Virenbekämpfung
 

Ich habe ein Großes Problem
Mein PC ist total Viren verseucht!
Ich weiss nicht was es für Viren sind und ich bekomm sie nicht weg!
Im Laufwerk C habe ich sie jetzt als Verknüpfung gefunden und dort steht
"Verknüpfung mit einer Anwendung von MS-DOS"
Es sind datein mit namen
"How Blonde eats a Banana"
Usw....
Wie kann ich sie jetzt beseitigen?
Könnt ihr mir da helfen?

Liebe Grüße und danke Im Voraus

Daria

Hallo,

ich habe auch keine Ahnung, aber ich denke du musst erstmal eine Logfile mit HijackThis erzeugen und die dann kopieren und hier reinposten, sonst können die Profis nichts erkennen und dir auch nicht helfen.

Schau mal hier rein:

http://www.trojaner-board.de/showthread.php?t=17493

Da ist das gut erklärt, was du machen musst. Recht einfach, auch für Dummies wie mich.

SO hier anbei dann mal der Logfile!
Ich Persöhnlich kann NICHTS damit anfangen!
Ich hoffe ihr schon!
Zumal ich nicht mal weis ob mien Virus ein Hijack ist





Logfile of HijackThis v1.99.1
Scan saved at 10:13:02, on 19.08.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\serbw.exe
C:\Programme\Messenger\msmsgs.exe
C:\Programme\Real\RealPlayer\RealPlay.exe
C:\Programme\QuickTime\qttask.exe
C:\WINDOWS\Mixer.exe
C:\PROGRA~1\GEMEIN~1\aol\AOLPRI~1\AOLSP Scheduler.exe
C:\WINDOWS\system32\P2P Networking\P2P Networking.exe
C:\Programme\MSN Messenger\msnmsgr.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\AOL 9.0\waol.exe
C:\Programme\AOL 9.0\shellmon.exe
C:\Programme\Gemeinsame Dateien\Aol\aoltpspd.exe
C:\Programme\Winamp\Winamp.exe
C:\Dokumente und Einstellungen\Compy\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.kzavsxgabtts.com/pLOHT5A9v0Il2zQhdlr3v0Fi9OPFWHpLZK/iA53YYj7_cb0N_czjMPXSk1965kzl.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.pcaxhrrxhnla.info/pLOHT5A9v0KHE6Q2HE7bUxMUojmuNmILZSEitgW4zt4.html
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O1 - Hosts: 64.233.167.104 www.symantec.com
O1 - Hosts: 64.233.167.104 www.sophos.com
O1 - Hosts: 64.233.167.104 www.mcafee.com
O1 - Hosts: 64.233.167.104 www.viruslist.com
O1 - Hosts: 64.233.167.104 www.f-secure.com
O1 - Hosts: 64.233.167.104 www.avp.com
O1 - Hosts: 64.233.167.104 www.kaspersky.com
O1 - Hosts: 64.233.167.104 www.networkassociates.com
O1 - Hosts: 64.233.167.104 www.ca.com
O1 - Hosts: 64.233.167.104 www.my-etrust.com
O1 - Hosts: 64.233.167.104 www.nai.com
O1 - Hosts: 64.233.167.104 www.trendmicro.com
O1 - Hosts: 64.233.167.104 www.grisoft.com
O1 - Hosts: 64.233.167.104 securityresponse.symantec.com
O1 - Hosts: 64.233.167.104 symantec.com
O1 - Hosts: 64.233.167.104 sophos.com
O1 - Hosts: 64.233.167.104 mcafee.com
O1 - Hosts: 64.233.167.104 liveupdate.symantecliveupdate.com
O1 - Hosts: 64.233.167.104 viruslist.com
O1 - Hosts: 64.233.167.104 f-secure.com
O1 - Hosts: 64.233.167.104 kaspersky.com
O1 - Hosts: 64.233.167.104 kaspersky-labs.com
O1 - Hosts: 64.233.167.104 avp.com
O1 - Hosts: 64.233.167.104 networkassociates.com
O1 - Hosts: 64.233.167.104 ca.com
O1 - Hosts: 64.233.167.104 mast.mcafee.com
O1 - Hosts: 64.233.167.104 my-etrust.com
O1 - Hosts: 64.233.167.104 download.mcafee.com
O1 - Hosts: 64.233.167.104 dispatch.mcafee.com
O1 - Hosts: 64.233.167.104 secure.nai.com
O1 - Hosts: 64.233.167.104 nai.com
O1 - Hosts: 64.233.167.104 update.symantec.com
O1 - Hosts: 64.233.167.104 updates.symantec.com
O1 - Hosts: 64.233.167.104 us.mcafee.com
O1 - Hosts: 64.233.167.104 liveupdate.symantec.com
O1 - Hosts: 64.233.167.104 customer.symantec.com
O1 - Hosts: 64.233.167.104 rads.mcafee.com
O1 - Hosts: 64.233.167.104 trendmicro.com
O1 - Hosts: 64.233.167.104 grisoft.com
O1 - Hosts: 64.233.167.104 sandbox.norman.no
O1 - Hosts: 64.233.167.104 www.pandasoftware.com
O1 - Hosts: 64.233.167.104 uk.trendmicro-europe.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {47C6E4E8-7C50-646B-D799-D6DCD9844510} - C:\DOKUME~1\Compy\ANWEND~1\PUREEL~1\rectsoft.exe
O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - C:\Programme\Need2Find\bar\1.bin\ND2FNBAR.DLL
O2 - BHO: (no name) - {5A72E16F-A591-5D9F-4948-CDE457B68DC2} - C:\DOKUME~1\Compy\ANWEND~1\PUREEL~1\rectsoft.exe
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Programme\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\MSN Apps\MSN Toolbar\01.02.4000.1001\de\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\MSN Apps\MSN Toolbar\01.02.4000.1001\de\msntb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avnort] C:\WINDOWS\system32\serbw.exe
O4 - HKLM\..\Run: [serpe] C:\WINDOWS\system32\serbw.exe
O4 - HKLM\..\Run: [ltwob] C:\WINDOWS\system32\formatsys.exe
O4 - HKLM\..\Run: [RealTray] C:\Programme\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [Ulead AutoDetector] C:\Programme\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\GEMEIN~1\aol\AOLPRI~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\system32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [AltnetPointsManager] c:\program files\altnet\points manager\points manager.exe -s
O4 - HKLM\..\Run: [TypeVgaCurbBib] C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\viewmeowtypevga\Dale Tick.exe
O4 - HKLM\..\RunServices: [avnort] C:\WINDOWS\system32\serbw.exe
O4 - HKLM\..\RunServices: [serpe] C:\WINDOWS\system32\serbw.exe
O4 - HKLM\..\RunServices: [ltwob] C:\WINDOWS\system32\formatsys.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Programme\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [DateByte] C:\DOKUME~1\Compy\ANWEND~1\SOFTWA~1\longlesssettings.exe
O4 - Global Startup: AOL 9.0 Tray-Symbol.lnk = C:\Programme\AOL 9.0\aoltray.exe
O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Search - http://ky.bar.need2find.com/KY/menusearch.html?p=KY
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O12 - Plugin for .MPG: C:\Programme\Internet Explorer\PLUGINS\npqtplugin3.dll
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {14F65762-96FB-44B9-8DAC-93845F377A0E} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/de/filesharingctrl.cab
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.de/computercheckup/qdiagcc.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game15.zylomgames.com/activex/zylomgamesplayer.cab
O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://game12.zylomgames.com/activex/zylomloader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{35E44344-F3EB-4C10-B17E-5962F60D2FA2}: NameServer = 205.188.146.145
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL Privacy Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\GEMEIN~1\aol\AOLPRI~1\\aolserv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
_____________
Anm.
Aktive Links editiert!
Beachte zukünftig die Hinweise dieser Anleitung: HiJackThis.


LG Cidre
S-Mod TB

Hallo, hexe,
das sieht mal gar nicht so gut aus.
Du hast einen peer to peer Wurm drauf. Hier findest du eine Beschreibung dazu.

Folgendes ist zu tun:
Beende folgende Prozesse:
C:\WINDOWS\system32\serbw.exe
C:\WINDOWS\system32\P2P Networking\P2P Networking.exe
Deinstalliere über Systemsteuerung/Software P2P Networking.
Fixe mit HJT alle Einträge mit:
O1 - Hosts:
und weiterhin folgende:
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.pcaxhrrxhnla.info/pLOHT5...SEitgW4zt4.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.kzavsxgabtts.com/pLOHT5A...XSk1965kzl.html
O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - C:\Programme\Need2Find\bar\1.bin\ND2FNBAR.DLL
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Programme\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O4 - HKLM\..\Run: [avnort] C:\WINDOWS\system32\serbw.exe
O4 - HKLM\..\Run: [serpe] C:\WINDOWS\system32\serbw.exe
O4 - HKLM\..\Run: [ltwob] C:\WINDOWS\system32\formatsys.exe
O4 - HKLM\..\Run: [AltnetPointsManager] c:\program files\altnet\points manager\points manager.exe -s
O4 - HKLM\..\Run: [TypeVgaCurbBib] C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\viewmeowtypevga\Dale Tick.exe
O4 - HKLM\..\RunServices: [avnort] C:\WINDOWS\system32\serbw.exe
O4 - HKLM\..\RunServices: [serpe] C:\WINDOWS\system32\serbw.exe
O4 - HKLM\..\RunServices: [ltwob] C:\WINDOWS\system32\formatsys.exe
O4 - HKCU\..\Run: [DateByte] C:\DOKUME~1\Compy\ANWEND~1\SOFTWA~1\longlesssettin gs.exe
O8 - Extra context menu item: &Search - http://ky.bar.need2find.com/KY/menusearch.html?p=KY
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
Dann folgende Dateien manuell löschen:
C:\WINDOWS\system32\serbw.exe
C:\WINDOWS\system32\P2P Networking\P2P Networking.exe
C:\Programme\Need2Find\bar\1.bin\ND2FNBAR.DLL
C:\Programme\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
C:\WINDOWS\system32\formatsys.exe
c:\program files\altnet\points manager\points manager.exe -s
C:\DOKUME~1\Compy\ANWEND~1\SOFTWA~1\longlesssettin gs.exe
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\viewmeowtypevga\Dale Tick.exe
Dann poste ein neues Logfile.
cacatoa
_____________
Anm.
Aktive Links editiert!

LG Cidre
S-Mod TB

@KleeneHexe2110!

Wieviele Threads den noch?

http://www.trojaner-board.de/showthread.php?t=20967
http://www.trojaner-board.de/showthread.php?t=20966
http://www.trojaner-board.de/showthread.php?t=20965

Servus, The Saint!
Hab den anderen thread für die Tonne gemeldet.
Gruß cacatoa

Leute tut mir leit bin nicht so der Forumsexperte!
Deswegen auch gleich Doppelt und Dreifach!
Sorry!

Ist in Ordnung jetzt.
Mach die Dinge, die ich Dir geschrieben habe.
cacatoa

@ Cacatoa

wie in gottes namen kann ich denn die Prozesse beenden?
Also

C:\WINDOWS\system32\serbw.exe
C:\WINDOWS\system32\P2P Networking\P2P Networking.exe

??

Habs erst jetzt gesehen. Aber mittlerweile weißt Du es ja. ;)
cacatoa

Im Taskmanger HIER ein kleines Video dazu.

C:\WINDOWS\system32\serbw.exe
Gelöscht

C:\WINDOWS\system32\P2P Networking\P2P Networking.exe
Der ganze P2p Ordner existiert nicht

C:\Programme\Need2Find\bar\1.bin\ND2FNBAR.DLL
Datei Lässt sich nicht Löschen!
Zugriff wurde Verweigert
Datei ist aber NICHT Schreibgeschützt

C:\Programme\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
Habe ich Gelöscht ^^

C:\WINDOWS\system32\formatsys.exe
Gibts auch nicht mehr kann ich also auch nicht Löschen

c:\program files\altnet\points manager\points manager.exe -s
Gibt es nur
"Points Manager.exe.Manifest"
Soll ich diese Dann löschen oder nicht?

C:\DOKUME~1\Compy\ANWEND~1\SOFTWA~1\longlesssettin gs.exe
Gibts auch nicht ^^

C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\viewmeowtypevga\Dale Tick.exe
Auch nicht Existent ^^


Und hier anbei der NEUE Logfile


Logfile of HijackThis v1.99.1
Scan saved at 11:46:39, on 19.08.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Messenger\msmsgs.exe
C:\Programme\Real\RealPlayer\RealPlay.exe
C:\Programme\QuickTime\qttask.exe
C:\PROGRA~1\GEMEIN~1\aol\AOLPRI~1\AOLSP Scheduler.exe
C:\Programme\MSN Messenger\msnmsgr.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\AOL 9.0\waol.exe
C:\Programme\AOL 9.0\shellmon.exe
C:\Programme\Gemeinsame Dateien\Aol\aoltpspd.exe
C:\Programme\WinMX\WinMX.exe
C:\Dokumente und Einstellungen\Compy\Desktop\HijackThis.exe

F3 - REG:win.ini: run=
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {47C6E4E8-7C50-646B-D799-D6DCD9844510} - C:\DOKUME~1\Compy\ANWEND~1\PUREEL~1\rectsoft.exe
O2 - BHO: (no name) - {5A72E16F-A591-5D9F-4948-CDE457B68DC2} - C:\DOKUME~1\Compy\ANWEND~1\PUREEL~1\rectsoft.exe
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Programme\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll (file missing)
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\MSN Apps\MSN Toolbar\01.02.4000.1001\de\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\MSN Apps\MSN Toolbar\01.02.4000.1001\de\msntb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [RealTray] C:\Programme\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [Ulead AutoDetector] C:\Programme\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\GEMEIN~1\aol\AOLPRI~1\AOLSP Scheduler.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Programme\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: AOL 9.0 Tray-Symbol.lnk = C:\Programme\AOL 9.0\aoltray.exe
O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O12 - Plugin for .MPG: C:\Programme\Internet Explorer\PLUGINS\npqtplugin3.dll
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {14F65762-96FB-44B9-8DAC-93845F377A0E} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/de/filesharingctrl.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.de/computercheckup/qdiagcc.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game15.zylomgames.com/activex/zylomgamesplayer.cab
O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://game12.zylomgames.com/activex/zylomloader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{35E44344-F3EB-4C10-B17E-5962F60D2FA2}: NameServer = 205.188.146.145
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL Privacy Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\GEMEIN~1\aol\AOLPRI~1\\aolserv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe



Und ein Ganz Dickes Danke!

Hi,
das sieht doch schon viel besser aus.
Jetzt wäre es noch sinnvoll, einen eScan durchzuführen.
Halte Dich an die Anleitung und poste das Ergebnis.
cacatoa

Mein Problem ist Folgendes jetzt!
1.Habe ich wohl immer noch einen Virus drauf denn mein PC läuft immer noch nicht einwandfrei
2.Funktioniert meine Soundkarte seit dem Fix nicht mehr

Ich glaube der hat die Deinstalliert oder so

Hi,

also mach erstmal den escan wie schon geschrieben,bevor wir hier weiter machen,denn ich vermute noch was ganz anderes bei dir:

F3 - REG:win.ini: run= ist nicht gut

Anleitung zum Scan hier :

http://www.trojaner-board.com/showpo...23&postcount=2

Gruss

@ HerrKautz:
Servus, auf dem Schiff!!
Im ersten HJT-Log von KleeneHexe war der F3 Eintrag noch nicht vorhanden.
Wieso jetzt?
Grüße aus der sonnigen Landschaft...
cacatoa

Servus cacatoa :huepp:


ich gehe davon aus das er Eintrag erst nach dem fixen von W32/Sumom-A zustande kam,bei Agobot(glaube ich jetz) sieht man den Eintrag F2 oder F3 auch erst,wenn man den Schädling entfernt hat,bin mir jetz aber nicht mehr sicher,wie du weisst war ich ja lange net mehr aktiv!

Einträge siehst du im letzten Log,aber ich gehe eh mal davon aus,dass an dem System nix mehr zu retten is,aber warten wir mal den Scan ab!

Grüsse aus dem warmen DA!Melde mich später mal :party:

Mein Neuer LOG
 

So das ist der neue Log mein PC spinnt nach wie vor
Bitte um erneute Hilfe

Logfile of HijackThis v1.99.1
Scan saved at 12:23:38, on 23.08.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\formatsys.exe
C:\Programme\Messenger\msmsgs.exe
C:\Programme\QuickTime\qttask.exe
C:\PROGRA~1\GEMEIN~1\aol\AOLPRI~1\AOLSP Scheduler.exe
C:\WINDOWS\Mixer.exe
C:\Programme\MSN Messenger\msnmsgr.exe
C:\Programme\Internet Explorer\iexplore.exe
c:\progra~1\intern~1\iexplore.exe
C:\Programme\AOL 9.0\waol.exe
C:\Programme\AOL 9.0\shellmon.exe
C:\Programme\Gemeinsame Dateien\Aol\aoltpspd.exe
C:\Dokumente und Einstellungen\Compy\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.zyfcardhzjkhjzxtbje.info/pLOHT5A9v0Il2zQhdlr3v0Fi9OPFWHpLZK/iA53YYj5aLIGklxcQgvXSk1965kzl.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://web.salvgwqaotejggxg.com/pLOHT5A9v0KHE6Q2HE7bU3C0Ux6MmGAMZSEitgW4zt4.htm
F3 - REG:win.ini: run=
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {47C6E4E8-7C50-646B-D799-D6DCD9844510} - C:\DOKUME~1\Compy\ANWEND~1\PUREEL~1\rectsoft.exe
O2 - BHO: (no name) - {5A72E16F-A591-5D9F-4948-CDE457B68DC2} - C:\DOKUME~1\Compy\ANWEND~1\PUREEL~1\rectsoft.exe
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Programme\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll (file missing)
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\MSN Apps\MSN Toolbar\01.02.4000.1001\de\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\MSN Apps\MSN Toolbar\01.02.4000.1001\de\msntb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avnort] C:\WINDOWS\msmbw.exe
O4 - HKLM\..\Run: [RealTray] C:\Programme\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [Ulead AutoDetector] C:\Programme\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\GEMEIN~1\aol\AOLPRI~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [TypeVgaCurbBib] C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\viewmeowtypevga\Creativefrag.exe
O4 - HKLM\..\RunServices: [ltwob] C:\WINDOWS\system32\formatsys.exe
O4 - HKLM\..\RunServices: [avnort] C:\WINDOWS\msmbw.exe
O4 - HKLM\..\RunServices: [serpe] C:\WINDOWS\system32\serbw.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Programme\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [DateByte] C:\DOKUME~1\Compy\ANWEND~1\SOFTWA~1\longlesssettings.exe
O4 - Global Startup: AOL 9.0 Tray-Symbol.lnk = C:\Programme\AOL 9.0\aoltray.exe
O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Search - http://ky.bar.need2find.com/KY/menusearch.html?p=KY
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O12 - Plugin for .MPG: C:\Programme\Internet Explorer\PLUGINS\npqtplugin3.dll
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {14F65762-96FB-44B9-8DAC-93845F377A0E} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/de/filesharingctrl.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.de/computercheckup/qdiagcc.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game15.zylomgames.com/activex/zylomgamesplayer.cab
O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://game12.zylomgames.com/activex/zylomloader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{35E44344-F3EB-4C10-B17E-5962F60D2FA2}: NameServer = 205.188.146.145
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL Privacy Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\GEMEIN~1\aol\AOLPRI~1\\aolserv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
_____________
Anm.
Aktive Links editiert!
Beachte zukünftig die Hinweise dieser Anleitung: HiJackThis.

Threads zusammengeführt!

LG Cidre
S-Mod TB

Den neuen Log hierhin posten.
Du leidest immer noch an Sumom.A Troj.
cacatoa
Beitrag in die Tonne.

hallo, KleeneHexe2110!
Nutze, diesen, Deinen ersten thread zum immer noch gleichen Thema von nun an weiter, bitte!
Sonst werd ich noch http://www.cosgan.de/images/smilie/muede/s035.gif vor lauter suchen nach deinen irgenwo im Forum verschwundenen Logs...
cacatoa

So, zu Deinem neuen Logfile:
Erst mal will ich wissen, ob du die kennst:
O4 - HKCU\..\Run: [DateByte] C:\DOKUME~1\Compy\ANWEND~1\SOFTWA~1\longlesssettin gs.exe
O4 - HKLM\..\Run: [TypeVgaCurbBib] C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\viewmeowtypevga\Creativefrag .exe
O2 - BHO: (no name) - {5A72E16F-A591-5D9F-4948-CDE457B68DC2} - C:\DOKUME~1\Compy\ANWEND~1\PUREEL~1\rectsoft.exe

Dann sehe ich keinen Virenscanner auf Deinem System.
Wenn du die o.a. Fragen beantwortet hast, machen wir uns ans bereinigen.
cacatoa

Nein das sagt mir alles gar nichts

Hallo,
deaktiviere die Systemwiederherstellung und geh bitte in den abgesicherten Modus. Schau im Task-Manager, ob der Prozeß:
C:\WINDOWS\system32\formatsys.exe
läuft, wenn ja, beende ihn.
Dann im abgesicherten Modus folgende fixen:
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://h**p://www.zyfcardhzjkhjzxtbj...pLZK/iA53YYj5a LIGklxcQgvXSk1965kzl.html
F3 - REG:win.ini: run=
O2 - BHO: (no name) - {47C6E4E8-7C50-646B-D799-D6DCD9844510} - C:\DOKUME~1\Compy\ANWEND~1\PUREEL~1\rectsoft.exe
O2 - BHO: (no name) - {5A72E16F-A591-5D9F-4948-CDE457B68DC2} - C:\DOKUME~1\Compy\ANWEND~1\PUREEL~1\rectsoft.exe
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Programme\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll (file missing
O4 - HKLM\..\Run: [avnort] C:\WINDOWS\msmbw.exe
O4 - HKLM\..\Run: [TypeVgaCurbBib] C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\viewmeowtypevga\Creativefrag .exe
O4 - HKLM\..\RunServices: [ltwob] C:\WINDOWS\system32\formatsys.exe
O4 - HKLM\..\RunServices: [avnort] C:\WINDOWS\msmbw.exe
O4 - HKLM\..\RunServices: [serpe] C:\WINDOWS\system32\serbw.exe
O4 - HKCU\..\Run: [DateByte] C:\DOKUME~1\Compy\ANWEND~1\SOFTWA~1\longlesssettin gs.exe
O8 - Extra context menu item: &Search - http://h**p://ky.bar.need2find.com/K...arch.html?p=KY

Dann folgende Dateien manuell löschen:
C:\DOKUME~1\Compy\ANWEND~1\PUREEL~1\rectsoft.exe
C:\WINDOWS\msmbw.exe
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\viewmeowtypevga\Creativefrag .exe
C:\WINDOWS\system32\formatsys.exe
C:\WINDOWS\msmbw.exe
C:\WINDOWS\system32\serbw.exe
C:\DOKUME~1\Compy\ANWEND~1\SOFTWA~1\longlesssettin gs.exe

Dann neu starten im Normal-Modus und Systemwiederherstellung wieder aktivieren.
Dann neues Logfile posten.
cacatoa

Edit:
Du solltest Dir Gedanken über einen Virenscanner machen. Wenn du nicht bereit bist, dafür Geld auszugeben, dann lade Dir wenigestens kostenfrei den meiner Meinung nach guten Virenscanner AntiVir herunter, update ihn ständig und lass ihn im Hintergrund laufen.

Hallo cacatoa!
Ich kann irgendwie die Systemwiederherstellung nicht deaktivieren!
Ich gehe Rechtemaustaste aus ARbeitsplatz Eigenschaften und dah habe ich folgende auswahlmöglichkeiten
"Erweitert, Automatische Updates, Remote, Allgemein, Computername & Hardware"
Mein Taskmessenger ist lahm gelegt!
Will ich ihn öffnen schließt er sich DIREKT wieder!
Und Antivir ist ebendfalls Lahmgelegt und Funkts gar nicht mehr!
Gruss Hexe

Hallo KleeneHexe2110

zur Systemwiederherstellung Link klicken

Servus cacatoa :daumenhoc

@ Gigmail,
genau das ist ja mein Problem das das Feld mit der Systemwiederherstellung auf meinem Rechner in den Eigenschaften vom Arbeitsplatz NICHT vvorhanden ist!
Das ist das gleiche wie die Tatsache das Mein Taskmessenger der nicht Funktioniert er öffnet sich und schließt sich sofort wieder.
Also gehe ich davon aus das die letze Möglichkeit ist meinen Rechner zu Formatieren, wobei ich es schade finden würde, da ich eine große Sammlung von datein und liedern auf dem PC habe und nicht unbedingt alles Brennen möchet!
Von daher bleibt mir immer noch die Hoffnung das ich eine andere möglichkeit finde meinen PC von diesen "Plagegeistern" zu befreien
Gruss Hexe

Servus Gigamail :)
Hallo, Hexe,
konntest Du wenigstens die Dinge, die ich gesagt habe, fixen?
Was es mit der Systemwiederherstellung auf sich hat, weiß ich jetzt auch noch nicht.
cacatoa

Ok, das mit der systemwiederherstellung hört sich fast wie das problem dass ich vorgestern mit windows me hatte an^^

Probier mal folgendes:
-klicke auf start,ausführen
-gebe regedit ein
-navigiere durch die "schlüssel HKEY_LOCAL_MACHINE/SOFTWARE/POLICIES/MICROSOFT/WINDOWS NT/SYSTEM RESTORE"
-sind dort rechts einträge? wenn ja poste welche

dann falls da keine sind, probier mal über start,programme,zubehör,systemprogramme,systemwiederherstellung wieder ran zu kommen
poste obs funktioniert hat

Hi, chris14,
danke für die Unterstützung! :daumenhoc
cacatoa

Cacatoa welche sachen denn fixen?
Ich versteh NICHTS mehr bin voll durcheunander!

Und @ Chris14
Wenn ich die Regedeit öffnen will passiert das gleiche wie beim Taskmessenger das schließt sofort wieder das fenster
Und über Start steht da
"Die Systemwiederherstellung wurde aufgrund einer Gruppenrichtlinie deaktiviert . Wenden sie sich an den Domainadminstrator um die Sytsemwiederherstellung zu aktivieren"

Heisst das jetzt das das alles schon deaktiviert ist und ich nur noch im Abgesicherten Modus starten und scannen muss?

@Hexe:
Bleib erst mal ganz unruhig...
Im Post Nr. 23 hab ich dir gesagt, Du sollst einige Dinge im abgesicherten Modus fixen.
Ich wollte wissen, ob dir das gelungen ist, auch wenn erst mal die Systemwiederherstellung nicht funktioniert.
Außerdem ist sie ja sowieso schon deaktiviert bei Dir.
Wir müssen uns also später drum bemühen, sie wieder aktiviert zu bekommen...
Zu Deiner Frage: Ja, du kannst jetzt erst mal mit HJT fixen.
cacatoa

ok das habe ich vermutet. ich werde schnell eine registrierungsdatei schreiben, die die systemwiederherstellung reaktiviert (es wäre doch ärgerlich, wenn man kein recht auf seine eigenen programme hätte, oder?)
Downloadlink (kann ja keine .reg dateien anhängen)
aber wie bereits von cacatoa gepostet, ist es momentan nicht so wichtig. das kann ja noch später erledigt werden ;)

Sooo Scan ist im Abgesicherten Modus geglückt!
Ich weiss allerdings das irgendetwas noch vorhanden ist an Viren!
Die Viren haben sich im Laufwerk C versteckt und einer von ihnen ist noch vorhanden "How a Blonde eats a Banana" die anderen sind allerdings gelöscht und im moment scheint alles zu laufen auf den ersten blick
Von den Datein die ich Manuel löschen sollte waren einige auch nicht vorhanden so 2-3 Stück irgendwie der rest ist jedoch gelöscht
Und Hier der neue Log

Logfile of HijackThis v1.99.1
Scan saved at 11:35:04, on 30.08.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\QuickTime\qttask.exe
C:\PROGRA~1\GEMEIN~1\aol\AOLPRI~1\AOLSP Scheduler.exe
C:\WINDOWS\Mixer.exe
C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Dokumente und Einstellungen\Compy\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.qdoqwznprchgdcpbrtbadz.co...XSk1965kzl.cgi
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wkxenzhstcoxvdltllxdgyzah...SEitgW4zt4.htm
F3 - REG:win.ini: run=
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\MSN Apps\MSN Toolbar\01.02.4000.1001\de\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\MSN Apps\MSN Toolbar\01.02.4000.1001\de\msntb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [RealTray] C:\Programme\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [Ulead AutoDetector] C:\Programme\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\GEMEIN~1\aol\AOLPRI~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [TypeVgaCurbBib] C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\viewmeowtypevga\stop bone.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Programme\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [DateByte] C:\DOKUME~1\Compy\ANWEND~1\SOFTWA~1\longlesssettings.exe
O4 - Global Startup: AOL 9.0 Tray-Symbol.lnk = C:\Programme\AOL 9.0\aoltray.exe
O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Search - http://ky.bar.need2find.com/KY/menusearch.html?p=KY
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {14F65762-96FB-44B9-8DAC-93845F377A0E} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.co...haringctrl.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.de/computercheckup/qdiagcc.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/ms...downloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary...o.cab32846.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game15.zylomgames.com/activex...amesplayer.cab
O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://game12.zylomgames.com/activex/zylomloader.cab
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL Privacy Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\GEMEIN~1\aol\AOLPRI~1\\aolserv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

gut dann führe jetzt find.bat wie es in der anleitung von escan steht aus. auch posten der ergebnisse wäre nicht schlecht.(anleitung genau durchlesen)
jetzt wird es auch zeit, die systemwiederherstellung zu reaktivieren ;) (link funktioniert)

desweiteren lösche mal diesen ordner im abgesicherten modus:
viewmeowtypevga\ im ordner C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\

lösche diese datei im abgesicherten modus:
longlesssettin gs.exe im ordner C:\DOKUME~1\Compy\ANWEND~1\SOFTWA~1\

fixe diese einträge:
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.qdoqwznprchgdcpbrtbadz.c...vXSk1965kzl.cgi
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wkxenzhstcoxvdltllxdgyza...ZSEitgW4zt4.htm
F3 - REG:win.ini: run=
O4 - HKLM\..\Run: [TypeVgaCurbBib] C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\viewmeowtypevga\stop bone.exe
O4 - HKCU\..\Run: [DateByte] C:\DOKUME~1\Compy\ANWEND~1\SOFTWA~1\longlesssettin gs.exe

neues HJT-Logfile posten

Chris meinst du mit find.bat den escan?
Also den habe ich gemacht und bin erschüttert
394 Viren gefunden O.o
Habe den Log gespeichert und die anderen Datein wie du gesagt hast gelöscht allerdings waren auch diesmal einige nicht vorhanden
Soll ich jetzt den log vom Escan Posten oder einen neuen HJT log?

So erst mal den HJT

Logfile of HijackThis v1.99.1
Scan saved at 15:18:06, on 31.08.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\QuickTime\qttask.exe
C:\PROGRA~1\GEMEIN~1\aol\AOLPRI~1\AOLSP Scheduler.exe
C:\WINDOWS\Mixer.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Dokumente und Einstellungen\Compy\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.trojaner-board.de/
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\MSN Apps\MSN Toolbar\01.02.4000.1001\de\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\MSN Apps\MSN Toolbar\01.02.4000.1001\de\msntb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [RealTray] C:\Programme\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [Ulead AutoDetector] C:\Programme\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\GEMEIN~1\aol\AOLPRI~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKCU\..\Run: [msnmsgr] "C:\Programme\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: AOL 9.0 Tray-Symbol.lnk = C:\Programme\AOL 9.0\aoltray.exe
O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Search - http://ky.bar.need2find.com/KY/menusearch.html?p=KY
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {14F65762-96FB-44B9-8DAC-93845F377A0E} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.co...haringctrl.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.de/computercheckup/qdiagcc.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/ms...downloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary...o.cab32846.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game15.zylomgames.com/activex...amesplayer.cab
O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://game12.zylomgames.com/activex/zylomloader.cab
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL Privacy Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\GEMEIN~1\aol\AOLPRI~1\\aolserv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

fixe gleich mal den eintrag:
O8 - Extra context menu item: &Search - http://ky.bar.need2find.com/KY/menusearch.html?p=KY
ansonsten ist das log sauber

TEIL 1

File C:\Programme\Need2Find\bar\1.bin\ND2FNBAR.DLL tagged as "not-a-virus:AdWare.MySearch.e". Action Taken: No Action Taken.
Object "kazaa Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "mybar Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "mybar Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "mybar Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "Need2Find bar Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "Cydoor.TOPicks.a Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "Cydoor Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "funwebproducts Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "kazaa Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "kazaa Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "my way speedbar Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "Timesink Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "altnet Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "cws.therealsearch Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "Timesink Spyware/Adware" found in File System! Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "E:\os\msapps\VBA\vedelr3.hlp". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "E:\os\msapps\VBA\vedecn3.hlp". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "E:\os\msapps\VBA\vededf3.hlp". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "E:\Office\oftip8.hlp". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "E:\Office\Graph8.exe". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "E:\Office\vbaoff8.hlp". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "E:\Office\osa.exe". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "E:\Office\mso97.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "E:\Office\osaintl.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "E:\Office\hlink.srg". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "E:\Office\misc.srg". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "E:\Office\findfast.exe". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "E:\Office\Assistnt\logo.act". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "E:\Office\Assistnt\scribble.act". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "E:\Office\Assistnt\dot.act". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "E:\Office\Assistnt\mnature.act". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "E:\Office\Assistnt\hoverbot.act". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "E:\Office\Assistnt\will.act". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "E:\Office\Assistnt\powerpup.act". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "E:\Office\Assistnt\genius.act". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "E:\Office\Msroute.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\system32\pxwma.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ahead\NeroDigital\settings.xml". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Adobe\Photoshop Album\Kataloge\My Catalog.psa". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\cmmgr32.exe" refers to invalid object "C:\WINDOWS\system32\cmmgr32.exe". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\EXCEL.EXE" refers to invalid object "E:\Office\excel.exe". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\LEX2SE.EXE" refers to invalid object "E:\aamsstp\app\lex2se.exe". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\MSACCESS.EXE" refers to invalid object "E:\Office\msaccess.exe". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\MSOFFICE.EXE" refers to invalid object "E:\Office\MSOFFICE.EXE". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\OUTLOOK.EXE" refers to invalid object "E:\Office\OUTLOOK.EXE". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\PEX.Exe" refers to invalid object "C:\Programme\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\PEX.Exe". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\POWERPNT.EXE" refers to invalid object "E:\Office\powerpnt.exe". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\RegCloneCD" refers to invalid object "C:\Programme\SlySoft\CloneCD\RegCloneCD.exe". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\schdpl32.exe" refers to invalid object "E:\Office\schdpl32.exe". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\Winword.exe" refers to invalid object "E:\Office\Winword.exe". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\yourapp.Exe" refers to invalid object "C:\Programme\Your Company Name\WinFast(R) Display Driver\yourapp.Exe". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Shared Tools\dot.act" refers to invalid object "E:\Office\Assistnt\dot.act". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Shared Tools\genius.act" refers to invalid object "E:\Office\Assistnt\genius.act". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Shared Tools\hlink.srg" refers to invalid object "E:\Office\hlink.srg". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Shared Tools\hoverbot.act" refers to invalid object "E:\Office\Assistnt\hoverbot.act". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Shared Tools\logo.act" refers to invalid object "E:\Office\Assistnt\logo.act". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Shared Tools\misc.srg" refers to invalid object "E:\Office\misc.srg". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Shared Tools\mnature.act" refers to invalid object "E:\Office\Assistnt\mnature.act". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Shared Tools\MSACCESS80" refers to invalid object "E:\Office\Msaccess.exe". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Shared Tools\MSGraph" refers to invalid object "E:\Office\Graph8.exe". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Shared Tools\mso97.dll" refers to invalid object "E:\Office\mso97.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Shared Tools\msoc.dll" refers to invalid object "E:\Office". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Shared Tools\MSQuery" refers to invalid object "E:\Office\msqry32.exe". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Shared Tools\msroute.dll" refers to invalid object "E:\Office\Msroute.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Shared Tools\oftip8.hlp" refers to invalid object "E:\Office\oftip8.hlp". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Shared Tools\osa.exe" refers to invalid object "E:\Office\osa.exe". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Shared Tools\osaintl.dll" refers to invalid object "E:\Office\osaintl.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Shared Tools\powerpup.act" refers to invalid object "E:\Office\Assistnt\powerpup.act". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Shared Tools\scribble.act" refers to invalid object "E:\Office\Assistnt\scribble.act". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Shared Tools\VBA Off97 Help" refers to invalid object "E:\Office\vbaoff8.hlp". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Shared Tools\veencn3.hlp" refers to invalid object "E:\os\msapps\VBA\vedecn3.hlp". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Shared Tools\veendf3.hlp" refers to invalid object "E:\os\msapps\VBA\vededf3.hlp". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Shared Tools\veenlr3.hlp" refers to invalid object "E:\os\msapps\VBA\vedelr3.hlp". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Shared Tools\will.act" refers to invalid object "E:\Office\Assistnt\will.act". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "AltnetDM". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{A4D7B764-4140-11D4-88EB-0050DA3579C0}". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{ABEB838C-A1A7-4C5D-B7E1-8B4314600137}". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{ABEB838C-A1A7-4C5D-B7E1-8B4314600425}". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{ABEB838C-A1A7-4C5D-B7E1-8B4314600777}". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{ABEB838C-A1A7-4C5D-B7E1-8B4314600813}". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{ACDCBD7A-C95C-4A97-BD7C-17823E4F66D2}". Action Taken: No Action Taken.

Teil 2

Entry "HKCR\CLSID\{0002034C-0000-0000-C000-000000000046}" refers to invalid object "E:\Office\outlrpc.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0002034E-0000-0000-C000-000000000046}" refers to invalid object "E:\Office\outlrpc.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{00020800-0000-0000-C000-000000000046}" refers to invalid object "E:\Office\Graph8.exe /automation". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{00020803-0000-0000-C000-000000000046}" refers to invalid object "E:\Office\Graph8.exe". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{00020812-0000-0000-C000-000000000046}" refers to invalid object "E:\OFFICE\EXCEL.EXE /automation". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{00020820-0000-0000-C000-000000000046}" refers to invalid object "E:\OFFICE\EXCEL.EXE". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{00020821-0000-0000-C000-000000000046}" refers to invalid object "E:\OFFICE\EXCEL.EXE". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{000208FE-0000-0000-C000-000000000046}" refers to invalid object "xlrec.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{000208FF-0000-0000-C000-000000000046}" refers to invalid object "xlrec.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{00020906-0000-0000-C000-000000000046}" refers to invalid object ""E:\Office\Winword.exe"". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{00020907-0000-0000-C000-000000000046}" refers to invalid object ""E:\Office\Winword.exe"". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{000209FE-0000-0000-C000-000000000046}" refers to invalid object "E:\Office\Winword.exe /Automation". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{000209FF-0000-0000-C000-000000000046}" refers to invalid object "E:\Office\Winword.exe /Automation". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{00020D09-0000-0000-C000-000000000046}" refers to invalid object "E:\Office\outlook.exe". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{00024500-0000-0000-C000-000000000046}" refers to invalid object "E:\OFFICE\EXCEL.EXE /automation". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{00024502-0000-0000-C000-000000000046}" refers to invalid object "E:\Office\Graph8.exe /automation". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{00061068-0000-0000-C000-000000000046}" refers to invalid object "E:\Office\recall.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{00067009-0000-0000-C000-000000000046}" refers to invalid object "E:\Office\outlrpc.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0006F005-0000-0000-C000-000000000046}" refers to invalid object "E:\Office\OUTLOOK.EXE". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0006F006-0000-0000-C000-000000000046}" refers to invalid object "E:\Office\OUTLOOK.EXE". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0006F011-0000-0000-C000-000000000046}" refers to invalid object "E:\Office\OUTLOOK.EXE". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0006F019-0000-0000-C000-000000000046}" refers to invalid object "E:\Office\olkfstub.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0006F01E-0000-0000-C000-000000000046}" refers to invalid object "E:\Office\OUTLOOK.EXE". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0006F01F-0000-0000-C000-000000000046}" refers to invalid object "E:\Office\FINDER.EXE". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0006F020-0000-0000-C000-000000000046}" refers to invalid object "E:\Office\OUTLOOK.EXE". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0006F023-0000-0000-C000-000000000046}" refers to invalid object "E:\Office\outlook.exe". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0006F024-0000-0000-C000-000000000046}" refers to invalid object "E:\Office\outlook.exe". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0006F030-0000-0000-C000-000000000046}" refers to invalid object "E:\Office\OUTLOOK.EXE". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0006F031-0000-0000-C000-000000000046}" refers to invalid object "E:\Office\OUTLOOK.EXE". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0006F032-0000-0000-C000-000000000046}" refers to invalid object "E:\Office\OUTLOOK.EXE". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0006F033-0000-0000-C000-000000000046}" refers to invalid object "E:\Office\OUTLOOK.EXE". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0006F045-0000-0000-C000-000000000046}" refers to invalid object "E:\Office\olkfstub.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{000c0114-0000-0000-c000-000000000046}" refers to invalid object "E:\OFFICE\MSO97.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0482E074-C5B7-101A-82E0-08002B36A333}" refers to invalid object "E:\Office\schdpl32.exe -Automation". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0DED49D5-A8B7-4d5d-97A1-12B0C195874D}" refers to invalid object "BdaPlgin.ax". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{1033CB77-F004-4255-904F-B2A7D783C41C}" refers to invalid object "C:\PROGRA~1\ACCELE~1\ANTI-V~1\vclnr.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{14B6AB23-5420-11d5-BEBF-00606733A9BE}" refers to invalid object "Dext536.ax". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{14B6AB24-5420-11d5-BEBF-00606733A9BE}" refers to invalid object "Dext536.ax". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{250770F3-6AF2-11CF-A915-008029E31FCD}" refers to invalid object "C:\PROGRA~1\MICROS~2\Office\HTML\HTMLMARQ.OCX". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{2582BD1F-69F7-4C58-ACF7-600DB0AC1BD7}" refers to invalid object "C:\PROGRA~1\ahead\Nero\WAVEED~1\RECORD~1.OCX". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{3DC2E831-4713-11d2-BA41-00A0C90D2B05}" refers to invalid object "Dext536.ax". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{3FE740EE-C40B-4DF5-ADDC-8E08CADAA468}" refers to invalid object "C:\PROGRA~1\GEMEIN~1\EACCEL~1\INSTAL~1\pview.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{42A3A9AB-F7B4-40B1-B2AA-F31E35459D4A}" refers to invalid object "C:\PROGRA~1\ahead\Nero\WAVEED~1\RECORD~1.OCX". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{43B1EB80-C5BB-4d29-BB8B-EFA2608017C0}" refers to invalid object "C:\PROGRA~1\GEMEIN~1\EACCEL~1\INSTAL~1\webctl.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{56336BCA-3D8A-11d6-A00B-0050DA18DE71}" refers to invalid object "C:\DOKUME~1\Compy\LOKALE~1\Temp\InfoWindow.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{59850400-6664-101B-B21C-00AA004BA90B}" refers to invalid object "E:\Office\binder.exe". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{59850401-6664-101B-B21C-00AA004BA90B}" refers to invalid object "E:\Office\unbind.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{59850403-6664-101B-B21C-00AA004BA90B}" refers to invalid object "E:\Office\bdrec.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{59850404-6664-101B-B21C-00AA004BA90B}" refers to invalid object "E:\Office\bdrec.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{64818D10-4F9B-11CF-86EA-00AA00B929E8}" refers to invalid object "E:\Office\PowerPnt.exe". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{64818D11-4F9B-11CF-86EA-00AA00B929E8}" refers to invalid object "E:\Office\PowerPnt.exe". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{75E3D6A1-46ED-4C56-866F-C3E56951AF0A}" refers to invalid object "C:\PROGRA~1\GEMEIN~1\EACCEL~1\INSTAL~1\STOPSI~1.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{800DD100-DB43-11CE-914E-00A004000162}" refers to invalid object "E:\Office\msspc32.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{812034D2-760F-11CF-9370-00AA00B8BF00}" refers to invalid object "E:\Office\msoc.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{8422DAE3-9929-11CF-B8D3-004033373DA8}" refers to invalid object "C:\PROGRA~1\MICROS~2\Office\HTML\HTMLMM.OCX". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{8422DAE7-9929-11CF-B8D3-004033373DA8}" refers to invalid object "C:\PROGRA~1\MICROS~2\Office\HTML\HTMLMM.OCX". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{86492B2F-2C85-45dc-80D4-5AD75E0E12F8}" refers to invalid object "C:\Programme\Acceleration Software\Anti-Virus\sstsmon1.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{88E729D6-BDC1-11D1-BD2A-00C04FB9603F}" refers to invalid object "fde.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{8CC49940-3146-11CF-97A1-00AA00424A9F}" refers to invalid object "E:\Office\MSACCESS.EXE". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{91493441-5A91-11CF-8700-00AA0060263B}" refers to invalid object "E:\Office\PowerPnt.exe /AUTOMATION". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{99180163-DA16-101A-935C-444553540000}" refers to invalid object "recncl.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{AE6B4C2F-196B-47C4-B7CD-A91003F78BD5}" refers to invalid object "C:\Programme\Messenger Plus! 2\plugins\ColorNick.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{B0693766-5278-4ec6-B9E1-3CE40560EF5A}" refers to invalid object "CaPlgin.ax". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{B1EDCE8E-86A4-473a-8A36-54B322C3F618}" refers to invalid object "C:\Programme\Ulead Systems\Ulead PhotoImpact 8\wpe.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{B704756C-2311-483A-896B-EF00C6C39BFD}" refers to invalid object "C:\Programme\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Pex.exe /StiDevice:%1 /StiEvent:%2". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{BB7DF450-F119-11CD-8465-00AA00425D90}" refers to invalid object "E:\Office\soa800.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{DB5B8C90-7B62-11CF-A9E4-00AA00B676FC}" refers to invalid object "E:\Office\msrclr35.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{FD0A5AF3-B41D-11d2-9C95-00C04F7971E0}" refers to invalid object "BdaPlgin.ax". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{00020802-0000-0000-C000-000000000046}" refers to invalid object "E:\Office\graph8.olb". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{00020813-0000-0000-C000-000000000046}" refers to invalid object "E:\OFFICE\excel8.olb". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{00062FFF-0000-0000-C000-000000000046}" refers to invalid object "E:\Office\msoutl8.olb". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{00CEDBF1-864D-11D3-908D-00C0F03B3EDC}" refers to invalid object "C:\Programme\Real\RealPlayer\ierjplug.dll". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{226F2D92-A109-439F-AA5F-73624B3A034A}" refers to invalid object "C:\DOKUME~1\Compy\LOKALE~1\Temp\Word8.0\MSForms.EXD". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{250770F0-6AF2-11CF-A915-008029E31FCD}" refers to invalid object "C:\Programme\Microsoft Office\Office\HTML\HTMLMARQ.OCX". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{2DF8D04C-5BFA-101B-BDE5-00AA0044DE52}" refers to invalid object "E:\OFFICE\MSO97.DLL". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{32AC0330-1CA6-4985-91AB-5A2699B88911}" refers to invalid object "C:\Programme\ahead\Nero\WaveEditor\Recording.ocx". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{405DE7B2-E7DD-11D2-92C5-00C0F01F77C1}" refers to invalid object "C:\Programme\Real\RealPlayer\rpau3260.dll". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{47F59201-8783-11D2-8343-00A0C945A819}" refers to invalid object "C:\Programme\Internet Explorer\PLUGINS\RichFX\Player\nprfxins.dll". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{4AFFC9A0-5F99-101B-AF4E-00AA003F0F07}" refers to invalid object "E:\Office\msacc8.olb". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{5DC4361F-94E3-4F32-8248-80C046B39D63}" refers to invalid object "C:\DOKUME~1\Compy\LOKALE~1\Temp\VBE\MSForms.EXD". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{60D8B477-A03E-4729-879E-67D002899263}" refers to invalid object "C:\Programme\Messenger Plus! 2\plugins\ColorNick.dll". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{7AF322C5-AB43-11D4-A00B-0050DA18DE71}" refers to invalid object "C:\DOKUME~1\Compy\LOKALE~1\Temp\InfoWindow.dll". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{8422DAE0-9929-11CF-B8D3-004033373DA8}" refers to invalid object "C:\Programme\Microsoft Office\Office\HTML\HTMLMM.OCX". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{91493440-5A91-11CF-8700-00AA0060263B}" refers to invalid object "E:\Office\Msppt8.olb". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{A67004E0-8362-42F9-B186-88706C346DD9}" refers to invalid object "C:\Programme\Real\RealPlayer\rpplugins\ierpplug.dll". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{D0237635-6A9A-101B-B5A0-00AA004A2F7E}" refers to invalid object "E:\Office\MSBDR8.OLB". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{D55B51B9-FC0D-4697-8B30-ED9F398EFEB1}" refers to invalid object "C:\PROGRA~1\GEMEIN~1\EACCEL~1\INSTAL~1\pview.dll". Action Taken: No Action Taken.
Entry "HKCR\.css" refers to invalid object "CascadingStyleSheetsFile". Action Taken: No Action Taken.
Entry "HKCR\.qry\shell\open\command" refers to invalid object "E:\Office\msqry32.exe %1". Action Taken: No Action Taken.
Entry "HKCR\Access.Application.8\shell\open\command" refers to invalid object "E:\Office\MSACCESS.EXE /NOSTARTUP "%1"". Action Taken: No Action Taken.
Entry "HKCR\Access.BlankDatabaseTemplate.8\shell\open\command" refers to invalid object "E:\Office\MSACCESS.EXE /NOSTARTUP /NEWDB "%1"". Action Taken: No Action Taken.
Entry "HKCR\Access.DatabaseWizardTemplate.8\shell\open\command" refers to invalid object "E:\Office\MSACCESS.EXE /NOSTARTUP /DBWIZ "%1"". Action Taken: No Action Taken.
Entry "HKCR\Access.Extension.8\shell\open\command" refers to invalid object "E:\Office\MSACCESS.EXE /NOSTARTUP "%1"". Action Taken: No Action Taken.
Entry "HKCR\Access.MDEFile.8\shell\open\command" refers to invalid object "E:\Office\MSACCESS.EXE /NOSTARTUP "%1"". Action Taken: No Action Taken.
Entry "HKCR\Access.ShortCut.Form.1\shell\open\command" refers to invalid object "E:\Office\MSACCESS.EXE /NOSTARTUP /SHELLSYSTEM [OpenForm "%1"]". Action Taken: No Action Taken.
Entry "HKCR\Access.ShortCut.Macro.1\shell\open\command" refers to invalid object "E:\Office\MSACCESS.EXE /NOSTARTUP /SHELLSYSTEM [ShellOpenMacro "%1"]". Action Taken: No Action Taken.
Entry "HKCR\Access.ShortCut.Module.1\shell\open\command" refers to invalid object "E:\Office\MSACCESS.EXE /NOSTARTUP /SHELLSYSTEM [OpenModule "%1"]". Action Taken: No Action Taken.
Entry "HKCR\Access.ShortCut.Query.1\shell\open\command" refers to invalid object "E:\Office\MSACCESS.EXE /NOSTARTUP /SHELLSYSTEM [OpenQuery "%1"]". Action Taken: No Action Taken.
Entry "HKCR\Access.ShortCut.Report.1\shell\open\command" refers to invalid object "E:\Office\MSACCESS.EXE /NOSTARTUP /SHELLSYSTEM [OpenReport "%1",2]". Action Taken: No Action Taken.
Entry "HKCR\Access.ShortCut.Table.1\shell\open\command" refers to invalid object "E:\Office\MSACCESS.EXE /NOSTARTUP /SHELLSYSTEM [OpenTable "%1"]". Action Taken: No Action Taken.
Entry "HKCR\AcroExch.FDFDoc\shell\open\command" refers to invalid object """C:\Programme\Adobe\Acrobat 7.0\Reader\AcroRd32.exe"" "%1"". Action Taken: No Action Taken.
Entry "HKCR\AcroExch.XDPDoc\shell\open\command" refers to invalid object """C:\Programme\Adobe\Acrobat 7.0\Reader\AcroRd32.exe"" "%1"". Action Taken: No Action Taken.
Entry "HKCR\AcroExch.XFDFDoc\shell\open\command" refers to invalid object """C:\Programme\Adobe\Acrobat 7.0\Reader\AcroRd32.exe"" "%1"". Action Taken: No Action Taken.
Entry "HKCR\Connection Manager Profile\shell\open\command" refers to invalid object "C:\WINDOWS\system32\CMMGR32.EXE "%1"". Action Taken: No Action Taken.
Entry "HKCR\Excel.Addin\shell\open\command" refers to invalid object ""E:\OFFICE\EXCEL.EXE" /e". Action Taken: No Action Taken.
Entry "HKCR\Excel.Backup\shell\open\command" refers to invalid object ""E:\OFFICE\EXCEL.EXE" /e". Action Taken: No Action Taken.
Entry "HKCR\Excel.Chart\shell\open\command" refers to invalid object ""E:\OFFICE\EXCEL.EXE" /e". Action Taken: No Action Taken.
Entry "HKCR\Excel.Chart.8\shell\open\command" refers to invalid object ""E:\OFFICE\EXCEL.EXE" /e". Action Taken: No Action Taken.
Entry "HKCR\Excel.CSV\shell\open\command" refers to invalid object ""E:\OFFICE\EXCEL.EXE" /e". Action Taken: No Action Taken.
Entry "HKCR\Excel.DIF\shell\open\command" refers to invalid object ""E:\OFFICE\EXCEL.EXE" /e". Action Taken: No Action Taken.
Entry "HKCR\Excel.Macrosheet\shell\open\command" refers to invalid object ""E:\OFFICE\EXCEL.EXE" /e". Action Taken: No Action Taken.
Entry "HKCR\Excel.Sheet.8\shell\open\command" refers to invalid object ""E:\OFFICE\EXCEL.EXE" /e". Action Taken: No Action Taken.
Entry "HKCR\Excel.SLK\shell\open\command" refers to invalid object ""E:\OFFICE\EXCEL.EXE" /e". Action Taken: No Action Taken.
Entry "HKCR\Excel.Template\shell\open\command" refers to invalid object ""E:\OFFICE\EXCEL.EXE" /e". Action Taken: No Action Taken.
Entry "HKCR\Excel.Workspace\shell\open\command" refers to invalid object ""E:\OFFICE\EXCEL.EXE" /e". Action Taken: No Action Taken.
Entry "HKCR\Excel.XLL\shell\open\command" refers to invalid object ""E:\OFFICE\EXCEL.EXE" /e". Action Taken: No Action Taken.
Entry "HKCR\Karten.Document\shell\open\command" refers to invalid object "F:\Visiten.exe "%1"". Action Taken: No Action Taken.
Entry "HKCR\mailto\shell\open\command" refers to invalid object ""E:\Office\OUTLOOK.EXE" -c IPM.Note /m "%1"". Action Taken: No Action Taken.

Teil 3

Entry "HKCR\msbackupfile\shell\open\command" refers to invalid object "%SystemRoot%\system32\ntbackup.exe". Action Taken: No Action Taken.
Entry "HKCR\msgfile\shell\open\command" refers to invalid object "E:\Office\outlook.exe /f "%1"". Action Taken: No Action Taken.
Entry "HKCR\Office.Binder.8\shell\open\command" refers to invalid object "E:\Office\binder.exe -nologo %1". Action Taken: No Action Taken.
Entry "HKCR\Office.Binder.Template\shell\open\command" refers to invalid object "E:\Office\binder.exe -nologo %1". Action Taken: No Action Taken.
Entry "HKCR\Office.Binder.Wizard\shell\open\command" refers to invalid object "E:\Office\binder.exe -nologo %1". Action Taken: No Action Taken.
Entry "HKCR\Office.FileNew\shell\open\command" refers to invalid object "E:\Office\osa.exe -n". Action Taken: No Action Taken.
Entry "HKCR\ossfile\shell\open\command" refers to invalid object "E:\Office\finder.exe /f "%1"". Action Taken: No Action Taken.
Entry "HKCR\outlook\shell\open\command" refers to invalid object "E:\Office\outlook.exe "%1"". Action Taken: No Action Taken.
Entry "HKCR\Outlook.NavigatorBarFile\shell\open\command" refers to invalid object "E:\Office\outlook.exe /s "%1"". Action Taken: No Action Taken.
Entry "HKCR\Outlook.Template\shell\open\command" refers to invalid object "E:\Office\outlook.exe /t "%1"". Action Taken: No Action Taken.
Entry "HKCR\PE2.BasicEditing" refers to invalid object "{ED88DAF1-BA55-11D0-9620-0080C81859FE}". Action Taken: No Action Taken.
Entry "HKCR\PE2.BnC" refers to invalid object "{0B796E76-BA4D-11D0-9617-0080C81859FE}". Action Taken: No Action Taken.
Entry "HKCR\PE2.ClrBaln" refers to invalid object "{0B796E76-BA4D-11D0-9617-0080C81859FE}". Action Taken: No Action Taken.
Entry "HKCR\PE2.Crop" refers to invalid object "{B5CE2CD5-C0A1-11D0-9617-0080C81859FE}". Action Taken: No Action Taken.
Entry "HKCR\PE2.Rotate" refers to invalid object "{ACA339B5-189F-11D1-A838-0080C81F572B}". Action Taken: No Action Taken.
Entry "HKCR\PEX8.UesDocument\shell\open\command" refers to invalid object "C:\Programme\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\pex.exe "%1"". Action Taken: No Action Taken.
Entry "HKCR\PowerPoint.Addin.8\shell\open\command" refers to invalid object "E:\Office\powerpnt.exe "%1"". Action Taken: No Action Taken.
Entry "HKCR\PowerPoint.Show.4\shell\open\command" refers to invalid object "E:\Office\PowerPnt.exe "%1"". Action Taken: No Action Taken.
Entry "HKCR\PowerPoint.Show.7\shell\open\command" refers to invalid object "E:\Office\PowerPnt.exe "%1"". Action Taken: No Action Taken.
Entry "HKCR\PowerPoint.Show.8\shell\open\command" refers to invalid object "E:\Office\PowerPnt.exe "%1"". Action Taken: No Action Taken.
Entry "HKCR\PowerPoint.Slide.4\shell\open\command" refers to invalid object "E:\Office\PowerPnt.exe "%1"". Action Taken: No Action Taken.
Entry "HKCR\PowerPoint.Slide.7\shell\open\command" refers to invalid object "E:\Office\PowerPnt.exe "%1"". Action Taken: No Action Taken.
Entry "HKCR\PowerPoint.Slide.8\shell\open\command" refers to invalid object "E:\Office\PowerPnt.exe "%1"". Action Taken: No Action Taken.
Entry "HKCR\PowerPoint.SlideShow.8\shell\open\command" refers to invalid object "E:\Office\powerpnt.exe /s "%1"". Action Taken: No Action Taken.
Entry "HKCR\PowerPoint.Template.8\shell\open\command" refers to invalid object "E:\Office\powerpnt.exe "%1"". Action Taken: No Action Taken.
Entry "HKCR\PowerPoint.Wizard.8\shell\open\command" refers to invalid object "E:\Office\powerpnt.exe "%1"". Action Taken: No Action Taken.
Entry "HKCR\SchedulePlus.Application.7\shell\open\command" refers to invalid object "E:\Office\schdpl32.exe "%1"". Action Taken: No Action Taken.
Entry "HKCR\ShockwaveFlash.ShockwaveFlash\shell\open\command" refers to invalid object "C:\Dokumente und Einstellungen\Compy\Eigene Dateien\Proggs xD\brauser.exe %1". Action Taken: No Action Taken.
Entry "HKCR\Ulead.VOE.1" refers to invalid object "{6C91BBFD-0781-4936-A3DC-10D60BA3294D}
". Action Taken: No Action Taken.
Entry "HKCR\Word.Backup.8\shell\open\command" refers to invalid object ""E:\Office\Winword.exe" /n". Action Taken: No Action Taken.
Entry "HKCR\Word.Document.8\shell\open\command" refers to invalid object "E:\Office\Winword.exe %1". Action Taken: No Action Taken.
Entry "HKCR\Word.RTF.8\shell\open\command" refers to invalid object "E:\Office\Winword.exe %1". Action Taken: No Action Taken.
Entry "HKCR\Word.Template.8\shell\open\command" refers to invalid object "E:\Office\Winword.exe %1". Action Taken: No Action Taken.
Entry "HKCR\xnkfile\shell\open\command" refers to invalid object "E:\Office\outlook.exe /x "%1"". Action Taken: No Action Taken.
File C:\WINDOWS\system32\drivers\etc\hosts infected by "Trojan-Clicker.Win32.Qhost.e" Virus! Action Taken: No Action Taken.
File C:\WINDOWS\Temp\Adware\RXToolbar.exe tagged as "not-a-virus:AdWare.ToolBar.RXBar.a". Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NURB FOUR PLAY ARMY\show road.exe infected by "Trojan.Win32.Krepper.ab" Virus! Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NURB FOUR PLAY ARMY\This trans.exe infected by "Trojan-Downloader.Win32.Swizzor.bz" Virus! Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NURB FOUR PLAY ARMY\RefFlag.exe infected by "Trojan-Downloader.Win32.Swizzor.bz" Virus! Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NURB FOUR PLAY ARMY\OptionSeek.exe infected by "Trojan-Downloader.Win32.Swizzor.bz" Virus! Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NURB FOUR PLAY ARMY\Web dead.exe infected by "Trojan-Downloader.Win32.Swizzor.bz" Virus! Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NURB FOUR PLAY ARMY\Fast manager.exe infected by "Trojan-Downloader.Win32.Swizzor.bz" Virus! Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NURB FOUR PLAY ARMY\build web.exe infected by "Trojan-Downloader.Win32.Swizzor.bz" Virus! Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NURB FOUR PLAY ARMY\Dumb Software.exe infected by "Trojan-Downloader.Win32.Swizzor.bz" Virus! Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NURB FOUR PLAY ARMY\title info.exe infected by "Trojan-Downloader.Win32.Swizzor.bz" Virus! Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NURB FOUR PLAY ARMY\Upmapi.exe infected by "Trojan-Downloader.Win32.Swizzor.bz" Virus! Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NURB FOUR PLAY ARMY\Fork creative.exe infected by "Trojan-Downloader.Win32.Swizzor.bz" Virus! Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NURB FOUR PLAY ARMY\BallDoes.exe infected by "Trojan-Downloader.Win32.Swizzor.bz" Virus! Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NURB FOUR PLAY ARMY\LocksPile.exe infected by "Trojan-Downloader.Win32.Swizzor.bz" Virus! Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NURB FOUR PLAY ARMY\ListExit.exe infected by "Trojan-Downloader.Win32.Swizzor.bz" Virus! Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NURB FOUR PLAY ARMY\Less Size.exe infected by "Trojan-Downloader.Win32.Swizzor.bz" Virus! Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NURB FOUR PLAY ARMY\TRANSCAMP.exe infected by "Trojan-Downloader.Win32.Swizzor.bz" Virus! Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NURB FOUR PLAY ARMY\ThisBows.exe infected by "Trojan-Downloader.Win32.Swizzor.bz" Virus! Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NURB FOUR PLAY ARMY\defyglobal.exe infected by "Trojan-Downloader.Win32.Swizzor.bz" Virus! Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NURB FOUR PLAY ARMY\PLAYDRIVE.exe infected by "Trojan-Downloader.Win32.Swizzor.bz" Virus! Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\viewmeowtypevga\Date license.exe infected by "Trojan-Downloader.Win32.Swizzor.bz" Virus! Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\viewmeowtypevga\BALM FACE.exe infected by "Trojan-Downloader.Win32.Swizzor.bz" Virus! Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\viewmeowtypevga\CloseFirst.exe infected by "Trojan-Downloader.Win32.Swizzor.cn" Virus! Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\viewmeowtypevga\Testtime.exe infected by "Trojan-Downloader.Win32.Swizzor.cn" Virus! Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\viewmeowtypevga\Load ace.exe infected by "Trojan-Downloader.Win32.Swizzor.cn" Virus! Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\viewmeowtypevga\Clock mix.exe tagged as "not-a-virus:AdWare.Lop.j". Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\viewmeowtypevga\2 third.exe tagged as "not-a-virus:AdWare.Lop.p". Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\viewmeowtypevga\curb trans.exe tagged as "not-a-virus:AdWare.Lop.p". Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\viewmeowtypevga\linkaxis.exe tagged as "not-a-virus:AdWare.Lop.p". Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\viewmeowtypevga\HideFrag.exe infected by "Trojan-Downloader.Win32.Swizzor.df" Virus! Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\viewmeowtypevga\AMOK DASH.exe infected by "Trojan-Downloader.Win32.Swizzor.de" Virus! Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\viewmeowtypevga\List Road.exe infected by "Trojan-Downloader.Win32.Swizzor.de" Virus! Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\viewmeowtypevga\BinCdrom.exe infected by "Trojan-Downloader.Win32.Swizzor.de" Virus! Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\viewmeowtypevga\2window.exe tagged as "not-a-virus:AdWare.Lop.z". Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\viewmeowtypevga\rdrbore.exe tagged as "not-a-virus:AdWare.Lop.z". Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\viewmeowtypevga\Castblah.exe tagged as "not-a-virus:AdWare.Lop.z". Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\viewmeowtypevga\Databook.exe tagged as "not-a-virus:AdWare.Lop.z". Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\viewmeowtypevga\TRANSBROWSE.exe tagged as "not-a-virus:AdWare.Lop.z". Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\viewmeowtypevga\Bags Eq.exe tagged as "not-a-virus:AdWare.Lop.z". Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\viewmeowtypevga\Winhelp.exe tagged as "not-a-virus:AdWare.Lop.z". Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\viewmeowtypevga\Trust wma.exe tagged as "not-a-virus:AdWare.Lop.z". Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\viewmeowtypevga\Dale Tick.exe tagged as "not-a-virus:AdWare.Lop.ab". Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\viewmeowtypevga\MATHDEAF.exe tagged as "not-a-virus:AdWare.Lop.ab". Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Compy\Lokale Einstellungen\Temp\55d611f1.exe infected by "Trojan-Downloader.Win32.Swizzor.dh" Virus! Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Compy\Lokale Einstellungen\Temp\8f017cd.exe infected by "Trojan-Downloader.Win32.Swizzor.dr" Virus! Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Compy\Lokale Einstellungen\Temp\temp.frF5C2 tagged as "not-a-virus:AdWare.Lop.m". Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Compy\Lokale Einstellungen\Temp\2155ed.exe infected by "Trojan-Downloader.Win32.Swizzor.dr" Virus! Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Compy\Lokale Einstellungen\Temp\bcgrahfm.exe tagged as "not-a-virus:AdWare.Lop.m". Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Compy\Lokale Einstellungen\Temp\546e3d62.exe infected by "Trojan-Downloader.Win32.Swizzor.ca" Virus! Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Compy\Lokale Einstellungen\Temp\Inside Program.exe infected by "Trojan-Downloader.Win32.Swizzor.dh" Virus! Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Compy\Lokale Einstellungen\Temp\e12155.exe infected by "Trojan-Downloader.Win32.Swizzor.dr" Virus! Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Compy\Lokale Einstellungen\Temp\7f5f84.exe infected by "Trojan-Downloader.Win32.Swizzor.dh" Virus! Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Compy\Lokale Einstellungen\Temp\rkwsdcvb.exe tagged as "not-a-virus:AdWare.Lop.m". Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Compy\Lokale Einstellungen\Temp\temp.frBD76 tagged as "not-a-virus:AdWare.Lop.m". Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Compy\Lokale Einstellungen\Temp\temp.frB4A0 tagged as "not-a-virus:AdWare.Lop.m". Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Compy\Lokale Einstellungen\Temp\54661fa3.exe infected by "Trojan-Downloader.Win32.Swizzor.dj" Virus! Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Compy\Lokale Einstellungen\Temp\57b58cc9.exe infected by "Trojan-Downloader.Win32.Swizzor.dj" Virus! Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Compy\Lokale Einstellungen\Temp\57b58fd6.exe infected by "Trojan-Downloader.Win32.Swizzor.dj" Virus! Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Compy\Lokale Einstellungen\Temp\eizrubou.exe infected by "Trojan-Downloader.Win32.Swizzor.dg" Virus! Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Compy\Lokale Einstellungen\Temp\5742a224.exe infected by "Trojan-Downloader.Win32.Swizzor.dj" Virus! Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Compy\Lokale Einstellungen\Temp\5494fcf9.exe infected by "Trojan-Downloader.Win32.Swizzor.ca" Virus! Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Compy\Lokale Einstellungen\Temp\5ffe406a.exe infected by "Trojan-Downloader.Win32.Swizzor.ca" Virus! Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Compy\Lokale Einstellungen\Temp\5504f210.exe infected by "Trojan-Downloader.Win32.Swizzor.ca" Virus! Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Compy\Anwendungsdaten\SoftwareBrowseSkip\ignpibip.exe infected by "Trojan-Downloader.Win32.Swizzor.di" Virus! Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Compy\Anwendungsdaten\SoftwareBrowseSkip\kctkivyo.exe infected by "Trojan-Downloader.Win32.Swizzor.de" Virus! Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Compy\Anwendungsdaten\SoftwareBrowseSkip\Anti extra cool view.exe infected by "Trojan-Downloader.Win32.Swizzor.dr" Virus! Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Compy\Anwendungsdaten\SoftwareBrowseSkip\option blue name.exe infected by "Trojan-Downloader.Win32.Swizzor.cb" Virus! Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Compy\Anwendungsdaten\SoftwareBrowseSkip\zibfciui.exe infected by "Trojan-Downloader.Win32.Swizzor.de" Virus! Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Compy\Anwendungsdaten\SoftwareBrowseSkip\jpludvmt.exe infected by "Trojan-Downloader.Win32.Swizzor.de" Virus! Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Compy\Anwendungsdaten\SoftwareBrowseSkip\niqngxok.exe tagged as "not-a-virus:AdWare.Lop.z". Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Compy\Anwendungsdaten\SoftwareBrowseSkip\udmeisuo.exe tagged as "not-a-virus:AdWare.Lop.z". Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Compy\Anwendungsdaten\SoftwareBrowseSkip\dlryymkd.exe tagged as "not-a-virus:AdWare.Lop.z". Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Compy\Anwendungsdaten\SoftwareBrowseSkip\repnlmaq.exe tagged as "not-a-virus:AdWare.Lop.z". Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Compy\Anwendungsdaten\SoftwareBrowseSkip\wkjxtfhu.exe tagged as "not-a-virus:AdWare.Lop.z". Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Compy\Anwendungsdaten\SoftwareBrowseSkip\walpaixs.exe infected by "Trojan-Downloader.Win32.Swizzor.dh" Virus! Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Compy\Anwendungsdaten\SoftwareBrowseSkip\ttvbtema.exe tagged as "not-a-virus:AdWare.Lop.z". Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Compy\Anwendungsdaten\SoftwareBrowseSkip\rihldjju.exe tagged as "not-a-virus:AdWare.Lop.z". Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Compy\Anwendungsdaten\SoftwareBrowseSkip\vfcenmtb.exe infected by "Trojan-Downloader.Win32.Swizzor.dr" Virus! Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Compy\Anwendungsdaten\SoftwareBrowseSkip\gnsrxamz.exe tagged as "not-a-virus:AdWare.Lop.z". Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Compy\Anwendungsdaten\SoftwareBrowseSkip\spxkucei.exe infected by "Trojan-Downloader.Win32.Swizzor.dh" Virus! Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Compy\Anwendungsdaten\SoftwareBrowseSkip\kfstmnzv.exe tagged as "not-a-virus:AdWare.Lop.ab". Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Compy\Anwendungsdaten\SoftwareBrowseSkip\fetvyoxi.exe tagged as "not-a-virus:AdWare.Lop.ab". Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Compy\Anwendungsdaten\SoftwareBrowseSkip\yosumgve.exe tagged as "not-a-virus:AdWare.Lop.ab". Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Compy\Eigene Dateien\MSN Messenger-Dateien\Meine empfangenen Dateien\Sonnstiges\msn.exe infected by "not-virus:Hoax.Win32.ComputerSchock" Virus! Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Schule & Arbeit\Lokale Einstellungen\Temp\57b2f14d.exe infected by "Trojan-Downloader.Win32.Swizzor.dh" Virus! Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Schule & Arbeit\Lokale Einstellungen\Temp\nvsuecds.exe infected by "Trojan-Downloader.Win32.Swizzor.co" Virus! Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Schule & Arbeit\Anwendungsdaten\SoftwareBrowseSkip\efeugjzj.exe infected by "Trojan-Downloader.Win32.Swizzor.df" Virus! Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Schule & Arbeit\Anwendungsdaten\SoftwareBrowseSkip\Anti extra cool view.exe infected by "Trojan-Downloader.Win32.Swizzor.dh" Virus! Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Schule & Arbeit\Anwendungsdaten\SoftwareBrowseSkip\option blue name.exe infected by "Trojan-Downloader.Win32.Swizzor.cb" Virus! Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Schule & Arbeit\Anwendungsdaten\SoftwareBrowseSkip\longlesssettings.exe infected by "Trojan-Downloader.Win32.Swizzor.co" Virus! Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Schule & Arbeit\Anwendungsdaten\pure else\rectsoft.exe infected by "Trojan-Downloader.Win32.Swizzor.bo" Virus! Action Taken: No Action Taken.
File C:\Programme\Gemeinsame Dateien\aol\AOL Privacy Protection\Backup\50282500.asw tagged as "not-a-virus:AdWare.TimeSink". Action Taken: No Action Taken.
File C:\Programme\Gemeinsame Dateien\aol\AOL Privacy Protection\Backup\50282703.asw tagged as "not-a-virus:AdWare.TimeSink". Action Taken: No Action Taken.
File C:\Programme\Gemeinsame Dateien\aol\AOL Privacy Protection\Backup\50282765.asw tagged as "not-a-virus:AdWare.TimeSink.c". Action Taken: No Action Taken.
File C:\Programme\Gemeinsame Dateien\aol\AOL Privacy Protection\Backup\50282968.asw tagged as "not-a-virus:AdWare.TimeSink.c". Action Taken: No Action Taken.
File C:\Programme\backups\backup-20041118-200831-212.dll tagged as "not-a-virus:AdWare.ToolBar.MyWay.g". Action Taken: No Action Taken.
File C:\Programme\backups\backup-20050830-112407-322.dll infected by "Trojan-Downloader.Win32.Swizzor.bo" Virus! Action Taken: No Action Taken.
File C:\Programme\backups\backup-20050830-112407-363.dll infected by "Trojan-Downloader.Win32.Swizzor.bo" Virus! Action Taken: No Action Taken.
File C:\Programme\C2Media\Setup.exe infected by "Trojan-Downloader.Win32.Swizzor.do" Virus! Action Taken: No Action Taken.
File C:\Programme\Kazaa\TopSearch.dll tagged as "not-a-virus:AdWare.Altnet.d". Action Taken: No Action Taken.
File C:\Programme\Need2Find\bar\1.bin\N2PLUGIN.DLL tagged as "not-a-virus:AdWare.ToolBar.MyWebSearch.l". Action Taken: No Action Taken.
File C:\Programme\Need2Find\bar\1.bin\NPND2FN.DLL tagged as "not-a-virus:AdWare.ToolBar.MyWebSearch.o". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP346\A0275720.exe infected by "Trojan-Downloader.Win32.Swizzor.dg" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP358\A0283954.exe tagged as "not-a-virus:AdWare.Lop.m". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP358\A0283955.exe infected by "Trojan-Downloader.Win32.Swizzor.bz" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP358\A0283956.exe infected by "Trojan-Downloader.Win32.Swizzor.bz" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP358\A0283957.exe infected by "Trojan-Downloader.Win32.Swizzor.cn" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP358\A0283959.exe infected by "Trojan-Downloader.Win32.Swizzor.cn" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP358\A0283960.exe infected by "Trojan-Downloader.Win32.Swizzor.cn" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP358\A0283961.exe tagged as "not-a-virus:AdWare.Lop.j". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP358\A0283962.exe tagged as "not-a-virus:AdWare.Lop.p". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP358\A0283963.exe tagged as "not-a-virus:AdWare.Lop.p". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP358\A0283964.exe tagged as "not-a-virus:AdWare.Lop.p". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP358\A0283965.exe infected by "Trojan-Downloader.Win32.Swizzor.df" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP358\A0283966.exe infected by "Trojan-Downloader.Win32.Swizzor.de" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP358\A0283967.exe infected by "Trojan-Downloader.Win32.Swizzor.de" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP358\A0283968.exe infected by "Trojan-Downloader.Win32.Swizzor.de" Virus! Action Taken: No Action Taken.

Teil 4

File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP358\A0283969.exe tagged as "not-a-virus:AdWare.Lop.z". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP358\A0283970.exe tagged as "not-a-virus:AdWare.Lop.z". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP358\A0283971.exe tagged as "not-a-virus:AdWare.Lop.z". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP358\A0283972.exe tagged as "not-a-virus:AdWare.Lop.z". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP358\A0283973.exe tagged as "not-a-virus:AdWare.Lop.z". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP358\A0283974.exe tagged as "not-a-virus:AdWare.Lop.z". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP358\A0283975.exe infected by "Trojan-Downloader.Win32.Swizzor.bo" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP358\A0283976.exe infected by "Trojan-Downloader.Win32.Swizzor.dh" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP358\A0283977.exe infected by "Trojan-Downloader.Win32.Swizzor.cb" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP358\A0284941.exe tagged as "not-a-virus:AdWare.Lop.m". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP358\A0284942.exe infected by "Trojan-Downloader.Win32.Swizzor.bz" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP358\A0284943.exe infected by "Trojan-Downloader.Win32.Swizzor.bz" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP358\A0284944.exe infected by "Trojan-Downloader.Win32.Swizzor.cn" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP358\A0284946.exe infected by "Trojan-Downloader.Win32.Swizzor.cn" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP358\A0284947.exe infected by "Trojan-Downloader.Win32.Swizzor.cn" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP358\A0284948.exe tagged as "not-a-virus:AdWare.Lop.j". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP358\A0284949.exe tagged as "not-a-virus:AdWare.Lop.p". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP358\A0284950.exe tagged as "not-a-virus:AdWare.Lop.p". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP358\A0284951.exe tagged as "not-a-virus:AdWare.Lop.p". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP358\A0284952.exe infected by "Trojan-Downloader.Win32.Swizzor.df" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP358\A0284953.exe infected by "Trojan-Downloader.Win32.Swizzor.de" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP358\A0284954.exe infected by "Trojan-Downloader.Win32.Swizzor.de" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP358\A0284955.exe infected by "Trojan-Downloader.Win32.Swizzor.de" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP358\A0284956.exe tagged as "not-a-virus:AdWare.Lop.z". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP358\A0284957.exe tagged as "not-a-virus:AdWare.Lop.z". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP358\A0284958.exe tagged as "not-a-virus:AdWare.Lop.z". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP358\A0284959.exe tagged as "not-a-virus:AdWare.Lop.z". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP358\A0284960.exe tagged as "not-a-virus:AdWare.Lop.z". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP358\A0284961.exe tagged as "not-a-virus:AdWare.Lop.z". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP358\A0284962.exe tagged as "not-a-virus:AdWare.Lop.z". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP358\A0284963.exe infected by "Trojan-Downloader.Win32.Swizzor.bo" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP358\A0284964.exe infected by "Trojan-Downloader.Win32.Swizzor.dr" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP358\A0284965.exe infected by "Trojan-Downloader.Win32.Swizzor.cb" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP358\A0285964.exe tagged as "not-a-virus:AdWare.Lop.m". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP358\A0285965.pif infected by "IM-Worm.Win32.Sumom.a" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP358\A0286938.exe tagged as "not-a-virus:AdWare.Lop.m". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP349\A0277174.exe infected by "Trojan-Downloader.Win32.Swizzor.dg" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP349\A0277175.exe infected by "Trojan-Downloader.Win32.Swizzor.bz" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP349\A0277176.exe infected by "Trojan-Downloader.Win32.Swizzor.bz" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP349\A0277177.exe infected by "Trojan-Downloader.Win32.Swizzor.cn" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP349\A0277179.exe infected by "Trojan-Downloader.Win32.Swizzor.cn" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP349\A0277180.exe infected by "Trojan-Downloader.Win32.Swizzor.cn" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP349\A0277181.exe tagged as "not-a-virus:AdWare.Lop.j". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP349\A0277182.exe tagged as "not-a-virus:AdWare.Lop.p". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP349\A0277183.exe tagged as "not-a-virus:AdWare.Lop.p". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP349\A0277184.exe tagged as "not-a-virus:AdWare.Lop.p". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP349\A0277185.exe infected by "Trojan-Downloader.Win32.Swizzor.df" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP349\A0277186.exe infected by "Trojan-Downloader.Win32.Swizzor.de" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP349\A0277187.exe infected by "Trojan-Downloader.Win32.Swizzor.de" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP349\A0277188.exe infected by "Trojan-Downloader.Win32.Swizzor.bo" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP349\A0277189.exe infected by "Trojan-Downloader.Win32.Swizzor.dj" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP349\A0277190.exe infected by "Trojan-Downloader.Win32.Swizzor.cb" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP349\A0277191.exe infected by "Trojan-Downloader.Win32.Swizzor.bo" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP350\A0277216.exe tagged as "not-a-virus:AdWare.Lop.m". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP350\A0277233.exe infected by "Trojan-Downloader.Win32.Swizzor.bz" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP350\A0277234.exe infected by "Trojan-Downloader.Win32.Swizzor.bz" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP350\A0277235.exe infected by "Trojan-Downloader.Win32.Swizzor.cn" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP350\A0277237.exe infected by "Trojan-Downloader.Win32.Swizzor.cn" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP350\A0277238.exe infected by "Trojan-Downloader.Win32.Swizzor.cn" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP350\A0277239.exe tagged as "not-a-virus:AdWare.Lop.j". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP350\A0277240.exe tagged as "not-a-virus:AdWare.Lop.p". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP350\A0277241.exe tagged as "not-a-virus:AdWare.Lop.p". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP350\A0277242.exe tagged as "not-a-virus:AdWare.Lop.p". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP350\A0277243.exe infected by "Trojan-Downloader.Win32.Swizzor.df" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP350\A0277244.exe infected by "Trojan-Downloader.Win32.Swizzor.de" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP350\A0277245.exe infected by "Trojan-Downloader.Win32.Swizzor.de" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP350\A0277246.exe infected by "Trojan-Downloader.Win32.Swizzor.de" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP350\A0277247.exe infected by "Trojan-Downloader.Win32.Swizzor.dr" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP350\A0277248.exe infected by "Trojan-Downloader.Win32.Swizzor.cb" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP350\A0277249.exe infected by "Trojan-Downloader.Win32.Swizzor.bo" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP351\snapshot\MFEX-15.DAT tagged as "not-a-virus:AdWare.Lop.m". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP351\snapshot\MFEX-19.DAT tagged as "not-a-virus:AdWare.Lop.m". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP352\snapshot\MFEX-19.DAT tagged as "not-a-virus:AdWare.Lop.m". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP342\A0272695.exe infected by "Trojan-Downloader.Win32.Swizzor.dg" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP353\snapshot\MFEX-15.DAT tagged as "not-a-virus:AdWare.Lop.m". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP353\snapshot\MFEX-19.DAT tagged as "not-a-virus:AdWare.Lop.m". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP353\A0277778.exe tagged as "not-a-virus:AdWare.Lop.m". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP353\A0277799.exe infected by "Trojan-Downloader.Win32.Swizzor.bz" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP353\A0277800.exe infected by "Trojan-Downloader.Win32.Swizzor.bz" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP353\A0277801.exe infected by "Trojan-Downloader.Win32.Swizzor.cn" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP353\A0277803.exe infected by "Trojan-Downloader.Win32.Swizzor.cn" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP353\A0277804.exe infected by "Trojan-Downloader.Win32.Swizzor.cn" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP353\A0277805.exe tagged as "not-a-virus:AdWare.Lop.j". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP353\A0277806.exe tagged as "not-a-virus:AdWare.Lop.p". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP353\A0277807.exe tagged as "not-a-virus:AdWare.Lop.p". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP353\A0277808.exe tagged as "not-a-virus:AdWare.Lop.p". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP353\A0277809.exe infected by "Trojan-Downloader.Win32.Swizzor.df" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP353\A0277810.exe infected by "Trojan-Downloader.Win32.Swizzor.de" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP353\A0277811.exe infected by "Trojan-Downloader.Win32.Swizzor.de" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP353\A0277812.exe infected by "Trojan-Downloader.Win32.Swizzor.de" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP353\A0277813.exe tagged as "not-a-virus:AdWare.Lop.z". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP353\A0277814.exe infected by "Trojan-Downloader.Win32.Swizzor.dr" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP353\A0277815.exe infected by "Trojan-Downloader.Win32.Swizzor.cb" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP353\A0277816.exe infected by "Trojan-Downloader.Win32.Swizzor.bo" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP354\A0278807.exe infected by "Trojan-Downloader.Win32.Swizzor.bz" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP354\A0278808.exe infected by "Trojan-Downloader.Win32.Swizzor.bz" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP354\A0278809.exe infected by "Trojan-Downloader.Win32.Swizzor.cn" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP354\A0278811.exe infected by "Trojan-Downloader.Win32.Swizzor.cn" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP354\A0278812.exe infected by "Trojan-Downloader.Win32.Swizzor.cn" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP354\A0278813.exe tagged as "not-a-virus:AdWare.Lop.j". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP354\A0278814.exe tagged as "not-a-virus:AdWare.Lop.p". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP354\A0278815.exe tagged as "not-a-virus:AdWare.Lop.p". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP354\A0278816.exe tagged as "not-a-virus:AdWare.Lop.p". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP354\A0278817.exe infected by "Trojan-Downloader.Win32.Swizzor.df" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP354\A0278818.exe infected by "Trojan-Downloader.Win32.Swizzor.de" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP354\A0278819.exe infected by "Trojan-Downloader.Win32.Swizzor.de" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP354\A0278820.exe infected by "Trojan-Downloader.Win32.Swizzor.de" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP354\A0278821.exe tagged as "not-a-virus:AdWare.Lop.z". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP354\A0278822.exe tagged as "not-a-virus:AdWare.Lop.z". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP354\A0278823.exe infected by "Trojan-Downloader.Win32.Swizzor.dr" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP354\A0278824.exe infected by "Trojan-Downloader.Win32.Swizzor.cb" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP354\A0278825.exe infected by "Trojan-Downloader.Win32.Swizzor.bo" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP354\A0279807.exe infected by "Trojan-Downloader.Win32.Swizzor.bz" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP354\A0279808.exe infected by "Trojan-Downloader.Win32.Swizzor.bz" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP354\A0279809.exe infected by "Trojan-Downloader.Win32.Swizzor.cn" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP354\A0279811.exe infected by "Trojan-Downloader.Win32.Swizzor.cn" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP354\A0279812.exe infected by "Trojan-Downloader.Win32.Swizzor.cn" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP354\A0279813.exe tagged as "not-a-virus:AdWare.Lop.j". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP354\A0279814.exe tagged as "not-a-virus:AdWare.Lop.p". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP354\A0279815.exe tagged as "not-a-virus:AdWare.Lop.p". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP354\A0279816.exe tagged as "not-a-virus:AdWare.Lop.p". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP354\A0279817.exe infected by "Trojan-Downloader.Win32.Swizzor.df" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP354\A0279818.exe infected by "Trojan-Downloader.Win32.Swizzor.de" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP354\A0279819.exe infected by "Trojan-Downloader.Win32.Swizzor.de" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP354\A0279820.exe infected by "Trojan-Downloader.Win32.Swizzor.de" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP354\A0279821.exe tagged as "not-a-virus:AdWare.Lop.z". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP354\A0279822.exe tagged as "not-a-virus:AdWare.Lop.z". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP354\A0279823.exe tagged as "not-a-virus:AdWare.Lop.z". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP354\A0279824.exe infected by "Trojan-Downloader.Win32.Swizzor.dr" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP354\A0279825.exe infected by "Trojan-Downloader.Win32.Swizzor.cb" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP354\A0279826.exe infected by "Trojan-Downloader.Win32.Swizzor.bo" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP355\A0280811.exe tagged as "not-a-virus:AdWare.Lop.m". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP355\A0280812.exe infected by "Trojan-Downloader.Win32.Swizzor.bz" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP355\A0280813.exe infected by "Trojan-Downloader.Win32.Swizzor.bz" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP355\A0280814.exe infected by "Trojan-Downloader.Win32.Swizzor.cn" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP355\A0280816.exe infected by "Trojan-Downloader.Win32.Swizzor.cn" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP355\A0280817.exe infected by "Trojan-Downloader.Win32.Swizzor.cn" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP355\A0280818.exe tagged as "not-a-virus:AdWare.Lop.j". Action Taken: No Action Taken.

Teil 5

File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP355\A0280819.exe tagged as "not-a-virus:AdWare.Lop.p". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP355\A0280820.exe tagged as "not-a-virus:AdWare.Lop.p". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP355\A0280821.exe tagged as "not-a-virus:AdWare.Lop.p". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP355\A0280822.exe infected by "Trojan-Downloader.Win32.Swizzor.df" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP355\A0280823.exe infected by "Trojan-Downloader.Win32.Swizzor.de" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP355\A0280824.exe infected by "Trojan-Downloader.Win32.Swizzor.de" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP355\A0280825.exe infected by "Trojan-Downloader.Win32.Swizzor.de" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP355\A0280826.exe tagged as "not-a-virus:AdWare.Lop.z". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP355\A0280827.exe tagged as "not-a-virus:AdWare.Lop.z". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP355\A0280828.exe tagged as "not-a-virus:AdWare.Lop.z". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP355\A0280829.exe tagged as "not-a-virus:AdWare.Lop.z". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP355\A0280830.exe infected by "Trojan-Downloader.Win32.Swizzor.dr" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP355\A0280831.exe infected by "Trojan-Downloader.Win32.Swizzor.cb" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP355\A0280832.exe infected by "Trojan-Downloader.Win32.Swizzor.bo" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP356\A0282801.exe infected by "Trojan-Downloader.Win32.Swizzor.bz" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP356\A0282802.exe infected by "Trojan-Downloader.Win32.Swizzor.bz" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP356\A0282803.exe infected by "Trojan-Downloader.Win32.Swizzor.cn" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP356\A0282805.exe infected by "Trojan-Downloader.Win32.Swizzor.cn" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP356\A0282806.exe infected by "Trojan-Downloader.Win32.Swizzor.cn" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP356\A0282807.exe tagged as "not-a-virus:AdWare.Lop.j". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP356\A0282808.exe tagged as "not-a-virus:AdWare.Lop.p". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP356\A0282809.exe tagged as "not-a-virus:AdWare.Lop.p". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP356\A0282810.exe tagged as "not-a-virus:AdWare.Lop.p". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP356\A0282811.exe infected by "Trojan-Downloader.Win32.Swizzor.df" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP356\A0282812.exe infected by "Trojan-Downloader.Win32.Swizzor.de" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP356\A0282813.exe infected by "Trojan-Downloader.Win32.Swizzor.de" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP356\A0282814.exe infected by "Trojan-Downloader.Win32.Swizzor.de" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP356\A0282815.exe tagged as "not-a-virus:AdWare.Lop.z". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP356\A0282816.exe tagged as "not-a-virus:AdWare.Lop.z". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP356\A0282817.exe tagged as "not-a-virus:AdWare.Lop.z". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP356\A0282818.exe tagged as "not-a-virus:AdWare.Lop.z". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP356\A0282819.exe tagged as "not-a-virus:AdWare.Lop.z". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP356\A0282820.EXE infected by "Trojan-Downloader.Win32.Swizzor.bo" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP356\A0282821.exe infected by "Trojan-Downloader.Win32.Swizzor.dh" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP356\A0282822.exe infected by "Trojan-Downloader.Win32.Swizzor.cb" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP357\A0282889.exe infected by "not-virus:Hoax.Win32.ComputerSchock" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP359\A0288975.exe infected by "IM-Worm.Win32.Sumom.a" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP359\A0289945.exe infected by "Trojan-Downloader.Win32.Swizzor.bz" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP359\A0289946.exe infected by "Trojan-Downloader.Win32.Swizzor.bz" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP359\A0289947.exe infected by "Trojan-Downloader.Win32.Swizzor.cn" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP359\A0289949.exe infected by "Trojan-Downloader.Win32.Swizzor.cn" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP359\A0289950.exe infected by "Trojan-Downloader.Win32.Swizzor.cn" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP359\A0289951.exe tagged as "not-a-virus:AdWare.Lop.j". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP359\A0289952.exe tagged as "not-a-virus:AdWare.Lop.p". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP359\A0289953.exe tagged as "not-a-virus:AdWare.Lop.p". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP359\A0289954.exe tagged as "not-a-virus:AdWare.Lop.p". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP359\A0289955.exe infected by "Trojan-Downloader.Win32.Swizzor.df" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP359\A0289956.exe infected by "Trojan-Downloader.Win32.Swizzor.de" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP359\A0289957.exe infected by "Trojan-Downloader.Win32.Swizzor.de" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP359\A0289958.exe infected by "Trojan-Downloader.Win32.Swizzor.de" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP359\A0289959.exe tagged as "not-a-virus:AdWare.Lop.z". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP359\A0289960.exe tagged as "not-a-virus:AdWare.Lop.z". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP359\A0289961.exe tagged as "not-a-virus:AdWare.Lop.z". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP359\A0289962.exe tagged as "not-a-virus:AdWare.Lop.z". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP359\A0289963.exe tagged as "not-a-virus:AdWare.Lop.z". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP359\A0289964.exe tagged as "not-a-virus:AdWare.Lop.z". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP359\A0289965.exe tagged as "not-a-virus:AdWare.Lop.z". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP359\A0289966.exe tagged as "not-a-virus:AdWare.Lop.z". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP359\A0289967.exe infected by "Trojan-Downloader.Win32.Swizzor.dh" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP359\A0289968.exe infected by "Trojan-Downloader.Win32.Swizzor.cb" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP359\A0289969.exe infected by "Trojan-Downloader.Win32.Swizzor.bo" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP359\A0289970.pif infected by "IM-Worm.Win32.Sumom.a" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP359\A0290008.exe tagged as "not-a-virus:AdWare.Lop.ab". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP363\A0295964.pif infected by "IM-Worm.Win32.Sumom.a" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP366\A0302971.exe tagged as "not-a-virus:AdWare.Lop.m". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP366\A0302972.exe infected by "Trojan-Downloader.Win32.Swizzor.bz" Virus! Action Taken: No Action Taken.






File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP366\A0302973.exe infected by "Trojan-Downloader.Win32.Swizzor.bz" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP366\A0302974.exe infected by "Trojan-Downloader.Win32.Swizzor.cn" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP366\A0302976.exe infected by "Trojan-Downloader.Win32.Swizzor.cn" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP366\A0302977.exe infected by "Trojan-Downloader.Win32.Swizzor.cn" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP366\A0302978.exe tagged as "not-a-virus:AdWare.Lop.j". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP366\A0302979.exe tagged as "not-a-virus:AdWare.Lop.p". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP366\A0302980.exe tagged as "not-a-virus:AdWare.Lop.p". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP366\A0302981.exe tagged as "not-a-virus:AdWare.Lop.p". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP366\A0302982.exe infected by "Trojan-Downloader.Win32.Swizzor.df" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP366\A0302983.exe infected by "Trojan-Downloader.Win32.Swizzor.de" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP366\A0302984.exe infected by "Trojan-Downloader.Win32.Swizzor.de" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP366\A0302985.exe infected by "Trojan-Downloader.Win32.Swizzor.de" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP366\A0302986.exe tagged as "not-a-virus:AdWare.Lop.z". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP366\A0302987.exe tagged as "not-a-virus:AdWare.Lop.z". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP366\A0302988.exe tagged as "not-a-virus:AdWare.Lop.z". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP366\A0302989.exe tagged as "not-a-virus:AdWare.Lop.z". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP366\A0302990.exe tagged as "not-a-virus:AdWare.Lop.z". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP366\A0302991.exe tagged as "not-a-virus:AdWare.Lop.z". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP366\A0302992.exe tagged as "not-a-virus:AdWare.Lop.z". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP366\A0302993.exe tagged as "not-a-virus:AdWare.Lop.z". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP366\A0302994.exe tagged as "not-a-virus:AdWare.Lop.ab". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP366\A0302995.exe tagged as "not-a-virus:AdWare.Lop.ab". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP366\A0302996.exe infected by "Trojan-Downloader.Win32.Swizzor.bo" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP366\A0302997.exe infected by "Trojan-Downloader.Win32.Swizzor.dh" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP366\A0302998.exe infected by "Trojan-Downloader.Win32.Swizzor.cb" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP368\A0309028.exe infected by "Trojan-Downloader.Win32.Swizzor.bo" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{E28DEF81-E9B8-4AC3-A574-BB2A12E04CFE}\RP369\A0310045.pif infected by "IM-Worm.Win32.Sumom.a" Virus! Action Taken: No Action Taken.
File C:\Recycled\Dc20.exe infected by "IM-Worm.Win32.Sumom.a" Virus! Action Taken: No Action Taken.
File C:\Recycled\Dc22\backup-20050819-112546-757.dll tagged as "not-a-virus:AdWare.MySearch.e". Action Taken: No Action Taken.
File C:\Recycled\Dc259.exe infected by "IM-Worm.Win32.Sumom.a" Virus! Action Taken: No Action Taken.
File C:\Recycled\Dc260.exe tagged as "not-a-virus:AdWare.Lop.ab". Action Taken: No Action Taken.
File C:\Recycled\Dc261.exe infected by "IM-Worm.Win32.Sumom.a" Virus! Action Taken: No Action Taken.
File C:\Recycled\Dc262.exe infected by "IM-Worm.Win32.Sumom.a" Virus! Action Taken: No Action Taken.
File C:\Recycled\Dc263.exe tagged as "not-a-virus:AdWare.Lop.m". Action Taken: No Action Taken.
File C:\FOUND.020\FILE0002.CHK tagged as "not-a-virus:AdWare.Lop.e". Action Taken: No Action Taken.
File C:\Program Files\Altnet\Download Manager\admdloader.dll tagged as "not-a-virus:AdWare.BrilliantDigital.3039". Action Taken: No Action Taken.
File C:\Program Files\Altnet\Download Manager\admfdi.dll tagged as "not-a-virus:AdWare.Altnet.j". Action Taken: No Action Taken.
File C:\Program Files\Altnet\Download Manager\adm25.dll tagged as "not-a-virus:AdWare.Altnet.a". Action Taken: No Action Taken.
File C:\Program Files\Altnet\Download Manager\adm4.dll tagged as "not-a-virus:AdWare.Altnet.a". Action Taken: No Action Taken.
File C:\Program Files\Altnet\Download Manager\admprog.dll tagged as "not-a-virus:AdWare.Altnet.a". Action Taken: No Action Taken.
File C:\Program Files\mIRC\mirc.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.616. No Action Taken.
File C:\FOUND.027\FILE0038.CHK tagged as "not-a-virus:AdWare.Lop.e". Action Taken: No Action Taken.
File C:\Crazy-Frog.Html infected by "IM-Worm.Win32.Sumom.a" Virus! Action Taken: No Action Taken.
File C:\lspt.exe infected by "IM-Worm.Win32.Sumom.a" Virus! Action Taken: No Action Taken.
File C:\Crazy frog gets killed by train!.pif infected by "IM-Worm.Win32.Sumom.a" Virus! Action Taken: No Action Taken.
File C:\See my lesbian friends.pif infected by "IM-Worm.Win32.Sumom.a" Virus! Action Taken: No Action Taken.
File C:\LOL that ur pic!.pif infected by "IM-Worm.Win32.Sumom.a" Virus! Action Taken: No Action Taken.
File C:\Annoying crazy frog getting killed.pif infected by "IM-Worm.Win32.Sumom.a" Virus! Action Taken: No Action Taken.
File C:\My new photo!.pif infected by "IM-Worm.Win32.Sumom.a" Virus! Action Taken: No Action Taken.
File C:\Me on holiday!.pif infected by "IM-Worm.Win32.Sumom.a" Virus! Action Taken: No Action Taken.
File C:\The Cat And The Fan piccy.pif infected by "IM-Worm.Win32.Sumom.a" Virus! Action Taken: No Action Taken.
File C:\How a Blonde Eats a Banana...pif infected by "IM-Worm.Win32.Sumom.a" Virus! Action Taken: No Action Taken.
File C:\Mona Lisa Wants Her Smile Back.pif infected by "IM-Worm.Win32.Sumom.a" Virus! Action Taken: No Action Taken.
File C:\Topless in Mini Skirt! lol.pif infected by "IM-Worm.Win32.Sumom.a" Virus! Action Taken: No Action Taken.
File C:\Fat Elvis! lol.pif infected by "IM-Worm.Win32.Sumom.a" Virus! Action Taken: No Action Taken.
File C:\Jennifer Lopez.scr infected by "IM-Worm.Win32.Sumom.a" Virus! Action Taken: No Action Taken.

lösche diese dateien und ordner im abgesicherten modus:
C:\WINDOWS\system32\drivers\etc\hosts
C:\Programme\Need2Find\bar
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NURB FOUR PLAY ARMY\
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\viewmeowtypevga\
C:\Dokumente und Einstellungen\Compy\Anwendungsdaten\SoftwareBrowse Skip\
C:\Programme\backups\
C:\Program Files\Altnet\
C:\Crazy-Frog.Html
C:\lspt.exe
C:\Crazy frog gets killed by train!.pif
C:\See my lesbian friends.pif
C:\LOL that ur pic!.pif
C:\Annoying crazy frog getting killed.pif
C:\My new photo!.pif
C:\Me on holiday!.pif
C:\The Cat And The Fan piccy.pif
C:\How a Blonde Eats a Banana...pif
C:\Mona Lisa Wants Her Smile Back.pif
C:\Topless in Mini Skirt! lol.pif
C:\Fat Elvis! lol.pif
C:\Jennifer Lopez.scr
c:\found.020

leere den ordner
C:\Dokumente und Einstellungen\Compy\Lokale Einstellungen\Temp\ (abgesicherter modus)


lade dir SpyBot Search & Destroy runter und installiere es
dann starte es. lass es suchen und lass es alles was er als böse markiert entfernen. (normaler modus)

leere den papierkorb

das log ist so lang, weil so viele error in der registrierung sind. deswegen empfehle ich dir den einsatz des RegistryCleaner von TuneUp Utilities. (ist nicht zwingend nötig, aber sollte man doch schon mal säubern^^)

schalte auch mal deine systemwiederherstellung aus:
rechtsklick arbeitsplatz -> eigenschaften -> systemwiederherstellung -> systemwiederherstellung auf allen laufwerken deaktivieren" haken hin
neustart haken weg

Sooo hoffe das das jetzt alles soweit fertig ist!
Danke euch allen!
Lg da lass Hexe