Notifikationer

Markér alle som læst Log ud

Slettet bruger

13. juli 2005 - 19:40 Der er 12 kommentarer og
2 løsninger

kig på min logfil?

Synes godt om

arlet Juniormester

13. juli 2005 - 20:04 #1

Dt er ikke hele loggen, der mangler det nederste

Prøv igen..

Synes godt om

Slettet bruger

13. juli 2005 - 20:20 #2

kan du ikk komme på min computer?

Synes godt om

Slettet bruger

13. juli 2005 - 20:25 #3

Logfile of HijackThis v1.99.1 Scan saved at 19:32:33, on 13-07-2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\netdde.exe C:\PROGRA~1\Navnt\npssvc.exe C:\Programmer\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Programmer\Apoint2K\Apoint.exe C:\WINDOWS\AGRSMMSG.exe C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Programmer\Java\j2re1.4.2_03\bin\jusched.exe C:\Programmer\HP\Digital Imaging\Unload\hpqcmon.exe C:\Programmer\HP\HP Share-to-Web\hpgs2wnd.exe C:\Programmer\HPQ\Quick Launch Buttons\EabServr.exe C:\WINDOWS\System32\hphmon05.exe C:\Programmer\Hewlett-Packard\HP Software Update\HPWuSchd.exe C:\Programmer\QuickTime\qttask.exe C:\programmer\u-storage tools2.5\ustorage.exe C:\Program Files\Internet Optimizer\optimize.exe C:\Programmer\Internet Explorer\iexplore.exe C:\Programmer\Zone Labs\ZoneAlarm\zlclient.exe C:\Programmer\Navnt\POProxy.exe C:\Programmer\Winamp\winampa.exe C:\Programmer\Apoint2K\Apntex.exe C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe C:\Programmer\Navnt\navapw32.exe C:\Programmer\InstallShield Software Corporation\802.11b Wireless Lan Utility\RtlWake.exe C:\Programmer\HP\HP Share-to-Web\hpgs2wnf.exe c:\progra~1\intern~1\iexplore.exe C:\Programmer\Internet Explorer\iexplore.exe C:\Documents and Settings\JanniJohnsen_\Skrivebord\Ny mappe\hjt.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.jvafuybkuyzb.com/HRs_bIpE/8fe7udq50tBdRiqsGl7d33aD8uMPQvFT3uHaJHkX3eKgrU0zqrWPQBF.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.rzjdslflcwtuunpzhbhate.com/HRs_bIpE/8fKiqFLthAEn9j3TG2zU9aijQfHyhwher4.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hp.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://bw.myway.com/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {698A0FBC-C82E-C9B7-8F12-DE07A3CD2C3F} - C:\DOCUME~1\JANNIJ~1\APPLIC~1\KEEPST~1\fastone.exe (file missing) O2 - BHO: BAHelper Class - {A3FDD654-A057-4971-9844-4ED8E67DBBB8} - C:\Programmer\SideFind\sfbho.dll (file missing) O2 - BHO: (no name) - {BE3DDAEA-E572-4733-9E52-13EAC8301086} - C:\DOCUME~1\SILKEB~1\APPLIC~1\KEEPST~1\fastone.exe (file missing) O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\Programmer\TEXTware\QUICKfind\PlugIns\IEHelp.dll O4 - HKLM\..\Run: [Apoint] C:\Programmer\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe O4 - HKLM\..\Run: [Cpqset] C:\Programmer\HPQ\Default Settings\cpqset.exe O4 - HKLM\..\Run: [ATIPTA] C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmer\Java\j2re1.4.2_03\bin\jusched.exe O4 - HKLM\..\Run: [CamMonitor] C:\Programmer\HP\Digital Imaging\Unload\hpqcmon.exe O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Programmer\HP\HP Share-to-Web\hpgs2wnd.exe O4 - HKLM\..\Run: [eabconfg.cpl] C:\Programmer\HPQ\Quick Launch Buttons\EabServr.exe /Start O4 - HKLM\..\Run: [HPHUPD05] c:\Programmer\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe O4 - HKLM\..\Run: [HP Software Update] "C:\Programmer\Hewlett-Packard\HP Software Update\HPWuSchd.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Amen Log Base Boob] C:\Documents and Settings\All Users\Application Data\ooze the amen log\Vc Sign.exe O4 - HKLM\..\Run: [UStorag] c:\programmer\u-storage tools2.5\ustorage.exe sys_auto_run C:\Programmer\U-Storage Tools2.5 O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe O4 - HKLM\..\Run: [PiD72eWv0] C:\WINDOWS\wyxylm.exe O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe" O4 - HKLM\..\Run: [title corn store proc] C:\Documents and Settings\All Users\Application Data\Proxy license title corn\Close Link.exe O4 - HKLM\..\Run: [PiD72eWvùõš/‚²ÆßfC:\Programmer\ISTsvc\istsvc.exe] C:\WINDOWS\wyxylm.exe O4 - HKLM\..\Run: [Zone Labs Client] "C:\Programmer\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [Norton eMail Protect] C:\Programmer\Navnt\POProxy.exe O4 - HKLM\..\Run: [NPS Event Checker] C:\PROGRA~1\Navnt\npscheck.exe O4 - HKLM\..\Run: [BearShare] "C:\Programmer\BearShare\BearShare.exe" /pause O4 - HKLM\..\Run: [WinampAgent] C:\Programmer\Winamp\winampa.exe O4 - HKCU\..\Run: [ares] "C:\Programmer\Ares Lite Edition\Ares.exe" -h O4 - HKCU\..\Run: [dale 1] C:\DOCUME~1\JANNIJ~1\APPLIC~1\GREATT~1\showgram.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Norton AntiVirus Auto-Protect.lnk = C:\Programmer\Navnt\navapw32.exe O4 - Global Startup: RtlWake.lnk = ? O8 - Extra context menu item: &Search - http://kc.bar.need2find.com/KC/menusearch.html?p=KC O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\j2re1.4.2_03\bin\npjpi142_03.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\j2re1.4.2_03\bin\npjpi142_03.dll O9 - Extra button: 50 FREE MP3s! - {686C970F-1D7D-4469-85D1-4B35763B56CC} - http://www.emusic.com?fref=149133 (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe (file missing) O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe (file missing) O12 - Plugin for .mp3: C:\Programmer\Internet Explorer\PLUGINS\npqtplugin4.dll O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: NAV Alert - Symantec Corporation - C:\PROGRA~1\Navnt\alertsvc.exe O23 - Service: NAV Auto-Protect - Symantec Corporation - C:\PROGRA~1\Navnt\navapsvc.exe O23 - Service: Norton Program Scheduler - Symantec Corporation - C:\PROGRA~1\Navnt\npssvc.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programmer\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Synes godt om

arlet Juniormester

13. juli 2005 - 20:37 #4

Download og gem denne scanner på skrivebordet. (Vi skal bruge den senere)
http://www.spywareinfo.dk/download/mwav.exe

----------------------

Ewido skal du downloade her: http://www.ewido.net/en/download/ ( Vi skal bruge den senere)
Klik på Download now. Installer og kør Ewido. Opdater straks efter installationen programmet.

-----------------------

Du skal nu til at i gang med at fixe:

Kør Hijackthis, scan, sæt flueben ved linierne listet her, luk alle vinduer undtaget Hijackthis, klik på fix checked, luk hijackthis igen.
Dobbelttjek, så alt kommer med.

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar http://www.jvafuybkuyzb.com/HRs_bIpE/8fe7udq50tBdRiqsGl7d33aD8uMPQvFT3uHaJHkX3eKgrU0zqrWPQBF.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.rzjdslflcwtuunpzhbhate.com/HRs_bIpE/8fKiqFLthAEn9j3TG2zU9aijQfHyhwher4.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://bw.myway.com/

O2 - BHO: (no name) - {698A0FBC-C82E-C9B7-8F12-DE07A3CD2C3F} - C:\DOCUME~1\JANNIJ~1\APPLIC~1\KEEPST~1\fastone.exe (file missing)
O2 - BHO: BAHelper Class - {A3FDD654-A057-4971-9844-4ED8E67DBBB8} - C:\Programmer\SideFind\sfbho.dll (file missing)
O2 - BHO: (no name) - {BE3DDAEA-E572-4733-9E52-13EAC8301086} - C:\DOCUME~1\SILKEB~1\APPLIC~1\KEEPST~1\fastone.exe (file missing)

O4 - HKLM\..\Run: [Amen Log Base Boob] C:\Documents and Settings\All Users\Application Data\ooze the amen log\Vc Sign.exe
O4 - HKLM\..\Run: [PiD72eWv0] C:\WINDOWS\wyxylm.exe O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe"
O4 - HKLM\..\Run: [title corn store proc] C:\Documents and Settings\All Users\Application Data\Proxy license title corn\Close Link.exe
O4 - HKLM\..\Run: [PiD72eWvùõš/‚²ÆßfC:\Programmer\ISTsvc\istsvc.exe] C:\WINDOWS\wyxylm.exe
O4 - HKLM\..\Run: [BearShare] "C:\Programmer\BearShare\BearShare.exe" /pause
O4 - HKCU\..\Run: [dale 1] C:\DOCUME~1\JANNIJ~1\APPLIC~1\GREATT~1\showgram.exe

--------------------------------------------------------------------

Åbn en tilfældig mappe, klik på Funktioner=>Mappeindstillinger=>Vis.
Fjern flueben ved "Skjul beskyttede operativsystemfiler".
Fjern flueben ved "Skjul filtypenavne for kendte filtyper".
Sæt prik i "Vis skjulte filer og mapper".

------------------------------

Hent denne bats fil og kør den :
http://www.spywareinfo.dk/download/cleantempxp2k.bat
den sletter alt i din temp mappe.

------------------------------

Genstart computeren i fejlsikret tilstand(Du skal klikke på f8 tasten under genstarten (ca. lige når der er talt ram), og så vælge fejlsikret tilstand. Er du i tvivl, så klik bare på f8 flere gange.)
Find og slet disse manuelt :

C:\DOCUME~1\JANNIJ~1\APPLIC~1\KEEPST~1\fastone.exe
C:\Documents and Settings\All Users\Application Data\ooze the amen log\Vc Sign.exe
C:\Program Files\Internet Optimizer<-hele mappen
C:\WINDOWS\wyxylm.exe
C:\Programmer\ISTsvc<-hele mappen
C:\Programmer\BearShare<-hele mappen(Det er igennem bearshare at du har fået alt dette snavs)
C:\DOCUME~1\JANNIJ~1\APPLIC~1\GREATT~1\showgram.exe

-----------------------------

Stadig i fejlsikret:
Klik på mwav.exe som du hentede, programmet pakker sig selv ud og starter.
Sæt flueben i følgende:
Memory, Startup folders, drive, Registry, System folders og Services.
Sæt prik i følgende:
All local drives og Scan all files
Og så trykker du på Scan Clean
Det tager lidt over en time at scanne

-------------------------------

Stadig i fejlsikret:
Kør nu en fuld scanning med Ewido. Når den er færdig trykker du save report og gemmer rapporten.

Så genstarter du computeren normalt og laver en ny hijackthis log, som du lægger herind sammen med reporten fra Ewido

Synes godt om

Slettet bruger

14. juli 2005 - 15:44 #5

hvordan sletter man manuelt??

Synes godt om

Slettet bruger

14. juli 2005 - 15:45 #6

nej ikk noget

Synes godt om

Slettet bruger

14. juli 2005 - 16:12 #7

´har ´stadig problemer, jeg kan ikke komme ind og ´køre systemgendannelse, eller søge eller ændre brugerkonti??

Synes godt om

Slettet bruger

14. juli 2005 - 17:30 #8

Logfile of HijackThis v1.99.1
Scan saved at 17:22:30, on 14-07-2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\netdde.exe
C:\Programmer\ewido\security suite\ewidoctrl.exe
C:\Programmer\ewido\security suite\ewidoguard.exe
C:\PROGRA~1\Navnt\navapsvc.exe
C:\PROGRA~1\Navnt\npssvc.exe
C:\Programmer\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\Navnt\alertsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\Apoint2K\Apoint.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programmer\Java\j2re1.4.2_03\bin\jusched.exe
C:\Programmer\HP\Digital Imaging\Unload\hpqcmon.exe
C:\Programmer\HP\HP Share-to-Web\hpgs2wnd.exe
C:\Programmer\HPQ\Quick Launch Buttons\EabServr.exe
C:\WINDOWS\System32\hphmon05.exe
C:\Programmer\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\Programmer\QuickTime\qttask.exe
C:\Programmer\HP\HP Share-to-Web\hpgs2wnf.exe
C:\programmer\u-storage tools2.5\ustorage.exe
C:\Programmer\Apoint2K\Apntex.exe
C:\Programmer\Navnt\POProxy.exe
C:\Programmer\Winamp\winampa.exe
C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
C:\Programmer\Navnt\navapw32.exe
C:\Programmer\InstallShield Software Corporation\802.11b Wireless Lan Utility\RtlWake.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\Documents and Settings\JanniJohnsen_\Skrivebord\Ny mappe\hjt.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.jvafuybkuyzb.com/HRs_bIpE/8fe7udq50tBdRiqsGl7d33aD8uMPQvFT3uHaJHkX3eKgrU0zqrWPQBF.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hp.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\Programmer\TEXTware\QUICKfind\PlugIns\IEHelp.dll
O4 - HKLM\..\Run: [Apoint] C:\Programmer\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [Cpqset] C:\Programmer\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmer\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [CamMonitor] C:\Programmer\HP\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Programmer\HP\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Programmer\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Programmer\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [UStorag] c:\programmer\u-storage tools2.5\ustorage.exe sys_auto_run C:\Programmer\U-Storage Tools2.5
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [Norton eMail Protect] C:\Programmer\Navnt\POProxy.exe
O4 - HKLM\..\Run: [NPS Event Checker] C:\PROGRA~1\Navnt\npscheck.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Programmer\Winamp\winampa.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Norton AntiVirus Auto-Protect.lnk = C:\Programmer\Navnt\navapw32.exe
O4 - Global Startup: RtlWake.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe (file missing)
O12 - Plugin for .mp3: C:\Programmer\Internet Explorer\PLUGINS\npqtplugin4.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ewido security suite control - ewido networks - C:\Programmer\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Programmer\ewido\security suite\ewidoguard.exe
O23 - Service: NAV Alert - Symantec Corporation - C:\PROGRA~1\Navnt\alertsvc.exe
O23 - Service: NAV Auto-Protect - Symantec Corporation - C:\PROGRA~1\Navnt\navapsvc.exe
O23 - Service: Norton Program Scheduler - Symantec Corporation - C:\PROGRA~1\Navnt\npssvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programmer\Analog Devices\SoundMAX\SMAgent.exe

Synes godt om

Slettet bruger

14. juli 2005 - 17:31 #9

Thu Jul 14 16:13:48 2005 => **********************************************************
Thu Jul 14 16:13:48 2005 => eScan AntiVirus Toolkit Utility.
Thu Jul 14 16:13:48 2005 => Copyright © 2003-2004, MicroWorld Technologies Inc.
Thu Jul 14 16:13:48 2005 => **********************************************************
Thu Jul 14 16:13:48 2005 => Version 4.4.7
Thu Jul 14 16:13:48 2005 => Log File: C:\KASPER~1\mwav.log
Thu Jul 14 16:13:48 2005 => Latest Date of files inside MWAV: 29 Jun 2005 08:03:52.
Thu Jul 14 16:13:49 2005 => AV Library Loaded...
Thu Jul 14 16:13:49 2005 => Scanning File C:\KASPER~1\kavss.exe
Thu Jul 14 16:13:50 2005 => Scanning File C:\KASPER~1\Getvlist.exe
Thu Jul 14 16:13:50 2005 => Scanning File C:\KASPER~1\kavss.dll
Thu Jul 14 16:13:50 2005 => Scanning File C:\KASPER~1\kavssdi.dll
Thu Jul 14 16:13:50 2005 => Scanning File C:\KASPER~1\kavssi.dll
Thu Jul 14 16:13:50 2005 => Scanning File C:\KASPER~1\kavvlg.dll
Thu Jul 14 16:13:50 2005 => Scanning File C:\KASPER~1\msvlclnt.dll
Thu Jul 14 16:13:50 2005 => Scanning File C:\KASPER~1\ipc.dll
Thu Jul 14 16:13:50 2005 => Scanning File C:\KASPER~1\main.avi
Thu Jul 14 16:13:50 2005 => Scanning File C:\KASPER~1\virus.avi
Thu Jul 14 16:13:50 2005 => Virus Database Date: 2005/06/29
Thu Jul 14 16:13:50 2005 => Virus Database Count: 136892

Thu Jul 14 16:14:22 2005 => **********************************************************
Thu Jul 14 16:14:22 2005 => eScan AntiVirus Toolkit Utility.
Thu Jul 14 16:14:22 2005 => Copyright © 2003-2004, MicroWorld Technologies Inc.
Thu Jul 14 16:14:22 2005 =>
Thu Jul 14 16:14:22 2005 => Support: support@mwti.net
Thu Jul 14 16:14:22 2005 => Web: http://www.mwti.net
Thu Jul 14 16:14:22 2005 => **********************************************************
Thu Jul 14 16:14:22 2005 => Version 4.4.7
Thu Jul 14 16:14:22 2005 => Log File: C:\KASPER~1\mwav.log
Thu Jul 14 16:14:22 2005 => Latest Date of files inside MWAV: 29 Jun 2005 08:03:52.

Thu Jul 14 16:14:22 2005 => Options Selected by User:
Thu Jul 14 16:14:22 2005 => Memory Check: Enabled
Thu Jul 14 16:14:22 2005 => Registry Check: Enabled
Thu Jul 14 16:14:22 2005 => StartUp Folder Check: Enabled
Thu Jul 14 16:14:22 2005 => System Folder Check: Enabled
Thu Jul 14 16:14:22 2005 => System Area Check: Disabled
Thu Jul 14 16:14:22 2005 => Services Check: Enabled
Thu Jul 14 16:14:22 2005 => Drive Check Option Disabled
Thu Jul 14 16:14:22 2005 => Scanning Type: Scan And Clean
Thu Jul 14 16:14:22 2005 => Folder Check: Disabled

Thu Jul 14 16:14:22 2005 => ***** Scanning Memory Files *****
Thu Jul 14 16:14:22 2005 => Scanning File C:\WINDOWS\system32\services.exe
Thu Jul 14 16:14:22 2005 => Scanning File C:\WINDOWS\system32\lsass.exe
Thu Jul 14 16:14:22 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Thu Jul 14 16:14:22 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Thu Jul 14 16:14:22 2005 => Scanning File C:\WINDOWS\Explorer.EXE
Thu Jul 14 16:14:22 2005 => Scanning File C:\Kaspersky\mwavscan.com
Thu Jul 14 16:14:22 2005 => Scanning File C:\Kaspersky\kavss.exe

Thu Jul 14 16:14:23 2005 => ***** Scanning Registry Files *****

Thu Jul 14 16:14:23 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
Thu Jul 14 16:14:23 2005 => *** File C:\WINDOWS\system32\SHELL32.dll having Size Restriction ***
Thu Jul 14 16:14:23 2005 => Scanning File C:\WINDOWS\system32\SHELL32.dll [**]
Thu Jul 14 16:14:23 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll
Thu Jul 14 16:14:23 2005 => Scanning File C:\WINDOWS\System32\stobject.dll

Thu Jul 14 16:14:23 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects
Thu Jul 14 16:14:23 2005 => {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} = C:\Programmer\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
Thu Jul 14 16:14:23 2005 => Scanning File C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\ActiveX\ACROIE~1.DLL
Thu Jul 14 16:14:23 2005 => {3249FA1A-55F0-CDEF-D92B-C5E16718B4F3} = C:\DOCUME~1\JANNIJ~1\APPLIC~1\KEEPST~1\fastone.exe
Thu Jul 14 16:14:23 2005 => ERROR!!! Invalid Entry = C:\DOCUME~1\JANNIJ~1\APPLIC~1\KEEPST~1\fastone.exe. Removing it.
Thu Jul 14 16:14:23 2005 => {C08DF07A-3E49-4E25-9AB0-D3882835F153} = C:\Programmer\TEXTware\QUICKfind\PlugIns\IEHelp.dll
Thu Jul 14 16:14:23 2005 => Scanning File C:\Programmer\TEXTware\QUICKfind\PlugIns\IEHelp.dll

Thu Jul 14 16:14:23 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
Thu Jul 14 16:14:23 2005 => Scanning File C:\WINDOWS\Explorer.exe
Thu Jul 14 16:14:23 2005 => Scanning File C:\WINDOWS\system32\userinit.exe

Thu Jul 14 16:14:23 2005 => Scanning HKCU\Control Panel\Desktop
Thu Jul 14 16:14:23 2005 => Scanning File C:\WINDOWS\System32\logon.scr

Thu Jul 14 16:14:23 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Thu Jul 14 16:14:23 2005 => Scanning File C:\Programmer\Apoint2K\Apoint.exe
Thu Jul 14 16:14:24 2005 => Scanning File C:\WINDOWS\AGRSMMSG.exe
Thu Jul 14 16:14:24 2005 => Scanning File C:\WINDOWS\system32\Ati2mdxx.exe
Thu Jul 14 16:14:24 2005 => Scanning File C:\PROGRA~1\HPQ\DEFAUL~1\cpqset.exe
Thu Jul 14 16:14:24 2005 => Scanning File C:\PROGRA~1\ATITEC~1\ATICON~1\atiptaxx.exe
Thu Jul 14 16:14:25 2005 => Scanning File C:\Programmer\Java\j2re1.4.2_03\bin\jusched.exe
Thu Jul 14 16:14:25 2005 => Scanning File C:\PROGRA~1\HP\DIGITA~1\Unload\hpqcmon.exe
Thu Jul 14 16:14:25 2005 => Scanning File C:\PROGRA~1\HP\HPSHAR~1\hpgs2wnd.exe
Thu Jul 14 16:14:25 2005 => Scanning File C:\PROGRA~1\HPQ\QUICKL~1\EabServr.exe
Thu Jul 14 16:14:25 2005 => ERROR!!! Invalid Entry HPHUPD05 = c:\Programmer\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe. Removing it.
Thu Jul 14 16:14:25 2005 => Scanning File C:\PROGRA~1\HEWLET~1\HPSOFT~1\HPWuSchd.exe
Thu Jul 14 16:14:25 2005 => Scanning File C:\Programmer\QuickTime\qttask.exe
Thu Jul 14 16:14:26 2005 => Scanning File c:\PROGRA~1\U-STOR~1.5\ustorage.exe
Thu Jul 14 16:14:26 2005 => Scanning File C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
Thu Jul 14 16:14:26 2005 => Scanning File C:\Programmer\Navnt\POProxy.exe
Thu Jul 14 16:14:26 2005 => Scanning File C:\PROGRA~1\Navnt\npscheck.exe
Thu Jul 14 16:14:26 2005 => Scanning File C:\Programmer\Winamp\winampa.exe

Thu Jul 14 16:14:27 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce

Thu Jul 14 16:14:27 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx

Thu Jul 14 16:14:27 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices

Thu Jul 14 16:14:27 2005 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Thu Jul 14 16:14:27 2005 => ERROR!!! Invalid Entry ares = "C:\Programmer\Ares Lite Edition\Ares.exe" -h. Removing it.

Thu Jul 14 16:14:27 2005 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce

Thu Jul 14 16:14:27 2005 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx

Thu Jul 14 16:14:27 2005 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices

Thu Jul 14 16:14:27 2005 => Scanning HKCR\txtfile\shell\open\command

Thu Jul 14 16:14:27 2005 => Scanning HKCR\comfile\shell\open\command

Thu Jul 14 16:14:27 2005 => Scanning HKCR\exefile\shell\open\command

Thu Jul 14 16:14:27 2005 => Scanning HKCR\dllfile\shell\open\command

Thu Jul 14 16:14:27 2005 => Scanning HKCR\batfile\shell\open\command

Thu Jul 14 16:14:27 2005 => Scanning HKCR\piffile\shell\open\command

Thu Jul 14 16:14:27 2005 => Scanning HKCR\scrfile\shell\open\command

Thu Jul 14 16:14:27 2005 => Scanning HKCR\scrfile\shell\config\command

Thu Jul 14 16:14:27 2005 => Scanning HKCR\regfile\shell\open\command

Thu Jul 14 16:14:27 2005 => ***** Scanning StartUp Folders *****

Thu Jul 14 16:14:27 2005 => ***** Scanning C:\Documents and Settings\JanniJohnsen_\Menuen Start\Programmer\HP - Billedeprogrammer\Start Folder *****
Thu Jul 14 16:14:27 2005 => Scanning Folder: C:\Documents and Settings\JanniJohnsen_\Menuen Start\Programmer\HP - Billedeprogrammer\Start\*.*
Thu Jul 14 16:14:27 2005 => Scanning File C:\Documents and Settings\JanniJohnsen_\Menuen Start\Programmer\HP - Billedeprogrammer\Start\desktop.ini [**]

Thu Jul 14 16:14:27 2005 => ***** Scanning C:\Documents and Settings\All Users\Menuen Start\Programmer\Start Folder *****
Thu Jul 14 16:14:27 2005 => Scanning Folder: C:\Documents and Settings\All Users\Menuen Start\Programmer\Start\*.*
Thu Jul 14 16:14:27 2005 => Scanning File C:\Documents and Settings\All Users\Menuen Start\Programmer\Start\desktop.ini [**]
Thu Jul 14 16:14:27 2005 => Scanning File C:\Documents and Settings\All Users\Menuen Start\Programmer\Start\HP Digital Imaging Monitor.lnk
Thu Jul 14 16:14:27 2005 => Scanning File C:\Documents and Settings\All Users\Menuen Start\Programmer\Start\Microsoft Office.lnk
Thu Jul 14 16:14:27 2005 => Scanning File C:\Documents and Settings\All Users\Menuen Start\Programmer\Start\Norton AntiVirus Auto-Protect.lnk
Thu Jul 14 16:14:27 2005 => Scanning File C:\Documents and Settings\All Users\Menuen Start\Programmer\Start\RtlWake.lnk

Thu Jul 14 16:14:27 2005 => ***** Scanning Service Files *****
Thu Jul 14 16:14:27 2005 => Scanning HKLM\SYSTEM\CurrentControlSet\Services
Thu Jul 14 16:14:27 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\ACPI.sys
Thu Jul 14 16:14:28 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
Thu Jul 14 16:14:28 2005 => Scanning File C:\WINDOWS\system32\drivers\aeaudio.sys
Thu Jul 14 16:14:28 2005 => Scanning File C:\WINDOWS\system32\drivers\aec.sys
Thu Jul 14 16:14:28 2005 => Scanning File C:\WINDOWS\System32\drivers\afd.sys
Thu Jul 14 16:14:28 2005 => *** File C:\WINDOWS\system32\DRIVERS\AGRSM.sys having Size Restriction ***
Thu Jul 14 16:14:28 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\AGRSM.sys [**]
Thu Jul 14 16:14:28 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Thu Jul 14 16:14:28 2005 => Scanning File C:\WINDOWS\System32\alg.exe
Thu Jul 14 16:14:28 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
Thu Jul 14 16:14:28 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Thu Jul 14 16:14:28 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\arp1394.sys
Thu Jul 14 16:14:28 2005 => Scanning File C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
Thu Jul 14 16:14:28 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\asyncmac.sys
Thu Jul 14 16:14:28 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\atapi.sys
Thu Jul 14 16:14:28 2005 => Scanning File C:\WINDOWS\System32\Ati2evxx.exe
Thu Jul 14 16:14:28 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
Thu Jul 14 16:14:29 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\atmarpc.sys
Thu Jul 14 16:14:29 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Thu Jul 14 16:14:29 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\audstub.sys
Thu Jul 14 16:14:29 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
Thu Jul 14 16:14:29 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Thu Jul 14 16:14:29 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Thu Jul 14 16:14:29 2005 => Scanning File C:\WINDOWS\system32\Drivers\btwusb.sys
Thu Jul 14 16:14:29 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\atisgkaf.sys
Thu Jul 14 16:14:29 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
Thu Jul 14 16:14:29 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\cdrom.sys
Thu Jul 14 16:14:29 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\ce3n5.sys
Thu Jul 14 16:14:29 2005 => Scanning File C:\WINDOWS\system32\cisvc.exe
Thu Jul 14 16:14:29 2005 => Scanning File C:\WINDOWS\system32\clipsrv.exe
Thu Jul 14 16:14:29 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\CmBatt.sys
Thu Jul 14 16:14:29 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\compbatt.sys
Thu Jul 14 16:14:29 2005 => Scanning File C:\WINDOWS\System32\dllhost.exe
Thu Jul 14 16:14:29 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Thu Jul 14 16:14:29 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Thu Jul 14 16:14:29 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\tiumflt.sys
Thu Jul 14 16:14:29 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Thu Jul 14 16:14:29 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\disk.sys
Thu Jul 14 16:14:29 2005 => Scanning File C:\WINDOWS\System32\dmadmin.exe
Thu Jul 14 16:14:30 2005 => Scanning File C:\WINDOWS\system32\drivers\dmboot.sys
Thu Jul 14 16:14:30 2005 => Scanning File C:\WINDOWS\system32\drivers\dmio.sys
Thu Jul 14 16:14:30 2005 => Scanning File C:\WINDOWS\system32\drivers\dmload.sys
Thu Jul 14 16:14:30 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Thu Jul 14 16:14:30 2005 => Scanning File C:\WINDOWS\system32\drivers\DMusic.sys
Thu Jul 14 16:14:30 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Thu Jul 14 16:14:30 2005 => Scanning File C:\WINDOWS\system32\drivers\drmkaud.sys
Thu Jul 14 16:14:30 2005 => Scanning File C:\WINDOWS\SYSTEM32\DRIVERS\EABFILTR.SYS
Thu Jul 14 16:14:30 2005 => Scanning File C:\WINDOWS\SYSTEM32\DRIVERS\EABUSB.SYS
Thu Jul 14 16:14:30 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\EAPPkt.sys
Thu Jul 14 16:14:30 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Thu Jul 14 16:14:31 2005 => Scanning File C:\WINDOWS\system32\services.exe
Thu Jul 14 16:14:31 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Thu Jul 14 16:14:31 2005 => Scanning File C:\PROGRA~1\ewido\SECURI~1\EWIDOC~1.EXE
Thu Jul 14 16:14:31 2005 => Scanning File C:\PROGRA~1\EWIDO\SECURI~1\GUARD.SYS
Thu Jul 14 16:14:31 2005 => Scanning File C:\PROGRA~1\ewido\SECURI~1\EWIDOG~1.EXE
Thu Jul 14 16:14:31 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Thu Jul 14 16:14:31 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\fdc.sys
Thu Jul 14 16:14:31 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\flpydisk.sys
Thu Jul 14 16:14:31 2005 => Scanning File C:\WINDOWS\system32\drivers\fltmgr.sys
Thu Jul 14 16:14:31 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\ftdisk.sys
Thu Jul 14 16:14:31 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\msgpc.sys
Thu Jul 14 16:14:31 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Thu Jul 14 16:14:31 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Thu Jul 14 16:14:31 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\hidusb.sys
Thu Jul 14 16:14:32 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\HPZid412.sys
Thu Jul 14 16:14:32 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
Thu Jul 14 16:14:32 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\HPZius12.sys
Thu Jul 14 16:14:32 2005 => Scanning File C:\WINDOWS\system32\Drivers\HTTP.sys
Thu Jul 14 16:14:32 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Thu Jul 14 16:14:32 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\i8042prt.sys
Thu Jul 14 16:14:32 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\imapi.sys
Thu Jul 14 16:14:32 2005 => Scanning File C:\WINDOWS\System32\imapi.exe
Thu Jul 14 16:14:32 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\intelide.sys
Thu Jul 14 16:14:32 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\intelppm.sys
Thu Jul 14 16:14:32 2005 => Scanning File C:\WINDOWS\system32\drivers\ip6fw.sys
Thu Jul 14 16:14:32 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
Thu Jul 14 16:14:32 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\ipinip.sys
Thu Jul 14 16:14:32 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\ipnat.sys
Thu Jul 14 16:14:32 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\ipsec.sys
Thu Jul 14 16:14:33 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\irenum.sys
Thu Jul 14 16:14:33 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\isapnp.sys
Thu Jul 14 16:14:33 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\kbdclass.sys
Thu Jul 14 16:14:33 2005 => Scanning File C:\WINDOWS\system32\drivers\kmixer.sys
Thu Jul 14 16:14:33 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Thu Jul 14 16:14:33 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Thu Jul 14 16:14:33 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Thu Jul 14 16:14:33 2005 => ERROR!!! Invalid Entry system32\drivers\lvusbsta.sys in SYSTEM\CurrentControlSet\Services\LVUSBSta...
Thu Jul 14 16:14:33 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Thu Jul 14 16:14:33 2005 => Scanning File C:\WINDOWS\System32\mnmsrvc.exe
Thu Jul 14 16:14:33 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\mouclass.sys
Thu Jul 14 16:14:33 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\mouhid.sys
Thu Jul 14 16:14:33 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\mrxdav.sys
Thu Jul 14 16:14:33 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
Thu Jul 14 16:14:33 2005 => Scanning File C:\WINDOWS\System32\msdtc.exe
Thu Jul 14 16:14:33 2005 => Scanning File C:\WINDOWS\System32\msiexec.exe
Thu Jul 14 16:14:34 2005 => Scanning File C:\WINDOWS\system32\drivers\MSKSSRV.sys
Thu Jul 14 16:14:34 2005 => Scanning File C:\WINDOWS\system32\drivers\MSPCLOCK.sys
Thu Jul 14 16:14:34 2005 => Scanning File C:\WINDOWS\system32\drivers\MSPQM.sys
Thu Jul 14 16:14:34 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\mssmbios.sys
Thu Jul 14 16:14:34 2005 => Scanning File C:\WINDOWS\system32\drivers\MSTEE.sys
Thu Jul 14 16:14:34 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
Thu Jul 14 16:14:34 2005 => Scanning File C:\PROGRA~1\Navnt\alertsvc.exe
Thu Jul 14 16:14:34 2005 => Scanning File C:\PROGRA~1\Navnt\navapsvc.exe
Thu Jul 14 16:14:34 2005 => Scanning File C:\WINDOWS\SYSTEM32\DRIVERS\NAVAP.SYS
Thu Jul 14 16:14:34 2005 => Scanning File C:\PROGRA~1\FLLESF~1\SYMANT~1\VIRUSD~1\20050706.008\NAVENG.SYS
Thu Jul 14 16:14:34 2005 => Scanning File C:\PROGRA~1\FLLESF~1\SYMANT~1\VIRUSD~1\20050706.008\NAVEX15.SYS
Thu Jul 14 16:14:35 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\NdisIP.sys
Thu Jul 14 16:14:35 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\ndistapi.sys
Thu Jul 14 16:14:35 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\ndisuio.sys
Thu Jul 14 16:14:35 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\ndiswan.sys
Thu Jul 14 16:14:35 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\netbios.sys
Thu Jul 14 16:14:35 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\netbt.sys
Thu Jul 14 16:14:35 2005 => Scanning File C:\WINDOWS\system32\netdde.exe
Thu Jul 14 16:14:35 2005 => Scanning File C:\WINDOWS\system32\netdde.exe
Thu Jul 14 16:14:35 2005 => Scanning File C:\WINDOWS\System32\lsass.exe
Thu Jul 14 16:14:35 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Thu Jul 14 16:14:35 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\nic1394.sys
Thu Jul 14 16:14:35 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Thu Jul 14 16:14:35 2005 => Scanning File C:\PROGRA~1\Navnt\npssvc.exe
Thu Jul 14 16:14:35 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\nscirda.sys
Thu Jul 14 16:14:35 2005 => Scanning File C:\WINDOWS\System32\lsass.exe
Thu Jul 14 16:14:35 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Thu Jul 14 16:14:35 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
Thu Jul 14 16:14:35 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
Thu Jul 14 16:14:35 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\ohci1394.sys
Thu Jul 14 16:14:35 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\parport.sys
Thu Jul 14 16:14:36 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\pci.sys
Thu Jul 14 16:14:36 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\pciide.sys
Thu Jul 14 16:14:36 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\pcmcia.sys
Thu Jul 14 16:14:36 2005 => Scanning File C:\WINDOWS\system32\drivers\pfc.sys
Thu Jul 14 16:14:36 2005 => Scanning File C:\WINDOWS\system32\services.exe
Thu Jul 14 16:14:36 2005 => Scanning File C:\WINDOWS\System32\lsass.exe
Thu Jul 14 16:14:36 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\raspptp.sys
Thu Jul 14 16:14:36 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\processr.sys
Thu Jul 14 16:14:36 2005 => Scanning File C:\WINDOWS\system32\lsass.exe
Thu Jul 14 16:14:36 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\psched.sys
Thu Jul 14 16:14:36 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\ptilink.sys
Thu Jul 14 16:14:36 2005 => Scanning File C:\WINDOWS\system32\Drivers\PxHelp20.sys
Thu Jul 14 16:14:36 2005 => ERROR!!! Invalid Entry System32\DRIVERS\LVCM.sys in SYSTEM\CurrentControlSet\Services\QCMerced...
Thu Jul 14 16:14:36 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\rasacd.sys
Thu Jul 14 16:14:36 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Thu Jul 14 16:14:36 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\rasirda.sys
Thu Jul 14 16:14:36 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
Thu Jul 14 16:14:36 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Thu Jul 14 16:14:36 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\raspppoe.sys
Thu Jul 14 16:14:36 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\raspti.sys
Thu Jul 14 16:14:36 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\rdbss.sys
Thu Jul 14 16:14:36 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
Thu Jul 14 16:14:36 2005 => Scanning File C:\WINDOWS\system32\sessmgr.exe
Thu Jul 14 16:14:37 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\redbook.sys
Thu Jul 14 16:14:37 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Thu Jul 14 16:14:37 2005 => Scanning File C:\WINDOWS\System32\locator.exe
Thu Jul 14 16:14:37 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Thu Jul 14 16:14:37 2005 => Scanning File C:\WINDOWS\System32\rsvp.exe
Thu Jul 14 16:14:37 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\R8139n51.SYS
Thu Jul 14 16:14:37 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\RTL8180.SYS
Thu Jul 14 16:14:37 2005 => Scanning File C:\WINDOWS\system32\lsass.exe
Thu Jul 14 16:14:37 2005 => Scanning File C:\WINDOWS\System32\SCardSvr.exe
Thu Jul 14 16:14:37 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Thu Jul 14 16:14:37 2005 => Scanning File C:\WINDOWS\system32\drivers\scsiport.sys
Thu Jul 14 16:14:37 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\secdrv.sys
Thu Jul 14 16:14:37 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Thu Jul 14 16:14:37 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Thu Jul 14 16:14:37 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\serenum.sys
Thu Jul 14 16:14:38 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\serial.sys
Thu Jul 14 16:14:38 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Thu Jul 14 16:14:38 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Thu Jul 14 16:14:38 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\SLIP.sys
Thu Jul 14 16:14:38 2005 => Scanning File C:\WINDOWS\system32\drivers\smwdm.sys
Thu Jul 14 16:14:38 2005 => Scanning File C:\PROGRA~1\ANALOG~1\SoundMAX\SMAgent.exe
Thu Jul 14 16:14:38 2005 => Scanning File C:\WINDOWS\system32\drivers\splitter.sys
Thu Jul 14 16:14:38 2005 => Scanning File C:\WINDOWS\system32\spoolsv.exe
Thu Jul 14 16:14:38 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\sr.sys
Thu Jul 14 16:14:38 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Thu Jul 14 16:14:38 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\srv.sys
Thu Jul 14 16:14:38 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Thu Jul 14 16:14:38 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Thu Jul 14 16:14:38 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\StreamIP.sys
Thu Jul 14 16:14:38 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\swenum.sys
Thu Jul 14 16:14:38 2005 => Scanning File C:\WINDOWS\system32\drivers\swmidi.sys
Thu Jul 14 16:14:38 2005 => Scanning File C:\WINDOWS\System32\dllhost.exe
Thu Jul 14 16:14:38 2005 => Scanning File C:\PROGRAMMER\SYMANTEC\SYMEVENT.SYS
Thu Jul 14 16:14:38 2005 => Scanning File C:\WINDOWS\system32\drivers\sysaudio.sys
Thu Jul 14 16:14:39 2005 => Scanning File C:\WINDOWS\system32\smlogsvc.exe
Thu Jul 14 16:14:39 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Thu Jul 14 16:14:39 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\tcpip.sys
Thu Jul 14 16:14:39 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\termdd.sys
Thu Jul 14 16:14:39 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Thu Jul 14 16:14:39 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Thu Jul 14 16:14:39 2005 => Scanning File C:\WINDOWS\system32\drivers\tiumfwl.sys
Thu Jul 14 16:14:39 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Thu Jul 14 16:14:39 2005 => Scanning File C:\WINDOWS\system32\wdfmgr.exe
Thu Jul 14 16:14:39 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\update.sys
Thu Jul 14 16:14:39 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Thu Jul 14 16:14:39 2005 => Scanning File C:\WINDOWS\System32\ups.exe
Thu Jul 14 16:14:39 2005 => Scanning File C:\WINDOWS\system32\drivers\usbaudio.sys
Thu Jul 14 16:14:39 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\usbccgp.sys
Thu Jul 14 16:14:39 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\usbehci.sys
Thu Jul 14 16:14:39 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\usbhub.sys
Thu Jul 14 16:14:39 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\usbohci.sys
Thu Jul 14 16:14:39 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\usbprint.sys
Thu Jul 14 16:14:39 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\usbscan.sys
Thu Jul 14 16:14:39 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
Thu Jul 14 16:14:39 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\usbuhci.sys
Thu Jul 14 16:14:40 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\UStork.sys
Thu Jul 14 16:14:40 2005 => Scanning File C:\WINDOWS\System32\drivers\vga.sys
Thu Jul 14 16:14:40 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\viaide.sys
Thu Jul 14 16:14:40 2005 => Scanning File C:\WINDOWS\System32\vssvc.exe
Thu Jul 14 16:14:40 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Thu Jul 14 16:14:40 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\wanarp.sys
Thu Jul 14 16:14:40 2005 => Scanning File C:\WINDOWS\system32\drivers\wdmaud.sys
Thu Jul 14 16:14:40 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Thu Jul 14 16:14:40 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Thu Jul 14 16:14:40 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
Thu Jul 14 16:14:40 2005 => Scanning File C:\WINDOWS\System32\wbem\wmiapsrv.exe
Thu Jul 14 16:14:40 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Thu Jul 14 16:14:40 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
Thu Jul 14 16:14:40 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Thu Jul 14 16:14:40 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Thu Jul 14 16:14:40 2005 => Scanning File C:\WINDOWS\System32\svchost.exe

Thu Jul 14 16:14:40 2005 => ***** Scanning System32 Folders *****
Thu Jul 14 16:14:40 2005 => Scanning C:\WINDOWS Directory
Thu Jul 14 16:14:40 2005 => Scanning Folder: C:\WINDOWS\*.*
Thu Jul 14 16:14:41 2005 => Scanning File C:\WINDOWS\0.log [**]
Thu Jul 14 16:14:41 2005 => Scanning File C:\WINDOWS\002261_.tmp [**]
Thu Jul 14 16:14:41 2005 => Scanning File C:\WINDOWS\agrsmdel.exe
Thu Jul 14 16:14:41 2005 => Scanning File C:\WINDOWS\AGRSMMSG.exe
Thu Jul 14 16:14:41 2005 => Scanning File C:\WINDOWS\bizop.ico [**]
Thu Jul 14 16:14:41 2005 => Scanning File C:\WINDOWS\Blå silke 16.bmp [**]
Thu Jul 14 16:14:41 2005 => Scanning File C:\WINDOWS\bootstat.dat [**]
Thu Jul 14 16:14:41 2005 => Scanning File C:\WINDOWS\cell.ico [**]
Thu Jul 14 16:14:41 2005 => Scanning File C:\WINDOWS\clock.avi [**]
Thu Jul 14 16:14:41 2005 => Scanning File C:\WINDOWS\cmsetacl.log [**]
Thu Jul 14 16:14:41 2005 => Scanning File C:\WINDOWS\COM+.log [**]
Thu Jul 14 16:14:42 2005 => Scanning File C:\WINDOWS\comsetup.log [**]
Thu Jul 14 16:14:42 2005 => Scanning File C:\WINDOWS\control.ini [**]
Thu Jul 14 16:14:42 2005 => Scanning File C:\WINDOWS\Crystal Rush.bmp [**]
Thu Jul 14 16:14:42 2005 => Scanning File C:\WINDOWS\dahotfix.log [**]
Thu Jul 14 16:14:42 2005 => Scanning File C:\WINDOWS\delay.reg
Thu Jul 14 16:14:42 2005 => Scanning File C:\WINDOWS\desktop.ini [**]
Thu Jul 14 16:14:42 2005 => Scanning File C:\WINDOWS\Diddl.scr
Thu Jul 14 16:14:42 2005 => Scanning File C:\WINDOWS\DirectX.log [**]
Thu Jul 14 16:14:42 2005 => Scanning File C:\WINDOWS\drspeed.ico [**]
Thu Jul 14 16:14:42 2005 => Scanning File C:\WINDOWS\DtcInstall.log [**]
Thu Jul 14 16:14:42 2005 => Scanning File C:\WINDOWS\eReg.dat [**]
Thu Jul 14 16:14:42 2005 => Scanning File C:\WINDOWS\EventSystem.log [**]
Thu Jul 14 16:14:42 2005 => Scanning File C:\WINDOWS\explorer.exe
Thu Jul 14 16:14:42 2005 => Scanning File C:\WINDOWS\explorer.scf [**]
Thu Jul 14 16:14:42 2005 => Scanning File C:\WINDOWS\FaxSetup.log [**]
Thu Jul 14 16:14:42 2005 => Scanning File C:\WINDOWS\Fjerstruktur.bmp [**]
Thu Jul 14 16:14:42 2005 => Scanning File C:\WINDOWS\Floden Sumida.bmp [**]
Thu Jul 14 16:14:42 2005 => Scanning File C:\WINDOWS\Fractal Blue.bmp [**]
Thu Jul 14 16:14:42 2005 => Scanning File C:\WINDOWS\freegift.ico [**]
Thu Jul 14 16:14:42 2005 => Scanning File C:\WINDOWS\freeze.ico [**]
Thu Jul 14 16:14:42 2005 => Scanning File C:\WINDOWS\games.ico [**]
Thu Jul 14 16:14:42 2005 => Scanning File C:\WINDOWS\GatorPdpSetup.log [**]
Thu Jul 14 16:14:42 2005 => Scanning File C:\WINDOWS\GatorUninstaller_cme.log [**]
Thu Jul 14 16:14:42 2005 => Scanning File C:\WINDOWS\GatorUninstaller_cme_u.log [**]
Thu Jul 14 16:14:42 2005 => Scanning File C:\WINDOWS\Grønne sten.bmp [**]
Thu Jul 14 16:14:42 2005 => Scanning File C:\WINDOWS\hh.exe
Thu Jul 14 16:14:42 2005 => Scanning File C:\WINDOWS\hispeed.ico [**]
Thu Jul 14 16:14:42 2005 => Scanning File C:\WINDOWS\hosting.ico [**]
Thu Jul 14 16:14:42 2005 => Scanning File C:\WINDOWS\HOSTS [**]
Thu Jul 14 16:14:42 2005 => Scanning File C:\WINDOWS\HPHins01.dat [**]
Thu Jul 14 16:14:42 2005 => Scanning File C:\WINDOWS\hphmdl01.dat [**]
Thu Jul 14 16:14:42 2005 => Scanning File C:\WINDOWS\hpoins03.dat [**]
Thu Jul 14 16:14:42 2005 => Scanning File C:\WINDOWS\hpoins03.dat.temp [**]
Thu Jul 14 16:14:42 2005 => Scanning File C:\WINDOWS\hpomdl03.dat [**]
Thu Jul 14 16:14:43 2005 => Scanning File C:\WINDOWS\hpomdl03.dat.temp [**]
Thu Jul 14 16:14:43 2005 => Scanning File C:\WINDOWS\IE4 Error Log.txt [**]
Thu Jul 14 16:14:43 2005 => Scanning File C:\WINDOWS\iedriver.ico [**]
Thu Jul 14 16:14:43 2005 => Scanning File C:\WINDOWS\IEPatchUninstall.log [**]
Thu Jul 14 16:14:43 2005 => Scanning File C:\WINDOWS\ieuninst.exe
Thu Jul 14 16:14:43 2005 => Scanning File C:\WINDOWS\iis6.log [**]
Thu Jul 14 16:14:43 2005 => Scanning File C:\WINDOWS\imsins.BAK [**]
Thu Jul 14 16:14:43 2005 => Scanning File C:\WINDOWS\imsins.log [**]
Thu Jul 14 16:14:43 2005 => Scanning File C:\WINDOWS\ink.ico [**]
Thu Jul 14 16:14:43 2005 => Scanning File C:\WINDOWS\IsUn0406.exe
Thu Jul 14 16:14:43 2005 => Scanning File C:\WINDOWS\jawint.exe
Thu Jul 14 16:14:44 2005 => Scanning File C:\WINDOWS\juvio.ico [**]
Thu Jul 14 16:14:44 2005 => Scanning File C:\WINDOWS\Kaffebønne.bmp [**]
Thu Jul 14 16:14:44 2005 => Scanning File C:\WINDOWS\KB282010.log [**]
Thu Jul 14 16:14:44 2005 => Scanning File C:\WINDOWS\KB810217.log [**]
Thu Jul 14 16:14:44 2005 => Scanning File C:\WINDOWS\KB822603.log [**]
Thu Jul 14 16:14:44 2005 => Scanning File C:\WINDOWS\KB822827.log [**]
Thu Jul 14 16:14:44 2005 => Scanning File C:\WINDOWS\KB823182.log [**]
Thu Jul 14 16:14:44 2005 => Scanning File C:\WINDOWS\KB824105.log [**]
Thu Jul 14 16:14:44 2005 => Scanning File C:\WINDOWS\KB824141.log [**]
Thu Jul 14 16:14:44 2005 => Scanning File C:\WINDOWS\KB825119.log [**]
Thu Jul 14 16:14:44 2005 => Scanning File C:\WINDOWS\KB826939.log [**]
Thu Jul 14 16:14:44 2005 => Scanning File C:\WINDOWS\KB826942.log [**]
Thu Jul 14 16:14:44 2005 => Scanning File C:\WINDOWS\KB828028.log [**]
Thu Jul 14 16:14:44 2005 => Scanning File C:\WINDOWS\KB828035.log [**]
Thu Jul 14 16:14:44 2005 => Scanning File C:\WINDOWS\KB828741.log [**]
Thu Jul 14 16:14:44 2005 => Scanning File C:\WINDOWS\KB833407.log [**]
Thu Jul 14 16:14:44 2005 => Scanning File C:\WINDOWS\KB833987.log [**]
Thu Jul 14 16:14:44 2005 => Scanning File C:\WINDOWS\KB834707-IE6SP1-20040929.091901.log [**]
Thu Jul 14 16:14:44 2005 => Scanning File C:\WINDOWS\KB835732.log [**]
Thu Jul 14 16:14:44 2005 => Scanning File C:\WINDOWS\KB840987.log [**]
Thu Jul 14 16:14:44 2005 => Scanning File C:\WINDOWS\KB841356.log [**]
Thu Jul 14 16:14:45 2005 => Scanning File C:\WINDOWS\KB841533.log [**]
Thu Jul 14 16:14:45 2005 => Scanning File C:\WINDOWS\KB842773.log [**]
Thu Jul 14 16:14:45 2005 => Scanning File C:\WINDOWS\KB867282-IE6SP1-20050127.163319.log [**]
Thu Jul 14 16:14:45 2005 => Scanning File C:\WINDOWS\KB871250.log [**]
Thu Jul 14 16:14:45 2005 => Scanning File C:\WINDOWS\KB873333.log [**]
Thu Jul 14 16:14:45 2005 => Scanning File C:\WINDOWS\KB873339.log [**]
Thu Jul 14 16:14:45 2005 => Scanning File C:\WINDOWS\KB873376.log [**]
Thu Jul 14 16:14:45 2005 => Scanning File C:\WINDOWS\KB885250.log [**]
Thu Jul 14 16:14:45 2005 => Scanning File C:\WINDOWS\KB885835.log [**]
Thu Jul 14 16:14:45 2005 => Scanning File C:\WINDOWS\KB885836.log [**]
Thu Jul 14 16:14:45 2005 => Scanning File C:\WINDOWS\KB888113.log [**]
Thu Jul 14 16:14:45 2005 => Scanning File C:\WINDOWS\KB888302.log [**]
Thu Jul 14 16:14:45 2005 => Scanning File C:\WINDOWS\KB889293-IE6SP1-20041111.235619.log [**]
Thu Jul 14 16:14:45 2005 => Scanning File C:\WINDOWS\KB890047.log [**]
Thu Jul 14 16:14:45 2005 => Scanning File C:\WINDOWS\KB890175.log [**]
Thu Jul 14 16:14:45 2005 => Scanning File C:\WINDOWS\KB890859.log [**]
Thu Jul 14 16:14:45 2005 => Scanning File C:\WINDOWS\KB890923-IE6SP1-20050225.103456.log [**]
Thu Jul 14 16:14:45 2005 => Scanning File C:\WINDOWS\KB891711.log [**]
Thu Jul 14 16:14:45 2005 => Scanning File C:\WINDOWS\KB891781.log [**]
Thu Jul 14 16:14:45 2005 => Scanning File C:\WINDOWS\KB893066.log [**]
Thu Jul 14 16:14:45 2005 => Scanning File C:\WINDOWS\KB893086.log [**]
Thu Jul 14 16:14:45 2005 => Scanning File C:\WINDOWS\KB893803.log [**]
Thu Jul 14 16:14:45 2005 => Scanning File C:\WINDOWS\ld.ico [**]
Thu Jul 14 16:14:45 2005 => Scanning File C:\WINDOWS\logos.sys
Thu Jul 14 16:14:46 2005 => Scanning File C:\WINDOWS\logow.sys
Thu Jul 14 16:14:46 2005 => Scanning File C:\WINDOWS\msdfmap.ini [**]
Thu Jul 14 16:14:46 2005 => Scanning File C:\WINDOWS\msgsocm.log [**]
Thu Jul 14 16:14:46 2005 => Scanning File C:\WINDOWS\msnavpklog.txt [**]
Thu Jul 14 16:14:46 2005 => Scanning File C:\WINDOWS\msnsetuplog.bak [**]
Thu Jul 14 16:14:46 2005 => Scanning File C:\WINDOWS\msnsetuplog.txt [**]
Thu Jul 14 16:14:46 2005 => Scanning File C:\WINDOWS\msxmlcab.log [**]
Thu Jul 14 16:14:46 2005 => Scanning File C:\WINDOWS\notepad.exe
Thu Jul 14 16:14:46 2005 => Scanning File C:\WINDOWS\nsreg.dat [**]
Thu Jul 14 16:14:46 2005 => Scanning File C:\WINDOWS\ntbtlog.txt [**]
Thu Jul 14 16:14:46 2005 => Scanning File C:\WINDOWS\ntdtcsetup.log [**]
Thu Jul 14 16:14:46 2005 => Scanning File C:\WINDOWS\ocgen.log [**]
Thu Jul 14 16:14:46 2005 => Scanning File C:\WINDOWS\ocmsn.log [**]
Thu Jul 14 16:14:46 2005 => Scanning File C:\WINDOWS\ODBC.INI [**]
Thu Jul 14 16:14:46 2005 => Scanning File C:\WINDOWS\ODBCINST.INI [**]
Thu Jul 14 16:14:46 2005 => Scanning File C:\WINDOWS\OEWABLog.txt [**]
Thu Jul 14 16:14:46 2005 => Scanning File C:\WINDOWS\Prærievind.bmp [**]
Thu Jul 14 16:14:46 2005 => Scanning File C:\WINDOWS\På fisketur.bmp [**]
Thu Jul 14 16:14:46 2005 => Scanning File C:\WINDOWS\q329623.log [**]
Thu Jul 14 16:14:46 2005 => Scanning File C:\WINDOWS\Q331958.log [**]
Thu Jul 14 16:14:46 2005 => Scanning File C:\WINDOWS\Q810400.log [**]
Thu Jul 14 16:14:46 2005 => Scanning File C:\WINDOWS\Q811114.log [**]
Thu Jul 14 16:14:46 2005 => Scanning File C:\WINDOWS\Q813347.log [**]
Thu Jul 14 16:14:46 2005 => Scanning File C:\WINDOWS\Q814995.log [**]
Thu Jul 14 16:14:46 2005 => Scanning File C:\WINDOWS\Q815485.log [**]
Thu Jul 14 16:14:46 2005 => Scanning File C:\WINDOWS\Q816500.log [**]
Thu Jul 14 16:14:47 2005 => Scanning File C:\WINDOWS\Q817357.log [**]
Thu Jul 14 16:14:47 2005 => Scanning File C:\WINDOWS\Q819696.log [**]
Thu Jul 14 16:14:47 2005 => Scanning File C:\WINDOWS\regedit.exe
Thu Jul 14 16:14:47 2005 => Scanning File C:\WINDOWS\regopt.log [**]
Thu Jul 14 16:14:47 2005 => Scanning File C:\WINDOWS\Rhododendron.bmp [**]
Thu Jul 14 16:14:47 2005 => Scanning File C:\WINDOWS\roboform.ico [**]
Thu Jul 14 16:14:47 2005 => Scanning File C:\WINDOWS\Santa Fe Stucco.bmp [**]
Thu Jul 14 16:14:47 2005 => Scanning File C:\WINDOWS\SchedLgU.Txt [**]
Thu Jul 14 16:14:47 2005 => Scanning File C:\WINDOWS\schedule.ini [**]
Thu Jul 14 16:14:47 2005 => Scanning File C:\WINDOWS\security.ico [**]
Thu Jul 14 16:14:47 2005 => Scanning File C:\WINDOWS\sessmgr.setup.log [**]
Thu Jul 14 16:14:47 2005 => Scanning File C:\WINDOWS\setupact.log [**]
Thu Jul 14 16:14:47 2005 => Scanning File C:\WINDOWS\setupapi.log [**]
Thu Jul 14 16:14:47 2005 => Scanning File C:\WINDOWS\setuperr.log [**]
Thu Jul 14 16:14:47 2005 => Scanning File C:\WINDOWS\slrundll.exe
Thu Jul 14 16:14:47 2005 => Scanning File C:\WINDOWS\smdat32a.sys [**]
Thu Jul 14 16:14:47 2005 => Scanning File C:\WINDOWS\smdat32m.sys
Thu Jul 14 16:14:47 2005 => Scanning File C:\WINDOWS\smscfg.ini [**]
Thu Jul 14 16:14:47 2005 => Scanning File C:\WINDOWS\spam.ico [**]
Thu Jul 14 16:14:47 2005 => Scanning File C:\WINDOWS\spupdsvc.log [**]
Thu Jul 14 16:14:47 2005 => Scanning File C:\WINDOWS\sr.ico [**]
Thu Jul 14 16:14:47 2005 => Scanning File C:\WINDOWS\Sti_Trace.log [**]
Thu Jul 14 16:14:47 2005 => Scanning File C:\WINDOWS\stopzilla.ico [**]
Thu Jul 14 16:14:47 2005 => Scanning File C:\WINDOWS\sun.ico [**]
Thu Jul 14 16:14:47 2005 => Scanning File C:\WINDOWS\support.ico [**]
Thu Jul 14 16:14:47 2005 => Scanning File C:\WINDOWS\svcpack.log [**]
Thu Jul 14 16:14:47 2005 => Scanning File C:\WINDOWS\SYMEVENT.LOG [**]
Thu Jul 14 16:14:47 2005 => Scanning File C:\WINDOWS\SynCor.exe
Thu Jul 14 16:14:48 2005 => Scanning File C:\WINDOWS\SynthCoreA.Dll
Thu Jul 14 16:14:49 2005 => Scanning File C:\WINDOWS\system.ini [**]
Thu Jul 14 16:14:49 2005 => Scanning File C:\WINDOWS\Sæbebobler.bmp [**]
Thu Jul 14 16:14:49 2005 => Scanning File C:\WINDOWS\TASKMAN.EXE
Thu Jul 14 16:14:49 2005 => Scanning File C:\WINDOWS\TEXTware.ini [**]
Thu Jul 14 16:14:49 2005 => Scanning File C:\WINDOWS\tg.ico [**]
Thu Jul 14 16:14:49 2005 => Scanning File C:\WINDOWS\training.ico [**]
Thu Jul 14 16:14:49 2005 => Scanning File C:\WINDOWS\trygames.ico [**]
Thu Jul 14 16:14:49 2005 => Scanning File C:\WINDOWS\tsoc.log [**]
Thu Jul 14 16:14:49 2005 => Scanning File C:\WINDOWS\twain.dll
Thu Jul 14 16:14:49 2005 => Scanning File C:\WINDOWS\twain_32.dll
Thu Jul 14 16:14:49 2005 => Scanning File C:\WINDOWS\twunk_16.exe
Thu Jul 14 16:14:49 2005 => Scanning File C:\WINDOWS\twunk_32.exe
Thu Jul 14 16:14:49 2005 => Scanning File C:\WINDOWS\unvise32qt.exe
Thu Jul 14 16:14:49 2005 => Scanning File C:\WINDOWS\updspapi.log [**]
Thu Jul 14 16:14:49 2005 => Scanning File C:\WINDOWS\vb.ini [**]
Thu Jul 14 16:14:49 2005 => Scanning File C:\WINDOWS\vbaddin.ini [**]
Thu Jul 14 16:14:49 2005 => Scanning File C:\WINDOWS\vmmreg32.dll
Thu Jul 14 16:14:49 2005 => Scanning File C:\WINDOWS\wiadebug.log [**]
Thu Jul 14 16:14:49 2005 => Scanning File C:\WINDOWS\wiaservc.log [**]
Thu Jul 14 16:14:49 2005 => Scanning File C:\WINDOWS\win.ini [**]
Thu Jul 14 16:14:49 2005 => Scanning File C:\WINDOWS\winamp.ini [**]
Thu Jul 14 16:14:49 2005 => Scanning File C:\WINDOWS\Windows Update.log [**]
Thu Jul 14 16:14:49 2005 => Scanning File C:\WINDOWS\WindowsShell.Manifest [**]
Thu Jul 14 16:14:49 2005 => Scanning File C:\WINDOWS\WindowsUpdate.log [**]
Thu Jul 14 16:14:49 2005 => Scanning File C:\WINDOWS\winhelp.exe
Thu Jul 14 16:14:49 2005 => Scanning File C:\WINDOWS\winhlp32.exe
Thu Jul 14 16:14:50 2005 => Scanning File C:\WINDOWS\winnt.bmp [**]
Thu Jul 14 16:14:50 2005 => Scanning File C:\WINDOWS\winnt256.bmp [**]
Thu Jul 14 16:14:50 2005 => Scanning File C:\WINDOWS\wiserates.ico [**]
Thu Jul 14 16:14:50 2005 => Scanning File C:\WINDOWS\wmprfDAN.prx [**]
Thu Jul 14 16:14:50 2005 => Scanning File C:\WINDOWS\wmsetup.log [**]
Thu Jul 14 16:14:50 2005 => Scanning File C:\WINDOWS\wmsetup10.log [**]
Thu Jul 14 16:14:50 2005 => Scanning File C:\WINDOWS\WMSysPr9.prx [**]
Thu Jul 14 16:14:50 2005 => Scanning File C:\WINDOWS\WMSysPrx.prx [**]
Thu Jul 14 16:14:50 2005 => Scanning File C:\WINDOWS\WRServices.dll
Thu Jul 14 16:14:50 2005 => Scanning File C:\WINDOWS\xpsp1hfm.log [**]
Thu Jul 14 16:14:50 2005 => Scanning File C:\WINDOWS\y2s.ico [**]
Thu Jul 14 16:14:50 2005 => Scanning File C:\WINDOWS\Zapotec.bmp [**]
Thu Jul 14 16:14:50 2005 => Scanning File C:\WINDOWS\_default.pif
Thu Jul 14 16:14:50 2005 => Scanning File C:\WINDOWS\_delis32.ini [**]
Thu Jul 14 16:14:50 2005 => Scanning C:\WINDOWS\system32 Directory
Thu Jul 14 16:14:50 2005 => Scanning Folder: C:\WINDOWS\system32\*.*
Thu Jul 14 16:14:50 2005 => Scanning File C:\WINDOWS\system32\$ncsp$.inf
Thu Jul 14 16:14:50 2005 => Scanning File C:\WINDOWS\system32\$winnt$.inf
Thu Jul 14 16:14:50 2005 => Scanning File C:\WINDOWS\system32\12520437.cpx [**]
Thu Jul 14 16:14:50 2005 => Scanning File C:\WINDOWS\system32\12520850.cpx [**]
Thu Jul 14 16:14:50 2005 => Scanning File C:\WINDOWS\system32\1scenichp.exe
Thu Jul 14 16:14:51 2005 => Scanning File C:\WINDOWS\system32\1scenicid.exe
Thu Jul 14 16:14:51 2005 => Scanning File C:\WINDOWS\system32\2scenicwu.exe
Thu Jul 14 16:14:52 2005 => Scanning File C:\WINDOWS\system32\3scenices.exe
Thu Jul 14 16:14:52 2005 => Scanning File C:\WINDOWS\system32\401comupd.exe
Thu Jul 14 16:14:53 2005 => Scanning File C:\WINDOWS\system32\6to4svc.dll
Thu Jul 14 16:14:53 2005 => Scanning File C:\WINDOWS\system32\a3d.dll
Thu Jul 14 16:14:53 2005 => Scanning File C:\WINDOWS\system32\aaaamon.dll
Thu Jul 14 16:14:53 2005 => Scanning File C:\WINDOWS\system32\access.cpl
Thu Jul 14 16:14:53 2005 => Scanning File C:\WINDOWS\system32\acctres.dll
Thu Jul 14 16:14:53 2005 => Scanning File C:\WINDOWS\system32\accwiz.exe
Thu Jul 14 16:14:53 2005 => Scanning File C:\WINDOWS\system32\acelpdec.ax
Thu Jul 14 16:14:54 2005 => Scanning File C:\WINDOWS\system32\acledit.dll
Thu Jul 14 16:14:54 2005 => Scanning File C:\WINDOWS\system32\aclui.dll
Thu Jul 14 16:14:54 2005 => Scanning File C:\WINDOWS\system32\activeds.dll
Thu Jul 14 16:14:54 2005 => Scanning File C:\WINDOWS\system32\activeds.tlb
Thu Jul 14 16:14:54 2005 => Scanning File C:\WINDOWS\system32\actmovie.exe
Thu Jul 14 16:14:54 2005 => Scanning File C:\WINDOWS\system32\actxprxy.dll
Thu Jul 14 16:14:54 2005 => Scanning File C:\WINDOWS\system32\admparse.dll
Thu Jul 14 16:14:54 2005 => Scanning File C:\WINDOWS\system32\adptif.dll
Thu Jul 14 16:14:54 2005 => Scanning File C:\WINDOWS\system32\adsldp.dll
Thu Jul 14 16:14:54 2005 => Scanning File C:\WINDOWS\system32\adsldpc.dll
Thu Jul 14 16:14:54 2005 => Scanning File C:\WINDOWS\system32\adsmsext.dll
Thu Jul 14 16:14:55 2005 => Scanning File C:\WINDOWS\system32\adsnt.dll
Thu Jul 14 16:14:55 2005 => Scanning File C:\WINDOWS\system32\advapi32.dll
Thu Jul 14 16:14:55 2005 => *** File C:\WINDOWS\system32\AdvCfgRes.dll having Size Restriction ***
Thu Jul 14 16:14:55 2005 => Scanning File C:\WINDOWS\system32\AdvCfgRes.dll [**]
Thu Jul 14 16:14:55 2005 => Scanning File C:\WINDOWS\system32\advpack.dll
Thu Jul 14 16:14:55 2005 => Scanning File C:\WINDOWS\system32\ahui.exe
Thu Jul 14 16:14:55 2005 => Scanning File C:\WINDOWS\system32\alg.exe
Thu Jul 14 16:14:55 2005 => Scanning File C:\WINDOWS\system32\AlphaBut.ILX
Thu Jul 14 16:14:55 2005 => Scanning File C:\WINDOWS\system32\AlphaPic.ILX
Thu Jul 14 16:14:55 2005 => Scanning File C:\WINDOWS\system32\alrsvc.dll
Thu Jul 14 16:14:55 2005 => Scanning File C:\WINDOWS\system32\amstream.dll
Thu Jul 14 16:14:56 2005 => Scanning File C:\WINDOWS\system32\ansi.sys
Thu Jul 14 16:14:56 2005 => Scanning File C:\WINDOWS\system32\apcups.dll
Thu Jul 14 16:14:56 2005 => Scanning File C:\WINDOWS\system32\append.exe
Thu Jul 14 16:14:56 2005 => Scanning File C:\WINDOWS\system32\apphelp.dll
Thu Jul 14 16:14:56 2005 => Scanning File C:\WINDOWS\system32\appwiz.cpl
Thu Jul 14 16:14:56 2005 => Scanning File C:\WINDOWS\system32\arp.exe
Thu Jul 14 16:14:56 2005 => Scanning File C:\WINDOWS\system32\asctrls.ocx
Thu Jul 14 16:14:56 2005 => Scanning File C:\WINDOWS\system32\asferror.dll
Thu Jul 14 16:14:56 2005 => Scanning File C:\WINDOWS\system32\asfsipc.dll
Thu Jul 14 16:14:56 2005 => Scanning File C:\WINDOWS\system32\ASpell.ILX
Thu Jul 14 16:14:57 2005 => Scanning File C:\WINDOWS\system32\asycfilt.dll
Thu Jul 14 16:14:57 2005 => Scanning File C:\WINDOWS\system32\at.exe
Thu Jul 14 16:14:57 2005 => Scanning File C:\WINDOWS\system32\ATHPRXY.DLL
Thu Jul 14 16:14:57 2005 => Scanning File C:\WINDOWS\system32\ati2cqag.dll
Thu Jul 14 16:14:57 2005 => Scanning File C:\WINDOWS\system32\ati2dvaa.dll
Thu Jul 14 16:14:57 2005 => Scanning File C:\WINDOWS\system32\ati2dvag.dll
Thu Jul 14 16:14:58 2005 => Scanning File C:\WINDOWS\system32\ati2edxx.dll
Thu Jul 14 16:14:58 2005 => Scanning File C:\WINDOWS\system32\ati2evxx.dll
Thu Jul 14 16:14:58 2005 => Scanning File C:\WINDOWS\system32\ati2evxx.exe
Thu Jul 14 16:14:58 2005 => Scanning File C:\WINDOWS\system32\Ati2mdxx.exe
Thu Jul 14 16:14:58 2005 => Scanning File C:\WINDOWS\system32\ati3d1ag.dll
Thu Jul 14 16:14:58 2005 => *** File C:\WINDOWS\system32\ati3d2ag.dll having Size Restriction ***
Thu Jul 14 16:14:58 2005 => Scanning File C:\WINDOWS\system32\ati3d2ag.dll [**]
Thu Jul 14 16:14:58 2005 => *** File C:\WINDOWS\system32\ati3duag.dll having Size Restriction ***
Thu Jul 14 16:14:58 2005 => Scanning File C:\WINDOWS\system32\ati3duag.dll [**]
Thu Jul 14 16:14:58 2005 => Scanning File C:\WINDOWS\system32\atiiiexx.dll
Thu Jul 14 16:14:59 2005 => *** File C:\WINDOWS\system32\atioglxx.dll having Size Restriction ***
Thu Jul 14 16:14:59 2005 => Scanning File C:\WINDOWS\system32\atioglxx.dll [**]
Thu Jul 14 16:14:59 2005 => Scanning File C:\WINDOWS\system32\atitvo32.dll
Thu Jul 14 16:14:59 2005 => Scanning File C:\WINDOWS\system32\ativdaxx.ax
Thu Jul 14 16:14:59 2005 => Scanning File C:\WINDOWS\system32\ativmvxx.ax
Thu Jul 14 16:14:59 2005 => Scanning File C:\WINDOWS\system32\ativtmxx.dll
Thu Jul 14 16:14:59 2005 => Scanning File C:\WINDOWS\system32\ativvaxx.dll
Thu Jul 14 16:14:59 2005 => Scanning File C:\WINDOWS\system32\atkctrs.dll
Thu Jul 14 16:15:00 2005 => Scanning File C:\WINDOWS\system32\atl.dll
Thu Jul 14 16:15:00 2005 => Scanning File C:\WINDOWS\system32\atl70.dll
Thu Jul 14 16:15:00 2005 => Scanning File C:\WINDOWS\system32\atl71.dll
Thu Jul 14 16:15:00 2005 => Scanning File C:\WINDOWS\system32\atmadm.exe
Thu Jul 14 16:15:00 2005 => Scanning File C:\WINDOWS\system32\atmfd.dll
Thu Jul 14 16:15:00 2005 => Scanning File C:\WINDOWS\system32\atmlib.dll
Thu Jul 14 16:15:00 2005 => Scanning File C:\WINDOWS\system32\atmpvcno.dll
Thu Jul 14 16:15:00 2005 => Scanning File C:\WINDOWS\system32\atrace.dll
Thu Jul 14 16:15:00 2005 => Scanning File C:\WINDOWS\system32\attrib.exe
Thu Jul 14 16:15:00 2005 => Scanning File C:\WINDOWS\system32\Audio3d.dll
Thu Jul 14 16:15:01 2005 => Scanning File C:\WINDOWS\system32\Audiodev.dll
Thu Jul 14 16:15:01 2005 => Scanning File C:\WINDOWS\system32\audiosrv.dll
Thu Jul 14 16:15:01 2005 => Scanning File C:\WINDOWS\system32\auditusr.exe
Thu Jul 14 16:15:01 2005 => Scanning File C:\WINDOWS\system32\authz.dll
Thu Jul 14 16:15:01 2005 => Scanning File C:\WINDOWS\system32\autochk.exe
Thu Jul 14 16:15:01 2005 => Scanning File C:\WINDOWS\system32\autoconv.exe
Thu Jul 14 16:15:01 2005 => Scanning File C:\WINDOWS\system32\autodisc.dll
Thu Jul 14 16:15:01 2005 => Scanning File C:\WINDOWS\system32\AUTOEXEC.NT [**]
Thu Jul 14 16:15:01 2005 => Scanning File C:\WINDOWS\system32\autofmt.exe
Thu Jul 14 16:15:02 2005 => Scanning File C:\WINDOWS\system32\autolfn.exe
Thu Jul 14 16:15:02 2005 => Scanning File C:\WINDOWS\system32\avicap.dll
Thu Jul 14 16:15:02 2005 => Scanning File C:\WINDOWS\system32\avicap32.dll
Thu Jul 14 16:15:02 2005 => Scanning File C:\WINDOWS\system32\avifil32.dll
Thu Jul 14 16:15:02 2005 => Scanning File C:\WINDOWS\system32\avifile.dll
Thu Jul 14 16:15:02 2005 => Scanning File C:\WINDOWS\system32\avmeter.dll
Thu Jul 14 16:15:02 2005 => Scanning File C:\WINDOWS\system32\avtapi.dll
Thu Jul 14 16:15:03 2005 => Scanning File C:\WINDOWS\system32\avwav.dll
Thu Jul 14 16:15:03 2005 => Scanning File C:\WINDOWS\system32\basesrv.dll
Thu Jul 14 16:15:03 2005 => Scanning File C:\WINDOWS\system32\batmeter.dll
Thu Jul 14 16:15:03 2005 => Scanning File C:\WINDOWS\system32\batt.dll
Thu Jul 14 16:15:03 2005 => Scanning File C:\WINDOWS\system32\bdaplgin.ax
Thu Jul 14 16:15:03 2005 => Scanning File C:\WINDOWS\system32\bidispl.dll
Thu Jul 14 16:15:03 2005 => Scanning File C:\WINDOWS\system32\bios1.rom [**]
Thu Jul 14 16:15:03 2005 => Scanning File C:\WINDOWS\system32\bios4.rom [**]
Thu Jul 14 16:15:03 2005 => Scanning File C:\WINDOWS\system32\bitsprx2.dll
Thu Jul 14 16:15:03 2005 => Scanning File C:\WINDOWS\system32\bitsprx3.dll
Thu Jul 14 16:15:03 2005 => Scanning File C:\WINDOWS\system32\blackbox.dll
Thu Jul 14 16:15:03 2005 => Scanning File C:\WINDOWS\system32\blastcln.exe
Thu Jul 14 16:15:03 2005 => Scanning File C:\WINDOWS\system32\bootok.exe
Thu Jul 14 16:15:04 2005 => Scanning File C:\WINDOWS\system32\bootvid.dll
Thu Jul 14 16:15:04 2005 => Scanning File C:\WINDOWS\system32\bootvrfy.exe
Thu Jul 14 16:15:04 2005 => Scanning File C:\WINDOWS\system32\bopomofo.uce [**]
Thu Jul 14 16:15:04 2005 => Scanning File C:\WINDOWS\system32\BroadCast.ILX
Thu Jul 14 16:15:04 2005 => Scanning File C:\WINDOWS\system32\browselc.dll
Thu Jul 14 16:15:04 2005 => Scanning File C:\WINDOWS\system32\browser.dll
Thu Jul 14 16:15:04 2005 => Scanning File C:\WINDOWS\system32\browseui.dll
Thu Jul 14 16:15:04 2005 => Scanning File C:\WINDOWS\system32\browsewm.dll
Thu Jul 14 16:15:04 2005 => Scanning File C:\WINDOWS\system32\bthci.dll
Thu Jul 14 16:15:04 2005 => Scanning File C:\WINDOWS\system32\bthprops.cpl
Thu Jul 14 16:15:04 2005 => Scanning File C:\WINDOWS\system32\bthserv.dll
Thu Jul 14 16:15:04 2005 => Scanning File C:\WINDOWS\system32\btpanui.dll
Thu Jul 14 16:15:04 2005 => Scanning File C:\WINDOWS\system32\btw_ci.dll
Thu Jul 14 16:15:04 2005 => Scanning File C:\WINDOWS\system32\cabinet.dll
Thu Jul 14 16:15:05 2005 => Scanning File C:\WINDOWS\system32\cabview.dll
Thu Jul 14 16:15:05 2005 => Scanning File C:\WINDOWS\system32\cacls.exe
Thu Jul 14 16:15:05 2005 => Scanning File C:\WINDOWS\system32\calc.exe
Thu Jul 14 16:15:05 2005 => Scanning File C:\WINDOWS\system32\camocx.dll
Thu Jul 14 16:15:05 2005 => Scanning File C:\WINDOWS\system32\capesnpn.dll
Thu Jul 14 16:15:05 2005 => Scanning File C:\WINDOWS\system32\capicom.dll
Thu Jul 14 16:15:06 2005 => Scanning File C:\WINDOWS\system32\cards.dll
Thu Jul 14 16:15:06 2005 => Scanning File C:\WINDOWS\system32\catsrv.dll
Thu Jul 14 16:15:06 2005 => Scanning File C:\WINDOWS\system32\catsrvps.dll
Thu Jul 14 16:15:06 2005 => Scanning File C:\WINDOWS\system32\catsrvut.dll
Thu Jul 14 16:15:06 2005 => Scanning File C:\WINDOWS\system32\ccfgnt.dll
Thu Jul 14 16:15:06 2005 => Scanning File C:\WINDOWS\system32\ccrpftv6.ocx
Thu Jul 14 16:15:06 2005 => Scanning File C:\WINDOWS\system32\cdfview.dll
Thu Jul 14 16:15:07 2005 => Scanning File C:\WINDOWS\system32\cdm.dll
Thu Jul 14 16:15:07 2005 => Scanning File C:\WINDOWS\system32\cdmodem.dll
Thu Jul 14 16:15:07 2005 => *** File C:\WINDOWS\system32\cdosys.dll having Size Restriction ***
Thu Jul 14 16:15:07 2005 => Scanning File C:\WINDOWS\system32\cdosys.dll [**]
Thu Jul 14 16:15:07 2005 => Scanning File C:\WINDOWS\system32\cdplayer.exe.manifest [**]
Thu Jul 14 16:15:07 2005 => Scanning File C:\WINDOWS\system32\certcli.dll
Thu Jul 14 16:15:07 2005 => Scanning File C:\WINDOWS\system32\certmgr.dll
Thu Jul 14 16:15:07 2005 => Scanning File C:\WINDOWS\system32\certmgr.msc [**]
Thu Jul 14 16:15:07 2005 => Scanning File C:\WINDOWS\system32\cewmdm.dll
Thu Jul 14 16:15:08 2005 => Scanning File C:\WINDOWS\system32\cfgbkend.dll
Thu Jul 14 16:15:08 2005 => Scanning File C:\WINDOWS\system32\cfgmgr32.dll
Thu Jul 14 16:15:08 2005 => Scanning File C:\WINDOWS\system32\charmap.exe
Thu Jul 14 16:15:08 2005 => Scanning File C:\WINDOWS\system32\chcp.com
Thu Jul 14 16:15:08 2005 => Scanning File C:\WINDOWS\system32\chkdsk.exe
Thu Jul 14 16:15:08 2005 => Scanning File C:\WINDOWS\system32\chkntfs.exe
Thu Jul 14 16:15:08 2005 => Scanning File C:\WINDOWS\system32\ciadmin.dll
Thu Jul 14 16:15:08 2005 => Scanning File C:\WINDOWS\system32\ciadv.msc [**]
Thu Jul 14 16:15:08 2005 => Scanning File C:\WINDOWS\system32\cic.dll
Thu Jul 14 16:15:08 2005 => Scanning File C:\WINDOWS\system32\cidaemon.exe
Thu Jul 14 16:15:08 2005 => Scanning File C:\WINDOWS\system32\ciodm.dll
Thu Jul 14 16:15:09 2005 => Scanning File C:\WINDOWS\system32\cisvc.exe
Thu Jul 14 16:15:09 2005 => Scanning File C:\WINDOWS\system32\ckcnv.exe
Thu Jul 14 16:15:09 2005 => Scanning File C:\WINDOWS\system32\clb.dll
Thu Jul 14 16:15:09 2005 => Scanning File C:\WINDOWS\system32\clbcatex.dll
Thu Jul 14 16:15:09 2005 => Scanning File C:\WINDOWS\system32\clbcatq.dll
Thu Jul 14 16:15:09 2005 => Scanning File C:\WINDOWS\system32\cleanmgr.exe
Thu Jul 14 16:15:09 2005 => Scanning File C:\WINDOWS\system32\CleanUp.exe
Thu Jul 14 16:15:09 2005 => Scanning File C:\WINDOWS\system32\cliconf.chm [**]
Thu Jul 14 16:15:09 2005 => Scanning File C:\WINDOWS\system32\cliconfg.dll
Thu Jul 14 16:15:09 2005 => Scanning File C:\WINDOWS\system32\cliconfg.exe
Thu Jul 14 16:15:09 2005 => Scanning File C:\WINDOWS\system32\cliconfg.rll
Thu Jul 14 16:15:09 2005 => Scanning File C:\WINDOWS\system32\clipbrd.exe
Thu Jul 14 16:15:09 2005 => Scanning File C:\WINDOWS\system32\clipsrv.exe
Thu Jul 14 16:15:09 2005 => Scanning File C:\WINDOWS\system32\clusapi.dll
Thu Jul 14 16:15:09 2005 => Scanning File C:\WINDOWS\system32\cmcfg32.dll
Thu Jul 14 16:15:10 2005 => Scanning File C:\WINDOWS\system32\cmd.exe
Thu Jul 14 16:15:10 2005 => Scanning File C:\WINDOWS\system32\cmdial32.dll
Thu Jul 14 16:15:10 2005 => Scanning File C:\WINDOWS\system32\cmdl32.exe
Thu Jul 14 16:15:10 2005 => Scanning File C:\WINDOWS\system32\cmmgr32.hlp [**]
Thu Jul 14 16:15:10 2005 => Scanning File C:\WINDOWS\system32\cmmon32.exe
Thu Jul 14 16:15:10 2005 => Scanning File C:\WINDOWS\system32\cmos.ram [**]
Thu Jul 14 16:15:10 2005 => Scanning File C:\WINDOWS\system32\cmpbk32.dll
Thu Jul 14 16:15:10 2005 => Scanning File C:\WINDOWS\system32\cmprops.dll
Thu Jul 14 16:15:10 2005 => Scanning File C:\WINDOWS\system32\cmsetacl.dll
Thu Jul 14 16:15:10 2005 => Scanning File C:\WINDOWS\system32\cmstp.exe
Thu Jul 14 16:15:10 2005 => Scanning File C:\WINDOWS\system32\cmutil.dll
Thu Jul 14 16:15:10 2005 => Scanning File C:\WINDOWS\system32\CNBJHLP2.CNT [**]
Thu Jul 14 16:15:10 2005 => Scanning File C:\WINDOWS\system32\CNBJHLP2.HLP [**]
Thu Jul 14 16:15:10 2005 => Scanning File C:\WINDOWS\system32\cnbjmon.dll
Thu Jul 14 16:15:11 2005 => Scanning File C:\WINDOWS\system32\cnbjmon2.dll
Thu Jul 14 16:15:11 2005 => Scanning File C:\WINDOWS\system32\CNCC360.DLL
Thu Jul 14 16:15:11 2005 => Scanning File C:\WINDOWS\system32\CNCI360.DLL
Thu Jul 14 16:15:11 2005 => Scanning File C:\WINDOWS\system32\cncipst0.dll
Thu Jul 14 16:15:11 2005 => Scanning File C:\WINDOWS\system32\cncisco.dll
Thu Jul 14 16:15:11 2005 => Scanning File C:\WINDOWS\system32\CNCL360.DLL
Thu Jul 14 16:15:11 2005 => Scanning File C:\WINDOWS\system32\CNCMP51.INI [**]
Thu Jul 14 16:15:11 2005 => Scanning File C:\WINDOWS\system32\CNCSCM51.DLL
Thu Jul 14 16:15:11 2005 => Scanning File C:\WINDOWS\system32\CNCSDO51.DLL
Thu Jul 14 16:15:11 2005 => Scanning File C:\WINDOWS\system32\CNCSIF51.DLL
Thu Jul 14 16:15:11 2005 => Scanning File C:\WINDOWS\system32\CNCSTR51.DLL
Thu Jul 14 16:15:11 2005 => Scanning File C:\WINDOWS\system32\CNCSUT51.DLL
Thu Jul 14 16:15:11 2005 => Scanning File C:\WINDOWS\system32\cnetcfg.dll
Thu Jul 14 16:15:12 2005 => Scanning File C:\WINDOWS\system32\CNMLMyd.DLL
Thu Jul 14 16:15:12 2005 => Scanning File C:\WINDOWS\system32\CNMVSyd.DLL
Thu Jul 14 16:15:12 2005 => Scanning File C:\WINDOWS\system32\cnvfat.dll
Thu Jul 14 16:15:12 2005 => Scanning File C:\WINDOWS\system32\colbact.dll
Thu Jul 14 16:15:12 2005 => Scanning File C:\WINDOWS\system32\comaddin.dll
Thu Jul 14 16:15:12 2005 => Scanning File C:\WINDOWS\system32\comcat.dll
Thu Jul 14 16:15:12 2005 => Scanning File C:\WINDOWS\system32\comctl32.dll
Thu Jul 14 16:15:12 2005 => Scanning File C:\WINDOWS\system32\comctl32.ocx
Thu Jul 14 16:15:12 2005 => Scanning File C:\WINDOWS\system32\comdlg32.dll
Thu Jul 14 16:15:13 2005 => Scanning File C:\WINDOWS\system32\comdlg32.ocx
Thu Jul 14 16:15:13 2005 => Scanning File C:\WINDOWS\system32\comm.drv
Thu Jul 14 16:15:13 2005 => Scanning File C:\WINDOWS\system32\command.com
Thu Jul 14 16:15:13 2005 => Scanning File C:\WINDOWS\system32\commdlg.dll
Thu Jul 14 16:15:13 2005 => Scanning File C:\WINDOWS\system32\comp.exe
Thu Jul 14 16:15:13 2005 => Scanning File C:\WINDOWS\system32\compact.exe
Thu Jul 14 16:15:13 2005 => Scanning File C:\WINDOWS\system32\compatui.dll
Thu Jul 14 16:15:13 2005 => Scanning File C:\WINDOWS\system32\compmgmt.msc [**]
Thu Jul 14 16:15:13 2005 => Scanning File C:\WINDOWS\system32\compobj.dll
Thu Jul 14 16:15:13 2005 => Scanning File C:\WINDOWS\system32\compstui.dll
Thu Jul 14 16:15:13 2005 => Scanning File C:\WINDOWS\system32\comrepl.dll
Thu Jul 14 16:15:13 2005 => Scanning File C:\WINDOWS\system32\comres.dll
Thu Jul 14 16:15:13 2005 => Scanning File C:\WINDOWS\system32\comsnap.dll
Thu Jul 14 16:15:14 2005 => *** File C:\WINDOWS\system32\comsvcs.dll having Size Restriction ***
Thu Jul 14 16:15:14 2005 => Scanning File C:\WINDOWS\system32\comsvcs.dll [**]
Thu Jul 14 16:15:14 2005 => Scanning File C:\WINDOWS\system32\comuid.dll
Thu Jul 14 16:15:14 2005 => Scanning File C:\WINDOWS\system32\CONFIG.NT [**]
Thu Jul 14 16:15:14 2005 => Scanning File C:\WINDOWS\system32\CONFIG.TMP [**]
Thu Jul 14 16:15:14 2005 => Scanning File C:\WINDOWS\system32\confmsp.dll
Thu Jul 14 16:15:14 2005 => Scanning File C:\WINDOWS\system32\conime.exe
Thu Jul 14 16:15:14 2005 => Scanning File C:\WINDOWS\system32\console.dll
Thu Jul 14 16:15:15 2005 => Scanning File C:\WINDOWS\system32\control.exe
Thu Jul 14 16:15:15 2005 => Scanning File C:\WINDOWS\system32\convert.exe
Thu Jul 14 16:15:15 2005 => Scanning File C:\WINDOWS\system32\corpol.dll
Thu Jul 14 16:15:15 2005 => Scanning File C:\WINDOWS\system32\country.sys
Thu Jul 14 16:15:15 2005 => Scanning File C:\WINDOWS\system32\credui.dll
Thu Jul 14 16:15:15 2005 => Scanning File C:\WINDOWS\system32\crtdll.dll
Thu Jul 14 16:15:15 2005 => Scanning File C:\WINDOWS\system32\crypt32.dll
Thu Jul 14 16:15:15 2005 => Scanning File C:\WINDOWS\system32\cryptdlg.dll
Thu Jul 14 16:15:15 2005 => Scanning File C:\WINDOWS\system32\cryptdll.dll
Thu Jul 14 16:15:15 2005 => Scanning File C:\WINDOWS\system32\cryptext.dll
Thu Jul 14 16:15:15 2005 => Scanning File C:\WINDOWS\system32\cryptnet.dll
Thu Jul 14 16:15:15 2005 => Scanning File C:\WINDOWS\system32\cryptsvc.dll
Thu Jul 14 16:15:15 2005 => Scanning File C:\WINDOWS\system32\cryptui.dll
Thu Jul 14 16:15:16 2005 => Scanning File C:\WINDOWS\system32\cscdll.dll
Thu Jul 14 16:15:16 2005 => Scanning File C:\WINDOWS\system32\cscript.exe
Thu Jul 14 16:15:16 2005 => Scanning File C:\WINDOWS\system32\cscui.dll
Thu Jul 14 16:15:16 2005 => Scanning File C:\WINDOWS\system32\csrsrv.dll
Thu Jul 14 16:15:16 2005 => Scanning File C:\WINDOWS\system32\csrss.exe
Thu Jul 14 16:15:16 2005 => Scanning File C:\WINDOWS\system32\csseqchk.dll
Thu Jul 14 16:15:16 2005 => Scanning File C:\WINDOWS\system32\ctfmon.exe
Thu Jul 14 16:15:16 2005 => Scanning File C:\WINDOWS\system32\ctl3d32.dll
Thu Jul 14 16:15:16 2005 => Scanning File C:\WINDOWS\system32\ctl3dv2.dll
Thu Jul 14 16:15:16 2005 => Scanning File C:\WINDOWS\system32\ctype.nls [**]
Thu Jul 14 16:15:16 2005 => Scanning File C:\WINDOWS\system32\c_037.nls [**]
Thu Jul 14 16:15:16 2005 => Scanning File C:\WINDOWS\system32\c_10000.nls [**]
Thu Jul 14 16:15:16 2005 => Scanning File C:\WINDOWS\system32\c_10006.nls [**]
Thu Jul 14 16:15:16 2005 => Scanning File C:\WINDOWS\system32\c_10007.nls [**]
Thu Jul 14 16:15:16 2005 => Scanning File C:\WINDOWS\system32\c_10010.nls [**]
Thu Jul 14 16:15:16 2005 => Scanning File C:\WINDOWS\system32\c_10017.nls [**]
Thu Jul 14 16:15:16 2005 => Scanning File C:\WINDOWS\system32\c_10029.nls [**]
Thu Jul 14 16:15:16 2005 => Scanning File C:\WINDOWS\system32\c_10079.nls [**]
Thu Jul 14 16:15:16 2005 => Scanning File C:\WINDOWS\system32\c_10081.nls [**]
Thu Jul 14 16:15:16 2005 => Scanning File C:\WINDOWS\system32\c_10082.nls [**]
Thu Jul 14 16:15:16 2005 => Scanning File C:\WINDOWS\system32\c_1026.nls [**]
Thu Jul 14 16:15:17 2005 => Scanning File C:\WINDOWS\system32\c_1250.nls [**]
Thu Jul 14 16:15:17 2005 => Scanning File C:\WINDOWS\system32\c_1251.nls [**]
Thu Jul 14 16:15:17 2005 => Scanning File C:\WINDOWS\system32\c_1252.nls [**]
Thu Jul 14 16:15:17 2005 => Scanning File C:\WINDOWS\system32\c_1253.nls [**]
Thu Jul 14 16:15:17 2005 => Scanning File C:\WINDOWS\system32\c_1254.nls [**]
Thu Jul 14 16:15:17 2005 => Scanning File C:\WINDOWS\system32\c_1255.nls [**]
Thu Jul 14 16:15:17 2005 => Scanning File C:\WINDOWS\system32\c_1256.nls [**]
Thu Jul 14 16:15:17 2005 => Scanning File C:\WINDOWS\system32\c_1257.nls [**]
Thu Jul 14 16:15:17 2005 => Scanning File C:\WINDOWS\system32\c_1258.nls [**]
Thu Jul 14 16:15:17 2005 => Scanning File C:\WINDOWS\system32\c_20127.nls [**]
Thu Jul 14 16:15:17 2005 => Scanning File C:\WINDOWS\system32\c_20261.nls [**]
Thu Jul 14 16:15:17 2005 => Scanning File C:\WINDOWS\system32\c_20866.nls [**]
Thu Jul 14 16:15:17 2005 => Scanning File C:\WINDOWS\system32\c_20905.nls [**]
Thu Jul 14 16:15:17 2005 => Scanning File C:\WINDOWS\system32\c_21866.nls [**]
Thu Jul 14 16:15:17 2005 => Scanning File C:\WINDOWS\system32\c_28591.nls [**]
Thu Jul 14 16:15:17 2005 => Scanning File C:\WINDOWS\system32\c_28592.nls [**]
Thu Jul 14 16:15:17 2005 => Scanning File C:\WINDOWS\system32\c_28593.nls [**]
Thu Jul 14 16:15:17 2005 => Scanning File C:\WINDOWS\system32\C_28594.NLS [**]
Thu Jul 14 16:15:17 2005 => Scanning File C:\WINDOWS\system32\C_28595.NLS [**]
Thu Jul 14 16:15:17 2005 => Scanning File C:\WINDOWS\system32\C_28597.NLS [**]
Thu Jul 14 16:15:17 2005 => Scanning File C:\WINDOWS\system32\c_28598.nls [**]
Thu Jul 14 16:15:17 2005 => Scanning File C:\WINDOWS\system32\c_28599.nls [**]
Thu Jul 14 16:15:17 2005 => Scanning File C:\WINDOWS\system32\c_28603.nls [**]
Thu Jul 14 16:15:17 2005 => Scanning File C:\WINDOWS\system32\c_28605.nls [**]
Thu Jul 14 16:15:17 2005 => Scanning File C:\WINDOWS\system32\c_437.nls [**]
Thu Jul 14 16:15:17 2005 => Scanning File C:\WINDOWS\system32\c_500.nls [**]
Thu Jul 14 16:15:17 2005 => Scanning File C:\WINDOWS\system32\c_737.nls [**]
Thu Jul 14 16:15:17 2005 => Scanning File C:\WINDOWS\system32\c_775.nls [**]
Thu Jul 14 16:15:17 2005 => Scanning File C:\WINDOWS\system32\c_850.nls [**]
Thu Jul 14 16:15:17 2005 => Scanning File C:\WINDOWS\system32\c_852.nls [**]
Thu Jul 14 16:15:17 2005 => Scanning File C:\WINDOWS\system32\c_855.nls [**]
Thu Jul 14 16:15:17 2005 => Scanning File C:\WINDOWS\system32\c_857.nls [**]
Thu Jul 14 16:15:17 2005 => Scanning File C:\WINDOWS\system32\c_860.nls [**]
Thu Jul 14 16:15:17 2005 => Scanning File C:\WINDOWS\system32\c_861.nls [**]
Thu Jul 14 16:15:17 2005 => Scanning File C:\WINDOWS\system32\c_863.nls [**]
Thu Jul 14 16:15:17 2005 => Scanning File C:\WINDOWS\system32\c_865.nls [**]
Thu Jul 14 16:15:17 2005 => Scanning File C:\WINDOWS\system32\c_866.nls [**]
Thu Jul 14 16:15:17 2005 => Scanning File C:\WINDOWS\system32\c_869.nls [**]
Thu Jul 14 16:15:17 2005 => Scanning File C:\WINDOWS\system32\c_874.nls [**]
Thu Jul 14 16:15:17 2005 => Scanning File C:\WINDOWS\system32\c_875.nls [**]
Thu Jul 14 16:15:17 2005 => Scanning File C:\WINDOWS\system32\c_932.nls [**]
Thu Jul 14 16:15:17 2005 => Scanning File C:\WINDOWS\system32\c_936.nls [**]
Thu Jul 14 16:15:18 2005 => Scanning File C:\WINDOWS\system32\c_949.nls [**]
Thu Jul 14 16:15:18 2005 => Scanning File C:\WINDOWS\system32\c_950.nls [**]
Thu Jul 14 16:15:18 2005 => *** File C:\WINDOWS\system32\d3d8.dll having Size Restriction ***
Thu Jul 14 16:15:18 2005 => Scanning File C:\WINDOWS\system32\d3d8.dll [**]
Thu Jul 14 16:15:18 2005 => Scanning File C:\WINDOWS\system32\d3d8thk.dll
Thu Jul 14 16:15:18 2005 => *** File C:\WINDOWS\system32\d3d9.dll having Size Restriction ***
Thu Jul 14 16:15:18 2005 => Scanning File C:\WINDOWS\system32\d3d9.dll [**]
Thu Jul 14 16:15:18 2005 => Scanning File C:\WINDOWS\system32\d3dim.dll
Thu Jul 14 16:15:18 2005 => Scanning File C:\WINDOWS\system3

Synes godt om

Slettet bruger

14. juli 2005 - 17:33 #10

---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 17:05:43, 14-07-2005
+ Report-Checksum: B4D136C

+ Scan result:

HKLM\SOFTWARE\Avenue Media -> Spyware.InternetOptimizer : Cleaned with backup
HKLM\SOFTWARE\Avenue Media\Internet Optimizer -> Spyware.InternetOptimizer : Cleaned with backup
HKLM\SOFTWARE\Classes\ADM25.ADM25 -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\ADM25.ADM25\CurVer -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\ADM4.ADM4 -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\ADM4.ADM4\CurVer -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\AppID\adm.EXE -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\AppID\Altnet Signing Module.EXE -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\BrowserHelperObject.BAHelper -> Spyware.SideFind : Cleaned with backup
HKLM\SOFTWARE\Classes\BrowserHelperObject.BAHelper\CLSID -> Spyware.SideFind : Cleaned with backup
HKLM\SOFTWARE\Classes\BrowserHelperObject.BAHelper\CurVer -> Spyware.SideFind : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{014DA6C9-189F-421a-88CD-07CFE51CFF10} -> Spyware.MySearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{21FFB6C0-0DA1-11D5-A9D5-00500413153C} -> Spyware.Gator : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{86227D9C-0EFE-4f8a-AA55-30386A3F5686} -> Spyware.YourSiteBar : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{8CBA1B49-8144-4721-A7B1-64C578C9EED7} -> Spyware.SideFind : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{339D8AFF-0B42-4260-AD82-78CE605A9543} -> Spyware.SideFind : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{A36A5936-CFD9-4B41-86BD-319A1931887F} -> Spyware.SideFind : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{58634367-D62B-4C2C-86BE-5AAC45CDB671} -> Spyware.SideFind : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{D0288A41-9855-4A9B-8316-BABE243648DA} -> Spyware.SideFind : Cleaned with backup
HKLM\SOFTWARE\Gator.com -> Spyware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\AppInfo -> Spyware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\CMEII -> Spyware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator -> Spyware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\dyn -> Spyware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\dyn\GCH -> Spyware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\dyn\GCH\_gs -> Spyware.Gator : Cleaned with backup
HKLM\SOFTWARE\Microsoft\SideFind -> Spyware.SideFind : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\AMeOpt -> Spyware.InternetOptimizer : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DyFuCA -> Spyware.MoneyTree : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Internet Optimizer -> Spyware.InternetOptimizer : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Kapabout -> Spyware.InternetOptimizer : Cleaned with backup
HKLM\SOFTWARE\Policies\Avenue Media -> Spyware.InternetOptimizer : Cleaned with backup
HKLM\SOFTWARE\PowerScan -> Spyware.PowerScan : Cleaned with backup
HKU\S-1-5-21-352786535-1845191268-2683488045-1009\Software\Avenue Media -> Spyware.InternetOptimizer : Cleaned with backup
HKU\S-1-5-21-352786535-1845191268-2683488045-1009\Software\IST -> Spyware.ISTBar : Cleaned with backup
HKU\S-1-5-21-352786535-1845191268-2683488045-1009\Software\Microsoft\Internet Explorer\Explorer Bars\{8CBA1B49-8144-4721-A7B1-64C578C9EED7} -> Spyware.SideFind : Cleaned with backup
HKU\S-1-5-21-352786535-1845191268-2683488045-1009\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A3FDD654-A057-4971-9844-4ED8E67DBBB8} -> Spyware.ISTBar : Cleaned with backup
HKU\S-1-5-21-352786535-1845191268-2683488045-1009\Software\Microsoft\Windows\CurrentVersion\Policies\AMeOpt -> Spyware.InternetOptimizer : Cleaned with backup
HKU\S-1-5-21-352786535-1845191268-2683488045-1009\Software\Policies\Avenue Media -> Spyware.InternetOptimizer : Cleaned with backup
HKU\S-1-5-21-352786535-1845191268-2683488045-1009\Software\PowerScan -> Spyware.PowerScan : Cleaned with backup
HKU\S-1-5-21-352786535-1845191268-2683488045-1009\Software\RX Toolbar -> Spyware.RXToolbar : Cleaned with backup
C:\Documents and Settings\Gæst\Cookies\gæst@as1.falkag[1].txt -> Spyware.Cookie.Falkag : Cleaned with backup
C:\Documents and Settings\Gæst\Cookies\gæst@ayb.lop[1].txt -> Spyware.Cookie.Lop : Cleaned with backup
C:\Documents and Settings\Gæst\Cookies\gæst@c10114.bins.lop[1].txt -> Spyware.Cookie.Lop : Cleaned with backup
C:\Documents and Settings\Gæst\Cookies\gæst@d28012.bins.lop[1].txt -> Spyware.Cookie.Lop : Cleaned with backup
C:\Documents and Settings\Gæst\Cookies\gæst@j12797.bins.lop[1].txt -> Spyware.Cookie.Lop : Cleaned with backup
C:\Documents and Settings\Gæst\Cookies\gæst@l21473.bins.lop[1].txt -> Spyware.Cookie.Lop : Cleaned with backup
C:\Documents and Settings\Gæst\Cookies\gæst@lop[2].txt -> Spyware.Cookie.Lop : Cleaned with backup
C:\Documents and Settings\Gæst\Cookies\gæst@m5764.bins.lop[1].txt -> Spyware.Cookie.Lop : Cleaned with backup
C:\Documents and Settings\Gæst\Cookies\gæst@s30353.bins.lop[1].txt -> Spyware.Cookie.Lop : Cleaned with backup
C:\Documents and Settings\Gæst\Cookies\gæst@sk235lkg.bins.lop[1].txt -> Spyware.Cookie.Lop : Cleaned with backup
C:\Documents and Settings\Gæst\Cookies\gæst@x6227.bins.lop[1].txt -> Spyware.Cookie.Lop : Cleaned with backup
C:\Documents and Settings\Gæst\Cookies\gæst@z1.adserver[1].txt -> Spyware.Cookie.Adserver : Cleaned with backup
C:\Documents and Settings\Gæst\Lokale indstillinger\Temporary Internet Files\Content.IE5\KDYJSLUV\istsvc[1].exe -> TrojanDownloader.IstBar : Cleaned with backup
C:\Documents and Settings\JanniJohnsen_\Cookies\jannijohnsen_@2o7[3].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\JanniJohnsen_\Cookies\jannijohnsen_@lop[1].txt -> Spyware.Cookie.Lop : Cleaned with backup
C:\RECYCLER\S-1-5-21-352786535-1845191268-2683488045-1009\Dc5\optimize.exe -> TrojanDownloader.Dyfuca : Error during cleaning
C:\RECYCLER\S-1-5-21-352786535-1845191268-2683488045-1009\Dc6.exe -> TrojanDownloader.IstBar.ij : Cleaned with backup
C:\WINDOWS\system32\instsrv.exe -> Spyware.BargainBuddy : Cleaned with backup

::Report End

Synes godt om

arlet Juniormester

15. juli 2005 - 18:18 #11

Fix i hijackthis:
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.jvafuybkuyzb.com/HRs_bIpE/8fe7udq50tBdRiqsGl7d33aD8uMPQvFT3uHaJHkX3eKgrU0zqrWPQBF.htm

genstart og lav en ny log, hvis den er der stadig skal du forsøge at fixe den igen

Sådan fortsætter du, nogle gange skal der 5 fix til..

Når den er væk kommer du med en nu hijackthis log

Synes godt om

Slettet bruger

24. juli 2005 - 19:46 #12

Logfile of HijackThis v1.99.1
Scan saved at 19:46:16, on 24-07-2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\netdde.exe
C:\Programmer\ewido\security suite\ewidoctrl.exe
C:\Programmer\ewido\security suite\ewidoguard.exe
C:\PROGRA~1\Navnt\navapsvc.exe
C:\PROGRA~1\Navnt\npssvc.exe
C:\Programmer\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmer\Apoint2K\Apoint.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programmer\Java\j2re1.4.2_03\bin\jusched.exe
C:\Programmer\HP\Digital Imaging\Unload\hpqcmon.exe
C:\Programmer\Apoint2K\Apntex.exe
C:\Programmer\HP\HP Share-to-Web\hpgs2wnd.exe
C:\Programmer\HPQ\Quick Launch Buttons\EabServr.exe
C:\Programmer\HP\HP Share-to-Web\hpgs2wnf.exe
C:\WINDOWS\System32\hphmon05.exe
C:\Programmer\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\Programmer\QuickTime\qttask.exe
C:\programmer\u-storage tools2.5\ustorage.exe
C:\Programmer\Navnt\POProxy.exe
C:\Programmer\Winamp\winampa.exe
C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
C:\Programmer\Navnt\navapw32.exe
C:\Programmer\InstallShield Software Corporation\802.11b Wireless Lan Utility\RtlWake.exe
C:\PROGRA~1\Navnt\alertsvc.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\Documents and Settings\JanniJohnsen_\Skrivebord\Ny mappe\hjt.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hp.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hp.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\Programmer\TEXTware\QUICKfind\PlugIns\IEHelp.dll
O4 - HKLM\..\Run: [Apoint] C:\Programmer\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [Cpqset] C:\Programmer\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmer\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [CamMonitor] C:\Programmer\HP\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Programmer\HP\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Programmer\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Programmer\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [UStorag] c:\programmer\u-storage tools2.5\ustorage.exe sys_auto_run C:\Programmer\U-Storage Tools2.5
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [Norton eMail Protect] C:\Programmer\Navnt\POProxy.exe
O4 - HKLM\..\Run: [NPS Event Checker] C:\PROGRA~1\Navnt\npscheck.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Programmer\Winamp\winampa.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Norton AntiVirus Auto-Protect.lnk = C:\Programmer\Navnt\navapw32.exe
O4 - Global Startup: RtlWake.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe (file missing)
O12 - Plugin for .mp3: C:\Programmer\Internet Explorer\PLUGINS\npqtplugin4.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ewido security suite control - ewido networks - C:\Programmer\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Programmer\ewido\security suite\ewidoguard.exe
O23 - Service: NAV Alert - Symantec Corporation - C:\PROGRA~1\Navnt\alertsvc.exe
O23 - Service: NAV Auto-Protect - Symantec Corporation - C:\PROGRA~1\Navnt\navapsvc.exe
O23 - Service: Norton Program Scheduler - Symantec Corporation - C:\PROGRA~1\Navnt\npssvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programmer\Analog Devices\SoundMAX\SMAgent.exe

Synes godt om

arlet Juniormester

25. juli 2005 - 16:55 #13

Så er din log ren.

Efter sådan en tur er det altid en god ide og rydde op i dine systemgendannelses filerne.
Deaktiver systemgendannelse ( http://www.arlet.dk/systemgendannelsen.htm ) - genstart din computer - aktiver systemgendannelse.
Og så skal du også lige skjule dine filer og mapper igen, så du ikke ved en fejl kommer til at slette en vigtig fil.
Det gør du samme sted, hvor du satte det til at vise alle filer, denne gang vælger du bare: Vis ikke skjulte filer og mapper.

Generel oprydning: http://www.arlet.dk/oprydning.htm

For at beskytte dig mod snavs har jeg lavet en sikkerhedspakke,
som du kan hente her : www.arlet.dk/pakke.htm

Synes godt om

Slettet bruger

27. juli 2005 - 16:18 #14

hejsa. sidste ting, hver gang jeg kører media player - siger den bare intern fejl.! jeg har geninstalleret den, men hver gang jeg er færdig, siger den bare det samme!

Synes godt om

Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Følg dette spørgsmål

Opret Preview

Se alle it-kurser fra Computerworld Kurser

IT-kurser om Microsoft 365, sikkerhed, personlig vækst, udvikling, digital markedsføring, grafisk design, SAP og forretningsanalyse.

Se alle it-kurser

Flere spørgsmål fra Virus kategorien

Titel	Indlæg	Oprettet	Seneste aktivitet
Vil skrifte antivirusprogram. Af ErikHg i Virus	22	26/11/202510:42	23/12/202514:29
Er gratis Bitdefender værd at installere ? Af Ikke-ekspert i Virus	8	31/08/202519:08	01/09/202514:18
Ukendte filer på min Pc Af jonpet i Virus	10	03/02/202514:20	04/02/202511:05
mulig ukendt virus Af jackie18 i Virus	3	18/01/202514:07	18/01/202516:39
virus popper op med jævne mellemrum Af Malm i Virus	13	18/01/202511:40	20/01/202517:53

Se alle spørgsmål i kategorien Opret spørgsmål

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Du kan også logge ind via nedenstående tjenester

Alle kategorier på Eksperten

Seneste artiklerRSS