35 Viren mir Escan gefunden, gefährlich oder nicht?

manu1984 · 14.12.2007, 11:11

Guten Morgen,

Danke erstmal... An mir kann man wohl alle Virenprogramme und unterirdischen Detektoren ausprobieren die es gibt :-). EScan dauert wohl noch ein bischen, aber avenger hat die registrys (glaube ich) nicht löschen können (syntax error). Deshalb hier erstmal diese Auswertungen, was auch immer sie zu bedeuten haben:

//////////////////////////////////////////
Avenger Pre-Processor log
//////////////////////////////////////////

Syntax error in line --- does not appear to be a valid registry path. Line will be ignored.
Error code: 0
Line: HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Explorer\MountPoints2\D

Syntax error in line --- does not appear to be a valid registry path. Line will be ignored.
Error code: 0
Line: HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Explorer\MountPoints2\E

Syntax error in line --- does not appear to be a valid registry path. Line will be ignored.
Error code: 0
Line: HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Explorer\MountPoints2\{43fab353-19fe-11d9-ba2b-806d6172696f}

Syntax error in line --- does not appear to be a valid registry path. Line will be ignored.
Error code: 0
Line: HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Explorer\MountPoints2\{43fab354-19fe-11d9-ba2b-806d6172696f}

//////////////////////////////////////////

Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\kqykgvsp

*******************

Script file located at: \??\C:\WINDOWS\vujpyvxu.txt
Script file opened successfully.

Script file read successfully

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

File C:\WINDOWS\R.COM deleted successfully.
File C:\WINDOWS\REGEDIT.COM deleted successfully.
File C:\WINDOWS\system32\T.COM deleted successfully.
File C:\WINDOWS\system32\TASKMGR.COM deleted successfully.
File C:\WINDOWS\rdt.ini deleted successfully.
File C:\WINDOWS\system32\filesafer23.exe deleted successfully.
File C:\Dokumente und Einstellungen\Manu\Lokale Einstellungen\Temp\SIntf16.dll deleted successfully.

File C:\DOKUME~1\Manu\LOKALE~1\Temp\SIntf16.dll not found!
Deletion of file C:\DOKUME~1\Manu\LOKALE~1\Temp\SIntf16.dll failed!

Could not process line:
C:\DOKUME~1\Manu\LOKALE~1\Temp\SIntf16.dll
Status: 0xc0000034

Registry key HKLM\Software\Microsoft\Windows\CurrentVersion\url s not found!
Deletion of registry key HKLM\Software\Microsoft\Windows\CurrentVersion\url s failed!
Status: 0xc0000034

Completed script processing.

*******************

Finished! Terminate.

Hier Silentrunners
"Silent Runners.vbs", revision 55, http://www.silentrunners.org/
Operating System: Windows XP SP2
Output limited to non-default values, except where indicated by "{++}"

Startup items buried in registry:
---------------------------------

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
"ctfmon.exe" = "C:\WINDOWS\system32\ctfmon.exe" [MS]
"SpybotSD TeaTimer" = "C:\Programme\Spybot - Search & Destroy\TeaTimer.exe" ["Safer Networking Limited"]
"Skype" = ""C:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized" ["Skype Technologies S.A."]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"ATIModeChange" = "Ati2mdxx.exe" ["ATI Technologies, Inc."]
"PinnacleDriverCheck" = "C:\WINDOWS\System32\PSDrvCheck.exe" [empty string]
"LogitechQuickCamRibbon" = ""C:\Programme\Logitech\QuickCam\Quickcam.exe" /hide" ["Logitech Inc."]
"TkBellExe" = ""C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot" ["RealNetworks, Inc."]
"AVG7_CC" = "C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP" ["GRISOFT, s.r.o."]
"ZoneAlarm Client" = ""C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe"" ["Zone Labs, LLC"]
"estsmbiu" = "C:\tlsspbls.bat" [null data]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{055FD26D-3A88-4e15-963D-DC8493744B1D}\(Default) = "XTTBPos00"
-> {HKLM...CLSID} = "XTTBPos00 Class"
\InProcServer32\(Default) = "C:\PROGRA~1\ICQTOO~1\toolbaru.dll" ["IE Toolbar"]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = (no title provided)
-> {HKLM...CLSID} = "Adobe PDF Reader"
\InProcServer32\(Default) = "C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll" ["Adobe Systems Incorporated"]
{53707962-6F74-2D53-2644-206D7942484F}\(Default) = (no title provided)
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Programme\Spybot - Search & Destroy\SDHelper.dll" ["Safer Networking Limited"]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided)
-> {HKLM...CLSID} = "SSVHelper Class"
\InProcServer32\(Default) = "C:\Programme\Java\jre1.5.0_06\bin\ssv.dll" ["Sun Microsystems, Inc."]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "CPL-Erweiterung für Anzeigeverschiebung"
-> {HKLM...CLSID} = "CPL-Erweiterung für Anzeigeverschiebung"
\InProcServer32\(Default) = "deskpan.dll" [file not found]
"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "Erweiterung für HyperTerminal-Icons"
-> {HKLM...CLSID} = "HyperTerminal Icon Ext"
\InProcServer32\(Default) = "C:\WINDOWS\System32\hticons.dll" ["Hilgraeve, Inc."]
"{2F603045-309F-11CF-9774-0020AFD0CFF6}" = "Synaptics Control Panel"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Programme\Synaptics\SynTP\SynTPCpl.dll" ["Synaptics, Inc."]
"{F5D92341-0A64-11D0-9956-0000E8096023}" = "CD Copy Shell Extension"
-> {HKLM...CLSID} = "CD Copy Shell Extension"
\InProcServer32\(Default) = "C:\WINDOWS\System32\Shellext\CDWshext.dll" ["Pinnacle Systems, Inc."]
"{F5D92342-0A64-11D0-9956-0000E8096023}" = "CD Wizard Shell Extension"
-> {HKLM...CLSID} = "CD Wizard Shell Extension"
\InProcServer32\(Default) = "C:\WINDOWS\System32\Shellext\CDWshext.dll" ["Pinnacle Systems, Inc."]
"{0006F045-0000-0000-C000-000000000046}" = "Microsoft Outlook Custom Icon Handler"
-> {HKLM...CLSID} = "Outlook-Dateisymbolerweiterung"
\InProcServer32\(Default) = "C:\PROGRA~1\MI1933~1\Office\OLKFSTUB.DLL" [MS]
"{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Programme\Microsoft Office\Office10\msohev.dll" [MS]
"{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Programme\WinRAR\rarext.dll" [null data]
"{45AC2688-0253-4ED8-97DE-B5370FA7D48A}" = "Shell Extension for Malware scanning"
-> {HKLM...CLSID} = "Shell Extension for Malware scanning"
\InProcServer32\(Default) = "C:\Programme\AntiVir PersonalEdition Classic\shlext.dll" ["Avira GmbH"]
"{e57ce731-33e8-4c51-8354-bb4de9d215d1}" = "Universelle Plug & Play-Geräte"
-> {HKLM...CLSID} = "Universelle Plug & Play-Geräte"
\InProcServer32\(Default) = "C:\WINDOWS\system32\upnpui.dll" [MS]
"{EDB0E980-90BD-11D4-8599-0008C7D3B6F8}" = "Eudora's Shell Extension"
-> {HKLM...CLSID} = "Eudora's Shell Extension"
\InProcServer32\(Default) = "C:\Programme\Eudora\Eudora\EuShlExt.dll" ["Qualcomm Inc."]
"{A3A1D8A1-006D-4B93-BA27-6F6B4C9C4F1D}" = "Sophos Anti-Virus Shell Extension"
-> {HKLM...CLSID} = "ContextMenuHandler Class"
\InProcServer32\(Default) = "C:\Programme\Sophos\Sophos Anti-Virus\SavShellExt.dll" ["Sophos Plc"]
"{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}" = "Shell Extensions for RealOne Player"
-> {HKLM...CLSID} = "RealOne Player Context Menu Class"
\InProcServer32\(Default) = "C:\Programme\RealPlayer\rpshell.dll" ["RealNetworks, Inc."]
"{FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D}" = "Messenger Sharing Folders"
-> {HKLM...CLSID} = "Meine freigegebenen Ordner"
\InProcServer32\(Default) = "C:\Programme\Windows Live\Messenger\fsshext.8.5.1302.1018.dll" [MS]
"{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}" = "AVG7 Shell Extension"
-> {HKLM...CLSID} = "AVG7 Shell Extension Class"
\InProcServer32\(Default) = "C:\Programme\Grisoft\AVG7\avgse.dll" ["GRISOFT, s.r.o."]
"{9F97547E-460A-42C5-AE0C-81C61FFAEBC3}" = "AVG7 Find Extension"
-> {HKLM...CLSID} = "AVG7 Find Extension Class"
\InProcServer32\(Default) = "C:\Programme\Grisoft\AVG7\avgse.dll" ["GRISOFT, s.r.o."]
"{D9872D13-7651-4471-9EEE-F0A00218BEBB}" = "Multiscan"
-> {HKLM...CLSID} = "ZLAVShExt Class"
\InProcServer32\(Default) = "C:\Programme\Zone Labs\ZoneAlarm\zlavscan.dll" ["Zone Labs, LLC"]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\
<<!>> "{EDB0E980-90BD-11D4-8599-0008C7D3B6F8}" = "Eudora's Shell Extension"
-> {HKLM...CLSID} = "Eudora's Shell Extension"
\InProcServer32\(Default) = "C:\Programme\Eudora\Eudora\EuShlExt.dll" ["Qualcomm Inc."]

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\
<<!>> "AppInit_DLLs" = "C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL" [null data]

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\
<<!>> "System" = "csagt.exe" [file not found]

HKLM\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\
{F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = "PDF Column Info"
-> {HKLM...CLSID} = "PDF Shell Extension"
\InProcServer32\(Default) = "C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.dll" ["Adobe Systems, Inc."]

HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\
AVG7 Shell Extension\(Default) = "{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}"
-> {HKLM...CLSID} = "AVG7 Shell Extension Class"
\InProcServer32\(Default) = "C:\Programme\Grisoft\AVG7\avgse.dll" ["GRISOFT, s.r.o."]
SavShellExt\(Default) = "{A3A1D8A1-006D-4B93-BA27-6F6B4C9C4F1D}"
-> {HKLM...CLSID} = "ContextMenuHandler Class"
\InProcServer32\(Default) = "C:\Programme\Sophos\Sophos Anti-Virus\SavShellExt.dll" ["Sophos Plc"]
Shell Extension for Malware scanning\(Default) = "{45AC2688-0253-4ED8-97DE-B5370FA7D48A}"
-> {HKLM...CLSID} = "Shell Extension for Malware scanning"
\InProcServer32\(Default) = "C:\Programme\AntiVir PersonalEdition Classic\shlext.dll" ["Avira GmbH"]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Programme\WinRAR\rarext.dll" [null data]
ZLAVShExt\(Default) = "{D9872D13-7651-4471-9EEE-F0A00218BEBB}"
-> {HKLM...CLSID} = "ZLAVShExt Class"
\InProcServer32\(Default) = "C:\Programme\Zone Labs\ZoneAlarm\zlavscan.dll" ["Zone Labs, LLC"]

HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\
SavShellExt\(Default) = "{A3A1D8A1-006D-4B93-BA27-6F6B4C9C4F1D}"
-> {HKLM...CLSID} = "ContextMenuHandler Class"
\InProcServer32\(Default) = "C:\Programme\Sophos\Sophos Anti-Virus\SavShellExt.dll" ["Sophos Plc"]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Programme\WinRAR\rarext.dll" [null data]

HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\
AVG7 Shell Extension\(Default) = "{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}"
-> {HKLM...CLSID} = "AVG7 Shell Extension Class"
\InProcServer32\(Default) = "C:\Programme\Grisoft\AVG7\avgse.dll" ["GRISOFT, s.r.o."]
SavShellExt\(Default) = "{A3A1D8A1-006D-4B93-BA27-6F6B4C9C4F1D}"
-> {HKLM...CLSID} = "ContextMenuHandler Class"
\InProcServer32\(Default) = "C:\Programme\Sophos\Sophos Anti-Virus\SavShellExt.dll" ["Sophos Plc"]
Shell Extension for Malware scanning\(Default) = "{45AC2688-0253-4ED8-97DE-B5370FA7D48A}"
-> {HKLM...CLSID} = "Shell Extension for Malware scanning"
\InProcServer32\(Default) = "C:\Programme\AntiVir PersonalEdition Classic\shlext.dll" ["Avira GmbH"]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Programme\WinRAR\rarext.dll" [null data]
ZLAVShExt\(Default) = "{D9872D13-7651-4471-9EEE-F0A00218BEBB}"
-> {HKLM...CLSID} = "ZLAVShExt Class"
\InProcServer32\(Default) = "C:\Programme\Zone Labs\ZoneAlarm\zlavscan.dll" ["Zone Labs, LLC"]

Group Policies {policy setting}:
--------------------------------

Note: detected settings may not have any effect.

HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\

"NoBandCustomize" = (REG_DWORD) dword:0x00000000
{Disable customizing browser toolbars}

"NoCDBurning" = (REG_DWORD) dword:0x00000000
{unrecognized setting}

"FoFileAssociate" = (REG_DWORD) dword:0x00000000
{unrecognized setting}

"StartMenuLogoff" = (REG_DWORD) dword:0x00000000
{unrecognized setting}

"NoShellSearchButton" = (REG_DWORD) dword:0x00000000
{unrecognized setting}

"NoLowDiskSpaceChecks" = (REG_DWORD) dword:0x00000000
{unrecognized setting}

"HideClock" = (REG_DWORD) dword:0x00000000
{unrecognized setting}

"NoRecentDocsMenu" = (REG_DWORD) dword:0x00000000
{unrecognized setting}

"NoFolderOptions" = (REG_DWORD) dword:0x00000000
{Removes the Folder Options menu item from the Tools menu}

"NoUserNameInStartMenu" = (REG_DWORD) dword:0x00000000
{unrecognized setting}

"NoRecentDocsNetHood" = (REG_DWORD) dword:0x00000000
{unrecognized setting}

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\

"NoSharedDocuments" = (REG_DWORD) dword:0x00000000
{unrecognized setting}

"NoCDBurning" = (REG_DWORD) dword:0x00000000
{unrecognized setting}

"BackupNoCDBurning" = (REG_DWORD) dword:0x00000000
{unrecognized setting}

HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\

"DisableTaskMgr" = (REG_DWORD) dword:0x00000000
{Remove Task Manager}

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\

"shutdownwithoutlogon" = (REG_DWORD) dword:0x00000001
{Shutdown: Allow system to be shut down without having to log on}

"undockwithoutlogon" = (REG_DWORD) dword:0x00000001
{Devices: Allow undock without having to log on}

Active Desktop and Wallpaper:
-----------------------------

Active Desktop may be disabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState

Displayed if Active Desktop enabled and wallpaper not set by Group Policy:
HKCU\Software\Microsoft\Internet Explorer\Desktop\General\
"Wallpaper" = "C:\WINDOWS\system32\config\systemprofile\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp"

Displayed if Active Desktop disabled and wallpaper not set by Group Policy:
HKCU\Control Panel\Desktop\
"Wallpaper" = "C:\Dokumente und Einstellungen\Manu\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp"

Enabled Screen Saver:
---------------------

HKCU\Control Panel\Desktop\
"SCRNSAVE.EXE" = "C:\WINDOWS\System32\logon.scr" [MS]

Startup items in "Manu" & "All Users" startup folders:
------------------------------------------------------

C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart
"AutoUpdate Monitor" -> shortcut to: "C:\Programme\Sophos\AutoUpdate\ALMon.exe" ["Sophos Plc"]

Enabled Scheduled Tasks:
------------------------

"1-Klick-Wartung" -> launches: "C:\Programme\TuneUp Utilities 2006\SystemOptimizer.exe /schedulestart" [file not found]

Winsock2 Service Provider DLLs:
-------------------------------

Namespace Service Providers

HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]
000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
000000000004\LibraryPath = "%SystemRoot%\System32\nwprovau.dll" [MS]

Transport Service Providers

HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
%SystemRoot%\system32\mswsock.dll [MS], 01 - 30
%SystemRoot%\system32\rsvpsp.dll [MS], 31 - 32

Toolbars, Explorer Bars, Extensions:
------------------------------------

Toolbars

HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\
"{855F3B16-6D32-4FE6-8A56-BBB695989046}"
-> {HKLM...CLSID} = "ICQ Toolbar"
\InProcServer32\(Default) = "C:\PROGRA~1\ICQTOO~1\toolbaru.dll" ["IE Toolbar"]

HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\
"{855F3B16-6D32-4FE6-8A56-BBB695989046}" = (no title provided)
-> {HKLM...CLSID} = "ICQ Toolbar"
\InProcServer32\(Default) = "C:\PROGRA~1\ICQTOO~1\toolbaru.dll" ["IE Toolbar"]

Extensions (Tools menu items, main toolbar menu buttons)

HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\
"MenuText" = "Sun Java Konsole"
"CLSIDExtension" = "{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}"
-> {HKCU...CLSID} = "Java Plug-in"
\InProcServer32\(Default) = "C:\Programme\Java\jre1.5.0_06\bin\ssv.dll" ["Sun Microsystems, Inc."]
-> {HKLM...CLSID} = "Java Plug-in 1.5.0_06"
\InProcServer32\(Default) = "C:\Programme\Java\jre1.5.0_06\bin\npjpi150_06.dll" ["Sun Microsystems, Inc."]

{7B499570-29C5-4A80-9F57-94A420D140CE}\
"ButtonText" = "Wecker-Alarm"
"MenuText" = "Nach Wecker für Windows exportieren"
"CLSIDExtension" = "{C8FA495F-F131-42B0-8AB8-B119A674AF8E}"

{E2E2DD38-D088-4134-82B7-F2BA38496583}\
"MenuText" = "@xpsp3res.dll,-20001"
"Exec" = "%windir%\Network Diagnostic\xpnetdiag.exe" [MS]

{E59EB121-F339-4851-A3BA-FE49C35617C2}\
"ButtonText" = "ICQ6"
"MenuText" = "ICQ6"
"Exec" = "C:\Programme\ICQ6\ICQ.exe" ["ICQ, Inc."]

Miscellaneous IE Hijack Points
------------------------------

HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\
<<H>> "{855F3B16-6D32-4fe6-8A56-BBB695989046}" = (no title provided)
-> {HKLM...CLSID} = "ICQ Toolbar"
\InProcServer32\(Default) = "C:\PROGRA~1\ICQTOO~1\toolbaru.dll" ["IE Toolbar"]

HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\
<<H>> "TuneUp" = "file://C|/Dokumente und Einstellungen/All Users/Anwendungsdaten/TuneUp Software/Common/base.css" [file not found]

Running Services (Display Name, Service Name, Path {Service DLL}):
------------------------------------------------------------------

<<!>> The running services cannot be counted.
Presence of a spyware service is suspected.
The script has been forced to exit.

---------- (launch time: 2007-12-14 11:02:52)
<<!>>: Suspicious data at a malware launch point.
<<H>>: Suspicious data at a browser hijack point.

+ This report excludes default entries except where indicated.
+ To see *everywhere* the script checks and *everything* it finds,
launch it from a command prompt or a shortcut with the -all parameter.
+ To search all directories of local fixed drives for DESKTOP.INI
DLL launch points, use the -supp parameter or answer "No" at the
first message box and "Yes" at the second message box.
---------- (total run time: 59 seconds, including 11 seconds for message boxes)

35 Viren mir Escan gefunden, gefährlich oder nicht?

Log-Analyse und Auswertung: 35 Viren mir Escan gefunden, gefährlich oder nicht?

35 Viren mir Escan gefunden, gefährlich oder nicht?

Ähnliche Themen: 35 Viren mir Escan gefunden, gefährlich oder nicht?