyleXP\StyleXP.exe having Size Restriction *** Fri Sep 10 17:04:32 2004 => Scanning File C:\Programme\TGTSoft\StyleXP\StyleXP.exe [**] Fri Sep 10 17:04:32 2004 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce Fri Sep 10 17:04:32 2004 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx Fri Sep 10 17:04:32 2004 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices Fri Sep 10 17:04:33 2004 => Scanning HKCR\txtfile\shell\open\command Fri Sep 10 17:04:33 2004 => Scanning HKCR\comfile\shell\open\command Fri Sep 10 17:04:33 2004 => Scanning HKCR\exefile\shell\open\command Fri Sep 10 17:04:33 2004 => Scanning HKCR\dllfile\shell\open\command Fri Sep 10 17:04:33 2004 => Scanning HKCR\batfile\shell\open\command Fri Sep 10 17:04:33 2004 => Scanning HKCR\piffile\shell\open\command Fri Sep 10 17:04:33 2004 => Scanning HKCR\scrfile\shell\open\command Fri Sep 10 17:04:33 2004 => Scanning HKCR\scrfile\shell\config\command Fri Sep 10 17:04:33 2004 => Scanning HKCR\regfile\shell\open\command Fri Sep 10 17:04:33 2004 => ***** Scanning StartUp Folders ***** Fri Sep 10 17:04:33 2004 => ***** Scanning C:\Dokumente und Einstellungen\ben\Startmenü\Programme\Autostart Folder ***** Fri Sep 10 17:04:33 2004 => Scanning Folder: C:\Dokumente und Einstellungen\ben\Startmenü\Programme\Autostart\*.* Fri Sep 10 17:04:33 2004 => Scanning File C:\Dokumente und Einstellungen\ben\Startmenü\Programme\Autostart\desktop.ini [**] Fri Sep 10 17:04:33 2004 => ***** Scanning C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart Folder ***** Fri Sep 10 17:04:33 2004 => Scanning Folder: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\*.* Fri Sep 10 17:04:33 2004 => Scanning File C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini [**] Fri Sep 10 17:04:33 2004 => Scanning File C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Kontrollfeld für die kabellose Tastatur.lnk Fri Sep 10 17:04:33 2004 => ***** Scanning Service Files ***** Fri Sep 10 17:04:33 2004 => Scanning HKLM\SYSTEM\CurrentControlSet\Services Fri Sep 10 17:04:33 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\ACPI.sys Fri Sep 10 17:04:33 2004 => Scanning File C:\WINDOWS\System32\drivers\aec.sys Fri Sep 10 17:04:33 2004 => Scanning File C:\WINDOWS\System32\drivers\afd.sys Fri Sep 10 17:04:33 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\agp440.sys Fri Sep 10 17:04:33 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Sep 10 17:04:34 2004 => Scanning File C:\WINDOWS\System32\alg.exe Fri Sep 10 17:04:34 2004 => Scanning File C:\Programme\AVPersonal\AVGUARD.EXE Fri Sep 10 17:04:34 2004 => Scanning File C:\WINDOWS\system32\svchost.exe Fri Sep 10 17:04:34 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\arp1394.sys Fri Sep 10 17:04:34 2004 => Scanning File C:\WINDOWS\System32\Drivers\ASAPIW2K.sys Fri Sep 10 17:04:34 2004 => Scanning File C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe Fri Sep 10 17:04:34 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\asyncmac.sys Fri Sep 10 17:04:34 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\atapi.sys Fri Sep 10 17:04:34 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\ati2mtag.sys Fri Sep 10 17:04:34 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\atmarpc.sys Fri Sep 10 17:04:34 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Sep 10 17:04:34 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\audstub.sys Fri Sep 10 17:04:34 2004 => Scanning File C:\PROGRAMME\AVPERSONAL\AVGNTDD.SYS Fri Sep 10 17:04:34 2004 => Scanning File C:\Programme\AVPersonal\AVWUPSRV.EXE Fri Sep 10 17:04:34 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Sep 10 17:04:34 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Sep 10 17:04:34 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\Cap7134.sys Fri Sep 10 17:04:35 2004 => Scanning File C:\Programme\CA\SharedComponents\CA_LIC\lic98rmt.exe Fri Sep 10 17:04:35 2004 => Scanning File C:\Programme\CA\SharedComponents\CA_LIC\lic98rmtd.exe Fri Sep 10 17:04:35 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\CCDECODE.sys Fri Sep 10 17:04:35 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\cdrom.sys Fri Sep 10 17:04:35 2004 => Scanning File C:\WINDOWS\system32\cisvc.exe Fri Sep 10 17:04:35 2004 => Scanning File C:\WINDOWS\system32\clipsrv.exe Fri Sep 10 17:04:35 2004 => Scanning File C:\WINDOWS\System32\drivers\cmuda.sys Fri Sep 10 17:04:35 2004 => Scanning File C:\WINDOWS\System32\dllhost.exe Fri Sep 10 17:04:35 2004 => Scanning File C:\WINDOWS\system32\svchost.exe Fri Sep 10 17:04:35 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Sep 10 17:04:35 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\disk.sys Fri Sep 10 17:04:35 2004 => Scanning File C:\WINDOWS\System32\dmadmin.exe Fri Sep 10 17:04:35 2004 => Scanning File C:\WINDOWS\System32\drivers\dmboot.sys Fri Sep 10 17:04:35 2004 => Scanning File C:\WINDOWS\System32\drivers\dmio.sys Fri Sep 10 17:04:35 2004 => Scanning File C:\WINDOWS\System32\drivers\dmload.sys Fri Sep 10 17:04:35 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Sep 10 17:04:35 2004 => Scanning File C:\WINDOWS\System32\drivers\DMusic.sys Fri Sep 10 17:04:35 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Sep 10 17:04:35 2004 => Scanning File C:\WINDOWS\System32\drivers\drmkaud.sys Fri Sep 10 17:04:36 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\el90xbc5.sys Fri Sep 10 17:04:36 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Sep 10 17:04:36 2004 => Scanning File C:\WINDOWS\system32\services.exe Fri Sep 10 17:04:36 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Sep 10 17:04:36 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Sep 10 17:04:36 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\fdc.sys Fri Sep 10 17:04:36 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\fetnd5b.sys Fri Sep 10 17:04:36 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\ftdisk.sys Fri Sep 10 17:04:36 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\msgpc.sys Fri Sep 10 17:04:36 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Sep 10 17:04:36 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Sep 10 17:04:36 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\hidusb.sys Fri Sep 10 17:04:36 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\i8042prt.sys Fri Sep 10 17:04:36 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\imapi.sys Fri Sep 10 17:04:36 2004 => Scanning File C:\WINDOWS\System32\imapi.exe Fri Sep 10 17:04:36 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\ctxs51.sys Fri Sep 10 17:04:36 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\Ip6Fw.sys Fri Sep 10 17:04:36 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Sep 10 17:04:36 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys Fri Sep 10 17:04:37 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\ipinip.sys Fri Sep 10 17:04:37 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\ipnat.sys Fri Sep 10 17:04:37 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\ipsec.sys Fri Sep 10 17:04:37 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\irenum.sys Fri Sep 10 17:04:37 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\isapnp.sys Fri Sep 10 17:04:37 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\kbdclass.sys Fri Sep 10 17:04:37 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\kbdhid.sys Fri Sep 10 17:04:37 2004 => Scanning File C:\WINDOWS\System32\drivers\kmixer.sys Fri Sep 10 17:04:37 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Sep 10 17:04:37 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Sep 10 17:04:37 2004 => Scanning File C:\WINDOWS\System32\svchost.exe |
Fri Sep 10 17:04:37 2004 => Scanning File C:\Programme\CA\SharedComponents\CA_LIC\LogWatNT.exe Fri Sep 10 17:04:37 2004 => Scanning File C:\PROGRA~1\GEMEIN~1\MICROS~1\VS7Debug\mdm.exe Fri Sep 10 17:04:37 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Sep 10 17:04:37 2004 => Scanning File C:\WINDOWS\System32\mnmsrvc.exe Fri Sep 10 17:04:37 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\mouclass.sys Fri Sep 10 17:04:37 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\mouhid.sys Fri Sep 10 17:04:37 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\mrxdav.sys Fri Sep 10 17:04:37 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\mrxsmb.sys Fri Sep 10 17:04:38 2004 => Scanning File C:\WINDOWS\System32\msdtc.exe Fri Sep 10 17:04:38 2004 => Scanning File C:\WINDOWS\System32\msiexec.exe Fri Sep 10 17:04:38 2004 => Scanning File C:\WINDOWS\System32\drivers\MSKSSRV.sys Fri Sep 10 17:04:38 2004 => Scanning File C:\WINDOWS\System32\drivers\MSPCLOCK.sys Fri Sep 10 17:04:38 2004 => Scanning File C:\WINDOWS\System32\drivers\MSPQM.sys Fri Sep 10 17:04:38 2004 => Scanning File C:\WINDOWS\System32\drivers\MSTEE.sys Fri Sep 10 17:04:38 2004 => Scanning File C:\WINDOWS\System32\drivers\msmpu401.sys Fri Sep 10 17:04:38 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys Fri Sep 10 17:04:38 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\NdisIP.sys Fri Sep 10 17:04:38 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\ndistapi.sys Fri Sep 10 17:04:38 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\ndisuio.sys Fri Sep 10 17:04:38 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\ndiswan.sys Fri Sep 10 17:04:38 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\netbios.sys Fri Sep 10 17:04:38 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\netbt.sys Fri Sep 10 17:04:38 2004 => Scanning File C:\WINDOWS\system32\netdde.exe Fri Sep 10 17:04:38 2004 => Scanning File C:\WINDOWS\system32\netdde.exe Fri Sep 10 17:04:38 2004 => Scanning File C:\WINDOWS\System32\lsass.exe Fri Sep 10 17:04:38 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Sep 10 17:04:38 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\nic1394.sys Fri Sep 10 17:04:38 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Sep 10 17:04:38 2004 => Scanning File C:\WINDOWS\System32\lsass.exe Fri Sep 10 17:04:38 2004 => Scanning File C:\WINDOWS\system32\svchost.exe Fri Sep 10 17:04:39 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys Fri Sep 10 17:04:39 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys Fri Sep 10 17:04:39 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\ohci1394.sys Fri Sep 10 17:04:39 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\parport.sys Fri Sep 10 17:04:39 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\pci.sys Fri Sep 10 17:04:39 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\pciide.sys Fri Sep 10 17:04:39 2004 => Scanning File C:\WINDOWS\System32\drivers\pfc.sys Fri Sep 10 17:04:39 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\PhTVTune.sys Fri Sep 10 17:04:39 2004 => Scanning File C:\WINDOWS\system32\services.exe Fri Sep 10 17:04:39 2004 => Scanning File C:\WINDOWS\System32\lsass.exe Fri Sep 10 17:04:39 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\raspptp.sys Fri Sep 10 17:04:39 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\PRISMA00.sys Fri Sep 10 17:04:39 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\processr.sys Fri Sep 10 17:04:39 2004 => Scanning File C:\WINDOWS\system32\lsass.exe Fri Sep 10 17:04:39 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\ptilink.sys Fri Sep 10 17:04:39 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\rasacd.sys Fri Sep 10 17:04:39 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Sep 10 17:04:39 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\rasl2tp.sys Fri Sep 10 17:04:39 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Sep 10 17:04:39 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\raspppoe.sys Fri Sep 10 17:04:39 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\raspti.sys Fri Sep 10 17:04:39 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\rdbss.sys Fri Sep 10 17:04:39 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\RDPCDD.sys Fri Sep 10 17:04:40 2004 => Scanning File C:\WINDOWS\system32\sessmgr.exe Fri Sep 10 17:04:40 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\redbook.sys Fri Sep 10 17:04:40 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Sep 10 17:04:40 2004 => Scanning File C:\WINDOWS\System32\locator.exe Fri Sep 10 17:04:40 2004 => Scanning File C:\WINDOWS\system32\svchost.exe Fri Sep 10 17:04:40 2004 => Scanning File C:\WINDOWS\System32\rsvp.exe Fri Sep 10 17:04:40 2004 => Scanning File C:\WINDOWS\system32\lsass.exe Fri Sep 10 17:04:40 2004 => Scanning File C:\WINDOWS\System32\SCardSvr.exe Fri Sep 10 17:04:40 2004 => Scanning File C:\WINDOWS\System32\SCardSvr.exe Fri Sep 10 17:04:40 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Sep 10 17:04:40 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\secdrv.sys Fri Sep 10 17:04:40 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Sep 10 17:04:40 2004 => Scanning File C:\WINDOWS\system32\svchost.exe Fri Sep 10 17:04:40 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\serenum.sys Fri Sep 10 17:04:40 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\serial.sys Fri Sep 10 17:04:40 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\sfloppy.sys Fri Sep 10 17:04:40 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Sep 10 17:04:40 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Sep 10 17:04:40 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\SLIP.sys Fri Sep 10 17:04:40 2004 => *** File C:\Programme\Sygate\SPF\smc.exe having Size Restriction *** Fri Sep 10 17:04:40 2004 => Scanning File C:\Programme\Sygate\SPF\smc.exe [**] Fri Sep 10 17:04:40 2004 => Scanning File C:\WINDOWS\System32\drivers\splitter.sys Fri Sep 10 17:04:40 2004 => Scanning File C:\WINDOWS\system32\spoolsv.exe Fri Sep 10 17:04:40 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\sr.sys Fri Sep 10 17:04:40 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Sep 10 17:04:41 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\srv.sys Fri Sep 10 17:04:41 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Sep 10 17:04:41 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Sep 10 17:04:41 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\StreamIP.sys Fri Sep 10 17:04:41 2004 => Scanning File C:\PROGRAMME\TGTSOFT\STYLEXP\STYLEXPHELPER.EXE Fri Sep 10 17:04:41 2004 => Scanning File C:\Programme\TGTSoft\StyleXP\StyleXPService.exe Fri Sep 10 17:04:41 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\swenum.sys Fri Sep 10 17:04:41 2004 => Scanning File C:\WINDOWS\System32\drivers\swmidi.sys Fri Sep 10 17:04:41 2004 => Scanning File C:\WINDOWS\System32\dllhost.exe Fri Sep 10 17:04:41 2004 => Scanning File C:\WINDOWS\System32\drivers\sysaudio.sys Fri Sep 10 17:04:41 2004 => Scanning File C:\WINDOWS\system32\smlogsvc.exe Fri Sep 10 17:04:41 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Sep 10 17:04:41 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\tcpip.sys Fri Sep 10 17:04:41 2004 => Scanning File C:\WINDOWS\SYSTEM32\Drivers\Teefer.sys Fri Sep 10 17:04:41 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\termdd.sys Fri Sep 10 17:04:41 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Sep 10 17:04:41 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Sep 10 17:04:41 2004 => Scanning File C:\WINDOWS\system32\svchost.exe Fri Sep 10 17:04:41 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\update.sys Fri Sep 10 17:04:41 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Sep 10 17:04:41 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Sep 10 17:04:41 2004 => Scanning File C:\WINDOWS\System32\ups.exe Fri Sep 10 17:04:42 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\usbccgp.sys Fri Sep 10 17:04:42 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\usbehci.sys Fri Sep 10 17:04:42 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\usbhub.sys Fri Sep 10 17:04:42 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS Fri Sep 10 17:04:42 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\usbuhci.sys Fri Sep 10 17:04:42 2004 => Scanning File C:\WINDOWS\System32\drivers\vga.sys Fri Sep 10 17:04:42 2004 => Scanning File C:\WINDOWS\System32\vssvc.exe Fri Sep 10 17:04:42 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Sep 10 17:04:42 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\wanarp.sys Fri Sep 10 17:04:42 2004 => Scanning File C:\WINDOWS\System32\drivers\wdmaud.sys Fri Sep 10 17:04:42 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Sep 10 17:04:42 2004 => Scanning File C:\WINDOWS\SYSTEM32\Drivers\wg3n.sys Fri Sep 10 17:04:42 2004 => Scanning File C:\WINDOWS\SYSTEM32\Drivers\wg4n.sys Fri Sep 10 17:04:42 2004 => Scanning File C:\WINDOWS\SYSTEM32\Drivers\wg5n.sys Fri Sep 10 17:04:42 2004 => Scanning File C:\WINDOWS\SYSTEM32\Drivers\wg6n.sys Fri Sep 10 17:04:42 2004 => Scanning File C:\WINDOWS\system32\svchost.exe Fri Sep 10 17:04:42 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Sep 10 17:04:42 2004 => Scanning File C:\WINDOWS\System32\wbem\wmiapsrv.exe Fri Sep 10 17:04:42 2004 => Scanning File C:\WINDOWS\SYSTEM32\DRIVERS\WPSDRVNT.SYS Fri Sep 10 17:04:42 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS Fri Sep 10 17:04:42 2004 => Scanning File C:\WINDOWS\system32\svchost.exe Fri Sep 10 17:04:42 2004 => Scanning File C:\WINDOWS\System32\svchost.exe Fri Sep 10 17:04:42 2004 => Scanning File C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe Fri Sep 10 17:04:42 2004 => Scanning File C:\WINDOWS\System32\Drivers\x10uif.sys |
Fri Sep 10 17:04:43 2004 => ***** Scanning System32 Folders ***** Fri Sep 10 17:04:43 2004 => Scanning C:\WINDOWS Directory Fri Sep 10 17:04:43 2004 => Scanning Folder: C:\WINDOWS\*.* Fri Sep 10 17:04:43 2004 => Scanning File C:\WINDOWS\0.log [**] Fri Sep 10 17:04:43 2004 => Scanning File C:\WINDOWS\Angler.bmp [**] Fri Sep 10 17:04:43 2004 => Scanning File C:\WINDOWS\AUDIO3D.DLL Fri Sep 10 17:04:43 2004 => Scanning File C:\WINDOWS\Blaue Spitzen 16.bmp [**] Fri Sep 10 17:04:43 2004 => Scanning File C:\WINDOWS\bootstat.dat [**] Fri Sep 10 17:04:43 2004 => Scanning File C:\WINDOWS\chanwarn.bmp [**] Fri Sep 10 17:04:43 2004 => Scanning File C:\WINDOWS\chipset.log [**] Fri Sep 10 17:04:43 2004 => Scanning File C:\WINDOWS\clock.avi [**] Fri Sep 10 17:04:43 2004 => Scanning File C:\WINDOWS\CMCDPLAY.INI [**] Fri Sep 10 17:04:43 2004 => Scanning File C:\WINDOWS\CMCOMM.INF Fri Sep 10 17:04:43 2004 => Scanning File C:\WINDOWS\cmiainfo.sys Fri Sep 10 17:04:43 2004 => Scanning File C:\WINDOWS\CMICHX.INF Fri Sep 10 17:04:43 2004 => *** File C:\WINDOWS\CMICNFG.CPL having Size Restriction *** Fri Sep 10 17:04:43 2004 => Scanning File C:\WINDOWS\CMICNFG.CPL [**] Fri Sep 10 17:04:43 2004 => Scanning File C:\WINDOWS\CMIDS3D.DLL Fri Sep 10 17:04:43 2004 => Scanning File C:\WINDOWS\CMIRmDriver.dll Fri Sep 10 17:04:43 2004 => Scanning File C:\WINDOWS\CMIRMDRV.DLL Fri Sep 10 17:04:43 2004 => Scanning File C:\WINDOWS\CMIRMDRV.EXE Fri Sep 10 17:04:43 2004 => Scanning File C:\WINDOWS\CmiRmRedundDir.exe Fri Sep 10 17:04:43 2004 => Scanning File C:\WINDOWS\CMISETUP.INI [**] Fri Sep 10 17:04:43 2004 => Scanning File C:\WINDOWS\CMIUninstall.exe Fri Sep 10 17:04:44 2004 => Scanning File C:\WINDOWS\CMSIS.INF Fri Sep 10 17:04:44 2004 => Scanning File C:\WINDOWS\CMUDA.CAT [**] Fri Sep 10 17:04:44 2004 => Scanning File C:\WINDOWS\cmuda.dll Fri Sep 10 17:04:44 2004 => Scanning File C:\WINDOWS\CMUDA.INF Fri Sep 10 17:04:44 2004 => Scanning File C:\WINDOWS\Cmuda.ini [**] Fri Sep 10 17:04:44 2004 => Scanning File C:\WINDOWS\CMUDA.SYS Fri Sep 10 17:04:44 2004 => Scanning File C:\WINDOWS\CMVIA.INF Fri Sep 10 17:04:44 2004 => *** File C:\WINDOWS\CNYHKey.exe having Size Restriction *** Fri Sep 10 17:04:44 2004 => Scanning File C:\WINDOWS\CNYHKey.exe [**] Fri Sep 10 17:04:44 2004 => Scanning File C:\WINDOWS\CNYHKey.ini [**] Fri Sep 10 17:04:44 2004 => Scanning File C:\WINDOWS\CNYUSB.dll Fri Sep 10 17:04:44 2004 => Scanning File C:\WINDOWS\COM+.log [**] Fri Sep 10 17:04:44 2004 => Scanning File C:\WINDOWS\comsetup.log [**] Fri Sep 10 17:04:44 2004 => Scanning File C:\WINDOWS\comwarn.bmp [**] Fri Sep 10 17:04:44 2004 => Scanning File C:\WINDOWS\control.ini [**] Fri Sep 10 17:04:44 2004 => Scanning File C:\WINDOWS\dahotfix.log [**] Fri Sep 10 17:04:44 2004 => Scanning File C:\WINDOWS\desktop.ini [**] Fri Sep 10 17:04:44 2004 => Scanning File C:\WINDOWS\DirectX.log [**] Fri Sep 10 17:04:44 2004 => Scanning File C:\WINDOWS\Dit.DLL Fri Sep 10 17:04:44 2004 => Scanning File C:\WINDOWS\Dit.exe Fri Sep 10 17:04:44 2004 => Scanning File C:\WINDOWS\Dit.INI [**] Fri Sep 10 17:04:44 2004 => Scanning File C:\WINDOWS\DitExp.exe Fri Sep 10 17:04:44 2004 => Scanning File C:\WINDOWS\DtcInstall.log [**] Fri Sep 10 17:04:44 2004 => Scanning File C:\WINDOWS\explorer.exe Fri Sep 10 17:04:44 2004 => Scanning File C:\WINDOWS\explorer.scf [**] Fri Sep 10 17:04:44 2004 => Scanning File C:\WINDOWS\FaxSetup.log [**] Fri Sep 10 17:04:44 2004 => Scanning File C:\WINDOWS\Feder.bmp [**] Fri Sep 10 17:04:45 2004 => Scanning File C:\WINDOWS\Fächer.bmp [**] Fri Sep 10 17:04:45 2004 => Scanning File C:\WINDOWS\Granit.bmp [**] Fri Sep 10 17:04:45 2004 => Scanning File C:\WINDOWS\hh.exe Fri Sep 10 17:04:45 2004 => Scanning File C:\WINDOWS\HIDMNT.dll Fri Sep 10 17:04:45 2004 => Scanning File C:\WINDOWS\HKCYDLL.dll Fri Sep 10 17:04:45 2004 => Scanning File C:\WINDOWS\ICCLR.INF Fri Sep 10 17:04:45 2004 => Scanning File C:\WINDOWS\IEPatchUninstall.log [**] Fri Sep 10 17:04:45 2004 => Scanning File C:\WINDOWS\ieuninst.exe Fri Sep 10 17:04:45 2004 => Scanning File C:\WINDOWS\iis6.log [**] Fri Sep 10 17:04:45 2004 => Scanning File C:\WINDOWS\imsins.BAK [**] Fri Sep 10 17:04:45 2004 => Scanning File C:\WINDOWS\imsins.log [**] Fri Sep 10 17:04:45 2004 => Scanning File C:\WINDOWS\InoSetup.ini [**] Fri Sep 10 17:04:45 2004 => Scanning File C:\WINDOWS\IsUn0407.exe Fri Sep 10 17:04:45 2004 => Scanning File C:\WINDOWS\jautoexp.dat [**] Fri Sep 10 17:04:45 2004 => Scanning File C:\WINDOWS\Kaffeetasse.bmp [**] Fri Sep 10 17:04:45 2004 => Scanning File C:\WINDOWS\KB810243.log [**] Fri Sep 10 17:04:45 2004 => Scanning File C:\WINDOWS\KB817778.log [**] Fri Sep 10 17:04:45 2004 => Scanning File C:\WINDOWS\KB820291.log [**] Fri Sep 10 17:04:45 2004 => Scanning File C:\WINDOWS\KB821253.log [**] Fri Sep 10 17:04:45 2004 => Scanning File C:\WINDOWS\KB821557.log [**] Fri Sep 10 17:04:45 2004 => Scanning File C:\WINDOWS\KB822603.log [**] Fri Sep 10 17:04:45 2004 => Scanning File C:\WINDOWS\KB823182.log [**] Fri Sep 10 17:04:45 2004 => Scanning File C:\WINDOWS\KB823559.log [**] Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\KB823980.log [**] Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\KB824105.log [**] Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\KB824141.log [**] Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\KB824146.log [**] Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\KB825116.log [**] Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\KB825119.log [**] Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\KB828035.log [**] Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\KB828741.log [**] Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\KB835732.log [**] Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\KB837001.log [**] Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\KB839643-DirectX9.log [**] Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\KB839645.log [**] Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\KB840315.log [**] Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\KB840374.log [**] Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\KB841873.log [**] Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\KB842773.log [**] Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\LedHKey.reg Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\mHotkey.exe Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\mHotkey.reg Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\ModemLog_Creatix V.9X DSP Data Fax Modem.txt [**] Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\mozver.dat [**] Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\msdfmap.ini [**] Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\msgsocm.log [**] Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\muninst.exe Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\NOTEPAD.EXE Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\nsreg.dat [**] Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\ntbtlog.txt [**] Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\ntdtcsetup.log [**] Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\ocgen.log [**] Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\ocmsn.log [**] Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\ODBC.INI [**] Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\ODBCINST.INI [**] Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\oeuninst.exe Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\OEWABLog.txt [**] Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\orun32.ini [**] Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\orun32.isu [**] Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\PIC.dll Fri Sep 10 17:04:47 2004 => Scanning File C:\WINDOWS\PRISMDOM.ini [**] Fri Sep 10 17:04:47 2004 => Scanning File C:\WINDOWS\Präriewind.bmp [**] Fri Sep 10 17:04:47 2004 => Scanning File C:\WINDOWS\Q322011.log [**] Fri Sep 10 17:04:47 2004 => Scanning File C:\WINDOWS\Q323255.log [**] Fri Sep 10 17:04:47 2004 => Scanning File C:\WINDOWS\Q327979.log [**] Fri Sep 10 17:04:47 2004 => Scanning File C:\WINDOWS\Q328310.log [**] |
... das is aber nochnetmal die hälfte darum stop ich das mal hier *gg* Fri Sep 10 17:06:27 2004 => ***** Checking for specific ITW Viruses ***** Fri Sep 10 17:06:27 2004 => Checking for Welchia Virus... Fri Sep 10 17:06:27 2004 => Checking for LovGate Virus... Fri Sep 10 17:06:27 2004 => Checking for CodeRed Virus... Fri Sep 10 17:06:27 2004 => Checking for OpaServ Virus... Fri Sep 10 17:06:27 2004 => Checking for Sobig.e Virus... Fri Sep 10 17:06:27 2004 => Checking for Winupie Virus... Fri Sep 10 17:06:27 2004 => Checking for Swen Virus... Fri Sep 10 17:06:27 2004 => Checking for JS.Fortnight Virus... Fri Sep 10 17:06:27 2004 => Checking for Novarg Virus... Fri Sep 10 17:06:27 2004 => Checking for Pagabot Virus... Fri Sep 10 17:06:27 2004 => Checking for Parite.b Virus... Fri Sep 10 17:06:27 2004 => Checking for Parite.a Virus... Fri Sep 10 17:06:27 2004 => ***** Scanning complete. ***** Fri Sep 10 17:06:27 2004 => Total Number of Files Scanned: 2259 Fri Sep 10 17:06:27 2004 => Total Number of Virus(es) Found: 0 Fri Sep 10 17:06:27 2004 => Total Number of Disinfected Files: 0 Fri Sep 10 17:06:27 2004 => Total Number of Files Renamed: 0 Fri Sep 10 17:06:27 2004 => Total Number of Deleted Files: 0 Fri Sep 10 17:06:27 2004 => Total Number of Errors: 0 Fri Sep 10 17:06:27 2004 => Time Elapsed: 00:01:57 Fri Sep 10 17:06:27 2004 => Virus Database Date: 2004/09/08 Fri Sep 10 17:06:27 2004 => Virus Database Count: 103467 Fri Sep 10 17:06:27 2004 => Scan Completed. |
@ bensen ... welch erfreuliches Scan-Ergebnis ! Es war bestimmt viel Arbeit, das eScan-Logfile hier zu posten. ... bitte nicht damit weitermachen. Wir haben nun gesehen, was wir sehen wollten. Ist Dein System nun wieder in Ordnung? SD |
ich hoffs =\ bis jez hab ich nix mehr bemerkt. danke für die hilfe :) |
| Alle Zeitangaben in WEZ +1. Es ist jetzt 21:00 Uhr. |
Copyright ©2000-2025, Trojaner-Board