Bitte um Hilfe Logfile zu prüfen
13 Beiträge • Seite 1 von 1
Bitte um Hilfe Logfile zu prüfen
von mathea am 10.01.2005, 09:09
Hallo,
ich habe einige Probleme mit meinem Rechner, vielleicht kann jemand mal einen kurzen Blick über mein LogFile werfen und mir damit schon weiterhelfen.
Danke Mathea
Logfile of HijackThis v1.99.0
Scan saved at 07:59:39, on 10.01.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\F-SECU~1\backweb\4476822\Program\SERVIC~1.EXE
C:\DATEV\SYSTEM\PSNTSERV.EXE
C:\Programme\F-Secure Anti-Virus\Anti-Virus\fsgk32st.exe
C:\Programme\F-Secure Anti-Virus\Anti-Virus\FSGK32.EXE
C:\Programme\F-Secure Anti-Virus\backweb\4476822\program\fsbwsys.exe
C:\Programme\F-Secure Anti-Virus\Common\FSMA32.EXE
C:\Programme\F-Secure Anti-Virus\Anti-Virus\fssm32.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programme\F-Secure Anti-Virus\Common\FSMB32.EXE
C:\Programme\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe
C:\Programme\F-Secure Anti-Virus\Common\FCH32.EXE
C:\Programme\RealVNC\WinVNC\WinVNC.exe
C:\Programme\F-Secure Anti-Virus\Common\FAMEH32.EXE
C:\Programme\F-Secure Anti-Virus\FWES\Program\fsdfwd.exe
C:\Programme\F-Secure Anti-Virus\Anti-Virus\fsav32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\System32\DSentry.exe
C:\Programme\Java\j2re1.4.2_01\bin\jusched.exe
C:\Programme\T-Online\T-Online_Software_5\Basis-Software\Basis1\ToADiMon.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0S2.EXE
C:\Programme\F-Secure Anti-Virus\Common\FSM32.EXE
C:\Programme\F-Secure Anti-Virus\FSGUI\fsguiexe.exe
C:\Programme\F-Secure Anti-Virus\backweb\4476822\Program\fspex.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Programme\F-Secure Anti-Virus\FSGUI\fsavgui.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\DOKUME~1\ERNST&~1\LOKALE~1\Temp\Temporäres Verzeichnis 5 für hijackthis.zip\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.euro.dell.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [StorageGuard] "C:\Programme\Gemeinsame Dateien\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\j2re1.4.2_01\bin\jusched.exe
O4 - HKLM\..\Run: [WinVNC] "C:\Programme\RealVNC\WinVNC\WinVNC.exe" -servicehelper
O4 - HKLM\..\Run: [ToADiMon.exe] C:\Programme\T-Online\T-Online_Software_5\Basis-Software\Basis1\ToADiMon.exe -TOnlineAutodialStart
O4 - HKLM\..\Run: [SfWinStartInfo] C:\SFIRM32\sfWinStartupInfo.exe
O4 - HKLM\..\Run: [EPSON Stylus C66 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0S2.EXE /P23 "EPSON Stylus C66 Series" /O6 "USB002" /M "Stylus C66"
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Programme\F-Secure Anti-Virus\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Programme\F-Secure Anti-Virus\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Programme\F-Secure Anti-Virus\FSGUI\FSSW.EXE" /reboot
O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{EF555A05-D704-4B17-8200-1ABC3AE308FC}: NameServer = 212.95.108.3 212.95.97.66
O23 - Service: F-Secure Anti-Virus 2005 - Unknown - C:\PROGRA~1\F-SECU~1\backweb\4476822\Program\SERVIC~1.EXE
O23 - Service: DATEV Druckservice - Datev eG - C:\DATEV\SYSTEM\PSNTSERV.EXE
O23 - Service: F-Secure Gatekeeper Handler Starter - Unknown - C:\Programme\F-Secure Anti-Virus\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - Unknown - C:\Programme\F-Secure Anti-Virus\backweb\4476822\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon - F-Secure Corporation - C:\Programme\F-Secure Anti-Virus\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent - F-Secure Corporation - C:\Programme\F-Secure Anti-Virus\Common\FSMA32.EXE
O23 - Service: VNC Server - RealVNC Ltd. - C:\Programme\RealVNC\WinVNC\WinVNC.exe
ich habe einige Probleme mit meinem Rechner, vielleicht kann jemand mal einen kurzen Blick über mein LogFile werfen und mir damit schon weiterhelfen.
Danke Mathea
Logfile of HijackThis v1.99.0
Scan saved at 07:59:39, on 10.01.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\F-SECU~1\backweb\4476822\Program\SERVIC~1.EXE
C:\DATEV\SYSTEM\PSNTSERV.EXE
C:\Programme\F-Secure Anti-Virus\Anti-Virus\fsgk32st.exe
C:\Programme\F-Secure Anti-Virus\Anti-Virus\FSGK32.EXE
C:\Programme\F-Secure Anti-Virus\backweb\4476822\program\fsbwsys.exe
C:\Programme\F-Secure Anti-Virus\Common\FSMA32.EXE
C:\Programme\F-Secure Anti-Virus\Anti-Virus\fssm32.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programme\F-Secure Anti-Virus\Common\FSMB32.EXE
C:\Programme\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe
C:\Programme\F-Secure Anti-Virus\Common\FCH32.EXE
C:\Programme\RealVNC\WinVNC\WinVNC.exe
C:\Programme\F-Secure Anti-Virus\Common\FAMEH32.EXE
C:\Programme\F-Secure Anti-Virus\FWES\Program\fsdfwd.exe
C:\Programme\F-Secure Anti-Virus\Anti-Virus\fsav32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\System32\DSentry.exe
C:\Programme\Java\j2re1.4.2_01\bin\jusched.exe
C:\Programme\T-Online\T-Online_Software_5\Basis-Software\Basis1\ToADiMon.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0S2.EXE
C:\Programme\F-Secure Anti-Virus\Common\FSM32.EXE
C:\Programme\F-Secure Anti-Virus\FSGUI\fsguiexe.exe
C:\Programme\F-Secure Anti-Virus\backweb\4476822\Program\fspex.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Programme\F-Secure Anti-Virus\FSGUI\fsavgui.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\DOKUME~1\ERNST&~1\LOKALE~1\Temp\Temporäres Verzeichnis 5 für hijackthis.zip\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.euro.dell.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [StorageGuard] "C:\Programme\Gemeinsame Dateien\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\j2re1.4.2_01\bin\jusched.exe
O4 - HKLM\..\Run: [WinVNC] "C:\Programme\RealVNC\WinVNC\WinVNC.exe" -servicehelper
O4 - HKLM\..\Run: [ToADiMon.exe] C:\Programme\T-Online\T-Online_Software_5\Basis-Software\Basis1\ToADiMon.exe -TOnlineAutodialStart
O4 - HKLM\..\Run: [SfWinStartInfo] C:\SFIRM32\sfWinStartupInfo.exe
O4 - HKLM\..\Run: [EPSON Stylus C66 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0S2.EXE /P23 "EPSON Stylus C66 Series" /O6 "USB002" /M "Stylus C66"
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Programme\F-Secure Anti-Virus\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Programme\F-Secure Anti-Virus\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Programme\F-Secure Anti-Virus\FSGUI\FSSW.EXE" /reboot
O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{EF555A05-D704-4B17-8200-1ABC3AE308FC}: NameServer = 212.95.108.3 212.95.97.66
O23 - Service: F-Secure Anti-Virus 2005 - Unknown - C:\PROGRA~1\F-SECU~1\backweb\4476822\Program\SERVIC~1.EXE
O23 - Service: DATEV Druckservice - Datev eG - C:\DATEV\SYSTEM\PSNTSERV.EXE
O23 - Service: F-Secure Gatekeeper Handler Starter - Unknown - C:\Programme\F-Secure Anti-Virus\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - Unknown - C:\Programme\F-Secure Anti-Virus\backweb\4476822\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon - F-Secure Corporation - C:\Programme\F-Secure Anti-Virus\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent - F-Secure Corporation - C:\Programme\F-Secure Anti-Virus\Common\FSMA32.EXE
O23 - Service: VNC Server - RealVNC Ltd. - C:\Programme\RealVNC\WinVNC\WinVNC.exe
- mathea
- Beiträge: 7
- Registriert: 10.01.2005, 08:56
von Nikita am 10.01.2005, 15:02
Hallo@mathea
Welche Probleme hast du denn ?
Dein Java funktioniert anscheinend nicht. Oder gibt es noch anderes ?
--------------------------------------------------------------------------------------------
#Ad-aware SE Personal 1.05 Updated
http://fileforum.betanews.com/detail/965718306/1
Poste bitte das Log vom Scann
Welche Probleme hast du denn ?
Dein Java funktioniert anscheinend nicht. Oder gibt es noch anderes ?
--------------------------------------------------------------------------------------------
#Ad-aware SE Personal 1.05 Updated
http://fileforum.betanews.com/detail/965718306/1
Poste bitte das Log vom Scann
- Nikita
- Moderator
- Beiträge: 11478
- Registriert: 07.12.2003, 16:53
- Wohnort: Lissabon
von mathea am 10.01.2005, 16:12
Huhu Nikita danke für die schnelle Antwort.
F-Secure ist aktuell hat mir als lezten Fund I-Worm Netsky c gemeldet, wobei mit einem Entfernungstool dafür nichts gefunden wurde. Ich habe insbesondere das Problem das ich mit meinem Thunderbird Mailprogramm ständig rücklaufende EMails habe die wohl automatisch von mir verschickt werden,die aber an beliebige Adressen geschickt werden ohne anzukommen.
Um weitere Hilfe wär ich sehr dankbar
Greetz Mathea
Hier nu mein Addaware LogFile:
Ad-Aware SE Build 1.05
Logfile Created on:Montag, 10. Januar 2005 15:04:40
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R24 29.12.2004
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
MRU List(TAC index:0):21 total references
Tracking Cookie(TAC index:3):6 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects
10.01.2005 15:04:40 - Scan started. (Smart mode)
Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 400
ThreadCreationTime : 10.01.2005 11:40:09
BasePriority : Normal
#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 472
ThreadCreationTime : 10.01.2005 11:40:11
BasePriority : Normal
#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 496
ThreadCreationTime : 10.01.2005 11:40:12
BasePriority : High
#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 540
ThreadCreationTime : 10.01.2005 11:40:12
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Betriebssystem Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Anwendung für Dienste und Controller
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten.
OriginalFilename : services.exe
#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 552
ThreadCreationTime : 10.01.2005 11:40:12
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe
#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 720
ThreadCreationTime : 10.01.2005 11:40:13
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 800
ThreadCreationTime : 10.01.2005 11:40:14
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 836
ThreadCreationTime : 10.01.2005 11:40:14
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 884
ThreadCreationTime : 10.01.2005 11:40:14
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:10 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 936
ThreadCreationTime : 10.01.2005 11:40:15
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:11 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1060
ThreadCreationTime : 10.01.2005 11:40:16
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe
#:12 [servic~1.exe]
FilePath : C:\PROGRA~1\F-SECU~1\backweb\4476822\Program\
ProcessID : 1156
ThreadCreationTime : 10.01.2005 11:40:16
BasePriority : Normal
#:13 [psntserv.exe]
FilePath : C:\DATEV\SYSTEM\
ProcessID : 1180
ThreadCreationTime : 10.01.2005 11:40:16
BasePriority : Normal
FileVersion : 1, 4, 1, 0
ProductVersion : 1, 4, 0, 0
ProductName : Druckservice
CompanyName : Datev eG
FileDescription : NT-Service zur Druckausgabe
InternalName : B0000014
LegalCopyright : Copyright © 1999 - 2001 DATEV eG.
OriginalFilename : PSNTServ.exe
#:14 [fsgk32st.exe]
FilePath : C:\Programme\F-Secure Anti-Virus\Anti-Virus\
ProcessID : 1220
ThreadCreationTime : 10.01.2005 11:40:16
BasePriority : Normal
FileVersion : 1, 0, 7360, 0
ProductVersion : 1, 0, 7360, 56
ProductName : F-Secure Corp. Startup service
CompanyName : F-Secure Corp.
FileDescription : fsgk32st
InternalName : fsgk32
LegalCopyright : Copyright © 2001
OriginalFilename : fsgk32st.exe
Comments : Startup service for Gatekeeper Handler
#:15 [fsbwsys.exe]
FilePath : C:\Programme\F-Secure Anti-Virus\backweb\4476822\program\
ProcessID : 1244
ThreadCreationTime : 10.01.2005 11:40:17
BasePriority : Normal
FileVersion : 6.70.734
ProductVersion : 6.70
ProductName : F-Secure BackWeb
CompanyName : F-Secure Corp.
FileDescription : fsbwsys
InternalName : fsbwsys
LegalCopyright : Copyright © 2004 F-Secure Corporation
OriginalFilename : fsbwsys.exe
#:16 [fsgk32.exe]
FilePath : C:\Programme\F-Secure Anti-Virus\Anti-Virus\
ProcessID : 1256
ThreadCreationTime : 10.01.2005 11:40:17
BasePriority : Normal
FileVersion : 5.53.10121
ProductVersion : 5.53.10121
ProductName : F-Secure Corp. fsgk32
CompanyName : F-Secure Corp.
FileDescription : Gatekeeper Handler II
InternalName : fsgk32
LegalCopyright : Copyright © 2003
OriginalFilename : fsgk32.exe
Comments : release
#:17 [fsma32.exe]
FilePath : C:\Programme\F-Secure Anti-Virus\Common\
ProcessID : 1272
ThreadCreationTime : 10.01.2005 11:40:17
BasePriority : Normal
FileVersion : 5.61.7670
ProductVersion : 5.61 Build 7670
ProductName : F-Secure Management Agent
CompanyName : F-Secure Corporation
FileDescription : F-Secure Management Agent
InternalName : VCH
LegalCopyright : Copyright © 1998-2004 F-Secure Corporation. All rights reserved.
LegalTrademarks : Windows (TM) is a trademark of Microsoft Corporation
OriginalFilename : FSMA32.EXE
#:18 [mdm.exe]
FilePath : C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\
ProcessID : 1316
ThreadCreationTime : 10.01.2005 11:40:17
BasePriority : Normal
FileVersion : 7.00.9466
ProductVersion : 7.00.9466
ProductName : Microsoft® Visual Studio .NET
CompanyName : Microsoft Corporation
FileDescription : Machine Debug Manager
InternalName : mdm.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : mdm.exe
#:19 [fsmb32.exe]
FilePath : C:\Programme\F-Secure Anti-Virus\Common\
ProcessID : 1324
ThreadCreationTime : 10.01.2005 11:40:17
BasePriority : Normal
FileVersion : 5.61.7670
ProductVersion : 5.61 Build 7670
ProductName : F-Secure Management Agent
CompanyName : F-Secure Corporation
FileDescription : F-Secure Message Broker
InternalName : FSMB
LegalCopyright : Copyright © 1998-2004 F-Secure Corporation. All rights reserved.
LegalTrademarks : Windows (TM) is a trademark of Microsoft Corporation
OriginalFilename : FSMB32.EXE
#:20 [fssm32.exe]
FilePath : C:\Programme\F-Secure Anti-Virus\Anti-Virus\
ProcessID : 1332
ThreadCreationTime : 10.01.2005 11:40:17
BasePriority : Normal
FileVersion : 5.53.10210
ProductVersion : 5.53.10210
ProductName : F-Secure Corp. fssm32
CompanyName : F-Secure Corp.
FileDescription : fssm32
InternalName : fssm32
LegalCopyright : Copyright © 2003
OriginalFilename : fssm32.exe
Comments : release
#:21 [sqlservr.exe]
FilePath : C:\Programme\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\
ProcessID : 1488
ThreadCreationTime : 10.01.2005 11:40:18
BasePriority : Normal
FileVersion : 2000.080.0818.00
ProductVersion : 8.00.818
ProductName : Microsoft SQL Server
CompanyName : Microsoft Corporation
FileDescription : SQL Server Windows NT
InternalName : SQLSERVR
LegalCopyright : © 1988-2003 Microsoft Corp. All rights reserved.
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation. Windows(TM) is a trademark of Microsoft Corporation
OriginalFilename : SQLSERVR.EXE
Comments : NT INTEL X86
#:22 [fch32.exe]
FilePath : C:\Programme\F-Secure Anti-Virus\Common\
ProcessID : 1568
ThreadCreationTime : 10.01.2005 11:40:18
BasePriority : Normal
FileVersion : 5.61.7670
ProductVersion : 5.61 Build 7670
ProductName : F-Secure Management Agent
CompanyName : F-Secure Corporation
FileDescription : F-Secure Configuration Handler
InternalName : FCH
LegalCopyright : Copyright © 1998-2004 F-Secure Corporation. All rights reserved.
LegalTrademarks : Windows (TM) is a trademark of Microsoft Corporation
OriginalFilename : FCH32.EXE
#:23 [winvnc.exe]
FilePath : C:\Programme\RealVNC\WinVNC\
ProcessID : 1680
ThreadCreationTime : 10.01.2005 11:40:19
BasePriority : Normal
FileVersion : 3, 3, 7, 0
ProductVersion : 3, 3, 7, 0
ProductName : RealVNC Ltd. - WinVNC
CompanyName : RealVNC Ltd.
FileDescription : VNC server for Win32
InternalName : WinVNC
LegalCopyright : Copyright RealVNC Ltd.© 2002-2003, AT&T Research Labs Cambridge© 1996-2001
LegalTrademarks : VNC
OriginalFilename : WinVNC.exe
#:24 [fameh32.exe]
FilePath : C:\Programme\F-Secure Anti-Virus\Common\
ProcessID : 1768
ThreadCreationTime : 10.01.2005 11:40:20
BasePriority : Normal
FileVersion : 5.61.7670
ProductVersion : 5.61 Build 7670
ProductName : F-Secure Management Agent
CompanyName : F-Secure Corporation
FileDescription : F-Secure Alert and Management Extension Handler
InternalName : FAMEH
LegalCopyright : Copyright © 1998-2004 F-Secure Corporation. All rights reserved.
LegalTrademarks : Windows (TM) is a trademark of Microsoft Corporation
OriginalFilename : FAMEH32.EXE
#:25 [fsdfwd.exe]
FilePath : C:\Programme\F-Secure Anti-Virus\FWES\Program\
ProcessID : 1992
ThreadCreationTime : 10.01.2005 11:40:22
BasePriority : Normal
FileVersion : 5.80.380
ProductVersion : 5.80 Build 380
ProductName : F-Secure Anti-Virus Internet Shield
CompanyName : F-Secure Corporation
FileDescription : F-Secure Anti-Virus Internet Shield daemon
InternalName : fsdfwd
LegalCopyright : Copyright (c) F-Secure Corporation 1997-2004
OriginalFilename : fsdfwd.exe
#:26 [alg.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 2012
ThreadCreationTime : 10.01.2005 11:40:22
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe
#:27 [fsav32.exe]
FilePath : C:\Programme\F-Secure Anti-Virus\Anti-Virus\
ProcessID : 1216
ThreadCreationTime : 10.01.2005 11:40:25
BasePriority : Normal
FileVersion : 5.53.10480
ProductVersion : 5.53.10480
ProductName : F-Secure Anti-Virus
CompanyName : F-Secure Corporation
FileDescription : FSAV Handler
InternalName : FSAV32
LegalCopyright : Copyright © 1998-2004, F-Secure Corporation
OriginalFilename : FSAV32.exe
#:28 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 2572
ThreadCreationTime : 10.01.2005 11:41:48
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Betriebssystem Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten.
OriginalFilename : EXPLORER.EXE
#:29 [hkcmd.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 2656
ThreadCreationTime : 10.01.2005 11:41:50
BasePriority : Normal
FileVersion : 3.0.0.2285
ProductVersion : 7.0.0.2285
ProductName : Intel(R) Common User Interface
CompanyName : Intel Corporation
FileDescription : hkcmd Module
InternalName : HKCMD
LegalCopyright : Copyright 1999-2003, Intel Corporation
OriginalFilename : HKCMD.EXE
#:30 [tfswctrl.exe]
FilePath : C:\WINDOWS\system32\dla\
ProcessID : 2688
ThreadCreationTime : 10.01.2005 11:41:50
BasePriority : Normal
FileVersion : 1.04.05b
CompanyName : Sonic Solutions
FileDescription : Drive Letter Access Component
LegalCopyright : Copyright © 2003 Sonic Solutions
#:31 [dsentry.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 2756
ThreadCreationTime : 10.01.2005 11:41:55
BasePriority : Normal
FileVersion : 1, 0, 5, 0
ProductVersion : 1, 0, 5, 0
ProductName : Dell - DVDSentry
CompanyName : Dell - Advanced Desktop Engineering
FileDescription : DVDSentry
InternalName : DVDSentry
LegalCopyright : Copyright © 2002 Dell
OriginalFilename : DSentry.exe
Comments : DVDSentry launches your software DVD player when a DVD is inserted.
#:32 [jusched.exe]
FilePath : C:\Programme\Java\j2re1.4.2_01\bin\
ProcessID : 2764
ThreadCreationTime : 10.01.2005 11:41:55
BasePriority : Normal
#:33 [toadimon.exe]
FilePath : C:\Programme\T-Online\T-Online_Software_5\Basis-Software\Basis1\
ProcessID : 2796
ThreadCreationTime : 10.01.2005 11:41:55
BasePriority : Normal
FileVersion : 2.14.10
ProductVersion : 2.00
ProductName : Marmiko IT-Solutions GmbH DialAssistent Component
CompanyName : Marmiko IT-Solutions GmbH
FileDescription : T-Online Verbindungsassistent
InternalName : ToADiMon
LegalCopyright : Copyright © Marmiko IT-Solutions GmbH 2000-2003, Copyright © T-Online International AG 2001-2003
OriginalFilename : ToADiMon.EXE
#:34 [e_s4i0s2.exe]
FilePath : C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\
ProcessID : 2840
ThreadCreationTime : 10.01.2005 11:41:56
BasePriority : Normal
FileVersion : 3.00
ProductVersion : 3.00
ProductName : EPSON Status Monitor 3
CompanyName : SEIKO EPSON CORPORATION
FileDescription : EPSON Status Monitor 3
InternalName : E_S4I0S2
LegalCopyright : Copyright (C) SEIKO EPSON CORP. 2003
OriginalFilename : E_S4I0S2.EXE
#:35 [fsm32.exe]
FilePath : C:\Programme\F-Secure Anti-Virus\Common\
ProcessID : 2848
ThreadCreationTime : 10.01.2005 11:41:56
BasePriority : Normal
FileVersion : 5.61.7670
ProductVersion : 5.61 Build 7670
ProductName : F-Secure Management Agent
CompanyName : F-Secure Corporation
FileDescription : F-Secure Settings and Statistics
InternalName : FSM
LegalCopyright : Copyright © 1998-2004 F-Secure Corporation. All rights reserved.
LegalTrademarks : Windows (TM) is a trademark of Microsoft Corporation
OriginalFilename : FSM32.EXE
#:36 [fsguiexe.exe]
FilePath : C:\Programme\F-Secure Anti-Virus\FSGUI\
ProcessID : 3020
ThreadCreationTime : 10.01.2005 11:42:05
BasePriority : Normal
FileVersion : 5, 70, 1221, 0
ProductVersion : 5, 0, 560, 0
ProductName : ISP 2005
FileDescription : gui standby component
InternalName : fsguiexe
LegalCopyright : Copyright (C) 2004
OriginalFilename : fsguiexe.exe
#:37 [fspex.exe]
FilePath : C:\Programme\F-Secure Anti-Virus\backweb\4476822\Program\
ProcessID : 3080
ThreadCreationTime : 10.01.2005 11:42:06
BasePriority : Normal
#:38 [iexplore.exe]
FilePath : C:\Programme\Internet Explorer\
ProcessID : 2000
ThreadCreationTime : 10.01.2005 14:01:51
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Betriebssystem Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten.
OriginalFilename : IEXPLORE.EXE
#:39 [ad-aware.exe]
FilePath : C:\Programme\Lavasoft\Ad-Aware SE Personal\
ProcessID : 1200
ThreadCreationTime : 10.01.2005 14:04:10
BasePriority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved
#:40 [iexplore.exe]
FilePath : C:\Programme\Internet Explorer\
ProcessID : 2772
ThreadCreationTime : 10.01.2005 14:04:19
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Betriebssystem Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten.
OriginalFilename : IEXPLORE.EXE
Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0
Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0
Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0
Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : ernst & reinhard@mediaplex[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:ernst & reinhard@mediaplex.com/
Expires : 22.06.2009 01:00:00
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : ernst & reinhard@doubleclick[1].txt
Category : Data Miner
Comment : Hits:5
Value : Cookie:ernst & reinhard@doubleclick.net/
Expires : 10.01.2008 10:44:42
LastSync : Hits:5
UseCount : 0
Hits : 5
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : ernst & reinhard@tribalfusion[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:ernst & reinhard@tribalfusion.com/
Expires : 01.01.2038 01:00:00
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : ernst & reinhard@versiontracker[2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:ernst & reinhard@versiontracker.com/
Expires : 10.01.2007 07:03:14
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : ernst & reinhard@adtech[2].txt
Category : Data Miner
Comment : Hits:4
Value : Cookie:ernst & reinhard@adtech.de/
Expires : 08.01.2015 15:03:10
LastSync : Hits:4
UseCount : 0
Hits : 4
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : ernst & reinhard@servedby.netshelter[1].txt
Category : Data Miner
Comment : Hits:5
Value : Cookie:ernst & reinhard@servedby.netshelter.net/
Expires : 29.06.2021 14:48:54
LastSync : Hits:5
UseCount : 0
Hits : 5
Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 6
Objects found so far: 6
Deep scanning and examining files...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Disk Scan Result for C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 6
Disk Scan Result for C:\WINDOWS\system32
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 6
Disk Scan Result for C:\DOKUME~1\ERNST&~1\LOKALE~1\Temp\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 6
Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
2 entries scanned.
New critical objects:0
Objects found so far: 6
MRU List Object Recognized!
Location: : S-1-5-21-1851632150-2986509648-2728063372-1008\software\microsoft\windows\currentversion\applets\paint\recent file list
Description : list of files recently opened using microsoft paint
MRU List Object Recognized!
Location: : S-1-5-21-1851632150-2986509648-2728063372-1008\software\microsoft\windows\currentversion\explorer\runmru
Description : mru list for items opened in start | run
MRU List Object Recognized!
Location: : S-1-5-21-1851632150-2986509648-2728063372-1008\software\microsoft\search assistant\acmru
Description : list of recent search terms used with the search assistant
MRU List Object Recognized!
Location: : S-1-5-21-1851632150-2986509648-2728063372-1008\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension
MRU List Object Recognized!
Location: : S-1-5-21-1851632150-2986509648-2728063372-1008\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened
MRU List Object Recognized!
Location: : S-1-5-21-1851632150-2986509648-2728063372-1008\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened
MRU List Object Recognized!
Location: : S-1-5-21-1851632150-2986509648-2728063372-1008\software\microsoft\office\11.0\powerpoint\recent file list
Description : list of recent files used by microsoft powerpoint
MRU List Object Recognized!
Location: : S-1-5-21-1851632150-2986509648-2728063372-1008\software\microsoft\office\11.0\word\recent templates
Description : list of recent templates used by microsoft word
MRU List Object Recognized!
Location: : S-1-5-21-1851632150-2986509648-2728063372-1008\software\microsoft\office\11.0\access\settings
Description : list of recently opened documents in microsoft access
MRU List Object Recognized!
Location: : S-1-5-21-1851632150-2986509648-2728063372-1008\software\microsoft\internet explorer
Description : last download directory used in microsoft internet explorer
MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw
MRU List Object Recognized!
Location: : S-1-5-21-1851632150-2986509648-2728063372-1008\software\microsoft\microsoft management console\recent file list
Description : list of recent snap-ins used in the microsoft management console
MRU List Object Recognized!
Location: : S-1-5-21-1851632150-2986509648-2728063372-1008\software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer
MRU List Object Recognized!
Location: : S-1-5-21-1851632150-2986509648-2728063372-1008\software\adobe\acrobat reader\6.0\avgeneral\crecentfiles
Description : list of recently used files in adobe reader
MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d
MRU List Object Recognized!
Location: : S-1-5-21-1851632150-2986509648-2728063372-1008\software\microsoft\windows\currentversion\applets\regedit
Description : last key accessed using the microsoft registry editor
MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows media\wmsdk\general
Description : windows media sdk
MRU List Object Recognized!
Location: : S-1-5-18\software\microsoft\windows media\wmsdk\general
Description : windows media sdk
MRU List Object Recognized!
Location: : S-1-5-21-1851632150-2986509648-2728063372-1008\software\microsoft\windows media\wmsdk\general
Description : windows media sdk
MRU List Object Recognized!
Location: : C:\Dokumente und Einstellungen\Ernst & Reinhard\recent
Description : list of recently opened documents
Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 27
15:07:22 Scan Complete
Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:02:42.687
Objects scanned:64357
Objects identified:6
Objects ignored:0
New critical objects:6
F-Secure ist aktuell hat mir als lezten Fund I-Worm Netsky c gemeldet, wobei mit einem Entfernungstool dafür nichts gefunden wurde. Ich habe insbesondere das Problem das ich mit meinem Thunderbird Mailprogramm ständig rücklaufende EMails habe die wohl automatisch von mir verschickt werden,die aber an beliebige Adressen geschickt werden ohne anzukommen.
Um weitere Hilfe wär ich sehr dankbar
Greetz Mathea
Hier nu mein Addaware LogFile:
Ad-Aware SE Build 1.05
Logfile Created on:Montag, 10. Januar 2005 15:04:40
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R24 29.12.2004
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
MRU List(TAC index:0):21 total references
Tracking Cookie(TAC index:3):6 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects
10.01.2005 15:04:40 - Scan started. (Smart mode)
Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 400
ThreadCreationTime : 10.01.2005 11:40:09
BasePriority : Normal
#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 472
ThreadCreationTime : 10.01.2005 11:40:11
BasePriority : Normal
#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 496
ThreadCreationTime : 10.01.2005 11:40:12
BasePriority : High
#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 540
ThreadCreationTime : 10.01.2005 11:40:12
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Betriebssystem Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Anwendung für Dienste und Controller
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten.
OriginalFilename : services.exe
#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 552
ThreadCreationTime : 10.01.2005 11:40:12
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe
#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 720
ThreadCreationTime : 10.01.2005 11:40:13
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 800
ThreadCreationTime : 10.01.2005 11:40:14
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 836
ThreadCreationTime : 10.01.2005 11:40:14
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 884
ThreadCreationTime : 10.01.2005 11:40:14
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:10 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 936
ThreadCreationTime : 10.01.2005 11:40:15
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:11 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1060
ThreadCreationTime : 10.01.2005 11:40:16
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe
#:12 [servic~1.exe]
FilePath : C:\PROGRA~1\F-SECU~1\backweb\4476822\Program\
ProcessID : 1156
ThreadCreationTime : 10.01.2005 11:40:16
BasePriority : Normal
#:13 [psntserv.exe]
FilePath : C:\DATEV\SYSTEM\
ProcessID : 1180
ThreadCreationTime : 10.01.2005 11:40:16
BasePriority : Normal
FileVersion : 1, 4, 1, 0
ProductVersion : 1, 4, 0, 0
ProductName : Druckservice
CompanyName : Datev eG
FileDescription : NT-Service zur Druckausgabe
InternalName : B0000014
LegalCopyright : Copyright © 1999 - 2001 DATEV eG.
OriginalFilename : PSNTServ.exe
#:14 [fsgk32st.exe]
FilePath : C:\Programme\F-Secure Anti-Virus\Anti-Virus\
ProcessID : 1220
ThreadCreationTime : 10.01.2005 11:40:16
BasePriority : Normal
FileVersion : 1, 0, 7360, 0
ProductVersion : 1, 0, 7360, 56
ProductName : F-Secure Corp. Startup service
CompanyName : F-Secure Corp.
FileDescription : fsgk32st
InternalName : fsgk32
LegalCopyright : Copyright © 2001
OriginalFilename : fsgk32st.exe
Comments : Startup service for Gatekeeper Handler
#:15 [fsbwsys.exe]
FilePath : C:\Programme\F-Secure Anti-Virus\backweb\4476822\program\
ProcessID : 1244
ThreadCreationTime : 10.01.2005 11:40:17
BasePriority : Normal
FileVersion : 6.70.734
ProductVersion : 6.70
ProductName : F-Secure BackWeb
CompanyName : F-Secure Corp.
FileDescription : fsbwsys
InternalName : fsbwsys
LegalCopyright : Copyright © 2004 F-Secure Corporation
OriginalFilename : fsbwsys.exe
#:16 [fsgk32.exe]
FilePath : C:\Programme\F-Secure Anti-Virus\Anti-Virus\
ProcessID : 1256
ThreadCreationTime : 10.01.2005 11:40:17
BasePriority : Normal
FileVersion : 5.53.10121
ProductVersion : 5.53.10121
ProductName : F-Secure Corp. fsgk32
CompanyName : F-Secure Corp.
FileDescription : Gatekeeper Handler II
InternalName : fsgk32
LegalCopyright : Copyright © 2003
OriginalFilename : fsgk32.exe
Comments : release
#:17 [fsma32.exe]
FilePath : C:\Programme\F-Secure Anti-Virus\Common\
ProcessID : 1272
ThreadCreationTime : 10.01.2005 11:40:17
BasePriority : Normal
FileVersion : 5.61.7670
ProductVersion : 5.61 Build 7670
ProductName : F-Secure Management Agent
CompanyName : F-Secure Corporation
FileDescription : F-Secure Management Agent
InternalName : VCH
LegalCopyright : Copyright © 1998-2004 F-Secure Corporation. All rights reserved.
LegalTrademarks : Windows (TM) is a trademark of Microsoft Corporation
OriginalFilename : FSMA32.EXE
#:18 [mdm.exe]
FilePath : C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\
ProcessID : 1316
ThreadCreationTime : 10.01.2005 11:40:17
BasePriority : Normal
FileVersion : 7.00.9466
ProductVersion : 7.00.9466
ProductName : Microsoft® Visual Studio .NET
CompanyName : Microsoft Corporation
FileDescription : Machine Debug Manager
InternalName : mdm.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : mdm.exe
#:19 [fsmb32.exe]
FilePath : C:\Programme\F-Secure Anti-Virus\Common\
ProcessID : 1324
ThreadCreationTime : 10.01.2005 11:40:17
BasePriority : Normal
FileVersion : 5.61.7670
ProductVersion : 5.61 Build 7670
ProductName : F-Secure Management Agent
CompanyName : F-Secure Corporation
FileDescription : F-Secure Message Broker
InternalName : FSMB
LegalCopyright : Copyright © 1998-2004 F-Secure Corporation. All rights reserved.
LegalTrademarks : Windows (TM) is a trademark of Microsoft Corporation
OriginalFilename : FSMB32.EXE
#:20 [fssm32.exe]
FilePath : C:\Programme\F-Secure Anti-Virus\Anti-Virus\
ProcessID : 1332
ThreadCreationTime : 10.01.2005 11:40:17
BasePriority : Normal
FileVersion : 5.53.10210
ProductVersion : 5.53.10210
ProductName : F-Secure Corp. fssm32
CompanyName : F-Secure Corp.
FileDescription : fssm32
InternalName : fssm32
LegalCopyright : Copyright © 2003
OriginalFilename : fssm32.exe
Comments : release
#:21 [sqlservr.exe]
FilePath : C:\Programme\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\
ProcessID : 1488
ThreadCreationTime : 10.01.2005 11:40:18
BasePriority : Normal
FileVersion : 2000.080.0818.00
ProductVersion : 8.00.818
ProductName : Microsoft SQL Server
CompanyName : Microsoft Corporation
FileDescription : SQL Server Windows NT
InternalName : SQLSERVR
LegalCopyright : © 1988-2003 Microsoft Corp. All rights reserved.
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation. Windows(TM) is a trademark of Microsoft Corporation
OriginalFilename : SQLSERVR.EXE
Comments : NT INTEL X86
#:22 [fch32.exe]
FilePath : C:\Programme\F-Secure Anti-Virus\Common\
ProcessID : 1568
ThreadCreationTime : 10.01.2005 11:40:18
BasePriority : Normal
FileVersion : 5.61.7670
ProductVersion : 5.61 Build 7670
ProductName : F-Secure Management Agent
CompanyName : F-Secure Corporation
FileDescription : F-Secure Configuration Handler
InternalName : FCH
LegalCopyright : Copyright © 1998-2004 F-Secure Corporation. All rights reserved.
LegalTrademarks : Windows (TM) is a trademark of Microsoft Corporation
OriginalFilename : FCH32.EXE
#:23 [winvnc.exe]
FilePath : C:\Programme\RealVNC\WinVNC\
ProcessID : 1680
ThreadCreationTime : 10.01.2005 11:40:19
BasePriority : Normal
FileVersion : 3, 3, 7, 0
ProductVersion : 3, 3, 7, 0
ProductName : RealVNC Ltd. - WinVNC
CompanyName : RealVNC Ltd.
FileDescription : VNC server for Win32
InternalName : WinVNC
LegalCopyright : Copyright RealVNC Ltd.© 2002-2003, AT&T Research Labs Cambridge© 1996-2001
LegalTrademarks : VNC
OriginalFilename : WinVNC.exe
#:24 [fameh32.exe]
FilePath : C:\Programme\F-Secure Anti-Virus\Common\
ProcessID : 1768
ThreadCreationTime : 10.01.2005 11:40:20
BasePriority : Normal
FileVersion : 5.61.7670
ProductVersion : 5.61 Build 7670
ProductName : F-Secure Management Agent
CompanyName : F-Secure Corporation
FileDescription : F-Secure Alert and Management Extension Handler
InternalName : FAMEH
LegalCopyright : Copyright © 1998-2004 F-Secure Corporation. All rights reserved.
LegalTrademarks : Windows (TM) is a trademark of Microsoft Corporation
OriginalFilename : FAMEH32.EXE
#:25 [fsdfwd.exe]
FilePath : C:\Programme\F-Secure Anti-Virus\FWES\Program\
ProcessID : 1992
ThreadCreationTime : 10.01.2005 11:40:22
BasePriority : Normal
FileVersion : 5.80.380
ProductVersion : 5.80 Build 380
ProductName : F-Secure Anti-Virus Internet Shield
CompanyName : F-Secure Corporation
FileDescription : F-Secure Anti-Virus Internet Shield daemon
InternalName : fsdfwd
LegalCopyright : Copyright (c) F-Secure Corporation 1997-2004
OriginalFilename : fsdfwd.exe
#:26 [alg.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 2012
ThreadCreationTime : 10.01.2005 11:40:22
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe
#:27 [fsav32.exe]
FilePath : C:\Programme\F-Secure Anti-Virus\Anti-Virus\
ProcessID : 1216
ThreadCreationTime : 10.01.2005 11:40:25
BasePriority : Normal
FileVersion : 5.53.10480
ProductVersion : 5.53.10480
ProductName : F-Secure Anti-Virus
CompanyName : F-Secure Corporation
FileDescription : FSAV Handler
InternalName : FSAV32
LegalCopyright : Copyright © 1998-2004, F-Secure Corporation
OriginalFilename : FSAV32.exe
#:28 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 2572
ThreadCreationTime : 10.01.2005 11:41:48
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Betriebssystem Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten.
OriginalFilename : EXPLORER.EXE
#:29 [hkcmd.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 2656
ThreadCreationTime : 10.01.2005 11:41:50
BasePriority : Normal
FileVersion : 3.0.0.2285
ProductVersion : 7.0.0.2285
ProductName : Intel(R) Common User Interface
CompanyName : Intel Corporation
FileDescription : hkcmd Module
InternalName : HKCMD
LegalCopyright : Copyright 1999-2003, Intel Corporation
OriginalFilename : HKCMD.EXE
#:30 [tfswctrl.exe]
FilePath : C:\WINDOWS\system32\dla\
ProcessID : 2688
ThreadCreationTime : 10.01.2005 11:41:50
BasePriority : Normal
FileVersion : 1.04.05b
CompanyName : Sonic Solutions
FileDescription : Drive Letter Access Component
LegalCopyright : Copyright © 2003 Sonic Solutions
#:31 [dsentry.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 2756
ThreadCreationTime : 10.01.2005 11:41:55
BasePriority : Normal
FileVersion : 1, 0, 5, 0
ProductVersion : 1, 0, 5, 0
ProductName : Dell - DVDSentry
CompanyName : Dell - Advanced Desktop Engineering
FileDescription : DVDSentry
InternalName : DVDSentry
LegalCopyright : Copyright © 2002 Dell
OriginalFilename : DSentry.exe
Comments : DVDSentry launches your software DVD player when a DVD is inserted.
#:32 [jusched.exe]
FilePath : C:\Programme\Java\j2re1.4.2_01\bin\
ProcessID : 2764
ThreadCreationTime : 10.01.2005 11:41:55
BasePriority : Normal
#:33 [toadimon.exe]
FilePath : C:\Programme\T-Online\T-Online_Software_5\Basis-Software\Basis1\
ProcessID : 2796
ThreadCreationTime : 10.01.2005 11:41:55
BasePriority : Normal
FileVersion : 2.14.10
ProductVersion : 2.00
ProductName : Marmiko IT-Solutions GmbH DialAssistent Component
CompanyName : Marmiko IT-Solutions GmbH
FileDescription : T-Online Verbindungsassistent
InternalName : ToADiMon
LegalCopyright : Copyright © Marmiko IT-Solutions GmbH 2000-2003, Copyright © T-Online International AG 2001-2003
OriginalFilename : ToADiMon.EXE
#:34 [e_s4i0s2.exe]
FilePath : C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\
ProcessID : 2840
ThreadCreationTime : 10.01.2005 11:41:56
BasePriority : Normal
FileVersion : 3.00
ProductVersion : 3.00
ProductName : EPSON Status Monitor 3
CompanyName : SEIKO EPSON CORPORATION
FileDescription : EPSON Status Monitor 3
InternalName : E_S4I0S2
LegalCopyright : Copyright (C) SEIKO EPSON CORP. 2003
OriginalFilename : E_S4I0S2.EXE
#:35 [fsm32.exe]
FilePath : C:\Programme\F-Secure Anti-Virus\Common\
ProcessID : 2848
ThreadCreationTime : 10.01.2005 11:41:56
BasePriority : Normal
FileVersion : 5.61.7670
ProductVersion : 5.61 Build 7670
ProductName : F-Secure Management Agent
CompanyName : F-Secure Corporation
FileDescription : F-Secure Settings and Statistics
InternalName : FSM
LegalCopyright : Copyright © 1998-2004 F-Secure Corporation. All rights reserved.
LegalTrademarks : Windows (TM) is a trademark of Microsoft Corporation
OriginalFilename : FSM32.EXE
#:36 [fsguiexe.exe]
FilePath : C:\Programme\F-Secure Anti-Virus\FSGUI\
ProcessID : 3020
ThreadCreationTime : 10.01.2005 11:42:05
BasePriority : Normal
FileVersion : 5, 70, 1221, 0
ProductVersion : 5, 0, 560, 0
ProductName : ISP 2005
FileDescription : gui standby component
InternalName : fsguiexe
LegalCopyright : Copyright (C) 2004
OriginalFilename : fsguiexe.exe
#:37 [fspex.exe]
FilePath : C:\Programme\F-Secure Anti-Virus\backweb\4476822\Program\
ProcessID : 3080
ThreadCreationTime : 10.01.2005 11:42:06
BasePriority : Normal
#:38 [iexplore.exe]
FilePath : C:\Programme\Internet Explorer\
ProcessID : 2000
ThreadCreationTime : 10.01.2005 14:01:51
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Betriebssystem Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten.
OriginalFilename : IEXPLORE.EXE
#:39 [ad-aware.exe]
FilePath : C:\Programme\Lavasoft\Ad-Aware SE Personal\
ProcessID : 1200
ThreadCreationTime : 10.01.2005 14:04:10
BasePriority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved
#:40 [iexplore.exe]
FilePath : C:\Programme\Internet Explorer\
ProcessID : 2772
ThreadCreationTime : 10.01.2005 14:04:19
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Betriebssystem Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten.
OriginalFilename : IEXPLORE.EXE
Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0
Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0
Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0
Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : ernst & reinhard@mediaplex[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:ernst & reinhard@mediaplex.com/
Expires : 22.06.2009 01:00:00
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : ernst & reinhard@doubleclick[1].txt
Category : Data Miner
Comment : Hits:5
Value : Cookie:ernst & reinhard@doubleclick.net/
Expires : 10.01.2008 10:44:42
LastSync : Hits:5
UseCount : 0
Hits : 5
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : ernst & reinhard@tribalfusion[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:ernst & reinhard@tribalfusion.com/
Expires : 01.01.2038 01:00:00
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : ernst & reinhard@versiontracker[2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:ernst & reinhard@versiontracker.com/
Expires : 10.01.2007 07:03:14
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : ernst & reinhard@adtech[2].txt
Category : Data Miner
Comment : Hits:4
Value : Cookie:ernst & reinhard@adtech.de/
Expires : 08.01.2015 15:03:10
LastSync : Hits:4
UseCount : 0
Hits : 4
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : ernst & reinhard@servedby.netshelter[1].txt
Category : Data Miner
Comment : Hits:5
Value : Cookie:ernst & reinhard@servedby.netshelter.net/
Expires : 29.06.2021 14:48:54
LastSync : Hits:5
UseCount : 0
Hits : 5
Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 6
Objects found so far: 6
Deep scanning and examining files...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Disk Scan Result for C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 6
Disk Scan Result for C:\WINDOWS\system32
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 6
Disk Scan Result for C:\DOKUME~1\ERNST&~1\LOKALE~1\Temp\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 6
Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
2 entries scanned.
New critical objects:0
Objects found so far: 6
MRU List Object Recognized!
Location: : S-1-5-21-1851632150-2986509648-2728063372-1008\software\microsoft\windows\currentversion\applets\paint\recent file list
Description : list of files recently opened using microsoft paint
MRU List Object Recognized!
Location: : S-1-5-21-1851632150-2986509648-2728063372-1008\software\microsoft\windows\currentversion\explorer\runmru
Description : mru list for items opened in start | run
MRU List Object Recognized!
Location: : S-1-5-21-1851632150-2986509648-2728063372-1008\software\microsoft\search assistant\acmru
Description : list of recent search terms used with the search assistant
MRU List Object Recognized!
Location: : S-1-5-21-1851632150-2986509648-2728063372-1008\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension
MRU List Object Recognized!
Location: : S-1-5-21-1851632150-2986509648-2728063372-1008\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened
MRU List Object Recognized!
Location: : S-1-5-21-1851632150-2986509648-2728063372-1008\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened
MRU List Object Recognized!
Location: : S-1-5-21-1851632150-2986509648-2728063372-1008\software\microsoft\office\11.0\powerpoint\recent file list
Description : list of recent files used by microsoft powerpoint
MRU List Object Recognized!
Location: : S-1-5-21-1851632150-2986509648-2728063372-1008\software\microsoft\office\11.0\word\recent templates
Description : list of recent templates used by microsoft word
MRU List Object Recognized!
Location: : S-1-5-21-1851632150-2986509648-2728063372-1008\software\microsoft\office\11.0\access\settings
Description : list of recently opened documents in microsoft access
MRU List Object Recognized!
Location: : S-1-5-21-1851632150-2986509648-2728063372-1008\software\microsoft\internet explorer
Description : last download directory used in microsoft internet explorer
MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw
MRU List Object Recognized!
Location: : S-1-5-21-1851632150-2986509648-2728063372-1008\software\microsoft\microsoft management console\recent file list
Description : list of recent snap-ins used in the microsoft management console
MRU List Object Recognized!
Location: : S-1-5-21-1851632150-2986509648-2728063372-1008\software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer
MRU List Object Recognized!
Location: : S-1-5-21-1851632150-2986509648-2728063372-1008\software\adobe\acrobat reader\6.0\avgeneral\crecentfiles
Description : list of recently used files in adobe reader
MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d
MRU List Object Recognized!
Location: : S-1-5-21-1851632150-2986509648-2728063372-1008\software\microsoft\windows\currentversion\applets\regedit
Description : last key accessed using the microsoft registry editor
MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows media\wmsdk\general
Description : windows media sdk
MRU List Object Recognized!
Location: : S-1-5-18\software\microsoft\windows media\wmsdk\general
Description : windows media sdk
MRU List Object Recognized!
Location: : S-1-5-21-1851632150-2986509648-2728063372-1008\software\microsoft\windows media\wmsdk\general
Description : windows media sdk
MRU List Object Recognized!
Location: : C:\Dokumente und Einstellungen\Ernst & Reinhard\recent
Description : list of recently opened documents
Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 27
15:07:22 Scan Complete
Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:02:42.687
Objects scanned:64357
Objects identified:6
Objects ignored:0
New critical objects:6
- mathea
- Beiträge: 7
- Registriert: 10.01.2005, 08:56
von Nikita am 10.01.2005, 16:33
TREND MICRO konnte zwischenzeitlich WORM_NETSKY.C auf Yellow Alert zurückstufen. Die ersten Infektionen waren aus den Vereinigten Staaten am 25.02.2004 um 9:25 (Pacafic Standard Time) gemeldet. Diese neue NETSKY Variante verbreitet sich über eMail (SMTP) und platziert auch Wurmkopien unter ansprechenden Dateinamen in Freigaben im Netzwerk. Die versendete eMail-Nachricht – mit einer Wurmkopie im Dateianhang – kann unterschiedlich aussehen. Bei aktuellem Systemdatum = 26.02.2004 und Systemzeit zwischen 6 Uhr und 9 Uhr generiert die Malware Piepstöne auf dem infizierten System. Die Malware ist speicher-resident und infiziert Windows 95, 98, ME, NT, 2000 und XP Systeme.
http://bilder.informationsarchiv.net/Nikitas_Tools/
Lade: SYS-UP.zip
entpacke und klicke: SysUp.exe (DOS oeffnet sich)
TrendMikro -->scan --> poste das Log
#Trend-Micro (Online)
http://de.trendmicro-europe.com/enterpr ... ll_pre.php
#McAfee FreeScan (Online)
www.mcafee.com/myapps/mfs/default.asp
#BitDefender Scan
www.bitdefender.com/scan/Msie/index.php
http://bilder.informationsarchiv.net/Nikitas_Tools/
Lade: SYS-UP.zip
entpacke und klicke: SysUp.exe (DOS oeffnet sich)
TrendMikro -->scan --> poste das Log
#Trend-Micro (Online)
http://de.trendmicro-europe.com/enterpr ... ll_pre.php
#McAfee FreeScan (Online)
www.mcafee.com/myapps/mfs/default.asp
#BitDefender Scan
www.bitdefender.com/scan/Msie/index.php
- Nikita
- Moderator
- Beiträge: 11478
- Registriert: 07.12.2003, 16:53
- Wohnort: Lissabon
von mathea am 12.01.2005, 16:50
Hallo Nikita
Habe nun nochmal die Sys-Up exe ausgeführt und poste hier nun den Bericht.
/--------------------------------------------------------------\
| Trend Micro Sysclean Package |
| Copyright 2002, Trend Micro, Inc. |
| http://www.trendmicro.com |
\--------------------------------------------------------------/
2005-01-12, 14:35:11, Running scanner "D:\DOKUME~1\ERNST&~1\EIGENE~1\DOWNLOAD\SYS-UP\TSC.BIN"...
2005-01-12, 14:38:02, Scanner "D:\DOKUME~1\ERNST&~1\EIGENE~1\DOWNLOAD\SYS-UP\TSC.BIN" has finished running.
2005-01-12, 14:38:02, TSC Log:
Damage Cleanup Engine (DCE) 3.8(Build 1019)
Windows XP(Build 2600: Service Pack 2)
Start time : Mi Jan 12 2005 14:35:12
Load Damage Cleanup Template (DCT) "D:\DOKUME~1\ERNST&~1\EIGENE~1\DOWNLOAD\SYS-UP\tsc.ptn" (version 481) [success]
Complete time : Mi Jan 12 2005 14:38:02
Execute pattern count(1694), Virus found count(0), Virus clean count(0), Clean failed count(0)
2005-01-12, 14:39:31, An error occurred while scanning file "C:\Dokumente und Einstellungen\Ernst & Reinhard\NTUSER.DAT": Zugriff verweigert
2005-01-12, 14:39:31, An error occurred while scanning file "C:\Dokumente und Einstellungen\Ernst & Reinhard\ntuser.dat.LOG": Zugriff verweigert
2005-01-12, 14:39:57, An error occurred while scanning file "C:\Dokumente und Einstellungen\Ernst & Reinhard\Lokale Einstellungen\Anwendungsdaten\Microsoft\Windows\UsrClass.dat": Zugriff verweigert
2005-01-12, 14:39:57, An error occurred while scanning file "C:\Dokumente und Einstellungen\Ernst & Reinhard\Lokale Einstellungen\Anwendungsdaten\Microsoft\Windows\UsrClass.dat.LOG": Zugriff verweigert
2005-01-12, 14:40:02, An error occurred while scanning file "C:\Dokumente und Einstellungen\Ernst & Reinhard\Lokale Einstellungen\Temp\~DF46B2.tmp": Zugriff verweigert
2005-01-12, 14:40:02, An error occurred while scanning file "C:\Dokumente und Einstellungen\Ernst & Reinhard\Lokale Einstellungen\Temp\~DFFF93.tmp": Zugriff verweigert
2005-01-12, 14:40:03, An error occurred while scanning file "C:\Dokumente und Einstellungen\Ernst & Reinhard\Lokale Einstellungen\Temp\~WRS0000.tmp": Zugriff verweigert
2005-01-12, 14:41:53, An error occurred while scanning file "C:\Dokumente und Einstellungen\LocalService\NTUSER.DAT": Zugriff verweigert
2005-01-12, 14:41:53, An error occurred while scanning file "C:\Dokumente und Einstellungen\LocalService\ntuser.dat.LOG": Zugriff verweigert
2005-01-12, 14:41:53, An error occurred while scanning file "C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Microsoft\Windows\UsrClass.dat": Zugriff verweigert
2005-01-12, 14:41:53, An error occurred while scanning file "C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Microsoft\Windows\UsrClass.dat.LOG": Zugriff verweigert
2005-01-12, 14:41:53, An error occurred while scanning file "C:\Dokumente und Einstellungen\NetworkService\NTUSER.DAT": Zugriff verweigert
2005-01-12, 14:41:53, An error occurred while scanning file "C:\Dokumente und Einstellungen\NetworkService\ntuser.dat.LOG": Zugriff verweigert
2005-01-12, 14:41:54, An error occurred while scanning file "C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\Microsoft\Windows\UsrClass.dat": Zugriff verweigert
2005-01-12, 14:41:54, An error occurred while scanning file "C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\Microsoft\Windows\UsrClass.dat.LOG": Zugriff verweigert
2005-01-12, 14:45:54, An error occurred while scanning file "C:\Programme\F-Secure Anti-Virus\backweb\4476822\Users\Default\Data\chandir.dat": Zugriff verweigert
2005-01-12, 14:45:54, An error occurred while scanning file "C:\Programme\F-Secure Anti-Virus\backweb\4476822\Users\Default\Data\chandir.idx": Zugriff verweigert
2005-01-12, 14:45:54, An error occurred while scanning file "C:\Programme\F-Secure Anti-Virus\backweb\4476822\Users\Default\Data\chn.dat": Zugriff verweigert
2005-01-12, 14:45:54, An error occurred while scanning file "C:\Programme\F-Secure Anti-Virus\backweb\4476822\Users\Default\Data\chn.idx": Zugriff verweigert
2005-01-12, 14:45:54, An error occurred while scanning file "C:\Programme\F-Secure Anti-Virus\backweb\4476822\Users\Default\Data\D0000000.FCS": Zugriff verweigert
2005-01-12, 14:45:54, An error occurred while scanning file "C:\Programme\F-Secure Anti-Virus\backweb\4476822\Users\Default\Data\L0000006.FCS": Zugriff verweigert
2005-01-12, 14:45:54, An error occurred while scanning file "C:\Programme\F-Secure Anti-Virus\backweb\4476822\Users\Default\Data\prs.dat": Zugriff verweigert
2005-01-12, 14:45:54, An error occurred while scanning file "C:\Programme\F-Secure Anti-Virus\backweb\4476822\Users\Default\Data\prs.idx": Zugriff verweigert
2005-01-12, 14:45:54, An error occurred while scanning file "C:\Programme\F-Secure Anti-Virus\backweb\4476822\Users\Default\Data\prs_die.dat": Zugriff verweigert
2005-01-12, 14:45:54, An error occurred while scanning file "C:\Programme\F-Secure Anti-Virus\backweb\4476822\Users\Default\Data\prs_die.idx": Zugriff verweigert
2005-01-12, 14:45:54, An error occurred while scanning file "C:\Programme\F-Secure Anti-Virus\backweb\4476822\Users\Default\Data\prs_dnd.dat": Zugriff verweigert
2005-01-12, 14:45:54, An error occurred while scanning file "C:\Programme\F-Secure Anti-Virus\backweb\4476822\Users\Default\Data\prs_dnd.idx": Zugriff verweigert
2005-01-12, 14:45:54, An error occurred while scanning file "C:\Programme\F-Secure Anti-Virus\backweb\4476822\Users\Default\Data\prs_ext.dat": Zugriff verweigert
2005-01-12, 14:45:54, An error occurred while scanning file "C:\Programme\F-Secure Anti-Virus\backweb\4476822\Users\Default\Data\prs_ext.idx": Zugriff verweigert
2005-01-12, 14:45:54, An error occurred while scanning file "C:\Programme\F-Secure Anti-Virus\backweb\4476822\Users\Default\Data\prs_rcv.dat": Zugriff verweigert
2005-01-12, 14:45:54, An error occurred while scanning file "C:\Programme\F-Secure Anti-Virus\backweb\4476822\Users\Default\Data\prs_rcv.idx": Zugriff verweigert
2005-01-12, 14:45:54, An error occurred while scanning file "C:\Programme\F-Secure Anti-Virus\backweb\4476822\Users\Default\Data\storydb.dat": Zugriff verweigert
2005-01-12, 14:45:54, An error occurred while scanning file "C:\Programme\F-Secure Anti-Virus\backweb\4476822\Users\Default\Data\storydb.idx": Zugriff verweigert
2005-01-12, 14:46:05, An error occurred while scanning file "C:\Programme\F-Secure Anti-Virus\Common\admin.pub": Zugriff verweigert
2005-01-12, 14:46:08, An error occurred while scanning file "C:\Programme\F-Secure Anti-Virus\Common\policy.ipf": Zugriff verweigert
2005-01-12, 14:46:09, Could not set file for reading on "C:\Programme\F-Secure Anti-Virus\Common\History\ha.bpf": Zugriff verweigert
2005-01-12, 14:46:09, Could not set file for reading on "C:\Programme\F-Secure Anti-Virus\Common\History\index.txt": Zugriff verweigert
2005-01-12, 14:49:31, An error occurred while scanning file "C:\Programme\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Data\master.mdf": Zugriff verweigert
2005-01-12, 14:49:31, An error occurred while scanning file "C:\Programme\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Data\mastlog.ldf": Zugriff verweigert
2005-01-12, 14:49:31, An error occurred while scanning file "C:\Programme\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Data\model.mdf": Zugriff verweigert
2005-01-12, 14:49:31, An error occurred while scanning file "C:\Programme\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Data\modellog.ldf": Zugriff verweigert
2005-01-12, 14:49:31, An error occurred while scanning file "C:\Programme\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Data\tempdb.mdf": Zugriff verweigert
2005-01-12, 14:49:31, An error occurred while scanning file "C:\Programme\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Data\templog.ldf": Zugriff verweigert
2005-01-12, 14:58:02, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB839645$\fldrclnr.dll": Zugriff verweigert
2005-01-12, 14:58:02, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB839645$\shell32.dll": Zugriff verweigert
2005-01-12, 14:58:02, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB839645$\shlwapi.dll": Zugriff verweigert
2005-01-12, 14:58:02, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB839645$\sxs.dll": Zugriff verweigert
2005-01-12, 14:58:02, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB839645$\xpsp2res.dll": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\ACRORD32.EXE-0E853F30.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\AD-AWARE.EXE-063A652A.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\ASPNET_REGIIS.EXE-0512C5C9.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\CAMEDIA MASTER.EXE-2ED61C03.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\CONTROL.EXE-24FBF8B3.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\CUSTSETUP.EXE-0E1E7A20.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\DBENG6.EXE-0F2770A7.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\DEFRAG.EXE-2858C7E2.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\DFRGNTFS.EXE-38C3807C.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\DLLHOST.EXE-12C512CE.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\DSENTRY.EXE-28A3C4CF.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\DUMPREP.EXE-0AF2BF67.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\EPIBSR30.EXE-14CEC57A.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\EXCEL.EXE-36C8C668.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\EXPLORER.EXE-02121B1A.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\E_DMSG00.EXE-212F07F5.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\E_DPPE03.EXE-033582C8.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\E_S10MT2.EXE-1480C3F8.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\E_S10RN2.EXE-25EB6618.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\E_S1T0A2.EXE-02A7A875.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\E_S4I0S2.EXE-2ABBC4CA.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\F-NETSKY.EXE-22829FC9.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\FIREFOX.EXE-28BE8AE1.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\FSAVAUI.EXE-18C383E2.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\FSAVGUI.EXE-0276210D.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\FSAVSTRT.EXE-08968499.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\FSBWIH.EXE-10EF6CBD.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\FSBWIH.EXE-17C3C31B.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\FSGUIEXE.EXE-3326D8E0.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\FSM32.EXE-3833B722.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\FSPEX.EXE-255C8D99.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\FSSM32.EXE-1AC84652.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\FSSW.EXE-31003946.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\GACUTIL.EXE-053ECDA4.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\HELPCTR.EXE-0BD5B31B.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\HELPHOST.EXE-30599D66.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\HELPSVC.EXE-1C192440.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\HIJACKTHIS.EXE-07CE32D5.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\HKCMD.EXE-0F06AE14.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\IEXPLORE.EXE-360BBB5C.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\IGFXTRAY.EXE-0A23D403.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\ILAUNCHR.EXE-0557F9C9.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\IMAPI.EXE-201490BB.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\I_VIEW32.EXE-3680CA15.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\JUSCHED.EXE-336AF117.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\KAVSS.EXE-0710F22B.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\KAVUPD.EXE-18017294.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\Layout.ini": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\LODCTR.EXE-03F34D45.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\LOGON.SCR-24ADF392.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\LOGONUI.EXE-312BE1BF.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\MRT.EXE-1B08FC96.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\MSDTC.EXE-1D9D8668.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\MSI904.TMP-1A797387.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\MSIEXEC.EXE-330626DC.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\MSMSGS.EXE-1D037CD3.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\MWAVSCAN.COM-284B2389.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\NDP1.1SP1-KB867460-X86.EXE-31A18519.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\NESYERF.EXE-2606606D.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\NETFXUPDATE.EXE-1E08356E.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\NGEN.EXE-0FE278E5.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\NOTEPAD.EXE-2DAE2DE6.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\NOTEPAD.EXE-2F2D61E1.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\NTVDM.EXE-0A81AB7B.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\PICTUREVIEWER.EXE-0B373F91.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\Q323759.EXE-210532CC.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\RECORDNOW.EXE-2B233780.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\REGSVCS.EXE-33F2D919.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\REGTLIB.EXE-218F5E95.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\RMSWEN.EXE-1A1C8BC5.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\RSTRUI.EXE-05C31B56.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\RUNDLL32.EXE-3AF57F08.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\RUNDLL32.EXE-3D540BCC.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\RUNDLL32.EXE-42823CEB.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\RUNDLL32.EXE-4FF9832D.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\RUNDLL32.EXE-5DE25CB4.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\RUNDLL32.EXE-68EA65EE.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\RUNDLL32.EXE-6E8D4657.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\RUNDLL32.EXE-722C418B.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\SETUP_WM.EXE-21CBB822.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\SFAUTOMAT.EXE-1827A76A.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\SFIRM32.EXE-0DDA61E1.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\SFONLINEUPDATE.EXE-1643FF9B.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\SFWINSTARTUPINFO.EXE-2AC7BCD0.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\SGTRAY.EXE-1C8CAC5C.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\SL826.TMP-1E424258.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\SOFFICE.EXE-37D6CABF.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\SYSCLEAN.COM-295D34A7.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\SYSCLEAN.EXE-007E9F6A.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\TASKMGR.EXE-06144C13.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\TFSWCTRL.EXE-2D67C816.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\THUNDERBIRD.EXE-2CB20E69.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\TNBUTIL.EXE-1388D5D1.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\TOADIMON.EXE-046E0C88.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\TSC.BIN-23BD3461.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\UNINSTALL.EXE-39E25AEA.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\UNREGMP2.EXE-0CFB0619.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\UPDATE.EXE-279D5FD1.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\UPDATE.EXE-29528CFE.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\USERINIT.EXE-0743FDA9.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\WGET.EXE-3A8B8BB3.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\WINDOWS-KB890830-ENU.EXE-32E855FC.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\WINRAR.EXE-1A0EFB18.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\WINVNC.EXE-0898C5A5.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\WINWORD.EXE-218A1AF8.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\WISPTIS.EXE-1AD43041.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\WMIADAP.EXE-32F99497.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\WMIPRVSE.EXE-0D449B4F.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\WMPLAYER.EXE-017735AB.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\WRAR342D.EXE-1EC58428.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\WUAUCLT.EXE-1360D60A.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\_HBKRNL.EXE-2716C706.pf": Zugriff verweigert
2005-01-12, 15:00:21, An error occurred while scanning file "C:\WINDOWS\SoftwareDistribution\EventCache\{00692B7B-417E-435E-A353-FF3516983445}.bin": Zugriff verweigert
2005-01-12, 15:00:21, An error occurred while scanning file "C:\WINDOWS\SoftwareDistribution\EventCache\{1747BCBA-1129-4B62-8295-89C71FE8DD60}.bin": Zugriff verweigert
2005-01-12, 15:02:13, An error occurred while scanning file "C:\WINDOWS\SYSTEM32\CatRoot2\edb.log": Zugriff verweigert
2005-01-12, 15:02:13, An error occurred while scanning file "C:\WINDOWS\SYSTEM32\CatRoot2\tmp.edb": Zugriff verweigert
2005-01-12, 15:02:14, An error occurred while scanning file "C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT": Zugriff verweigert
2005-01-12, 15:02:14, An error occurred while scanning file "C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT.LOG": Zugriff verweigert
2005-01-12, 15:02:14, An error occurred while scanning file "C:\WINDOWS\SYSTEM32\CONFIG\SAM": Zugriff verweigert
2005-01-12, 15:02:14, An error occurred while scanning file "C:\WINDOWS\SYSTEM32\CONFIG\SAM.LOG": Zugriff verweigert
2005-01-12, 15:02:14, An error occurred while scanning file "C:\WINDOWS\SYSTEM32\CONFIG\SECURITY": Zugriff verweigert
2005-01-12, 15:02:14, An error occurred while scanning file "C:\WINDOWS\SYSTEM32\CONFIG\SECURITY.LOG": Zugriff verweigert
2005-01-12, 15:02:14, An error occurred while scanning file "C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE": Zugriff verweigert
2005-01-12, 15:02:14, An error occurred while scanning file "C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE.LOG": Zugriff verweigert
2005-01-12, 15:02:14, An error occurred while scanning file "C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM": Zugriff verweigert
2005-01-12, 15:02:14, An error occurred while scanning file "C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM.LOG": Zugriff verweigert
2005-01-12, 15:02:47, An error occurred while scanning file "C:\WINDOWS\SYSTEM32\SPOOL\PRINTERS\FP00017.SHD": Zugriff verweigert
2005-01-12, 15:02:54, An error occurred while scanning file "C:\WINDOWS\Temp\Perflib_Perfdata_598.dat": Zugriff verweigert
2005-01-12, 15:02:58, Running scanner "D:\DOKUME~1\ERNST&~1\EIGENE~1\DOWNLOAD\SYS-UP\VSCANTM.BIN"...
2005-01-12, 15:25:36, Files Detected:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 1/12/2005 15:02:59
VSAPI Engine Version : 7.000-1004
VSCANTM Version : 1.1-1001
Virus Pattern Version : 343 (85264 Patterns) (2005/01/11) (234300)
Command Line: D:\DOKUME~1\ERNST&~1\EIGENE~1\DOWNLOAD\SYS-UP\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB C:\*.* /P=D:\DOKUME~1\ERNST&~1\EIGENE~1\DOWNLOAD\SYS-UP
63374 files have been read.
63374 files have been checked.
50124 files have been scanned.
154099 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 1/12/2005 15:25:36
---------*---------*---------*---------*---------*---------*---------*---------*
2005-01-12, 15:25:36, Files Clean:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 1/12/2005 15:02:59
VSAPI Engine Version : 7.000-1004
VSCANTM Version : 1.1-1001
Virus Pattern Version : 343 (85264 Patterns) (2005/01/11) (234300)
Command Line: D:\DOKUME~1\ERNST&~1\EIGENE~1\DOWNLOAD\SYS-UP\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB C:\*.* /P=D:\DOKUME~1\ERNST&~1\EIGENE~1\DOWNLOAD\SYS-UP
63374 files have been read.
63374 files have been checked.
50124 files have been scanned.
154099 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 1/12/2005 15:25:36 22 minutes 37 seconds (1357.19 seconds) has elapsed.
---------*---------*---------*---------*---------*---------*---------*---------*
2005-01-12, 15:25:36, Clean Fail:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 1/12/2005 15:02:59
VSAPI Engine Version : 7.000-1004
VSCANTM Version : 1.1-1001
Virus Pattern Version : 343 (85264 Patterns) (2005/01/11) (234300)
Command Line: D:\DOKUME~1\ERNST&~1\EIGENE~1\DOWNLOAD\SYS-UP\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB C:\*.* /P=D:\DOKUME~1\ERNST&~1\EIGENE~1\DOWNLOAD\SYS-UP
63374 files have been read.
63374 files have been checked.
50124 files have been scanned.
154099 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 1/12/2005 15:25:36 22 minutes 37 seconds (1357.19 seconds) has elapsed.
---------*---------*---------*---------*---------*---------*---------*---------*
2005-01-12, 15:25:36, Scanner "D:\DOKUME~1\ERNST&~1\EIGENE~1\DOWNLOAD\SYS-UP\VSCANTM.BIN" has finished running.
2005-01-12, 15:26:58, An error was detected on "D:\System Volume Information\*.*": Zugriff verweigert
2005-01-12, 15:26:58, Running scanner "D:\DOKUME~1\ERNST&~1\EIGENE~1\DOWNLOAD\SYS-UP\VSCANTM.BIN"...
2005-01-12, 15:27:40, Files Detected:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 1/12/2005 15:26:59
VSAPI Engine Version : 7.000-1004
VSCANTM Version : 1.1-1001
Virus Pattern Version : 343 (85264 Patterns) (2005/01/11) (234300)
Command Line: D:\DOKUME~1\ERNST&~1\EIGENE~1\DOWNLOAD\SYS-UP\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB D:\*.* /P=D:\DOKUME~1\ERNST&~1\EIGENE~1\DOWNLOAD\SYS-UP
3706 files have been read.
3706 files have been checked.
3643 files have been scanned.
4017 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 1/12/2005 15:27:40
---------*---------*---------*---------*---------*---------*---------*---------*
2005-01-12, 15:27:40, Files Clean:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 1/12/2005 15:26:59
VSAPI Engine Version : 7.000-1004
VSCANTM Version : 1.1-1001
Virus Pattern Version : 343 (85264 Patterns) (2005/01/11) (234300)
Command Line: D:\DOKUME~1\ERNST&~1\EIGENE~1\DOWNLOAD\SYS-UP\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB D:\*.* /P=D:\DOKUME~1\ERNST&~1\EIGENE~1\DOWNLOAD\SYS-UP
3706 files have been read.
3706 files have been checked.
3643 files have been scanned.
4017 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 1/12/2005 15:27:40 40 seconds (40.42 seconds) has elapsed.
---------*---------*---------*---------*---------*---------*---------*---------*
2005-01-12, 15:27:40, Clean Fail:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 1/12/2005 15:26:59
VSAPI Engine Version : 7.000-1004
VSCANTM Version : 1.1-1001
Virus Pattern Version : 343 (85264 Patterns) (2005/01/11) (234300)
Command Line: D:\DOKUME~1\ERNST&~1\EIGENE~1\DOWNLOAD\SYS-UP\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB D:\*.* /P=D:\DOKUME~1\ERNST&~1\EIGENE~1\DOWNLOAD\SYS-UP
3706 files have been read.
3706 files have been checked.
3643 files have been scanned.
4017 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 1/12/2005 15:27:40 40 seconds (40.42 seconds) has elapsed.
---------*---------*---------*---------*---------*---------*---------*---------*
2005-01-12, 15:27:40, Scanner "D:\DOKUME~1\ERNST&~1\EIGENE~1\DOWNLOAD\SYS-UP\VSCANTM.BIN" has finished running.
Ein wenig wundern tu ich mich über diese ganzen verweigerten Zugriffe.
Na du kannst mir sicher weiterhelfen.
Greetz Mathea
Habe nun nochmal die Sys-Up exe ausgeführt und poste hier nun den Bericht.
/--------------------------------------------------------------\
| Trend Micro Sysclean Package |
| Copyright 2002, Trend Micro, Inc. |
| http://www.trendmicro.com |
\--------------------------------------------------------------/
2005-01-12, 14:35:11, Running scanner "D:\DOKUME~1\ERNST&~1\EIGENE~1\DOWNLOAD\SYS-UP\TSC.BIN"...
2005-01-12, 14:38:02, Scanner "D:\DOKUME~1\ERNST&~1\EIGENE~1\DOWNLOAD\SYS-UP\TSC.BIN" has finished running.
2005-01-12, 14:38:02, TSC Log:
Damage Cleanup Engine (DCE) 3.8(Build 1019)
Windows XP(Build 2600: Service Pack 2)
Start time : Mi Jan 12 2005 14:35:12
Load Damage Cleanup Template (DCT) "D:\DOKUME~1\ERNST&~1\EIGENE~1\DOWNLOAD\SYS-UP\tsc.ptn" (version 481) [success]
Complete time : Mi Jan 12 2005 14:38:02
Execute pattern count(1694), Virus found count(0), Virus clean count(0), Clean failed count(0)
2005-01-12, 14:39:31, An error occurred while scanning file "C:\Dokumente und Einstellungen\Ernst & Reinhard\NTUSER.DAT": Zugriff verweigert
2005-01-12, 14:39:31, An error occurred while scanning file "C:\Dokumente und Einstellungen\Ernst & Reinhard\ntuser.dat.LOG": Zugriff verweigert
2005-01-12, 14:39:57, An error occurred while scanning file "C:\Dokumente und Einstellungen\Ernst & Reinhard\Lokale Einstellungen\Anwendungsdaten\Microsoft\Windows\UsrClass.dat": Zugriff verweigert
2005-01-12, 14:39:57, An error occurred while scanning file "C:\Dokumente und Einstellungen\Ernst & Reinhard\Lokale Einstellungen\Anwendungsdaten\Microsoft\Windows\UsrClass.dat.LOG": Zugriff verweigert
2005-01-12, 14:40:02, An error occurred while scanning file "C:\Dokumente und Einstellungen\Ernst & Reinhard\Lokale Einstellungen\Temp\~DF46B2.tmp": Zugriff verweigert
2005-01-12, 14:40:02, An error occurred while scanning file "C:\Dokumente und Einstellungen\Ernst & Reinhard\Lokale Einstellungen\Temp\~DFFF93.tmp": Zugriff verweigert
2005-01-12, 14:40:03, An error occurred while scanning file "C:\Dokumente und Einstellungen\Ernst & Reinhard\Lokale Einstellungen\Temp\~WRS0000.tmp": Zugriff verweigert
2005-01-12, 14:41:53, An error occurred while scanning file "C:\Dokumente und Einstellungen\LocalService\NTUSER.DAT": Zugriff verweigert
2005-01-12, 14:41:53, An error occurred while scanning file "C:\Dokumente und Einstellungen\LocalService\ntuser.dat.LOG": Zugriff verweigert
2005-01-12, 14:41:53, An error occurred while scanning file "C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Microsoft\Windows\UsrClass.dat": Zugriff verweigert
2005-01-12, 14:41:53, An error occurred while scanning file "C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Microsoft\Windows\UsrClass.dat.LOG": Zugriff verweigert
2005-01-12, 14:41:53, An error occurred while scanning file "C:\Dokumente und Einstellungen\NetworkService\NTUSER.DAT": Zugriff verweigert
2005-01-12, 14:41:53, An error occurred while scanning file "C:\Dokumente und Einstellungen\NetworkService\ntuser.dat.LOG": Zugriff verweigert
2005-01-12, 14:41:54, An error occurred while scanning file "C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\Microsoft\Windows\UsrClass.dat": Zugriff verweigert
2005-01-12, 14:41:54, An error occurred while scanning file "C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\Microsoft\Windows\UsrClass.dat.LOG": Zugriff verweigert
2005-01-12, 14:45:54, An error occurred while scanning file "C:\Programme\F-Secure Anti-Virus\backweb\4476822\Users\Default\Data\chandir.dat": Zugriff verweigert
2005-01-12, 14:45:54, An error occurred while scanning file "C:\Programme\F-Secure Anti-Virus\backweb\4476822\Users\Default\Data\chandir.idx": Zugriff verweigert
2005-01-12, 14:45:54, An error occurred while scanning file "C:\Programme\F-Secure Anti-Virus\backweb\4476822\Users\Default\Data\chn.dat": Zugriff verweigert
2005-01-12, 14:45:54, An error occurred while scanning file "C:\Programme\F-Secure Anti-Virus\backweb\4476822\Users\Default\Data\chn.idx": Zugriff verweigert
2005-01-12, 14:45:54, An error occurred while scanning file "C:\Programme\F-Secure Anti-Virus\backweb\4476822\Users\Default\Data\D0000000.FCS": Zugriff verweigert
2005-01-12, 14:45:54, An error occurred while scanning file "C:\Programme\F-Secure Anti-Virus\backweb\4476822\Users\Default\Data\L0000006.FCS": Zugriff verweigert
2005-01-12, 14:45:54, An error occurred while scanning file "C:\Programme\F-Secure Anti-Virus\backweb\4476822\Users\Default\Data\prs.dat": Zugriff verweigert
2005-01-12, 14:45:54, An error occurred while scanning file "C:\Programme\F-Secure Anti-Virus\backweb\4476822\Users\Default\Data\prs.idx": Zugriff verweigert
2005-01-12, 14:45:54, An error occurred while scanning file "C:\Programme\F-Secure Anti-Virus\backweb\4476822\Users\Default\Data\prs_die.dat": Zugriff verweigert
2005-01-12, 14:45:54, An error occurred while scanning file "C:\Programme\F-Secure Anti-Virus\backweb\4476822\Users\Default\Data\prs_die.idx": Zugriff verweigert
2005-01-12, 14:45:54, An error occurred while scanning file "C:\Programme\F-Secure Anti-Virus\backweb\4476822\Users\Default\Data\prs_dnd.dat": Zugriff verweigert
2005-01-12, 14:45:54, An error occurred while scanning file "C:\Programme\F-Secure Anti-Virus\backweb\4476822\Users\Default\Data\prs_dnd.idx": Zugriff verweigert
2005-01-12, 14:45:54, An error occurred while scanning file "C:\Programme\F-Secure Anti-Virus\backweb\4476822\Users\Default\Data\prs_ext.dat": Zugriff verweigert
2005-01-12, 14:45:54, An error occurred while scanning file "C:\Programme\F-Secure Anti-Virus\backweb\4476822\Users\Default\Data\prs_ext.idx": Zugriff verweigert
2005-01-12, 14:45:54, An error occurred while scanning file "C:\Programme\F-Secure Anti-Virus\backweb\4476822\Users\Default\Data\prs_rcv.dat": Zugriff verweigert
2005-01-12, 14:45:54, An error occurred while scanning file "C:\Programme\F-Secure Anti-Virus\backweb\4476822\Users\Default\Data\prs_rcv.idx": Zugriff verweigert
2005-01-12, 14:45:54, An error occurred while scanning file "C:\Programme\F-Secure Anti-Virus\backweb\4476822\Users\Default\Data\storydb.dat": Zugriff verweigert
2005-01-12, 14:45:54, An error occurred while scanning file "C:\Programme\F-Secure Anti-Virus\backweb\4476822\Users\Default\Data\storydb.idx": Zugriff verweigert
2005-01-12, 14:46:05, An error occurred while scanning file "C:\Programme\F-Secure Anti-Virus\Common\admin.pub": Zugriff verweigert
2005-01-12, 14:46:08, An error occurred while scanning file "C:\Programme\F-Secure Anti-Virus\Common\policy.ipf": Zugriff verweigert
2005-01-12, 14:46:09, Could not set file for reading on "C:\Programme\F-Secure Anti-Virus\Common\History\ha.bpf": Zugriff verweigert
2005-01-12, 14:46:09, Could not set file for reading on "C:\Programme\F-Secure Anti-Virus\Common\History\index.txt": Zugriff verweigert
2005-01-12, 14:49:31, An error occurred while scanning file "C:\Programme\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Data\master.mdf": Zugriff verweigert
2005-01-12, 14:49:31, An error occurred while scanning file "C:\Programme\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Data\mastlog.ldf": Zugriff verweigert
2005-01-12, 14:49:31, An error occurred while scanning file "C:\Programme\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Data\model.mdf": Zugriff verweigert
2005-01-12, 14:49:31, An error occurred while scanning file "C:\Programme\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Data\modellog.ldf": Zugriff verweigert
2005-01-12, 14:49:31, An error occurred while scanning file "C:\Programme\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Data\tempdb.mdf": Zugriff verweigert
2005-01-12, 14:49:31, An error occurred while scanning file "C:\Programme\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Data\templog.ldf": Zugriff verweigert
2005-01-12, 14:58:02, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB839645$\fldrclnr.dll": Zugriff verweigert
2005-01-12, 14:58:02, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB839645$\shell32.dll": Zugriff verweigert
2005-01-12, 14:58:02, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB839645$\shlwapi.dll": Zugriff verweigert
2005-01-12, 14:58:02, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB839645$\sxs.dll": Zugriff verweigert
2005-01-12, 14:58:02, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB839645$\xpsp2res.dll": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\ACRORD32.EXE-0E853F30.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\AD-AWARE.EXE-063A652A.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\ASPNET_REGIIS.EXE-0512C5C9.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\CAMEDIA MASTER.EXE-2ED61C03.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\CONTROL.EXE-24FBF8B3.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\CUSTSETUP.EXE-0E1E7A20.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\DBENG6.EXE-0F2770A7.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\DEFRAG.EXE-2858C7E2.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\DFRGNTFS.EXE-38C3807C.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\DLLHOST.EXE-12C512CE.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\DSENTRY.EXE-28A3C4CF.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\DUMPREP.EXE-0AF2BF67.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\EPIBSR30.EXE-14CEC57A.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\EXCEL.EXE-36C8C668.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\EXPLORER.EXE-02121B1A.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\E_DMSG00.EXE-212F07F5.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\E_DPPE03.EXE-033582C8.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\E_S10MT2.EXE-1480C3F8.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\E_S10RN2.EXE-25EB6618.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\E_S1T0A2.EXE-02A7A875.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\E_S4I0S2.EXE-2ABBC4CA.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\F-NETSKY.EXE-22829FC9.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\FIREFOX.EXE-28BE8AE1.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\FSAVAUI.EXE-18C383E2.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\FSAVGUI.EXE-0276210D.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\FSAVSTRT.EXE-08968499.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\FSBWIH.EXE-10EF6CBD.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\FSBWIH.EXE-17C3C31B.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\FSGUIEXE.EXE-3326D8E0.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\FSM32.EXE-3833B722.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\FSPEX.EXE-255C8D99.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\FSSM32.EXE-1AC84652.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\FSSW.EXE-31003946.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\GACUTIL.EXE-053ECDA4.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\HELPCTR.EXE-0BD5B31B.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\HELPHOST.EXE-30599D66.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\HELPSVC.EXE-1C192440.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\HIJACKTHIS.EXE-07CE32D5.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\HKCMD.EXE-0F06AE14.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\IEXPLORE.EXE-360BBB5C.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\IGFXTRAY.EXE-0A23D403.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\ILAUNCHR.EXE-0557F9C9.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\IMAPI.EXE-201490BB.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\I_VIEW32.EXE-3680CA15.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\JUSCHED.EXE-336AF117.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\KAVSS.EXE-0710F22B.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\KAVUPD.EXE-18017294.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\Layout.ini": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\LODCTR.EXE-03F34D45.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\LOGON.SCR-24ADF392.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\LOGONUI.EXE-312BE1BF.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\MRT.EXE-1B08FC96.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\MSDTC.EXE-1D9D8668.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\MSI904.TMP-1A797387.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\MSIEXEC.EXE-330626DC.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\MSMSGS.EXE-1D037CD3.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\MWAVSCAN.COM-284B2389.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\NDP1.1SP1-KB867460-X86.EXE-31A18519.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\NESYERF.EXE-2606606D.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\NETFXUPDATE.EXE-1E08356E.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\NGEN.EXE-0FE278E5.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\NOTEPAD.EXE-2DAE2DE6.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\NOTEPAD.EXE-2F2D61E1.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\NTVDM.EXE-0A81AB7B.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\PICTUREVIEWER.EXE-0B373F91.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\Q323759.EXE-210532CC.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\RECORDNOW.EXE-2B233780.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\REGSVCS.EXE-33F2D919.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\REGTLIB.EXE-218F5E95.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\RMSWEN.EXE-1A1C8BC5.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\RSTRUI.EXE-05C31B56.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\RUNDLL32.EXE-3AF57F08.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\RUNDLL32.EXE-3D540BCC.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\RUNDLL32.EXE-42823CEB.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\RUNDLL32.EXE-4FF9832D.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\RUNDLL32.EXE-5DE25CB4.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\RUNDLL32.EXE-68EA65EE.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\RUNDLL32.EXE-6E8D4657.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\RUNDLL32.EXE-722C418B.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\SETUP_WM.EXE-21CBB822.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\SFAUTOMAT.EXE-1827A76A.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\SFIRM32.EXE-0DDA61E1.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\SFONLINEUPDATE.EXE-1643FF9B.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\SFWINSTARTUPINFO.EXE-2AC7BCD0.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\SGTRAY.EXE-1C8CAC5C.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\SL826.TMP-1E424258.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\SOFFICE.EXE-37D6CABF.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\SYSCLEAN.COM-295D34A7.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\SYSCLEAN.EXE-007E9F6A.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\TASKMGR.EXE-06144C13.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\TFSWCTRL.EXE-2D67C816.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\THUNDERBIRD.EXE-2CB20E69.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\TNBUTIL.EXE-1388D5D1.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\TOADIMON.EXE-046E0C88.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\TSC.BIN-23BD3461.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\UNINSTALL.EXE-39E25AEA.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\UNREGMP2.EXE-0CFB0619.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\UPDATE.EXE-279D5FD1.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\UPDATE.EXE-29528CFE.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\USERINIT.EXE-0743FDA9.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\WGET.EXE-3A8B8BB3.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\WINDOWS-KB890830-ENU.EXE-32E855FC.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\WINRAR.EXE-1A0EFB18.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\WINVNC.EXE-0898C5A5.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\WINWORD.EXE-218A1AF8.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\WISPTIS.EXE-1AD43041.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\WMIADAP.EXE-32F99497.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\WMIPRVSE.EXE-0D449B4F.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\WMPLAYER.EXE-017735AB.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\WRAR342D.EXE-1EC58428.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\WUAUCLT.EXE-1360D60A.pf": Zugriff verweigert
2005-01-12, 14:59:59, Could not set file for reading on "C:\WINDOWS\Prefetch\_HBKRNL.EXE-2716C706.pf": Zugriff verweigert
2005-01-12, 15:00:21, An error occurred while scanning file "C:\WINDOWS\SoftwareDistribution\EventCache\{00692B7B-417E-435E-A353-FF3516983445}.bin": Zugriff verweigert
2005-01-12, 15:00:21, An error occurred while scanning file "C:\WINDOWS\SoftwareDistribution\EventCache\{1747BCBA-1129-4B62-8295-89C71FE8DD60}.bin": Zugriff verweigert
2005-01-12, 15:02:13, An error occurred while scanning file "C:\WINDOWS\SYSTEM32\CatRoot2\edb.log": Zugriff verweigert
2005-01-12, 15:02:13, An error occurred while scanning file "C:\WINDOWS\SYSTEM32\CatRoot2\tmp.edb": Zugriff verweigert
2005-01-12, 15:02:14, An error occurred while scanning file "C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT": Zugriff verweigert
2005-01-12, 15:02:14, An error occurred while scanning file "C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT.LOG": Zugriff verweigert
2005-01-12, 15:02:14, An error occurred while scanning file "C:\WINDOWS\SYSTEM32\CONFIG\SAM": Zugriff verweigert
2005-01-12, 15:02:14, An error occurred while scanning file "C:\WINDOWS\SYSTEM32\CONFIG\SAM.LOG": Zugriff verweigert
2005-01-12, 15:02:14, An error occurred while scanning file "C:\WINDOWS\SYSTEM32\CONFIG\SECURITY": Zugriff verweigert
2005-01-12, 15:02:14, An error occurred while scanning file "C:\WINDOWS\SYSTEM32\CONFIG\SECURITY.LOG": Zugriff verweigert
2005-01-12, 15:02:14, An error occurred while scanning file "C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE": Zugriff verweigert
2005-01-12, 15:02:14, An error occurred while scanning file "C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE.LOG": Zugriff verweigert
2005-01-12, 15:02:14, An error occurred while scanning file "C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM": Zugriff verweigert
2005-01-12, 15:02:14, An error occurred while scanning file "C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM.LOG": Zugriff verweigert
2005-01-12, 15:02:47, An error occurred while scanning file "C:\WINDOWS\SYSTEM32\SPOOL\PRINTERS\FP00017.SHD": Zugriff verweigert
2005-01-12, 15:02:54, An error occurred while scanning file "C:\WINDOWS\Temp\Perflib_Perfdata_598.dat": Zugriff verweigert
2005-01-12, 15:02:58, Running scanner "D:\DOKUME~1\ERNST&~1\EIGENE~1\DOWNLOAD\SYS-UP\VSCANTM.BIN"...
2005-01-12, 15:25:36, Files Detected:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 1/12/2005 15:02:59
VSAPI Engine Version : 7.000-1004
VSCANTM Version : 1.1-1001
Virus Pattern Version : 343 (85264 Patterns) (2005/01/11) (234300)
Command Line: D:\DOKUME~1\ERNST&~1\EIGENE~1\DOWNLOAD\SYS-UP\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB C:\*.* /P=D:\DOKUME~1\ERNST&~1\EIGENE~1\DOWNLOAD\SYS-UP
63374 files have been read.
63374 files have been checked.
50124 files have been scanned.
154099 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 1/12/2005 15:25:36
---------*---------*---------*---------*---------*---------*---------*---------*
2005-01-12, 15:25:36, Files Clean:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 1/12/2005 15:02:59
VSAPI Engine Version : 7.000-1004
VSCANTM Version : 1.1-1001
Virus Pattern Version : 343 (85264 Patterns) (2005/01/11) (234300)
Command Line: D:\DOKUME~1\ERNST&~1\EIGENE~1\DOWNLOAD\SYS-UP\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB C:\*.* /P=D:\DOKUME~1\ERNST&~1\EIGENE~1\DOWNLOAD\SYS-UP
63374 files have been read.
63374 files have been checked.
50124 files have been scanned.
154099 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 1/12/2005 15:25:36 22 minutes 37 seconds (1357.19 seconds) has elapsed.
---------*---------*---------*---------*---------*---------*---------*---------*
2005-01-12, 15:25:36, Clean Fail:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 1/12/2005 15:02:59
VSAPI Engine Version : 7.000-1004
VSCANTM Version : 1.1-1001
Virus Pattern Version : 343 (85264 Patterns) (2005/01/11) (234300)
Command Line: D:\DOKUME~1\ERNST&~1\EIGENE~1\DOWNLOAD\SYS-UP\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB C:\*.* /P=D:\DOKUME~1\ERNST&~1\EIGENE~1\DOWNLOAD\SYS-UP
63374 files have been read.
63374 files have been checked.
50124 files have been scanned.
154099 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 1/12/2005 15:25:36 22 minutes 37 seconds (1357.19 seconds) has elapsed.
---------*---------*---------*---------*---------*---------*---------*---------*
2005-01-12, 15:25:36, Scanner "D:\DOKUME~1\ERNST&~1\EIGENE~1\DOWNLOAD\SYS-UP\VSCANTM.BIN" has finished running.
2005-01-12, 15:26:58, An error was detected on "D:\System Volume Information\*.*": Zugriff verweigert
2005-01-12, 15:26:58, Running scanner "D:\DOKUME~1\ERNST&~1\EIGENE~1\DOWNLOAD\SYS-UP\VSCANTM.BIN"...
2005-01-12, 15:27:40, Files Detected:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 1/12/2005 15:26:59
VSAPI Engine Version : 7.000-1004
VSCANTM Version : 1.1-1001
Virus Pattern Version : 343 (85264 Patterns) (2005/01/11) (234300)
Command Line: D:\DOKUME~1\ERNST&~1\EIGENE~1\DOWNLOAD\SYS-UP\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB D:\*.* /P=D:\DOKUME~1\ERNST&~1\EIGENE~1\DOWNLOAD\SYS-UP
3706 files have been read.
3706 files have been checked.
3643 files have been scanned.
4017 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 1/12/2005 15:27:40
---------*---------*---------*---------*---------*---------*---------*---------*
2005-01-12, 15:27:40, Files Clean:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 1/12/2005 15:26:59
VSAPI Engine Version : 7.000-1004
VSCANTM Version : 1.1-1001
Virus Pattern Version : 343 (85264 Patterns) (2005/01/11) (234300)
Command Line: D:\DOKUME~1\ERNST&~1\EIGENE~1\DOWNLOAD\SYS-UP\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB D:\*.* /P=D:\DOKUME~1\ERNST&~1\EIGENE~1\DOWNLOAD\SYS-UP
3706 files have been read.
3706 files have been checked.
3643 files have been scanned.
4017 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 1/12/2005 15:27:40 40 seconds (40.42 seconds) has elapsed.
---------*---------*---------*---------*---------*---------*---------*---------*
2005-01-12, 15:27:40, Clean Fail:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 1/12/2005 15:26:59
VSAPI Engine Version : 7.000-1004
VSCANTM Version : 1.1-1001
Virus Pattern Version : 343 (85264 Patterns) (2005/01/11) (234300)
Command Line: D:\DOKUME~1\ERNST&~1\EIGENE~1\DOWNLOAD\SYS-UP\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB D:\*.* /P=D:\DOKUME~1\ERNST&~1\EIGENE~1\DOWNLOAD\SYS-UP
3706 files have been read.
3706 files have been checked.
3643 files have been scanned.
4017 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 1/12/2005 15:27:40 40 seconds (40.42 seconds) has elapsed.
---------*---------*---------*---------*---------*---------*---------*---------*
2005-01-12, 15:27:40, Scanner "D:\DOKUME~1\ERNST&~1\EIGENE~1\DOWNLOAD\SYS-UP\VSCANTM.BIN" has finished running.
Ein wenig wundern tu ich mich über diese ganzen verweigerten Zugriffe.
Na du kannst mir sicher weiterhelfen.
Greetz Mathea
- mathea
- Beiträge: 7
- Registriert: 10.01.2005, 08:56
und berichtevon mathea am 13.01.2005, 17:35
Hallo Nikita 
ich habe nun auch noch die OnlineScans durchgeführt, wobei sich der BitDefender nicht ausführen liess. Ich bekomme da immer nur diese Meldung:
Failed to load interface -- You must have administrative rights on this computer; you also must have the Internet Explorer security settings to the Medium level.
Und das obwohl ich Administrator bin und auch über Medium Internet Sicherheit verfüge...
So nun zu den anderen Beiden also TrendMikro hat nichts gefunden, McAfee hat in meiner Mailinbox von Thunderbird einen Virus gefunden mit der Bezeichnung Exploit-MIME.gen.exe.
Habe dadrunter natürlich mal gegoogeld, werde aber aus den Beschreibungen nicht schlau, da es sich wohl um einen Überbegriff für Mailviren handelt!?
Für jede weitere Hilfe wäre ich dankbar
Greetz Mathea
ich habe nun auch noch die OnlineScans durchgeführt, wobei sich der BitDefender nicht ausführen liess. Ich bekomme da immer nur diese Meldung:
Failed to load interface -- You must have administrative rights on this computer; you also must have the Internet Explorer security settings to the Medium level.
Und das obwohl ich Administrator bin und auch über Medium Internet Sicherheit verfüge...
So nun zu den anderen Beiden also TrendMikro hat nichts gefunden, McAfee hat in meiner Mailinbox von Thunderbird einen Virus gefunden mit der Bezeichnung Exploit-MIME.gen.exe.
Habe dadrunter natürlich mal gegoogeld, werde aber aus den Beschreibungen nicht schlau, da es sich wohl um einen Überbegriff für Mailviren handelt!?
Für jede weitere Hilfe wäre ich dankbar
Greetz Mathea
- mathea
- Beiträge: 7
- Registriert: 10.01.2005, 08:56
von Nikita am 13.01.2005, 18:30
Exploit-MIME.gen
http://vil.nai.com/vil/content/v_99273.htm
For more information on this exploit and a patch, visit http://www.microsoft.com/technet/securi ... 1-020.mspx
---------------------------------------------------------------------------------------------
#eScan-Erkennungstool
eSan ist hier unter dem Namen Free eScan Antivirus Toolkit Utility kostenlos erhältlich:
http://www.mwti.net/antivirus/free_utilities.asp
erstelle den Ordner c:\bases
mwav.exe runterladen, die Datei in den Ordner c:\bases (wichtig!) entpacken und danach kavupd.exe (Update- in DOS) ausführen
gehe in den abgesicherten Modus
http://www.tu-berlin.de/www/software/vi ... mode.shtml
und den Scanner mit der "mwav.exe"[oder:MWAVSCAN.COM] starten. Alle Häkchen setzen :
Auswählen: "all files", Memory, Startup-Folders, Registry, System Folders,
Services, Drive/All Local drives, Folder [C:\WINDOWS], Include SubDirectory
-->und "Scan " klicken.
mache bitte folgendes:
nun öffnest du mit dem editor, die mwav.txt und gehst unter bearbeiten -> suchen, hier gibst du infected ein
jene zeile in der infected steht, markieren, und hier einfügen, weitersuchen usw.
und ganz unten steht die zusammenfassung, diese auch hier posten
http://vil.nai.com/vil/content/v_99273.htm
For more information on this exploit and a patch, visit http://www.microsoft.com/technet/securi ... 1-020.mspx
---------------------------------------------------------------------------------------------
#eScan-Erkennungstool
eSan ist hier unter dem Namen Free eScan Antivirus Toolkit Utility kostenlos erhältlich:
http://www.mwti.net/antivirus/free_utilities.asp
erstelle den Ordner c:\bases
mwav.exe runterladen, die Datei in den Ordner c:\bases (wichtig!) entpacken und danach kavupd.exe (Update- in DOS) ausführen
gehe in den abgesicherten Modus
http://www.tu-berlin.de/www/software/vi ... mode.shtml
und den Scanner mit der "mwav.exe"[oder:MWAVSCAN.COM] starten. Alle Häkchen setzen :
Auswählen: "all files", Memory, Startup-Folders, Registry, System Folders,
Services, Drive/All Local drives, Folder [C:\WINDOWS], Include SubDirectory
-->und "Scan " klicken.
mache bitte folgendes:
nun öffnest du mit dem editor, die mwav.txt und gehst unter bearbeiten -> suchen, hier gibst du infected ein
jene zeile in der infected steht, markieren, und hier einfügen, weitersuchen usw.
und ganz unten steht die zusammenfassung, diese auch hier posten
- Nikita
- Moderator
- Beiträge: 11478
- Registriert: 07.12.2003, 16:53
- Wohnort: Lissabon
von mathea am 17.01.2005, 12:24
Hallo Nikita
hier nun nochmal die gewünschten Zeilen:
Mon Jan 17 08:33:58 2005 => File C:\Dokumente und Einstellungen\Ernst & Reinhard\Anwendungsdaten\Thunderbird\Profiles\default\7h5fbx1x.slt\Mail\mail.osnanet.de\Inbox infected by "I-Worm.Swen" Virus. Action Taken: No Action Taken.
Mon Jan 17 10:46:29 2005 => File D:\Dokumente und Einstellungen\Ernst & Reinhard\Thunderbird\Local Folders\Trash infected by "I-Worm.Swen" Virus. Action Taken: No Action Taken.
Mon Jan 17 10:46:32 2005 => File D:\Dokumente und Einstellungen\Ernst & Reinhard\Thunderbird\mail.osnanet.de\Inbox infected by "Exploit.IFrame.FileDownload" Virus. Action Taken: No Action Taken.
So und hier noch die Zusammenfassung:
Mon Jan 17 10:46:34 2005 => ***** Scanning complete. *****
Mon Jan 17 10:46:34 2005 => Total Files Scanned: 77077
Mon Jan 17 10:46:34 2005 => Total Virus(es) Found: 6
Mon Jan 17 10:46:34 2005 => Total Disinfected Files: 0
Mon Jan 17 10:46:34 2005 => Total Files Renamed: 0
Mon Jan 17 10:46:34 2005 => Total Deleted Files: 0
Mon Jan 17 10:46:34 2005 => Total Errors: 5
Mon Jan 17 10:46:34 2005 => Time Elapsed: 02:53:25
Mon Jan 17 10:46:34 2005 => Virus Database Date: 2005/01/10
Mon Jan 17 10:46:34 2005 => Virus Database Count: 115099
Mon Jan 17 10:46:34 2005 => Scan Completed.
Mon Jan 17 11:09:38 2005 => Virus Database Date: 2005/01/10
Mon Jan 17 11:09:38 2005 => Virus Database Count: 115099
Mon Jan 17 11:09:42 2005 => AV Library Unloaded (3)...
Ich hoffe du kannst mir helfen. Vielen Dank im Vorraus
Mathea
hier nun nochmal die gewünschten Zeilen:
Mon Jan 17 08:33:58 2005 => File C:\Dokumente und Einstellungen\Ernst & Reinhard\Anwendungsdaten\Thunderbird\Profiles\default\7h5fbx1x.slt\Mail\mail.osnanet.de\Inbox infected by "I-Worm.Swen" Virus. Action Taken: No Action Taken.
Mon Jan 17 10:46:29 2005 => File D:\Dokumente und Einstellungen\Ernst & Reinhard\Thunderbird\Local Folders\Trash infected by "I-Worm.Swen" Virus. Action Taken: No Action Taken.
Mon Jan 17 10:46:32 2005 => File D:\Dokumente und Einstellungen\Ernst & Reinhard\Thunderbird\mail.osnanet.de\Inbox infected by "Exploit.IFrame.FileDownload" Virus. Action Taken: No Action Taken.
So und hier noch die Zusammenfassung:
Mon Jan 17 10:46:34 2005 => ***** Scanning complete. *****
Mon Jan 17 10:46:34 2005 => Total Files Scanned: 77077
Mon Jan 17 10:46:34 2005 => Total Virus(es) Found: 6
Mon Jan 17 10:46:34 2005 => Total Disinfected Files: 0
Mon Jan 17 10:46:34 2005 => Total Files Renamed: 0
Mon Jan 17 10:46:34 2005 => Total Deleted Files: 0
Mon Jan 17 10:46:34 2005 => Total Errors: 5
Mon Jan 17 10:46:34 2005 => Time Elapsed: 02:53:25
Mon Jan 17 10:46:34 2005 => Virus Database Date: 2005/01/10
Mon Jan 17 10:46:34 2005 => Virus Database Count: 115099
Mon Jan 17 10:46:34 2005 => Scan Completed.
Mon Jan 17 11:09:38 2005 => Virus Database Date: 2005/01/10
Mon Jan 17 11:09:38 2005 => Virus Database Count: 115099
Mon Jan 17 11:09:42 2005 => AV Library Unloaded (3)...
Ich hoffe du kannst mir helfen. Vielen Dank im Vorraus
Mathea
- mathea
- Beiträge: 7
- Registriert: 10.01.2005, 08:56
von Nikita am 17.01.2005, 19:08
Hallo@mathea
das Mail ist verseucht.
das beste waere, Onlinescanns zu machen.
#Online-Scann <f-secure<
http://support.f-secure.com/enu/home/ols.shtml
#McAfee FreeScan (Online)
www.mcafee.com/myapps/mfs/default.asp
#BitDefender Scan
www.bitdefender.com/scan/Msie/index.php
Symantec Online Scan [nur mit IE moeglich]
http://security.symantec.com/SSC/GetBro ... navbrk.asp
dann berichte
das Mail ist verseucht.
das beste waere, Onlinescanns zu machen.
#Online-Scann <f-secure<
http://support.f-secure.com/enu/home/ols.shtml
#McAfee FreeScan (Online)
www.mcafee.com/myapps/mfs/default.asp
#BitDefender Scan
www.bitdefender.com/scan/Msie/index.php
Symantec Online Scan [nur mit IE moeglich]
http://security.symantec.com/SSC/GetBro ... navbrk.asp
dann berichte
- Nikita
- Moderator
- Beiträge: 11478
- Registriert: 07.12.2003, 16:53
- Wohnort: Lissabon
von mathea am 20.01.2005, 15:53
Hallo Nikita,
soll ich schonwieder onlienscanns machen? Hab dazu ja weiter oben schon ne Antwort geschrieben. Es wurde ja nix gefunden.
Weiss nich ob das nu Sinn macht mich nochmal stundenlang mit Scans zu beschäftigen. Mittlerweile scheints ja schon sinniger den PC platt zu machen...
mfg Mathea
soll ich schonwieder onlienscanns machen? Hab dazu ja weiter oben schon ne Antwort geschrieben. Es wurde ja nix gefunden.
Weiss nich ob das nu Sinn macht mich nochmal stundenlang mit Scans zu beschäftigen. Mittlerweile scheints ja schon sinniger den PC platt zu machen...
mfg Mathea
- mathea
- Beiträge: 7
- Registriert: 10.01.2005, 08:56
von Nikita am 20.01.2005, 16:01
da hast du recht 
C:\Dokumente und Einstellungen\Ernst & Reinhard\Anwendungsdaten\Thunderbird\Profiles\default\7h5fbx1x.slt\Mail\mail.osnanet.de\Inbox infected by "I-Worm.Swen"
das ist verseucht, du kannst also mal versuchen , den Thunderbird zu deinstallieren, alles zu loeschen, was mit ihm zu tun hat und neu zu laden.
Oder, wie du schon gesagt hast, du setzt neu auf
C:\Dokumente und Einstellungen\Ernst & Reinhard\Anwendungsdaten\Thunderbird\Profiles\default\7h5fbx1x.slt\Mail\mail.osnanet.de\Inbox infected by "I-Worm.Swen"
das ist verseucht, du kannst also mal versuchen , den Thunderbird zu deinstallieren, alles zu loeschen, was mit ihm zu tun hat und neu zu laden.
Oder, wie du schon gesagt hast, du setzt neu auf
- Nikita
- Moderator
- Beiträge: 11478
- Registriert: 07.12.2003, 16:53
- Wohnort: Lissabon
von mathea am 21.01.2005, 15:36
Hallo Nikita
ok ich denke mal ich werds erstmal mit Thunderbird Deinstallation probieren, zur Not muss ich halt alles neu machen.
Wollt mich auf jeden Fall nochmal für deine Mühe und Hilfe bedanken.
So machs erstmal gut bis zum nächsten Problem. *gg
*wink Mathea
ok ich denke mal ich werds erstmal mit Thunderbird Deinstallation probieren, zur Not muss ich halt alles neu machen.
Wollt mich auf jeden Fall nochmal für deine Mühe und Hilfe bedanken.
So machs erstmal gut bis zum nächsten Problem. *gg
*wink Mathea
- mathea
- Beiträge: 7
- Registriert: 10.01.2005, 08:56
13 Beiträge • Seite 1 von 1
Ähnliche Themen
| bitte hilfe logfile zu prüfen - keine downloads möglich Forum: Online- und PC-Sicherheit Autor: hugo7 Antworten: 3 |
bitte logfile prüfen Forum: Online- und PC-Sicherheit Autor: DiStUrBeD Antworten: 1 |
Bitte Logfile prüfen Forum: Online- und PC-Sicherheit Autor: Eistormen Antworten: 3 |
Bitte Logfile Prüfen Forum: Online- und PC-Sicherheit Autor: Makaveli Antworten: 1 |
Bitte hijackthis logfile prüfen Forum: Online- und PC-Sicherheit Autor: ping_pong Antworten: 2 |
Zurück zu Online- und PC-Sicherheit
Wer ist online?
Mitglieder in diesem Forum: 0 Mitglieder und 0 Gäste