| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: TR/Zlob.IT.3Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
10.04.2006, 10:46
| #1 |
| |  TR/Zlob.IT.3 Hallo, Ich habe seit Tagen den im Titel gnannten Trojaner auf meinem Rechner und noch TR/Drop.Zlob.JT.2. Wie kriege ich diese wieder weg? Danke im Vorraus Hier mein Logfile aus der Datfind.bat: Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: F8AD-4C14 Verzeichnis von C:\WINDOWS\system32 10.04.2006 11:35 8.192 interf.tlb 10.04.2006 10:52 5.040 ncompat.tlb 10.04.2006 10:20 4.286 ot.ico 10.04.2006 10:20 17.828 nvctrl.exe 10.04.2006 10:20 4.286 ts.ico 10.04.2006 10:19 32.781 ld87AE.tmp 09.04.2006 18:23 116.651 AdobeFnt.lst 08.04.2006 23:32 2.206 wpa.dbl 08.04.2006 19:28 374.064 perfh009.dat 08.04.2006 19:28 384.216 perfh007.dat 08.04.2006 19:28 50.532 perfc009.dat 08.04.2006 19:28 61.096 perfc007.dat 08.04.2006 19:28 767.944 PerfStringBackup.INI 08.04.2006 09:31 15.872 unst.exe 28.03.2006 18:53 49.152 AdService.dll 27.03.2006 20:20 169.896 FNTCACHE.DAT 06.03.2006 20:50 113 NemuAudio08.ini 05.03.2006 14:51 5.886 qtplugin.log 22.02.2006 05:46 256.512 ati2dvag.dll 22.02.2006 05:41 114.688 atipdlxx.dll 22.02.2006 05:40 77.824 Oemdspif.dll 22.02.2006 05:40 26.112 Ati2mdxx.exe 22.02.2006 05:40 40.960 ati2edxx.dll 22.02.2006 05:40 61.440 ati2evxx.dll 22.02.2006 05:39 405.504 ati2evxx.exe 22.02.2006 05:38 53.248 ATIDDC.DLL 22.02.2006 05:30 2.636.672 ati3duag.dll 22.02.2006 05:27 6.684.672 atioglx1.dll 22.02.2006 05:24 860.480 ativvaxx.dll 22.02.2006 05:20 307.200 atiiiexx.dll 22.02.2006 05:11 5.124.096 atioglxx.dll 22.02.2006 05:11 151.552 atikvmag.dll 22.02.2006 05:10 17.408 atitvo32.dll 22.02.2006 05:04 258.048 ati2cqag.dll 22.02.2006 04:21 282.624 ATIDEMGR.dll 21.02.2006 22:05 520.192 ati2sgag.exe 13.02.2006 22:29 121.995 atiicdxx.dat 22.01.2006 20:22 56.930 HCW_ChanDB.LOG 18.01.2006 14:05 57.344 avsda.dll 17.12.2005 19:45 28 mcheck.mhf 16.12.2005 14:42 98.304 CmdLineExt.dll 02.12.2005 20:20 6.005 atifglpf.xml 28.09.2005 15:35 61.136 xinput9_1_0.dll 19.09.2005 19:15 1.919 AUTOEXEC.NT 19.09.2005 19:06 8.628 CMMGR32.GID 15.09.2005 18:55 458.752 mgxoschk.dll 27.08.2005 23:09 8.192 tsbyuv.dll 27.08.2005 21:11 5.308 d3d9caps.dat 10.08.2005 00:13 831.488 libeay32.dll 10.08.2005 00:13 159.744 ssleay32.dll 10.08.2005 00:12 3.596.288 qt-dx331.dll 10.08.2005 00:12 3.136 dtu_de.qm 22.07.2005 19:59 2.319.568 d3dx9_27.dll 21.07.2005 08:46 3.799 jupdate-1.5.0_04-b05.log 18.07.2005 09:05 1.047.552 mfc71u.dll 05.07.2005 23:28 1.212.416 NCTAudioInformation2.dll 05.07.2005 23:28 458.752 NCTAudioPlayer2.dll 05.07.2005 23:28 876.544 NCTAudioEditor2.dll 05.07.2005 23:28 1.986.560 NCTAudioFile2.dll 05.07.2005 23:28 454.656 NCTAudioRecord2.dll 05.07.2005 23:28 602.112 NCTAudioTransform2.dll 24.06.2005 16:24 438.272 vp6vfw.dll 24.06.2005 16:15 540.745 hcwtvwnd.dll 24.06.2005 10:56 294.912 HCWChMgr.ocx 11.06.2005 02:42 65.536 hcwChMgr.deu 11.06.2005 01:34 77.824 hcwTVDlg.deu 11.06.2005 01:34 65.536 hcwDlg.deu 11.06.2005 01:33 61.440 hcwChan.deu 08.06.2005 14:56 151.552 hcwChDB.dll 03.06.2005 03:52 127.078 javaws.exe 03.06.2005 03:52 49.265 jpicpl32.cpl 03.06.2005 02:24 49.250 javaw.exe 03.06.2005 02:24 49.248 java.exe 02.06.2005 21:35 5.120 Thumbs.db 29.05.2005 16:36 94 zbq_Q1ssg.ini 26.05.2005 17:38 22.308 HcwChDB.tlb 26.05.2005 16:34 2.297.552 d3dx9_26.dll 14.05.2005 12:11 2.957 jupdate-1.5.0_01-b08.log 10.05.2005 21:08 43.520 CmdLineExt03.dll 07.05.2005 10:51 1.051.992 MRT.exe 04.05.2005 14:45 2.890.240 msi.dll 04.05.2005 14:45 15.072 spmsg.dll 30.04.2005 15:31 172.544 cncs32.dll 29.04.2005 22:14 139.324 hcwecp.ax 22.04.2005 13:16 131.072 HCWPsiParser.ax 19.04.2005 11:58 147.495 rmoc3260.dll 19.04.2005 11:58 5.632 pndx5032.dll 19.04.2005 11:58 6.656 pndx5016.dll 19.04.2005 11:58 278.528 pncrt.dll 13.04.2005 11:44 81.920 hcwSplit.ax 09.04.2005 23:17 401.408 DLLAV32.dll 09.04.2005 23:17 36.864 DLLPNT32.dll 09.04.2005 23:17 49.152 DLLIO32.dll 09.04.2005 23:17 155.648 DLLDEV32.dll 09.04.2005 23:17 143.360 DLLDRV32.dll 09.04.2005 23:17 32.768 STRING32.dll 09.04.2005 23:17 188.416 DLLRES32.dll 09.04.2005 22:05 27.807 mgxcdr.txt 06.04.2005 17:53 172.101 hcwmux.ax 30.03.2005 15:16 69.632 hcwPP2PP.ocx 25.03.2005 11:20 23.392 nscompat.tlb 25.03.2005 11:20 16.832 amcompat.tlb 21.03.2005 15:00 271.360 msihnd.dll 21.03.2005 15:00 884.736 msimsg.dll 21.03.2005 15:00 15.360 msisip.dll 21.03.2005 15:00 78.848 msiexec.exe 18.03.2005 17:19 2.337.488 d3dx9_25.dll 14.03.2005 14:14 21.840 SIntfNT.dll 14.03.2005 14:14 17.212 SIntf32.dll 14.03.2005 14:14 12.067 SIntf16.dll 14.03.2005 06:13 269 spupdwxp.log 14.03.2005 04:34 0 TFTP1820 13.03.2005 22:42 25.065 wmpscheme.xml 13.03.2005 22:38 261 $winnt$.inf 13.03.2005 22:35 2.951 CONFIG.NT 13.03.2005 22:34 488 logonui.exe.manifest 13.03.2005 22:34 488 WindowsLogon.manifest 13.03.2005 22:34 749 ncpa.cpl.manifest 13.03.2005 22:34 749 wuaucpl.cpl.manifest 13.03.2005 22:34 749 sapi.cpl.manifest 13.03.2005 22:34 749 nwc.cpl.manifest 13.03.2005 22:34 749 cdplayer.exe.manifest 13.03.2005 22:33 21.740 emptyregdb.dat 13.03.2005 22:31 0 h323log.txt 11.03.2005 16:32 196.664 hcwpnp32.dll 10.03.2005 10:04 146.432 msrating.dll 10.03.2005 10:04 1.483.776 shdocvw.dll 10.03.2005 10:04 474.112 shlwapi(3).dll 10.03.2005 10:04 3.010.560 mshtml.dll 10.03.2005 10:04 662.528 wininet(3).dll 10.03.2005 10:04 662.528 wininet.dll 10.03.2005 10:04 474.112 shlwapi.dll 10.03.2005 10:04 605.696 urlmon.dll 10.03.2005 10:04 605.696 urlmon(3).dll 10.03.2005 10:04 1.016.832 browseui(2).dll 10.03.2005 10:04 1.016.832 browseui.dll 10.03.2005 10:04 96.768 inseng.dll 10.03.2005 10:04 152.064 cdfview.dll 10.03.2005 10:04 250.880 iepeers.dll 02.03.2005 20:09 56.832 authz.dll 02.03.2005 20:09 578.560 user32.dll 02.03.2005 20:09 291.840 winsrv.dll 02.03.2005 20:06 2.181.632 ntoskrnl.exe 02.03.2005 20:06 2.059.136 ntkrnlpa.exe 02.03.2005 20:06 1.836.416 win32k.sys 01.03.2005 01:11 8.491.008 shell32.dll 21.02.2005 15:36 69.632 hcwsched.dll 18.02.2005 19:36 73.728 hcwFRead.ax 17.02.2005 18:59 53.248 hcwFWrit.ax 16.02.2005 15:18 90.184 NeroCo.dll 05.02.2005 19:45 2.222.800 d3dx9_24.dll 04.02.2005 14:37 131.072 hcwsched.ocx 14.01.2005 10:57 74.752 olecli32.dll 14.01.2005 10:57 1.285.120 ole32.dll 14.01.2005 10:57 395.776 rpcss.dll 14.01.2005 10:57 37.888 olecnv32.dll 12.01.2005 16:29 69.696 CHSUITE.OCX Hier mein HJT Log: Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Programme\AntiVir PersonalEdition Premium\sched.exe C:\Programme\AntiVir PersonalEdition Premium\avguard.exe C:\Programme\AntiVir PersonalEdition Premium\avesvc.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\svchost.exe C:\Programme\AntiVir PersonalEdition Premium\avmailc.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\nvctrl.exe C:\Programme\QuickTime\qttask.exe C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe C:\Programme\ATI Technologies\ATI HYDRAVISION\HydraDM.exe C:\Programme\AntiVir PersonalEdition Premium\avgnt.exe C:\Programme\ATI Technologies\ATI.ACE\cli.exe C:\Programme\Java\jre1.5.0_04\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Programme\WinTV\Ir.exe C:\Programme\DeTeWe\TA 33 USB\Capictrl.exe C:\Programme\ATI Technologies\ATI.ACE\cli.exe C:\Programme\ATI Technologies\ATI.ACE\cli.exe C:\Programme\Mozilla Firefox\firefox.exe C:\Programme\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://w**.marktplatz.de R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer von osnatel O2 - BHO: Nothing - {7a932ed2-1737-4ab8-b84d-c71779958551} - C:\WINDOWS\system32\hp8944.tmp (file missing) O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programme\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll O4 - HKLM\..\Run: [routcnf] C:\Programme\DeTeWe\TA 33 USB\routcnf.exe O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Programme\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [ATIPTA] "C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\GEMEIN~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [ISUSScheduler] "C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [HydraVisionDesktopManager] C:\Programme\ATI Technologies\ATI HYDRAVISION\HydraDM.exe O4 - HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition Premium\avgnt.exe" /min O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [ATICCC] "C:\Programme\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_04\bin\jusched.exe O4 - HKLM\..\RunServices: [SchedulingAgent] C:\WINDOWS\system32\mstask.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [NBJ] "C:\Programme\Ahead\Nero BackItUp\NBJ.exe" O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Reader\reader_sl.exe O4 - Global Startup: AutoStart IR.lnk = C:\Programme\WinTV\Ir.exe O4 - Global Startup: CAPIControl.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: &eBay Search - res://C:\Programme\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra button: Mobilen Favoriten erstellen - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Programme\Microsoft ActiveSync\inetrepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Programme\Microsoft ActiveSync\inetrepl.dll O9 - Extra 'Tools' menuitem: Mobilen Favoriten erstellen... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Programme\Microsoft ActiveSync\inetrepl.dll O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe (file missing) O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe (file missing) O10 - Broken Internet access because of LSP provider 'avsda.dll' missing O14 - IERESET.INF: START_PAGE_URL=http://www.marktplatz.de O17 - HKLM\System\CCS\Services\Tcpip\..\{94265C38-CDC8-4636-8CF7-366DC340E17C}: NameServer = 212.95.97.144 212.95.108.3 O20 - Winlogon Notify: winrzf32 - winrzf32.dll (file missing) O23 - Service: AntiVir Mail Security Service (AntiVirMailService) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Premium\avmailc.exe O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Premium\sched.exe O23 - Service: AntiVir PersonalEdition Premium Service (AntiVirService) - AVIRA GmbH - C:\Programme\AntiVir PersonalEdition Premium\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AntiVir Engine Service (AVEService) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Premium\avesvc.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE Geändert von kv90 (10.04.2006 um 11:12 Uhr) |
|
10.04.2006, 11:20
| #2 |
   | TR/Zlob.IT.3 Servus!
__________________Wenn schon datfind.bat dann bitte alle 4 Logs. (Die Dateien der letzten 2-3 Monate reichen) Wenn schon HJT dann bitte mit Kopf. Arbeite mal das durch und poste anschließend die zitierten Logs (escan, 'C:\smitfiles.txt' und neues HJT-Log) und die vier Logs der datfind.bat stupormundi
__________________ |
|
11.04.2006, 10:02
| #3 |
| | TR/Zlob.IT.3 Moin
__________________Ich habe mich dort durchgearbeitet und das kam dabei heraus: eScan: Mon Apr 10 13:55:13 2006 => ********************************************************** Mon Apr 10 13:55:13 2006 => eScan AntiVirus Toolkit Utility. Mon Apr 10 13:55:13 2006 => Copyright © 2003-2006, MicroWorld Technologies Inc. Mon Apr 10 13:55:13 2006 => ********************************************************** Mon Apr 10 13:55:13 2006 => Source: C:\DOKUME~1\Kai\EIGENE~1\DOWNLO~1\mwav.exe Mon Apr 10 13:55:13 2006 => Version 8.2.2 Mon Apr 10 13:55:13 2006 => Protokolldatei: C:\DOKUME~1\Kai\LOKALE~1\Temp\MWAV.LOG Mon Apr 10 13:55:13 2006 => Datum und Uhrzeit des letzten Scans: 10.04.2006 12:55:11 Mon Apr 10 13:55:13 2006 => MWAV Registered: FALSE. Mon Apr 10 13:55:13 2006 => OS Type: Windows Workstation Mon Apr 10 13:55:13 2006 => Local Fixed Drives: c:\,f:\,z:\ Mon Apr 10 13:55:13 2006 => MWAV Mode: Only Scan files. Mon Apr 10 13:55:13 2006 => Letztes Datum der MWAV Dateien: 06 Apr 2006 15:08:30. Mon Apr 10 13:55:16 2006 => AV Bibliothek wird geladen... Mon Apr 10 13:55:16 2006 => MWAV doing self scanning... Mon Apr 10 13:55:16 2006 => Scanne Datei C:\DOKUME~1\Kai\LOKALE~1\Temp\kavss.exe Mon Apr 10 13:55:16 2006 => Scanne Datei C:\DOKUME~1\Kai\LOKALE~1\Temp\Getvlist.exe Mon Apr 10 13:55:16 2006 => Scanne Datei C:\DOKUME~1\Kai\LOKALE~1\Temp\kavss.dll Mon Apr 10 13:55:16 2006 => Scanne Datei C:\DOKUME~1\Kai\LOKALE~1\Temp\kavssdi.dll Mon Apr 10 13:55:16 2006 => Scanne Datei C:\DOKUME~1\Kai\LOKALE~1\Temp\kavssi.dll Mon Apr 10 13:55:16 2006 => Scanne Datei C:\DOKUME~1\Kai\LOKALE~1\Temp\kavvlg.dll Mon Apr 10 13:55:16 2006 => Scanne Datei C:\DOKUME~1\Kai\LOKALE~1\Temp\msvlclnt.dll Mon Apr 10 13:55:16 2006 => Scanne Datei C:\DOKUME~1\Kai\LOKALE~1\Temp\ipc.dll Mon Apr 10 13:55:16 2006 => Scanne Datei C:\DOKUME~1\Kai\LOKALE~1\Temp\main.avi Mon Apr 10 13:55:16 2006 => Scanne Datei C:\DOKUME~1\Kai\LOKALE~1\Temp\virus.avi Mon Apr 10 13:55:16 2006 => MWAV files are clean. Mon Apr 10 13:55:24 2006 => Virus Database Date: 4/6/2006 Mon Apr 10 13:55:24 2006 => Virus Database Count: 186553 Mon Apr 10 13:55:41 2006 => ********************************************************** Mon Apr 10 13:55:41 2006 => MicroWorld Anti Virus & Spyware Toolkit Utility. Mon Apr 10 13:55:41 2006 => Copyright © 2003-2006, MicroWorld Technologies Inc. Mon Apr 10 13:55:41 2006 => Mon Apr 10 13:55:41 2006 => Support: support@mwti.net Mon Apr 10 13:55:41 2006 => Web: http://www.mwti.net Mon Apr 10 13:55:41 2006 => ********************************************************** Mon Apr 10 13:55:41 2006 => Version 8.2.2 (C:\DOKUME~1\Kai\LOKALE~1\Temp\mexe.com) Mon Apr 10 13:55:41 2006 => Log File: C:\DOKUME~1\Kai\LOKALE~1\Temp\MWAV.LOG Mon Apr 10 13:55:41 2006 => User Account: Kai Mon Apr 10 13:55:41 2006 => Windows Root Folder: C:\WINDOWS Mon Apr 10 13:55:41 2006 => Windows Sys32 Folder: C:\WINDOWS\system32 Mon Apr 10 13:55:41 2006 => OS: Windows XP Mon Apr 10 13:55:41 2006 => Latest Date of files inside MWAV: 06 Apr 2006 15:08:30. Mon Apr 10 13:55:41 2006 => Options Selected by User: Mon Apr 10 13:55:41 2006 => Memory Check: Enabled Mon Apr 10 13:55:41 2006 => Registry Check: Enabled Mon Apr 10 13:55:41 2006 => StartUp Folder Check: Disabled Mon Apr 10 13:55:41 2006 => System Folder Check: Disabled Mon Apr 10 13:55:41 2006 => System Area Check: Disabled Mon Apr 10 13:55:41 2006 => Services Check: Enabled Mon Apr 10 13:55:41 2006 => Drive Check: Disabled Mon Apr 10 13:55:41 2006 => All Drive Check :Enabled Mon Apr 10 13:55:41 2006 => Folder Check: Disabled Mon Apr 10 13:55:42 2006 => ***** Scanning Memory Files ***** Mon Apr 10 13:55:42 2006 => Scanning File C:\WINDOWS\System32\smss.exe Mon Apr 10 13:55:42 2006 => Scanning File C:\WINDOWS\system32\ntdll.dll Mon Apr 10 13:55:42 2006 => Scanning File C:\WINDOWS\SYSTEM32\CSRSS.EXE Mon Apr 10 13:55:42 2006 => Scanning File C:\WINDOWS\system32\CSRSRV.dll Mon Apr 10 13:55:42 2006 => Scanning File C:\WINDOWS\system32\basesrv.dll Mon Apr 10 13:55:42 2006 => Scanning File C:\WINDOWS\system32\winsrv.dll Mon Apr 10 13:55:42 2006 => Scanning File C:\WINDOWS\system32\GDI32.dll Mon Apr 10 13:55:42 2006 => Scanning File C:\WINDOWS\system32\KERNEL32.dll Mon Apr 10 13:55:42 2006 => Scanning File C:\WINDOWS\system32\USER32.dll Mon Apr 10 13:55:42 2006 => Scanning File C:\WINDOWS\system32\sxs.dll Mon Apr 10 13:55:43 2006 => Scanning File C:\WINDOWS\system32\ADVAPI32.dll Mon Apr 10 13:55:43 2006 => Scanning File C:\WINDOWS\system32\RPCRT4.dll Mon Apr 10 13:55:43 2006 => Scanning File C:\WINDOWS\system32\Apphelp.dll Mon Apr 10 13:55:43 2006 => Scanning File C:\WINDOWS\system32\VERSION.dll Mon Apr 10 13:55:43 2006 => Scanning File C:\WINDOWS\SYSTEM32\WINLOGON.EXE Mon Apr 10 13:55:44 2006 => Scanning File C:\WINDOWS\system32\AUTHZ.dll Mon Apr 10 13:55:44 2006 => Scanning File C:\WINDOWS\system32\msvcrt.dll Mon Apr 10 13:55:44 2006 => Scanning File C:\WINDOWS\system32\CRYPT32.dll Mon Apr 10 13:55:44 2006 => Scanning File C:\WINDOWS\system32\MSASN1.dll Mon Apr 10 13:55:44 2006 => Scanning File C:\WINDOWS\system32\NDdeApi.dll Mon Apr 10 13:55:44 2006 => Scanning File C:\WINDOWS\system32\PROFMAP.dll Mon Apr 10 13:55:44 2006 => Scanning File C:\WINDOWS\system32\NETAPI32.dll Mon Apr 10 13:55:45 2006 => Scanning File C:\WINDOWS\system32\USERENV.dll Mon Apr 10 13:55:45 2006 => Scanning File C:\WINDOWS\system32\PSAPI.DLL Mon Apr 10 13:55:45 2006 => Scanning File C:\WINDOWS\system32\REGAPI.dll Mon Apr 10 13:55:45 2006 => Scanning File C:\WINDOWS\system32\Secur32.dll Mon Apr 10 13:55:45 2006 => Scanning File C:\WINDOWS\system32\SETUPAPI.dll Mon Apr 10 13:55:45 2006 => Scanning File C:\WINDOWS\system32\WINSTA.dll Mon Apr 10 13:55:45 2006 => Scanning File C:\WINDOWS\system32\WINTRUST.dll Mon Apr 10 13:55:45 2006 => Scanning File C:\WINDOWS\system32\IMAGEHLP.dll Mon Apr 10 13:55:45 2006 => Scanning File C:\WINDOWS\system32\WS2_32.dll Mon Apr 10 13:55:46 2006 => Scanning File C:\WINDOWS\system32\WS2HELP.dll Mon Apr 10 13:55:46 2006 => Scanning File C:\WINDOWS\system32\MSGINA.dll Mon Apr 10 13:55:46 2006 => Scanning File C:\WINDOWS\system32\SHELL32.dll Mon Apr 10 13:55:46 2006 => Scanning File C:\WINDOWS\system32\SHLWAPI.dll Mon Apr 10 13:55:46 2006 => Scanning File C:\WINDOWS\system32\COMCTL32.dll Mon Apr 10 13:55:46 2006 => Scanning File C:\WINDOWS\system32\ODBC32.dll Mon Apr 10 13:55:46 2006 => Scanning File C:\WINDOWS\system32\comdlg32.dll Mon Apr 10 13:55:46 2006 => Scanning File C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll Mon Apr 10 13:55:47 2006 => Scanning File C:\WINDOWS\system32\odbcint.dll Mon Apr 10 13:55:47 2006 => Scanning File C:\WINDOWS\system32\SHSVCS.dll Mon Apr 10 13:55:47 2006 => Scanning File C:\WINDOWS\system32\sfc.dll Mon Apr 10 13:55:47 2006 => Scanning File C:\WINDOWS\system32\sfc_os.dll Mon Apr 10 13:55:47 2006 => Scanning File C:\WINDOWS\system32\ole32.dll Mon Apr 10 13:55:47 2006 => Scanning File C:\WINDOWS\system32\WINMM.dll Mon Apr 10 13:55:47 2006 => Scanning File C:\WINDOWS\system32\Ati2evxx.dll Mon Apr 10 13:55:47 2006 => Scanning File C:\WINDOWS\system32\rsaenh.dll Mon Apr 10 13:55:47 2006 => Scanning File C:\WINDOWS\system32\cscdll.dll Mon Apr 10 13:55:48 2006 => Scanning File C:\WINDOWS\system32\WlNotify.dll Mon Apr 10 13:55:48 2006 => Scanning File C:\WINDOWS\system32\WinSCard.dll Mon Apr 10 13:55:48 2006 => Scanning File C:\WINDOWS\system32\WTSAPI32.dll Mon Apr 10 13:55:48 2006 => Scanning File C:\WINDOWS\system32\WINSPOOL.DRV Mon Apr 10 13:55:48 2006 => Scanning File C:\WINDOWS\system32\MPR.dll Mon Apr 10 13:55:48 2006 => Scanning File C:\WINDOWS\system32\UxTheme.dll Mon Apr 10 13:55:48 2006 => Scanning File C:\WINDOWS\system32\SAMLIB.dll Mon Apr 10 13:55:48 2006 => Scanning File C:\WINDOWS\system32\cscui.dll Mon Apr 10 13:55:48 2006 => Scanning File C:\WINDOWS\system32\NTMARTA.DLL Mon Apr 10 13:55:49 2006 => Scanning File C:\WINDOWS\system32\WLDAP32.dll Mon Apr 10 13:55:49 2006 => Scanning File C:\WINDOWS\system32\COMRes.dll Mon Apr 10 13:55:49 2006 => Scanning File C:\WINDOWS\system32\OLEAUT32.dll Mon Apr 10 13:55:49 2006 => Scanning File C:\WINDOWS\system32\CLBCATQ.DLL Mon Apr 10 13:55:49 2006 => Scanning File C:\WINDOWS\system32\xpsp2res.dll Mon Apr 10 13:55:50 2006 => Scanning File C:\WINDOWS\system32\services.exe Mon Apr 10 13:55:50 2006 => Scanning File C:\WINDOWS\system32\SCESRV.dll Mon Apr 10 13:55:50 2006 => Scanning File C:\WINDOWS\system32\umpnpmgr.dll Mon Apr 10 13:55:50 2006 => Scanning File C:\WINDOWS\system32\NCObjAPI.DLL Mon Apr 10 13:55:50 2006 => Scanning File C:\WINDOWS\system32\MSVCP60.dll Mon Apr 10 13:55:50 2006 => Scanning File C:\WINDOWS\system32\ShimEng.dll Mon Apr 10 13:55:50 2006 => Scanning File C:\WINDOWS\AppPatch\AcGenral.DLL Mon Apr 10 13:55:51 2006 => Scanning File C:\WINDOWS\system32\MSACM32.dll Mon Apr 10 13:55:51 2006 => Scanning File C:\WINDOWS\system32\eventlog.dll Mon Apr 10 13:55:51 2006 => Scanning File C:\WINDOWS\system32\lsass.exe Mon Apr 10 13:55:51 2006 => Scanning File C:\WINDOWS\system32\LSASRV.dll Mon Apr 10 13:55:51 2006 => Scanning File C:\WINDOWS\system32\NTDSAPI.dll Mon Apr 10 13:55:51 2006 => Scanning File C:\WINDOWS\system32\DNSAPI.dll Mon Apr 10 13:55:51 2006 => Scanning File C:\WINDOWS\system32\SAMSRV.dll Mon Apr 10 13:55:51 2006 => Scanning File C:\WINDOWS\system32\cryptdll.dll Mon Apr 10 13:55:51 2006 => Scanning File C:\WINDOWS\system32\msprivs.dll Mon Apr 10 13:55:51 2006 => Scanning File C:\WINDOWS\system32\kerberos.dll Mon Apr 10 13:55:52 2006 => Scanning File C:\WINDOWS\system32\msv1_0.dll Mon Apr 10 13:55:52 2006 => Scanning File C:\WINDOWS\system32\iphlpapi.dll Mon Apr 10 13:55:52 2006 => Scanning File C:\WINDOWS\system32\netlogon.dll Mon Apr 10 13:55:52 2006 => Scanning File C:\WINDOWS\system32\w32time.dll Mon Apr 10 13:55:52 2006 => Scanning File C:\WINDOWS\system32\schannel.dll Mon Apr 10 13:55:52 2006 => Scanning File C:\WINDOWS\system32\wdigest.dll Mon Apr 10 13:55:52 2006 => Scanning File C:\WINDOWS\system32\scecli.dll Mon Apr 10 13:55:52 2006 => Scanning File C:\WINDOWS\system32\svchost.exe Mon Apr 10 13:55:52 2006 => Scanning File c:\windows\system32\rpcss.dll Mon Apr 10 13:55:53 2006 => Scanning File C:\WINDOWS\system32\mswsock.dll Mon Apr 10 13:55:53 2006 => Scanning File C:\WINDOWS\system32\avsda.dll Mon Apr 10 13:55:53 2006 => Scanning File C:\WINDOWS\system32\hnetcfg.dll Mon Apr 10 13:55:53 2006 => Scanning File C:\WINDOWS\System32\wshtcpip.dll Mon Apr 10 13:55:53 2006 => Scanning File C:\WINDOWS\System32\wshisn.dll Mon Apr 10 13:55:53 2006 => Scanning File C:\WINDOWS\system32\WSOCK32.dll Mon Apr 10 13:55:53 2006 => Scanning File C:\WINDOWS\System32\winrnr.dll Mon Apr 10 13:55:53 2006 => Scanning File C:\WINDOWS\system32\rasadhlp.dll Mon Apr 10 13:55:53 2006 => Scanning File c:\windows\system32\cryptsvc.dll Mon Apr 10 13:55:53 2006 => Scanning File c:\windows\system32\certcli.dll Mon Apr 10 13:55:54 2006 => Scanning File c:\windows\system32\ATL.DLL Mon Apr 10 13:55:54 2006 => Scanning File C:\WINDOWS\system32\CRYPTUI.dll Mon Apr 10 13:55:54 2006 => Scanning File C:\WINDOWS\system32\WININET.dll Mon Apr 10 13:55:54 2006 => Scanning File c:\windows\system32\ESENT.dll Mon Apr 10 13:55:54 2006 => Scanning File c:\windows\system32\wbem\wmisvc.dll Mon Apr 10 13:55:54 2006 => Scanning File C:\WINDOWS\system32\VSSAPI.DLL Mon Apr 10 13:55:54 2006 => Scanning File c:\windows\system32\srsvc.dll Mon Apr 10 13:55:54 2006 => Scanning File c:\windows\system32\POWRPROF.dll Mon Apr 10 13:55:54 2006 => Scanning File c:\windows\pchealth\helpctr\binaries\pchsvc.dll Mon Apr 10 13:55:55 2006 => Scanning File c:\windows\system32\dmserver.dll Mon Apr 10 13:55:55 2006 => Scanning File C:\WINDOWS\System32\wbem\wbemcore.dll Mon Apr 10 13:55:55 2006 => Scanning File C:\WINDOWS\System32\wbem\esscli.dll Mon Apr 10 13:55:55 2006 => Scanning File C:\WINDOWS\System32\wbem\wbemcomn.dll Mon Apr 10 13:55:55 2006 => Scanning File C:\WINDOWS\System32\wbem\FastProx.dll Mon Apr 10 13:55:55 2006 => Scanning File C:\WINDOWS\System32\wbem\wmiutils.dll Mon Apr 10 13:55:55 2006 => Scanning File C:\WINDOWS\System32\wbem\repdrvfs.dll Mon Apr 10 13:55:55 2006 => Scanning File C:\WINDOWS\System32\wbem\wmiprvsd.dll Mon Apr 10 13:55:55 2006 => Scanning File C:\WINDOWS\System32\wbem\wbemess.dll Mon Apr 10 13:55:56 2006 => Scanning File C:\WINDOWS\System32\wbem\ncprov.dll Mon Apr 10 13:55:56 2006 => Scanning File C:\WINDOWS\explorer.exe Mon Apr 10 13:55:56 2006 => Scanning File C:\WINDOWS\system32\BROWSEUI.dll Mon Apr 10 13:55:56 2006 => Scanning File C:\WINDOWS\system32\SHDOCVW.dll Mon Apr 10 13:55:56 2006 => Scanning File C:\WINDOWS\System32\themeui.dll Mon Apr 10 13:55:56 2006 => Scanning File C:\WINDOWS\System32\MSIMG32.dll Mon Apr 10 13:55:56 2006 => Scanning File C:\WINDOWS\system32\msi.dll Mon Apr 10 13:55:57 2006 => Scanning File C:\WINDOWS\system32\LINKINFO.dll Mon Apr 10 13:55:57 2006 => Scanning File C:\WINDOWS\system32\ntshrui.dll Mon Apr 10 13:55:57 2006 => Scanning File C:\WINDOWS\system32\urlmon.dll Mon Apr 10 13:55:57 2006 => Scanning File C:\WINDOWS\System32\ntlanman.dll Mon Apr 10 13:55:57 2006 => Scanning File C:\WINDOWS\System32\NETUI0.dll Mon Apr 10 13:55:57 2006 => Scanning File C:\WINDOWS\System32\NETUI1.dll Mon Apr 10 13:55:57 2006 => Scanning File C:\WINDOWS\System32\NETRAP.dll Mon Apr 10 13:55:57 2006 => Scanning File C:\WINDOWS\System32\drprov.dll Mon Apr 10 13:55:57 2006 => Scanning File C:\WINDOWS\System32\davclnt.dll Mon Apr 10 13:55:57 2006 => Scanning File C:\PROGRA~1\GEMEIN~1\Ahead\Lib\NERODI~1.DLL Mon Apr 10 13:55:58 2006 => Scanning File C:\PROGRA~1\GEMEIN~1\Ahead\Lib\MFC71.DLL Mon Apr 10 13:55:58 2006 => Scanning File C:\PROGRA~1\GEMEIN~1\Ahead\Lib\MSVCR71.dll Mon Apr 10 13:55:58 2006 => Scanning File C:\PROGRA~1\GEMEIN~1\Ahead\Lib\MSVCP71.dll Mon Apr 10 13:55:58 2006 => Scanning File C:\PROGRA~1\OPENOF~1.0\program\shlxthdl.dll Mon Apr 10 13:55:59 2006 => Scanning File C:\PROGRA~1\OPENOF~1.0\program\uwinapi.dll Mon Apr 10 13:55:59 2006 => Scanning File C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll Mon Apr 10 13:55:59 2006 => Scanning File C:\PROGRA~1\OPENOF~1.0\program\STLPOR~1.DLL Mon Apr 10 13:55:59 2006 => Scanning File C:\Programme\Adobe\ActiveX\PDFShell.dll Mon Apr 10 13:55:59 2006 => Scanning File C:\WINDOWS\system32\browselc.dll Mon Apr 10 13:55:59 2006 => Scanning File C:\WINDOWS\system32\MLANG.dll Mon Apr 10 13:55:59 2006 => Scanning File C:\WINDOWS\system32\IMM32.dll Mon Apr 10 13:56:00 2006 => Scanning File C:\WINDOWS\system32\NETSHELL.dll Mon Apr 10 13:56:00 2006 => Scanning File C:\WINDOWS\system32\rtutils.dll Mon Apr 10 13:56:00 2006 => Scanning File C:\WINDOWS\system32\credui.dll Mon Apr 10 13:56:00 2006 => Scanning File C:\DOKUME~1\Kai\LOKALE~1\Temp\mexe.com Mon Apr 10 13:56:00 2006 => Scanning File C:\DOKUME~1\Kai\LOKALE~1\Temp\msvlclnt.dll Mon Apr 10 13:56:00 2006 => Scanning File C:\DOKUME~1\Kai\LOKALE~1\Temp\kavssdi.dll Mon Apr 10 13:56:00 2006 => Scanning File C:\DOKUME~1\Kai\LOKALE~1\Temp\kavssd.dll Mon Apr 10 13:56:00 2006 => Scanning File C:\DOKUME~1\Kai\LOKALE~1\Temp\kavssi.dll Mon Apr 10 13:56:00 2006 => Scanning File C:\DOKUME~1\Kai\LOKALE~1\Temp\ipc.dll Mon Apr 10 13:56:01 2006 => Scanning File C:\WINDOWS\system32\RICHED32.DLL Mon Apr 10 13:56:01 2006 => Scanning File C:\WINDOWS\system32\RICHED20.dll Mon Apr 10 13:56:01 2006 => Scanning File C:\DOKUME~1\Kai\LOKALE~1\Temp\PSAPI.DLL Mon Apr 10 13:56:01 2006 => Scanning File C:\WINDOWS\system32\VDMDBG.DLL Mon Apr 10 13:56:01 2006 => Scanning File C:\DOKUME~1\Kai\LOKALE~1\Temp\kavss.exe Mon Apr 10 13:56:01 2006 => Scanning File C:\DOKUME~1\Kai\LOKALE~1\Temp\kavss.dll Mon Apr 10 13:56:01 2006 => ***** Scanning Registry Files ***** Mon Apr 10 13:56:01 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad Mon Apr 10 13:56:01 2006 => Scanning File C:\WINDOWS\system32\SHELL32.dll Mon Apr 10 13:56:01 2006 => Scanning File C:\WINDOWS\system32\SHELL32.dll Mon Apr 10 13:56:01 2006 => Scanning File C:\WINDOWS\System32\webcheck.dll Mon Apr 10 13:56:01 2006 => Scanning File C:\WINDOWS\System32\stobject.dll Mon Apr 10 13:56:01 2006 => Scanning File C:\WINDOWS\system32\upnpui.dll Mon Apr 10 13:56:02 2006 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad Mon Apr 10 13:56:02 2006 => Scanning HKLM\SOFTWARE\Microsoft\Internet Explorer\Plugins\Extension Mon Apr 10 13:56:02 2006 => Scanning HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar Mon Apr 10 13:56:02 2006 => Scanning File C:\Programme\Canon\Easy-WebPrint\Toolband.dll Mon Apr 10 13:56:02 2006 => Scanning File C:\Programme\ICQToolbar\toolbaru.dll Mon Apr 10 13:56:02 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects Mon Apr 10 13:56:02 2006 => {7a932ed2-1737-4ab8-b84d-c71779958551} = C:\WINDOWS\system32\hp8D6B.tmp Mon Apr 10 13:56:02 2006 => ERROR!!! Invalid Entry = C:\WINDOWS\system32\hp8D6B.tmp (in key Software\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{7a932ed2-1737-4ab8-b84d-c71779958551}). No Action Taken. |
|
11.04.2006, 10:10
| #4 |
| | TR/Zlob.IT.3 Mon Apr 10 13:56:02 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler Mon Apr 10 13:56:02 2006 => Scanning File C:\WINDOWS\System32\browseui.dll Mon Apr 10 13:56:02 2006 => Scanning File C:\WINDOWS\System32\browseui.dll Mon Apr 10 13:56:02 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved Mon Apr 10 13:56:02 2006 => Scanning File C:\WINDOWS\system32\mmsys.cpl Mon Apr 10 13:56:02 2006 => Scanning File C:\WINDOWS\system32\icmui.dll Mon Apr 10 13:56:03 2006 => Scanning File C:\WINDOWS\system32\rshx32.dll Mon Apr 10 13:56:03 2006 => Scanning File C:\WINDOWS\system32\docprop.dll Mon Apr 10 13:56:03 2006 => Scanning File C:\WINDOWS\system32\ntshrui.dll Mon Apr 10 13:56:03 2006 => Scanning File C:\WINDOWS\System32\themeui.dll Mon Apr 10 13:56:03 2006 => Scanning File C:\WINDOWS\system32\deskadp.dll Mon Apr 10 13:56:03 2006 => Scanning File C:\WINDOWS\system32\deskmon.dll Mon Apr 10 13:56:03 2006 => Scanning File C:\WINDOWS\system32\dssec.dll Mon Apr 10 13:56:03 2006 => Scanning File C:\WINDOWS\system32\SlayerXP.dll Mon Apr 10 13:56:03 2006 => Scanning File C:\WINDOWS\system32\shscrap.dll Mon Apr 10 13:56:03 2006 => Scanning File C:\WINDOWS\system32\diskcopy.dll Mon Apr 10 13:56:03 2006 => Scanning File C:\WINDOWS\system32\ntlanui2.dll Mon Apr 10 13:56:03 2006 => Scanning File C:\WINDOWS\System32\icmui.dll Mon Apr 10 13:56:03 2006 => Scanning File C:\WINDOWS\system32\icmui.dll Mon Apr 10 13:56:03 2006 => Scanning File C:\WINDOWS\system32\printui.dll Mon Apr 10 13:56:03 2006 => Scanning File C:\WINDOWS\system32\dskquoui.dll Mon Apr 10 13:56:03 2006 => Scanning File C:\WINDOWS\system32\syncui.dll Mon Apr 10 13:56:03 2006 => Scanning File C:\WINDOWS\System32\hticons.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\system32\fontext.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\system32\icmui.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\system32\rshx32.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\system32\ntshrui.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\system32\deskperf.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\system32\cryptext.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\system32\cryptext.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\system32\NETSHELL.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\system32\NETSHELL.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\system32\wiashext.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\system32\wiashext.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\system32\wiashext.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\system32\wiashext.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\system32\wiashext.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\System32\remotepg.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\system32\wuaucpl.cpl Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\System32\wshext.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\PROGRA~1\GEMEIN~1\System\OLEDB~1\oledb32.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\System32\mstask.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\System32\mstask.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\System32\mstask.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\System32\shmedia.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\System32\shmedia.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\System32\shmedia.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\System32\shmedia.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\System32\shmedia.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\System32\shmedia.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\System32\browseui.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\System32\browseui.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\System32\browseui.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\System32\browseui.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\System32\browseui.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\System32\browseui.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\System32\browseui.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\System32\browseui.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\System32\browseui.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\System32\browseui.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\System32\browseui.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\System32\browseui.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\System32\browseui.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\System32\browseui.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\System32\browseui.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\System32\browseui.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\System32\browseui.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\System32\browseui.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\System32\browseui.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\System32\browseui.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\System32\browseui.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\System32\browseui.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\System32\browseui.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\System32\browseui.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\System32\browseui.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\System32\browseui.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\System32\browseui.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\System32\browseui.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\System32\shdocvw.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\System32\shdocvw.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\System32\shdocvw.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\System32\shdocvw.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\System32\shdocvw.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\System32\shdocvw.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\System32\shdocvw.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\System32\shdocvw.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\System32\shdocvw.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\System32\shdocvw.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\System32\shdocvw.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\System32\shdocvw.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\System32\shdocvw.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\System32\shdocvw.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\System32\shdocvw.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\System32\shdocvw.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\System32\sendmail.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\System32\sendmail.dll Mon Apr 10 13:56:04 2006 => Scanning File C:\WINDOWS\System32\occache.dll Mon Apr 10 13:56:05 2006 => Scanning File C:\WINDOWS\System32\webcheck.dll Mon Apr 10 13:56:05 2006 => Scanning File C:\WINDOWS\System32\webcheck.dll Mon Apr 10 13:56:05 2006 => Scanning File C:\WINDOWS\System32\webcheck.dll Mon Apr 10 13:56:05 2006 => Scanning File C:\WINDOWS\System32\webcheck.dll Mon Apr 10 13:56:05 2006 => Scanning File C:\WINDOWS\System32\webcheck.dll Mon Apr 10 13:56:05 2006 => Scanning File C:\WINDOWS\System32\webcheck.dll Mon Apr 10 13:56:05 2006 => Scanning File C:\WINDOWS\System32\webcheck.dll Mon Apr 10 13:56:05 2006 => Scanning File C:\WINDOWS\System32\webcheck.dll Mon Apr 10 13:56:05 2006 => Scanning File C:\WINDOWS\System32\webcheck.dll Mon Apr 10 13:56:05 2006 => Scanning File C:\WINDOWS\System32\webcheck.dll Mon Apr 10 13:56:05 2006 => Scanning File C:\WINDOWS\System32\appwiz.cpl Mon Apr 10 13:56:05 2006 => Scanning File C:\WINDOWS\System32\appwiz.cpl Mon Apr 10 13:56:05 2006 => Scanning File C:\WINDOWS\System32\appwiz.cpl Mon Apr 10 13:56:05 2006 => Scanning File C:\WINDOWS\system32\shimgvw.dll Mon Apr 10 13:56:05 2006 => Scanning File C:\WINDOWS\system32\shimgvw.dll Mon Apr 10 13:56:05 2006 => Scanning File C:\WINDOWS\system32\shimgvw.dll Mon Apr 10 13:56:05 2006 => Scanning File C:\WINDOWS\system32\shimgvw.dll Mon Apr 10 13:56:05 2006 => Scanning File C:\WINDOWS\system32\shimgvw.dll Mon Apr 10 13:56:05 2006 => Scanning File C:\WINDOWS\system32\shimgvw.dll Mon Apr 10 13:56:05 2006 => Scanning File C:\WINDOWS\System32\netplwiz.dll Mon Apr 10 13:56:05 2006 => Scanning File C:\WINDOWS\System32\netplwiz.dll Mon Apr 10 13:56:05 2006 => Scanning File C:\WINDOWS\System32\netplwiz.dll Mon Apr 10 13:56:05 2006 => Scanning File C:\WINDOWS\System32\netplwiz.dll Mon Apr 10 13:56:05 2006 => Scanning File C:\WINDOWS\system32\zipfldr.dll Mon Apr 10 13:56:05 2006 => Scanning File C:\WINDOWS\system32\zipfldr.dll Mon Apr 10 13:56:05 2006 => Scanning File C:\WINDOWS\system32\zipfldr.dll Mon Apr 10 13:56:05 2006 => Scanning File C:\WINDOWS\System32\cdfview.dll Mon Apr 10 13:56:05 2006 => Scanning File C:\WINDOWS\System32\cdfview.dll Mon Apr 10 13:56:05 2006 => Scanning File C:\WINDOWS\System32\cdfview.dll Mon Apr 10 13:56:05 2006 => Scanning File C:\WINDOWS\System32\cdfview.dll Mon Apr 10 13:56:05 2006 => Scanning File C:\WINDOWS\System32\cdfview.dll Mon Apr 10 13:56:05 2006 => Scanning File C:\WINDOWS\System32\msieftp.dll Mon Apr 10 13:56:05 2006 => Scanning File C:\WINDOWS\System32\docprop2.dll Mon Apr 10 13:56:05 2006 => Scanning File C:\WINDOWS\System32\docprop2.dll Mon Apr 10 13:56:05 2006 => Scanning File C:\WINDOWS\System32\docprop2.dll Mon Apr 10 13:56:05 2006 => Scanning File C:\WINDOWS\System32\docprop2.dll Mon Apr 10 13:56:05 2006 => Scanning File C:\WINDOWS\System32\docprop2.dll Mon Apr 10 13:56:05 2006 => Scanning File C:\WINDOWS\System32\docprop2.dll Mon Apr 10 13:56:05 2006 => Scanning File C:\WINDOWS\System32\dsquery.dll Mon Apr 10 13:56:05 2006 => Scanning File C:\WINDOWS\System32\dsquery.dll Mon Apr 10 13:56:05 2006 => Scanning File C:\WINDOWS\System32\dsquery.dll Mon Apr 10 13:56:05 2006 => Scanning File C:\WINDOWS\System32\dsquery.dll Mon Apr 10 13:56:05 2006 => Scanning File C:\WINDOWS\System32\dsuiext.dll Mon Apr 10 13:56:05 2006 => Scanning File C:\WINDOWS\System32\dsuiext.dll Mon Apr 10 13:56:05 2006 => Scanning File C:\WINDOWS\System32\mydocs.dll Mon Apr 10 13:56:05 2006 => Scanning File C:\WINDOWS\System32\mydocs.dll Mon Apr 10 13:56:05 2006 => Scanning File C:\WINDOWS\System32\mydocs.dll Mon Apr 10 13:56:05 2006 => Scanning File C:\WINDOWS\System32\cscui.dll Mon Apr 10 13:56:05 2006 => Scanning File C:\WINDOWS\System32\cscui.dll Mon Apr 10 13:56:05 2006 => Scanning File C:\WINDOWS\System32\cscui.dll Mon Apr 10 13:56:05 2006 => Scanning File C:\WINDOWS\msagent\agentpsh.dll Mon Apr 10 13:56:06 2006 => Scanning File C:\WINDOWS\System32\dfsshlex.dll Mon Apr 10 13:56:06 2006 => Scanning File C:\WINDOWS\System32\photowiz.dll Mon Apr 10 13:56:06 2006 => Scanning File C:\WINDOWS\System32\mmcshext.dll Mon Apr 10 13:56:06 2006 => Scanning File C:\WINDOWS\system32\cabview.dll Mon Apr 10 13:56:06 2006 => Scanning File C:\PROGRA~1\OUTLOO~1\wabfind.dll Mon Apr 10 13:56:06 2006 => Scanning File C:\WINDOWS\system32\wmpshell.dll Mon Apr 10 13:56:06 2006 => Scanning File C:\WINDOWS\system32\wmpshell.dll Mon Apr 10 13:56:06 2006 => Scanning File C:\WINDOWS\system32\wmpshell.dll Mon Apr 10 13:56:06 2006 => Scanning File C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL Mon Apr 10 13:56:06 2006 => Scanning File C:\PROGRA~1\MICROS~2\Office10\OLKFSTUB.DLL Mon Apr 10 13:56:06 2006 => Scanning File C:\PROGRA~1\MICROS~2\Office10\msohev.dll Mon Apr 10 13:56:06 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll Mon Apr 10 13:56:06 2006 => Scanning File C:\WINDOWS\System32\twext.dll Mon Apr 10 13:56:06 2006 => Scanning File C:\WINDOWS\System32\twext.dll Mon Apr 10 13:56:06 2006 => Scanning File C:\WINDOWS\System32\extmgr.dll Mon Apr 10 13:56:06 2006 => Scanning File C:\PROGRA~1\GEMEIN~1\FOTONA~1\camview.dll Mon Apr 10 13:56:06 2006 => Scanning File C:\WINDOWS\system32\Audiodev.dll Mon Apr 10 13:56:07 2006 => Scanning File C:\WINDOWS\system32\Audiodev.dll Mon Apr 10 13:56:07 2006 => Scanning File C:\PROGRA~1\Real\REALON~1\RPSHEL~1.DLL Mon Apr 10 13:56:07 2006 => Scanning File C:\PROGRA~1\SIEMEN~1\DES\DESSHE~1.DLL Mon Apr 10 13:56:07 2006 => Scanning File C:\PROGRA~1\SIEMEN~1\DES\DESSHE~1.DLL Mon Apr 10 13:56:07 2006 => Scanning File C:\PROGRA~1\SIEMEN~1\DES\DESSHE~1.DLL Mon Apr 10 13:56:07 2006 => Scanning File C:\Programme\ICQLite\ICQLiteShell.dll Mon Apr 10 13:56:07 2006 => Scanning File C:\Programme\WinRAR\rarext.dll Mon Apr 10 13:56:07 2006 => Scanning File C:\WINDOWS\system32\upnpui.dll Mon Apr 10 13:56:07 2006 => Scanning File C:\PROGRA~1\ALCOHO~1\ALCOHO~1\AXShlEx.dll Mon Apr 10 13:56:07 2006 => Scanning File C:\WINDOWS\system32\phototoys.dll Mon Apr 10 13:56:07 2006 => Scanning File C:\PROGRA~1\ANTIVI~1\shlext.dll Mon Apr 10 13:56:08 2006 => Scanning File C:\PROGRA~1\ATITEC~1\ATI.ACE\atiacmxx.dll Mon Apr 10 13:56:08 2006 => Scanning File C:\PROGRA~1\OPENOF~1.0\program\shlxthdl.dll Mon Apr 10 13:56:08 2006 => Scanning File C:\PROGRA~1\OPENOF~1.0\program\shlxthdl.dll Mon Apr 10 13:56:08 2006 => Scanning File C:\PROGRA~1\OPENOF~1.0\program\shlxthdl.dll Mon Apr 10 13:56:08 2006 => Scanning File C:\PROGRA~1\OPENOF~1.0\program\shlxthdl.dll Mon Apr 10 13:56:08 2006 => Scanning File C:\PROGRA~1\GEMEIN~1\Ahead\Lib\NERODI~1.DLL Mon Apr 10 13:56:08 2006 => Scanning File C:\PROGRA~1\GEMEIN~1\Ahead\Lib\NERODI~1.DLL Mon Apr 10 13:56:08 2006 => Scanning File C:\WINDOWS\system32\mscoree.dll Mon Apr 10 13:56:08 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows Mon Apr 10 13:56:08 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon Mon Apr 10 13:56:08 2006 => Scanning File C:\WINDOWS\Explorer.exe Mon Apr 10 13:56:08 2006 => Scanning File C:\WINDOWS\system32\userinit.exe Mon Apr 10 13:56:08 2006 => Scanning File C:\WINDOWS\system32\gptext.dll Mon Apr 10 13:56:08 2006 => Scanning File C:\WINDOWS\system32\fdeploy.dll Mon Apr 10 13:56:08 2006 => Scanning File C:\WINDOWS\system32\dskquota.dll Mon Apr 10 13:56:08 2006 => Scanning File C:\WINDOWS\system32\gptext.dll Mon Apr 10 13:56:08 2006 => Scanning File C:\WINDOWS\system32\gptext.dll Mon Apr 10 13:56:08 2006 => Scanning File C:\WINDOWS\system32\iedkcs32.dll Mon Apr 10 13:56:08 2006 => Scanning File C:\WINDOWS\system32\scecli.dll Mon Apr 10 13:56:08 2006 => Scanning File C:\WINDOWS\system32\iedkcs32.dll Mon Apr 10 13:56:08 2006 => Scanning File C:\WINDOWS\system32\scecli.dll Mon Apr 10 13:56:08 2006 => Scanning File C:\WINDOWS\system32\appmgmts.dll Mon Apr 10 13:56:08 2006 => Scanning File C:\WINDOWS\system32\gptext.dll Mon Apr 10 13:56:08 2006 => Scanning File C:\WINDOWS\system32\Ati2evxx.dll Mon Apr 10 13:56:08 2006 => Scanning File C:\WINDOWS\system32\crypt32.dll Mon Apr 10 13:56:08 2006 => Scanning File C:\WINDOWS\system32\cryptnet.dll Mon Apr 10 13:56:09 2006 => Scanning File C:\WINDOWS\system32\cscdll.dll Mon Apr 10 13:56:09 2006 => Scanning File C:\WINDOWS\system32\wlnotify.dll Mon Apr 10 13:56:09 2006 => Scanning File C:\WINDOWS\system32\wlnotify.dll Mon Apr 10 13:56:09 2006 => Scanning File C:\WINDOWS\system32\sclgntfy.dll Mon Apr 10 13:56:09 2006 => Scanning File C:\WINDOWS\system32\WlNotify.dll Mon Apr 10 13:56:09 2006 => Scanning File C:\WINDOWS\system32\wlnotify.dll Mon Apr 10 13:56:09 2006 => Scanning File C:\WINDOWS\system32\wlnotify.dll Mon Apr 10 13:56:09 2006 => Scanning HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon Mon Apr 10 13:56:09 2006 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System Mon Apr 10 13:56:09 2006 => Scanning HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows Mon Apr 10 13:56:09 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AEDEBUG Mon Apr 10 13:56:09 2006 => Scanning File C:\WINDOWS\system32\drwtsn32.exe Mon Apr 10 13:56:09 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options Mon Apr 10 13:56:09 2006 => Scanning File C:\WINDOWS\system32\ntsd.exe Mon Apr 10 13:56:09 2006 => Scanning HKCU\Control Panel\Desktop Mon Apr 10 13:56:09 2006 => Scanning HKLM\SYSTEM\CurrentControlSet\Control\WOW Mon Apr 10 13:56:09 2006 => Scanning File C:\WINDOWS\system32\ntvdm.exe Mon Apr 10 13:56:09 2006 => Scanning File C:\WINDOWS\system32\ntvdm.exe Mon Apr 10 13:56:09 2006 => Scanning HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components Mon Apr 10 13:56:09 2006 => Scanning File C:\WINDOWS\inf\unregmp2.exe Mon Apr 10 13:56:09 2006 => Scanning File C:\WINDOWS\system32\shmgrate.exe Mon Apr 10 13:56:09 2006 => Scanning File C:\WINDOWS\system32\shmgrate.exe Mon Apr 10 13:56:09 2006 => Scanning File C:\WINDOWS\system32\RunDLL32.exe Mon Apr 10 13:56:09 2006 => Scanning File C:\WINDOWS\system32\regsvr32.exe Mon Apr 10 13:56:09 2006 => Scanning File C:\PROGRA~1\OUTLOO~1\setup50.exe Mon Apr 10 13:56:09 2006 => Scanning File C:\WINDOWS\system32\rundll32.exe Mon Apr 10 13:56:09 2006 => Scanning File C:\WINDOWS\system32\rundll32.exe Mon Apr 10 13:56:09 2006 => Scanning File C:\WINDOWS\system32\rundll32.exe Mon Apr 10 13:56:09 2006 => Scanning File C:\PROGRA~1\OUTLOO~1\setup50.exe Mon Apr 10 13:56:09 2006 => Scanning File C:\WINDOWS\system32\regsvr32.exe Mon Apr 10 13:56:10 2006 => Scanning File C:\WINDOWS\system32\ie4uinit.exe Mon Apr 10 13:56:10 2006 => Scanning File C:\WINDOWS\system32\Rundll32.exe Mon Apr 10 13:56:10 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run Mon Apr 10 13:56:10 2006 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run Mon Apr 10 13:56:10 2006 => Scanning HKLM\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Run Mon Apr 10 13:56:10 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Run Mon Apr 10 13:56:10 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Mon Apr 10 13:56:10 2006 => ERROR!!! Invalid Entry routcnf = C:\Programme\DeTeWe\TA 33 USB\routcnf.exe (in key SOFTWARE\Microsoft\Windows\CurrentVersion\Run). No Action Taken. Mon Apr 10 13:56:10 2006 => Scanning File C:\Programme\Canon\Easy-PrintToolBox\BJPSMAIN.EXE Mon Apr 10 13:56:10 2006 => Scanning File C:\Programme\QuickTime\qttask.exe Mon Apr 10 13:56:10 2006 => Scanning File C:\PROGRA~1\GEMEIN~1\Real\UPDATE~1\REALSC~1.EXE Mon Apr 10 13:56:10 2006 => Scanning File C:\PROGRA~1\ATITEC~1\ATICON~1\atiptaxx.exe Mon Apr 10 13:56:10 2006 => Scanning File C:\WINDOWS\SiSUSBrg.exe Mon Apr 10 13:56:11 2006 => Scanning File C:\PROGRA~1\GEMEIN~1\INSTAL~1\UPDATE~1\ISUSPM.exe Mon Apr 10 13:56:11 2006 => Scanning File C:\PROGRA~1\GEMEIN~1\INSTAL~1\UPDATE~1\issch.exe Mon Apr 10 13:56:11 2006 => Scanning File C:\PROGRA~1\ATITEC~1\ATIHYD~1\HydraDM.exe Mon Apr 10 13:56:11 2006 => Scanning File C:\PROGRA~1\ANTIVI~1\avgnt.exe Mon Apr 10 13:56:11 2006 => Scanning File C:\WINDOWS\system32\dumprep.exe Mon Apr 10 13:56:11 2006 => Scanning File C:\PROGRA~1\ATITEC~1\ATI.ACE\cli.exe Mon Apr 10 13:56:12 2006 => Scanning File C:\WINDOWS\system32\NeroCheck.exe Mon Apr 10 13:56:12 2006 => Scanning File C:\Programme\Java\jre1.5.0_04\bin\jusched.exe Mon Apr 10 13:56:12 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce Mon Apr 10 13:56:12 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx Mon Apr 10 13:56:12 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices Mon Apr 10 13:56:12 2006 => ERROR!!! Invalid Entry SchedulingAgent = C:\WINDOWS\system32\mstask.exe (in key SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices). No Action Taken. Mon Apr 10 13:56:12 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce Mon Apr 10 13:56:12 2006 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Mon Apr 10 13:56:12 2006 => Scanning File C:\WINDOWS\system32\ctfmon.exe Mon Apr 10 13:56:12 2006 => ERROR!!! Invalid Entry NBJ = "C:\Programme\Ahead\Nero BackItUp\NBJ.exe" (in key SOFTWARE\Microsoft\Windows\CurrentVersion\Run). No Action Taken. Mon Apr 10 13:56:12 2006 => Scanning File C:\PROGRA~1\SPYBOT~1\TeaTimer.exe Mon Apr 10 13:56:12 2006 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce Mon Apr 10 13:56:12 2006 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx Mon Apr 10 13:56:13 2006 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices Mon Apr 10 13:56:13 2006 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\Setup Mon Apr 10 13:56:13 2006 => Scanning HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Mon Apr 10 13:56:13 2006 => Scanning File C:\WINDOWS\System32\CTFMON.EXE Mon Apr 10 13:56:13 2006 => ERROR!!! Invalid Entry MS Unix Binary = msmq2inst.exe (in key .DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run). No Action Taken. Mon Apr 10 13:56:13 2006 => Scanning HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce Mon Apr 10 13:56:13 2006 => Scanning HKCR\txtfile\shell\open\command Mon Apr 10 13:56:13 2006 => Scanning HKCR\comfile\shell\open\command Mon Apr 10 13:56:13 2006 => Scanning HKCR\exefile\shell\open\command Mon Apr 10 13:56:13 2006 => Scanning HKCR\dllfile\shell\open\command Mon Apr 10 13:56:13 2006 => Scanning HKCR\batfile\shell\open\command Mon Apr 10 13:56:13 2006 => Scanning HKCR\piffile\shell\open\command Mon Apr 10 13:56:13 2006 => Scanning HKCR\scrfile\shell\open\command Mon Apr 10 13:56:13 2006 => Scanning HKCR\scrfile\shell\config\command Mon Apr 10 13:56:13 2006 => Scanning HKCR\regfile\shell\open\command Mon Apr 10 13:56:13 2006 => Scanning HKCR\htmlfile\shell\open\command Mon Apr 10 13:56:13 2006 => Scanning File C:\PROGRA~1\INTERN~1\iexplore.exe Mon Apr 10 13:56:13 2006 => Scanning HKCR\htafile\shell\open\command Mon Apr 10 13:56:13 2006 => Scanning File C:\WINDOWS\System32\mshta.exe Mon Apr 10 13:56:13 2006 => Scanning HKCR\jsfile\shell\open\command Mon Apr 10 13:56:13 2006 => Scanning File C:\WINDOWS\System32\WScript.exe Mon Apr 10 13:56:13 2006 => Scanning HKCR\jsefile\shell\open\command Mon Apr 10 13:56:13 2006 => Scanning File C:\WINDOWS\System32\WScript.exe Mon Apr 10 13:56:13 2006 => Scanning HKCR\vbsfile\shell\open\command Mon Apr 10 13:56:13 2006 => Scanning File C:\WINDOWS\System32\WScript.exe Mon Apr 10 13:56:13 2006 => Scanning HKCR\vbefile\shell\open\command Mon Apr 10 13:56:13 2006 => Scanning File C:\WINDOWS\System32\WScript.exe Mon Apr 10 13:56:13 2006 => Scanning HKCR\wshfile\shell\open\command Mon Apr 10 13:56:13 2006 => Scanning File C:\WINDOWS\System32\WScript.exe Mon Apr 10 13:56:13 2006 => Scanning HKCR\wsffile\shell\open\command Mon Apr 10 13:56:13 2006 => Scanning File C:\WINDOWS\System32\WScript.exe |
|
11.04.2006, 10:10
| #5 |
| | TR/Zlob.IT.3 Mon Apr 10 13:56:14 2006 => ***** Scanning Service Files ***** Mon Apr 10 13:56:14 2006 => Scanning HKLM\SYSTEM\CurrentControlSet\Services Mon Apr 10 13:56:14 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\a347bus.sys Mon Apr 10 13:56:14 2006 => Scanning File C:\WINDOWS\system32\Drivers\a347scsi.sys Mon Apr 10 13:56:14 2006 => Scanning File C:\WINDOWS\SYSTEM32\DRIVERS\ACEDRV05.SYS Mon Apr 10 13:56:14 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\ACPI.sys Mon Apr 10 13:56:14 2006 => Scanning File C:\WINDOWS\system32\drivers\aec.sys Mon Apr 10 13:56:14 2006 => Scanning File C:\WINDOWS\System32\drivers\afd.sys Mon Apr 10 13:56:14 2006 => Scanning File C:\WINDOWS\system32\svchost.exe Mon Apr 10 13:56:14 2006 => Scanning File C:\WINDOWS\System32\alg.exe Mon Apr 10 13:56:14 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\amdk7.sys Mon Apr 10 13:56:14 2006 => Scanning File C:\PROGRA~1\ANTIVI~1\avmailc.exe Mon Apr 10 13:56:14 2006 => Scanning File C:\PROGRA~1\ANTIVI~1\sched.exe Mon Apr 10 13:56:14 2006 => Scanning File C:\PROGRA~1\ANTIVI~1\avguard.exe Mon Apr 10 13:56:14 2006 => Scanning File C:\WINDOWS\system32\svchost.exe Mon Apr 10 13:56:14 2006 => Scanning File C:\WINDOWS\system32\drivers\aspi32.sys Mon Apr 10 13:56:14 2006 => Scanning File C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe Mon Apr 10 13:56:15 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\asyncmac.sys Mon Apr 10 13:56:15 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\atapi.sys Mon Apr 10 13:56:15 2006 => Scanning File C:\WINDOWS\system32\Ati2evxx.exe Mon Apr 10 13:56:15 2006 => Scanning File C:\WINDOWS\system32\ati2sgag.exe Mon Apr 10 13:56:15 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\ati2mtag.sys Mon Apr 10 13:56:15 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\ATITool.sys Mon Apr 10 13:56:15 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\atmarpc.sys Mon Apr 10 13:56:15 2006 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Apr 10 13:56:15 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\audstub.sys Mon Apr 10 13:56:15 2006 => Scanning File C:\PROGRA~1\ANTIVI~1\avesvc.exe Mon Apr 10 13:56:15 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\avgntdd.sys Mon Apr 10 13:56:15 2006 => Scanning File C:\WINDOWS\system32\drivers\avgntmgr.sys Mon Apr 10 13:56:15 2006 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Apr 10 13:56:15 2006 => Scanning File C:\WINDOWS\system32\svchost.exe Mon Apr 10 13:56:15 2006 => Scanning File C:\WINDOWS\system32\drivers\CDAC11BA.EXE Mon Apr 10 13:56:15 2006 => Scanning File C:\WINDOWS\System32\Drivers\CAPI20.SYS Mon Apr 10 13:56:15 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\CCDECODE.sys Mon Apr 10 13:56:15 2006 => Scanning File C:\WINDOWS\SYSTEM32\DRIVERS\CDAC15BA.SYS Mon Apr 10 13:56:16 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\cdrom.sys Mon Apr 10 13:56:16 2006 => Scanning File C:\WINDOWS\System32\cisvc.exe Mon Apr 10 13:56:16 2006 => Scanning File C:\WINDOWS\system32\clipsrv.exe Mon Apr 10 13:56:16 2006 => Scanning File C:\WINDOWS\System32\dllhost.exe Mon Apr 10 13:56:16 2006 => Scanning File C:\WINDOWS\system32\svchost.exe Mon Apr 10 13:56:16 2006 => Scanning File C:\WINDOWS\system32\svchost.exe Mon Apr 10 13:56:16 2006 => Scanning File C:\WINDOWS\System32\drivers\detewecp.sys Mon Apr 10 13:56:16 2006 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Apr 10 13:56:16 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\disk.sys Mon Apr 10 13:56:16 2006 => Scanning File C:\WINDOWS\System32\dmadmin.exe Mon Apr 10 13:56:16 2006 => Scanning File C:\WINDOWS\system32\drivers\dmboot.sys Mon Apr 10 13:56:16 2006 => Scanning File C:\WINDOWS\system32\drivers\dmio.sys Mon Apr 10 13:56:16 2006 => Scanning File C:\WINDOWS\system32\drivers\dmload.sys Mon Apr 10 13:56:16 2006 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Apr 10 13:56:16 2006 => Scanning File C:\WINDOWS\system32\drivers\DMusic.sys Mon Apr 10 13:56:16 2006 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Apr 10 13:56:16 2006 => Scanning File C:\WINDOWS\system32\drivers\drmkaud.sys Mon Apr 10 13:56:16 2006 => Scanning File C:\WINDOWS\System32\Drivers\dtscsi.sys Mon Apr 10 13:56:16 2006 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Apr 10 13:56:16 2006 => Scanning File C:\WINDOWS\system32\drivers\es1969.sys Mon Apr 10 13:56:16 2006 => Scanning File C:\WINDOWS\system32\services.exe Mon Apr 10 13:56:16 2006 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Apr 10 13:56:16 2006 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Apr 10 13:56:16 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\fdc.sys Mon Apr 10 13:56:16 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\flpydisk.sys Mon Apr 10 13:56:16 2006 => Scanning File C:\WINDOWS\system32\drivers\fltmgr.sys Mon Apr 10 13:56:17 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\ftdisk.sys Mon Apr 10 13:56:17 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\gagp30kx.sys Mon Apr 10 13:56:17 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\gameenum.sys Mon Apr 10 13:56:17 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\msgpc.sys Mon Apr 10 13:56:17 2006 => Scanning File C:\WINDOWS\system32\drivers\hcw88aud.sys Mon Apr 10 13:56:17 2006 => Scanning File C:\WINDOWS\system32\drivers\hcw88bda.sys Mon Apr 10 13:56:17 2006 => Scanning File C:\WINDOWS\system32\Drivers\hcw88rc5.sys Mon Apr 10 13:56:17 2006 => Scanning File C:\WINDOWS\system32\drivers\hcw88tse.sys Mon Apr 10 13:56:17 2006 => Scanning File C:\WINDOWS\system32\drivers\hcw88tun.sys Mon Apr 10 13:56:17 2006 => Scanning File C:\WINDOWS\system32\drivers\hcw88vid.sys Mon Apr 10 13:56:17 2006 => Scanning File C:\WINDOWS\system32\drivers\HCW88BAR.sys Mon Apr 10 13:56:17 2006 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Apr 10 13:56:17 2006 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Apr 10 13:56:17 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\hidusb.sys Mon Apr 10 13:56:17 2006 => Scanning File C:\WINDOWS\system32\Drivers\HTTP.sys Mon Apr 10 13:56:18 2006 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Apr 10 13:56:18 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\i8042prt.sys Mon Apr 10 13:56:18 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\imapi.sys Mon Apr 10 13:56:18 2006 => Scanning File C:\WINDOWS\System32\imapi.exe Mon Apr 10 13:56:18 2006 => Scanning File C:\WINDOWS\system32\drivers\InCDFs.sys Mon Apr 10 13:56:18 2006 => ERROR!!! Invalid Entry system32\drivers\InCDPass.sys in SYSTEM\CurrentControlSet\Services\InCDPass... Mon Apr 10 13:56:18 2006 => ERROR!!! Invalid Entry system32\drivers\InCDRm.sys in SYSTEM\CurrentControlSet\Services\InCDRm... Mon Apr 10 13:56:18 2006 => Scanning File C:\WINDOWS\system32\drivers\ip6fw.sys Mon Apr 10 13:56:18 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys Mon Apr 10 13:56:18 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\ipinip.sys Mon Apr 10 13:56:18 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\ipnat.sys Mon Apr 10 13:56:18 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\ipsec.sys Mon Apr 10 13:56:18 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\irenum.sys Mon Apr 10 13:56:18 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\isapnp.sys Mon Apr 10 13:56:18 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\kbdclass.sys Mon Apr 10 13:56:18 2006 => Scanning File C:\WINDOWS\system32\drivers\kmixer.sys Mon Apr 10 13:56:18 2006 => Scanning File C:\WINDOWS\system32\svchost.exe Mon Apr 10 13:56:18 2006 => Scanning File C:\WINDOWS\system32\svchost.exe Mon Apr 10 13:56:18 2006 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Apr 10 13:56:18 2006 => Scanning File C:\PROGRA~1\GEMEIN~1\MICROS~1\VS7Debug\mdm.exe Mon Apr 10 13:56:19 2006 => Scanning File C:\WINDOWS\system32\svchost.exe Mon Apr 10 13:56:19 2006 => Scanning File C:\WINDOWS\System32\mnmsrvc.exe Mon Apr 10 13:56:19 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\mouclass.sys Mon Apr 10 13:56:19 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\MPE.sys Mon Apr 10 13:56:19 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\mrxdav.sys Mon Apr 10 13:56:19 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\mrxsmb.sys Mon Apr 10 13:56:19 2006 => Scanning File C:\WINDOWS\System32\msdtc.exe Mon Apr 10 13:56:19 2006 => Scanning File C:\WINDOWS\system32\msiexec.exe Mon Apr 10 13:56:19 2006 => Scanning File C:\WINDOWS\system32\drivers\MSKSSRV.sys Mon Apr 10 13:56:19 2006 => Scanning File C:\WINDOWS\system32\drivers\MSPCLOCK.sys Mon Apr 10 13:56:19 2006 => Scanning File C:\WINDOWS\system32\drivers\MSPQM.sys Mon Apr 10 13:56:19 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\mssmbios.sys Mon Apr 10 13:56:19 2006 => Scanning File C:\WINDOWS\system32\drivers\MSTEE.sys Mon Apr 10 13:56:19 2006 => ERROR!!! Invalid Entry \??\C:\DOKUME~1\Kai\LOKALE~1\Temp\musbehco.sys in SYSTEM\CurrentControlSet\Services\musbehco... Mon Apr 10 13:56:19 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys Mon Apr 10 13:56:19 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\NdisIP.sys Mon Apr 10 13:56:19 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\ndistapi.sys Mon Apr 10 13:56:19 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\ndisuio.sys Mon Apr 10 13:56:19 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\ndiswan.sys Mon Apr 10 13:56:19 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\netbios.sys Mon Apr 10 13:56:20 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\netbt.sys Mon Apr 10 13:56:20 2006 => Scanning File C:\WINDOWS\system32\netdde.exe Mon Apr 10 13:56:20 2006 => Scanning File C:\WINDOWS\system32\netdde.exe Mon Apr 10 13:56:20 2006 => Scanning File C:\WINDOWS\system32\lsass.exe Mon Apr 10 13:56:20 2006 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Apr 10 13:56:20 2006 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Apr 10 13:56:20 2006 => Scanning File C:\WINDOWS\system32\lsass.exe Mon Apr 10 13:56:20 2006 => Scanning File C:\WINDOWS\system32\svchost.exe Mon Apr 10 13:56:20 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys Mon Apr 10 13:56:20 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys Mon Apr 10 13:56:20 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys Mon Apr 10 13:56:20 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\nwlnknb.sys Mon Apr 10 13:56:20 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys Mon Apr 10 13:56:20 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\parport.sys Mon Apr 10 13:56:20 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\pci.sys Mon Apr 10 13:56:20 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\pciide.sys Mon Apr 10 13:56:20 2006 => Scanning File C:\WINDOWS\system32\drivers\pfc.sys Mon Apr 10 13:56:20 2006 => Scanning File C:\WINDOWS\system32\services.exe Mon Apr 10 13:56:20 2006 => Scanning File C:\WINDOWS\System32\lsass.exe Mon Apr 10 13:56:20 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\raspptp.sys Mon Apr 10 13:56:20 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\processr.sys Mon Apr 10 13:56:20 2006 => Scanning File C:\WINDOWS\System32\drivers\prodrv06.sys Mon Apr 10 13:56:20 2006 => Scanning File C:\WINDOWS\system32\drivers\prohlp02.sys Mon Apr 10 13:56:20 2006 => Scanning File C:\WINDOWS\system32\drivers\prosync1.sys Mon Apr 10 13:56:21 2006 => Scanning File C:\WINDOWS\system32\lsass.exe Mon Apr 10 13:56:21 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\ptilink.sys Mon Apr 10 13:56:21 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\rasacd.sys Mon Apr 10 13:56:21 2006 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Apr 10 13:56:21 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\rasl2tp.sys Mon Apr 10 13:56:21 2006 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Apr 10 13:56:21 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\raspppoe.sys Mon Apr 10 13:56:21 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\raspti.sys Mon Apr 10 13:56:21 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\rdbss.sys Mon Apr 10 13:56:21 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\RDPCDD.sys Mon Apr 10 13:56:21 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\rdpdr.sys Mon Apr 10 13:56:21 2006 => Scanning File C:\WINDOWS\system32\sessmgr.exe Mon Apr 10 13:56:21 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\redbook.sys Mon Apr 10 13:56:21 2006 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Apr 10 13:56:21 2006 => Scanning File C:\WINDOWS\system32\svchost.exe Mon Apr 10 13:56:21 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\RMSPPPOE.SYS Mon Apr 10 13:56:21 2006 => Scanning File C:\WINDOWS\system32\Drivers\RootMdm.sys Mon Apr 10 13:56:21 2006 => Scanning File C:\WINDOWS\system32\locator.exe Mon Apr 10 13:56:21 2006 => Scanning File C:\WINDOWS\system32\svchost.exe Mon Apr 10 13:56:21 2006 => Scanning File C:\WINDOWS\System32\rsvp.exe Mon Apr 10 13:56:21 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\RTL8139.SYS Mon Apr 10 13:56:21 2006 => Scanning File C:\WINDOWS\system32\lsass.exe Mon Apr 10 13:56:21 2006 => Scanning File C:\WINDOWS\System32\SCardSvr.exe Mon Apr 10 13:56:21 2006 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Apr 10 13:56:21 2006 => Scanning File C:\WINDOWS\system32\drivers\scsiport.sys Mon Apr 10 13:56:21 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\secdrv.sys Mon Apr 10 13:56:21 2006 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Apr 10 13:56:21 2006 => Scanning File C:\WINDOWS\system32\svchost.exe Mon Apr 10 13:56:21 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\ser2pl.sys Mon Apr 10 13:56:22 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\serenum.sys Mon Apr 10 13:56:22 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\serial.sys Mon Apr 10 13:56:22 2006 => Scanning File C:\WINDOWS\system32\drivers\sfdrv01.sys Mon Apr 10 13:56:22 2006 => Scanning File C:\WINDOWS\system32\drivers\sfhlp01.sys Mon Apr 10 13:56:22 2006 => Scanning File C:\WINDOWS\system32\drivers\sfhlp02.sys Mon Apr 10 13:56:22 2006 => Scanning File C:\WINDOWS\system32\drivers\sfsync02.sys Mon Apr 10 13:56:22 2006 => Scanning File C:\WINDOWS\system32\drivers\sfvfs02.sys Mon Apr 10 13:56:22 2006 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Apr 10 13:56:22 2006 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Apr 10 13:56:22 2006 => Scanning File C:\WINDOWS\system32\drivers\sis7012.sys Mon Apr 10 13:56:22 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\SISAGPX.sys Mon Apr 10 13:56:22 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\sisnic.sys Mon Apr 10 13:56:22 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\SLIP.sys Mon Apr 10 13:56:22 2006 => Scanning File C:\WINDOWS\system32\drivers\splitter.sys Mon Apr 10 13:56:22 2006 => Scanning File C:\WINDOWS\system32\spoolsv.exe Mon Apr 10 13:56:22 2006 => Scanning File C:\WINDOWS\system32\Drivers\sptd.sys Mon Apr 10 13:56:22 2006 => Scanning File C:\WINDOWS\System32\DRIVERS\sr.sys Mon Apr 10 13:56:22 2006 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Apr 10 13:56:22 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\srv.sys Mon Apr 10 13:56:22 2006 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Apr 10 13:56:22 2006 => Scanning File C:\WINDOWS\SYSTEM32\DRIVERS\SSHDRV85.SYS Mon Apr 10 13:56:22 2006 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Apr 10 13:56:22 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\StreamIP.sys Mon Apr 10 13:56:22 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\swenum.sys Mon Apr 10 13:56:23 2006 => Scanning File C:\WINDOWS\system32\drivers\swmidi.sys Mon Apr 10 13:56:23 2006 => Scanning File C:\WINDOWS\System32\dllhost.exe Mon Apr 10 13:56:23 2006 => Scanning File C:\WINDOWS\system32\drivers\sysaudio.sys Mon Apr 10 13:56:23 2006 => Scanning File C:\WINDOWS\system32\smlogsvc.exe Mon Apr 10 13:56:23 2006 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Apr 10 13:56:23 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\tcpip.sys Mon Apr 10 13:56:23 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\termdd.sys Mon Apr 10 13:56:23 2006 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Apr 10 13:56:23 2006 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Apr 10 13:56:23 2006 => Scanning File C:\WINDOWS\System32\tlntsvr.exe Mon Apr 10 13:56:23 2006 => Scanning File C:\WINDOWS\system32\svchost.exe Mon Apr 10 13:56:23 2006 => Scanning File C:\WINDOWS\system32\Drivers\ulisa.sys Mon Apr 10 13:56:23 2006 => Scanning File C:\WINDOWS\system32\wdfmgr.exe Mon Apr 10 13:56:23 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\update.sys Mon Apr 10 13:56:23 2006 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Apr 10 13:56:23 2006 => Scanning File C:\WINDOWS\System32\ups.exe Mon Apr 10 13:56:23 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\usbehci.sys Mon Apr 10 13:56:23 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\usbhub.sys Mon Apr 10 13:56:23 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\usbohci.sys Mon Apr 10 13:56:23 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\usbprint.sys Mon Apr 10 13:56:23 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\usbscan.sys Mon Apr 10 13:56:23 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS Mon Apr 10 13:56:23 2006 => Scanning File C:\WINDOWS\System32\drivers\vga.sys Mon Apr 10 13:56:23 2006 => Scanning File C:\WINDOWS\System32\vssvc.exe Mon Apr 10 13:56:24 2006 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Apr 10 13:56:24 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\wanarp.sys Mon Apr 10 13:56:24 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\wceusbsh.sys Mon Apr 10 13:56:24 2006 => Scanning File C:\WINDOWS\system32\drivers\wdmaud.sys Mon Apr 10 13:56:24 2006 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Apr 10 13:56:24 2006 => Scanning File C:\WINDOWS\system32\svchost.exe Mon Apr 10 13:56:24 2006 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Apr 10 13:56:24 2006 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Apr 10 13:56:24 2006 => Scanning File C:\WINDOWS\System32\wbem\wmiapsrv.exe Mon Apr 10 13:56:24 2006 => Scanning File C:\WINDOWS\System32\drivers\ws2ifsl.sys Mon Apr 10 13:56:24 2006 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Apr 10 13:56:24 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS Mon Apr 10 13:56:24 2006 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Apr 10 13:56:24 2006 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Apr 10 13:56:24 2006 => Scanning File C:\WINDOWS\System32\svchost.exe Mon Apr 10 13:56:24 2006 => Scanning HKLM\SYSTEM\CurrentControlSet\Services\VxD |
|
11.04.2006, 10:12
| #6 |
| | TR/Zlob.IT.3 Mon Apr 10 13:56:24 2006 => ***** Scanning Important System Files ***** Mon Apr 10 13:56:24 2006 => Scanning File C:\WINDOWS\system32\winsock.dll Mon Apr 10 13:56:24 2006 => Scanning File C:\WINDOWS\wsdu.log Mon Apr 10 13:56:24 2006 => Scanning File C:\WINDOWS\system32\ws2help.dll Mon Apr 10 13:56:24 2006 => Scanning File C:\WINDOWS\system32\ws2_32.dll Mon Apr 10 13:56:24 2006 => Scanning File C:\WINDOWS\system32\wscntfy.exe Mon Apr 10 13:56:24 2006 => Scanning File C:\WINDOWS\system32\wscript.exe Mon Apr 10 13:56:24 2006 => Scanning File C:\WINDOWS\system32\wscsvc.dll Mon Apr 10 13:56:24 2006 => Scanning File C:\WINDOWS\system32\wscui.cpl Mon Apr 10 13:56:24 2006 => Scanning File C:\WINDOWS\system32\wsecedit.dll Mon Apr 10 13:56:25 2006 => Scanning File C:\WINDOWS\system32\wsfaxmon.dll Mon Apr 10 13:56:25 2006 => Scanning File C:\WINDOWS\system32\wshatm.dll Mon Apr 10 13:56:25 2006 => Scanning File C:\WINDOWS\system32\wshbth.dll Mon Apr 10 13:56:25 2006 => Scanning File C:\WINDOWS\system32\wshcon.dll Mon Apr 10 13:56:25 2006 => Scanning File C:\WINDOWS\system32\wshde.dll Mon Apr 10 13:56:25 2006 => Scanning File C:\WINDOWS\system32\wshext.dll Mon Apr 10 13:56:25 2006 => Scanning File C:\WINDOWS\system32\wship6.dll Mon Apr 10 13:56:25 2006 => Scanning File C:\WINDOWS\system32\wshisn.dll Mon Apr 10 13:56:25 2006 => Scanning File C:\WINDOWS\system32\wshnetbs.dll Mon Apr 10 13:56:25 2006 => Scanning File C:\WINDOWS\system32\wshom.ocx Mon Apr 10 13:56:25 2006 => Scanning File C:\WINDOWS\system32\wshrm.dll Mon Apr 10 13:56:25 2006 => Scanning File C:\WINDOWS\system32\wshtcpip.dll Mon Apr 10 13:56:25 2006 => Scanning File C:\WINDOWS\system32\wsnmp32.dll Mon Apr 10 13:56:25 2006 => Scanning File C:\WINDOWS\system32\wsock32.dll Mon Apr 10 13:56:25 2006 => Scanning File C:\WINDOWS\system32\wstdecod.dll Mon Apr 10 13:56:25 2006 => Scanning File C:\WINDOWS\system32\wstpager.ax Mon Apr 10 13:56:25 2006 => Scanning File C:\WINDOWS\system32\wstrenderer.ax Mon Apr 10 13:56:25 2006 => Scanning File C:\WINDOWS\system32\PowerToyReadme.htm Mon Apr 10 13:56:25 2006 => Scanning File C:\WINDOWS\explorer.exe Mon Apr 10 13:56:25 2006 => Scanning File C:\WINDOWS\explorer.scf Mon Apr 10 13:56:26 2006 => Scanning File C:\WINDOWS\system32\rundll32.exe Mon Apr 10 13:56:26 2006 => Scanning File C:\WINDOWS\system32\browseui.dll Mon Apr 10 13:56:26 2006 => Scanning File C:\WINDOWS\notepad.exe Mon Apr 10 13:56:26 2006 => Scanning File C:\WINDOWS\system32\notepad.exe Mon Apr 10 13:56:26 2006 => Scanning File C:\WINDOWS\system32\ctfmon.exe Mon Apr 10 13:56:26 2006 => Scanning File C:\WINDOWS\system32\cmd.exe Mon Apr 10 13:56:26 2006 => Scanning File C:\WINDOWS\system32\kernel32.dll Mon Apr 10 13:56:26 2006 => Scanning File C:\WINDOWS\system32\ntoskrnl.exe Mon Apr 10 13:56:26 2006 => Scanning File C:\WINDOWS\system32\ntkrnlpa.exe Mon Apr 10 13:56:26 2006 => Scanning File C:\WINDOWS\system32\HAL.DLL Mon Apr 10 13:56:26 2006 => Scanning File C:\WINDOWS\system32\win32k.sys Mon Apr 10 13:56:26 2006 => Scanning File C:\WINDOWS\system32\ntdll.dll Mon Apr 10 13:56:26 2006 => Scanning File C:\WINDOWS\system32\advapi32.dll Mon Apr 10 13:56:26 2006 => Scanning File C:\WINDOWS\system32\user32.dll Mon Apr 10 13:56:26 2006 => Scanning File C:\WINDOWS\system32\gdi32.dll Mon Apr 10 13:56:27 2006 => Scanning File C:\WINDOWS\system32\bootvid.dll Mon Apr 10 13:56:27 2006 => Scanning File C:\WINDOWS\system32\command.com Mon Apr 10 13:56:27 2006 => ***** Scanning Registry and File system for Adware/Spyware ***** Mon Apr 10 13:56:27 2006 => Loading Spyware Signatures from new External Database (Size: 154683). Mon Apr 10 13:56:28 2006 => Indexed Spyware Databases Successfully Created... Mon Apr 10 13:56:34 2006 => System found infected with cws.loadadv.400 Browser Hijacker ({5e2121ee-0300-11d4-8d3b-444553540000})! Action taken: No Action Taken. Mon Apr 10 13:56:36 2006 => Offending Key found: HKLM\Software\kazaa !!! Mon Apr 10 13:56:36 2006 => Object "kazaa Spyware/Adware" found in File System! Action Taken: No Action Taken. Mon Apr 10 13:56:36 2006 => Offending Key found: HKCU\Software\kazaa !!! Mon Apr 10 13:56:36 2006 => Object "kazaa Spyware/Adware" found in File System! Action Taken: No Action Taken. Mon Apr 10 13:56:37 2006 => Offending file found: C:\WINDOWS\system32\objsafe.tlb Mon Apr 10 13:56:37 2006 => System found infected with roings Spyware/Adware (objsafe.tlb)! Action taken: No Action Taken. Mon Apr 10 13:56:37 2006 => Offending file found: C:\WINDOWS\system32\plugin.dll Mon Apr 10 13:56:37 2006 => System found infected with 007guard.com hijacker Spyware/Adware (plugin.dll)! Action taken: No Action Taken. Mon Apr 10 13:56:40 2006 => Offending file found: C:\Dokumente und Einstellungen\Kai\Desktop\internet.lnk Mon Apr 10 13:56:40 2006 => System found infected with ezula Spyware/Adware (internet.lnk)! Action taken: No Action Taken. Mon Apr 10 13:56:40 2006 => Offending file found: C:\Dokumente und Einstellungen\Kai\Eigene Dateien\downloads\msagent.exe Mon Apr 10 13:56:40 2006 => System found infected with bonzibuddy Spyware/Adware (msagent.exe)! Action taken: No Action Taken. Mon Apr 10 13:56:40 2006 => Offending file found: C:\Dokumente und Einstellungen\Kai\Eigene Dateien\downloads\spchapi.exe Mon Apr 10 13:56:40 2006 => System found infected with bonzibuddy Spyware/Adware (spchapi.exe)! Action taken: No Action Taken. Mon Apr 10 13:56:40 2006 => Offending file found: C:\Dokumente und Einstellungen\Kai\Eigene Dateien\downloads\tv_enua.exe Mon Apr 10 13:56:40 2006 => System found infected with bonzibuddy Spyware/Adware (tv_enua.exe)! Action taken: No Action Taken. Mon Apr 10 13:56:40 2006 => Offending Folder found: C:\Dokumente und Einstellungen\Kai\Eigene Dateien\eigene bilder\autos Mon Apr 10 13:56:40 2006 => Object "gohip Spyware/Adware" found in File System! Action Taken: No Action Taken. Mon Apr 10 13:56:41 2006 => Offending Folder found: C:\Dokumente und Einstellungen\Kai\Eigene Dateien\eigene bilder\rct3\autos Mon Apr 10 13:56:41 2006 => Object "gohip Spyware/Adware" found in File System! Action Taken: No Action Taken. Mon Apr 10 13:56:42 2006 => Offending Folder found: C:\Dokumente und Einstellungen\Kai\Eigene Dateien\Eigene Bilder\autos Mon Apr 10 13:56:42 2006 => Object "gohip Spyware/Adware" found in File System! Action Taken: No Action Taken. Mon Apr 10 13:56:42 2006 => Offending Folder found: C:\Dokumente und Einstellungen\Kai\Eigene Dateien\Eigene Bilder\rct3\autos Mon Apr 10 13:56:42 2006 => Object "gohip Spyware/Adware" found in File System! Action Taken: No Action Taken. Mon Apr 10 13:56:51 2006 => ***** Scanning All Drives ***** Mon Apr 10 13:56:51 2006 => Scanning C:\ Drive Mon Apr 10 13:56:51 2006 => Scanning Folder: C:\*.* Mon Apr 10 13:56:51 2006 => Scanning Folder: C:\!KillBox\*.* Mon Apr 10 13:56:51 2006 => Scanning File C:\!KillBox\dfrgsrv.exe Mon Apr 10 13:56:51 2006 => File C:\!KillBox\dfrgsrv.exe infected by "Trojan-Downloader.Win32.Zlob.jm" Virus! Action Taken: No Action Taken. Mon Apr 10 13:56:51 2006 => Scanning Folder: C:\!KillBox\Logs\*.* Mon Apr 10 13:56:51 2006 => Scanning File C:\!KillBox\Logs\kb.log Mon Apr 10 13:56:51 2006 => Scanning File C:\!KillBox\ncompat.tlb Mon Apr 10 13:56:51 2006 => Scanning File C:\!KillBox\ncompat.tlb( 1) Mon Apr 10 13:56:51 2006 => Scanning File C:\!KillBox\ncompat.tlb( 2) Mon Apr 10 13:56:51 2006 => Scanning Folder: C:\ATI\*.* Mon Apr 10 13:56:51 2006 => Scanning Folder: C:\ATI\SUPPORT\*.* Mon Apr 10 13:56:51 2006 => Scanning Folder: C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\*.* Mon Apr 10 13:56:51 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\AtiCim.bin Mon Apr 10 13:56:52 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\AtiCimUn.exe Mon Apr 10 13:56:52 2006 => Scanning Folder: C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\BIN\*.* Mon Apr 10 13:56:52 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\BIN\aticd64a.sys Mon Apr 10 13:56:52 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\BIN\aticds10.dll Mon Apr 10 13:56:52 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\BIN\AtiCIM.dll Mon Apr 10 13:56:52 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\BIN\atiicdxx.dat Mon Apr 10 13:56:52 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\BIN\atiicdxx.dll Mon Apr 10 13:56:53 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\BIN\atiicdxx.exe Mon Apr 10 13:56:53 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\BIN\atiicdxx.ini Mon Apr 10 13:56:53 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\BIN\atiicdxx.msi Mon Apr 10 13:56:53 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\BIN\atiicdxx.sys Mon Apr 10 13:56:53 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\BIN\atiicdxx.vxd Mon Apr 10 13:56:53 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\BIN\atricd6a.dft Mon Apr 10 13:56:53 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\BIN\atricd6a.enu Mon Apr 10 13:56:53 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\BIN\atricdxx.dft Mon Apr 10 13:56:53 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\BIN\atricdxx.enu Mon Apr 10 13:56:53 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\BIN\EnumDev.exe Mon Apr 10 13:56:53 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\BIN\OEMInstall.bmp Mon Apr 10 13:56:53 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\BIN\UpdatPnP.exe Mon Apr 10 13:56:53 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\CheckVer.exe Mon Apr 10 13:56:54 2006 => Scanning Folder: C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\CPanel\*.* Mon Apr 10 13:56:54 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\CPanel\27256_XP.REG Mon Apr 10 13:56:54 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\CPanel\CPanel.dat Mon Apr 10 13:56:54 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\CPanel\CPANEL.dll Mon Apr 10 13:56:54 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\CPanel\CP_XP.REG Mon Apr 10 13:56:54 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\CPanel\data1.cab Mon Apr 10 13:56:54 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\CPanel\data1.hdr Mon Apr 10 13:56:54 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\CPanel\data2.cab Mon Apr 10 13:56:54 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\CPanel\FGL_32.REG Mon Apr 10 13:56:54 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\CPanel\ikernel.ex_ Mon Apr 10 13:56:55 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\CPanel\INSTALL.INI Mon Apr 10 13:56:55 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\CPanel\layout.bin Mon Apr 10 13:56:55 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\CPanel\Setup.exe Mon Apr 10 13:56:55 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\CPanel\Setup.ini Mon Apr 10 13:56:55 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\CPanel\setup.inx Mon Apr 10 13:56:55 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\CPanel\setup.iss Mon Apr 10 13:56:55 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\CPanel\shortcut.iss Mon Apr 10 13:56:55 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\data1.cab Mon Apr 10 13:56:55 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\data1.hdr Mon Apr 10 13:56:55 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\data2.cab Mon Apr 10 13:56:55 2006 => Scanning Folder: C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\Driver\*.* Mon Apr 10 13:56:55 2006 => Scanning Folder: C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\Driver\2KXP_INF\*.* Mon Apr 10 13:56:55 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\Driver\2KXP_INF\atiiseag.ini Mon Apr 10 13:56:55 2006 => Scanning Folder: C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\Driver\2KXP_INF\B_27132\*.* Mon Apr 10 13:56:55 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\Driver\2KXP_INF\B_27132\ati2cqag.dl_ Mon Apr 10 13:56:56 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\Driver\2KXP_INF\B_27132\ati2dvag.dl_ Mon Apr 10 13:56:56 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\Driver\2KXP_INF\B_27132\ati2edxx.dl_ Mon Apr 10 13:56:56 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\Driver\2KXP_INF\B_27132\ati2erec.dl_ Mon Apr 10 13:56:56 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\Driver\2KXP_INF\B_27132\ati2evxx.dl_ Mon Apr 10 13:56:56 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\Driver\2KXP_INF\B_27132\ati2evxx.ex_ Mon Apr 10 13:56:56 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\Driver\2KXP_INF\B_27132\ati2mdxx.ex_ Mon Apr 10 13:56:56 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\Driver\2KXP_INF\B_27132\ati2mtag.sy_ Mon Apr 10 13:56:57 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\Driver\2KXP_INF\B_27132\ati3duag.dl_ Mon Apr 10 13:56:57 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\Driver\2KXP_INF\B_27132\atiddc.dl_ Mon Apr 10 13:56:57 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\Driver\2KXP_INF\B_27132\atidemgr.dl_ Mon Apr 10 13:56:58 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\Driver\2KXP_INF\B_27132\atifglpf.xml Mon Apr 10 13:56:58 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\Driver\2KXP_INF\B_27132\atiicdxx.dat Mon Apr 10 13:56:58 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\Driver\2KXP_INF\B_27132\atiiiexx.dll Mon Apr 10 13:56:58 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\Driver\2KXP_INF\B_27132\atikvmag.dl_ Mon Apr 10 13:56:58 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\Driver\2KXP_INF\B_27132\atioglx1.dl_ Mon Apr 10 13:56:59 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\Driver\2KXP_INF\B_27132\atioglxx.dl_ Mon Apr 10 13:57:00 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\Driver\2KXP_INF\B_27132\atipdlxx.dl_ Mon Apr 10 13:57:01 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\Driver\2KXP_INF\B_27132\atitvo32.dl_ Mon Apr 10 13:57:01 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\Driver\2KXP_INF\B_27132\ativcaxx.cpa Mon Apr 10 13:57:01 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\Driver\2KXP_INF\B_27132\ativcaxx.vp Mon Apr 10 13:57:01 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\Driver\2KXP_INF\B_27132\ativckxx.vp Mon Apr 10 13:57:01 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\Driver\2KXP_INF\B_27132\ativcoxx.dl_ Mon Apr 10 13:57:01 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\Driver\2KXP_INF\B_27132\ativvaxx.dl_ Mon Apr 10 13:57:01 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\Driver\2KXP_INF\B_27132\ativvpxx.vp Mon Apr 10 13:57:01 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\Driver\2KXP_INF\B_27132\oemdspif.dl_ Mon Apr 10 13:57:01 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\Driver\2KXP_INF\C2_27256.inf Mon Apr 10 13:57:01 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\Driver\2KXP_INF\CX_27256.cat Mon Apr 10 13:57:01 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\Driver\2KXP_INF\CX_27256.inf Mon Apr 10 13:57:01 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\Driver\C2_27256.INI Mon Apr 10 13:57:02 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\Driver\CX_27256.INI Mon Apr 10 13:57:02 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\Driver\data1.cab Mon Apr 10 13:57:02 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\Driver\data1.hdr Mon Apr 10 13:57:02 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\Driver\data2.cab Mon Apr 10 13:57:02 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\Driver\Driver.dat Mon Apr 10 13:57:02 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\Driver\Driver.DLL Mon Apr 10 13:57:02 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\Driver\ikernel.ex_ Mon Apr 10 13:57:02 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\Driver\INSTALL.INI Mon Apr 10 13:57:03 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\Driver\layout.bin Mon Apr 10 13:57:03 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\Driver\Setup.exe Mon Apr 10 13:57:03 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\Driver\Setup.ini Mon Apr 10 13:57:03 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\Driver\setup.inx Mon Apr 10 13:57:03 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\Driver\setup.iss Mon Apr 10 13:57:03 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\Driver\_setup.bmp Mon Apr 10 13:57:03 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\DrvUI64A.exe Mon Apr 10 13:57:03 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\ikernel.ex_ Mon Apr 10 13:57:04 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\install.ini Mon Apr 10 13:57:04 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\issetup.exe Mon Apr 10 13:57:04 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\layout.bin Mon Apr 10 13:57:04 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\makensisw.exe Mon Apr 10 13:57:04 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\psapi.dll Mon Apr 10 13:57:04 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\Setup.exe Mon Apr 10 13:57:04 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\Setup.ini Mon Apr 10 13:57:04 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\setup.inx Mon Apr 10 13:57:04 2006 => Scanning Folder: C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\WDM_ALL\*.* Mon Apr 10 13:57:04 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\WDM_ALL\data1.cab Mon Apr 10 13:57:04 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\WDM_ALL\data1.hdr Mon Apr 10 13:57:05 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\WDM_ALL\data2.cab Mon Apr 10 13:57:05 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\WDM_ALL\ikernel.ex_ Mon Apr 10 13:57:05 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\WDM_ALL\install.ini Mon Apr 10 13:57:05 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\WDM_ALL\layout.bin Mon Apr 10 13:57:05 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\WDM_ALL\Setup.exe Mon Apr 10 13:57:05 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\WDM_ALL\Setup.ini Mon Apr 10 13:57:05 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\WDM_ALL\setup.inx Mon Apr 10 13:57:05 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\WDM_ALL\WDM_ALL.dat Mon Apr 10 13:57:06 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\WDM_ALL\WDM_ALL.dll Mon Apr 10 13:57:06 2006 => Scanning Folder: C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\WDM_ALL\WDM_NSP\*.* Mon Apr 10 13:57:06 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\WDM_ALL\WDM_NSP\WDM_NSP.ini Mon Apr 10 13:57:06 2006 => Scanning Folder: C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\WDM_ALL\WDM_NSP\XP\*.* Mon Apr 10 13:57:06 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\WDM_ALL\WDM_NSP\XP\atinbtxx.SYS Mon Apr 10 13:57:06 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\WDM_ALL\WDM_NSP\XP\atinesxx.SYS Mon Apr 10 13:57:06 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\WDM_ALL\WDM_NSP\XP\atineuxx.SYS Mon Apr 10 13:57:06 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\WDM_ALL\WDM_NSP\XP\atinevxx.SYS Mon Apr 10 13:57:06 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\WDM_ALL\WDM_NSP\XP\atinmdxx.SYS Mon Apr 10 13:57:06 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\WDM_ALL\WDM_NSP\XP\atinpdxx.SYS Mon Apr 10 13:57:06 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\WDM_ALL\WDM_NSP\XP\atinraxx.SYS Mon Apr 10 13:57:06 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\WDM_ALL\WDM_NSP\XP\atinsnxx.SYS Mon Apr 10 13:57:06 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\WDM_ALL\WDM_NSP\XP\atinspxp.cat Mon Apr 10 13:57:06 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\WDM_ALL\WDM_NSP\XP\atinspxp.inf Mon Apr 10 13:57:06 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\WDM_ALL\WDM_NSP\XP\atinttxx.SYS Mon Apr 10 13:57:07 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\WDM_ALL\WDM_NSP\XP\atinxbxx.SYS Mon Apr 10 13:57:07 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\WDM_ALL\WDM_NSP\XP\ATIVdaxx.AX Mon Apr 10 13:57:07 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\WDM_ALL\WDM_NSP\XP\ativmc20.cod Mon Apr 10 13:57:07 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\WDM_ALL\WDM_NSP\XP\ativmvxx.AX Mon Apr 10 13:57:07 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\WDM_ALL\WDM_NSP\XP\ativtmxx.DLL Mon Apr 10 13:57:07 2006 => Scanning Folder: C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\WDM_ALL\WDM_SP\*.* Mon Apr 10 13:57:07 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\WDM_ALL\WDM_SP\WDM_SP.ini Mon Apr 10 13:57:07 2006 => Scanning Folder: C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\WDM_ALL\WDM_SP\XP\*.* Mon Apr 10 13:57:07 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\WDM_ALL\WDM_SP\XP\atinbtxx.SYS Mon Apr 10 13:57:07 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\WDM_ALL\WDM_SP\XP\atinmdxx.SYS Mon Apr 10 13:57:07 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\WDM_ALL\WDM_SP\XP\atinpdxx.SYS Mon Apr 10 13:57:07 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\WDM_ALL\WDM_SP\XP\atinraxx.SYS Mon Apr 10 13:57:07 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\WDM_ALL\WDM_SP\XP\atinrvxx.SYS Mon Apr 10 13:57:07 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\WDM_ALL\WDM_SP\XP\atinsnxx.SYS Mon Apr 10 13:57:07 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\WDM_ALL\WDM_SP\XP\atinttxx.SYS Mon Apr 10 13:57:07 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\WDM_ALL\WDM_SP\XP\atintuxx.SYS Mon Apr 10 13:57:07 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\WDM_ALL\WDM_SP\XP\atinxbxx.SYS Mon Apr 10 13:57:07 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\WDM_ALL\WDM_SP\XP\atinxsxx.SYS Mon Apr 10 13:57:08 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\WDM_ALL\WDM_SP\XP\ATIVdaxx.AX Mon Apr 10 13:57:08 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\WDM_ALL\WDM_SP\XP\ativmc20.cod Mon Apr 10 13:57:08 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\WDM_ALL\WDM_SP\XP\ativmvxx.AX Mon Apr 10 13:57:08 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\WDM_ALL\WDM_SP\XP\ativtmxx.DLL Mon Apr 10 13:57:08 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\WDM_ALL\WDM_SP\XP\atixpwdm.cat Mon Apr 10 13:57:08 2006 => Scanning File C:\ATI\SUPPORT\5-10_xp-2k_dd_cp_wdm_27256\WDM_ALL\WDM_SP\XP\atixpwdm.inf |
|
11.04.2006, 10:13
| #7 |
| | TR/Zlob.IT.3 Mon Apr 10 13:57:08 2006 => Scanning Folder: C:\ATI\SUPPORT\5-13_xp-2k_ccc_29124\*.* Mon Apr 10 13:57:08 2006 => Scanning File C:\ATI\SUPPORT\5-13_xp-2k_ccc_29124\1028.mst Mon Apr 10 13:57:08 2006 => Scanning File C:\ATI\SUPPORT\5-13_xp-2k_ccc_29124\1029.mst Mon Apr 10 13:57:08 2006 => Scanning File C:\ATI\SUPPORT\5-13_xp-2k_ccc_29124\1030.mst Mon Apr 10 13:57:08 2006 => Scanning File C:\ATI\SUPPORT\5-13_xp-2k_ccc_29124\1031.mst Mon Apr 10 13:57:08 2006 => Scanning File C:\ATI\SUPPORT\5-13_xp-2k_ccc_29124\1032.mst Mon Apr 10 13:57:08 2006 => Scanning File C:\ATI\SUPPORT\5-13_xp-2k_ccc_29124\1033.mst Mon Apr 10 13:57:08 2006 => Scanning File C:\ATI\SUPPORT\5-13_xp-2k_ccc_29124\1034.mst Mon Apr 10 13:57:08 2006 => Scanning File C:\ATI\SUPPORT\5-13_xp-2k_ccc_29124\1035.mst Mon Apr 10 13:57:08 2006 => Scanning File C:\ATI\SUPPORT\5-13_xp-2k_ccc_29124\1036.mst Mon Apr 10 13:57:08 2006 => Scanning File C:\ATI\SUPPORT\5-13_xp-2k_ccc_29124\1038.mst Mon Apr 10 13:57:08 2006 => Scanning File C:\ATI\SUPPORT\5-13_xp-2k_ccc_29124\1040.mst Mon Apr 10 13:57:09 2006 => Scanning File C:\ATI\SUPPORT\5-13_xp-2k_ccc_29124\1041.mst Mon Apr 10 13:57:09 2006 => Scanning File C:\ATI\SUPPORT\5-13_xp-2k_ccc_29124\1042.mst Mon Apr 10 13:57:09 2006 => Scanning File C:\ATI\SUPPORT\5-13_xp-2k_ccc_29124\1043.mst Mon Apr 10 13:57:09 2006 => Scanning File C:\ATI\SUPPORT\5-13_xp-2k_ccc_29124\1044.mst Mon Apr 10 13:57:09 2006 => Scanning File C:\ATI\SUPPORT\5-13_xp-2k_ccc_29124\1045.mst Mon Apr 10 13:57:09 2006 => Scanning File C:\ATI\SUPPORT\5-13_xp-2k_ccc_29124\1046.mst Mon Apr 10 13:57:09 2006 => Scanning File C:\ATI\SUPPORT\5-13_xp-2k_ccc_29124\1049.mst Mon Apr 10 13:57:09 2006 => Scanning File C:\ATI\SUPPORT\5-13_xp-2k_ccc_29124\1053.mst Mon Apr 10 13:57:09 2006 => Scanning File C:\ATI\SUPPORT\5-13_xp-2k_ccc_29124\1054.mst Mon Apr 10 13:57:09 2006 => Scanning File C:\ATI\SUPPORT\5-13_xp-2k_ccc_29124\1055.mst Mon Apr 10 13:57:09 2006 => Scanning File C:\ATI\SUPPORT\5-13_xp-2k_ccc_29124\2052.mst Mon Apr 10 13:57:09 2006 => Scanning File C:\ATI\SUPPORT\5-13_xp-2k_ccc_29124\2070.mst Mon Apr 10 13:57:09 2006 => Scanning File C:\ATI\SUPPORT\5-13_xp-2k_ccc_29124\3084.mst Mon Apr 10 13:57:09 2006 => Scanning File C:\ATI\SUPPORT\5-13_xp-2k_ccc_29124\ACE.dat Mon Apr 10 13:57:09 2006 => Scanning File C:\ATI\SUPPORT\5-13_xp-2k_ccc_29124\ACE.dll Mon Apr 10 13:57:09 2006 => Scanning File C:\ATI\SUPPORT\5-13_xp-2k_ccc_29124\ATICCC.msi Mon Apr 10 13:57:15 2006 => Scanning File C:\ATI\SUPPORT\5-13_xp-2k_ccc_29124\Data1.cab Mon Apr 10 13:58:12 2006 => Please Wait Exiting Application... Mon Apr 10 13:58:42 2006 => Scanning F:\ Drive Mon Apr 10 13:58:43 2006 => Requesting CancelScan... Mon Apr 10 13:58:43 2006 => Unable to Cancel Scan Successfully!!! Mon Apr 10 13:58:43 2006 => Scan Cancelled by User Mon Apr 10 13:58:43 2006 => Total Objects Scanned: 12272 Mon Apr 10 13:58:43 2006 => Total Critical Objects: 14 Mon Apr 10 13:58:43 2006 => Total Disinfected Objects: 0 Mon Apr 10 13:58:43 2006 => Total Objects Renamed: 0 Mon Apr 10 13:58:43 2006 => Total Deleted Objects: 0 Mon Apr 10 13:58:43 2006 => Total Errors: 8 Mon Apr 10 13:58:43 2006 => Time Elapsed: 00:03:00 Mon Apr 10 13:58:44 2006 => ***** Scanning complete. ***** Mon Apr 10 13:58:44 2006 => Virus Database Date: 4/6/2006 Mon Apr 10 13:58:44 2006 => Virus Database Count: 186553 Mon Apr 10 13:58:44 2006 => Scan Completed. Mon Apr 10 13:58:51 2006 => Virus Database Date: 4/6/2006 Mon Apr 10 13:58:51 2006 => Virus Database Count: 186553 Mon Apr 10 13:58:55 2006 => AV Library Unloaded (3)... Tue Apr 11 10:52:26 2006 => ********************************************************** Tue Apr 11 10:52:26 2006 => MicroWorld Anti Virus & Spyware Toolkit Utility. Tue Apr 11 10:52:26 2006 => Copyright © 2003-2006, MicroWorld Technologies Inc. Tue Apr 11 10:52:26 2006 => ********************************************************** Tue Apr 11 10:52:26 2006 => Version 8.2.2 (C:\Dokumente und Einstellungen\Kai\Lokale Einstellungen\Temp\mwavscan.com) Tue Apr 11 10:52:26 2006 => Log File: C:\DOKUME~1\Kai\LOKALE~1\Temp\MWAV.LOG Tue Apr 11 10:52:26 2006 => Last Scan Date and Time: 10.04.2006 13:55:41 Tue Apr 11 10:52:26 2006 => MWAV Registered: FALSE. Tue Apr 11 10:52:26 2006 => OS Type: Windows Workstation Tue Apr 11 10:52:26 2006 => Local Fixed Drives: c:\,f:\,z:\ Tue Apr 11 10:52:26 2006 => MWAV Mode: Only Scan files. Tue Apr 11 10:52:31 2006 => Latest Date of files inside MWAV: 06 Apr 2006 15:08:30. HJT: Logfile of HijackThis v1.99.1 Scan saved at 10:50:11, on 11.04.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\svchost.exe C:\Programme\AntiVir PersonalEdition Premium\avguard.exe C:\Programme\AntiVir PersonalEdition Premium\avesvc.exe C:\Programme\AntiVir PersonalEdition Premium\avmailc.exe C:\Programme\AntiVir PersonalEdition Premium\sched.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Programme\QuickTime\qttask.exe C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe C:\Programme\ATI Technologies\ATI HYDRAVISION\HydraDM.exe C:\Programme\AntiVir PersonalEdition Premium\avgnt.exe C:\Programme\ATI Technologies\ATI.ACE\cli.exe C:\Programme\Java\jre1.5.0_04\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Programme\Spybot - Search & Destroy\TeaTimer.exe C:\Programme\Adobe\Reader\reader_sl.exe C:\Programme\WinTV\Ir.exe C:\Programme\DeTeWe\TA 33 USB\Capictrl.exe C:\Programme\ATI Technologies\ATI.ACE\cli.exe C:\Programme\ATI Technologies\ATI.ACE\cli.exe C:\Programme\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.marktplatz.de R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer von osnatel O2 - BHO: Nothing - {7a932ed2-1737-4ab8-b84d-c71779958551} - C:\WINDOWS\system32\hp8D6B.tmp (file missing) O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programme\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll O4 - HKLM\..\Run: [routcnf] C:\Programme\DeTeWe\TA 33 USB\routcnf.exe O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Programme\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [ATIPTA] "C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\GEMEIN~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [ISUSScheduler] "C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [HydraVisionDesktopManager] C:\Programme\ATI Technologies\ATI HYDRAVISION\HydraDM.exe O4 - HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition Premium\avgnt.exe" /min O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [ATICCC] "C:\Programme\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_04\bin\jusched.exe O4 - HKLM\..\RunServices: [SchedulingAgent] C:\WINDOWS\system32\mstask.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [NBJ] "C:\Programme\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Reader\reader_sl.exe O4 - Global Startup: AutoStart IR.lnk = C:\Programme\WinTV\Ir.exe O4 - Global Startup: CAPIControl.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: &eBay Search - res://C:\Programme\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra button: Mobilen Favoriten erstellen - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Programme\Microsoft ActiveSync\inetrepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Programme\Microsoft ActiveSync\inetrepl.dll O9 - Extra 'Tools' menuitem: Mobilen Favoriten erstellen... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Programme\Microsoft ActiveSync\inetrepl.dll O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe (file missing) O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe (file missing) O10 - Broken Internet access because of LSP provider 'avsda.dll' missing O14 - IERESET.INF: START_PAGE_URL=http://www.marktplatz.de O20 - Winlogon Notify: winrzf32 - winrzf32.dll (file missing) O23 - Service: AntiVir Mail Security Service (AntiVirMailService) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Premium\avmailc.exe O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Premium\sched.exe O23 - Service: AntiVir PersonalEdition Premium Service (AntiVirService) - AVIRA GmbH - C:\Programme\AntiVir PersonalEdition Premium\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AntiVir Engine Service (AVEService) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Premium\avesvc.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE smitfiles.txt: smitRem © log file version 2.8 by noahdfear Microsoft Windows XP [Version 5.1.2600] Running from C:\Dokumente und Einstellungen\Kai\Desktop\smitRem ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Pre-run SharedTask Export (GetSTS.exe) SharedTaskScheduler exporter by Lawrence Abrams (Grinler) Copyright(C) 2006 BleepingComputer.com Registry Pseudo-Format Mode (Not a valid reg file): [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon" "{E2CA7CD1-1AD9-F1C4-3D2A-DC1A33E7AF9D}"="USB Ware" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{438755C2-A8BA-11D1-B96B-00A0C90312E1}\InProcServer32] @="%SystemRoot%\System32\browseui.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8C7461EF-2B13-11d2-BE35-3078302C2030}\InProcServer32] @="%SystemRoot%\System32\browseui.dll" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ checking for ShudderLTD key ShudderLTD key not present! checking for PSGuard.com key PSGuard.com key not present! checking for WinHound.com key WinHound.com key not present! spyaxe uninstaller NOT present Winhound uninstaller NOT present SpywareStrike uninstaller NOT present ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Existing Pre-run Files ~~~ Program Files ~~~ ~~~ Shortcuts ~~~ ~~~ Favorites ~~~ Antivirus Test Online.url ~~~ system32 folder ~~~ 1024 dir ld****.tmp ncompat.tlb nvctrl.exe hp***.tmp logfiles ~~~ Icons in System32 ~~~ ts.ico ot.ico ~~~ Windows directory ~~~ ~~~ Drive root ~~~ ~~~ Miscellaneous Files/folders ~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03 Copyright(C) 2002-2003 Craig.Peacock@beyondlogic.org Killing PID 856 'explorer.exe' Starting registry repairs Registry repairs complete ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SharedTask Export after registry fix (GetSTS.exe) SharedTaskScheduler exporter by Lawrence Abrams (Grinler) Copyright(C) 2006 BleepingComputer.com Registry Pseudo-Format Mode (Not a valid reg file): [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon" "{E2CA7CD1-1AD9-F1C4-3D2A-DC1A33E7AF9D}"="USB Ware" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{438755C2-A8BA-11D1-B96B-00A0C90312E1}\InProcServer32] @="%SystemRoot%\System32\browseui.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8C7461EF-2B13-11d2-BE35-3078302C2030}\InProcServer32] @="%SystemRoot%\System32\browseui.dll" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Deleting files ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Remaining Post-run Files ~~~ Program Files ~~~ ~~~ Shortcuts ~~~ ~~~ Favorites ~~~ ~~~ system32 folder ~~~ ~~~ Icons in System32 ~~~ ~~~ Windows directory ~~~ ~~~ Drive root ~~~ ~~~ Miscellaneous Files/folders ~~~ ~~~ Wininet.dll ~~~ CLEAN!  |
|
11.04.2006, 10:24
| #8 | |
| | TR/Zlob.IT.3 Servus! Zitat:
Lass escan bitte ganz laufen so wie in der Anleitung beschrieben und poste vor allem die Funde wie ganz unten in der Anleitung beschrieben - nicht das ganze Logfile! Und außerdem fehlen noch die Logs der datfind.bat (Dateien der letzten 2-3 Monate genügen)! stupormundi
__________________ Unsichtbare Dateien suchen: Sehr gute Anleitung von Rene-gad: WICHTIG: Alle aktiven links editieren (http-->h**p) und persönliche Informationen aus den Logfiles entfernen Kein Support via PN - sorry! |
|
12.04.2006, 21:59
| #9 |
| | TR/Zlob.IT.3 Servus zurück! Nun habe ich es ganz durchlaufen lassen und das kam raus: eScan: Tue Apr 11 21:03:20 2006 => System found infected with cws.loadadv.400 Browser Hijacker ({5e2121ee-0300-11d4-8d3b-444553540000})! Action taken: No Action Taken. Tue Apr 11 21:03:22 2006 => Offending Key found: HKLM\Software\kazaa !!! Tue Apr 11 21:03:22 2006 => Object "kazaa Spyware/Adware" found in File System! Action Taken: No Action Taken. Tue Apr 11 21:03:22 2006 => Offending Key found: HKCU\Software\kazaa !!! Tue Apr 11 21:03:22 2006 => Object "kazaa Spyware/Adware" found in File System! Action Taken: No Action Taken. Tue Apr 11 21:03:23 2006 => Offending file found: C:\WINDOWS\system32\objsafe.tlb Tue Apr 11 21:03:23 2006 => System found infected with roings Spyware/Adware (objsafe.tlb)! Action taken: No Action Taken. Tue Apr 11 21:03:23 2006 => Offending file found: C:\WINDOWS\system32\plugin.dll Tue Apr 11 21:03:23 2006 => System found infected with 007guard.com hijacker Spyware/Adware (plugin.dll)! Action taken: No Action Taken. Tue Apr 11 21:03:27 2006 => Offending file found: C:\Dokumente und Einstellungen\Kai\Desktop\internet.lnk Tue Apr 11 21:03:27 2006 => System found infected with ezula Spyware/Adware (internet.lnk)! Action taken: No Action Taken. Tue Apr 11 21:03:28 2006 => Offending file found: C:\Dokumente und Einstellungen\Kai\Eigene Dateien\downloads\msagent.exe Tue Apr 11 21:03:28 2006 => System found infected with bonzibuddy Spyware/Adware (msagent.exe)! Action taken: No Action Taken. Tue Apr 11 21:03:28 2006 => Offending file found: C:\Dokumente und Einstellungen\Kai\Eigene Dateien\downloads\spchapi.exe Tue Apr 11 21:03:28 2006 => System found infected with bonzibuddy Spyware/Adware (spchapi.exe)! Action taken: No Action Taken. Tue Apr 11 21:03:28 2006 => Offending file found: C:\Dokumente und Einstellungen\Kai\Eigene Dateien\downloads\tv_enua.exe Tue Apr 11 21:03:28 2006 => System found infected with bonzibuddy Spyware/Adware (tv_enua.exe)! Action taken: No Action Taken. Tue Apr 11 21:03:29 2006 => Offending Folder found: C:\Dokumente und Einstellungen\Kai\Eigene Dateien\eigene bilder\autos Tue Apr 11 21:03:29 2006 => Object "gohip Spyware/Adware" found in File System! Action Taken: No Action Taken. Tue Apr 11 21:03:29 2006 => Offending Folder found: C:\Dokumente und Einstellungen\Kai\Eigene Dateien\eigene bilder\rct3\autos Tue Apr 11 21:03:29 2006 => Object "gohip Spyware/Adware" found in File System! Action Taken: No Action Taken. Tue Apr 11 21:03:31 2006 => Offending Folder found: C:\Dokumente und Einstellungen\Kai\Eigene Dateien\Eigene Bilder\autos Tue Apr 11 21:03:31 2006 => Object "gohip Spyware/Adware" found in File System! Action Taken: No Action Taken. Tue Apr 11 21:03:31 2006 => Offending Folder found: C:\Dokumente und Einstellungen\Kai\Eigene Dateien\Eigene Bilder\rct3\autos Tue Apr 11 21:03:31 2006 => Object "gohip Spyware/Adware" found in File System! Action Taken: No Action Taken. Tue Apr 11 21:03:39 2006 => File C:\!KillBox\dfrgsrv.exe infected by "Trojan-Downloader.Win32.Zlob.jm" Virus! Action Taken: No Action Taken. Tue Apr 11 21:40:26 2006 => File C:\Dokumente und Einstellungen\Kai\Eigene Dateien\Downloads\crdwb5-a.exe infected by "Trojan-Downloader.Win32.Adload.q" Virus! Action Taken: No Action Taken. Wed Apr 12 11:28:54 2006 => System found infected with cws.loadadv.400 Browser Hijacker ({5e2121ee-0300-11d4-8d3b-444553540000})! Action taken: No Action Taken. Wed Apr 12 11:28:56 2006 => Offending Key found: HKLM\Software\kazaa !!! Wed Apr 12 11:28:56 2006 => Object "kazaa Spyware/Adware" found in File System! Action Taken: No Action Taken. Wed Apr 12 11:28:56 2006 => Offending Key found: HKCU\Software\kazaa !!! Wed Apr 12 11:28:56 2006 => Object "kazaa Spyware/Adware" found in File System! Action Taken: No Action Taken. Wed Apr 12 11:28:58 2006 => Offending file found: C:\WINDOWS\system32\objsafe.tlb Wed Apr 12 11:28:58 2006 => System found infected with roings Spyware/Adware (objsafe.tlb)! Action taken: No Action Taken. Wed Apr 12 11:28:58 2006 => Offending file found: C:\WINDOWS\system32\plugin.dll Wed Apr 12 11:28:58 2006 => System found infected with 007guard.com hijacker Spyware/Adware (plugin.dll)! Action taken: No Action Taken. Wed Apr 12 11:29:01 2006 => Offending file found: C:\Dokumente und Einstellungen\Kai\Desktop\internet.lnk Wed Apr 12 11:29:01 2006 => System found infected with ezula Spyware/Adware (internet.lnk)! Action taken: No Action Taken. Wed Apr 12 11:29:01 2006 => Offending file found: C:\Dokumente und Einstellungen\Kai\Eigene Dateien\downloads\msagent.exe Wed Apr 12 11:29:01 2006 => System found infected with bonzibuddy Spyware/Adware (msagent.exe)! Action taken: No Action Taken. Wed Apr 12 11:29:01 2006 => Offending file found: C:\Dokumente und Einstellungen\Kai\Eigene Dateien\downloads\spchapi.exe Wed Apr 12 11:29:01 2006 => System found infected with bonzibuddy Spyware/Adware (spchapi.exe)! Action taken: No Action Taken. Wed Apr 12 11:29:02 2006 => Offending file found: C:\Dokumente und Einstellungen\Kai\Eigene Dateien\downloads\tv_enua.exe Wed Apr 12 11:29:02 2006 => System found infected with bonzibuddy Spyware/Adware (tv_enua.exe)! Action taken: No Action Taken. Wed Apr 12 11:29:02 2006 => Offending Folder found: C:\Dokumente und Einstellungen\Kai\Eigene Dateien\eigene bilder\autos Wed Apr 12 11:29:02 2006 => Object "gohip Spyware/Adware" found in File System! Action Taken: No Action Taken. Wed Apr 12 11:29:02 2006 => Offending Folder found: C:\Dokumente und Einstellungen\Kai\Eigene Dateien\eigene bilder\rct3\autos Wed Apr 12 11:29:02 2006 => Object "gohip Spyware/Adware" found in File System! Action Taken: No Action Taken. Wed Apr 12 11:29:04 2006 => Offending Folder found: C:\Dokumente und Einstellungen\Kai\Eigene Dateien\Eigene Bilder\autos Wed Apr 12 11:29:04 2006 => Object "gohip Spyware/Adware" found in File System! Action Taken: No Action Taken. Wed Apr 12 11:29:04 2006 => Offending Folder found: C:\Dokumente und Einstellungen\Kai\Eigene Dateien\Eigene Bilder\rct3\autos Wed Apr 12 11:29:04 2006 => Object "gohip Spyware/Adware" found in File System! Action Taken: No Action Taken. Wed Apr 12 11:29:12 2006 => File C:\!KillBox\dfrgsrv.exe infected by "Trojan-Downloader.Win32.Zlob.jm" Virus! Action Taken: No Action Taken. Wed Apr 12 11:51:49 2006 => File C:\Dokumente und Einstellungen\Kai\Eigene Dateien\Downloads\crdwb5-a.exe infected by "Trojan-Downloader.Win32.Adload.q" Virus! Action Taken: No Action Taken. Wed Apr 12 14:07:58 2006 => File C:\WINDOWS\system32\unst.exe infected by "Trojan-Clicker.Win32.Small.iz" Virus! Action Taken: No Action Taken. datfind.bat: Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: F8AD-4C14 Verzeichnis von C:\DOKUME~1\Kai\LOKALE~1\Temp 12.04.2006 22:40 16.384 Perflib_Perfdata_a74.dat 12.04.2006 22:40 16.384 Perflib_Perfdata_a84.dat 12.04.2006 22:40 16.384 Perflib_Perfdata_664.dat 12.04.2006 22:39 1.020 jusched.log 12.04.2006 16:48 0 TempCover2 12.04.2006 14:09 25.026.457 MWAV.LOG 12.04.2006 14:09 5.568 mwXface.log 11.04.2006 11:52 72.192 ~e5.0001 10.04.2006 13:55 241.664 MYDB.DLL 06.04.2006 18:04 6.389 smart.avc 06.04.2006 18:04 13.720 avp.klb 06.04.2006 18:04 3.726 krn003.avc 06.04.2006 18:04 38.647 krn002.avc 06.04.2006 18:04 1.708 daily-ex.avc 06.04.2006 18:04 39.098 daily.avc 06.04.2006 15:58 132.372 Spyware.sdb 06.04.2006 15:58 611.693 Cid.sdb 06.04.2006 15:58 154.683 spydb.old 06.04.2006 15:58 1.721.835 File1.sdb 06.04.2006 15:58 120.924 File2.sdb 06.04.2006 15:58 154.683 spydb.avs 06.04.2006 15:58 388.194 Dir.sdb 06.04.2006 14:15 81.300 virus016.avc 06.04.2006 14:15 16.842 unp000.avc 06.04.2006 14:15 54.519 unp003.avc 06.04.2006 14:15 60.982 unp015.avc 06.04.2006 14:15 49.976 troj015.avc 06.04.2006 14:15 49.887 base092.avc 06.04.2006 14:15 63.303 base007.avc 06.04.2006 14:15 48.781 base091.avc 06.04.2006 12:47 380.480 mexe.com 06.04.2006 12:47 380.480 mwavscan.com 05.04.2006 17:50 344.064 esupdate.exe 05.04.2006 13:15 122.880 msvlclnt.dll 05.04.2006 13:13 42.048 Getvlist.exe 03.04.2006 17:32 50.380 unp032.avc 03.04.2006 17:32 2.634 unp033.avc 03.04.2006 17:32 27.893 ext006.avc 03.04.2006 17:32 23.403 fa.avc 03.04.2006 17:32 49.964 base093.avc 03.04.2006 17:32 69.796 ca.avc 03.04.2006 17:32 36.742 base094.avc 03.04.2006 17:32 1.883 avp.set 01.04.2006 18:04 50.031 base075.avc 31.03.2006 17:03 29.097 unp021.avc 31.03.2006 17:03 55.442 unp011.avc 31.03.2006 17:03 27.828 unp004.avc 31.03.2006 17:03 113.003 krnexe32.avc 31.03.2006 17:03 48.562 base005.avc 31.03.2006 17:03 48.969 base080.avc 29.03.2006 18:47 340.992 MWAVReg.EXE 28.03.2006 12:57 47.543 unp027.avc 28.03.2006 12:57 13.947 ext999.avc 28.03.2006 12:57 47.688 ext004.avc 28.03.2006 12:57 49.671 base062.avc 24.03.2006 18:48 49.705 French.Age 24.03.2006 17:02 50.742 unp001.avc 24.03.2006 17:02 99.881 troj009.avc 24.03.2006 17:02 48.536 base090.avc 23.03.2006 16:28 29.489 krnengn.avc 23.03.2006 16:28 69.617 krn001.avc 22.03.2006 17:53 69.262 unp016.avc 22.03.2006 17:53 68.940 unp010.avc 22.03.2006 17:53 49.880 base087.avc 22.03.2006 17:53 49.905 base074.avc 21.03.2006 11:42 73.516 unp002.avc 21.03.2006 11:42 95.932 krnmacro.avc 21.03.2006 11:42 50.638 base081.avc 20.03.2006 15:14 45.570 unp031.avc 20.03.2006 15:14 20.613 unp029.avc 20.03.2006 15:14 44.873 unp028.avc 20.03.2006 15:14 71.551 unp023.avc 20.03.2006 15:14 48.001 ext002.avc 20.03.2006 15:14 49.734 ext005.avc 20.03.2006 15:14 49.815 base084.avc 17.03.2006 13:24 50.167 worm001.avc 17.03.2006 13:24 36.102 unp012.avc 17.03.2006 13:24 101.219 troj001.avc 17.03.2006 13:24 50.143 base073.avc 16.03.2006 15:38 99.226 krnunp.avc 14.03.2006 10:41 50.080 troj013.avc 14.03.2006 10:41 27.514 gen004.avc 14.03.2006 10:41 49.619 base088.avc 14.03.2006 10:41 49.907 base082.avc 14.03.2006 10:41 50.471 base078.avc 14.03.2006 10:41 50.158 base079.avc 10.03.2006 12:29 109.249 troj003.avc 10.03.2006 12:29 49.934 base089.avc 09.03.2006 16:42 5.610 German.dow 07.03.2006 18:43 35.138 Chinese.Age 07.03.2006 16:23 80.080 unp019.avc 07.03.2006 16:23 49.083 ext001.avc 07.03.2006 16:23 49.436 base086.avc 07.03.2006 16:23 48.305 base006.avc 03.03.2006 15:55 5.854 French.dow 03.03.2006 15:55 11.566 French.con 02.03.2006 16:46 98.816 MWAVL.exe 02.03.2006 16:21 48.230 unp026.avc 02.03.2006 16:21 43.794 gen999.avc 02.03.2006 16:21 47.905 ext003.avc 02.03.2006 16:21 49.485 base085.avc 02.03.2006 16:21 49.935 base069.avc 02.03.2006 16:21 50.049 base070.avc 02.03.2006 16:21 49.636 base067.avc 02.03.2006 16:21 49.880 base068.avc 02.03.2006 16:21 50.059 base066.avc 02.03.2006 16:21 50.085 base065.avc 02.03.2006 16:21 49.832 base063.avc 02.03.2006 16:21 49.932 base064.avc 02.03.2006 16:21 34.695 base061.avc 24.02.2006 15:44 38.898 unp020.avc 24.02.2006 15:44 44.684 unp018.avc 24.02.2006 15:44 49.291 base076.avc 24.02.2006 12:20 47.563 Portuguese.Age 21.02.2006 14:09 75.918 virus015.avc 20.02.2006 12:56 52.133 unp009.avc 20.02.2006 12:56 49.781 base083.avc 16.02.2006 19:10 4.059 Chinese.dow 16.02.2006 19:07 7.695 Chinese.con 16.02.2006 16:31 33.069 unp017.avc 13.02.2006 18:29 45.122 Finnish.Age 13.02.2006 18:29 48.199 Polish.Age 13.02.2006 18:29 48.447 Spanish.Age 13.02.2006 18:29 48.186 Spanishl.Age 13.02.2006 18:29 44.063 Romanian.Age 13.02.2006 18:29 55.671 Italian.Age 13.02.2006 18:29 58.170 German.Age 13.02.2006 18:24 36.548 virus020.avc 13.02.2006 18:03 42.421 English.Age 13.02.2006 18:03 42.421 language.ini 12.02.2006 20:09 13.929 kernel.avc 12.02.2006 20:09 47.120 gen002.avc 08.02.2006 19:09 78.450 virus011.avc 08.02.2006 19:09 74.132 virus007.avc 03.02.2006 17:26 49.490 base077.avc 01.02.2006 23:23 4.438 Chinese.lic 27.01.2006 15:14 101.713 troj005.avc 27.01.2006 15:14 50.834 troj014.avc 27.01.2006 15:14 32.771 krnexe.avc 24.01.2006 13:58 61.965 unp014.avc 22.01.2006 17:48 50.019 base071.avc 19.01.2006 18:16 51.739 worm003.avc 19.01.2006 18:16 50.070 base072.avc 18.01.2006 18:03 57.806 unp013.avc 18.01.2006 11:43 6.025 Polish.dow 17.01.2006 12:32 5.392 Finnish.dow 17.01.2006 12:32 5.852 Spanish.dow 17.01.2006 12:32 5.839 Spanishl.dow 17.01.2006 12:32 5.457 Romanian.dow 17.01.2006 12:32 5.796 Portuguese.dow 17.01.2006 12:32 5.479 Italian.dow 17.01.2006 11:16 491.520 Download.exe 17.01.2006 11:07 5.194 English.dow 17.01.2006 11:07 5.194 Download.lan 16.01.2006 17:55 55.162 unp030.avc 16.01.2006 17:55 48.234 unp025.avc 13.01.2006 16:33 13.830 German.con 05.01.2006 15:12 236.544 mwavl.old 03.01.2006 01:38 2.711 mwav.ini 02.01.2006 14:48 10.559 Finnish.con 02.01.2006 14:48 11.729 Polish.con 02.01.2006 14:48 10.866 Spanish.con 02.01.2006 14:48 10.884 Spanishl.con 02.01.2006 14:48 10.528 Romanian.con 02.01.2006 14:48 11.380 Portuguese.con 02.01.2006 14:48 10.015 Italian.con 01.01.2006 18:51 10.181 English.con 01.01.2006 18:51 10.181 config.lan 01.01.2006 17:40 77.379 virus012.avc 01.01.2006 17:40 61.884 unp005.avc 01.01.2006 17:40 50.197 troj020.avc 01.01.2006 17:40 56.594 troj022.avc 01.01.2006 17:40 14.254 mail.avc P.S. Ich verstehe die Killbox nicht. Ich kann irgendwie immer nur eine Datei löschen auch wenn ich anklicke, dass er mehrere Dateien löschen soll  |
|
| Themen zu TR/Zlob.IT.3 |
| adobe reader, antivir, avira, bho, canon, cs3, drivers, ebay, excel, firefox, ftp, hijack, hijackthis, icq, icqtoolbar, internet, internet explorer, laufwerk c, logfile, microsoft, mozilla, mozilla firefox, programme, security, software, system, trojaner, usb, wieder weg, windows, windows\system32\drivers |
Linear-Darstellung
