|
Hi! Ich hoffe es ist noch jemand da für mich :-) Gestern konnte ich lkeider nicht posten. Hier ist nun das was wichtig ist: Sat Oct 08 16:29:20 2005 => System found infected with limewire Spyware/Adware (options.js)! Action taken: No Action Taken. Sat Oct 08 16:29:24 2005 => Offending file found: C:\Dokumente und Einstellungen\luxus\Startmenü\programme\benjamin blümchen\englisch\internet.lnk Sat Oct 08 16:29:24 2005 => System found infected with ezula Spyware/Adware (internet.lnk)! Action taken: No Action Taken. Sat Oct 08 16:29:24 2005 => Offending file found: C:\Dokumente und Einstellungen\luxus\Startmenü\Programme\benjamin blümchen\englisch\internet.lnk Sat Oct 08 16:29:24 2005 => System found infected with ezula Spyware/Adware (internet.lnk)! Action taken: No Action Taken. Sat Oct 08 16:29:25 2005 => Offending file found: C:\Dokumente und Einstellungen\luxus\Lokale Einstellungen\temporary internet files\content.ie5\0athd5f3\common[1].js Sat Oct 08 16:29:25 2005 => System found infected with whenu.savenow Spyware/Adware (common[1].js)! Action taken: No Action Taken. Sat Oct 08 16:29:25 2005 => Offending file found: C:\Dokumente und Einstellungen\luxus\Lokale Einstellungen\temporary internet files\content.ie5\4fntqagd\common[1].js Sat Oct 08 16:29:25 2005 => System found infected with whenu.savenow Spyware/Adware (common[1].js)! Action taken: No Action Taken. Sat Oct 08 16:29:25 2005 => Offending file found: C:\Dokumente und Einstellungen\luxus\Lokale Einstellungen\temporary internet files\content.ie5\4fntqagd\stylesheet[1].css Sat Oct 08 16:29:25 2005 => System found infected with whenu.savenow Spyware/Adware (stylesheet[1].css)! Action taken: No Action Taken. Sat Oct 08 16:29:26 2005 => Offending file found: C:\Dokumente und Einstellungen\luxus\Lokale Einstellungen\temporary internet files\content.ie5\8tev45qj\blank[1].htm Sat Oct 08 16:29:26 2005 => System found infected with whenu.savenow Spyware/Adware (blank[1].htm)! Action taken: No Action Taken. Sat Oct 08 16:29:26 2005 => Offending file found: C:\Dokumente und Einstellungen\luxus\Lokale Einstellungen\temporary internet files\content.ie5\8tev45qj\common[1].js Sat Oct 08 16:29:26 2005 => System found infected with whenu.savenow Spyware/Adware (common[1].js)! Action taken: No Action Taken. Sat Oct 08 16:29:26 2005 => Offending file found: C:\Dokumente und Einstellungen\luxus\Lokale Einstellungen\temporary internet files\content.ie5\8tev45qj\stylesheet[1].css Sat Oct 08 16:29:26 2005 => System found infected with whenu.savenow Spyware/Adware (stylesheet[1].css)! Action taken: No Action Taken. Sat Oct 08 16:29:26 2005 => Offending file found: C:\Dokumente und Einstellungen\luxus\Lokale Einstellungen\temporary internet files\content.ie5\sta705ev\common[1].js Sat Oct 08 16:29:26 2005 => System found infected with whenu.savenow Spyware/Adware (common[1].js)! Action taken: No Action Taken. Sat Oct 08 16:29:26 2005 => Offending file found: C:\Dokumente und Einstellungen\luxus\Lokale Einstellungen\Temporary Internet Files\content.ie5\0athd5f3\common[1].js Sat Oct 08 16:29:26 2005 => System found infected with whenu.savenow Spyware/Adware (common[1].js)! Action taken: No Action Taken. Sat Oct 08 16:29:26 2005 => Offending file found: C:\Dokumente und Einstellungen\luxus\Lokale Einstellungen\Temporary Internet Files\content.ie5\4fntqagd\common[1].js Sat Oct 08 16:29:26 2005 => System found infected with whenu.savenow Spyware/Adware (common[1].js)! Action taken: No Action Taken. Sat Oct 08 16:29:26 2005 => Offending file found: C:\Dokumente und Einstellungen\luxus\Lokale Einstellungen\Temporary Internet Files\content.ie5\4fntqagd\stylesheet[1].css Sat Oct 08 16:29:26 2005 => System found infected with whenu.savenow Spyware/Adware (stylesheet[1].css)! Action taken: No Action Taken. Sat Oct 08 16:29:26 2005 => Offending file found: C:\Dokumente und Einstellungen\luxus\Lokale Einstellungen\Temporary Internet Files\content.ie5\8tev45qj\blank[1].htm Sat Oct 08 16:29:26 2005 => System found infected with whenu.savenow Spyware/Adware (blank[1].htm)! Action taken: No Action Taken. Sat Oct 08 16:29:26 2005 => Offending file found: C:\Dokumente und Einstellungen\luxus\Lokale Einstellungen\Temporary Internet Files\content.ie5\8tev45qj\common[1].js Sat Oct 08 16:29:26 2005 => System found infected with whenu.savenow Spyware/Adware (common[1].js)! Action taken: No Action Taken. Sat Oct 08 16:29:26 2005 => Offending file found: C:\Dokumente und Einstellungen\luxus\Lokale Einstellungen\Temporary Internet Files\content.ie5\8tev45qj\stylesheet[1].css Sat Oct 08 16:29:26 2005 => System found infected with whenu.savenow Spyware/Adware (stylesheet[1].css)! Action taken: No Action Taken. Sat Oct 08 16:29:26 2005 => Offending file found: C:\Dokumente und Einstellungen\luxus\Lokale Einstellungen\Temporary Internet Files\content.ie5\sta705ev\common[1].js Sat Oct 08 16:29:26 2005 => System found infected with whenu.savenow Spyware/Adware (common[1].js)! Action taken: No Action Taken. Sat Oct 08 16:35:43 2005 => File C:\Dokumente und Einstellungen\luxus\Anwendungsdaten\Thunderbird\Profiles\h3efmm7j.default\Mail\mail.luxus-1.de\Inbox infected by "Email-Worm.Win32.NetSky.d" Virus! Action Taken: No Action Taken. Sat Oct 08 16:35:50 2005 => File C:\Dokumente und Einstellungen\luxus\Anwendungsdaten\Thunderbird\Profiles\h3efmm7j.default\Mail\mail.luxus-1.de\Junk infected by "Email-Worm.Win32.NetSky.b" Virus! Action Taken: No Action Taken. Sat Oct 08 16:42:31 2005 => File C:\Dokumente und Einstellungen\luxus\Anwendungsdaten\Thunderbird\Profiles\h3efmm7j.default\Mail\mail.luxus.de\Inbox infected by "Email-Worm.Win32.NetSky.q" Virus! Action Taken: No Action Taken. Sat Oct 08 16:48:55 2005 => File C:\Dokumente und Einstellungen\luxus\Anwendungsdaten\Thunderbird\Profiles\h3efmm7j.default\Mail\mail.luxus.de\Junk infected by "Email-Worm.Win32.NetSky.b" Virus! Action Taken: No Action Taken. Sat Oct 08 17:18:37 2005 => File C:\Dokumente und Einstellungen\luxus\Anwendungsdaten\Thunderbird\Profiles\h3efmm7j.default\Mail\pop.gmx.net\Inbox infected by "Email-Worm.Win32.NetSky.b" Virus! Action Taken: No Action Taken. Sat Oct 08 17:18:38 2005 => File C:\Dokumente und Einstellungen\luxus\Anwendungsdaten\Thunderbird\Profiles\h3efmm7j.default\Mail\pop.gmx.net\Junk infected by "Email-Worm.Win32.NetSky.b" Virus! Action Taken: No Action Taken. Sat Oct 08 17:30:20 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\LD6BA7.TMP.VIR Sat Oct 08 17:30:20 2005 => File C:\Programme\AVPersonal\INFECTED\LD6BA7.TMP.VIR infected by "Trojan-Downloader.Win32.Small.boo" Virus! Action Taken: No Action Taken. Sat Oct 08 19:24:26 2005 => Total Objects Scanned: 145831 Sat Oct 08 19:24:26 2005 => Total Virus(es) Found: 24 Sat Oct 08 19:24:26 2005 => Total Disinfected Files: 0 Sat Oct 08 19:24:26 2005 => Total Files Renamed: 0 Sat Oct 08 19:24:26 2005 => Total Deleted Objects: 0 Sat Oct 08 19:24:27 2005 => Total Errors: 200 Sat Oct 08 19:24:27 2005 => Time Elapsed: 02:54:56 Sat Oct 08 19:24:27 2005 => Virus Database Date: 2005/10/08 Sat Oct 08 19:24:27 2005 => Virus Database Count: 152936 |
Leere den Cache des IE mit www.clearprog.de Leere den Quarantäne-Ordner von AntiVir. Lösche die verseuchten Mails in Thunderbird (Mails mit unbekanntem Anhang) und komprimiere alle Mailordner (in Thunderbird Rechtsklick auf z.B. Posteingang und "Diesen Ordner komprimieren" anklicken). Poste die eScan-Ergebnisse bitte noch mit der Find.bat Poste ein neues Silentrunners-Logfile. |
Schönen Guten Morgen! Ich hab jetzt nochmal das ganze (durch die Nacht) durchlaufen lassen. Leider scheint das mit dem Thunderbird nicht geklappt zu haben. Ich konnte aber keine Anhänge finden die "verseucht" sein sollen. Übrigens! Vielen Dank für die Hilfe :-) Hier das Log: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Funde für "infected" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Tue Oct 11 23:16:28 2005 => System found infected with limewire Spyware/Adware (options.js)! Action taken: No Action Taken. Tue Oct 11 23:16:34 2005 => System found infected with ezula Spyware/Adware (internet.lnk)! Action taken: No Action Taken. Tue Oct 11 23:16:34 2005 => System found infected with ezula Spyware/Adware (internet.lnk)! Action taken: No Action Taken. Tue Oct 11 23:23:36 2005 => File C:\Dokumente und Einstellungen\luxus\Anwendungsdaten\Thunderbird\Profiles\h3efmm7j.default\Mail\mail.luxus-1.de\Junk infected by "Email-Worm.Win32.NetSky.b" Virus! Action Taken: No Action Taken. Tue Oct 11 23:46:38 2005 => File C:\Dokumente und Einstellungen\luxus\Anwendungsdaten\Thunderbird\Profiles\h3efmm7j.default\Mail\mail.luxus.de\Inbox.sbd\2004 infected by "Email-Worm.Win32.NetSky.q" Virus! Action Taken: No Action Taken. Tue Oct 11 23:46:39 2005 => File C:\Dokumente und Einstellungen\luxus\Anwendungsdaten\Thunderbird\Profiles\h3efmm7j.default\Mail\mail.luxus.de\Junk infected by "Email-Worm.Win32.NetSky.b" Virus! Action Taken: No Action Taken. Wed Oct 12 00:25:44 2005 => Scanning Folder: C:\Programme\AVPersonal\INFECTED\*.* Wed Oct 12 02:21:55 2005 => Total Disinfected Files: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Funde für "tagged" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Funde für "offending" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Tue Oct 11 23:16:28 2005 => Offending file found: C:\Dokumente und Einstellungen\luxus\Anwendungsdaten\mozilla\firefox\profiles\xg2nt40g.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\defaults\preferences\options.js Tue Oct 11 23:16:34 2005 => Offending file found: C:\Dokumente und Einstellungen\luxus\Startmenü\programme\benjamin blümchen\englisch\internet.lnk Tue Oct 11 23:16:34 2005 => Offending file found: C:\Dokumente und Einstellungen\luxus\Startmenü\Programme\benjamin blümchen\englisch\internet.lnk ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Statistiken: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Wed Oct 12 02:21:55 2005 => Total Virus(es) Found: 6 Wed Oct 12 02:21:55 2005 => Total Errors: 199 Wed Oct 12 02:21:55 2005 => Time Elapsed: 03:01:26 Wed Oct 12 02:21:55 2005 => Total Objects Scanned: 148184 Tue Oct 11 23:14:25 2005 => Virus Database Date: 2005/10/12 Wed Oct 12 02:21:55 2005 => Virus Database Date: 2005/10/12 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~ © Haui ;-) ~~~~~~~ ~~~~~~~ Dank an Cidre ~~~~~~~ und hier das andere: "Silent Runners.vbs", revision 41, http://www.silentrunners.org/ Operating System: Windows XP SP2 Output limited to non-default values, except where indicated by "{++}" Startup items buried in registry: --------------------------------- HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++} "CTFMON.EXE" = "C:\WINDOWS\system32\ctfmon.exe" [MS] "TOSCDSPD" = "C:\Programme\TOSHIBA\TOSCDSPD\toscdspd.exe" ["TOSHIBA"] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++} "NvCplDaemon" = "RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup" [MS] "nwiz" = "nwiz.exe /installquiet" ["NVIDIA Corporation"] "00THotkey" = "C:\WINDOWS\System32\00THotkey.exe" ["TOSHIBA Corp."] "000StTHK" = "000StTHK.exe" [null data] "TFNF5" = "TFNF5.exe" ["TOSHIBA Corp."] "SigmaTel StacMon" = "C:\Programme\SigmaTel\SigmaTel AC97 Audio-Treiber\stacmon.exe" ["SigmaTel Inc."] "SynTPLpr" = "C:\Programme\Synaptics\SynTP\SynTPLpr.exe" ["Synaptics, Inc."] "SynTPEnh" = "C:\Programme\Synaptics\SynTP\SynTPEnh.exe" ["Synaptics, Inc."] "TouchED" = "C:\Programme\TOSHIBA\TouchED\TouchED.Exe" ["TOSHIBA Corporation"] "LTSMMSG" = "LTSMMSG.exe" ["LT"] "TPSMain" = "TPSMain.exe" ["TOSHIBA Corporation"] "TFncKy" = "TFncKy.exe" ["TOSHIBA Corporation"] "Zone Labs Client" = ""C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe"" ["Zone Labs Inc."] "NDSTray.exe" = "NDSTray.exe" ["TOSHIBA CORPORATION"] "SunJavaUpdateSched" = "C:\Programme\Java\jre1.5.0_01\bin\jusched.exe" ["Sun Microsystems, Inc."] "KernelFaultCheck" = "C:\WINDOWS\system32\dumprep 0 -k" [MS] "AVGCtrl" = "C:\Programme\AVPersonal\AVGNT.EXE /min" ["H+BEDV Datentechnik GmbH"] "QuickTime Task" = ""C:\Programme\QuickTime\qttask.exe" -atboottime" ["Apple Computer, Inc."] "iTunesHelper" = ""C:\Programme\iTunes\iTunesHelper.exe"" ["Apple Computer, Inc."] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx\ {++} "Register Homesite+.exe" = "C:\Programme\Macromedia\HomeSite+\Homesite+.exe /REGSERVER" ["Macromedia, Inc."] HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = "AcroIEHlprObj Class" [from CLSID] -> {CLSID}\InProcServer32\(Default) = "C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll" ["Adobe Systems Incorporated"] HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ "{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "CPL-Erweiterung für Anzeigeverschiebung" -> {CLSID}\InProcServer32\(Default) = "deskpan.dll" [file not found] "{88895560-9AA2-1069-930E-00AA0030EBC8}" = "Erweiterung für HyperTerminal-Icons" -> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\System32\hticons.dll" ["Hilgraeve, Inc."] "{1CDB2949-8F65-4355-8456-263E7C208A5D}" = "Desktop-Explorer" -> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\System32\nvshell.dll" ["NVIDIA Corporation"] "{1E9B04FB-F9E5-4718-997B-B8DA88302A47}" = "Desktop Explorer Menu" -> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\System32\nvshell.dll" ["NVIDIA Corporation"] "{C4213067-97B3-4929-9B98-B5600FBBBA13}" = "TouchED" -> {CLSID}\InProcServer32\(Default) = "C:\PROGRA~1\TOSHIBA\TouchED\TouchED.dll" ["TOSHIBA Corporation"] "{E0D79304-84BE-11CE-9641-444553540000}" = "WinZip" -> {CLSID}\InProcServer32\(Default) = "C:\PROGRA~1\WinZip\WZSHLSTB.DLL" ["WinZip Computing, Inc."] "{E0D79305-84BE-11CE-9641-444553540000}" = "WinZip" -> {CLSID}\InProcServer32\(Default) = "C:\PROGRA~1\WinZip\WZSHLSTB.DLL" ["WinZip Computing, Inc."] "{E0D79306-84BE-11CE-9641-444553540000}" = "WinZip" -> {CLSID}\InProcServer32\(Default) = "C:\PROGRA~1\WinZip\WZSHLSTB.DLL" ["WinZip Computing, Inc."] "{0AC6C6C5-F7A8-11D2-BEF4-00C04F990001}" = "Macromedia FTP & RDS" -> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\CfShellFtpRds.dll" ["Macromedia, Inc."] "{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF}" = "iTunes" -> {CLSID}\InProcServer32\(Default) = "C:\Programme\iTunes\iTunesMiniPlayer.dll" ["Apple Computer, Inc."] "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension" -> {CLSID}\InProcServer32\(Default) = "C:\Programme\WinRAR\rarext.dll" [null data] HKLM\Software\Classes\*\shellex\ContextMenuHandlers\ AntiVir/Win\(Default) = "{a7cda720-84ee-11d0-b5c0-00001b3ca278}" -> {CLSID}\InProcServer32\(Default) = "C:\Programme\AVPersonal\AVShlExt.DLL" ["H+BEDV Datentechnik GmbH"] WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" -> {CLSID}\InProcServer32\(Default) = "C:\Programme\WinRAR\rarext.dll" [null data] WinZip\(Default) = "{E0D79304-84BE-11CE-9641-444553540000}" -> {CLSID}\InProcServer32\(Default) = "C:\PROGRA~1\WinZip\WZSHLSTB.DLL" ["WinZip Computing, Inc."] HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\ WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" -> {CLSID}\InProcServer32\(Default) = "C:\Programme\WinRAR\rarext.dll" [null data] WinZip\(Default) = "{E0D79304-84BE-11CE-9641-444553540000}" -> {CLSID}\InProcServer32\(Default) = "C:\PROGRA~1\WinZip\WZSHLSTB.DLL" ["WinZip Computing, Inc."] HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\ AntiVir/Win\(Default) = "{a7cda720-84ee-11d0-b5c0-00001b3ca278}" -> {CLSID}\InProcServer32\(Default) = "C:\Programme\AVPersonal\AVShlExt.DLL" ["H+BEDV Datentechnik GmbH"] WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" -> {CLSID}\InProcServer32\(Default) = "C:\Programme\WinRAR\rarext.dll" [null data] WinZip\(Default) = "{E0D79304-84BE-11CE-9641-444553540000}" -> {CLSID}\InProcServer32\(Default) = "C:\PROGRA~1\WinZip\WZSHLSTB.DLL" ["WinZip Computing, Inc."] Active Desktop and Wallpaper: ----------------------------- Active Desktop is disabled at this entry: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState Winsock2 Service Provider DLLs: ------------------------------- Namespace Service Providers HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++} 000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS] 000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS] 000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS] Transport Service Providers HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++} 0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range: %SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 17 %SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05 Toolbars, Explorer Bars, Extensions: ------------------------------------ Extensions (Tools menu items, main toolbar menu buttons) HKLM\Software\Microsoft\Internet Explorer\Extensions\ {08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ "MenuText" = "Sun Java Konsole" "CLSIDExtension" = "{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBC}" -> {CLSID}\InProcServer32\(Default) = "C:\Programme\Java\jre1.5.0_01\bin\npjpi150_01.dll" ["Sun Microsystems, Inc."] {FB5F1910-F110-11D2-BB9E-00C04F795683}\ "ButtonText" = "Messenger" "MenuText" = "Windows Messenger" "Exec" = "C:\Programme\Messenger\msmsgs.exe" [MS] Running Services (Display Name, Service Name, Path {Service DLL}): ------------------------------------------------------------------ AntiVir Service, AntiVirService, ""C:\PROGRAMME\AVPERSONAL\AVGUARD.EXE"" ["H+BEDV Datentechnik GmbH"] AntiVir Update, AVWUpSrv, ""C:\Programme\AVPersonal\AVWUPSRV.EXE"" ["H+BEDV Datentechnik GmbH, Germany"] ConfigFree Service, CFSvcs, "C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe" ["TOSHIBA CORPORATION"] iPodService, iPodService, "C:\Programme\iPod\bin\iPodService.exe" ["Apple Computer, Inc."] NVIDIA Driver Helper Service, NVSvc, "C:\WINDOWS\System32\nvsvc32.exe" ["NVIDIA Corporation"] TrueVector Internet Monitor, vsmon, "C:\WINDOWS\system32\ZoneLabs\vsmon.exe -service" ["Zone Labs Inc."] Print Monitors: --------------- HKLM\System\CurrentControlSet\Control\Print\Monitors\ Canon BJ Language Monitor PIXMA iP4000\Driver = "CNMLM64.DLL" ["CANON INC."] ---------- + This report excludes default entries except where indicated. + To see *everywhere* the script checks and *everything* it finds, launch it from a command prompt or a shortcut with the -all parameter. + To search all directories of local fixed drives for DESKTOP.INI DLL launch points and all Registry CLSIDs for dormant Explorer Bars, use the -supp parameter or answer "No" at the first message box. ---------- (total run time: 23 seconds, including 11 seconds for message boxes) |
Zitat:
Leere in Thunderbird mal den Junkmail-Ordner und komprimiere ihn. Lösche ebenso alle dir unbekannten Mails im Posteingang. Komprimiere diesen Ordner dann auch. Gefährlich kann der Netsky in der Inbox zwar nicht werden (außer du führst ihn aus), aber es ist immer schöner, wenn kein Schädling vorhanden ist. Zitat:
Ist dir der "Benjamin-Blümchen-Ordner" bekannt? Ansonsten sehe ich keine Auffälligkeiten mehr. Gibt's noch Probleme? |
Hi, es gibt jetzt keine Probleme mehr. Klasse :-) Benjamin Blümchen? Klar. Das ist die Kindersoftware. Komisch gell? Gruß, Christian |
Zitat:
Gruß Haui P.S. Ein wenige Lektüre zur Absicherung des Systems: http://www.trojaner-board.de/showpos...28&postcount=2 Neu aufsetzen musst du nach dem jetzigen Stand nicht. Als Einstieg sollte aber auch dieser Artikel ausreichen. |
hatte gerade selbst das "vergnügen" einen trojaner auf meinem neuen laptop zu haben, naja jedenfalls hab ich was über trojanische pferde uä gelesen als ich den virusscan tätigte, was mein programm meinte war: What is a Trojan Horse? A Trojan horse program is a malicious program that pretends to be a benign application; a Trojan horse program purposefully does something the user does not expect. Trojans are not viruses since they do not replicate, but Trojan horse programs can be just as destructive. Many people use the term to refer only to non-replicating malicious programs, thus making a distinction between Trojans and viruses ________ mehr weiss ich über sie momentan nicht |
| Alle Zeitangaben in WEZ +1. Es ist jetzt 18:44 Uhr. |
Copyright ©2000-2024, Trojaner-Board