Home » Viren, Trojaner & Malware Forum » Pop Up + Infiziert? » Themenansicht

Firefox Tipp: Instantfox - Quick Search Add-On!

Seite(n): 1

Antworten

Pop Up + Infiziert?

20.08.2005, 14:10

Sinja

...neu hier

Beiträge: 7

#1 Hallo zusammen,
ich habe seit kurzem mehrere POP-Up Fenster die sich einfach so öffnen, wenn ich ins Internet gehe. Vielleicht kann mir jemand helfen - wenn ich das File (Log) reinkopiere - und es analysieren. Desweiteren weiß ich auch nicht, ob mein Computer sauber ist. Es wäre schön, wenn auch das überprüft werden könnte. Bitte bedenkt, dass sich mein Fachwissen hinsichtlich meines Computers in Grenzen hält.

Logfile of HijackThis v1.99.0
Scan saved at 13:13:22, on 20.08.2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Belkin\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\SYSTEM32\GEARSEC.EXE
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\TOBITC~1\Server\ClipInc-Server.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\CTHELPER.EXE
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\ctfmon.exe
c:\progra~1\intern~1\iexplore.exe
C:\WINDOWS\system32\ntvdm.exe
C:\T-ONLINE\BSW4\ToDuCAlC.EXE
C:\WINDOWS\System32\taskmgr.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\PROGRA~1\INTERN~1\IEXPLORE.EXE
J:\Programme für Viren\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.de/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R3 - URLSearchHook: GlobalsearchHook - {1217CC80-9AC7-48E2-A7D9-596CCF8E077E} - J:\PROGRA~1\XXXPVO~1\XXXTOO~1\GLOBAL~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {67463973-8957-1854-229D-1BEAE9BFFBEE} - C:\DOKUME~1\ANDREA~1\ANWEND~1\ModeLog\extrableh.exe
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: XXX.O2.CZ toolbar - {3A522579-39C4-42EE-A155-84E90B1070D0} - J:\PROGRA~1\XXXPVO~1\XXXTOO~1\GLOBAL~1.DLL
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [BYTE HOLD MODE DRIVE] C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MfcdRegsByteHold\MoreLess.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Cake Heck] C:\DOKUME~1\ANDREA~1\ANWEND~1\ABOUTB~1\PLUS SOAP.exe
O8 - Extra context menu item: Senden an &Bluetooth - C:\Programme\Belkin\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Mobilen Favoriten erstellen - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - k:\pocket pc actice sync\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - k:\pocket pc actice sync\INetRepl.dll
O9 - Extra 'Tools' menuitem: Mobilen Favoriten erstellen... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - k:\pocket pc actice sync\INetRepl.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Belkin\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Belkin\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O12 - Plugin for .mov: C:\Programme\Internet Explorer\PLUGINS\npqtplugin.dll
O12 - Plugin for .mp3: C:\Programme\Internet Explorer\PLUGINS\npqtplugin3.dll
O12 - Plugin for .mpeg: C:\Programme\Internet Explorer\PLUGINS\npqtplugin3.dll
O12 - Plugin for ¸æW: C:\Programme\Internet Explorer\PLUGINS\npqtplugin4.dll
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-24.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1096106473625
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall-Kontrolle) - http://housecall.trendmicro-europe.com/housecall/Xscan53.cab
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697519} (NsvPlayX Control) - http://www.nullsoft.com/nsv/embed/nsvplayx_vp6_aac.cab
O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl Class) - http://tools.ebayimg.com/eps/activex/EPSControl_v1-32.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{14731275-2708-4EC3-9899-FEDB7646D1E7}: NameServer = 217.237.149.161 217.237.151.225
O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\System32\btxppanel.dll
O23 - Service: AntiVir Service - Unknown - D:\Downloads\XP Anti Spy 3.61\AntiVir\AVGUARD.EXE (file missing)
O23 - Service: Ati HotKey Poller - Unknown - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: AntiVir Update - Unknown - D:\Downloads\XP Anti Spy 3.61\AntiVir\AVWUPSRV.EXE (file missing)
O23 - Service: Bluetooth Service - Broadcom Corporation - C:\Programme\Belkin\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe
O23 - Service: ClipInc 001 - Unknown - C:\PROGRA~1\TOBITC~1\Server\ClipInc-Server.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\SYSTEM32\GEARSEC.EXE
O23 - Service: kavsvc - Kaspersky Lab - J:\Programme für Viren\Kaspersky Anti Virus 5.0\Kaspersky Anti-Virus Personal\kavsvc.exe
O23 - Service: Symantec Network Drivers Service - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe
O23 - Service: TuneUp WinStyler Theme Service - TuneUp Software GmbH - J:\Programme für XP\Tune up 2004\WinStylerThemeSvc.exe

Für Eure Mühe bedanke ich mich schon mal im voraus.

Ciao
Sinja

20.08.2005, 17:44

Gool

Member

Beiträge: 4730

#2 HijackThis starten, Häkchen vor folgende Einträge machen und auf "fix checked" klicken:

O3 - Toolbar: XXX.O2.CZ toolbar - {3A522579-39C4-42EE-A155-84E90B1070D0} - J:\PROGRA~1\XXXPVO~1\XXXTOO~1\GLOBAL~1.DLL
O4 - HKCU\..\Run: [Cake Heck] C:\DOKUME~1\ANDREA~1\ANWEND~1\ABOUTB~1\PLUS SOAP.exe

Überprüfe bei http://www.virustotal.com folgende Datei und teile uns das Ergebnis mit:
C:\DOKUME~1\ANDREA~1\ANWEND~1\ABOUTB~1\PLUS SOAP.exe

Starte im abgesicherten Modus neu (während des Boot-Vorgangs F8 drücken), und lösche folgende Verzeichnisse:
J:\PROGRA~1\XXXPVO~1\XXXTOO~1\
C:\DOKUME~1\ANDREA~1\ANWEND~1\ABOUTB~1\

Lade Dir Spybot S&D, führe nach dem Programmstart ein Update durch und überprüfe Dein System. Alle gefundenen Einträge damit reparieren!

Lade Dir eScanCheck und führe damit einen Systemscan durch. Berichte davon (wie auf der Seite beschrieben).

Update Dein System auf ServicePack 2 und alle weiteren Updates.
__________
Dies ist eine Signatur! Persönlicher Service: Du kommst aus Berlin? Dann melde Dich per PN bei mir, evtl. können wir einen Termin vereinbaren.
Der Grabsteinschubser

20.08.2005, 20:13

Sinja

...neu hier

Themenstarter

Beiträge: 7

#3 Herzlichen Dank für die schnelle Hilfe @ Managor.

Bin beim Überprüfen Punkt 2 angelangt. Bei Virostotal.com kann ich leider
das Ergebnis nicht posten. Mit Kopieren funktioniert net...., deshalb habe Jottis Malware genommen. Ist denke das Progr. ist genau so gut.
Hier das Ergebnis:
Der Ordner ....AboutB.. besteht aus 4 weiteren Unterordnern. Ich dachte, wenn ich schon mal dabei bin, lasse ich die gleich mit überprüfen.
Service load: 0% 100%

File: PLUS_SOAP.exe
Status: INFECTED/MALWARE
MD5 06f037d37fd9fa12f674ef183d776ecb
Packers detected: PE_PATCH.UPC, UPC
Scanner results
AntiVir Found TR/Dldr.Swizzor.CO
ArcaVir Found nothing
Avast Found nothing
AVG Antivirus Found nothing
BitDefender Found nothing
ClamAV Found nothing
Dr.Web Found nothing
F-Prot Antivirus Found nothing
Fortinet Found nothing
Kaspersky Anti-Virus Found Trojan-Downloader.Win32.Swizzor.co
NOD32 Found probably a variant of Win32/TrojanDownloader.Swizzor (probable variant)
Norman Virus Control Found Lop.E
UNA Found nothing
VBA32 Found nothing

-------------------------------------------------------------------------
File: new_bias_sect.exe
Status: INFECTED/MALWARE
MD5 551b88cde498db5a05fc329a336fe8cc
Packers detected: PE_PATCH.UPC, UPC
Scanner results
AntiVir Found nothing
ArcaVir Found nothing
Avast Found nothing
AVG Antivirus Found nothing
BitDefender Found nothing
ClamAV Found nothing
Dr.Web Found nothing
F-Prot Antivirus Found W32/Swizzor.BN@dl
Fortinet Found nothing
Kaspersky Anti-Virus Found Trojan-Downloader.Win32.Swizzor.cb
NOD32 Found a variant of Win32/TrojanDownloader.Swizzor
Norman Virus Control Found Swizzor.gen.C
UNA Found nothing
VBA32 Found Trojan-Downloader.Win32.Swizzor.cb

---------------------------------------------------------------------------

Service load: 0% 100%

File: hngrbisc.exe
Status: INFECTED/MALWARE
MD5 933a0a68d3c7f9dde87401d207b8db7d
Packers detected: PE_PATCH.UPC, UPC
Scanner results
AntiVir Found nothing
ArcaVir Found nothing
Avast Found nothing
AVG Antivirus Found nothing
BitDefender Found nothing
ClamAV Found nothing
Dr.Web Found nothing
F-Prot Antivirus Found nothing
Fortinet Found nothing
Kaspersky Anti-Virus Found Trojan-Downloader.Win32.Swizzor.ds
NOD32 Found a variant of Win32/TrojanDownloader.Swizzor
Norman Virus Control Found nothing
UNA Found nothing
VBA32 Found nothing

_________________________________________________________________

Service load: 0% 100%

File: onoszzpa.exe
Status: INFECTED/MALWARE (Note: this file has been scanned before. Therefore, this file's scan results will not be stored in the database) (Note: only non-destructive malware has been found. Considering the non-destructive nature of samples like these - although they can be a pain -, results will not be stored in the database.)
MD5 8a4365a48aa0d168ad8761cdb15128ae
Packers detected: PE_PATCH.UPC, UPC
Scanner results
AntiVir Found nothing
ArcaVir Found nothing
Avast Found nothing
AVG Antivirus Found nothing
BitDefender Found nothing
ClamAV Found nothing
Dr.Web Found nothing
F-Prot Antivirus Found nothing
Fortinet Found nothing
Kaspersky Anti-Virus Found not-a-virus:AdWare.Lop.z
NOD32 Found a variant of Win32/TrojanDownloader.Swizzor
Norman Virus Control Found nothing
UNA Found nothing
VBA32 Found nothing

Wenn ich das richtig deute, habe ich wohl einen Trojaner. Oder?
Was muß ich tun?

Zu den anderen Punkten - wie von Dir beschrieben - komme ich erst Morgen dazu. Ich werde die dann nach und nach abarbeiten.

Bis dahin Danke nochmal.

Ciao
Sinja

21.08.2005, 15:25

Sabina

Ehrenmitglied

Beiträge: 29434

#4 Hallo@Sinja

das ist eine LOP-Verseuchung

alle Dateien und Ordner anzeigen
Im Windows-Explorer -- Extras -- Ordneroptionen -- den Reiter "Ansicht" -- Versteckte Dateien und Ordner -- "alle Dateien und Ordner anzeigen" aktivieren
+
Im Windows-Explorer -- Extras -- Ordneroptionen -- den Reiter "Ansicht"-- Dateien und Ordner - "Geschützte Systemdateien ausblenden (empfohlen)" deaktivieren

öffne das HijackThis -- Button "scan" -- vor die Malware-Einträge Häkchen setzen -- Button "Fix checked" -- PC neustarten

R3 - URLSearchHook: GlobalsearchHook - {1217CC80-9AC7-48E2-A7D9-596CCF8E077E} - J:\PROGRA~1\XXXPVO~1\XXXTOO~1\GLOBAL~1.DLL

O2 - BHO: (no name) - {67463973-8957-1854-229D-1BEAE9BFFBEE} - C:\DOKUME~1\ANDREA~1\ANWEND~1\ModeLog\extrableh.exe

O3 - Toolbar: XXX.O2.CZ toolbar - {3A522579-39C4-42EE-A155-84E90B1070D0} - J:\PROGRA~1\XXXPVO~1\XXXTOO~1\GLOBAL~1.DLL

O4 - HKLM\..\Run: [BYTE HOLD MODE DRIVE] C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MfcdRegsByteHold\MoreLess.exe

O4 - HKCU\..\Run: [Cake Heck] C:\DOKUME~1\ANDREA~1\ANWEND~1\ABOUTB~1\PLUS SOAP.exe

PC neustarten-->in den abgesicherten modus

loeschen:
C:\DOKUME~1\ANDREA~1\ANWEND~1\ABOUTB~1\PLUS SOAP.exe
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MfcdRegsByteHold\MoreLess.exe
C:\DOKUME~1\ANDREA~1\ANWEND~1\ModeLog\extrableh.exe

wenn du die Unterordner loeschst....

-new_bias_sect.exe
-onoszzpa.exe
- hngrbisc.exe

wieder im Normalmodus:

CCleaner ccleaner.com/ccdownload
----- lösche alle *temp-Dateien ------
http://virus-protect.org/temp.html

Systemwiederherstellung deaktivieren
Arbeitsplatz-->Rechtsklick, dann auf Eigenschaften--->Reiter Systemwiederherstellung--->Häkchen setzen bei Systemwiederherstellung auf allen Laufwerken deaktivieren.

arbeite den escan ab, er wird die restlichen verseuchten Dateien finden, die ich nicht sehen kann....das Tool loescht nicht, man muss dann manuell loeschen, was infected ist....

poste den Logreport vom SCan
http://virus-protect.org/escan.html
__________
__________
MfG Sabina

rund um die PC-Sicherheit

22.08.2005, 19:00

Sinja

...neu hier

Themenstarter

Beiträge: 7

#5 Hi @Sabina,

großes Lob und kompliment an Dir und Deine Helfer(in). Bin doch sehr überrascht, wie schnell Ihr die Themen abarbeitet. :-)

Zunächst habe ich eine Frage; was ist bitte eine LOP-Verseuchung?

1) Ordneroptionen aktiviert
2) Ordneroptionen deaktiviert

3) Mit HijackThis gescannt und die entsprechenden Häkchen gesetzt und gefixt.

4) Dokumente im abgesicherten Modus nebst Unterordner gelöscht.

5) Mit CCleaner die temp-Dateien gelöscht.

Danach habe ich versehentlich die Reihenfolge nicht eingehalten. Ich weiß es zwar nicht genau, aber ich denke das spielt vielleicht keine große Rolle.

Ich habe dann zuerst mit escan gearbeitet anstatt die Systemwiederherstellung zu deaktivieren (s.o.deinen Beitrag).

Hier der Logreport von escan:

--------------------------------------------------
-------------------- INFECTED --------------------
--------------------------------------------------

1: Mon Aug 22 15:46:42 2005 => System found infected with alexa Spyware/Adware ({c95fe080-8f5d-11d2-a20b-00aa003c157a})! Action taken: No Action Taken.
2: Mon Aug 22 15:46:48 2005 => System found infected with UCmore toolbar Spyware/Adware ({53CBEE82-D747-11d3-9ED0-005004189684})! Action taken: No Action Taken.
3: Mon Aug 22 15:48:18 2005 => Offending file found: C:\WINDOWS\iun6002.exe
4: Mon Aug 22 15:48:18 2005 => System found infected with zipitpro Spyware/Adware (C:\WINDOWS\iun6002.exe)! Action taken: No Action Taken.
5: Mon Aug 22 15:48:41 2005 => Offending file found: C:\WINDOWS\remote.ini
6: Mon Aug 22 15:48:41 2005 => System found infected with Unknown Pest Spyware/Adware (remote.ini)! Action taken: No Action Taken.
7: Mon Aug 22 15:55:44 2005 => File C:\DOKUME~1\ANDREA~1\LOKALE~1\Temp\ofrshspp.exe infected by "Trojan-Downloader.Win32.Swizzor.co" Virus! Action Taken: No Action Taken.
8: Mon Aug 22 15:58:20 2005 => Scanning File C:\Dokumente und Einstellungen\Andreas Reinecke\Anwendungsdaten\Microsoft\Office\Zuletzt verwendet\INFECTED.LNK
9: Mon Aug 22 16:01:06 2005 => File C:\Dokumente und Einstellungen\Andreas Reinecke\Lokale Einstellungen\Temp\ofrshspp.exe infected by "Trojan-Downloader.Win32.Swizzor.co" Virus! Action Taken: No Action Taken.
10: Mon Aug 22 16:01:09 2005 => Scanning File C:\Dokumente und Einstellungen\Andreas Reinecke\Recent\INFECTED.lnk
11: Mon Aug 22 16:21:05 2005 => File C:\RECYCLER\S-1-5-21-1844237615-1390067357-725345543-1004\Dc1.exe infected by "Trojan-Downloader.Win32.Swizzor.co" Virus! Action Taken: No Action Taken.
12: Mon Aug 22 16:21:05 2005 => File C:\RECYCLER\S-1-5-21-1844237615-1390067357-725345543-1004\Dc2.exe infected by "Trojan-Downloader.Win32.Swizzor.ds" Virus! Action Taken: No Action Taken.
13: Mon Aug 22 16:21:06 2005 => File C:\RECYCLER\S-1-5-21-1844237615-1390067357-725345543-1004\Dc3.exe infected by "Trojan-Downloader.Win32.Swizzor.bo" Virus! Action Taken: No Action Taken.
14: Mon Aug 22 16:21:06 2005 => File C:\RECYCLER\S-1-5-21-1844237615-1390067357-725345543-1004\Dc5.exe infected by "Trojan-Downloader.Win32.Swizzor.ds" Virus! Action Taken: No Action Taken.
15: Mon Aug 22 16:21:06 2005 => File C:\RECYCLER\S-1-5-21-1844237615-1390067357-725345543-1004\Dc6.exe infected by "Trojan-Downloader.Win32.Swizzor.cb" Virus! Action Taken: No Action Taken.
16: Mon Aug 22 17:12:49 2005 => File C:\System Volume Information\_restore{47BE4FCB-C96F-425E-8938-B44012F140FC}\RP1066\A0561027.exe infected by "Trojan-Downloader.Win32.Swizzor.co" Virus! Action Taken: No Action Taken.
17: Mon Aug 22 17:12:49 2005 => File C:\System Volume Information\_restore{47BE4FCB-C96F-425E-8938-B44012F140FC}\RP1066\A0561028.exe infected by "Trojan-Downloader.Win32.Swizzor.bo" Virus! Action Taken: No Action Taken.
18: Mon Aug 22 17:12:49 2005 => File C:\System Volume Information\_restore{47BE4FCB-C96F-425E-8938-B44012F140FC}\RP1066\A0561029.exe infected by "Trojan-Downloader.Win32.Swizzor.cb" Virus! Action Taken: No Action Taken.
19: Mon Aug 22 17:12:54 2005 => File C:\System Volume Information\_restore{47BE4FCB-C96F-425E-8938-B44012F140FC}\RP1067\A0561157.exe infected by "Trojan-Downloader.Win32.Swizzor.co" Virus! Action Taken: No Action Taken.
20: Mon Aug 22 17:43:48 2005 => File J:\System Volume Information\_restore{47BE4FCB-C96F-425E-8938-B44012F140FC}\RP1064\A0560035.exe infected by "Trojan-Downloader.Win32.Swizzor.do" Virus! Action Taken: No Action Taken.
21: Mon Aug 22 17:47:34 2005 => File J:\Programme\Divx neu 120805\DivX.Pro.v.6.0.patch-arteam.exe infected by "Trojan-Downloader.Win32.IstBar.is" Virus! Action Taken: No Action Taken.
22: Mon Aug 22 17:48:01 2005 => Scanning File J:\Programme für Viren\Kaspersky Anti Virus 5.0\Kaspersky Anti-Virus Personal\Infected.wav [**]
23: Mon Aug 22 17:48:02 2005 => File J:\Programme für Viren\hijackthis\backups\backup-20050822-103952-145.dll infected by "Trojan-Downloader.Win32.Swizzor.bo" Virus! Action Taken: No Action Taken.
24: Mon Aug 22 17:48:06 2005 => Scanning File J:\Programme für Viren\eScan Check 110\Back Up vom 210805\INFECTED.doc

--------------------------------------------------
--------------------- TAGGED ---------------------
--------------------------------------------------

1: Mon Aug 22 15:52:20 2005 => File C:\WINDOWS\routenplaner-online.com[rrm-10001,1,1].exe tagged as "not-a-virus

orn-Dialer.Win32.Intexdial". Action Taken: No Action Taken.
2: Mon Aug 22 15:52:21 2005 => File C:\WINDOWS\Routenplanung[rlg-10448,1,s=25541cf7df5aea1341561e64ad643d3f].exe tagged as "not-a-virus

orn-Dialer.Win32.Intexdial". Action Taken: No Action Taken.
3: Mon Aug 22 15:56:16 2005 => File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MfcdRegsByteHold\Meet Up.exe tagged as "not-a-virus:AdWare.Lop.z". Action Taken: No Action Taken.
4: Mon Aug 22 16:21:07 2005 => File C:\RECYCLER\S-1-5-21-1844237615-1390067357-725345543-1004\Dc7.exe tagged as "not-a-virus:AdWare.Lop.z". Action Taken: No Action Taken.
5: Mon Aug 22 17:25:39 2005 => File C:\WINDOWS\routenplaner-online.com[rrm-10001,1,1].exe tagged as "not-a-virus

orn-Dialer.Win32.Intexdial". Action Taken: No Action Taken.
6: Mon Aug 22 17:25:39 2005 => File C:\WINDOWS\Routenplanung[rlg-10448,1,s=25541cf7df5aea1341561e64ad643d3f].exe tagged as "not-a-virus

orn-Dialer.Win32.Intexdial". Action Taken: No Action Taken.
7: Mon Aug 22 17:42:13 2005 => Scanning File I:\Programme\Media_Manager_2004\Icons\Tagged Image File Format.ico [**]

--------------------------------------------------
--------------------- ERRORS ---------------------
--------------------------------------------------

1: Mon Aug 22 15:45:52 2005 => ERROR!!! Invalid Entry {8FF88D21-7BD0-11D1-BFB7-00AA00262A11} = D:\Programme\Anti leech-plugin für bockwurst-dateien\WIN ace\arcext.dll (in key SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved). No Action Taken.
2: Mon Aug 22 15:45:52 2005 => ERROR!!! Invalid Entry {8FF88D25-7BD0-11D1-BFB7-00AA00262A11} = D:\Programme\Anti leech-plugin für bockwurst-dateien\WIN ace\arcext.dll (in key SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved). No Action Taken.
3: Mon Aug 22 15:45:52 2005 => ERROR!!! Invalid Entry {8FF88D27-7BD0-11D1-BFB7-00AA00262A11} = D:\Programme\Anti leech-plugin für bockwurst-dateien\WIN ace\arcext.dll (in key SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved). No Action Taken.
4: Mon Aug 22 15:45:52 2005 => ERROR!!! Invalid Entry {8FF88D23-7BD0-11D1-BFB7-00AA00262A11} = D:\Programme\Anti leech-plugin für bockwurst-dateien\WIN ace\arcext.dll (in key SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved). No Action Taken.
5: Mon Aug 22 15:45:58 2005 => ERROR!!! Invalid Entry Cake Heck = C:\DOKUME~1\ANDREA~1\ANWEND~1\ABOUTB~1\PLUS SOAP.exe (in key SOFTWARE\Microsoft\Windows\CurrentVersion\Run). No Action Taken.
6: Mon Aug 22 15:45:58 2005 => ERROR!!! Invalid Entry Symantec NetDriver Monitor = C:\PROGRA~1\Symantec\LIVEUP~1\SNDMon.EXE (in key .DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run). No Action Taken.
7: Mon Aug 22 15:46:23 2005 => ERROR!!! Invalid Entry D:\Downloads\XP Anti Spy 3.61\AntiVir\AVGUARD.EXE in SYSTEM\CurrentControlSet\Services\AntiVirService...
8: Mon Aug 22 15:46:24 2005 => ERROR!!! Invalid Entry \??\D:\Downloads\XP Anti Spy 3.61\AntiVir\AVGNTDD.SYS in SYSTEM\CurrentControlSet\Services\avgntdd...
9: Mon Aug 22 15:46:24 2005 => ERROR!!! Invalid Entry D:\Downloads\XP Anti Spy 3.61\AntiVir\AVWUPSRV.EXE in SYSTEM\CurrentControlSet\Services\AVWUpSrv...
10: Mon Aug 22 15:46:28 2005 => ERROR!!! Invalid Entry System32\DRIVERS\ElbyVCD.sys in SYSTEM\CurrentControlSet\Services\ElbyVCD...
11: Mon Aug 22 15:46:31 2005 => ERROR!!! Invalid Entry System32\DRIVERS\LHidFlt2.sys in SYSTEM\CurrentControlSet\Services\LHidFlt2...
12: Mon Aug 22 15:46:34 2005 => ERROR!!! Invalid Entry \??\C:\DOKUME~1\ANDREA~1\LOKALE~1\Temp\pfsvgae.sys in SYSTEM\CurrentControlSet\Services\pfsvgae...
13: Mon Aug 22 15:46:38 2005 => ERROR!!! Invalid Entry \??\C:\Programme\Symantec\SYMEVENT.SYS in SYSTEM\CurrentControlSet\Services\SymEvent...
14: Mon Aug 22 15:48:50 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\bvinetio.dll". Action Taken: No Action Taken.
15: Mon Aug 22 15:48:50 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\EPScontrol.dll". Action Taken: No Action Taken.
16: Mon Aug 22 15:48:50 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\ratechk.dll". Action Taken: No Action Taken.
17: Mon Aug 22 15:48:51 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "d:\digital kamera\ZoomBrowser EX\Program\OPExport.dll". Action Taken: No Action Taken.
18: Mon Aug 22 15:48:51 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "d:\digital kamera\ZoomBrowser EX\Program\DB_Interface.dll". Action Taken: No Action Taken.
19: Mon Aug 22 15:48:51 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "d:\digital kamera\ZoomBrowser EX\Program\Utilities.dll". Action Taken: No Action Taken.
20: Mon Aug 22 15:48:51 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "d:\digital kamera\ZoomBrowser EX\Program\ZoomBrowserEngine.dll". Action Taken: No Action Taken.
21: Mon Aug 22 15:48:51 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "d:\digital kamera\ZoomBrowser EX\Program\DatabaseManager.dll". Action Taken: No Action Taken.
22: Mon Aug 22 15:48:51 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "d:\digital kamera\ZoomBrowser EX\Program\opapi11.dll". Action Taken: No Action Taken.
23: Mon Aug 22 15:48:51 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "d:\digital kamera\PhotoRecord\Program\opapi11.dll". Action Taken: No Action Taken.
24: Mon Aug 22 15:48:51 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "d:\digital kamera\PhotoRecord\OpPrintCom\opapi11.dll". Action Taken: No Action Taken.
25: Mon Aug 22 15:48:52 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "D:\Common\Bin\AppRegAgent.dll". Action Taken: No Action Taken.
26: Mon Aug 22 15:48:52 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "D:\Common\Bin\compand.dll". Action Taken: No Action Taken.
27: Mon Aug 22 15:48:52 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "D:\Common\Bin\ComTruSurroundXT.dll". Action Taken: No Action Taken.
28: Mon Aug 22 15:48:52 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "D:\Common\Bin\DMO_TSXT.dll". Action Taken: No Action Taken.
29: Mon Aug 22 15:48:52 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "D:\Common\Bin\DownmixDMO.dll". Action Taken: No Action Taken.
30: Mon Aug 22 15:48:52 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "D:\Common\Bin\DSP.dll". Action Taken: No Action Taken.
31: Mon Aug 22 15:48:52 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "D:\Common\Bin\expDMO.dll". Action Taken: No Action Taken.
32: Mon Aug 22 15:48:52 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "D:\Common\Bin\GPIProxy.dll". Action Taken: No Action Taken.
33: Mon Aug 22 15:48:52 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "D:\Common\Bin\ImgComp.dll". Action Taken: No Action Taken.
34: Mon Aug 22 15:48:52 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "D:\Common\Bin\IviContainerDMO.dll". Action Taken: No Action Taken.
35: Mon Aug 22 15:48:52 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "D:\Common\Bin\IVIGUI.dll". Action Taken: No Action Taken.
36: Mon Aug 22 15:48:52 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "D:\Common\Bin\moveft21.dll". Action Taken: No Action Taken.
37: Mon Aug 22 15:48:52 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "D:\Common\Bin\pbAuCnt.ocx". Action Taken: No Action Taken.
38: Mon Aug 22 15:48:52 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "D:\Common\Bin\pbAuFx.ocx". Action Taken: No Action Taken.
39: Mon Aug 22 15:48:52 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "D:\Common\Bin\pbAuMde.ocx". Action Taken: No Action Taken.
40: Mon Aug 22 15:48:52 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "D:\Common\Bin\pbClr.ocx". Action Taken: No Action Taken.
41: Mon Aug 22 15:48:52 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "D:\Common\Bin\pbDsp.ocx". Action Taken: No Action Taken.
42: Mon Aug 22 15:48:52 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "D:\Common\Bin\pbLang.ocx". Action Taken: No Action Taken.
43: Mon Aug 22 15:48:52 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "D:\Common\Bin\pbMvEnc.ocx". Action Taken: No Action Taken.
44: Mon Aug 22 15:48:52 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "D:\Common\Bin\pbNav.ocx". Action Taken: No Action Taken.
45: Mon Aug 22 15:48:52 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "D:\Common\Bin\pbPlyr.ocx". Action Taken: No Action Taken.
46: Mon Aug 22 15:48:52 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "D:\Common\Bin\pbScne.ocx". Action Taken: No Action Taken.
47: Mon Aug 22 15:48:52 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "D:\Common\Bin\pbTmStrh.ocx". Action Taken: No Action Taken.
48: Mon Aug 22 15:48:52 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "D:\Common\Bin\pbViFx.ocx". Action Taken: No Action Taken.
49: Mon Aug 22 15:48:52 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "D:\Common\Bin\pbViWnd.ocx". Action Taken: No Action Taken.
50: Mon Aug 22 15:48:52 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "D:\Common\Bin\pbWbBr.ocx". Action Taken: No Action Taken.
51: Mon Aug 22 15:48:52 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "D:\Common\Bin\Sharpness.dll". Action Taken: No Action Taken.
52: Mon Aug 22 15:48:52 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "D:\Common\Bin\timestretchDMO.dll". Action Taken: No Action Taken.
53: Mon Aug 22 15:48:52 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "D:\Common\Bin\viFxMvft.dll". Action Taken: No Action Taken.
54: Mon Aug 22 15:48:52 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "D:\Common\Bin\viFxNeg.dll". Action Taken: No Action Taken.
55: Mon Aug 22 15:48:52 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "D:\Common\Bin\viFxNstg.dll". Action Taken: No Action Taken.
56: Mon Aug 22 15:48:52 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "D:\Common\Bin\viFxPstr.dll". Action Taken: No Action Taken.
57: Mon Aug 22 15:48:52 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "D:\Common\Bin\viFxRfn.dll". Action Taken: No Action Taken.
58: Mon Aug 22 15:48:52 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "D:\Common\Bin\viFxShp.dll". Action Taken: No Action Taken.
59: Mon Aug 22 15:48:52 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "D:\Common\Bin\WinCinemaMgr.exe". Action Taken: No Action Taken.
60: Mon Aug 22 15:48:52 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "D:\Common\Bin\IVIPromotion.exe". Action Taken: No Action Taken.
61: Mon Aug 22 15:48:52 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "D:\Common\Bin\Auprocfx.ax". Action Taken: No Action Taken.
62: Mon Aug 22 15:48:52 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "D:\Common\Bin\iviaudio.ax". Action Taken: No Action Taken.
63: Mon Aug 22 15:48:52 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "D:\Common\Bin\IVInav.ax". Action Taken: No Action Taken.
64: Mon Aug 22 15:48:52 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "D:\Common\Bin\IVIVIDEO.ax". Action Taken: No Action Taken.
65: Mon Aug 22 15:48:53 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "D:\Downloads\Sony Sound\sfconfigmgr.dll". Action Taken: No Action Taken.
66: Mon Aug 22 15:48:53 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "D:\Downloads\Sony Sound\sfmarket2.dll". Action Taken: No Action Taken.
67: Mon Aug 22 15:48:53 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "D:\Downloads\Sony Sound\Help Files\sfhammer.chm". Action Taken: No Action Taken.
68: Mon Aug 22 15:48:53 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfhammer.dll". Action Taken: No Action Taken.
69: Mon Aug 22 15:48:53 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "D:\Downloads\Sony Sound\Help Files\sfhammer.hlp". Action Taken: No Action Taken.
70: Mon Aug 22 15:48:53 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfmirror.dll". Action Taken: No Action Taken.
71: Mon Aug 22 15:48:53 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "D:\Downloads\Sony Sound\Help Files\sfmirror.chm". Action Taken: No Action Taken.
72: Mon Aug 22 15:48:53 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "D:\Downloads\Sony Sound\Help Files\sfmirror.hlp". Action Taken: No Action Taken.
73: Mon Aug 22 15:48:53 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "D:\Downloads\DaViDeo3.pdf". Action Taken: No Action Taken.
74: Mon Aug 22 15:48:57 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Gemeinsame Dateien\Real\GToolbar\BarControl.dll". Action Taken: No Action Taken.
75: Mon Aug 22 15:48:57 2005 => Entry "HKCR\CLSID\{00000000-0F56-11D2-9887-00A0C969725B}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfxpfx2.dll". Action Taken: No Action Taken.
76: Mon Aug 22 15:48:57 2005 => Entry "HKCR\CLSID\{00000001-0F56-11D2-9887-00A0C969725B}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfxpfx2.dll". Action Taken: No Action Taken.
77: Mon Aug 22 15:48:57 2005 => Entry "HKCR\CLSID\{00000002-0F56-11D2-9887-00A0C969725B}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfxpfx1.dll". Action Taken: No Action Taken.
78: Mon Aug 22 15:48:57 2005 => Entry "HKCR\CLSID\{00000003-0F56-11D2-9887-00A0C969725B}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfxpfx2.dll". Action Taken: No Action Taken.
79: Mon Aug 22 15:48:57 2005 => Entry "HKCR\CLSID\{00000004-0F56-11D2-9887-00A0C969725B}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfxpfx1.dll". Action Taken: No Action Taken.
80: Mon Aug 22 15:48:57 2005 => Entry "HKCR\CLSID\{00000005-0F56-11D2-9887-00A0C969725B}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfxpfx2.dll". Action Taken: No Action Taken.
81: Mon Aug 22 15:48:57 2005 => Entry "HKCR\CLSID\{00000006-0F56-11D2-9887-00A0C969725B}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfxpfx1.dll". Action Taken: No Action Taken.
82: Mon Aug 22 15:48:57 2005 => Entry "HKCR\CLSID\{00000007-0F56-11D2-9887-00A0C969725B}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfxpfx1.dll". Action Taken: No Action Taken.
83: Mon Aug 22 15:48:57 2005 => Entry "HKCR\CLSID\{00000008-0F56-11D2-9887-00A0C969725B}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfxpfx3.dll". Action Taken: No Action Taken.
84: Mon Aug 22 15:48:57 2005 => Entry "HKCR\CLSID\{00000009-0F56-11D2-9887-00A0C969725B}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfxpfx3.dll". Action Taken: No Action Taken.
85: Mon Aug 22 15:48:57 2005 => Entry "HKCR\CLSID\{0000000A-0F56-11D2-9887-00A0C969725B}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfxpfx3.dll". Action Taken: No Action Taken.
86: Mon Aug 22 15:48:57 2005 => Entry "HKCR\CLSID\{0000000B-0F56-11D2-9887-00A0C969725B}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfxpfx3.dll". Action Taken: No Action Taken.
87: Mon Aug 22 15:48:57 2005 => Entry "HKCR\CLSID\{0000000C-0F56-11D2-9887-00A0C969725B}" refers to invalid object "D:\Downloads\Sony Sound\Audio\xpvinyl.dll". Action Taken: No Action Taken.
88: Mon Aug 22 15:48:58 2005 => Entry "HKCR\CLSID\{019925F0-6D5A-43F7-B470-A3058DC8CF4D}" refers to invalid object "D:\Common\Bin\Auprocfx.ax". Action Taken: No Action Taken.
89: Mon Aug 22 15:48:58 2005 => Entry "HKCR\CLSID\{01C4D46C-099C-11D3-B6AC-00105A69E391}" refers to invalid object "d:\digital kamera\ZoomBrowser EX\Program\Utilities.dll". Action Taken: No Action Taken.
90: Mon Aug 22 15:48:58 2005 => Entry "HKCR\CLSID\{01C4D46D-099C-11D3-B6AC-00105A69E391}" refers to invalid object "d:\digital kamera\ZoomBrowser EX\Program\Utilities.dll". Action Taken: No Action Taken.
91: Mon Aug 22 15:48:58 2005 => Entry "HKCR\CLSID\{01C4D46E-099C-11D3-B6AC-00105A69E391}" refers to invalid object "d:\digital kamera\ZoomBrowser EX\Program\Utilities.dll". Action Taken: No Action Taken.
92: Mon Aug 22 15:48:58 2005 => Entry "HKCR\CLSID\{01C4D46F-099C-11D3-B6AC-00105A69E391}" refers to invalid object "d:\digital kamera\ZoomBrowser EX\Program\Utilities.dll". Action Taken: No Action Taken.
93: Mon Aug 22 15:48:58 2005 => Entry "HKCR\CLSID\{01C4D470-099C-11D3-B6AC-00105A69E391}" refers to invalid object "d:\digital kamera\ZoomBrowser EX\Program\Utilities.dll". Action Taken: No Action Taken.
94: Mon Aug 22 15:48:59 2005 => Entry "HKCR\CLSID\{01C4D477-099C-11D3-B6AC-00105A69E391}" refers to invalid object "d:\digital kamera\ZoomBrowser EX\Program\ZoomBrowserEngine.dll". Action Taken: No Action Taken.
95: Mon Aug 22 15:48:59 2005 => Entry "HKCR\CLSID\{01C4D478-099C-11D3-B6AC-00105A69E391}" refers to invalid object "d:\digital kamera\ZoomBrowser EX\Program\ZoomBrowserEngine.dll". Action Taken: No Action Taken.
96: Mon Aug 22 15:48:59 2005 => Entry "HKCR\CLSID\{01C4D49A-099C-11D3-B6AC-00105A69E391}" refers to invalid object "d:\digital kamera\ZoomBrowser EX\Program\DB_Interface.dll". Action Taken: No Action Taken.
97: Mon Aug 22 15:48:59 2005 => Entry "HKCR\CLSID\{01C4D4A2-099C-11d3-B6AC-00105A69E391}" refers to invalid object "d:\digital kamera\ZoomBrowser EX\Program\DatabaseManager.dll". Action Taken: No Action Taken.
98: Mon Aug 22 15:48:59 2005 => Entry "HKCR\CLSID\{020D165A-A677-11d7-A773-00C04F68F44E}" refers to invalid object "D:\Downloads\Sony Sound\File Formats\MP3\mp3plug.dll". Action Taken: No Action Taken.
99: Mon Aug 22 15:48:59 2005 => Entry "HKCR\CLSID\{021BC4F7-1FAE-4578-8124-758A3FE709D7}" refers to invalid object "D:\Common\Bin\pbScne.ocx". Action Taken: No Action Taken.
100: Mon Aug 22 15:48:59 2005 => Entry "HKCR\CLSID\{026D0AA1-9BB9-11D0-AEBC-00A0C9053912}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfppack2.dll". Action Taken: No Action Taken.
101: Mon Aug 22 15:48:59 2005 => Entry "HKCR\CLSID\{026D0AA2-9BB9-11D0-AEBC-00A0C9053912}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfppack2.dll". Action Taken: No Action Taken.
102: Mon Aug 22 15:48:59 2005 => Entry "HKCR\CLSID\{0363932B-7190-449C-9CD8-E0CF5CA525B3}" refers to invalid object "D:\Common\Bin\pbViFx.ocx". Action Taken: No Action Taken.
103: Mon Aug 22 15:49:00 2005 => Entry "HKCR\CLSID\{0ACBFD9D-A677-11d7-A773-00C04F68F44E}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfppack3.dll". Action Taken: No Action Taken.
104: Mon Aug 22 15:49:00 2005 => Entry "HKCR\CLSID\{1010333D-5114-41CE-807B-4483785EEF84}" refers to invalid object "D:\Downloads\Sony Sound\Audio\xpvinyl.dll". Action Taken: No Action Taken.
105: Mon Aug 22 15:49:01 2005 => Entry "HKCR\CLSID\{142223FD-2B7D-43CA-BA01-DD61B83ABA85}" refers to invalid object "D:\Common\Bin\pbLang.ocx". Action Taken: No Action Taken.
106: Mon Aug 22 15:49:01 2005 => Entry "HKCR\CLSID\{143D6769-A677-11d3-A773-00C04F68F44E}" refers to invalid object "D:\MP3 Splitter & Joiner\forge60.exe". Action Taken: No Action Taken.
107: Mon Aug 22 15:49:01 2005 => Entry "HKCR\CLSID\{187E5273-A677-11d7-A773-00C04F68F44E}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfppack2.dll". Action Taken: No Action Taken.
108: Mon Aug 22 15:49:01 2005 => Entry "HKCR\CLSID\{1B76043E-D3FB-4C65-B57B-9A194E607005}" refers to invalid object "D:\Common\Bin\pbAuCnt.ocx". Action Taken: No Action Taken.
109: Mon Aug 22 15:49:01 2005 => Entry "HKCR\CLSID\{1D5B8E76-7098-4F25-9F17-00AA006BA2BA}" refers to invalid object "D:\Downloads\Sony Sound\File Formats\MP3\mp3plug.dll". Action Taken: No Action Taken.
110: Mon Aug 22 15:49:02 2005 => Entry "HKCR\CLSID\{1F949CBC-3C01-4ca5-A7FD-2773634E2D00}" refers to invalid object "D:\Common\Bin\compand.dll". Action Taken: No Action Taken.
111: Mon Aug 22 15:49:02 2005 => Entry "HKCR\CLSID\{23E3975B-A677-11d7-A773-00C04F68F44E}" refers to invalid object "D:\Downloads\Sony Sound\forge70.exe". Action Taken: No Action Taken.
112: Mon Aug 22 15:49:02 2005 => Entry "HKCR\CLSID\{249C3EF3-2732-4DEF-94A5-F761CD58A2BA}" refers to invalid object "D:\Common\Bin\IVIGUI.dll". Action Taken: No Action Taken.
113: Mon Aug 22 15:49:02 2005 => Entry "HKCR\CLSID\{26EB1712-F516-4DDF-AC63-1F6B1B422C84}" refers to invalid object "D:\Downloads\Sony Sound\OpcPcmImporter.dll". Action Taken: No Action Taken.
114: Mon Aug 22 15:49:02 2005 => Entry "HKCR\CLSID\{28D9F1E0-6ECC-11D0-AEBC-00A0C9053912}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfppack1.dll". Action Taken: No Action Taken.
115: Mon Aug 22 15:49:02 2005 => Entry "HKCR\CLSID\{28D9F1E1-6ECC-11D0-AEBC-00A0C9053912}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfppack1.dll". Action Taken: No Action Taken.
116: Mon Aug 22 15:49:03 2005 => Entry "HKCR\CLSID\{2B22E2B9-A677-11d7-A773-00C04F68F44E}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfxpfx3.dll". Action Taken: No Action Taken.
117: Mon Aug 22 15:49:03 2005 => Entry "HKCR\CLSID\{2BE4D120-6F2E-4B3A-B0BD-E880917238DC}" refers to invalid object "D:\Downloads\Sony Sound\File Formats\MCMPEG\mcspmpeg.ax". Action Taken: No Action Taken.
118: Mon Aug 22 15:49:03 2005 => Entry "HKCR\CLSID\{2BE4D128-6F2E-4B3A-B0BD-E880917238DC}" refers to invalid object "D:\Downloads\Sony Sound\File Formats\MCMPEG\mcspmpeg.ax". Action Taken: No Action Taken.
119: Mon Aug 22 15:49:03 2005 => Entry "HKCR\CLSID\{2BE4D130-6F2E-4B3A-B0BD-E880917238DC}" refers to invalid object "D:\Downloads\Sony Sound\File Formats\MCMPEG\mcdsmpeg.ax". Action Taken: No Action Taken.
120: Mon Aug 22 15:49:03 2005 => Entry "HKCR\CLSID\{2BE4D138-6F2E-4B3A-B0BD-E880917238DC}" refers to invalid object "D:\Downloads\Sony Sound\File Formats\MCMPEG\mcdsmpeg.ax". Action Taken: No Action Taken.
121: Mon Aug 22 15:49:03 2005 => Entry "HKCR\CLSID\{2BE4D140-6F2E-4B3A-B0BD-E880917238DC}" refers to invalid object "D:\Downloads\Sony Sound\File Formats\MCMPEG\mcdsmpeg.ax". Action Taken: No Action Taken.
122: Mon Aug 22 15:49:03 2005 => Entry "HKCR\CLSID\{2BE4D148-6F2E-4B3A-B0BD-E880917238DC}" refers to invalid object "D:\Downloads\Sony Sound\File Formats\MCMPEG\mcdsmpeg.ax". Action Taken: No Action Taken.
123: Mon Aug 22 15:49:03 2005 => Entry "HKCR\CLSID\{2BE4D150-6F2E-4B3A-B0BD-E880917238DC}" refers to invalid object "D:\Downloads\Sony Sound\File Formats\MCMPEG\mcesmpeg.ax". Action Taken: No Action Taken.
124: Mon Aug 22 15:49:03 2005 => Entry "HKCR\CLSID\{2BE4D158-6F2E-4B3A-B0BD-E880917238DC}" refers to invalid object "D:\Downloads\Sony Sound\File Formats\MCMPEG\mcesmpeg.ax". Action Taken: No Action Taken.
125: Mon Aug 22 15:49:03 2005 => Entry "HKCR\CLSID\{2BE4D159-6F2E-4B3A-B0BD-E880917238DC}" refers to invalid object "D:\Downloads\Sony Sound\File Formats\MCMPEG\mcesmpeg.ax". Action Taken: No Action Taken.
126: Mon Aug 22 15:49:03 2005 => Entry "HKCR\CLSID\{2BE4D15B-6F2E-4B3A-B0BD-E880917238DC}" refers to invalid object "D:\Downloads\Sony Sound\File Formats\MCMPEG\mcesmpeg.ax". Action Taken: No Action Taken.
127: Mon Aug 22 15:49:03 2005 => Entry "HKCR\CLSID\{2E83D269-832F-4967-A9FB-41ECEA0908C1}" refers to invalid object "D:\Common\Bin\pbViWnd.ocx". Action Taken: No Action Taken.
128: Mon Aug 22 15:49:03 2005 => Entry "HKCR\CLSID\{310E42A0-F913-11D4-887C-006008DC5C26}" refers to invalid object "D:\Programme\divxdec.ax". Action Taken: No Action Taken.
129: Mon Aug 22 15:49:03 2005 => Entry "HKCR\CLSID\{323B0894-30BB-41A7-B9C3-FC092D0C3578}" refers to invalid object "D:\Common\Bin\pbDsp.ocx". Action Taken: No Action Taken.
130: Mon Aug 22 15:49:04 2005 => Entry "HKCR\CLSID\{3385B29B-1A7B-4d8c-B57D-83712CF2FC84}" refers to invalid object "D:\Common\Bin\DownmixDMO.dll". Action Taken: No Action Taken.
131: Mon Aug 22 15:49:04 2005 => Entry "HKCR\CLSID\{39224540-6F92-11D0-AEBC-00A0C9053912}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfppack3.dll". Action Taken: No Action Taken.
132: Mon Aug 22 15:49:04 2005 => Entry "HKCR\CLSID\{39224541-6F92-11D0-AEBC-00A0C9053912}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfppack3.dll". Action Taken: No Action Taken.
133: Mon Aug 22 15:49:04 2005 => Entry "HKCR\CLSID\{39974D57-A677-11d7-A773-00C04F68F44E}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfxpfx2.dll". Action Taken: No Action Taken.
134: Mon Aug 22 15:49:04 2005 => Entry "HKCR\CLSID\{3B579B60-AFD6-11D2-8F5A-00C04F8EDC0B}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfhammer.dll". Action Taken: No Action Taken.
135: Mon Aug 22 15:49:04 2005 => Entry "HKCR\CLSID\{3B579B61-AFD6-11D2-8F5A-00AA006BA2BA}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfhammer.dll". Action Taken: No Action Taken.
136: Mon Aug 22 15:49:04 2005 => Entry "HKCR\CLSID\{3B579B62-AFD6-11D2-8F5A-00AA006BA2BA}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfhammer.dll". Action Taken: No Action Taken.
137: Mon Aug 22 15:49:04 2005 => Entry "HKCR\CLSID\{3BA36238-D0C8-4932-920F-4F24D73B5251}" refers to invalid object "D:\Common\Bin\pbNav.ocx". Action Taken: No Action Taken.
138: Mon Aug 22 15:49:04 2005 => Entry "HKCR\CLSID\{3D6A2CAD-8BEB-4FD4-BC35-7CDB0497A8B4}" refers to invalid object "D:\Common\Bin\ImgComp.dll". Action Taken: No Action Taken.
139: Mon Aug 22 15:49:04 2005 => Entry "HKCR\CLSID\{3E75E673-A67A-405C-934A-64A045ADEDC6}" refers to invalid object "D:\Common\Bin\pbScne.ocx". Action Taken: No Action Taken.
140: Mon Aug 22 15:49:05 2005 => Entry "HKCR\CLSID\{3EB14208-70E6-4739-A900-275EB1C46FE3}" refers to invalid object "D:\Common\Bin\pbClr.ocx". Action Taken: No Action Taken.
141: Mon Aug 22 15:49:05 2005 => Entry "HKCR\CLSID\{3F901A20-79BE-11D0-AEBC-00A0C9053912}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfppack3.dll". Action Taken: No Action Taken.
142: Mon Aug 22 15:49:05 2005 => Entry "HKCR\CLSID\{3F901A21-79BE-11D0-AEBC-00A0C9053912}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfppack3.dll". Action Taken: No Action Taken.
143: Mon Aug 22 15:49:05 2005 => Entry "HKCR\CLSID\{40986922-0F56-11D2-9887-00A0C969725B}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfxpfx2.dll". Action Taken: No Action Taken.
144: Mon Aug 22 15:49:05 2005 => Entry "HKCR\CLSID\{40986926-0F56-11D2-9887-00A0C969725B}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfxpfx2.dll". Action Taken: No Action Taken.
145: Mon Aug 22 15:49:05 2005 => Entry "HKCR\CLSID\{413A0975-168F-46C8-AE58-88E8D4D36AFD}" refers to invalid object "D:\Downloads\Sony Sound\sffrgpnv.dll". Action Taken: No Action Taken.
146: Mon Aug 22 15:49:05 2005 => Entry "HKCR\CLSID\{42C327EF-C272-4EBE-986C-609F8B50D84D}" refers to invalid object "D:\Common\Bin\pbTmStrh.ocx". Action Taken: No Action Taken.
147: Mon Aug 22 15:49:06 2005 => Entry "HKCR\CLSID\{45392302-BA5D-497F-8010-DFE29FEAC0D2}" refers to invalid object "D:\Common\Bin\pbTmStrh.ocx". Action Taken: No Action Taken.
148: Mon Aug 22 15:49:07 2005 => Entry "HKCR\CLSID\{509DEB80-73A1-11D0-AD41-00AA001F6A58}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfmirror.dll". Action Taken: No Action Taken.
149: Mon Aug 22 15:49:07 2005 => Entry "HKCR\CLSID\{509DEB81-73A1-11D0-AD41-00AA001F6A58}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfmirror.dll". Action Taken: No Action Taken.
150: Mon Aug 22 15:49:07 2005 => Entry "HKCR\CLSID\{509DEB82-73A1-11D0-AD41-00AA001F6A58}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfmirror.dll". Action Taken: No Action Taken.
151: Mon Aug 22 15:49:07 2005 => Entry "HKCR\CLSID\{51AE253D-B7D3-42bd-8E3E-D03BFB629AA7}" refers to invalid object "D:\Common\Bin\viFxShp.dll". Action Taken: No Action Taken.
152: Mon Aug 22 15:49:07 2005 => Entry "HKCR\CLSID\{51E0D33F-4DDB-4AAE-95D3-403F9D89B706}" refers to invalid object "D:\Common\Bin\pbMvEnc.ocx". Action Taken: No Action Taken.
153: Mon Aug 22 15:49:07 2005 => Entry "HKCR\CLSID\{5204E8B8-4657-4733-A6EB-00AA006BA2BA}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfxpfx3.dll". Action Taken: No Action Taken.
154: Mon Aug 22 15:49:07 2005 => Entry "HKCR\CLSID\{54F29261-79B1-11D0-AEBC-00A0C9053912}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfppack1.dll". Action Taken: No Action Taken.
155: Mon Aug 22 15:49:08 2005 => Entry "HKCR\CLSID\{55F12E61-43B7-416F-A407-FBE8D4B4F993}" refers to invalid object "D:\Common\Bin\pbPlyr.ocx". Action Taken: No Action Taken.
156: Mon Aug 22 15:49:08 2005 => Entry "HKCR\CLSID\{5607BC58-6883-419B-89BF-D63720230A80}" refers to invalid object "D:\Common\Bin\pbViFx.ocx". Action Taken: No Action Taken.
157: Mon Aug 22 15:49:08 2005 => Entry "HKCR\CLSID\{5690C5E1-7274-11d1-9377-0060979C8AB8}" refers to invalid object "d:\digital kamera\ZoomBrowser EX\Program\OPExport.dll". Action Taken: No Action Taken.
158: Mon Aug 22 15:49:08 2005 => Entry "HKCR\CLSID\{5cca9167-ffba-4a45-b9f9-dceb088f5a41}" refers to invalid object "D:\Common\Bin\moveft21.dll". Action Taken: No Action Taken.
159: Mon Aug 22 15:49:08 2005 => Entry "HKCR\CLSID\{5FF5B4A1-858F-11D0-AEBC-00A0C9053912}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfppack1.dll". Action Taken: No Action Taken.
160: Mon Aug 22 15:49:08 2005 => Entry "HKCR\CLSID\{607682E0-6E21-11D0-AEBC-00A0C9053912}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfppack1.dll". Action Taken: No Action Taken.
161: Mon Aug 22 15:49:08 2005 => Entry "HKCR\CLSID\{607682E1-6E21-11D0-AEBC-00A0C9053912}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfppack1.dll". Action Taken: No Action Taken.
162: Mon Aug 22 15:49:09 2005 => Entry "HKCR\CLSID\{60E68EF8-4B48-4233-8203-846FA84C9E5E}" refers to invalid object "D:\Common\Bin\pbDsp.ocx". Action Taken: No Action Taken.
163: Mon Aug 22 15:49:09 2005 => Entry "HKCR\CLSID\{63CCB35F-4B6C-11D2-BA18-00A024BF101B}" refers to invalid object "d:\digital kamera\PhotoRecord\OpPrintCom\OpPrintCom.dll". Action Taken: No Action Taken.
164: Mon Aug 22 15:49:09 2005 => Entry "HKCR\CLSID\{648B1544-88E3-463B-9DD6-2345CFF9F4BE}" refers to invalid object "D:\Common\Bin\pbAuMde.ocx". Action Taken: No Action Taken.
165: Mon Aug 22 15:49:09 2005 => Entry "HKCR\CLSID\{64B477CE-A677-11d7-A773-00C04F68F44E}" refers to invalid object "D:\Downloads\Sony Sound\File Formats\MCMPEG\mcplug.dll". Action Taken: No Action Taken.
166: Mon Aug 22 15:49:09 2005 => Entry "HKCR\CLSID\{65233F47-144C-4F6E-8EFD-EC064A04EDDC}" refers to invalid object "D:\Common\Bin\pbPlyr.ocx". Action Taken: No Action Taken.
167: Mon Aug 22 15:49:09 2005 => Entry "HKCR\CLSID\{65A0ED34-90A1-46F6-99B7-00AA006BA2BA}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfxpfx3.dll". Action Taken: No Action Taken.
168: Mon Aug 22 15:49:10 2005 => Entry "HKCR\CLSID\{7298A3E1-78EE-11D0-AEBC-00A0C9053912}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfppack1.dll". Action Taken: No Action Taken.
169: Mon Aug 22 15:49:11 2005 => Entry "HKCR\CLSID\{76BC2A8B-80D2-4665-8C6C-C3A2C2B432F3}" refers to invalid object "D:\Downloads\Sony Sound\OpcPcmImporter.dll". Action Taken: No Action Taken.
170: Mon Aug 22 15:49:11 2005 => Entry "HKCR\CLSID\{76C10F20-8005-11D0-9DD3-00AA006BA2BA}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfmirror.dll". Action Taken: No Action Taken.
171: Mon Aug 22 15:49:11 2005 => Entry "HKCR\CLSID\{7B4A01AF-0D90-40C6-AADD-F88DDF8372D8}" refers to invalid object "D:\Common\Bin\pbAuFx.ocx". Action Taken: No Action Taken.
172: Mon Aug 22 15:49:12 2005 => Entry "HKCR\CLSID\{7DB1E756-9860-40C7-82ED-E9B4918C1801}" refers to invalid object "D:\Common\Bin\ImgComp.dll". Action Taken: No Action Taken.
173: Mon Aug 22 15:49:12 2005 => Entry "HKCR\CLSID\{812B2A32-A677-11d7-A773-00C04F68F44E}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfxpfx1.dll". Action Taken: No Action Taken.
174: Mon Aug 22 15:49:12 2005 => Entry "HKCR\CLSID\{838B1543-9434-4b2e-B0C3-EE9D73E78884}" refers to invalid object "D:\Common\Bin\viFxNstg.dll". Action Taken: No Action Taken.
175: Mon Aug 22 15:49:12 2005 => Entry "HKCR\CLSID\{86A2B014-420B-432b-8E05-FEB9C1DC756D}" refers to invalid object "D:\Common\Bin\DownmixDMO.dll". Action Taken: No Action Taken.
176: Mon Aug 22 15:49:13 2005 => Entry "HKCR\CLSID\{87FF3E97-AD64-4363-88C1-D28521C362F1}" refers to invalid object "D:\Downloads\Sony Sound\sffrgpnv.dll". Action Taken: No Action Taken.
177: Mon Aug 22 15:49:13 2005 => Entry "HKCR\CLSID\{8B7226EE-4584-11D1-B4CB-00A0C9270A10}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfppack2.dll". Action Taken: No Action Taken.
178: Mon Aug 22 15:49:13 2005 => Entry "HKCR\CLSID\{8B7227EE-4584-11D1-B4CB-00A0C9270A10}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfppack2.dll". Action Taken: No Action Taken.
179: Mon Aug 22 15:49:13 2005 => Entry "HKCR\CLSID\{8B7228EE-4584-11D1-B4CB-00A0C9270A10}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfppack2.dll". Action Taken: No Action Taken.
180: Mon Aug 22 15:49:13 2005 => Entry "HKCR\CLSID\{8B7229EE-4584-11D1-B4CB-00A0C9270A10}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfppack2.dll". Action Taken: No Action Taken.
181: Mon Aug 22 15:49:13 2005 => Entry "HKCR\CLSID\{8FF88D21-7BD0-11D1-BFB7-00AA00262A11}" refers to invalid object "D:\Programme\Anti leech-plugin für bockwurst-dateien\WIN ace\arcext.dll". Action Taken: No Action Taken.
182: Mon Aug 22 15:49:13 2005 => Entry "HKCR\CLSID\{8FF88D23-7BD0-11D1-BFB7-00AA00262A11}" refers to invalid object "D:\Programme\Anti leech-plugin für bockwurst-dateien\WIN ace\arcext.dll". Action Taken: No Action Taken.
183: Mon Aug 22 15:49:13 2005 => Entry "HKCR\CLSID\{8FF88D25-7BD0-11D1-BFB7-00AA00262A11}" refers to invalid object "D:\Programme\Anti leech-plugin für bockwurst-dateien\WIN ace\arcext.dll". Action Taken: No Action Taken.
184: Mon Aug 22 15:49:13 2005 => Entry "HKCR\CLSID\{8FF88D27-7BD0-11D1-BFB7-00AA00262A11}" refers to invalid object "D:\Programme\Anti leech-plugin für bockwurst-dateien\WIN ace\arcext.dll". Action Taken: No Action Taken.
185: Mon Aug 22 15:49:13 2005 => Entry "HKCR\CLSID\{9023C60A-5476-4e6c-B62C-FFDFA1A81F8F}" refers to invalid object "D:\Common\Bin\viFxNeg.dll". Action Taken: No Action Taken.
186: Mon Aug 22 15:49:13 2005 => Entry "HKCR\CLSID\{90556284-8CB2-4e9f-AA8D-FDF927091160}" refers to invalid object "D:\Common\Bin\Sharpness.dll". Action Taken: No Action Taken.
187: Mon Aug 22 15:49:14 2005 => Entry "HKCR\CLSID\{9B7B332D-1E71-402F-A97F-80AAD5D50F8C}" refers to invalid object "D:\Common\Bin\pbAuFx.ocx". Action Taken: No Action Taken.
188: Mon Aug 22 15:49:14 2005 => Entry "HKCR\CLSID\{9E3E4540-8339-11D0-AEBC-00A0C9053912}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfppack3.dll". Action Taken: No Action Taken.
189: Mon Aug 22 15:49:14 2005 => Entry "HKCR\CLSID\{9E3E4541-8339-11D0-AEBC-00A0C9053912}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfppack3.dll". Action Taken: No Action Taken.
190: Mon Aug 22 15:49:15 2005 => Entry "HKCR\CLSID\{9EFBF860-5685-11D3-AA3D-00C04F4C5275}" refers to invalid object "cdooff.dll". Action Taken: No Action Taken.
191: Mon Aug 22 15:49:15 2005 => Entry "HKCR\CLSID\{9FA270F4-C4E8-4CED-B46D-8209B1E7EC6A}" refers to invalid object "D:\Common\Bin\pbMvEnc.ocx". Action Taken: No Action Taken.
192: Mon Aug 22 15:49:15 2005 => Entry "HKCR\CLSID\{A0C23516-A677-11d7-A773-00C04F68F44E}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfppack1.dll". Action Taken: No Action Taken.
193: Mon Aug 22 15:49:15 2005 => Entry "HKCR\CLSID\{A395D072-7929-47AD-AE44-1D9AD7003D82}" refers to invalid object "D:\Common\Bin\pbAuCnt.ocx". Action Taken: No Action Taken.
194: Mon Aug 22 15:49:15 2005 => Entry "HKCR\CLSID\{A6DF8F41-BAF4-11D0-AEBC-00A0C9053912}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfppack2.dll". Action Taken: No Action Taken.
195: Mon Aug 22 15:49:15 2005 => Entry "HKCR\CLSID\{a7cda720-84ee-11d0-b5c0-00001b3ca278}" refers to invalid object "D:\Downloads\XP Anti Spy 3.61\AntiVir\AVShlExt.DLL". Action Taken: No Action Taken.
196: Mon Aug 22 15:49:15 2005 => Entry "HKCR\CLSID\{A8448720-96FD-11D0-AEBC-00A0C9053912}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfppack2.dll". Action Taken: No Action Taken.
197: Mon Aug 22 15:49:15 2005 => Entry "HKCR\CLSID\{A8448721-96FD-11D0-AEBC-00A0C9053912}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfppack2.dll". Action Taken: No Action Taken.
198: Mon Aug 22 15:49:16 2005 => Entry "HKCR\CLSID\{ACCFCD0A-C94C-41FF-9639-CC68000453AC}" refers to invalid object "D:\Common\Bin\pbLang.ocx". Action Taken: No Action Taken.
199: Mon Aug 22 15:49:17 2005 => Entry "HKCR\CLSID\{B8C9ACD7-8105-42f3-88AE-83015B00EEDC}" refers to invalid object "D:\Common\Bin\compand.dll". Action Taken: No Action Taken.
200: Mon Aug 22 15:49:17 2005 => Entry "HKCR\CLSID\{B97C0F22-196D-11D1-B99B-00A0C9053912}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfppack1.dll". Action Taken: No Action Taken.
201: Mon Aug 22 15:49:17 2005 => Entry "HKCR\CLSID\{B97C0F23-196D-11D1-B99B-00A0C9053912}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfppack2.dll". Action Taken: No Action Taken.
202: Mon Aug 22 15:49:17 2005 => Entry "HKCR\CLSID\{B97C0F24-196D-11D1-B99B-00A0C9053912}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfppack3.dll". Action Taken: No Action Taken.
203: Mon Aug 22 15:49:17 2005 => Entry "HKCR\CLSID\{BA97FC22-0F62-11D2-9887-00A0C969725B}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfxpfx2.dll". Action Taken: No Action Taken.
204: Mon Aug 22 15:49:17 2005 => Entry "HKCR\CLSID\{BA97FC26-0F62-11D2-9887-00A0C969725B}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfxpfx1.dll". Action Taken: No Action Taken.
205: Mon Aug 22 15:49:17 2005 => Entry "HKCR\CLSID\{BA97FC2A-0F62-11D2-9887-00A0C969725B}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfxpfx2.dll". Action Taken: No Action Taken.
206: Mon Aug 22 15:49:17 2005 => Entry "HKCR\CLSID\{BA97FC2E-0F62-11D2-9887-00A0C969725B}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfxpfx1.dll". Action Taken: No Action Taken.
207: Mon Aug 22 15:49:18 2005 => Entry "HKCR\CLSID\{BE70786C-3549-453D-81DC-BF5F6F75BC17}" refers to invalid object "D:\Common\Bin\pbNav.ocx". Action Taken: No Action Taken.
208: Mon Aug 22 15:49:18 2005 => Entry "HKCR\CLSID\{BEE26F7D-7064-4B6A-98D7-57D6AEA23415}" refers to invalid object "D:\Common\Bin\pbViWnd.ocx". Action Taken: No Action Taken.
209: Mon Aug 22 15:49:19 2005 => Entry "HKCR\CLSID\{C564C202-2B7B-4034-9131-D21585CC3B04}" refers to invalid object "D:\Common\Bin\pbAuMde.ocx". Action Taken: No Action Taken.
210: Mon Aug 22 15:49:19 2005 => Entry "HKCR\CLSID\{C7B5FB82-1031-11D2-9887-00A0C969725B}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfxpfx1.dll". Action Taken: No Action Taken.
211: Mon Aug 22 15:49:20 2005 => Entry "HKCR\CLSID\{CD5E2918-D0B6-4b12-9C35-CF8B64FCD137}" refers to invalid object "D:\Common\Bin\viFxPstr.dll". Action Taken: No Action Taken.
212: Mon Aug 22 15:49:20 2005 => Entry "HKCR\CLSID\{CF4E53C0-FD12-11D0-9DD3-00AA006BA2BA}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfmirror.dll". Action Taken: No Action Taken.
213: Mon Aug 22 15:49:21 2005 => Entry "HKCR\CLSID\{D616F3E0-D622-11CE-AAC5-0020AF0B99A3}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfppack2.dll". Action Taken: No Action Taken.
214: Mon Aug 22 15:49:21 2005 => Entry "HKCR\CLSID\{D616F3E1-D622-11CE-AAC5-0020AF0B99A3}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfppack2.dll". Action Taken: No Action Taken.
215: Mon Aug 22 15:49:21 2005 => Entry "HKCR\CLSID\{D6802BA0-A056-11D0-AEBC-00A0C9053912}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfppack3.dll". Action Taken: No Action Taken.
216: Mon Aug 22 15:49:21 2005 => Entry "HKCR\CLSID\{D6802BA1-A056-11D0-AEBC-00A0C9053912}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfppack3.dll". Action Taken: No Action Taken.
217: Mon Aug 22 15:49:21 2005 => Entry "HKCR\CLSID\{DD63AA46-715F-4B69-88E2-A12FC4A54D22}" refers to invalid object "D:\Common\Bin\pbWbBr.ocx". Action Taken: No Action Taken.
218: Mon Aug 22 15:49:22 2005 => Entry "HKCR\CLSID\{E2D7C794-D104-4B28-9FB3-00AA006BA2BA}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfxpfx3.dll". Action Taken: No Action Taken.
219: Mon Aug 22 15:49:22 2005 => Entry "HKCR\CLSID\{E70F0382-64B1-44C0-8F7C-00AA006BA2BA}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfxpfx3.dll". Action Taken: No Action Taken.
220: Mon Aug 22 15:49:22 2005 => Entry "HKCR\CLSID\{E9442F8B-32D6-49DF-8CFF-C4B9F6D28D10}" refers to invalid object "D:\Common\Bin\pbClr.ocx". Action Taken: No Action Taken.
221: Mon Aug 22 15:49:23 2005 => Entry "HKCR\CLSID\{EB6213DB-08FF-4510-9F8D-3058B0ECE4C6}" refers to invalid object "D:\Downloads\Sony Sound\sffrgpnv.dll". Action Taken: No Action Taken.
222: Mon Aug 22 15:49:23 2005 => Entry "HKCR\CLSID\{ED1B4100-93BE-11D0-AEBC-00A0C9053912}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfppack1.dll". Action Taken: No Action Taken.
223: Mon Aug 22 15:49:23 2005 => Entry "HKCR\CLSID\{ED1B4101-93BE-11D0-AEBC-00A0C9053912}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfppack1.dll". Action Taken: No Action Taken.
224: Mon Aug 22 15:49:23 2005 => Entry "HKCR\CLSID\{EE38CA88-D78E-4BFB-B05E-577892730C83}" refers to invalid object "D:\Downloads\Sony Sound\sffrgpnv.dll". Action Taken: No Action Taken.
225: Mon Aug 22 15:49:23 2005 => Entry "HKCR\CLSID\{F09F6980-7845-11D0-AEBC-00A0C9053912}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfppack3.dll". Action Taken: No Action Taken.
226: Mon Aug 22 15:49:23 2005 => Entry "HKCR\CLSID\{F09F6981-7845-11D0-AEBC-00A0C9053912}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfppack3.dll". Action Taken: No Action Taken.
227: Mon Aug 22 15:49:24 2005 => Entry "HKCR\CLSID\{F3B8E880-B4E0-11D0-AEBC-00A0C9053912}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfppack2.dll". Action Taken: No Action Taken.
228: Mon Aug 22 15:49:24 2005 => Entry "HKCR\CLSID\{F3B8E881-B4E0-11D0-AEBC-00A0C9053912}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfppack2.dll". Action Taken: No Action Taken.
229: Mon Aug 22 15:49:24 2005 => Entry "HKCR\CLSID\{F59DD74A-14E1-11D2-B3B2-00A0C90642CC}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfxpfx1.dll". Action Taken: No Action Taken.
230: Mon Aug 22 15:49:24 2005 => Entry "HKCR\CLSID\{F5DFB433-F303-4e1b-B501-B2D8DF2367F2}" refers to invalid object "D:\Common\Bin\viFxRfn.dll". Action Taken: No Action Taken.
231: Mon Aug 22 15:49:25 2005 => Entry "HKCR\CLSID\{FDB0D300-6F82-11D0-AEBC-00A0C9053912}" refers to invalid object "D:\Downloads\Sony Sound\Audio\sfppack3.dll". Action Taken: No Action Taken.
232: Mon Aug 22 15:49:25 2005 => Entry "HKCR\CLSID\{FF33744B-89E5-4139-8ECC-295E31165FC7}" refers to invalid object "D:\Common\Bin\pbWbBr.ocx". Action Taken: No Action Taken.
233: Mon Aug 22 15:49:25 2005 => Entry "HKCR\CLSID\{FF4D957D-4263-411e-AA4D-819E71BE4BDA}" refers to invalid object "D:\Common\Bin\Sharpness.dll". Action Taken: No Action Taken.
234: Mon Aug 22 15:56:23 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\Advertisingcom.zip is Not Scanned
235: Mon Aug 22 15:56:23 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\Advertisingcom1.zip is Not Scanned
236: Mon Aug 22 15:56:23 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\Advertisingcom2.zip is Not Scanned
237: Mon Aug 22 15:56:23 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\Advertisingcom3.zip is Not Scanned
238: Mon Aug 22 15:56:23 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\AvenueAInc.zip is Not Scanned
239: Mon Aug 22 15:56:24 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\AvenueAInc1.zip is Not Scanned
240: Mon Aug 22 15:56:24 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\BFast.zip is Not Scanned
241: Mon Aug 22 15:56:24 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\BFast1.zip is Not Scanned
242: Mon Aug 22 15:56:24 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\CommissionJunction.zip is Not Scanned
243: Mon Aug 22 15:56:24 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\CommissionJunction1.zip is Not Scanned
244: Mon Aug 22 15:56:24 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\CommissionJunction2.zip is Not Scanned
245: Mon Aug 22 15:56:24 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\CommissionJunction3.zip is Not Scanned
246: Mon Aug 22 15:56:24 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\CommissionJunction4.zip is Not Scanned
247: Mon Aug 22 15:56:24 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\CoreMetrics.zip is Not Scanned
248: Mon Aug 22 15:56:24 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\CoreMetrics1.zip is Not Scanned
249: Mon Aug 22 15:56:25 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\DoubleClick.zip is Not Scanned
250: Mon Aug 22 15:56:25 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\DoubleClick1.zip is Not Scanned
251: Mon Aug 22 15:56:25 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\DoubleClick2.zip is Not Scanned
252: Mon Aug 22 15:56:25 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\DoubleClick3.zip is Not Scanned
253: Mon Aug 22 15:56:25 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\FastClick.zip is Not Scanned
254: Mon Aug 22 15:56:25 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\Gator.zip is Not Scanned
255: Mon Aug 22 15:56:25 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\Gator1.zip is Not Scanned
256: Mon Aug 22 15:56:25 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\HitBox.zip is Not Scanned
257: Mon Aug 22 15:56:25 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\HitBox1.zip is Not Scanned
258: Mon Aug 22 15:56:25 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\HitBox2.zip is Not Scanned
259: Mon Aug 22 15:56:25 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\HitBox3.zip is Not Scanned
260: Mon Aug 22 15:56:26 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\HitBox4.zip is Not Scanned
261: Mon Aug 22 15:56:26 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\HitsLink.zip is Not Scanned
262: Mon Aug 22 15:56:26 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\LinkSynergy.zip is Not Scanned
263: Mon Aug 22 15:56:26 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\MainPean.zip is Not Scanned
264: Mon Aug 22 15:56:26 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\MediaPlex.zip is Not Scanned
265: Mon Aug 22 15:56:26 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\MediaPlex1.zip is Not Scanned
266: Mon Aug 22 15:56:26 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\MediaPlex2.zip is Not Scanned
267: Mon Aug 22 15:56:26 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\MediaPlex3.zip is Not Scanned
268: Mon Aug 22 15:56:26 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\ValueClick.zip is Not Scanned
269: Mon Aug 22 15:56:26 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\ValueClick1.zip is Not Scanned
270: Mon Aug 22 15:56:26 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\ValueClick2.zip is Not Scanned
271: Mon Aug 22 15:56:27 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\ValueClick3.zip is Not Scanned
272: Mon Aug 22 15:56:27 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\ValueClick4.zip is Not Scanned
273: Mon Aug 22 17:34:46 2005 => Result: ERROR!!! File C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\i2mtag????.PNF: Scanning Failure!!!
274: Mon Aug 22 17:34:46 2005 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\i2mtag????.PNF
275: Mon Aug 22 17:47:51 2005 => Result: ERROR!!! File J:\Programme für Viren\Mc Afee Virus Scan 2004\mc.scan.8.part01.rar is Not Scanned

--------------------------------------------------
-------- DATEIEN ZUM LÖSCHEN HINZUGEFÜGT ---------
--------------------------------------------------

1: C:\DOKUME~1\ANDREA~1\LOKALE~1\Temp\ofrshspp.exe => Trojan-Downloader.Win32.Swizzor.co
2: C:\Dokumente und Einstellungen\Andreas Reinecke\Lokale Einstellungen\Temp\ofrshspp.exe => Trojan-Downloader.Win32.Swizzor.co
3: C:\RECYCLER\S-1-5-21-1844237615-1390067357-725345543-1004\Dc1.exe => Trojan-Downloader.Win32.Swizzor.co
4: C:\RECYCLER\S-1-5-21-1844237615-1390067357-725345543-1004\Dc2.exe => Trojan-Downloader.Win32.Swizzor.ds
5: C:\RECYCLER\S-1-5-21-1844237615-1390067357-725345543-1004\Dc3.exe => Trojan-Downloader.Win32.Swizzor.bo
6: C:\RECYCLER\S-1-5-21-1844237615-1390067357-725345543-1004\Dc5.exe => Trojan-Downloader.Win32.Swizzor.ds
7: C:\RECYCLER\S-1-5-21-1844237615-1390067357-725345543-1004\Dc6.exe => Trojan-Downloader.Win32.Swizzor.cb
8: C:\System Volume Information\_restore{47BE4FCB-C96F-425E-8938-B44012F140FC}\RP1066\A0561027.exe => Trojan-Downloader.Win32.Swizzor.co
9: C:\System Volume Information\_restore{47BE4FCB-C96F-425E-8938-B44012F140FC}\RP1066\A0561028.exe => Trojan-Downloader.Win32.Swizzor.bo
10: C:\System Volume Information\_restore{47BE4FCB-C96F-425E-8938-B44012F140FC}\RP1066\A0561029.exe => Trojan-Downloader.Win32.Swizzor.cb
11: C:\System Volume Information\_restore{47BE4FCB-C96F-425E-8938-B44012F140FC}\RP1067\A0561157.exe => Trojan-Downloader.Win32.Swizzor.co
12: J:\System Volume Information\_restore{47BE4FCB-C96F-425E-8938-B44012F140FC}\RP1064\A0560035.exe => Trojan-Downloader.Win32.Swizzor.do
13: J:\Programme\Divx neu 120805\DivX.Pro.v.6.0.patch-arteam.exe => Trojan-Downloader.Win32.IstBar.is
14: J:\Programme für Viren\hijackthis\backups\backup-20050822-103952-145.dll => Trojan-Downloader.Win32.Swizzor.bo

--------------------------------------------------
-------------------- Statistik -------------------
--------------------------------------------------

Mon Aug 22 17:51:32 2005 => Total Objects Scanned: 128502
Mon Aug 22 17:51:32 2005 => Total Virus(es) Found: 27
Mon Aug 22 17:51:32 2005 => Total Errors: 274
Mon Aug 22 17:51:32 2005 => Virus Database Date: 2005/08/22
Mon Aug 22 17:51:32 2005 => Virus Database Count: 145000
Mon Aug 22 18:10:05 2005 => Total Objects Scanned: 128502
Mon Aug 22 18:10:05 2005 => Total Virus(es) Found: 27
Mon Aug 22 18:10:05 2005 => Total Errors: 274

Ein sehr langer Bericht, ich hoffe Du kannst was damit anfangen.
Gearbeitet habe ich mit Escan im abgesicherten Modus.
Wie gesagt, danach habe ich erst die Systemwiederherstellung deaktiviert. Wozu ist das überhaupt gut?

Vorab schon einmal herzlichen Dank für Hilfe.

Ciao
Sinja

22.08.2005, 20:10

Gool

Member

Beiträge: 4730

Zitat

Ich habe dann zuerst mit escan gearbeitet anstatt die Systemwiederherstellung zu deaktivieren (s.o.deinen Beitrag).

Das macht gar nichts. Es sollte nur ausschließen, dass escan die Viren aus der Systemwiederherstllung mit aufführt, was jetzt zwar geschehen ist, aber die Dinger sind ja durch das Deaktivieren gelöscht worden.

Leere den Papierkorb!

Lösche im abgesicherten Modus:
C:\WINDOWS\iun6002.exe
C:\WINDOWS\remote.ini

C:\Dokumente und Einstellungen\Andreas Reinecke\Lokale Einstellungen\Temp\ofrshspp.exe
J:\Programme\Divx neu 120805\DivX.Pro.v.6.0.patch-arteam.exe
J:\Programme für Viren\hijackthis\backups\backup-20050822-103952-145.dll
C:\WINDOWS\routenplaner-online.com[rrm-10001,1,1].exe
C:\WINDOWS\Routenplanung[rlg-10448,1,s=25541cf7df5aea1341561e64ad643d3f].exe
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MfcdRegsByteHold\Meet Up.exe

Falls sich etwas nicht so löschen lässt, verwende das Programm Killbox. Aktiviere dort die Option "Delete on Reboot" und füge den jeweiligen Pfad in das Eingabefeld ein. Bestätige die Eingabe durch Klick auf das weiße Kreuz im roten Kreis. Die Frage, ob jetzt neugestartet werden soll, erst nach der letzten Datei mit Ja beantworten.

Ewido anwenden und das Ergebnis mitteilen.
__________
Dies ist eine Signatur! Persönlicher Service: Du kommst aus Berlin? Dann melde Dich per PN bei mir, evtl. können wir einen Termin vereinbaren.
Der Grabsteinschubser

22.08.2005, 22:52

Sabina

Ehrenmitglied

Beiträge: 29434

#7 Sinja

Start -- alle Programme -- Zubehör -- Editor und kopiere folgenden Text rein:

dir %Windir%\tasks /a h > files.txt
notepad files.txt

- Speichern als: findjobs.bat
- abspeichern unter : Dateityp: alle Dateien
- speichere auf dem Desktop
- Locate findjobs.bat-- doppelklick auf die bat-Datei , der Editor öffnet sich -- poste den Text
__________
MfG Sabina

rund um die PC-Sicherheit

25.08.2005, 19:11

Sinja

...neu hier

Themenstarter

Beiträge: 7

#8 Hallo @Managor,

den Papierkorb habe ich geleert und im abgesicherten Modus wurden

C:\Dokumente und Einstellungen\Andreas Reinecke\Lokale Einstellungen\Temp\ofrshspp.exe
J:\Programme\Divx neu 120805\DivX.Pro.v.6.0.patch-arteam.exe
J:\Programme für Viren\hijackthis\backups\backup-20050822-103952-145.dll
C:\WINDOWS\routenplaner-online.com[rrm-10001,1,1].exe
C:\WINDOWS\Routenplanung[rlg-10448,1,s=25541cf7df5aea1341561e64ad643d3f].exe
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MfcdRegsByteHold\Meet Up.exe

die o.g. Daten von mir problemlos eliminiert.

Nach dem Scannen mit ewido erhielt ich folgendes Ergebnis:

ewido security suite - Scan Report
---------------------------------------------------------

+ Erstellt am: 06:58:01, 25.08.2005
+ Report-Checksumme: 7C359B2A

+ Scanergebnis:

HKLM\SOFTWARE\IntexusDial -> Dialer.Generic : Gesäubert mit Backup
C:\Dokumente und Einstellungen\Andreas Reinecke\Cookies\andreas reinecke@adtech[2].txt -> Spyware.Cookie.Adtech : Gesäubert mit Backup
C:\Dokumente und Einstellungen\Andreas Reinecke\Cookies\andreas reinecke@as1.falkag[1].txt -> Spyware.Cookie.Falkag : Gesäubert mit Backup
C:\Dokumente und Einstellungen\Andreas Reinecke\Cookies\andreas reinecke@atdmt[1].txt -> Spyware.Cookie.Atdmt : Gesäubert mit Backup
C:\Dokumente und Einstellungen\Andreas Reinecke\Cookies\andreas reinecke@ivwbox[1].txt -> Spyware.Cookie.Ivwbox : Gesäubert mit Backup
C:\Dokumente und Einstellungen\Andreas Reinecke\Cookies\andreas reinecke@mediaplex[1].txt -> Spyware.Cookie.Mediaplex : Gesäubert mit Backup
C:\Dokumente und Einstellungen\Andreas Reinecke\Cookies\andreas reinecke@tradedoubler[2].txt -> Spyware.Cookie.Tradedoubler : Gesäubert mit Backup
C:\WINDOWS\system32\MMRTKRNL.EXE -> Backdoor.Delf.ach : Gesäubert mit Backup

::Report Ende

Grüß Dich @Sabina,

deine Aufgabe hat mir am meisten Schwierigkeiten bereitet.

Start -- alle Programme -- Zubehör -- Editor und kopiere folgenden Text rein:

dir %Windir%\tasks /a h > files.txt
notepad files.txt

Bis dahin war es für mich klar.

Mit den nächsten Schritten hatte ich dann Probleme, daher poste ich die mal:

Datei -- Speichern -- Symbol Desktop -- unten Dateiname findjobs.bat
eingefügt -- Dateityp: alle Dateien

dann auf dem Desktop abgespeichert.

Ich weiß zwar nicht ob das die richtigen Schritte waren, aber hier
ist dann das Protokoll:

Datentr„ger in Laufwerk C: ist WINXP
Volumeseriennummer: D8D1-0BCC

Verzeichnis von C:\WINDOWS\tasks

18.08.2005 13:50 <DIR> .
18.08.2005 13:50 <DIR> ..
12.08.2005 18:16 414 1-Klick-Wartung.job
24.08.2005 23:00 290 DA6035E898D800B8.job
18.08.2001 14:00 65 desktop.ini
25.08.2005 16:37 6 SA.DAT
05.08.2005 16:00 430 {010550FC-0EAB-43E4-B9B2-A45E42D93406}_ANDI-3B85JQ75N5_Andreas Reinecke.job
18.08.2005 16:00 430 {7E1CA190-2B61-41C9-A98B-9EFCAF81FDA1}_ANDI-3B85JQ75N5_Andreas Reinecke.job
18.08.2005 09:00 430 {E9EA8E38-F9CE-4F26-9950-334FBA9384A7}_ANDI-3B85JQ75N5_Andreas Reinecke.job
7 Datei(en) 2.065 Bytes

Verzeichnis von C:\Dokumente und Einstellungen\Andreas Reinecke\Desktop

Ob das alles richtig war - kann ich sagen -, da sich mir die Augabe nicht erschließt.

Trotzdem, herzlichen Dank nochmal (auch wenn ich mich wiederhole) an Euch
beiden.

Ciao
Sinja

[/b]

25.08.2005, 23:30

Sabina

Ehrenmitglied

Beiträge: 29434

#9 Hallo@Sinja

Start -- alle Programme -- Zubehör -- Editor und kopiere folgenden Text rein:

%systemdrive%
cd C:\WINDOWS\Tasks
attrib -r -s -h DA6035E898D800B8.job
del DA6035E898D800B8.job

- Speichern als: remjob.bat
- abspeichern unter : Dateityp: alle Dateien
- speichere auf dem Desktop
- Locate remjob.bat-- doppelklick auf die bat-Datei , der Editor öffnet sich kurz ist normal

arbeite das bitte ab und poste alles mit der jeweiligen pfadangabe

http://virus-protect.org/datfindbat.html
__________
MfG Sabina

rund um die PC-Sicherheit

Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!

Folgende Themen könnten Dich auch interessieren:

Seite(n): 1