Privacy Vulnerability Detected - als Startseite

#0
26.06.2005, 21:26
Ehrenmitglied
Avatar Sabina

Beiträge: 29434
#16 wenn du cmd eintippst: oeffnet sich DOS

dann kopierst du rein:


cd\
cd %windir%\system32
dir /a:-d /o:-d > %systemdrive%\system32.txt
start %systemdrive%\system32.txt
cls
exit



dann wird sich automatisch der Editor oeffnen.....

ist das so schwer ? oder schlecht erklaert ???
__________
MfG Sabina

rund um die PC-Sicherheit
Seitenanfang Seitenende
26.06.2005, 22:40
Member

Beiträge: 13
#17 sorry, nun hab ich es auch kappiert ;)

bin mit solchen sachen am pc leider nicht so vertraut...

soll ich das hier alles reinposten?
Seitenanfang Seitenende
26.06.2005, 22:59
Ehrenmitglied
Avatar Sabina

Beiträge: 29434
#18 ich denke ja ;) (aber nur 50 Tage zurueck, nicht mehr ;)
__________
MfG Sabina

rund um die PC-Sicherheit
Seitenanfang Seitenende
27.06.2005, 17:44
Member

Beiträge: 13
#19 so...


sys
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: A844-F9C6

Verzeichnis von C:\

26.06.2005 22:16 0 sys.txt
26.06.2005 22:15 3.717 system.txt
26.06.2005 22:13 88.523 system32.txt
26.06.2005 22:12 10.708 systemtemp.txt
26.06.2005 22:07 805.306.368 pagefile.sys
23.06.2005 21:34 0 ASPI.LOG
11.06.2005 12:15 194 boot.ini
28.05.2005 19:46 7.680 Thumbs.db


system32
26.06.2005 22:08 889 vsconfig.xml
24.06.2005 12:33 37.376 svcnut32.exe
23.06.2005 20:13 2.206 wpa.dbl
09.06.2005 18:16 4.212 zllictbl.dat
09.06.2005 18:11 213.672 FNTCACHE.DAT
03.06.2005 12:55 3.069 jupdate-1.5.0_02-b09.log
01.06.2005 15:51 1.890 KGyGaAvL.sys
01.06.2005 15:51 56 864F205D07.sys
26.05.2005 21:33 34.064 lhacm.acm
24.05.2005 19:52 5.308 d3d9caps.dat
22.05.2005 23:19 0 h323log.txt
22.05.2005 22:52 48.156 perfc007.dat
22.05.2005 22:52 316.594 perfh007.dat
22.05.2005 22:52 311.604 perfh009.dat
22.05.2005 22:52 39.992 perfc009.dat
22.05.2005 22:52 723.744 PerfStringBackup.INI
22.05.2005 22:26 25.065 wmpscheme.xml
22.05.2005 22:24 302 $winnt$.inf
22.05.2005 22:22 2.951 CONFIG.NT
22.05.2005 22:22 16.832 amcompat.tlb
22.05.2005 22:22 23.392 nscompat.tlb
22.05.2005 22:21 488 logonui.exe.manifest
22.05.2005 22:21 488 WindowsLogon.manifest
22.05.2005 22:21 749 wuaucpl.cpl.manifest
22.05.2005 22:21 749 nwc.cpl.manifest
22.05.2005 22:21 749 sapi.cpl.manifest
22.05.2005 22:21 749 cdplayer.exe.manifest
22.05.2005 22:21 749 ncpa.cpl.manifest
22.05.2005 22:20 21.740 emptyregdb.dat
04.05.2005 07:04 299.008 atiiiexx.dll
04.05.2005 06:31 221.184 ATIDEMGR.dll
04.05.2005 05:52 6.680.576 atioglx1.dll
04.05.2005 04:44 4.820.992 atioglxx.dll
04.05.2005 04:28 226.816 ati2dvag.dll
04.05.2005 04:24 94.208 atipdlxx.dll
04.05.2005 04:24 73.728 Oemdspif.dll
04.05.2005 04:24 25.088 Ati2mdxx.exe
04.05.2005 04:24 39.936 ati2edxx.dll
04.05.2005 04:23 46.080 ati2evxx.dll
04.05.2005 04:22 364.544 ati2evxx.exe
04.05.2005 04:22 53.248 ATIDDC.DLL
04.05.2005 04:14 2.307.424 ati3duag.dll
04.05.2005 04:08 604.864 ativvaxx.dll
04.05.2005 03:57 135.168 atikvmag.dll
04.05.2005 03:57 17.408 atitvo32.dll
04.05.2005 03:52 204.800 ati2cqag.dll
03.05.2005 21:05 516.096 ati2sgag.exe
02.05.2005 14:07 5.396 atifglpf.xml
08.04.2005 22:42 87.540 atiicdxx.dat

system
26.06.2005 22:08 472 win.ini
26.06.2005 22:08 0 0.log
26.06.2005 22:07 2.048 bootstat.dat
26.06.2005 22:01 13.534 SchedLgU.Txt
26.06.2005 21:14 140 winamp.ini
26.06.2005 20:42 52 wb.ini
25.06.2005 12:16 1.706.871 setupapi.log
24.06.2005 19:25 50 wiaservc.log
24.06.2005 19:25 310 wiadebug.log
17.06.2005 15:52 2.038 ModemLog_Creatix V.9X DSP Data Fax Modem.txt
14.06.2005 11:37 165.761 DirectX.log
14.06.2005 10:27 10.240 Thumbs.db
11.06.2005 12:15 277 system.ini
08.06.2005 17:06 400 ODBC.INI
22.05.2005 23:17 0 Sti_Trace.log
22.05.2005 23:15 1.348 regopt.log
22.05.2005 23:14 0 setuperr.log
22.05.2005 22:54 30.088 Windows Update.log
22.05.2005 22:30 855.148 setuplog.txt
22.05.2005 22:26 829 OEWABLog.txt
22.05.2005 22:24 19.342 comsetup.log
22.05.2005 22:24 11.401 ntdtcsetup.log
22.05.2005 22:24 731 iis6.log
22.05.2005 22:24 8.331 tsoc.log
22.05.2005 22:24 4.512 imsins.log
22.05.2005 22:24 167.725 setupact.log
22.05.2005 22:22 0 control.ini
22.05.2005 22:22 299.552 WMSysPrx.prx
22.05.2005 22:22 4.161 ODBCINST.INI
22.05.2005 22:21 749 WindowsShell.Manifest
22.05.2005 22:20 15.458 ocgen.log
22.05.2005 22:20 1.065 ocmsn.log
22.05.2005 22:20 875 msgsocm.log
22.05.2005 22:20 11.569 FaxSetup.log
22.05.2005 22:20 36 vb.ini
22.05.2005 22:20 37 vbaddin.ini
22.05.2005 22:20 128 DtcInstall.log
22.05.2005 22:20 1.060 sessmgr.setup.log
02.04.2003 14:00 65.978 Seifenblase.bmp
02.04.2003 14:00 17.062 Kaffeetasse.bmp
02.04.2003 14:00 9.522 Zapotek.bmp
02.04.2003 14:00 10.752 hh.exe
02.04.2003 14:00 26.582 Granit.bmp
02.04.2003 14:00 1.405 msdfmap.ini
02.04.2003 14:00 16.730 Feder.bmp
02.04.2003 14:00 65.954 Pr?riewind.bmp
02.04.2003 14:00 65.832 Santa Fe-Stuck.bmp
02.04.2003 14:00 80 explorer.scf
02.04.2003 14:00 94.800 twain.dll
02.04.2003 14:00 46.592 twain_32.dll
02.04.2003 14:00 49.680 twunk_16.exe
02.04.2003 14:00 25.600 twunk_32.exe
02.04.2003 14:00 141.312 regedit.exe
02.04.2003 14:00 26.680 F?cher.bmp
02.04.2003 14:00 18.944 vmmreg32.dll
02.04.2003 14:00 1.007.104 explorer.exe
02.04.2003 14:00 67.072 NOTEPAD.EXE
02.04.2003 14:00 2 desktop.ini
02.04.2003 14:00 82.944 clock.avi
02.04.2003 14:00 1.272 Blaue Spitzen 16.bmp
02.04.2003 14:00 17.336 Angler.bmp
02.04.2003 14:00 15.872 TASKMAN.EXE
02.04.2003 14:00 257.568 winhelp.exe
02.04.2003 14:00 271.872 winhlp32.exe
02.04.2003 14:00 48.680 winnt.bmp
02.04.2003 14:00 48.680 winnt256.bmp
02.04.2003 14:00 34.818 wmprfDEU.prx
02.04.2003 14:00 17.362 Rhododendron.bmp
02.04.2003 14:00 707 _default.pif

systemtemp
26.06.2005 22:08 11.177 jusched.log
26.06.2005 21:27 61.440 ~19A.tmp
26.06.2005 21:26 61.440 ~198.tmp
26.06.2005 21:23 61.440 ~196.tmp
26.06.2005 20:54 10.538 control.xml
26.06.2005 19:48 61.440 ~12C.tmp
26.06.2005 19:34 61.440 ~12A.tmp
26.06.2005 18:51 61.440 ~128.tmp
26.06.2005 18:45 61.440 ~126.tmp
26.06.2005 18:20 61.440 ~122.tmp
26.06.2005 18:04 61.440 ~119.tmp
25.06.2005 18:26 61.440 ~6F.tmp
25.06.2005 18:19 61.440 ~61.tmp
25.06.2005 18:00 16.384 ~DFAC4F.tmp
25.06.2005 15:26 61.440 ~2A1.tmp
25.06.2005 14:36 61.440 ~254.tmp
25.06.2005 14:07 61.440 ~252.tmp
25.06.2005 14:06 61.440 ~250.tmp
25.06.2005 10:31 51 kb.log
25.06.2005 10:28 16.384 ~DF9DC.tmp
25.06.2005 10:20 16.384 ~DF877B.tmp
24.06.2005 18:44 695 TWAIN.LOG
24.06.2005 18:44 3 Twain001.Mtx
24.06.2005 18:44 156 Twunk001.MTX
24.06.2005 13:48 61.440 ~3B.tmp
24.06.2005 13:44 61.440 ~39.tmp
24.06.2005 12:33 37.376 0666.exe
24.06.2005 12:32 2.072 java_install_reg.log
22.06.2005 22:42 0 WASEE.tmp
22.06.2005 20:33 61.440 ~CA.tmp
21.06.2005 18:31 61.440 ~34.tmp
21.06.2005 18:22 0 WERA.tmp
21.06.2005 18:21 0 WER9.tmp
21.06.2005 18:21 0 WER8.tmp
21.06.2005 18:21 0 WER7.tmp
21.06.2005 18:21 0 WER6.tmp
21.06.2005 18:21 0 WER5.tmp
21.06.2005 18:21 0 WER4.tmp
20.06.2005 22:16 61.440 ~F9.tmp
20.06.2005 21:53 61.440 ~F7.tmp
20.06.2005 21:08 61.440 ~8C.tmp
20.06.2005 19:28 61.440 ~4C.tmp
20.06.2005 19:27 61.440 ~4A.tmp
19.06.2005 22:19 61.440 ~145.tmp
19.06.2005 21:02 61.440 ~DF.tmp
19.06.2005 20:46 61.440 ~CC.tmp
19.06.2005 19:46 61.440 ~9B.tmp
19.06.2005 18:55 61.440 ~86.tmp
19.06.2005 18:23 61.440 ~84.tmp
19.06.2005 18:16 61.440 ~82.tmp
19.06.2005 18:07 61.440 ~80.tmp
19.06.2005 16:49 61.440 ~7E.tmp
18.06.2005 16:22 61.440 ~6E.tmp
18.06.2005 15:03 61.440 ~31.tmp
17.06.2005 18:31 61.440 ~30.tmp
16.06.2005 22:21 61.440 ~301.tmp
16.06.2005 21:43 61.440 ~2CF.tmp
16.06.2005 21:42 61.440 ~2CD.tmp
16.06.2005 21:19 61.440 ~2CB.tmp
16.06.2005 20:25 61.440 ~2B8.tmp
16.06.2005 20:09 61.440 ~2B6.tmp
16.06.2005 18:44 61.440 ~2B4.tmp
16.06.2005 18:43 61.440 ~2B2.tmp
15.06.2005 20:54 61.440 ~3A.tmp
15.06.2005 20:53 61.440 ~38.tmp
15.06.2005 17:43 61.440 ~33.tmp
15.06.2005 17:37 61.440 ~2F.tmp
14.06.2005 21:48 61.440 ~2E.tmp
14.06.2005 16:36 61.440 ~2D.tmp
14.06.2005 11:37 232 _isdelet.ini
14.06.2005 11:30 2.815 ISPackFiles.ini
13.06.2005 21:08 61.440 ~F6.tmp
13.06.2005 19:55 61.440 ~C9.tmp
13.06.2005 19:27 61.440 ~C7.tmp
13.06.2005 18:53 61.440 ~BE.tmp
13.06.2005 13:58 61.440 ~6D.tmp
13.06.2005 10:44 0 Twunk002.MTX
12.06.2005 20:17 61.440 ~8B.tmp
12.06.2005 19:33 61.440 ~6C.tmp
12.06.2005 18:25 61.440 ~47.tmp
12.06.2005 17:53 61.440 ~36.tmp
12.06.2005 17:41 61.440 ~2C.tmp
11.06.2005 17:59 304 wahtmltmp00.htm
11.06.2005 15:31 61.440 ~2B.tmp
11.06.2005 15:25 61.440 ~29.tmp
11.06.2005 15:21 61.440 ~32.tmp
11.06.2005 15:13 512 ~DF85A6.tmp
11.06.2005 15:13 16.384 ~DF8599.tmp
11.06.2005 15:13 16.384 ~DF857E.tmp
11.06.2005 15:13 512 ~DF858B.tmp
11.06.2005 15:13 512 ~DF8555.tmp
11.06.2005 15:13 16.384 ~DF8563.tmp
11.06.2005 15:13 512 ~DF8570.tmp
11.06.2005 15:13 16.384 ~DF8548.tmp
11.06.2005 15:13 16.384 ~DF54DC.tmp
11.06.2005 15:13 16.384 ~DF4F96.tmp
11.06.2005 15:13 512 ~DF4FA3.tmp
10.06.2005 18:33 61.440 ~15C.tmp
09.06.2005 22:06 61.440 ~6B.tmp
09.06.2005 21:51 61.440 ~58.tmp
09.06.2005 20:31 61.440 ~56.tmp
09.06.2005 20:27 61.440 ~54.tmp
09.06.2005 20:16 61.440 ~52.tmp
09.06.2005 19:27 61.440 ~3F.tmp
09.06.2005 18:51 61.440 ~3D.tmp
08.06.2005 19:40 61.440 ~558.tmp
08.06.2005 17:10 3.534 AutoRoute 2004 Setup(0001).txt
08.06.2005 17:10 226 AutoRoute 2004 Setup(0001)_Task(0001).txt
08.06.2005 17:06 226 Word 2002 Setup(0001)_Task(0001).txt
08.06.2005 17:06 3.347 Word 2002 Setup(0001).txt
08.06.2005 17:05 48.531 offcln10.log
07.06.2005 21:08 61.440 ~127.tmp
07.06.2005 18:58 61.440 ~2A.tmp
07.06.2005 18:00 61.440 ~28.tmp
07.06.2005 17:29 61.440 ~26.tmp
07.06.2005 11:34 45.096 _VWUPSRV.EXE
06.06.2005 22:32 61.440 ~24.tmp
06.06.2005 21:22 61.440 ~22.tmp
06.06.2005 21:11 61.440 ~20.tmp
06.06.2005 19:36 61.440 ~1E.tmp
06.06.2005 18:40 61.440 ~1C.tmp
06.06.2005 18:38 61.440 ~1A.tmp
05.06.2005 21:42 61.440 ~FC.tmp
05.06.2005 20:19 61.440 ~BF.tmp
05.06.2005 18:52 61.440 ~BD.tmp
05.06.2005 17:35 61.440 ~BB.tmp
05.06.2005 17:34 61.440 ~B9.tmp
05.06.2005 17:34 61.440 ~B7.tmp
05.06.2005 17:33 61.440 ~B5.tmp
05.06.2005 17:30 61.440 ~B3.tmp
05.06.2005 17:10 61.440 ~9E.tmp
05.06.2005 16:34 61.440 ~9C.tmp
05.06.2005 15:34 61.440 ~9A.tmp
05.06.2005 15:32 61.440 ~98.tmp
04.06.2005 19:49 61.440 ~18.tmp
04.06.2005 19:45 0 jupdate1.5.0.xml
04.06.2005 11:16 61.440 ~EA.tmp
03.06.2005 13:10 0 aaxB.tmp
03.06.2005 13:00 0 aaxA.tmp
03.06.2005 12:55 23.552 java_install.log
03.06.2005 12:43 0 aax2.tmp
01.06.2005 22:23 16.384 ~DFDEA8.tmp
01.06.2005 22:23 16.384 ~DFD96C.tmp
01.06.2005 21:45 61.440 ~27.tmp
01.06.2005 21:40 61.440 ~25.tmp
01.06.2005 20:31 61.440 ~23.tmp
01.06.2005 20:24 61.440 ~21.tmp
01.06.2005 20:17 61.440 ~1F.tmp
01.06.2005 19:55 61.440 ~1D.tmp
01.06.2005 19:02 61.440 ~1B.tmp
01.06.2005 19:00 61.440 ~19.tmp
01.06.2005 18:45 61.440 ~17.tmp
01.06.2005 18:27 61.440 ~15.tmp
01.06.2005 15:57 0 aax7.tmp
01.06.2005 15:52 0 aax6.tmp
31.05.2005 19:15 61.440 ~55.tmp
31.05.2005 18:48 61.440 ~14.tmp
31.05.2005 18:47 61.440 ~12.tmp
31.05.2005 17:01 0 NEW1D.html
31.05.2005 17:01 0 NEW1D.tmp
30.05.2005 21:22 61.440 ~16.tmp
30.05.2005 19:36 61.440 ~13.tmp
30.05.2005 19:13 61.440 ~11.tmp
30.05.2005 18:50 61.440 ~F.tmp
30.05.2005 18:45 61.440 ~D.tmp
29.05.2005 21:37 61.440 ~6A.tmp
29.05.2005 21:06 61.440 ~66.tmp
29.05.2005 19:57 61.440 ~64.tmp
29.05.2005 18:11 61.440 ~37.tmp
29.05.2005 17:12 61.440 ~10.tmp
29.05.2005 16:40 61.440 ~B.tmp
29.05.2005 16:04 61.440 ~E.tmp
29.05.2005 14:08 61.440 ~C.tmp
29.05.2005 14:04 61.440 ~A.tmp
29.05.2005 11:35 16.384 ~DF9304.tmp
29.05.2005 11:35 16.384 ~DF861E.tmp
29.05.2005 02:12 61.440 ~2C5.tmp
29.05.2005 02:07 61.440 ~2C3.tmp
29.05.2005 00:54 61.440 ~2B9.tmp
29.05.2005 00:44 61.440 ~2B7.tmp
29.05.2005 00:06 61.440 ~2AB.tmp
29.05.2005 00:00 61.440 ~2A9.tmp
28.05.2005 23:54 61.440 ~2A7.tmp
28.05.2005 23:43 61.440 ~2A5.tmp
28.05.2005 19:38 9.154 Microsoft Office FrontPage 2003 Setup(0001).txt
28.05.2005 19:38 91.136 Microsoft Office FrontPage 2003 Setup(0001)_Task(0001).txt
28.05.2005 19:37 52.091 offcln11.log
28.05.2005 19:36 9.936 Microsoft Office 2003 Setup(0001).txt
28.05.2005 19:36 431.178 Microsoft Office 2003 Setup(0001)_Task(0001).txt
27.05.2005 17:27 16.384 ~DF7D31.tmp
27.05.2005 17:27 16.384 ~DF66C9.tmp
26.05.2005 21:40 61.440 ~69.tmp
26.05.2005 21:39 61.440 ~67.tmp
26.05.2005 21:37 61.440 ~65.tmp
26.05.2005 21:35 61.440 ~63.tmp
26.05.2005 21:18 61.440 ~60.tmp
26.05.2005 20:48 61.440 ~5E.tmp
25.05.2005 17:31 61.440 ~140.tmp
25.05.2005 16:20 61.440 ~68.tmp
25.05.2005 15:01 61.440 ~5F.tmp
25.05.2005 13:18 61.440 ~9.tmp
24.05.2005 22:36 61.440 ~51.tmp
24.05.2005 22:19 61.440 ~48.tmp
24.05.2005 21:23 61.440 ~35.tmp
24.05.2005 21:15 71.680 GLB22.tmp
24.05.2005 21:13 16.384 ~DFF002.tmp
24.05.2005 21:09 16.384 ~DF1118.tmp
24.05.2005 19:53 61.440 ~8.tmp
24.05.2005 19:53 61.440 ~4.tmp
24.05.2005 19:18 61.440 ~6.tmp
24.05.2005 19:11 61.440 ~3.tmp
23.05.2005 21:38 61.440 ~7.tmp
23.05.2005 21:36 61.440 ~5.tmp
23.05.2005 21:11 16.384 ~DF2714.tmp
23.05.2005 20:58 71.680 GLB1BB.tmp
22.05.2005 23:39 54.272 3a9c46.mst


so, das wars, denke ich ;)
Seitenanfang Seitenende
27.06.2005, 23:54
Ehrenmitglied
Avatar Sabina

Beiträge: 29434
#20 das solltest du loeschen:

C:\WINDOWS\system32\shdocpl.dll
C:\WINDOWS\system32\ieud32.dll
C:\WINDOWS\system32\ntnut32.exe
C:\WINDOWS\system32\svcnut.exe
C:\WINDOWS\system32\hun32.dll
C:\WINDOWS\system32\svcnut32.exe
C:\WINDOWS\system32\shdocpv.dll


das hab ich noch gefunden ;)

system32

24.06.2005 12:33 37.376 svcnut32.exe

also bitte loeschen ;)

CCleaner--> loesche alle *temp-Datein
http://virus-protect.org/temp.html


__________
MfG Sabina

rund um die PC-Sicherheit
Seitenanfang Seitenende
28.06.2005, 17:21
Member

Beiträge: 13
#21 so, ich hoff ich hab alles gelöscht...

Logdatei vom ccleaner....ich glaube, ich sollte das öfter machen ;)

Zitat

ANALYSE komplett - (47,473 Sek)
------------------------------------------------------------------------------------------
982,7MB zu entfernen. (Ungefähre Größe)

sonst noch was zu beachten?

Was fürt eine Firewall sollte ich denn benutzen? Virenproggiy?
Dieser Beitrag wurde am 28.06.2005 um 17:24 Uhr von doxi editiert.
Seitenanfang Seitenende
28.06.2005, 23:13
Ehrenmitglied
Avatar Sabina

Beiträge: 29434
#22 du bist noch nicht entlassen ;)

#Alternativbrowser zum IE
Firefox

http://www.firefox-browser.de/windows.php
http://www.mozilla-europe.org/de/
Installation+Konfiguration Firefox
http://www.pcwelt.de/know-how/software/103924/index1.html

•Ad-aware SE Personal
http://virus-protect.org/antispywaretools.html
Laden--> Updaten-->Konfigurieren
http://virus-protect.org/adaware.html
#VOR jedem Scanvorgang das Programm Updaten!
waehrend des Scanvorganges müssen ALLE sonstige
Anwendungen beendet werden und alle Browserfenster müssen
geschlossen sein!
scannen-->PC neustarten--> noch mal scannen--> poste das Log vom Scann
__________
MfG Sabina

rund um die PC-Sicherheit
Seitenanfang Seitenende
29.06.2005, 18:39
Member

Beiträge: 13
#23 so, hier die Logfile....
also browser nutze ich opera, 99%...taugt das auch?

Ad-Aware SE Build 1.06r1
Logfile Created on:Mittwoch, 29. Juni 2005 17:55:21
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R51 21.06.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Alexa(TAC index:5):10 total references
MRU List(TAC index:0):16 total references
Security iGuard(TAC index:9):6 total references
Tracking Cookie(TAC index:3):5 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects


29.06.2005 17:55:21 - Scan started. (Full System Scan)

MRU List Object Recognized!
Location: : C:\Dokumente und Einstellungen\Stinki\recent
Description : list of recently opened documents


MRU List Object Recognized!
Location: : S-1-5-21-839522115-838170752-725345543-1004\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d


MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d


MRU List Object Recognized!
Location: : S-1-5-21-839522115-838170752-725345543-1004\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X


MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X


MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw


MRU List Object Recognized!
Location: : S-1-5-21-839522115-838170752-725345543-1004\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput


MRU List Object Recognized!
Location: : S-1-5-21-839522115-838170752-725345543-1004\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput


MRU List Object Recognized!
Location: : S-1-5-21-839522115-838170752-725345543-1004\software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer


MRU List Object Recognized!
Location: : S-1-5-21-839522115-838170752-725345543-1004\software\microsoft\mediaplayer\player\settings
Description : last open directory used in jasc paint shop pro


MRU List Object Recognized!
Location: : S-1-5-21-839522115-838170752-725345543-1004\software\microsoft\office\11.0\powerpoint\recentfolderlist
Description : list of recent folders used by microsoft powerpoint


MRU List Object Recognized!
Location: : S-1-5-21-839522115-838170752-725345543-1004\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened


MRU List Object Recognized!
Location: : S-1-5-21-839522115-838170752-725345543-1004\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension


MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows media\wmsdk\general
Description : windows media sdk


MRU List Object Recognized!
Location: : S-1-5-18\software\microsoft\windows media\wmsdk\general
Description : windows media sdk


MRU List Object Recognized!
Location: : S-1-5-21-839522115-838170752-725345543-1004\software\microsoft\windows media\wmsdk\general
Description : windows media sdk


Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 756
ThreadCreationTime : 29.06.2005 15:53:35
BasePriority : Normal


#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 824
ThreadCreationTime : 29.06.2005 15:53:42
BasePriority : Normal


#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 848
ThreadCreationTime : 29.06.2005 15:53:43
BasePriority : High


#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 892
ThreadCreationTime : 29.06.2005 15:53:44
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Betriebssystem Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Anwendung für Dienste und Controller
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten.
OriginalFilename : services.exe

#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 904
ThreadCreationTime : 29.06.2005 15:53:44
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [ati2evxx.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1072
ThreadCreationTime : 29.06.2005 15:53:44
BasePriority : Normal
FileVersion : 6.14.10.4115
ProductVersion : 6.14.10.4115.01
ProductName : ATI External Event Utility for WindowsNT and Windows9X
CompanyName : ATI Technologies Inc.
FileDescription : ATI External Event Utility EXE Module
InternalName : ATI2EVXX.EXE
LegalCopyright : Copyright © 1999-2004 ATI Technologies Inc.
OriginalFilename : ATI2EVXX.EXE

#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1100
ThreadCreationTime : 29.06.2005 15:53:44
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1256
ThreadCreationTime : 29.06.2005 15:53:44
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1456
ThreadCreationTime : 29.06.2005 15:53:44
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:10 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1488
ThreadCreationTime : 29.06.2005 15:53:44
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:11 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1748
ThreadCreationTime : 29.06.2005 15:53:45
BasePriority : Normal
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:12 [wbload.exe]
FilePath : C:\Programme\AlienGUIse\
ProcessID : 1900
ThreadCreationTime : 29.06.2005 15:53:45
BasePriority : Normal
FileVersion : 4.2
ProductVersion : 4.2
ProductName : WindowBlinds - http://www.windowblinds.net
CompanyName : Stardock Systems, Inc
FileDescription : WindowBlinds
InternalName : WindowBlinds
LegalCopyright : Copyright © 1997-2003 Neil Banfield, © 1998-2003 Stardock.Net, Inc
OriginalFilename : WindowBlinds
Comments : This is the WindowBlinds launcher app. Please do not delete this file. If you want to uninstall WindowBlinds, then use the uninstaller!

#:13 [ati2evxx.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 160
ThreadCreationTime : 29.06.2005 15:53:49
BasePriority : Normal
FileVersion : 6.14.10.4115
ProductVersion : 6.14.10.4115.01
ProductName : ATI External Event Utility for WindowsNT and Windows9X
CompanyName : ATI Technologies Inc.
FileDescription : ATI External Event Utility EXE Module
InternalName : ATI2EVXX.EXE
LegalCopyright : Copyright © 1999-2004 ATI Technologies Inc.
OriginalFilename : ATI2EVXX.EXE

#:14 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 216
ThreadCreationTime : 29.06.2005 15:53:49
BasePriority : Normal
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
ProductName : Betriebssystem Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten.
OriginalFilename : EXPLORER.EXE

#:15 [rundll32.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 376
ThreadCreationTime : 29.06.2005 15:53:50
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Betriebssystem Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Eine DLL-Datei als Anwendung ausführen
InternalName : rundll
LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten.
OriginalFilename : RUNDLL.EXE

#:16 [jusched.exe]
FilePath : C:\Programme\Java\jre1.5.0_02\bin\
ProcessID : 392
ThreadCreationTime : 29.06.2005 15:53:50
BasePriority : Normal


#:17 [ctfmon.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 424
ThreadCreationTime : 29.06.2005 15:53:50
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE

#:18 [msmsgs.exe]
FilePath : C:\Programme\Messenger\
ProcessID : 432
ThreadCreationTime : 29.06.2005 15:53:50
BasePriority : Normal
FileVersion : 4.7.0041
ProductVersion : Version 4.7
ProductName : Messenger
CompanyName : Microsoft Corporation
FileDescription : Messenger
InternalName : msmsgs
LegalCopyright : Copyright (c) Microsoft Corporation 1997-2001
LegalTrademarks : Microsoft(R) is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msmsgs.exe

#:19 [avguard.exe]
FilePath : C:\Programme\AVPersonal\
ProcessID : 640
ThreadCreationTime : 29.06.2005 15:53:52
BasePriority : Normal


#:20 [avwupsrv.exe]
FilePath : C:\Programme\AVPersonal\
ProcessID : 668
ThreadCreationTime : 29.06.2005 15:53:52
BasePriority : Normal


#:21 [ad-aware.exe]
FilePath : C:\Programme\Lavasoft\Ad-Aware SE Personal\
ProcessID : 2160
ThreadCreationTime : 29.06.2005 15:54:12
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 16


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Alexa Object Recognized!
Type : Regkey
Data :
TAC Rating : 5
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}

Alexa Object Recognized!
Type : RegValue
Data :
TAC Rating : 5
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : MenuStatusBar

Alexa Object Recognized!
Type : RegValue
Data :
TAC Rating : 5
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : Script

Alexa Object Recognized!
Type : RegValue
Data :
TAC Rating : 5
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : clsid

Alexa Object Recognized!
Type : RegValue
Data :
TAC Rating : 5
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : Icon

Alexa Object Recognized!
Type : RegValue
Data :
TAC Rating : 5
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : HotIcon

Alexa Object Recognized!
Type : RegValue
Data :
TAC Rating : 5
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : ButtonText

Alexa Object Recognized!
Type : RegValue
Data :
TAC Rating : 5
Category : Data Miner
Comment : "{c95fe080-8f5d-11d2-a20b-00aa003c157a}"
Rootkey : HKEY_USERS
Object : .DEFAULT\software\microsoft\internet explorer\extensions\cmdmapping
Value : {c95fe080-8f5d-11d2-a20b-00aa003c157a}

Alexa Object Recognized!
Type : RegValue
Data :
TAC Rating : 5
Category : Data Miner
Comment : "{c95fe080-8f5d-11d2-a20b-00aa003c157a}"
Rootkey : HKEY_USERS
Object : S-1-5-18\software\microsoft\internet explorer\extensions\cmdmapping
Value : {c95fe080-8f5d-11d2-a20b-00aa003c157a}

Alexa Object Recognized!
Type : RegValue
Data :
TAC Rating : 5
Category : Data Miner
Comment : "{c95fe080-8f5d-11d2-a20b-00aa003c157a}"
Rootkey : HKEY_USERS
Object : S-1-5-21-839522115-838170752-725345543-1004\software\microsoft\internet explorer\extensions\cmdmapping
Value : {c95fe080-8f5d-11d2-a20b-00aa003c157a}

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 10
Objects found so far: 26


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 26


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking Cookie Object Recognized!
Type : IECache Entry
Data : stinki@partners.webmasterplan[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:stinki@partners.webmasterplan.com/
Expires : 29.07.2005
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : stinki@mediaplex[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:stinki@mediaplex.com/
Expires : 22.06.2009 02:00:00
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : stinki@2o7[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:stinki@2o7.net/
Expires : 28.06.2010 17:30:08
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : stinki@cgi-bin[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:stinki@imrworldwide.com/cgi-bin
Expires : 19.01.2009 01:00:00
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 4
Objects found so far: 30



Deep scanning and examining files (C;)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : wurster@2o7[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\Wurster\Cookies\wurster@2o7[1].txt

Security iGuard Object Recognized!
Type : File
Data : A0059032.EXE
TAC Rating : 9
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{673B7F92-38FD-424E-8E84-443C0B7B7B99}\RP124\
FileVersion : 1,0,0,53
ProductVersion : 1,0,0,53
ProductName : Security iGuard Application
CompanyName : Rex-Services
FileDescription : Security iGuard
InternalName : Security iGuard
LegalCopyright : Copyright (C) 2004 Rex-Services All rights reserved
OriginalFilename : Security iGuard.exe


Security iGuard Object Recognized!
Type : File
Data : A0059034.EXE
TAC Rating : 9
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{673B7F92-38FD-424E-8E84-443C0B7B7B99}\RP124\



Security iGuard Object Recognized!
Type : File
Data : A0060100.EXE
TAC Rating : 9
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{673B7F92-38FD-424E-8E84-443C0B7B7B99}\RP127\
FileVersion : 1,0,0,53
ProductVersion : 1,0,0,53
ProductName : Security iGuard Application
CompanyName : Rex-Services
FileDescription : Security iGuard
InternalName : Security iGuard
LegalCopyright : Copyright (C) 2004 Rex-Services All rights reserved
OriginalFilename : Security iGuard.exe


Security iGuard Object Recognized!
Type : File
Data : A0060102.EXE
TAC Rating : 9
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{673B7F92-38FD-424E-8E84-443C0B7B7B99}\RP127\



Security iGuard Object Recognized!
Type : File
Data : A0060466.EXE
TAC Rating : 9
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{673B7F92-38FD-424E-8E84-443C0B7B7B99}\RP128\
FileVersion : 1,0,0,53
ProductVersion : 1,0,0,53
ProductName : Security iGuard Application
CompanyName : Rex-Services
FileDescription : Security iGuard
InternalName : Security iGuard
LegalCopyright : Copyright (C) 2004 Rex-Services All rights reserved
OriginalFilename : Security iGuard.exe


Security iGuard Object Recognized!
Type : File
Data : A0060468.EXE
TAC Rating : 9
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{673B7F92-38FD-424E-8E84-443C0B7B7B99}\RP128\



Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 37


Deep scanning and examining files (D;)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for D:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 37


Deep scanning and examining files (E;)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for E:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 37


Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 37




Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 37

18:36:36 Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:41:15.235
Objects scanned:139086
Objects identified:21
Objects ignored:0
New critical objects:21
Dieser Beitrag wurde am 29.06.2005 um 18:46 Uhr von doxi editiert.
Seitenanfang Seitenende
29.06.2005, 19:02
Ehrenmitglied
Avatar Sabina

Beiträge: 29434
#24 suche bitte: /loesche

C:\Programme\Security iGuard\

C:\Programme\Security iGuard\Security iGuard.exe
C:\Programme\Security iGuard\Security iGuard.dat

dann bist du entlassen ;) Schau dich auf meiner HP um , falls du dich fuer Sicheres Surfen interessierst ;)
__________
MfG Sabina

rund um die PC-Sicherheit
Seitenanfang Seitenende
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!

Folgende Themen könnten Dich auch interessieren: