netcmd und netconfig.

Thema ist geschlossen!
Thema ist geschlossen!
#0
23.10.2006, 03:12
Member

Beiträge: 28
#1 hallo leute,

also mein problem ist netcmd und netconfig. ich lösch sie manuell aber nach paar stunden oder nach einem tag ist der wieder da? komisch ;)


Logfile of HijackThis v1.99.1
Scan saved at 3:13:11 AM, on 10/23/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\DU Meter\DUMeter.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\Program Files\Creative\ShareDLL\CtNotify.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Creative\SBExtigy\RemoteCenter\Rc\Rcman.exe
C:\Program Files\Creative\ShareDLL\MediaDet.Exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\WINDOWS\system32\CTSvcCDA.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Creative\SBExtigy\RemoteCenter\Rc\EAX.exe
C:\Program Files\Creative\SBExtigy\RemoteCenter\Rc\VRC.exe
C:\Program Files\Creative\SBExtigy\RemoteCenter\Center\RCenter.exe
C:\Program Files\Creative\SBExtigy\RemoteCenter\Rc\OSDMenu.EXE
C:\WINDOWS\SYSTEM32\NETCMD.EXE
C:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe
C:\Documents and Settings\Toryuz\Desktop\hijackthis_199\HijackThis.exe

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SW20] C:\WINDOWS\system32\sw20.exe
O4 - HKLM\..\Run: [SW24] C:\WINDOWS\system32\sw24.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\Updreg.exe
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [DU Meter] C:\Program Files\DU Meter\DUMeter.exe
O4 - HKLM\..\Run: [kav] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [AudCtrl] RunDll32 AudCtrl.dll,RCMonitor
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKCU\..\Run: [RemoteCenter] C:\Program Files\Creative\SBExtigy\RemoteCenter\Rc\Rcman.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - Global Startup: netconfig.lnk = C:\WINDOWS\netconfig.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.de/scan8/oscan8.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
Seitenanfang Seitenende
23.10.2006, 08:53
Ehrenmitglied
Avatar Sabina

Beiträge: 29434
#2 notoryus

stelle den CleanUp genauso ein, wie hier angegeben:
http://virus-protect.org/cleanup.html

Kopiere diese 6 Textdateien ab . (rechtsklick mit der Maus -> den Text markieren -> kopieren -> einfügen) Sie sind nach Datum geordnet. (kopiere nur die letzten 3 Monate ab)
http://virus-protect.org/datfindbat.html
__________
MfG Sabina

rund um die PC-Sicherheit
Seitenanfang Seitenende
23.10.2006, 18:54
Member

Themenstarter

Beiträge: 28
#3 Die 6 log dateien.

Volume in drive C has no label.
Volume Serial Number is 74AE-590E

Directory of C:\WINDOWS\system32

10/23/2006 06:38 PM 80,671 nvapps.xml
10/19/2006 12:57 PM 1,205 lvcoinst.log
10/19/2006 12:53 PM 491 Installer.log
10/19/2006 02:45 AM 16,832 amcompat.tlb
10/19/2006 02:45 AM 23,392 nscompat.tlb
10/17/2006 10:36 AM 45 desktop.ini
10/17/2006 09:45 AM 311,604 perfh009.dat
10/17/2006 09:45 AM 39,992 perfc009.dat
10/17/2006 09:45 AM 356,120 PerfStringBackup.INI
10/17/2006 09:43 AM 90,296 FNTCACHE.DAT
10/17/2006 09:20 AM 2,550 Uninstall.ico
10/17/2006 09:20 AM 1,406 Help.ico
10/17/2006 09:20 AM 30,590 pavas.ico
10/17/2006 09:06 AM 0 h323log.txt
10/17/2006 09:01 AM 2,206 wpa.dbl
10/17/2006 07:28 AM 208,896 nvudisp.exe
10/17/2006 07:28 AM 155,715 nvsvc32.exe
10/17/2006 07:28 AM 86,016 nvmctray.dll
10/17/2006 07:28 AM 7,630,848 nvcpl.dll
10/17/2006 07:28 AM 35,840 nvcod.dll
10/17/2006 07:28 AM 196,608 nvapi.dll
10/17/2006 07:28 AM 4,495,744 nv4_disp.dll
10/17/2006 07:17 AM 261 $winnt$.inf
10/17/2006 07:14 AM 2,577 CONFIG.NT
10/17/2006 07:12 AM 488 WindowsLogon.manifest
10/17/2006 07:12 AM 488 logonui.exe.manifest
10/17/2006 07:12 AM 749 cdplayer.exe.manifest
10/17/2006 07:12 AM 749 sapi.cpl.manifest
10/17/2006 07:12 AM 749 wuaucpl.cpl.manifest
10/17/2006 07:12 AM 749 ncpa.cpl.manifest
10/17/2006 07:12 AM 749 nwc.cpl.manifest
10/17/2006 07:09 AM 21,640 emptyregdb.dat
09/13/2006 07:01 AM 1,084,416 msxml3.dll
09/04/2006 08:08 AM 1,494,016 shdocvw.dll
08/25/2006 05:45 PM 617,472 comctl32.dll
08/18/2006 06:19 PM 1,576,960 msicpl.dll
08/16/2006 01:58 PM 100,352 6to4svc.dll
08/08/2006 04:33 PM 208,896 NVUNINST.EXE
08/08/2006 02:54 PM 1,519,616 nwiz.exe
08/08/2006 02:54 PM 794,624 nvcplui.exe
08/08/2006 02:54 PM 1,011,712 nvcpluir.dll
08/08/2006 02:54 PM 5,611,520 nvdisps.dll
08/08/2006 02:54 PM 5,251,072 nvdispsr.dll
08/08/2006 02:54 PM 1,339,392 nvdspsch.exe
08/08/2006 02:54 PM 311,296 nvexpbar.dll
08/08/2006 02:54 PM 3,039,232 nvgames.dll
08/08/2006 02:54 PM 2,928,640 nvgamesr.dll
08/08/2006 02:54 PM 69,632 nvcpl.cpl
08/08/2006 02:54 PM 581,632 nvhwvid.dll
08/08/2006 02:54 PM 1,470,464 nview.dll
08/08/2006 02:54 PM 229,376 nvmccs.dll
08/08/2006 02:54 PM 45,056 nvmccsrs.dll
08/08/2006 02:54 PM 188,416 nvmccss.dll
08/08/2006 02:54 PM 458,752 nvmccssr.dll
08/08/2006 02:54 PM 167,936 nvwrszht.dll
08/08/2006 02:54 PM 163,840 nvwrszhc.dll
08/08/2006 02:54 PM 147,456 nvcolor.exe
08/08/2006 02:54 PM 888,832 nvmobls.dll
08/08/2006 02:54 PM 2,859,008 nvmoblsr.dll
08/08/2006 02:54 PM 286,720 nvnt4cpl.dll
08/08/2006 02:54 PM 5,636,096 nvoglnt.dll
08/08/2006 02:54 PM 425,984 keystone.exe
08/08/2006 02:54 PM 35,840 nvcodins.dll
08/08/2006 02:54 PM 245,760 nvrsda.dll
08/08/2006 02:54 PM 270,336 nvrsde.dll
08/08/2006 02:54 PM 274,432 nvrsel.dll
08/08/2006 02:54 PM 241,664 nvrseng.dll
08/08/2006 02:54 PM 274,432 nvrses.dll
08/08/2006 02:54 PM 266,240 nvrsesm.dll
08/08/2006 02:54 PM 241,664 nvrsfi.dll
08/08/2006 02:54 PM 278,528 nvrsfr.dll
08/08/2006 02:54 PM 323,584 nvrshe.dll
08/08/2006 02:54 PM 249,856 nvrshu.dll
08/08/2006 02:54 PM 1,732,608 nvwssr.dll
08/08/2006 02:54 PM 274,432 nvrsit.dll
08/08/2006 02:54 PM 262,144 nvrsja.dll
08/08/2006 02:54 PM 258,048 nvrsko.dll
08/08/2006 02:54 PM 266,240 nvrsnl.dll
08/08/2006 02:54 PM 249,856 nvrsno.dll
08/08/2006 02:54 PM 249,856 nvrspl.dll
08/08/2006 02:54 PM 266,240 nvrspt.dll
08/08/2006 02:54 PM 262,144 nvrsptb.dll
08/08/2006 02:54 PM 262,144 nvrsru.dll
08/08/2006 02:54 PM 249,856 nvrssk.dll
08/08/2006 02:54 PM 249,856 nvrssl.dll
08/08/2006 02:54 PM 245,760 nvrssv.dll
08/08/2006 02:54 PM 249,856 nvrstr.dll
08/08/2006 02:54 PM 221,184 nvrszhc.dll
08/08/2006 02:54 PM 122,880 nvrszht.dll
08/08/2006 02:54 PM 466,944 nvshell.dll
08/08/2006 02:54 PM 442,368 nvappbar.exe
08/08/2006 02:54 PM 73,728 nvtuicpl.cpl
08/08/2006 02:54 PM 241,664 nvrscs.dll
08/08/2006 02:54 PM 1,232,896 nvwss.dll
08/08/2006 02:54 PM 2,904,064 nvvitvs.dll
08/08/2006 02:54 PM 2,953,216 nvvitvsr.dll
08/08/2006 02:54 PM 81,920 nvwddi.dll
08/08/2006 02:54 PM 1,662,976 nvwdmcpl.dll
08/08/2006 02:54 PM 1,019,904 nvwimg.dll
08/08/2006 02:54 PM 282,624 nvwrsar.dll
08/08/2006 02:54 PM 303,104 nvwrstr.dll
08/08/2006 02:54 PM 286,720 nvwrscs.dll
08/08/2006 02:54 PM 294,912 nvwrsda.dll
08/08/2006 02:54 PM 311,296 nvwrsde.dll
08/08/2006 02:54 PM 335,872 nvwrsel.dll
08/08/2006 02:54 PM 286,720 nvwrseng.dll
08/08/2006 02:54 PM 335,872 nvwrses.dll
08/08/2006 02:54 PM 327,680 nvwrsesm.dll
08/08/2006 02:54 PM 294,912 nvwrssv.dll
08/08/2006 02:54 PM 303,104 nvwrsfi.dll
08/08/2006 02:54 PM 327,680 nvwrsfr.dll
08/08/2006 02:54 PM 278,528 nvwrshe.dll
08/08/2006 02:54 PM 315,392 nvwrshu.dll
08/08/2006 02:54 PM 323,584 nvwrsit.dll
08/08/2006 02:54 PM 212,992 nvwrsja.dll
08/08/2006 02:54 PM 196,608 nvwrsko.dll
08/08/2006 02:54 PM 319,488 nvwrsnl.dll
08/08/2006 02:54 PM 299,008 nvwrsno.dll
08/08/2006 02:54 PM 294,912 nvwrspl.dll
08/08/2006 02:54 PM 323,584 nvwrspt.dll
08/08/2006 02:54 PM 319,488 nvwrsptb.dll
08/08/2006 02:54 PM 323,584 nvrsar.dll
08/08/2006 02:54 PM 315,392 nvwrsru.dll
08/08/2006 02:54 PM 299,008 nvwrssk.dll
08/08/2006 02:54 PM 303,104 nvwrssl.dll

---

Volume in drive C has no label.
Volume Serial Number is 74AE-590E

Directory of C:\DOCUME~1\Toryuz\LOCALS~1\Temp

10/23/2006 06:47 PM 2,456 TMP9.tmp
10/23/2006 06:43 PM 16,384 ~DF12A2.tmp
10/23/2006 06:43 PM 16,384 Perflib_Perfdata_ab8.dat
10/23/2006 06:38 PM 16,384 ~DFD496.tmp
4 File(s) 51,608 bytes
0 Dir(s) 4,769,619,968 bytes free
--

Volume in drive C has no label.
Volume Serial Number is 74AE-590E

Directory of C:\WINDOWS

10/23/2006 06:47 PM 116 NeroDigital.ini
10/23/2006 06:44 PM 207,937 WindowsUpdate.log
10/23/2006 06:39 PM 0 0.log
10/23/2006 06:39 PM 159 wiadebug.log
10/23/2006 06:39 PM 50 wiaservc.log
10/23/2006 06:38 PM 2,048 bootstat.dat
10/23/2006 02:22 PM 14,336 SchedLgU.Txt
10/23/2006 02:07 AM 22,811 yacs.log
10/22/2006 09:26 AM 272 system.ini
10/22/2006 09:26 AM 524 win.ini
10/21/2006 11:34 PM 3,121 Full Speed Uninstall Log.txt
10/21/2006 10:55 PM 1,830 spupdsvc.log
10/21/2006 10:43 PM 496,914 iis6.log
10/21/2006 10:43 PM 22,089 tabletoc.log
10/21/2006 10:43 PM 90,969 ntdtcsetup.log
10/21/2006 10:43 PM 199,194 tsoc.log
10/21/2006 10:43 PM 23,799 ocmsn.log
10/21/2006 10:43 PM 152,891 comsetup.log
10/21/2006 10:43 PM 1,393 imsins.log
10/21/2006 10:43 PM 221,903 KB917734.log
10/21/2006 10:43 PM 5,891 wmsetup.log
10/21/2006 10:43 PM 29,962 MedCtrOC.log
10/21/2006 10:43 PM 210,104 ocgen.log
10/21/2006 10:43 PM 75,351 netfxocm.log
10/21/2006 10:43 PM 21,574 msgsocm.log
10/21/2006 10:43 PM 425,779 FaxSetup.log
10/21/2006 10:43 PM 136,928 msmqinst.log
10/21/2006 10:43 PM 637,264 setupapi.log
10/21/2006 10:43 PM 218,887 KB898458.log
10/21/2006 10:08 PM 9,349 Full Speed Setup Log.txt
10/20/2006 06:54 AM 156,910 WMSysPr8.prx
10/19/2006 02:59 AM 9,995 INSTALL.LOG
10/19/2006 02:45 AM 44,182 wmsetup10.log
10/19/2006 02:44 AM 316,640 WMSysPr9.prx
10/19/2006 02:39 AM 1,460 Register Sound Blaster Extigy.lnk
10/19/2006 02:27 AM 253 SBWIN.INI
10/19/2006 01:33 AM 88,018 _detmp.1
10/19/2006 12:51 AM 32 go
10/18/2006 04:51 AM 0 YAHELITE.INI
10/18/2006 04:12 AM 116 PCGWIN32.LI3
10/18/2006 12:34 AM 3,451 mozver.dat
10/17/2006 10:36 AM 45 desktop.ini
10/17/2006 10:29 AM 193,529 ferrariF50_2.jpg
10/17/2006 10:29 AM 18,769 ferrariF50_2_420.jpg
10/17/2006 10:29 AM 186,393 ferrariF50.jpg
10/17/2006 10:29 AM 25,261 ferrariF50_420.jpg
10/17/2006 10:24 AM 19,667 Screenshot.jpg
10/17/2006 10:24 AM 226 ReddishXP_08-09.bmp
10/17/2006 10:24 AM 41,122 ReddishXP_Preview.jpg
10/17/2006 10:24 AM 153,718 ReddishXP_01.bmp
10/17/2006 10:24 AM 14,191 ReadMe.htm
10/17/2006 10:23 AM 64,200 murciSlago R-GT_wallpaper.jpg
10/17/2006 10:22 AM 44,816 PlastRed_Preview.jpg
10/17/2006 10:22 AM 153,718 PlastRed_01.bmp
10/17/2006 10:22 AM 226 PlastRed_08-09.bmp
10/17/2006 10:22 AM 92,704 rf_preview.jpg
10/17/2006 10:22 AM 318,916 ElectricWindows.jpg
10/17/2006 10:22 AM 153,718 ElectricWindows_01.bmp
10/17/2006 10:22 AM 226 ElectricWindows_08-09.bmp
10/17/2006 10:22 AM 45,605 ElectricWindows_Preview.jpg
10/17/2006 10:01 AM 0 nsreg.dat
10/17/2006 09:41 AM 1,393 imsins.BAK
10/17/2006 09:41 AM 208,969 KB922819.log
10/17/2006 09:41 AM 18,556 updspapi.log
10/17/2006 09:40 AM 207,674 KB924496.log
10/17/2006 09:39 AM 207,117 KB923414.log
10/17/2006 09:39 AM 207,081 KB924191.log
10/17/2006 09:38 AM 204,599 KB923191.log
10/17/2006 09:37 AM 206,073 KB925486.log
10/17/2006 09:36 AM 206,371 KB919007.log
10/17/2006 09:35 AM 206,184 KB920685.log
10/17/2006 09:35 AM 206,100 KB917422.log
10/17/2006 09:34 AM 205,520 KB920670.log
10/17/2006 09:33 AM 205,669 KB922616.log
10/17/2006 09:32 AM 206,678 KB921398.log
10/17/2006 09:31 AM 205,560 KB920214.log
10/17/2006 09:31 AM 209,110 KB918899.log
10/17/2006 09:29 AM 201,076 KB920683.log
10/17/2006 09:29 AM 199,564 KB921883.log
10/17/2006 09:28 AM 199,344 KB917537.log
10/17/2006 09:27 AM 199,886 KB914388.log
10/17/2006 09:27 AM 198,449 KB917344.log
10/17/2006 09:26 AM 197,717 KB917953.log
10/17/2006 09:25 AM 198,236 KB914389.log
10/17/2006 09:24 AM 197,410 KB911280.log
10/17/2006 09:23 AM 197,682 KB918439.log
10/17/2006 09:23 AM 199,440 KB913580.log
10/17/2006 09:22 AM 197,815 KB911562.log
10/17/2006 09:21 AM 197,808 KB908531.log
10/17/2006 09:21 AM 197,324 KB911567.log
10/17/2006 09:20 AM 196,753 KB901190.log
10/17/2006 09:19 AM 197,020 KB911927.log
10/17/2006 09:19 AM 195,054 KB911564.log
10/17/2006 09:18 AM 196,443 KB908519.log
10/17/2006 09:18 AM 196,904 KB900485.log
10/17/2006 09:17 AM 197,173 KB912919.log
10/17/2006 09:16 AM 194,926 KB898900.log
10/17/2006 09:16 AM 196,136 KB908521.log
10/17/2006 09:15 AM 195,595 KB910437.log
10/17/2006 09:15 AM 195,542 KB896424.log
10/17/2006 09:14 AM 192,662 KB907865.log
10/17/2006 09:14 AM 194,772 KB905749.log
10/17/2006 09:13 AM 194,258 KB905414.log
10/17/2006 09:13 AM 193,084 KB904706.log
10/17/2006 09:12 AM 196,622 KB902400.log
10/17/2006 09:11 AM 187,688 KB901017.log
10/17/2006 09:11 AM 188,964 KB900725.log
10/17/2006 09:10 AM 186,169 KB899589.log
10/17/2006 09:10 AM 186,509 KB899591.log
10/17/2006 09:09 AM 186,358 KB899588.log
10/17/2006 09:09 AM 185,926 KB899587.log
10/17/2006 09:08 AM 185,299 KB896423.log
10/17/2006 09:08 AM 184,666 KB893756.log
10/17/2006 09:07 AM 184,761 KB901214.log
10/17/2006 09:07 AM 183,694 KB896428.log
10/17/2006 09:07 AM 184,343 KB896358.log
10/17/2006 09:06 AM 184,133 KB890046.log
10/17/2006 09:05 AM 182,056 KB887742.log
10/17/2006 09:05 AM 184,756 KB890859.log
10/17/2006 09:04 AM 180,120 KB891781.log
10/17/2006 09:04 AM 180,209 KB888302.log
10/17/2006 09:04 AM 179,833 KB887472.log
10/17/2006 09:03 AM 0 Sti_Trace.log
10/17/2006 09:03 AM 180,431 KB885835.log
10/17/2006 09:03 AM 179,343 KB873339.log
10/17/2006 09:03 AM 179,430 KB885836.log
10/17/2006 09:02 AM 179,429 KB885894.log
10/17/2006 09:02 AM 178,879 KB898461.log
10/17/2006 09:02 AM 177,564 WgaNotify.log
10/17/2006 09:00 AM 1,052 regopt.log
10/17/2006 08:57 AM 0 setuperr.log
10/17/2006 07:32 AM 0 msicpl.ini
10/17/2006 07:25 AM 833 OEWABLog.txt
10/17/2006 07:25 AM 796,694 setuplog.txt
10/17/2006 07:18 AM 8,192 REGLOCS.OLD
10/17/2006 07:17 AM 172,483 setupact.log
10/17/2006 07:14 AM 0 control.ini
10/17/2006 07:13 AM 4,161 ODBCINST.INI
10/17/2006 07:12 AM 749 WindowsShell.Manifest
10/17/2006 07:10 AM 1,022 sessmgr.setup.log
10/17/2006 07:09 AM 37 vbaddin.ini
10/17/2006 07:09 AM 36 vb.ini
10/17/2006 07:09 AM 133 DtcInstall.log
10/17/2006 07:07 AM 200 cmsetacl.log
05/25/2006 01:22 AM 53,248 bdoscandel.exe
09/15/2005 01:35 PM 50 UNNeroMediaHome.cfg
09/12/2005 03:13 PM 233,472 UNNeroBackItUp.exe
09/12/2005 03:13 PM 233,472 UNNeroVision.exe
09/12/2005 03:13 PM 233,472 UNNeroShowTime.exe
09/12/2005 03:13 PM 233,472 UNRecode.exe
09/12/2005 03:13 PM 233,472 UNNeroMediaHome.exe
08/30/2005 08:37 PM 50 UNNeroVision.cfg
08/30/2005 08:37 PM 50 UNNeroShowTime.cfg
08/30/2005 08:36 PM 50 UNRecode.cfg
08/30/2005 08:33 PM 50 UNNeroBackItUp.cfg
05/27/2005 01:22 AM 10,752 hh.exe
03/02/2005 01:12 PM 483 bdoscandellang.ini
08/04/2004 01:56 AM 283,648 winhlp32.exe
08/04/2004 01:56 AM 69,120 NOTEPAD.EXE
08/04/2004 01:56 AM 146,432 regedit.exe
08/04/2004 01:56 AM 1,032,192 explorer.exe
08/04/2004 01:56 AM 50,688 twain_32.dll
05/23/2002 09:00 AM 20,480 INRES.DLL
08/23/2001 05:00 PM 707 _default.pif
08/23/2001 05:00 PM 15,360 TASKMAN.EXE
08/23/2001 05:00 PM 9,522 Zapotec.bmp
08/23/2001 05:00 PM 94,784 twain.dll
08/23/2001 05:00 PM 25,600 twunk_32.exe
08/23/2001 05:00 PM 17,336 Gone Fishing.bmp
08/23/2001 05:00 PM 65,978 Soap Bubbles.bmp
08/23/2001 05:00 PM 1,405 msdfmap.ini
08/23/2001 05:00 PM 65,954 Prairie Wind.bmp
08/23/2001 05:00 PM 49,680 twunk_16.exe
08/23/2001 05:00 PM 1,272 Blue Lace 16.bmp
08/23/2001 05:00 PM 82,944 clock.avi
08/23/2001 05:00 PM 48,680 winnt256.bmp
08/23/2001 05:00 PM 16,730 FeatherTexture.bmp
08/23/2001 05:00 PM 18,944 vmmreg32.dll
08/23/2001 05:00 PM 26,582 Greenstone.bmp
08/23/2001 05:00 PM 48,680 winnt.bmp
08/23/2001 05:00 PM 65,832 Santa Fe Stucco.bmp
08/23/2001 05:00 PM 17,062 Coffee Bean.bmp
08/23/2001 05:00 PM 26,680 River Sumida.bmp
08/23/2001 05:00 PM 17,362 Rhododendron.bmp
08/23/2001 05:00 PM 256,192 winhelp.exe
08/23/2001 05:00 PM 80 explorer.scf

--

Volume in drive C has no label.
Volume Serial Number is 74AE-590E

Directory of C:\WINDOWS\Temp

10/23/2006 06:38 PM 16,384 ~DFD620.tmp
1 File(s) 16,384 bytes
0 Dir(s) 4,769,619,968 bytes free
--

Volume in drive C has no label.
Volume Serial Number is 74AE-590E

Directory of C:\WINDOWS\Downloaded Program Files

10/17/2006 07:12 AM 65 desktop.ini
08/24/2006 08:28 AM 141,424 asinst.dll
08/22/2006 09:06 AM 537 asinst.inf
06/01/2006 02:57 AM 1,331 oscan8.inf
06/01/2006 02:54 AM 471,040 oscan8.ocx
05/31/2006 04:15 AM 10 oscan81.ocx_x
03/09/2005 03:44 PM 7,276 scanoptions.tsi
03/09/2005 03:34 PM 7,225 lang.ini
03/02/2005 01:43 PM 126 live.ini
03/01/2005 02:08 PM 53,248 ipsupd.dll
03/01/2005 02:08 PM 118,784 bdupd.dll
12/07/2004 04:07 PM 32 bdcore.dll
12/07/2004 04:07 PM 32 libfn.dll
13 File(s) 801,130 bytes
0 Dir(s) 4,769,619,968 bytes free

--

Volume in drive C has no label.
Volume Serial Number is 74AE-590E

Directory of C:\

10/23/2006 06:49 PM 0 sys.txt
10/23/2006 06:49 PM 890 down.txt
10/23/2006 06:49 PM 256 tmp.txt
10/23/2006 06:49 PM 10,821 system.txt
10/23/2006 06:49 PM 439 systemtemp.txt
10/23/2006 06:49 PM 108,409 system32.txt
10/23/2006 06:39 PM 53 biosinfo
10/23/2006 06:38 PM 670,355,456 hiberfil.sys
10/23/2006 06:38 PM 1,006,632,960 pagefile.sys
10/21/2006 11:40 PM 211 boot.ini
10/21/2006 10:09 PM 5 c0.txt
10/19/2006 03:52 AM 280 sqmdata04.sqm
10/19/2006 03:52 AM 244 sqmnoopt04.sqm
10/19/2006 02:56 AM 146 YServer.txt
10/19/2006 02:23 AM 188 CtDrvIns.log
10/18/2006 06:11 PM 268 sqmdata03.sqm
10/18/2006 06:11 PM 244 sqmnoopt03.sqm
10/18/2006 05:35 AM 268 sqmdata02.sqm
10/18/2006 05:35 AM 244 sqmnoopt02.sqm
10/17/2006 10:43 AM 268 sqmdata01.sqm
10/17/2006 10:43 AM 244 sqmnoopt01.sqm
10/17/2006 10:12 AM 268 sqmdata00.sqm
10/17/2006 10:12 AM 244 sqmnoopt00.sqm
10/17/2006 09:44 AM 211 BOOT.BKK
10/17/2006 07:14 AM 0 CONFIG.SYS
10/17/2006 07:14 AM 0 MSDOS.SYS
10/17/2006 07:14 AM 0 IO.SYS
10/17/2006 07:14 AM 0 AUTOEXEC.BAT
08/03/2004 11:59 PM 250,032 ntldr
08/03/2004 11:38 PM 47,564 NTDETECT.COM
30 File(s) 1,677,410,213 bytes
0 Dir(s) 4,769,619,968 bytes free

--
Seitenanfang Seitenende
24.10.2006, 00:46
Ehrenmitglied
Avatar Sabina

Beiträge: 29434
#4

Zitat

W32/Sdbot-JW verbreitet sich auf Netzwerkfreigaben mit einfachen Kennwörtern, nachdem das Backdoortrojaner-Element den entsprechenden Befehl von einem remoten Anwender erhalten hat. Gleichzeitig kopiert er sich nach IPV6.DAT auf den lokalen Computer.
scanne nach Anleitung mit sophos und poste den scanreport
http://virus-protect.org/multiavtool.html
__________
MfG Sabina

rund um die PC-Sicherheit
Seitenanfang Seitenende
24.10.2006, 18:54
Member

Themenstarter

Beiträge: 28
#5 Hier die Scanreport von allen Laufwerken

Sophos Anti-Virus
Version 4.10.0 [Win32/Intel]
Virus data version 4.10, October 2006
Includes detection for 192889 viruses, trojans and worms
Copyright (c) 1989-2006 Sophos Plc, www.sophos.com

System time 10:02:47, System date 24 October 2006
Command line qualifiers are: -f -di -all -remove -mime -mbr -noc -archive -opt=ISCabinet

IDE directory is: c:\AV-CLS\Sophos

Full Scanning

Could not open C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat
Could not open C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG
Could not open C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat
Could not open C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG
>>> Virus 'Mal/Packer' found in file C:\Documents and Settings\Toryuz\Desktop\Yahoo PROGz\BOTS TESTER\Bot Checker Pro\Bot Checker Pro\Bot Checker Pro.exe
Removal successful
>>> Virus 'Mal/Packer' found in file C:\Documents and Settings\Toryuz\Desktop\Yahoo PROGz\BOTS TESTER\Bot Checker Pro.zip\Bot Checker Pro/Bot Checker Pro.exe
Removal successful
>>> Virus 'Mal/Packer' found in file C:\Documents and Settings\Toryuz\Desktop\Yahoo PROGz\RooM_LoCKer\Room Destroy V4 Beta\v4beta.exe
Removal successful
>>> Virus 'Mal/Packer' found in file C:\Documents and Settings\Toryuz\Desktop\Yahoo PROGz\RooM_LoCKer\Room Destroy V4 Beta.zip\v4beta.exe
Removal successful
Could not open C:\Documents and Settings\Toryuz\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat
Could not open C:\Documents and Settings\Toryuz\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG
Could not check C:\Documents and Settings\Toryuz\Local Settings\Application Data\Mozilla\Firefox\Profiles\zo0yx878.default\Cache\53C6185Fd01\RegistryBooster.exe (corrupt)
Could not check C:\Documents and Settings\Toryuz\Local Settings\Application Data\Mozilla\Firefox\Profiles\zo0yx878.default\Cache\53C6185Fd01\RegistryBooster.exe (corrupt)
>>> Virus 'Mal/Packer' found in file C:\Documents and Settings\Toryuz\Local Settings\Temp\TMP1111.tmp
Removal successful
>>> Virus 'Mal/Packer' found in file C:\Documents and Settings\Toryuz\Local Settings\Temp\TMP9660.TMP
Removal successful
Could not open C:\hiberfil.sys
>>> Virus 'Mal/Packer' found in file C:\System Volume Information\_restore{3672362F-A4D2-4E44-AE5D-0B533674507E}\RP72\A0004335.exe
Removal successful
>>> Virus 'Mal/Packer' found in file C:\System Volume Information\_restore{3672362F-A4D2-4E44-AE5D-0B533674507E}\RP81\A0008091.exe
Removal successful
>>> Virus 'Mal/Packer' found in file C:\System Volume Information\_restore{3672362F-A4D2-4E44-AE5D-0B533674507E}\RP81\A0008092.exe
Removal successful
>>> Virus 'Mal/Packer' found in file C:\System Volume Information\_restore{3672362F-A4D2-4E44-AE5D-0B533674507E}\RP81\A0008119.exe
Removal successful
>>> Virus 'Mal/Packer' found in file C:\System Volume Information\_restore{3672362F-A4D2-4E44-AE5D-0B533674507E}\RP83\A0008309.exe
Removal successful
>>> Virus 'Mal/Packer' found in file C:\System Volume Information\_restore{3672362F-A4D2-4E44-AE5D-0B533674507E}\RP83\A0008354.exe
Removal successful
>>> Virus 'Mal/Packer' found in file C:\System Volume Information\_restore{3672362F-A4D2-4E44-AE5D-0B533674507E}\RP83\A0008392.exe
Removal successful
>>> Virus 'Mal/Packer' found in file C:\System Volume Information\_restore{3672362F-A4D2-4E44-AE5D-0B533674507E}\RP83\A0008470.exe
Removal successful
>>> Virus 'Mal/Packer' found in file C:\System Volume Information\_restore{3672362F-A4D2-4E44-AE5D-0B533674507E}\RP83\A0008471.exe
Removal successful
>>> Virus 'Mal/Packer' found in file C:\System Volume Information\_restore{3672362F-A4D2-4E44-AE5D-0B533674507E}\RP83\A0008535.exe
Removal successful
>>> Virus 'Mal/Packer' found in file C:\System Volume Information\_restore{3672362F-A4D2-4E44-AE5D-0B533674507E}\RP84\A0008858.exe
Removal successful
>>> Virus 'Mal/Packer' found in file C:\System Volume Information\_restore{3672362F-A4D2-4E44-AE5D-0B533674507E}\RP84\A0008903.exe
Removal successful
>>> Virus 'Mal/Packer' found in file C:\System Volume Information\_restore{3672362F-A4D2-4E44-AE5D-0B533674507E}\RP84\A0008910.exe
Removal successful
>>> Virus 'Mal/Packer' found in file C:\System Volume Information\_restore{3672362F-A4D2-4E44-AE5D-0B533674507E}\RP84\A0008925.exe
Removal successful
>>> Virus 'Mal/Packer' found in file C:\System Volume Information\_restore{3672362F-A4D2-4E44-AE5D-0B533674507E}\RP84\A0008929.exe
Removal successful
>>> Virus 'Mal/Packer' found in file C:\System Volume Information\_restore{3672362F-A4D2-4E44-AE5D-0B533674507E}\RP84\A0008947.exe
Removal successful
>>> Virus 'Mal/Packer' found in file C:\System Volume Information\_restore{3672362F-A4D2-4E44-AE5D-0B533674507E}\RP84\A0008948.exe
Removal successful
>>> Virus 'Mal/Packer' found in file C:\WINDOWS\netconfig.exe
Removal successful
Could not open C:\WINDOWS\system32\CatRoot2\edb.log
Could not open C:\WINDOWS\system32\CatRoot2\tmp.edb
Could not open C:\WINDOWS\system32\config\system.LOG
Could not open C:\WINDOWS\system32\drivers\fidbox.dat
Could not open C:\WINDOWS\system32\drivers\fidbox.idx
Could not open C:\WINDOWS\system32\drivers\fidbox2.dat
Could not open C:\WINDOWS\system32\drivers\fidbox2.idx

2 master boot records swept.
35420 files swept in 32 minutes and 26 seconds.
16 errors were encountered.
24 viruses were discovered.
24 files out of 35420 were infected.
Please send infected samples to Sophos for analysis.
For advice consult www.sophos.com, email support@sophos.com
or telephone +44 1235 559933
Ending Sophos Anti-Virus.

---

D: Laufwerk


Full Scanning

>>> Virus 'Mal/Packer' found in file D:\DESKTOP ALL\Desktop FILES\StyleXPInstallMale\SXP_Keygen\Keygen.exe
Removal successful
>>> Virus 'Mal/Packer' found in file D:\DESKTOP ALL\Desktop FILES\StyleXPInstallMale\SXP_Keygen.rar\Keygen.exe
Removal successful
Password protected file D:\DESKTOP ALL\Desktop New 2006\BLABLA\Mixcraft\AMv251.rar\Acoustica-Mixcraft\Acoustica-Mixcraft-Installer.exe
Password protected file D:\DESKTOP ALL\Desktop New 2006\BLABLA\Mixcraft\AMv251.rar\Acoustica-Mixcraft\KeyGen\AboutUS.exe
Password protected file D:\DESKTOP ALL\Desktop New 2006\BLABLA\Mixcraft\AMv251.rar\Acoustica-Mixcraft\KeyGen\file_id.diz
Password protected file D:\DESKTOP ALL\Desktop New 2006\BLABLA\Mixcraft\AMv251.rar\Acoustica-Mixcraft\KeyGen\keygen.exe
Password protected file D:\DESKTOP ALL\Desktop New 2006\BLABLA\Mixcraft\AMv251.rar\Acoustica-Mixcraft\KeyGen\MoreCracks.url
Password protected file D:\DESKTOP ALL\Desktop New 2006\BLABLA\Mixcraft\AMv251.rar\Acoustica-Mixcraft\KeyGen\snd.nfo
Password protected file D:\DESKTOP ALL\Desktop New 2006\Desktop Downloads\PSProv372b3913.rar\Proxy.Switcher.Pro.v3.7.2.Build.3913.WinAll.Regged-CRD\crack\serial.exe
Password protected file D:\DESKTOP ALL\Desktop New 2006\Desktop Downloads\PSProv372b3913.rar\Proxy.Switcher.Pro.v3.7.2.Build.3913.WinAll.Regged-CRD\crack\serial.txt
Password protected file D:\DESKTOP ALL\Desktop New 2006\Desktop Downloads\PSProv372b3913.rar\Proxy.Switcher.Pro.v3.7.2.Build.3913.WinAll.Regged-CRD\file_id.diz
Password protected file D:\DESKTOP ALL\Desktop New 2006\Desktop Downloads\PSProv372b3913.rar\Proxy.Switcher.Pro.v3.7.2.Build.3913.WinAll.Regged-CRD\setup\ProxySwitcherStandard.exe
Password protected file D:\DESKTOP ALL\Desktop New 2006\Desktop Downloads\PSProv372b3913.rar\NightWolf-Forum.nfo
Password protected file D:\DESKTOP ALL\Desktop New 2006\Desktop Downloads\TU2006v532343.rar\NightWolf-Forum.nfo
Password protected file D:\DESKTOP ALL\Desktop New 2006\Desktop Downloads\TU2006v532343.rar\TuneUP Utilities 2006 v5.3.2343\SERIAL.txt
Password protected file D:\DESKTOP ALL\Desktop New 2006\Desktop Downloads\TU2006v532343.rar\TuneUP Utilities 2006 v5.3.2343\TU2006TrialEN.exe
Could not check D:\Documents and Settings\toryuz\Incomplete\T-24204099-windows media player 11 and crack.rar\wmp11-windowsxp-x86-enu\setup_wm.exe (corrupt)
Could not check D:\Documents and Settings\toryuz\Incomplete\T-24204099-windows media player 11 and crack.rar (corrupt)
>>> Virus 'Mal/Packer' found in file D:\System Volume Information\_restore{3672362F-A4D2-4E44-AE5D-0B533674507E}\RP72\A0004147.exe
Removal successful
>>> Virus 'Mal/Packer' found in file D:\System Volume Information\_restore{3672362F-A4D2-4E44-AE5D-0B533674507E}\RP84\A0008991.exe
Removal successful

2 master boot records swept.
5560 files swept in 14 minutes and 57 seconds.
16 errors were encountered.
4 viruses were discovered.
4 files out of 5560 were infected.
Please send infected samples to Sophos for analysis.
For advice consult www.sophos.com, email support@sophos.com
or telephone +44 1235 559933
14 encrypted files were not checked.
Ending Sophos Anti-Virus.

--

F: Laufwerk


Full Scanning

>>> Virus 'Mal/Packer' found in file F:\dokumenteeeee newwwww\Downloads\Native.Instruments.Battery.VSTi.DXi.RTAS.v2.1.incl.KeyGen-H2O (1).rar\h-nib21a.zip\h-nib21.rar\nibat2kg.exe
Removal successful
>>> Virus 'Mal/Packer' found in file F:\dokumenteeeee newwwww\Downloads\Native.Instruments.Battery.VSTi.DXi.RTAS.v2.1.incl.KeyGen-H2O.rar\
Native.Instruments.Battery.VSTi.DXi.RTAS.v2.1.
incl.KeyGen-H2O\h-nib21a.zip\h-nib21.rar\nibat2kg.exe
Removal successful
Could not check F:\My Downloads\Nero 7.0.1.2 Ultra Edition with Keygen - English\Nero-7.0.1.2_eng.exe\SfxArchiveData\Cab\B7B2933B.cab (corrupt)
Aborted checking F:\System Volume Information\_restore{5C9A1BFC-8771-447A-BEA8-03A06CC638A0}\RP93\A0026816.exe - appears to be a 'zip bomb'
Aborted checking F:\System Volume Information\_restore{5C9A1BFC-8771-447A-BEA8-03A06CC638A0}\RP93\A0026818.exe - appears to be a 'zip bomb'
Could not check F:\System Volume Information\_restore{BA95F739-5E14-42EC-9399-9BF7D4C1437E}\RP50\A0111156.exe\SfxArchiveData\Sarc0000 (corrupt)
Could not check F:\System Volume Information\_restore{BA95F739-5E14-42EC-9399-9BF7D4C1437E}\RP50\A0111166.exe\SfxArchiveData\Sarc0000 (corrupt)
Could not check F:\øøøJust Desktop Backupøøø\Cø!!!!!\My Downloads\FL Studio 6.0.8 XXL Prroducer Edition + Beat Slicer (Full) + Rapture + Slayer 2 + Vanguard + Autotunes + SuperWave + VSTunnel + Sampletank XL [by An@l51].zip\VST/Albino.exe\SfxArchiveData\Sarc0000 (corrupt)
Could not check F:\øøøJust Desktop Backupøøø\DENG!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!\My Downloads\Steinberg - Cubase VST PlugIns - Native Instruments Pro 5 (Full Retail - DigitalForce)_fixed.zip\Setup Pro5.W04 (corrupt)
>>> Virus 'Mal/Packer' found in file F:\øøøJust Desktop Backupøøø\DENG!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!\Neuer Ordner\DEATH-VOX-V1\DEATH-VOX-V1\DEATH-VOX-V1.exe
Removal successful
>>> Virus 'Mal/Packer' found in file F:\øøøJust Desktop Backupøøø\DENG!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!\Neuer Ordner\DEATH-VOX-V1.zip\DEATH-VOX-V1/DEATH-VOX-V1.exe
Removal successful
Password protected file F:\øøøJust Desktop Backupøøø\Eigene Dateien\FL.XXL.v6.0.8.Chronic.rar\FruityLoops.Studio.Producer.XXL.Edition.v6.0.8.Chronic\FLRegkeyXXL.Reg
Password protected file F:\øøøJust Desktop Backupøøø\Eigene Dateien\FL.XXL.v6.0.8.Chronic.rar\FruityLoops.Studio.Producer.XXL.Edition.v6.0.8.Chronic\flstudio608_install.exe
Password protected file F:\øøøJust Desktop Backupøøø\Eigene Dateien\FL.XXL.v6.0.8.Chronic.rar\FruityLoops.Studio.Producer.XXL.Edition.v6.0.8.Chronic\README.txt

2 master boot records swept.
24282 files swept in 45 minutes and 32 seconds.
10 errors were encountered.
4 viruses were discovered.
4 files out of 24282 were infected.
Please send infected samples to Sophos for analysis.
For advice consult www.sophos.com, email support@sophos.com
or telephone +44 1235 559933
3 encrypted files were not checked.
Ending Sophos Anti-Virus.

--

Full Scanning

Could not check G:\backup 2006\C\C\Documents and Settings\Imoong\Desktop\GeTe\slide009.pdf (corrupt)
Could not check G:\backup 2006\Imoong\Desktop\GeTe\slide009.pdf (corrupt)
Could not check G:\Bearshare\Temp\TMPVST PlugIn FXPansion BFD Drum Module v1.05-1.zip\i-bf105b.zip\iNViSiON.r01 (corrupt)
Could not check G:\Bearshare\Temp\TMPVST PlugIn FXPansion BFD Drum Module v1.05-1.zip\i-bf105b.zip (corrupt)
Could not check G:\Bearshare\Temp\TMPVST PlugIn FXPansion BFD Drum Module v1.05-1.zip\i-bf105b.zip (corrupt)
Could not check G:\Bearshare\Temp\TMPVST PlugIn FXPansion BFD Drum Module v1.05-1.zip\i-bf105c.zip\iNViSiON.r02 (corrupt)
Could not check G:\Bearshare\Temp\TMPVST PlugIn FXPansion BFD Drum Module v1.05-1.zip\i-bf105c.zip (corrupt)
Could not check G:\Bearshare\Temp\TMPVST PlugIn FXPansion BFD Drum Module v1.05-1.zip\i-bf105c.zip (corrupt)
Could not check G:\Bearshare\Temp\TMPVST PlugIn FXPansion BFD Drum Module v1.05-1.zip\i-bf105e.zip\iNViSiON.r04 (corrupt)
Could not check G:\Bearshare\Temp\TMPVST PlugIn FXPansion BFD Drum Module v1.05-1.zip\i-bf105e.zip (corrupt)
Could not check G:\Bearshare\Temp\TMPVST PlugIn FXPansion BFD Drum Module v1.05-1.zip\i-bf105e.zip (corrupt)
Could not check G:\Bearshare\Temp\TMPVST PlugIn FXPansion BFD Drum Module v1.05-1.zip\i-bf105b.zip\iNViSiON.r01 (corrupt)
Could not check G:\Bearshare\Temp\TMPVST PlugIn FXPansion BFD Drum Module v1.05-1.zip\i-bf105b.zip (corrupt)
Could not check G:\Bearshare\Temp\TMPVST PlugIn FXPansion BFD Drum Module v1.05-1.zip\i-bf105b.zip (corrupt)
Could not check G:\Bearshare\Temp\TMPVST PlugIn FXPansion BFD Drum Module v1.05-1.zip\i-bf105c.zip\iNViSiON.r02 (corrupt)
Could not check G:\Bearshare\Temp\TMPVST PlugIn FXPansion BFD Drum Module v1.05-1.zip\i-bf105c.zip (corrupt)
Could not check G:\Bearshare\Temp\TMPVST PlugIn FXPansion BFD Drum Module v1.05-1.zip\i-bf105c.zip (corrupt)
Could not check G:\Bearshare\Temp\TMPVST PlugIn FXPansion BFD Drum Module v1.05-1.zip\i-bf105e.zip\iNViSiON.r04 (corrupt)
Could not check G:\Bearshare\Temp\TMPVST PlugIn FXPansion BFD Drum Module v1.05-1.zip\i-bf105e.zip (corrupt)
Could not check G:\Bearshare\Temp\TMPVST PlugIn FXPansion BFD Drum Module v1.05-1.zip\i-bf105e.zip (corrupt)
Could not check G:\Bearshare\Temp\TMPVST PlugIn FXPansion BFD Drum Module v1.05-1.zip\i-bf105f.zip (corrupt)
Could not check G:\Bearshare\Temp\TMPVST PlugIn FXPansion BFD Drum Module v1.05-1.zip\i-bf105g.zip (corrupt)
Could not check G:\Bearshare\Temp\TMPVST PlugIn FXPansion BFD Drum Module v1.05-1.zip\Emagic Logic Audio Platinum 6.01 GPM by Oxygen.rar (corrupt)
Aborted checking G:\Downloads\amanda new 2.avi - appears to be a 'zip bomb'

2 master boot records swept.
5821 files swept in 13 minutes and 22 seconds.
24 errors were encountered.
No viruses were discovered.
Ending Sophos Anti-Virus.
Seitenanfang Seitenende
24.10.2006, 23:58
Ehrenmitglied
Avatar Sabina

Beiträge: 29434
#6 nun wende auch noch die anderen Scanner an, die vorhanden sind und berichte, wenn noch was gefunden wird,
http://virus-protect.org/multiavtool.html

uebrigens brauchst du dir nicht den Kopf ueber den Ursprung der verseuchung den kopf zu zerbrechen, denn wer KeyGens laedt, muss auch Trojaner mit in Kauf nehmen ;)
__________
MfG Sabina

rund um die PC-Sicherheit
Seitenanfang Seitenende
26.10.2006, 04:01
Member

Themenstarter

Beiträge: 28
#7 danke, jetzt ist mein windows wieder okey


danke nochmals

mfg, notoryuz
Seitenanfang Seitenende
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!

Folgende Themen könnten Dich auch interessieren: