Home » Spyware & Browser Hijacker Support Forum » Nervende selbstständige Werbe-TABS unter Firefox.Alles beigetragen. » Themenansicht

Nervende selbstständige Werbe-TABS unter Firefox.Alles beigetragen.

Thema ist geschlossen!
Thema ist geschlossen!
#0
19.10.2006, 18:12
Beetlejuice
Member

Themenstarter

Beiträge: 22
#31 Habe den scann ausgefürt und konnte danach nur eine Bereinigung durchführen. Einen Report habe ich nicht speichern können. Habe danach abgebrochen. In diesem Moment führt der Rechner den Scann ein zweites mal aus.
Was soll ich tun?

Habe das Löschen der Files unterbrochen weil ich mir nicht sicher war ob ich es machen sollte.
Danach habe ich erst den Report erhalten den ich hier poste.

Soll ich nun noch einmal scannen und die infizierten Files löschen lassen?
------------------------------------------------------------------------------

<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">

<html>
<font style="COLOR: black; FONT: 10pt verdana">
<head>
<title>F-Secure Online Scanner 3.0.19 - Scanning Report - Thursday, October 19, 2006 19:55:02</title>
</head>

<body>
<h1><font face="Arial">Scanning Report</font></h1>
<h2><font face="Arial">Thursday, October 19, 2006 18:10:12 - 19:53:42</font></h2>
<p>
Computer name: FESTRECHNER_MAR
<br>Scanning type: Scan system for viruses, rootkits, spyware
<br>Target: C:\ D:\ E:\ F:\
</p>
<hr noshade>
<h2><font face="Arial" color="#5A6ED2">Result: 830 malware found</font></h2>
<a href="http://cgi.f-secure.com/cgi-bin/websearch/vsearch.cgi?q=Adware.DollarRevenue&orig='disk'" target="_blank"><nobr>Adware.DollarRevenue</nobr></a> (spyware)
<ul>
<li>
System
</ul>
<a href="http://cgi.f-secure.com/cgi-bin/websearch/vsearch.cgi?q=Email-Worm.Win32.NetSky.q&orig='disk'" target="_blank"><nobr>Email-Worm.Win32.NetSky.q</nobr></a> (virus)
<ul>
<li>
C:\PROGRAMME\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\QUARANTINE\5A74363E (Renamed & Submitted)
<li>
C:\PROGRAMME\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\QUARANTINE\074B6A09 (Renamed & Submitted)
</ul>
<a href="http://cgi.f-secure.com/cgi-bin/websearch/vsearch.cgi?q=Exploit.HTML.Iframe.FileDownload&orig='disk'" target="_blank"><nobr>Exploit.HTML.Iframe.FileDownload</nobr></a> (virus)
<ul>
<li>
C:\PROGRAMME\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\QUARANTINE\5AE349C4 (Submitted)
<li>
C:\PROGRAMME\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\QUARANTINE\07523E02 (Submitted)
</ul>
<a href="http://cgi.f-secure.com/cgi-bin/websearch/vsearch.cgi?q=Hantaner.A&orig='disk'" target="_blank"><nobr>Hantaner.A</nobr></a> (virus)
<ul>
<li>
D:\SPEICHERKARTE\SETUPCLONECD.EXE (Submitted)
<li>
E:\DOWNLOAD SPONTAN\40.72_WIN2KXP.EXE (Submitted)
<li>
E:\DOWNLOAD SPONTAN\CLONYXXLV2006.EXE
<li>
E:\DOWNLOAD SPONTAN\GROKSTERSETUP.EXE
<li>
E:\DOWNLOAD SPONTAN\IMESHV3.EXE
<li>
E:\DOWNLOAD SPONTAN\JUKEBOX_8MB_V320_D.EXE
<li>
E:\DOWNLOAD SPONTAN\MBUINST.EXE
<li>
E:\DOWNLOAD SPONTAN\MMSSETUP.EXE
<li>
E:\DOWNLOAD SPONTAN\MORPH20.EXE
<li>
E:\DOWNLOAD SPONTAN\MSNADDIN.EXE
<li>
E:\DOWNLOAD SPONTAN\SERVER-UPDATER.EXE
<li>
E:\DOWNLOAD SPONTAN\SETUPCLONECD.EXE
<li>
E:\DOWNLOAD SPONTAN\SP_446318_R1_R4A.EXE
<li>
E:\DOWNLOAD SPONTAN\WINMX322.EXE
<li>
E:\DOWNLOAD SPONTAN\WRAR300D.EXE
</ul>
<a href="http://cgi.f-secure.com/cgi-bin/websearch/vsearch.cgi?q=P2P-Worm.Win32.VB.dz&orig='disk'" target="_blank"><nobr>P2P-Worm.Win32.VB.dz</nobr></a> (virus)
<ul>
<li>
F:\PROGRAMME\NORTON ANTIVIRUS\QUARANTINE\005B2BBC.EXE
<li>
F:\PROGRAMME\NORTON ANTIVIRUS\QUARANTINE\0081714C.EXE
<li>
F:\PROGRAMME\NORTON ANTIVIRUS\QUARANTINE\00AC6D5F.EXE
<li>

<a href="http://cgi.f-secure.com/cgi-bin/websearch/vsearch.cgi?q=Trojan-Downloader.Win32.Agent.awb&orig='disk'" target="_blank"><nobr>Trojan-Downloader.Win32.Agent.awb</nobr></a> (virus)
<ul>
<li>
F:\PROGRAMME\NORTON ANTIVIRUS\QUARANTINE\0A4A3480.DLL
<li>
F:\PROGRAMME\NORTON ANTIVIRUS\QUARANTINE\7C9B248E.DLL
</ul>
<a href="http://cgi.f-secure.com/cgi-bin/websearch/vsearch.cgi?q=Trojan-Downloader.Win32.Agent.ayc&orig='disk'" target="_blank"><nobr>Trojan-Downloader.Win32.Agent.ayc</nobr></a> (virus)
<ul>
<li>
F:\PROGRAMME\NORTON ANTIVIRUS\QUARANTINE\33581AA7.EXE
</ul>
<a href="http://cgi.f-secure.com/cgi-bin/websearch/vsearch.cgi?q=Trojan-Downloader.Win32.Small.buy&orig='disk'" target="_blank"><nobr>Trojan-Downloader.Win32.Small.buy</nobr></a> (virus)
<ul>
<li>
F:\PROGRAMME\NORTON ANTIVIRUS\QUARANTINE\385D4B5D.EXE
<li>
F:\PROGRAMME\NORTON ANTIVIRUS\QUARANTINE\64BB171D.EXE
<li>
F:\PROGRAMME\NORTON ANTIVIRUS\QUARANTINE\64BE4119.EXE
<li>
F:\PROGRAMME\NORTON ANTIVIRUS\QUARANTINE\6B0A0CBD.EXE
</ul>
<a href="http://cgi.f-secure.com/cgi-bin/websearch/vsearch.cgi?q=Trojan-Downloader.Win32.Small.ctf&orig='disk'" target="_blank"><nobr>Trojan-Downloader.Win32.Small.ctf</nobr></a> (virus)
<ul>
<li>
F:\PROGRAMME\NORTON ANTIVIRUS\QUARANTINE\4E352D54.EXE
</ul>
<a href="http://cgi.f-secure.com/cgi-bin/websearch/vsearch.cgi?q=Trojan-Downloader.Win32.Small.cyh&orig='disk'" target="_blank"><nobr>Trojan-Downloader.Win32.Small.cyh</nobr></a> (virus)
<ul>
<li>
F:\PROGRAMME\NORTON ANTIVIRUS\QUARANTINE\09526F22.EXE
<li>
F:\PROGRAMME\NORTON ANTIVIRUS\QUARANTINE\2D417197.EXE
<li>
F:\PROGRAMME\NORTON ANTIVIRUS\QUARANTINE\41ED3CD8.EXE
<li>
F:\PROGRAMME\NORTON ANTIVIRUS\QUARANTINE\4E2F595B.EXE
</ul>
<a href="http://cgi.f-secure.com/cgi-bin/websearch/vsearch.cgi?q=Trojan-PSW.Win32.Sinowal.ae&orig='disk'" target="_blank"><nobr>Trojan-PSW.Win32.Sinowal.ae</nobr></a> (virus)
<ul>
<li>
F:\PROGRAMME\NORTON ANTIVIRUS\QUARANTINE\08F90183.EXE
<li>
F:\PROGRAMME\NORTON ANTIVIRUS\QUARANTINE\09C42CA4.EXE
<li>
F:\PROGRAMME\NORTON ANTIVIRUS\QUARANTINE\0A1C1A43.EXE
<li>
F:\PROGRAMME\NORTON ANTIVIRUS\QUARANTINE\11C72BD3.EXE
<li>
F:\PROGRAMME\NORTON ANTIVIRUS\QUARANTINE\120217DA.EXE
<li>
F:\PROGRAMME\NORTON ANTIVIRUS\QUARANTINE\120641D7.EXE
<li>
F:\PROGRAMME\NORTON ANTIVIRUS\QUARANTINE\1360245A.EXE
<li>
F:\PROGRAMME\NORTON ANTIVIRUS\QUARANTINE\19756760.EXE
<li>
F:\PROGRAMME\NORTON ANTIVIRUS\QUARANTINE\212C20E2.EXE
<li>
F:\PROGRAMME\NORTON ANTIVIRUS\QUARANTINE\2D204DBB.EXE
<li>
F:\PROGRAMME\NORTON ANTIVIRUS\QUARANTINE\34CB5F4B.EXE
<li>
F:\PROGRAMME\NORTON ANTIVIRUS\QUARANTINE\7C6D179B.EXE
</ul>
<a href="http://cgi.f-secure.com/cgi-bin/websearch/vsearch.cgi?q=Trojan-PSW.Win32.Sinowal.az&orig='disk'" target="_blank"><nobr>Trojan-PSW.Win32.Sinowal.az</nobr></a> (virus)
<ul>
<li>
F:\PROGRAMME\NORTON ANTIVIRUS\QUARANTINE\01FD5AA1.DLL
<li>
F:\PROGRAMME\NORTON ANTIVIRUS\QUARANTINE\0A16464A.DLL
<li>
F:\PROGRAMME\NORTON ANTIVIRUS\QUARANTINE\43471F5B.DLL
<li>
F:\PROGRAMME\NORTON ANTIVIRUS\QUARANTINE\4E2C2F5F.EXE
</ul>
<a href="http://cgi.f-secure.com/cgi-bin/websearch/vsearch.cgi?q=Trojan-PSW.Win32.Sinowal.ba&orig='disk'" target="_blank"><nobr>Trojan-PSW.Win32.Sinowal.ba</nobr></a> (virus)
<ul>
<li>
F:\PROGRAMME\NORTON ANTIVIRUS\QUARANTINE\2E14584E.DLL
</ul>
<a href="http://cgi.f-secure.com/cgi-bin/websearch/vsearch.cgi?q=Trojan-Proxy.Win32.Small.bo&orig='disk'" target="_blank"><nobr>Trojan-Proxy.Win32.Small.bo</nobr></a> (virus)
<ul>
<li>
F:\PROGRAMME\NORTON ANTIVIRUS\QUARANTINE\4181534F.HTM
<li>
F:\PROGRAMME\NORTON ANTIVIRUS\QUARANTINE\4DFB3994.EXE
<li>
F:\PROGRAMME\NORTON ANTIVIRUS\QUARANTINE\4E086186.EXE
<li>
F:\PROGRAMME\NORTON ANTIVIRUS\QUARANTINE\6466537A.EXE
</ul>
<a href="http://cgi.f-secure.com/cgi-bin/websearch/vsearch.cgi?q=Trojan-Spy.Win32.Briss.j&orig='disk'" target="_blank"><nobr>Trojan-Spy.Win32.Briss.j</nobr></a> (virus)
<ul>
<li>
C:\PROGRAMME\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\QUARANTINE\0C496390 (Renamed & Submitted)
</ul>
<a href="http://cgi.f-secure.com/cgi-bin/websearch/vsearch.cgi?q=W32/Delf.BHI&orig='disk'" target="_blank"><nobr>W32/Delf.BHI</nobr></a> (virus)
<ul>
<li>
D:\SPEICHERKARTE\KGNSW.EXE (Submitted)
<li>
D:\E-MULE\SYMANTEC.NORTON.SYSTEM.WORKS.2005-BARCODE.[EMULEK.COM.PL]\NORTON_SYSTEM_WORKS_2005\KGNSW.EXE
</ul>
<a href="http://cgi.f-secure.com/cgi-bin/websearch/vsearch.cgi?q=W32/NetDevil.FB&orig='disk'" target="_blank"><nobr>W32/NetDevil.FB</nobr></a> (virus)
<ul>
<li>
D:\E-MULE\EMULATOR PACK (XBOX, PS2, PS ,DC, N64 ,GBA,GB,WS,NGP,SS,SFC,FC,GG,MD, MAME, PC88, PCE)\âGâ~âàâîü[â^ü[û{æ¦\XBOX\XBOX_EMULATOR.0.34.EXE (Submitted)
</ul>
<a href="http://cgi.f-secure.com/cgi-bin/websearch/vsearch.cgi?q=W32/Scorpo&orig='disk'" target="_blank"><nobr>W32/Scorpo</nobr></a> (virus)
<ul>
<li>
D:\E-MULE\EMULATOR PACK (XBOX, PS2, PS ,DC, N64 ,GBA,GB,WS,NGP,SS,SFC,FC,GG,MD, MAME, PC88, PCE)\âGâ~âàâîü[â^ü[û{æ¦\XBOX\SND3D.DLL (Submitted)
<li>
D:\E-MULE\EMULATOR PACK (XBOX, PS2, PS ,DC, N64 ,GBA,GB,WS,NGP,SS,SFC,FC,GG,MD, MAME, PC88, PCE)\âGâ~âàâîü[â^ü[û{æ¦\XBOX\XBOXKRNL32.DLL (Submitted)
</ul>
<a href="http://cgi.f-secure.com/cgi-bin/websearch/vsearch.cgi?q=Windows&orig='disk'" target="_blank"><nobr>Windows</nobr></a> (spyware)
<ul>
<li>
System
</ul>
<a href="http://cgi.f-secure.com/cgi-bin/websearch/vsearch.cgi?q=Zlob.KKR&orig='disk'" target="_blank"><nobr>Zlob.KKR</nobr></a> (virus)
<ul>
<li>
F:\UT 2004NOCD\UT2004_V3186_NOCD-CRACK+KEYGEN_DEVIANCE\UT2004_KEYGEN.EXE
</ul>
<hr noshade>
<h2><font face="Arial" color="#5A6ED2">Statistics</font></h2>
Scanned:<ul>
<li>Files: 38360
<li>System: 4540
<li>Not scanned: 5
</ul>
Actions:<ul>
<li>Disinfected: 0
<li>Renamed: 3
<li>Deleted: 0
<li>None: 827
<li>Submitted: 12
</ul>
Files not scanned:<ul>
<li>C:\PAGEFILE.SYS
<li>C:\HIBERFIL.SYS
<li>C:\PROGRAMME\GEMEINSAME DATEIEN\SYMANTEC SHARED\CCPD-LC\SYMLCRST.DLL
<li>C:\WINDOWS\SYSTEM32\CONFIG\SECURITY
<li>D:\TREIBER\FIRMWARE LG-GSA4040B\740_1072078424SZZRM\GSA4040A302.EXE
Dieser Beitrag wurde am 19.10.2006 um 19:56 Uhr von Beetlejuice editiert.
Seitenanfang Seitenende
20.10.2006, 01:02
Sabina
Ehrenmitglied
Avatar Sabina

Beiträge: 29434
#32 natuerlich alles loeschen lassen ;)
vor allem den Crack...so brauchst du dich nicht ueber einen verseuchten Rechner zu wundern... ;)
__________
MfG Sabina

rund um die PC-Sicherheit
Seitenanfang Seitenende
20.10.2006, 14:09
Beetlejuice
Member

Themenstarter

Beiträge: 22
#33 Habe den ganzen Scann noch mal durchlaufen lassen und danach gecleant.
Hat lange gedauert.
Hier der Report:
----------------------------------------------------------------------------
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">

<html>
<font style="COLOR: black; FONT: 10pt verdana">
<head>
<title>F-Secure Online Scanner 3.0.19 - Scanning Report - Friday, October 20, 2006 14:05:54</title>
</head>

<body>
<h1><font face="Arial">Scanning Report</font></h1>
<h2><font face="Arial">Friday, October 20, 2006 01:11:37 - 08:37:42</font></h2>
<p>
Computer name: FESTRECHNER_MAR
<br>Scanning type: Scan system for viruses, rootkits, spyware
<br>Target: C:\ D:\ E:\ F:\
</p>
<hr noshade>
<h2><font face="Arial" color="#5A6ED2">Result: 825 malware found</font></h2>
<a href="http://cgi.f-secure.com/cgi-bin/websearch/vsearch.cgi?q=Adware.DollarRevenue&orig='disk'" target="_blank"><nobr>Adware.DollarRevenue</nobr></a> (spyware)
<ul>
<li>
System (Disinfected)
</ul>
<a href="http://cgi.f-secure.com/cgi-bin/websearch/vsearch.cgi?q=Hantaner.A&orig='disk'" target="_blank"><nobr>Hantaner.A</nobr></a> (virus)
<ul>
<li>
D:\SPEICHERKARTE\SETUPCLONECD.EXE (Submitted)
<li>
E:\DOWNLOAD SPONTAN\40.72_WIN2KXP.EXE (Submitted)
<li>
E:\DOWNLOAD SPONTAN\CLONYXXLV2006.EXE (Submitted)
<li>
E:\DOWNLOAD SPONTAN\GROKSTERSETUP.EXE (Submitted)
<li>
E:\DOWNLOAD SPONTAN\IMESHV3.EXE (Submitted)
<li>
E:\DOWNLOAD SPONTAN\JUKEBOX_8MB_V320_D.EXE (Submitted)
<li>
E:\DOWNLOAD SPONTAN\MBUINST.EXE (Submitted)
<li>
E:\DOWNLOAD SPONTAN\MMSSETUP.EXE (Submitted)
<li>
E:\DOWNLOAD SPONTAN\MORPH20.EXE (Submitted)
<li>
E:\DOWNLOAD SPONTAN\MSNADDIN.EXE (Disinfected & Submitted)
<li>
E:\DOWNLOAD SPONTAN\SERVER-UPDATER.EXE (Submitted)
<li>
E:\DOWNLOAD SPONTAN\SETUPCLONECD.EXE (Submitted)
<li>
E:\DOWNLOAD SPONTAN\SP_446318_R1_R4A.EXE (Submitted)
<li>
E:\DOWNLOAD SPONTAN\WINMX322.EXE (Submitted)
<li>
E:\DOWNLOAD SPONTAN\WRAR300D.EXE (Submitted)
</ul>
<a href="http://cgi.f-secure.com/cgi-bin/websearch/vsearch.cgi?q=P2P-Worm.Win32.VB.dz&orig='disk'" target="_blank"><nobr>P2P-Worm.Win32.VB.dz</nobr></a> (virus)
<ul>
<li>
F:\PROGRAMME\NORTON ANTIVIRUS\QUARANTINE\005B2BBC.EXE (Renamed & Submitted)
<li>
F:\PROGRAMME\NORTON ANTIVIRUS\QUARANTINE\0081714C.EXE (Renamed & Submitted)
<li>
F:\PROGRAMME\NORTON ANTIVIRUS\QUARANTINE\00AC6D5F.EXE (Renamed & Submitted)
<li>
F:\PROGRAMME\NORTON ANTIVIRUS\QUARANTINE\01020515.EXE (Renamed & Submitted)
<li>
F:\PROGRAMME\NORTON ANTIVIRUS\QUARANTINE\017E1CDA.EXE (Renamed & Submitted)
<li>
F:\PROGRAMME\NORTON ANTIVIRUS\QUARANTINE\01C55B7D.EXE (Renamed & Submitted)
<li>
F:\PROGRAMME\NORTON ANTIVIRUS\QUARANTINE\024F7BE9.EXE (Renamed & Submitted)
<li>
F:\PROGRAMME\NORTON ANTIVIRUS\QUARANTINE\02B30A28.EXE (Renamed & Submitted)
<li>
F:\PROGRAMME\NORTON ANTIVIRUS\QUARANTINE\02B571F0.EXE (Renamed & Submitted)

F:\PROGRAMME\NORTON ANTIVIRUS\QUARANTINE\7EC219C9.EXE (Renamed & Submitted)
<li>
F:\PROGRAMME\NORTON ANTIVIRUS\QUARANTINE\7EFF76D4.EXE (Renamed & Submitted)
<li>
F:\PROGRAMME\NORTON ANTIVIRUS\QUARANTINE\7F6F3711.EXE (Renamed & Submitted)
<li>
F:\PROGRAMME\NORTON ANTIVIRUS\QUARANTINE\7FDF5AA8.EXE (Renamed & Submitted)
</ul>
<a href="http://cgi.f-secure.com/cgi-bin/websearch/vsearch.cgi?q=Softomate Toolbar&orig='disk'" target="_blank"><nobr>Softomate Toolbar</nobr></a> (spyware)
<ul>
<li>
System (Disinfected)
</ul>
<a href="http://cgi.f-secure.com/cgi-bin/websearch/vsearch.cgi?type=Stealth_file&filename=C:\WINDOWS\SYSTEM32\LZX32.SYS&orig='disk'" target="_blank"><nobr>Stealth_file</nobr></a> (hidden item)
<ul>
<li>
C:\WINDOWS\SYSTEM32\LZX32.SYS (Submitted)
</ul>
<a href="http://cgi.f-secure.com/cgi-bin/websearch/vsearch.cgi?q=Tracking Cookie&orig='disk'" target="_blank"><nobr>Tracking Cookie</nobr></a> (spyware)
<ul>
<li>
System (Disinfected)
</ul>
<a href="http://cgi.f-secure.com/cgi-bin/websearch/vsearch.cgi?q=Trojan-Downloader.Win32.Adload.fu&orig='disk'" target="_blank"><nobr>Trojan-Downloader.Win32.Adload.fu</nobr></a> (virus)
<ul>
<li>
F:\PROGRAMME\NORTON ANTIVIRUS\QUARANTINE\70B91229.EXE (Renamed & Submitted)
</ul>
<a href="http://cgi.f-secure.com/cgi-bin/websearch/vsearch.cgi?q=Trojan-Downloader.Win32.Adload.fz&orig='disk'" target="_blank"><nobr>Trojan-Downloader.Win32.Adload.fz</nobr></a> (virus)
<ul>
<li>
F:\PROGRAMME\NORTON ANTIVIRUS\QUARANTINE\70BC3C26.EXE (Renamed & Submitted)
</ul>
<a href="http://cgi.f-secure.com/cgi-bin/websearch/vsearch.cgi?q=Trojan-Downloader.Win32.Agent.aol&orig='disk'" target="_blank"><nobr>Trojan-Downloader.Win32.Agent.aol</nobr></a> (virus)
<ul>
<li>
F:\PROGRAMME\NORTON ANTIVIRUS\QUARANTINE\318D5649.DLL (Renamed)
<li>
F:\PROGRAMME\NORTON ANTIVIRUS\QUARANTINE\34BA0D5D.DLL (Renamed)
<li>
F:\PROGRAMME\NORTON ANTIVIRUS\QUARANTINE\3B4C0422.DLL (Renamed)
<li>
F:\PROGRAMME\NORTON ANTIVIRUS\QUARANTINE\3BDE5583.DLL (Renamed)
<li>
F:\PROGRAMME\NORTON ANTIVIRUS\QUARANTINE\727D1365.DLL (Renamed)
<li>
F:\PROGRAMME\NORTON ANTIVIRUS\QUARANTINE\7C987A91.DLL (Renamed)
</ul>
<a href="http://cgi.f-secure.com/cgi-bin/websearch/vsearch.cgi?q=Trojan-Downloader.Win32.Agent.awb&orig='disk'" target="_blank"><nobr>Trojan-Downloader.Win32.Agent.awb</nobr></a> (virus)
<ul>
<li>
F:\PROGRAMME\NORTON ANTIVIRUS\QUARANTINE\0A4A3480.DLL
Seitenanfang Seitenende
20.10.2006, 14:15
Sabina
Ehrenmitglied
Avatar Sabina

Beiträge: 29434
#34 virustotal
Oben auf der Seite --> auf Durchsuchen klicken --> Datei mit korrektem Pfad einkopieren) --> Doppelklick auf die zu prüfende Datei --> klick auf Submit... jetzt abwarten
http://www.virustotal.com/flash/index_en.html

C:\WINDOWS\SYSTEM32\LZX32.SYS
E:\DOWNLOAD SPONTAN\WINMX322.EXE

poste den report
__________
MfG Sabina

rund um die PC-Sicherheit
Seitenanfang Seitenende
20.10.2006, 17:14
Beetlejuice
Member

Themenstarter

Beiträge: 22
#35 Habe in der Zwischenzeit Norten komplet durchlaufen lassen. Die Datei "LZX.SYS" wurde bei dem Durchlauf wohl entfernt. Habe alle Partitionen nach der File durchsuchen lassen.
Die andere File habe ich mit diesem Ergebniss gescannt.
------------------------------------------------------------------------------
Complete scanning result of "winmx322.exe", received in VirusTotal at 10.20.2006, 16:46:39 (CET).

Antivirus Version Update Result
AntiVir 7.2.0.31 10.20.2006 W32/Hantaner
Authentium 4.93.8 10.20.2006 no virus found
Avast 4.7.892.0 10.20.2006 Win32:Hantaner
AVG 386 10.20.2006 Win32/Hantaner.A
BitDefender 7.2 10.20.2006 Win32.HLLP.Hantaner.E
CAT-QuickHeal 8.00 10.20.2006 no virus found
ClamAV devel-20060426 10.20.2006 W32.Hantaner
DrWeb 4.33 10.20.2006 Win32.HLLP.Hanta.24064
eTrust-InoculateIT 23.73.30 10.20.2006 no virus found
eTrust-Vet 30.3.3146 10.20.2006 no virus found
Ewido 4.0 10.19.2006 no virus found
Fortinet 2.82.0.0 10.20.2006 suspicious
F-Prot 3.16f 10.20.2006 no virus found
F-Prot4 4.2.1.29 10.19.2006 no virus found
Ikarus 0.2.65.0 10.20.2006 no virus found
Kaspersky 4.0.2.24 10.20.2006 no virus found
McAfee 4877 10.19.2006 W32/HLLP.Hantaner.dam
Microsoft 1.1603 10.20.2006 no virus found
NOD32v2 1.1819 10.20.2006 no virus found
Norman 5.90.23 10.20.2006 Hantaner.A
Panda 9.0.0.4 10.19.2006 W32/EnerKaz
Sophos 4.10.0 10.15.2006 no virus found
TheHacker 6.0.1.101 10.19.2006 no virus found
UNA 1.83 10.20.2006 no virus found
VBA32 3.11.1 10.19.2006 no virus found
VirusBuster 4.3.7:9 10.20.2006 no virus found

Aditional Information
File size: 483840 bytes
MD5: f23a739b56c30cc77e1e173c090493c6
SHA1: 6b95bdd36f9688cadc1bc9c0834279fcc5528eb2
Seitenanfang Seitenende
21.10.2006, 00:33
Sabina
Ehrenmitglied
Avatar Sabina

Beiträge: 29434
#36 auf E:\ ausfuehren.
Den folgenden Text in den Editor (Start - Zubehör - Editor) kopieren und als neu.bat mit 'Speichern unter' auf dem Desktop. Gebe bei Dateityp 'Alle Dateien' an. Du solltest jetzt auf dem Desktop diese Datei finden. --> die neu.bat doppelt klicken--> kopiere den Text, der erscheint

Zitat

cd\
dir "E:\DOWNLOAD SPONTAN" >>files.txt
notepad files.txt

__________
MfG Sabina

rund um die PC-Sicherheit
Seitenanfang Seitenende
21.10.2006, 02:02
Beetlejuice
Member

Themenstarter

Beiträge: 22
#37 Wie lange wird das noch dauern bis das alles durch ist? Ziehe in ein paar Tagen um.
Hätte nicht gedacht das es so viel Arbeit ist...Hut ab! Bist echt fleißig!!!!
----------------------------------------------
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D052-1815
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D052-1815

Verzeichnis von C:\WINDOWS

Verzeichnis von E:\DOWNLOAD SPONTAN

03-02-23 23:03 <DIR> .
03-02-23 23:03 <DIR> ..
06-10-20 03:34 14,734,438 40.72_win2kxp.exe
02-10-09 22:50 2,476,942 camspy.zip
06-10-20 03:53 537,966 ClonyXXLv2006.exe
02-09-22 17:50 1,943 clssoafc.zip
02-09-22 17:48 1,562,398 devsfu11.ace
02-09-22 17:52 1,547,378 flt-soaf.ace
06-10-20 03:55 239,216 grokstersetup.exe
06-10-20 03:56 2,611,028 iMeshV3.exe
06-10-20 04:00 7,896,774 jukebox_8MB_v320_d.exe
02-08-16 01:17 628,740 kingkongdonga.mpeg
02-10-06 17:57 100 max_connections.reg
06-10-20 04:11 1,589,384 mbuinst.exe
06-10-20 04:13 814,920 mmssetup.exe
06-10-20 04:15 4,631,616 Morph20.exe
06-10-20 04:21 59,992 msnaddin.exe
03-01-13 22:51 23,040 nCASEAdsUninstaller.exe
03-01-06 13:23 184,775 Pop-Up_Stopper_Pro_v1[1].8_by_Core.zip
02-11-04 04:35 72,108 rzr-ut23p.rar
06-10-20 04:21 699,278 Server-Updater.exe
06-10-20 04:23 2,246,210 SetupCloneCD.exe
06-10-20 04:26 6,694,380 sp_446318_r1_r4a.exe
02-11-04 06:10 69,932 Unreal_Tournament_2003_No_CDcrackSmokeToad.zip
02-11-04 04:10 74,739 Unreal_Tournament_v4[1].00_No-CD.zip
02-11-04 04:32 35,003 ut2003karmafix.rar
03-01-13 23:05 260,138 Wer_wird_Million„r.zip
03-01-13 22:43 133,289 Wer_wird_Million„r_1[1].2.6.zip
02-08-15 18:10 512 WinACE_Archiver_2[1].11_Serial.zip
06-10-20 04:35 483,840 winmx322.exe
02-08-15 20:54 60 worldcup.ram
06-10-20 04:37 704,455 wrar300d.exe
02-08-18 23:37 559,108 zulusexa.mpeg
02-08-18 23:37 595,972 zulusexb.mpeg
02-08-18 23:38 559,108 zulusexc.mpeg
02-08-18 23:38 626,692 zulusexd.mpeg
02-08-18 23:39 561,156 zulusexf.mpeg
03-02-23 23:04 <DIR> Wer_wird_Million„r_1[1].2.6
03-02-23 23:04 <DIR> Wer_wird_Million„r
03-02-23 23:04 <DIR> viren stop
03-02-23 23:04 <DIR> ut2003karmafix
03-02-23 23:04 <DIR> Unreal_Tournament_v4[1].00_No-CD
03-02-23 23:04 <DIR> Unreal_Tournament_2003_No_CDcrackSmokeToad
03-02-23 23:04 <DIR> Treiber
03-02-23 23:04 <DIR> ServerUpdater
03-02-23 23:04 <DIR> rzr-ut23p
03-02-23 23:04 <DIR> Pop-Up_Stopper_Pro_v1[1].8_by_Core
03-02-23 23:04 <DIR> camspy
03-02-23 23:04 <DIR> Army
03-07-08 16:50 <DIR> Win rar
03-08-03 18:07 <DIR> Neuer Ordner
03-03-11 17:39 541 file_id.diz
02-04-05 14:50 3,669 license.txt
02-09-23 15:29 3,350 order.frm
02-07-17 13:40 1,781 order.txt
03-03-11 17:39 3,091 readme.txt
03-03-11 17:44 928,960 setup.exe
03-03-11 17:11 1,914 whatsnew.txt
03-09-30 00:53 2,521,915 isobuster_14_all_lang.zip
03-09-30 00:53 <DIR> isobuster_14_all_lang
03-10-04 12:49 1,356,340 VIA_Hyperion 4IN1_V449vp2.zip
03-10-20 13:43 1,297,168 tdsl-speedmanager-windows-setup.exe
03-10-25 05:59 <DIR> Trillian Masenger
03-11-11 11:37 <DIR> WebSpeech
04-11-07 19:14 <DIR> WinACE_Archiver_2[1].11_Serial
03-05-19 19:10 2,925,764 1024_768_1.exe
46 Datei(en) 62,961,123 Bytes
20 Verzeichnis(se), 1,307,590,656 Bytes frei
Seitenanfang Seitenende
21.10.2006, 02:07
Sabina
Ehrenmitglied
Avatar Sabina

Beiträge: 29434
#38 1.
E:\DOWNLOAD SPONTAN\winmx322.exe -> loeschen

2.
mit virustotal ueberpruefen:

E:\DOWNLOAD SPONTAN\sp_446318_r1_r4a.exe
E:\DOWNLOAD SPONTAN\wrar300d.exe
E:\DOWNLOAD SPONTAN\msnaddin.exe
E:\DOWNLOAD SPONTAN\mbuinst.exe
E:\DOWNLOAD SPONTAN\mmssetup.exe
__________
MfG Sabina

rund um die PC-Sicherheit
Seitenanfang Seitenende
21.10.2006, 03:04
Beetlejuice
Member

Themenstarter

Beiträge: 22
#39 1.)

Complete scanning result of "sp_446318_r1_r4a.exe", received in VirusTotal at 10.21.2006, 02:40:43 (CET).

Antivirus Version Update Result
AntiVir 7.2.0.32 10.20.2006 W32/Hantaner
Authentium 4.93.8 10.21.2006 no virus found
Avast 4.7.892.0 10.20.2006 Win32:Hantaner
AVG 386 10.20.2006 Win32/Hantaner.A
BitDefender 7.2 10.21.2006 Win32.HLLP.Hantaner.E
CAT-QuickHeal 8.00 10.20.2006 no virus found
ClamAV devel-20060426 10.20.2006 W32.Hantaner
DrWeb 4.33 10.20.2006 Win32.HLLP.Hanta.24064
eTrust-InoculateIT 23.73.31 10.20.2006 no virus found
eTrust-Vet 30.3.3146 10.20.2006 no virus found
Ewido 4.0 10.20.2006 no virus found
Fortinet 2.82.0.0 10.20.2006 suspicious
F-Prot 3.16f 10.21.2006 no virus found
F-Prot4 4.2.1.29 10.19.2006 no virus found
Ikarus 0.2.65.0 10.20.2006 no virus found
Kaspersky 4.0.2.24 10.21.2006 no virus found
McAfee 4878 10.20.2006 W32/HLLP.Hantaner.dam
Microsoft 1.1603 10.21.2006 no virus found
NOD32v2 1.1820 10.20.2006 no virus found
Norman 5.90.23 10.20.2006 Hantaner.A
Panda 9.0.0.4 10.20.2006 W32/EnerKaz
Sophos 4.10.0 10.15.2006 no virus found
TheHacker 6.0.1.102 10.20.2006 no virus found
UNA 1.83 10.20.2006 no virus found
VBA32 3.11.1 10.20.2006 no virus found
VirusBuster 4.3.7:9 10.20.2006 no virus found

Aditional Information
File size: 6694380 bytes
MD5: 762bb18e67596e34f5c0f4eebe7ea98f
SHA1: 98e437eab3c8037f0cc2abed3e5d2cbb0e4cf09c
-----------------------------------------------------------------------
2.)
Complete scanning result of "wrar300d.exe", received in VirusTotal at 10.21.2006, 03:05:53 (CET).

Antivirus Version Update Result
AntiVir 7.2.0.32 10.20.2006 W32/Hantaner
Authentium 4.93.8 10.21.2006 no virus found
Avast 4.7.892.0 10.20.2006 Win32:Hantaner-B
AVG 386 10.20.2006 Win32/Hantaner.A
BitDefender 7.2 10.21.2006 Win32.HLLP.Hantaner.E
CAT-QuickHeal 8.00 10.20.2006 no virus found
ClamAV devel-20060426 10.20.2006 W32.Hantaner
eTrust-InoculateIT 23.73.32 10.21.2006 no virus found
eTrust-Vet 30.3.3146 10.20.2006 no virus found
DrWeb 4.33 10.20.2006 Win32.HLLP.Hanta.24064
Ewido 4.0 10.20.2006 no virus found
Fortinet 2.82.0.0 10.20.2006 suspicious
F-Prot 3.16f 10.21.2006 no virus found
F-Prot4 4.2.1.29 10.21.2006 no virus found
Ikarus 0.2.65.0 10.20.2006 no virus found
Kaspersky 4.0.2.24 10.21.2006 no virus found
McAfee 4878 10.20.2006 W32/HLLP.Hantaner.dam
Microsoft 1.1603 10.21.2006 no virus found
NOD32v2 1.1820 10.20.2006 no virus found
Norman 5.80.02 10.20.2006 Hantaner.A
Panda 9.0.0.4 10.20.2006 W32/EnerKaz
Sophos 4.10.0 10.15.2006 no virus found
TheHacker 6.0.1.102 10.20.2006 no virus found
UNA 1.83 10.20.2006 no virus found
VBA32 3.11.1 10.20.2006 no virus found
VirusBuster 4.3.7:9 10.20.2006 no virus found

Aditional Information
File size: 704455 bytes
MD5: e7ad07d9720a93aa478897a96701cda2
SHA1: 77aeb74b9fd42946ef94f7455c746a38efe31efd
-----------------------------------------------------------------
so hat geklappt.... nach dem 6sten Anlauf.
Seitenanfang Seitenende
21.10.2006, 09:07
Sabina
Ehrenmitglied
Avatar Sabina

Beiträge: 29434
#40 1.
loeschen:- alles vom 06-10-20

E:\DOWNLOAD SPONTAN\sp_446318_r1_r4a.exe
E:\DOWNLOAD SPONTAN\wrar300d.exe
E:\DOWNLOAD SPONTAN\msnaddin.exe
E:\DOWNLOAD SPONTAN\mbuinst.exe
E:\DOWNLOAD SPONTAN\mmssetup.exe
E:\DOWNLOAD SPONTAN\Morph20.exe
E:\DOWNLOAD SPONTAN\Server-Updater.exe

2.
scanne (auch E:\ mitscannen lassen) und poste den report
http://virus-protect.org/cureit.html
__________
MfG Sabina

rund um die PC-Sicherheit
Seitenanfang Seitenende
21.10.2006, 13:42
Beetlejuice
Member

Themenstarter

Beiträge: 22
#41 Hier der Scannreport von Dr. Web:

=============================================================================
Dr.Web(R) Scanner for Windows v4.33.2 (4.33.2.10060)
Copyright (c) Igor Daniloff, 1992-2006
Log generated on: 2006-10-21, 09:58:22 [Mario]
Command-line: "C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\cureit.exe" /lng /ini:cureit_XP.ini
Operating system:Windows XP Professional x86 (Build 2600), Service Pack 2
=============================================================================
Engine version: 4.33 (4.33.4.07270)
Engine API version: 2.01
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\crwtoday.cdb - 919 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\crw43357.cdb - 1302 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\crw43356.cdb - 1332 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\crw43355.cdb - 2456 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\crw43354.cdb - 1283 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\crw43353.cdb - 795 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\crw43352.cdb - 2016 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\crw43351.cdb - 941 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\crw43350.cdb - 1020 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\crw43349.cdb - 1008 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\crw43348.cdb - 1096 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\crw43347.cdb - 707 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\crw43346.cdb - 1429 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\crw43345.cdb - 1358 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\crw43344.cdb - 694 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\crw43343.cdb - 1186 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\crw43342.cdb - 744 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\crw43341.cdb - 841 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\crw43340.cdb - 822 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\crw43339.cdb - 1071 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\crw43338.cdb - 989 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\crw43337.cdb - 855 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\crw43336.cdb - 1297 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\crw43335.cdb - 1195 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\crw43334.cdb - 900 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\crw43333.cdb - 1381 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\crw43332.cdb - 1340 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\crw43331.cdb - 2735 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\crw43330.cdb - 2078 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\crw43329.cdb - 2490 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\crw43328.cdb - 743 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\crw43327.cdb - 958 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\crw43326.cdb - 793 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\crw43325.cdb - 713 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\crw43324.cdb - 655 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\crw43323.cdb - 655 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\crw43322.cdb - 778 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\crw43321.cdb - 846 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\crw43320.cdb - 808 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\crw43319.cdb - 764 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\crw43318.cdb - 838 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\crw43317.cdb - 363 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\crw43316.cdb - 730 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\crw43315.cdb - 627 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\crw43314.cdb - 824 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\crw43313.cdb - 842 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\crw43312.cdb - 830 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\crw43311.cdb - 862 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\crw43310.cdb - 853 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\crw43309.cdb - 733 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\crw43308.cdb - 708 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\crw43307.cdb - 839 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\crw43306.cdb - 930 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\crw43305.cdb - 759 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\crw43304.cdb - 721 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\crw43303.cdb - 638 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\crw43302.cdb - 806 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\crw43301.cdb - 504 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\crw43300.cdb - 24 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\crwebase.cdb - 78674 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\cwrtoday.cdb - 294 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\cwr43301.cdb - 697 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\crwrisky.cdb - 1271 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\cwntoday.cdb - 73 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\cwn43305.cdb - 752 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\cwn43304.cdb - 793 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\cwn43303.cdb - 766 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\cwn43302.cdb - 850 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\cwn43301.cdb - 773 virus records
[Virus base] C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\crwnasty.cdb - 4867 virus records
Total virus records: 149234
Key file: C:\DOKUME~1\Mario\LOKALE~1\Temp\RarSFX0\cureit.key
License key number: 0000000010
Registered to: Dr.Web CureIt Project
License key activates: 2005-03-05
License key expires: 2007-03-05

-----------------------------------------------------------------------------
Scan statistics
-----------------------------------------------------------------------------
Objects scanned: 0
Infected objects found: 0
Objects with modifications found: 0
Suspicious objects found: 0
Adware programs found: 0
Dialer programs found: 0
Joke programs found: 0
Riskware programs found: 0
Hacktool programs found: 0
Objects cured: 0
Objects deleted: 0
Objects renamed: 0
Objects moved: 0
Objects ignored: 0
Scan speed: 0 Kb/s
Scan time: 00:00:00
-----------------------------------------------------------------------------

[Scan path] c:\dokumente und einstellungen\all users\startmenü\programme\autostart\desktop.ini
[Scan path] c:\dokumente und einstellungen\mario\desktop\drweb-cureit.exe
[Scan path] c:\dokumente und einstellungen\mario\lokale einstellungen\temp\rarsfx0\_start.exe
[Scan path] c:\dokumente und einstellungen\mario\lokale einstellungen\temp\rarsfx0\cureit.exe
[Scan path] c:\dokumente und einstellungen\mario\startmenü\programme\autostart\desktop.ini
[Scan path] c:\programme\adobe\acrobat 7.0\activex\pdfshell.dll
[Scan path] c:\programme\adobe\acrobat 7.0\reader\reader_sl.exe
[Scan path] c:\programme\ahead\nero backitup\nbj.exe
[Scan path] c:\programme\cyberlink\powerdvd\language\language.exe
[Scan path] c:\programme\cyberlink\powerdvd\pdvdserv.exe
[Scan path] c:\programme\cyberlink\shared files\richvideo.exe
[Scan path] c:\programme\elaborate bytes\clonecd\elbycheck.exe
[Scan path] c:\programme\gemeinsame dateien\installshield\driver\11\intel 32\idrivert.exe
[Scan path] c:\programme\gemeinsame dateien\microsoft shared\information retrieval\msitss.dll
[Scan path] c:\programme\gemeinsame dateien\microsoft shared\web components\10\owc10.dll
[Scan path] c:\programme\gemeinsame dateien\microsoft shared\web folders\msonsext.dll
[Scan path] c:\programme\gemeinsame dateien\microsoft shared\web folders\pkmcdo.dll
[Scan path] c:\programme\gemeinsame dateien\real\update_ob\realsched.exe
[Scan path] c:\programme\gemeinsame dateien\symantec shared\ccapp.exe
[Scan path] c:\programme\gemeinsame dateien\symantec shared\ccevtmgr.exe
[Scan path] c:\programme\gemeinsame dateien\symantec shared\ccpd-lc\symlcsvc.exe
[Scan path] c:\programme\gemeinsame dateien\symantec shared\ccpwdsvc.exe
[Scan path] c:\programme\gemeinsame dateien\symantec shared\ccsetmgr.exe
[Scan path] c:\programme\gemeinsame dateien\symantec shared\script blocking\sbserv.exe
[Scan path] c:\programme\gemeinsame dateien\symantec shared\security center\symwsc.exe
[Scan path] c:\programme\gemeinsame dateien\symantec shared\sndsrvc.exe
[Scan path] c:\programme\gemeinsame dateien\symantec shared\spbbc\spbbcdrv.sys
[Scan path] c:\programme\gemeinsame dateien\symantec shared\spbbc\spbbcsvc.exe
[Scan path] c:\programme\gemeinsame dateien\symantec shared\symcdata\ids-diskless\20060922.092\symidsco.sys
[Scan path] c:\programme\gemeinsame dateien\symantec shared\virusdefs\20061019.066\naveng.sys
[Scan path] c:\programme\gemeinsame dateien\symantec shared\virusdefs\20061019.066\navex15.sys
[Scan path] c:\programme\gemeinsame dateien\system\ole db\oledb32.dll
[Scan path] c:\programme\grisoft\avg anti-spyware 7.5\avgas.exe
[Scan path] c:\programme\grisoft\avg anti-spyware 7.5\guard.exe
[Scan path] c:\programme\grisoft\avg anti-spyware 7.5\guard.sys
[Scan path] c:\programme\grisoft\avg anti-spyware 7.5\shellexecutehook.dll
[Scan path] c:\programme\hp\digital imaging\bin\hpqtra08.exe
[Scan path] c:\programme\hp\hp software update\hpwuschd.exe
[Scan path] c:\programme\hp\hpcoretech\comp\hpuiprot.dll
[Scan path] c:\programme\hp\hpcoretech\hpcmpmgr.exe
[Scan path] c:\programme\icqlite\icqlite.exe
[Scan path] c:\programme\icqlite\icqliteshell.dll
[Scan path] c:\programme\logitech\itouch\itouch.exe
[Scan path] c:\programme\logitech\mouseware\system\em_exec.exe
[Scan path] c:\programme\microsoft activesync\aatp.dll
[Scan path] c:\programme\microsoft activesync\wcescomm.exe
[Scan path] c:\programme\microsoft office\office10\msohev.dll
[Scan path] c:\programme\mozilla firefox\firefox.exe
[Scan path] c:\programme\outlook express\setup50.exe
[Scan path] c:\programme\outlook express\wabfind.dll
[Scan path] c:\programme\pci audio applications\bin\echoctrl.exe
[Scan path] c:\programme\quicktime\qttask.exe
[Scan path] c:\programme\real\realplayer\rpshell.dll
[Scan path] c:\programme\slysoft\anydvd\anydvd.exe
[Scan path] c:\programme\symantec\liveupdate\alunotify.exe
[Scan path] c:\programme\symantec\liveupdate\aluschedulersvc.exe
[Scan path] c:\programme\symantec\liveupdate\lucomserver_3_0.exe
[Scan path] c:\programme\symantec\symevent.sys
[Scan path] c:\programme\symnetdrv\sndmon.exe
[Scan path] c:\programme\winrar\rarext.dll
[Scan path] c:\windows\ehome\ehmsas.exe
[Scan path] c:\windows\ehome\ehrecvr.exe
[Scan path] c:\windows\ehome\ehsched.exe
[Scan path] c:\windows\ehome\ehtray.exe
[Scan path] c:\windows\explorer.exe
[Scan path] c:\windows\inf\unregmp2.exe
[Scan path] c:\windows\microsoft.net\framework\v1.1.4322\aspnet_state.exe
[Scan path] c:\windows\mixer.exe
[Scan path] c:\windows\msagent\agentpsh.dll
[Scan path] c:\windows\nclaunch.exe
[Scan path] c:\windows\system32\advapi32.dll
[Scan path] c:\windows\system32\advpack.dll
[Scan path] c:\windows\system32\alg.exe
[Scan path] c:\windows\system32\appwiz.cpl
[Scan path] c:\windows\system32\audiodev.dll
[Scan path] c:\windows\system32\autochk.exe
[Scan path] c:\windows\system32\browseui.dll
[Scan path] c:\windows\system32\cabview.dll
[Scan path] c:\windows\system32\cdfview.dll
[Scan path] c:\windows\system32\cisvc.exe
[Scan path] c:\windows\system32\clipsrv.exe
[Scan path] c:\windows\system32\cnbjmon.dll
[Scan path] c:\windows\system32\comdlg32.dll
[Scan path] c:\windows\system32\crypt32.dll
[Scan path] c:\windows\system32\cryptext.dll
[Scan path] c:\windows\system32\cryptnet.dll
[Scan path] c:\windows\system32\cscdll.dll
[Scan path] c:\windows\system32\cscui.dll
[Scan path] c:\windows\system32\csrss.exe
[Scan path] c:\windows\system32\ctfmon.exe
[Scan path] c:\windows\system32\deskadp.dll
[Scan path] c:\windows\system32\deskmon.dll
[Scan path] c:\windows\system32\deskperf.dll
[Scan path] c:\windows\system32\dfsshlex.dll
[Scan path] c:\windows\system32\diskcopy.dll
[Scan path] c:\windows\system32\dllhost.exe
[Scan path] c:\windows\system32\dmadmin.exe
[Scan path] c:\windows\system32\docprop.dll
[Scan path] c:\windows\system32\docprop2.dll
[Scan path] c:\windows\system32\drivers\acpi.sys
[Scan path] c:\windows\system32\drivers\aec.sys
[Scan path] c:\windows\system32\drivers\afd.sys
[Scan path] c:\windows\system32\drivers\anydvd.sys
[Scan path] c:\windows\system32\drivers\asyncmac.sys
[Scan path] c:\windows\system32\drivers\atapi.sys
[Scan path] c:\windows\system32\drivers\atmarpc.sys
[Scan path] c:\windows\system32\drivers\audstub.sys
[Scan path] c:\windows\system32\drivers\avgascln.sys
[Scan path] c:\windows\system32\drivers\camdrv21.sys
[Scan path] c:\windows\system32\drivers\ccdecode.sys
[Scan path] c:\windows\system32\drivers\cdrom.sys
[Scan path] c:\windows\system32\drivers\cmaudio.sys
[Scan path] c:\windows\system32\drivers\disk.sys
[Scan path] c:\windows\system32\drivers\dmboot.sys
[Scan path] c:\windows\system32\drivers\dmio.sys
[Scan path] c:\windows\system32\drivers\dmload.sys
[Scan path] c:\windows\system32\drivers\dmusic.sys
[Scan path] c:\windows\system32\drivers\drmkaud.sys
[Scan path] c:\windows\system32\drivers\elbycdfl.sys
[Scan path] c:\windows\system32\drivers\elbycdio.sys
[Scan path] c:\windows\system32\drivers\elbydelay.sys
[Scan path] c:\windows\system32\drivers\fdc.sys
[Scan path] c:\windows\system32\drivers\flpydisk.sys
[Scan path] c:\windows\system32\drivers\fltmgr.sys
[Scan path] c:\windows\system32\drivers\ftdisk.sys
[Scan path] c:\windows\system32\drivers\gameenum.sys
[Scan path] c:\windows\system32\drivers\hidusb.sys
[Scan path] c:\windows\system32\drivers\hpzid412.sys
[Scan path] c:\windows\system32\drivers\hpzipr12.sys
[Scan path] c:\windows\system32\drivers\hpzius12.sys
[Scan path] c:\windows\system32\drivers\http.sys
[Scan path] c:\windows\system32\drivers\i8042prt.sys
[Scan path] c:\windows\system32\drivers\imapi.sys
[Scan path] c:\windows\system32\drivers\ip6fw.sys
[Scan path] c:\windows\system32\drivers\ipfltdrv.sys
[Scan path] c:\windows\system32\drivers\ipinip.sys
[Scan path] c:\windows\system32\drivers\ipnat.sys
[Scan path] c:\windows\system32\drivers\ipsec.sys
[Scan path] c:\windows\system32\drivers\irenum.sys
[Scan path] c:\windows\system32\drivers\isapnp.sys
[Scan path] c:\windows\system32\drivers\itchfltr.sys
[Scan path] c:\windows\system32\drivers\kbdclass.sys
[Scan path] c:\windows\system32\drivers\kmixer.sys
[Scan path] c:\windows\system32\drivers\l8042pr2.sys
[Scan path] c:\windows\system32\drivers\lkbdflt2.sys
[Scan path] c:\windows\system32\drivers\lmouflt2.sys
[Scan path] c:\windows\system32\drivers\mhndrv.sys
[Scan path] c:\windows\system32\drivers\mouclass.sys
[Scan path] c:\windows\system32\drivers\mrxdav.sys
[Scan path] c:\windows\system32\drivers\mrxsmb.sys
[Scan path] c:\windows\system32\drivers\msgpc.sys
[Scan path] c:\windows\system32\drivers\mskssrv.sys
[Scan path] c:\windows\system32\drivers\mspclock.sys
[Scan path] c:\windows\system32\drivers\mspqm.sys
[Scan path] c:\windows\system32\drivers\mssmbios.sys
[Scan path] c:\windows\system32\drivers\mstee.sys
[Scan path] c:\windows\system32\drivers\nabtsfec.sys
[Scan path] c:\windows\system32\drivers\ndisip.sys
[Scan path] c:\windows\system32\drivers\ndistapi.sys
[Scan path] c:\windows\system32\drivers\ndisuio.sys
[Scan path] c:\windows\system32\drivers\ndiswan.sys
[Scan path] c:\windows\system32\drivers\netbios.sys
[Scan path] c:\windows\system32\drivers\netbt.sys
[Scan path] c:\windows\system32\drivers\npdriver.sys
[Scan path] c:\windows\system32\drivers\nv4_mini.sys
[Scan path] c:\windows\system32\drivers\nwlnkflt.sys
[Scan path] c:\windows\system32\drivers\nwlnkfwd.sys
[Scan path] c:\windows\system32\drivers\parport.sys
[Scan path] c:\windows\system32\drivers\pci.sys
[Scan path] c:\windows\system32\drivers\pfc.sys
[Scan path] c:\windows\system32\drivers\processr.sys
[Scan path] c:\windows\system32\drivers\psched.sys
[Scan path] c:\windows\system32\drivers\ptilink.sys
[Scan path] c:\windows\system32\drivers\pxhelp20.sys
[Scan path] c:\windows\system32\drivers\rasacd.sys
[Scan path] c:\windows\system32\drivers\rasl2tp.sys
[Scan path] c:\windows\system32\drivers\raspppoe.sys
[Scan path] c:\windows\system32\drivers\raspptp.sys
[Scan path] c:\windows\system32\drivers\raspti.sys
[Scan path] c:\windows\system32\drivers\rdbss.sys
[Scan path] c:\windows\system32\drivers\rdpcdd.sys
[Scan path] c:\windows\system32\drivers\rdpdr.sys
[Scan path] c:\windows\system32\drivers\redbook.sys
[Scan path] c:\windows\system32\drivers\rtl8139.sys
[Scan path] c:\windows\system32\drivers\sddriver.sys
[Scan path] c:\windows\system32\drivers\secdrv.sys
[Scan path] c:\windows\system32\drivers\serenum.sys
[Scan path] c:\windows\system32\drivers\serial.sys
[Scan path] c:\windows\system32\drivers\slip.sys
[Scan path] c:\windows\system32\drivers\splitter.sys
[Scan path] c:\windows\system32\drivers\sr.sys
[Scan path] c:\windows\system32\drivers\srv.sys
[Scan path] c:\windows\system32\drivers\streamip.sys
[Scan path] c:\windows\system32\drivers\swenum.sys
[Scan path] c:\windows\system32\drivers\swmidi.sys
[Scan path] c:\windows\system32\drivers\symdns.sys
[Scan path] c:\windows\system32\drivers\symfw.sys
[Scan path] c:\windows\system32\drivers\symids.sys
[Scan path] c:\windows\system32\drivers\symlcbrd.sys
[Scan path] c:\windows\system32\drivers\symndis.sys
[Scan path] c:\windows\system32\drivers\symredrv.sys
[Scan path] c:\windows\system32\drivers\symtdi.sys
[Scan path] c:\windows\system32\drivers\sysaudio.sys
[Scan path] c:\windows\system32\drivers\tcpip.sys
[Scan path] c:\windows\system32\drivers\termdd.sys
[Scan path] c:\windows\system32\drivers\update.sys
[Scan path] c:\windows\system32\drivers\usbaudio.sys
[Scan path] c:\windows\system32\drivers\usbccgp.sys
[Scan path] c:\windows\system32\drivers\usbhub.sys
[Scan path] c:\windows\system32\drivers\usbprint.sys
[Scan path] c:\windows\system32\drivers\usbscan.sys
[Scan path] c:\windows\system32\drivers\usbser.sys
[Scan path] c:\windows\system32\drivers\usbstor.sys
[Scan path] c:\windows\system32\drivers\usbuhci.sys
[Scan path] c:\windows\system32\drivers\vga.sys
[Scan path] c:\windows\system32\drivers\viaagp.sys
[Scan path] c:\windows\system32\drivers\viaidexp.sys
[Scan path] c:\windows\system32\drivers\viapfd.sys
[Scan path] c:\windows\system32\drivers\wanarp.sys
[Scan path] c:\windows\system32\drivers\wceusbsh.sys
[Scan path] c:\windows\system32\drivers\wdmaud.sys
[Scan path] c:\windows\system32\drivers\ws2ifsl.sys
[Scan path] c:\windows\system32\drivers\wstcodec.sys
[Scan path] c:\windows\system32\drivers\xbcd.sys
[Scan path] c:\windows\system32\dskquoui.dll
[Scan path] c:\windows\system32\dsquery.dll
[Scan path] c:\windows\system32\dssec.dll
[Scan path] c:\windows\system32\dsuiext.dll
[Scan path] c:\windows\system32\dumprep.exe
[Scan path] c:\windows\system32\extmgr.dll
[Scan path] c:\windows\system32\fontext.dll
[Scan path] c:\windows\system32\gdi32.dll
[Scan path] c:\windows\system32\gecko.scr
[Scan path] c:\windows\system32\giveio.sys
[Scan path] c:\windows\system32\hpzipm12.exe
[Scan path] c:\windows\system32\hpzsnt09.dll
[Scan path] c:\windows\system32\hticons.dll
[Scan path] c:\windows\system32\icmui.dll
[Scan path] c:\windows\system32\ie4uinit.exe
[Scan path] c:\windows\system32\iedkcs32.dll
[Scan path] c:\windows\system32\imagehlp.dll
[Scan path] c:\windows\system32\imapi.exe
[Scan path] c:\windows\system32\inetcomm.dll
[Scan path] c:\windows\system32\itss.dll
[Scan path] c:\windows\system32\kerberos.dll
[Scan path] c:\windows\system32\kernel32.dll
[Scan path] c:\windows\system32\localspl.dll
[Scan path] c:\windows\system32\locator.exe
[Scan path] c:\windows\system32\logonui.exe
[Scan path] c:\windows\system32\lsass.exe
[Scan path] c:\windows\system32\lz32.dll
[Scan path] c:\windows\system32\mmcshext.dll
[Scan path] c:\windows\system32\mmsys.cpl
[Scan path] c:\windows\system32\mnmsrvc.exe
[Scan path] c:\windows\system32\mscoree.dll
[Scan path] c:\windows\system32\mscories.dll
[Scan path] c:\windows\system32\msdtc.exe
[Scan path] c:\windows\system32\mshtml.dll
[Scan path] c:\windows\system32\msieftp.dll
[Scan path] c:\windows\system32\msiexec.exe
[Scan path] c:\windows\system32\mstask.dll
[Scan path] c:\windows\system32\msv1_0.dll
[Scan path] c:\windows\system32\msvidctl.dll
[Scan path] c:\windows\system32\mswsock.dll
[Scan path] c:\windows\system32\mydocs.dll
[Scan path] c:\windows\system32\nerocheck.exe
[Scan path] c:\windows\system32\netdde.exe
[Scan path] c:\windows\system32\netplwiz.dll
[Scan path] c:\windows\system32\netshell.dll
[Scan path] c:\windows\system32\ntlanui2.dll
[Scan path] c:\windows\system32\ntsd.exe
[Scan path] c:\windows\system32\ntshrui.dll
[Scan path] c:\windows\system32\nvcpl.dll
[Scan path] c:\windows\system32\nvmctray.dll
[Scan path] c:\windows\system32\nvshell.dll
[Scan path] c:\windows\system32\nvsvc32.exe
[Scan path] c:\windows\system32\nwiz.exe
[Scan path] c:\windows\system32\occache.dll
[Scan path] c:\windows\system32\ole32.dll
[Scan path] c:\windows\system32\oleaut32.dll
[Scan path] c:\windows\system32\olecli32.dll
[Scan path] c:\windows\system32\olecnv32.dll
[Scan path] c:\windows\system32\olesvr32.dll
[Scan path] c:\windows\system32\olethk32.dll
[Scan path] c:\windows\system32\photowiz.dll
[Scan path] c:\windows\system32\pjlmon.dll
[Scan path] c:\windows\system32\printui.dll
[Scan path] c:\windows\system32\regsvr32.exe
[Scan path] c:\windows\system32\remotepg.dll
[Scan path] c:\windows\system32\rpcrt4.dll
[Scan path] c:\windows\system32\rpcss.dll
[Scan path] c:\windows\system32\rshx32.dll
[Scan path] c:\windows\system32\rsvp.exe
[Scan path] c:\windows\system32\rsvpsp.dll
[Scan path] c:\windows\system32\rundll32.exe
[Scan path] c:\windows\system32\scardsvr.exe
[Scan path] c:\windows\system32\scecli.dll
[Scan path] c:\windows\system32\schannel.dll
[Scan path] c:\windows\system32\sclgntfy.dll
[Scan path] c:\windows\system32\sendmail.dll
[Scan path] c:\windows\system32\services.exe
[Scan path] c:\windows\system32\sessmgr.exe
[Scan path] c:\windows\system32\shdocvw.dll
[Scan path] c:\windows\system32\shell32.dll
[Scan path] c:\windows\system32\shimgvw.dll
[Scan path] c:\windows\system32\shmedia.dll
[Scan path] c:\windows\system32\shmgrate.exe
[Scan path] c:\windows\system32\shscrap.dll
[Scan path] c:\windows\system32\slayerxp.dll
[Scan path] c:\windows\system32\smlogsvc.exe
[Scan path] c:\windows\system32\smss.exe
[Scan path] c:\windows\system32\spoolsv.exe
[Scan path] c:\windows\system32\stobject.dll
[Scan path] c:\windows\system32\svchost.exe
[Scan path] c:\windows\system32\syncui.dll
[Scan path] c:\windows\system32\tcpmon.dll
[Scan path] c:\windows\system32\themeui.dll
[Scan path] c:\windows\system32\tlntsvr.exe
[Scan path] c:\windows\system32\twext.dll
[Scan path] c:\windows\system32\ups.exe
[Scan path] c:\windows\system32\url.dll
[Scan path] c:\windows\system32\urlmon.dll
[Scan path] c:\windows\system32\usbmon.dll
[Scan path] c:\windows\system32\user32.dll
[Scan path] c:\windows\system32\version.dll
[Scan path] c:\windows\system32\vssvc.exe
[Scan path] c:\windows\system32\wbem\wmiapsrv.exe
[Scan path] c:\windows\system32\wdfmgr.exe
[Scan path] c:\windows\system32\wdigest.dll
[Scan path] c:\windows\system32\webcheck.dll
[Scan path] c:\windows\system32\wiascr.dll
[Scan path] c:\windows\system32\wiashext.dll
[Scan path] c:\windows\system32\wininet.dll
[Scan path] c:\windows\system32\winlogon.exe
[Scan path] c:\windows\system32\wldap32.dll
[Scan path] c:\windows\system32\wlnotify.dll
[Scan path] c:\windows\system32\wmpshell.dll
[Scan path] c:\windows\system32\wshext.dll
[Scan path] c:\windows\system32\wuaucpl.cpl
[Scan path] c:\windows\system32\zipfldr.dll
[Scan path] f:\programme\norton antivirus\iwp\npfmntor.exe
[Scan path] f:\programme\norton antivirus\navapsvc.exe
[Scan path] f:\programme\norton antivirus\navshext.dll
[Scan path] f:\programme\norton antivirus\savrt.sys
[Scan path] f:\programme\norton antivirus\savrtpel.sys
[Scan path] f:\programme\norton antivirus\savscan.exe
[Scan path] f:\programme\norton utilities\nprotect.exe
[Scan path] f:\programme\norton utilities\speed disk\nopdb.exe
-----------------------------------------------------------------------------
Scan statistics
-----------------------------------------------------------------------------
Objects scanned: 355
Infected objects found: 0
Objects with modifications found: 0
Suspicious objects found: 0
Adware programs found: 0
Dialer programs found: 0
Joke programs found: 0
Riskware programs found: 0
Hacktool programs found: 0
Objects cured: 0
Objects deleted: 0
Objects renamed: 0
Objects moved: 0
Objects ignored: 0
Scan speed: 2236 Kb/s
Scan time: 00:00:51
-----------------------------------------------------------------------------

[Scan path] E:\
E:\RECYCLED\NPROTECT\NPROTECT.LOG - read error
E:\Download Spontan\40.72_win2kxp.exe infected with Win32.HLLP.Hanta.24064 - cured
E:\Download Spontan\ClonyXXLv2006.exe infected with Win32.HLLP.Hanta.24064 - cured
E:\Download Spontan\grokstersetup.exe infected with Win32.HLLP.Hanta.24064 - cured
E:\Download Spontan\jukebox_8MB_v320_d.exe infected with Win32.HLLP.Hanta.24064 - cured
E:\Download Spontan\SetupCloneCD.exe infected with Win32.HLLP.Hanta.24064 - cured
>E:\Download Spontan\Neuer Ordner\Batronix_Prog-Studio_v5[1].13\cr_bps509.exe>E:\Tec54 TUNING\Tuning Datenhaus\Batronix_Prog-Studio_v5[1].13\cr_bps509.exe>E:\Neuer Ordner\Dos.SFXE:\Steuerprogramm\PATCHW32.DLL probably infected with BACKDOOR.Trojan

[Scan path] D:\
D:\e-Mule\Emulator Pack (Xbox, Ps2, Ps ,Dc, n64 ,Gba,Gb,Ws,Ngp,Ss,Sfc,Fc,Gg,Md, Mame, Pc88, Pce)\âGâ~âàâîü[â^ü[û{æ¦\Xbox\xbox_emulator.0.34.exe infected with BackDoor.Emulbox - deleted

Invalid path to file D:\e-Mule\TOMTOM\TomTom Navigator 5 e 5.21 CRACKED + MAPS (562) of Benelux, Italy, GB, France, Germany, Iberia, Canary Islands (BY LUK_GUNNER)\Tom Tom 5.21 + mappa italia + crack\tomtom navigator 150\combi150\pocketpc\app\deu\navigator-upgrade_deu.ppc3_arm.CAB
Invalid path to file D:\e-Mule\TOMTOM\TomTom Navigator 5 e 5.21 CRACKED + MAPS (562) of Benelux, Italy, GB, France, Germany, Iberia, Canary Islands (BY LUK_GUNNER)\Tom Tom 5.21 + mappa italia + crack\tomtom navigator 150\combi150\pocketpc\app\deu\navigator-upgrade_deu.ppc3_mips.CAB
Invalid path to file D:\e-Mule\TOMTOM\TomTom Navigator 5 e 5.21 CRACKED + MAPS (562) of Benelux, Italy, GB, France, Germany, Iberia, Canary Islands (BY LUK_GUNNER)\Tom Tom 5.21 + mappa italia + crack\tomtom navigator 150\combi150\pocketpc\app\deu\navigator-upgrade_deu.ppc3_sh3.CAB
Invalid path to file D:\e-Mule\TOMTOM\TomTom Navigator 5 e 5.21 CRACKED + MAPS (562) of Benelux, Italy, GB, France, Germany, Iberia, Canary Islands (BY LUK_GUNNER)\Tom Tom 5.21 + mappa italia + crack\tomtom navigator 150\combi150\pocketpc\app\eng\navigator-upgrade_eng.ppc3_arm.CAB
Invalid path to file D:\e-Mule\TOMTOM\TomTom Navigator 5 e 5.21 CRACKED + MAPS (562) of Benelux, Italy, GB, France, Germany, Iberia, Canary Islands (BY LUK_GUNNER)\Tom Tom 5.21 + mappa italia + crack\tomtom navigator 150\combi150\pocketpc\app\eng\navigator-upgrade_eng.ppc3_mips.CAB
Invalid path to file D:\e-Mule\TOMTOM\TomTom Navigator 5 e 5.21 CRACKED + MAPS (562) of Benelux, Italy, GB, France, Germany, Iberia, Canary Islands (BY LUK_GUNNER)\Tom Tom 5.21 + mappa italia + crack\tomtom navigator 150\combi150\pocketpc\app\eng\navigator-upgrade_eng.ppc3_sh3.CAB
Invalid path to file D:\e-Mule\TOMTOM\TomTom Navigator 5 e 5.21 CRACKED + MAPS (562) of Benelux, Italy, GB, France, Germany, Iberia, Canary Islands (BY LUK_GUNNER)\Tom Tom 5.21 + mappa italia + crack\tomtom navigator 150\combi150\pocketpc\app\esp\navigator-upgrade_esp.ppc3_arm.CAB
Invalid path to file D:\e-Mule\TOMTOM\TomTom Navigator 5 e 5.21 CRACKED + MAPS (562) of Benelux, Italy, GB, France, Germany, Iberia, Canary Islands (BY LUK_GUNNER)\Tom Tom 5.21 + mappa italia + crack\tomtom navigator 150\combi150\pocketpc\app\esp\navigator-upgrade_esp.ppc3_mips.CAB
Invalid path to file D:\e-Mule\TOMTOM\TomTom Navigator 5 e 5.21 CRACKED + MAPS (562) of Benelux, Italy, GB, France, Germany, Iberia, Canary Islands (BY LUK_GUNNER)\Tom Tom 5.21 + mappa italia + crack\tomtom navigator 150\combi150\pocketpc\app\esp\navigator-upgrade_esp.ppc3_sh3.CAB
Invalid path to file D:\e-Mule\TOMTOM\TomTom Navigator 5 e 5.21 CRACKED + MAPS (562) of Benelux, Italy, GB, France, Germany, Iberia, Canary Islands (BY LUK_GUNNER)\Tom Tom 5.21 + mappa italia + crack\tomtom navigator 150\combi150\pocketpc\app\fra\navigator-upgrade_fra.ppc3_arm.CAB
Invalid path to file D:\e-Mule\TOMTOM\TomTom Navigator 5 e 5.21 CRACKED + MAPS (562) of Benelux, Italy, GB, France, Germany, Iberia, Canary Islands (BY LUK_GUNNER)\Tom Tom 5.21 + mappa italia + crack\tomtom navigator 150\combi150\pocketpc\app\fra\navigator-upgrade_fra.ppc3_mips.CAB
Invalid path to file D:\e-Mule\TOMTOM\TomTom Navigator 5 e 5.21 CRACKED + MAPS (562) of Benelux, Italy, GB, France, Germany, Iberia, Canary Islands (BY LUK_GUNNER)\Tom Tom 5.21 + mappa italia + crack\tomtom navigator 150\combi150\pocketpc\app\fra\navigator-upgrade_fra.ppc3_sh3.CAB
Invalid path to file D:\e-Mule\TOMTOM\TomTom Navigator 5 e 5.21 CRACKED + MAPS (562) of Benelux, Italy, GB, France, Germany, Iberia, Canary Islands (BY LUK_GUNNER)\Tom Tom 5.21 + mappa italia + crack\tomtom navigator 150\combi150\pocketpc\app\ita\navigator-upgrade_ita.ppc3_arm.CAB
Invalid path to file D:\e-Mule\TOMTOM\TomTom Navigator 5 e 5.21 CRACKED + MAPS (562) of Benelux, Italy, GB, France, Germany, Iberia, Canary Islands (BY LUK_GUNNER)\Tom Tom 5.21 + mappa italia + crack\tomtom navigator 150\combi150\pocketpc\app\ita\navigator-upgrade_ita.ppc3_mips.CAB
Invalid path to file D:\e-Mule\TOMTOM\TomTom Navigator 5 e 5.21 CRACKED + MAPS (562) of Benelux, Italy, GB, France, Germany, Iberia, Canary Islands (BY LUK_GUNNER)\Tom Tom 5.21 + mappa italia + crack\tomtom navigator 150\combi150\pocketpc\app\ita\navigator-upgrade_ita.ppc3_sh3.CAB
Invalid path to file D:\e-Mule\TOMTOM\TomTom Navigator 5 e 5.21 CRACKED + MAPS (562) of Benelux, Italy, GB, France, Germany, Iberia, Canary Islands (BY LUK_GUNNER)\Tom Tom 5.21 + mappa italia + crack\tomtom navigator 150\combi150\pocketpc\app\nld\navigator-upgrade_nld.ppc3_arm.CAB
Invalid path to file D:\e-Mule\TOMTOM\TomTom Navigator 5 e 5.21 CRACKED + MAPS (562) of Benelux, Italy, GB, France, Germany, Iberia, Canary Islands (BY LUK_GUNNER)\Tom Tom 5.21 + mappa italia + crack\tomtom navigator 150\combi150\pocketpc\app\nld\navigator-upgrade_nld.ppc3_mips.CAB
Invalid path to file D:\e-Mule\TOMTOM\TomTom Navigator 5 e 5.21 CRACKED + MAPS (562) of Benelux, Italy, GB, France, Germany, Iberia, Canary Islands (BY LUK_GUNNER)\Tom Tom 5.21 + mappa italia + crack\tomtom navigator 150\combi150\pocketpc\app\nld\navigator-upgrade_nld.ppc3_sh3.CAB
D:\RECYCLER\NPROTECT\00000000.EXE infected with BackDoor.Emulbox - deleted
D:\RECYCLER\NPROTECT\NPROTECT.LOG - read error
D:\Speicherkarte\SetupCloneCD.exe infected with Win32.HLLP.Hanta.24064 - cured

[Scan path] C:\
C:\hiberfil.sys - read error
C:\WINDOWS\system32\restart.exe is hacktool program Tool.ShutDown.11
C:\WINDOWS\system32\config\system.LOG - read error
C:\WINDOWS\system32\config\software.LOG - read error
C:\WINDOWS\system32\config\default.LOG - read error
C:\WINDOWS\system32\config\SECURITY - read error
C:\WINDOWS\system32\config\SAM - read error
C:\WINDOWS\system32\config\SAM.LOG - read error
C:\WINDOWS\system32\config\SECURITY.LOG - read error
C:\WINDOWS\system32\config\SYSTEM - read error
C:\WINDOWS\system32\config\SOFTWARE - read error
C:\WINDOWS\system32\config\DEFAULT - read error
C:\Dokumente und Einstellungen\NetworkService\NTUSER.DAT - read error
C:\Dokumente und Einstellungen\NetworkService\NTUSER~1.LOG - read error
C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\Microsoft\Windows\USRCLASS.DAT - read error
C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\Microsoft\Windows\USRCLA~1.LOG - read error
C:\Dokumente und Einstellungen\LocalService\NTUSER.DAT - read error
C:\Dokumente und Einstellungen\LocalService\NTUSER~1.LOG - read error
C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Microsoft\Windows\USRCLASS.DAT - read error
C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Microsoft\Windows\USRCLA~1.LOG - read error
C:\Dokumente und Einstellungen\Mario\NTUSER.DAT - read error
C:\Dokumente und Einstellungen\Mario\NTUSER~1.LOG - read error
C:\Dokumente und Einstellungen\Mario\l2mfix\restart.exe is hacktool program Tool.ShutDown.11
C:\Dokumente und Einstellungen\Mario\Lokale Einstellungen\Anwendungsdaten\Microsoft\Windows\USRCLASS.DAT - read error
C:\Dokumente und Einstellungen\Mario\Lokale Einstellungen\Anwendungsdaten\Microsoft\Windows\USRCLA~1.LOG - read error
C:\Dokumente und Einstellungen\Mario\Desktop\Virenbekämpfung\l2mfix\restart.exe is hacktool program Tool.ShutDown.11
C:\Dokumente und Einstellungen\Mario\Desktop\Virenbekämpfung\Ad-Fix\Process.exe is hacktool program Tool.Prockill
C:\Dokumente und Einstellungen\Mario\Desktop\Virenbekämpfung\Ad-Fix\restart.exe is hacktool program Tool.ShutDown.11
C:\Dokumente und Einstellungen\Mario\Anwendungsdaten\Mozilla\Firefox\Profiles\96wrupdx.default\PARENT~1.LOC - read error
C:\Programme\Gemeinsame Dateien\Symantec Shared\CCPD-LC\symlcrst.dll - read error
>C:\Programme\WinRAR\Dos.SFXC:\Recycled\NPROTECT\NPROTECT.LOG - read error

[Scan path] F:\
F:\RECYCLER\NPROTECT\NPROTECT.LOG - read error

-----------------------------------------------------------------------------
Scan statistics
-----------------------------------------------------------------------------
Objects scanned: 282033
Infected objects found: 8
Objects with modifications found: 0
Suspicious objects found: 1
Adware programs found: 0
Dialer programs found: 0
Joke programs found: 0
Riskware programs found: 0
Hacktool programs found: 5
Objects cured: 6
Objects deleted: 2
Objects renamed: 0
Objects moved: 0
Objects ignored: 0
Scan speed: 11 Kb/s
Scan time: 03:27:54
-----------------------------------------------------------------------------

Das Program ist noch offen und ich kann mit dem Ergebniss noch weiter machen.
Dieser Beitrag wurde am 21.10.2006 um 13:48 Uhr von Beetlejuice editiert.
Seitenanfang Seitenende
21.10.2006, 15:45
Sabina
Ehrenmitglied
Avatar Sabina

Beiträge: 29434
#42 die probleme auf deinem rechner hast du selbst verursacht ;) - pass auf, was du per P2P laedst.
nun muesste wieder alles notduerftig o.k. sein.
__________
MfG Sabina

rund um die PC-Sicherheit
Seitenanfang Seitenende
21.10.2006, 18:08
Beetlejuice
Member

Themenstarter

Beiträge: 22
#43 Ich muss dazu sagen das ich den Rechner (Festplatte) schon seit 5 Jahren so laufen habe. Immer mal wieder Hardware nachgerüstet und verbessert. Die 20Gig Festplatte hat nen stärkeren Bruder erhalten aber das Betriebssystem ist immer wieder repariert worden wenn es mal nicht ging. abe es immer hin bekommen. Dachte mir schon das soetwas mal passieren wird.

Aber halt immer ohne "format c:" ....

Habe bestimmt noch immer viel Datenmüll drauf.

Aber ich danke dir! Hut ab!!!
Seitenanfang Seitenende
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!

Folgende Themen könnten Dich auch interessieren:
Seite(n): 123