|
Trojaner blockt Task Manager Hallo zusammen! Ich habe mir wohl einen Trojaner eingefangen, mein Task-Manager lässt sich weder per Tastenkombi (Strg+Alt+Entf) noch per Rechtsklick auf die Taskleiste und da "Task-Manager" öffnen! :heulen: Weis jemand mit welcher freeware ich diesen am ehesten beseitigen kann oder ist diesem gar nicht mehr beizukommen und ich muss formatieren? Das will ich nwirklich nur im äußersten Notfall, also bin ich jedem der eine Anregung oder Idee oder Tip für mich hat SEHR DANKBAR! :confused: Danke! mfg Stoiner |
lad dir mal antivir> www.free-av.de , spybot > www.safer-networking.org , ad aware > www.lavasoftusa.com runter, update und scanne mit denen. Poste DANACH ein HJT und ein Escan Log . |
hey kann sein,dass du Worm/Rbot.adx eingefangen hast! #Versuch mal unter Start/Ausführen,ob folgende Bfehle funktionieren cmd und regedit Poste mal ein HijackThis Log Gruss Expert |
Bei beiden Befehlen kommt "Datei nicht gefunden" !? Mir fehlt auh der "System32" Ordner, der eigentlich im Windows Ordner sein müsste, entweder Ordneroptionen stimmen nicht sodass er nicht angezeigt wird oder er ist da nicht mehr drin! @ 1. Antwort: Ich lasse seit nem Jahr je Woche 4-5 x jeweils Spybot UND AdAware drüber laufen! Und seid das mit dem Taskmanager ist, findet der AdAware auch immer ca. 20 Kritische Objekte, ca 15 meistens nur spyware aber eben ca 5 Dateien die eine "8" als Bedrohung auf der Skala sind! Aber die sind beim nächsten Scan wieder da! Danke schon für die ersten Antworten, würde mich freuen wenn welche auch auf diese Fragen reagieren! |
Was für eine Windows-Version hast du denn eigentlich? Zitat:
Lösung 2: es ist nötig, du solltest dein Surfverhalten, deine eingesetze Software umstellen. (und hoffentlich nutzt du Spybot Search&Destroy und keinen Spybot) http://www.trojaner-board.com/images...es/biggrin.gif Shadow der schon die Hoffnung aufgegeben hat, dass 'man' die Begriffe "Trojaner" und "Spybot"/"Spybot S&D" sinngemäß benutzt. |
|
Ich hab jetzt die hijackthis.log und die mwav.log wie kann ich die euch zeigen dass ihr mir weiterhelfen könnt? Kann ich die einem per eMail oder icq schicken? Danke! Ich habe WIndows XP |
Zitat:
Da hier begonnen würde ich (Mods mögen mich korrigieren) es hier reinschreiben, beachte aber auch http://www.trojaner-board.com/showthread.php?t=22770 |
mein Problem ist dass ich nicht weis wie ich das hier reinstellen kann dass ihr sie lesen könnt! Deswegen wollte ich es per icq oder eMail verschicken! |
Zitat:
Gruss Expert |
AAAAALLLLSSSSoooo wenn du HJT/eScan durchlaufen hast lassen (komischer satzbau), dann kommt da immer eine sogenannte Textdatei. Wenn du in dieser Textdatei bist einfach irgendwoe hinklicken und Strg+A machen, dann müsste die ganze Schrift die Farbe gewechselt haben und dannn machst du einfach Strg+C und wenn du dann hier in's forum schreibst, dann einfach strg+V und das ganze hast du hier eingefügt. |
Ich musste den Text dritteln, er war zu lang! mwav.log: Sat Oct 29 10:54:00 2005 => ********************************************************** Sat Oct 29 10:54:00 2005 => Version 7.2.7 (C:\Bases_X\mwavscan.com) Sat Oct 29 10:54:00 2005 => Log File: C:\Bases_X\MWAV.LOG Sat Oct 29 10:54:00 2005 => MWAV Registered: FALSE. Sat Oct 29 10:54:00 2005 => MWAV Mode: Only Scan files. Sat Oct 29 10:54:01 2005 => Latest Date of files inside MWAV: 21 Oct 2005 13:06:37. Sat Oct 29 10:54:01 2005 => Regvalue RestrictAnonymous Reset. This could be part of a worm!!! Sat Oct 29 10:54:05 2005 => AV Library Loaded... Sat Oct 29 10:54:05 2005 => MWAV doing self scanning... Sat Oct 29 10:54:05 2005 => Scanning File C:\Bases_X\kavss.exe Sat Oct 29 10:54:05 2005 => Scanning File C:\Bases_X\Getvlist.exe Sat Oct 29 10:54:05 2005 => Scanning File C:\Bases_X\kavss.dll Sat Oct 29 10:54:05 2005 => Scanning File C:\Bases_X\kavssdi.dll Sat Oct 29 10:54:05 2005 => Scanning File C:\Bases_X\kavssi.dll Sat Oct 29 10:54:05 2005 => Scanning File C:\Bases_X\kavvlg.dll Sat Oct 29 10:54:05 2005 => Scanning File C:\Bases_X\msvlclnt.dll Sat Oct 29 10:54:05 2005 => Scanning File C:\Bases_X\ipc.dll Sat Oct 29 10:54:06 2005 => Scanning File C:\Bases_X\main.avi Sat Oct 29 10:54:06 2005 => Scanning File C:\Bases_X\virus.avi Sat Oct 29 10:54:06 2005 => MWAV files are clean. Sat Oct 29 10:54:10 2005 => Virus Database Date: 2005/10/21 Sat Oct 29 10:54:10 2005 => Virus Database Count: 155382 Sat Oct 29 10:54:49 2005 => ********************************************************** Sat Oct 29 10:54:49 2005 => MicroWorld Anti Virus & Spyware Toolkit Utility. Sat Oct 29 10:54:49 2005 => Copyright © 2003-2005, MicroWorld Technologies Inc. Sat Oct 29 10:54:49 2005 => Sat Oct 29 10:54:49 2005 => Support: support@mwti.net Sat Oct 29 10:54:49 2005 => Web: http://www.mwti.net Sat Oct 29 10:54:49 2005 => ********************************************************** Sat Oct 29 10:54:49 2005 => Version 7.2.7 (C:\Bases_X\mwavscan.com) Sat Oct 29 10:54:49 2005 => Log File: C:\Bases_X\MWAV.LOG Sat Oct 29 10:54:49 2005 => User Account: XP-User Sat Oct 29 10:54:49 2005 => Windows Root Folder: C:\WINDOWS Sat Oct 29 10:54:49 2005 => Windows Sys32 Folder: C:\WINDOWS\system32 Sat Oct 29 10:54:49 2005 => OS: Windows NT Sat Oct 29 10:54:49 2005 => Latest Date of files inside MWAV: 21 Oct 2005 13:06:37. Sat Oct 29 10:54:49 2005 => Options Selected by User: Sat Oct 29 10:54:49 2005 => Memory Check: Enabled Sat Oct 29 10:54:49 2005 => Registry Check: Enabled Sat Oct 29 10:54:49 2005 => StartUp Folder Check: Disabled Sat Oct 29 10:54:49 2005 => System Folder Check: Disabled Sat Oct 29 10:54:49 2005 => System Area Check: Disabled Sat Oct 29 10:54:49 2005 => Services Check: Enabled Sat Oct 29 10:54:49 2005 => Drive Check: Disabled Sat Oct 29 10:54:49 2005 => All Drive Check :Enabled Sat Oct 29 10:54:49 2005 => Folder Check: Disabled Sat Oct 29 10:54:49 2005 => ***** Scanning Memory Files ***** Sat Oct 29 10:54:49 2005 => Scanning File C:\WINDOWS\System32\smss.exe Sat Oct 29 10:54:49 2005 => Scanning File C:\WINDOWS\system32\ntdll.dll Sat Oct 29 10:54:49 2005 => Scanning File C:\WINDOWS\SYSTEM32\CSRSS.EXE Sat Oct 29 10:54:49 2005 => Scanning File C:\WINDOWS\system32\CSRSRV.dll Sat Oct 29 10:54:49 2005 => Scanning File C:\WINDOWS\system32\basesrv.dll Sat Oct 29 10:54:49 2005 => Scanning File C:\WINDOWS\system32\winsrv.dll Sat Oct 29 10:54:49 2005 => Scanning File C:\WINDOWS\system32\GDI32.dll Sat Oct 29 10:54:49 2005 => Scanning File C:\WINDOWS\system32\KERNEL32.dll Sat Oct 29 10:54:50 2005 => Scanning File C:\WINDOWS\system32\USER32.dll Sat Oct 29 10:54:50 2005 => Scanning File C:\WINDOWS\system32\sxs.dll Sat Oct 29 10:54:50 2005 => Scanning File C:\WINDOWS\system32\ADVAPI32.dll Sat Oct 29 10:54:50 2005 => Scanning File C:\WINDOWS\system32\RPCRT4.dll Sat Oct 29 10:54:50 2005 => Scanning File C:\WINDOWS\SYSTEM32\WINLOGON.EXE Sat Oct 29 10:54:50 2005 => Scanning File C:\WINDOWS\system32\AUTHZ.dll Sat Oct 29 10:54:50 2005 => Scanning File C:\WINDOWS\system32\msvcrt.dll Sat Oct 29 10:54:50 2005 => Scanning File C:\WINDOWS\system32\CRYPT32.dll Sat Oct 29 10:54:50 2005 => Scanning File C:\WINDOWS\system32\MSASN1.dll Sat Oct 29 10:54:50 2005 => Scanning File C:\WINDOWS\system32\NDdeApi.dll Sat Oct 29 10:54:50 2005 => Scanning File C:\WINDOWS\system32\PROFMAP.dll Sat Oct 29 10:54:50 2005 => Scanning File C:\WINDOWS\system32\NETAPI32.dll Sat Oct 29 10:54:50 2005 => Scanning File C:\WINDOWS\system32\USERENV.dll Sat Oct 29 10:54:50 2005 => Scanning File C:\WINDOWS\system32\PSAPI.DLL Sat Oct 29 10:54:50 2005 => Scanning File C:\WINDOWS\system32\REGAPI.dll Sat Oct 29 10:54:50 2005 => Scanning File C:\WINDOWS\system32\Secur32.dll Sat Oct 29 10:54:50 2005 => Scanning File C:\WINDOWS\system32\SETUPAPI.dll Sat Oct 29 10:54:50 2005 => Scanning File C:\WINDOWS\system32\VERSION.dll Sat Oct 29 10:54:50 2005 => Scanning File C:\WINDOWS\system32\WINSTA.dll Sat Oct 29 10:54:50 2005 => Scanning File C:\WINDOWS\system32\WINTRUST.dll Sat Oct 29 10:54:50 2005 => Scanning File C:\WINDOWS\system32\IMAGEHLP.dll Sat Oct 29 10:54:50 2005 => Scanning File C:\WINDOWS\system32\WS2_32.dll Sat Oct 29 10:54:50 2005 => Scanning File C:\WINDOWS\system32\WS2HELP.dll Sat Oct 29 10:54:50 2005 => Scanning File C:\WINDOWS\system32\MSGINA.dll Sat Oct 29 10:54:50 2005 => Scanning File C:\WINDOWS\system32\SHELL32.dll Sat Oct 29 10:54:51 2005 => Scanning File C:\WINDOWS\system32\SHLWAPI.dll Sat Oct 29 10:54:51 2005 => Scanning File C:\WINDOWS\system32\COMCTL32.dll Sat Oct 29 10:54:51 2005 => Scanning File C:\WINDOWS\system32\ODBC32.dll Sat Oct 29 10:54:51 2005 => Scanning File C:\WINDOWS\system32\comdlg32.dll Sat Oct 29 10:54:51 2005 => Scanning File C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll Sat Oct 29 10:54:51 2005 => Scanning File C:\WINDOWS\system32\odbcint.dll Sat Oct 29 10:54:51 2005 => Scanning File C:\WINDOWS\system32\SHSVCS.dll Sat Oct 29 10:54:51 2005 => Scanning File C:\WINDOWS\system32\sfc.dll Sat Oct 29 10:54:51 2005 => Scanning File C:\WINDOWS\system32\sfc_os.dll Sat Oct 29 10:54:51 2005 => Scanning File C:\WINDOWS\system32\ole32.dll Sat Oct 29 10:54:51 2005 => Scanning File C:\WINDOWS\system32\Apphelp.dll Sat Oct 29 10:54:51 2005 => Scanning File C:\WINDOWS\system32\WINSCARD.DLL Sat Oct 29 10:54:51 2005 => Scanning File C:\WINDOWS\system32\WTSAPI32.dll Sat Oct 29 10:54:51 2005 => Scanning File C:\WINDOWS\system32\WINMM.dll Sat Oct 29 10:54:51 2005 => Scanning File C:\WINDOWS\system32\uxtheme.dll Sat Oct 29 10:54:51 2005 => Scanning File C:\WINDOWS\system32\cscdll.dll Sat Oct 29 10:54:51 2005 => Scanning File C:\WINDOWS\system32\rsaenh.dll Sat Oct 29 10:54:51 2005 => Scanning File C:\WINDOWS\system32\WlNotify.dll Sat Oct 29 10:54:51 2005 => Scanning File C:\WINDOWS\system32\WINSPOOL.DRV Sat Oct 29 10:54:51 2005 => Scanning File C:\WINDOWS\system32\MPR.dll Sat Oct 29 10:54:51 2005 => Scanning File C:\WINDOWS\system32\SAMLIB.dll Sat Oct 29 10:54:51 2005 => Scanning File C:\WINDOWS\system32\msv1_0.dll Sat Oct 29 10:54:51 2005 => Scanning File C:\WINDOWS\system32\iphlpapi.dll Sat Oct 29 10:54:51 2005 => Scanning File C:\WINDOWS\system32\cscui.dll Sat Oct 29 10:54:51 2005 => Scanning File C:\WINDOWS\system32\MPRAPI.dll Sat Oct 29 10:54:51 2005 => Scanning File C:\WINDOWS\system32\ACTIVEDS.dll Sat Oct 29 10:54:52 2005 => Scanning File C:\WINDOWS\system32\adsldpc.dll Sat Oct 29 10:54:52 2005 => Scanning File C:\WINDOWS\system32\WLDAP32.dll Sat Oct 29 10:54:52 2005 => Scanning File C:\WINDOWS\system32\ATL.DLL Sat Oct 29 10:54:52 2005 => Scanning File C:\WINDOWS\system32\OLEAUT32.dll Sat Oct 29 10:54:52 2005 => Scanning File C:\WINDOWS\system32\rtutils.dll Sat Oct 29 10:54:52 2005 => Scanning File C:\WINDOWS\system32\xpsp2res.dll Sat Oct 29 10:54:52 2005 => Scanning File C:\WINDOWS\system32\NTMARTA.DLL Sat Oct 29 10:54:52 2005 => Scanning File C:\WINDOWS\system32\wdmaud.drv Sat Oct 29 10:54:52 2005 => Scanning File C:\WINDOWS\system32\msacm32.drv Sat Oct 29 10:54:52 2005 => Scanning File C:\WINDOWS\system32\MSACM32.dll Sat Oct 29 10:54:52 2005 => Scanning File C:\WINDOWS\system32\midimap.dll Sat Oct 29 10:54:52 2005 => Scanning File C:\WINDOWS\system32\COMRes.dll Sat Oct 29 10:54:52 2005 => Scanning File C:\WINDOWS\system32\CLBCATQ.DLL Sat Oct 29 10:54:52 2005 => Scanning File C:\WINDOWS\etb\nt_hide78.dll Sat Oct 29 10:54:52 2005 => Scanning File C:\WINDOWS\system32\urlmon.dll Sat Oct 29 10:54:52 2005 => Scanning File C:\WINDOWS\system32\mlang.dll Sat Oct 29 10:54:52 2005 => Scanning File C:\WINDOWS\system32\WININET.dll Sat Oct 29 10:54:52 2005 => Scanning File C:\WINDOWS\system32\wsock32.dll Sat Oct 29 10:54:52 2005 => Scanning File C:\WINDOWS\system32\mswsock.dll Sat Oct 29 10:54:53 2005 => Scanning File C:\WINDOWS\system32\hnetcfg.dll Sat Oct 29 10:54:53 2005 => Scanning File C:\WINDOWS\System32\wshtcpip.dll Sat Oct 29 10:54:53 2005 => Scanning File C:\WINDOWS\system32\RASAPI32.DLL Sat Oct 29 10:54:53 2005 => Scanning File C:\WINDOWS\system32\rasman.dll Sat Oct 29 10:54:53 2005 => Scanning File C:\WINDOWS\system32\TAPI32.dll Sat Oct 29 10:54:53 2005 => Scanning File C:\WINDOWS\system32\sensapi.dll Sat Oct 29 10:54:53 2005 => Scanning File C:\WINDOWS\System32\wship6.dll Sat Oct 29 10:54:53 2005 => Scanning File C:\WINDOWS\system32\services.exe Sat Oct 29 10:54:53 2005 => Scanning File C:\WINDOWS\system32\SCESRV.dll Sat Oct 29 10:54:53 2005 => Scanning File C:\WINDOWS\system32\umpnpmgr.dll Sat Oct 29 10:54:53 2005 => Scanning File C:\WINDOWS\system32\NCObjAPI.DLL Sat Oct 29 10:54:53 2005 => Scanning File C:\WINDOWS\system32\MSVCP60.dll Sat Oct 29 10:54:53 2005 => Scanning File C:\WINDOWS\system32\ShimEng.dll Sat Oct 29 10:54:53 2005 => Scanning File C:\WINDOWS\AppPatch\AcGenral.DLL Sat Oct 29 10:54:53 2005 => Scanning File C:\WINDOWS\system32\eventlog.dll Sat Oct 29 10:54:53 2005 => Scanning File C:\WINDOWS\system32\lsass.exe Sat Oct 29 10:54:53 2005 => Scanning File C:\WINDOWS\system32\LSASRV.dll Sat Oct 29 10:54:53 2005 => Scanning File C:\WINDOWS\system32\NTDSAPI.dll Sat Oct 29 10:54:53 2005 => Scanning File C:\WINDOWS\system32\DNSAPI.dll Sat Oct 29 10:54:53 2005 => Scanning File C:\WINDOWS\system32\SAMSRV.dll Sat Oct 29 10:54:53 2005 => Scanning File C:\WINDOWS\system32\cryptdll.dll Sat Oct 29 10:54:53 2005 => Scanning File C:\WINDOWS\system32\msprivs.dll Sat Oct 29 10:54:53 2005 => Scanning File C:\WINDOWS\system32\kerberos.dll Sat Oct 29 10:54:53 2005 => Scanning File C:\WINDOWS\system32\netlogon.dll Sat Oct 29 10:54:54 2005 => Scanning File C:\WINDOWS\system32\w32time.dll Sat Oct 29 10:54:54 2005 => Scanning File C:\WINDOWS\system32\schannel.dll Sat Oct 29 10:54:54 2005 => Scanning File C:\WINDOWS\system32\wdigest.dll Sat Oct 29 10:54:54 2005 => Scanning File C:\WINDOWS\system32\scecli.dll Sat Oct 29 10:54:54 2005 => Scanning File C:\WINDOWS\system32\ipsecsvc.dll Sat Oct 29 10:54:54 2005 => Scanning File C:\WINDOWS\system32\oakley.DLL Sat Oct 29 10:54:54 2005 => Scanning File C:\WINDOWS\system32\WINIPSEC.DLL Sat Oct 29 10:54:54 2005 => Scanning File C:\WINDOWS\system32\pstorsvc.dll Sat Oct 29 10:54:54 2005 => Scanning File C:\WINDOWS\system32\psbase.dll Sat Oct 29 10:54:54 2005 => Scanning File C:\WINDOWS\system32\dssenh.dll Sat Oct 29 10:54:54 2005 => Scanning File C:\WINDOWS\system32\svchost.exe Sat Oct 29 10:54:54 2005 => Scanning File c:\windows\system32\rpcss.dll Sat Oct 29 10:54:54 2005 => Scanning File c:\windows\system32\termsrv.dll Sat Oct 29 10:54:54 2005 => Scanning File c:\windows\system32\ICAAPI.dll Sat Oct 29 10:54:54 2005 => Scanning File c:\windows\system32\mstlsapi.dll Sat Oct 29 10:54:54 2005 => Scanning File C:\WINDOWS\System32\wshisn.dll Sat Oct 29 10:54:54 2005 => Scanning File C:\WINDOWS\System32\winrnr.dll Sat Oct 29 10:54:54 2005 => Scanning File C:\WINDOWS\system32\rasadhlp.dll Sat Oct 29 10:54:54 2005 => Scanning File C:\WINDOWS\System32\nwprovau.dll Sat Oct 29 10:54:54 2005 => Scanning File c:\windows\system32\dhcpcsvc.dll Sat Oct 29 10:54:54 2005 => Scanning File c:\windows\system32\wzcsvc.dll Sat Oct 29 10:54:54 2005 => Scanning File c:\windows\system32\WMI.dll Sat Oct 29 10:54:54 2005 => Scanning File c:\windows\system32\ESENT.dll Sat Oct 29 10:54:54 2005 => Scanning File C:\WINDOWS\System32\rastls.dll Sat Oct 29 10:54:54 2005 => Scanning File C:\WINDOWS\system32\CRYPTUI.dll Sat Oct 29 10:54:54 2005 => Scanning File C:\WINDOWS\System32\raschap.dll Sat Oct 29 10:54:54 2005 => Scanning File c:\windows\system32\schedsvc.dll Sat Oct 29 10:54:54 2005 => Scanning File C:\WINDOWS\System32\MSIDLE.DLL Sat Oct 29 10:54:54 2005 => Scanning File c:\windows\system32\audiosrv.dll Sat Oct 29 10:54:54 2005 => Scanning File c:\windows\system32\wkssvc.dll Sat Oct 29 10:54:55 2005 => Scanning File c:\windows\system32\cryptsvc.dll Sat Oct 29 10:54:55 2005 => Scanning File c:\windows\system32\certcli.dll Sat Oct 29 10:54:55 2005 => Scanning File c:\windows\system32\netman.dll Sat Oct 29 10:54:55 2005 => Scanning File c:\windows\system32\netshell.dll Sat Oct 29 10:54:55 2005 => Scanning File c:\windows\system32\credui.dll Sat Oct 29 10:54:55 2005 => Scanning File c:\windows\system32\WZCSAPI.DLL Sat Oct 29 10:54:55 2005 => Scanning File c:\windows\system32\srvsvc.dll Sat Oct 29 10:54:55 2005 => Scanning File c:\windows\pchealth\helpctr\binaries\pchsvc.dll Sat Oct 29 10:54:55 2005 => Scanning File c:\windows\system32\es.dll Sat Oct 29 10:54:55 2005 => Scanning File c:\windows\system32\ipxsap.dll Sat Oct 29 10:54:55 2005 => Scanning File c:\windows\system32\rtm.dll Sat Oct 29 10:54:55 2005 => Scanning File c:\windows\system32\adptif.dll Sat Oct 29 10:54:55 2005 => Scanning File c:\windows\system32\trkwks.dll Sat Oct 29 10:54:55 2005 => Scanning File c:\windows\system32\srsvc.dll Sat Oct 29 10:54:55 2005 => Scanning File c:\windows\system32\POWRPROF.dll Sat Oct 29 10:54:56 2005 => Scanning File c:\windows\system32\seclogon.dll Sat Oct 29 10:54:56 2005 => Scanning File C:\WINDOWS\System32\WINHTTP.dll Sat Oct 29 10:54:56 2005 => Scanning File C:\WINDOWS\System32\wbem\wbemcomn.dll Sat Oct 29 10:54:56 2005 => Scanning File C:\WINDOWS\System32\netcfgx.dll Sat Oct 29 10:54:56 2005 => Scanning File C:\WINDOWS\System32\CLUSAPI.dll Sat Oct 29 10:54:56 2005 => Scanning File C:\WINDOWS\System32\rasmans.dll Sat Oct 29 10:54:56 2005 => Scanning File C:\WINDOWS\System32\Sens.dll Sat Oct 29 10:54:56 2005 => Scanning File c:\windows\system32\wbem\wmisvc.dll Sat Oct 29 10:54:56 2005 => Scanning File C:\WINDOWS\system32\VSSAPI.DLL Sat Oct 29 10:54:56 2005 => Scanning File c:\windows\system32\browser.dll Sat Oct 29 10:54:56 2005 => Scanning File c:\windows\system32\wuauserv.dll Sat Oct 29 10:54:56 2005 => Scanning File c:\windows\system32\ipnathlp.dll Sat Oct 29 10:54:56 2005 => Scanning File C:\WINDOWS\system32\wuaueng.dll Sat Oct 29 10:54:56 2005 => Scanning File C:\WINDOWS\System32\ADVPACK.dll Sat Oct 29 10:54:56 2005 => Scanning File C:\WINDOWS\System32\SHFOLDER.dll Sat Oct 29 10:54:56 2005 => Scanning File C:\WINDOWS\System32\Cabinet.dll Sat Oct 29 10:54:56 2005 => Scanning File C:\WINDOWS\System32\mspatcha.dll Sat Oct 29 10:54:56 2005 => Scanning File c:\windows\system32\6to4svc.dll Sat Oct 29 10:54:56 2005 => Scanning File C:\WINDOWS\system32\comsvcs.dll Sat Oct 29 10:54:56 2005 => Scanning File C:\WINDOWS\system32\MTXCLU.DLL Sat Oct 29 10:54:56 2005 => Scanning File C:\WINDOWS\system32\colbact.DLL Sat Oct 29 10:54:56 2005 => Scanning File C:\WINDOWS\System32\RESUTILS.DLL Sat Oct 29 10:54:57 2005 => Scanning File C:\WINDOWS\System32\Wbem\wbemcore.dll Sat Oct 29 10:54:57 2005 => Scanning File C:\WINDOWS\System32\Wbem\esscli.dll Sat Oct 29 10:54:57 2005 => Scanning File C:\WINDOWS\System32\Wbem\FastProx.dll Sat Oct 29 10:54:57 2005 => Scanning File C:\WINDOWS\System32\wbem\wmiutils.dll Sat Oct 29 10:54:57 2005 => Scanning File C:\WINDOWS\System32\wbem\repdrvfs.dll Sat Oct 29 10:54:57 2005 => Scanning File C:\WINDOWS\System32\wbem\wmiprvsd.dll Sat Oct 29 10:54:57 2005 => Scanning File C:\WINDOWS\System32\wbem\wbemess.dll Sat Oct 29 10:54:57 2005 => Scanning File c:\windows\system32\tapisrv.dll Sat Oct 29 10:54:57 2005 => Scanning File C:\WINDOWS\System32\rastapi.dll Sat Oct 29 10:54:57 2005 => Scanning File C:\WINDOWS\System32\unimdm.tsp Sat Oct 29 10:54:57 2005 => Scanning File C:\WINDOWS\System32\uniplat.dll Sat Oct 29 10:54:57 2005 => Scanning File C:\WINDOWS\System32\kmddsp.tsp Sat Oct 29 10:54:57 2005 => Scanning File C:\WINDOWS\System32\ndptsp.tsp Sat Oct 29 10:54:57 2005 => Scanning File C:\WINDOWS\System32\ipconf.tsp Sat Oct 29 10:54:57 2005 => Scanning File C:\WINDOWS\System32\h323.tsp Sat Oct 29 10:54:57 2005 => Scanning File C:\WINDOWS\System32\hidphone.tsp Sat Oct 29 10:54:57 2005 => Scanning File C:\WINDOWS\System32\HID.DLL Sat Oct 29 10:54:57 2005 => Scanning File C:\WINDOWS\System32\rasppp.dll Sat Oct 29 10:54:57 2005 => Scanning File C:\WINDOWS\System32\ntlsapi.dll Sat Oct 29 10:54:57 2005 => Scanning File C:\WINDOWS\System32\ipxwan.dll Sat Oct 29 10:54:57 2005 => Scanning File C:\WINDOWS\System32\RASDLG.dll Sat Oct 29 10:54:57 2005 => Scanning File C:\WINDOWS\System32\wbem\ncprov.dll Sat Oct 29 10:54:57 2005 => Scanning File C:\WINDOWS\System32\wups.dll Sat Oct 29 10:54:57 2005 => Scanning File C:\WINDOWS\System32\wbem\wbemsvc.dll Sat Oct 29 10:54:57 2005 => Scanning File c:\windows\system32\dnsrslvr.dll Sat Oct 29 10:54:57 2005 => Scanning File c:\windows\system32\lmhsvc.dll Sat Oct 29 10:54:57 2005 => Scanning File c:\windows\system32\webclnt.dll Sat Oct 29 10:54:58 2005 => Scanning File C:\WINDOWS\system32\LEXBCES.EXE Sat Oct 29 10:54:58 2005 => Scanning File C:\WINDOWS\system32\lexp2p32.dll Sat Oct 29 10:54:58 2005 => Scanning File C:\WINDOWS\system32\lex2kusb.dll Sat Oct 29 10:54:58 2005 => Scanning File C:\WINDOWS\system32\LEXPPS.EXE Sat Oct 29 10:54:58 2005 => Scanning File C:\WINDOWS\system32\LEXBCE.DLL Sat Oct 29 10:54:58 2005 => Scanning File C:\WINDOWS\system32\spoolsv.exe Sat Oct 29 10:54:58 2005 => Scanning File C:\WINDOWS\system32\SPOOLSS.DLL Sat Oct 29 10:54:58 2005 => Scanning File C:\WINDOWS\system32\localspl.dll Sat Oct 29 10:54:58 2005 => Scanning File C:\WINDOWS\system32\cnbjmon.dll Sat Oct 29 10:54:58 2005 => Scanning File C:\WINDOWS\system32\EBPMON24.DLL Sat Oct 29 10:54:58 2005 => Scanning File C:\WINDOWS\system32\LEXLMPM.DLL Sat Oct 29 10:54:58 2005 => Scanning File C:\WINDOWS\system32\pjlmon.dll Sat Oct 29 10:54:58 2005 => Scanning File C:\WINDOWS\system32\tcpmon.dll Sat Oct 29 10:54:58 2005 => Scanning File C:\WINDOWS\system32\usbmon.dll Sat Oct 29 10:54:58 2005 => Scanning File C:\WINDOWS\system32\win32spl.dll Sat Oct 29 10:54:58 2005 => Scanning File C:\WINDOWS\system32\NETRAP.dll Sat Oct 29 10:54:58 2005 => Scanning File C:\WINDOWS\system32\inetpp.dll Sat Oct 29 10:54:58 2005 => Scanning File C:\WINDOWS\Explorer.EXE Sat Oct 29 10:54:58 2005 => Scanning File C:\WINDOWS\system32\BROWSEUI.dll Sat Oct 29 10:54:58 2005 => Scanning File C:\WINDOWS\system32\SHDOCVW.dll Sat Oct 29 10:54:58 2005 => Scanning File C:\WINDOWS\System32\themeui.dll Sat Oct 29 10:54:59 2005 => Scanning File C:\WINDOWS\System32\MSIMG32.dll Sat Oct 29 10:54:59 2005 => Scanning File C:\WINDOWS\system32\ntshrui.dll Sat Oct 29 10:54:59 2005 => Scanning File C:\WINDOWS\system32\LINKINFO.dll Sat Oct 29 10:54:59 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll Sat Oct 29 10:54:59 2005 => Scanning File C:\WINDOWS\System32\stobject.dll Sat Oct 29 10:54:59 2005 => Scanning File C:\WINDOWS\System32\BatMeter.dll Sat Oct 29 10:54:59 2005 => Scanning File C:\WINDOWS\system32\upnpui.dll Sat Oct 29 10:54:59 2005 => Scanning File C:\WINDOWS\system32\msi.dll Sat Oct 29 10:54:59 2005 => Scanning File C:\WINDOWS\System32\drprov.dll Sat Oct 29 10:54:59 2005 => Scanning File C:\WINDOWS\System32\ntlanman.dll Sat Oct 29 10:54:59 2005 => Scanning File C:\WINDOWS\System32\NETUI0.dll Sat Oct 29 10:54:59 2005 => Scanning File C:\WINDOWS\System32\NETUI1.dll Sat Oct 29 10:54:59 2005 => Scanning File C:\WINDOWS\System32\davclnt.dll Sat Oct 29 10:54:59 2005 => Scanning File C:\WINDOWS\system32\shdoclc.dll Sat Oct 29 10:54:59 2005 => Scanning File C:\WINDOWS\system32\browselc.dll Sat Oct 29 10:54:59 2005 => Scanning File C:\WINDOWS\system32\DUSER.dll Sat Oct 29 10:54:59 2005 => Scanning File C:\WINDOWS\System32\mydocs.dll Sat Oct 29 10:54:59 2005 => Scanning File C:\WINDOWS\System32\msxml3.dll Sat Oct 29 10:54:59 2005 => Scanning File c:\windows\system32\jscript.dll Sat Oct 29 10:54:59 2005 => Scanning File C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll Sat Oct 29 10:54:59 2005 => Scanning File C:\WINDOWS\System32\sti.dll Sat Oct 29 10:54:59 2005 => Scanning File C:\WINDOWS\System32\CFGMGR32.dll Sat Oct 29 10:55:00 2005 => Scanning File C:\WINDOWS\System32\actxprxy.dll Sat Oct 29 10:55:00 2005 => Scanning File C:\Programme\FRITZ!DSL\IGDCTRL.EXE Sat Oct 29 10:55:00 2005 => Scanning File C:\Programme\FRITZ!DSL\avmcsock.dll Sat Oct 29 10:55:00 2005 => Scanning File C:\WINDOWS\system32\MSVCR71.dll Sat Oct 29 10:55:00 2005 => Scanning File C:\Programme\FRITZ!DSL\avmigd.dll Sat Oct 29 10:55:00 2005 => Scanning File C:\Programme\FRITZ!DSL\igdapi.dll Sat Oct 29 10:55:00 2005 => Scanning File C:\WINDOWS\system32\MFC71.DLL Sat Oct 29 10:55:00 2005 => Scanning File C:\Programme\FRITZ!DSL\avmssl.dll Sat Oct 29 10:55:00 2005 => Scanning File C:\Programme\FRITZ!DSL\SSLEAY32.dll Sat Oct 29 10:55:00 2005 => Scanning File C:\Programme\FRITZ!DSL\LIBEAY32.dll Sat Oct 29 10:55:00 2005 => Scanning File C:\PROGRA~1\GEMEIN~1\AVM\Avmconn.dll Sat Oct 29 10:55:00 2005 => Scanning File C:\Programme\AVPersonal\AVWUPSRV.EXE Sat Oct 29 10:55:00 2005 => Scanning File C:\WINDOWS\System32\nvsvc32.exe Sat Oct 29 10:55:01 2005 => Scanning File C:\WINDOWS\system32\pctspk.exe Sat Oct 29 10:55:01 2005 => Scanning File C:\WINDOWS\system32\AVIFIL32.dll Sat Oct 29 10:55:01 2005 => Scanning File C:\WINDOWS\system32\MSVFW32.dll Sat Oct 29 10:55:01 2005 => Scanning File C:\WINDOWS\system32\NVATray.exe Sat Oct 29 10:55:01 2005 => Scanning File c:\windows\system32\wiaservc.dll Sat Oct 29 10:55:01 2005 => Scanning File c:\windows\system32\mscms.dll Sat Oct 29 10:55:01 2005 => Scanning File C:\WINDOWS\system32\wdfmgr.exe Sat Oct 29 10:55:01 2005 => Scanning File C:\WINDOWS\system32\ZoneLabs\vsmon.exe Sat Oct 29 10:55:01 2005 => Scanning File C:\WINDOWS\system32\VSDATA.dll Sat Oct 29 10:55:01 2005 => Scanning File C:\WINDOWS\system32\VSINIT.dll Sat Oct 29 10:55:01 2005 => Scanning File C:\WINDOWS\system32\VSUTIL.dll Sat Oct 29 10:55:01 2005 => Scanning File C:\WINDOWS\system32\ZoneLabs\SSLEAY32.dll Sat Oct 29 10:55:01 2005 => Scanning File C:\WINDOWS\system32\ZoneLabs\dbghelp.dll Sat Oct 29 10:55:01 2005 => Scanning File C:\WINDOWS\system32\VSUTIL_Loc0407.dll Sat Oct 29 10:55:01 2005 => Scanning File C:\WINDOWS\system32\ZoneLabs\vsmon_Loc0407.dll Sat Oct 29 10:55:02 2005 => Scanning File C:\WINDOWS\system32\zlcomm.dll Sat Oct 29 10:55:02 2005 => Scanning File C:\WINDOWS\system32\ZLCommDB.dll Sat Oct 29 10:55:02 2005 => Scanning File C:\WINDOWS\system32\vsxml.dll Sat Oct 29 10:55:02 2005 => Scanning File C:\WINDOWS\system32\ZoneLabs\vsdb.dll Sat Oct 29 10:55:02 2005 => Scanning File C:\WINDOWS\system32\ZoneLabs\VSRULEDB.DLL Sat Oct 29 10:55:02 2005 => Scanning File C:\WINDOWS\system32\ZoneLabs\VSRULEDB_Loc0407.dll Sat Oct 29 10:55:02 2005 => Scanning File C:\WINDOWS\system32\ZoneLabs\vsvault.dll Sat Oct 29 10:55:02 2005 => Scanning File C:\WINDOWS\System32\wbem\wbemprox.dll Sat Oct 29 10:55:02 2005 => Scanning File C:\WINDOWS\system32\ZoneLabs\zlquarantine.dll Sat Oct 29 10:55:02 2005 => Scanning File C:\WINDOWS\system32\ZoneLabs\zlquarantine_Loc0407.dll Sat Oct 29 10:55:02 2005 => Scanning File C:\WINDOWS\system32\ZoneLabs\qrbase.dll Sat Oct 29 10:55:02 2005 => Scanning File C:\WINDOWS\system32\ZoneLabs\scheduler.dll Sat Oct 29 10:55:02 2005 => Scanning File C:\WINDOWS\system32\ZoneLabs\zlsre.dll Sat Oct 29 10:55:02 2005 => Scanning File C:\WINDOWS\system32\ZoneLabs\zlsre_Loc0407.dll Sat Oct 29 10:55:02 2005 => Scanning File C:\WINDOWS\system32\ZoneLabs\srescan.dll Sat Oct 29 10:55:03 2005 => Scanning File C:\WINDOWS\system32\ZoneLabs\qrsrecl.dll Sat Oct 29 10:55:03 2005 => Scanning File C:\WINDOWS\system32\ZoneLabs\camupd.dll Sat Oct 29 10:55:03 2005 => Scanning File C:\WINDOWS\system32\ZoneLabs\vsavpro.dll Sat Oct 29 10:55:03 2005 => Scanning File C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe Sat Oct 29 10:55:03 2005 => Scanning File C:\WINDOWS\system32\VSPUBAPI.dll |
Sat Oct 29 10:55:03 2005 => Scanning File C:\PROGRA~1\ZONELA~1\ZONEAL~1\framewrk.dll Sat Oct 29 10:55:03 2005 => Scanning File C:\PROGRA~1\ZONELA~1\ZONEAL~1\ZLCLIE~1.DLL Sat Oct 29 10:55:04 2005 => Scanning File C:\PROGRA~1\ZONELA~1\ZONEAL~1\FRAMEW~1.DLL Sat Oct 29 10:55:04 2005 => Scanning File C:\WINDOWS\system32\vsmonapi.dll Sat Oct 29 10:55:04 2005 => Scanning File C:\PROGRA~1\ZONELA~1\ZONEAL~1\alert.zap Sat Oct 29 10:55:04 2005 => Scanning File C:\PROGRA~1\ZONELA~1\ZONEAL~1\ALERT_~1.ZAP Sat Oct 29 10:55:04 2005 => Scanning File C:\PROGRA~1\ZONELA~1\ZONEAL~1\cam.zap Sat Oct 29 10:55:04 2005 => Scanning File C:\PROGRA~1\ZONELA~1\ZONEAL~1\CAM_LO~1.ZAP Sat Oct 29 10:55:04 2005 => Scanning File C:\PROGRA~1\ZONELA~1\ZONEAL~1\email.zap Sat Oct 29 10:55:04 2005 => Scanning File C:\PROGRA~1\ZONELA~1\ZONEAL~1\EMAIL_~1.ZAP Sat Oct 29 10:55:04 2005 => Scanning File C:\PROGRA~1\ZONELA~1\ZONEAL~1\filter.zap Sat Oct 29 10:55:04 2005 => Scanning File C:\PROGRA~1\ZONELA~1\ZONEAL~1\FILTER~1.ZAP Sat Oct 29 10:55:04 2005 => Scanning File C:\PROGRA~1\ZONELA~1\ZONEAL~1\firewall.zap Sat Oct 29 10:55:04 2005 => Scanning File C:\PROGRA~1\ZONELA~1\ZONEAL~1\FIREWA~1.ZAP Sat Oct 29 10:55:04 2005 => Scanning File C:\PROGRA~1\ZONELA~1\ZONEAL~1\idlock.zap Sat Oct 29 10:55:04 2005 => Scanning File C:\PROGRA~1\ZONELA~1\ZONEAL~1\IDLOCK~1.ZAP Sat Oct 29 10:55:04 2005 => Scanning File C:\PROGRA~1\ZONELA~1\ZONEAL~1\privacy.zap Sat Oct 29 10:55:04 2005 => Scanning File C:\PROGRA~1\ZONELA~1\ZONEAL~1\PRIVAC~1.ZAP Sat Oct 29 10:55:04 2005 => Scanning File C:\PROGRA~1\ZONELA~1\ZONEAL~1\programs.zap Sat Oct 29 10:55:04 2005 => Scanning File C:\PROGRA~1\ZONELA~1\ZONEAL~1\PROGRA~1.ZAP Sat Oct 29 10:55:04 2005 => Scanning File C:\PROGRA~1\ZONELA~1\ZONEAL~1\security.zap Sat Oct 29 10:55:05 2005 => Scanning File C:\PROGRA~1\ZONELA~1\ZONEAL~1\SECURI~1.ZAP Sat Oct 29 10:55:05 2005 => Scanning File C:\PROGRA~1\GEMEIN~1\MICROS~1\WORKSS~1\WkUFind.exe Sat Oct 29 10:55:05 2005 => Scanning File C:\Programme\Java\jre1.5.0_04\bin\jusched.exe Sat Oct 29 10:55:05 2005 => Scanning File C:\Programme\MsMovies\MsMovies.exe Sat Oct 29 10:55:33 2005 => File C:\Programme\MsMovies\MsMovies.exe infected by "Trojan-Dropper.Win32.WinAD.h" Virus! Action Taken: No Action Taken. Sat Oct 29 10:55:33 2005 => Scanning File C:\WINDOWS\system32\MSVBVM60.DLL Sat Oct 29 10:55:34 2005 => Scanning File C:\Programme\winupdates\winupdates.exe Sat Oct 29 10:55:34 2005 => File C:\Programme\winupdates\winupdates.exe infected by "Worm.Win32.VB.an" Virus! Action Taken: No Action Taken. Sat Oct 29 10:55:34 2005 => Scanning File C:\WINDOWS\etb\pokapoka78.exe Sat Oct 29 10:55:35 2005 => Scanning File C:\WINDOWS\system32\icmp.dll Sat Oct 29 10:55:35 2005 => Scanning File C:\WINDOWS\system32\avicap32.dll Sat Oct 29 10:55:35 2005 => Scanning File C:\PROGRA~1\GEMEIN~1\MICROS~1\WORKSS~1\wkcalrem.exe Sat Oct 29 10:55:35 2005 => Scanning File C:\WINDOWS\System32\alg.exe Sat Oct 29 10:55:35 2005 => Scanning File C:\Programme\ICQLite\ICQLite.exe Sat Oct 29 10:55:36 2005 => Scanning File C:\WINDOWS\system32\MFC42.DLL Sat Oct 29 10:55:36 2005 => Scanning File C:\Programme\ICQLite\ICQRT.dll Sat Oct 29 10:55:36 2005 => Scanning File C:\Programme\ICQLite\LiteSkinUtils.dll Sat Oct 29 10:55:36 2005 => Scanning File C:\Programme\ICQLite\ICQLSRP.dll Sat Oct 29 10:55:36 2005 => Scanning File C:\WINDOWS\system32\OLEPRO32.DLL Sat Oct 29 10:55:36 2005 => Scanning File C:\WINDOWS\system32\MFC42LOC.DLL Sat Oct 29 10:55:36 2005 => Scanning File C:\Programme\ICQLite\LiteRes.dll Sat Oct 29 10:55:36 2005 => Scanning File C:\Programme\ICQLite\actskin4.ocx Sat Oct 29 10:55:36 2005 => Scanning File C:\Programme\ICQLite\LiteUtil.dll Sat Oct 29 10:55:37 2005 => Scanning File C:\WINDOWS\system32\RICHED32.DLL Sat Oct 29 10:55:37 2005 => Scanning File C:\WINDOWS\system32\RICHED20.dll Sat Oct 29 10:55:37 2005 => Scanning File C:\Programme\ICQLite\MISB.dll Sat Oct 29 10:55:37 2005 => Scanning File C:\Programme\ICQLite\EmoExtractAsset.dll Sat Oct 29 10:55:37 2005 => Scanning File C:\WINDOWS\system32\asycfilt.dll Sat Oct 29 10:55:37 2005 => Scanning File C:\WINDOWS\System32\mshtml.dll Sat Oct 29 10:55:37 2005 => Scanning File C:\WINDOWS\System32\msls31.dll Sat Oct 29 10:55:37 2005 => Scanning File C:\WINDOWS\System32\vbscript.dll Sat Oct 29 10:55:37 2005 => Scanning File C:\WINDOWS\system32\IMM32.DLL Sat Oct 29 10:55:37 2005 => Scanning File C:\WINDOWS\system32\msdmo.dll Sat Oct 29 10:55:37 2005 => Scanning File C:\WINDOWS\system32\macromed\flash\Flash.ocx Sat Oct 29 10:55:37 2005 => Scanning File C:\WINDOWS\System32\iepeers.dll Sat Oct 29 10:55:37 2005 => Scanning File C:\Programme\ICQLite\ICQLiteShell.dll Sat Oct 29 10:55:37 2005 => Scanning File C:\PROGRA~1\INTERN~1\iexplore.exe Sat Oct 29 10:55:37 2005 => Scanning File C:\DOKUME~1\XP-User\LOKALE~1\Temp\262450_1452_1624_1000_78.41.tmp Sat Oct 29 10:55:38 2005 => Scanning File C:\PROGRA~1\Adobe\ACROBA~2.0\ActiveX\PDFShell.dll Sat Oct 29 10:55:38 2005 => Scanning File C:\Programme\Illustrate\dBpowerAMP\dBShell.dll Sat Oct 29 10:55:38 2005 => Scanning File C:\WINDOWS\System32\msimtf.dll Sat Oct 29 10:55:38 2005 => Scanning File C:\WINDOWS\System32\MSCTF.dll Sat Oct 29 10:55:38 2005 => Scanning File C:\WINDOWS\system32\ImgUtil.dll Sat Oct 29 10:55:38 2005 => Scanning File C:\WINDOWS\System32\pngfilt.dll Sat Oct 29 10:55:38 2005 => Scanning File C:\WINDOWS\system32\dxtrans.dll Sat Oct 29 10:55:38 2005 => Scanning File C:\WINDOWS\System32\ddrawex.dll Sat Oct 29 10:55:38 2005 => Scanning File C:\WINDOWS\System32\DDRAW.dll Sat Oct 29 10:55:38 2005 => Scanning File C:\WINDOWS\System32\DCIMAN32.dll Sat Oct 29 10:55:38 2005 => Scanning File C:\WINDOWS\system32\dxtmsft.dll Sat Oct 29 10:55:38 2005 => Scanning File C:\WINDOWS\System32\mshtmled.dll Sat Oct 29 10:55:38 2005 => Scanning File C:\PROGRA~1\MICROS~4\Office10\msohev.dll Sat Oct 29 10:55:38 2005 => Scanning File C:\DOKUME~1\XP-User\LOKALE~1\Temp\721656_1452_1624_2400_78.41.tmp Sat Oct 29 10:55:38 2005 => Scanning File C:\DOKUME~1\XP-User\LOKALE~1\Temp\394006_1452_1624_2460_78.41.tmp Sat Oct 29 10:55:39 2005 => Scanning File C:\WINDOWS\System32\msieftp.dll Sat Oct 29 10:55:39 2005 => Scanning File C:\WINDOWS\system32\plugin.ocx Sat Oct 29 10:55:39 2005 => Scanning File C:\Bases_X\mwavscan.com Sat Oct 29 10:55:39 2005 => Scanning File C:\Bases_X\msvlclnt.dll Sat Oct 29 10:55:39 2005 => Scanning File C:\Bases_X\kavssdi.dll Sat Oct 29 10:55:39 2005 => Scanning File C:\Bases_X\kavssd.dll Sat Oct 29 10:55:39 2005 => Scanning File C:\Bases_X\kavssi.dll Sat Oct 29 10:55:39 2005 => Scanning File C:\Bases_X\ipc.dll Sat Oct 29 10:55:39 2005 => Scanning File C:\Bases_X\RICHED32.DLL Sat Oct 29 10:55:39 2005 => Scanning File C:\Bases_X\PSAPI.DLL Sat Oct 29 10:55:39 2005 => Scanning File C:\WINDOWS\system32\VDMDBG.DLL Sat Oct 29 10:55:39 2005 => Scanning File C:\Bases_X\kavss.exe Sat Oct 29 10:55:39 2005 => Scanning File C:\Bases_X\kavss.dll Sat Oct 29 10:55:39 2005 => ***** Scanning Registry Files ***** Sat Oct 29 10:55:39 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad Sat Oct 29 10:55:39 2005 => Scanning File C:\WINDOWS\system32\SHELL32.dll Sat Oct 29 10:55:39 2005 => Scanning File C:\WINDOWS\system32\SHELL32.dll Sat Oct 29 10:55:39 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll Sat Oct 29 10:55:39 2005 => Scanning File C:\WINDOWS\System32\stobject.dll Sat Oct 29 10:55:39 2005 => Scanning File C:\WINDOWS\system32\upnpui.dll Sat Oct 29 10:55:39 2005 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad Sat Oct 29 10:55:39 2005 => Scanning HKLM\SOFTWARE\Microsoft\Internet Explorer\Plugins\Extension Sat Oct 29 10:55:39 2005 => Scanning HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar Sat Oct 29 10:55:39 2005 => Scanning File C:\Programme\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll Sat Oct 29 10:55:39 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects Sat Oct 29 10:55:39 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler Sat Oct 29 10:55:39 2005 => Scanning File C:\WINDOWS\System32\browseui.dll Sat Oct 29 10:55:39 2005 => Scanning File C:\WINDOWS\System32\browseui.dll Sat Oct 29 10:55:39 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved Sat Oct 29 10:55:39 2005 => Scanning File C:\WINDOWS\system32\mmsys.cpl Sat Oct 29 10:55:39 2005 => Scanning File C:\WINDOWS\system32\icmui.dll Sat Oct 29 10:55:40 2005 => Scanning File C:\WINDOWS\system32\rshx32.dll Sat Oct 29 10:55:40 2005 => Scanning File C:\WINDOWS\system32\docprop.dll Sat Oct 29 10:55:40 2005 => Scanning File C:\WINDOWS\system32\ntshrui.dll Sat Oct 29 10:55:40 2005 => Scanning File C:\WINDOWS\System32\themeui.dll Sat Oct 29 10:55:40 2005 => Scanning File C:\WINDOWS\system32\deskadp.dll Sat Oct 29 10:55:40 2005 => Scanning File C:\WINDOWS\system32\deskmon.dll Sat Oct 29 10:55:40 2005 => Scanning File C:\WINDOWS\system32\dssec.dll Sat Oct 29 10:55:40 2005 => Scanning File C:\WINDOWS\system32\SlayerXP.dll Sat Oct 29 10:55:40 2005 => Scanning File C:\WINDOWS\system32\shscrap.dll Sat Oct 29 10:55:40 2005 => Scanning File C:\WINDOWS\system32\diskcopy.dll Sat Oct 29 10:55:40 2005 => Scanning File C:\WINDOWS\system32\ntlanui2.dll Sat Oct 29 10:55:40 2005 => Scanning File C:\WINDOWS\System32\icmui.dll Sat Oct 29 10:55:40 2005 => Scanning File C:\WINDOWS\system32\icmui.dll Sat Oct 29 10:55:40 2005 => Scanning File C:\WINDOWS\system32\printui.dll Sat Oct 29 10:55:40 2005 => Scanning File C:\WINDOWS\system32\dskquoui.dll Sat Oct 29 10:55:40 2005 => Scanning File C:\WINDOWS\system32\syncui.dll Sat Oct 29 10:55:40 2005 => Scanning File C:\WINDOWS\System32\hticons.dll Sat Oct 29 10:55:40 2005 => Scanning File C:\WINDOWS\system32\fontext.dll Sat Oct 29 10:55:40 2005 => Scanning File C:\WINDOWS\system32\icmui.dll Sat Oct 29 10:55:40 2005 => Scanning File C:\WINDOWS\system32\rshx32.dll Sat Oct 29 10:55:40 2005 => Scanning File C:\WINDOWS\system32\ntshrui.dll Sat Oct 29 10:55:40 2005 => Scanning File C:\WINDOWS\system32\deskperf.dll Sat Oct 29 10:55:40 2005 => Scanning File C:\WINDOWS\system32\cryptext.dll Sat Oct 29 10:55:40 2005 => Scanning File C:\WINDOWS\system32\cryptext.dll Sat Oct 29 10:55:40 2005 => Scanning File C:\WINDOWS\system32\NETSHELL.dll Sat Oct 29 10:55:40 2005 => Scanning File C:\WINDOWS\system32\NETSHELL.dll Sat Oct 29 10:55:40 2005 => Scanning File C:\WINDOWS\system32\wiashext.dll Sat Oct 29 10:55:40 2005 => Scanning File C:\WINDOWS\system32\wiashext.dll Sat Oct 29 10:55:40 2005 => Scanning File C:\WINDOWS\system32\wiashext.dll Sat Oct 29 10:55:40 2005 => Scanning File C:\WINDOWS\system32\wiashext.dll Sat Oct 29 10:55:40 2005 => Scanning File C:\WINDOWS\system32\wiashext.dll Sat Oct 29 10:55:40 2005 => Scanning File C:\WINDOWS\System32\remotepg.dll Sat Oct 29 10:55:40 2005 => Scanning File C:\WINDOWS\System32\wshext.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\PROGRA~1\GEMEIN~1\System\OLEDB~1\oledb32.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\mstask.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\mstask.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\mstask.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\shmedia.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\shmedia.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\shmedia.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\shmedia.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\shmedia.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\shmedia.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\browseui.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\browseui.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\browseui.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\browseui.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\browseui.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\browseui.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\browseui.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\browseui.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\browseui.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\browseui.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\browseui.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\browseui.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\browseui.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\browseui.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\browseui.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\browseui.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\browseui.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\browseui.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\browseui.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\browseui.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\browseui.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\browseui.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\browseui.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\browseui.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\browseui.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\browseui.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\browseui.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\browseui.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\sendmail.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\sendmail.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\occache.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\appwiz.cpl Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\appwiz.cpl Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\appwiz.cpl Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\shimgvw.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\shimgvw.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\shimgvw.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\shimgvw.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\shimgvw.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\shimgvw.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\netplwiz.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\netplwiz.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\netplwiz.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\netplwiz.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\zipfldr.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\zipfldr.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\zipfldr.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\cdfview.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\cdfview.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\cdfview.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\cdfview.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\cdfview.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\msieftp.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\docprop2.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\docprop2.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\docprop2.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\docprop2.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\docprop2.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\docprop2.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\dsquery.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\dsquery.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\dsquery.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\dsquery.dll Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\dsuiext.dll Sat Oct 29 10:55:42 2005 => Scanning File C:\WINDOWS\System32\dsuiext.dll Sat Oct 29 10:55:42 2005 => Scanning File C:\WINDOWS\System32\mydocs.dll Sat Oct 29 10:55:42 2005 => Scanning File C:\WINDOWS\System32\mydocs.dll Sat Oct 29 10:55:42 2005 => Scanning File C:\WINDOWS\System32\mydocs.dll Sat Oct 29 10:55:42 2005 => Scanning File C:\WINDOWS\System32\cscui.dll Sat Oct 29 10:55:42 2005 => Scanning File C:\WINDOWS\System32\cscui.dll Sat Oct 29 10:55:42 2005 => Scanning File C:\WINDOWS\System32\cscui.dll Sat Oct 29 10:55:42 2005 => Scanning File C:\WINDOWS\msagent\agentpsh.dll Sat Oct 29 10:55:42 2005 => Scanning File C:\WINDOWS\System32\dfsshlex.dll Sat Oct 29 10:55:42 2005 => Scanning File C:\WINDOWS\System32\photowiz.dll Sat Oct 29 10:55:42 2005 => Scanning File C:\WINDOWS\System32\mmcshext.dll Sat Oct 29 10:55:42 2005 => Scanning File C:\WINDOWS\system32\cabview.dll Sat Oct 29 10:55:42 2005 => Scanning File C:\PROGRA~1\OUTLOO~1\wabfind.dll Sat Oct 29 10:55:42 2005 => Scanning File C:\WINDOWS\system32\wmpshell.dll Sat Oct 29 10:55:42 2005 => Scanning File C:\WINDOWS\system32\wmpshell.dll Sat Oct 29 10:55:42 2005 => Scanning File C:\WINDOWS\system32\wmpshell.dll Sat Oct 29 10:55:42 2005 => Scanning File C:\WINDOWS\system32\wuaucpl.cpl Sat Oct 29 10:55:42 2005 => Scanning File C:\WINDOWS\System32\nvshell.dll Sat Oct 29 10:55:42 2005 => Scanning File C:\WINDOWS\System32\nvshell.dll Sat Oct 29 10:55:42 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll Sat Oct 29 10:55:42 2005 => Scanning File C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL Sat Oct 29 10:55:43 2005 => Scanning File C:\PROGRA~1\MICROS~4\Office10\msohev.dll Sat Oct 29 10:55:43 2005 => Scanning File C:\WINDOWS\System32\nvshell.dll Sat Oct 29 10:55:43 2005 => Scanning File C:\PROGRA~1\MICROS~4\Office\OLKFSTUB.DLL Sat Oct 29 10:55:43 2005 => Scanning File C:\Programme\Illustrate\dBpowerAMP\dBShell.dll Sat Oct 29 10:55:43 2005 => Scanning File C:\Programme\Illustrate\dBpowerAMP\dMCShell.dll Sat Oct 29 10:55:43 2005 => Scanning File C:\Programme\ICQLite\ICQLiteShell.dll Sat Oct 29 10:55:43 2005 => Scanning File C:\WINDOWS\System32\nvcpl.dll Sat Oct 29 10:55:43 2005 => Scanning File C:\WINDOWS\System32\nvcpl.dll Sat Oct 29 10:55:43 2005 => Scanning File C:\WINDOWS\System32\twext.dll Sat Oct 29 10:55:44 2005 => Scanning File C:\WINDOWS\System32\twext.dll Sat Oct 29 10:55:44 2005 => Scanning File C:\WINDOWS\System32\extmgr.dll Sat Oct 29 10:55:44 2005 => Scanning File C:\WINDOWS\system32\upnpui.dll Sat Oct 29 10:55:44 2005 => ERROR!!! Invalid Entry {B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} = C:\Programme\iTunes\iTunesMiniPlayer.dll (in key SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved). No Action Taken. Sat Oct 29 10:55:44 2005 => Scanning File C:\PROGRA~1\WINZIP\WZSHLSTB.DLL Sat Oct 29 10:55:44 2005 => Scanning File C:\PROGRA~1\WINZIP\WZSHLSTB.DLL Sat Oct 29 10:55:44 2005 => Scanning File C:\PROGRA~1\WINZIP\WZSHLSTB.DLL Sat Oct 29 10:55:44 2005 => Scanning File C:\PROGRA~1\WINZIP\WZSHLSTB.DLL Sat Oct 29 10:55:44 2005 => Scanning File C:\WINDOWS\system32\Audiodev.dll Sat Oct 29 10:55:44 2005 => Scanning File C:\WINDOWS\system32\Audiodev.dll |
Sat Oct 29 10:55:47 2005 => Scanning HKCR\htmlfile\shell\open\command Sat Oct 29 10:55:47 2005 => Scanning File C:\PROGRA~1\INTERN~1\iexplore.exe Sat Oct 29 10:55:47 2005 => Scanning HKCR\htafile\shell\open\command Sat Oct 29 10:55:47 2005 => Scanning File C:\WINDOWS\System32\mshta.exe Sat Oct 29 10:55:47 2005 => Scanning HKCR\jsfile\shell\open\command Sat Oct 29 10:55:47 2005 => Scanning File C:\WINDOWS\System32\WScript.exe Sat Oct 29 10:55:48 2005 => Scanning HKCR\jsefile\shell\open\command Sat Oct 29 10:55:48 2005 => Scanning File C:\WINDOWS\System32\WScript.exe Sat Oct 29 10:55:48 2005 => Scanning HKCR\vbsfile\shell\open\command Sat Oct 29 10:55:48 2005 => Scanning File C:\WINDOWS\System32\WScript.exe Sat Oct 29 10:55:48 2005 => Scanning HKCR\vbefile\shell\open\command Sat Oct 29 10:55:48 2005 => Scanning File C:\WINDOWS\System32\WScript.exe Sat Oct 29 10:55:48 2005 => Scanning HKCR\wshfile\shell\open\command Sat Oct 29 10:55:48 2005 => Scanning File C:\WINDOWS\System32\WScript.exe Sat Oct 29 10:55:48 2005 => Scanning HKCR\wsffile\shell\open\command Sat Oct 29 10:55:48 2005 => Scanning File C:\WINDOWS\System32\WScript.exe Sat Oct 29 10:55:48 2005 => ***** Scanning Service Files ***** Sat Oct 29 10:55:48 2005 => Scanning HKLM\SYSTEM\CurrentControlSet\Services Sat Oct 29 10:55:48 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Sat Oct 29 10:55:48 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\ACPI.sys Sat Oct 29 10:55:48 2005 => Scanning File C:\WINDOWS\system32\drivers\aec.sys Sat Oct 29 10:55:48 2005 => Scanning File C:\WINDOWS\System32\drivers\afd.sys Sat Oct 29 10:55:48 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Sat Oct 29 10:55:48 2005 => Scanning File C:\WINDOWS\System32\alg.exe Sat Oct 29 10:55:48 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\amdk7.sys Sat Oct 29 10:55:48 2005 => Scanning File C:\WINDOWS\system32\svchost.exe Sat Oct 29 10:55:48 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\arp1394.sys Sat Oct 29 10:55:48 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\asyncmac.sys Sat Oct 29 10:55:48 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\atapi.sys Sat Oct 29 10:55:48 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\atmarpc.sys Sat Oct 29 10:55:48 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Sat Oct 29 10:55:48 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\audstub.sys Sat Oct 29 10:55:48 2005 => Scanning File C:\Programme\FRITZ!DSL\IGDCTRL.EXE Sat Oct 29 10:55:48 2005 => Scanning File C:\Programme\AVPersonal\AVWUPSRV.EXE Sat Oct 29 10:55:48 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Sat Oct 29 10:55:48 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\bridge.sys Sat Oct 29 10:55:48 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\bridge.sys Sat Oct 29 10:55:48 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Sat Oct 29 10:55:48 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\cdrom.sys Sat Oct 29 10:55:48 2005 => Scanning File C:\WINDOWS\system32\cisvc.exe Sat Oct 29 10:55:48 2005 => Scanning File C:\WINDOWS\system32\clipsrv.exe Sat Oct 29 10:55:48 2005 => Scanning File C:\WINDOWS\System32\dllhost.exe Sat Oct 29 10:55:48 2005 => Scanning File C:\WINDOWS\system32\svchost.exe Sat Oct 29 10:55:48 2005 => Scanning File C:\WINDOWS\system32\svchost.exe Sat Oct 29 10:55:48 2005 => ERROR!!! Invalid Entry \??\C:\Programme\SinEspias\Defender.sys in SYSTEM\CurrentControlSet\Services\Defender... Sat Oct 29 10:55:48 2005 => Scanning File C:\PROGRA~1\GEMEIN~1\AVM\de_serv.exe Sat Oct 29 10:55:49 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Sat Oct 29 10:55:49 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\disk.sys Sat Oct 29 10:55:49 2005 => Scanning File C:\WINDOWS\System32\dmadmin.exe Sat Oct 29 10:55:49 2005 => Scanning File C:\WINDOWS\system32\drivers\dmboot.sys Sat Oct 29 10:55:49 2005 => Scanning File C:\WINDOWS\system32\drivers\dmio.sys Sat Oct 29 10:55:49 2005 => Scanning File C:\WINDOWS\system32\drivers\dmload.sys Sat Oct 29 10:55:49 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Sat Oct 29 10:55:49 2005 => Scanning File C:\WINDOWS\system32\drivers\DMusic.sys Sat Oct 29 10:55:49 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Sat Oct 29 10:55:49 2005 => Scanning File C:\WINDOWS\system32\drivers\drmkaud.sys Sat Oct 29 10:55:49 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Sat Oct 29 10:55:49 2005 => Scanning File C:\WINDOWS\system32\services.exe Sat Oct 29 10:55:49 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Sat Oct 29 10:55:49 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Sat Oct 29 10:55:49 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\fdc.sys Sat Oct 29 10:55:49 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\fetnd5.sys Sat Oct 29 10:55:49 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\flpydisk.sys Sat Oct 29 10:55:49 2005 => Scanning File C:\WINDOWS\system32\drivers\fltmgr.sys Sat Oct 29 10:55:49 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\ftdisk.sys Sat Oct 29 10:55:49 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\gameenum.sys Sat Oct 29 10:55:49 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\msgpc.sys Sat Oct 29 10:55:49 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Sat Oct 29 10:55:49 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Sat Oct 29 10:55:49 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\hidusb.sys Sat Oct 29 10:55:49 2005 => Scanning File C:\WINDOWS\system32\Drivers\HTTP.sys Sat Oct 29 10:55:49 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Sat Oct 29 10:55:49 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\i8042prt.sys Sat Oct 29 10:55:49 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\imapi.sys Sat Oct 29 10:55:49 2005 => Scanning File C:\WINDOWS\System32\imapi.exe Sat Oct 29 10:55:49 2005 => Scanning File C:\WINDOWS\system32\drivers\ip6fw.sys Sat Oct 29 10:55:49 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\ipinip.sys Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\ipnat.sys Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\ipsec.sys Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\irenum.sys Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\isapnp.sys Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\kbdclass.sys Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\system32\drivers\kmixer.sys Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\system32\LEXBCES.EXE Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\System32\mnmsrvc.exe Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\mouclass.sys Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\mouhid.sys Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\mrxdav.sys Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\mrxsmb.sys Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\System32\msdtc.exe Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\system32\msiexec.exe Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\system32\drivers\MSKSSRV.sys Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\system32\drivers\MSPCLOCK.sys Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\system32\drivers\MSPQM.sys Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\mssmbios.sys Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\ndistapi.sys Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\ndisuio.sys Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\ndiswan.sys Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\netbios.sys Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\netbt.sys Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\system32\netdde.exe Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\system32\netdde.exe Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\System32\lsass.exe Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\nic1394.sys Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\System32\lsass.exe Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\system32\svchost.exe Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\nv4_mini.sys Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\system32\drivers\nvax.sys Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\system32\drivers\nvapu.sys Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\System32\nvsvc32.exe Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\nwlnknb.sys Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\ohci1394.sys Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\parport.sys Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\pci.sys Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\pciide.sys Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\system32\pctspk.exe Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\system32\services.exe Sat Oct 29 10:55:51 2005 => ERROR!!! Invalid Entry \??\C:\DOKUME~1\XP-User\LOKALE~1\Temp\pnicml.sys in SYSTEM\CurrentControlSet\Services\pnicml... Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\System32\lsass.exe Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\raspptp.sys Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\system32\lsass.exe Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\psched.sys Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\ptilink.sys Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\ptserlp.sys Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\PxHelp20.sys Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\rasacd.sys Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\rasl2tp.sys Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\raspppoe.sys Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\raspti.sys Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\rdbss.sys Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\RDPCDD.sys Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\system32\sessmgr.exe Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\redbook.sys Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\System32\locator.exe Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\system32\svchost.exe Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\System32\rsvp.exe Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\RTL8139.SYS Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\system32\lsass.exe Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\System32\SCardSvr.exe Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\system32\drivers\scsiport.sys Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\secdrv.sys Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\system32\svchost.exe Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\serenum.sys Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\serial.sys Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\system32\drivers\splitter.sys Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\system32\spoolsv.exe Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\sr.sys Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\srv.sys Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\swenum.sys Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\system32\drivers\swmidi.sys Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\System32\dllhost.exe Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\system32\drivers\sysaudio.sys Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\system32\smlogsvc.exe Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\tcpip.sys Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\tcpip6.sys Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\termdd.sys Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\system32\svchost.exe Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\tunmp.sys Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\system32\wdfmgr.exe Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\update.sys Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\System32\ups.exe Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\usbhub.sys Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\usbohci.sys Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\usbprint.sys Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\usbscan.sys Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\System32\drivers\vga.sys Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\vmodem.sys Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\vpctcom.sys Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\system32\vsdatant.sys Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\system32\ZoneLabs\vsmon.exe Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\System32\vssvc.exe Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\vvoice.sys Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\wanarp.sys Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\system32\drivers\wdmaud.sys Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\system32\svchost.exe Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\System32\wbem\wmiapsrv.exe Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\system32\svchost.exe Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\System32\svchost.exe Sat Oct 29 10:55:53 2005 => Scanning HKLM\SYSTEM\CurrentControlSet\Services\VxD Sat Oct 29 10:55:53 2005 => ***** Scanning Important System Files ***** Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\system32\winsock.dll Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\system32\ws2help.dll Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\system32\ws2_32.dll Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\system32\wscntfy.exe Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\system32\wscript.exe Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\system32\wscsvc.dll Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\system32\wscui.cpl Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\system32\wshatm.dll Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\system32\wshbth.dll Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\system32\wshcon.dll Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\system32\wshde.dll Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\system32\wshext.dll Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\system32\wship6.dll Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\system32\wshisn.dll Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\system32\wshnetbs.dll Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\system32\wshom.ocx Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\system32\wshrm.dll Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\system32\wshtcpip.dll Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\system32\wsnmp32.dll Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\system32\wsock32.dll Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\system32\wstdecod.dll Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\explorer.exe Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\explorer.scf Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\system32\rundll32.exe Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\system32\browseui.dll Sat Oct 29 10:55:54 2005 => Scanning File C:\WINDOWS\notepad.exe Sat Oct 29 10:55:54 2005 => Scanning File C:\WINDOWS\system32\notepad.exe Sat Oct 29 10:55:54 2005 => Scanning File C:\WINDOWS\system32\ctfmon.exe Sat Oct 29 10:55:54 2005 => Scanning File C:\WINDOWS\system32\cmd.com Sat Oct 29 10:55:54 2005 => Scanning File C:\WINDOWS\system32\cmd.exe Sat Oct 29 10:55:54 2005 => Scanning File C:\WINDOWS\system32\kernel32.dll Sat Oct 29 10:55:54 2005 => Scanning File C:\WINDOWS\system32\ntoskrnl.exe Sat Oct 29 10:55:54 2005 => Scanning File C:\WINDOWS\system32\ntkrnlpa.exe Sat Oct 29 10:55:54 2005 => Scanning File C:\WINDOWS\system32\HAL.DLL Sat Oct 29 10:55:54 2005 => Scanning File C:\WINDOWS\system32\win32k.sys Sat Oct 29 10:55:54 2005 => Scanning File C:\WINDOWS\system32\ntdll.dll Sat Oct 29 10:55:54 2005 => Scanning File C:\WINDOWS\system32\advapi32.dll Sat Oct 29 10:55:54 2005 => Scanning File C:\WINDOWS\system32\user32.dll Sat Oct 29 10:55:54 2005 => Scanning File C:\WINDOWS\system32\gdi32.dll Sat Oct 29 10:55:54 2005 => Scanning File C:\WINDOWS\system32\bootvid.dll Sat Oct 29 10:55:54 2005 => Scanning File C:\WINDOWS\system32\command.com Sat Oct 29 10:55:54 2005 => ***** Scanning Registry and File system for Adware/Spyware ***** Sat Oct 29 10:55:54 2005 => Loading Spyware Signatures from new External Database (Size: 145160). Sat Oct 29 10:55:56 2005 => Indexed Spyware Databases Successfully Created... Sat Oct 29 10:55:56 2005 => System found infected with bearshare Spyware/Adware ({558ec983-bedb-9168-b2de-31dbf0ee543e})! Action taken: No Action Taken. Sat Oct 29 10:55:56 2005 => System found infected with bearshare Spyware/Adware ({9f95f736-0f62-4214-a4b4-caa6738d4c07})! Action taken: No Action Taken. Sat Oct 29 10:55:56 2005 => System found infected with xolox Spyware/Adware ({f02c0ae1-d796-42c9-81e1-084d88f79b8e})! Action taken: No Action Taken. Sat Oct 29 10:55:56 2005 => System found infected with bearshare Spyware/Adware ({5f95e1af-2620-4f15-bdf9-7fdce4607e17})! Action taken: No Action Taken. Sat Oct 29 10:57:15 2005 => Please Wait Exiting Application... Sat Oct 29 10:57:16 2005 => Total Objects Scanned: 852 Sat Oct 29 10:57:16 2005 => Total Virus(es) Found: 9 Sat Oct 29 10:57:16 2005 => Total Disinfected Files: 0 Sat Oct 29 10:57:16 2005 => Total Files Renamed: 0 Sat Oct 29 10:57:16 2005 => Total Deleted Objects: 0 Sat Oct 29 10:57:16 2005 => Total Errors: 7 Sat Oct 29 10:57:16 2005 => Time Elapsed: 00:02:25 Sat Oct 29 10:57:22 2005 => Virus Database Date: 2005/10/21 Sat Oct 29 10:57:22 2005 => Virus Database Count: 155382 Sat Oct 29 10:57:28 2005 => System found infected with xolox Spyware/Adware ({2850bdc7-2330-4e31-9fa0-88268846539a})! Action taken: No Action Taken. Sat Oct 29 10:57:28 2005 => System found infected with bearshare Spyware/Adware ({905d0df2-3a0a-4d94-853c-54a12a745905})! Action taken: No Action Taken. Sat Oct 29 10:57:29 2005 => System found infected with whenu.savenow Spyware/Adware ({c285d18d-43a2-4aef-83fb-bf280e660a97})! Action taken: No Action Taken. Sat Oct 29 10:57:29 2005 => Offending Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\uninstall\bearshare !!! Sat Oct 29 10:57:29 2005 => Object "bearshare Spyware/Adware" found in File System! Action Taken: No Action Taken. Sat Oct 29 10:57:29 2005 => Offending Key found: HKCU\appevents\eventlabels\bearsharechatnotifymsg !!! Sat Oct 29 10:57:29 2005 => Object "bearshare Spyware/Adware" found in File System! Action Taken: No Action Taken. Sat Oct 29 10:57:29 2005 => Offending Key found: HKCU\appevents\schemes\apps\bearshare !!! Sat Oct 29 10:57:29 2005 => Object "bearshare Spyware/Adware" found in File System! Action Taken: No Action Taken. Sat Oct 29 10:57:29 2005 => Offending Key found: HKLM\Software\magnet\handlers\bearshare !!! Sat Oct 29 10:57:29 2005 => Object "bearshare Spyware/Adware" found in File System! Action Taken: No Action Taken. Sat Oct 29 10:57:29 2005 => Offending Key found: HKLM\Software\bearshare !!! Sat Oct 29 10:57:29 2005 => Object "bearshare Spyware/Adware" found in File System! Action Taken: No Action Taken. Sat Oct 29 10:57:29 2005 => Offending Key found: HKLM\Software\kazaa !!! Sat Oct 29 10:57:29 2005 => Object "kazaa Spyware/Adware" found in File System! Action Taken: No Action Taken. Sat Oct 29 10:57:29 2005 => Offending Key found: HKCU\Software\kazaa !!! Sat Oct 29 10:57:29 2005 => Object "kazaa Spyware/Adware" found in File System! Action Taken: No Action Taken. Sat Oct 29 10:57:29 2005 => Offending Key found: HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartupReg\navisearch !!! Sat Oct 29 10:57:29 2005 => Object "bargainbuddy Spyware/Adware" found in File System! Action Taken: No Action Taken. Sat Oct 29 10:57:29 2005 => Offending Key found: HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartupReg\vvsn !!! Sat Oct 29 10:57:29 2005 => Object "whenu.weathercast Spyware/Adware" found in File System! Action Taken: No Action Taken. Sat Oct 29 10:57:29 2005 => Offending value found in HKLM\Software\Licenses: {i56b3cf0d9ab991e1} !!! Sat Oct 29 10:57:29 2005 => Object "bearshare Spyware/Adware" found in File System! Action Taken: No Action Taken. Sat Oct 29 10:57:29 2005 => Offending value found in HKLM\Software\Licenses: {056b3cf0d9ab991e1} !!! Sat Oct 29 10:57:29 2005 => Object "bearshare Spyware/Adware" found in File System! Action Taken: No Action Taken. Sat Oct 29 10:57:29 2005 => ***** Scanning complete. ***** Sat Oct 29 10:57:29 2005 => Virus Database Date: 2005/10/21 Sat Oct 29 10:57:29 2005 => Virus Database Count: 155382 |
das war mwav und nun kommt hijackthis... |
Logfile of HijackThis v1.99.1 Scan saved at 10:16:05, on 29.10.2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Programme\FRITZ!DSL\IGDCTRL.EXE C:\Programme\AVPersonal\AVWUPSRV.EXE C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\system32\pctspk.exe C:\WINDOWS\system32\NVATray.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe C:\Programme\Java\jre1.5.0_04\bin\jusched.exe C:\Programme\MsMovies\MsMovies.exe C:\Programme\winupdates\winupdates.exe C:\WINDOWS\etb\pokapoka78.exe C:\WINDOWS\system32\scvhost.exe C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\wkcalrem.exe C:\Programme\ICQLite\ICQLite.exe C:\Programme\Internet Explorer\iexplore.exe C:\Dokumente und Einstellungen\XP-User\Eigene Dateien\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.eza1netsearch.com/sp2.php R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.eza1netsearch.com/sp2.php R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.eza1netsearch.com/sp2.php R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.t-online.de/ R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.eza1netsearch.com/sp2.php R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.t-online.de/ R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll O4 - HKLM\..\Run: [NVIDIA nForce APU1 Utilities] NVATray.exe O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -minimize O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [stnospy] C:\Programme\SinEspias\no-spy.exe /autorun O4 - HKLM\..\Run: [Zone Labs Client] C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe O4 - HKLM\..\Run: [EPSON Stylus C46 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.EXE /P23 "EPSON Stylus C46 Series" /O6 "USB002" /M "Stylus C46" O4 - HKLM\..\Run: [WorksFUD] C:\Programme\Microsoft Works\wkfud.exe O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Programme\Microsoft Works\WksSb.exe /AllUsers O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_04\bin\jusched.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [ms-update] scvhost.exe O4 - HKLM\..\Run: [MsMovies] C:\Programme\MsMovies\MsMovies.exe /auto O4 - HKLM\..\Run: [winupdates] C:\Programme\winupdates\winupdates.exe /auto O4 - HKLM\..\Run: [System service78] C:\WINDOWS\etb\pokapoka78.exe O4 - HKLM\..\RunServices: [ms-update] scvhost.exe O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -trayboot O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Erinnerungen in Microsoft Works-Kalender.lnk = ? O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Programme\ICQToolbar\toolbaru.dll/SEARCH.HTML O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1112806495359 O23 - Service: AVM IGD CTRL Service - AVM Berlin - C:\Programme\FRITZ!DSL\IGDCTRL.EXE O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Programme\AVPersonal\AVWUPSRV.EXE O23 - Service: AVM FRITZ!web Routing Service (de_serv) - AVM Berlin - C:\Programme\Gemeinsame Dateien\AVM\de_serv.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe RESPEKT VOR JEDEM DER DA AUCH NUR BAHNHOF VERSTEHT^^ |
Starte HjT-> Open the Misc Tools section-> Open process manager-> Markiere C:\WINDOWS\system32\scvhost.exe (beachte die Schreibweise: nicht svchost, sondern scvhost!) -> Kill process -> Ja Wechsle zur Seite http://virusscan.jotti.org/de und kopiere den Pfad C:\WINDOWS\system32\scvhost.exe in das weiße Kästchen-> auf "Abschicken" klicken-> etwas warten und das Ergebnis hier posten, sieht etwa so aus: Zitat:
|
HAUI45 Du hast's echt drauf! Hier meine Ergebnisse, hab alles gemacht wie du gesagt hast: Datei: scvhost.exe_ Status: INFIZIERT/MALWARE (Anmerkung: diese Datei wurde bereits vorher gescannt. Die Scanergebnisse werden daher nicht in der Datenbank gespeichert.) Entdeckte Packprogramme: NTPACKER AntiVir Worm/Eyeveg.m.5.B gefunden ArcaVir Trojan.Rbot.Adf gefunden Avast Keine Viren gefunden AVG Antivirus IRC/BackDoor.SdBot.LFG gefunden BitDefender Backdoor.Rbot.ADF gefunden ClamAV Trojan.Mybot-2995 gefunden Dr.Web Trojan.NtRootKit.40 gefunden F-Prot Antivirus W32/Spybot.KZM gefunden Fortinet W32/RBot.ADF-bdr gefunden Kaspersky Anti-Virus Backdoor.Win32.Rbot.adf gefunden NOD32 Win32/Rbot gefunden Norman Virus Control W32/Spybot.UOU gefunden UNA Backdoor.Rbot gefunden VBA32 Backdoor.Win32.Rbot.adf gefunden |
Ich hab's mir eigentlich schon gedacht. Du hast neben div. anderer Malware [1] auch diesen Schädling mit Backdoor-Funktionalität auf dem Rechner. => Das System ist als kompromittiert anzusehen, d.h. es ist nicht mehr vertrauenswürdig. Du solltest es so schnell wie möglich vom Netz trennen und neu aufsetzen. [1] z.B. Zitat:
|
Also auch wenn dieses Thema jetzt schon über ein Jahr alt ist, aber ich habe das selbe Problem,... [edit] bitte eröffne, wie jeder andere hier auch, für dein problem einen eigenen beitrag nur so wird sichergestellt, das jedem user übersichtlich und individuell geholfen werden kann danke GUA [/edit] |
| Alle Zeitangaben in WEZ +1. Es ist jetzt 20:24 Uhr. |
Copyright ©2000-2025, Trojaner-Board