Trojaner-Board - Trojaner blockt Task Manager

Trojaner-Board (https://www.trojaner-board.de/)

- Alles rund um Windows (https://www.trojaner-board.de/alles-rund-um-windows/)

- - Trojaner blockt Task Manager (https://www.trojaner-board.de/23125-trojaner-blockt-task-manager.html)

Trojaner blockt Task Manager

Hallo zusammen! Ich habe mir wohl einen Trojaner eingefangen, mein Task-Manager lässt sich weder per Tastenkombi (Strg+Alt+Entf) noch per Rechtsklick auf die Taskleiste und da "Task-Manager" öffnen! :heulen:

Weis jemand mit welcher freeware ich diesen am ehesten beseitigen kann oder ist diesem gar nicht mehr beizukommen und ich muss formatieren? Das will ich nwirklich nur im äußersten Notfall, also bin ich jedem der eine Anregung oder Idee oder Tip für mich hat SEHR DANKBAR!

:confused: Danke! mfg Stoiner

lad dir mal antivir> www.free-av.de , spybot > www.safer-networking.org , ad aware > www.lavasoftusa.com runter, update und scanne mit denen. Poste DANACH ein HJT und ein Escan Log .

hey

kann sein,dass du Worm/Rbot.adx eingefangen hast!

#Versuch mal unter Start/Ausführen,ob folgende Bfehle funktionieren cmd und regedit

Poste mal ein HijackThis Log

Gruss
Expert

Bei beiden Befehlen kommt "Datei nicht gefunden" !?
Mir fehlt auh der "System32" Ordner, der eigentlich im Windows Ordner sein müsste, entweder Ordneroptionen stimmen nicht sodass er nicht angezeigt wird oder er ist da nicht mehr drin!

@ 1. Antwort: Ich lasse seit nem Jahr je Woche 4-5 x jeweils Spybot UND AdAware drüber laufen! Und seid das mit dem Taskmanager ist, findet der AdAware auch immer ca. 20 Kritische Objekte, ca 15 meistens nur spyware aber eben ca 5 Dateien die eine "8" als Bedrohung auf der Skala sind!

Aber die sind beim nächsten Scan wieder da!

Danke schon für die ersten Antworten, würde mich freuen wenn welche auch auf diese Fragen reagieren!

Was für eine Windows-Version hast du denn eigentlich?

Zitat:

Zitat von Stoiner

@ 1. Antwort: Ich lasse seit nem Jahr je Woche 4-5 x jeweils Spybot UND AdAware drüber laufen!

Lösung 1: dies ist unnötig, du hast leichte Paranoia

Lösung 2: es ist nötig, du solltest dein Surfverhalten, deine eingesetze Software umstellen.

(und hoffentlich nutzt du Spybot Search&Destroy und keinen Spybot) http://www.trojaner-board.com/images...es/biggrin.gif

Shadow der schon die Hoffnung aufgegeben hat, dass 'man' die Begriffe "Trojaner" und "Spybot"/"Spybot S&D" sinngemäß benutzt.

hey

Ja es ist Worm/Rbot.adx

poste mal ein Hijackthis-Logfile

Gruss
Expert

Ich hab jetzt die hijackthis.log und die mwav.log

wie kann ich die euch zeigen dass ihr mir weiterhelfen könnt? Kann ich die einem per eMail oder icq schicken?

Danke!

Ich habe WIndows XP

Zitat:

Zitat von Stoiner

Kann ich die einem per eMail oder icq schicken?

Nein, ins (entsprechende) Forum.
Da hier begonnen würde ich (Mods mögen mich korrigieren) es hier reinschreiben, beachte aber auch http://www.trojaner-board.com/showthread.php?t=22770

mein Problem ist dass ich nicht weis wie ich das hier reinstellen kann dass ihr sie lesen könnt! Deswegen wollte ich es per icq oder eMail verschicken!

Zitat:

Zitat von Stoiner

mein Problem ist dass ich nicht weis wie ich das hier reinstellen kann dass ihr sie lesen könnt! Deswegen wollte ich es per icq oder eMail verschicken!

Einfach kopieren & hier einfügen

Gruss
Expert

AAAAALLLLSSSSoooo wenn du HJT/eScan durchlaufen hast lassen (komischer satzbau), dann kommt da immer eine sogenannte Textdatei. Wenn du in dieser Textdatei bist einfach irgendwoe hinklicken und Strg+A machen, dann müsste die ganze Schrift die Farbe gewechselt haben und dannn machst du einfach Strg+C und wenn du dann hier in's forum schreibst, dann einfach strg+V und das ganze hast du hier eingefügt.

Ich musste den Text dritteln, er war zu lang!
mwav.log:

Sat Oct 29 10:54:00 2005 => **********************************************************

Sat Oct 29 10:54:00 2005 => Version 7.2.7 (C:\Bases_X\mwavscan.com)
Sat Oct 29 10:54:00 2005 => Log File: C:\Bases_X\MWAV.LOG
Sat Oct 29 10:54:00 2005 => MWAV Registered: FALSE.
Sat Oct 29 10:54:00 2005 => MWAV Mode: Only Scan files.
Sat Oct 29 10:54:01 2005 => Latest Date of files inside MWAV: 21 Oct 2005 13:06:37.
Sat Oct 29 10:54:01 2005 => Regvalue RestrictAnonymous Reset. This could be part of a worm!!!
Sat Oct 29 10:54:05 2005 => AV Library Loaded...
Sat Oct 29 10:54:05 2005 => MWAV doing self scanning...
Sat Oct 29 10:54:05 2005 => Scanning File C:\Bases_X\kavss.exe
Sat Oct 29 10:54:05 2005 => Scanning File C:\Bases_X\Getvlist.exe
Sat Oct 29 10:54:05 2005 => Scanning File C:\Bases_X\kavss.dll
Sat Oct 29 10:54:05 2005 => Scanning File C:\Bases_X\kavssdi.dll
Sat Oct 29 10:54:05 2005 => Scanning File C:\Bases_X\kavssi.dll
Sat Oct 29 10:54:05 2005 => Scanning File C:\Bases_X\kavvlg.dll
Sat Oct 29 10:54:05 2005 => Scanning File C:\Bases_X\msvlclnt.dll
Sat Oct 29 10:54:05 2005 => Scanning File C:\Bases_X\ipc.dll
Sat Oct 29 10:54:06 2005 => Scanning File C:\Bases_X\main.avi
Sat Oct 29 10:54:06 2005 => Scanning File C:\Bases_X\virus.avi
Sat Oct 29 10:54:06 2005 => MWAV files are clean.
Sat Oct 29 10:54:10 2005 => Virus Database Date: 2005/10/21
Sat Oct 29 10:54:10 2005 => Virus Database Count: 155382

Sat Oct 29 10:54:49 2005 => **********************************************************
Sat Oct 29 10:54:49 2005 => MicroWorld Anti Virus & Spyware Toolkit Utility.
Sat Oct 29 10:54:49 2005 => Copyright © 2003-2005, MicroWorld Technologies Inc.
Sat Oct 29 10:54:49 2005 =>
Sat Oct 29 10:54:49 2005 => Support: support@mwti.net
Sat Oct 29 10:54:49 2005 => Web: http://www.mwti.net
Sat Oct 29 10:54:49 2005 => **********************************************************
Sat Oct 29 10:54:49 2005 => Version 7.2.7 (C:\Bases_X\mwavscan.com)
Sat Oct 29 10:54:49 2005 => Log File: C:\Bases_X\MWAV.LOG
Sat Oct 29 10:54:49 2005 => User Account: XP-User
Sat Oct 29 10:54:49 2005 => Windows Root Folder: C:\WINDOWS
Sat Oct 29 10:54:49 2005 => Windows Sys32 Folder: C:\WINDOWS\system32
Sat Oct 29 10:54:49 2005 => OS: Windows NT
Sat Oct 29 10:54:49 2005 => Latest Date of files inside MWAV: 21 Oct 2005 13:06:37.

Sat Oct 29 10:54:49 2005 => Options Selected by User:
Sat Oct 29 10:54:49 2005 => Memory Check: Enabled
Sat Oct 29 10:54:49 2005 => Registry Check: Enabled
Sat Oct 29 10:54:49 2005 => StartUp Folder Check: Disabled
Sat Oct 29 10:54:49 2005 => System Folder Check: Disabled
Sat Oct 29 10:54:49 2005 => System Area Check: Disabled
Sat Oct 29 10:54:49 2005 => Services Check: Enabled
Sat Oct 29 10:54:49 2005 => Drive Check: Disabled
Sat Oct 29 10:54:49 2005 => All Drive Check :Enabled
Sat Oct 29 10:54:49 2005 => Folder Check: Disabled

Sat Oct 29 10:54:49 2005 => ***** Scanning Memory Files *****
Sat Oct 29 10:54:49 2005 => Scanning File C:\WINDOWS\System32\smss.exe
Sat Oct 29 10:54:49 2005 => Scanning File C:\WINDOWS\system32\ntdll.dll
Sat Oct 29 10:54:49 2005 => Scanning File C:\WINDOWS\SYSTEM32\CSRSS.EXE
Sat Oct 29 10:54:49 2005 => Scanning File C:\WINDOWS\system32\CSRSRV.dll
Sat Oct 29 10:54:49 2005 => Scanning File C:\WINDOWS\system32\basesrv.dll
Sat Oct 29 10:54:49 2005 => Scanning File C:\WINDOWS\system32\winsrv.dll
Sat Oct 29 10:54:49 2005 => Scanning File C:\WINDOWS\system32\GDI32.dll
Sat Oct 29 10:54:49 2005 => Scanning File C:\WINDOWS\system32\KERNEL32.dll
Sat Oct 29 10:54:50 2005 => Scanning File C:\WINDOWS\system32\USER32.dll
Sat Oct 29 10:54:50 2005 => Scanning File C:\WINDOWS\system32\sxs.dll
Sat Oct 29 10:54:50 2005 => Scanning File C:\WINDOWS\system32\ADVAPI32.dll
Sat Oct 29 10:54:50 2005 => Scanning File C:\WINDOWS\system32\RPCRT4.dll
Sat Oct 29 10:54:50 2005 => Scanning File C:\WINDOWS\SYSTEM32\WINLOGON.EXE
Sat Oct 29 10:54:50 2005 => Scanning File C:\WINDOWS\system32\AUTHZ.dll
Sat Oct 29 10:54:50 2005 => Scanning File C:\WINDOWS\system32\msvcrt.dll
Sat Oct 29 10:54:50 2005 => Scanning File C:\WINDOWS\system32\CRYPT32.dll
Sat Oct 29 10:54:50 2005 => Scanning File C:\WINDOWS\system32\MSASN1.dll
Sat Oct 29 10:54:50 2005 => Scanning File C:\WINDOWS\system32\NDdeApi.dll
Sat Oct 29 10:54:50 2005 => Scanning File C:\WINDOWS\system32\PROFMAP.dll
Sat Oct 29 10:54:50 2005 => Scanning File C:\WINDOWS\system32\NETAPI32.dll
Sat Oct 29 10:54:50 2005 => Scanning File C:\WINDOWS\system32\USERENV.dll
Sat Oct 29 10:54:50 2005 => Scanning File C:\WINDOWS\system32\PSAPI.DLL
Sat Oct 29 10:54:50 2005 => Scanning File C:\WINDOWS\system32\REGAPI.dll
Sat Oct 29 10:54:50 2005 => Scanning File C:\WINDOWS\system32\Secur32.dll
Sat Oct 29 10:54:50 2005 => Scanning File C:\WINDOWS\system32\SETUPAPI.dll
Sat Oct 29 10:54:50 2005 => Scanning File C:\WINDOWS\system32\VERSION.dll
Sat Oct 29 10:54:50 2005 => Scanning File C:\WINDOWS\system32\WINSTA.dll
Sat Oct 29 10:54:50 2005 => Scanning File C:\WINDOWS\system32\WINTRUST.dll
Sat Oct 29 10:54:50 2005 => Scanning File C:\WINDOWS\system32\IMAGEHLP.dll
Sat Oct 29 10:54:50 2005 => Scanning File C:\WINDOWS\system32\WS2_32.dll
Sat Oct 29 10:54:50 2005 => Scanning File C:\WINDOWS\system32\WS2HELP.dll
Sat Oct 29 10:54:50 2005 => Scanning File C:\WINDOWS\system32\MSGINA.dll
Sat Oct 29 10:54:50 2005 => Scanning File C:\WINDOWS\system32\SHELL32.dll
Sat Oct 29 10:54:51 2005 => Scanning File C:\WINDOWS\system32\SHLWAPI.dll
Sat Oct 29 10:54:51 2005 => Scanning File C:\WINDOWS\system32\COMCTL32.dll
Sat Oct 29 10:54:51 2005 => Scanning File C:\WINDOWS\system32\ODBC32.dll
Sat Oct 29 10:54:51 2005 => Scanning File C:\WINDOWS\system32\comdlg32.dll
Sat Oct 29 10:54:51 2005 => Scanning File C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
Sat Oct 29 10:54:51 2005 => Scanning File C:\WINDOWS\system32\odbcint.dll
Sat Oct 29 10:54:51 2005 => Scanning File C:\WINDOWS\system32\SHSVCS.dll
Sat Oct 29 10:54:51 2005 => Scanning File C:\WINDOWS\system32\sfc.dll
Sat Oct 29 10:54:51 2005 => Scanning File C:\WINDOWS\system32\sfc_os.dll
Sat Oct 29 10:54:51 2005 => Scanning File C:\WINDOWS\system32\ole32.dll
Sat Oct 29 10:54:51 2005 => Scanning File C:\WINDOWS\system32\Apphelp.dll
Sat Oct 29 10:54:51 2005 => Scanning File C:\WINDOWS\system32\WINSCARD.DLL
Sat Oct 29 10:54:51 2005 => Scanning File C:\WINDOWS\system32\WTSAPI32.dll
Sat Oct 29 10:54:51 2005 => Scanning File C:\WINDOWS\system32\WINMM.dll
Sat Oct 29 10:54:51 2005 => Scanning File C:\WINDOWS\system32\uxtheme.dll
Sat Oct 29 10:54:51 2005 => Scanning File C:\WINDOWS\system32\cscdll.dll
Sat Oct 29 10:54:51 2005 => Scanning File C:\WINDOWS\system32\rsaenh.dll
Sat Oct 29 10:54:51 2005 => Scanning File C:\WINDOWS\system32\WlNotify.dll
Sat Oct 29 10:54:51 2005 => Scanning File C:\WINDOWS\system32\WINSPOOL.DRV
Sat Oct 29 10:54:51 2005 => Scanning File C:\WINDOWS\system32\MPR.dll
Sat Oct 29 10:54:51 2005 => Scanning File C:\WINDOWS\system32\SAMLIB.dll
Sat Oct 29 10:54:51 2005 => Scanning File C:\WINDOWS\system32\msv1_0.dll
Sat Oct 29 10:54:51 2005 => Scanning File C:\WINDOWS\system32\iphlpapi.dll
Sat Oct 29 10:54:51 2005 => Scanning File C:\WINDOWS\system32\cscui.dll
Sat Oct 29 10:54:51 2005 => Scanning File C:\WINDOWS\system32\MPRAPI.dll
Sat Oct 29 10:54:51 2005 => Scanning File C:\WINDOWS\system32\ACTIVEDS.dll
Sat Oct 29 10:54:52 2005 => Scanning File C:\WINDOWS\system32\adsldpc.dll
Sat Oct 29 10:54:52 2005 => Scanning File C:\WINDOWS\system32\WLDAP32.dll
Sat Oct 29 10:54:52 2005 => Scanning File C:\WINDOWS\system32\ATL.DLL
Sat Oct 29 10:54:52 2005 => Scanning File C:\WINDOWS\system32\OLEAUT32.dll
Sat Oct 29 10:54:52 2005 => Scanning File C:\WINDOWS\system32\rtutils.dll
Sat Oct 29 10:54:52 2005 => Scanning File C:\WINDOWS\system32\xpsp2res.dll
Sat Oct 29 10:54:52 2005 => Scanning File C:\WINDOWS\system32\NTMARTA.DLL
Sat Oct 29 10:54:52 2005 => Scanning File C:\WINDOWS\system32\wdmaud.drv
Sat Oct 29 10:54:52 2005 => Scanning File C:\WINDOWS\system32\msacm32.drv
Sat Oct 29 10:54:52 2005 => Scanning File C:\WINDOWS\system32\MSACM32.dll
Sat Oct 29 10:54:52 2005 => Scanning File C:\WINDOWS\system32\midimap.dll
Sat Oct 29 10:54:52 2005 => Scanning File C:\WINDOWS\system32\COMRes.dll
Sat Oct 29 10:54:52 2005 => Scanning File C:\WINDOWS\system32\CLBCATQ.DLL
Sat Oct 29 10:54:52 2005 => Scanning File C:\WINDOWS\etb\nt_hide78.dll
Sat Oct 29 10:54:52 2005 => Scanning File C:\WINDOWS\system32\urlmon.dll
Sat Oct 29 10:54:52 2005 => Scanning File C:\WINDOWS\system32\mlang.dll
Sat Oct 29 10:54:52 2005 => Scanning File C:\WINDOWS\system32\WININET.dll
Sat Oct 29 10:54:52 2005 => Scanning File C:\WINDOWS\system32\wsock32.dll
Sat Oct 29 10:54:52 2005 => Scanning File C:\WINDOWS\system32\mswsock.dll
Sat Oct 29 10:54:53 2005 => Scanning File C:\WINDOWS\system32\hnetcfg.dll
Sat Oct 29 10:54:53 2005 => Scanning File C:\WINDOWS\System32\wshtcpip.dll
Sat Oct 29 10:54:53 2005 => Scanning File C:\WINDOWS\system32\RASAPI32.DLL
Sat Oct 29 10:54:53 2005 => Scanning File C:\WINDOWS\system32\rasman.dll
Sat Oct 29 10:54:53 2005 => Scanning File C:\WINDOWS\system32\TAPI32.dll
Sat Oct 29 10:54:53 2005 => Scanning File C:\WINDOWS\system32\sensapi.dll
Sat Oct 29 10:54:53 2005 => Scanning File C:\WINDOWS\System32\wship6.dll
Sat Oct 29 10:54:53 2005 => Scanning File C:\WINDOWS\system32\services.exe
Sat Oct 29 10:54:53 2005 => Scanning File C:\WINDOWS\system32\SCESRV.dll
Sat Oct 29 10:54:53 2005 => Scanning File C:\WINDOWS\system32\umpnpmgr.dll
Sat Oct 29 10:54:53 2005 => Scanning File C:\WINDOWS\system32\NCObjAPI.DLL
Sat Oct 29 10:54:53 2005 => Scanning File C:\WINDOWS\system32\MSVCP60.dll
Sat Oct 29 10:54:53 2005 => Scanning File C:\WINDOWS\system32\ShimEng.dll
Sat Oct 29 10:54:53 2005 => Scanning File C:\WINDOWS\AppPatch\AcGenral.DLL
Sat Oct 29 10:54:53 2005 => Scanning File C:\WINDOWS\system32\eventlog.dll
Sat Oct 29 10:54:53 2005 => Scanning File C:\WINDOWS\system32\lsass.exe
Sat Oct 29 10:54:53 2005 => Scanning File C:\WINDOWS\system32\LSASRV.dll
Sat Oct 29 10:54:53 2005 => Scanning File C:\WINDOWS\system32\NTDSAPI.dll
Sat Oct 29 10:54:53 2005 => Scanning File C:\WINDOWS\system32\DNSAPI.dll
Sat Oct 29 10:54:53 2005 => Scanning File C:\WINDOWS\system32\SAMSRV.dll
Sat Oct 29 10:54:53 2005 => Scanning File C:\WINDOWS\system32\cryptdll.dll
Sat Oct 29 10:54:53 2005 => Scanning File C:\WINDOWS\system32\msprivs.dll
Sat Oct 29 10:54:53 2005 => Scanning File C:\WINDOWS\system32\kerberos.dll
Sat Oct 29 10:54:53 2005 => Scanning File C:\WINDOWS\system32\netlogon.dll
Sat Oct 29 10:54:54 2005 => Scanning File C:\WINDOWS\system32\w32time.dll
Sat Oct 29 10:54:54 2005 => Scanning File C:\WINDOWS\system32\schannel.dll
Sat Oct 29 10:54:54 2005 => Scanning File C:\WINDOWS\system32\wdigest.dll
Sat Oct 29 10:54:54 2005 => Scanning File C:\WINDOWS\system32\scecli.dll
Sat Oct 29 10:54:54 2005 => Scanning File C:\WINDOWS\system32\ipsecsvc.dll
Sat Oct 29 10:54:54 2005 => Scanning File C:\WINDOWS\system32\oakley.DLL
Sat Oct 29 10:54:54 2005 => Scanning File C:\WINDOWS\system32\WINIPSEC.DLL
Sat Oct 29 10:54:54 2005 => Scanning File C:\WINDOWS\system32\pstorsvc.dll
Sat Oct 29 10:54:54 2005 => Scanning File C:\WINDOWS\system32\psbase.dll
Sat Oct 29 10:54:54 2005 => Scanning File C:\WINDOWS\system32\dssenh.dll
Sat Oct 29 10:54:54 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Sat Oct 29 10:54:54 2005 => Scanning File c:\windows\system32\rpcss.dll
Sat Oct 29 10:54:54 2005 => Scanning File c:\windows\system32\termsrv.dll
Sat Oct 29 10:54:54 2005 => Scanning File c:\windows\system32\ICAAPI.dll
Sat Oct 29 10:54:54 2005 => Scanning File c:\windows\system32\mstlsapi.dll
Sat Oct 29 10:54:54 2005 => Scanning File C:\WINDOWS\System32\wshisn.dll
Sat Oct 29 10:54:54 2005 => Scanning File C:\WINDOWS\System32\winrnr.dll
Sat Oct 29 10:54:54 2005 => Scanning File C:\WINDOWS\system32\rasadhlp.dll
Sat Oct 29 10:54:54 2005 => Scanning File C:\WINDOWS\System32\nwprovau.dll
Sat Oct 29 10:54:54 2005 => Scanning File c:\windows\system32\dhcpcsvc.dll
Sat Oct 29 10:54:54 2005 => Scanning File c:\windows\system32\wzcsvc.dll
Sat Oct 29 10:54:54 2005 => Scanning File c:\windows\system32\WMI.dll
Sat Oct 29 10:54:54 2005 => Scanning File c:\windows\system32\ESENT.dll
Sat Oct 29 10:54:54 2005 => Scanning File C:\WINDOWS\System32\rastls.dll
Sat Oct 29 10:54:54 2005 => Scanning File C:\WINDOWS\system32\CRYPTUI.dll
Sat Oct 29 10:54:54 2005 => Scanning File C:\WINDOWS\System32\raschap.dll
Sat Oct 29 10:54:54 2005 => Scanning File c:\windows\system32\schedsvc.dll
Sat Oct 29 10:54:54 2005 => Scanning File C:\WINDOWS\System32\MSIDLE.DLL
Sat Oct 29 10:54:54 2005 => Scanning File c:\windows\system32\audiosrv.dll
Sat Oct 29 10:54:54 2005 => Scanning File c:\windows\system32\wkssvc.dll
Sat Oct 29 10:54:55 2005 => Scanning File c:\windows\system32\cryptsvc.dll
Sat Oct 29 10:54:55 2005 => Scanning File c:\windows\system32\certcli.dll
Sat Oct 29 10:54:55 2005 => Scanning File c:\windows\system32\netman.dll
Sat Oct 29 10:54:55 2005 => Scanning File c:\windows\system32\netshell.dll
Sat Oct 29 10:54:55 2005 => Scanning File c:\windows\system32\credui.dll
Sat Oct 29 10:54:55 2005 => Scanning File c:\windows\system32\WZCSAPI.DLL
Sat Oct 29 10:54:55 2005 => Scanning File c:\windows\system32\srvsvc.dll
Sat Oct 29 10:54:55 2005 => Scanning File c:\windows\pchealth\helpctr\binaries\pchsvc.dll
Sat Oct 29 10:54:55 2005 => Scanning File c:\windows\system32\es.dll
Sat Oct 29 10:54:55 2005 => Scanning File c:\windows\system32\ipxsap.dll
Sat Oct 29 10:54:55 2005 => Scanning File c:\windows\system32\rtm.dll
Sat Oct 29 10:54:55 2005 => Scanning File c:\windows\system32\adptif.dll
Sat Oct 29 10:54:55 2005 => Scanning File c:\windows\system32\trkwks.dll
Sat Oct 29 10:54:55 2005 => Scanning File c:\windows\system32\srsvc.dll
Sat Oct 29 10:54:55 2005 => Scanning File c:\windows\system32\POWRPROF.dll
Sat Oct 29 10:54:56 2005 => Scanning File c:\windows\system32\seclogon.dll
Sat Oct 29 10:54:56 2005 => Scanning File C:\WINDOWS\System32\WINHTTP.dll
Sat Oct 29 10:54:56 2005 => Scanning File C:\WINDOWS\System32\wbem\wbemcomn.dll
Sat Oct 29 10:54:56 2005 => Scanning File C:\WINDOWS\System32\netcfgx.dll
Sat Oct 29 10:54:56 2005 => Scanning File C:\WINDOWS\System32\CLUSAPI.dll
Sat Oct 29 10:54:56 2005 => Scanning File C:\WINDOWS\System32\rasmans.dll
Sat Oct 29 10:54:56 2005 => Scanning File C:\WINDOWS\System32\Sens.dll
Sat Oct 29 10:54:56 2005 => Scanning File c:\windows\system32\wbem\wmisvc.dll
Sat Oct 29 10:54:56 2005 => Scanning File C:\WINDOWS\system32\VSSAPI.DLL
Sat Oct 29 10:54:56 2005 => Scanning File c:\windows\system32\browser.dll
Sat Oct 29 10:54:56 2005 => Scanning File c:\windows\system32\wuauserv.dll
Sat Oct 29 10:54:56 2005 => Scanning File c:\windows\system32\ipnathlp.dll
Sat Oct 29 10:54:56 2005 => Scanning File C:\WINDOWS\system32\wuaueng.dll
Sat Oct 29 10:54:56 2005 => Scanning File C:\WINDOWS\System32\ADVPACK.dll
Sat Oct 29 10:54:56 2005 => Scanning File C:\WINDOWS\System32\SHFOLDER.dll
Sat Oct 29 10:54:56 2005 => Scanning File C:\WINDOWS\System32\Cabinet.dll
Sat Oct 29 10:54:56 2005 => Scanning File C:\WINDOWS\System32\mspatcha.dll
Sat Oct 29 10:54:56 2005 => Scanning File c:\windows\system32\6to4svc.dll
Sat Oct 29 10:54:56 2005 => Scanning File C:\WINDOWS\system32\comsvcs.dll
Sat Oct 29 10:54:56 2005 => Scanning File C:\WINDOWS\system32\MTXCLU.DLL
Sat Oct 29 10:54:56 2005 => Scanning File C:\WINDOWS\system32\colbact.DLL
Sat Oct 29 10:54:56 2005 => Scanning File C:\WINDOWS\System32\RESUTILS.DLL
Sat Oct 29 10:54:57 2005 => Scanning File C:\WINDOWS\System32\Wbem\wbemcore.dll
Sat Oct 29 10:54:57 2005 => Scanning File C:\WINDOWS\System32\Wbem\esscli.dll
Sat Oct 29 10:54:57 2005 => Scanning File C:\WINDOWS\System32\Wbem\FastProx.dll
Sat Oct 29 10:54:57 2005 => Scanning File C:\WINDOWS\System32\wbem\wmiutils.dll
Sat Oct 29 10:54:57 2005 => Scanning File C:\WINDOWS\System32\wbem\repdrvfs.dll
Sat Oct 29 10:54:57 2005 => Scanning File C:\WINDOWS\System32\wbem\wmiprvsd.dll
Sat Oct 29 10:54:57 2005 => Scanning File C:\WINDOWS\System32\wbem\wbemess.dll
Sat Oct 29 10:54:57 2005 => Scanning File c:\windows\system32\tapisrv.dll
Sat Oct 29 10:54:57 2005 => Scanning File C:\WINDOWS\System32\rastapi.dll
Sat Oct 29 10:54:57 2005 => Scanning File C:\WINDOWS\System32\unimdm.tsp
Sat Oct 29 10:54:57 2005 => Scanning File C:\WINDOWS\System32\uniplat.dll
Sat Oct 29 10:54:57 2005 => Scanning File C:\WINDOWS\System32\kmddsp.tsp
Sat Oct 29 10:54:57 2005 => Scanning File C:\WINDOWS\System32\ndptsp.tsp
Sat Oct 29 10:54:57 2005 => Scanning File C:\WINDOWS\System32\ipconf.tsp
Sat Oct 29 10:54:57 2005 => Scanning File C:\WINDOWS\System32\h323.tsp
Sat Oct 29 10:54:57 2005 => Scanning File C:\WINDOWS\System32\hidphone.tsp
Sat Oct 29 10:54:57 2005 => Scanning File C:\WINDOWS\System32\HID.DLL
Sat Oct 29 10:54:57 2005 => Scanning File C:\WINDOWS\System32\rasppp.dll
Sat Oct 29 10:54:57 2005 => Scanning File C:\WINDOWS\System32\ntlsapi.dll
Sat Oct 29 10:54:57 2005 => Scanning File C:\WINDOWS\System32\ipxwan.dll
Sat Oct 29 10:54:57 2005 => Scanning File C:\WINDOWS\System32\RASDLG.dll
Sat Oct 29 10:54:57 2005 => Scanning File C:\WINDOWS\System32\wbem\ncprov.dll
Sat Oct 29 10:54:57 2005 => Scanning File C:\WINDOWS\System32\wups.dll
Sat Oct 29 10:54:57 2005 => Scanning File C:\WINDOWS\System32\wbem\wbemsvc.dll
Sat Oct 29 10:54:57 2005 => Scanning File c:\windows\system32\dnsrslvr.dll
Sat Oct 29 10:54:57 2005 => Scanning File c:\windows\system32\lmhsvc.dll
Sat Oct 29 10:54:57 2005 => Scanning File c:\windows\system32\webclnt.dll
Sat Oct 29 10:54:58 2005 => Scanning File C:\WINDOWS\system32\LEXBCES.EXE
Sat Oct 29 10:54:58 2005 => Scanning File C:\WINDOWS\system32\lexp2p32.dll
Sat Oct 29 10:54:58 2005 => Scanning File C:\WINDOWS\system32\lex2kusb.dll
Sat Oct 29 10:54:58 2005 => Scanning File C:\WINDOWS\system32\LEXPPS.EXE
Sat Oct 29 10:54:58 2005 => Scanning File C:\WINDOWS\system32\LEXBCE.DLL
Sat Oct 29 10:54:58 2005 => Scanning File C:\WINDOWS\system32\spoolsv.exe
Sat Oct 29 10:54:58 2005 => Scanning File C:\WINDOWS\system32\SPOOLSS.DLL
Sat Oct 29 10:54:58 2005 => Scanning File C:\WINDOWS\system32\localspl.dll
Sat Oct 29 10:54:58 2005 => Scanning File C:\WINDOWS\system32\cnbjmon.dll
Sat Oct 29 10:54:58 2005 => Scanning File C:\WINDOWS\system32\EBPMON24.DLL
Sat Oct 29 10:54:58 2005 => Scanning File C:\WINDOWS\system32\LEXLMPM.DLL
Sat Oct 29 10:54:58 2005 => Scanning File C:\WINDOWS\system32\pjlmon.dll
Sat Oct 29 10:54:58 2005 => Scanning File C:\WINDOWS\system32\tcpmon.dll
Sat Oct 29 10:54:58 2005 => Scanning File C:\WINDOWS\system32\usbmon.dll
Sat Oct 29 10:54:58 2005 => Scanning File C:\WINDOWS\system32\win32spl.dll
Sat Oct 29 10:54:58 2005 => Scanning File C:\WINDOWS\system32\NETRAP.dll
Sat Oct 29 10:54:58 2005 => Scanning File C:\WINDOWS\system32\inetpp.dll
Sat Oct 29 10:54:58 2005 => Scanning File C:\WINDOWS\Explorer.EXE
Sat Oct 29 10:54:58 2005 => Scanning File C:\WINDOWS\system32\BROWSEUI.dll
Sat Oct 29 10:54:58 2005 => Scanning File C:\WINDOWS\system32\SHDOCVW.dll
Sat Oct 29 10:54:58 2005 => Scanning File C:\WINDOWS\System32\themeui.dll
Sat Oct 29 10:54:59 2005 => Scanning File C:\WINDOWS\System32\MSIMG32.dll
Sat Oct 29 10:54:59 2005 => Scanning File C:\WINDOWS\system32\ntshrui.dll
Sat Oct 29 10:54:59 2005 => Scanning File C:\WINDOWS\system32\LINKINFO.dll
Sat Oct 29 10:54:59 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll
Sat Oct 29 10:54:59 2005 => Scanning File C:\WINDOWS\System32\stobject.dll
Sat Oct 29 10:54:59 2005 => Scanning File C:\WINDOWS\System32\BatMeter.dll
Sat Oct 29 10:54:59 2005 => Scanning File C:\WINDOWS\system32\upnpui.dll
Sat Oct 29 10:54:59 2005 => Scanning File C:\WINDOWS\system32\msi.dll
Sat Oct 29 10:54:59 2005 => Scanning File C:\WINDOWS\System32\drprov.dll
Sat Oct 29 10:54:59 2005 => Scanning File C:\WINDOWS\System32\ntlanman.dll
Sat Oct 29 10:54:59 2005 => Scanning File C:\WINDOWS\System32\NETUI0.dll
Sat Oct 29 10:54:59 2005 => Scanning File C:\WINDOWS\System32\NETUI1.dll
Sat Oct 29 10:54:59 2005 => Scanning File C:\WINDOWS\System32\davclnt.dll
Sat Oct 29 10:54:59 2005 => Scanning File C:\WINDOWS\system32\shdoclc.dll
Sat Oct 29 10:54:59 2005 => Scanning File C:\WINDOWS\system32\browselc.dll
Sat Oct 29 10:54:59 2005 => Scanning File C:\WINDOWS\system32\DUSER.dll
Sat Oct 29 10:54:59 2005 => Scanning File C:\WINDOWS\System32\mydocs.dll
Sat Oct 29 10:54:59 2005 => Scanning File C:\WINDOWS\System32\msxml3.dll
Sat Oct 29 10:54:59 2005 => Scanning File c:\windows\system32\jscript.dll
Sat Oct 29 10:54:59 2005 => Scanning File C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll
Sat Oct 29 10:54:59 2005 => Scanning File C:\WINDOWS\System32\sti.dll
Sat Oct 29 10:54:59 2005 => Scanning File C:\WINDOWS\System32\CFGMGR32.dll
Sat Oct 29 10:55:00 2005 => Scanning File C:\WINDOWS\System32\actxprxy.dll
Sat Oct 29 10:55:00 2005 => Scanning File C:\Programme\FRITZ!DSL\IGDCTRL.EXE
Sat Oct 29 10:55:00 2005 => Scanning File C:\Programme\FRITZ!DSL\avmcsock.dll
Sat Oct 29 10:55:00 2005 => Scanning File C:\WINDOWS\system32\MSVCR71.dll
Sat Oct 29 10:55:00 2005 => Scanning File C:\Programme\FRITZ!DSL\avmigd.dll
Sat Oct 29 10:55:00 2005 => Scanning File C:\Programme\FRITZ!DSL\igdapi.dll
Sat Oct 29 10:55:00 2005 => Scanning File C:\WINDOWS\system32\MFC71.DLL
Sat Oct 29 10:55:00 2005 => Scanning File C:\Programme\FRITZ!DSL\avmssl.dll
Sat Oct 29 10:55:00 2005 => Scanning File C:\Programme\FRITZ!DSL\SSLEAY32.dll
Sat Oct 29 10:55:00 2005 => Scanning File C:\Programme\FRITZ!DSL\LIBEAY32.dll
Sat Oct 29 10:55:00 2005 => Scanning File C:\PROGRA~1\GEMEIN~1\AVM\Avmconn.dll
Sat Oct 29 10:55:00 2005 => Scanning File C:\Programme\AVPersonal\AVWUPSRV.EXE
Sat Oct 29 10:55:00 2005 => Scanning File C:\WINDOWS\System32\nvsvc32.exe
Sat Oct 29 10:55:01 2005 => Scanning File C:\WINDOWS\system32\pctspk.exe
Sat Oct 29 10:55:01 2005 => Scanning File C:\WINDOWS\system32\AVIFIL32.dll
Sat Oct 29 10:55:01 2005 => Scanning File C:\WINDOWS\system32\MSVFW32.dll
Sat Oct 29 10:55:01 2005 => Scanning File C:\WINDOWS\system32\NVATray.exe
Sat Oct 29 10:55:01 2005 => Scanning File c:\windows\system32\wiaservc.dll
Sat Oct 29 10:55:01 2005 => Scanning File c:\windows\system32\mscms.dll
Sat Oct 29 10:55:01 2005 => Scanning File C:\WINDOWS\system32\wdfmgr.exe
Sat Oct 29 10:55:01 2005 => Scanning File C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Sat Oct 29 10:55:01 2005 => Scanning File C:\WINDOWS\system32\VSDATA.dll
Sat Oct 29 10:55:01 2005 => Scanning File C:\WINDOWS\system32\VSINIT.dll
Sat Oct 29 10:55:01 2005 => Scanning File C:\WINDOWS\system32\VSUTIL.dll
Sat Oct 29 10:55:01 2005 => Scanning File C:\WINDOWS\system32\ZoneLabs\SSLEAY32.dll
Sat Oct 29 10:55:01 2005 => Scanning File C:\WINDOWS\system32\ZoneLabs\dbghelp.dll
Sat Oct 29 10:55:01 2005 => Scanning File C:\WINDOWS\system32\VSUTIL_Loc0407.dll
Sat Oct 29 10:55:01 2005 => Scanning File C:\WINDOWS\system32\ZoneLabs\vsmon_Loc0407.dll
Sat Oct 29 10:55:02 2005 => Scanning File C:\WINDOWS\system32\zlcomm.dll
Sat Oct 29 10:55:02 2005 => Scanning File C:\WINDOWS\system32\ZLCommDB.dll
Sat Oct 29 10:55:02 2005 => Scanning File C:\WINDOWS\system32\vsxml.dll
Sat Oct 29 10:55:02 2005 => Scanning File C:\WINDOWS\system32\ZoneLabs\vsdb.dll
Sat Oct 29 10:55:02 2005 => Scanning File C:\WINDOWS\system32\ZoneLabs\VSRULEDB.DLL
Sat Oct 29 10:55:02 2005 => Scanning File C:\WINDOWS\system32\ZoneLabs\VSRULEDB_Loc0407.dll
Sat Oct 29 10:55:02 2005 => Scanning File C:\WINDOWS\system32\ZoneLabs\vsvault.dll
Sat Oct 29 10:55:02 2005 => Scanning File C:\WINDOWS\System32\wbem\wbemprox.dll
Sat Oct 29 10:55:02 2005 => Scanning File C:\WINDOWS\system32\ZoneLabs\zlquarantine.dll
Sat Oct 29 10:55:02 2005 => Scanning File C:\WINDOWS\system32\ZoneLabs\zlquarantine_Loc0407.dll
Sat Oct 29 10:55:02 2005 => Scanning File C:\WINDOWS\system32\ZoneLabs\qrbase.dll
Sat Oct 29 10:55:02 2005 => Scanning File C:\WINDOWS\system32\ZoneLabs\scheduler.dll
Sat Oct 29 10:55:02 2005 => Scanning File C:\WINDOWS\system32\ZoneLabs\zlsre.dll
Sat Oct 29 10:55:02 2005 => Scanning File C:\WINDOWS\system32\ZoneLabs\zlsre_Loc0407.dll
Sat Oct 29 10:55:02 2005 => Scanning File C:\WINDOWS\system32\ZoneLabs\srescan.dll
Sat Oct 29 10:55:03 2005 => Scanning File C:\WINDOWS\system32\ZoneLabs\qrsrecl.dll
Sat Oct 29 10:55:03 2005 => Scanning File C:\WINDOWS\system32\ZoneLabs\camupd.dll
Sat Oct 29 10:55:03 2005 => Scanning File C:\WINDOWS\system32\ZoneLabs\vsavpro.dll
Sat Oct 29 10:55:03 2005 => Scanning File C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
Sat Oct 29 10:55:03 2005 => Scanning File C:\WINDOWS\system32\VSPUBAPI.dll

Sat Oct 29 10:55:03 2005 => Scanning File C:\PROGRA~1\ZONELA~1\ZONEAL~1\framewrk.dll
Sat Oct 29 10:55:03 2005 => Scanning File C:\PROGRA~1\ZONELA~1\ZONEAL~1\ZLCLIE~1.DLL
Sat Oct 29 10:55:04 2005 => Scanning File C:\PROGRA~1\ZONELA~1\ZONEAL~1\FRAMEW~1.DLL
Sat Oct 29 10:55:04 2005 => Scanning File C:\WINDOWS\system32\vsmonapi.dll
Sat Oct 29 10:55:04 2005 => Scanning File C:\PROGRA~1\ZONELA~1\ZONEAL~1\alert.zap
Sat Oct 29 10:55:04 2005 => Scanning File C:\PROGRA~1\ZONELA~1\ZONEAL~1\ALERT_~1.ZAP
Sat Oct 29 10:55:04 2005 => Scanning File C:\PROGRA~1\ZONELA~1\ZONEAL~1\cam.zap
Sat Oct 29 10:55:04 2005 => Scanning File C:\PROGRA~1\ZONELA~1\ZONEAL~1\CAM_LO~1.ZAP
Sat Oct 29 10:55:04 2005 => Scanning File C:\PROGRA~1\ZONELA~1\ZONEAL~1\email.zap
Sat Oct 29 10:55:04 2005 => Scanning File C:\PROGRA~1\ZONELA~1\ZONEAL~1\EMAIL_~1.ZAP
Sat Oct 29 10:55:04 2005 => Scanning File C:\PROGRA~1\ZONELA~1\ZONEAL~1\filter.zap
Sat Oct 29 10:55:04 2005 => Scanning File C:\PROGRA~1\ZONELA~1\ZONEAL~1\FILTER~1.ZAP
Sat Oct 29 10:55:04 2005 => Scanning File C:\PROGRA~1\ZONELA~1\ZONEAL~1\firewall.zap
Sat Oct 29 10:55:04 2005 => Scanning File C:\PROGRA~1\ZONELA~1\ZONEAL~1\FIREWA~1.ZAP
Sat Oct 29 10:55:04 2005 => Scanning File C:\PROGRA~1\ZONELA~1\ZONEAL~1\idlock.zap
Sat Oct 29 10:55:04 2005 => Scanning File C:\PROGRA~1\ZONELA~1\ZONEAL~1\IDLOCK~1.ZAP
Sat Oct 29 10:55:04 2005 => Scanning File C:\PROGRA~1\ZONELA~1\ZONEAL~1\privacy.zap
Sat Oct 29 10:55:04 2005 => Scanning File C:\PROGRA~1\ZONELA~1\ZONEAL~1\PRIVAC~1.ZAP
Sat Oct 29 10:55:04 2005 => Scanning File C:\PROGRA~1\ZONELA~1\ZONEAL~1\programs.zap
Sat Oct 29 10:55:04 2005 => Scanning File C:\PROGRA~1\ZONELA~1\ZONEAL~1\PROGRA~1.ZAP
Sat Oct 29 10:55:04 2005 => Scanning File C:\PROGRA~1\ZONELA~1\ZONEAL~1\security.zap
Sat Oct 29 10:55:05 2005 => Scanning File C:\PROGRA~1\ZONELA~1\ZONEAL~1\SECURI~1.ZAP
Sat Oct 29 10:55:05 2005 => Scanning File C:\PROGRA~1\GEMEIN~1\MICROS~1\WORKSS~1\WkUFind.exe
Sat Oct 29 10:55:05 2005 => Scanning File C:\Programme\Java\jre1.5.0_04\bin\jusched.exe
Sat Oct 29 10:55:05 2005 => Scanning File C:\Programme\MsMovies\MsMovies.exe
Sat Oct 29 10:55:33 2005 => File C:\Programme\MsMovies\MsMovies.exe infected by "Trojan-Dropper.Win32.WinAD.h" Virus! Action Taken: No Action Taken.

Sat Oct 29 10:55:33 2005 => Scanning File C:\WINDOWS\system32\MSVBVM60.DLL
Sat Oct 29 10:55:34 2005 => Scanning File C:\Programme\winupdates\winupdates.exe
Sat Oct 29 10:55:34 2005 => File C:\Programme\winupdates\winupdates.exe infected by "Worm.Win32.VB.an" Virus! Action Taken: No Action Taken.

Sat Oct 29 10:55:34 2005 => Scanning File C:\WINDOWS\etb\pokapoka78.exe
Sat Oct 29 10:55:35 2005 => Scanning File C:\WINDOWS\system32\icmp.dll
Sat Oct 29 10:55:35 2005 => Scanning File C:\WINDOWS\system32\avicap32.dll
Sat Oct 29 10:55:35 2005 => Scanning File C:\PROGRA~1\GEMEIN~1\MICROS~1\WORKSS~1\wkcalrem.exe
Sat Oct 29 10:55:35 2005 => Scanning File C:\WINDOWS\System32\alg.exe
Sat Oct 29 10:55:35 2005 => Scanning File C:\Programme\ICQLite\ICQLite.exe
Sat Oct 29 10:55:36 2005 => Scanning File C:\WINDOWS\system32\MFC42.DLL
Sat Oct 29 10:55:36 2005 => Scanning File C:\Programme\ICQLite\ICQRT.dll
Sat Oct 29 10:55:36 2005 => Scanning File C:\Programme\ICQLite\LiteSkinUtils.dll
Sat Oct 29 10:55:36 2005 => Scanning File C:\Programme\ICQLite\ICQLSRP.dll
Sat Oct 29 10:55:36 2005 => Scanning File C:\WINDOWS\system32\OLEPRO32.DLL
Sat Oct 29 10:55:36 2005 => Scanning File C:\WINDOWS\system32\MFC42LOC.DLL
Sat Oct 29 10:55:36 2005 => Scanning File C:\Programme\ICQLite\LiteRes.dll
Sat Oct 29 10:55:36 2005 => Scanning File C:\Programme\ICQLite\actskin4.ocx
Sat Oct 29 10:55:36 2005 => Scanning File C:\Programme\ICQLite\LiteUtil.dll
Sat Oct 29 10:55:37 2005 => Scanning File C:\WINDOWS\system32\RICHED32.DLL
Sat Oct 29 10:55:37 2005 => Scanning File C:\WINDOWS\system32\RICHED20.dll
Sat Oct 29 10:55:37 2005 => Scanning File C:\Programme\ICQLite\MISB.dll
Sat Oct 29 10:55:37 2005 => Scanning File C:\Programme\ICQLite\EmoExtractAsset.dll
Sat Oct 29 10:55:37 2005 => Scanning File C:\WINDOWS\system32\asycfilt.dll
Sat Oct 29 10:55:37 2005 => Scanning File C:\WINDOWS\System32\mshtml.dll
Sat Oct 29 10:55:37 2005 => Scanning File C:\WINDOWS\System32\msls31.dll
Sat Oct 29 10:55:37 2005 => Scanning File C:\WINDOWS\System32\vbscript.dll
Sat Oct 29 10:55:37 2005 => Scanning File C:\WINDOWS\system32\IMM32.DLL
Sat Oct 29 10:55:37 2005 => Scanning File C:\WINDOWS\system32\msdmo.dll
Sat Oct 29 10:55:37 2005 => Scanning File C:\WINDOWS\system32\macromed\flash\Flash.ocx
Sat Oct 29 10:55:37 2005 => Scanning File C:\WINDOWS\System32\iepeers.dll
Sat Oct 29 10:55:37 2005 => Scanning File C:\Programme\ICQLite\ICQLiteShell.dll
Sat Oct 29 10:55:37 2005 => Scanning File C:\PROGRA~1\INTERN~1\iexplore.exe
Sat Oct 29 10:55:37 2005 => Scanning File C:\DOKUME~1\XP-User\LOKALE~1\Temp\262450_1452_1624_1000_78.41.tmp
Sat Oct 29 10:55:38 2005 => Scanning File C:\PROGRA~1\Adobe\ACROBA~2.0\ActiveX\PDFShell.dll
Sat Oct 29 10:55:38 2005 => Scanning File C:\Programme\Illustrate\dBpowerAMP\dBShell.dll
Sat Oct 29 10:55:38 2005 => Scanning File C:\WINDOWS\System32\msimtf.dll
Sat Oct 29 10:55:38 2005 => Scanning File C:\WINDOWS\System32\MSCTF.dll
Sat Oct 29 10:55:38 2005 => Scanning File C:\WINDOWS\system32\ImgUtil.dll
Sat Oct 29 10:55:38 2005 => Scanning File C:\WINDOWS\System32\pngfilt.dll
Sat Oct 29 10:55:38 2005 => Scanning File C:\WINDOWS\system32\dxtrans.dll
Sat Oct 29 10:55:38 2005 => Scanning File C:\WINDOWS\System32\ddrawex.dll
Sat Oct 29 10:55:38 2005 => Scanning File C:\WINDOWS\System32\DDRAW.dll
Sat Oct 29 10:55:38 2005 => Scanning File C:\WINDOWS\System32\DCIMAN32.dll
Sat Oct 29 10:55:38 2005 => Scanning File C:\WINDOWS\system32\dxtmsft.dll
Sat Oct 29 10:55:38 2005 => Scanning File C:\WINDOWS\System32\mshtmled.dll
Sat Oct 29 10:55:38 2005 => Scanning File C:\PROGRA~1\MICROS~4\Office10\msohev.dll
Sat Oct 29 10:55:38 2005 => Scanning File C:\DOKUME~1\XP-User\LOKALE~1\Temp\721656_1452_1624_2400_78.41.tmp
Sat Oct 29 10:55:38 2005 => Scanning File C:\DOKUME~1\XP-User\LOKALE~1\Temp\394006_1452_1624_2460_78.41.tmp
Sat Oct 29 10:55:39 2005 => Scanning File C:\WINDOWS\System32\msieftp.dll
Sat Oct 29 10:55:39 2005 => Scanning File C:\WINDOWS\system32\plugin.ocx
Sat Oct 29 10:55:39 2005 => Scanning File C:\Bases_X\mwavscan.com
Sat Oct 29 10:55:39 2005 => Scanning File C:\Bases_X\msvlclnt.dll
Sat Oct 29 10:55:39 2005 => Scanning File C:\Bases_X\kavssdi.dll
Sat Oct 29 10:55:39 2005 => Scanning File C:\Bases_X\kavssd.dll
Sat Oct 29 10:55:39 2005 => Scanning File C:\Bases_X\kavssi.dll
Sat Oct 29 10:55:39 2005 => Scanning File C:\Bases_X\ipc.dll
Sat Oct 29 10:55:39 2005 => Scanning File C:\Bases_X\RICHED32.DLL
Sat Oct 29 10:55:39 2005 => Scanning File C:\Bases_X\PSAPI.DLL
Sat Oct 29 10:55:39 2005 => Scanning File C:\WINDOWS\system32\VDMDBG.DLL
Sat Oct 29 10:55:39 2005 => Scanning File C:\Bases_X\kavss.exe
Sat Oct 29 10:55:39 2005 => Scanning File C:\Bases_X\kavss.dll

Sat Oct 29 10:55:39 2005 => ***** Scanning Registry Files *****

Sat Oct 29 10:55:39 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
Sat Oct 29 10:55:39 2005 => Scanning File C:\WINDOWS\system32\SHELL32.dll
Sat Oct 29 10:55:39 2005 => Scanning File C:\WINDOWS\system32\SHELL32.dll
Sat Oct 29 10:55:39 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll
Sat Oct 29 10:55:39 2005 => Scanning File C:\WINDOWS\System32\stobject.dll
Sat Oct 29 10:55:39 2005 => Scanning File C:\WINDOWS\system32\upnpui.dll

Sat Oct 29 10:55:39 2005 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad

Sat Oct 29 10:55:39 2005 => Scanning HKLM\SOFTWARE\Microsoft\Internet Explorer\Plugins\Extension

Sat Oct 29 10:55:39 2005 => Scanning HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar
Sat Oct 29 10:55:39 2005 => Scanning File C:\Programme\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll

Sat Oct 29 10:55:39 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects

Sat Oct 29 10:55:39 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler
Sat Oct 29 10:55:39 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Sat Oct 29 10:55:39 2005 => Scanning File C:\WINDOWS\System32\browseui.dll

Sat Oct 29 10:55:39 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
Sat Oct 29 10:55:39 2005 => Scanning File C:\WINDOWS\system32\mmsys.cpl
Sat Oct 29 10:55:39 2005 => Scanning File C:\WINDOWS\system32\icmui.dll
Sat Oct 29 10:55:40 2005 => Scanning File C:\WINDOWS\system32\rshx32.dll
Sat Oct 29 10:55:40 2005 => Scanning File C:\WINDOWS\system32\docprop.dll
Sat Oct 29 10:55:40 2005 => Scanning File C:\WINDOWS\system32\ntshrui.dll
Sat Oct 29 10:55:40 2005 => Scanning File C:\WINDOWS\System32\themeui.dll
Sat Oct 29 10:55:40 2005 => Scanning File C:\WINDOWS\system32\deskadp.dll
Sat Oct 29 10:55:40 2005 => Scanning File C:\WINDOWS\system32\deskmon.dll
Sat Oct 29 10:55:40 2005 => Scanning File C:\WINDOWS\system32\dssec.dll
Sat Oct 29 10:55:40 2005 => Scanning File C:\WINDOWS\system32\SlayerXP.dll
Sat Oct 29 10:55:40 2005 => Scanning File C:\WINDOWS\system32\shscrap.dll
Sat Oct 29 10:55:40 2005 => Scanning File C:\WINDOWS\system32\diskcopy.dll
Sat Oct 29 10:55:40 2005 => Scanning File C:\WINDOWS\system32\ntlanui2.dll
Sat Oct 29 10:55:40 2005 => Scanning File C:\WINDOWS\System32\icmui.dll
Sat Oct 29 10:55:40 2005 => Scanning File C:\WINDOWS\system32\icmui.dll
Sat Oct 29 10:55:40 2005 => Scanning File C:\WINDOWS\system32\printui.dll
Sat Oct 29 10:55:40 2005 => Scanning File C:\WINDOWS\system32\dskquoui.dll
Sat Oct 29 10:55:40 2005 => Scanning File C:\WINDOWS\system32\syncui.dll
Sat Oct 29 10:55:40 2005 => Scanning File C:\WINDOWS\System32\hticons.dll
Sat Oct 29 10:55:40 2005 => Scanning File C:\WINDOWS\system32\fontext.dll
Sat Oct 29 10:55:40 2005 => Scanning File C:\WINDOWS\system32\icmui.dll
Sat Oct 29 10:55:40 2005 => Scanning File C:\WINDOWS\system32\rshx32.dll
Sat Oct 29 10:55:40 2005 => Scanning File C:\WINDOWS\system32\ntshrui.dll
Sat Oct 29 10:55:40 2005 => Scanning File C:\WINDOWS\system32\deskperf.dll
Sat Oct 29 10:55:40 2005 => Scanning File C:\WINDOWS\system32\cryptext.dll
Sat Oct 29 10:55:40 2005 => Scanning File C:\WINDOWS\system32\cryptext.dll
Sat Oct 29 10:55:40 2005 => Scanning File C:\WINDOWS\system32\NETSHELL.dll
Sat Oct 29 10:55:40 2005 => Scanning File C:\WINDOWS\system32\NETSHELL.dll
Sat Oct 29 10:55:40 2005 => Scanning File C:\WINDOWS\system32\wiashext.dll
Sat Oct 29 10:55:40 2005 => Scanning File C:\WINDOWS\system32\wiashext.dll
Sat Oct 29 10:55:40 2005 => Scanning File C:\WINDOWS\system32\wiashext.dll
Sat Oct 29 10:55:40 2005 => Scanning File C:\WINDOWS\system32\wiashext.dll
Sat Oct 29 10:55:40 2005 => Scanning File C:\WINDOWS\system32\wiashext.dll
Sat Oct 29 10:55:40 2005 => Scanning File C:\WINDOWS\System32\remotepg.dll
Sat Oct 29 10:55:40 2005 => Scanning File C:\WINDOWS\System32\wshext.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\PROGRA~1\GEMEIN~1\System\OLEDB~1\oledb32.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\mstask.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\mstask.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\mstask.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\shmedia.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\shmedia.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\shmedia.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\shmedia.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\shmedia.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\shmedia.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\sendmail.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\sendmail.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\occache.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\appwiz.cpl
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\appwiz.cpl
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\appwiz.cpl
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\shimgvw.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\shimgvw.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\shimgvw.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\shimgvw.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\shimgvw.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\shimgvw.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\netplwiz.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\netplwiz.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\netplwiz.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\netplwiz.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\zipfldr.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\zipfldr.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\zipfldr.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\cdfview.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\cdfview.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\cdfview.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\cdfview.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\cdfview.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\msieftp.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\docprop2.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\docprop2.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\docprop2.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\docprop2.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\docprop2.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\docprop2.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\dsquery.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\dsquery.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\dsquery.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\dsquery.dll
Sat Oct 29 10:55:41 2005 => Scanning File C:\WINDOWS\System32\dsuiext.dll
Sat Oct 29 10:55:42 2005 => Scanning File C:\WINDOWS\System32\dsuiext.dll
Sat Oct 29 10:55:42 2005 => Scanning File C:\WINDOWS\System32\mydocs.dll
Sat Oct 29 10:55:42 2005 => Scanning File C:\WINDOWS\System32\mydocs.dll
Sat Oct 29 10:55:42 2005 => Scanning File C:\WINDOWS\System32\mydocs.dll
Sat Oct 29 10:55:42 2005 => Scanning File C:\WINDOWS\System32\cscui.dll
Sat Oct 29 10:55:42 2005 => Scanning File C:\WINDOWS\System32\cscui.dll
Sat Oct 29 10:55:42 2005 => Scanning File C:\WINDOWS\System32\cscui.dll
Sat Oct 29 10:55:42 2005 => Scanning File C:\WINDOWS\msagent\agentpsh.dll
Sat Oct 29 10:55:42 2005 => Scanning File C:\WINDOWS\System32\dfsshlex.dll
Sat Oct 29 10:55:42 2005 => Scanning File C:\WINDOWS\System32\photowiz.dll
Sat Oct 29 10:55:42 2005 => Scanning File C:\WINDOWS\System32\mmcshext.dll
Sat Oct 29 10:55:42 2005 => Scanning File C:\WINDOWS\system32\cabview.dll
Sat Oct 29 10:55:42 2005 => Scanning File C:\PROGRA~1\OUTLOO~1\wabfind.dll
Sat Oct 29 10:55:42 2005 => Scanning File C:\WINDOWS\system32\wmpshell.dll
Sat Oct 29 10:55:42 2005 => Scanning File C:\WINDOWS\system32\wmpshell.dll
Sat Oct 29 10:55:42 2005 => Scanning File C:\WINDOWS\system32\wmpshell.dll
Sat Oct 29 10:55:42 2005 => Scanning File C:\WINDOWS\system32\wuaucpl.cpl
Sat Oct 29 10:55:42 2005 => Scanning File C:\WINDOWS\System32\nvshell.dll
Sat Oct 29 10:55:42 2005 => Scanning File C:\WINDOWS\System32\nvshell.dll
Sat Oct 29 10:55:42 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sat Oct 29 10:55:42 2005 => Scanning File C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
Sat Oct 29 10:55:43 2005 => Scanning File C:\PROGRA~1\MICROS~4\Office10\msohev.dll
Sat Oct 29 10:55:43 2005 => Scanning File C:\WINDOWS\System32\nvshell.dll
Sat Oct 29 10:55:43 2005 => Scanning File C:\PROGRA~1\MICROS~4\Office\OLKFSTUB.DLL
Sat Oct 29 10:55:43 2005 => Scanning File C:\Programme\Illustrate\dBpowerAMP\dBShell.dll
Sat Oct 29 10:55:43 2005 => Scanning File C:\Programme\Illustrate\dBpowerAMP\dMCShell.dll
Sat Oct 29 10:55:43 2005 => Scanning File C:\Programme\ICQLite\ICQLiteShell.dll
Sat Oct 29 10:55:43 2005 => Scanning File C:\WINDOWS\System32\nvcpl.dll
Sat Oct 29 10:55:43 2005 => Scanning File C:\WINDOWS\System32\nvcpl.dll
Sat Oct 29 10:55:43 2005 => Scanning File C:\WINDOWS\System32\twext.dll
Sat Oct 29 10:55:44 2005 => Scanning File C:\WINDOWS\System32\twext.dll
Sat Oct 29 10:55:44 2005 => Scanning File C:\WINDOWS\System32\extmgr.dll
Sat Oct 29 10:55:44 2005 => Scanning File C:\WINDOWS\system32\upnpui.dll
Sat Oct 29 10:55:44 2005 => ERROR!!! Invalid Entry {B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} = C:\Programme\iTunes\iTunesMiniPlayer.dll (in key SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved). No Action Taken.
Sat Oct 29 10:55:44 2005 => Scanning File C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
Sat Oct 29 10:55:44 2005 => Scanning File C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
Sat Oct 29 10:55:44 2005 => Scanning File C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
Sat Oct 29 10:55:44 2005 => Scanning File C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
Sat Oct 29 10:55:44 2005 => Scanning File C:\WINDOWS\system32\Audiodev.dll
Sat Oct 29 10:55:44 2005 => Scanning File C:\WINDOWS\system32\Audiodev.dll

Sat Oct 29 10:55:47 2005 => Scanning HKCR\htmlfile\shell\open\command
Sat Oct 29 10:55:47 2005 => Scanning File C:\PROGRA~1\INTERN~1\iexplore.exe

Sat Oct 29 10:55:47 2005 => Scanning HKCR\htafile\shell\open\command
Sat Oct 29 10:55:47 2005 => Scanning File C:\WINDOWS\System32\mshta.exe

Sat Oct 29 10:55:47 2005 => Scanning HKCR\jsfile\shell\open\command
Sat Oct 29 10:55:47 2005 => Scanning File C:\WINDOWS\System32\WScript.exe

Sat Oct 29 10:55:48 2005 => Scanning HKCR\jsefile\shell\open\command
Sat Oct 29 10:55:48 2005 => Scanning File C:\WINDOWS\System32\WScript.exe

Sat Oct 29 10:55:48 2005 => Scanning HKCR\vbsfile\shell\open\command
Sat Oct 29 10:55:48 2005 => Scanning File C:\WINDOWS\System32\WScript.exe

Sat Oct 29 10:55:48 2005 => Scanning HKCR\vbefile\shell\open\command
Sat Oct 29 10:55:48 2005 => Scanning File C:\WINDOWS\System32\WScript.exe

Sat Oct 29 10:55:48 2005 => Scanning HKCR\wshfile\shell\open\command
Sat Oct 29 10:55:48 2005 => Scanning File C:\WINDOWS\System32\WScript.exe

Sat Oct 29 10:55:48 2005 => Scanning HKCR\wsffile\shell\open\command
Sat Oct 29 10:55:48 2005 => Scanning File C:\WINDOWS\System32\WScript.exe

Sat Oct 29 10:55:48 2005 => ***** Scanning Service Files *****
Sat Oct 29 10:55:48 2005 => Scanning HKLM\SYSTEM\CurrentControlSet\Services
Sat Oct 29 10:55:48 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Sat Oct 29 10:55:48 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\ACPI.sys
Sat Oct 29 10:55:48 2005 => Scanning File C:\WINDOWS\system32\drivers\aec.sys
Sat Oct 29 10:55:48 2005 => Scanning File C:\WINDOWS\System32\drivers\afd.sys
Sat Oct 29 10:55:48 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Sat Oct 29 10:55:48 2005 => Scanning File C:\WINDOWS\System32\alg.exe
Sat Oct 29 10:55:48 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\amdk7.sys
Sat Oct 29 10:55:48 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Sat Oct 29 10:55:48 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\arp1394.sys
Sat Oct 29 10:55:48 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\asyncmac.sys
Sat Oct 29 10:55:48 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\atapi.sys
Sat Oct 29 10:55:48 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\atmarpc.sys
Sat Oct 29 10:55:48 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Sat Oct 29 10:55:48 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\audstub.sys
Sat Oct 29 10:55:48 2005 => Scanning File C:\Programme\FRITZ!DSL\IGDCTRL.EXE
Sat Oct 29 10:55:48 2005 => Scanning File C:\Programme\AVPersonal\AVWUPSRV.EXE
Sat Oct 29 10:55:48 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Sat Oct 29 10:55:48 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\bridge.sys
Sat Oct 29 10:55:48 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\bridge.sys
Sat Oct 29 10:55:48 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Sat Oct 29 10:55:48 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\cdrom.sys
Sat Oct 29 10:55:48 2005 => Scanning File C:\WINDOWS\system32\cisvc.exe
Sat Oct 29 10:55:48 2005 => Scanning File C:\WINDOWS\system32\clipsrv.exe
Sat Oct 29 10:55:48 2005 => Scanning File C:\WINDOWS\System32\dllhost.exe
Sat Oct 29 10:55:48 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Sat Oct 29 10:55:48 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Sat Oct 29 10:55:48 2005 => ERROR!!! Invalid Entry \??\C:\Programme\SinEspias\Defender.sys in SYSTEM\CurrentControlSet\Services\Defender...
Sat Oct 29 10:55:48 2005 => Scanning File C:\PROGRA~1\GEMEIN~1\AVM\de_serv.exe
Sat Oct 29 10:55:49 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Sat Oct 29 10:55:49 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\disk.sys
Sat Oct 29 10:55:49 2005 => Scanning File C:\WINDOWS\System32\dmadmin.exe
Sat Oct 29 10:55:49 2005 => Scanning File C:\WINDOWS\system32\drivers\dmboot.sys
Sat Oct 29 10:55:49 2005 => Scanning File C:\WINDOWS\system32\drivers\dmio.sys
Sat Oct 29 10:55:49 2005 => Scanning File C:\WINDOWS\system32\drivers\dmload.sys
Sat Oct 29 10:55:49 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Sat Oct 29 10:55:49 2005 => Scanning File C:\WINDOWS\system32\drivers\DMusic.sys
Sat Oct 29 10:55:49 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Sat Oct 29 10:55:49 2005 => Scanning File C:\WINDOWS\system32\drivers\drmkaud.sys
Sat Oct 29 10:55:49 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Sat Oct 29 10:55:49 2005 => Scanning File C:\WINDOWS\system32\services.exe
Sat Oct 29 10:55:49 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Sat Oct 29 10:55:49 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Sat Oct 29 10:55:49 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\fdc.sys
Sat Oct 29 10:55:49 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\fetnd5.sys
Sat Oct 29 10:55:49 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\flpydisk.sys
Sat Oct 29 10:55:49 2005 => Scanning File C:\WINDOWS\system32\drivers\fltmgr.sys
Sat Oct 29 10:55:49 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\ftdisk.sys
Sat Oct 29 10:55:49 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\gameenum.sys
Sat Oct 29 10:55:49 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\msgpc.sys
Sat Oct 29 10:55:49 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Sat Oct 29 10:55:49 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Sat Oct 29 10:55:49 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\hidusb.sys
Sat Oct 29 10:55:49 2005 => Scanning File C:\WINDOWS\system32\Drivers\HTTP.sys
Sat Oct 29 10:55:49 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Sat Oct 29 10:55:49 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\i8042prt.sys
Sat Oct 29 10:55:49 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\imapi.sys
Sat Oct 29 10:55:49 2005 => Scanning File C:\WINDOWS\System32\imapi.exe
Sat Oct 29 10:55:49 2005 => Scanning File C:\WINDOWS\system32\drivers\ip6fw.sys
Sat Oct 29 10:55:49 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\ipinip.sys
Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\ipnat.sys
Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\ipsec.sys
Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\irenum.sys
Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\isapnp.sys
Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\kbdclass.sys
Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\system32\drivers\kmixer.sys
Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\system32\LEXBCES.EXE
Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\System32\mnmsrvc.exe
Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\mouclass.sys
Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\mouhid.sys
Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\mrxdav.sys
Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\System32\msdtc.exe
Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\system32\msiexec.exe
Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\system32\drivers\MSKSSRV.sys
Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\system32\drivers\MSPCLOCK.sys
Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\system32\drivers\MSPQM.sys
Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\mssmbios.sys
Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\ndistapi.sys
Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\ndisuio.sys
Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\ndiswan.sys
Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\netbios.sys
Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\netbt.sys
Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\system32\netdde.exe
Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\system32\netdde.exe
Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\System32\lsass.exe
Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\nic1394.sys
Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\System32\lsass.exe
Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Sat Oct 29 10:55:50 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\system32\drivers\nvax.sys
Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\system32\drivers\nvapu.sys
Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\System32\nvsvc32.exe
Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\ohci1394.sys
Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\parport.sys
Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\pci.sys
Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\pciide.sys
Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\system32\pctspk.exe
Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\system32\services.exe
Sat Oct 29 10:55:51 2005 => ERROR!!! Invalid Entry \??\C:\DOKUME~1\XP-User\LOKALE~1\Temp\pnicml.sys in SYSTEM\CurrentControlSet\Services\pnicml...
Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\System32\lsass.exe
Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\raspptp.sys
Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\system32\lsass.exe
Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\psched.sys
Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\ptilink.sys
Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\ptserlp.sys
Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\PxHelp20.sys
Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\rasacd.sys
Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\raspppoe.sys
Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\raspti.sys
Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\rdbss.sys
Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\system32\sessmgr.exe
Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\redbook.sys
Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\System32\locator.exe
Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\System32\rsvp.exe
Sat Oct 29 10:55:51 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\system32\lsass.exe
Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\System32\SCardSvr.exe
Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\system32\drivers\scsiport.sys
Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\secdrv.sys
Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\serenum.sys
Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\serial.sys
Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\system32\drivers\splitter.sys
Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\system32\spoolsv.exe
Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\sr.sys
Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\srv.sys
Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\swenum.sys
Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\system32\drivers\swmidi.sys
Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\System32\dllhost.exe
Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\system32\drivers\sysaudio.sys
Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\system32\smlogsvc.exe
Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\tcpip.sys
Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\tcpip6.sys
Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\termdd.sys
Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\tunmp.sys
Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\system32\wdfmgr.exe
Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\update.sys
Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\System32\ups.exe
Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\usbhub.sys
Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\usbohci.sys
Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\usbprint.sys
Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\usbscan.sys
Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\System32\drivers\vga.sys
Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\vmodem.sys
Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\vpctcom.sys
Sat Oct 29 10:55:52 2005 => Scanning File C:\WINDOWS\system32\vsdatant.sys
Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\System32\vssvc.exe
Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\vvoice.sys
Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\system32\DRIVERS\wanarp.sys
Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\system32\drivers\wdmaud.sys
Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\System32\wbem\wmiapsrv.exe
Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\System32\svchost.exe

Sat Oct 29 10:55:53 2005 => Scanning HKLM\SYSTEM\CurrentControlSet\Services\VxD

Sat Oct 29 10:55:53 2005 => ***** Scanning Important System Files *****
Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\system32\winsock.dll
Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\system32\ws2help.dll
Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\system32\ws2_32.dll
Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\system32\wscntfy.exe
Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\system32\wscript.exe
Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\system32\wscsvc.dll
Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\system32\wscui.cpl
Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\system32\wshatm.dll
Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\system32\wshbth.dll
Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\system32\wshcon.dll
Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\system32\wshde.dll
Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\system32\wshext.dll
Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\system32\wship6.dll
Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\system32\wshisn.dll
Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\system32\wshnetbs.dll
Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\system32\wshom.ocx
Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\system32\wshrm.dll
Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\system32\wshtcpip.dll
Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\system32\wsnmp32.dll
Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\system32\wsock32.dll
Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\system32\wstdecod.dll
Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\explorer.exe
Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\explorer.scf
Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\system32\rundll32.exe
Sat Oct 29 10:55:53 2005 => Scanning File C:\WINDOWS\system32\browseui.dll
Sat Oct 29 10:55:54 2005 => Scanning File C:\WINDOWS\notepad.exe
Sat Oct 29 10:55:54 2005 => Scanning File C:\WINDOWS\system32\notepad.exe
Sat Oct 29 10:55:54 2005 => Scanning File C:\WINDOWS\system32\ctfmon.exe
Sat Oct 29 10:55:54 2005 => Scanning File C:\WINDOWS\system32\cmd.com
Sat Oct 29 10:55:54 2005 => Scanning File C:\WINDOWS\system32\cmd.exe
Sat Oct 29 10:55:54 2005 => Scanning File C:\WINDOWS\system32\kernel32.dll
Sat Oct 29 10:55:54 2005 => Scanning File C:\WINDOWS\system32\ntoskrnl.exe
Sat Oct 29 10:55:54 2005 => Scanning File C:\WINDOWS\system32\ntkrnlpa.exe
Sat Oct 29 10:55:54 2005 => Scanning File C:\WINDOWS\system32\HAL.DLL
Sat Oct 29 10:55:54 2005 => Scanning File C:\WINDOWS\system32\win32k.sys
Sat Oct 29 10:55:54 2005 => Scanning File C:\WINDOWS\system32\ntdll.dll
Sat Oct 29 10:55:54 2005 => Scanning File C:\WINDOWS\system32\advapi32.dll
Sat Oct 29 10:55:54 2005 => Scanning File C:\WINDOWS\system32\user32.dll
Sat Oct 29 10:55:54 2005 => Scanning File C:\WINDOWS\system32\gdi32.dll
Sat Oct 29 10:55:54 2005 => Scanning File C:\WINDOWS\system32\bootvid.dll
Sat Oct 29 10:55:54 2005 => Scanning File C:\WINDOWS\system32\command.com

Sat Oct 29 10:55:54 2005 => ***** Scanning Registry and File system for Adware/Spyware *****
Sat Oct 29 10:55:54 2005 => Loading Spyware Signatures from new External Database (Size: 145160).
Sat Oct 29 10:55:56 2005 => Indexed Spyware Databases Successfully Created...

Sat Oct 29 10:55:56 2005 => System found infected with bearshare Spyware/Adware ({558ec983-bedb-9168-b2de-31dbf0ee543e})! Action taken: No Action Taken.
Sat Oct 29 10:55:56 2005 => System found infected with bearshare Spyware/Adware ({9f95f736-0f62-4214-a4b4-caa6738d4c07})! Action taken: No Action Taken.
Sat Oct 29 10:55:56 2005 => System found infected with xolox Spyware/Adware ({f02c0ae1-d796-42c9-81e1-084d88f79b8e})! Action taken: No Action Taken.
Sat Oct 29 10:55:56 2005 => System found infected with bearshare Spyware/Adware ({5f95e1af-2620-4f15-bdf9-7fdce4607e17})! Action taken: No Action Taken.
Sat Oct 29 10:57:15 2005 => Please Wait Exiting Application...

Sat Oct 29 10:57:16 2005 => Total Objects Scanned: 852
Sat Oct 29 10:57:16 2005 => Total Virus(es) Found: 9
Sat Oct 29 10:57:16 2005 => Total Disinfected Files: 0
Sat Oct 29 10:57:16 2005 => Total Files Renamed: 0
Sat Oct 29 10:57:16 2005 => Total Deleted Objects: 0
Sat Oct 29 10:57:16 2005 => Total Errors: 7
Sat Oct 29 10:57:16 2005 => Time Elapsed: 00:02:25
Sat Oct 29 10:57:22 2005 => Virus Database Date: 2005/10/21
Sat Oct 29 10:57:22 2005 => Virus Database Count: 155382
Sat Oct 29 10:57:28 2005 => System found infected with xolox Spyware/Adware ({2850bdc7-2330-4e31-9fa0-88268846539a})! Action taken: No Action Taken.
Sat Oct 29 10:57:28 2005 => System found infected with bearshare Spyware/Adware ({905d0df2-3a0a-4d94-853c-54a12a745905})! Action taken: No Action Taken.
Sat Oct 29 10:57:29 2005 => System found infected with whenu.savenow Spyware/Adware ({c285d18d-43a2-4aef-83fb-bf280e660a97})! Action taken: No Action Taken.
Sat Oct 29 10:57:29 2005 => Offending Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\uninstall\bearshare !!!
Sat Oct 29 10:57:29 2005 => Object "bearshare Spyware/Adware" found in File System! Action Taken: No Action Taken.

Sat Oct 29 10:57:29 2005 => Offending Key found: HKCU\appevents\eventlabels\bearsharechatnotifymsg !!!
Sat Oct 29 10:57:29 2005 => Object "bearshare Spyware/Adware" found in File System! Action Taken: No Action Taken.

Sat Oct 29 10:57:29 2005 => Offending Key found: HKCU\appevents\schemes\apps\bearshare !!!
Sat Oct 29 10:57:29 2005 => Object "bearshare Spyware/Adware" found in File System! Action Taken: No Action Taken.

Sat Oct 29 10:57:29 2005 => Offending Key found: HKLM\Software\magnet\handlers\bearshare !!!
Sat Oct 29 10:57:29 2005 => Object "bearshare Spyware/Adware" found in File System! Action Taken: No Action Taken.

Sat Oct 29 10:57:29 2005 => Offending Key found: HKLM\Software\bearshare !!!
Sat Oct 29 10:57:29 2005 => Object "bearshare Spyware/Adware" found in File System! Action Taken: No Action Taken.

Sat Oct 29 10:57:29 2005 => Offending Key found: HKLM\Software\kazaa !!!
Sat Oct 29 10:57:29 2005 => Object "kazaa Spyware/Adware" found in File System! Action Taken: No Action Taken.

Sat Oct 29 10:57:29 2005 => Offending Key found: HKCU\Software\kazaa !!!
Sat Oct 29 10:57:29 2005 => Object "kazaa Spyware/Adware" found in File System! Action Taken: No Action Taken.

Sat Oct 29 10:57:29 2005 => Offending Key found: HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartupReg\navisearch !!!
Sat Oct 29 10:57:29 2005 => Object "bargainbuddy Spyware/Adware" found in File System! Action Taken: No Action Taken.

Sat Oct 29 10:57:29 2005 => Offending Key found: HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartupReg\vvsn !!!
Sat Oct 29 10:57:29 2005 => Object "whenu.weathercast Spyware/Adware" found in File System! Action Taken: No Action Taken.

Sat Oct 29 10:57:29 2005 => Offending value found in HKLM\Software\Licenses: {i56b3cf0d9ab991e1} !!!
Sat Oct 29 10:57:29 2005 => Object "bearshare Spyware/Adware" found in File System! Action Taken: No Action Taken.

Sat Oct 29 10:57:29 2005 => Offending value found in HKLM\Software\Licenses: {056b3cf0d9ab991e1} !!!
Sat Oct 29 10:57:29 2005 => Object "bearshare Spyware/Adware" found in File System! Action Taken: No Action Taken.

Sat Oct 29 10:57:29 2005 => ***** Scanning complete. *****
Sat Oct 29 10:57:29 2005 => Virus Database Date: 2005/10/21
Sat Oct 29 10:57:29 2005 => Virus Database Count: 155382

das war mwav und nun kommt hijackthis...