Home » Viren, Trojaner & Malware Forum » pc sehr langsam, WinFixer,WinAntiVirus Pro 2006, Trojans, logs auch dabei » Themenansicht
pc sehr langsam, WinFixer,WinAntiVirus Pro 2006, Trojans, logs auch dabei |
||
|---|---|---|
| #0
| ||
|
11.09.2006, 16:31
Member
Beiträge: 11 |
||
 
|
|
|
|
12.09.2006, 14:03
Ehrenmitglied
 Beiträge: 29434 |
#2
avenger
http://virus-protect.org/artikel/tools/avenger.html kopiere rein Zitat registry keys to delete:Klicke die gruene Ampel das Script wird nun ausgeführt, dann wird der PC automatisch neustarten ** poste das log vom avenger, was erscheint ** Start - Programme - Zubehör - Systemprogramme - Datenträgerbereinigung - Click:Temporäre Internet Files/Temporäre Internet Dateien, o.k. - Click:Temporäre Dateien, o.k ** öffne das HijackThis -- Button "scan" -- vor Eintrag Häkchen setzen -- Button "Fix checked" -- PC neustarten Zitat O20 - AppInit_DLLs: "", svchost.dllPC neustarten ** virustotal Oben auf der Seite --> auf Durchsuchen klicken --> die Datei mit korrektem Pfad einkopieren) --> Doppelklick auf die zu prüfende Datei --> klick auf Submit... jetzt abwarten http://www.virustotal.com/flash/index_en.html C:\WINDOWS\system32\Drivers\CO_Mon.sys poste den report __________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
|
12.09.2006, 17:35
Member
Themenstarter Beiträge: 11 |
#3
hi, danke hier nochmal die neuen reports
Virustotal STATUS: QUEUED Your file "CO_Mon.sys" is queued in position: 29. Estimated start time is between 6 and 9 minutes. Antivirus Version Update Result Logfile of The Avenger version 1, by Swandog46 Running from registry key: \Registry\Machine\System\CurrentControlSet\Services\mrfnkggb ******************* Script file located at: \??\C:\Program Files\jbjecuuu.txt Script file opened successfully. Script file read successfully Backups directory opened successfully at C:\Avenger ******************* Beginning to process script file: File C:\WINDOWS\system32\llnmp.ini deleted successfully. File C:\WINDOWS\system32\skjwytpj.dll deleted successfully. File C:\WINDOWS\system32\llnmp.bak1 deleted successfully. File C:\WINDOWS\system32\dadcqcan.dll deleted successfully. File C:\WINDOWS\system32\mcrh.tmp deleted successfully. File C:\WINDOWS\system32\atnwbond.dll deleted successfully. File C:\WINDOWS\system32\oiyjknwi.dll deleted successfully. File C:\WINDOWS\system32\omdwkoqo.dll deleted successfully. File C:\WINDOWS\system32\lttchjyn.dll deleted successfully. File C:\WINDOWS\system32\erwpditm.dll deleted successfully. File C:\WINDOWS\system32\ioqofpom.dll deleted successfully. File C:\WINDOWS\system32\pppyrcrm.exe deleted successfully. File C:\WINDOWS\system32\rkrthmga.exe deleted successfully. File C:\WINDOWS\system32\ywvqfkvo.exe deleted successfully. File C:\WINDOWS\system32\pyeytrqk.exe deleted successfully. File C:\WINDOWS\Temp\sa118.exe not found! Deletion of file C:\WINDOWS\Temp\sa118.exe failed! Could not process line: C:\WINDOWS\Temp\sa118.exe Status: 0xc0000034 File C:\WINDOWS\Temp\winE6.tmp.exe not found! Deletion of file C:\WINDOWS\Temp\winE6.tmp.exe failed! Could not process line: C:\WINDOWS\Temp\winE6.tmp.exe Status: 0xc0000034 File C:\WINDOWS\system32\ssqpqpp.dll not found! Deletion of file C:\WINDOWS\system32\ssqpqpp.dll failed! Could not process line: C:\WINDOWS\system32\ssqpqpp.dll Status: 0xc0000034 File C:\WINDOWS\system32\urqnmkj.dll not found! Deletion of file C:\WINDOWS\system32\urqnmkj.dll failed! Could not process line: C:\WINDOWS\system32\urqnmkj.dll Status: 0xc0000034 File C:\WINDOWS\system32\xxywuur.dll not found! Deletion of file C:\WINDOWS\system32\xxywuur.dll failed! Could not process line: C:\WINDOWS\system32\xxywuur.dll Status: 0xc0000034 File C:\WINDOWS\Downloaded Program Files\UWA6P_0001_N91M1807NetInstaller.exe deleted successfully. File C:\WINDOWS\Downloaded Program Files\CONFLICT.9\UWA6P_0001_N91M1807NetInstaller.exe deleted successfully. File C:\WINDOWS\Downloaded Program Files\CONFLICT.8\UWA6P_0001_N91M1807NetInstaller.exe deleted successfully. File C:\WINDOWS\Downloaded Program Files\CONFLICT.7\UWA6P_0001_N91M1807NetInstaller.exe deleted successfully. File C:\WINDOWS\Downloaded Program Files\CONFLICT.6\UWA6P_0001_N91M1807NetInstaller.exe deleted successfully. File C:\WINDOWS\Downloaded Program Files\CONFLICT.5\UWA6P_0001_N91M1807NetInstaller.exe deleted successfully. File C:\WINDOWS\Downloaded Program Files\CONFLICT.4\UWA6P_0001_N91M1807NetInstaller.exe deleted successfully. Could not delete file C:\WINDOWS\Downloaded Program Files\CONFLICT.3\UWA6P_0001_N91M1807NetInstaller.exe Deletion of file C:\WINDOWS\Downloaded Program Files\CONFLICT.3\UWA6P_0001_N91M1807NetInstaller.exe failed! Could not process line: C:\WINDOWS\Downloaded Program Files\CONFLICT.3\UWA6P_0001_N91M1807NetInstaller.exe Status: 0xc0000035 File C:\WINDOWS\Downloaded Program Files\CONFLICT.2\UWA6P_0001_N91M1807NetInstaller.exe deleted successfully. File C:\WINDOWS\Downloaded Program Files\CONFLICT.13\UWA6P_0001_N91M1807NetInstaller.exe deleted successfully. File C:\WINDOWS\Downloaded Program Files\CONFLICT.12\UWA6P_0001_N91M1807NetInstaller.exe deleted successfully. File C:\WINDOWS\Downloaded Program Files\CONFLICT.11\UWA6P_0001_N91M1807NetInstaller.exe deleted successfully. File C:\WINDOWS\Downloaded Program Files\CONFLICT.10\UWA6P_0001_N91M1807NetInstaller.exe deleted successfully. File C:\WINDOWS\Downloaded Program Files\CONFLICT.1\UWA6P_0001_N91M1807NetInstaller.exe deleted successfully. Could not open file C:\Documents and Settings\DeyanPC\Local Settings\Temporary Internet Files\Content.IE5\YJSRWJ4L\WinAntiVirusPro2006FreeInstall[1].cab for deletion Deletion of file C:\Documents and Settings\DeyanPC\Local Settings\Temporary Internet Files\Content.IE5\YJSRWJ4L\WinAntiVirusPro2006FreeInstall[1].cab failed! Could not process line: C:\Documents and Settings\DeyanPC\Local Settings\Temporary Internet Files\Content.IE5\YJSRWJ4L\WinAntiVirusPro2006FreeInstall[1].cab Status: 0xc000003a Could not open file C:\Documents and Settings\DeyanPC\Local Settings\Temp\ICD2.tmp\UWA6P_0001_N91M1807NetInstaller.exe for deletion Deletion of file C:\Documents and Settings\DeyanPC\Local Settings\Temp\ICD2.tmp\UWA6P_0001_N91M1807NetInstaller.exe failed! Could not process line: C:\Documents and Settings\DeyanPC\Local Settings\Temp\ICD2.tmp\UWA6P_0001_N91M1807NetInstaller.exe Status: 0xc000003a Registry key HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\pmnll deleted successfully. Completed script processing. ******************* Finished! Terminate. |
|
|
|
|
|
|
13.09.2006, 00:19
Ehrenmitglied
Beiträge: 29434 |
#4
1.
loesche das backup vom avenger unter C:\Avenger\backup.zip 2. scanne und poste den scanreport http://virus-protect.org/cureit.html __________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
|
13.09.2006, 01:03
Member
Themenstarter Beiträge: 11 |
#5
hi, hier da log von DrWeb
Dr.Web(R) Scanner for Windows v4.33.2 (4.33.2.06080) Copyright (c) Igor Daniloff, 1992-2006 Log generated on: 2006-09-13, 00:47:40 [DEYAN][DeyanPC] Command-line: "C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\cureit.exe" /lng /ini:cureit_XP.ini Operating system:Windows XP Home Edition x86 (Build 2600), Service Pack 2 ============================================================================= Engine version: 4.33 (4.33.4.07270) Engine API version: 2.01 [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crwtoday.cdb - 306 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43352.cdb - 2016 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43351.cdb - 943 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43350.cdb - 1020 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43349.cdb - 1008 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43348.cdb - 1096 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43347.cdb - 707 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43346.cdb - 1429 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43345.cdb - 1358 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43344.cdb - 694 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43343.cdb - 1186 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43342.cdb - 744 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43341.cdb - 841 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43340.cdb - 822 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43339.cdb - 1071 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43338.cdb - 989 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43337.cdb - 855 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43336.cdb - 1297 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43335.cdb - 1195 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43334.cdb - 900 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43333.cdb - 1381 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43332.cdb - 1340 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43331.cdb - 2735 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43330.cdb - 2078 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43329.cdb - 2490 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43328.cdb - 743 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43327.cdb - 958 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43326.cdb - 793 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43325.cdb - 713 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43324.cdb - 655 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43323.cdb - 655 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43322.cdb - 778 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43321.cdb - 846 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43320.cdb - 808 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43319.cdb - 764 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43318.cdb - 838 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43317.cdb - 363 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43316.cdb - 730 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43315.cdb - 627 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43314.cdb - 824 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43313.cdb - 842 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43312.cdb - 830 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43311.cdb - 862 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43310.cdb - 853 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43309.cdb - 733 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43308.cdb - 708 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43307.cdb - 839 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43306.cdb - 930 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43305.cdb - 759 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43304.cdb - 721 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43303.cdb - 638 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43302.cdb - 806 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43301.cdb - 504 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43300.cdb - 24 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crwebase.cdb - 78674 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\cwrtoday.cdb - 232 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\cwr43301.cdb - 697 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crwrisky.cdb - 1271 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\cwntoday.cdb - 196 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\cwn43304.cdb - 793 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\cwn43303.cdb - 766 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\cwn43302.cdb - 850 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\cwn43301.cdb - 773 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crwnasty.cdb - 4867 virus records Total virus records: 140764 Key file: C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\cureit.key License key number: 0000000010 Registered to: Dr.Web CureIt Project License key activates: 2005-03-05 License key expires: 2007-03-05 ----------------------------------------------------------------------------- Scan statistics ----------------------------------------------------------------------------- Objects scanned: 0 Infected objects found: 0 Objects with modifications found: 0 Suspicious objects found: 0 Adware programs found: 0 Dialer programs found: 0 Joke programs found: 0 Riskware programs found: 0 Hacktool programs found: 0 Objects cured: 0 Objects deleted: 0 Objects renamed: 0 Objects moved: 0 Objects ignored: 0 Scan speed: 0 Kb/s Scan time: 00:00:00 ----------------------------------------------------------------------------- [Scan path] C:\WINDOWS\system32\smss.exe [Scan path] C:\WINDOWS\system32\csrss.exe [Scan path] C:\WINDOWS\system32\winlogon.exe [Scan path] C:\WINDOWS\system32\services.exe [Scan path] C:\WINDOWS\system32\lsass.exe [Scan path] C:\WINDOWS\system32\svchost.exe [Scan path] C:\WINDOWS\explorer.exe [Scan path] C:\WINDOWS\system32\spoolsv.exe [Scan path] C:\WINDOWS\System32\SCardSvr.exe [Scan path] C:\WINDOWS\system32\cisvc.exe [Scan path] C:\WINDOWS\System32\snmp.exe [Scan path] C:\WINDOWS\system32\wdfmgr.exe [Scan path] C:\WINDOWS\AGRSMMSG.exe [Scan path] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [Scan path] C:\WINDOWS\system32\igfxtray.exe [Scan path] C:\WINDOWS\system32\hkcmd.exe [Scan path] C:\Program Files\Java\jre1.5.0\bin\jusched.exe [Scan path] C:\WINDOWS\system32\rundll32.exe [Scan path] C:\Program Files\Common Files\Ulead Systems\DVD\USISrv.exe [Scan path] C:\Program Files\iTunes\iTunesHelper.exe [Scan path] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe [Scan path] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe [Scan path] C:\WINDOWS\system32\ctfmon.exe [Scan path] C:\Program Files\iPod\bin\iPodService.exe [Scan path] C:\WINDOWS\System32\Wbem\wmiprvse.exe [Scan path] C:\WINDOWS\system32\cidaemon.exe [Scan path] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\_start.exe [Scan path] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\cureit.exe [Scan path] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [Scan path] c:\windows\system32\ime\tintlgnt\tintsetp.exe [Scan path] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe [Scan path] c:\program files\analog devices\soundmax\smax4.exe [Scan path] C:\Program Files\HPQ\Default Settings\cpqset.exe [Scan path] c:\program files\hpq\quick launch buttons\eabservr.exe [Scan path] C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe [Scan path] C:\WINDOWS\system32\dla\tfswctrl.exe [Scan path] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe [Scan path] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe [Scan path] C:\WINDOWS\system32\bthprops.cpl [Scan path] C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe [Scan path] C:\Program Files\DTV\RemoteControl.exe [Scan path] C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [Scan path] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [Scan path] c:\progra~1\grisoft\avgfre~1\avgcc.exe [Scan path] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [Scan path] C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe [Scan path] c:\program files\nokia\nokia pc suite 6\launchapplication.exe [Scan path] c:\progra~1\grisoft\avgfre~1\avgw.exe [Scan path] C:\Documents and Settings\DeyanPC\Start Menu\Programs\Startup\desktop.ini [Scan path] C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe [Scan path] C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [Scan path] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini [Scan path] C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [Scan path] C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [Scan path] C:\Program Files\Microsoft Office\Office10\OSA.EXE [Scan path] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\MSWin.exe [Scan path] C:\WINDOWS\system32\mmsys.cpl [Scan path] C:\WINDOWS\system32\icmui.dll [Scan path] C:\WINDOWS\system32\rshx32.dll [Scan path] C:\WINDOWS\system32\docprop.dll [Scan path] C:\WINDOWS\system32\ntshrui.dll [Scan path] C:\WINDOWS\system32\themeui.dll [Scan path] C:\WINDOWS\system32\deskadp.dll [Scan path] C:\WINDOWS\system32\deskmon.dll [Scan path] C:\WINDOWS\system32\dssec.dll [Scan path] C:\WINDOWS\system32\SlayerXP.dll [Scan path] C:\WINDOWS\system32\shscrap.dll [Scan path] C:\WINDOWS\system32\diskcopy.dll [Scan path] C:\WINDOWS\system32\ntlanui2.dll [Scan path] C:\WINDOWS\system32\printui.dll [Scan path] C:\WINDOWS\system32\dskquoui.dll [Scan path] C:\WINDOWS\system32\syncui.dll [Scan path] C:\WINDOWS\system32\hticons.dll [Scan path] C:\WINDOWS\system32\fontext.dll [Scan path] C:\WINDOWS\system32\deskperf.dll [Scan path] C:\WINDOWS\system32\cryptext.dll [Scan path] C:\WINDOWS\system32\NETSHELL.dll [Scan path] C:\WINDOWS\system32\wiashext.dll [Scan path] C:\WINDOWS\system32\remotepg.dll [Scan path] C:\WINDOWS\system32\wshext.dll [Scan path] C:\Program Files\Common Files\System\Ole DB\oledb32.dll [Scan path] C:\WINDOWS\system32\mstask.dll [Scan path] C:\WINDOWS\system32\shdocvw.dll [Scan path] C:\WINDOWS\system32\wuaucpl.cpl [Scan path] C:\WINDOWS\system32\twext.dll [Scan path] C:\WINDOWS\system32\shmedia.dll [Scan path] C:\WINDOWS\system32\browseui.dll [Scan path] C:\WINDOWS\system32\sendmail.dll [Scan path] C:\WINDOWS\system32\occache.dll [Scan path] C:\WINDOWS\system32\webcheck.dll [Scan path] C:\WINDOWS\system32\appwiz.cpl [Scan path] C:\WINDOWS\system32\shimgvw.dll [Scan path] C:\WINDOWS\system32\netplwiz.dll [Scan path] C:\WINDOWS\system32\zipfldr.dll [Scan path] C:\WINDOWS\system32\cdfview.dll [Scan path] C:\WINDOWS\system32\extmgr.dll [Scan path] C:\WINDOWS\system32\msieftp.dll [Scan path] C:\WINDOWS\system32\docprop2.dll [Scan path] C:\WINDOWS\system32\dsquery.dll [Scan path] C:\WINDOWS\system32\dsuiext.dll [Scan path] C:\WINDOWS\system32\mydocs.dll [Scan path] C:\WINDOWS\System32\cscui.dll [Scan path] C:\WINDOWS\msagent\agentpsh.dll [Scan path] C:\WINDOWS\system32\dfsshlex.dll [Scan path] C:\WINDOWS\system32\photowiz.dll [Scan path] C:\WINDOWS\System32\mmcshext.dll [Scan path] C:\WINDOWS\system32\cabview.dll [Scan path] C:\Program Files\Outlook Express\wabfind.dll [Scan path] C:\WINDOWS\system32\wmpshell.dll [Scan path] C:\WINDOWS\system32\btneighborhood.dll [Scan path] C:\Program Files\Synaptics\SynTP\SynTPCpl.dll [Scan path] C:\Program Files\Sonic\RecordNow!\shlext.dll [Scan path] C:\WINDOWS\system32\dla\tfswshx.dll [Scan path] C:\WINDOWS\system32\Audiodev.dll [Scan path] C:\Program Files\Adobe\Acrobat 7.0\Acrobat Elements\ContextMenu.dll [Scan path] C:\Program Files\Common Files\Ulead Systems\DVD\USIShex.dll [Scan path] C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL [Scan path] C:\Program Files\Microsoft Office\Office10\msohev.dll [Scan path] C:\Program Files\WinRAR\rarext.dll [Scan path] C:\WINDOWS\system32\upnpui.dll [Scan path] C:\Program Files\Microsoft Office\Office10\OLKFSTUB.DLL [Scan path] C:\Program Files\iTunes\iTunesMiniPlayer.dll [Scan path] C:\PROGRA~1\Grisoft\AVGFRE~1\avgse.dll [Scan path] C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [Scan path] c:\program files\google\googletoolbar1.dll [Scan path] C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [Scan path] C:\WINDOWS\system32\pmnll.dll >C:\WINDOWS\system32\pmnll.dll infected with Trojan.Virtumod - will be cured after reboot [Scan path] C:\WINDOWS\system32\SHELL32.dll [Scan path] C:\WINDOWS\system32\stobject.dll [Scan path] C:\WINDOWS\system32\crypt32.dll [Scan path] C:\WINDOWS\system32\cryptnet.dll [Scan path] C:\WINDOWS\system32\cscdll.dll [Scan path] C:\WINDOWS\system32\igfxsrvc.dll [Scan path] C:\WINDOWS\system32\wlnotify.dll [Scan path] C:\WINDOWS\system32\sclgntfy.dll [Scan path] C:\WINDOWS\system32\WgaLogon.dll [Scan path] c:\windows\system32\svchost.exe [Scan path] C:\WINDOWS\system32\DRIVERS\ACPI.sys [Scan path] C:\WINDOWS\system32\DRIVERS\ACPIEC.sys [Scan path] C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [Scan path] C:\WINDOWS\system32\drivers\aeaudio.sys [Scan path] C:\WINDOWS\system32\drivers\aec.sys [Scan path] C:\WINDOWS\System32\drivers\afd.sys [Scan path] C:\WINDOWS\system32\DRIVERS\AGRSM.sys [Scan path] C:\WINDOWS\System32\alg.exe [Scan path] C:\WINDOWS\system32\DRIVERS\arp1394.sys [Scan path] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [Scan path] C:\WINDOWS\system32\DRIVERS\asyncmac.sys [Scan path] C:\WINDOWS\system32\DRIVERS\atapi.sys [Scan path] C:\WINDOWS\system32\DRIVERS\atmarpc.sys [Scan path] C:\WINDOWS\system32\DRIVERS\audstub.sys [Scan path] C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe [Scan path] C:\WINDOWS\System32\Drivers\avg7core.sys [Scan path] C:\WINDOWS\System32\Drivers\avg7rsw.sys [Scan path] C:\WINDOWS\System32\Drivers\avg7rsxp.sys [Scan path] C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe [Scan path] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe [Scan path] C:\WINDOWS\System32\Drivers\avgtdi.sys [Scan path] C:\WINDOWS\system32\DRIVERS\b57xp32.sys [Scan path] C:\WINDOWS\system32\DRIVERS\BthEnum.sys [Scan path] C:\WINDOWS\system32\DRIVERS\bthpan.sys [Scan path] C:\WINDOWS\System32\Drivers\BTHport.sys [Scan path] C:\WINDOWS\System32\Drivers\BTHUSB.sys [Scan path] C:\WINDOWS\system32\DRIVERS\btkrnl.sys [Scan path] C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [Scan path] C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [Scan path] C:\WINDOWS\system32\DRIVERS\cdrom.sys [Scan path] C:\WINDOWS\system32\clipsrv.exe [Scan path] C:\WINDOWS\System32\Drivers\ClntMgmt.sys [Scan path] C:\WINDOWS\system32\DRIVERS\CmBatt.sys [Scan path] C:\WINDOWS\system32\DRIVERS\compbatt.sys [Scan path] c:\windows\system32\dllhost.exe [Scan path] C:\WINDOWS\system32\Drivers\CO_Mon.sys [Scan path] C:\WINDOWS\system32\DRIVERS\disk.sys [Scan path] c:\windows\system32\dmadmin.exe [Scan path] C:\WINDOWS\System32\drivers\dmboot.sys [Scan path] C:\WINDOWS\System32\drivers\dmio.sys [Scan path] C:\WINDOWS\System32\drivers\dmload.sys [Scan path] C:\WINDOWS\system32\drivers\DMusic.sys [Scan path] C:\WINDOWS\system32\drivers\drmkaud.sys [Scan path] C:\WINDOWS\system32\drivers\drvmcdb.sys [Scan path] C:\WINDOWS\system32\drivers\drvnddm.sys [Scan path] C:\WINDOWS\system32\drivers\EABFiltr.sys [Scan path] C:\WINDOWS\system32\drivers\eabusb.sys [Scan path] C:\WINDOWS\system32\fxssvc.exe [Scan path] C:\WINDOWS\system32\DRIVERS\fltMgr.sys [Scan path] C:\WINDOWS\system32\DRIVERS\ftdisk.sys [Scan path] C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [Scan path] C:\WINDOWS\system32\DRIVERS\msgpc.sys [Scan path] C:\WINDOWS\system32\DRIVERS\gtipci21.sys [Scan path] C:\WINDOWS\system32\DRIVERS\hidusb.sys [Scan path] C:\Program Files\HPQ\Shared\hpqwmi.exe [Scan path] C:\WINDOWS\system32\DRIVERS\HPZid412.sys [Scan path] C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [Scan path] C:\WINDOWS\system32\DRIVERS\HPZius12.sys [Scan path] C:\WINDOWS\System32\Drivers\HTTP.sys [Scan path] C:\WINDOWS\system32\DRIVERS\i8042prt.sys [Scan path] C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [Scan path] C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [Scan path] C:\WINDOWS\system32\DRIVERS\imapi.sys [Scan path] C:\WINDOWS\system32\imapi.exe [Scan path] C:\WINDOWS\system32\DRIVERS\intelide.sys [Scan path] C:\WINDOWS\system32\DRIVERS\intelppm.sys [Scan path] C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys [Scan path] C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys [Scan path] C:\WINDOWS\system32\DRIVERS\ipinip.sys [Scan path] C:\WINDOWS\system32\DRIVERS\ipnat.sys [Scan path] C:\WINDOWS\system32\DRIVERS\ipsec.sys [Scan path] C:\WINDOWS\system32\DRIVERS\irda.sys [Scan path] C:\WINDOWS\system32\DRIVERS\irenum.sys [Scan path] C:\WINDOWS\system32\DRIVERS\isapnp.sys [Scan path] C:\WINDOWS\system32\DRIVERS\kbdclass.sys [Scan path] C:\WINDOWS\system32\drivers\kmixer.sys [Scan path] C:\WINDOWS\System32\Drivers\AVUSB_TX.sys [Scan path] C:\WINDOWS\system32\tcpsvcs.exe [Scan path] C:\WINDOWS\system32\drivers\Lvckap.sys [Scan path] C:\WINDOWS\System32\Drivers\LVEzLD06.sys [Scan path] C:\WINDOWS\system32\drivers\LVPrcMon.sys [Scan path] C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [Scan path] C:\WINDOWS\system32\mnmsrvc.exe [Scan path] C:\WINDOWS\system32\DRIVERS\mouclass.sys [Scan path] C:\WINDOWS\system32\DRIVERS\mouhid.sys [Scan path] C:\WINDOWS\system32\DRIVERS\MPE.sys [Scan path] C:\WINDOWS\system32\DRIVERS\mrxdav.sys [Scan path] C:\WINDOWS\system32\DRIVERS\mrxsmb.sys [Scan path] C:\WINDOWS\system32\msdtc.exe [Scan path] c:\windows\system32\msiexec.exe [Scan path] C:\WINDOWS\system32\drivers\MSKSSRV.sys [Scan path] C:\WINDOWS\system32\drivers\MSPCLOCK.sys [Scan path] C:\WINDOWS\system32\drivers\MSPQM.sys [Scan path] C:\WINDOWS\system32\DRIVERS\mssmbios.sys [Scan path] C:\WINDOWS\system32\drivers\MSTEE.sys [Scan path] C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [Scan path] C:\WINDOWS\system32\DRIVERS\NdisIP.sys [Scan path] C:\WINDOWS\system32\DRIVERS\ndistapi.sys [Scan path] C:\WINDOWS\system32\DRIVERS\ndisuio.sys [Scan path] C:\WINDOWS\system32\DRIVERS\ndiswan.sys [Scan path] C:\WINDOWS\system32\DRIVERS\netbios.sys [Scan path] C:\WINDOWS\system32\DRIVERS\netbt.sys [Scan path] C:\WINDOWS\system32\netdde.exe [Scan path] C:\WINDOWS\system32\DRIVERS\nic1394.sys [Scan path] C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys [Scan path] C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys [Scan path] C:\WINDOWS\system32\DRIVERS\ohci1394.sys [Scan path] C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [Scan path] C:\WINDOWS\system32\DRIVERS\parport.sys [Scan path] C:\WINDOWS\system32\DRIVERS\pci.sys [Scan path] C:\WINDOWS\system32\DRIVERS\pcmcia.sys [Scan path] C:\WINDOWS\system32\HPZipm12.exe [Scan path] C:\WINDOWS\system32\DRIVERS\raspptp.sys [Scan path] C:\WINDOWS\system32\DRIVERS\psched.sys [Scan path] C:\WINDOWS\system32\DRIVERS\ptilink.sys [Scan path] C:\WINDOWS\System32\Drivers\PxHelp20.sys [Scan path] C:\WINDOWS\system32\DRIVERS\rasacd.sys [Scan path] C:\WINDOWS\system32\DRIVERS\rasirda.sys [Scan path] C:\WINDOWS\system32\DRIVERS\rasl2tp.sys [Scan path] C:\WINDOWS\system32\DRIVERS\raspppoe.sys [Scan path] C:\WINDOWS\system32\DRIVERS\raspti.sys [Scan path] C:\WINDOWS\system32\DRIVERS\rdbss.sys [Scan path] C:\WINDOWS\System32\DRIVERS\RDPCDD.sys [Scan path] C:\WINDOWS\system32\sessmgr.exe [Scan path] C:\WINDOWS\system32\DRIVERS\redbook.sys [Scan path] C:\WINDOWS\system32\DRIVERS\rfcomm.sys [Scan path] C:\WINDOWS\system32\locator.exe [Scan path] C:\WINDOWS\system32\rsvp.exe [Scan path] C:\WINDOWS\system32\DRIVERS\sdbus.sys [Scan path] C:\WINDOWS\system32\DRIVERS\secdrv.sys [Scan path] C:\WINDOWS\system32\DRIVERS\serenum.sys [Scan path] C:\WINDOWS\system32\DRIVERS\Seri*hier nicht!*.sys [Scan path] C:\WINDOWS\system32\DRIVERS\SLIP.sys [Scan path] C:\WINDOWS\system32\DRIVERS\smcirda.sys [Scan path] C:\WINDOWS\system32\drivers\smwdm.sys [Scan path] C:\WINDOWS\System32\snmptrap.exe [Scan path] C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [Scan path] C:\WINDOWS\system32\drivers\splitter.sys [Scan path] C:\WINDOWS\system32\DRIVERS\sr.sys [Scan path] C:\WINDOWS\system32\ZoneLabs\srescan.sys [Scan path] C:\WINDOWS\system32\DRIVERS\srv.sys [Scan path] C:\WINDOWS\system32\drivers\sscdbhk5.sys [Scan path] C:\WINDOWS\system32\drivers\ssrtln.sys [Scan path] C:\WINDOWS\system32\DRIVERS\StreamIP.sys [Scan path] C:\WINDOWS\system32\DRIVERS\swenum.sys [Scan path] C:\WINDOWS\system32\drivers\swmidi.sys [Scan path] C:\WINDOWS\system32\DRIVERS\SynTP.sys [Scan path] C:\WINDOWS\system32\drivers\sysaudio.sys [Scan path] C:\WINDOWS\system32\smlogsvc.exe [Scan path] C:\WINDOWS\system32\DRIVERS\tcpip.sys [Scan path] C:\WINDOWS\system32\DRIVERS\tcpip6.sys [Scan path] C:\WINDOWS\system32\DRIVERS\termdd.sys [Scan path] C:\WINDOWS\system32\dla\tfsnboio.sys [Scan path] C:\WINDOWS\system32\dla\tfsncofs.sys [Scan path] C:\WINDOWS\system32\dla\tfsndrct.sys [Scan path] C:\WINDOWS\system32\dla\tfsndres.sys [Scan path] C:\WINDOWS\system32\dla\tfsnifs.sys [Scan path] C:\WINDOWS\system32\dla\tfsnopio.sys [Scan path] C:\WINDOWS\system32\dla\tfsnpool.sys [Scan path] C:\WINDOWS\system32\dla\tfsnudf.sys [Scan path] C:\WINDOWS\system32\dla\tfsnudfa.sys [Scan path] C:\WINDOWS\system32\drivers\tifm21.sys [Scan path] C:\WINDOWS\system32\DRIVERS\tunmp.sys [Scan path] C:\WINDOWS\System32\Drivers\ULCDRHlp.sys [Scan path] C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [Scan path] C:\WINDOWS\system32\DRIVERS\update.sys [Scan path] C:\WINDOWS\System32\ups.exe [Scan path] C:\WINDOWS\system32\drivers\usbaudio.sys [Scan path] C:\WINDOWS\system32\DRIVERS\usbccgp.sys [Scan path] C:\WINDOWS\system32\DRIVERS\usbehci.sys [Scan path] C:\WINDOWS\system32\DRIVERS\usbhub.sys [Scan path] C:\WINDOWS\system32\DRIVERS\usbprint.sys [Scan path] C:\WINDOWS\system32\DRIVERS\usbscan.sys [Scan path] C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [Scan path] C:\WINDOWS\system32\DRIVERS\usbuhci.sys [Scan path] C:\WINDOWS\System32\Drivers\USIUDF.sys [Scan path] C:\WINDOWS\System32\drivers\vga.sys [Scan path] C:\WINDOWS\System32\vsdatant.sys [Scan path] c:\windows\system32\zonelabs\vsmon.exe [Scan path] C:\WINDOWS\System32\vssvc.exe [Scan path] C:\WINDOWS\system32\DRIVERS\w29n51.sys [Scan path] C:\WINDOWS\system32\DRIVERS\wanarp.sys [Scan path] C:\WINDOWS\system32\drivers\wdmaud.sys [Scan path] c:\program files\windows media connect\mswmccds.exe [Scan path] C:\Program Files\Windows Media Connect\mswmcls.exe [Scan path] C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [Scan path] C:\WINDOWS\system32\wbem\wmiapsrv.exe [Scan path] C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [Scan path] C:\WINDOWS\system32\ntsd.exe ----------------------------------------------------------------------------- Scan statistics ----------------------------------------------------------------------------- Objects scanned: 328 Infected objects found: 1 Objects with modifications found: 0 Suspicious objects found: 0 Adware programs found: 0 Dialer programs found: 0 Joke programs found: 0 Riskware programs found: 0 Hacktool programs found: 0 Objects cured: 0 Objects deleted: 0 Objects renamed: 0 Objects moved: 0 Objects ignored: 0 Scan speed: 478 Kb/s Scan time: 00:02:35 ----------------------------------------------------------------------------- ============================================================================= Total session statistics ============================================================================= Objects scanned: 328 Infected objects found: 1 Objects with modifications found: 0 Suspicious objects found: 0 Adware programs found: 0 Dialer programs found: 0 Joke programs found: 0 Riskware programs found: 0 Hacktool programs found: 0 Objects cured: 0 Objects deleted: 0 Objects renamed: 0 Objects moved: 0 Objects ignored: 0 Scan speed: 478 Kb/s Scan time: 00:02:35 ============================================================================= ============================================================================= Dr.Web(R) Scanner for Windows v4.33.2 (4.33.2.06080) Copyright (c) Igor Daniloff, 1992-2006 Log generated on: 2006-09-13, 00:55:04 [DEYAN][DeyanPC] Command-line: "C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\cureit.exe" /lng /ini:cureit_XP.ini Operating system:Windows XP Home Edition x86 (Build 2600), Service Pack 2 ============================================================================= Engine version: 4.33 (4.33.4.07270) Engine API version: 2.01 [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crwtoday.cdb - 306 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43352.cdb - 2016 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43351.cdb - 943 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43350.cdb - 1020 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43349.cdb - 1008 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43348.cdb - 1096 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43347.cdb - 707 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43346.cdb - 1429 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43345.cdb - 1358 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43344.cdb - 694 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43343.cdb - 1186 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43342.cdb - 744 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43341.cdb - 841 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43340.cdb - 822 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43339.cdb - 1071 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43338.cdb - 989 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43337.cdb - 855 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43336.cdb - 1297 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43335.cdb - 1195 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43334.cdb - 900 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43333.cdb - 1381 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43332.cdb - 1340 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43331.cdb - 2735 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43330.cdb - 2078 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43329.cdb - 2490 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43328.cdb - 743 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43327.cdb - 958 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43326.cdb - 793 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43325.cdb - 713 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43324.cdb - 655 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43323.cdb - 655 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43322.cdb - 778 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43321.cdb - 846 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43320.cdb - 808 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43319.cdb - 764 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43318.cdb - 838 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43317.cdb - 363 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43316.cdb - 730 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43315.cdb - 627 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43314.cdb - 824 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43313.cdb - 842 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43312.cdb - 830 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43311.cdb - 862 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43310.cdb - 853 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43309.cdb - 733 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43308.cdb - 708 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43307.cdb - 839 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43306.cdb - 930 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43305.cdb - 759 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43304.cdb - 721 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43303.cdb - 638 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43302.cdb - 806 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43301.cdb - 504 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crw43300.cdb - 24 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crwebase.cdb - 78674 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\cwrtoday.cdb - 232 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\cwr43301.cdb - 697 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crwrisky.cdb - 1271 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\cwntoday.cdb - 196 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\cwn43304.cdb - 793 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\cwn43303.cdb - 766 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\cwn43302.cdb - 850 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\cwn43301.cdb - 773 virus records [Virus base] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\crwnasty.cdb - 4867 virus records Total virus records: 140764 Key file: C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\cureit.key License key number: 0000000010 Registered to: Dr.Web CureIt Project License key activates: 2005-03-05 License key expires: 2007-03-05 ----------------------------------------------------------------------------- Scan statistics ----------------------------------------------------------------------------- Objects scanned: 0 Infected objects found: 0 Objects with modifications found: 0 Suspicious objects found: 0 Adware programs found: 0 Dialer programs found: 0 Joke programs found: 0 Riskware programs found: 0 Hacktool programs found: 0 Objects cured: 0 Objects deleted: 0 Objects renamed: 0 Objects moved: 0 Objects ignored: 0 Scan speed: 0 Kb/s Scan time: 00:00:00 ----------------------------------------------------------------------------- [Scan path] C:\WINDOWS\system32\smss.exe [Scan path] C:\WINDOWS\system32\csrss.exe [Scan path] C:\WINDOWS\system32\winlogon.exe [Scan path] C:\WINDOWS\system32\services.exe [Scan path] C:\WINDOWS\system32\lsass.exe [Scan path] C:\WINDOWS\system32\svchost.exe [Scan path] C:\WINDOWS\explorer.exe [Scan path] C:\WINDOWS\system32\spoolsv.exe [Scan path] C:\WINDOWS\System32\SCardSvr.exe [Scan path] C:\WINDOWS\system32\cisvc.exe [Scan path] C:\WINDOWS\System32\snmp.exe [Scan path] C:\WINDOWS\system32\wdfmgr.exe [Scan path] C:\WINDOWS\AGRSMMSG.exe [Scan path] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [Scan path] C:\WINDOWS\system32\igfxtray.exe [Scan path] C:\WINDOWS\system32\hkcmd.exe [Scan path] C:\Program Files\Java\jre1.5.0\bin\jusched.exe [Scan path] C:\WINDOWS\system32\rundll32.exe [Scan path] C:\Program Files\Common Files\Ulead Systems\DVD\USISrv.exe [Scan path] C:\Program Files\iTunes\iTunesHelper.exe [Scan path] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe [Scan path] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe [Scan path] C:\WINDOWS\system32\ctfmon.exe [Scan path] C:\Program Files\iPod\bin\iPodService.exe [Scan path] C:\WINDOWS\System32\Wbem\wmiprvse.exe [Scan path] C:\WINDOWS\system32\cidaemon.exe [Scan path] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\_start.exe [Scan path] C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\RarSFX0\cureit.exe [Scan path] C:\WINDOWS\system32\wuauclt.exe [Scan path] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [Scan path] c:\windows\system32\ime\tintlgnt\tintsetp.exe [Scan path] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe [Scan path] c:\program files\analog devices\soundmax\smax4.exe [Scan path] C:\Program Files\HPQ\Default Settings\cpqset.exe [Scan path] c:\program files\hpq\quick launch buttons\eabservr.exe [Scan path] C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe [Scan path] C:\WINDOWS\system32\dla\tfswctrl.exe [Scan path] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe [Scan path] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe [Scan path] C:\WINDOWS\system32\bthprops.cpl [Scan path] C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe [Scan path] C:\Program Files\DTV\RemoteControl.exe [Scan path] C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [Scan path] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [Scan path] c:\progra~1\grisoft\avgfre~1\avgcc.exe [Scan path] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [Scan path] C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe [Scan path] c:\program files\nokia\nokia pc suite 6\launchapplication.exe [Scan path] c:\progra~1\grisoft\avgfre~1\avgw.exe [Scan path] C:\Documents and Settings\DeyanPC\Start Menu\Programs\Startup\desktop.ini [Scan path] C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe [Scan path] C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [Scan path] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini [Scan path] C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [Scan path] C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [Scan path] C:\Program Files\Microsoft Office\Office10\OSA.EXE [Scan path] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\MSWin.exe [Scan path] C:\WINDOWS\system32\mmsys.cpl [Scan path] C:\WINDOWS\system32\icmui.dll [Scan path] C:\WINDOWS\system32\rshx32.dll [Scan path] C:\WINDOWS\system32\docprop.dll [Scan path] C:\WINDOWS\system32\ntshrui.dll [Scan path] C:\WINDOWS\system32\themeui.dll [Scan path] C:\WINDOWS\system32\deskadp.dll [Scan path] C:\WINDOWS\system32\deskmon.dll [Scan path] C:\WINDOWS\system32\dssec.dll [Scan path] C:\WINDOWS\system32\SlayerXP.dll [Scan path] C:\WINDOWS\system32\shscrap.dll [Scan path] C:\WINDOWS\system32\diskcopy.dll [Scan path] C:\WINDOWS\system32\ntlanui2.dll [Scan path] C:\WINDOWS\system32\printui.dll [Scan path] C:\WINDOWS\system32\dskquoui.dll [Scan path] C:\WINDOWS\system32\syncui.dll [Scan path] C:\WINDOWS\system32\hticons.dll [Scan path] C:\WINDOWS\system32\fontext.dll [Scan path] C:\WINDOWS\system32\deskperf.dll [Scan path] C:\WINDOWS\system32\cryptext.dll [Scan path] C:\WINDOWS\system32\NETSHELL.dll [Scan path] C:\WINDOWS\system32\wiashext.dll [Scan path] C:\WINDOWS\system32\remotepg.dll [Scan path] C:\WINDOWS\system32\wshext.dll [Scan path] C:\Program Files\Common Files\System\Ole DB\oledb32.dll [Scan path] C:\WINDOWS\system32\mstask.dll [Scan path] C:\WINDOWS\system32\shdocvw.dll [Scan path] C:\WINDOWS\system32\wuaucpl.cpl [Scan path] C:\WINDOWS\system32\twext.dll [Scan path] C:\WINDOWS\system32\shmedia.dll [Scan path] C:\WINDOWS\system32\browseui.dll [Scan path] C:\WINDOWS\system32\sendmail.dll [Scan path] C:\WINDOWS\system32\occache.dll [Scan path] C:\WINDOWS\system32\webcheck.dll [Scan path] C:\WINDOWS\system32\appwiz.cpl [Scan path] C:\WINDOWS\system32\shimgvw.dll [Scan path] C:\WINDOWS\system32\netplwiz.dll [Scan path] C:\WINDOWS\system32\zipfldr.dll [Scan path] C:\WINDOWS\system32\cdfview.dll [Scan path] C:\WINDOWS\system32\extmgr.dll [Scan path] C:\WINDOWS\system32\msieftp.dll [Scan path] C:\WINDOWS\system32\docprop2.dll [Scan path] C:\WINDOWS\system32\dsquery.dll [Scan path] C:\WINDOWS\system32\dsuiext.dll [Scan path] C:\WINDOWS\system32\mydocs.dll [Scan path] C:\WINDOWS\System32\cscui.dll [Scan path] C:\WINDOWS\msagent\agentpsh.dll [Scan path] C:\WINDOWS\system32\dfsshlex.dll [Scan path] C:\WINDOWS\system32\photowiz.dll [Scan path] C:\WINDOWS\System32\mmcshext.dll [Scan path] C:\WINDOWS\system32\cabview.dll [Scan path] C:\Program Files\Outlook Express\wabfind.dll [Scan path] C:\WINDOWS\system32\wmpshell.dll [Scan path] C:\WINDOWS\system32\btneighborhood.dll [Scan path] C:\Program Files\Synaptics\SynTP\SynTPCpl.dll [Scan path] C:\Program Files\Sonic\RecordNow!\shlext.dll [Scan path] C:\WINDOWS\system32\dla\tfswshx.dll [Scan path] C:\WINDOWS\system32\Audiodev.dll [Scan path] C:\Program Files\Adobe\Acrobat 7.0\Acrobat Elements\ContextMenu.dll [Scan path] C:\Program Files\Common Files\Ulead Systems\DVD\USIShex.dll [Scan path] C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL [Scan path] C:\Program Files\Microsoft Office\Office10\msohev.dll [Scan path] C:\Program Files\WinRAR\rarext.dll [Scan path] C:\WINDOWS\system32\upnpui.dll [Scan path] C:\Program Files\Microsoft Office\Office10\OLKFSTUB.DLL [Scan path] C:\Program Files\iTunes\iTunesMiniPlayer.dll [Scan path] C:\PROGRA~1\Grisoft\AVGFRE~1\avgse.dll [Scan path] C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [Scan path] c:\program files\google\googletoolbar1.dll [Scan path] C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [Scan path] C:\WINDOWS\system32\pmnll.dll >C:\WINDOWS\system32\pmnll.dll infected with Trojan.Virtumod - will be cured after reboot [Scan path] C:\WINDOWS\system32\SHELL32.dll [Scan path] C:\WINDOWS\system32\stobject.dll [Scan path] C:\WINDOWS\system32\crypt32.dll [Scan path] C:\WINDOWS\system32\cryptnet.dll [Scan path] C:\WINDOWS\system32\cscdll.dll [Scan path] C:\WINDOWS\system32\igfxsrvc.dll [Scan path] C:\WINDOWS\system32\wlnotify.dll [Scan path] C:\WINDOWS\system32\sclgntfy.dll [Scan path] C:\WINDOWS\system32\WgaLogon.dll [Scan path] c:\windows\system32\svchost.exe [Scan path] C:\WINDOWS\system32\DRIVERS\ACPI.sys [Scan path] C:\WINDOWS\system32\DRIVERS\ACPIEC.sys [Scan path] C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [Scan path] C:\WINDOWS\system32\drivers\aeaudio.sys [Scan path] C:\WINDOWS\system32\drivers\aec.sys [Scan path] C:\WINDOWS\System32\drivers\afd.sys [Scan path] C:\WINDOWS\system32\DRIVERS\AGRSM.sys [Scan path] C:\WINDOWS\System32\alg.exe [Scan path] C:\WINDOWS\system32\DRIVERS\arp1394.sys [Scan path] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [Scan path] C:\WINDOWS\system32\DRIVERS\asyncmac.sys [Scan path] C:\WINDOWS\system32\DRIVERS\atapi.sys [Scan path] C:\WINDOWS\system32\DRIVERS\atmarpc.sys [Scan path] C:\WINDOWS\system32\DRIVERS\audstub.sys [Scan path] C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe [Scan path] C:\WINDOWS\System32\Drivers\avg7core.sys [Scan path] C:\WINDOWS\System32\Drivers\avg7rsw.sys [Scan path] C:\WINDOWS\System32\Drivers\avg7rsxp.sys [Scan path] C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe [Scan path] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe [Scan path] C:\WINDOWS\System32\Drivers\avgtdi.sys [Scan path] C:\WINDOWS\system32\DRIVERS\b57xp32.sys [Scan path] C:\WINDOWS\system32\DRIVERS\BthEnum.sys [Scan path] C:\WINDOWS\system32\DRIVERS\bthpan.sys [Scan path] C:\WINDOWS\System32\Drivers\BTHport.sys [Scan path] C:\WINDOWS\System32\Drivers\BTHUSB.sys [Scan path] C:\WINDOWS\system32\DRIVERS\btkrnl.sys [Scan path] C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [Scan path] C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [Scan path] C:\WINDOWS\system32\DRIVERS\cdrom.sys [Scan path] C:\WINDOWS\system32\clipsrv.exe [Scan path] C:\WINDOWS\System32\Drivers\ClntMgmt.sys [Scan path] C:\WINDOWS\system32\DRIVERS\CmBatt.sys [Scan path] C:\WINDOWS\system32\DRIVERS\compbatt.sys [Scan path] c:\windows\system32\dllhost.exe [Scan path] C:\WINDOWS\system32\Drivers\CO_Mon.sys [Scan path] C:\WINDOWS\system32\DRIVERS\disk.sys [Scan path] c:\windows\system32\dmadmin.exe [Scan path] C:\WINDOWS\System32\drivers\dmboot.sys [Scan path] C:\WINDOWS\System32\drivers\dmio.sys [Scan path] C:\WINDOWS\System32\drivers\dmload.sys [Scan path] C:\WINDOWS\system32\drivers\DMusic.sys [Scan path] C:\WINDOWS\system32\drivers\drmkaud.sys [Scan path] C:\WINDOWS\system32\drivers\drvmcdb.sys [Scan path] C:\WINDOWS\system32\drivers\drvnddm.sys [Scan path] C:\WINDOWS\system32\drivers\EABFiltr.sys [Scan path] C:\WINDOWS\system32\drivers\eabusb.sys [Scan path] C:\WINDOWS\system32\fxssvc.exe [Scan path] C:\WINDOWS\system32\DRIVERS\fltMgr.sys [Scan path] C:\WINDOWS\system32\DRIVERS\ftdisk.sys [Scan path] C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [Scan path] C:\WINDOWS\system32\DRIVERS\msgpc.sys [Scan path] C:\WINDOWS\system32\DRIVERS\gtipci21.sys [Scan path] C:\WINDOWS\system32\DRIVERS\hidusb.sys [Scan path] C:\Program Files\HPQ\Shared\hpqwmi.exe [Scan path] C:\WINDOWS\system32\DRIVERS\HPZid412.sys [Scan path] C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [Scan path] C:\WINDOWS\system32\DRIVERS\HPZius12.sys [Scan path] C:\WINDOWS\System32\Drivers\HTTP.sys [Scan path] C:\WINDOWS\system32\DRIVERS\i8042prt.sys [Scan path] C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [Scan path] C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [Scan path] C:\WINDOWS\system32\DRIVERS\imapi.sys [Scan path] C:\WINDOWS\system32\imapi.exe [Scan path] C:\WINDOWS\system32\DRIVERS\intelide.sys [Scan path] C:\WINDOWS\system32\DRIVERS\intelppm.sys [Scan path] C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys [Scan path] C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys [Scan path] C:\WINDOWS\system32\DRIVERS\ipinip.sys [Scan path] C:\WINDOWS\system32\DRIVERS\ipnat.sys [Scan path] C:\WINDOWS\system32\DRIVERS\ipsec.sys [Scan path] C:\WINDOWS\system32\DRIVERS\irda.sys [Scan path] C:\WINDOWS\system32\DRIVERS\irenum.sys [Scan path] C:\WINDOWS\system32\DRIVERS\isapnp.sys [Scan path] C:\WINDOWS\system32\DRIVERS\kbdclass.sys [Scan path] C:\WINDOWS\system32\drivers\kmixer.sys [Scan path] C:\WINDOWS\System32\Drivers\AVUSB_TX.sys [Scan path] C:\WINDOWS\system32\tcpsvcs.exe [Scan path] C:\WINDOWS\system32\drivers\Lvckap.sys [Scan path] C:\WINDOWS\System32\Drivers\LVEzLD06.sys [Scan path] C:\WINDOWS\system32\drivers\LVPrcMon.sys [Scan path] C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [Scan path] C:\WINDOWS\system32\mnmsrvc.exe [Scan path] C:\WINDOWS\system32\DRIVERS\mouclass.sys [Scan path] C:\WINDOWS\system32\DRIVERS\mouhid.sys [Scan path] C:\WINDOWS\system32\DRIVERS\MPE.sys [Scan path] C:\WINDOWS\system32\DRIVERS\mrxdav.sys [Scan path] C:\WINDOWS\system32\DRIVERS\mrxsmb.sys [Scan path] C:\WINDOWS\system32\msdtc.exe [Scan path] c:\windows\system32\msiexec.exe [Scan path] C:\WINDOWS\system32\drivers\MSKSSRV.sys [Scan path] C:\WINDOWS\system32\drivers\MSPCLOCK.sys [Scan path] C:\WINDOWS\system32\drivers\MSPQM.sys [Scan path] C:\WINDOWS\system32\DRIVERS\mssmbios.sys [Scan path] C:\WINDOWS\system32\drivers\MSTEE.sys [Scan path] C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [Scan path] C:\WINDOWS\system32\DRIVERS\NdisIP.sys [Scan path] C:\WINDOWS\system32\DRIVERS\ndistapi.sys [Scan path] C:\WINDOWS\system32\DRIVERS\ndisuio.sys [Scan path] C:\WINDOWS\system32\DRIVERS\ndiswan.sys [Scan path] C:\WINDOWS\system32\DRIVERS\netbios.sys [Scan path] C:\WINDOWS\system32\DRIVERS\netbt.sys [Scan path] C:\WINDOWS\system32\netdde.exe [Scan path] C:\WINDOWS\system32\DRIVERS\nic1394.sys [Scan path] C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys [Scan path] C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys [Scan path] C:\WINDOWS\system32\DRIVERS\ohci1394.sys [Scan path] C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [Scan path] C:\WINDOWS\system32\DRIVERS\parport.sys [Scan path] C:\WINDOWS\system32\DRIVERS\pci.sys [Scan path] C:\WINDOWS\system32\DRIVERS\pcmcia.sys [Scan path] C:\WINDOWS\system32\HPZipm12.exe [Scan path] C:\WINDOWS\system32\DRIVERS\raspptp.sys [Scan path] C:\WINDOWS\system32\DRIVERS\psched.sys [Scan path] C:\WINDOWS\system32\DRIVERS\ptilink.sys [Scan path] C:\WINDOWS\System32\Drivers\PxHelp20.sys [Scan path] C:\WINDOWS\system32\DRIVERS\rasacd.sys [Scan path] C:\WINDOWS\system32\DRIVERS\rasirda.sys [Scan path] C:\WINDOWS\system32\DRIVERS\rasl2tp.sys [Scan path] C:\WINDOWS\system32\DRIVERS\raspppoe.sys [Scan path] C:\WINDOWS\system32\DRIVERS\raspti.sys [Scan path] C:\WINDOWS\system32\DRIVERS\rdbss.sys [Scan path] C:\WINDOWS\System32\DRIVERS\RDPCDD.sys [Scan path] C:\WINDOWS\system32\sessmgr.exe [Scan path] C:\WINDOWS\system32\DRIVERS\redbook.sys [Scan path] C:\WINDOWS\system32\DRIVERS\rfcomm.sys [Scan path] C:\WINDOWS\system32\locator.exe [Scan path] C:\WINDOWS\system32\rsvp.exe [Scan path] C:\WINDOWS\system32\DRIVERS\sdbus.sys [Scan path] C:\WINDOWS\system32\DRIVERS\secdrv.sys [Scan path] C:\WINDOWS\system32\DRIVERS\serenum.sys [Scan path] C:\WINDOWS\system32\DRIVERS\Seri*hier nicht!*.sys [Scan path] C:\WINDOWS\system32\DRIVERS\SLIP.sys [Scan path] C:\WINDOWS\system32\DRIVERS\smcirda.sys [Scan path] C:\WINDOWS\system32\drivers\smwdm.sys [Scan path] C:\WINDOWS\System32\snmptrap.exe [Scan path] C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [Scan path] C:\WINDOWS\system32\drivers\splitter.sys [Scan path] C:\WINDOWS\system32\DRIVERS\sr.sys [Scan path] C:\WINDOWS\system32\ZoneLabs\srescan.sys [Scan path] C:\WINDOWS\system32\DRIVERS\srv.sys [Scan path] C:\WINDOWS\system32\drivers\sscdbhk5.sys [Scan path] C:\WINDOWS\system32\drivers\ssrtln.sys [Scan path] C:\WINDOWS\system32\DRIVERS\StreamIP.sys [Scan path] C:\WINDOWS\system32\DRIVERS\swenum.sys [Scan path] C:\WINDOWS\system32\drivers\swmidi.sys [Scan path] C:\WINDOWS\system32\DRIVERS\SynTP.sys [Scan path] C:\WINDOWS\system32\drivers\sysaudio.sys [Scan path] C:\WINDOWS\system32\smlogsvc.exe [Scan path] C:\WINDOWS\system32\DRIVERS\tcpip.sys [Scan path] C:\WINDOWS\system32\DRIVERS\tcpip6.sys [Scan path] C:\WINDOWS\system32\DRIVERS\termdd.sys [Scan path] C:\WINDOWS\system32\dla\tfsnboio.sys [Scan path] C:\WINDOWS\system32\dla\tfsncofs.sys [Scan path] C:\WINDOWS\system32\dla\tfsndrct.sys [Scan path] C:\WINDOWS\system32\dla\tfsndres.sys [Scan path] C:\WINDOWS\system32\dla\tfsnifs.sys [Scan path] C:\WINDOWS\system32\dla\tfsnopio.sys [Scan path] C:\WINDOWS\system32\dla\tfsnpool.sys [Scan path] C:\WINDOWS\system32\dla\tfsnudf.sys [Scan path] C:\WINDOWS\system32\dla\tfsnudfa.sys [Scan path] C:\WINDOWS\system32\drivers\tifm21.sys [Scan path] C:\WINDOWS\system32\DRIVERS\tunmp.sys [Scan path] C:\WINDOWS\System32\Drivers\ULCDRHlp.sys [Scan path] C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [Scan path] C:\WINDOWS\system32\DRIVERS\update.sys [Scan path] C:\WINDOWS\System32\ups.exe [Scan path] C:\WINDOWS\system32\drivers\usbaudio.sys [Scan path] C:\WINDOWS\system32\DRIVERS\usbccgp.sys [Scan path] C:\WINDOWS\system32\DRIVERS\usbehci.sys [Scan path] C:\WINDOWS\system32\DRIVERS\usbhub.sys [Scan path] C:\WINDOWS\system32\DRIVERS\usbprint.sys [Scan path] C:\WINDOWS\system32\DRIVERS\usbscan.sys [Scan path] C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [Scan path] C:\WINDOWS\system32\DRIVERS\usbuhci.sys [Scan path] C:\WINDOWS\System32\Drivers\USIUDF.sys [Scan path] C:\WINDOWS\System32\drivers\vga.sys [Scan path] C:\WINDOWS\System32\vsdatant.sys [Scan path] c:\windows\system32\zonelabs\vsmon.exe [Scan path] C:\WINDOWS\System32\vssvc.exe [Scan path] C:\WINDOWS\system32\DRIVERS\w29n51.sys [Scan path] C:\WINDOWS\system32\DRIVERS\wanarp.sys [Scan path] C:\WINDOWS\system32\drivers\wdmaud.sys [Scan path] c:\program files\windows media connect\mswmccds.exe [Scan path] C:\Program Files\Windows Media Connect\mswmcls.exe [Scan path] C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [Scan path] C:\WINDOWS\system32\wbem\wmiapsrv.exe [Scan path] C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [Scan path] C:\WINDOWS\system32\ntsd.exe ----------------------------------------------------------------------------- Scan statistics ----------------------------------------------------------------------------- Objects scanned: 329 Infected objects found: 1 Objects with modifications found: 0 Suspicious objects found: 0 Adware programs found: 0 Dialer programs found: 0 Joke programs found: 0 Riskware programs found: 0 Hacktool programs found: 0 Objects cured: 0 Objects deleted: 0 Objects renamed: 0 Objects moved: 0 Objects ignored: 0 Scan speed: 1813 Kb/s Scan time: 00:00:41 ----------------------------------------------------------------------------- [Scan path] D:\ ----------------------------------------------------------------------------- Scan statistics ----------------------------------------------------------------------------- Objects scanned: 686 Infected objects found: 0 Objects with modifications found: 0 Suspicious objects found: 0 Adware programs found: 0 Dialer programs found: 0 Joke programs found: 0 Riskware programs found: 0 Hacktool programs found: 0 Objects cured: 0 Objects deleted: 0 Objects renamed: 0 Objects moved: 0 Objects ignored: 0 Scan speed: 157942 Kb/s Scan time: 00:00:20 ----------------------------------------------------------------------------- |
|
|
|
|
|
|
13.09.2006, 01:46
Ehrenmitglied
Beiträge: 29434 |
#6
einen Virus hat der dr. web noch gefunden (ich hatte die dll uebersehen
 starte den rechner neu, dann scanne noch mal und berichte__________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
|
13.09.2006, 13:58
Member
Themenstarter Beiträge: 11 |
#7
hier das Log:
Brauche ich überhaupt AVG, Zonealarm oder RegistryMechanic, wenn all die Viren und Fehler zulassen? [Scan path] C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [Scan path] C:\WINDOWS\system32\pmnll.dll >C:\WINDOWS\system32\pmnll.dll infected with Trojan.Virtumod - will be cured after reboot Dieser Beitrag wurde am 13.09.2006 um 14:38 Uhr von Deyani editiert.
|
|
|
|
|
|
|
13.09.2006, 14:09
Ehrenmitglied
Beiträge: 29434 |
#8
Avenger
Zitat Files to delete:poste noch mal die 4 logs von datfindbat __________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
|
13.09.2006, 14:52
Member
Themenstarter Beiträge: 11 |
#9
Mit Avenger kommt eine Fehlermeldung: "Error: selected file does not appear to be a valid script" Error code: 0
Datfind.bat logs Volume in drive C has no label. Volume Seri*hier nicht!* Number is FC8A-D7FF Directory of C:\WINDOWS\system32 09/13/2006 14:46 726 llnmp.ini 09/13/2006 13:06 54,112 vsconfig.xml 09/13/2006 13:06 2,206 wpa.dbl 09/12/2006 17:19 106,516 qygtnvre.dll 09/11/2006 20:31 106,516 pnebnpeh.dll 09/11/2006 20:31 1,149,738 llnmp.bak2 08/09/2006 22:03 8,325,544 MRT.exe 07/28/2006 14:28 3,054,080 mshtml.dll 07/27/2006 16:24 679,424 inetcomm.dll 07/26/2006 01:03 4,212 zllictbl.dat 07/25/2006 23:33 613,888 urlmon.dll 07/21/2006 11:24 72,704 hlink.dll 07/16/2006 20:34 382,260 perfh009.dat 07/16/2006 20:34 53,838 perfc009.dat 07/16/2006 20:34 441,802 PerfStringBackup.INI 07/14/2006 18:31 332,288 netapi32.dll 07/14/2006 18:25 546,304 hhctrl.ocx 07/14/2006 10:01 215,264 FNTCACHE.DAT 07/13/2006 16:33 8,453,632 shell32.dll 07/09/2006 15:38 25,605 ikhcore.log 07/09/2006 13:42 42,920 vsutil_loc0407.dll 07/09/2006 13:42 392,824 vsdatant.sys 07/09/2006 13:42 71,672 zlcommdb.dll 07/09/2006 13:42 83,960 zlcomm.dll 07/09/2006 13:42 100,344 vsxml.dll 07/09/2006 13:42 59,384 vswmi.dll 07/09/2006 13:42 440,312 vsutil.dll 07/09/2006 13:42 71,672 vsregexp.dll 07/09/2006 13:42 104,440 vsmonapi.dll 07/09/2006 13:42 157,688 vsinit.dll 07/09/2006 13:42 268,280 vspubapi.dll 07/09/2006 13:42 83,960 vsdata.dll 07/05/2006 16:39 569,396 pmnll.dll 07/05/2006 13:55 984,064 kernel32.dll 06/26/2006 20:37 148,480 dnsapi.dll 06/26/2006 20:37 8,192 rasadhlp.dll 06/23/2006 14:02 658,944 wininet.dll 06/23/2006 14:02 1,494,016 shdocvw.dll 06/23/2006 14:02 532,480 mstime.dll 06/23/2006 14:02 146,432 msrating.dll 06/23/2006 14:02 448,512 mshtmled.dll 06/23/2006 14:02 474,112 shlwapi.dll 06/23/2006 14:02 39,424 pngfilt.dll 06/23/2006 14:02 16,384 jsproxy.dll 06/23/2006 14:02 251,392 iepeers.dll 06/23/2006 14:02 1,054,208 danim.dll 06/23/2006 14:02 55,808 extmgr.dll 06/23/2006 14:02 96,256 inseng.dll 06/23/2006 14:02 205,312 dxtrans.dll 06/23/2006 14:02 357,888 dxtmsft.dll 06/23/2006 14:02 151,040 cdfview.dll 06/23/2006 14:02 1,022,976 browseui.dll 06/23/2006 11:34 24,576 xpsp3res.dll 06/22/2006 13:47 181,248 rasmans.dll 06/20/2006 23:32 796,584 libeay32_0.9.6l.dll 06/19/2006 16:20 702,768 WgaLogon.dll 06/19/2006 16:19 571,184 LegitCheckControl.dll 06/19/2006 16:19 304,944 WgaTray.exe 06/15/2006 15:20 45,292 OEMINFO.PNF 06/01/2006 21:47 27,648 jgpl400.dll 06/01/2006 21:47 163,840 jgdw400.dll 2263 File(s) 406,937,924 bytes 0 Dir(s) 28,027,985,920 bytes free Volume in drive C has no label. Volume Seri*hier nicht!* Number is FC8A-D7FF Directory of C:\DOCUME~1\DeyanPC\LOCALS~1\Temp 09/13/2006 13:07 0 tmp3C.tmp 09/13/2006 13:06 1,224 jusched.log 09/13/2006 01:11 0 tmp3B.tmp 09/12/2006 23:59 12,054 hpodvd09.log 09/12/2006 23:53 0 tmpD.tmp 09/12/2006 17:26 0 tmpC.tmp 09/12/2006 17:15 0 tmp39.tmp 09/11/2006 22:40 0 tmp37.tmp 8 File(s) 13,278 bytes 0 Dir(s) 28,027,871,232 bytes free Volume in drive C has no label. Volume Seri*hier nicht!* Number is FC8A-D7FF Directory of C:\WINDOWS 09/13/2006 13:12 1,242,244 WindowsUpdate.log 09/13/2006 13:06 159 wiadebug.log 09/13/2006 13:06 3,638 ModemLog_Agere Systems AC'97 Modem.txt 09/13/2006 13:06 49 wiaservc.log 09/13/2006 13:05 0 0.log 09/13/2006 13:05 2,048 bootstat.dat 09/13/2006 01:09 32,646 SchedLgU.Txt 09/12/2006 17:17 532 setupact.log 09/12/2006 02:10 62,279 wmsetup.log 09/11/2006 22:36 932,271 setupapi.log 09/10/2006 20:47 2,875 KB893803v2Uninst.log 09/10/2006 20:47 71,903 iis6.log 09/10/2006 20:47 173,304 comsetup.log 09/10/2006 20:47 1,374 imsins.log 09/10/2006 20:47 192,398 tsoc.log 09/10/2006 20:47 107,384 ntdtcsetup.log 09/10/2006 20:47 27,897 ocmsn.log 09/10/2006 20:46 264,992 ocgen.log 09/10/2006 20:46 25,132 msgsocm.log 09/10/2006 20:46 497,737 FaxSetup.log 09/10/2006 19:46 268 _delis32.ini 09/10/2006 17:25 3,234 spupdsvc.log 09/10/2006 17:22 15,872 WgaNotify.log 09/10/2006 17:19 22,191 updspapi.log 09/09/2006 14:32 54,156 QTFont.qfn 09/05/2006 00:22 19 SoundConverter.INI 09/01/2006 00:50 1,409 QTFont.for 08/25/2006 00:00 14,686 cdplayer.ini 08/24/2006 18:23 1,026,392 dp2_log.txt 08/16/2006 03:06 1,374 imsins.BAK 08/16/2006 03:06 17,334 KB920214.log 08/16/2006 03:05 17,148 KB921883.log 08/16/2006 03:05 16,874 KB922616.log 08/16/2006 03:05 17,321 KB921398.log 08/16/2006 03:03 20,295 KB918899.log 08/16/2006 03:02 12,683 KB920670.log 08/16/2006 03:01 12,843 KB917422.log 08/16/2006 03:01 13,189 KB920683.log 07/28/2006 01:24 357 GEARInstall.log 07/27/2006 13:27 271,029 LVEventLog.log 07/15/2006 03:01 3,335 KB885884.log 07/14/2006 00:16 748 ODBC.INI 07/14/2006 00:13 628 win.ini 07/12/2006 01:02 12,535 KB917159.log 07/12/2006 01:02 13,086 KB914388.log 07/12/2006 01:01 11,304 KB916595.log 07/06/2006 22:05 0 pestpatrol5.INI 06/28/2006 03:01 15,700 KB911280.log 06/17/2006 16:18 11,919 KB917734.log 06/17/2006 16:17 14,404 KB918439.log 06/17/2006 16:17 14,787 KB917344.log 06/17/2006 16:17 14,551 KB917953.log 06/17/2006 16:17 18,165 KB916281.log 06/17/2006 16:17 12,437 KB914389.log 06/17/2006 14:09 100,724 cpeins04.dat 06/17/2006 14:04 206 HPGdiPlus.ini 06/15/2006 18:30 104,156 hpoins04.dat 06/13/2006 13:14 794 DirectX.log 06/12/2006 23:43 316,640 WMSysPr9.prx 175 File(s) 13,748,600 bytes 0 Dir(s) 28,027,867,136 bytes free Volume in drive C has no label. Volume Seri*hier nicht!* Number is FC8A-D7FF Directory of C:\ 09/13/2006 14:47 0 sys.txt 09/13/2006 14:47 8,986 system.txt 09/13/2006 14:47 601 systemtemp.txt 09/13/2006 14:46 110,694 system32.txt 09/13/2006 14:45 398 avenger.txt 09/13/2006 13:05 527,880,192 hiberfil.sys 09/13/2006 13:05 792,723,456 pagefile.sys 09/11/2006 16:03 9,809 ComboFix.txt 09/10/2006 16:55 320 temp.txt 09/10/2006 16:46 10,118 ComboFix2.txt 09/10/2006 16:16 1,600 VundoFix.txt 08/16/2006 18:25 1,341,440 01.mpg 07/27/2006 13:27 2,048 TimeShift.mpg 07/16/2006 13:52 12,286,415 AVG7QT.DAT 07/09/2006 15:32 6,990 caisslog.txt 06/15/2006 20:45 1,167 _Sid.txt [/b] |
|
|
|
|
|
|
13.09.2006, 22:56
Ehrenmitglied
Beiträge: 29434 |
#10
kopiere es solange in den avenger, bis neugestartet wird, poste dann den report
Zitat Files to delete: __________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
|
13.09.2006, 23:52
Member
Themenstarter Beiträge: 11 |
#11
Jedes Mal beim Windowsstarten kriege ich eine Fehlermeldung "hpqthb08.exe-Application error: The application failed to initialize properly(0xc0000135). Click on OK to terminate the application "???
sonst Logfile of The Avenger version 1, by Swandog46Running from registry key: \Registry\Machine\System\CurrentControlSet\Services\cr^dkybm ******************* Script file located at: \??\C:\Documents and Settings\bojbayde.txt Script file opened successfully. Script file read successfully Backups directory opened successfully at c:\Avenger ******************* Beginning to process script file: File C:\WINDOWS\system32\llnmp.ini deleted successfully. File C:\WINDOWS\system32\qygtnvre.dll deleted successfully. File C:\WINDOWS\system32\pnebnpeh.dll deleted successfully. File C:\WINDOWS\system32\llnmp.bak2 deleted successfully. File C:\WINDOWS\system32\pmnll.dll deleted successfully. Completed script processing. ******************* Finished! Terminate. |
|
|
|
|
|
|
14.09.2006, 00:22
Ehrenmitglied
Beiträge: 29434 |
#12
o.k.
scanne und poste den scanreport http://virus-protect.org/artikel/tools/superantispyware.html __________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
|
15.09.2006, 02:01
Member
Themenstarter Beiträge: 11 |
#13
hi, hier die logs:
SUPERAntiSpyware Scan Log Generated 09/15/2006 at 00:41 AM Core Rules Database Version : 3082 Trace Rules Database Version: 1114 Memory Thread detected : 0 Registry Thread detected : 123 File Thread detected : 58 Trojan.WinFixer HKLM\Software\Classes\CLSID\{ACAF8C94-40EB-4A4F-A2F7-E709D4CEF9A2} HKCR\CLSID\{ACAF8C94-40EB-4A4F-A2F7-E709D4CEF9A2} HKCR\CLSID\{ACAF8C94-40EB-4A4F-A2F7-E709D4CEF9A2}\InprocServer32 HKCR\CLSID\{ACAF8C94-40EB-4A4F-A2F7-E709D4CEF9A2}\InprocServer32#ThreadingModel C:\WINDOWS\system32\pmnll.dll HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ACAF8C94-40EB-4A4F-A2F7-E709D4CEF9A2} Software\Microsoft\Windows NT\CurrentVersion\WinLogon\Notify\pmnll Adware.Tracking Cookie C:\Documents and Settings\DeyanPC\Cookies\deyanpc@scanner[1].txt C:\Documents and Settings\DeyanPC\Cookies\deyanpc@www.burstbeacon[1].txt C:\Documents and Settings\DeyanPC\Cookies\deyanpc@estat[1].txt C:\Documents and Settings\DeyanPC\Cookies\deyanpc@vip.clickzs[1].txt C:\Documents and Settings\DeyanPC\Cookies\deyanpc@try.starware[1].txt C:\Documents and Settings\DeyanPC\Cookies\deyanpc@e-2dj6wjloagcjmgq.stats.esomniture[1].txt C:\Documents and Settings\DeyanPC\Cookies\deyanpc@ads.jurawelt[2].txt C:\Documents and Settings\DeyanPC\Cookies\deyanpc@cz9.clickzs[2].txt C:\Documents and Settings\DeyanPC\Cookies\deyanpc@ad.zanox[2].txt C:\Documents and Settings\DeyanPC\Cookies\deyanpc@mediaplex[2].txt C:\Documents and Settings\DeyanPC\Cookies\deyanpc@www.burstnet[2].txt C:\Documents and Settings\DeyanPC\Cookies\deyanpc@maxserving[1].txt C:\Documents and Settings\DeyanPC\Cookies\deyanpc@clickwwwsearch[1].txt C:\Documents and Settings\DeyanPC\Cookies\deyanpc@fastclick[1].txt C:\Documents and Settings\DeyanPC\Cookies\deyanpc@questionmarket[2].txt C:\Documents and Settings\DeyanPC\Cookies\deyanpc@overture[1].txt C:\Documents and Settings\DeyanPC\Cookies\deyanpc@www.winantivirus[1].txt C:\Documents and Settings\DeyanPC\Cookies\deyanpc@www.etracker[1].txt C:\Documents and Settings\DeyanPC\Cookies\deyanpc@e-2dj6wjlyqpdzclp.stats.esomniture[2].txt C:\Documents and Settings\DeyanPC\Cookies\deyanpc@maps[1].txt C:\Documents and Settings\DeyanPC\Cookies\deyanpc@cz11.clickzs[2].txt C:\Documents and Settings\DeyanPC\Cookies\deyanpc@apmebf[1].txt C:\Documents and Settings\DeyanPC\Cookies\deyanpc@stats1.reliablestats[1].txt C:\Documents and Settings\DeyanPC\Cookies\deyanpc@cs.sexcounter[2].txt C:\Documents and Settings\DeyanPC\Cookies\deyanpc@ad.yieldmanager[2].txt C:\Documents and Settings\DeyanPC\Cookies\deyanpc@2o7[2].txt C:\Documents and Settings\DeyanPC\Cookies\deyanpc@vip2.clickzs[2].txt C:\Documents and Settings\DeyanPC\Cookies\deyanpc@doubleclick[1].txt C:\Documents and Settings\DeyanPC\Cookies\deyanpc@h.starware[1].txt C:\Documents and Settings\DeyanPC\Cookies\deyanpc@as1.falkag[1].txt C:\Documents and Settings\DeyanPC\Cookies\deyanpc@m1.webstats4u[1].txt C:\Documents and Settings\DeyanPC\Cookies\deyanpc@komtrack[2].txt C:\Documents and Settings\DeyanPC\Cookies\deyanpc@winantivirus[2].txt C:\Documents and Settings\DeyanPC\Cookies\deyanpc@cgi-bin[3].txt C:\Documents and Settings\DeyanPC\Cookies\deyanpc@a[1].txt C:\Documents and Settings\DeyanPC\Cookies\deyanpc@as-eu.falkag[1].txt C:\Documents and Settings\DeyanPC\Cookies\deyanpc@cgi-bin[1].txt C:\Documents and Settings\DeyanPC\Cookies\deyanpc@atdmt[2].txt C:\Documents and Settings\DeyanPC\Cookies\deyanpc@tacoda[1].txt C:\Documents and Settings\DeyanPC\Cookies\deyanpc@sexlist[2].txt C:\Documents and Settings\DeyanPC\Cookies\deyanpc@burstnet[2].txt C:\Documents and Settings\DeyanPC\Cookies\deyanpc@hmt.connexpromotions[2].txt Trojan.Unknown Origin HKLM\SOFTWARE\Microsoft\MSSMGR HKLM\SOFTWARE\Microsoft\MSSMGR#Brnd HKLM\SOFTWARE\Microsoft\MSSMGR#BSTV HKLM\SOFTWARE\Microsoft\MSSMGR#SSTV HKLM\SOFTWARE\Microsoft\MSSMGR#SCLIST HKLM\SOFTWARE\Microsoft\MSSMGR#SSLIST HKLM\SOFTWARE\Microsoft\MSSMGR#BPTV HKLM\SOFTWARE\Microsoft\MSSMGR#LSTV HKLM\SOFTWARE\Microsoft\MSSMGR#MSLIST HKLM\SOFTWARE\Microsoft\MSSMGR#PID HKLM\SOFTWARE\Microsoft\MSSMGR#Rid HKLM\SOFTWARE\Microsoft\MSSMGR#LID HKLM\SOFTWARE\Microsoft\MSSMGR#PSTV C:\System Volume Information\_restore{8F4E23D5-7A0B-4AF9-B850-707FD945F2C0}\RP79\A0037040.exe Trojan.Malware HKCR\MezziaCodec.Chl HKCR\MezziaCodec.Chl\CLSID Malware.SpywareQuake HKCR\TypeLib\{5E05EA9F-1EA7-4D0B-A09B-D5E29EC758B9} HKCR\TypeLib\{5E05EA9F-1EA7-4D0B-A09B-D5E29EC758B9}\1.0 HKCR\TypeLib\{5E05EA9F-1EA7-4D0B-A09B-D5E29EC758B9}\1.0\0 HKCR\TypeLib\{5E05EA9F-1EA7-4D0B-A09B-D5E29EC758B9}\1.0\0\win32 HKCR\TypeLib\{5E05EA9F-1EA7-4D0B-A09B-D5E29EC758B9}\1.0\FLAGS HKCR\TypeLib\{5E05EA9F-1EA7-4D0B-A09B-D5E29EC758B9}\1.0\HELPDIR HKCR\Interface\{2DD8D482-8F1C-4180-AA8E-9D5819E5F2EA} HKCR\Interface\{2DD8D482-8F1C-4180-AA8E-9D5819E5F2EA}\ProxyStubClsid HKCR\Interface\{2DD8D482-8F1C-4180-AA8E-9D5819E5F2EA}\ProxyStubClsid32 HKCR\Interface\{2DD8D482-8F1C-4180-AA8E-9D5819E5F2EA}\TypeLib HKCR\Interface\{2DD8D482-8F1C-4180-AA8E-9D5819E5F2EA}\TypeLib#Version HKCR\Interface\{411F83B1-A0EC-4155-AF99-0137F5EFB270} HKCR\Interface\{411F83B1-A0EC-4155-AF99-0137F5EFB270}\ProxyStubClsid HKCR\Interface\{411F83B1-A0EC-4155-AF99-0137F5EFB270}\ProxyStubClsid32 HKCR\Interface\{411F83B1-A0EC-4155-AF99-0137F5EFB270}\TypeLib HKCR\Interface\{411F83B1-A0EC-4155-AF99-0137F5EFB270}\TypeLib#Version HKCR\Interface\{4E3645AF-7A81-4F83-9B8C-1E4F930D873F} HKCR\Interface\{4E3645AF-7A81-4F83-9B8C-1E4F930D873F}\ProxyStubClsid HKCR\Interface\{4E3645AF-7A81-4F83-9B8C-1E4F930D873F}\ProxyStubClsid32 HKCR\Interface\{4E3645AF-7A81-4F83-9B8C-1E4F930D873F}\TypeLib HKCR\Interface\{4E3645AF-7A81-4F83-9B8C-1E4F930D873F}\TypeLib#Version HKCR\Interface\{61032A65-2371-4C89-B5BB-DF73090FB5EA} HKCR\Interface\{61032A65-2371-4C89-B5BB-DF73090FB5EA}\ProxyStubClsid HKCR\Interface\{61032A65-2371-4C89-B5BB-DF73090FB5EA}\ProxyStubClsid32 HKCR\Interface\{61032A65-2371-4C89-B5BB-DF73090FB5EA}\TypeLib HKCR\Interface\{61032A65-2371-4C89-B5BB-DF73090FB5EA}\TypeLib#Version HKCR\Interface\{66189AF2-7726-46E8-8628-0F95AB854792} HKCR\Interface\{66189AF2-7726-46E8-8628-0F95AB854792}\ProxyStubClsid HKCR\Interface\{66189AF2-7726-46E8-8628-0F95AB854792}\ProxyStubClsid32 HKCR\Interface\{66189AF2-7726-46E8-8628-0F95AB854792}\TypeLib HKCR\Interface\{66189AF2-7726-46E8-8628-0F95AB854792}\TypeLib#Version HKCR\Interface\{7A2F6251-6C99-4DA5-9827-954EB45DCB82} HKCR\Interface\{7A2F6251-6C99-4DA5-9827-954EB45DCB82}\ProxyStubClsid HKCR\Interface\{7A2F6251-6C99-4DA5-9827-954EB45DCB82}\ProxyStubClsid32 HKCR\Interface\{7A2F6251-6C99-4DA5-9827-954EB45DCB82}\TypeLib HKCR\Interface\{7A2F6251-6C99-4DA5-9827-954EB45DCB82}\TypeLib#Version HKCR\Interface\{82C6C396-DD7B-4CE5-B668-C0087D1F3A1F} HKCR\Interface\{82C6C396-DD7B-4CE5-B668-C0087D1F3A1F}\ProxyStubClsid HKCR\Interface\{82C6C396-DD7B-4CE5-B668-C0087D1F3A1F}\ProxyStubClsid32 HKCR\Interface\{82C6C396-DD7B-4CE5-B668-C0087D1F3A1F}\TypeLib HKCR\Interface\{82C6C396-DD7B-4CE5-B668-C0087D1F3A1F}\TypeLib#Version HKCR\Interface\{853E0D78-F4C2-47CB-A3F5-A774DA60DFCD} HKCR\Interface\{853E0D78-F4C2-47CB-A3F5-A774DA60DFCD}\ProxyStubClsid HKCR\Interface\{853E0D78-F4C2-47CB-A3F5-A774DA60DFCD}\ProxyStubClsid32 HKCR\Interface\{853E0D78-F4C2-47CB-A3F5-A774DA60DFCD}\TypeLib HKCR\Interface\{853E0D78-F4C2-47CB-A3F5-A774DA60DFCD}\TypeLib#Version HKCR\Interface\{94786C47-EB3F-4BD5-A66B-0D49E2C90541} HKCR\Interface\{94786C47-EB3F-4BD5-A66B-0D49E2C90541}\ProxyStubClsid HKCR\Interface\{94786C47-EB3F-4BD5-A66B-0D49E2C90541}\ProxyStubClsid32 HKCR\Interface\{94786C47-EB3F-4BD5-A66B-0D49E2C90541}\TypeLib HKCR\Interface\{94786C47-EB3F-4BD5-A66B-0D49E2C90541}\TypeLib#Version HKCR\Interface\{9989A9BC-9828-467E-AF06-E3B279E6E97B} HKCR\Interface\{9989A9BC-9828-467E-AF06-E3B279E6E97B}\ProxyStubClsid HKCR\Interface\{9989A9BC-9828-467E-AF06-E3B279E6E97B}\ProxyStubClsid32 HKCR\Interface\{9989A9BC-9828-467E-AF06-E3B279E6E97B}\TypeLib HKCR\Interface\{9989A9BC-9828-467E-AF06-E3B279E6E97B}\TypeLib#Version HKCR\Interface\{B2B3702A-5425-489E-A3AF-EDCCAFEBA019} HKCR\Interface\{B2B3702A-5425-489E-A3AF-EDCCAFEBA019}\ProxyStubClsid HKCR\Interface\{B2B3702A-5425-489E-A3AF-EDCCAFEBA019}\ProxyStubClsid32 HKCR\Interface\{B2B3702A-5425-489E-A3AF-EDCCAFEBA019}\TypeLib HKCR\Interface\{B2B3702A-5425-489E-A3AF-EDCCAFEBA019}\TypeLib#Version HKCR\Interface\{C1C56112-2B2E-4D3C-8CFC-7E10C77FACEF} HKCR\Interface\{C1C56112-2B2E-4D3C-8CFC-7E10C77FACEF}\ProxyStubClsid HKCR\Interface\{C1C56112-2B2E-4D3C-8CFC-7E10C77FACEF}\ProxyStubClsid32 HKCR\Interface\{C1C56112-2B2E-4D3C-8CFC-7E10C77FACEF}\TypeLib HKCR\Interface\{C1C56112-2B2E-4D3C-8CFC-7E10C77FACEF}\TypeLib#Version HKCR\Interface\{D01D4AAB-22C5-427F-A941-C4B65A3D8A23} HKCR\Interface\{D01D4AAB-22C5-427F-A941-C4B65A3D8A23}\ProxyStubClsid HKCR\Interface\{D01D4AAB-22C5-427F-A941-C4B65A3D8A23}\ProxyStubClsid32 HKCR\Interface\{D01D4AAB-22C5-427F-A941-C4B65A3D8A23}\TypeLib HKCR\Interface\{D01D4AAB-22C5-427F-A941-C4B65A3D8A23}\TypeLib#Version HKCR\Interface\{DDB0D689-FAE0-4165-9F7C-877602F9DD66} HKCR\Interface\{DDB0D689-FAE0-4165-9F7C-877602F9DD66}\ProxyStubClsid HKCR\Interface\{DDB0D689-FAE0-4165-9F7C-877602F9DD66}\ProxyStubClsid32 HKCR\Interface\{DDB0D689-FAE0-4165-9F7C-877602F9DD66}\TypeLib HKCR\Interface\{DDB0D689-FAE0-4165-9F7C-877602F9DD66}\TypeLib#Version HKCR\Interface\{E5AD5BD5-C710-45E0-ABD3-E770FE85DAE8} HKCR\Interface\{E5AD5BD5-C710-45E0-ABD3-E770FE85DAE8}\ProxyStubClsid HKCR\Interface\{E5AD5BD5-C710-45E0-ABD3-E770FE85DAE8}\ProxyStubClsid32 HKCR\Interface\{E5AD5BD5-C710-45E0-ABD3-E770FE85DAE8}\TypeLib HKCR\Interface\{E5AD5BD5-C710-45E0-ABD3-E770FE85DAE8}\TypeLib#Version HKCR\Interface\{EB5CA3AF-26C1-467B-9A55-2820E0451AAB} HKCR\Interface\{EB5CA3AF-26C1-467B-9A55-2820E0451AAB}\ProxyStubClsid HKCR\Interface\{EB5CA3AF-26C1-467B-9A55-2820E0451AAB}\ProxyStubClsid32 HKCR\Interface\{EB5CA3AF-26C1-467B-9A55-2820E0451AAB}\TypeLib HKCR\Interface\{EB5CA3AF-26C1-467B-9A55-2820E0451AAB}\TypeLib#Version HKCR\CLSID\{5B55C4E3-C179-BA0B-B4FD-F2DB862D6202} HKCR\CLSID\{5B55C4E3-C179-BA0B-B4FD-F2DB862D6202}\cfbYbUxocre HKCR\CLSID\{5B55C4E3-C179-BA0B-B4FD-F2DB862D6202}\FLXiwgyG HKCR\CLSID\{5B55C4E3-C179-BA0B-B4FD-F2DB862D6202}\ihVegI HKCR\CLSID\{5B55C4E3-C179-BA0B-B4FD-F2DB862D6202}\InprocServer32 HKCR\CLSID\{5B55C4E3-C179-BA0B-B4FD-F2DB862D6202}\InprocServer32#RuntimeVersion HKCR\CLSID\{5B55C4E3-C179-BA0B-B4FD-F2DB862D6202}\InprocServer32#Assembly HKCR\CLSID\{5B55C4E3-C179-BA0B-B4FD-F2DB862D6202}\InprocServer32#Class HKCR\CLSID\{5B55C4E3-C179-BA0B-B4FD-F2DB862D6202}\InprocServer32\11.0.0.0 HKCR\CLSID\{5B55C4E3-C179-BA0B-B4FD-F2DB862D6202}\InprocServer32\11.0.0.0#RuntimeVersion HKCR\CLSID\{5B55C4E3-C179-BA0B-B4FD-F2DB862D6202}\InprocServer32\11.0.0.0#Class HKCR\CLSID\{5B55C4E3-C179-BA0B-B4FD-F2DB862D6202}\InprocServer32\11.0.0.0#Assembly HKCR\CLSID\{5B55C4E3-C179-BA0B-B4FD-F2DB862D6202}\mjtQvjWvp HKCR\CLSID\{5B55C4E3-C179-BA0B-B4FD-F2DB862D6202}\pxomlaDvdRqwq HKCR\CLSID\{5B55C4E3-C179-BA0B-B4FD-F2DB862D6202}\SmxgBdnwmad HKCR\CLSID\{5B55C4E3-C179-BA0B-B4FD-F2DB862D6202}\tpKfor C:\System Volume Information\_restore{8F4E23D5-7A0B-4AF9-B850-707FD945F2C0}\RP79\A0037042.exe C:\System Volume Information\_restore{8F4E23D5-7A0B-4AF9-B850-707FD945F2C0}\RP81\A0044140.exe Trojan.Downloader-MSWin C:\Documents and Settings\All Users\Start Menu\Programs\Startup\MSWin.exe C:\WINDOWS\Prefetch\MSWIN.EXE-08AA3C8D.pf Trojan.Smitfraud Variant C:\System Volume Information\_restore{8F4E23D5-7A0B-4AF9-B850-707FD945F2C0}\RP116\A0080856.exe C:\System Volume Information\_restore{8F4E23D5-7A0B-4AF9-B850-707FD945F2C0}\RP116\A0080857.exe Adware.Vundo Variant C:\System Volume Information\_restore{8F4E23D5-7A0B-4AF9-B850-707FD945F2C0}\RP116\A0080858.dll C:\System Volume Information\_restore{8F4E23D5-7A0B-4AF9-B850-707FD945F2C0}\RP116\A0080988.dll Adware.ClickSpring C:\System Volume Information\_restore{8F4E23D5-7A0B-4AF9-B850-707FD945F2C0}\RP79\A0036020.dll C:\System Volume Information\_restore{8F4E23D5-7A0B-4AF9-B850-707FD945F2C0}\RP79\A0037039.dll C:\System Volume Information\_restore{8F4E23D5-7A0B-4AF9-B850-707FD945F2C0}\RP81\A0044089.exe C:\System Volume Information\_restore{8F4E23D5-7A0B-4AF9-B850-707FD945F2C0}\RP81\A0044090.dll Adware.ClickSpring/Outer Info Network C:\System Volume Information\_restore{8F4E23D5-7A0B-4AF9-B850-707FD945F2C0}\RP79\A0036067.exe C:\System Volume Information\_restore{8F4E23D5-7A0B-4AF9-B850-707FD945F2C0}\RP87\A0052384.exe Nach einem zweiten Scan in Safe Mode: SUPERAntiSpyware Scan Log Generated 09/15/2006 at 01:49 AM Core Rules Database Version : 3082 Trace Rules Database Version: 1114 Memory Thread detected : 0 Registry Thread detected : 0 File Thread detected : 0 |
|
|
|
|
|
|
15.09.2006, 12:22
Ehrenmitglied
Beiträge: 29434 |
#14
1.
suche : svchost.dll (berichte, ob du die dll findest) 2. Arbeitsplatz-->Rechtsklick, dann auf Eigenschaften--->Reiter Systemwiederherstellung--->Häkchen setzen bei Systemwiederherstellung auf allen Laufwerken deaktivieren. (dann wieder aktivieren) 3. Tuneup wende an: Cleanup repair -- TuneUp Diskcleaner Cleanup repair -- Registry Cleaner http://virus-protect.org/reinigungstoolsregistry.html dann berichte, wie es laeuft  __________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
|
15.09.2006, 14:43
Member
Themenstarter Beiträge: 11 |
#15
hi, danke, es läuft immer besser, nur eine Sache: Beim Herunterladen muss ich immer ein Programm manuell beenden "hpcmpmgr.exe", sonst lässt sich mein PC nicht von alleine herunterladen oder ausschalten?
Was mache ich mit all den Programmen, die ich installiert habe, darf ich die löschen oder? Danke nochmals! |
|
|
|
|
|
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!
bitte erst » hier kostenlos registrieren!!
Folgende Themen könnten Dich auch interessieren:
Copyright © 2024, Protecus.de - Protecus Team - Impressum / Mediadaten
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Java\jre1.5.0\bin\jusched.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\DTV\RemoteControl.exe
C:\Program Files\Common Files\Ulead Systems\DVD\USISrv.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HPQ\Shared\hpqwmi.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Adobe\Acrobat 7.0\Acrobat\Acrobat.exe
C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\Adobelm_Cleanup.0001
C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
C:\DOCUME~1\DeyanPC\LOCALS~1\Temp\Adobelm_Cleanup.0001
C:\Documents and Settings\DeyanPC\My Documents\programs\security\hijack\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [DTVRemote] "C:\Program Files\DTV\RemoteControl.exe"
O4 - HKLM\..\Run: [USIUDF_Eject_Monitor] C:\Program Files\Common Files\Ulead Systems\DVD\USISrv.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: MSWin.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://locator.cdn.imageservr.com
O16 - DPF: {00000000-0000-0000-0000-100000000003} - http://code.trasferimento.biz/l/a3ad1d8edc539b47a7e227b1feea490d_35.exe
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/promotions/spywaredetector/ICSScanner37900.cab
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/aio/en/check/qdiagh.cab?326
O20 - AppInit_DLLs: "", svchost.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\Shared\hpqwmi.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Unknown owner - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
ComboFix 06.09.07 - Running from: C:\Documents and Settings\DeyanPC\My Documents\programs\security\combofix
Microsoft Windows XP [Version 5.1.2600]
(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ Purity ~ ~ ~ ~ ~ ~ ~ ~~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~
Folders Quarantined:
C:\QooBox\Purity\WINDOWS\system32\STEM32~1
((((((((((((((((((((((((((((((( Files Created from 2006-08-11 to 2006-09-11 ))))))))))))))))))))))))))))))))))
2006-09-10 16:26 106,516 --a------ C:\WINDOWS\system32\skjwytpj.dll
2006-09-10 16:25 1,132,505 ---hs---- C:\WINDOWS\system32\llnmp.bak1
2006-09-10 11:14 106,516 --a------ C:\WINDOWS\system32\dadcqcan.dll
2006-09-09 10:36 106,516 --a------ C:\WINDOWS\system32\atnwbond.dll
2006-09-07 12:27 106,516 --a------ C:\WINDOWS\system32\oiyjknwi.dll
2006-09-05 23:26 106,516 --a------ C:\WINDOWS\system32\omdwkoqo.dll
2006-09-04 20:48 106,516 --a------ C:\WINDOWS\system32\lttchjyn.dll
2006-09-03 12:26 102,420 --a------ C:\WINDOWS\system32\erwpditm.dll
2006-09-02 12:25 102,420 --a------ C:\WINDOWS\system32\ioqofpom.dll
2006-08-26 04:54 13,844 --a------ C:\WINDOWS\system32\pppyrcrm.exe
2006-08-24 22:26 13,844 --a------ C:\WINDOWS\system32\rkrthmga.exe
2006-08-22 00:18 13,844 --a------ C:\WINDOWS\system32\ywvqfkvo.exe
2006-08-16 02:50 2,580 --a------ C:\WINDOWS\system32\pyeytrqk.exe
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2006-09-11 15:59 -------- d-------- C:\Program Files\CleanUp!
2006-09-11 15:49 -------- d-------- C:\Documents and Settings\DeyanPC\Application Data\Skype
2006-09-10 20:12 -------- d-------- C:\Program Files\Common Files\Logitech
2006-09-10 17:53 -------- d-------- C:\Program Files\Roguescanfix
2006-09-10 15:10 28672 --a------ C:\WINDOWS\system32\drivers\CO_Mon.sys
2006-09-10 11:14 777472 --a------ C:\WINDOWS\system32\drivers\avg7core.sys
2006-09-10 11:14 27904 --a------ C:\WINDOWS\system32\drivers\avg7rsxp.sys
2006-09-06 01:19 -------- d---s---- C:\Documents and Settings\DeyanPC\Application Data\Microsoft
2006-09-05 00:26 -------- d-------- C:\Program Files\Nokia
2006-09-05 00:26 -------- d-------- C:\Program Files\Common Files\PCSuite
2006-09-05 00:26 -------- d-------- C:\Program Files\Common Files\Nokia
2006-09-05 00:26 -------- d-------- C:\Program Files\Common Files
2006-09-05 00:21 -------- d--h----- C:\Program Files\InstallShield Installation Information
2006-08-25 00:00 -------- d-------- C:\Program Files\audiograbber
2006-08-24 18:26 -------- d-------- C:\Program Files\Registry Mechanic
2006-08-22 20:58 -------- d-------- C:\Documents and Settings\DeyanPC\Application Data\Sonic
2006-08-22 20:58 -------- d-------- C:\Documents and Settings\DeyanPC\Application Data\Leadertech
2006-08-21 20:00 -------- d-------- C:\Documents and Settings\DeyanPC\Application Data\Apple Computer
2006-08-16 03:02 -------- d-------- C:\Program Files\Internet Explorer
2006-07-28 01:24 -------- d-------- C:\Program Files\iTunes
2006-07-28 01:22 -------- d-------- C:\Program Files\iPod
2006-07-27 16:24 679424 --a------ C:\WINDOWS\system32\inetcomm.dll
2006-07-24 23:09 53624 --a------ C:\Documents and Settings\DeyanPC\Application Data\GDIPFONTCACHEV1.DAT
2006-07-21 11:24 72704 --a------ C:\WINDOWS\system32\hlink.dll
2006-07-18 00:46 -------- d-------- C:\Program Files\Winamp
2006-07-16 15:50 -------- d-------- C:\Program Files\Zone Labs
2006-07-16 13:50 -------- d-------- C:\Program Files\Grisoft
2006-07-16 13:49 -------- d-------- C:\Documents and Settings\DeyanPC\Application Data\AVG7
2006-07-16 13:48 4992 --a------ C:\WINDOWS\system32\drivers\avgtdi.sys
2006-07-16 13:48 4288 --a------ C:\WINDOWS\system32\drivers\avg7rsw.sys
2006-07-16 13:48 23424 --a------ C:\WINDOWS\system32\drivers\avgmfrs.sys
2006-07-14 00:46 -------- d-------- C:\Program Files\Microsoft Office
2006-07-14 00:46 -------- d-------- C:\Program Files\Common Files\Microsoft Shared
2006-07-14 00:10 -------- d-------- C:\Program Files\Microsoft ActiveSync
2006-07-14 00:09 -------- d-------- C:\Program Files\Microsoft Visual Studio
2006-07-14 00:08 -------- d-------- C:\Program Files\Common Files\System
2006-07-09 13:42 42920 --a------ C:\WINDOWS\system32\vsutil_loc0407.dll
2006-07-05 16:39 569396 --------- C:\WINDOWS\system32\pmnll.dll
2006-06-17 14:04 5875 --a------ C:\Documents and Settings\DeyanPC\Application Data\GdiplusUpgrade_MSIApproach_Wrapper.log
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="\"C:\\WINDOWS\\IME\\imjp8_1\\IMJPMIG.EXE\" /Spoil /RemAdvDef /Migration32"
"PHIME2002ASync"="C:\\WINDOWS\\system32\\IME\\TINTLGNT\\TINTSETP.EXE /SYNC"
"PHIME2002A"="C:\\WINDOWS\\system32\\IME\\TINTLGNT\\TINTSETP.EXE /IMEName"
"SoundMAXPnP"="C:\\Program Files\\Analog Devices\\SoundMAX\\SMax4PNP.exe"
"SoundMAX"="C:\\Program Files\\Analog Devices\\SoundMAX\\Smax4.exe /tray"
"AGRSMMSG"="AGRSMMSG.exe"
"SynTPEnh"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe"
"IgfxTray"="C:\\WINDOWS\\system32\\igfxtray.exe"
"HotKeysCmds"="C:\\WINDOWS\\system32\\hkcmd.exe"
"Cpqset"="C:\\Program Files\\HPQ\\Default Settings\\cpqset.exe"
"eabconfg.cpl"="C:\\Program Files\\HPQ\\Quick Launch Buttons\\EabServr.exe /Start"
"UpdateManager"="\"C:\\Program Files\\Common Files\\Sonic\\Update Manager\\sgtray.exe\" /r"
"dla"="C:\\WINDOWS\\system32\\dla\\tfswctrl.exe"
"SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.5.0\\bin\\jusched.exe"
"hpWirelessAssistant"="C:\\Program Files\\hpq\\HP Wireless Assistant\\HP Wireless Assistant.exe"
"WatchDog"="C:\\Program Files\\InterVideo\\DVD Check\\DVDCheck.exe"
"BluetoothAuthenticationAgent"="rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent"
"Acrobat Assistant 7.0"="\"C:\\Program Files\\Adobe\\Acrobat 7.0\\Distillr\\Acrotray.exe\""
@=""
"DTVRemote"="\"C:\\Program Files\\DTV\\RemoteControl.exe\""
"USIUDF_Eject_Monitor"="C:\\Program Files\\Common Files\\Ulead Systems\\DVD\\USISrv.exe"
"HP Component Manager"="\"C:\\Program Files\\HP\\hpcoretech\\hpcmpmgr.exe\""
"HP Software Update"="C:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe"
"RegistryMechanic"=""
"AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgcc.exe /STARTUP"
"Zone Labs Client"="\"C:\\Program Files\\Zone Labs\\ZoneAlarm\\zlclient.exe\""
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"QuickTime Task"="\"C:\\Program Files\\K-Lite Codec Pack\\QuickTime\\qttask.exe\" -atboottime"
"DataLayer"="C:\\Program Files\\Common Files\\PCSuite\\DataLayer\\DataLayer.exe"
"PCSuiteTrayApplication"="C:\\Program Files\\Nokia\\Nokia PC Suite 6\\LaunchApplication.exe -onlytray"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"Installed"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"Installed"="1"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoCDBurning"=dword:00000000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000001
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e2,02,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\
00,00,01,00,00,00
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgw.exe /RUNONCE"
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgw.exe /RUNONCE"
[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\pmnll
Completion time: Mon 09/11/2006 16:03:27.71
ComboFix.txt
ComboFix2.txt
Datfind.bat Logs:
Volume in drive C has no label.
Volume Seri*hier nicht!* Number is FC8A-D7FF
Directory of C:\WINDOWS\system32
09/11/2006 16:06 0 llnmp.tmp
09/11/2006 16:06 1,142,208 llnmp.ini
09/11/2006 15:02 54,112 vsconfig.xml
09/11/2006 15:01 2,206 wpa.dbl
09/11/2006 14:59 0 mcrh.tmp
09/10/2006 16:26 106,516 skjwytpj.dll
09/10/2006 16:25 1,132,505 llnmp.bak1
09/10/2006 11:14 106,516 dadcqcan.dll
09/09/2006 10:36 106,516 atnwbond.dll
09/07/2006 12:27 106,516 oiyjknwi.dll
09/05/2006 23:26 106,516 omdwkoqo.dll
09/04/2006 20:48 106,516 lttchjyn.dll
09/03/2006 12:26 102,420 erwpditm.dll
09/02/2006 12:25 102,420 ioqofpom.dll
08/26/2006 04:54 13,844 pppyrcrm.exe
08/24/2006 22:26 13,844 rkrthmga.exe
08/22/2006 00:18 13,844 ywvqfkvo.exe
08/16/2006 02:50 2,580 pyeytrqk.exe
08/09/2006 22:03 8,325,544 MRT.exe
07/28/2006 14:28 3,054,080 mshtml.dll
07/27/2006 16:24 679,424 inetcomm.dll
07/26/2006 01:03 4,212 zllictbl.dat
07/25/2006 23:33 613,888 urlmon.dll
07/21/2006 11:24 72,704 hlink.dll
07/16/2006 20:34 382,260 perfh009.dat
07/16/2006 20:34 53,838 perfc009.dat
07/16/2006 20:34 441,802 PerfStringBackup.INI
07/14/2006 18:31 332,288 netapi32.dll
07/14/2006 18:25 546,304 hhctrl.ocx
07/14/2006 10:01 215,264 FNTCACHE.DAT
07/13/2006 16:33 8,453,632 shell32.dll
07/09/2006 15:38 25,605 ikhcore.log
07/09/2006 13:42 42,920 vsutil_loc0407.dll
07/09/2006 13:42 392,824 vsdatant.sys
07/09/2006 13:42 71,672 zlcommdb.dll
07/09/2006 13:42 83,960 zlcomm.dll
07/09/2006 13:42 100,344 vsxml.dll
07/09/2006 13:42 59,384 vswmi.dll
07/09/2006 13:42 440,312 vsutil.dll
07/09/2006 13:42 71,672 vsregexp.dll
07/09/2006 13:42 268,280 vspubapi.dll
07/09/2006 13:42 157,688 vsinit.dll
07/09/2006 13:42 104,440 vsmonapi.dll
07/09/2006 13:42 83,960 vsdata.dll
07/05/2006 16:39 569,396 pmnll.dll
07/05/2006 13:55 984,064 kernel32.dll
06/26/2006 20:37 148,480 dnsapi.dll
06/26/2006 20:37 8,192 rasadhlp.dll
06/23/2006 14:02 658,944 wininet.dll
06/23/2006 14:02 1,494,016 shdocvw.dll
06/23/2006 14:02 532,480 mstime.dll
06/23/2006 14:02 39,424 pngfilt.dll
06/23/2006 14:02 448,512 mshtmled.dll
06/23/2006 14:02 146,432 msrating.dll
06/23/2006 14:02 474,112 shlwapi.dll
06/23/2006 14:02 251,392 iepeers.dll
06/23/2006 14:02 1,054,208 danim.dll
06/23/2006 14:02 357,888 dxtmsft.dll
06/23/2006 14:02 205,312 dxtrans.dll
06/23/2006 14:02 55,808 extmgr.dll
06/23/2006 14:02 16,384 jsproxy.dll
06/23/2006 14:02 96,256 inseng.dll
06/23/2006 14:02 151,040 cdfview.dll
06/23/2006 14:02 1,022,976 browseui.dll
06/23/2006 11:34 24,576 xpsp3res.dll
06/22/2006 13:47 181,248 rasmans.dll
06/20/2006 23:32 796,584 libeay32_0.9.6l.dll
06/19/2006 16:20 702,768 WgaLogon.dll
06/19/2006 16:19 571,184 LegitCheckControl.dll
06/19/2006 16:19 304,944 WgaTray.exe
06/15/2006 15:20 45,292 OEMINFO.PNF
06/01/2006 21:47 163,840 jgdw400.dll
06/01/2006 21:47 27,648 jgpl400.dll
Volume in drive C has no label.
Volume Seri*hier nicht!* Number is FC8A-D7FF
Directory of C:\DOCUME~1\DeyanPC\LOCALS~1\Temp
09/11/2006 15:29 59,964 Adobelm_Cleanup.0001
09/11/2006 15:28 2,048,000 AcrC8F4.tmp
2 File(s) 2,107,964 bytes
0 Dir(s) 27,043,569,664 bytes free
Directory of C:\WINDOWS
09/11/2006 15:01 159 wiadebug.log
09/11/2006 15:01 3,638 ModemLog_Agere Systems AC'97 Modem.txt
09/11/2006 15:01 1,159,036 WindowsUpdate.log
09/11/2006 15:01 49 wiaservc.log
09/11/2006 15:00 0 0.log
09/11/2006 15:00 2,048 bootstat.dat
09/11/2006 01:09 32,646 SchedLgU.Txt
09/10/2006 20:47 2,875 KB893803v2Uninst.log
09/10/2006 20:47 71,903 iis6.log
09/10/2006 20:47 173,304 comsetup.log
09/10/2006 20:47 1,374 imsins.log
09/10/2006 20:47 107,384 ntdtcsetup.log
09/10/2006 20:47 192,398 tsoc.log
09/10/2006 20:47 27,897 ocmsn.log
09/10/2006 20:46 264,992 ocgen.log
09/10/2006 20:46 25,132 msgsocm.log
09/10/2006 20:46 497,737 FaxSetup.log
09/10/2006 20:46 930,699 setupapi.log
09/10/2006 19:46 268 _delis32.ini
09/10/2006 17:25 3,234 spupdsvc.log
09/10/2006 17:22 15,872 WgaNotify.log
09/10/2006 17:19 22,191 updspapi.log
09/09/2006 16:31 61,136 wmsetup.log
09/09/2006 14:32 54,156 QTFont.qfn
09/05/2006 00:22 19 SoundConverter.INI
09/01/2006 00:50 1,409 QTFont.for
08/25/2006 00:00 14,686 cdplayer.ini
08/24/2006 18:23 1,026,392 dp2_log.txt
08/16/2006 03:06 1,374 imsins.BAK
08/16/2006 03:06 17,334 KB920214.log
08/16/2006 03:05 17,148 KB921883.log
08/16/2006 03:05 16,874 KB922616.log
08/16/2006 03:05 17,321 KB921398.log
08/16/2006 03:03 20,295 KB918899.log
08/16/2006 03:02 12,683 KB920670.log
08/16/2006 03:01 12,843 KB917422.log
08/16/2006 03:01 13,189 KB920683.log
07/28/2006 01:24 357 GEARInstall.log
07/27/2006 13:27 271,029 LVEventLog.log
07/16/2006 12:57 472 setupact.log
07/15/2006 03:01 3,335 KB885884.log
07/14/2006 00:16 748 ODBC.INI
07/14/2006 00:13 628 win.ini
07/12/2006 01:02 12,535 KB917159.log
07/12/2006 01:02 13,086 KB914388.log
07/12/2006 01:01 11,304 KB916595.log
07/06/2006 22:05 0 pestpatrol5.INI
06/28/2006 03:01 15,700 KB911280.log
06/17/2006 16:18 11,919 KB917734.log
06/17/2006 16:17 14,404 KB918439.log
06/17/2006 16:17 14,787 KB917344.log
06/17/2006 16:17 14,551 KB917953.log
06/17/2006 16:17 18,165 KB916281.log
06/17/2006 16:17 12,437 KB914389.log
06/17/2006 14:09 100,724 cpeins04.dat
06/17/2006 14:04 206 HPGdiPlus.ini
06/15/2006 18:30 104,156 hpoins04.dat
06/13/2006 13:14 794 DirectX.log
06/12/2006 23:43 316,640 WMSysPr9.prx
Directory of C:\
09/11/2006 16:08 0 sys.txt
09/11/2006 16:08 8,986 system.txt
09/11/2006 16:07 329 systemtemp.txt
09/11/2006 16:06 111,287 system32.txt
09/11/2006 16:03 9,809 ComboFix.txt
09/11/2006 15:00 527,880,192 hiberfil.sys
09/11/2006 15:00 792,723,456 pagefile.sys
09/10/2006 16:55 320 temp.txt
09/10/2006 16:46 10,118 ComboFix2.txt
09/10/2006 16:16 1,600 VundoFix.txt
08/16/2006 18:25 1,341,440 01.mpg
07/27/2006 13:27 2,048 TimeShift.mpg
07/16/2006 13:52 12,286,415 AVG7QT.DAT
07/09/2006 15:32 6,990 caisslog.txt
06/15/2006 20:45 1,167 _Sid.txt
Problembeschreibung: Mein PC ist extrem langsam, wenn ich ein Programm oder eine Web-Seite öffnen möchte, ab und zu versuchen sich Programme selber zu installieren(wie WinFixer, Win...) und mein PC lädt sich auch von alleine herunter, verstehe ich auch nicht warum, lädt auch sehr langsam beim Windowsstarten!
Habe AVG und ZONEALARM drauf, aber keine Besserung!
Danke für die Hilfe!