- #1
A
antares
Mitglied
Themenersteller
- Dabei seit
- 13.04.2004
- Beiträge
- 6
- Reaktionspunkte
- 0
Hallo!
Hab mir die beiden Tool gezogen, weil sich meine Startseite auch immer wieder ändert.....poste jetzt hier mal meine beiden Log-Files, weil ich net weiß, welche Dateien ich wirklich löschen darf und welche mein System benötigt.
Danke
Logfile of HijackThis v1.97.7
Scan saved at 16:31:52, on 13.04.2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\services\services.exe
C:\software\tools\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\software\tools\dsl_fritz\Awatch.exe
C:\Programme\Lexmark X74-X75\lxbbbmgr.exe
C:\Programme\Lexmark X74-X75\lxbbbmon.exe
C:\software\tools\itools\iTunesHelper.exe
C:\Programme\AVWin\AVGNT.EXE
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe
C:\Programme\Messenger\msmsgs.exe
C:\software\adobe\Acrobat\Distillr\AcroTray.exe
C:\Programme\AVWin\AVGUARD.EXE
C:\Programme\AVWin\AVWUPSRV.EXE
C:\WINDOWS\System32\gearsec.exe
C:\Programme\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\iPod\bin\iPodService.exe
C:\Programme\Norton Internet Security\NISUM.EXE
D:\Veronika\privat\down\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http: //www.couldnotfind.com/search_page.html?&account_id=137837
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http: //www.couldnotfind.com/search_page.html?&account_id=137837
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http: //www.coolsearch.biz
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http: //www.couldnotfind.com/search_page.html?&account_id=137837
R1 - HKLM\Software\Microsoft\Internet Explorer,SearchURL = http: //4-counter.com/?a=2&b=cr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http: //4-counter.com/?a=2&b=cr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http: //4-counter.com/?a=2&b=cr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http: //4-counter.com/?a=2&b=cr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http: //www.coolsearch.biz
F1 - win.ini: run=C:\WINDOWS\System32\services\services.exe
O2 - BHO: (no name) - {5321E378-FFAD-4999-8C62-03CA8155F0B3} - (no file)
O2 - BHO: Ipswitch.WsftpBrowserHelper - {601ED020-FB6C-11D3-87D8-0050DA59922B} - c:\software\tools\ws_ftp_pro\wsbho2K0.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar1.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programme\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programme\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [QuickFinder Scheduler] C:\software\office\WordPerfect Office 11\Programs\QFSCHD110.EXE
O4 - HKLM\..\Run: [EM_EXEC] C:\software\tools\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [AWatch] c:\software\tools\dsl_fritz\Awatch.exe
O4 - HKLM\..\Run: [Lexmark X74-X75] C:\Programme\Lexmark X74-X75\lxbbbmgr.exe
O4 - HKLM\..\Run: [QuickTime Task] C:\software\tools\quicktime\qttask.exe -atboottime
O4 - HKLM\..\Run: [iTunesHelper] C:\software\tools\itools\iTunesHelper.exe
O4 - HKLM\..\Run: [xpsystem] C:\WINDOWS\System32\services\services.exe
O4 - HKLM\..\Run: [AVGCtrl] C:\Programme\AVWin\AVGNT.EXE /min
O4 - HKLM\..\Run: [AVWUpd32] C:\PROGRA~1\AVWin\Avwupd32.EXE /min
O4 - HKLM\..\Run: [ccApp] C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe
O4 - HKLM\..\Run: [ccRegVfy] C:\Programme\Gemeinsame Dateien\Symantec Shared\ccRegVfy.exe
O4 - HKCU\..\Run: [MSMSGS] C:\Programme\Messenger\msmsgs.exe /background
O4 - HKCU\..\Run: [xpsystem] C:\WINDOWS\System32\services\services.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\software\adobe\Acrobat\Distillr\AcroTray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = ?
O8 - Extra context menu item: &Google Search - res://c:\programme\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://c:\programme\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://c:\programme\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\software\office\OFFICE~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Si&milar Pages - res://c:\programme\google\GoogleToolbar1.dll/cmsimilar.html
O9 - Extra button: Recherchieren (HKLM)
O9 - Extra button: Related (HKLM)
O9 - Extra->Tools' menuitem: Show &Related Links (HKLM)
O10 - Broken Internet access because of LSP provider->avsda.dll' missing
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {11111111-1111-1111-1111-111111111157} - ms-its:mhtml:file://c:\nosuch.mht!http://hard-virgins.com/dkvaget/x.chm::/load.exe
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {EF86873F-04C2-4A95-A373-5703C08EFC7B} (Installer Class) - http:// w*w.xxxtoolbar.com/ist/softwares/v3.0/0006.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{BE37EAA9-A3C3-4462-9867-4CF3FBA9CED2}: NameServer = 192.168.122.252,192.168.122.253
CWShredder v1.56.2 scan only reportPlease understand that a CWShredder->Scan only' report
might not be sufficient to troubleshoot an infected system.
You can use HijackThis for that:
http://www.merijn.org/files/hijackthis.zip
http://www.spywareinfo.com/~merijn/files/hijackthis.zip
Windows XP (5.01.2600 SP1)
Windows dir: C:\WINDOWS
Windows system dir: C:\WINDOWS\system32
AppData folder: C:\Dokumente und Einstellungen\<User>\Anwendungsdaten
Username:
Infected Registry value:
HKLM\Software\Microsoft\Internet Explorer,SearchURL
Infected data: http:// 4-counter.com/?a=2&b=cr
Infected Registry value:
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar
Infected data: http:// w*w.couldnotfind.com/search_page.html?&account_id=137837
Infected Registry value:
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page
Infected data: http:// w*w.couldnotfind.com/search_page.html?&account_id=137837
Infected Registry value:
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar
Infected data: http:// 4-counter.com/?a=2&b=cr
Infected Registry value:
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page
Infected data: http:// 4-counter.com/?a=2&b=cr
Infected Registry value:
HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant
Infected data: http:// w*w.couldnotfind.com/search_page.html?&account_id=137837
Infected Registry value:
HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant,http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
Infected data: http:// 4-counter.com/?a=2&b=cr
Infected Registry value:
HKLM\Software\Microsoft\Internet Explorer\SearchURL,SearchURL
Infected data: http:// 4-counter.com/?a=2&b=cr
Found Hosts file: C:\WINDOWS\system32\drivers\etc\hosts (55 bytes, A)
CWS.Yexe Registry value: HKCU\..\Run [xpsystem] C:\WINDOWS\System32\services\services.exe
CWS.Yexe Registry value: HKLM\..\Run [xpsystem] C:\WINDOWS\System32\services\services.exe
Shell Registry value: HKLM\..\WinLogon [Shell] Explorer.exe
UserInit Registry value: HKLM\..\WinLogon [UserInit] C:\WINDOWS\system32\userinit.exe,
Found CWS.Olehelp file: C:\WINDOWS\system32\olehelp.exe (0 bytes, A)
Found CWS.Yexe file: C:\WINDOWS\system32\services\services.exe (47616 bytes, A, running)
Registry value: DefaultPrefix (should be http://) [] http://
Registry value: WWW Prefix (should be http://) [www] http://
Registry value: Mosaic Prefix (should be http://) [mosaic] http://
Registry value: Home Prefix (should be http://) [home] http://
Found Win.ini file: C:\WINDOWS\win.ini (550 bytes, A)
Found System.ini file: C:\WINDOWS\system.ini (296 bytes, A)
CWS.Yexe Registry key: HKLM\..\BHOs\{5321E378-FFAD-4999-8C62-03CA8155F0B3}
- END OF REPORT -
Links editiert
Hab mir die beiden Tool gezogen, weil sich meine Startseite auch immer wieder ändert.....poste jetzt hier mal meine beiden Log-Files, weil ich net weiß, welche Dateien ich wirklich löschen darf und welche mein System benötigt.
Danke
Logfile of HijackThis v1.97.7
Scan saved at 16:31:52, on 13.04.2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\services\services.exe
C:\software\tools\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\software\tools\dsl_fritz\Awatch.exe
C:\Programme\Lexmark X74-X75\lxbbbmgr.exe
C:\Programme\Lexmark X74-X75\lxbbbmon.exe
C:\software\tools\itools\iTunesHelper.exe
C:\Programme\AVWin\AVGNT.EXE
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe
C:\Programme\Messenger\msmsgs.exe
C:\software\adobe\Acrobat\Distillr\AcroTray.exe
C:\Programme\AVWin\AVGUARD.EXE
C:\Programme\AVWin\AVWUPSRV.EXE
C:\WINDOWS\System32\gearsec.exe
C:\Programme\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\iPod\bin\iPodService.exe
C:\Programme\Norton Internet Security\NISUM.EXE
D:\Veronika\privat\down\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http: //www.couldnotfind.com/search_page.html?&account_id=137837
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http: //www.couldnotfind.com/search_page.html?&account_id=137837
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http: //www.coolsearch.biz
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http: //www.couldnotfind.com/search_page.html?&account_id=137837
R1 - HKLM\Software\Microsoft\Internet Explorer,SearchURL = http: //4-counter.com/?a=2&b=cr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http: //4-counter.com/?a=2&b=cr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http: //4-counter.com/?a=2&b=cr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http: //4-counter.com/?a=2&b=cr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http: //www.coolsearch.biz
F1 - win.ini: run=C:\WINDOWS\System32\services\services.exe
O2 - BHO: (no name) - {5321E378-FFAD-4999-8C62-03CA8155F0B3} - (no file)
O2 - BHO: Ipswitch.WsftpBrowserHelper - {601ED020-FB6C-11D3-87D8-0050DA59922B} - c:\software\tools\ws_ftp_pro\wsbho2K0.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar1.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programme\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programme\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [QuickFinder Scheduler] C:\software\office\WordPerfect Office 11\Programs\QFSCHD110.EXE
O4 - HKLM\..\Run: [EM_EXEC] C:\software\tools\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [AWatch] c:\software\tools\dsl_fritz\Awatch.exe
O4 - HKLM\..\Run: [Lexmark X74-X75] C:\Programme\Lexmark X74-X75\lxbbbmgr.exe
O4 - HKLM\..\Run: [QuickTime Task] C:\software\tools\quicktime\qttask.exe -atboottime
O4 - HKLM\..\Run: [iTunesHelper] C:\software\tools\itools\iTunesHelper.exe
O4 - HKLM\..\Run: [xpsystem] C:\WINDOWS\System32\services\services.exe
O4 - HKLM\..\Run: [AVGCtrl] C:\Programme\AVWin\AVGNT.EXE /min
O4 - HKLM\..\Run: [AVWUpd32] C:\PROGRA~1\AVWin\Avwupd32.EXE /min
O4 - HKLM\..\Run: [ccApp] C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe
O4 - HKLM\..\Run: [ccRegVfy] C:\Programme\Gemeinsame Dateien\Symantec Shared\ccRegVfy.exe
O4 - HKCU\..\Run: [MSMSGS] C:\Programme\Messenger\msmsgs.exe /background
O4 - HKCU\..\Run: [xpsystem] C:\WINDOWS\System32\services\services.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\software\adobe\Acrobat\Distillr\AcroTray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = ?
O8 - Extra context menu item: &Google Search - res://c:\programme\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://c:\programme\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://c:\programme\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\software\office\OFFICE~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Si&milar Pages - res://c:\programme\google\GoogleToolbar1.dll/cmsimilar.html
O9 - Extra button: Recherchieren (HKLM)
O9 - Extra button: Related (HKLM)
O9 - Extra->Tools' menuitem: Show &Related Links (HKLM)
O10 - Broken Internet access because of LSP provider->avsda.dll' missing
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {11111111-1111-1111-1111-111111111157} - ms-its:mhtml:file://c:\nosuch.mht!http://hard-virgins.com/dkvaget/x.chm::/load.exe
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {EF86873F-04C2-4A95-A373-5703C08EFC7B} (Installer Class) - http:// w*w.xxxtoolbar.com/ist/softwares/v3.0/0006.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{BE37EAA9-A3C3-4462-9867-4CF3FBA9CED2}: NameServer = 192.168.122.252,192.168.122.253
CWShredder v1.56.2 scan only reportPlease understand that a CWShredder->Scan only' report
might not be sufficient to troubleshoot an infected system.
You can use HijackThis for that:
http://www.merijn.org/files/hijackthis.zip
http://www.spywareinfo.com/~merijn/files/hijackthis.zip
Windows XP (5.01.2600 SP1)
Windows dir: C:\WINDOWS
Windows system dir: C:\WINDOWS\system32
AppData folder: C:\Dokumente und Einstellungen\<User>\Anwendungsdaten
Username:
Infected Registry value:
HKLM\Software\Microsoft\Internet Explorer,SearchURL
Infected data: http:// 4-counter.com/?a=2&b=cr
Infected Registry value:
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar
Infected data: http:// w*w.couldnotfind.com/search_page.html?&account_id=137837
Infected Registry value:
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page
Infected data: http:// w*w.couldnotfind.com/search_page.html?&account_id=137837
Infected Registry value:
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar
Infected data: http:// 4-counter.com/?a=2&b=cr
Infected Registry value:
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page
Infected data: http:// 4-counter.com/?a=2&b=cr
Infected Registry value:
HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant
Infected data: http:// w*w.couldnotfind.com/search_page.html?&account_id=137837
Infected Registry value:
HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant,http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
Infected data: http:// 4-counter.com/?a=2&b=cr
Infected Registry value:
HKLM\Software\Microsoft\Internet Explorer\SearchURL,SearchURL
Infected data: http:// 4-counter.com/?a=2&b=cr
Found Hosts file: C:\WINDOWS\system32\drivers\etc\hosts (55 bytes, A)
CWS.Yexe Registry value: HKCU\..\Run [xpsystem] C:\WINDOWS\System32\services\services.exe
CWS.Yexe Registry value: HKLM\..\Run [xpsystem] C:\WINDOWS\System32\services\services.exe
Shell Registry value: HKLM\..\WinLogon [Shell] Explorer.exe
UserInit Registry value: HKLM\..\WinLogon [UserInit] C:\WINDOWS\system32\userinit.exe,
Found CWS.Olehelp file: C:\WINDOWS\system32\olehelp.exe (0 bytes, A)
Found CWS.Yexe file: C:\WINDOWS\system32\services\services.exe (47616 bytes, A, running)
Registry value: DefaultPrefix (should be http://) [] http://
Registry value: WWW Prefix (should be http://) [www] http://
Registry value: Mosaic Prefix (should be http://) [mosaic] http://
Registry value: Home Prefix (should be http://) [home] http://
Found Win.ini file: C:\WINDOWS\win.ini (550 bytes, A)
Found System.ini file: C:\WINDOWS\system.ini (296 bytes, A)
CWS.Yexe Registry key: HKLM\..\BHOs\{5321E378-FFAD-4999-8C62-03CA8155F0B3}
- END OF REPORT -
Links editiert