Informationsarchiv.net > Foren-Übersicht > Computerprobleme > Online- und PC-Sicherheit
Warum kostenlos registrieren?

Nur als registriertes Mitglied hast Du vollen Zugriff auf alle Funktionen unserer Website. So kannst Du eigene Fragen stellen und hast die volle Übersicht über neue interessante Themen im Forum.
Jetzt kostenlos registrieren.

Login


Bitte Guckt mein Log an mal an!

Warnungen vor Sicherheitslücken und Hilfe beim Enfernen von Viren, Würmern und Trojanern.
Antwort erstellen

Bitte Guckt mein Log an mal an!

Beitragvon d4ve- am 30.07.2005, 10:19

Also wenn ich meine Internetverbindung herstelle kommen direkt tausende von Meldungen, von wegen ich solle mein internet Explorer updaten und andere. Ich hab dann mal anti vir durchlaufen lassen und der hat 35 trojaner und würmer gefunden. Die bekomme ich nicht weg

Bitte helft mir ich will mein rechner nich schon wieder neu machen


Logfile of HijackThis v1.99.1
Scan saved at 09:39:13, on 30.07.2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\RunDll32.exe
C:\WINDOWS\System32\RunDll32.exe
C:\WINDOWS\System32\windowsp.exe
C:\WINDOWS\System32\microsoft.exe
C:\WINDOWS\system32\drivers\svc\spoolsv.exe
C:\WINDOWS\system32\ntvdm.exe
C:\T-ONLINE\BSW4\ToDuCAlC.EXE
C:\Programme\Winamp\winamp.exe
C:\Dokumente und Einstellungen\Davil\Lokale Einstellungen\Temp\7zS2.tmp\firefox.exe
C:\Dokumente und Einstellungen\Davil\Desktop\SystemProGs\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.de/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {06D42950-D25A-4E35-B7A4-9833DA1E14E1} - (no file)
O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - C:\Programme\Need2Find\bar\1.bin\ND2FNBAR.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar1.dll
O3 - Toolbar: (no name) - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [CmUsbSound] RunDll32 cmcnfgu.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [NTSF MICROSOFT SYSTEM] scvhost.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [Windows Update] dos.exe
O4 - HKLM\..\Run: [hostserv] hostserv.exe
O4 - HKLM\..\Run: [MS Auto-IPSec Protection] MSASP32.exe
O4 - HKLM\..\Run: [MS Remote Procedure Call Service] MSRPC32.exe
O4 - HKLM\..\Run: [winnt DNS ident] windowsp.exe
O4 - HKLM\..\Run: [Services] C:\WINDOWS\system32\1.tmp
O4 - HKLM\..\Run: [Microsoft Update 32] microsoft.exe
O4 - HKLM\..\RunServices: [NTSF MICROSOFT SYSTEM] scvhost.exe
O4 - HKLM\..\RunServices: [MS Auto-IPSec Protection] MSASP32.exe
O4 - HKLM\..\RunServices: [Windows Update] dos.exe
O4 - HKLM\..\RunServices: [hostserv] hostserv.exe
O4 - HKLM\..\RunServices: [MS Remote Procedure Call Service] MSRPC32.exe
O4 - HKLM\..\RunServices: [winnt DNS ident] windowsp.exe
O4 - HKLM\..\RunServices: [Microsoft Update 32] microsoft.exe
O4 - HKCU\..\Run: [NTSF MICROSOFT SYSTEM] scvhost.exe
O4 - HKCU\..\Run: [Windows Update] dos.exe
O4 - HKCU\..\Run: [hostserv] hostserv.exe
O4 - HKCU\..\Run: [MS Auto-IPSec Protection] MSASP32.exe
O4 - HKCU\..\Run: [MS Remote Procedure Call Service] MSRPC32.exe
O8 - Extra context menu item: &Google Search - res://c:\programme\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Search - http://ky.bar.need2find.com/KY/menusearch.html?p=KY
O8 - Extra context menu item: Backward Links - res://c:\programme\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\programme\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\programme\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\programme\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O12 - Plugin for .spop: C:\Programme\Internet Explorer\Plugins\NPDocBox.dll
O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
O17 - HKLM\System\CCS\Services\Tcpip\..\{3843A8C1-6382-4596-B83D-704D08BC21AA}: NameServer = 217.237.150.225 217.237.150.141
O17 - HKLM\System\CS1\Services\Tcpip\..\{3843A8C1-6382-4596-B83D-704D08BC21AA}: NameServer = 217.237.150.225 217.237.150.141
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Programme\AVPersonal\AVGUARD.EXE
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Programme\AVPersonal\AVWUPSRV.EXE
O23 - Service: Mouse Click Monitor (mousecm) - Unknown owner - C:\WINDOWS\System32\mousecm.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: FireDaemon Service: spoolsv (spoolsv) - Unknown owner - C:\WINDOWS\system32\drivers\svc\FireDaemon.EXE
O23 - Service: ssdfghjkl - Unknown owner - C:\WINDOWS\netddf.exe
O23 - Service: FireDaemon Service: svchost (svchost) - Unknown owner - C:\WINDOWS\system32\drivers\svc\FireDaemon.EXE
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Programme\TuneUp Utilities 2004\WinStylerThemeSvc.exe
d4ve-
 
Beiträge: 7
Registriert: 30.07.2005, 10:01
Wohnort: CuxHaven
Nach oben

Beitragvon d4ve- am 30.07.2005, 10:26

--------------------------------------------------
-------------------- INFECTED --------------------
--------------------------------------------------

1: Sun Jul 31 23:57:37 2005 => File C:\WINDOWS\System32\mousecm.exe infected by "Backdoor.Win32.IRCBot.bv" Virus! Action Taken: No Action Taken.
2: Sun Jul 31 23:57:37 2005 => File C:\WINDOWS\System32\windowsp.exe infected by "Backdoor.Win32.Rbot.gen" Virus! Action Taken: No Action Taken.
3: Sun Jul 31 23:57:38 2005 => File C:\WINDOWS\System32\microsoft.exe infected by "Backdoor.Win32.Rbot.gen" Virus! Action Taken: No Action Taken.
4: Sun Jul 31 23:57:45 2005 => File C:\WINDOWS\system32\scvhost.exe infected by "Backdoor.Win32.Rbot.gen" Virus! Action Taken: No Action Taken.
5: Sun Jul 31 23:57:46 2005 => File C:\WINDOWS\system32\dos.exe infected by "Backdoor.Win32.Rbot.gen" Virus! Action Taken: No Action Taken.
6: Sun Jul 31 23:57:47 2005 => File C:\WINDOWS\system32\hostserv.exe infected by "Backdoor.Win32.Agobot.pac" Virus! Action Taken: No Action Taken.
7: Sun Jul 31 23:57:47 2005 => File C:\WINDOWS\system32\MSASP32.exe infected by "Backdoor.Win32.Rbot.rv" Virus! Action Taken: No Action Taken.
8: Sun Jul 31 23:57:47 2005 => File C:\WINDOWS\system32\MSRPC32.exe infected by "Backdoor.Win32.Rbot.gen" Virus! Action Taken: No Action Taken.
9: Sun Jul 31 23:57:47 2005 => File C:\WINDOWS\system32\windowsp.exe infected by "Backdoor.Win32.Rbot.gen" Virus! Action Taken: No Action Taken.
10: Sun Jul 31 23:57:48 2005 => File C:\WINDOWS\system32\microsoft.exe infected by "Backdoor.Win32.Rbot.gen" Virus! Action Taken: No Action Taken.
11: Sun Jul 31 23:57:50 2005 => File C:\WINDOWS\SYSTEM32\KBDRV64.SYS infected by "Backdoor.Win32.SdBot.zo" Virus! Action Taken: No Action Taken.
12: Sun Jul 31 23:57:50 2005 => File C:\WINDOWS\System32\mousecm.exe infected by "Backdoor.Win32.IRCBot.bv" Virus! Action Taken: No Action Taken.
13: Sun Jul 31 23:57:51 2005 => File C:\WINDOWS\netddf.exe infected by "Backdoor.Win32.SdBot.zo" Virus! Action Taken: No Action Taken.
14: Sun Jul 31 23:57:52 2005 => System found infected with Gator Spyware/Adware ({21FFB6C0-0DA1-11D5-A9D5-00500413153C})! Action taken: No Action Taken.
15: Sun Jul 31 23:57:52 2005 => System found infected with Alexa Spyware/Adware ({c95fe080-8f5d-11d2-a20b-00aa003c157a})! Action taken: No Action Taken.
16: Sun Jul 31 23:57:52 2005 => System found infected with MyBar Spyware/Adware ({0494d0d9-f8e0-41ad-92a3-14154ece70ac})! Action taken: No Action Taken.
17: Sun Jul 31 23:57:52 2005 => System found infected with MyBar Spyware/Adware ({3646C2BD-3554-49CA-8125-44DEEFB881DE})! Action taken: No Action Taken.
18: Sun Jul 31 23:57:52 2005 => System found infected with MyBar Spyware/Adware ({3f4d4f88-0198-4921-b630-957f3eb814e0})! Action taken: No Action Taken.
19: Sun Jul 31 23:57:52 2005 => System found infected with WebP2P Spyware/Adware ({1D6711C8-7154-40BB-8380-3DEA45B69CBF})! Action taken: No Action Taken.
20: Sun Jul 31 23:57:52 2005 => System found infected with AltnetBDE Spyware/Adware ({8b0fef15-54dc-49f5-8377-8172de975f75})! Action taken: No Action Taken.
21: Sun Jul 31 23:57:52 2005 => System found infected with AltnetBDE Spyware/Adware ({e813099d-5529-47f4-9b37-4afafcb00a43})! Action taken: No Action Taken.
22: Sun Jul 31 23:57:52 2005 => System found infected with AltnetBDE Spyware/Adware ({ad5bc1f0-72d8-44b3-8e3d-8e8fecce43fb})! Action taken: No Action Taken.
23: Sun Jul 31 23:57:58 2005 => System found infected with altnet Spyware/Adware (smdat32a.sys)! Action taken: No Action Taken.
24: Sun Jul 31 23:58:01 2005 => System found infected with AltnetBDE Spyware/Adware (altnet signing module.exe)! Action taken: No Action Taken.
25: Sun Jul 31 23:58:01 2005 => System found infected with AltnetBDE Spyware/Adware (adm.exe)! Action taken: No Action Taken.
26: Sun Jul 31 23:58:02 2005 => System found infected with AltnetBDE Spyware/Adware (adm25.dll)! Action taken: No Action Taken.
27: Sun Jul 31 23:58:12 2005 => File C:\WINDOWS\System32\blank.html infected by "Trojan-Clicker.JS.Linker.j" Virus! Action Taken: No Action Taken.
28: Sun Jul 31 23:58:46 2005 => File C:\WINDOWS\System32\re11.REG infected by "Trojan.WinREG.LowZones.a" Virus! Action Taken: No Action Taken.
29: Sun Jul 31 23:59:14 2005 => File C:\DOKUME~1\Davil\LOKALE~1\TEMPOR~1\Content.IE5\EBFQN0AZ\ysb_regular[1].cab infected by "Trojan-Downloader.Win32.IstBar.gen" Virus! Action Taken: No Action Taken.
30: Sun Jul 31 23:59:15 2005 => File C:\DOKUME~1\Davil\LOKALE~1\TEMPOR~1\Content.IE5\I3UVYP6Z\website[1].ocx infected by "Trojan-Downloader.Win32.Agent.ex" Virus! Action Taken: No Action Taken.
31: Sun Jul 31 23:59:16 2005 => File C:\DOKUME~1\Davil\LOKALE~1\TEMPOR~1\Content.IE5\KA08TJBV\blank[2].html infected by "Trojan-Clicker.JS.Linker.j" Virus! Action Taken: No Action Taken.
32: Sun Jul 31 23:59:20 2005 => File C:\DOKUME~1\Davil\LOKALE~1\TEMPOR~1\Content.IE5\LKBWGUZC\blank[1].html infected by "Trojan-Clicker.JS.Linker.j" Virus! Action Taken: No Action Taken.
33: Sun Jul 31 23:59:20 2005 => File C:\DOKUME~1\Davil\LOKALE~1\TEMPOR~1\Content.IE5\LKBWGUZC\brot[1].p infected by "Trojan-Downloader.Win32.Dyfuca.em" Virus! Action Taken: No Action Taken.
34: Sun Jul 31 23:59:21 2005 => File C:\DOKUME~1\Davil\LOKALE~1\TEMPOR~1\Content.IE5\LKBWGUZC\prompt[1].htm infected by "Trojan-Downloader.JS.IstBar.f" Virus! Action Taken: No Action Taken.
35: Sun Jul 31 23:59:22 2005 => File C:\DOKUME~1\Davil\LOKALE~1\TEMPOR~1\Content.IE5\OD47WFGB\js[1].htm infected by "Exploit.HTML.CodeBaseExec" Virus! Action Taken: No Action Taken.
36: Sun Jul 31 23:59:23 2005 => File C:\DOKUME~1\Davil\LOKALE~1\TEMPOR~1\Content.IE5\SPSXQZGT\blank[1].html infected by "Trojan-Clicker.JS.Linker.j" Virus! Action Taken: No Action Taken.
37: Sun Jul 31 23:59:24 2005 => File C:\DOKUME~1\Davil\LOKALE~1\TEMPOR~1\Content.IE5\SPSXQZGT\tcv[1].p infected by "Trojan-Downloader.Win32.WinAD.h " Virus! Action Taken: No Action Taken.
38: Sun Jul 31 23:59:24 2005 => File C:\DOKUME~1\Davil\LOKALE~1\TEMPOR~1\Content.IE5\SPSXQZGT\thisone[1].p infected by "Trojan.Win32.Agent.gg" Virus! Action Taken: No Action Taken.
39: Sun Jul 31 23:59:25 2005 => File C:\DOKUME~1\Davil\LOKALE~1\TEMPOR~1\Content.IE5\WDSGHFIN\mtrslib2[1].js infected by "Trojan-Downloader.JS.Small.ag" Virus! Action Taken: No Action Taken.
40: Sun Jul 31 23:59:26 2005 => File C:\DOKUME~1\Davil\LOKALE~1\TEMPOR~1\Content.IE5\WDSGHFIN\prompt[1].htm infected by "Trojan-Downloader.JS.IstBar.f" Virus! Action Taken: No Action Taken.
41: Sun Jul 31 23:59:29 2005 => File C:\DOKUME~1\Davil\LOKALE~1\TEMPOR~1\Content.IE5\YDCNQHA5\protect[1].htm infected by "Trojan-Downloader.JS.Codebase.c" Virus! Action Taken: No Action Taken.
42: Sun Jul 31 23:59:29 2005 => File C:\DOKUME~1\Davil\LOKALE~1\TEMPOR~1\Content.IE5\YDCNQHA5\ysb_regular[1].cab infected by "Trojan-Downloader.Win32.IstBar.gen" Virus! Action Taken: No Action Taken.
43: Sun Jul 31 23:59:30 2005 => File C:\arg.exe infected by "Backdoor.Win32.SdBot.gen" Virus! Action Taken: No Action Taken.
44: Sun Jul 31 23:59:30 2005 => File C:\asn.exe infected by "Backdoor.Win32.Rbot.gen" Virus! Action Taken: No Action Taken.
45: Sun Jul 31 23:59:48 2005 => File C:\Dokumente und Einstellungen\Davil\Anwendungsdaten\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-3ea324cb-3a014ba0.zip infected by "Trojan.Java.ClassLoader.Dummy.a" Virus! Action Taken: No Action Taken.
46: Sun Jul 31 23:59:48 2005 => File C:\Dokumente und Einstellungen\Davil\Anwendungsdaten\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-7462cf54-280b1a67.zip infected by "Trojan.Java.ClassLoader.c" Virus! Action Taken: No Action Taken.
47: Sun Jul 31 23:59:48 2005 => File C:\Dokumente und Einstellungen\Davil\Anwendungsdaten\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-776b5799-75928315.zip infected by "Trojan.Java.ClassLoader.c" Virus! Action Taken: No Action Taken.
48: Sun Jul 31 23:59:48 2005 => File C:\Dokumente und Einstellungen\Davil\Anwendungsdaten\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv429.jar-78d0a604-217fc805.zip infected by "Trojan-Downloader.Java.OpenStream.c" Virus! Action Taken: No Action Taken.
49: Sun Jul 31 23:59:49 2005 => File C:\Dokumente und Einstellungen\Davil\blank.html infected by "Trojan-Clicker.JS.Linker.j" Virus! Action Taken: No Action Taken.
50: Mon Aug 01 00:00:11 2005 => File C:\Dokumente und Einstellungen\Davil\Lokale Einstellungen\Temporary Internet Files\Content.IE5\EBFQN0AZ\ysb_regular[1].cab infected by "Trojan-Downloader.Win32.IstBar.gen" Virus! Action Taken: No Action Taken.
51: Mon Aug 01 00:00:12 2005 => File C:\Dokumente und Einstellungen\Davil\Lokale Einstellungen\Temporary Internet Files\Content.IE5\I3UVYP6Z\website[1].ocx infected by "Trojan-Downloader.Win32.Agent.ex" Virus! Action Taken: No Action Taken.
52: Mon Aug 01 00:00:12 2005 => File C:\Dokumente und Einstellungen\Davil\Lokale Einstellungen\Temporary Internet Files\Content.IE5\KA08TJBV\blank[2].html infected by "Trojan-Clicker.JS.Linker.j" Virus! Action Taken: No Action Taken.
53: Mon Aug 01 00:00:13 2005 => File C:\Dokumente und Einstellungen\Davil\Lokale Einstellungen\Temporary Internet Files\Content.IE5\LKBWGUZC\blank[1].html infected by "Trojan-Clicker.JS.Linker.j" Virus! Action Taken: No Action Taken.
54: Mon Aug 01 00:00:13 2005 => File C:\Dokumente und Einstellungen\Davil\Lokale Einstellungen\Temporary Internet Files\Content.IE5\LKBWGUZC\brot[1].p infected by "Trojan-Downloader.Win32.Dyfuca.em" Virus! Action Taken: No Action Taken.
55: Mon Aug 01 00:00:14 2005 => File C:\Dokumente und Einstellungen\Davil\Lokale Einstellungen\Temporary Internet Files\Content.IE5\LKBWGUZC\prompt[1].htm infected by "Trojan-Downloader.JS.IstBar.f" Virus! Action Taken: No Action Taken.
56: Mon Aug 01 00:00:14 2005 => File C:\Dokumente und Einstellungen\Davil\Lokale Einstellungen\Temporary Internet Files\Content.IE5\OD47WFGB\js[1].htm infected by "Exploit.HTML.CodeBaseExec" Virus! Action Taken: No Action Taken.
57: Mon Aug 01 00:00:14 2005 => File C:\Dokumente und Einstellungen\Davil\Lokale Einstellungen\Temporary Internet Files\Content.IE5\SPSXQZGT\blank[1].html infected by "Trojan-Clicker.JS.Linker.j" Virus! Action Taken: No Action Taken.
58: Mon Aug 01 00:00:15 2005 => File C:\Dokumente und Einstellungen\Davil\Lokale Einstellungen\Temporary Internet Files\Content.IE5\SPSXQZGT\tcv[1].p infected by "Trojan-Downloader.Win32.WinAD.h " Virus! Action Taken: No Action Taken.
59: Mon Aug 01 00:00:15 2005 => File C:\Dokumente und Einstellungen\Davil\Lokale Einstellungen\Temporary Internet Files\Content.IE5\SPSXQZGT\thisone[1].p infected by "Trojan.Win32.Agent.gg" Virus! Action Taken: No Action Taken.
60: Mon Aug 01 00:00:15 2005 => File C:\Dokumente und Einstellungen\Davil\Lokale Einstellungen\Temporary Internet Files\Content.IE5\WDSGHFIN\mtrslib2[1].js infected by "Trojan-Downloader.JS.Small.ag" Virus! Action Taken: No Action Taken.
61: Mon Aug 01 00:00:16 2005 => File C:\Dokumente und Einstellungen\Davil\Lokale Einstellungen\Temporary Internet Files\Content.IE5\WDSGHFIN\prompt[1].htm infected by "Trojan-Downloader.JS.IstBar.f" Virus! Action Taken: No Action Taken.
62: Mon Aug 01 00:00:17 2005 => File C:\Dokumente und Einstellungen\Davil\Lokale Einstellungen\Temporary Internet Files\Content.IE5\YDCNQHA5\protect[1].htm infected by "Trojan-Downloader.JS.Codebase.c" Virus! Action Taken: No Action Taken.
63: Mon Aug 01 00:00:17 2005 => File C:\Dokumente und Einstellungen\Davil\Lokale Einstellungen\Temporary Internet Files\Content.IE5\YDCNQHA5\ysb_regular[1].cab infected by "Trojan-Downloader.Win32.IstBar.gen" Virus! Action Taken: No Action Taken.
64: Mon Aug 01 00:00:17 2005 => File C:\Dokumente und Einstellungen\Davil\re11.REG infected by "Trojan.WinREG.LowZones.a" Virus! Action Taken: No Action Taken.
65: Mon Aug 01 00:00:21 2005 => File C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Temporary Internet Files\Content.IE5\06OQQMJS\socks4[1].exe infected by "Trojan-Proxy.Win32.Ranky.bu" Virus! Action Taken: No Action Taken.
66: Mon Aug 01 00:00:21 2005 => File C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Temporary Internet Files\Content.IE5\QRBTM990\socks3[1].exe infected by "Trojan-Proxy.Win32.Agent.fy" Virus! Action Taken: No Action Taken.
67: Mon Aug 01 00:00:22 2005 => File C:\msap32.exe infected by "Trojan-Downloader.Win32.WinAD.h " Virus! Action Taken: No Action Taken.
68: Mon Aug 01 00:00:22 2005 => File C:\msdll32.exe infected by "Trojan-Downloader.Win32.Dyfuca.em" Virus! Action Taken: No Action Taken.
69: Mon Aug 01 00:00:22 2005 => File C:\msregset.exe infected by "Trojan.Win32.Agent.gg" Virus! Action Taken: No Action Taken.
70: Mon Aug 01 00:00:22 2005 => File C:\msregset32.exe infected by "Trojan.Win32.Agent.gg" Virus! Action Taken: No Action Taken.
71: Mon Aug 01 00:00:22 2005 => File C:\mssci32.exe infected by "Trojan.Win32.Agent.gg" Virus! Action Taken: No Action Taken.
72: Mon Aug 01 00:00:22 2005 => File C:\msset32.exe infected by "Trojan-Downloader.Win32.WinAD.h " Virus! Action Taken: No Action Taken.
73: Mon Aug 01 00:00:22 2005 => File C:\mssrv32.exe infected by "Trojan-Downloader.Win32.WinAD.h " Virus! Action Taken: No Action Taken.
74: Mon Aug 01 00:00:22 2005 => File C:\mstcp32.exe infected by "Trojan-Downloader.Win32.WinAD.h " Virus! Action Taken: No Action Taken.
75: Mon Aug 01 00:00:23 2005 => File C:\msw32b.exe infected by "Trojan-Downloader.Win32.WinAD.h " Virus! Action Taken: No Action Taken.
76: Mon Aug 01 00:01:03 2005 => Scanning Folder: C:\Programme\AVPersonal\INFECTED\*.*
77: Mon Aug 01 00:01:03 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\scvhost.VIR
78: Mon Aug 01 00:01:05 2005 => File C:\Programme\AVPersonal\INFECTED\scvhost.VIR infected by "Backdoor.Win32.Rbot.gen" Virus! Action Taken: No Action Taken.
79: Mon Aug 01 00:01:05 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\SE.DLL.VIR
80: Mon Aug 01 00:01:05 2005 => File C:\Programme\AVPersonal\INFECTED\SE.DLL.VIR infected by "Trojan.Win32.StartPage.gn" Virus! Action Taken: No Action Taken.
81: Mon Aug 01 00:03:15 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP76\A0019985.exe infected by "Backdoor.Win32.SdBot.gen" Virus! Action Taken: No Action Taken.
82: Mon Aug 01 00:03:36 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP86\A0022768.exe infected by "Trojan-Downloader.Win32.WinAD.h " Virus! Action Taken: No Action Taken.
83: Mon Aug 01 00:03:36 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP86\A0022769.exe infected by "Trojan.Win32.Agent.gg" Virus! Action Taken: No Action Taken.
84: Mon Aug 01 00:03:41 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP88\A0023253.exe infected by "Trojan.Win32.Agent.gg" Virus! Action Taken: No Action Taken.
85: Mon Aug 01 00:03:42 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP88\A0023268.exe infected by "Trojan.Win32.Agent.gg" Virus! Action Taken: No Action Taken.
86: Mon Aug 01 00:03:42 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP88\A0023269.exe infected by "Trojan-Downloader.Win32.WinAD.h " Virus! Action Taken: No Action Taken.
87: Mon Aug 01 00:03:42 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP88\A0023304.exe infected by "Trojan.Win32.Agent.gg" Virus! Action Taken: No Action Taken.
88: Mon Aug 01 00:03:42 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP88\A0023305.exe infected by "Trojan-Downloader.Win32.Dyfuca.em" Virus! Action Taken: No Action Taken.
89: Mon Aug 01 00:03:43 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP89\A0024335.exe infected by "Trojan.Win32.Agent.gg" Virus! Action Taken: No Action Taken.
90: Mon Aug 01 00:03:43 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP89\A0024346.exe infected by "Trojan.Win32.Agent.gg" Virus! Action Taken: No Action Taken.
91: Mon Aug 01 00:03:43 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP89\A0024347.exe infected by "Trojan-Downloader.Win32.WinAD.h " Virus! Action Taken: No Action Taken.
92: Mon Aug 01 00:03:43 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP89\A0024363.exe infected by "Trojan.WinREG.LowZones.a" Virus! Action Taken: No Action Taken.
93: Mon Aug 01 00:03:43 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP89\A0024367.REG infected by "Trojan.WinREG.LowZones.a" Virus! Action Taken: No Action Taken.
94: Mon Aug 01 00:03:44 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP89\A0024401.exe infected by "Trojan.Win32.Agent.gg" Virus! Action Taken: No Action Taken.
95: Mon Aug 01 00:03:44 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP89\A0024403.exe infected by "Trojan.WinREG.LowZones.a" Virus! Action Taken: No Action Taken.
96: Mon Aug 01 00:03:44 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP89\A0024407.REG infected by "Trojan.WinREG.LowZones.a" Virus! Action Taken: No Action Taken.
97: Mon Aug 01 00:03:44 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP89\A0024428.exe infected by "Trojan.Win32.Agent.gg" Virus! Action Taken: No Action Taken.
98: Mon Aug 01 00:03:44 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP89\A0024429.exe infected by "Trojan.WinREG.LowZones.a" Virus! Action Taken: No Action Taken.
99: Mon Aug 01 00:03:44 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP89\A0024431.REG infected by "Trojan.WinREG.LowZones.a" Virus! Action Taken: No Action Taken.
100: Mon Aug 01 00:03:45 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP90\A0024453.exe infected by "Trojan.Win32.Agent.gg" Virus! Action Taken: No Action Taken.
101: Mon Aug 01 00:03:45 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP90\A0024454.exe infected by "Trojan-Downloader.Win32.WinAD.h " Virus! Action Taken: No Action Taken.
102: Mon Aug 01 00:03:45 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP90\A0024461.exe infected by "Trojan-Downloader.Win32.Dyfuca.em" Virus! Action Taken: No Action Taken.
103: Mon Aug 01 00:03:45 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP90\A0024471.exe infected by "Trojan.Win32.Agent.gg" Virus! Action Taken: No Action Taken.
104: Mon Aug 01 00:03:45 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP90\A0024472.exe infected by "Trojan-Downloader.Win32.Dyfuca.em" Virus! Action Taken: No Action Taken.
105: Mon Aug 01 00:03:45 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP90\A0024477.REG infected by "Trojan.WinREG.LowZones.a" Virus! Action Taken: No Action Taken.
106: Mon Aug 01 00:03:45 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP90\A0024497.exe infected by "Trojan.Win32.Agent.gg" Virus! Action Taken: No Action Taken.
107: Mon Aug 01 00:03:45 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP90\A0024498.exe infected by "Trojan-Downloader.Win32.WinAD.h " Virus! Action Taken: No Action Taken.
108: Mon Aug 01 00:03:45 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP90\A0024499.exe infected by "Trojan.WinREG.LowZones.a" Virus! Action Taken: No Action Taken.
109: Mon Aug 01 00:03:46 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP90\A0024502.REG infected by "Trojan.WinREG.LowZones.a" Virus! Action Taken: No Action Taken.
110: Mon Aug 01 00:03:46 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP90\A0024540.exe infected by "Trojan.Win32.Agent.gg" Virus! Action Taken: No Action Taken.
111: Mon Aug 01 00:03:46 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP90\A0024541.exe infected by "Trojan-Downloader.Win32.Dyfuca.em" Virus! Action Taken: No Action Taken.
112: Mon Aug 01 00:03:46 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP90\A0024543.exe infected by "Trojan-Clicker.JS.Linker.j" Virus! Action Taken: No Action Taken.
113: Mon Aug 01 00:03:46 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP90\A0024553.REG infected by "Trojan.WinREG.LowZones.a" Virus! Action Taken: No Action Taken.
114: Mon Aug 01 00:03:47 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP91\A0025566.exe infected by "Trojan-Downloader.Win32.WinAD.h " Virus! Action Taken: No Action Taken.
115: Mon Aug 01 00:03:47 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP91\A0025567.exe infected by "Trojan.Win32.Agent.gg" Virus! Action Taken: No Action Taken.
116: Mon Aug 01 00:03:47 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP91\A0025568.exe infected by "Trojan-Clicker.JS.Linker.j" Virus! Action Taken: No Action Taken.
117: Mon Aug 01 00:03:47 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP91\A0025571.REG infected by "Trojan.WinREG.LowZones.a" Virus! Action Taken: No Action Taken.
118: Mon Aug 01 00:03:49 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP91\A0025624.exe infected by "Trojan-Downloader.Win32.Dyfuca.em" Virus! Action Taken: No Action Taken.
119: Mon Aug 01 00:03:49 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP91\A0025625.exe infected by "Trojan-Downloader.Win32.Dyfuca.em" Virus! Action Taken: No Action Taken.
120: Mon Aug 01 00:03:50 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP91\A0025637.exe infected by "Trojan-Downloader.Win32.WinAD.h " Virus! Action Taken: No Action Taken.
121: Mon Aug 01 00:03:50 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP91\A0025638.exe infected by "Trojan.Win32.Agent.gg" Virus! Action Taken: No Action Taken.
122: Mon Aug 01 00:03:50 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP91\A0025639.exe infected by "Trojan.WinREG.LowZones.a" Virus! Action Taken: No Action Taken.
123: Mon Aug 01 00:03:50 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP91\A0025650.sys infected by "Backdoor.Win32.SdBot.zo" Virus! Action Taken: No Action Taken.
124: Mon Aug 01 00:03:50 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP91\A0025656.exe infected by "Trojan-Downloader.Win32.WinAD.h " Virus! Action Taken: No Action Taken.
125: Mon Aug 01 00:03:50 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP91\A0025657.exe infected by "Trojan.Win32.Agent.gg" Virus! Action Taken: No Action Taken.
126: Mon Aug 01 00:03:50 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP91\A0025670.sys infected by "Backdoor.Win32.SdBot.zo" Virus! Action Taken: No Action Taken.
127: Mon Aug 01 00:03:50 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP91\A0025673.exe infected by "Trojan-Downloader.Win32.WinAD.h " Virus! Action Taken: No Action Taken.
128: Mon Aug 01 00:03:50 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP91\A0025674.exe infected by "Trojan.Win32.Agent.gg" Virus! Action Taken: No Action Taken.
129: Mon Aug 01 00:03:51 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP91\A0025686.exe infected by "Trojan.Win32.Agent.gg" Virus! Action Taken: No Action Taken.
130: Mon Aug 01 00:03:51 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP91\A0025687.sys infected by "Backdoor.Win32.SdBot.zo" Virus! Action Taken: No Action Taken.
131: Mon Aug 01 00:03:51 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP91\A0025696.sys infected by "Backdoor.Win32.SdBot.zo" Virus! Action Taken: No Action Taken.
132: Mon Aug 01 00:03:51 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP91\A0025700.exe infected by "Trojan-Clicker.JS.Linker.j" Virus! Action Taken: No Action Taken.
133: Mon Aug 01 00:03:51 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP91\A0025703.REG infected by "Trojan.WinREG.LowZones.a" Virus! Action Taken: No Action Taken.
134: Mon Aug 01 00:03:51 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP91\A0025707.REG infected by "Trojan.WinREG.LowZones.a" Virus! Action Taken: No Action Taken.
135: Mon Aug 01 00:03:51 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP91\A0025720.sys infected by "Backdoor.Win32.SdBot.zo" Virus! Action Taken: No Action Taken.
136: Mon Aug 01 00:03:51 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP91\A0025726.sys infected by "Backdoor.Win32.SdBot.zo" Virus! Action Taken: No Action Taken.
137: Mon Aug 01 00:03:51 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP91\A0025732.sys infected by "Backdoor.Win32.SdBot.zo" Virus! Action Taken: No Action Taken.
138: Mon Aug 01 00:03:51 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP92\A0025736.exe infected by "Trojan.Win32.Agent.gg" Virus! Action Taken: No Action Taken.
139: Mon Aug 01 00:03:51 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP92\A0025737.exe infected by "Trojan-Downloader.Win32.WinAD.h " Virus! Action Taken: No Action Taken.
140: Mon Aug 01 00:03:52 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP92\A0025738.exe infected by "Trojan-Clicker.JS.Linker.j" Virus! Action Taken: No Action Taken.
141: Mon Aug 01 00:03:52 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP92\A0025741.REG infected by "Trojan.WinREG.LowZones.a" Virus! Action Taken: No Action Taken.
142: Mon Aug 01 00:03:52 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP92\A0025749.exe infected by "Trojan-Downloader.Win32.Dyfuca.em" Virus! Action Taken: No Action Taken.
143: Mon Aug 01 00:03:52 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP92\A0025755.exe infected by "Backdoor.Win32.Rbot.gen" Virus! Action Taken: No Action Taken.
144: Mon Aug 01 00:03:52 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP92\A0025756.exe infected by "Backdoor.Win32.Rbot.gen" Virus! Action Taken: No Action Taken.
145: Mon Aug 01 00:03:52 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP92\A0025759.REG infected by "Trojan.WinREG.LowZones.a" Virus! Action Taken: No Action Taken.
146: Mon Aug 01 00:03:53 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP92\A0025771.sys infected by "Backdoor.Win32.SdBot.zo" Virus! Action Taken: No Action Taken.
147: Mon Aug 01 00:03:53 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP92\A0025782.sys infected by "Backdoor.Win32.SdBot.zo" Virus! Action Taken: No Action Taken.
148: Mon Aug 01 00:03:53 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP93\A0025789.exe infected by "Trojan-Downloader.Win32.WinAD.h " Virus! Action Taken: No Action Taken.
149: Mon Aug 01 00:03:53 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP93\A0025790.exe infected by "Trojan.Win32.Agent.gg" Virus! Action Taken: No Action Taken.
150: Mon Aug 01 00:03:53 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP93\A0025791.exe infected by "Trojan-Clicker.JS.Linker.j" Virus! Action Taken: No Action Taken.
151: Mon Aug 01 00:03:53 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP93\A0025794.REG infected by "Trojan.WinREG.LowZones.a" Virus! Action Taken: No Action Taken.
152: Mon Aug 01 00:03:54 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP93\A0025822.sys infected by "Backdoor.Win32.SdBot.zo" Virus! Action Taken: No Action Taken.
153: Mon Aug 01 00:03:54 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP93\A0025838.exe infected by "Trojan-Downloader.Win32.WinAD.h " Virus! Action Taken: No Action Taken.
154: Mon Aug 01 00:03:54 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP93\A0025839.exe infected by "Trojan.Win32.Agent.gg" Virus! Action Taken: No Action Taken.
155: Mon Aug 01 00:03:54 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP93\A0025840.exe infected by "Trojan-Clicker.JS.Linker.j" Virus! Action Taken: No Action Taken.
156: Mon Aug 01 00:03:54 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP93\A0025841.exe infected by "Trojan-Clicker.JS.Linker.j" Virus! Action Taken: No Action Taken.
157: Mon Aug 01 00:03:54 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP93\A0025842.exe infected by "Backdoor.Win32.Rbot.gen" Virus! Action Taken: No Action Taken.
158: Mon Aug 01 00:03:54 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP93\A0025848.REG infected by "Trojan.WinREG.LowZones.a" Virus! Action Taken: No Action Taken.
159: Mon Aug 01 00:04:01 2005 => File C:\w.exe infected by "Trojan.WinREG.LowZones.a" Virus! Action Taken: No Action Taken.
160: Mon Aug 01 00:06:55 2005 => File C:\WINDOWS\system32\blank.html infected by "Trojan-Clicker.JS.Linker.j" Virus! Action Taken: No Action Taken.
161: Mon Aug 01 00:07:09 2005 => File C:\WINDOWS\system32\config\systemprofile\Lokale Einstellungen\Temporary Internet Files\Content.IE5\EBFQN0AZ\ysb_regular[1].cab infected by "Trojan-Downloader.Win32.IstBar.gen" Virus! Action Taken: No Action Taken.
162: Mon Aug 01 00:07:10 2005 => File C:\WINDOWS\system32\config\systemprofile\Lokale Einstellungen\Temporary Internet Files\Content.IE5\KA08TJBV\ysb_prompt[1].htm infected by "Trojan-Downloader.JS.IstBar.j" Virus! Action Taken: No Action Taken.
163: Mon Aug 01 00:07:11 2005 => File C:\WINDOWS\system32\config\systemprofile\Lokale Einstellungen\Temporary Internet Files\Content.IE5\WDSGHFIN\brot[1].p infected by "Trojan-Downloader.Win32.Dyfuca.em" Virus! Action Taken: No Action Taken.
164: Mon Aug 01 00:07:13 2005 => File C:\WINDOWS\system32\config\systemprofile\Lokale Einstellungen\Temporary Internet Files\Content.IE5\WDSGHFIN\thisone[1].p infected by "Trojan.Win32.Agent.gg" Virus! Action Taken: No Action Taken.
165: Mon Aug 01 00:09:22 2005 => File C:\WINDOWS\system32\re11.REG infected by "Trojan.WinREG.LowZones.a" Virus! Action Taken: No Action Taken.
166: Mon Aug 01 00:09:59 2005 => File C:\windows.exe infected by "Trojan.WinREG.LowZones.a" Virus! Action Taken: No Action Taken.
167: Mon Aug 01 00:09:59 2005 => File C:\wy.exe infected by "Trojan-Clicker.JS.Linker.j" Virus! Action Taken: No Action Taken.
168: Mon Aug 01 00:10:00 2005 => File C:\wyy.exe infected by "Trojan-Clicker.JS.Linker.j" Virus! Action Taken: No Action Taken.
169: Mon Aug 01 00:15:25 2005 => Scanning Folder: H:\Music\AbgeHN\Does This Look Infected\*.*
170: Mon Aug 01 00:15:25 2005 => Scanning File H:\Music\AbgeHN\Does This Look Infected\01 The Hell Song.wma [**]
171: Mon Aug 01 00:15:25 2005 => Scanning File H:\Music\AbgeHN\Does This Look Infected\01 The Hell Song._[1].wma [**]
172: Mon Aug 01 00:15:25 2005 => Scanning File H:\Music\AbgeHN\Does This Look Infected\02 Over My Head (Better off Dead).wma [**]
173: Mon Aug 01 00:15:25 2005 => Scanning File H:\Music\AbgeHN\Does This Look Infected\03 My Direction.wma [**]
174: Mon Aug 01 00:15:25 2005 => Scanning File H:\Music\AbgeHN\Does This Look Infected\04 Still Waiting.wma [**]
175: Mon Aug 01 00:15:25 2005 => Scanning File H:\Music\AbgeHN\Does This Look Infected\05 A.N.I.C.wma [**]
176: Mon Aug 01 00:15:25 2005 => Scanning File H:\Music\AbgeHN\Does This Look Infected\06 No Brains.wma [**]
177: Mon Aug 01 00:15:25 2005 => Scanning File H:\Music\AbgeHN\Does This Look Infected\07 All Messed Up.wma [**]
178: Mon Aug 01 00:15:25 2005 => Scanning File H:\Music\AbgeHN\Does This Look Infected\08 Mr. Amsterdam.wma [**]
179: Mon Aug 01 00:15:25 2005 => Scanning File H:\Music\AbgeHN\Does This Look Infected\09 Thanks for Nothing.wma [**]
180: Mon Aug 01 00:15:25 2005 => Scanning File H:\Music\AbgeHN\Does This Look Infected\10 Hyper-Insomnia-Para-Condroid.wma [**]
181: Mon Aug 01 00:15:25 2005 => Scanning File H:\Music\AbgeHN\Does This Look Infected\11 Billy Spleen.wma [**]
182: Mon Aug 01 00:15:25 2005 => Scanning File H:\Music\AbgeHN\Does This Look Infected\12 Hooch.wma [**]
183: Mon Aug 01 00:15:25 2005 => Scanning File H:\Music\AbgeHN\Does This Look Infected\AlbumArtSmall.jpg [**]
184: Mon Aug 01 00:15:25 2005 => Scanning File H:\Music\AbgeHN\Does This Look Infected\AlbumArt_{07D52A03-C13E-49C2-A0B2-E56FCF4AC012}_Large.jpg [**]
185: Mon Aug 01 00:15:25 2005 => Scanning File H:\Music\AbgeHN\Does This Look Infected\AlbumArt_{07D52A03-C13E-49C2-A0B2-E56FCF4AC012}_Small.jpg [**]
186: Mon Aug 01 00:15:25 2005 => Scanning File H:\Music\AbgeHN\Does This Look Infected\Desktop.ini [**]
187: Mon Aug 01 00:15:25 2005 => Scanning File H:\Music\AbgeHN\Does This Look Infected\Folder.jpg [**]

--------------------------------------------------
--------------------- TAGGED ---------------------
--------------------------------------------------

1: Sun Jul 31 23:57:38 2005 => File C:\WINDOWS\system32\drivers\svc\spoolsv.exe tagged as not-a-virus:Server-FTP.Win32.Serv-U.25.k. No Action Taken.
2: Sun Jul 31 23:57:40 2005 => File C:\Programme\Need2Find\bar\1.bin\ND2FNBAR.DLL tagged as "not-a-virus:AdWare.MySearch.e". Action Taken: No Action Taken.
3: Sun Jul 31 23:57:51 2005 => File C:\WINDOWS\system32\drivers\svc\FireDaemon.EXE tagged as not-a-virus:RemoteAdmin.Win32.RA.3826. No Action Taken.
4: Sun Jul 31 23:59:13 2005 => File C:\DOKUME~1\Davil\LOKALE~1\TEMPOR~1\Content.IE5\EBFQN0AZ\MediaTicketsInstaller[1].cab tagged as "not-a-virus:AdWare.MediaTickets.f". Action Taken: No Action Taken.
5: Sun Jul 31 23:59:23 2005 => File C:\DOKUME~1\Davil\LOKALE~1\TEMPOR~1\Content.IE5\SPSXQZGT\bridge-c267[1].cab tagged as "not-a-virus:AdWare.WinAD.be". Action Taken: No Action Taken.
6: Sun Jul 31 23:59:23 2005 => File C:\DOKUME~1\Davil\LOKALE~1\TEMPOR~1\Content.IE5\SPSXQZGT\bridge-c267[2].cab tagged as "not-a-virus:AdWare.WinAD.be". Action Taken: No Action Taken.
7: Sun Jul 31 23:59:25 2005 => File C:\DOKUME~1\Davil\LOKALE~1\TEMPOR~1\Content.IE5\WDSGHFIN\bridge-c267[1].cab tagged as "not-a-virus:AdWare.WinAD.be". Action Taken: No Action Taken.
8: Sun Jul 31 23:59:27 2005 => File C:\DOKUME~1\Davil\LOKALE~1\TEMPOR~1\Content.IE5\WP6V09QN\bridge-c267[1].cab tagged as "not-a-virus:AdWare.WinAD.be". Action Taken: No Action Taken.
9: Sun Jul 31 23:59:27 2005 => File C:\DOKUME~1\Davil\LOKALE~1\TEMPOR~1\Content.IE5\WP6V09QN\bridge-c267[2].cab tagged as "not-a-virus:AdWare.WinAD.be". Action Taken: No Action Taken.
10: Mon Aug 01 00:00:11 2005 => File C:\Dokumente und Einstellungen\Davil\Lokale Einstellungen\Temporary Internet Files\Content.IE5\EBFQN0AZ\MediaTicketsInstaller[1].cab tagged as "not-a-virus:AdWare.MediaTickets.f". Action Taken: No Action Taken.
11: Mon Aug 01 00:00:14 2005 => File C:\Dokumente und Einstellungen\Davil\Lokale Einstellungen\Temporary Internet Files\Content.IE5\SPSXQZGT\bridge-c267[1].cab tagged as "not-a-virus:AdWare.WinAD.be". Action Taken: No Action Taken.
12: Mon Aug 01 00:00:14 2005 => File C:\Dokumente und Einstellungen\Davil\Lokale Einstellungen\Temporary Internet Files\Content.IE5\SPSXQZGT\bridge-c267[2].cab tagged as "not-a-virus:AdWare.WinAD.be". Action Taken: No Action Taken.
13: Mon Aug 01 00:00:15 2005 => File C:\Dokumente und Einstellungen\Davil\Lokale Einstellungen\Temporary Internet Files\Content.IE5\WDSGHFIN\bridge-c267[1].cab tagged as "not-a-virus:AdWare.WinAD.be". Action Taken: No Action Taken.
14: Mon Aug 01 00:00:16 2005 => File C:\Dokumente und Einstellungen\Davil\Lokale Einstellungen\Temporary Internet Files\Content.IE5\WP6V09QN\bridge-c267[1].cab tagged as "not-a-virus:AdWare.WinAD.be". Action Taken: No Action Taken.
15: Mon Aug 01 00:00:16 2005 => File C:\Dokumente und Einstellungen\Davil\Lokale Einstellungen\Temporary Internet Files\Content.IE5\WP6V09QN\bridge-c267[2].cab tagged as "not-a-virus:AdWare.WinAD.be". Action Taken: No Action Taken.
16: Mon Aug 01 00:00:26 2005 => File C:\Program Files\Altnet\Download Manager\adm25.dll tagged as "not-a-virus:AdWare.Altnet.a". Action Taken: No Action Taken.
17: Mon Aug 01 00:00:26 2005 => File C:\Program Files\Altnet\Download Manager\adm4.dll tagged as "not-a-virus:AdWare.Altnet.a". Action Taken: No Action Taken.
18: Mon Aug 01 00:00:26 2005 => File C:\Program Files\Altnet\Download Manager\adm4005.exe tagged as "not-a-virus:AdWare.Altnet.a". Action Taken: No Action Taken.
19: Mon Aug 01 00:00:26 2005 => File C:\Program Files\Altnet\Download Manager\admdloader.dll tagged as "not-a-virus:AdWare.BrilliantDigital.3039". Action Taken: No Action Taken.
20: Mon Aug 01 00:00:26 2005 => File C:\Program Files\Altnet\Download Manager\admfdi.dll tagged as "not-a-virus:AdWare.Altnet.j". Action Taken: No Action Taken.
21: Mon Aug 01 00:00:26 2005 => File C:\Program Files\Altnet\Download Manager\admprog.dll tagged as "not-a-virus:AdWare.Altnet.a". Action Taken: No Action Taken.
22: Mon Aug 01 00:01:36 2005 => File C:\Programme\INSTAFINK\instafink.dll tagged as "not-a-virus:AdWare.ToolBar.404Search.h". Action Taken: No Action Taken.
23: Mon Aug 01 00:01:43 2005 => File C:\Programme\Kazaa\TopSearch.dll tagged as "not-a-virus:AdWare.Altnet.d". Action Taken: No Action Taken.
24: Mon Aug 01 00:02:05 2005 => File C:\Programme\MyWay\myBar\1.bin\MY2NS.EXE tagged as "not-a-virus:AdWare.ToolBar.MyWay.b". Action Taken: No Action Taken.
25: Mon Aug 01 00:02:05 2005 => File C:\Programme\MyWay\myBar\1.bin\MYBAR.DLL tagged as "not-a-virus:AdWare.ToolBar.MyWay.g". Action Taken: No Action Taken.
26: Mon Aug 01 00:02:05 2005 => File C:\Programme\Need2Find\bar\1.bin\N2PLUGIN.DLL tagged as "not-a-virus:AdWare.ToolBar.MyWebSearch.l". Action Taken: No Action Taken.
27: Mon Aug 01 00:02:05 2005 => File C:\Programme\Need2Find\bar\1.bin\NPND2FN.DLL tagged as "not-a-virus:AdWare.ToolBar.MyWebSearch.o". Action Taken: No Action Taken.
28: Mon Aug 01 00:03:37 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP86\A0022797.dll tagged as "not-a-virus:AdWare.Altnet.b". Action Taken: No Action Taken.
29: Mon Aug 01 00:03:37 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP86\A0022798.exe tagged as "not-a-virus:AdWare.Altnet.g". Action Taken: No Action Taken.
30: Mon Aug 01 00:03:37 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP86\A0022799.exe tagged as "not-a-virus:AdWare.Altnet.l". Action Taken: No Action Taken.
31: Mon Aug 01 00:03:38 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP86\A0022801.exe tagged as "not-a-virus:AdWare.Altnet.h". Action Taken: No Action Taken.
32: Mon Aug 01 00:03:38 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP86\A0022802.dll tagged as "not-a-virus:AdWare.BrilliantDigital.1007". Action Taken: No Action Taken.
33: Mon Aug 01 00:03:40 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP87\A0022837.dll tagged as "not-a-virus:AdWare.ToolBar.RXBar.a". Action Taken: No Action Taken.
34: Mon Aug 01 00:03:50 2005 => File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP91\A0025626.exe tagged as "not-a-virus:AdWare.ToolBar.404Search.h". Action Taken: No Action Taken.
35: Mon Aug 01 00:07:10 2005 => File C:\WINDOWS\system32\config\systemprofile\Lokale Einstellungen\Temporary Internet Files\Content.IE5\LKBWGUZC\bridge-c18[1].cab tagged as "not-a-virus:AdWare.WinAD.be". Action Taken: No Action Taken.
36: Mon Aug 01 00:07:11 2005 => File C:\WINDOWS\system32\config\systemprofile\Lokale Einstellungen\Temporary Internet Files\Content.IE5\LKBWGUZC\bridge-c267[1].cab tagged as "not-a-virus:AdWare.WinAD.be". Action Taken: No Action Taken.
37: Mon Aug 01 00:08:42 2005 => File C:\WINDOWS\system32\drivers\svc\spoolsv.exe tagged as not-a-virus:Server-FTP.Win32.Serv-U.25.k. No Action Taken.
38: Mon Aug 01 00:09:55 2005 => File C:\WINDOWS\Temp\Adware\InstaFinderK_inst.exe tagged as "not-a-virus:AdWare.ToolBar.404Search.h". Action Taken: No Action Taken.
39: Mon Aug 01 00:09:55 2005 => File C:\WINDOWS\Temp\Adware\RXToolbar.exe tagged as "not-a-virus:AdWare.ToolBar.RXBar.a". Action Taken: No Action Taken.
40: Mon Aug 01 00:09:55 2005 => File C:\WINDOWS\Temp\Altnet\adm.exe tagged as "not-a-virus:AdWare.Altnet.a". Action Taken: No Action Taken.
41: Mon Aug 01 00:09:55 2005 => File C:\WINDOWS\Temp\Altnet\adm25.dll tagged as "not-a-virus:AdWare.Altnet.a". Action Taken: No Action Taken.
42: Mon Aug 01 00:09:55 2005 => File C:\WINDOWS\Temp\Altnet\adm4.dll tagged as "not-a-virus:AdWare.Altnet.a". Action Taken: No Action Taken.
43: Mon Aug 01 00:09:55 2005 => File C:\WINDOWS\Temp\Altnet\admdloader.dll tagged as "not-a-virus:AdWare.BrilliantDigital.3039". Action Taken: No Action Taken.
44: Mon Aug 01 00:09:55 2005 => File C:\WINDOWS\Temp\Altnet\admfdi.dll tagged as "not-a-virus:AdWare.Altnet.j". Action Taken: No Action Taken.
45: Mon Aug 01 00:09:56 2005 => File C:\WINDOWS\Temp\Altnet\admprog.dll tagged as "not-a-virus:AdWare.Altnet.a". Action Taken: No Action Taken.
46: Mon Aug 01 00:09:56 2005 => File C:\WINDOWS\Temp\Altnet\dmfiles.cab tagged as "not-a-virus:AdWare.Altnet.g". Action Taken: No Action Taken.
47: Mon Aug 01 00:09:56 2005 => File C:\WINDOWS\Temp\Altnet\mysearch.cab tagged as "not-a-virus:AdWare.ToolBar.MyWebSearch.o". Action Taken: No Action Taken.
48: Mon Aug 01 00:09:56 2005 => File C:\WINDOWS\Temp\Altnet\pmexe.cab tagged as "not-a-virus:AdWare.Altnet.h". Action Taken: No Action Taken.
49: Mon Aug 01 00:09:56 2005 => File C:\WINDOWS\Temp\Altnet\pmfiles.cab tagged as "not-a-virus:AdWare.BrilliantDigital.1007". Action Taken: No Action Taken.
50: Mon Aug 01 00:12:10 2005 => File G:\Programme\kazaa\TopSearch.dll tagged as "not-a-virus:AdWare.Altnet.d". Action Taken: No Action Taken.
51: Mon Aug 01 00:12:24 2005 => File G:\Programme\mIRC\mirc.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.616. No Action Taken.

--------------------------------------------------
--------------------- ERRORS ---------------------
--------------------------------------------------

1: Sun Jul 31 23:57:47 2005 => ERROR!!! Invalid Entry Services = C:\WINDOWS\system32\1.tmp (in key SOFTWARE\Microsoft\Windows\CurrentVersion\Run). No Action Taken.
2: Sun Jul 31 23:58:05 2005 => Entry "HKCR\CLSID\{99180163-DA16-101A-935C-444553540000}" refers to invalid object "recncl.dll". Action Taken: No Action Taken.
3: Sun Jul 31 23:59:55 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\Davil\Eigene Dateien\SA Downloads\Sa DL.rar\2876_newtatooshop.rar is Not Scanned
4: Mon Aug 01 00:03:39 2005 => Result: ERROR!!! File C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP87\A0022821.rbf is Not Scanned
5: Mon Aug 01 00:12:06 2005 => ERROR!!! FindFirstFile For G:\Programme\eDonkey2000\temp\ici film teens - photo jeune fille nu photo vole petite coquine d??voile son joli corps sexy - Teen young clip branle anal.wmv\*.* Failed!!! Reason is Die Syntax für den Dateinamen, Verzeichnisnamen oder die Datenträgerbezeichnung ist falsch. (0x7b)

--------------------------------------------------
-------- DATEIEN ZUM LÖSCHEN HINZUGEFÜGT ---------
--------------------------------------------------

1: C:\WINDOWS\System32\mousecm.exe => Backdoor.Win32.IRCBot.bv
2: C:\WINDOWS\System32\windowsp.exe => Backdoor.Win32.Rbot.gen
3: C:\WINDOWS\System32\microsoft.exe => Backdoor.Win32.Rbot.gen
4: C:\WINDOWS\system32\drivers\svc\spoolsv.exe => tagged:Server-FTP.Win32.Serv-U.25.k.
5: C:\WINDOWS\system32\scvhost.exe => Backdoor.Win32.Rbot.gen
6: C:\WINDOWS\system32\dos.exe => Backdoor.Win32.Rbot.gen
7: C:\WINDOWS\system32\hostserv.exe => Backdoor.Win32.Agobot.pac
8: C:\WINDOWS\system32\MSASP32.exe => Backdoor.Win32.Rbot.rv
9: C:\WINDOWS\system32\MSRPC32.exe => Backdoor.Win32.Rbot.gen
10: C:\WINDOWS\system32\windowsp.exe => Backdoor.Win32.Rbot.gen
11: C:\WINDOWS\system32\microsoft.exe => Backdoor.Win32.Rbot.gen
12: C:\WINDOWS\SYSTEM32\KBDRV64.SYS => Backdoor.Win32.SdBot.zo
13: C:\WINDOWS\system32\drivers\svc\FireDaemon.EXE => tagged:RemoteAdmin.Win32.RA.3826.
14: C:\WINDOWS\netddf.exe => Backdoor.Win32.SdBot.zo
15: C:\WINDOWS\System32\blank.html => Trojan-Clicker.JS.Linker.j
16: C:\WINDOWS\System32\re11.REG => Trojan.WinREG.LowZones.a
17: C:\DOKUME~1\Davil\LOKALE~1\TEMPOR~1\Content.IE5\EBFQN0AZ\ysb_regular[1].cab => Trojan-Downloader.Win32.IstBar.gen
18: C:\DOKUME~1\Davil\LOKALE~1\TEMPOR~1\Content.IE5\I3UVYP6Z\website[1].ocx => Trojan-Downloader.Win32.Agent.ex
19: C:\DOKUME~1\Davil\LOKALE~1\TEMPOR~1\Content.IE5\KA08TJBV\blank[2].html => Trojan-Clicker.JS.Linker.j
20: C:\DOKUME~1\Davil\LOKALE~1\TEMPOR~1\Content.IE5\LKBWGUZC\blank[1].html => Trojan-Clicker.JS.Linker.j
21: C:\DOKUME~1\Davil\LOKALE~1\TEMPOR~1\Content.IE5\LKBWGUZC\brot[1].p => Trojan-Downloader.Win32.Dyfuca.em
22: C:\DOKUME~1\Davil\LOKALE~1\TEMPOR~1\Content.IE5\LKBWGUZC\prompt[1].htm => Trojan-Downloader.JS.IstBar.f
23: C:\DOKUME~1\Davil\LOKALE~1\TEMPOR~1\Content.IE5\OD47WFGB\js[1].htm => Exploit.HTML.CodeBaseExec
24: C:\DOKUME~1\Davil\LOKALE~1\TEMPOR~1\Content.IE5\SPSXQZGT\blank[1].html => Trojan-Clicker.JS.Linker.j
25: C:\DOKUME~1\Davil\LOKALE~1\TEMPOR~1\Content.IE5\SPSXQZGT\tcv[1].p => Trojan-Downloader.Win32.WinAD.h
26: C:\DOKUME~1\Davil\LOKALE~1\TEMPOR~1\Content.IE5\SPSXQZGT\thisone[1].p => Trojan.Win32.Agent.gg
27: C:\DOKUME~1\Davil\LOKALE~1\TEMPOR~1\Content.IE5\WDSGHFIN\mtrslib2[1].js => Trojan-Downloader.JS.Small.ag
28: C:\DOKUME~1\Davil\LOKALE~1\TEMPOR~1\Content.IE5\WDSGHFIN\prompt[1].htm => Trojan-Downloader.JS.IstBar.f
29: C:\DOKUME~1\Davil\LOKALE~1\TEMPOR~1\Content.IE5\YDCNQHA5\protect[1].htm => Trojan-Downloader.JS.Codebase.c
30: C:\DOKUME~1\Davil\LOKALE~1\TEMPOR~1\Content.IE5\YDCNQHA5\ysb_regular[1].cab => Trojan-Downloader.Win32.IstBar.gen
31: C:\arg.exe => Backdoor.Win32.SdBot.gen
32: C:\asn.exe => Backdoor.Win32.Rbot.gen
33: C:\Dokumente und Einstellungen\Davil\Anwendungsdaten\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-3ea324cb-3a014ba0.zip => Trojan.Java.ClassLoader.Dummy.a
34: C:\Dokumente und Einstellungen\Davil\Anwendungsdaten\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-7462cf54-280b1a67.zip => Trojan.Java.ClassLoader.c
35: C:\Dokumente und Einstellungen\Davil\Anwendungsdaten\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-776b5799-75928315.zip => Trojan.Java.ClassLoader.c
36: C:\Dokumente und Einstellungen\Davil\Anwendungsdaten\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv429.jar-78d0a604-217fc805.zip => Trojan-Downloader.Java.OpenStream.c
37: C:\Dokumente und Einstellungen\Davil\blank.html => Trojan-Clicker.JS.Linker.j
38: C:\Dokumente und Einstellungen\Davil\Lokale Einstellungen\Temporary Internet Files\Content.IE5\EBFQN0AZ\ysb_regular[1].cab => Trojan-Downloader.Win32.IstBar.gen
39: C:\Dokumente und Einstellungen\Davil\Lokale Einstellungen\Temporary Internet Files\Content.IE5\I3UVYP6Z\website[1].ocx => Trojan-Downloader.Win32.Agent.ex
40: C:\Dokumente und Einstellungen\Davil\Lokale Einstellungen\Temporary Internet Files\Content.IE5\KA08TJBV\blank[2].html => Trojan-Clicker.JS.Linker.j
41: C:\Dokumente und Einstellungen\Davil\Lokale Einstellungen\Temporary Internet Files\Content.IE5\LKBWGUZC\blank[1].html => Trojan-Clicker.JS.Linker.j
42: C:\Dokumente und Einstellungen\Davil\Lokale Einstellungen\Temporary Internet Files\Content.IE5\LKBWGUZC\brot[1].p => Trojan-Downloader.Win32.Dyfuca.em
43: C:\Dokumente und Einstellungen\Davil\Lokale Einstellungen\Temporary Internet Files\Content.IE5\LKBWGUZC\prompt[1].htm => Trojan-Downloader.JS.IstBar.f
44: C:\Dokumente und Einstellungen\Davil\Lokale Einstellungen\Temporary Internet Files\Content.IE5\OD47WFGB\js[1].htm => Exploit.HTML.CodeBaseExec
45: C:\Dokumente und Einstellungen\Davil\Lokale Einstellungen\Temporary Internet Files\Content.IE5\SPSXQZGT\blank[1].html => Trojan-Clicker.JS.Linker.j
46: C:\Dokumente und Einstellungen\Davil\Lokale Einstellungen\Temporary Internet Files\Content.IE5\SPSXQZGT\tcv[1].p => Trojan-Downloader.Win32.WinAD.h
47: C:\Dokumente und Einstellungen\Davil\Lokale Einstellungen\Temporary Internet Files\Content.IE5\SPSXQZGT\thisone[1].p => Trojan.Win32.Agent.gg
48: C:\Dokumente und Einstellungen\Davil\Lokale Einstellungen\Temporary Internet Files\Content.IE5\WDSGHFIN\mtrslib2[1].js => Trojan-Downloader.JS.Small.ag
49: C:\Dokumente und Einstellungen\Davil\Lokale Einstellungen\Temporary Internet Files\Content.IE5\WDSGHFIN\prompt[1].htm => Trojan-Downloader.JS.IstBar.f
50: C:\Dokumente und Einstellungen\Davil\Lokale Einstellungen\Temporary Internet Files\Content.IE5\YDCNQHA5\protect[1].htm => Trojan-Downloader.JS.Codebase.c
51: C:\Dokumente und Einstellungen\Davil\Lokale Einstellungen\Temporary Internet Files\Content.IE5\YDCNQHA5\ysb_regular[1].cab => Trojan-Downloader.Win32.IstBar.gen
52: C:\Dokumente und Einstellungen\Davil\re11.REG => Trojan.WinREG.LowZones.a
53: C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Temporary Internet Files\Content.IE5\06OQQMJS\socks4[1].exe => Trojan-Proxy.Win32.Ranky.bu
54: C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Temporary Internet Files\Content.IE5\QRBTM990\socks3[1].exe => Trojan-Proxy.Win32.Agent.fy
55: C:\msap32.exe => Trojan-Downloader.Win32.WinAD.h
56: C:\msdll32.exe => Trojan-Downloader.Win32.Dyfuca.em
57: C:\msregset.exe => Trojan.Win32.Agent.gg
58: C:\msregset32.exe => Trojan.Win32.Agent.gg
59: C:\mssci32.exe => Trojan.Win32.Agent.gg
60: C:\msset32.exe => Trojan-Downloader.Win32.WinAD.h
61: C:\mssrv32.exe => Trojan-Downloader.Win32.WinAD.h
62: C:\mstcp32.exe => Trojan-Downloader.Win32.WinAD.h
63: C:\msw32b.exe => Trojan-Downloader.Win32.WinAD.h
64: C:\Programme\AVPersonal\INFECTED\scvhost.VIR => Backdoor.Win32.Rbot.gen
65: C:\Programme\AVPersonal\INFECTED\SE.DLL.VIR => Trojan.Win32.StartPage.gn
66: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP76\A0019985.exe => Backdoor.Win32.SdBot.gen
67: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP86\A0022768.exe => Trojan-Downloader.Win32.WinAD.h
68: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP86\A0022769.exe => Trojan.Win32.Agent.gg
69: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP88\A0023253.exe => Trojan.Win32.Agent.gg
70: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP88\A0023268.exe => Trojan.Win32.Agent.gg
71: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP88\A0023269.exe => Trojan-Downloader.Win32.WinAD.h
72: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP88\A0023304.exe => Trojan.Win32.Agent.gg
73: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP88\A0023305.exe => Trojan-Downloader.Win32.Dyfuca.em
74: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP89\A0024335.exe => Trojan.Win32.Agent.gg
75: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP89\A0024346.exe => Trojan.Win32.Agent.gg
76: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP89\A0024347.exe => Trojan-Downloader.Win32.WinAD.h
77: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP89\A0024363.exe => Trojan.WinREG.LowZones.a
78: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP89\A0024367.REG => Trojan.WinREG.LowZones.a
79: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP89\A0024401.exe => Trojan.Win32.Agent.gg
80: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP89\A0024403.exe => Trojan.WinREG.LowZones.a
81: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP89\A0024407.REG => Trojan.WinREG.LowZones.a
82: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP89\A0024428.exe => Trojan.Win32.Agent.gg
83: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP89\A0024429.exe => Trojan.WinREG.LowZones.a
84: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP89\A0024431.REG => Trojan.WinREG.LowZones.a
85: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP90\A0024453.exe => Trojan.Win32.Agent.gg
86: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP90\A0024454.exe => Trojan-Downloader.Win32.WinAD.h
87: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP90\A0024461.exe => Trojan-Downloader.Win32.Dyfuca.em
88: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP90\A0024471.exe => Trojan.Win32.Agent.gg
89: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP90\A0024472.exe => Trojan-Downloader.Win32.Dyfuca.em
90: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP90\A0024477.REG => Trojan.WinREG.LowZones.a
91: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP90\A0024497.exe => Trojan.Win32.Agent.gg
92: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP90\A0024498.exe => Trojan-Downloader.Win32.WinAD.h
93: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP90\A0024499.exe => Trojan.WinREG.LowZones.a
94: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP90\A0024502.REG => Trojan.WinREG.LowZones.a
95: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP90\A0024540.exe => Trojan.Win32.Agent.gg
96: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP90\A0024541.exe => Trojan-Downloader.Win32.Dyfuca.em
97: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP90\A0024543.exe => Trojan-Clicker.JS.Linker.j
98: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP90\A0024553.REG => Trojan.WinREG.LowZones.a
99: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP91\A0025566.exe => Trojan-Downloader.Win32.WinAD.h
100: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP91\A0025567.exe => Trojan.Win32.Agent.gg
101: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP91\A0025568.exe => Trojan-Clicker.JS.Linker.j
102: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP91\A0025571.REG => Trojan.WinREG.LowZones.a
103: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP91\A0025624.exe => Trojan-Downloader.Win32.Dyfuca.em
104: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP91\A0025625.exe => Trojan-Downloader.Win32.Dyfuca.em
105: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP91\A0025637.exe => Trojan-Downloader.Win32.WinAD.h
106: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP91\A0025638.exe => Trojan.Win32.Agent.gg
107: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP91\A0025639.exe => Trojan.WinREG.LowZones.a
108: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP91\A0025650.sys => Backdoor.Win32.SdBot.zo
109: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP91\A0025656.exe => Trojan-Downloader.Win32.WinAD.h
110: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP91\A0025657.exe => Trojan.Win32.Agent.gg
111: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP91\A0025670.sys => Backdoor.Win32.SdBot.zo
112: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP91\A0025673.exe => Trojan-Downloader.Win32.WinAD.h
113: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP91\A0025674.exe => Trojan.Win32.Agent.gg
114: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP91\A0025686.exe => Trojan.Win32.Agent.gg
115: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP91\A0025687.sys => Backdoor.Win32.SdBot.zo
116: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP91\A0025696.sys => Backdoor.Win32.SdBot.zo
117: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP91\A0025700.exe => Trojan-Clicker.JS.Linker.j
118: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP91\A0025703.REG => Trojan.WinREG.LowZones.a
119: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP91\A0025707.REG => Trojan.WinREG.LowZones.a
120: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP91\A0025720.sys => Backdoor.Win32.SdBot.zo
121: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP91\A0025726.sys => Backdoor.Win32.SdBot.zo
122: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP91\A0025732.sys => Backdoor.Win32.SdBot.zo
123: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP92\A0025736.exe => Trojan.Win32.Agent.gg
124: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP92\A0025737.exe => Trojan-Downloader.Win32.WinAD.h
125: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP92\A0025738.exe => Trojan-Clicker.JS.Linker.j
126: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP92\A0025741.REG => Trojan.WinREG.LowZones.a
127: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP92\A0025749.exe => Trojan-Downloader.Win32.Dyfuca.em
128: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP92\A0025755.exe => Backdoor.Win32.Rbot.gen
129: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP92\A0025756.exe => Backdoor.Win32.Rbot.gen
130: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP92\A0025759.REG => Trojan.WinREG.LowZones.a
131: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP92\A0025771.sys => Backdoor.Win32.SdBot.zo
132: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP92\A0025782.sys => Backdoor.Win32.SdBot.zo
133: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP93\A0025789.exe => Trojan-Downloader.Win32.WinAD.h
134: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP93\A0025790.exe => Trojan.Win32.Agent.gg
135: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP93\A0025791.exe => Trojan-Clicker.JS.Linker.j
136: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP93\A0025794.REG => Trojan.WinREG.LowZones.a
137: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP93\A0025822.sys => Backdoor.Win32.SdBot.zo
138: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP93\A0025838.exe => Trojan-Downloader.Win32.WinAD.h
139: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP93\A0025839.exe => Trojan.Win32.Agent.gg
140: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP93\A0025840.exe => Trojan-Clicker.JS.Linker.j
141: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP93\A0025841.exe => Trojan-Clicker.JS.Linker.j
142: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP93\A0025842.exe => Backdoor.Win32.Rbot.gen
143: C:\System Volume Information\_restore{326168D6-A67A-4D01-86F2-DE6B1B6D83B8}\RP93\A0025848.REG => Trojan.WinREG.LowZones.a
144: C:\w.exe => Trojan.WinREG.LowZones.a
145: C:\WINDOWS\system32\blank.html => Trojan-Clicker.JS.Linker.j
146: C:\WINDOWS\system32\config\systemprofile\Lokale Einstellungen\Temporary Internet Files\Content.IE5\EBFQN0AZ\ysb_regular[1].cab => Trojan-Downloader.Win32.IstBar.gen
147: C:\WINDOWS\system32\config\systemprofile\Lokale Einstellungen\Temporary Internet Files\Content.IE5\KA08TJBV\ysb_prompt[1].htm => Trojan-Downloader.JS.IstBar.j
148: C:\WINDOWS\system32\config\systemprofile\Lokale Einstellungen\Temporary Internet Files\Content.IE5\WDSGHFIN\brot[1].p => Trojan-Downloader.Win32.Dyfuca.em
149: C:\WINDOWS\system32\config\systemprofile\Lokale Einstellungen\Temporary Internet Files\Content.IE5\WDSGHFIN\thisone[1].p => Trojan.Win32.Agent.gg
150: C:\WINDOWS\system32\re11.REG => Trojan.WinREG.LowZones.a
151: C:\windows.exe => Trojan.WinREG.LowZones.a
152: C:\wy.exe => Trojan-Clicker.JS.Linker.j
153: C:\wyy.exe => Trojan-Clicker.JS.Linker.j
154: G:\Programme\mIRC\mirc.exe => tagged:Client-IRC.Win32.mIRC.616.

--------------------------------------------------
-------------------- Statistik -------------------
--------------------------------------------------

Mon Aug 01 00:15:35 2005 => Total Objects Scanned: 56695
Mon Aug 01 00:15:35 2005 => Total Virus(es) Found: 220
Mon Aug 01 00:15:35 2005 => Total Errors: 5
Mon Aug 01 00:15:35 2005 => Virus Database Date: 2005/07/29
Mon Aug 01 00:15:35 2005 => Virus Database Count: 140525
Mon Aug 01 00:16:17 2005 => Total Objects Scanned: 56695
Mon Aug 01 00:16:17 2005 => Total Virus(es) Found: 220
Mon Aug 01 00:16:17 2005 => Total Errors: 5
Zuletzt geändert von d4ve- am 01.08.2005, 00:29, insgesamt 1-mal geändert.
d4ve-
 
Beiträge: 7
Registriert: 30.07.2005, 10:01
Wohnort: CuxHaven
Nach oben

Beitragvon Yourhighness am 30.07.2005, 12:36

Hi!

Editiere bitte den Logbeitrag von Antivir und poste stattdessen einen Escanlog:
http://nikita.eddys-doomain.de/escan.html

Beispiel:

--------------------------------------------------
--------------------- TAGGED ---------------------
--------------------------------------------------

1: Wed Jun 08 10:46:48 2005 => File C:\Dokumente und Einstellungen\Sabine\Desktop\Nailfix.zip tagged as not-a-virus:Tool.Win32.Processor.20. No Action Taken.
2: Wed Jun 08 10:47:34 2005 => File C:\Dokumente und Einstellungen\Sabine\Desktop\Neuer Ordner\Installer\Neuer Ordner\Sicherheit\HSFix.zip tagged as not-a-virus:Tool.Win32.Processor.20. No Action Taken.
3: Wed Jun 08 10:48:12 2005 => File C:\Dokumente und Einstellungen\Sabine\Desktop\Neuer Ordner\Sicherheit\HSFix.zip tagged as not-a-virus:Tool.Win32.Processor.20. No Action Taken.

--------------------------------------------------
--------------------- ERRORS ---------------------
--------------------------------------------------

1: Wed Jun 08 10:48:48 2005 => Entry "HKCR\CLSID\{98F63271-6C09-48B3-A571-990155932D0B}" refers to invalid object "C:\WINDOWS\System32\Setup\fxsocm.dll". Action Taken: No Action Taken.
--------------------------------------------------
------------- FILES ADDED TO DELETE --------------
--------------------------------------------------

1: C:\Dokumente und Einstellungen\Sabine\Desktop\Nailfix.zip => tagged:Tool.Win32.Processor.20.
2: C:\Dokumente und Einstellungen\Sabine\Desktop\Neuer Ordner\Installer\Neuer Ordner\Sicherheit\HSFix.zip => tagged:Tool.Win32.Processor.20.
3: C:\Dokumente und Einstellungen\Sabine\Desktop\Neuer Ordner\Sicherheit\HSFix.zip => tagged:Tool.Win32.Processor.20.


Dann sehen wir weiter...

MfG,

PS: Wenn Du editiert hast, schreibe einen kurzen extra reply. Dann bekomme ich eine Nachricht...
Yourhighness
 
Nach oben

Beitragvon Holy Marcell am 30.07.2005, 13:28

Bevor es weg ist zu deinem antivirr-report:

Entweder liegt das an deiner einstellung oder dummheit:
Folgende meldung kam bei fast yedem fund:

Nach Rückfrage nicht gelöscht!


WENN DU VON "LUKE FILEWALKER" EINE MELDUNG BEKOMMST:

Code: Alles auswählen
Datei "xyz.jar" enthält eine signatur vom virus "xzy" mmöchtren sie diese Datei löschen (J/N)


Klickst du auf [YA] !

==========================================

Sollte es an deiner Falschen eistellung liegen: die sollte so aussehen:



Reaktion bei Fund:
[X] Reparieren mit Rückfrage
[ ] Reparieren ohne Rückfrage
[ ] Löschen mit Rückfrage
[ ] Löschen ohne Rückfrage
[ ] Nur in Logdatei aufzeichnen
[X] Akustische Warnung

Reaktion bei defekten Dateien:
[X] Löschen mit Rückfrage
[ ] Löschen ohne Rückfrage
[ ] Ignorieren

Reaktion bei defekten Dateien:
[X] Nicht verändern
[ ] Aktuelle Systemzeit
[ ] Datum korrigieren

Drag&Drop-Einstellungen:
[X] Unterverzeichnisse durchsuchen
Holy Marcell
 
Nach oben

Beitragvon d4ve- am 31.07.2005, 23:52

Ich hab antivir ja schon mal durchlaufen lassen und da hab ich immer auf ja geklickt und er hat die nicht gelöscht den bericht hab ich ja ebend so auf die schnelle gemacht
d4ve-
 
Beiträge: 7
Registriert: 30.07.2005, 10:01
Wohnort: CuxHaven
Nach oben

Beitragvon Holy Marcell am 01.08.2005, 11:27

...
Zuletzt geändert von Holy Marcell am 02.08.2005, 11:25, insgesamt 1-mal geändert.
Holy Marcell
 
Nach oben

Beitragvon Holy Marcell am 01.08.2005, 11:44

Ok, einen großen teil der shice kriegen wir so weg:
==============================
[windows-taste]+[Pause]

Bild

Häkchen rein ==> neustart ==> Wenn du komplett virenfrei bist wieder rein.

==============================
(Danke für das Bild Dirk)
==============================
eScan:

Lösche folgende Dateien/Ordner mit der Killbox und "Delte on Reboot":
http://nikita.eddys-domain.de/killbox.html

C:\WINDOWS\System32\mousecm.exe

C:\WINDOWS\System32\windowsp.exe

C:\WINDOWS\System32\microsoft.exe

C:\WINDOWS\system32\scvhost.exe (scvhost.exe nicht svchost)

C:\WINDOWS\system32\dos.exe

C:\WINDOWS\system32\hostserv.exe

C:\WINDOWS\system32\MSASP32.exe

C:\WINDOWS\system32\MSRPC32.exe

C:\WINDOWS\system32\windowsp.exe

C:\WINDOWS\system32\microsoft.exe

C:\WINDOWS\SYSTEM32\KBDRV64.SYS

C:\WINDOWS\System32\mousecm.exe

C:\WINDOWS\netddf.exe

C:\WINDOWS\System32\blank.html

C:\WINDOWS\System32\re11.REG

C:\arg.exe

C:\asn.exe

C:\Dokumente und Einstellungen\Davil\Anwendungsdaten\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-3ea324cb-3a014ba0.zip

C:\Dokumente und Einstellungen\Davil\Anwendungsdaten\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-7462cf54-280b1a67.zip

C:\Dokumente und Einstellungen\Davil\Anwendungsdaten\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-776b5799-75928315.zip

C:\Dokumente und Einstellungen\Davil\Anwendungsdaten\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv429.jar-78d0a604-217fc805.zip

C:\Dokumente und Einstellungen\Davil\blank.html

C:\msap32.exe

C:\msdll32.exe

C:\msregset.exe

C:\msregset32.exe

C:\mssci32.exe

C:\msset32.exe

C:\mssrv32.exe

C:\mstcp32.exe

C:\msw32b.exe

C:\WINDOWS\system32\blank.html

C:\WINDOWS\system32\re11.REG

C:\windows.exe

C:\wy.exe

C:\wyy.exe

C:\WINDOWS\system32\1.tmp

File C:\Dokumente und Einstellungen\Davil\Eigene Dateien\SA Downloads\Sa DL.rar\2876_newtatooshop.rar

===================================================00
Mach das erst mal ey ich habe für heut morgen kein bock mehr.
To be continued



==============================
Holy Marcell
 
Nach oben

Beitragvon d4ve- am 01.08.2005, 23:40

--------------------------------------------------
-------------------- INFECTED --------------------
--------------------------------------------------

1: Mon Aug 01 23:22:36 2005 => File C:\WINDOWS\System32\microsoft.exe infected by "Backdoor.Win32.Rbot.gen" Virus! Action Taken: No Action Taken.
2: Mon Aug 01 23:22:42 2005 => File C:\WINDOWS\system32\microsoft.exe infected by "Backdoor.Win32.Rbot.gen" Virus! Action Taken: No Action Taken.
3: Mon Aug 01 23:22:44 2005 => File C:\WINDOWS\SYSTEM32\KBDRV64.SYS infected by "Backdoor.Win32.SdBot.zo" Virus! Action Taken: No Action Taken.
4: Mon Aug 01 23:22:45 2005 => File C:\WINDOWS\netddf.exe infected by "Backdoor.Win32.SdBot.zo" Virus! Action Taken: No Action Taken.
5: Mon Aug 01 23:22:46 2005 => System found infected with Alexa Spyware/Adware ({c95fe080-8f5d-11d2-a20b-00aa003c157a})! Action taken: No Action Taken.
6: Mon Aug 01 23:22:46 2005 => System found infected with MyBar Spyware/Adware ({0494d0d9-f8e0-41ad-92a3-14154ece70ac})! Action taken: No Action Taken.
7: Mon Aug 01 23:22:52 2005 => System found infected with altnet Spyware/Adware (smdat32a.sys)! Action taken: No Action Taken.
8: Mon Aug 01 23:22:52 2005 => System found infected with AltnetBDE Spyware/Adware (adm.exe)! Action taken: No Action Taken.
9: Mon Aug 01 23:22:52 2005 => System found infected with AltnetBDE Spyware/Adware (adm25.dll)! Action taken: No Action Taken.
10: Mon Aug 01 23:24:07 2005 => File C:\DOKUME~1\Davil\LOKALE~1\TEMPOR~1\Content.IE5\EBFQN0AZ\ysb_regular[1].cab infected by "Trojan-Downloader.Win32.IstBar.gen" Virus! Action Taken: No Action Taken.
11: Mon Aug 01 23:24:20 2005 => File C:\DOKUME~1\Davil\LOKALE~1\TEMPOR~1\Content.IE5\YDCNQHA5\ysb_regular[1].cab infected by "Trojan-Downloader.Win32.IstBar.gen" Virus! Action Taken: No Action Taken.
12: Mon Aug 01 23:25:07 2005 => File C:\Dokumente und Einstellungen\Davil\Lokale Einstellungen\Temporary Internet Files\Content.IE5\EBFQN0AZ\ysb_regular[1].cab infected by "Trojan-Downloader.Win32.IstBar.gen" Virus! Action Taken: No Action Taken.
13: Mon Aug 01 23:25:12 2005 => File C:\Dokumente und Einstellungen\Davil\Lokale Einstellungen\Temporary Internet Files\Content.IE5\YDCNQHA5\ysb_regular[1].cab infected by "Trojan-Downloader.Win32.IstBar.gen" Virus! Action Taken: No Action Taken.
14: Mon Aug 01 23:25:16 2005 => File C:\MSNupdrate32.exe infected by "Trojan.Win32.Agent.gg" Virus! Action Taken: No Action Taken.
15: Mon Aug 01 23:25:16 2005 => File C:\mss32geti.exe infected by "Trojan-Downloader.Win32.WinAD.h " Virus! Action Taken: No Action Taken.
16: Mon Aug 01 23:26:03 2005 => Scanning Folder: C:\Programme\AVPersonal\INFECTED\*.*
17: Mon Aug 01 23:26:03 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\dos.VIR
18: Mon Aug 01 23:26:04 2005 => File C:\Programme\AVPersonal\INFECTED\dos.VIR infected by "Backdoor.Win32.Rbot.gen" Virus! Action Taken: No Action Taken.
19: Mon Aug 01 23:26:04 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\scvhost.VIR
20: Mon Aug 01 23:26:05 2005 => File C:\Programme\AVPersonal\INFECTED\scvhost.VIR infected by "Backdoor.Win32.Rbot.gen" Virus! Action Taken: No Action Taken.
21: Mon Aug 01 23:29:41 2005 => File C:\WINDOWS\system32\config\systemprofile\Lokale Einstellungen\Temporary Internet Files\Content.IE5\EBFQN0AZ\ysb_regular[1].cab infected by "Trojan-Downloader.Win32.IstBar.gen" Virus! Action Taken: No Action Taken.
22: Mon Aug 01 23:29:42 2005 => File C:\WINDOWS\system32\config\systemprofile\Lokale Einstellungen\Temporary Internet Files\Content.IE5\WDSGHFIN\brot[1].p infected by "Trojan-Downloader.Win32.Dyfuca.em" Virus! Action Taken: No Action Taken.
23: Mon Aug 01 23:29:44 2005 => File C:\WINDOWS\system32\config\systemprofile\Lokale Einstellungen\Temporary Internet Files\Content.IE5\WDSGHFIN\thisone[1].p infected by "Trojan.Win32.Agent.gg" Virus! Action Taken: No Action Taken.
24: Mon Aug 01 23:35:23 2005 => Scanning Folder: H:\Music\AbgeHN\Does This Look Infected\*.*
25: Mon Aug 01 23:35:23 2005 => Scanning File H:\Music\AbgeHN\Does This Look Infected\01 The Hell Song.wma [**]
26: Mon Aug 01 23:35:23 2005 => Scanning File H:\Music\AbgeHN\Does This Look Infected\01 The Hell Song._[1].wma [**]
27: Mon Aug 01 23:35:23 2005 => Scanning File H:\Music\AbgeHN\Does This Look Infected\02 Over My Head (Better off Dead).wma [**]
28: Mon Aug 01 23:35:23 2005 => Scanning File H:\Music\AbgeHN\Does This Look Infected\03 My Direction.wma [**]
29: Mon Aug 01 23:35:23 2005 => Scanning File H:\Music\AbgeHN\Does This Look Infected\04 Still Waiting.wma [**]
30: Mon Aug 01 23:35:23 2005 => Scanning File H:\Music\AbgeHN\Does This Look Infected\05 A.N.I.C.wma [**]
31: Mon Aug 01 23:35:23 2005 => Scanning File H:\Music\AbgeHN\Does This Look Infected\06 No Brains.wma [**]
32: Mon Aug 01 23:35:23 2005 => Scanning File H:\Music\AbgeHN\Does This Look Infected\07 All Messed Up.wma [**]
33: Mon Aug 01 23:35:23 2005 => Scanning File H:\Music\AbgeHN\Does This Look Infected\08 Mr. Amsterdam.wma [**]
34: Mon Aug 01 23:35:23 2005 => Scanning File H:\Music\AbgeHN\Does This Look Infected\09 Thanks for Nothing.wma [**]
35: Mon Aug 01 23:35:23 2005 => Scanning File H:\Music\AbgeHN\Does This Look Infected\10 Hyper-Insomnia-Para-Condroid.wma [**]
36: Mon Aug 01 23:35:23 2005 => Scanning File H:\Music\AbgeHN\Does This Look Infected\11 Billy Spleen.wma [**]
37: Mon Aug 01 23:35:23 2005 => Scanning File H:\Music\AbgeHN\Does This Look Infected\12 Hooch.wma [**]
38: Mon Aug 01 23:35:23 2005 => Scanning File H:\Music\AbgeHN\Does This Look Infected\AlbumArtSmall.jpg [**]
39: Mon Aug 01 23:35:23 2005 => Scanning File H:\Music\AbgeHN\Does This Look Infected\AlbumArt_{07D52A03-C13E-49C2-A0B2-E56FCF4AC012}_Large.jpg [**]
40: Mon Aug 01 23:35:23 2005 => Scanning File H:\Music\AbgeHN\Does This Look Infected\AlbumArt_{07D52A03-C13E-49C2-A0B2-E56FCF4AC012}_Small.jpg [**]
41: Mon Aug 01 23:35:23 2005 => Scanning File H:\Music\AbgeHN\Does This Look Infected\Desktop.ini [**]
42: Mon Aug 01 23:35:23 2005 => Scanning File H:\Music\AbgeHN\Does This Look Infected\Folder.jpg [**]

--------------------------------------------------
--------------------- TAGGED ---------------------
--------------------------------------------------

1: Mon Aug 01 23:22:36 2005 => File C:\WINDOWS\system32\drivers\svc\spoolsv.exe tagged as not-a-virus:Server-FTP.Win32.Serv-U.25.k. No Action Taken.
2: Mon Aug 01 23:22:39 2005 => File C:\Programme\Need2Find\bar\1.bin\ND2FNBAR.DLL tagged as "not-a-virus:AdWare.MySearch.e". Action Taken: No Action Taken.
3: Mon Aug 01 23:22:45 2005 => File C:\WINDOWS\system32\drivers\svc\FireDaemon.EXE tagged as not-a-virus:RemoteAdmin.Win32.RA.3826. No Action Taken.
4: Mon Aug 01 23:24:07 2005 => File C:\DOKUME~1\Davil\LOKALE~1\TEMPOR~1\Content.IE5\EBFQN0AZ\MediaTicketsInstaller[1].cab tagged as "not-a-virus:AdWare.MediaTickets.f". Action Taken: No Action Taken.
5: Mon Aug 01 23:24:15 2005 => File C:\DOKUME~1\Davil\LOKALE~1\TEMPOR~1\Content.IE5\SPSXQZGT\bridge-c267[1].cab tagged as "not-a-virus:AdWare.WinAD.be". Action Taken: No Action Taken.
6: Mon Aug 01 23:24:15 2005 => File C:\DOKUME~1\Davil\LOKALE~1\TEMPOR~1\Content.IE5\SPSXQZGT\bridge-c267[2].cab tagged as "not-a-virus:AdWare.WinAD.be". Action Taken: No Action Taken.
7: Mon Aug 01 23:24:17 2005 => File C:\DOKUME~1\Davil\LOKALE~1\TEMPOR~1\Content.IE5\WDSGHFIN\bridge-c267[1].cab tagged as "not-a-virus:AdWare.WinAD.be". Action Taken: No Action Taken.
8: Mon Aug 01 23:24:18 2005 => File C:\DOKUME~1\Davil\LOKALE~1\TEMPOR~1\Content.IE5\WP6V09QN\bridge-c267[1].cab tagged as "not-a-virus:AdWare.WinAD.be". Action Taken: No Action Taken.
9: Mon Aug 01 23:24:18 2005 => File C:\DOKUME~1\Davil\LOKALE~1\TEMPOR~1\Content.IE5\WP6V09QN\bridge-c267[2].cab tagged as "not-a-virus:AdWare.WinAD.be". Action Taken: No Action Taken.
10: Mon Aug 01 23:25:07 2005 => File C:\Dokumente und Einstellungen\Davil\Lokale Einstellungen\Temporary Internet Files\Content.IE5\EBFQN0AZ\MediaTicketsInstaller[1].cab tagged as "not-a-virus:AdWare.MediaTickets.f". Action Taken: No Action Taken.
11: Mon Aug 01 23:25:10 2005 => File C:\Dokumente und Einstellungen\Davil\Lokale Einstellungen\Temporary Internet Files\Content.IE5\SPSXQZGT\bridge-c267[1].cab tagged as "not-a-virus:AdWare.WinAD.be". Action Taken: No Action Taken.
12: Mon Aug 01 23:25:10 2005 => File C:\Dokumente und Einstellungen\Davil\Lokale Einstellungen\Temporary Internet Files\Content.IE5\SPSXQZGT\bridge-c267[2].cab tagged as "not-a-virus:AdWare.WinAD.be". Action Taken: No Action Taken.
13: Mon Aug 01 23:25:11 2005 => File C:\Dokumente und Einstellungen\Davil\Lokale Einstellungen\Temporary Internet Files\Content.IE5\WDSGHFIN\bridge-c267[1].cab tagged as "not-a-virus:AdWare.WinAD.be". Action Taken: No Action Taken.
14: Mon Aug 01 23:25:11 2005 => File C:\Dokumente und Einstellungen\Davil\Lokale Einstellungen\Temporary Internet Files\Content.IE5\WP6V09QN\bridge-c267[1].cab tagged as "not-a-virus:AdWare.WinAD.be". Action Taken: No Action Taken.
15: Mon Aug 01 23:25:11 2005 => File C:\Dokumente und Einstellungen\Davil\Lokale Einstellungen\Temporary Internet Files\Content.IE5\WP6V09QN\bridge-c267[2].cab tagged as "not-a-virus:AdWare.WinAD.be". Action Taken: No Action Taken.
16: Mon Aug 01 23:25:19 2005 => File C:\Program Files\Altnet\Download Manager\adm25.dll tagged as "not-a-virus:AdWare.Altnet.a". Action Taken: No Action Taken.
17: Mon Aug 01 23:25:19 2005 => File C:\Program Files\Altnet\Download Manager\adm4.dll tagged as "not-a-virus:AdWare.Altnet.a". Action Taken: No Action Taken.
18: Mon Aug 01 23:25:19 2005 => File C:\Program Files\Altnet\Download Manager\adm4005.exe tagged as "not-a-virus:AdWare.Altnet.a". Action Taken: No Action Taken.
19: Mon Aug 01 23:25:19 2005 => File C:\Program Files\Altnet\Download Manager\admdloader.dll tagged as "not-a-virus:AdWare.BrilliantDigital.3039". Action Taken: No Action Taken.
20: Mon Aug 01 23:25:19 2005 => File C:\Program Files\Altnet\Download Manager\admfdi.dll tagged as "not-a-virus:AdWare.Altnet.j". Action Taken: No Action Taken.
21: Mon Aug 01 23:25:19 2005 => File C:\Program Files\Altnet\Download Manager\admprog.dll tagged as "not-a-virus:AdWare.Altnet.a". Action Taken: No Action Taken.
22: Mon Aug 01 23:26:31 2005 => File C:\Programme\INSTAFINK\instafink.dll tagged as "not-a-virus:AdWare.ToolBar.404Search.h". Action Taken: No Action Taken.
23: Mon Aug 01 23:26:36 2005 => File C:\Programme\Kazaa\TopSearch.dll tagged as "not-a-virus:AdWare.Altnet.d". Action Taken: No Action Taken.
24: Mon Aug 01 23:26:53 2005 => File C:\Programme\MyWay\myBar\1.bin\MY2NS.EXE tagged as "not-a-virus:AdWare.ToolBar.MyWay.b". Action Taken: No Action Taken.
25: Mon Aug 01 23:26:53 2005 => File C:\Programme\MyWay\myBar\1.bin\MYBAR.DLL tagged as "not-a-virus:AdWare.ToolBar.MyWay.g". Action Taken: No Action Taken.
26: Mon Aug 01 23:26:53 2005 => File C:\Programme\Need2Find\bar\1.bin\N2PLUGIN.DLL tagged as "not-a-virus:AdWare.ToolBar.MyWebSearch.l". Action Taken: No Action Taken.
27: Mon Aug 01 23:26:53 2005 => File C:\Programme\Need2Find\bar\1.bin\NPND2FN.DLL tagged as "not-a-virus:AdWare.ToolBar.MyWebSearch.o". Action Taken: No Action Taken.
28: Mon Aug 01 23:29:42 2005 => File C:\WINDOWS\system32\config\systemprofile\Lokale Einstellungen\Temporary Internet Files\Content.IE5\LKBWGUZC\bridge-c18[1].cab tagged as "not-a-virus:AdWare.WinAD.be". Action Taken: No Action Taken.
29: Mon Aug 01 23:29:42 2005 => File C:\WINDOWS\system32\config\systemprofile\Lokale Einstellungen\Temporary Internet Files\Content.IE5\LKBWGUZC\bridge-c267[1].cab tagged as "not-a-virus:AdWare.WinAD.be". Action Taken: No Action Taken.
30: Mon Aug 01 23:30:44 2005 => File C:\WINDOWS\system32\drivers\svc\spoolsv.exe tagged as not-a-virus:Server-FTP.Win32.Serv-U.25.k. No Action Taken.
31: Mon Aug 01 23:31:40 2005 => File C:\WINDOWS\Temp\Adware\RXToolbar.exe tagged as "not-a-virus:AdWare.ToolBar.RXBar.a". Action Taken: No Action Taken.
32: Mon Aug 01 23:31:40 2005 => File C:\WINDOWS\Temp\Altnet\adm.exe tagged as "not-a-virus:AdWare.Altnet.a". Action Taken: No Action Taken.
33: Mon Aug 01 23:31:40 2005 => File C:\WINDOWS\Temp\Altnet\adm25.dll tagged as "not-a-virus:AdWare.Altnet.a". Action Taken: No Action Taken.
34: Mon Aug 01 23:31:40 2005 => File C:\WINDOWS\Temp\Altnet\adm4.dll tagged as "not-a-virus:AdWare.Altnet.a". Action Taken: No Action Taken.
35: Mon Aug 01 23:31:40 2005 => File C:\WINDOWS\Temp\Altnet\admdloader.dll tagged as "not-a-virus:AdWare.BrilliantDigital.3039". Action Taken: No Action Taken.
36: Mon Aug 01 23:31:40 2005 => File C:\WINDOWS\Temp\Altnet\admfdi.dll tagged as "not-a-virus:AdWare.Altnet.j". Action Taken: No Action Taken.
37: Mon Aug 01 23:31:40 2005 => File C:\WINDOWS\Temp\Altnet\admprog.dll tagged as "not-a-virus:AdWare.Altnet.a". Action Taken: No Action Taken.
38: Mon Aug 01 23:31:40 2005 => File C:\WINDOWS\Temp\Altnet\dmfiles.cab tagged as "not-a-virus:AdWare.Altnet.g". Action Taken: No Action Taken.
39: Mon Aug 01 23:31:40 2005 => File C:\WINDOWS\Temp\Altnet\mysearch.cab tagged as "not-a-virus:AdWare.ToolBar.MyWebSearch.o". Action Taken: No Action Taken.
40: Mon Aug 01 23:31:41 2005 => File C:\WINDOWS\Temp\Altnet\pmexe.cab tagged as "not-a-virus:AdWare.Altnet.h". Action Taken: No Action Taken.
41: Mon Aug 01 23:31:41 2005 => File C:\WINDOWS\Temp\Altnet\pmfiles.cab tagged as "not-a-virus:AdWare.BrilliantDigital.1007". Action Taken: No Action Taken.
42: Mon Aug 01 23:33:09 2005 => File G:\Programme\kazaa\TopSearch.dll tagged as "not-a-virus:AdWare.Altnet.d". Action Taken: No Action Taken.

--------------------------------------------------
--------------------- ERRORS ---------------------
--------------------------------------------------

1: Mon Aug 01 23:22:42 2005 => ERROR!!! Invalid Entry NTSF MICROSOFT SYSTEM = scvhost.exe (in key SOFTWARE\Microsoft\Windows\CurrentVersion\Run). No Action Taken.
2: Mon Aug 01 23:22:42 2005 => ERROR!!! Invalid Entry Windows Update = dos.exe (in key SOFTWARE\Microsoft\Windows\CurrentVersion\Run). No Action Taken.
3: Mon Aug 01 23:22:42 2005 => ERROR!!! Invalid Entry hostserv = hostserv.exe (in key SOFTWARE\Microsoft\Windows\CurrentVersion\Run). No Action Taken.
4: Mon Aug 01 23:22:42 2005 => ERROR!!! Invalid Entry MS Auto-IPSec Protection = MSASP32.exe (in key SOFTWARE\Microsoft\Windows\CurrentVersion\Run). No Action Taken.
5: Mon Aug 01 23:22:42 2005 => ERROR!!! Invalid Entry MS Remote Procedure Call Service = MSRPC32.exe (in key SOFTWARE\Microsoft\Windows\CurrentVersion\Run). No Action Taken.
6: Mon Aug 01 23:22:42 2005 => ERROR!!! Invalid Entry winnt DNS ident = windowsp.exe (in key SOFTWARE\Microsoft\Windows\CurrentVersion\Run). No Action Taken.
7: Mon Aug 01 23:22:42 2005 => ERROR!!! Invalid Entry NTSF MICROSOFT SYSTEM = scvhost.exe (in key SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices). No Action Taken.
8: Mon Aug 01 23:22:42 2005 => ERROR!!! Invalid Entry MS Auto-IPSec Protection = MSASP32.exe (in key SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices). No Action Taken.
9: Mon Aug 01 23:22:42 2005 => ERROR!!! Invalid Entry Windows Update = dos.exe (in key SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices). No Action Taken.
10: Mon Aug 01 23:22:42 2005 => ERROR!!! Invalid Entry hostserv = hostserv.exe (in key SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices). No Action Taken.
11: Mon Aug 01 23:22:42 2005 => ERROR!!! Invalid Entry MS Remote Procedure Call Service = MSRPC32.exe (in key SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices). No Action Taken.
12: Mon Aug 01 23:22:42 2005 => ERROR!!! Invalid Entry winnt DNS ident = windowsp.exe (in key SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices). No Action Taken.
13: Mon Aug 01 23:22:42 2005 => ERROR!!! Invalid Entry NTSF MICROSOFT SYSTEM = scvhost.exe (in key SOFTWARE\Microsoft\Windows\CurrentVersion\Run). No Action Taken.
14: Mon Aug 01 23:22:42 2005 => ERROR!!! Invalid Entry Windows Update = dos.exe (in key SOFTWARE\Microsoft\Windows\CurrentVersion\Run). No Action Taken.
15: Mon Aug 01 23:22:42 2005 => ERROR!!! Invalid Entry hostserv = hostserv.exe (in key SOFTWARE\Microsoft\Windows\CurrentVersion\Run). No Action Taken.
16: Mon Aug 01 23:22:42 2005 => ERROR!!! Invalid Entry MS Auto-IPSec Protection = MSASP32.exe (in key SOFTWARE\Microsoft\Windows\CurrentVersion\Run). No Action Taken.
17: Mon Aug 01 23:22:42 2005 => ERROR!!! Invalid Entry MS Remote Procedure Call Service = MSRPC32.exe (in key SOFTWARE\Microsoft\Windows\CurrentVersion\Run). No Action Taken.
18: Mon Aug 01 23:22:42 2005 => ERROR!!! Invalid Entry hostserv = hostserv.exe (in key .DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run). No Action Taken.
19: Mon Aug 01 23:22:42 2005 => ERROR!!! Invalid Entry NTSF MICROSOFT SYSTEM = scvhost.exe (in key .DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run). No Action Taken.
20: Mon Aug 01 23:22:42 2005 => ERROR!!! Invalid Entry Windows Update = dos.exe (in key .DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run). No Action Taken.
21: Mon Aug 01 23:22:42 2005 => ERROR!!! Invalid Entry MS Auto-IPSec Protection = MSASP32.exe (in key .DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run). No Action Taken.
22: Mon Aug 01 23:22:44 2005 => ERROR!!! Invalid Entry C:\WINDOWS\System32\mousecm.exe in SYSTEM\CurrentControlSet\Services\mousecm...
23: Mon Aug 01 23:22:45 2005 => ERROR!!! Invalid Entry MSRPC32.exe in SYSTEM\CurrentControlSet\Services\Remote Procedure Call (RPC) Helper...
24: Mon Aug 01 23:22:55 2005 => Entry "HKCR\CLSID\{99180163-DA16-101A-935C-444553540000}" refers to invalid object "recncl.dll". Action Taken: No Action Taken.
25: Mon Aug 01 23:24:50 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\Davil\Eigene Dateien\SA Downloads\Sa DL.rar\2876_newtatooshop.rar is Not Scanned
26: Mon Aug 01 23:33:07 2005 => ERROR!!! FindFirstFile For G:\Programme\eDonkey2000\temp\ici film teens - photo jeune fille nu photo vole petite coquine d??voile son joli corps sexy - Teen young clip branle anal.wmv\*.* Failed!!! Reason is Die Syntax für den Dateinamen, Verzeichnisnamen oder die Datenträgerbezeichnung ist falsch. (0x7b)

--------------------------------------------------
-------- DATEIEN ZUM LÖSCHEN HINZUGEFÜGT ---------
--------------------------------------------------

1: C:\WINDOWS\System32\microsoft.exe => Backdoor.Win32.Rbot.gen
2: C:\WINDOWS\system32\drivers\svc\spoolsv.exe => tagged:Server-FTP.Win32.Serv-U.25.k.
3: C:\WINDOWS\system32\microsoft.exe => Backdoor.Win32.Rbot.gen
4: C:\WINDOWS\SYSTEM32\KBDRV64.SYS => Backdoor.Win32.SdBot.zo
5: C:\WINDOWS\system32\drivers\svc\FireDaemon.EXE => tagged:RemoteAdmin.Win32.RA.3826.
6: C:\WINDOWS\netddf.exe => Backdoor.Win32.SdBot.zo
7: C:\DOKUME~1\Davil\LOKALE~1\TEMPOR~1\Content.IE5\EBFQN0AZ\ysb_regular[1].cab => Trojan-Downloader.Win32.IstBar.gen
8: C:\DOKUME~1\Davil\LOKALE~1\TEMPOR~1\Content.IE5\YDCNQHA5\ysb_regular[1].cab => Trojan-Downloader.Win32.IstBar.gen
9: C:\Dokumente und Einstellungen\Davil\Lokale Einstellungen\Temporary Internet Files\Content.IE5\EBFQN0AZ\ysb_regular[1].cab => Trojan-Downloader.Win32.IstBar.gen
10: C:\Dokumente und Einstellungen\Davil\Lokale Einstellungen\Temporary Internet Files\Content.IE5\YDCNQHA5\ysb_regular[1].cab => Trojan-Downloader.Win32.IstBar.gen
11: C:\MSNupdrate32.exe => Trojan.Win32.Agent.gg
12: C:\mss32geti.exe => Trojan-Downloader.Win32.WinAD.h
13: C:\Programme\AVPersonal\INFECTED\dos.VIR => Backdoor.Win32.Rbot.gen
14: C:\Programme\AVPersonal\INFECTED\scvhost.VIR => Backdoor.Win32.Rbot.gen
15: C:\WINDOWS\system32\config\systemprofile\Lokale Einstellungen\Temporary Internet Files\Content.IE5\EBFQN0AZ\ysb_regular[1].cab => Trojan-Downloader.Win32.IstBar.gen
16: C:\WINDOWS\system32\config\systemprofile\Lokale Einstellungen\Temporary Internet Files\Content.IE5\WDSGHFIN\brot[1].p => Trojan-Downloader.Win32.Dyfuca.em
17: C:\WINDOWS\system32\config\systemprofile\Lokale Einstellungen\Temporary Internet Files\Content.IE5\WDSGHFIN\thisone[1].p => Trojan.Win32.Agent.gg

--------------------------------------------------
-------------------- Statistik -------------------
--------------------------------------------------

Mon Aug 01 23:35:30 2005 => Total Objects Scanned: 50873
Mon Aug 01 23:35:30 2005 => Total Virus(es) Found: 64
Mon Aug 01 23:35:30 2005 => Total Errors: 26
Mon Aug 01 23:35:30 2005 => Virus Database Date: 2005/07/29
Mon Aug 01 23:35:30 2005 => Virus Database Count: 140525
Mon Aug 01 23:37:31 2005 => Total Objects Scanned: 50873
Mon Aug 01 23:37:31 2005 => Total Virus(es) Found: 64
Mon Aug 01 23:37:31 2005 => Total Errors: 26
d4ve-
 
Beiträge: 7
Registriert: 30.07.2005, 10:01
Wohnort: CuxHaven
Nach oben

Beitragvon d4ve- am 01.08.2005, 23:41

So hab so einige sachen gelöscht die du gesagt hast viele hab ich mit killbox nicht gefunden also hab ich die mit escan gelöscht und noch mal neu gescanned
--------------------------------------------------
-------------------- INFECTED --------------------
--------------------------------------------------

1: Mon Aug 01 23:22:36 2005 => File C:\WINDOWS\System32\microsoft.exe infected by "Backdoor.Win32.Rbot.gen" Virus! Action Taken: No Action Taken.
2: Mon Aug 01 23:22:42 2005 => File C:\WINDOWS\system32\microsoft.exe infected by "Backdoor.Win32.Rbot.gen" Virus! Action Taken: No Action Taken.
3: Mon Aug 01 23:22:44 2005 => File C:\WINDOWS\SYSTEM32\KBDRV64.SYS infected by "Backdoor.Win32.SdBot.zo" Virus! Action Taken: No Action Taken.
4: Mon Aug 01 23:22:45 2005 => File C:\WINDOWS\netddf.exe infected by "Backdoor.Win32.SdBot.zo" Virus! Action Taken: No Action Taken.
5: Mon Aug 01 23:22:46 2005 => System found infected with Alexa Spyware/Adware ({c95fe080-8f5d-11d2-a20b-00aa003c157a})! Action taken: No Action Taken.
6: Mon Aug 01 23:22:46 2005 => System found infected with MyBar Spyware/Adware ({0494d0d9-f8e0-41ad-92a3-14154ece70ac})! Action taken: No Action Taken.
7: Mon Aug 01 23:22:52 2005 => System found infected with altnet Spyware/Adware (smdat32a.sys)! Action taken: No Action Taken.
8: Mon Aug 01 23:22:52 2005 => System found infected with AltnetBDE Spyware/Adware (adm.exe)! Action taken: No Action Taken.
9: Mon Aug 01 23:22:52 2005 => System found infected with AltnetBDE Spyware/Adware (adm25.dll)! Action taken: No Action Taken.
10: Mon Aug 01 23:24:07 2005 => File C:\DOKUME~1\Davil\LOKALE~1\TEMPOR~1\Content.IE5\EBFQN0AZ\ysb_regular[1].cab infected by "Trojan-Downloader.Win32.IstBar.gen" Virus! Action Taken: No Action Taken.
11: Mon Aug 01 23:24:20 2005 => File C:\DOKUME~1\Davil\LOKALE~1\TEMPOR~1\Content.IE5\YDCNQHA5\ysb_regular[1].cab infected by "Trojan-Downloader.Win32.IstBar.gen" Virus! Action Taken: No Action Taken.
12: Mon Aug 01 23:25:07 2005 => File C:\Dokumente und Einstellungen\Davil\Lokale Einstellungen\Temporary Internet Files\Content.IE5\EBFQN0AZ\ysb_regular[1].cab infected by "Trojan-Downloader.Win32.IstBar.gen" Virus! Action Taken: No Action Taken.
13: Mon Aug 01 23:25:12 2005 => File C:\Dokumente und Einstellungen\Davil\Lokale Einstellungen\Temporary Internet Files\Content.IE5\YDCNQHA5\ysb_regular[1].cab infected by "Trojan-Downloader.Win32.IstBar.gen" Virus! Action Taken: No Action Taken.
14: Mon Aug 01 23:25:16 2005 => File C:\MSNupdrate32.exe infected by "Trojan.Win32.Agent.gg" Virus! Action Taken: No Action Taken.
15: Mon Aug 01 23:25:16 2005 => File C:\mss32geti.exe infected by "Trojan-Downloader.Win32.WinAD.h " Virus! Action Taken: No Action Taken.
16: Mon Aug 01 23:26:03 2005 => Scanning Folder: C:\Programme\AVPersonal\INFECTED\*.*
17: Mon Aug 01 23:26:03 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\dos.VIR
18: Mon Aug 01 23:26:04 2005 => File C:\Programme\AVPersonal\INFECTED\dos.VIR infected by "Backdoor.Win32.Rbot.gen" Virus! Action Taken: No Action Taken.
19: Mon Aug 01 23:26:04 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\scvhost.VIR
20: Mon Aug 01 23:26:05 2005 => File C:\Programme\AVPersonal\INFECTED\scvhost.VIR infected by "Backdoor.Win32.Rbot.gen" Virus! Action Taken: No Action Taken.
21: Mon Aug 01 23:29:41 2005 => File C:\WINDOWS\system32\config\systemprofile\Lokale Einstellungen\Temporary Internet Files\Content.IE5\EBFQN0AZ\ysb_regular[1].cab infected by "Trojan-Downloader.Win32.IstBar.gen" Virus! Action Taken: No Action Taken.
22: Mon Aug 01 23:29:42 2005 => File C:\WINDOWS\system32\config\systemprofile\Lokale Einstellungen\Temporary Internet Files\Content.IE5\WDSGHFIN\brot[1].p infected by "Trojan-Downloader.Win32.Dyfuca.em" Virus! Action Taken: No Action Taken.
23: Mon Aug 01 23:29:44 2005 => File C:\WINDOWS\system32\config\systemprofile\Lokale Einstellungen\Temporary Internet Files\Content.IE5\WDSGHFIN\thisone[1].p infected by "Trojan.Win32.Agent.gg" Virus! Action Taken: No Action Taken.
24: Mon Aug 01 23:35:23 2005 => Scanning Folder: H:\Music\AbgeHN\Does This Look Infected\*.*
25: Mon Aug 01 23:35:23 2005 => Scanning File H:\Music\AbgeHN\Does This Look Infected\01 The Hell Song.wma [**]
26: Mon Aug 01 23:35:23 2005 => Scanning File H:\Music\AbgeHN\Does This Look Infected\01 The Hell Song._[1].wma [**]
27: Mon Aug 01 23:35:23 2005 => Scanning File H:\Music\AbgeHN\Does This Look Infected\02 Over My Head (Better off Dead).wma [**]
28: Mon Aug 01 23:35:23 2005 => Scanning File H:\Music\AbgeHN\Does This Look Infected\03 My Direction.wma [**]
29: Mon Aug 01 23:35:23 2005 => Scanning File H:\Music\AbgeHN\Does This Look Infected\04 Still Waiting.wma [**]
30: Mon Aug 01 23:35:23 2005 => Scanning File H:\Music\AbgeHN\Does This Look Infected\05 A.N.I.C.wma [**]
31: Mon Aug 01 23:35:23 2005 => Scanning File H:\Music\AbgeHN\Does This Look Infected\06 No Brains.wma [**]
32: Mon Aug 01 23:35:23 2005 => Scanning File H:\Music\AbgeHN\Does This Look Infected\07 All Messed Up.wma [**]
33: Mon Aug 01 23:35:23 2005 => Scanning File H:\Music\AbgeHN\Does This Look Infected\08 Mr. Amsterdam.wma [**]
34: Mon Aug 01 23:35:23 2005 => Scanning File H:\Music\AbgeHN\Does This Look Infected\09 Thanks for Nothing.wma [**]
35: Mon Aug 01 23:35:23 2005 => Scanning File H:\Music\AbgeHN\Does This Look Infected\10 Hyper-Insomnia-Para-Condroid.wma [**]
36: Mon Aug 01 23:35:23 2005 => Scanning File H:\Music\AbgeHN\Does This Look Infected\11 Billy Spleen.wma [**]
37: Mon Aug 01 23:35:23 2005 => Scanning File H:\Music\AbgeHN\Does This Look Infected\12 Hooch.wma [**]
38: Mon Aug 01 23:35:23 2005 => Scanning File H:\Music\AbgeHN\Does This Look Infected\AlbumArtSmall.jpg [**]
39: Mon Aug 01 23:35:23 2005 => Scanning File H:\Music\AbgeHN\Does This Look Infected\AlbumArt_{07D52A03-C13E-49C2-A0B2-E56FCF4AC012}_Large.jpg [**]
40: Mon Aug 01 23:35:23 2005 => Scanning File H:\Music\AbgeHN\Does This Look Infected\AlbumArt_{07D52A03-C13E-49C2-A0B2-E56FCF4AC012}_Small.jpg [**]
41: Mon Aug 01 23:35:23 2005 => Scanning File H:\Music\AbgeHN\Does This Look Infected\Desktop.ini [**]
42: Mon Aug 01 23:35:23 2005 => Scanning File H:\Music\AbgeHN\Does This Look Infected\Folder.jpg [**]

--------------------------------------------------
--------------------- TAGGED ---------------------
--------------------------------------------------

1: Mon Aug 01 23:22:36 2005 => File C:\WINDOWS\system32\drivers\svc\spoolsv.exe tagged as not-a-virus:Server-FTP.Win32.Serv-U.25.k. No Action Taken.
2: Mon Aug 01 23:22:39 2005 => File C:\Programme\Need2Find\bar\1.bin\ND2FNBAR.DLL tagged as "not-a-virus:AdWare.MySearch.e". Action Taken: No Action Taken.
3: Mon Aug 01 23:22:45 2005 => File C:\WINDOWS\system32\drivers\svc\FireDaemon.EXE tagged as not-a-virus:RemoteAdmin.Win32.RA.3826. No Action Taken.
4: Mon Aug 01 23:24:07 2005 => File C:\DOKUME~1\Davil\LOKALE~1\TEMPOR~1\Content.IE5\EBFQN0AZ\MediaTicketsInstaller[1].cab tagged as "not-a-virus:AdWare.MediaTickets.f". Action Taken: No Action Taken.
5: Mon Aug 01 23:24:15 2005 => File C:\DOKUME~1\Davil\LOKALE~1\TEMPOR~1\Content.IE5\SPSXQZGT\bridge-c267[1].cab tagged as "not-a-virus:AdWare.WinAD.be". Action Taken: No Action Taken.
6: Mon Aug 01 23:24:15 2005 => File C:\DOKUME~1\Davil\LOKALE~1\TEMPOR~1\Content.IE5\SPSXQZGT\bridge-c267[2].cab tagged as "not-a-virus:AdWare.WinAD.be". Action Taken: No Action Taken.
7: Mon Aug 01 23:24:17 2005 => File C:\DOKUME~1\Davil\LOKALE~1\TEMPOR~1\Content.IE5\WDSGHFIN\bridge-c267[1].cab tagged as "not-a-virus:AdWare.WinAD.be". Action Taken: No Action Taken.
8: Mon Aug 01 23:24:18 2005 => File C:\DOKUME~1\Davil\LOKALE~1\TEMPOR~1\Content.IE5\WP6V09QN\bridge-c267[1].cab tagged as "not-a-virus:AdWare.WinAD.be". Action Taken: No Action Taken.
9: Mon Aug 01 23:24:18 2005 => File C:\DOKUME~1\Davil\LOKALE~1\TEMPOR~1\Content.IE5\WP6V09QN\bridge-c267[2].cab tagged as "not-a-virus:AdWare.WinAD.be". Action Taken: No Action Taken.
10: Mon Aug 01 23:25:07 2005 => File C:\Dokumente und Einstellungen\Da