Antispyware? ich sach nur plagegeist

Maaakus · 28.06.2008, 11:45

System Report
*************

Run on 28.06.2008 at 11:56: VIRUS ALERT!

Microsoft Windows XP [Version 5.1.2600]

Current user is an administrator

Running Processes:

\SystemRoot\System32\smss.exe [716]
\??\I:\WINDOWS\system32\csrss.exe [784]
\??\I:\WINDOWS\system32\winlogon.exe [820]
I:\WINDOWS\system32\services.exe [864]
I:\WINDOWS\system32\lsass.exe [876]
I:\WINDOWS\system32\svchost.exe [1060]
I:\WINDOWS\system32\svchost.exe [1108]
I:\WINDOWS\System32\svchost.exe [1460]
I:\WINDOWS\system32\svchost.exe [1500]
I:\WINDOWS\system32\svchost.exe [1616]
I:\WINDOWS\system32\svchost.exe [1760]
I:\WINDOWS\system32\spoolsv.exe [1940]
I:\Programme\AntiVir PersonalEdition Classic\avguard.exe [1988]
I:\WINDOWS\Explorer.EXE [604]
I:\WINDOWS\RTHDCPL.EXE [776]
I:\WINDOWS\system32\winsys2.exe [948]
I:\Programme\AntiVir PersonalEdition Classic\avgnt.exe [1016]
I:\Programme\Java\jre1.6.0_03\bin\jusched.exe [1028]
I:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe [1152]
I:\Programme\MSI\Live Update 3\LMonitor.exe [1180]
L:\Acrobat Reader\Reader\Reader_sl.exe [1216]
I:\WINDOWS\system32\RUNDLL32.EXE [1252]
I:\WINDOWS\system32\rundll32.exe [1260]
I:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [1284]
I:\WINDOWS\system32\ctfmon.exe [1292]
L:\Last.fm\LastFMHelper.exe [1348]
I:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe [1372]
I:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe [1380]
I:\Programme\MSI\DualCoreCenter\DualCoreCenter.exe [596]
I:\Programme\AntiVir PersonalEdition Classic\sched.exe [1648]
I:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [1672]
I:\WINDOWS\system32\nvsvc32.exe [1728]
I:\WINDOWS\system32\PnkBstrA.exe [1812]
I:\WINDOWS\system32\svchost.exe [1976]
I:\WINDOWS\System32\alg.exe [2684]
I:\WINDOWS\system32\wscntfy.exe [3080]
I:\WINDOWS\system32\wbem\wmiprvse.exe [3112]
I:\Programme\ArcorOnline\AOButler.exe [1880]

Drivers - Running:

ACEDRV05
ACPI
AFD
Arp1394
atapi
atksgt
audstub
avgio
avgntflt
avipbb
Beep
Cdfs
Cdrom
Disk
DualCoreCenter
Fdc
Fips
Flpydisk
FltMgr
Ftdisk
Gpc
hamachi
HDAudBus
hidusb
HTTP
i8042prt
Imapi
IntcAzAudAddService
intelppm
IpNat
IPSec
isapnp
Kbdclass
kbdhid
kmixer
KSecDD
lirsgt
mnmdd
Mouclass
MountMgr
MRxDAV
MRxSmb
Msfs
mssmbios
Mup
NDIS
NdisTapi
Ndisuio
NdisWan
NDProxy
NetBIOS
NetBT
NIC1394
Npfs
Ntfs
Null
nv
NVENETFD
nvnetbus
NVR0Dev
ohci1394
ovt519
Parport
PartMgr
ParVdm
PCI
PCIIde
PptpMiniport
PSched
Ptilink
RasAcd
Rasl2tp
RasPppoe
Raspti
Rdbss
RDPCDD
redbook
RushTopDevice2
Secdrv
serenum
Serial
sptd
sr
Srv
ssmdrv
swenum
sysaudio
Tcpip
TermDD
Udfs
Update
usbaudio
usbccgp
usbehci
usbhub
usbohci
usbprint
usbstor
VgaSave
VolSnap
Wanarp
wdmaud
WudfPf

Drivers - Stopped:

Abiosdsk
abp480n5
ACPIEC
adpu160m
aec
Aha154x
aic78u2
aic78xx
AliIde
amsint
asc
asc3350p
asc3550
AsyncMac
Atdisk
Atmarpc
cbidf2k
CCDECODE
cd20xrnt
Cdaudio
Changer
CmdIde
Cpqarray
dac960nt
dmboot
dmio
dmload
DMusic
dpti2o
drmkaud
EagleNT
ENTECH
Fastfat
GMSIPCI
hpn
i2omgmt
i2omp
InCDFs
InCDPass
InCDRm
ini910u
IntelIde
Ip6Fw
IpFilterDriver
IpInIp
IRENUM
lbrtfdc
Modem
mraid35x
MSICPL
MSKSSRV
MSPCLOCK
MSPQM
MSTEE
NABTSFEC
NdisIP
NTACCESS
NwlnkFlt
NwlnkFwd
PCIDump
Pcmcia
PDCOMP
PDFRAME
PDRELI
PDRFRAME
perc2
perc2hib
ql1080
Ql10wnt
ql12160
ql1240
ql1280
RDPWD
s117bus
s117mdfl
s117mdm
s117mgmt
s117nd5
s117obex
s117unic
Sfloppy
Simbad
SLIP
Sparrow
splitter
streamip
swmidi
symc810
symc8xx
sym_hi
sym_u3
TDPIPE
TDTCP
TosIde
ultra
ViaIde
WDICA
WpdUsb
WSTCODEC
WudfRd
zlportio

Services - Running:

ALG
AntiVirScheduler
AntiVirService
Apple
AudioSrv
BITS
CryptSvc
DcomLaunch
Dhcp
Dnscache
ERSvc
Eventlog
EventSystem
FastUserSwitchingCompatibility
helpsvc
lanmanserver
lanmanworkstation
LmHosts
Netman
Nla
NVSvc
PlugPlay
PnkBstrA
PolicyAgent
ProtectedStorage
RasMan
RpcSs
SamSs
Schedule
seclogon
SENS
SharedAccess
ShellHWDetection
Spooler
srservice
SSDPSRV
stisvc
TapiSrv
TermService
Themes
TrkWks
W32Time
WebClient
winmgmt
wscsvc
WudfSvc
WZCSVC

Services - Stopped:

Alerter
AppMgmt
aspnet_state
Browser
CiSvc
ClipSrv
clr_optimization_v2.0.50727_32
COMSysApp
dmadmin
dmserver
HidServ
HTTPFilter
IDriverT
ImapiService
Messenger
mnmsrvc
MSDTC
MSIServer
NetDDE
NetDDEdsdm
Netlogon
NtLmSsp
NtmsSvc
RasAuto
RDSessMgr
RemoteAccess
RpcLocator
RSVP
SCardSvr
SwPrv
SysmonLog
upnphost
UPS
usprserv
VSS
WmdmPmSN
WmiApSrv
WMPNetworkSvc
wuauserv
xmlprov

Files Created/Modified - 60 Days:

I:\

28 Jun 2008 10:03:54 0 A.... I:\FIRSTR~1.LOG
28 Jun 2008 11:52:22 2.146.799.616 A.SH. I:\HIBERFIL.SYS
28 Jun 2008 11:52:20 2.145.386.496 A.SH. I:\PAGEFILE.SYS

I:\WINDOWS\

28 Jun 2008 11:53:50 0 A.... I:\WINDOWS\0.LOG
28 Jun 2008 11:52:24 2.048 A.S.. I:\WINDOWS\BOOTSTAT.DAT
18 May 2008 18:54:02 261.061 A.... I:\WINDOWS\COMSETUP.LOG
14 May 2008 15:18:32 374.090 A.... I:\WINDOWS\DIRECTX.LOG
2 Jun 2008 21:15:12 31.258 A.... I:\WINDOWS\DPINST.LOG
27 Jun 2008 10:06:28 163.840 A.... I:\WINDOWS\EQWT.EXE
18 May 2008 18:54:02 742.913 A.... I:\WINDOWS\FAXSETUP.LOG
27 Jun 2008 10:06:28 307.200 A.... I:\WINDOWS\GFETQA~1.DLL
27 Jun 2008 10:06:30 188.416 A.... I:\WINDOWS\GXVPSAFM.DLL
18 May 2008 18:54:02 117.398 A.... I:\WINDOWS\IIS6.LOG
6 May 2008 21:39:32 1.891 A.... I:\WINDOWS\IMSINS.BAK
18 May 2008 18:54:02 1.374 A.... I:\WINDOWS\IMSINS.LOG
18 May 2008 18:54:02 15.750 A.... I:\WINDOWS\KB950749.LOG
18 May 2008 18:54:02 37.843 A.... I:\WINDOWS\MSGSOCM.LOG
27 Jun 2008 21:49:22 116 A.... I:\WINDOWS\NERODI~1.INI
18 May 2008 18:54:02 157.036 A.... I:\WINDOWS\NTDTCS~1.LOG
18 May 2008 18:54:02 367.212 A.... I:\WINDOWS\OCGEN.LOG
18 May 2008 18:54:02 41.622 A.... I:\WINDOWS\OCMSN.LOG
28 May 2008 22:58:26 151 A.... I:\WINDOWS\PHOTOS~1.INI
27 Jun 2008 10:06:28 286.720 A.... I:\WINDOWS\PNTQKFLV.DLL
27 Jun 2008 10:06:26 258.048 A.... I:\WINDOWS\QEGBDMWF.DLL
3 Jun 2008 12:23:08 1.409 A.... I:\WINDOWS\QTFONT.FOR
10 Jun 2008 13:37:06 54.156 A..H. I:\WINDOWS\QTFONT.QFN
28 Jun 2008 11:51:18 32.584 A.... I:\WINDOWS\SCHEDLGU.TXT
3 Jun 2008 14:42:36 173.588 A.... I:\WINDOWS\SETUPACT.LOG
3 Jun 2008 14:42:36 52.817 A.... I:\WINDOWS\SETUPAPI.LOG
13 May 2008 12:07:46 1.093.370 A.... I:\WINDOWS\SETUPA~1.OLD
27 Jun 2008 10:06:30 81.920 A.... I:\WINDOWS\TOVAFRNM.EXE
18 May 2008 18:54:02 291.383 A.... I:\WINDOWS\TSOC.LOG
18 May 2008 18:53:58 41.287 A.... I:\WINDOWS\UPDSPAPI.LOG
28 Jun 2008 11:53:46 157 A.... I:\WINDOWS\WIADEBUG.LOG
28 Jun 2008 11:53:40 50 A.... I:\WINDOWS\WIASERVC.LOG
28 Jun 2008 11:51:16 1.072.798 A.... I:\WINDOWS\WINDOW~1.LOG
9 Jun 2008 15:40:52 80.413 A.... I:\WINDOWS\WMSETUP.LOG
18 May 2008 18:53:34 7.354 A.... I:\WINDOWS\DEBUG\MRT.LOG
18 May 2008 18:53:34 5.814 A.... I:\WINDOWS\DEBUG\MRTENG.LOG
28 Jun 2008 11:52:24 0 A.... I:\WINDOWS\DEBUG\PASSWD.LOG
29 May 2008 13:37:52 4.100 A.... I:\WINDOWS\INF\BRANCHES.PNF
29 May 2008 13:39:32 62.444 A.... I:\WINDOWS\INF\FONT.PNF
2 Jun 2008 21:19:52 1.387.032 A.... I:\WINDOWS\INF\INFCACHE.1
2 Jun 2008 21:15:12 9.536 A.... I:\WINDOWS\INF\OEM11.PNF
2 Jun 2008 21:15:12 21.130 A.... I:\WINDOWS\INF\OEM12.PNF
2 Jun 2008 21:15:12 12.410 A.... I:\WINDOWS\INF\OEM13.PNF
2 Jun 2008 21:15:12 5.522 A.... I:\WINDOWS\INF\OEM14.PNF
2 Jun 2008 21:15:12 8.594 A.... I:\WINDOWS\INF\OEM15.PNF
2 Jun 2008 21:15:12 8.938 A.... I:\WINDOWS\INF\OEM16.PNF
2 Jun 2008 21:15:12 10.002 A.... I:\WINDOWS\INF\OEM17.PNF
3 Jun 2008 14:42:34 10.668 A.... I:\WINDOWS\INF\PTPUSB.PNF
2 Jun 2008 21:36:30 694.784 A.... I:\WINDOWS\INSTAL~1\164BF768.MSI
2 Jun 2008 21:36:48 331.264 A.... I:\WINDOWS\INSTAL~1\164C5EB4.MSI
2 Jun 2008 21:38:02 5.429.760 A.... I:\WINDOWS\INSTAL~1\164C5EB8.MSI
28 Jun 2008 10:03:14 98.304 A.... I:\WINDOWS\MINIDUMP\MINI06~1.DMP
27 Jun 2008 13:47:18 619.420 A.... I:\WINDOWS\SOFTWA~1\REPORT~1.LOG
27 Jun 2008 21:49:24 0 A.... I:\WINDOWS\SYSTEM32\0B23C5~1.TXT
27 Jun 2008 15:09:56 317.696 A.... I:\WINDOWS\SYSTEM32\AWTTSPFD.DLL
27 Jun 2008 15:04:52 43.008 A.... I:\WINDOWS\SYSTEM32\CLBDLL.DLL
28 Jun 2008 11:56:36 135.748 A.SH. I:\WINDOWS\SYSTEM32\DFPSTTWA.INI
28 Jun 2008 11:53:56 135.431 A.SH. I:\WINDOWS\SYSTEM32\DFPSTT~1.INI
27 Jun 2008 15:04:50 28.288 A.... I:\WINDOWS\SYSTEM32\EFCYPHYV.DLL
27 Jun 2008 15:11:04 1.623.974 ..SH. I:\WINDOWS\SYSTEM32\FLCERPSW.INI
13 Jun 2008 17:00:18 116.560 A.... I:\WINDOWS\SYSTEM32\FNTCACHE.DAT
28 Jun 2008 11:52:56 1.624.235 ..SH. I:\WINDOWS\SYSTEM32\KLXCDWXY.INI
9 May 2008 23:35:04 16.863.864 A.... I:\WINDOWS\SYSTEM32\MRT.EXE
29 May 2008 21:30:48 828.824 A.... I:\WINDOWS\SYSTEM32\RVAXO.BAT
28 Jun 2008 9:02:14 13.646 A.... I:\WINDOWS\SYSTEM32\WPA.DBL
27 Jun 2008 21:49:50 92.032 A.... I:\WINDOWS\SYSTEM32\YXWDCXLK.DLL
28 Jun 2008 11:52:28 6 A..H. I:\WINDOWS\TASKS\SA.DAT
28 Jun 2008 10:04:54 16.384 A.... I:\WINDOWS\TEMP\PERFLI~1.DAT
28 Jun 2008 11:53:54 16.384 A.... I:\WINDOWS\TEMP\PERFLI~2.DAT
28 Jun 2008 11:56:38 2.376 A.... I:\WINDOWS\TEMP\SCS6.TMP
18 May 2008 18:54:02 16.852 A.... I:\WINDOWS\$N8CB2~1\SPUNINST\SPUNINST.INF
18 May 2008 18:53:56 4.364 A.... I:\WINDOWS\$N8CB2~1\SPUNINST\SPUNINST.TXT
2 Jun 2008 21:38:02 45.646 A...R I:\WINDOWS\INSTAL~1\{5C726~1\MMM.ICO
28 Jun 2008 10:47:52 7.348.224 A.... I:\WINDOWS\SOFTWA~1\DATAST~1\DATAST~1.EDB
7 May 2008 12:58:58 28.850 A.... I:\WINDOWS\SOFTWA~1\DOWNLOAD\6124B7~1
20 May 2008 14:20:16 8 A.... I:\WINDOWS\SOFTWA~1\EVENTC~1\{01F12~1.BIN
5 May 2008 15:37:32 8 A.... I:\WINDOWS\SOFTWA~1\EVENTC~1\{08824~1.BIN
1 May 2008 12:22:16 8 A.... I:\WINDOWS\SOFTWA~1\EVENTC~1\{27905~1.BIN
10 May 2008 9:51:20 8 A.... I:\WINDOWS\SOFTWA~1\EVENTC~1\{C4164~1.BIN
18 May 2008 17:31:52 8 A.... I:\WINDOWS\SOFTWA~1\EVENTC~1\{D55C7~1.BIN
18 May 2008 18:19:40 8 A.... I:\WINDOWS\SOFTWA~1\EVENTC~1\{E1D1A~1.BIN
24 Jun 2008 17:09:40 25.384 A.... I:\WINDOWS\SOFTWA~1\WEBSETUP\WSUS3S~1.CAB
24 Jun 2008 17:09:38 10.144 A.... I:\WINDOWS\SOFTWA~1\WEBSETUP\WUIDENT.CAB
2 Jun 2008 21:38:42 142.062 A.... I:\WINDOWS\MICROS~1.NET\FRAMEW~1\V20~1.507\NGEN.LOG
28 Jun 2008 10:47:52 8.192 A.... I:\WINDOWS\SOFTWA~1\DATAST~1\LOGS\EDB.CHK
28 Jun 2008 10:47:52 131.072 A.... I:\WINDOWS\SOFTWA~1\DATAST~1\LOGS\EDB.LOG
25 Jun 2008 12:25:02 131.072 A.... I:\WINDOWS\SOFTWA~1\DATAST~1\LOGS\EDB00091.LOG
27 Jun 2008 13:46:52 25.384 A.... I:\WINDOWS\SOFTWA~1\SELFUP~1\DEFAULT\WSUS3S~1.CAB
28 Apr 2008 15:57:00 10.040 A.... I:\WINDOWS\SOFTWA~1\WUREDIR\9482F4~1\WUREDIR.CAB
2 Jun 2008 21:15:12 8 A.... I:\WINDOWS\SYSTEM32\CATROOT\{F750E~1\TIMEST~1
28 Jun 2008 10:03:48 22 A.... I:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS
28 Jun 2008 11:53:38 27.136 A.... I:\WINDOWS\SYSTEM32\LOGFILES\PUNKBU~1\PNKBSTRA.LOG
28 Jun 2008 11:52:26 4.096 A.... I:\WINDOWS\SYSTEM32\LOGFILES\WUDF\WUDFTR~1.ETL
16 May 2008 22:21:34 17.425 A.... I:\WINDOWS\SYSTEM32\MACROMED\FLASH\INSTALL.LOG
16 May 2008 22:21:34 74.649 A.... I:\WINDOWS\SYSTEM32\MACROMED\FLASH\UNINST~2.EXE
28 Jun 2008 11:53:52 20 A.... I:\WINDOWS\SYSTEM32\WBEM\REPOSI~1\$WINMGMT.CFG
28 Jun 2008 11:55:48 1.253.376 A.... I:\WINDOWS\SYSTEM32\WBEM\REPOSI~1\FS\INDEX.BTR
28 Jun 2008 11:55:48 644 A.... I:\WINDOWS\SYSTEM32\WBEM\REPOSI~1\FS\INDEX.MAP
28 Jun 2008 11:55:48 4 A.... I:\WINDOWS\SYSTEM32\WBEM\REPOSI~1\FS\MAPPING.VER
28 Jun 2008 11:55:48 4.864 A.... I:\WINDOWS\SYSTEM32\WBEM\REPOSI~1\FS\MAPPING1.MAP
28 Jun 2008 11:55:40 4.864 A.... I:\WINDOWS\SYSTEM32\WBEM\REPOSI~1\FS\MAPPING2.MAP
28 Jun 2008 11:55:48 4.220 A.... I:\WINDOWS\SYSTEM32\WBEM\REPOSI~1\FS\OBJECTS.MAP
28 Jun 2008 11:55:48 8.536.064 A.... I:\WINDOWS\SYSTEM32\WBEM\REPOSI~1\FS\OBJECT~1.DAT

Antispyware? ich sach nur plagegeist

Plagegeister aller Art und deren Bekämpfung: Antispyware? ich sach nur plagegeist

Antispyware? ich sach nur plagegeist

Ähnliche Themen: Antispyware? ich sach nur plagegeist