hallo, ich bin neu hier und habe leider sehr wenig erfahrung. mein rechner ruft mit dem internet explorer und dem firefox dauernd irgendwelche seiten auf. ich habe auf meiner d platte einen ordner bei dem antivir immer abbricht. er enthaelt anscheindend unendliche unterordner und ich kann ihn nicht loeschen>
D:\Installer\3\redist\Forms Update\1\Forms Update\1\Forms Update\0\Forms Update\0\Forms Update\??????\Forms Update\0\Forms Update\??????\Forms Update\??????\Forms Update\??????\Forms Update\??????\Forms Update\??????\Forms Update\??????


anbnei habe ich mal die JackThis Log-File angehaengt. kann da irgenjemand etwas sehen? fuer jeden tip waere ich sehr dankbar!

gruss...kai


Logfile of HijackThis v1.99.1
Scan saved at 23:16:44, on 14/10/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\Explorer.EXE
C:\Arquivos de programas\QuickTime\qttask.exe
C:\Arquivos de programas\iTunes\iTunesHelper.exe
C:\Arquivos de programas\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Arquivos de programas\Analog Devices\SoundMAX\smax4.exe
C:\Arquivos de programas\SlySoft\AnyDVD\AnyDVD.exe
C:\Arquivos de programas\Java\jre1.5.0_04\bin\jusched.exe
C:\Arquivos de programas\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Arquivos de programas\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Arquivos de programas\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe
C:\Arquivos de programas\Lexmark 2200 Series\lxbvbmgr.exe
C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe
C:\ARQUIV~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Arquivos de programas\Lexmark 2200 Series\lxbvbmon.exe
C:\Arquivos de programas\Zone Labs\ZoneAlarm\zlclient.exe
C:\Arquivos de programas\AVPersonal\AVGNT.EXE
C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Arquivos de programas\Skype\Phone\Skype.exe
C:\ARQUIV~1\Webshots\webshots.scr
C:\ARQUIVOS DE PROGRAMAS\AVPERSONAL\AVGUARD.EXE
C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe
C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe
C:\ARQUIV~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\ARQUIV~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Arquivos de programas\AVPersonal\AVWUPSRV.EXE
C:\WINDOWS\bWFyaW5hIGJyYW50\command.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Arquivos de programas\iPod\bin\iPodService.exe
C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe
C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe
C:\Documents and Settings\xxxxx\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &httphome.microsoft.com/intl/br/access/allinone.asp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\WINDOWS\Downloaded Program Files\gbieh.dll
O3 - Toolbar: AZE Search - {a19ef336-01d4-48e6-926a-fe7e1c747aed} - C:\WINDOWS\System32\azesearch4.ocx (file missing)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] C:\Arquivos de programas\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Arquivos de programas\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Arquivos de programas\Analog Devices\SoundMAX\smax4.exe" /tray
O4 - HKLM\..\Run: [AnyDVD] C:\Arquivos de programas\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Arquivos de programas\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [CorelDRAW Graphics Suite 11b] C:\Arquivos de programas\Corel\Corel Graphics 12\Languages\BR\Programs\Registration.exe /title="CorelDRAW Graphics Suite 12" /date=101505 serial=DR12WEX-1504397-KTY lang=BP
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Arquivos de programas\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Arquivos de programas\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [DeviceDiscovery] C:\Arquivos de programas\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Lexmark 2200 Series] "C:\Arquivos de programas\Lexmark 2200 Series\lxbvbmgr.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [RemoteControl] "C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\ARQUIV~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [Zone Labs Client] C:\Arquivos de programas\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [AVGCtrl] "C:\Arquivos de programas\AVPersonal\AVGNT.EXE" /min
O4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [Skype] "C:\Arquivos de programas\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Startup: Adobe Gamma.lnk = C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Webshots.lnk = C:\Arquivos de programas\Webshots\Launcher.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Arquivos de programas\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\MSMSGS.EXE (file missing)
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\MSMSGS.EXE (file missing)
O9 - Extra button: Klicke hier um das Projekt xp-AntiSpy zu unterst¸tzen - {670C14B6-4709-432E-A002-386A200AEB28} - C:\Arquivos de programas\xp-AntiSpy\sponsoring\sponsor.html (HKCU)
O9 - Extra 'Tools' menuitem: Unterst¸tzung f¸r xp-AntiSpy - {670C14B6-4709-432E-A002-386A200AEB28} - C:\Arquivos de programas\xp-AntiSpy\sponsoring\sponsor.html (HKCU)
O14 - IERESET.INF: SEARCH_PAGE_URL=&http:/home.microsoft.com/intl/br/access/allinone.asp
O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399F83} (GbPluginObj Class) - https:/www14.bancobrasil.com.br/GbPluginBb.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\ARQUIV~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: vskype - (no CLSID) - (no file)
O20 - Winlogon Notify: Telephony - C:\WINDOWS\system32\o4ns0e57eh.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Arquivos de programas\Arquivos comuns\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\ARQUIVOS DE PROGRAMAS\AVPERSONAL\AVGUARD.EXE
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\ARQUIV~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\ARQUIV~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Arquivos de programas\AVPersonal\AVWUPSRV.EXE
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\bWFyaW5hIGJyYW50\command.exe
O23 - Service: hpdj - Unknown owner - C:\DOCUME~1\MARINA~1\CONFIG~1\Temp\hpdj.exe (file missing)
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Arquivos de programas\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Hallo,

da hat sich einiges an Malware eingenistet.
Scanne zunächst mit eScan AntiVirus im abgesicherten Modus und poste uns die Virus Log Information (Find.bat!).

sodele, da ich leider immer unterwegs bin komme ich nicht taeglich dazu hier reinzuschauen.
erstmal vielen dank fuer die schnelle hilfe.

ich habe einen escan ausgefuehrt und dies ist das von find.bat generierte textfile<

ich bin nun allerdings wieder bis samstag auf dienstreise und kann so erst am sonntag wieder an die sachen ran.

trotzdem waere ich ueber hilfe sehr dankbar!
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Funde f¸r "infected"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Mon Oct 17 12:27:51 2005 => System found infected with sbsoft/ezfinder.com hijacker Spyware/Adware ({0d2def3a-f4f1-42ec-ac4f-132e7ba6e292})! Action taken: No Action Taken.
Mon Oct 17 12:27:51 2005 => System found infected with addestroyer Spyware/Adware ({417386c3-8d4a-4611-9b91-e57e89d603ac})! Action taken: No Action Taken.
Mon Oct 17 12:27:51 2005 => System found infected with searchexe Spyware/Adware ({807553e5-5146-11d5-a672-00b0d022e945})! Action taken: No Action Taken.
Mon Oct 17 12:27:51 2005 => System found infected with azesearch Browser Hijacker ({a19ef336-01d4-48e6-926a-fe7e1c747aed})! Action taken: No Action Taken.
Mon Oct 17 12:27:51 2005 => System found infected with azesearch Browser Hijacker ({ba048011-957f-4ba0-a804-62c28d96f878})! Action taken: No Action Taken.
Mon Oct 17 12:27:51 2005 => System found infected with troj/bamer-b Spyware/Adware ({c41a1c0e-ea6c-11d4-b1b8-444553540000})! Action taken: No Action Taken.
Mon Oct 17 12:27:52 2005 => System found infected with addestroyer Spyware/Adware ({d52433a9-a44c-43ab-a013-24b3c756dd2b})! Action taken: No Action Taken.
Mon Oct 17 12:27:52 2005 => System found infected with azesearch Browser Hijacker ({da7ff3f8-08be-4cac-bc00-94d91c6ae7f4})! Action taken: No Action Taken.
Mon Oct 17 12:27:52 2005 => System found infected with azesearch Browser Hijacker ({a19ef336-01d4-48e6-926a-fe7e1c747aed})! Action taken: No Action Taken.
Mon Oct 17 12:27:52 2005 => System found infected with troj/bamer-b Spyware/Adware ({c41a1c0e-ea6c-11d4-b1b8-444553540000})! Action taken: No Action Taken.
Mon Oct 17 12:27:52 2005 => System found infected with azesearch Browser Hijacker ({42fc3840-020c-4e93-a34c-4df1a6330fbb})! Action taken: No Action Taken.
Mon Oct 17 12:27:52 2005 => System found infected with addestroyer Spyware/Adware ({d0c29a75-7146-4737-98ee-bc4d7cf44af9})! Action taken: No Action Taken.
Mon Oct 17 12:27:52 2005 => System found infected with addestroyer Spyware/Adware ({e0d3b292-a0b0-4640-975c-2f882e039f52})! Action taken: No Action Taken.
Mon Oct 17 12:27:52 2005 => System found infected with addestroyer Spyware/Adware ({10d7db96-56dc-4617-8eab-ec506abe6c7e})! Action taken: No Action Taken.
Mon Oct 17 12:27:52 2005 => System found infected with azesearch Browser Hijacker ({636ff82a-830a-42ea-938b-6dc78b2ac30c})! Action taken: No Action Taken.
Mon Oct 17 12:27:52 2005 => System found infected with addestroyer Spyware/Adware ({6cdc3337-01f7-4a79-a4af-0b19303cc0be})! Action taken: No Action Taken.
Mon Oct 17 12:27:52 2005 => System found infected with addestroyer Spyware/Adware ({795398d0-dc2f-4118-a69c-592273ba9c2b})! Action taken: No Action Taken.
Mon Oct 17 12:27:52 2005 => System found infected with azesearch Browser Hijacker ({a55c3ba7-db1e-4652-867e-055ceafe8018})! Action taken: No Action Taken.
Mon Oct 17 12:27:52 2005 => System found infected with addestroyer Spyware/Adware ({b288f21c-a144-4ca2-9b70-8afa1fae4b06})! Action taken: No Action Taken.
Mon Oct 17 12:27:52 2005 => System found infected with azesearch Browser Hijacker ({ef77d50b-5767-4e0e-a3a4-098670025f1d})! Action taken: No Action Taken.
Mon Oct 17 12:42:59 2005 => Scanning Folder: C:\Arquivos de programas\AVPersonal\INFECTED\*.*
Mon Oct 17 14:02:16 2005 => Total Disinfected Files: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Funde f¸r "tagged"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Mon Oct 17 12:27:14 2005 => File C:\WINDOWS\system32\fkntsub.dll tagged as "not-a-virus:AdWare.Win32.Look2Me.ab". Action Taken: No Action Taken.
Mon Oct 17 12:27:26 2005 => File C:\WINDOWS\system32\xbnroll.dll tagged as "not-a-virus:AdWare.Win32.Look2Me.ab". Action Taken: No Action Taken.
Mon Oct 17 12:27:26 2005 => File C:\WINDOWS\system32\wD2topl.dll tagged as "not-a-virus:AdWare.Win32.Look2Me.ab". Action Taken: No Action Taken.
Mon Oct 17 12:27:26 2005 => File C:\WINDOWS\system32\SUP32.DLL tagged as "not-a-virus:AdWare.Win32.Look2Me.ab". Action Taken: No Action Taken.
Mon Oct 17 12:27:27 2005 => File C:\WINDOWS\system32\ukrsdpia.dll tagged as "not-a-virus:AdWare.Win32.Look2Me.ab". Action Taken: No Action Taken.
Mon Oct 17 12:27:27 2005 => File C:\WINDOWS\system32\tbddd.dll tagged as "not-a-virus:AdWare.Win32.Look2Me.ab". Action Taken: No Action Taken.
Mon Oct 17 12:27:27 2005 => File C:\WINDOWS\system32\npvdmd.dll tagged as "not-a-virus:AdWare.Win32.Look2Me.ab". Action Taken: No Action Taken.
Mon Oct 17 12:27:27 2005 => File C:\WINDOWS\system32\fkntsub.dll tagged as "not-a-virus:AdWare.Win32.Look2Me.ab". Action Taken: No Action Taken.
Mon Oct 17 12:27:40 2005 => File C:\WINDOWS\bWFyaW5hIGJyYW50\command.exe tagged as "not-a-virus:AdWare.Win32.CommAd.a". Action Taken: No Action Taken.
Mon Oct 17 12:28:38 2005 => File C:\WINDOWS\System32\cprtcli.dll tagged as "not-a-virus:AdWare.Win32.Look2Me.ab". Action Taken: No Action Taken.
Mon Oct 17 12:28:39 2005 => File C:\WINDOWS\System32\cugmgr32.dll tagged as "not-a-virus:AdWare.Win32.Look2Me.ab". Action Taken: No Action Taken.
Mon Oct 17 12:28:48 2005 => File C:\WINDOWS\System32\diwsockx.dll tagged as "not-a-virus:AdWare.Win32.Look2Me.ab". Action Taken: No Action Taken.
Mon Oct 17 12:28:55 2005 => File C:\WINDOWS\System32\enj2l11o1.dll tagged as "not-a-virus:AdWare.Win32.Look2Me.ab". Action Taken: No Action Taken.
Mon Oct 17 12:29:09 2005 => File C:\WINDOWS\System32\izsetup.dll tagged as "not-a-virus:AdWare.Win32.Look2Me.ab". Action Taken: No Action Taken.
Mon Oct 17 12:29:11 2005 => File C:\WINDOWS\System32\k4pm0e71eh.dll tagged as "not-a-virus:AdWare.Win32.Look2Me.ab". Action Taken: No Action Taken.
Mon Oct 17 12:29:14 2005 => File C:\WINDOWS\System32\krdtuf.dll tagged as "not-a-virus:AdWare.Win32.Look2Me.ab". Action Taken: No Action Taken.
Mon Oct 17 12:30:17 2005 => File C:\WINDOWS\System32\tOpi.dll tagged as "not-a-virus:AdWare.Win32.Look2Me.ab". Action Taken: No Action Taken.
Mon Oct 17 12:33:31 2005 => Scanning File C:\Arquivos de programas\Adobe\Adobe InDesign CS2 Trial\Plug-Ins\Filters\Tagged Text Attributes.apln
Mon Oct 17 12:33:32 2005 => Scanning File C:\Arquivos de programas\Adobe\Adobe InDesign CS2 Trial\Plug-Ins\Filters\Tagged Text Filters UI.apln
Mon Oct 17 12:33:32 2005 => Scanning File C:\Arquivos de programas\Adobe\Adobe InDesign CS2 Trial\Plug-Ins\Filters\Tagged Text Filters.apln
Mon Oct 17 13:13:06 2005 => File C:\Documents and Settings\xxx xxx\ConfiguraÁ?es locais\Temp\cmdinst.exe tagged as "not-a-virus:AdWare.Win32.CommAd.a". Action Taken: No Action Taken.
Mon Oct 17 13:20:44 2005 => File C:\WINDOWS\bWFyaW5hIGJyYW50\asappsrv.dll tagged as "not-a-virus:AdWare.Win32.CommAd.a". Action Taken: No Action Taken.
Mon Oct 17 13:29:29 2005 => File C:\WINDOWS\system32\cprtcli.dll tagged as "not-a-virus:AdWare.Win32.Look2Me.ab". Action Taken: No Action Taken.
Mon Oct 17 13:29:30 2005 => File C:\WINDOWS\system32\cugmgr32.dll tagged as "not-a-virus:AdWare.Win32.Look2Me.ab". Action Taken: No Action Taken.
Mon Oct 17 13:29:46 2005 => File C:\WINDOWS\system32\diwsockx.dll tagged as "not-a-virus:AdWare.Win32.Look2Me.ab". Action Taken: No Action Taken.
Mon Oct 17 13:35:00 2005 => File C:\WINDOWS\system32\enj2l11o1.dll tagged as "not-a-virus:AdWare.Win32.Look2Me.ab". Action Taken: No Action Taken.
Mon Oct 17 13:35:15 2005 => File C:\WINDOWS\system32\izsetup.dll tagged as "not-a-virus:AdWare.Win32.Look2Me.ab". Action Taken: No Action Taken.
Mon Oct 17 13:35:17 2005 => File C:\WINDOWS\system32\k4pm0e71eh.dll tagged as "not-a-virus:AdWare.Win32.Look2Me.ab". Action Taken: No Action Taken.
Mon Oct 17 13:35:21 2005 => File C:\WINDOWS\system32\krdtuf.dll tagged as "not-a-virus:AdWare.Win32.Look2Me.ab". Action Taken: No Action Taken.
Mon Oct 17 13:37:10 2005 => File C:\WINDOWS\system32\tOpi.dll tagged as "not-a-virus:AdWare.Win32.Look2Me.ab". Action Taken: No Action Taken.
Mon Oct 17 13:37:43 2005 => File C:\WINDOWS\Temp\GLB17C.tmp tagged as "not-a-virus:AdWare.Win32.VirtualBouncer.j". Action Taken: No Action Taken.
Mon Oct 17 13:37:43 2005 => File C:\WINDOWS\Temp\GLB181.tmp tagged as "not-a-virus:AdWare.Win32.VirtualBouncer.j". Action Taken: No Action Taken.
Mon Oct 17 13:37:44 2005 => File C:\WINDOWS\Temp\GLB18A.tmp tagged as "not-a-virus:AdWare.Win32.VirtualBouncer.j". Action Taken: No Action Taken.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Funde f¸r "offending"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Mon Oct 17 12:27:53 2005 => Offending Key found: HKLM\Software\azentretienco !!!
Mon Oct 17 12:27:55 2005 => Offending Folder found: C:\Documents and Settings\All Users\Dados de aplicativos\addestroyer
Mon Oct 17 12:27:55 2005 => Offending Folder found: C:\Documents and Settings\All Users\Dados de aplicativos\vbouncer
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Statistiken:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Mon Oct 17 14:02:15 2005 => Total Virus(es) Found: 53
Mon Oct 17 14:02:16 2005 => Total Errors: 86
Mon Oct 17 14:02:16 2005 => Time Elapsed: 01:35:18
Mon Oct 17 14:02:15 2005 => Total Objects Scanned: 80920
Mon Oct 17 12:16:39 2005 => Virus Database Date: 2005/10/08
Mon Oct 17 12:16:51 2005 => Virus Database Date: 2005/10/08
Mon Oct 17 12:26:37 2005 => Virus Database Date: 2005/10/08
Mon Oct 17 14:02:16 2005 => Virus Database Date: 2005/10/08
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~ © Haui ;-) ~~~~~~~
~~~~~~~ Dank an Cidre ~~~~~~~