Home » Spyware & Browser Hijacker Support Forum » easy-search.biz als Startseite » Themenansicht

easy-search.biz als Startseite
#0
10.06.2004, 00:35
andifu
...neu hier

Beiträge: 3
#31 Jo Moin ;)

also ich hab das gleiche prob wie alle hier ;)

hoffe du kannst mir helfen

Also mein log

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe
C:\WINNT\system32\svchost.exe
D:\Programme\Norton AntiVirus\navapsvc.exe
D:\Programme\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINNT\system32\nvsvc32.exe
C:\WINNT\system32\regsvc.exe
D:\Programme\Norton AntiVirus\SAVScan.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe
C:\WINNT\Explorer.EXE
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe
C:\WINNT\system32\Grxp4exe.exe
D:\Programme\D-Tools\daemon.exe
C:\Programme\T-Online\T-Online_Software_5\Basis-Software\Basis1\ToADiMon.exe
C:\Programme\Java\j2re1.4.2_04\bin\jusched.exe
F:\TransparentB.exe
C:\WINNT\system32\svchost.exe
C:\Programme\T-Online\T-Online_Software_5\Basis-Software\Basis2\kernel.exe
C:\Programme\T-Online\T-Online_Software_5\Basis-Software\Basis2\sc_watch.exe
C:\PROGRA~1\T-Online\T-ONLI~1\BASIS-~1\Basis2\PROFIL~1.EXE
C:\WINNT\runwin32.exe
C:\WINNT\wininet32.exe
C:\Programme\Internet Explorer\IEXPLORE.EXE
D:\Programme\WinRAR\WinRAR.exe
C:\DOKUME~1\Andi1\LOKALE~1\Temp\Rar$EX00.468\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://easy-search.biz
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://easy-search.biz
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://easy-search.biz
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://easy-search.biz
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://easy-search.biz
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://easy-search.biz
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://easy-search.biz
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://easy-search.biz
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer bereitgestellt von T-Online International AG
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://easy-search.biz
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
O2 - BHO: (no name) - {000020DD-C72E-4113-AF77-DD56626C6C42} - (no file)
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {83DE62E0-5805-11D8-9B25-00E04C60FAF2} - C:\WINNT\2_0_1browserhelper2.dll (file missing)
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - D:\Programme\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - D:\Programme\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] D:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [Gravis Xperience Driver Support] Grxp4exe.exe /init
O4 - HKLM\..\Run: [DAEMON Tools-1033] "D:\Programme\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [ToADiMon.exe] C:\Programme\T-Online\T-Online_Software_5\Basis-Software\Basis1\ToADiMon.exe -TOnlineAutodialStart
O4 - HKLM\..\Run: [ICQ Lite] D:\Programme\ICQLite\ICQLite.exe -minimize
O4 - HKLM\..\Run: [QuickTime Task] "D:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\j2re1.4.2_04\bin\jusched.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [slkzgr] C:\WINNT\slkzgr.exe
O4 - HKLM\..\Run: [alchem] C:\WINNT\alchem.exe
O4 - HKCU\..\Run: [Steam] "f:\programme\steam\steam.exe" -silent
O4 - HKCU\..\Run: [runwin32] C:\WINNT\runwin32.exe
O4 - HKCU\..\Run: [wininet32] C:\WINNT\wininet32.exe
O4 - Startup: Verknüpfung mit TransparentB.lnk = F:\TransparentB.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra 'Tools' menuitem: Sun Java Konsole (HKLM)
O9 - Extra button: ICQ Lite (HKLM)
O9 - Extra 'Tools' menuitem: ICQ Lite (HKLM)
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O12 - Plugin for .pdf: C:\Programme\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/20040105/qtinstall.info.apple.com/mickey/de/win/QuickTimeInstaller.exe
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall-Kontrolle) - http://a840.g.akamai.net/7/840/537/148119a2571ca3/housecall.antivirus.com/housecall/xscan53.cab
O16 - DPF: {8FA9D107-547B-4DBC-9D88-FABD891EDB0A} - http://arcade.icq.com/multiplayer/odyssey_web8.cab
O16 - DPF: {91433D86-9F27-402C-B5E3-DEBDD122C339} - http://www.netvenda.com/sites/games-intl/de/games4.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38030.4500578704
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2400CEBF-9B1B-47AE-8DBA-2D9332899C72}: NameServer = 217.237.149.225 194.25.2.129

na dann
Seitenanfang Seitenende
10.06.2004, 12:37
Sabina
Ehrenmitglied
Avatar Sabina

Beiträge: 29434
#32 1.Deaktiviere die Wiederherstellung
2.Lade die mwav.exe
http://www.mwti.net/antivirus/free_utilities.asp
3. Lade AdAware (free), Cwhsredder und Sphjfix.exe
http://www.trojaner-info.de/anleitungen/hijackthis/about_blank.html



scanne mit dem HijackThis, dann hake an, was ich poste und dann \fix\


R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://easy-search.biz
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://easy-search.biz
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://easy-search.biz
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://easy-search.biz
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://easy-search.biz
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://easy-search.biz
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://easy-search.biz
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://easy-search.biz
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://easy-search.biz
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
O2 - BHO: (no name) - {000020DD-C72E-4113-AF77-DD56626C6C42} - (no file)
O2 - BHO: (no name) - {83DE62E0-5805-11D8-9B25-00E04C60FAF2} - C:\WINNT\2_0_1browserhelper2.dll (file missing)

O4 - HKLM\..\Run: [slkzgr] C:\WINNT\slkzgr.exe
O4 - HKLM\..\Run: [alchem] C:\WINNT\alchem.exe
O4 - HKCU\..\Run: [runwin32] C:\WINNT\runwin32.exe
O4 - HKCU\..\Run: [wininet32] C:\WINNT\wininet32.exe


neustarten


1.Gehe in den abgesicherten Modus, dazu drueckst du F8 beim Hochfahren und scannst ohne Internetverbindung mit allen Tools.

2.normal neustarten

3.Unter InternetOptionen loeschst du die TemporaryInternetFiles und Cookies und stellst die Startseite neu ein.

4.Dann scannst du noch einmal mit der mwav.exe ,kopierst und postest hier das EndLog.Daraus kann man sehen, ob du noch manuell in der Registry Viren loeschen musst, oder ob das Tool die Arbeit schon erledigt hat.

und das HijackThis/Log postest du ebenfalls noch einmal.
MfG
Sabina


http://www.viruslibrary.com/virusinfo/I-Worm.Petik.a.htm
http://securityresponse.symantec.com/avcenter/venc/data/pwsteal.allight.html
__________
MfG Sabina

rund um die PC-Sicherheit
Dieser Beitrag wurde am 10.06.2004 um 12:46 Uhr von Sabina editiert.
Seitenanfang Seitenende
13.06.2004, 15:25
andifu
...neu hier

Beiträge: 3
#33 Danke erstmal ;)

Also ich hab das jetzt alles gemacht und es sieht ganz gut aus!

hier ist der log von Hijack

C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe
C:\WINNT\system32\svchost.exe
D:\Programme\Norton AntiVirus\navapsvc.exe
D:\Programme\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINNT\system32\nvsvc32.exe
C:\WINNT\system32\regsvc.exe
D:\Programme\Norton AntiVirus\SAVScan.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe
C:\WINNT\Explorer.EXE
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe
C:\WINNT\system32\Grxp4exe.exe
D:\Programme\D-Tools\daemon.exe
C:\Programme\T-Online\T-Online_Software_5\Basis-Software\Basis1\ToADiMon.exe
C:\Programme\Java\j2re1.4.2_04\bin\jusched.exe
F:\TransparentB.exe
C:\Programme\T-Online\T-Online_Software_5\Basis-Software\Basis2\kernel.exe
C:\Programme\T-Online\T-Online_Software_5\Basis-Software\Basis2\sc_watch.exe
C:\PROGRA~1\T-Online\T-ONLI~1\BASIS-~1\Basis2\PROFIL~1.EXE
C:\Programme\Internet Explorer\IEXPLORE.EXE
C:\Programme\Outlook Express\msimn.exe
D:\Programme\Norton AntiVirus\OPScan.exe
C:\DOKUME~1\Andi1\LOKALE~1\Temp\mwavscan.com
C:\DOKUME~1\Andi1\LOKALE~1\Temp\kavss.exe
C:\WINNT\system32\notepad.exe
D:\Programme\WinRAR\WinRAR.exe
C:\DOKUME~1\Andi1\LOKALE~1\Temp\Rar$EX00.094\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mymtw.de/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer bereitgestellt von T-Online International AG
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - D:\Programme\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - D:\Programme\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] D:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [Gravis Xperience Driver Support] Grxp4exe.exe /init
O4 - HKLM\..\Run: [DAEMON Tools-1033] "D:\Programme\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [ToADiMon.exe] C:\Programme\T-Online\T-Online_Software_5\Basis-Software\Basis1\ToADiMon.exe -TOnlineAutodialStart
O4 - HKLM\..\Run: [ICQ Lite] D:\Programme\ICQLite\ICQLite.exe -minimize
O4 - HKLM\..\Run: [QuickTime Task] "D:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\j2re1.4.2_04\bin\jusched.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [Steam] "f:\programme\steam\steam.exe" -silent
O4 - HKCU\..\RunOnce: [ICQ Lite] D:\Programme\ICQLite\ICQLite.exe -trayboot
O4 - Startup: Verknüpfung mit TransparentB.lnk = F:\TransparentB.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra 'Tools' menuitem: Sun Java Konsole (HKLM)
O9 - Extra button: ICQ Lite (HKLM)
O9 - Extra 'Tools' menuitem: ICQ Lite (HKLM)
O12 - Plugin for .pdf: C:\Programme\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/20040105/qtinstall.info.apple.com/mickey/de/win/QuickTimeInstaller.exe
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall-Kontrolle) - http://a840.g.akamai.net/7/840/537/148119a2571ca3/housecall.antivirus.com/housecall/xscan53.cab
O16 - DPF: {8FA9D107-547B-4DBC-9D88-FABD891EDB0A} - http://arcade.icq.com/multiplayer/odyssey_web8.cab
O16 - DPF: {91433D86-9F27-402C-B5E3-DEBDD122C339} - http://www.netvenda.com/sites/games-intl/de/games4.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38030.4500578704
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2400CEBF-9B1B-47AE-8DBA-2D9332899C72}: NameServer = 217.237.149.225 194.25.2.129


Und hier der log von mwav.exe


Sun Jun 13 15:24:29 2004 => ***** Scanning Memory Files *****
Sun Jun 13 15:24:29 2004 => Scanning File C:\WINNT\system32\services.exe
Sun Jun 13 15:24:29 2004 => Scanning File C:\WINNT\system32\lsass.exe
Sun Jun 13 15:24:29 2004 => Scanning File C:\WINNT\system32\svchost.exe
Sun Jun 13 15:24:29 2004 => Scanning File C:\WINNT\system32\spoolsv.exe
Sun Jun 13 15:24:29 2004 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\ccSetMgr.exe
Sun Jun 13 15:24:29 2004 => Scanning File C:\WINNT\system32\svchost.exe
Sun Jun 13 15:24:29 2004 => Scanning File D:\PROGRA~1\NORTON~1\navapsvc.exe
Sun Jun 13 15:24:29 2004 => Scanning File D:\PROGRA~1\NORTON~1\AdvTools\NPROTECT.EXE
Sun Jun 13 15:24:29 2004 => Scanning File C:\WINNT\system32\nvsvc32.exe
Sun Jun 13 15:24:29 2004 => Scanning File C:\WINNT\system32\regsvc.exe
Sun Jun 13 15:24:29 2004 => Scanning File D:\PROGRA~1\NORTON~1\SAVScan.exe
Sun Jun 13 15:24:29 2004 => Scanning File C:\WINNT\system32\MSTask.exe
Sun Jun 13 15:24:29 2004 => Scanning File C:\WINNT\System32\WBEM\WinMgmt.exe
Sun Jun 13 15:24:30 2004 => Scanning File C:\WINNT\system32\svchost.exe
Sun Jun 13 15:24:30 2004 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\ccEvtMgr.exe
Sun Jun 13 15:24:30 2004 => Scanning File C:\WINNT\Explorer.EXE
Sun Jun 13 15:24:30 2004 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\ccApp.exe
Sun Jun 13 15:24:30 2004 => Scanning File C:\WINNT\system32\Grxp4exe.exe
Sun Jun 13 15:24:30 2004 => Scanning File D:\Programme\D-Tools\daemon.exe
Sun Jun 13 15:24:30 2004 => Scanning File C:\Programme\T-Online\T-Online_Software_5\Basis-Software\Basis1\ToADiMon.exe
Sun Jun 13 15:24:30 2004 => Scanning File C:\Programme\Java\j2re1.4.2_04\bin\jusched.exe
Sun Jun 13 15:24:30 2004 => Scanning File F:\TransparentB.exe
Sun Jun 13 15:24:30 2004 => Scanning File C:\Programme\T-Online\T-Online_Software_5\Basis-Software\Basis2\kernel.exe
Sun Jun 13 15:24:30 2004 => Scanning File C:\Programme\T-Online\T-Online_Software_5\Basis-Software\Basis2\sc_watch.exe
Sun Jun 13 15:24:30 2004 => Scanning File C:\PROGRA~1\T-Online\T-ONLI~1\BASIS-~1\Basis2\PROFIL~1.EXE
Sun Jun 13 15:24:30 2004 => Scanning File C:\PROGRA~1\INTERN~1\IEXPLORE.EXE
Sun Jun 13 15:24:30 2004 => Scanning File C:\PROGRA~1\OUTLOO~1\msimn.exe
Sun Jun 13 15:24:30 2004 => Scanning File C:\WINNT\system32\notepad.exe
Sun Jun 13 15:24:30 2004 => Scanning File D:\PROGRA~1\Lavasoft\AD-AWA~1\Ad-aware.exe
Sun Jun 13 15:24:31 2004 => Scanning File C:\WINNT\system32\NOTEPAD.EXE
Sun Jun 13 15:24:31 2004 => Scanning File C:\DOKUME~1\Andi1\LOKALE~1\Temp\mwavscan.com
Sun Jun 13 15:24:31 2004 => Scanning File C:\DOKUME~1\Andi1\LOKALE~1\Temp\kavss.exe

Sun Jun 13 15:24:31 2004 => ***** Scanning Registry Files *****
Sun Jun 13 15:24:31 2004 => Scanning HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
Sun Jun 13 15:24:31 2004 => Scanning File C:\WINNT\Explorer.exe
Sun Jun 13 15:24:31 2004 => Scanning File C:\WINNT\system32\userinit.exe
Sun Jun 13 15:24:31 2004 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Sun Jun 13 15:24:31 2004 => Scanning File C:\WINNT\system32\mobsync.exe
Sun Jun 13 15:24:31 2004 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\ccApp.exe
Sun Jun 13 15:24:31 2004 => Scanning File D:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
Sun Jun 13 15:24:31 2004 => Scanning File C:\WINNT\system32\Grxp4exe.exe
Sun Jun 13 15:24:31 2004 => Scanning File D:\Programme\D-Tools\daemon.exe
Sun Jun 13 15:24:31 2004 => Scanning File C:\Programme\T-Online\T-Online_Software_5\Basis-Software\Basis1\ToADiMon.exe
Sun Jun 13 15:24:31 2004 => Scanning File D:\Programme\ICQLite\ICQLite.exe
Sun Jun 13 15:24:31 2004 => Scanning File D:\Programme\QuickTime\qttask.exe
Sun Jun 13 15:24:31 2004 => Scanning File C:\Programme\Java\j2re1.4.2_04\bin\jusched.exe
Sun Jun 13 15:24:31 2004 => Scanning File C:\WINNT\system32\RUNDLL32.EXE
Sun Jun 13 15:24:31 2004 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
Sun Jun 13 15:24:31 2004 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx
Sun Jun 13 15:24:31 2004 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
Sun Jun 13 15:24:31 2004 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Sun Jun 13 15:24:31 2004 => Scanning File f:\programme\steam\steam.exe
Sun Jun 13 15:24:31 2004 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
Sun Jun 13 15:24:31 2004 => Scanning File D:\Programme\ICQLite\ICQLite.exe
Sun Jun 13 15:24:31 2004 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx
Sun Jun 13 15:24:31 2004 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
Sun Jun 13 15:24:31 2004 => Scanning HKCR\txtfile\shell\open\command
Sun Jun 13 15:24:31 2004 => Scanning HKCR\comfile\shell\open\command
Sun Jun 13 15:24:31 2004 => Scanning HKCR\exefile\shell\open\command
Sun Jun 13 15:24:31 2004 => Scanning HKCR\dllfile\shell\open\command
Sun Jun 13 15:24:31 2004 => Scanning HKCR\batfile\shell\open\command
Sun Jun 13 15:24:31 2004 => Scanning HKCR\piffile\shell\open\command
Sun Jun 13 15:24:31 2004 => Scanning HKCR\scrfile\shell\open\command
Sun Jun 13 15:24:31 2004 => Scanning HKCR\scrfile\shell\config\command
Sun Jun 13 15:24:31 2004 => Scanning HKCR\regfile\shell\open\command

Sun Jun 13 15:24:31 2004 => ***** Scanning StartUp Folders *****

Sun Jun 13 15:24:31 2004 => ***** Scanning C:\Dokumente und Einstellungen\Andi1\Startmenü\Programme\Autostart Folder *****
Sun Jun 13 15:24:31 2004 => Scanning Folder: C:\Dokumente und Einstellungen\Andi1\Startmenü\Programme\Autostart\*.*
Sun Jun 13 15:24:31 2004 => Scanning File C:\Dokumente und Einstellungen\Andi1\Startmenü\Programme\Autostart\Verknüpfung mit TransparentB.lnk

Sun Jun 13 15:24:31 2004 => ***** Scanning C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart Folder *****
Sun Jun 13 15:24:31 2004 => Scanning Folder: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\*.*

Sun Jun 13 15:24:31 2004 => ***** Scanning Service Files *****
Sun Jun 13 15:24:31 2004 => Scanning HKLM\SYSTEM\CurrentControlSet\Services
Sun Jun 13 15:24:31 2004 => Scanning File C:\WINNT\system32\DRIVERS\ACPI.sys
Sun Jun 13 15:24:31 2004 => Scanning File C:\WINNT\System32\drivers\afd.sys
Sun Jun 13 15:24:31 2004 => Scanning File C:\WINNT\system32\services.exe
Sun Jun 13 15:24:31 2004 => Scanning File C:\WINNT\system32\services.exe
Sun Jun 13 15:24:31 2004 => Scanning File C:\WINNT\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
Sun Jun 13 15:24:32 2004 => Scanning File C:\WINNT\system32\DRIVERS\asyncmac.sys
Sun Jun 13 15:24:32 2004 => Scanning File C:\WINNT\system32\DRIVERS\atapi.sys
Sun Jun 13 15:24:32 2004 => Scanning File C:\WINNT\system32\DRIVERS\atmarpc.sys
Sun Jun 13 15:24:32 2004 => Scanning File C:\WINNT\system32\DRIVERS\audstub.sys
Sun Jun 13 15:24:32 2004 => Scanning File C:\WINNT\system32\svchost.exe
Sun Jun 13 15:24:32 2004 => Scanning File C:\WINNT\system32\services.exe
Sun Jun 13 15:24:32 2004 => Scanning File C:\WINNT\system32\DRIVERS\CCDECODE.sys
Sun Jun 13 15:24:32 2004 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\ccEvtMgr.exe
Sun Jun 13 15:24:32 2004 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\ccPwdSvc.exe
Sun Jun 13 15:24:32 2004 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\ccSetMgr.exe
Sun Jun 13 15:24:32 2004 => Scanning File C:\WINNT\system32\DRIVERS\cdrom.sys
Sun Jun 13 15:24:32 2004 => Scanning File C:\WINNT\system32\cisvc.exe
Sun Jun 13 15:24:32 2004 => Scanning File C:\WINNT\system32\clipsrv.exe
Sun Jun 13 15:24:32 2004 => Scanning File C:\WINNT\system32\services.exe
Sun Jun 13 15:24:32 2004 => Scanning File C:\WINNT\system32\DRIVERS\disk.sys
Sun Jun 13 15:24:32 2004 => Scanning File C:\WINNT\System32\dmadmin.exe
Sun Jun 13 15:24:32 2004 => Scanning File C:\WINNT\system32\drivers\dmboot.sys
Sun Jun 13 15:24:32 2004 => Scanning File C:\WINNT\system32\DRIVERS\dmio.sys
Sun Jun 13 15:24:32 2004 => Scanning File C:\WINNT\System32\services.exe
Sun Jun 13 15:24:32 2004 => Scanning File C:\WINNT\system32\drivers\DMusic.sys
Sun Jun 13 15:24:32 2004 => Scanning File C:\WINNT\system32\services.exe
Sun Jun 13 15:24:32 2004 => Scanning File C:\WINNT\system32\services.exe
Sun Jun 13 15:24:32 2004 => Scanning File C:\WINNT\system32\svchost.exe
Sun Jun 13 15:24:32 2004 => Scanning File C:\WINNT\system32\faxsvc.exe
Sun Jun 13 15:24:32 2004 => Scanning File C:\WINNT\system32\DRIVERS\fdc.sys
Sun Jun 13 15:24:32 2004 => Scanning File C:\WINNT\system32\DRIVERS\flpydisk.sys
Sun Jun 13 15:24:32 2004 => Scanning File C:\WINNT\system32\DRIVERS\ftdisk.sys
Sun Jun 13 15:24:32 2004 => Scanning File C:\WINNT\system32\DRIVERS\gameenum.sys
Sun Jun 13 15:24:32 2004 => Scanning File C:\WINNT\system32\DRIVERS\msgpc.sys
Sun Jun 13 15:24:32 2004 => Scanning File C:\WINNT\system32\DRIVERS\hidusb.sys
Sun Jun 13 15:24:32 2004 => Scanning File C:\WINNT\system32\DRIVERS\i8042prt.sys
Sun Jun 13 15:24:32 2004 => Scanning File C:\WINNT\system32\DRIVERS\ipfltdrv.sys
Sun Jun 13 15:24:32 2004 => Scanning File C:\WINNT\system32\DRIVERS\ipinip.sys
Sun Jun 13 15:24:32 2004 => Scanning File C:\WINNT\system32\DRIVERS\ipnat.sys
Sun Jun 13 15:24:32 2004 => Scanning File C:\WINNT\system32\DRIVERS\ipsec.sys
Sun Jun 13 15:24:32 2004 => Scanning File C:\WINNT\system32\DRIVERS\irenum.sys
Sun Jun 13 15:24:32 2004 => Scanning File C:\WINNT\system32\DRIVERS\isapnp.sys
Sun Jun 13 15:24:32 2004 => Scanning File C:\WINNT\system32\DRIVERS\kbdclass.sys
Sun Jun 13 15:24:32 2004 => Scanning File C:\WINNT\system32\drivers\KID_SYS.sys
Sun Jun 13 15:24:32 2004 => Scanning File C:\WINNT\system32\drivers\kmixer.sys
Sun Jun 13 15:24:32 2004 => Scanning File C:\WINNT\system32\services.exe
Sun Jun 13 15:24:32 2004 => Scanning File C:\WINNT\system32\services.exe
Sun Jun 13 15:24:32 2004 => Scanning File C:\WINNT\system32\services.exe
Sun Jun 13 15:24:32 2004 => Scanning File C:\WINNT\system32\services.exe
Sun Jun 13 15:24:32 2004 => Scanning File C:\WINNT\system32\mnmsrvc.exe
Sun Jun 13 15:24:32 2004 => Scanning File C:\WINNT\system32\DRIVERS\mouclass.sys
Sun Jun 13 15:24:32 2004 => Scanning File C:\WINNT\system32\DRIVERS\mouhid.sys
Sun Jun 13 15:24:32 2004 => Scanning File C:\WINNT\system32\DRIVERS\MPE.sys
Sun Jun 13 15:24:32 2004 => Scanning File C:\WINNT\system32\DRIVERS\mrxsmb.sys
Sun Jun 13 15:24:32 2004 => Scanning File C:\WINNT\system32\msdtc.exe
Sun Jun 13 15:24:32 2004 => Scanning File C:\WINNT\system32\msiexec.exe
Sun Jun 13 15:24:32 2004 => Scanning File C:\WINNT\system32\drivers\MSKSSRV.sys
Sun Jun 13 15:24:32 2004 => Scanning File C:\WINNT\system32\drivers\MSPCLOCK.sys
Sun Jun 13 15:24:33 2004 => Scanning File C:\WINNT\system32\drivers\MSPQM.sys
Sun Jun 13 15:24:33 2004 => Scanning File C:\WINNT\system32\drivers\MSTEE.sys
Sun Jun 13 15:24:33 2004 => Scanning File C:\WINNT\system32\drivers\msmpu401.sys
Sun Jun 13 15:24:33 2004 => Scanning File C:\WINNT\system32\drivers\mup.sys
Sun Jun 13 15:24:33 2004 => Scanning File C:\WINNT\system32\DRIVERS\NABTSFEC.sys
Sun Jun 13 15:24:33 2004 => Scanning File D:\PROGRA~1\NORTON~1\navapsvc.exe
Sun Jun 13 15:24:33 2004 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\VIRUSD~1\20040609.019\NAVENG.SYS
Sun Jun 13 15:24:33 2004 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\VIRUSD~1\20040609.019\NAVEX15.SYS
Sun Jun 13 15:24:33 2004 => Scanning File C:\WINNT\system32\DRIVERS\ndistapi.sys
Sun Jun 13 15:24:33 2004 => Scanning File C:\WINNT\system32\DRIVERS\ndisuio.sys
Sun Jun 13 15:24:33 2004 => Scanning File C:\WINNT\system32\DRIVERS\ndiswan.sys
Sun Jun 13 15:24:33 2004 => Scanning File C:\WINNT\system32\DRIVERS\netbios.sys
Sun Jun 13 15:24:33 2004 => Scanning File C:\WINNT\system32\DRIVERS\netbt.sys
Sun Jun 13 15:24:33 2004 => Scanning File C:\WINNT\system32\netdde.exe
Sun Jun 13 15:24:33 2004 => Scanning File C:\WINNT\system32\netdde.exe
Sun Jun 13 15:24:33 2004 => Scanning File C:\WINNT\system32\drivers\netdtect.sys
Sun Jun 13 15:24:33 2004 => Scanning File C:\WINNT\system32\lsass.exe
Sun Jun 13 15:24:33 2004 => Scanning File C:\WINNT\System32\svchost.exe
Sun Jun 13 15:24:33 2004 => Scanning File C:\WINNT\SYSTEM32\DRIVERS\NPDRIVER.SYS
Sun Jun 13 15:24:33 2004 => Scanning File D:\PROGRA~1\NORTON~1\AdvTools\NPROTECT.EXE
Sun Jun 13 15:24:33 2004 => Scanning File C:\WINNT\system32\lsass.exe
Sun Jun 13 15:24:33 2004 => Scanning File C:\WINNT\System32\svchost.exe
Sun Jun 13 15:24:33 2004 => Scanning File C:\WINNT\system32\drivers\ntxpgp.sys
Sun Jun 13 15:24:33 2004 => Scanning File C:\WINNT\system32\DRIVERS\nv4_mini.sys
Sun Jun 13 15:24:33 2004 => Scanning File C:\WINNT\system32\DRIVERS\nvatabus.sys
Sun Jun 13 15:24:33 2004 => Scanning File C:\WINNT\system32\drivers\nvax.sys
Sun Jun 13 15:24:33 2004 => Scanning File C:\WINNT\system32\DRIVERS\NVENET.sys
Sun Jun 13 15:24:33 2004 => Scanning File C:\WINNT\system32\drivers\nvapu.sys
Sun Jun 13 15:24:33 2004 => Scanning File C:\WINNT\system32\nvsvc32.exe
Sun Jun 13 15:24:33 2004 => Scanning File C:\WINNT\system32\DRIVERS\nv_agp.sys
Sun Jun 13 15:24:33 2004 => Scanning File C:\WINNT\system32\DRIVERS\nwlnkflt.sys
Sun Jun 13 15:24:33 2004 => Scanning File C:\WINNT\system32\DRIVERS\nwlnkfwd.sys
Sun Jun 13 15:24:33 2004 => Scanning File C:\WINNT\system32\DRIVERS\openhci.sys
Sun Jun 13 15:24:33 2004 => Scanning File C:\WINNT\system32\DRIVERS\parallel.sys
Sun Jun 13 15:24:33 2004 => Scanning File C:\WINNT\system32\DRIVERS\parport.sys
Sun Jun 13 15:24:33 2004 => Scanning File C:\WINNT\system32\DRIVERS\pci.sys
Sun Jun 13 15:24:33 2004 => Scanning File C:\WINNT\system32\DRIVERS\pciide.sys
Sun Jun 13 15:24:33 2004 => Scanning File C:\WINNT\system32\services.exe
Sun Jun 13 15:24:33 2004 => Scanning File C:\WINNT\system32\lsass.exe
Sun Jun 13 15:24:33 2004 => Scanning File C:\WINNT\system32\DRIVERS\raspptp.sys
Sun Jun 13 15:24:33 2004 => Scanning File C:\WINNT\System32\drivers\prodrv06.sys
Sun Jun 13 15:24:33 2004 => Scanning File C:\WINNT\system32\drivers\prohlp02.sys
Sun Jun 13 15:24:38 2004 => Scanning File C:\WINNT\system32\drivers\prosync1.sys
Sun Jun 13 15:24:38 2004 => Scanning File C:\WINNT\system32\services.exe
Sun Jun 13 15:24:38 2004 => Scanning File C:\WINNT\system32\DRIVERS\ptilink.sys
Sun Jun 13 15:24:38 2004 => Scanning File C:\WINNT\system32\DRIVERS\PxHelp20.sys
Sun Jun 13 15:24:38 2004 => Scanning File C:\WINNT\system32\DRIVERS\rasacd.sys
Sun Jun 13 15:24:38 2004 => Scanning File C:\WINNT\system32\svchost.exe
Sun Jun 13 15:24:38 2004 => Scanning File C:\WINNT\system32\DRIVERS\rasl2tp.sys
Sun Jun 13 15:24:38 2004 => Scanning File C:\WINNT\system32\svchost.exe
Sun Jun 13 15:24:38 2004 => Scanning File C:\WINNT\system32\DRIVERS\raspti.sys
Sun Jun 13 15:24:38 2004 => Scanning File C:\WINNT\system32\drivers\RCA.sys
Sun Jun 13 15:24:38 2004 => Scanning File C:\WINNT\system32\DRIVERS\rdbss.sys
Sun Jun 13 15:24:38 2004 => Scanning File C:\WINNT\system32\DRIVERS\redbook.sys
Sun Jun 13 15:24:38 2004 => Scanning File C:\WINNT\system32\svchost.exe
Sun Jun 13 15:24:38 2004 => Scanning File C:\WINNT\system32\regsvc.exe
Sun Jun 13 15:24:38 2004 => Scanning File C:\WINNT\system32\locator.exe
Sun Jun 13 15:24:38 2004 => Scanning File C:\WINNT\system32\svchost.exe
Sun Jun 13 15:24:38 2004 => Scanning File C:\WINNT\system32\rsvp.exe
Sun Jun 13 15:24:38 2004 => Scanning File C:\WINNT\system32\lsass.exe
Sun Jun 13 15:24:38 2004 => Scanning File D:\PROGRA~1\NORTON~1\SAVRT.SYS
Sun Jun 13 15:24:38 2004 => Scanning File D:\PROGRA~1\NORTON~1\SAVRTPEL.SYS
Sun Jun 13 15:24:38 2004 => Scanning File D:\PROGRA~1\NORTON~1\SAVScan.exe
Sun Jun 13 15:24:38 2004 => Scanning File C:\PROGRA~1\GEMEIN~1\SYMANT~1\SCRIPT~1\SBServ.exe
Sun Jun 13 15:24:38 2004 => Scanning File C:\WINNT\System32\SCardSvr.exe
Sun Jun 13 15:24:38 2004 => Scanning File C:\WINNT\System32\SCardSvr.exe
Sun Jun 13 15:24:38 2004 => Scanning File C:\WINNT\system32\MSTask.exe
Sun Jun 13 15:24:38 2004 => Scanning File C:\WINNT\SYSTEM32\DRIVERS\SECDRV.SYS
Sun Jun 13 15:24:38 2004 => Scanning File C:\WINNT\system32\services.exe
Sun Jun 13 15:24:38 2004 => Scanning File C:\WINNT\system32\svchost.exe
Sun Jun 13 15:24:38 2004 => Scanning File C:\WINNT\system32\DRIVERS\serenum.sys
Sun Jun 13 15:24:38 2004 => Scanning File C:\WINNT\system32\DRIVERS\Ser*hier nicht!*.sys
Sun Jun 13 15:24:38 2004 => Scanning File C:\WINNT\system32\drivers\sfhlp01.sys
Sun Jun 13 15:24:38 2004 => Scanning File C:\WINNT\system32\svchost.exe
Sun Jun 13 15:24:38 2004 => Scanning File C:\WINNT\system32\DRIVERS\SLIP.sys
Sun Jun 13 15:24:38 2004 => Scanning File C:\WINNT\system32\spoolsv.exe
Sun Jun 13 15:24:38 2004 => Scanning File C:\WINNT\system32\DRIVERS\srv.sys
Sun Jun 13 15:24:38 2004 => Scanning File C:\WINNT\system32\DRIVERS\st3wolf.sys
Sun Jun 13 15:24:38 2004 => Scanning File C:\WINNT\system32\DRIVERS\StreamIP.sys
Sun Jun 13 15:24:38 2004 => Scanning File C:\WINNT\system32\DRIVERS\stwlfbus.sys
Sun Jun 13 15:24:38 2004 => Scanning File C:\WINNT\SYSTEM32\SVKP.SYS
Sun Jun 13 15:24:38 2004 => Scanning File C:\WINNT\system32\DRIVERS\swenum.sys
Sun Jun 13 15:24:38 2004 => Scanning File C:\WINNT\system32\drivers\swmidi.sys
Sun Jun 13 15:24:38 2004 => Scanning File C:\PROGRAMME\SYMANTEC\SYMEVENT.SYS
Sun Jun 13 15:24:38 2004 => Scanning File C:\WINNT\SYSTEM32\DRIVERS\SYMREDRV.SYS
Sun Jun 13 15:24:38 2004 => Scanning File C:\WINNT\SYSTEM32\DRIVERS\SYMTDI.SYS
Sun Jun 13 15:24:38 2004 => Scanning File C:\WINNT\system32\drivers\sysaudio.sys
Sun Jun 13 15:24:38 2004 => Scanning File C:\WINNT\system32\smlogsvc.exe
Sun Jun 13 15:24:38 2004 => Scanning File C:\WINNT\System32\svchost.exe
Sun Jun 13 15:24:38 2004 => Scanning File C:\WINNT\system32\DRIVERS\tcpip.sys
Sun Jun 13 15:24:38 2004 => Scanning File C:\WINNT\system32\DRIVERS\TDSLAdap.sys
Sun Jun 13 15:24:38 2004 => Scanning File C:\WINNT\system32\DRIVERS\TDSLProt.sys
Sun Jun 13 15:24:38 2004 => Scanning File C:\WINNT\system32\tlntsvr.exe
Sun Jun 13 15:24:38 2004 => Scanning File C:\WINNT\system32\services.exe
Sun Jun 13 15:24:38 2004 => Scanning File C:\WINNT\system32\DRIVERS\update.sys
Sun Jun 13 15:24:38 2004 => Scanning File C:\WINNT\System32\ups.exe
Sun Jun 13 15:24:39 2004 => Scanning File C:\WINNT\system32\DRIVERS\usbehci.sys
Sun Jun 13 15:24:39 2004 => Scanning File C:\WINNT\system32\DRIVERS\usbhub.sys
Sun Jun 13 15:24:39 2004 => Scanning File C:\WINNT\system32\DRIVERS\usbhub20.sys
Sun Jun 13 15:24:39 2004 => Scanning File C:\WINNT\System32\UtilMan.exe
Sun Jun 13 15:24:39 2004 => Scanning File C:\WINNT\System32\drivers\vga.sys
Sun Jun 13 15:24:39 2004 => Scanning File C:\WINNT\System32\services.exe
Sun Jun 13 15:24:39 2004 => Scanning File C:\WINNT\system32\DRIVERS\wanarp.sys
Sun Jun 13 15:24:39 2004 => Scanning File C:\WINNT\system32\drivers\wdmaud.sys
Sun Jun 13 15:24:39 2004 => Scanning File C:\WINNT\System32\WBEM\WinMgmt.exe
Sun Jun 13 15:24:39 2004 => Scanning File C:\WINNT\System32\svchost.exe
Sun Jun 13 15:24:39 2004 => Scanning File C:\WINNT\system32\Services.exe
Sun Jun 13 15:24:39 2004 => Scanning File C:\WINNT\system32\DRIVERS\WSTCODEC.SYS
Sun Jun 13 15:24:39 2004 => Scanning File C:\WINNT\system32\svchost.exe
Sun Jun 13 15:24:39 2004 => Scanning File C:\WINNT\System32\svchost.exe

Sun Jun 13 15:24:39 2004 => ***** Scanning Important System Files *****
Sun Jun 13 15:24:39 2004 => Scanning File C:\WINNT\system32\winsock.dll
Sun Jun 13 15:24:39 2004 => Scanning File C:\WINNT\system32\ws2help.dll
Sun Jun 13 15:24:39 2004 => Scanning File C:\WINNT\system32\ws2_32.dll
Sun Jun 13 15:24:39 2004 => Scanning File C:\WINNT\system32\wscript.exe
Sun Jun 13 15:24:39 2004 => Scanning File C:\WINNT\system32\wsecedit.dll
Sun Jun 13 15:24:39 2004 => Scanning File C:\WINNT\system32\wshatm.dll
Sun Jun 13 15:24:39 2004 => Scanning File C:\WINNT\system32\wshcon.dll
Sun Jun 13 15:24:39 2004 => Scanning File C:\WINNT\system32\wshde.dll
Sun Jun 13 15:24:39 2004 => Scanning File C:\WINNT\system32\wshext.dll
Sun Jun 13 15:24:39 2004 => Scanning File C:\WINNT\system32\wshirda.dll
Sun Jun 13 15:24:39 2004 => Scanning File C:\WINNT\system32\wshisn.dll
Sun Jun 13 15:24:39 2004 => Scanning File C:\WINNT\system32\wshnetbs.dll
Sun Jun 13 15:24:39 2004 => Scanning File C:\WINNT\system32\wshom.ocx
Sun Jun 13 15:24:39 2004 => Scanning File C:\WINNT\system32\wshtcpip.dll
Sun Jun 13 15:24:39 2004 => Scanning File C:\WINNT\system32\wsnmp32.dll
Sun Jun 13 15:24:39 2004 => Scanning File C:\WINNT\system32\wsock32.dll
Sun Jun 13 15:24:39 2004 => Scanning File C:\WINNT\system32\wstdecod.dll
Sun Jun 13 15:24:39 2004 => Scanning File C:\WINNT\folder.htt
Sun Jun 13 15:24:39 2004 => Scanning File C:\WINNT\system32\folder.htt
Sun Jun 13 15:24:39 2004 => Scanning File C:\WINNT\explorer.exe
Sun Jun 13 15:24:39 2004 => Scanning File C:\WINNT\explorer.scf
Sun Jun 13 15:24:39 2004 => Scanning File C:\WINNT\notepad.exe
Sun Jun 13 15:24:39 2004 => Scanning File C:\WINNT\system32\notepad.exe
Sun Jun 13 15:24:39 2004 => Scanning File C:\WINNT\system32\CMD.EXE
Sun Jun 13 15:24:39 2004 => Scanning File C:\WINNT\system32\KERNEL32.DLL
Sun Jun 13 15:24:40 2004 => Scanning File C:\WINNT\system32\NTOSKRNL.EXE
Sun Jun 13 15:24:40 2004 => Scanning File C:\WINNT\system32\NTKRNLPA.EXE
Sun Jun 13 15:24:40 2004 => Scanning File C:\WINNT\system32\hal.dll
Sun Jun 13 15:24:40 2004 => Scanning File C:\WINNT\system32\WIN32K.SYS
Sun Jun 13 15:24:40 2004 => Scanning File C:\WINNT\system32\NTDLL.DLL
Sun Jun 13 15:24:40 2004 => Scanning File C:\WINNT\system32\ADVAPI32.DLL
Sun Jun 13 15:24:40 2004 => Scanning File C:\WINNT\system32\USER32.DLL
Sun Jun 13 15:24:40 2004 => Scanning File C:\WINNT\system32\GDI32.DLL
Sun Jun 13 15:24:40 2004 => Scanning File C:\WINNT\system32\bootvid.dll
Sun Jun 13 15:24:40 2004 => Scanning File C:\WINNT\system32\command.com

Sun Jun 13 15:24:40 2004 => ***** Checking for specific ITW Viruses *****
Sun Jun 13 15:24:40 2004 => Checking for Welchia Virus...
Sun Jun 13 15:24:40 2004 => Checking for LovGate Virus...
Sun Jun 13 15:24:40 2004 => Checking for CodeRed Virus...
Sun Jun 13 15:24:40 2004 => Checking for OpaServ Virus...
Sun Jun 13 15:24:40 2004 => Checking for Sobig.e Virus...
Sun Jun 13 15:24:40 2004 => Checking for Winupie Virus...
Sun Jun 13 15:24:40 2004 => Checking for Swen Virus...
Sun Jun 13 15:24:40 2004 => Checking for JS.Fortnight Virus...
Sun Jun 13 15:24:40 2004 => Checking for Novarg Virus...

Sun Jun 13 15:24:40 2004 => ***** Scanning complete. *****

Sun Jun 13 15:24:40 2004 => Total Number of Files Scanned: 250
Sun Jun 13 15:24:40 2004 => Total Number of Virus(es) Found: 0
Sun Jun 13 15:24:40 2004 => Total Number of Disinfected Files: 0
Sun Jun 13 15:24:40 2004 => Total Number of Files Renamed: 0
Sun Jun 13 15:24:40 2004 => Total Number of Deleted Files: 0
Sun Jun 13 15:24:40 2004 => Total Number of Errors: 0
Sun Jun 13 15:24:40 2004 => Time Elapsed: 00:00:11
Sun Jun 13 15:24:40 2004 => Virus Database Date: 2004/06/07
Sun Jun 13 15:24:40 2004 => Virus Database Count: 94246

Sun Jun 13 15:24:40 2004 => Scan Completed

also danke nochmal und ich hoffe das ich jetzt alles weg hab ;)
Seitenanfang Seitenende
13.06.2004, 16:57
Sabina
Ehrenmitglied
Avatar Sabina

Beiträge: 29434
#34 Das Log ist sauber.
loesche noch unter InternetOptionen die TemporaryInternetFiles.

Dann lade den Firefox als Zweit/und SurfBrowser...ist hijackerfrei
http://www.firebird-browser.de/

MfG
Sabina
__________
MfG Sabina

rund um die PC-Sicherheit
Dieser Beitrag wurde am 13.06.2004 um 16:58 Uhr von Sabina editiert.
Seitenanfang Seitenende
14.06.2004, 12:23
andifu
...neu hier

Beiträge: 3
#35 k werd ich machen ;)

Danke nochmal ;)
Seitenanfang Seitenende
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!

Folgende Themen könnten Dich auch interessieren:
Seite(n): 123