ständiges pop-up -->conversion.cpvfeed.com (ie) |
||
---|---|---|
#0
| ||
18.11.2005, 11:33
...neu hier
Beiträge: 8 |
||
|
||
18.11.2005, 14:24
Ehrenmitglied
Beiträge: 29434 |
#17
loesche:
C:\WINDOWS\system32\tsuninst.exe Start-->Ausfuehren--> regedit HKCU\Software\maxthon <--loeschen der Rest sind nur ungueltige Eintraege...also nichts schlimmes. __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
18.11.2005, 17:24
...neu hier
Beiträge: 8 |
#18
Hi!
Done! Vielen Dank für die sehr umfangreiche und erfolgreiche Hilfe! Neben einem sauberen Rechner, habe ich auch viel gelernt. Ich hoffe natürlich, dass ich mich nicht so bald wieder hier melden muss... :-) Weiter so! Michael |
|
|
||
30.11.2005, 15:40
...neu hier
Beiträge: 1 |
#19
Hallo,
habe euer sehr nützliches forum (und sogar mal eins auf deutsch) erst dadurch entdeckt, weil ich auch einen LOOK2ME hatte. Ja, hatte... habe was entsprechendes gefunden, ausgeführt und alles ist wieder ok. hier der link: http://www.pchell.com/support/look2me.shtml Ich habe -bequem wie ich bin- deren VB-script nach den Anweisungen gestartet (im Task-Manager). Nach einen Neustart war alles behoben, keine popups mehr, counterspy hat auch nichts mehr gefunden. Ich hoffe, ich konnte durch meine Rückmeldung auch euch helfe. Viele Grüße aus Stuttgart Oliver Schwarz |
|
|
||
07.12.2005, 19:31
...neu hier
Beiträge: 1 |
#20
hallo,
bin neu hier und habe wohl das gleiche Problem wie viele... ständig popups wie z.B. conversion.cpvfeed.com... hier gleich der log von l2mfix mit Option1! Kann mir bitte jemand helfen!!! L2MFIX find log 1.04a These are the registry keys present ********************************************************************************** Winlogon/notify: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Dynamic Directory] "Asynchronous"=dword:00000000 "DllName"="C:\\WINDOWS\\system32\\k4440ehqeh4e0.dll" "Impersonate"=dword:00000000 "Logon"="WinLogon" "Logoff"="WinLogoff" "Shutdown"="WinShutdown" RegDACL 5.1 - Permissions Manager for Registry keys for Windows NT 4 and above Copyright (c) 1999-2001 Frank Heyne Software (http://www.heysoft.de) This program is Freeware, use it on your own risk! Access Control List for Registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify: (NI) ALLOW Full access NT-AUTORITŽT\SYSTEM (IO) ALLOW Full access NT-AUTORITŽT\SYSTEM (NI) ALLOW Full access NT-AUTORITŽT\SYSTEM (IO) ALLOW Full access NT-AUTORITŽT\SYSTEM (ID-NI) ALLOW Read VORDEFINIERT\Benutzer (ID-IO) ALLOW Read VORDEFINIERT\Benutzer (ID-NI) ALLOW Full access VORDEFINIERT\Administratoren (ID-IO) ALLOW Full access VORDEFINIERT\Administratoren (ID-NI) ALLOW Full access NT-AUTORITŽT\SYSTEM (ID-IO) ALLOW Full access NT-AUTORITŽT\SYSTEM (ID-IO) ALLOW Full access ERSTELLER-BESITZER ********************************************************************************** useragent: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform] "{DBDA5A54-9988-4EA6-709E-6C8F604BAAF0}"="" ********************************************************************************** Shell Extension key: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved] "{00022613-0000-0000-C000-000000000046}"="Eigenschaften fr Multimediadatei" "{176d6597-26d3-11d1-b350-080036a75b03}"="ICM-Scannerverwaltung" "{1F2E5C40-9550-11CE-99D2-00AA006E086C}"="NTFS-Sicherheit" "{3EA48300-8CF6-101B-84FB-666CCB9BCD32}"="OLE-Eigenschaftenseite fr Dokumente" "{40dd6e20-7c17-11ce-a804-00aa003ca9f6}"="Shellerweiterungen fr Freigaben" "{41E300E0-78B6-11ce-849B-444553540000}"="PlusPack CPL Extension" "{42071712-76d4-11d1-8b24-00a0c9068ff3}"="CPL-Erweiterung fr Grafikkarten" "{42071713-76d4-11d1-8b24-00a0c9068ff3}"="CPL-Erweiterung fr Bildschirme" "{42071714-76d4-11d1-8b24-00a0c9068ff3}"="CPL-Erweiterung fr Anzeigeverschiebung" "{4E40F770-369C-11d0-8922-00A024AB2DBB}"="DS-Sicherheit" "{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}"="Kompatibilit„tsseite" "{56117100-C0CD-101B-81E2-00AA004AE837}"="Shell-Datenauszughandler" "{59099400-57FF-11CE-BD94-0020AF85B590}"="Erweiterung fr Datentr„gerkopien" "{59be4990-f85c-11ce-aff7-00aa003ca9f6}"="Shellerweiterungen fr Microsoft Windows-Netzwerkobjekte" "{5DB2625A-54DF-11D0-B6C4-0800091AA605}"="ICM-Monitorverwaltung" "{675F097E-4C4D-11D0-B6C1-0800091AA605}"="ICM-Druckerverwaltung" "{764BF0E1-F219-11ce-972D-00AA00A14F56}"="Shellerweiterungen fr die Dateikomprimierung" "{77597368-7b15-11d0-a0c2-080036af3f03}"="Shellerweiterung fr Webdrucker" "{7988B573-EC89-11cf-9C00-00AA00A14F56}"="Disk Quota UI" "{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA}"="Kontextmen fr die Verschlsselung" "{85BBD920-42A0-1069-A2E4-08002B30309D}"="Aktenkoffer" "{88895560-9AA2-1069-930E-00AA0030EBC8}"="Erweiterung fr HyperTerminal-Icons" "{BD84B380-8CA2-1069-AB1D-08000948F534}"="Schriftarten" "{DBCE2480-C732-101B-BE72-BA78E9AD5B27}"="ICC-Profil" "{F37C5810-4D3F-11d0-B4BF-00AA00BBB723}"="Druckersicherheit" "{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}"="Shellerweiterungen fr Freigaben" "{f92e8c40-3d33-11d2-b1aa-080036a75b03}"="Display TroubleShoot CPL Extension" "{7007ACC7-3202-11D1-AAD2-00805FC1270E}"="Netzwerkverbindungen" "{992CFFA0-F557-101A-88EC-00DD010CCC48}"="Netzwerkverbindungen" "{E211B736-43FD-11D1-9EFB-0000F8757FCD}"="Scanner und Kameras" "{FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD}"="Scanner und Kameras" "{905667aa-acd6-11d2-8080-00805f6596d2}"="Scanner und Kameras" "{3F953603-1008-4f6e-A73A-04AAC7A992F1}"="Scanner und Kameras" "{83bbcbf3-b28a-4919-a5aa-73027445d672}"="Scanner und Kameras" "{F0152790-D56E-4445-850E-4F3117DB740C}"="Remote Sessions CPL Extension" "{5F327514-6C5E-4d60-8F16-D07FA08A78ED}"="Auto Update Property Sheet Extension" "{60254CA5-953B-11CF-8C96-00AA00B8708C}"="Shell extensions for Windows Script Host" "{2206CDB2-19C1-11D1-89E0-00C04FD7A829}"="Microsoft Datenverknpfung" "{DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Icon Handler" "{797F1E90-9EDD-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Shell Extension" "{D6277990-4C6A-11CF-8D87-00AA0060F5BF}"="Geplante Tasks" "{0DF44EAA-FF21-4412-828E-260A8728E7F1}"="Taskleiste und Startmen" "{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}"="Suchen" "{2559a1f1-21d7-11d4-bdaf-00c04f60b9f0}"="Hilfe und Support" "{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}"="Hilfe und Support" "{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}"="Ausfhren..." "{2559a1f4-21d7-11d4-bdaf-00c04f60b9f0}"="Internet" "{2559a1f5-21d7-11d4-bdaf-00c04f60b9f0}"="E-Mail" "{D20EA4E1-3957-11d2-A40B-0C5020524152}"="Schriftarten" "{D20EA4E1-3957-11d2-A40B-0C5020524153}"="Verwaltung" "{875CB1A1-0F29-45de-A1AE-CFB4950D0B78}"="Audio Media Properties Handler" "{40C3D757-D6E4-4b49-BB41-0E5BBEA28817}"="Video Media Properties Handler" "{E4B29F9D-D390-480b-92FD-7DDB47101D71}"="Wav Properties Handler" "{87D62D94-71B3-4b9a-9489-5FE6850DC73E}"="Avi Properties Handler" "{A6FD9E45-6E44-43f9-8644-08598F5A74D9}"="Midi Properties Handler" "{c5a40261-cd64-4ccf-84cb-c394da41d590}"="Video Thumbnail Extractor" "{5E6AB780-7743-11CF-A12B-00AA004AE837}"="Microsoft Internet Toolbar" "{22BF0C20-6DA7-11D0-B373-00A0C9034938}"="Download Status" "{91EA3F8B-C99B-11d0-9815-00C04FD91972}"="Augmented Shell Folder" "{6413BA2C-B461-11d1-A18A-080036B11A03}"="Augmented Shell Folder 2" "{F61FFEC1-754F-11d0-80CA-00AA005B4383}"="BandProxy" "{7BA4C742-9E81-11CF-99D3-00AA004AE837}"="Microsoft BrowserBand" "{30D02401-6A81-11d0-8274-00C04FD5AE38}"="Search Band" "{32683183-48a0-441b-a342-7c2a440a9478}"="Media Band" "{169A0691-8DF9-11d1-A1C4-00C04FD75D13}"="In-pane search" "{07798131-AF23-11d1-9111-00A0C98BA67D}"="Web Search" "{AF4F6510-F982-11d0-8595-00AA004CD6D8}"="Registry Tree Options Utility" "{01E04581-4EEE-11d0-BFE9-00AA005B4383}"="&Adresse" "{A08C11D2-A228-11d0-825B-00AA005B4383}"="Address EditBox" "{00BB2763-6A77-11D0-A535-00C04FD7D062}"="Microsoft AutoComplete" "{7376D660-C583-11d0-A3A5-00C04FD706EC}"="TridentImageExtractor" "{6756A641-DE71-11d0-831B-00AA005B4383}"="MRU AutoComplete List" "{6935DB93-21E8-4ccc-BEB9-9FE3C77A297A}"="Custom MRU AutoCompleted List" "{7e653215-fa25-46bd-a339-34a2790f3cb7}"="Accessible" "{acf35015-526e-4230-9596-becbe19f0ac9}"="Track Popup Bar" "{E0E11A09-5CB8-4B6C-8332-E00720A168F2}"="Syntaxanalyse der Adressleiste" "{00BB2764-6A77-11D0-A535-00C04FD7D062}"="Microsoft History AutoComplete List" "{03C036F1-A186-11D0-824A-00AA005B4383}"="Microsoft Shell Folder AutoComplete List" "{00BB2765-6A77-11D0-A535-00C04FD7D062}"="Microsoft Multiple AutoComplete List Container" "{ECD4FC4E-521C-11D0-B792-00A0C90312E1}"="Shell Band Site Menu" "{3CCF8A41-5C85-11d0-9796-00AA00B90ADF}"="Shell DeskBarApp" "{ECD4FC4C-521C-11D0-B792-00A0C90312E1}"="Shell DeskBar" "{ECD4FC4D-521C-11D0-B792-00A0C90312E1}"="Shell Rebar BandSite" "{DD313E04-FEFF-11d1-8ECD-0000F87A470C}"="User Assist" "{EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}"="Global Folder Settings" "{EFA24E61-B078-11d0-89E4-00C04FC9E26E}"="Favorites Band" "{0A89A860-D7B1-11CE-8350-444553540000}"="Shell Automation Inproc Service" "{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}"="Shell DocObject Viewer" "{A5E46E3A-8849-11D1-9D8C-00C04FC99D61}"="Microsoft Browser Architecture" "{FBF23B40-E3F0-101B-8488-00AA003E56F8}"="InternetShortcut" "{3C374A40-BAE4-11CF-BF7D-00AA006946EE}"="Microsoft URL-Verlauf-Dienst" "{FF393560-C2A7-11CF-BFF4-444553540000}"="Verlauf" "{7BD29E00-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files" "{7BD29E01-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files" "{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"="Microsoft Url Sucheingriff" "{A2B0DD40-CC59-11d0-A3A5-00C04FD706EC}"="IE4 Suite-Begráungsbildschirm" "{67EA19A0-CCEF-11d0-8024-00C04FD75D13}"="CDF Extension Copy Hook" "{131A6951-7F78-11D0-A979-00C04FD705A2}"="ISFBand OC" "{9461b922-3c5a-11d2-bf8b-00c04fb93661}"="Search Assistant OC" "{3DC7A020-0ACD-11CF-A9BB-00AA004AE837}"="Internet" "{871C5380-42A0-1069-A2EA-08002B30309D}"="Internet Name Space" "{EFA24E64-B078-11d0-89E4-00C04FC9E26E}"="Explorer-Band" "{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service" "{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service" "{88C6C381-2E85-11D0-94DE-444553540000}"="ActiveX-Cacheordner" "{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"="WebCheck" "{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE}"="Subscription Mgr" "{F5175861-2688-11d0-9C5E-00AA00A45957}"="Subscription Folder" "{08165EA0-E946-11CF-9C87-00AA005127ED}"="WebCheckWebCrawler" "{E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB}"="WebCheckChannelAgent" "{E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7}"="TrayAgent" "{7D559C10-9FE9-11d0-93F7-00AA0059CE02}"="Code Download Agent" "{E6CC6978-6B6E-11D0-BECA-00C04FD940BE}"="ConnectionAgent" "{D8BD2030-6FC9-11D0-864F-00AA006809D9}"="PostAgent" "{7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB}"="WebCheck SyncMgr Handler" "{352EC2B7-8B9A-11D1-B8AE-006008059382}"="Shell Application Manager" "{0B124F8F-91F0-11D1-B8B5-006008059382}"="Installed Apps Enumerator" "{CFCCC7A0-A282-11D1-9082-006008059382}"="Darwin App Publisher" "{e84fda7c-1d6a-45f6-b725-cb260c236066}"="Shell Image Verbs" "{66e4e4fb-f385-4dd0-8d74-a2efd1bc6178}"="Shell Image Data Factory" "{3F30C968-480A-4C6C-862D-EFC0897BB84B}"="GDI+ Dateiminiaturansicht-Extrahierungsprogramm" "{9DBD2C50-62AD-11d0-B806-00C04FD706EC}"="Zusammenfassungs-Miniaturansichthandler (DOCFILES)" "{EAB841A0-9550-11cf-8C16-00805F1408F3}"="HTML-Extrahierungsprogramm" "{eb9b1153-3b57-4e68-959a-a3266bc3d7fe}"="Shell Image Property Handler" "{CC6EEFFB-43F6-46c5-9619-51D571967F7D}"="Webpublishing-Assistent" "{add36aa8-751a-4579-a266-d66f5202ccbb}"="Bestellung von Abzgen ber das Internet" "{6b33163c-76a5-4b6c-bf21-45de9cd503a1}"="Shellobjekt des Webpublishing-Assistenten" "{58f1f272-9240-4f51-b6d4-fd63d1618591}"="Passport-Assistent" "{7A9D77BD-5403-11d2-8785-2E0420524153}"="Benutzerkonten" "{f39a0dc0-9cc8-11d0-a599-00c04fd64433}"="Channeldatei" "{f3aa0dc0-9cc8-11d0-a599-00c04fd64434}"="Channelverknpfung" "{f3ba0dc0-9cc8-11d0-a599-00c04fd64435}"="Channelhandlerobjekt" "{f3da0dc0-9cc8-11d0-a599-00c04fd64437}"="Channel Menu" "{f3ea0dc0-9cc8-11d0-a599-00c04fd64438}"="Channel Properties" "{63da6ec0-2e98-11cf-8d82-444553540000}"="FTP Folders Webview" "{883373C3-BF89-11D1-BE35-080036B11A03}"="Microsoft DocProp Shell Ext" "{A9CF0EAE-901A-4739-A481-E35B73E47F6D}"="Microsoft DocProp Inplace Edit Box Control" "{8EE97210-FD1F-4B19-91DA-67914005F020}"="Microsoft DocProp Inplace ML Edit Box Control" "{0EEA25CC-4362-4A12-850B-86EE61B0D3EB}"="Microsoft DocProp Inplace Droplist Combo Control" "{6A205B57-2567-4A2C-B881-F787FAB579A3}"="Microsoft DocProp Inplace Calendar Control" "{28F8A4AC-BBB3-4D9B-B177-82BFC914FA33}"="Microsoft DocProp Inplace Time Control" "{8A23E65E-31C2-11d0-891C-00A024AB2DBB}"="Directory Query UI" "{9E51E0D0-6E0F-11d2-9601-00C04FA31A86}"="Shell properties for a DS object" "{163FDC20-2ABC-11d0-88F0-00A024AB2DBB}"="Directory Object Find" "{F020E586-5264-11d1-A532-0000F8757D7E}"="Directory Start/Search Find" "{0D45D530-764B-11d0-A1CA-00AA00C16E65}"="Directory Property UI" "{62AE1F9A-126A-11D0-A14B-0800361B1103}"="Directory Context Menu Verbs" "{ECF03A33-103D-11d2-854D-006008059367}"="MyDocs Copy Hook" "{ECF03A32-103D-11d2-854D-006008059367}"="MyDocs Drop Target" "{4a7ded0a-ad25-11d0-98a8-0800361b1103}"="MyDocs Properties" "{750fdf0e-2a26-11d1-a3ea-080036587f03}"="Offline Files Menu" "{10CFC467-4392-11d2-8DB4-00C04FA31A66}"="Offline Files Folder Options" "{AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E}"="Ordner 'Offlinedateien'" "{143A62C8-C33B-11D1-84FE-00C04FA34A14}"="Microsoft Agent Character Property Sheet Handler" "{ECCDF543-45CC-11CE-B9BF-0080C87CDBA6}"="DfsShell" "{60fd46de-f830-4894-a628-6fa81bc0190d}"="%DESC_PublishDropTarget%" "{7A80E4A8-8005-11D2-BCF8-00C04F72C717}"="MMC Icon Handler" "{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}"=".CAB file viewer" "{32714800-2E5F-11d0-8B85-00AA0044F941}"="&Nach Personen..." "{8DD448E6-C188-4aed-AF92-44956194EB1F}"="Windows Media Player Play as Playlist Context Menu Handler" "{CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C}"="Windows Media Player Burn Audio CD Context Menu Handler" "{F1B9284F-E9DC-4e68-9D7E-42362A59F0FD}"="Windows Media Player Add to Playlist Context Menu Handler" "{BDEADF00-C265-11D0-BCED-00A0C90AB50F}"="Webordner" "{42042206-2D85-11D3-8CFF-005004838597}"="Microsoft Office HTML Icon Handler" "{59850401-6664-101B-B21C-00AA004BA90B}"="Microsoft Office Sammelmappen-Teiler" "{0006F045-0000-0000-C000-000000000046}"="Microsoft Outlook Custom Icon Handler" "{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}"="Shell Extensions for RealOne Player" "{2559a1f7-21d7-11d4-bdaf-00c04f60b9f0}"="Set Program Access and Defaults" "{596AB062-B4D2-4215-9F74-E9109B0A8153}"="Previous Versions Property Page" "{9DB7A13C-F208-4981-8353-73CC61AE2783}"="Previous Versions" "{692F0339-CBAA-47e6-B5B5-3B84DB604E87}"="Extensions Manager Folder" "{BD472F60-27FA-11cf-B8B4-444553540000}"="Compressed (zipped) Folder Right Drag Handler" "{888DCA60-FC0A-11CF-8F0F-00C04FD7D062}"="Compressed (zipped) Folder SendTo Target" "{7444C717-39BF-11D1-8CD9-00C04FC29D45}"="Krypto-PKO-Erweiterung" "{7444C719-39BF-11D1-8CD9-00C04FC29D45}"="Krypto-Sign-Erweiterung" "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"="WinRAR shell extension" "{FED7043D-346A-414D-ACD7-550D052499A7}"="dBpowerAMP Music Converter 1" "{2C49B5D0-ACE7-4D17-9DF0-A254A6C5A0C5}"="dBpowerAMP Music Converter" "{00DF1F20-0849-A4D1-0239-00D0AF3E9CB0}"="TuneUp Shredder Shell Context Menu Extension" "{D9872D13-7651-4471-9EEE-F0A00218BEBB}"="Multiscan" "{1D2680C9-0E2A-469d-B787-065558BC7D43}"="Fusion Cache" "{00E7B358-F65B-4dcf-83DF-CD026B94BFD4}"="Autoplay for SlideShow" "{B8323370-FF27-11D2-97B6-204C4F4F5020}"="SmartFTP Shell Extension DLL" "{F371B873-3CAE-49A3-B16E-B65758DA6C4D}"="" "{2C382790-2970-4611-9A05-5998D967E118}"="" "{D653647D-D607-4DF6-A5B8-48D2BA195F7B}"="BitDefender Antivirus v7" "{5FB2AC1C-9C75-4B46-81DA-4B9311799595}"="" "{CD07FBCC-F5B4-46C1-B20E-04DAE6CDA2BF}"="" "{C467E9D6-A58C-4BA5-B9CE-740D34AC2330}"="" ********************************************************************************** HKEY ROOT CLASSIDS: Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{F371B873-3CAE-49A3-B16E-B65758DA6C4D}] @="" [HKEY_CLASSES_ROOT\CLSID\{F371B873-3CAE-49A3-B16E-B65758DA6C4D}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{F371B873-3CAE-49A3-B16E-B65758DA6C4D}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{F371B873-3CAE-49A3-B16E-B65758DA6C4D}\InprocServer32] @="C:\\WINDOWS\\system32\\dtvxdec_0407.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{C467E9D6-A58C-4BA5-B9CE-740D34AC2330}] @="" [HKEY_CLASSES_ROOT\CLSID\{C467E9D6-A58C-4BA5-B9CE-740D34AC2330}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{C467E9D6-A58C-4BA5-B9CE-740D34AC2330}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{C467E9D6-A58C-4BA5-B9CE-740D34AC2330}\InprocServer32] @="C:\\WINDOWS\\system32\\jbmd400.dll" "ThreadingModel"="Apartment" ********************************************************************************** Files Found are not all bad files: C:\WINDOWS\SYSTEM32\ acdiosrv.dll Sun 30 Oct 2005 10:27:32 A.... 236.210 230,67 K bassmod.dll Sat 22 Oct 2005 9:39:56 A.... 15.360 15,00 K bhowselc.dll Sun 30 Oct 2005 10:27:34 A.... 234.169 228,68 K boowsewm.dll Sun 13 Nov 2005 17:07:50 ..S.R 235.898 230,37 K camcat.dll Sun 30 Oct 2005 10:27:32 A.... 235.677 230,15 K cbtsrvut.dll Fri 4 Nov 2005 17:54:54 ..S.R 234.108 228,62 K cdosys.dll Sat 10 Sep 2005 2:54:28 A.... 2.067.968 1,97 M cimmtb32.dll Sun 27 Nov 2005 19:00:02 ..S.R 236.089 230,55 K cxmdlg32.dll Sun 30 Oct 2005 10:26:20 A.... 234.271 228,78 K d0j0la~1.dll Sun 27 Nov 2005 12:23:46 ..S.R 234.103 228,61 K dcnaddr.dll Fri 4 Nov 2005 17:48:34 ..S.R 236.376 230,84 K ddsapi.dll Wed 2 Nov 2005 7:44:54 ..S.R 234.050 228,56 K dhdiagn.dll Sat 26 Nov 2005 14:46:58 ..S.R 233.789 228,31 K dtvxde~1.dll Sun 4 Dec 2005 16:54:18 ..S.R 236.287 230,75 K eicdec.dll Fri 11 Nov 2005 17:59:40 ..S.R 235.050 229,54 K enlsl1~1.dll Wed 16 Nov 2005 20:30:56 ..... 236.708 231,16 K fppm03~1.dll Fri 18 Nov 2005 13:37:26 ..S.R 235.446 229,93 K gccoll~1.dll Tue 15 Nov 2005 12:12:08 A.... 126.680 123,71 K gcunco~1.dll Tue 15 Nov 2005 12:12:06 A.... 95.448 93,21 K gdi32.dll Thu 6 Oct 2005 4:18:12 A.... 280.064 273,50 K hashlib.dll Tue 15 Nov 2005 12:12:08 A.... 117.976 115,21 K ihwdial.dll Sun 13 Nov 2005 12:37:36 ..S.R 234.166 228,68 K ihxsap.dll Sun 30 Oct 2005 10:26:58 A.... 234.163 228,67 K ij41_qcx.dll Thu 1 Dec 2005 14:17:56 ..S.R 237.087 231,53 K ijsecsvc.dll Sun 30 Oct 2005 10:27:00 A.... 236.854 231,30 K imsetup.dll Sat 3 Dec 2005 11:15:14 ..S.R 236.763 231,21 K iqssam.dll Sun 30 Oct 2005 10:27:00 A.... 236.210 230,67 K ir06l5~1.dll Sun 6 Nov 2005 18:59:08 ..S.R 234.050 228,56 K ir80l5~1.dll Thu 1 Dec 2005 14:58:04 ..S.R 235.946 230,41 K ir8ml5~1.dll Sun 4 Dec 2005 11:31:08 ..S.R 233.840 228,36 K irn4l5~1.dll Sun 30 Oct 2005 10:27:00 A.... 235.624 230,10 K izmp.dll Fri 2 Dec 2005 16:55:56 ..S.R 236.722 231,17 K izpromon.dll Sun 4 Dec 2005 16:26:28 ..S.R 236.617 231,07 K jbmd400.dll Wed 7 Dec 2005 18:45:14 ..S.R 237.167 231,61 K k4440e~1.dll Wed 7 Dec 2005 9:57:26 ..S.R 237.167 231,61 K kedgae.dll Sun 30 Oct 2005 10:27:02 A.... 234.169 228,68 K kgrberos.dll Sun 30 Oct 2005 10:27:02 A.... 234.885 229,38 K ktdsw.dll Sat 26 Nov 2005 14:55:24 ..S.R 236.089 230,55 K lladperf.dll Fri 25 Nov 2005 20:13:34 ..S.R 233.789 228,31 K lvnq09~1.dll Wed 7 Dec 2005 18:45:12 ..S.R 233.527 228,05 K mcdart.dll Sun 4 Dec 2005 15:38:02 ..S.R 237.266 231,70 K mcjdbc10.dll Thu 3 Nov 2005 18:57:56 ..S.R 236.369 230,83 K mdr.dll Thu 1 Dec 2005 14:54:50 ..S.R 234.387 228,89 K mfc71u.dll Wed 26 Oct 2005 17:12:00 A.... 1.047.552 1023,00 K mgdemui.dll Fri 4 Nov 2005 10:18:10 ..S.R 236.391 230,85 K mh4sdmod.dll Sun 30 Oct 2005 10:26:44 A.... 236.987 231,43 K mhxml2.dll Thu 1 Dec 2005 16:21:32 ..S.R 234.861 229,36 K mmcmcde.dll Thu 17 Nov 2005 7:49:16 ..S.R 236.708 231,16 K mnconf.dll Thu 1 Dec 2005 15:02:10 ..S.R 234.861 229,36 K mnorc32r.dll Sat 12 Nov 2005 8:26:04 ..S.R 234.108 228,62 K mojava.dll Thu 1 Dec 2005 14:40:46 ..S.R 237.087 231,53 K mshtml.dll Tue 4 Oct 2005 16:26:02 A.... 3.013.120 2,87 M mydex.dll Sun 4 Dec 2005 16:13:20 ..S.R 234.821 229,32 K n46q0e~1.dll Sun 30 Oct 2005 10:27:32 A.... 234.835 229,33 K ngtapi.dll Fri 18 Nov 2005 16:21:56 ..S.R 237.196 231,64 K nuprint.dll Fri 4 Nov 2005 18:20:16 ..S.R 234.312 228,82 K o6lulg~1.dll Thu 3 Nov 2005 19:01:46 ..S.R 234.216 228,73 K oebcstf.dll Thu 3 Nov 2005 18:31:06 ..S.R 236.369 230,83 K oehlp30e.dll Fri 4 Nov 2005 17:37:52 ..S.R 234.595 229,09 K ogffilt.dll Sat 26 Nov 2005 14:50:12 ..S.R 234.288 228,80 K ojecnv32.dll Sat 26 Nov 2005 13:34:02 ..S.R 235.250 229,73 K rcsman.dll Sun 30 Oct 2005 10:26:20 A.... 235.677 230,15 K rfpdd.dll Sun 4 Dec 2005 16:51:10 ..S.R 234.821 229,32 K sclwapi.dll Fri 18 Nov 2005 12:11:52 ..S.R 234.248 228,76 K sflgntfy.dll Thu 1 Dec 2005 13:52:46 ..S.R 234.185 228,70 K shell32.dll Fri 23 Sep 2005 4:06:22 A.... 8.491.520 8,10 M spcfiles.dll Thu 1 Dec 2005 14:49:52 ..S.R 233.342 227,87 K srsvcs.dll Fri 2 Dec 2005 17:28:20 ..S.R 236.763 231,21 K svnscfg.dll Sun 30 Oct 2005 10:26:18 A.... 234.898 229,39 K sxbrccsp.dll Thu 1 Dec 2005 14:28:32 ..S.R 233.437 227,96 K szc_os.dll Sun 13 Nov 2005 12:20:12 ..S.R 235.898 230,37 K sztupdll.dll Sun 4 Dec 2005 15:32:52 ..S.R 233.830 228,35 K tvpmon.dll Sun 4 Dec 2005 11:48:40 ..S.R 237.266 231,70 K umrv80a.dll Wed 7 Dec 2005 8:30:24 ..S.R 237.167 231,61 K vk5db.dll Tue 6 Dec 2005 15:03:52 ..S.R 237.167 231,61 K vsdata.dll Tue 15 Nov 2005 0:50:30 A.... 83.720 81,76 K vsinit.dll Tue 15 Nov 2005 0:50:42 A.... 141.064 137,76 K vsmonapi.dll Tue 15 Nov 2005 0:50:52 A.... 104.208 101,77 K vspubapi.dll Tue 15 Nov 2005 0:50:56 A.... 227.088 221,77 K vsregexp.dll Tue 15 Nov 2005 0:51:00 A.... 71.440 69,77 K vsutil.dll Tue 15 Nov 2005 0:51:12 A.... 382.728 373,76 K vsutil~1.dll Tue 15 Nov 2005 0:34:04 A.... 54.960 53,67 K vsxml.dll Tue 15 Nov 2005 0:51:20 A.... 100.104 97,76 K wcstream.dll Sun 30 Oct 2005 10:26:18 A.... 236.897 231,34 K whvdmoe.dll Sun 30 Oct 2005 9:24:26 ..S.R 235.677 230,15 K wndap32.dll Thu 3 Nov 2005 18:54:04 ..S.R 236.391 230,85 K wpdap32.dll Sun 30 Oct 2005 10:26:20 A.... 233.785 228,30 K wuhrm.dll Sun 4 Dec 2005 15:41:36 ..S.R 234.121 228,63 K wxdmtp.dll Thu 1 Dec 2005 14:44:02 ..S.R 237.295 231,73 K wysdmoe2.dll Sat 5 Nov 2005 11:47:44 ..S.R 234.428 228,93 K wz2help.dll Mon 7 Nov 2005 15:00:52 ..S.R 236.623 231,07 K xqctsrv.dll Fri 25 Nov 2005 20:45:42 ..S.R 235.675 230,15 K zlcomm.dll Tue 15 Nov 2005 0:51:40 A.... 79.624 77,76 K zlcommdb.dll Tue 15 Nov 2005 0:51:44 A.... 71.440 69,77 K 94 items found: 94 files (58 H/S), 0 directories. Total of file sizes: 34.229.628 bytes 32,64 M Locate .tmp files: No matches found. ********************************************************************************** Directory Listing of system files: Datentr„ger in Laufwerk C: ist WinXP Volumeseriennummer: ECAE-D346 Verzeichnis von C:\WINDOWS\System32 07.12.2005 18:45 237.167 jbmd400.dll 07.12.2005 18:45 233.527 lvnq0955e.dll 07.12.2005 09:57 237.167 k4440ehqeh4e0.dll 07.12.2005 08:30 237.167 umrv80a.dll 06.12.2005 15:03 237.167 VK5DB.DLL 04.12.2005 16:54 236.287 dtvxdec_0407.dll 04.12.2005 16:51 234.821 rfpdd.dll 04.12.2005 16:26 236.617 izpromon.dll 04.12.2005 16:13 234.821 mydex.dll 04.12.2005 15:41 234.121 wuhrm.dll 04.12.2005 15:38 237.266 mcdart.dll 04.12.2005 15:32 233.830 sztupdll.dll 04.12.2005 11:48 237.266 tvpmon.dll 04.12.2005 11:31 233.840 ir8ml5l11.dll 03.12.2005 11:15 236.763 imsetup.dll 02.12.2005 17:28 236.763 srsvcs.dll 02.12.2005 16:55 236.722 izmp.dll 01.12.2005 16:21 234.861 mhxml2.dll 01.12.2005 15:02 234.861 mnconf.dll 01.12.2005 14:58 235.946 ir80l5lm1.dll 01.12.2005 14:54 234.387 mdr.dll 01.12.2005 14:49 233.342 spcfiles.dll 01.12.2005 14:44 237.295 wxdmtp.dll 01.12.2005 14:40 237.087 mojava.dll 01.12.2005 14:28 233.437 sxbrccsp.dll 01.12.2005 14:17 237.087 ij41_qcx.dll 01.12.2005 13:52 234.185 sflgntfy.dll 27.11.2005 19:00 236.089 CIMMTB32.DLL 27.11.2005 12:23 234.103 d0j0la1m1d.dll 26.11.2005 14:55 236.089 ktdsw.dll 26.11.2005 14:50 234.288 ogffilt.dll 26.11.2005 14:46 233.789 dhdiagn.dll 26.11.2005 13:34 235.250 ojecnv32.dll 25.11.2005 20:45 235.675 xQctsrv.dll 25.11.2005 20:13 233.789 lladperf.dll 18.11.2005 16:27 <DIR> dllcache 18.11.2005 16:21 237.196 ngtapi.dll 18.11.2005 13:37 235.446 fppm0371e.dll 18.11.2005 12:11 234.248 sclwapi.dll 17.11.2005 07:49 236.708 mmcmcde.dll 13.11.2005 17:07 235.898 boowsewm.dll 13.11.2005 12:37 234.166 ihwdial.dll 13.11.2005 12:20 235.898 szc_os.dll 12.11.2005 08:26 234.108 mnorc32r.dll 11.11.2005 17:59 235.050 eicdec.dll 07.11.2005 15:00 236.623 wz2help.dll 06.11.2005 18:59 234.050 ir06l5ds1.dll 05.11.2005 11:47 234.428 wysdmoe2.dll 04.11.2005 18:20 234.312 nuprint.dll 04.11.2005 17:54 234.108 cBtsrvut.dll 04.11.2005 17:48 236.376 dcnaddr.dll 04.11.2005 17:37 234.595 oehlp30e.dll 04.11.2005 10:18 236.391 mgdemui.dll 03.11.2005 19:01 234.216 o6lulg3916.dll 03.11.2005 18:57 236.369 mcjdbc10.dll 03.11.2005 18:54 236.391 wndap32.dll 03.11.2005 18:31 236.369 OEBCSTF.DLL 02.11.2005 07:44 234.050 ddsapi.dll 30.10.2005 09:24 235.677 whvdmoe.dll 17.09.2002 05:38 <DIR> Microsoft 58 Datei(en) 13.655.545 Bytes 2 Verzeichnis(se), 20.119.658.496 Bytes frei |
|
|
||
07.12.2005, 20:24
Ehrenmitglied
Beiträge: 29434 |
#21
tolange
http://virus-protect.org/l2mfix.html wende Option 2 an--> neustarten--> option 4 , dann poste das neue Log (von Option2) Hoster.zip -> anwenden http://www.funkytoad.com/download/hoster.zip Press 'Restore Original Hosts' and press 'OK' Exit Program. spysweeper trial http://virus-protect.org/spysweeper.html __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
So - jetzt siehts gar nicht schlecht aus. Der Look2Me scheint entgültig vertrieben. eScan zeigt ihn nichts mehr an und auch die Anzahl der Fehler ist deutlich gesunken auf 21.
Hier der Auszug aus dem Log (mwav.log) mit den angezeigten Viren und Fehlern:
-----------------------------------------------------------------------
Fri Nov 18 10:51:59 2005 => ***** Scanning Registry and File system for Adware/Spyware *****
Fri Nov 18 10:51:59 2005 => Loading Spyware Signatures from new External Database (Size: 145242).
Fri Nov 18 10:51:59 2005 => Indexed Spyware Databases Successfully Created...
Fri Nov 18 10:51:59 2005 => System found infected with searchexe Spyware/Adware ({807553e5-5146-11d5-a672-00b0d022e945})! Action taken: No Action Taken.
Fri Nov 18 10:52:01 2005 => Offending Key found: HKCU\Software\maxthon !!!
Fri Nov 18 10:52:01 2005 => Object "abxtoolbar Spyware/Adware" found in File System! Action Taken: No Action Taken.
Fri Nov 18 10:52:03 2005 => Offending file found: C:\WINDOWS\system32\tsuninst.exe
Fri Nov 18 10:52:03 2005 => System found infected with target saver Spyware/Adware (tsuninst.exe)! Action taken: No Action Taken.
Fri Nov 18 10:52:06 2005 => Offending file found: C:\WINDOWS\system32\tsuninst.exe
Fri Nov 18 10:52:06 2005 => System found infected with target saver Spyware/Adware (C:\WINDOWS\system32\tsuninst.exe)! Action taken: No Action Taken.
Fri Nov 18 10:52:07 2005 => ***** Scanning Registry for errors created because of Adware/Spyware *****
Fri Nov 18 10:52:08 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Documents and Settings\All Users\Start Menu\Programs\PrintMe Internet Printing\". Action Taken: No Action Taken.
Fri Nov 18 10:52:08 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".0/". Action Taken: No Action Taken.
Fri Nov 18 10:52:08 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".0/windows/". Action Taken: No Action Taken.
Fri Nov 18 10:52:08 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".0/windows/win32/". Action Taken: No Action Taken.
Fri Nov 18 10:52:08 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".1/". Action Taken: No Action Taken.
Fri Nov 18 10:52:08 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".1/windows/". Action Taken: No Action Taken.
Fri Nov 18 10:52:08 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".1/windows/win32/". Action Taken: No Action Taken.
Fri Nov 18 10:52:08 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".1/windows/win32/sea/". Action Taken: No Action Taken.
Fri Nov 18 10:52:08 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".3/". Action Taken: No Action Taken.
Fri Nov 18 10:52:08 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".3/windows/". Action Taken: No Action Taken.
Fri Nov 18 10:52:08 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".3/windows/win32/". Action Taken: No Action Taken.
Fri Nov 18 10:52:08 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".com/". Action Taken: No Action Taken.
Fri Nov 18 10:52:08 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".com/pub/". Action Taken: No Action Taken.
Fri Nov 18 10:52:08 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".com/pub/netscape7/". Action Taken: No Action Taken.
Fri Nov 18 10:52:08 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".com/pub/netscape7/german/". Action Taken: No Action Taken.
Fri Nov 18 10:52:08 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".com/pub/netscape8/". Action Taken: No Action Taken.
Fri Nov 18 10:52:08 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".com/pub/netscape8/english/". Action Taken: No Action Taken.
Fri Nov 18 10:52:08 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".cr". Action Taken: No Action Taken.
Fri Nov 18 10:52:08 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/pub/". Action Taken: No Action Taken.
Fri Nov 18 10:52:08 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/pub/mirror/". Action Taken: No Action Taken.
Fri Nov 18 10:52:08 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "HijackThis". Action Taken: No Action Taken.
-----------------------------------------------------------------------
Beim öffnen des Logs mit eScan sagt mir das Programm nach wie vor, dass keine Dateien zum Löschen vorhanden seien. Was rätst du mir jetzt? System so lassen oder besser noch was gegen diese Einträge unternehmen???
Michael