Home » Viren, Trojaner & Malware Forum » LSASS gestern noch da heute weg ??? » Themenansicht

Firefox Tipp: Instantfox - Quick Search Add-On!

Seite(n): 1 2

Antworten

LSASS gestern noch da heute weg ???

01.11.2006, 13:46

heidelberger

Member

Themenstarter

Beiträge: 13

#16 Logfile of HijackThis v1.99.1
Scan saved at 13:44:14, on 01.11.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\brss01a.exe
C:\Programme\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe
d:\Programme\FRITZ!DSL\IGDCTRL.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe
C:\Programme\ScanSoft\PaperPort\pptd40nt.exe
C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Dokumente und Einstellungen\Administrator\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Programme\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Programme\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [SetDefPrt] C:\Programme\Brother\Brmfl05a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Programme\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [AOLDialer] C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: AOL 9.0 Tray-Symbol.lnk = C:\Programme\AOL 9.0\aoltray.exe
O4 - Global Startup: Status Monitor.lnk = C:\Programme\Brother\Brmfcmon\BrMfcWnd.exe
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://D:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O13 - DefaultPrefix:
O13 - WWW Prefix:
O13 - Home Prefix:
O13 - Mosaic Prefix:
O13 - FTP Prefix:
O13 - Gopher Prefix:
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVM IGD CTRL Service - AVM Berlin - d:\Programme\FRITZ!DSL\IGDCTRL.EXE
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: AVM FRITZ!web Routing Service (de_serv) - AVM Berlin - C:\Programme\Gemeinsame Dateien\AVM\de_serv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe

01.11.2006, 14:07

Sabina

Ehrenmitglied

Beiträge: 29434

#17 mache einen Onlinescan mit kaspersky und poste den scanreport - ich weiss nicht, ob es klappt, weil du dazu den IE brauchst ...den sollte man nie deaktivieren !!!
http://virus-protect.org/onlinescan.html
__________
MfG Sabina

rund um die PC-Sicherheit

01.11.2006, 14:11

heidelberger

Member

Themenstarter

Beiträge: 13

#18 hallo

geht nicht was nun?

mfg
oliver

01.11.2006, 14:26

Sabina

Ehrenmitglied

Beiträge: 29434

#19 Option 4 - warte das laden der Virensignaturen ab (von Kaspersky)
http://virus-protect.org/multiavtool.html
dann scanne und poste den report, falls etwas gefunden wurde
__________
MfG Sabina

rund um die PC-Sicherheit

01.11.2006, 14:55

heidelberger

Member

Themenstarter

Beiträge: 13

#20 wie lange dauert das laden der signaturen denn in etwa , es läuft jetzt schon ne ganze zeit !

01.11.2006, 15:00

Sabina

Ehrenmitglied

Beiträge: 29434

#21 es dauert ziemlich lange

__________
MfG Sabina

rund um die PC-Sicherheit

01.11.2006, 15:32

heidelberger

Member

Themenstarter

Beiträge: 13

#22 Hallo

der Scanne ist durchgelaufen ...... nur irgentwie gibt es da keinen log oder sowas , nachdem er fertig war war es weg auf einmal ! Ist das ein zeichen das alles ok ist?

mfg
oliver

01.11.2006, 15:43

Sabina

Ehrenmitglied

Beiträge: 29434

#23 schaue mal in C:\AV-CLS - der ordner vom Kaspersky, ob du eine logfile findest
__________
MfG Sabina

rund um die PC-Sicherheit

01.11.2006, 15:47

heidelberger

Member

Themenstarter

Beiträge: 13

#24 Ich denke das ist es hier:

þ AVPDOS32 Start 01-11-2006 15:01:56

Version 3.0 build 135
Last update: 01.11.2006, 237138 records.

Command line: /- /E /* /MD /MP /Y /Z- /W+=ScanReport.txt C:\
Profile defdos32.prf (from 27.06.2001 03:00:00)

c:\ATI\SUPPORT\6-8_XP~1\IKERNEL.EX_ archive: MS Expand
c:\ATI\SUPPORT\6-8_XP~1\2KXP_INF\B_35255\ATI2CQAG.DL_ archive: MS Expand
c:\ATI\SUPPORT\6-8_XP~1\2KXP_INF\B_35255\ATI2DVAG.DL_ archive: MS Expand
c:\ATI\SUPPORT\6-8_XP~1\2KXP_INF\B_35255\ATI2EDXX.DL_ archive: MS Expand
c:\ATI\SUPPORT\6-8_XP~1\2KXP_INF\B_35255\ATI2EREC.DL_ archive: MS Expand
c:\ATI\SUPPORT\6-8_XP~1\2KXP_INF\B_35255\ATI2EVXX.DL_ archive: MS Expand
c:\ATI\SUPPORT\6-8_XP~1\2KXP_INF\B_35255\ATI2EVXX.EX_ archive: MS Expand
c:\ATI\SUPPORT\6-8_XP~1\2KXP_INF\B_35255\ATI2MDXX.EX_ archive: MS Expand
c:\ATI\SUPPORT\6-8_XP~1\2KXP_INF\B_35255\ATI2MTAG.SY_ archive: MS Expand
c:\ATI\SUPPORT\6-8_XP~1\2KXP_INF\B_35255\ATI3DUAG.DL_ archive: MS Expand
c:\ATI\SUPPORT\6-8_XP~1\2KXP_INF\B_35255\ATIDDC.DL_ archive: MS Expand
c:\ATI\SUPPORT\6-8_XP~1\2KXP_INF\B_35255\ATIDEMGR.DL_ archive: MS Expand
c:\ATI\SUPPORT\6-8_XP~1\2KXP_INF\B_35255\ATIKVMAG.DL_ archive: MS Expand
c:\ATI\SUPPORT\6-8_XP~1\2KXP_INF\B_35255\ATIOGLX1.DL_ archive: MS Expand
c:\ATI\SUPPORT\6-8_XP~1\2KXP_INF\B_35255\ATIOGLXX.DL_ archive: MS Expand
c:\ATI\SUPPORT\6-8_XP~1\2KXP_INF\B_35255\ATIPDLXX.DL_ archive: MS Expand
c:\ATI\SUPPORT\6-8_XP~1\2KXP_INF\B_35255\ATITVO32.DL_ archive: MS Expand
c:\ATI\SUPPORT\6-8_XP~1\2KXP_INF\B_35255\ATIVCOXX.DL_ archive: MS Expand
c:\ATI\SUPPORT\6-8_XP~1\2KXP_INF\B_35255\ATIVVAXX.DL_ archive: MS Expand
c:\ATI\SUPPORT\6-8_XP~1\2KXP_INF\B_35255\OEMDSPIF.DL_ archive: MS Expand
c:\AV-CLS\UNRAR.EXE packed: UPX
c:\AV-CLS\UNZIP.EXE packed: Diet
c:\AV-CLS\UNZIP.EXE packed: Com2Exe
c:\BROTHER\BRDRIVER\MFCXP\BRSERWDM.SYS packed: PE_Patch
c:\BROTHER\BRDRIVER\MFCXP\BRSTI05A.DLL packed: PE_Patch
c:\BROTHER\BRNETSCN\BRSTI05A.DLL packed: PE_Patch
c:\DOKUME~1\ADMINI~1\ANWEND~1\MICROS~1\CRYPTN~1\CONTENT\943080~1 archive: CAB
c:\DOKUME~1\ADMINI~1\ANWEND~1\MICROS~1\VORLAGEN\NORMAL.DOT archive: Embedded
c:\DOKUME~1\ADMINI~1\ANWEND~1\OPENOF~1.ORG\USER\AUTOTEXT\MYTEXTS.BAU archive: ZIP
c:\DOKUME~1\ADMINI~1\ANWEND~1\OPENOF~1.ORG\USER\CONFIG\STANDARD.SOB archive: ZIP
c:\DOKUME~1\ADMINI~1\ANWEND~1\OPENOF~1.ORG\USER\DATABASE\BIBLIO.ODB archive: ZIP
c:\DOKUME~1\ADMINI~1\DESKTOP\MULTI_AV.EXE archive: ZIP
c:\DOKUME~1\ADMINI~1\DESKTOP\MULTI_AV.EXE/UNZIP.EXE packed: Diet
c:\DOKUME~1\ADMINI~1\DESKTOP\MULTI_AV.EXE/UNZIP.EXE packed: Com2Exe
c:\DOKUME~1\ADMINI~1\EIGENE~1\HTTP.DOC archive: Embedded
c:\DOKUME~1\ADMINI~1\EIGENE~1\NEUEDA~1.ODB archive: ZIP
c:\DOKUME~1\ADMINI~1\EIGENE~1\RECHNU~1.DOC archive: Embedded
c:\DOKUME~1\ADMINI~1\EIGENE~1\MYGAME~1\COMPAN~1\BUGREP~1.ZIP archive: ZIP
c:\DOKUME~1\ADMINI~1\LOKALE~1\TEMPOR~1\CONTENT.IE5\3PX3K15V\QCFFLO~1.CAB archive: CAB
c:\DOKUME~1\ADMINI~1\LOKALE~1\TEMPOR~1\CONTENT.IE5\3PX3K15V\TOOLBA~1.CAB archive: CAB
c:\DOKUME~1\ADMINI~1\LOKALE~1\TEMPOR~1\CONTENT.IE5\7FZJSSXI\CAFUWBFD.SWF packed: Swf2Swc
c:\DOKUME~1\ADMINI~1\LOKALE~1\TEMPOR~1\CONTENT.IE5\7FZJSSXI\CAYN8HST.SWF packed: Swf2Swc
c:\DOKUME~1\ADMINI~1\LOKALE~1\TEMPOR~1\CONTENT.IE5\7FZJSSXI\CORENO~1.CAB archive: CAB
c:\DOKUME~1\ADMINI~1\LOKALE~1\TEMPOR~1\CONTENT.IE5\87S9H1UK\CA184VTX.SWF packed: Swf2Swc
c:\DOKUME~1\ADMINI~1\LOKALE~1\TEMPOR~1\CONTENT.IE5\87S9H1UK\QCFFCO~1.CAB archive: CAB
c:\DOKUME~1\ADMINI~1\LOKALE~1\TEMPOR~1\CONTENT.IE5\C1QN0PER\137051~1.SWF packed: Swf2Swc
c:\DOKUME~1\ADMINI~1\LOKALE~1\TEMPOR~1\CONTENT.IE5\C1QN0PER\CADG4N1P.SWF packed: Swf2Swc
c:\DOKUME~1\ADMINI~1\LOKALE~1\TEMPOR~1\CONTENT.IE5\C1QN0PER\CAYVSL8X.SWF packed: Swf2Swc
c:\DOKUME~1\ADMINI~1\LOKALE~1\TEMPOR~1\CONTENT.IE5\C1QN0PER\QCFFEN~1.CAB archive: CAB
c:\DOKUME~1\ADMINI~1\LOKALE~1\TEMPOR~1\CONTENT.IE5\C1QN0PER\QCFFMA~1.CAB archive: CAB
c:\DOKUME~1\ADMINI~1\LOKALE~1\TEMPOR~1\CONTENT.IE5\C1QN0PER\WELCOM~1.HTM archive: GZIP
c:\DOKUME~1\ALLUSE~1\ANWEND~1\AOL\COACH\DE_DE\DOWNLOAD\96001ADC.GDP archive: CAB
c:\DOKUME~1\ALLUSE~1\ANWEND~1\AOL\COACH\DE_DE\DOWNLOAD\96002CCA.GDP archive: CAB
c:\DOKUME~1\ALLUSE~1\ANWEND~1\AOL\COACH\DE_DE\DOWNLOAD\96003GPF.GDP archive: CAB
c:\DOKUME~1\ALLUSE~1\ANWEND~1\AOL\COACH\DE_DE\DOWNLOAD\96004BRW.GDP archive: CAB
c:\DOKUME~1\ALLUSE~1\ANWEND~1\AOL\COACH\DE_DE\DOWNLOAD\96005ASA.GDP archive: CAB
c:\DOKUME~1\ALLUSE~1\ANWEND~1\AOL\COACH\DE_DE\DOWNLOAD\96006ARS.GDP archive: CAB
c:\DOKUME~1\ALLUSE~1\ANWEND~1\AOL\COACH\DE_DE\DOWNLOAD\96010CAA.GDP archive: CAB
c:\DOKUME~1\ALLUSE~1\ANWEND~1\AOL\C_AOL9~1.0\IDB\BART\1024\0201D2~1 archive: ZIP
c:\DOKUME~1\ALLUSE~1\ANWEND~1\AOL\C_AOL9~1.0\IDB\BART\1024\0201E0~1 archive: ZIP
c:\DOKUME~1\ALLUSE~1\ANWEND~1\VIEWPO~1\VIEWPO~1\RESOUR~1\RESOUR~2\102489~1.SWF packed: Swf2Swc
c:\DOKUME~1\ALLUSE~1\ANWEND~1\VIEWPO~1\VIEWPO~1\RESOUR~1\RESOUR~3\-29923~1.SWF packed: Swf2Swc
c:\DOKUME~1\ALLUSE~1\ANWEND~1\VIEWPO~1\VIEWPO~1\RESOUR~1\RESOUR~4\-68164~1.SWF packed: Swf2Swc
c:\PROGRA~1\ANTIVI~1\AVWIN.CHM archive: CHM
c:\PROGRA~1\ANTIVI~1\AVWIN.CHM/pdf/default.css packed: Edit
c:\PROGRA~1\ANTIVI~1\UNACEV2.DLL packed: PE_Patch
c:\PROGRA~1\AOL9~1.0\XPCS.DLL packed: PE_Patch
c:\PROGRA~1\AOL9~1.0\XPTL.DLL packed: PE_Patch
c:\PROGRA~1\AOL9~1.0\BACKUP\RESTORE\COMP02.000 archive: WiseSFX
c:\PROGRA~1\AOL9~1.0\BACKUP\RESTORE\COMP02.000/WISE0093.BIN packed: PE_Patch
c:\PROGRA~1\AOL9~1.0\BACKUP\RESTORE\COMP02.000/WISE0095.BIN packed: PE_Patch
c:\PROGRA~1\AOL9~1.0\BACKUP\RESTORE\COMP02.000/WISE0165.BIN packed: PE_Patch
c:\PROGRA~1\AOL9~1.0\BACKUP\RESTORE\COMP02.000/WISE0166.BIN packed: PE_Patch
c:\PROGRA~1\AOL9~1.0\BACKUP\RESTORE\COMP02.000/WISE0167.BIN packed: PE_Patch
c:\PROGRA~1\AOL9~1.0\BACKUP\RESTORE\COMP02.000/WISE0168.BIN packed: PE_Patch
c:\PROGRA~1\AOL9~1.0\BACKUP\RESTORE\COMP02.000/WISE0221.BIN archive: WiseSFX
c:\PROGRA~1\AOL9~1.0\BACKUP\RESTORE\COMP02.000/WISE0222.BIN archive: WiseSFX
c:\PROGRA~1\AOL9~1.0\BACKUP\RESTORE\COMP02.000/WISE0223.BIN archive: WiseSFX
c:\PROGRA~1\AOL9~1.0\COOL\COOLBOS.DLL packed: PE_Patch
c:\PROGRA~1\AOL9~1.0\COOL\COOLBU~1.DLL packed: PE_Patch
c:\PROGRA~1\AOL9~1.0\COOL\COOLPEER.DLL packed: PE_Patch
c:\PROGRA~1\AOL9~1.0\COOL\COOLSO~1.DLL packed: PE_Patch
c:\PROGRA~1\AOL9~1.0\JITI\JITI_MM.EXE archive: WiseSFX
c:\PROGRA~1\AOL9~1.0\JITI\QT.EXE packed: PEBundle
c:\PROGRA~1\AOL9~1.0\JITI\QT.EXE packed: PEBundle
c:\PROGRA~1\AOL9~1.0\JITI\QT.EXE packed: PEBundle
c:\PROGRA~1\AOL9~1.0\JITI\VIEWPO~1.EXE archive: NSIS
c:\PROGRA~1\GEMEIN~1\AOL\BACKUP\ACS\CURRENT\DE\ACSSETUP.EXE archive: NSIS
c:\PROGRA~1\GEMEIN~1\AOL\BACKUP\ACS\CURRENT\DE\ACSSETUP.EXE/stream archive: NSIS
c:\PROGRA~1\GEMEIN~1\AOL\BACKUP\ACS\CURRENT\DE\ACSSETUP.EXE/stream/data0076 archive: Embedded
c:\PROGRA~1\GEMEIN~1\AOL\SCREEN~1\UNINST~1.EXE archive: WiseSFX
c:\PROGRA~1\GEMEIN~1\AOLBACK\COMP01.000 archive: WiseSFX
c:\PROGRA~1\GEMEIN~1\AOLBACK\COMP01.000/WISE0015.BIN archive: CAB
c:\PROGRA~1\GEMEIN~1\AOLBACK\COMP01.000/WISE0016.BIN archive: WiseSFX
c:\PROGRA~1\GEMEIN~1\AOLBACK\COMP01.000/WISE0024.BIN archive: Rsrc-Package
c:\PROGRA~1\GEMEIN~1\AOLBACK\COMP01.000/WISE0024.BIN/data0000.cab archive: CAB
c:\PROGRA~1\GEMEIN~1\AOLBACK\COMP01.000/WISE0024.BIN/data0000.cab/npdrmv2.dll archive: Mail
c:\PROGRA~1\GEMEIN~1\AOLBACK\COMP01.000/WISE0024.BIN/data0000.cab/npdrmv2.zip archive: ZIP
c:\PROGRA~1\GEMEIN~1\AOLBACK\COMP01.000/WISE0044.BIN packed: UPX
c:\PROGRA~1\GEMEIN~1\AOLBACK\COMP01.000/WISE0068.BIN archive: WiseSFX
c:\PROGRA~1\GEMEIN~1\AOLBACK\COMP02.000 archive: WiseSFX
c:\PROGRA~1\GEMEIN~1\AOLBACK\COMP02.000/WISE0093.BIN packed: PE_Patch
c:\PROGRA~1\GEMEIN~1\AOLBACK\COMP02.000/WISE0095.BIN packed: PE_Patch
c:\PROGRA~1\GEMEIN~1\AOLBACK\COMP02.000/WISE0165.BIN packed: PE_Patch
c:\PROGRA~1\GEMEIN~1\AOLBACK\COMP02.000/WISE0166.BIN packed: PE_Patch
c:\PROGRA~1\GEMEIN~1\AOLBACK\COMP02.000/WISE0167.BIN packed: PE_Patch
c:\PROGRA~1\GEMEIN~1\AOLBACK\COMP02.000/WISE0168.BIN packed: PE_Patch
c:\PROGRA~1\GEMEIN~1\AOLBACK\COMP02.000/WISE0221.BIN archive: WiseSFX
c:\PROGRA~1\GEMEIN~1\AOLBACK\COMP02.000/WISE0222.BIN archive: WiseSFX
c:\PROGRA~1\GEMEIN~1\AOLBACK\COMP02.000/WISE0223.BIN archive: WiseSFX
c:\PROGRA~1\GEMEIN~1\AOLBACK\COMPS\ACS\ACSSETUP.EXE archive: NSIS
c:\PROGRA~1\GEMEIN~1\AOLBACK\COMPS\ACS\ACSSETUP.EXE/stream archive: NSIS
c:\PROGRA~1\GEMEIN~1\AOLBACK\COMPS\ACS\ACSSETUP.EXE/stream/data0076 archive: Embedded
c:\PROGRA~1\GEMEIN~1\AOLBACK\COMPS\COACH\AOLCINST.EXE archive: CAB
c:\PROGRA~1\GEMEIN~1\AOLBACK\COMPS\COACH\AFIXES\96001ADC.GDP archive: CAB
c:\PROGRA~1\GEMEIN~1\AOLBACK\COMPS\COACH\AFIXES\96002CCA.GDP archive: CAB
c:\PROGRA~1\GEMEIN~1\AOLBACK\COMPS\COACH\AFIXES\96003GPF.GDP archive: CAB
c:\PROGRA~1\GEMEIN~1\AOLBACK\COMPS\COACH\AFIXES\96004BRW.GDP archive: CAB
c:\PROGRA~1\GEMEIN~1\AOLBACK\COMPS\COACH\AFIXES\96005ASA.GDP archive: CAB
c:\PROGRA~1\GEMEIN~1\AOLBACK\COMPS\COACH\AFIXES\96006ARS.GDP archive: CAB
c:\PROGRA~1\GEMEIN~1\AOLBACK\COMPS\COACH\AFIXES\96010CAA.GDP archive: CAB
c:\PROGRA~1\GEMEIN~1\AOLBACK\COMPS\FLASH\FLASHAX.EXE archive: Rsrc-Package
c:\PROGRA~1\GEMEIN~1\AOLBACK\COMPS\FLASH\FLASHAX.EXE/data0000.cab archive: CAB
c:\PROGRA~1\GEMEIN~1\AOLBACK\COMPS\QT\QT.EXE packed: PEBundle
c:\PROGRA~1\GEMEIN~1\AOLBACK\COMPS\QT\QT.EXE packed: PEBundle
c:\PROGRA~1\GEMEIN~1\AOLBACK\COMPS\QT\QT.EXE packed: PEBundle
c:\PROGRA~1\GEMEIN~1\AOLBACK\COMPS\VWPT\VWPT.EXE archive: NSIS
c:\PROGRA~1\GEMEIN~1\AOLSHARE\AOLUNI~1.EXE archive: WiseSFX
c:\PROGRA~1\GEMEIN~1\AOLSHARE\AOL_PR~1\ASPSETUP.EXE archive: WiseSFX
c:\PROGRA~1\GEMEIN~1\AOLSHARE\AOL_PR~1\ASPSETUP.EXE/WISE0005.BIN archive: WiseSFX
c:\PROGRA~1\GEMEIN~1\AOLSHARE\AOL_PR~1\ASPSETUP.EXE/WISE0005.BIN/WISE0022.BIN archive: WiseSFX
c:\PROGRA~1\GEMEIN~1\AOLSHARE\AOL_PR~1\ASPSETUP.EXE/WISE0005.BIN/WISE0032.BIN archive: CHM
c:\PROGRA~1\GEMEIN~1\AOLSHARE\AOL_PR~1\ASPSETUP.EXE/WISE0005.BIN/WISE0034.BIN packed: ASPack
c:\PROGRA~1\GEMEIN~1\MICROS~1\VBA\VBA6\1031\FM20.CHM archive: CHM
c:\PROGRA~1\GEMEIN~1\MICROS~1\WEBCOM~1\10\1031\OWCDCH10.CHM archive: CHM
c:\PROGRA~1\GEMEIN~1\MICROS~1\WEBCOM~1\10\1031\OWCDPL10.CHM archive: CHM
c:\PROGRA~1\GEMEIN~1\MICROS~1\WEBCOM~1\10\1031\OWCDSS10.CHM archive: CHM
c:\PROGRA~1\GEMEIN~1\MICROS~1\WEBCOM~1\10\1031\OWCFUN10.CHM archive: CHM
c:\PROGRA~1\GEMEIN~1\MICROS~1\WEBCOM~1\10\1031\OWCRCH10.CHM archive: CHM
c:\PROGRA~1\GEMEIN~1\MICROS~1\WEBCOM~1\10\1031\OWCRDP10.CHM archive: CHM
c:\PROGRA~1\GEMEIN~1\MICROS~1\WEBCOM~1\10\1031\OWCRPL10.CHM archive: CHM
c:\PROGRA~1\GEMEIN~1\MICROS~1\WEBCOM~1\10\1031\OWCRSS10.CHM archive: CHM
c:\PROGRA~1\GEMEIN~1\MICROS~1\WEBCOM~1\10\1031\OWCVBA10.CHM archive: CHM
c:\PROGRA~1\GEMEIN~1\NULLSOFT\VIDEO\ACTIVEX\PLUGINS\NSVPLA~1.DLL packed: UPX
c:\PROGRA~1\MOZILL~1\CHROME\BROWSER.JAR archive: ZIP
c:\PROGRA~1\MOZILL~1\CHROME\CLASSIC.JAR archive: ZIP
c:\PROGRA~1\MOZILL~1\CHROME\COMM.JAR archive: ZIP
c:\PROGRA~1\MOZILL~1\CHROME\DE.JAR archive: ZIP
c:\PROGRA~1\MOZILL~1\CHROME\PIPPKI.JAR archive: ZIP
c:\PROGRA~1\MOZILL~1\CHROME\REPORTER.JAR archive: ZIP
c:\PROGRA~1\MOZILL~1\CHROME\TOOLKIT.JAR archive: ZIP
c:\PROGRA~1\MOZILL~1\PLUGINS\NPSWF32.DLL packed: PE_Patch
c:\PROGRA~1\MOZILL~1\UNINST~1\UNINST.EXE archive: NSIS
c:\PROGRA~1\REAL\REALPL~1\README~1.HTM packed: Edit
c:\PROGRA~1\VIDEOLAN\VLC\LOCALE\HI\LC_MES~1\VLC.MO archive: Mail
c:\PROGRA~1\VIDEOLAN\VLC\SKINS\DEFAULT.VLT archive: GZIP
c:\PROGRA~1\VIDEOLAN\VLC\SKINS\DEFAULT.VLT/DEFAULT archive: Tar
c:\PROGRA~1\WINDOW~2\NPDRMV2.DLL archive: Mail
c:\PROGRA~1\WINDOW~2\NPDRMV2.ZIP archive: ZIP
c:\PROGRA~1\WINDOW~2\NPDS.ZIP archive: ZIP
c:\PROGRA~1\WINDOW~2\SETUP_WM.EXE packed: PE_Patch
c:\PROGRA~1\WINDOW~2\WMDBEX~1.EXE packed: PE_Patch
c:\PROGRA~1\WINDOW~2\WMLAUNCH.EXE packed: PE_Patch
c:\PROGRA~1\WINDOW~2\WMPENC.EXE packed: PE_Patch
c:\PROGRA~1\WINDOW~2\WMPNSCFG.EXE packed: PE_Patch
c:\PROGRA~1\WINDOW~2\WMSETSDK.EXE packed: PE_Patch
c:\PROGRA~1\WINDOW~2\SKINS\9SERIE~1.WMZ archive: ZIP
c:\PROGRA~1\WINDOW~2\SKINS\COMPACT.WMZ archive: ZIP
c:\PROGRA~1\WINDOW~2\SKINS\QUICKS~1.WMZ archive: ZIP
c:\PROGRA~1\WINDOW~2\SKINS\REVERT.WMZ archive: ZIP
c:\PROGRA~1\WINRAR\FORMATS\UNACEV2.DLL packed: PE_Patch
c:\RECYCLER\S-1-5-~1\DC41.EXE packed: Diet
c:\RECYCLER\S-1-5-~1\DC41.EXE packed: Com2Exe
c:\RECYCLER\S-1-5-~1\DC43.EXE archive: CabSfx
c:\RECYCLER\S-1-5-~1\DC43.EXE/CAB archive: CAB
c:\RECYCLER\S-1-5-~1\DC43.EXE/CAB/ieakmmc.chm archive: CHM
c:\RECYCLER\S-1-5-~1\DC43.EXE/CAB/ieeula.chm archive: CHM
c:\RECYCLER\S-1-5-~1\DC43.EXE/CAB/iesupp.chm archive: CHM
c:\RECYCLER\S-1-5-~1\DC43.EXE/CAB/iexplore.chm archive: CHM
c:\RECYCLER\S-1-5-~1\DC43.EXE/CAB/iexplore.chm/autocomp.htm archive: Mail
c:\RECYCLER\S-1-5-~1\DC43.EXE/CAB/iexplore.chm/del_addr.htm archive: Mail
c:\RECYCLER\S-1-5-~1\DC43.EXE/CAB/urlmon.dll packed: PE_Patch
c:\RECYCLER\S-1-5-~1\DC43.EXE/CAB/icardie.dll.mui archive: Embedded HTML
c:\RECYCLER\S-1-5-~1\DC43.EXE/CAB/ieframe.dll.mui archive: Embedded HTML
c:\RECYCLER\S-1-5-~1\DC43.EXE/CAB/update\idndl.exe archive: CAB
c:\RECYCLER\S-1-5-~1\DC43.EXE/CAB/update\nlsdl.exe archive: CAB
c:\RECYCLER\S-1-5-~1\DC43.EXE/CAB/update\xmllitesetup.exe archive: CabSfx
c:\RECYCLER\S-1-5-~1\DC43.EXE/CAB/update\xmllitesetup.exe/CAB archive: CAB
c:\RECYCLER\S-1-5-~1\DC44.ZIP archive: ZIP
c:\RECYCLER\S-1-5-~1\DC44.ZIP/HijackThis.exe packed: UPX
c:\RECYCLER\S-1-5-~1\DC47.ZIP archive: ZIP
c:\RECYCLER\S-1-5-~1\DC47.ZIP/WinPFind/plugins/wpf2def.exe packed: UPX
c:\RECYCLER\S-1-5-~1\DC47.ZIP/WinPFind/winpfind.exe packed: UPX
c:\RECYCLER\S-1-5-~1\DC49.EXE packed: UPX
c:\RECYCLER\S-1-5-~1\DC5.EXE archive: Gentee
c:\RECYCLER\S-1-5-~1\DC50.ZIP archive: ZIP
c:\RECYCLER\S-1-5-~1\DC51.EXE archive: Rsrc-Package
c:\RECYCLER\S-1-5-~1\DC51.EXE/data0000.cab archive: CAB
c:\RECYCLER\S-1-5-~1\DC6.ZIP archive: ZIP
c:\RECYCLER\S-1-5-~1\DC18\WINPFIND.EXE packed: UPX
c:\RECYCLER\S-1-5-~1\DC18\PLUGINS\WPF2DEF.EXE packed: UPX
c:\WINDOWS\CACHE\ADOBER~1.1\DEUBIG\ADOBER~1.MSI archive: Embedded
c:\WINDOWS\CACHE\ADOBER~1.1\DEUBIG\DATA1.CAB archive: CAB
c:\WINDOWS\CACHE\ADOBER~1.1\DEUBIG\DATA1.CAB/AdobeUpdateManager.exe packed: PECompact
c:\WINDOWS\CACHE\ADOBER~1.1\DEUBIG\INSTMSIA.EXE archive: Rsrc-Package
c:\WINDOWS\CACHE\ADOBER~1.1\DEUBIG\INSTMSIA.EXE/data0000.cab archive: CAB
c:\WINDOWS\CACHE\ADOBER~1.1\DEUBIG\INSTMSIA.EXE/data0000.cab/instmsi.msi archive: Embedded
c:\WINDOWS\CACHE\ADOBER~1.1\DEUBIG\INSTMSIW.EXE archive: Rsrc-Package
c:\WINDOWS\CACHE\ADOBER~1.1\DEUBIG\INSTMSIW.EXE/data0000.cab archive: CAB
c:\WINDOWS\CACHE\ADOBER~1.1\DEUBIG\INSTMSIW.EXE/data0000.cab/instmsi.msi archive: Embedded
c:\WINDOWS\DOWNLO~1\IMAGER~1.MSI archive: Embedded
c:\WINDOWS\DOWNLO~1\IMAGER~1.MSI/Data1.cab archive: CAB
c:\WINDOWS\DRIVER~1\I386\DRIVER.CAB archive: CAB
c:\WINDOWS\DRIVER~1\I386\DRIVER.CAB/agac1sf1.ppd archive: Mail
c:\WINDOWS\DRIVER~1\I386\DRIVER.CAB/agac8sf1.ppd archive: Mail
c:\WINDOWS\DRIVER~1\I386\DRIVER.CAB/agp36sf1.ppd archive: Mail
c:\WINDOWS\DRIVER~1\I386\DRIVER.CAB/agp94sf1.ppd archive: Mail
c:\WINDOWS\DRIVER~1\I386\DRIVER.CAB/agp95sf1.ppd archive: Mail
c:\WINDOWS\DRIVER~1\I386\DRIVER.CAB/agp98sf1.ppd archive: Mail
c:\WINDOWS\DRIVER~1\I386\DRIVER.CAB/agsl5sf1.ppd archive: Mail
c:\WINDOWS\DRIVER~1\I386\DRIVER.CAB/agsl7sf1.ppd archive: Mail
c:\WINDOWS\DRIVER~1\I386\DRIVER.CAB/agst2sf1.ppd archive: Mail
c:\WINDOWS\DRIVER~1\I386\DRIVER.CAB/b1cbase.sys packed: PE_Patch
c:\WINDOWS\DRIVER~1\I386\DRIVER.CAB/brhl10h1.ppd archive: Mail
c:\WINDOWS\DRIVER~1\I386\DRIVER.CAB/brhl10_1.ppd archive: Mail
c:\WINDOWS\DRIVER~1\I386\DRIVER.CAB/cnlbp8r1.ppd archive: Mail
c:\WINDOWS\DRIVER~1\I386\DRIVER.CAB/cnlbp8t1.ppd archive: Mail
c:\WINDOWS\DRIVER~1\I386\DRIVER.CAB/cnlbp8_1.ppd archive: Mail
c:\WINDOWS\DRIVER~1\I386\DRIVER.CAB/colorq.ppd archive: Mail
c:\WINDOWS\DRIVER~1\I386\DRIVER.CAB/ctmasetp.chm archive: CHM
c:\WINDOWS\DRIVER~1\I386\DRIVER.CAB/cyycoins.chm archive: CHM
c:\WINDOWS\DRIVER~1\I386\DRIVER.CAB/cyzcoins.chm archive: CHM
c:\WINDOWS\DRIVER~1\I386\DRIVER.CAB/dcln15.ppd archive: Mail
c:\WINDOWS\DRIVER~1\I386\DRIVER.CAB/digiras.chm archive: CHM
c:\WINDOWS\DRIVER~1\I386\DRIVER.CAB/digirlpt.chm archive: CHM
c:\WINDOWS\DRIVER~1\I386\DRIVER.CAB/digiview.chm archive: CHM
c:\WINDOWS\DRIVER~1\I386\DRIVER.CAB/evpnt50i.chm archive: CHM
c:\WINDOWS\DRIVER~1\I386\DRIVER.CAB/evpnt50p.chm archive: CHM
c:\WINDOWS\DRIVER~1\I386\DRIVER.CAB/fpcibase.sys packed: PE_Patch
c:\WINDOWS\DRIVER~1\I386\DRIVER.CAB/fpcmbase.sys packed: PE_Patch
c:\WINDOWS\DRIVER~1\I386\DRIVER.CAB/fpnpbase.sys packed: PE_Patch
c:\WINDOWS\DRIVER~1\I386\DRIVER.CAB/fus2base.sys packed: PE_Patch
c:\WINDOWS\DRIVER~1\I386\DRIVER.CAB/fusbbase.sys packed: PE_Patch
c:\WINDOWS\DRIVER~1\I386\DRIVER.CAB/fxusbase.sys packed: PE_Patch
c:\WINDOWS\DRIVER~1\I386\DRIVER.CAB/hermes_1.ppd archive: Mail
c:\WINDOWS\DRIVER~1\I386\DRIVER.CAB/hermes_2.ppd archive: Mail
c:\WINDOWS\DRIVER~1\I386\DRIVER.CAB/ibm31514.ppd archive: Mail
c:\WINDOWS\DRIVER~1\I386\DRIVER.CAB/jx9460ps.ppd archive: Mail
c:\WINDOWS\DRIVER~1\I386\DRIVER.CAB/jx9500ps.ppd archive: Mail
c:\WINDOWS\DRIVER~1\I386\DRIVER.CAB/jx9600ps.ppd archive: Mail
c:\WINDOWS\DRIVER~1\I386\DRIVER.CAB/jx9660ps.ppd archive: Mail
c:\WINDOWS\DRIVER~1\I386\DRIVER.CAB/jx9700ps.ppd archive: Mail
c:\WINDOWS\DRIVER~1\I386\DRIVER.CAB/ko20150u.ppd archive: Mail
c:\WINDOWS\DRIVER~1\I386\DRIVER.CAB/ko30150u.ppd archive: Mail
c:\WINDOWS\DRIVER~1\I386\DRIVER.CAB/ko301f5u.ppd archive: Mail
c:\WINDOWS\DRIVER~1\I386\DRIVER.CAB/mt_ti101.ppd archive: Mail
c:\WINDOWS\DRIVER~1\I386\DRIVER.CAB/oliveti1.ppd archive: Mail
c:\WINDOWS\DRIVER~1\I386\DRIVER.CAB/oliveti2.ppd archive: Mail
c:\WINDOWS\DRIVER~1\I386\DRIVER.CAB/q30si503.ppd archive: Mail
c:\WINDOWS\DRIVER~1\I386\DRIVER.CAB/qms1725.ppd archive: Mail
c:\WINDOWS\DRIVER~1\I386\DRIVER.CAB/qms2025.ppd archive: Mail
c:\WINDOWS\DRIVER~1\I386\DRIVER.CAB/qms3225.ppd archive: Mail
c:\WINDOWS\DRIVER~1\I386\DRIVER.CAB/qmscs210.ppd archive: Mail
c:\WINDOWS\DRIVER~1\I386\DRIVER.CAB/qmscs230.ppd archive: Mail
c:\WINDOWS\DRIVER~1\I386\DRIVER.CAB/sparrow.sys packed: PE_Patch
c:\WINDOWS\DRIVER~1\I386\DRIVER.CAB/stlnprop.chm archive: CHM
c:\WINDOWS\DRIVER~1\I386\DRIVER.CAB/te_protm.pm archive: Tar
c:\WINDOWS\DRIVER~1\I386\DRIVER.CAB/te_protm.pm2 archive: Tar
c:\WINDOWS\DRIVER~1\I386\DRIVER.CAB/te_protu.qm archive: Tar
c:\WINDOWS\DRIVER~1\I386\DRIVER.CAB/te_protu.sm archive: Tar
c:\WINDOWS\DRIVER~1\I386\DRIVER.CAB/triumph1.ppd archive: Mail
c:\WINDOWS\DRIVER~1\I386\DRIVER.CAB/triumph2.ppd archive: Mail
c:\WINDOWS\DRIVER~1\I386\DRIVER.CAB/umaxp60.dll packed: PE_Patch
c:\WINDOWS\DRIVER~1\I386\DRIVER.CAB/umaxscan.dll packed: PE_Patch
c:\WINDOWS\DRIVER~1\I386\DRIVER.CAB/umaxu12.dll packed: PE_Patch
c:\WINDOWS\DRIVER~1\I386\DRIVER.CAB/umaxud32.dll packed: PE_Patch
c:\WINDOWS\DRIVER~1\I386\SP2.CAB archive: CAB
c:\WINDOWS\DRIVER~1\I386\SP2.CAB/ac97ali.sys packed: PE_Patch
c:\WINDOWS\DRIVER~1\I386\SP2.CAB/blutooth.chm archive: CHM
c:\WINDOWS\DRIVER~1\I386\SP2.CAB/cwrwdm.sys packed: PE_Patch
c:\WINDOWS\DRIVER~1\I386\SP2.CAB/mrxsmb.sys packed: PE_Patch
c:\WINDOWS\HELP\I2ERRDEU.CHM archive: CHM
c:\WINDOWS\HELP\WMCCFG.CHM archive: CHM
c:\WINDOWS\HELP\WMP10.CHM archive: CHM
c:\WINDOWS\HELP\WMP11.CHM archive: CHM
c:\WINDOWS\HELP\WMPERR10.CHM archive: CHM
c:\WINDOWS\INF\MULTIMED.INF archive: Tar
c:\WINDOWS\INF\MULTIMED.INF Tar: unknown format.
c:\WINDOWS\INF\UNREGMP2.EXE packed: PE_Patch
c:\WINDOWS\INF\WORDPAD.INF archive: Tar
c:\WINDOWS\INF\WORDPAD.INF Tar: unknown format.
c:\WINDOWS\INSTAL~1\218BE7.MSI archive: Embedded
c:\WINDOWS\INSTAL~1\2FD6D.MSI archive: Embedded
c:\WINDOWS\INSTAL~1\2FD6D.MSI/ISScript.Msi archive: Embedded
c:\WINDOWS\INSTAL~1\2FD6D.MSI/Data.Cab archive: CAB
c:\WINDOWS\INSTAL~1\2FD6D.MSI/ISScript.Msi archive: Embedded
c:\WINDOWS\INSTAL~1\2FD6D.MSI/Data.Cab archive: CAB
c:\WINDOWS\INSTAL~1\2FD6D.MSI/ISScript.Msi archive: Embedded
c:\WINDOWS\INSTAL~1\2FD6D.MSI/Data.Cab archive: CAB
c:\WINDOWS\INSTAL~1\2FD6D.MSI/_92EA8FCFC7462DF861B622C0DE619D6A archive: CAB
c:\WINDOWS\INSTAL~1\2FD6D.MSI/ISScript.Msi archive: Embedded
c:\WINDOWS\INSTAL~1\2FD6D.MSI/Data.Cab archive: CAB
c:\WINDOWS\INSTAL~1\2FD6D.MSI/_92EA8FCFC7462DF861B622C0DE619D6A archive: CAB
c:\WINDOWS\INSTAL~1\2FD6D.MSI/ISScript.Msi archive: Embedded
c:\WINDOWS\INSTAL~1\2FD6D.MSI/Data.Cab archive: CAB
c:\WINDOWS\INSTAL~1\300681.MSI archive: Embedded
c:\WINDOWS\INSTAL~1\5BAA1.MSI archive: Embedded
c:\WINDOWS\INSTAL~1\5BFA27.MSI archive: Embedded
c:\WINDOWS\INSTAL~1\5BFA27.MSI/NewBinary19 archive: CAB
c:\WINDOWS\SHELLNEW\WINWORD8.DOC archive: Embedded
c:\WINDOWS\SOFTWA~1\DOWNLOAD\174790~1 archive: CabSfx
c:\WINDOWS\SOFTWA~1\DOWNLOAD\174790~1/CAB archive: CAB
c:\WINDOWS\SOFTWA~1\DOWNLOAD\3CDC3C~1 archive: CAB
c:\WINDOWS\SOFTWA~1\SELFUP~1\DEFAULT\WUIDENT.CAB archive: CAB
c:\WINDOWS\SOFTWA~1\SELFUP~1\DEFAULT\WUSETUP.CAB archive: CAB
c:\WINDOWS\SOFTWA~1\WUREDIR\9482F4~1\WUREDIR.CAB archive: CAB
c:\WINDOWS\SYSTEM32\ATMFD.DLL packed: PE_Patch
c:\WINDOWS\SYSTEM32\BROWSELC.DLL archive: Embedded HTML
c:\WINDOWS\SYSTEM32\DEBUG.EXE packed: ExePack
c:\WINDOWS\SYSTEM32\EDIT.COM packed: ExePack
c:\WINDOWS\SYSTEM32\EDLIN.EXE packed: ExePack
c:\WINDOWS\SYSTEM32\EXE2BIN.EXE packed: ExePack
c:\WINDOWS\SYSTEM32\FASTOPEN.EXE packed: ExePack
c:\WINDOWS\SYSTEM32\FASTOPEN.EXE packed: Com2Exe
c:\WINDOWS\SYSTEM32\LOGAGENT.EXE packed: PE_Patch
c:\WINDOWS\SYSTEM32\MAKECAB.EXE packed: PE_Patch
c:\WINDOWS\SYSTEM32\MEM.EXE packed: ExePack
c:\WINDOWS\SYSTEM32\MSHTMLER.DLL archive: Embedded HTML
c:\WINDOWS\SYSTEM32\MSNETOBJ.DLL archive: Mail
c:\WINDOWS\SYSTEM32\MSSIGN32.DLL archive: Mail
c:\WINDOWS\SYSTEM32\MSW3PRT.DLL archive: Mail
c:\WINDOWS\SYSTEM32\MUWEB.DLL archive: CAB
c:\WINDOWS\SYSTEM32\NETSETUP.EXE archive: Rsrc-Package
c:\WINDOWS\SYSTEM32\NETSETUP.EXE/data0000.cab archive: CAB
c:\WINDOWS\SYSTEM32\NLSFUNC.EXE packed: ExePack
c:\WINDOWS\SYSTEM32\ROYALE.EXE archive: RarSFX
c:\WINDOWS\SYSTEM32\ROYALE.EXE/data.rar archive: RAR
c:\WINDOWS\SYSTEM32\SHARE.EXE packed: ExePack
c:\WINDOWS\SYSTEM32\SHARE.EXE packed: Com2Exe
c:\WINDOWS\SYSTEM32\SHDOCLC.DLL archive: Embedded HTML
c:\WINDOWS\SYSTEM32\SYSPRINT.SEP archive: Mail
c:\WINDOWS\SYSTEM32\SYSPRTJ.SEP archive: Mail
c:\WINDOWS\SYSTEM32\UDHISAPI.DLL archive: Mail
c:\WINDOWS\SYSTEM32\WEBFLDRS.MSI archive: Embedded
c:\WINDOWS\SYSTEM32\WEBFLDRS.MSI/msonsext.CAB archive: CAB
c:\WINDOWS\SYSTEM32\WEBFLDRS.MSI/Rosebud.CAB archive: CAB
c:\WINDOWS\SYSTEM32\WEBFLDRS.MSI/pkmws.CAB archive: CAB
c:\WINDOWS\SYSTEM32\WEBFLDRS.MSI/fp4a.CAB archive: CAB
c:\WINDOWS\SYSTEM32\WPDSHE~1.EXE packed: PE_Patch
c:\WINDOWS\SYSTEM32\WUDFHOST.EXE packed: PE_Patch
c:\WINDOWS\SYSTEM32\XPSP2RES.DLL archive: Embedded HTML
c:\WINDOWS\SYSTEM32\XPSP3RES.DLL archive: Embedded HTML
c:\WINDOWS\SYSTEM32\DRIVERS\DMBOOT.SYS packed: PE_Patch
c:\WINDOWS\SYSTEM32\DRIVERS\FLTMGR.SYS packed: PE_Patch
c:\WINDOWS\SYSTEM32\DRIVERS\HDAUDBUS.SYS packed: PE_Patch
c:\WINDOWS\SYSTEM32\DRIVERS\MRXDAV.SYS packed: PE_Patch
c:\WINDOWS\SYSTEM32\DRIVERS\MRXSMB.SYS packed: PE_Patch
c:\WINDOWS\SYSTEM32\DRIVERS\SR.SYS packed: PE_Patch
c:\WINDOWS\SYSTEM32\DRIVERS\UDFS.SYS packed: PE_Patch
c:\WINDOWS\SYSTEM32\MACROMED\FLASH\NPSWF32.DLL packed: PE_Patch
c:\WINDOWS\SYSTEM32\WBEM\SMTPCONS.DLL archive: Mail

Scan process completed.

Result for all objects:

Sector Objects : 0 Known viruses : 0
Files : 24220 Virus bodies : 0
Folders : 1333 Disinfected : 0
Archives : 255 Deleted : 0
Packed : 98 Warnings : 0
Suspicious : 0
Scan speed (Kb/sec) : 4905 Corrupted : 0
Scan time : 00:25:28 I/O Errors : 0

01.11.2006, 15:50

Sabina

Ehrenmitglied

Beiträge: 29434

#25 ja nun...nichts zu finden, wenn der Fehler wieder auftritt, melde dich , der Sasser ist es auf keinen Fall, den gibt es (so behaupte ich mal kuehn)..nicht mehr.
es kann ein exploit gewesen sein, keine Ahnung, welcher.

__________
MfG Sabina

rund um die PC-Sicherheit

01.11.2006, 15:52

heidelberger

Member

Themenstarter

Beiträge: 13

#26 Ich danke dir sehr

Mfg
oliver

Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!

Folgende Themen könnten Dich auch interessieren:

Seite(n): 1 2