------------------------------------------------------------------------------- KASPERSKY ON-LINE SCANNER REPORT Tuesday, January 24, 2006 18:55:57 Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600) Kaspersky On-line Scanner version: 5.0.67.0 Kaspersky Anti-Virus database last update: 24/01/2006 Kaspersky Anti-Virus database records: 162337 ------------------------------------------------------------------------------- Scan Settings: Scan using the following antivirus database: standard Scan Archives: true Scan Mail Bases: true Scan Target - My Computer: C:\ D:\ E:\ G:\ Scan Statistics: Total number of scanned objects: 123004 Number of viruses found: 3 Number of infected objects: 10 Number of suspicious objects: 23 Duration of the scan process: 7596 sec Infected Object Name - Virus Name C:\Dokumente und Einstellungen\Christian Schäfer\Lokale Einstellungen\Temp\colrtosa.exe Infected: Trojan.Win32.Crypt.t C:\Dokumente und Einstellungen\Christian Schäfer\Lokale Einstellungen\Temp\fil3d2ag.exe Infected: Trojan.Win32.Crypt.t C:\Dokumente und Einstellungen\Christian Schäfer\Lokale Einstellungen\Temp\typerver.exe Infected: Trojan.Win32.Crypt.t C:\System Volume Information\_restore{901BD9EC-42C6-4307-B24E-97B7AB4A7E38}\RP573\A0076208.dll Infected: Trojan.Win32.Crypt.t C:\System Volume Information\_restore{901BD9EC-42C6-4307-B24E-97B7AB4A7E38}\RP573\A0076209.exe Infected: Trojan.Win32.Crypt.t C:\System Volume Information\_restore{901BD9EC-42C6-4307-B24E-97B7AB4A7E38}\RP573\A0076210.exe Infected: Trojan.Win32.Crypt.t C:\System Volume Information\_restore{901BD9EC-42C6-4307-B24E-97B7AB4A7E38}\RP573\A0076211.dll Infected: Trojan.Win32.Crypt.t C:\System Volume Information\_restore{901BD9EC-42C6-4307-B24E-97B7AB4A7E38}\RP573\A0076212.exe Infected: Trojan.Win32.Crypt.t C:\System Volume Information\_restore{901BD9EC-42C6-4307-B24E-97B7AB4A7E38}\RP573\A0076213.sys Suspicious: Rootkit.Win32.Agent.ao C:\System Volume Information\_restore{901BD9EC-42C6-4307-B24E-97B7AB4A7E38}\RP573\A0076214.exe Infected: Trojan.Win32.Crypt.t C:\WINDOWS\system32\cappd_ci.dll Infected: Trojan.Win32.Crypt.t G:\Secure & Compress\Appz, Patches und Treiber\Burning (multiple)\Nero (multiple)\nero 5.5.9.14\tsrh-nero55914_kg.exe.PMS/tsrh-nero55914_kg.exe Suspicious: Password-protected-EXE G:\Secure & Compress\Appz, Patches und Treiber\Burning (multiple)\Nero (multiple)\nero 5.5.9.14\tsrh-nero55914_kg.exe.PMS Suspicious: Password-protected-EXE G:\Secure & Compress\Appz, Patches und Treiber\DVD (multiple)\windvd 4.0 plus\Win DVD v4.0 Plus\Intervideo.WinDVD.4.x.keygen.exe.PMS/Intervideo.WinDVD.4.x.keygen.exe Suspicious: Password-protected-EXE G:\Secure & Compress\Appz, Patches und Treiber\DVD (multiple)\windvd 4.0 plus\Win DVD v4.0 Plus\Intervideo.WinDVD.4.x.keygen.exe.PMS Suspicious: Password-protected-EXE G:\Secure & Compress\Appz, Patches und Treiber\Vector Nti 9 Advanced & Patch\Vector Nti Advanced v9.0 Patch.exe.PMS/Vector Nti Advanced v9.0 Patch.exe Suspicious: Password-protected-EXE G:\Secure & Compress\Appz, Patches und Treiber\Vector Nti 9 Advanced & Patch\Vector Nti Advanced v9.0 Patch.exe.PMS Suspicious: Password-protected-EXE G:\Secure & Compress\Appz, Patches und Treiber\winvnc\_ISDel.exe.PMS/_ISDel.exe Suspicious: Password-protected-EXE G:\Secure & Compress\Appz, Patches und Treiber\winvnc\_ISDel.exe.PMS Suspicious: Password-protected-EXE G:\Secure & Compress\Appz, Patches und Treiber\winvnc\Setup.exe.PMS/Setup.exe Suspicious: Password-protected-EXE G:\Secure & Compress\Appz, Patches und Treiber\winvnc\Setup.exe.PMS Suspicious: Password-protected-EXE G:\Secure & Compress\Appz, Patches und Treiber\Partition Manager\Setup.exe.PMS/Setup.exe Suspicious: Password-protected-EXE G:\Secure & Compress\Appz, Patches und Treiber\Partition Manager\Setup.exe.PMS Suspicious: Password-protected-EXE G:\Secure & Compress\Appz, Patches und Treiber\DRTCP021.exe.PMS/DRTCP021.exe Suspicious: Password-protected-EXE G:\Secure & Compress\Appz, Patches und Treiber\DRTCP021.exe.PMS Suspicious: Password-protected-EXE G:\Secure & Compress\Appz, Patches und Treiber\msnaddin.exe.PMS/msnaddin.exe Suspicious: Password-protected-EXE G:\Secure & Compress\Appz, Patches und Treiber\msnaddin.exe.PMS Suspicious: Password-protected-EXE G:\Secure & Compress\Appz, Patches und Treiber\SETUP.EXE.PMS/SETUP.EXE Suspicious: Password-protected-EXE G:\Secure & Compress\Appz, Patches und Treiber\SETUP.EXE.PMS Suspicious: Password-protected-EXE G:\Secure & Compress\Appz, Patches und Treiber\Canvas.X-ZWT\keygen.exe.PMS/keygen.exe Suspicious: Password-protected-EXE G:\Secure & Compress\Appz, Patches und Treiber\Canvas.X-ZWT\keygen.exe.PMS Suspicious: Password-protected-EXE G:\Secure & Compress\Appz, Patches und Treiber\Viren-Defence\VundoFix.exe.PMS/VundoFix.exe Suspicious: Password-protected-EXE G:\Secure & Compress\Appz, Patches und Treiber\Viren-Defence\VundoFix.exe.PMS Suspicious: Password-protected-EXE Scan process completed.