Start Page = *http://www.hotoffers.info/237/* |
||
---|---|---|
#0
| ||
03.04.2005, 12:35
...neu hier
Beiträge: 8 |
||
|
||
03.04.2005, 13:17
Ehrenmitglied
Beiträge: 29434 |
#17
Hallo@Cailie
#TuneUp2004 (30 Tage free) http://www.tuneup.de/products/tuneup-utilities/ Cleanup repair -->TuneUp Diskcleaner Cleanup repair -->Registry Cleaner Loesche: C:\WINDOWS\System32\guninst.exe C:\WINDOWS\SYSTEM32\gghxaaaa.dll C:\WINDOWS\SYSTEM32\hjuvaaaa.dll C:\WINDOWS\SYSTEM32\msnet64.dll C:\WINDOWS\SYSTEM32\popup_bl.dll C:\WINDOWS\SYSTEM32\systr.dll C:\WINDOWS\SYSTEM32\thun.dll #Ad-aware SE Personal 1.05 Updated http://fileforum.betanews.com/detail/965718306/1 Laden--> Updaten-->scannen-->PC neustarten--> noch mal scannen--> poste das Log vom Scann dann scanne noch einmal mit L2mfix __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
06.04.2005, 21:06
...neu hier
Beiträge: 8 |
#18
Hallo Sabina,
habe TuneUp2004 geladen und alles gesäubert. Danke, scheint ein Super-Programm zu sein. hier das Log von L2mfix (weiter unten auch noch von Ad-Aware) L2MFIX find log 1.02b These are the registry keys present ********************************************************************************** Winlogon/notify: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain] "Asynchronous"=dword:00000000 "Impersonate"=dword:00000000 "DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,33,00,32,00,2e,00,64,00,6c,00,\ 6c,00,00,00 "Logoff"="ChainWlxLogoffEvent" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet] "Asynchronous"=dword:00000000 "Impersonate"=dword:00000000 "DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,6e,00,65,00,74,00,2e,00,64,00,\ 6c,00,6c,00,00,00 "Logoff"="CryptnetWlxLogoffEvent" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll] "DLLName"="cscdll.dll" "Logon"="WinlogonLogonEvent" "Logoff"="WinlogonLogoffEvent" "ScreenSaver"="WinlogonScreenSaverEvent" "Startup"="WinlogonStartupEvent" "Shutdown"="WinlogonShutdownEvent" "StartShell"="WinlogonStartShellEvent" "Impersonate"=dword:00000000 "Asynchronous"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp] "DLLName"="wlnotify.dll" "Logon"="SCardStartCertProp" "Logoff"="SCardStopCertProp" "Lock"="SCardSuspendCertProp" "Unlock"="SCardResumeCertProp" "Enabled"=dword:00000001 "Impersonate"=dword:00000001 "Asynchronous"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule] "Asynchronous"=dword:00000000 "DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\ 6c,00,6c,00,00,00 "Impersonate"=dword:00000000 "StartShell"="SchedStartShell" "Logoff"="SchedEventLogOff" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy] "Logoff"="WLEventLogoff" "Impersonate"=dword:00000000 "Asynchronous"=dword:00000001 "DllName"=hex(2):73,00,63,00,6c,00,67,00,6e,00,74,00,66,00,79,00,2e,00,64,00,\ 6c,00,6c,00,00,00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn] "DLLName"="WlNotify.dll" "Lock"="SensLockEvent" "Logon"="SensLogonEvent" "Logoff"="SensLogoffEvent" "Safe"=dword:00000001 "MaxWait"=dword:00000258 "StartScreenSaver"="SensStartScreenSaverEvent" "StopScreenSaver"="SensStopScreenSaverEvent" "Startup"="SensStartupEvent" "Shutdown"="SensShutdownEvent" "StartShell"="SensStartShellEvent" "PostShell"="SensPostShellEvent" "Disconnect"="SensDisconnectEvent" "Reconnect"="SensReconnectEvent" "Unlock"="SensUnlockEvent" "Impersonate"=dword:00000001 "Asynchronous"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv] "Asynchronous"=dword:00000000 "DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\ 6c,00,6c,00,00,00 "Impersonate"=dword:00000000 "Logoff"="TSEventLogoff" "Logon"="TSEventLogon" "PostShell"="TSEventPostShell" "Shutdown"="TSEventShutdown" "StartShell"="TSEventStartShell" "Startup"="TSEventStartup" "MaxWait"=dword:00000258 "Reconnect"="TSEventReconnect" "Disconnect"="TSEventDisconnect" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon] "DLLName"="wlnotify.dll" "Logon"="RegisterTicketExpiredNotificationEvent" "Logoff"="UnregisterTicketExpiredNotificationEvent" "Impersonate"=dword:00000001 "Asynchronous"=dword:00000001 ********************************************************************************** useragent: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform] ********************************************************************************** Shell Extension key: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved] "{00022613-0000-0000-C000-000000000046}"="Eigenschaften fr Multimediadatei" "{176d6597-26d3-11d1-b350-080036a75b03}"="ICM-Scannerverwaltung" "{1F2E5C40-9550-11CE-99D2-00AA006E086C}"="NTFS-Sicherheit" "{3EA48300-8CF6-101B-84FB-666CCB9BCD32}"="OLE-Eigenschaftenseite fr Dokumente" "{40dd6e20-7c17-11ce-a804-00aa003ca9f6}"="Shellerweiterungen fr Freigaben" "{41E300E0-78B6-11ce-849B-444553540000}"="PlusPack CPL Extension" "{42071712-76d4-11d1-8b24-00a0c9068ff3}"="CPL-Erweiterung fr Grafikkarten" "{42071713-76d4-11d1-8b24-00a0c9068ff3}"="CPL-Erweiterung fr Bildschirme" "{42071714-76d4-11d1-8b24-00a0c9068ff3}"="CPL-Erweiterung fr Anzeigeverschiebung" "{4E40F770-369C-11d0-8922-00A024AB2DBB}"="DS-Sicherheit" "{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}"="Kompatibilit„tsseite" "{56117100-C0CD-101B-81E2-00AA004AE837}"="Shell-Datenauszughandler" "{59099400-57FF-11CE-BD94-0020AF85B590}"="Erweiterung fr Datentr„gerkopien" "{59be4990-f85c-11ce-aff7-00aa003ca9f6}"="Shellerweiterungen fr Microsoft Windows-Netzwerkobjekte" "{5DB2625A-54DF-11D0-B6C4-0800091AA605}"="ICM-Monitorverwaltung" "{675F097E-4C4D-11D0-B6C1-0800091AA605}"="ICM-Druckerverwaltung" "{764BF0E1-F219-11ce-972D-00AA00A14F56}"="Shellerweiterungen fr die Dateikomprimierung" "{77597368-7b15-11d0-a0c2-080036af3f03}"="Shellerweiterung fr Webdrucker" "{7988B573-EC89-11cf-9C00-00AA00A14F56}"="Disk Quota UI" "{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA}"="Kontextmen fr die Verschlsselung" "{85BBD920-42A0-1069-A2E4-08002B30309D}"="Aktenkoffer" "{88895560-9AA2-1069-930E-00AA0030EBC8}"="Erweiterung fr HyperTerminal-Icons" "{BD84B380-8CA2-1069-AB1D-08000948F534}"="Schriftarten" "{DBCE2480-C732-101B-BE72-BA78E9AD5B27}"="ICC-Profil" "{F37C5810-4D3F-11d0-B4BF-00AA00BBB723}"="Druckersicherheit" "{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}"="Shellerweiterungen fr Freigaben" "{f92e8c40-3d33-11d2-b1aa-080036a75b03}"="Display TroubleShoot CPL Extension" "{7444C717-39BF-11D1-8CD9-00C04FC29D45}"="Krypto-PKO-Erweiterung" "{7444C719-39BF-11D1-8CD9-00C04FC29D45}"="Krypto-Sign-Erweiterung" "{7007ACC7-3202-11D1-AAD2-00805FC1270E}"="Netzwerkverbindungen" "{992CFFA0-F557-101A-88EC-00DD010CCC48}"="Netzwerkverbindungen" "{E211B736-43FD-11D1-9EFB-0000F8757FCD}"="Scanner und Kameras" "{FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD}"="Scanner und Kameras" "{905667aa-acd6-11d2-8080-00805f6596d2}"="Scanner und Kameras" "{3F953603-1008-4f6e-A73A-04AAC7A992F1}"="Scanner und Kameras" "{83bbcbf3-b28a-4919-a5aa-73027445d672}"="Scanner und Kameras" "{F0152790-D56E-4445-850E-4F3117DB740C}"="Remote Sessions CPL Extension" "{60254CA5-953B-11CF-8C96-00AA00B8708C}"="Shellerweiterungen fr Windows Script Host" "{2206CDB2-19C1-11D1-89E0-00C04FD7A829}"="Microsoft Datenverknpfung" "{DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Icon Handler" "{797F1E90-9EDD-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Shell Extension" "{D6277990-4C6A-11CF-8D87-00AA0060F5BF}"="Geplante Tasks" "{0DF44EAA-FF21-4412-828E-260A8728E7F1}"="Taskleiste und Startmen" "{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}"="Suchen" "{2559a1f1-21d7-11d4-bdaf-00c04f60b9f0}"="Hilfe und Support" "{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}"="Hilfe und Support" "{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}"="Ausfhren..." "{2559a1f4-21d7-11d4-bdaf-00c04f60b9f0}"="Internet" "{2559a1f5-21d7-11d4-bdaf-00c04f60b9f0}"="E-Mail" "{D20EA4E1-3957-11d2-A40B-0C5020524152}"="Schriftarten" "{D20EA4E1-3957-11d2-A40B-0C5020524153}"="Verwaltung" "{875CB1A1-0F29-45de-A1AE-CFB4950D0B78}"="Audio Media Properties Handler" "{40C3D757-D6E4-4b49-BB41-0E5BBEA28817}"="Video Media Properties Handler" "{E4B29F9D-D390-480b-92FD-7DDB47101D71}"="Wav Properties Handler" "{87D62D94-71B3-4b9a-9489-5FE6850DC73E}"="Avi Properties Handler" "{A6FD9E45-6E44-43f9-8644-08598F5A74D9}"="Midi Properties Handler" "{c5a40261-cd64-4ccf-84cb-c394da41d590}"="Video Thumbnail Extractor" "{5E6AB780-7743-11CF-A12B-00AA004AE837}"="Microsoft Internet Toolbar" "{22BF0C20-6DA7-11D0-B373-00A0C9034938}"="Download Status" "{91EA3F8B-C99B-11d0-9815-00C04FD91972}"="Augmented Shell Folder" "{6413BA2C-B461-11d1-A18A-080036B11A03}"="Augmented Shell Folder 2" "{F61FFEC1-754F-11d0-80CA-00AA005B4383}"="BandProxy" "{7BA4C742-9E81-11CF-99D3-00AA004AE837}"="Microsoft BrowserBand" "{30D02401-6A81-11d0-8274-00C04FD5AE38}"="Search Band" "{32683183-48a0-441b-a342-7c2a440a9478}"="Media Band" "{169A0691-8DF9-11d1-A1C4-00C04FD75D13}"="In-pane search" "{07798131-AF23-11d1-9111-00A0C98BA67D}"="Web Search" "{AF4F6510-F982-11d0-8595-00AA004CD6D8}"="Registry Tree Options Utility" "{01E04581-4EEE-11d0-BFE9-00AA005B4383}"="&Adresse" "{A08C11D2-A228-11d0-825B-00AA005B4383}"="Address EditBox" "{00BB2763-6A77-11D0-A535-00C04FD7D062}"="Microsoft AutoComplete" "{7376D660-C583-11d0-A3A5-00C04FD706EC}"="TridentImageExtractor" "{6756A641-DE71-11d0-831B-00AA005B4383}"="MRU AutoComplete List" "{6935DB93-21E8-4ccc-BEB9-9FE3C77A297A}"="Custom MRU AutoCompleted List" "{7e653215-fa25-46bd-a339-34a2790f3cb7}"="Accessible" "{acf35015-526e-4230-9596-becbe19f0ac9}"="Track Popup Bar" "{E0E11A09-5CB8-4B6C-8332-E00720A168F2}"="Syntaxanalyse der Adressleiste" "{00BB2764-6A77-11D0-A535-00C04FD7D062}"="Microsoft History AutoComplete List" "{03C036F1-A186-11D0-824A-00AA005B4383}"="Microsoft Shell Folder AutoComplete List" "{00BB2765-6A77-11D0-A535-00C04FD7D062}"="Microsoft Multiple AutoComplete List Container" "{ECD4FC4E-521C-11D0-B792-00A0C90312E1}"="Shell Band Site Menu" "{3CCF8A41-5C85-11d0-9796-00AA00B90ADF}"="Shell DeskBarApp" "{ECD4FC4C-521C-11D0-B792-00A0C90312E1}"="Shell DeskBar" "{ECD4FC4D-521C-11D0-B792-00A0C90312E1}"="Shell Rebar BandSite" "{DD313E04-FEFF-11d1-8ECD-0000F87A470C}"="User Assist" "{EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}"="Global Folder Settings" "{EFA24E61-B078-11d0-89E4-00C04FC9E26E}"="Favorites Band" "{0A89A860-D7B1-11CE-8350-444553540000}"="Shell Automation Inproc Service" "{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}"="Shell DocObject Viewer" "{A5E46E3A-8849-11D1-9D8C-00C04FC99D61}"="Microsoft Browser Architecture" "{FBF23B40-E3F0-101B-8488-00AA003E56F8}"="InternetShortcut" "{3C374A40-BAE4-11CF-BF7D-00AA006946EE}"="Microsoft URL-Verlauf-Dienst" "{FF393560-C2A7-11CF-BFF4-444553540000}"="Verlauf" "{7BD29E00-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files" "{7BD29E01-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files" "{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"="Microsoft Url Sucheingriff" "{A2B0DD40-CC59-11d0-A3A5-00C04FD706EC}"="IE4 Suite-Begráungsbildschirm" "{67EA19A0-CCEF-11d0-8024-00C04FD75D13}"="CDF Extension Copy Hook" "{131A6951-7F78-11D0-A979-00C04FD705A2}"="ISFBand OC" "{9461b922-3c5a-11d2-bf8b-00c04fb93661}"="Search Assistant OC" "{3DC7A020-0ACD-11CF-A9BB-00AA004AE837}"="Internet" "{871C5380-42A0-1069-A2EA-08002B30309D}"="Internet Name Space" "{EFA24E64-B078-11d0-89E4-00C04FC9E26E}"="Explorer-Band" "{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service" "{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service" "{88C6C381-2E85-11D0-94DE-444553540000}"="ActiveX-Cacheordner" "{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"="WebCheck" "{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE}"="Subscription Mgr" "{F5175861-2688-11d0-9C5E-00AA00A45957}"="Subscription Folder" "{08165EA0-E946-11CF-9C87-00AA005127ED}"="WebCheckWebCrawler" "{E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB}"="WebCheckChannelAgent" "{E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7}"="TrayAgent" "{7D559C10-9FE9-11d0-93F7-00AA0059CE02}"="Code Download Agent" "{E6CC6978-6B6E-11D0-BECA-00C04FD940BE}"="ConnectionAgent" "{D8BD2030-6FC9-11D0-864F-00AA006809D9}"="PostAgent" "{7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB}"="WebCheck SyncMgr Handler" "{352EC2B7-8B9A-11D1-B8AE-006008059382}"="Shell Application Manager" "{0B124F8F-91F0-11D1-B8B5-006008059382}"="Installed Apps Enumerator" "{CFCCC7A0-A282-11D1-9082-006008059382}"="Darwin App Publisher" "{e84fda7c-1d6a-45f6-b725-cb260c236066}"="Shell Image Verbs" "{66e4e4fb-f385-4dd0-8d74-a2efd1bc6178}"="Shell Image Data Factory" "{3F30C968-480A-4C6C-862D-EFC0897BB84B}"="GDI+ Dateiminiaturansicht-Extrahierungsprogramm" "{9DBD2C50-62AD-11d0-B806-00C04FD706EC}"="Zusammenfassungs-Miniaturansichthandler (DOCFILES)" "{EAB841A0-9550-11cf-8C16-00805F1408F3}"="HTML-Extrahierungsprogramm" "{eb9b1153-3b57-4e68-959a-a3266bc3d7fe}"="Shell Image Property Handler" "{CC6EEFFB-43F6-46c5-9619-51D571967F7D}"="Webpublishing-Assistent" "{add36aa8-751a-4579-a266-d66f5202ccbb}"="Bestellung von Abzgen ber das Internet" "{6b33163c-76a5-4b6c-bf21-45de9cd503a1}"="Shellobjekt des Webpublishing-Assistenten" "{58f1f272-9240-4f51-b6d4-fd63d1618591}"="Passport-Assistent" "{7A9D77BD-5403-11d2-8785-2E0420524153}"="Benutzerkonten" "{BD472F60-27FA-11cf-B8B4-444553540000}"="Compressed (zipped) Folder Right Drag Handler" "{888DCA60-FC0A-11CF-8F0F-00C04FD7D062}"="Compressed (zipped) Folder SendTo Target" "{f39a0dc0-9cc8-11d0-a599-00c04fd64433}"="Channeldatei" "{f3aa0dc0-9cc8-11d0-a599-00c04fd64434}"="Channelverknpfung" "{f3ba0dc0-9cc8-11d0-a599-00c04fd64435}"="Channelhandlerobjekt" "{f3da0dc0-9cc8-11d0-a599-00c04fd64437}"="Channel Menu" "{f3ea0dc0-9cc8-11d0-a599-00c04fd64438}"="Channel Properties" "{63da6ec0-2e98-11cf-8d82-444553540000}"="FTP Folders Webview" "{883373C3-BF89-11D1-BE35-080036B11A03}"="Microsoft DocProp Shell Ext" "{A9CF0EAE-901A-4739-A481-E35B73E47F6D}"="Microsoft DocProp Inplace Edit Box Control" "{8EE97210-FD1F-4B19-91DA-67914005F020}"="Microsoft DocProp Inplace ML Edit Box Control" "{0EEA25CC-4362-4A12-850B-86EE61B0D3EB}"="Microsoft DocProp Inplace Droplist Combo Control" "{6A205B57-2567-4A2C-B881-F787FAB579A3}"="Microsoft DocProp Inplace Calendar Control" "{28F8A4AC-BBB3-4D9B-B177-82BFC914FA33}"="Microsoft DocProp Inplace Time Control" "{8A23E65E-31C2-11d0-891C-00A024AB2DBB}"="Directory Query UI" "{9E51E0D0-6E0F-11d2-9601-00C04FA31A86}"="Shell properties for a DS object" "{163FDC20-2ABC-11d0-88F0-00A024AB2DBB}"="Directory Object Find" "{F020E586-5264-11d1-A532-0000F8757D7E}"="Directory Start/Search Find" "{0D45D530-764B-11d0-A1CA-00AA00C16E65}"="Directory Property UI" "{62AE1F9A-126A-11D0-A14B-0800361B1103}"="Directory Context Menu Verbs" "{ECF03A33-103D-11d2-854D-006008059367}"="MyDocs Copy Hook" "{ECF03A32-103D-11d2-854D-006008059367}"="MyDocs Drop Target" "{4a7ded0a-ad25-11d0-98a8-0800361b1103}"="MyDocs Properties" "{750fdf0e-2a26-11d1-a3ea-080036587f03}"="Offline Files Menu" "{10CFC467-4392-11d2-8DB4-00C04FA31A66}"="Offline Files Folder Options" "{AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E}"="Ordner 'Offlinedateien'" "{143A62C8-C33B-11D1-84FE-00C04FA34A14}"="Microsoft Agent Character Property Sheet Handler" "{ECCDF543-45CC-11CE-B9BF-0080C87CDBA6}"="DfsShell" "{60fd46de-f830-4894-a628-6fa81bc0190d}"="%DESC_PublishDropTarget%" "{7A80E4A8-8005-11D2-BCF8-00C04F72C717}"="MMC Icon Handler" "{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}"=".CAB file viewer" "{32714800-2E5F-11d0-8B85-00AA0044F941}"="&Nach Personen..." "{8DD448E6-C188-4aed-AF92-44956194EB1F}"="Windows Media Player Play as Playlist Context Menu Handler" "{CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C}"="Windows Media Player Burn Audio CD Context Menu Handler" "{F1B9284F-E9DC-4e68-9D7E-42362A59F0FD}"="Windows Media Player Add to Playlist Context Menu Handler" "{E0D79304-84BE-11CE-9641-444553540000}"="WinZip" "{E0D79305-84BE-11CE-9641-444553540000}"="WinZip" "{E0D79306-84BE-11CE-9641-444553540000}"="WinZip" "{E0D79307-84BE-11CE-9641-444553540000}"="WinZip" "{1CDB2949-8F65-4355-8456-263E7C208A5D}"="Desktop-Explorer" "{1E9B04FB-F9E5-4718-997B-B8DA88302A47}"="Desktop Explorer Menu" "{59850401-6664-101B-B21C-00AA004BA90B}"="Microsoft Office Binder Unbind" "{0006F045-0000-0000-C000-000000000046}"="Microsoft Outlook Custom Icon Handler" "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"="WinRAR shell extension" "{5F327514-6C5E-4d60-8F16-D07FA08A78ED}"="Auto Update Property Sheet Extension" "{7C9D5882-CB4A-4090-96C8-430BFE8B795B}"="Webroot Spy Sweeper Context Menu Integration" "{00DF1F20-0849-A4D1-0239-00D0AF3E9CB0}"="TuneUp Shredder Shell Context Menu Extension" ********************************************************************************** HKEY ROOT CLASSIDS: ********************************************************************************** Files Found are not all bad files: C:\WINDOWS\SYSTEM32\ mshtml.dll Thu 27 Jan 2005 17:01:42 A.... 2.806.272 2,68 M ole32.dll Fri 14 Jan 2005 7:34:58 A.... 1.259.008 1,20 M olecli32.dll Fri 14 Jan 2005 7:34:58 A.... 68.608 67,00 K olecnv32.dll Fri 14 Jan 2005 7:34:58 A.... 35.328 34,50 K rpcss.dll Fri 14 Jan 2005 7:34:58 A.... 284.672 278,00 K symneti.dll Fri 21 Jan 2005 23:31:54 A.... 513.752 501,71 K symredir.dll Fri 21 Jan 2005 23:31:52 A.... 141.016 137,71 K 7 items found: 7 files, 0 directories. Total of file sizes: 5.108.656 bytes 4,87 M Locate .tmp files: No matches found. ********************************************************************************** Directory Listing of system files: Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 54DE-907A Verzeichnis von C:\WINDOWS\System32 27.03.2005 20:22 <DIR> dllcache 01.01.2004 12:28 <DIR> Microsoft 11.11.2003 19:59 200.704 vbalExpBar6.ocx 26.01.2003 13:41 40.960 SSubTmr6.dll 2 Datei(en) 241.664 Bytes 2 Verzeichnis(se), 8.789.004.288 Bytes frei UND HIER VON AD-AWARE Ad-Aware SE Build 1.05 Logfile Created on:Mittwoch, 6. April 2005 20:35:24 Created with Ad-Aware SE Personal, free for private use. Using definitions file:SE1R36 01.04.2005 »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» References detected during the scan: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Tracking Cookie(TAC index:3):4 total references »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Ad-Aware SE Settings =========================== Set : Safe mode (always request confirmation) Set : Scan active processes Set : Scan registry Set : Deep-scan registry Set : Scan my IE Favorites for banned URLs Set : Scan within archives Set : Scan my Hosts file Extended Ad-Aware SE Settings =========================== Set : Unload recognized processes & modules during scan Set : Scan registry for all users instead of current user only Set : Always try to unload modules before deletion Set : During removal, unload Explorer and IE if necessary Set : Let Windows remove files in use at next reboot Set : Delete quarantined objects after restoring Set : Include basic Ad-Aware settings in log file Set : Include additional Ad-Aware settings in log file Set : Include reference summary in log file Set : Include alternate data stream details in log file Set : Play sound at scan completion if scan locates critical objects 06.04.2005 20:35:24 - Scan started. (Full System Scan) Listing running processes »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» #:1 [smss.exe] FilePath : \SystemRoot\System32\ ProcessID : 828 ThreadCreationTime : 06.04.2005 18:33:50 BasePriority : Normal #:2 [csrss.exe] FilePath : \??\C:\WINDOWS\system32\ ProcessID : 892 ThreadCreationTime : 06.04.2005 18:33:53 BasePriority : Normal #:3 [winlogon.exe] FilePath : \??\C:\WINDOWS\system32\ ProcessID : 916 ThreadCreationTime : 06.04.2005 18:33:54 BasePriority : High #:4 [services.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 960 ThreadCreationTime : 06.04.2005 18:33:55 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Betriebssystem Microsoft® Windows® CompanyName : Microsoft Corporation FileDescription : Anwendung für Dienste und Controller InternalName : services.exe LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten. OriginalFilename : services.exe #:5 [lsass.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 972 ThreadCreationTime : 06.04.2005 18:33:55 BasePriority : Normal FileVersion : 5.1.2600.1106 (xpsp1.020828-1920) ProductVersion : 5.1.2600.1106 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : LSA Shell (Export Version) InternalName : lsass.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : lsass.exe #:6 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1140 ThreadCreationTime : 06.04.2005 18:33:56 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:7 [svchost.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 1288 ThreadCreationTime : 06.04.2005 18:33:56 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:8 [svchost.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 1572 ThreadCreationTime : 06.04.2005 18:33:56 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:9 [svchost.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 1608 ThreadCreationTime : 06.04.2005 18:33:57 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:10 [ccproxy.exe] FilePath : C:\Programme\Gemeinsame Dateien\Symantec Shared\ ProcessID : 1688 ThreadCreationTime : 06.04.2005 18:33:57 BasePriority : Normal FileVersion : 103.0.3.8 ProductVersion : 103.0.3.8 ProductName : Client and Host Security Platform CompanyName : Symantec Corporation FileDescription : Symantec Network Proxy Service InternalName : ccProxy LegalCopyright : Copyright (c) 2000-2004 Symantec Corporation. All rights reserved. OriginalFilename : ccProxy.exe #:11 [ccsetmgr.exe] FilePath : C:\Programme\Gemeinsame Dateien\Symantec Shared\ ProcessID : 1700 ThreadCreationTime : 06.04.2005 18:33:57 BasePriority : Normal FileVersion : 103.0.3.8 ProductVersion : 103.0.3.8 ProductName : Client and Host Security Platform CompanyName : Symantec Corporation FileDescription : Symantec Settings Manager Service InternalName : ccSetMgr LegalCopyright : Copyright (c) 2000-2004 Symantec Corporation. All rights reserved. OriginalFilename : ccSetMgr.exe #:12 [issvc.exe] FilePath : C:\Programme\Norton Internet Security\ ProcessID : 1712 ThreadCreationTime : 06.04.2005 18:33:57 BasePriority : Normal FileVersion : 8.0.2.5 ProductVersion : 8.0 ProductName : Norton Internet Security CompanyName : Symantec Corporation FileDescription : IS Service InternalName : ISSVC.exe LegalCopyright : Copyright (c) 2004 Symantec Corporation OriginalFilename : ISSVC.exe #:13 [sndsrvc.exe] FilePath : C:\Programme\Gemeinsame Dateien\Symantec Shared\ ProcessID : 1724 ThreadCreationTime : 06.04.2005 18:33:57 BasePriority : Normal FileVersion : 5.4.4.17 ProductVersion : 5.4 ProductName : Symantec Security Drivers CompanyName : Symantec Corporation FileDescription : Network Driver Service InternalName : SndSrvc LegalCopyright : Copyright 2002, 2003, 2004 Symantec Corporation OriginalFilename : SndSrvc.exe #:14 [spbbcsvc.exe] FilePath : C:\Programme\Gemeinsame Dateien\Symantec Shared\SPBBC\ ProcessID : 1748 ThreadCreationTime : 06.04.2005 18:33:57 BasePriority : Normal FileVersion : 1,0,1,47 ProductVersion : 1,0,1,47 ProductName : SPBBC CompanyName : Symantec Corporation FileDescription : SPBBC Service InternalName : SPBBCSvc LegalCopyright : Copyright (c) 2004 Symantec Corporation. All rights reserved. OriginalFilename : SPBBCSvc.exe #:15 [ccevtmgr.exe] FilePath : C:\Programme\Gemeinsame Dateien\Symantec Shared\ ProcessID : 1788 ThreadCreationTime : 06.04.2005 18:33:58 BasePriority : Normal FileVersion : 103.0.3.8 ProductVersion : 103.0.3.8 ProductName : Client and Host Security Platform CompanyName : Symantec Corporation FileDescription : Symantec Event Manager Service InternalName : ccEvtMgr LegalCopyright : Copyright (c) 2000-2004 Symantec Corporation. All rights reserved. OriginalFilename : ccEvtMgr.exe #:16 [spoolsv.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 572 ThreadCreationTime : 06.04.2005 18:34:00 BasePriority : Normal FileVersion : 5.1.2600.0 (XPClient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Spooler SubSystem App InternalName : spoolsv.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : spoolsv.exe #:17 [explorer.exe] FilePath : C:\WINDOWS\ ProcessID : 864 ThreadCreationTime : 06.04.2005 18:34:02 BasePriority : Normal FileVersion : 6.00.2800.1106 (xpsp1.020828-1920) ProductVersion : 6.00.2800.1106 ProductName : Betriebssystem Microsoft® Windows® CompanyName : Microsoft Corporation FileDescription : Windows Explorer InternalName : explorer LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten. OriginalFilename : EXPLORER.EXE #:18 [ctnotify.exe] FilePath : C:\Programme\Creative\ShareDLL\ ProcessID : 1256 ThreadCreationTime : 06.04.2005 18:34:02 BasePriority : Normal FileVersion : 2.00.05.0 ProductVersion : 2.0 ProductName : Creative Disc Detector CompanyName : Creative Technology Ltd. FileDescription : Disc Detector InternalName : CtNotify LegalCopyright : Copyright (c) Creative Technology Ltd. 2001 OriginalFilename : CtNotify.exe Comments : CtNotify Entry #:19 [qttask.exe] FilePath : C:\Programme\QuickTime\ ProcessID : 1264 ThreadCreationTime : 06.04.2005 18:34:02 BasePriority : Normal FileVersion : 6.5 ProductVersion : QuickTime 6.5 ProductName : QuickTime CompanyName : Apple Computer, Inc. InternalName : QuickTime Task LegalCopyright : © Apple Computer, Inc. 2001-2004 OriginalFilename : QTTask.exe #:20 [winampa.exe] FilePath : C:\Programme\Winamp\ ProcessID : 1272 ThreadCreationTime : 06.04.2005 18:34:02 BasePriority : Normal #:21 [usrprmpt.exe] FilePath : C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Center\ ProcessID : 1336 ThreadCreationTime : 06.04.2005 18:34:03 BasePriority : Normal FileVersion : 2005.1.2.20 ProductVersion : 2005.1 ProductName : Norton Security Center CompanyName : Symantec Corporation FileDescription : Norton Security Center Helper InternalName : UsrPrmpt.dll LegalCopyright : Copyright (c) 1997-2004 Symantec Corporation OriginalFilename : UsrPrmpt.dll #:22 [ccapp.exe] FilePath : C:\Programme\Gemeinsame Dateien\Symantec Shared\ ProcessID : 1344 ThreadCreationTime : 06.04.2005 18:34:03 BasePriority : Normal FileVersion : 103.0.3.8 ProductVersion : 103.0.3.8 ProductName : Client and Host Security Platform CompanyName : Symantec Corporation FileDescription : Symantec User Session InternalName : ccApp LegalCopyright : Copyright (c) 2000-2004 Symantec Corporation. All rights reserved. OriginalFilename : ccApp.exe #:23 [hpgs2wnd.exe] FilePath : C:\Programme\Hewlett-Packard\HP Share-to-Web\ ProcessID : 1376 ThreadCreationTime : 06.04.2005 18:34:03 BasePriority : Normal FileVersion : 2,3,0,0\162 ProductVersion : 2,3,0,0\162 ProductName : Hewlett-Packard hpgs2wnd CompanyName : Hewlett-Packard FileDescription : hpgs2wnd InternalName : hpgs2wnd LegalCopyright : Copyright © 2001 OriginalFilename : hpgs2wnd.exe #:24 [hpztsb04.exe] FilePath : C:\WINDOWS\System32\spool\drivers\w32x86\3\ ProcessID : 1388 ThreadCreationTime : 06.04.2005 18:34:03 BasePriority : Normal FileVersion : 2,80,0,0 ProductVersion : 2,80,0,0 ProductName : HP DeskJet CompanyName : HP LegalCopyright : Copyright (c) Hewlett-Packard Company 1999-2001 #:25 [smtray.exe] FilePath : C:\Programme\Analog Devices\SoundMAX\ ProcessID : 1396 ThreadCreationTime : 06.04.2005 18:34:03 BasePriority : Normal FileVersion : 3, 2, 17, 0 ProductVersion : 3, 2, 0, 0 ProductName : SoundMAX Integrated Digital Audio CompanyName : Analog Devices, Inc. FileDescription : SoundMAX System Tray InternalName : SMTray LegalCopyright : Copyright © 2003 Analog Devices OriginalFilename : SMTray.exe #:26 [shicoxp.exe] FilePath : C:\WINDOWS\ ProcessID : 1504 ThreadCreationTime : 06.04.2005 18:34:03 BasePriority : Normal #:27 [cthelper.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 1512 ThreadCreationTime : 06.04.2005 18:34:03 BasePriority : Normal FileVersion : 1, 0, 1, 1 ProductVersion : 1, 0, 1, 1 ProductName : CtHelper Application CompanyName : Creative Technology Ltd FileDescription : CtHelper MFC Application InternalName : CtHelper LegalCopyright : Copyright (C) 2002-03 OriginalFilename : CtHelper.EXE #:28 [msmsgs.exe] FilePath : C:\Programme\Messenger\ ProcessID : 1544 ThreadCreationTime : 06.04.2005 18:34:03 BasePriority : Normal FileVersion : 4.7.0041 ProductVersion : Version 4.7 ProductName : Messenger CompanyName : Microsoft Corporation FileDescription : Messenger InternalName : msmsgs LegalCopyright : Copyright (c) Microsoft Corporation 1997-2001 LegalTrademarks : Microsoft(R) is a registered trademark of Microsoft Corporation in the U.S. and/or other countries. OriginalFilename : msmsgs.exe #:29 [ctfmon.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 1588 ThreadCreationTime : 06.04.2005 18:34:03 BasePriority : Normal FileVersion : 5.1.2600.1106 (xpsp1.020828-1920) ProductVersion : 5.1.2600.1106 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : CTF Loader InternalName : CTFMON LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : CTFMON.EXE #:30 [rundll32.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 1580 ThreadCreationTime : 06.04.2005 18:34:03 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Betriebssystem Microsoft® Windows® CompanyName : Microsoft Corporation FileDescription : Eine DLL-Datei als Anwendung ausführen InternalName : rundll LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten. OriginalFilename : RUNDLL.EXE #:31 [wkcalrem.exe] FilePath : C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\ ProcessID : 1632 ThreadCreationTime : 06.04.2005 18:34:04 BasePriority : Normal FileVersion : 6.00.1911.0 ProductVersion : 6.00.1911.0 ProductName : Microsoft® Works 6.0 CompanyName : Microsoft® Corporation FileDescription : Microsoft® Works Calendar Reminder Service InternalName : WkCalRem LegalCopyright : Copyright © Microsoft Corporation 1987-2000. All rights reserved. OriginalFilename : WKCALREM.EXE #:32 [iwatch.exe] FilePath : C:\Programme\FRITZ!\ ProcessID : 1664 ThreadCreationTime : 06.04.2005 18:34:04 BasePriority : Normal FileVersion : 2.00.09 ProductVersion : 2.00.09 ProductName : ISDNWatch CompanyName : AVM Berlin FileDescription : ISDNWatch Monitor InternalName : ISDNWatch LegalCopyright : Copyright © AVM Berlin OriginalFilename : IWatch.exe #:33 [olfsnt40.exe] FilePath : C:\Programme\Microsoft Office\Office\1031\ ProcessID : 1620 ThreadCreationTime : 06.04.2005 18:34:04 BasePriority : Normal FileVersion : 9.0.98.0105 ProductVersion : 9.0.98.0105 ProductName : Symantec Fax Starter Edition Printer Driver CompanyName : Microsoft Corporation FileDescription : Symantec Fax Starter Edition Port Launcher InternalName : OLFSNT40.DLL LegalCopyright : Copyright (C) Symantec Corp. 1990-1998 OriginalFilename : OLFSNT40.DLL #:34 [wzqkpick.exe] FilePath : C:\Programme\WinZip\ ProcessID : 1740 ThreadCreationTime : 06.04.2005 18:34:04 BasePriority : Normal FileVersion : 1.0 (32-bit) ProductVersion : 8.1 (4319g) ProductName : WinZip CompanyName : WinZip Computing, Inc. and H.C. Top Systems B.V. FileDescription : WinZip InternalName : WZQKPICK.EXE LegalCopyright : Copyright (c) WinZip Computing, Inc. 1991-2001 - All Rights Reserved LegalTrademarks : WinZip is a registered trademark of WinZip Computing, Inc OriginalFilename : WZQKPICK.EXE Comments : StringFileInfo: German #:35 [mediadet.exe] FilePath : C:\Programme\Creative\ShareDLL\ ProcessID : 2016 ThreadCreationTime : 06.04.2005 18:34:07 BasePriority : Normal FileVersion : 2.00.08.0 ProductVersion : 2.00 ProductName : Creative Disc Detector CompanyName : Creative Technology Ltd. FileDescription : Disc Detector InternalName : MediaDet LegalCopyright : Copyright (c) Creative Technology Ltd. 2002 OriginalFilename : MediaDet.exe Comments : Local Server #:36 [em_exec.exe] FilePath : C:\Programme\Logitech\MouseWare\system\ ProcessID : 2024 ThreadCreationTime : 06.04.2005 18:34:07 BasePriority : Normal FileVersion : 9.79.019 ProductVersion : 9.79.019 ProductName : MouseWare CompanyName : Logitech Inc. FileDescription : Logitech Events Handler Application InternalName : Em_Exec LegalCopyright : (C) 1987-2003 Logitech. All rights reserved. LegalTrademarks : Logitech® and MouseWare® are registered trademarks of Logitech Inc. OriginalFilename : Em_Exec.exe Comments : Created by the MouseWare team #:37 [hpgs2wnf.exe] FilePath : C:\Programme\Hewlett-Packard\HP Share-to-Web\ ProcessID : 180 ThreadCreationTime : 06.04.2005 18:34:08 BasePriority : Normal FileVersion : 2, 6, 0,162 ProductVersion : 2, 6, 0,162 ProductName : hpgs2wnf Module FileDescription : hpgs2wnf Module InternalName : hpgs2wnf LegalCopyright : Copyright 2001 OriginalFilename : hpgs2wnf.EXE #:38 [msoffice.exe] FilePath : C:\Programme\Microsoft Office\Office\1031\ ProcessID : 220 ThreadCreationTime : 06.04.2005 18:34:08 BasePriority : Normal FileVersion : 9.0.2601 ProductVersion : 9.0.2601 ProductName : Microsoft Office 2000 CompanyName : Microsoft Corporation FileDescription : Microsoft Office 2000-Komponente InternalName : MSOFFICE LegalCopyright : Copyright© Microsoft Corporation 1994-1999. Alle Rechte vorbehalten. OriginalFilename : MSOFFICE.EXE #:39 [cisvc.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 784 ThreadCreationTime : 06.04.2005 18:34:10 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Content Index service InternalName : cisvc.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : cisvc.exe #:40 [ctsvccda.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 808 ThreadCreationTime : 06.04.2005 18:34:10 BasePriority : Normal FileVersion : 1.0.1.0 ProductVersion : 1.0.0.0 ProductName : Creative Service for CDROM Access CompanyName : Creative Technology Ltd FileDescription : Creative Service for CDROM Access InternalName : CTsvcCDAEXE LegalCopyright : Copyright (c) Creative Technology Ltd., 1999. All rights reserved. OriginalFilename : CTsvcCDA.EXE #:41 [navapsvc.exe] FilePath : C:\Programme\Norton Internet Security\Norton AntiVirus\ ProcessID : 872 ThreadCreationTime : 06.04.2005 18:34:10 BasePriority : Normal FileVersion : 11.0.2.4 ProductVersion : 11.0.2 ProductName : Norton AntiVirus CompanyName : Symantec Corporation FileDescription : Norton AntiVirus Auto-Protect Service InternalName : NAVAPSVC LegalCopyright : Norton AntiVirus 2005 for Windows 98/ME/2000/XP Copyright © 2004 Symantec Corporation. All rights reserved. OriginalFilename : NAVAPSVC.EXE #:42 [nvsvc32.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 1132 ThreadCreationTime : 06.04.2005 18:34:10 BasePriority : Normal FileVersion : 6.14.10.4523 ProductVersion : 6.14.10.4523 ProductName : NVIDIA Driver Helper Service, Version 45.23 CompanyName : NVIDIA Corporation FileDescription : NVIDIA Driver Helper Service, Version 45.23 InternalName : NVSVC LegalCopyright : (C) NVIDIA Corporation. All rights reserved. OriginalFilename : nvsvc32.exe #:43 [snmp.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 1872 ThreadCreationTime : 06.04.2005 18:34:11 BasePriority : Normal FileVersion : 5.1.2600.1106 (xpsp1.020828-1920) ProductVersion : 5.1.2600.1106 ProductName : Betriebssystem Microsoft® Windows® CompanyName : Microsoft Corporation FileDescription : SNMP-Dienst InternalName : snmp.exe LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten. OriginalFilename : snmp.exe #:44 [smagent.exe] FilePath : C:\Programme\Analog Devices\SoundMAX\ ProcessID : 1904 ThreadCreationTime : 06.04.2005 18:34:11 BasePriority : Normal FileVersion : 3, 2, 6, 0 ProductVersion : 3, 2, 6, 0 ProductName : SoundMAX service agent CompanyName : Analog Devices, Inc. FileDescription : SoundMAX service agent component InternalName : SMAgent LegalCopyright : Copyright © 2002 OriginalFilename : SMAgent.exe #:45 [svchost.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 620 ThreadCreationTime : 06.04.2005 18:34:11 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:46 [symlcsvc.exe] FilePath : C:\Programme\Gemeinsame Dateien\Symantec Shared\CCPD-LC\ ProcessID : 2068 ThreadCreationTime : 06.04.2005 18:34:11 BasePriority : Normal FileVersion : 1, 8, 54, 478 ProductVersion : 1, 8, 54, 478 ProductName : Symantec Core Component CompanyName : Symantec Corporation FileDescription : Symantec Core Component InternalName : symlcsvc LegalCopyright : Copyright (C) 2003 OriginalFilename : symlcsvc.exe #:47 [mspmspsv.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 2100 ThreadCreationTime : 06.04.2005 18:34:11 BasePriority : Normal FileVersion : 7.00.00.1954 ProductVersion : 7.00.00.1954 ProductName : Microsoft (R) DRM CompanyName : Microsoft Corporation FileDescription : WMDM PMSP Service InternalName : MSPMSPSV.EXE LegalCopyright : Copyright (C) Microsoft Corp. 1981-2000 OriginalFilename : MSPMSPSV.EXE #:48 [ad-aware.exe] FilePath : C:\Programme\Lavasoft\Ad-Aware SE Personal\ ProcessID : 2092 ThreadCreationTime : 06.04.2005 18:34:55 BasePriority : Normal FileVersion : 6.2.0.206 ProductVersion : VI.Second Edition ProductName : Lavasoft Ad-Aware SE CompanyName : Lavasoft Sweden FileDescription : Ad-Aware SE Core application InternalName : Ad-Aware.exe LegalCopyright : Copyright © Lavasoft Sweden OriginalFilename : Ad-Aware.exe Comments : All Rights Reserved #:49 [wuauclt.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 2276 ThreadCreationTime : 06.04.2005 18:35:01 BasePriority : Normal FileVersion : 5.4.3790.2182 built by: srv03_rtm(ntvbl04) ProductVersion : 5.4.3790.2182 ProductName : Betriebssystem Microsoft® Windows® CompanyName : Microsoft Corporation FileDescription : Automatische Updates InternalName : wuauclt.exe LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten. OriginalFilename : wuauclt.exe #:50 [aupdate.exe] FilePath : C:\Programme\Symantec\LiveUpdate\ ProcessID : 2284 ThreadCreationTime : 06.04.2005 18:35:01 BasePriority : Normal FileVersion : 2.5.55.0 ProductVersion : 2.5.55.0 ProductName : LiveUpdate CompanyName : Symantec Corporation FileDescription : Automatic LiveUpdate Module InternalName : Automatic LiveUpdate LegalCopyright : Copyright © 1996-2004 Symantec Corporation OriginalFilename : AUpdate.exe #:51 [lucoms~1.exe] FilePath : C:\PROGRA~1\Symantec\LIVEUP~1\ ProcessID : 332 ThreadCreationTime : 06.04.2005 18:35:12 BasePriority : Normal FileVersion : 2.5.55.0 ProductVersion : 2.5.55.0 ProductName : LiveUpdate CompanyName : Symantec Corporation FileDescription : LiveUpdate Engine COM Module InternalName : LuComServer LegalCopyright : Copyright © 1996-2004 Symantec Corporation OriginalFilename : LuComServer.exe Memory scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 0 Started registry scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Registry Scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 0 Started deep registry scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Deep registry scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 0 Started Tracking Cookie scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Tracking Cookie Object Recognized! Type : IECache Entry Data : wilfried@apmebf[1].txt Category : Data Miner Comment : Hits:5 Value : Cookie:wilfried@apmebf.com/ Expires : 02.04.2010 23:10:44 LastSync : Hits:5 UseCount : 0 Hits : 5 Tracking Cookie Object Recognized! Type : IECache Entry Data : wilfried@as-eu.falkag[1].txt Category : Data Miner Comment : Hits:24 Value : Cookie:wilfried@as-eu.falkag.net/ Expires : 03.04.2006 19:30:54 LastSync : Hits:24 UseCount : 0 Hits : 24 Tracking Cookie Object Recognized! Type : IECache Entry Data : wilfried@as1.falkag[2].txt Category : Data Miner Comment : Hits:24 Value : Cookie:wilfried@as1.falkag.de/ Expires : 06.05.2005 18:21:42 LastSync : Hits:24 UseCount : 0 Hits : 24 Tracking Cookie Object Recognized! Type : IECache Entry Data : wilfried@web4.realtracker[1].txt Category : Data Miner Comment : Hits:1 Value : Cookie:wilfried@web4.realtracker.com/ Expires : 01.01.2007 01:00:00 LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking cookie scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 4 Objects found so far: 4 Deep scanning and examining files (C »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Disk Scan Result for C:\ »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 4 Deep scanning and examining files (D »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Disk Scan Result for D:\ »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 4 Deep scanning and examining files (E »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Disk Scan Result for E:\ »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 4 Scanning Hosts file...... Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts". »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Hosts file scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» 1 entries scanned. New critical objects:0 Objects found so far: 4 Performing conditional scans... »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Conditional scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 4 20:52:30 Scan Complete Summary Of This Scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Total scanning time:00:17:05.485 Objects scanned:202259 Objects identified:4 Objects ignored:0 New critical objects:4 Und immer wieder: Vielen vielen Dank. |
|
|
||
06.04.2005, 21:55
Ehrenmitglied
Beiträge: 29434 |
#19
Hallo@Cailie
--------------------------------------------------------------- silentrunners http://www.silentrunners.org/sr_download.html gehe auf: Zitat: Click here to download a zip file. hier die Erklaerung: http://www.silentrunners.org/sr_scriptuse.html klicke: output file is in text format. --> Doppelklick und es oeffnet sich der Editor--> und poste alles, was angezeigt wird. _________________________________________________________________ Poste das neue Log vom HijackThis, bitte __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
das mit dem Download vom RegCleaner klappt nicht. Von der von dir angegebenen Seite gelange ich dann 2 Seiten weiter. Dort befindet sich eine Liste von 6 Downloadmäglichkeiten untereinander. Doch beim Anklicken passiert gar nichts.
Aber ich habe nochmal Mwav laufen lassen und da hat sich folgendes ergeben:
File System Found infected by "VX2 Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "IEHijacker.Hotoffers Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "VB and VBA Program Settings Spyware/Adware" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\guninst.exe infected by "Trojan-Dropper.Win32.Agent.hy" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\Process.exe tagged as not-a-virus:RiskWare.Tool.Processor.20. No Action Taken.
Wie soll ich weitermachen? gunsinst.exe mit der Killbox löschen? Und was bedeutet der Rest?