Diverse neue Fenster öffnen sich selbstständig (Firefox)

#1 Hallo, hoffentlich könnt ihr mir hier helfen. Hab seit jetzt ungefähr ner Woche ein Problem mit meinem Firefox.
Und zwar öffnen sich in unregelmäßigen Zeitabständen diverse neue Werbungen im Browser wie z.B.:
http://www.intern-etadvertising.com/normal/yyy102.html
http://www.realcoupon-s.com/normal/yyy102.html
http://www.uniqueoffer-s.com/normal/yyy102.html
http://www.intern-etadvertising.com/normal/yyy65.html
http://www.health-yshopping.com/normal/yyy102.html
http://www.zestyfind.com/cgi-bin/search.cgi?keywords=poker+games



außerdem öffnen sich diverse Macromedia-Werbungen, die ich ebenfalls als störend empfinde.

Hier noch meine HijackThis-Auswertung:

Logfile of HijackThis v1.99.1
Scan saved at 08:22:38, on 17.01.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
C:\Programme\Messenger Plus! 3\MsgPlus.exe
C:\Programme\Java\jre1.5.0_04\bin\jusched.exe
C:\PROGRA~1\GEMEIN~1\PCSuite\DATALA~1\DATALA~1.EXE
C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE
C:\Programme\Webroot\Spy Sweeper\SpySweeper.exe
C:\Programme\Winmx\WinMX.exe
C:\Programme\MSN Messenger\msnmsgr.exe
C:\Programme\AGFEO\ISDN Guard\agfguard.exe
C:\PROGRA~1\GEMEIN~1\PCSuite\Services\SERVIC~1.EXE
C:\Programme\AVPersonalPremium\AVWUPSRV.EXE
C:\Programme\Teledat\WCOM\SYSTEM\RVSINST.EXE
C:\WINDOWS\System32\svchost.exe
C:\Programme\Webroot\Spy Sweeper\WRSSSDK.exe
C:\Programme\Teledat\WCOM\SYSTEM\RVSCC.EXE
C:\WINDOWS\System32\svchost.exe
C:\Programme\Firefox\firefox.exe
C:\Dokumente und Einstellungen\Standard\Desktop\Josef\1\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.web.de/
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Programme\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [DataLayer] C:\PROGRA~1\GEMEIN~1\PCSuite\DATALA~1\DATALA~1.EXE
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE
O4 - HKLM\..\Run: [KAVPersonal50] "C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kav.exe" /minimize
O4 - HKLM\..\Run: [SpySweeper] "C:\Programme\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Programme\Messenger Plus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [WinMX] C:\Programme\Winmx\WinMX.exe -m
O4 - HKCU\..\Run: [msnmsgr] "C:\Programme\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\RunServices: [PcSync] PCsync.exe
O4 - Global Startup: ISDN Guard.lnk = C:\Programme\AGFEO\ISDN Guard\agfguard.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office10\OSA.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: concept/design's onlineTV - {3BA38AC5-930C-40FD-8BC6-F9D6876C61C7} - C:\Programme\onlineTV\onlineTV.exe
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1126664887437
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{65C6F1CE-831B-40B4-9108-CF41AB3D7C26}: NameServer = 192.168.1.1
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: Setup - C:\WINDOWS\system32\jt6007jme.dll
O23 - Service: AntiVir PersonalEdition Premium Service (AntiVirService) - AntiVir PersonalProducts GmbH - C:\Programme\AVPersonalPremium\AVGUARD.EXE
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Programme\AVPersonalPremium\AVWUPSRV.EXE
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Programme\Executive Software\DiskeeperLite\DKService.exe
O23 - Service: kavsvc - Kaspersky Lab - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kavsvc.exe
O23 - Service: MissDNS logs DNS cache miss hits (Network Monitor) - Unknown owner - C:\Programme\Network Monitor\MissDNS.exe (file missing)
O23 - Service: RVS CommCenter (RvsCC) - Unknown owner - C:\Programme\Teledat\WCOM\SYSTEM\RVSCC.EXE
O23 - Service: RvscomSv - RVS Datentechnik GmbH, München - C:\Programme\Teledat\WCOM\SYSTEM\RVSCOMSV.EXE
O23 - Service: RVS Installer (RVSINST) - RVS Datentechnik GmbH, München - C:\Programme\Teledat\WCOM\SYSTEM\RVSINST.EXE
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Programme\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: TSMService - T-Systems Nova, Berkom - C:\Programme\T-DSL SpeedManager\tsmsvc.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Programme\TuneUp Utilities 2006\WinStylerThemeSvc.exe

#2 Gamer1986

L2MRemover.zip - Look2Me Remover
http://virus-protect.org/l2mfix.html

L2mfix --> option 2 abarbeiten
http://virus-protect.org/l2mfix.html

stelle den Cleaner genauso ein, wie hier angegeben:
http://virus-protect.org/cleanup.html

Arbeitsplatz-->rechtsklick, dann auf Eigenschaften--->Reiter Systemwiederherstellung--->Häkchen setzen bei Systemwiederherstellung auf allen Laufwerken deaktivieren.

scanne mit panda und kopiere hier den scanreport
http://virus-protect.org/onlinescan.html
__________
MfG Sabina

rund um die PC-Sicherheit

#3 Bis zum Panda-Scan hab ich alles gemacht (hoffentlich korrekt), aber bei Panda bleib ich hängen. Der Internet Explorer zeigt einen Fehler auf der Seite an...

#4 dann scanne mit etrust
__________
MfG Sabina

rund um die PC-Sicherheit

#5 Scan-Ergebnisse: 111678 Dateien wurden gescannt. 7 Viren wurden gefunden.

Datei Infektion Status Pfad
archive1213.jar-2459e79d-45b05580.zip>Dummy.class Java.ByteVerify!exploit infected C:\Dokumente und Einstellungen\Standard\Anwendungsdaten\Sun\Java\Deployment\cache\javapi\v1.0\jar\
archive1213.jar-2b22f377-496ffbc3.zip>Dummy.class Java.ByteVerify!exploit infected C:\Dokumente und Einstellungen\Standard\Anwendungsdaten\Sun\Java\Deployment\cache\javapi\v1.0\jar\
archive1213.jar-4a8c455e-5fe12bbd.zip>Dummy.class Java.ByteVerify!exploit infected C:\Dokumente und Einstellungen\Standard\Anwendungsdaten\Sun\Java\Deployment\cache\javapi\v1.0\jar\
archive1213.jar-5a791576-2805063a.zip>Dummy.class Java.ByteVerify!exploit infected C:\Dokumente und Einstellungen\Standard\Anwendungsdaten\Sun\Java\Deployment\cache\javapi\v1.0\jar\
java.jar-6f7bb39e-38a66767.zip>NewSecurityClassLoader.class Java.ByteVerify!exploit infected C:\Dokumente und Einstellungen\Standard\Anwendungsdaten\Sun\Java\Deployment\cache\javapi\v1.0\jar\
java.jar-6f7bb39e-38a66767.zip>NewURLClassLoader.class Java.ByteVerify!exploit infected C:\Dokumente und Einstellungen\Standard\Anwendungsdaten\Sun\Java\Deployment\cache\javapi\v1.0\jar\
run.exe Win32.Harnig.BX infected C:\Dokumente und Einstellungen\Standard\Desktop\Josef\

#6 Start -- Einstellungen -- Systemsteuerung -- Java --- zum Java Control Panel: dort bei Allgemein dann die "Temporären Internet Dateien" löschen und alle Einträge im Java-Cache sind dann weg ohne Probleme.

C:\Dokumente und Einstellungen\Standard\Desktop\Josef\run.exe<---suchen/loeschen

------------------------------------------------------------------------

scanne mit spyxposerund kopiere hier den scanreport
http://virus-protect.org/antispytools.html
__________
MfG Sabina

rund um die PC-Sicherheit

#7 Aus irgendeinem Grunde hat die Seite auch einen Fehler (wie auch schon bei dem anderen Panda-Virenscanner) gibts dazu vielleicht auch ein Ausweichprogramm)

#8 Lade findlop.zip by Metallica --> klicke findlop.bat --> kopiere ab, was im Texteditor erscheint
http://virus-protect.org/zip/findlop.zip

microtrend
http://virus-protect.org/microtrend.html
scanne und berichte, ob etwas gefunden wurde
__________
MfG Sabina

rund um die PC-Sicherheit

#9 [TRACE] Enumerating jobs and queues
[TRACE] Activating job '1-Klick-Wartung.job'
[TRACE] Printing all job properties

ApplicationName: 'C:\Programme\TuneUp Utilities 2006\SystemOptimizer.exe'
Parameters: '/schedulestart'
WorkingDirectory: ''
Comment: 'Startet die 1-Klick-Wartung zu festgelegten Zeiten'
Creator: 'Standard'
Priority: NORMAL
MaxRunTime: 259200000 (3d 0:00:00)
IdleWait: 10
IdleDeadline: 60
MostRecentRun: 00/00/0000 0:00:00
NextRun: 01/20/2006 17:15:00
StartError: SCHED_S_TASK_HAS_NOT_RUN
ExitCode: 0
Status: SCHED_S_TASK_HAS_NOT_RUN
ScheduledWorkItem Flags:
DeleteWhenDone = 0
Suspend = 0
StartOnlyIfIdle = 0
KillOnIdleEnd = 0
RestartOnIdleResume = 0
DontStartIfOnBatteries = 0
KillIfGoingOnBatteries = 0
RunOnlyIfLoggedOn = 1
SystemRequired = 0
Hidden = 0
TaskFlags: 0

1 Trigger

Trigger 0:
Type: Weekly
WeeksInterval: 1
DaysOfTheWeek: .....F.
StartDate: 06/01/2005
EndDate: 06/03/2010
StartTime: 17:15
MinutesDuration: 0
MinutesInterval: 0
Flags:
HasEndDate = 0
KillAtDuration = 0
Disabled = 0


Und bei Trendmicro würds mich interessieren, welche Version ich da installieren soll. Die für Nordamerika oder die für Neuseeland...

#10 ach ja...da kann es probleme geben, ich weiss nicht, ob wir das hier laden koennen, aber versuche es mal mit der amerikanischen Version, wenn es nicht klappt,scanne mit ewido
http://virus-protect.org/ewido.html
__________
MfG Sabina

rund um die PC-Sicherheit

#11 --------------------------------- Anti-Spyware session started ---------------------------------
Machine=JOSEFSCOMPUTER
Time=Fri Jan 20 13:09:38 2006
Product Version=3, 0, 1, 23
OS Version=Microsoft Windows XP Home Edition Service Pack 2 (Build 2600)

--------------------------------- Anti-Spyware session started ---------------------------------
Machine=JOSEFSCOMPUTER
Time=Fri Jan 20 13:09:42 2006
Product Version=3, 0, 1, 23
OS Version=Microsoft Windows XP Home Edition Service Pack 2 (Build 2600)

Started Scanning
Programs in Memory
Programs in Memory: Found 'WinMX.exe' in 'C:\Programme\Winmx'
Finished Scanning
Started Scanning
Internet Cookies
CoolWebSearch Variants (CWShredder)
Programs in Memory
Windows Registry
Windows Registry: Found '' in 'S-1-5-21-842925246-823518204-682003330-1004\Software\Kazaa'
Windows Registry: Found '' in 'S-1-5-21-842925246-823518204-682003330-1004\Software\Kazaa\ResultsFilter'
Windows Registry: Found '' in 'S-1-5-21-842925246-823518204-682003330-1004\Software\Kazaa\Settings'
Windows Registry: Found '' in 'Software\KaZaA\CloudLoad'
Windows Registry: Found '' in 'Software\KaZaA\ConnectionInfo'
Windows Registry: Found '' in 'Software\KaZaA\LocalContent'
Windows Registry: Found '' in 'S-1-5-21-842925246-823518204-682003330-1004\Software\TrayNotifier\MediaLoads'
Windows Registry: Found '' in 'SOFTWARE\Classes\ed2k'
Windows Registry: Found '' in 'Software\Kazaa'
Windows Registry: Found '' in 'S-1-5-21-842925246-823518204-682003330-1004\Software\Kazaa\UserDetails'
Windows Registry: Found '' in 'S-1-5-21-842925246-823518204-682003330-1004\Software\Kazaa\Advanced'
Windows Registry: Found '' in 'SOFTWARE\Kazaa\Bandwidth\in'
Windows Registry: Found '' in 'SOFTWARE\Kazaa\Bandwidth\LastEstimate'
Windows Registry: Found '' in 'SOFTWARE\Kazaa\Bandwidth\out'
Windows Registry: Found '' in '.DEFAULT\SOFTWARE\New.net'
Windows Registry: Found '' in 'S-1-5-21-842925246-823518204-682003330-1004\SOFTWARE\New.net'
Windows Registry: Found '' in 'S-1-5-18\SOFTWARE\New.net'
Windows Registry: Found '' in 'S-1-5-21-842925246-823518204-682003330-1004\SOFTWARE\TrayNotifier'
Windows Registry: Found '' in 'SOFTWARE\Classes\magnet'
Windows Registry: Found '' in 'SOFTWARE\Classes\magnet\shell\open\command'
Windows Registry: Found 'URL Protocol' in 'SOFTWARE\Classes\magnet'
Windows Registry: Found 'ScanFolder' in 'S-1-5-21-842925246-823518204-682003330-1004\Software\Kazaa\Advanced'
Windows Registry: Found 'b' in 'SOFTWARE\Kazaa\Bandwidth\LastEstimate'
Windows Registry: Found 'b0' in 'SOFTWARE\Kazaa\Bandwidth\in'
Windows Registry: Found 'b0' in 'SOFTWARE\Kazaa\Bandwidth\out'
Windows Registry: Found 'b0seconds' in 'SOFTWARE\Kazaa\Bandwidth\in'
Windows Registry: Found 'b0seconds' in 'SOFTWARE\Kazaa\Bandwidth\out'
Windows Registry: Found 'b1' in 'SOFTWARE\Kazaa\Bandwidth\in'
Windows Registry: Found 'b1' in 'SOFTWARE\Kazaa\Bandwidth\out'
Windows Registry: Found 'DatabaseDir' in 'SOFTWARE\Kazaa\LocalContent'
Windows Registry: Found 'Date' in 'S-1-5-21-842925246-823518204-682003330-1004\Software\Kazaa\Settings'
Windows Registry: Found 'DownloadDir' in 'SOFTWARE\Kazaa\LocalContent'
Windows Registry: Found 'FirewallStatus' in 'SOFTWARE\Kazaa'
Windows Registry: Found 'ListenPort' in 'SOFTWARE\Kazaa'
Windows Registry: Found 'my_ip_address' in 'SOFTWARE\Kazaa'
Windows Registry: Found 'network_config' in 'SOFTWARE\Kazaa'
Windows Registry: Found 'Tmp' in 'SOFTWARE\Kazaa'
Windows Registry: Found 'UDP_probe_successes' in 'SOFTWARE\Kazaa'
Windows Registry: Found 'UDP_receive_status' in 'SOFTWARE\Kazaa'
Windows Registry: Found 'time' in 'SOFTWARE\Kazaa\Bandwidth\LastEstimate'
Windows Registry: Found 'ShareDir' in 'SOFTWARE\Kazaa\CloudLoad'
Windows Registry: Found 'KazaaNet' in 'SOFTWARE\Kazaa\ConnectionInfo'
Windows Registry: Found '' in '.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\Range1'
Windows Registry: Found '' in 'S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\Range1'
Windows Registry: Found '' in 'S-1-5-19_Classes\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\Range1'
Windows Registry: Found '' in 'S-1-5-21-842925246-823518204-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\Range1'
Windows Registry: Found '' in 'S-1-5-21-842925246-823518204-682003330-1004_Classes\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\Range1'
Windows Registry: Found '' in 'S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\Range1'
Windows Registry: Found '' in 'S-1-5-21-842925246-823518204-682003330-1004\Software\Mirabilis'
Internet URL Shortcuts
Files and Directories
Files and Directories: Found 'UNZIP.EXE' in 'C:\DIVTOOLS\UNZIP'
Files and Directories: Found '_ISREG32.DLL' in 'C:\Dokumente und Einstellungen\Standard\Desktop\Spiele\Ghetto'
Files and Directories: Found '_ISREG32.DLL' in 'C:\Dokumente und Einstellungen\Standard\Desktop\Spiele\Sauber'
Files and Directories: Found 'UNZIP.EXE' in 'C:\OEMCUST\TOOLS\WIN32'
Files and Directories: Found '' in 'C:\Programme\Kazaa'
Files and Directories: Found '' in 'C:\Programme\Kazaa\Db'
Files and Directories: Found '' in 'C:\Programme\Kazaa\My Shared Folder'
Files and Directories: Found 'uninstall.exe' in 'C:\Programme\onlineTV'
Files and Directories: Found '' in 'C:\Programme\PowerStrip'
Finished Scanning



Werd das jetzt mal löschen und dann mal beoachten ob noch alles läuft...


#edit: hab vergessen ein Update zu machen. Hol ich jetzt grad nach und lass es nochmal drüber huschen ^^


Hier der 2te Scanreport:

--------------------------------- Anti-Spyware session started ---------------------------------
Machine=JOSEFSCOMPUTER
Time=Fri Jan 20 13:09:38 2006
Product Version=3, 0, 1, 23
OS Version=Microsoft Windows XP Home Edition Service Pack 2 (Build 2600)

--------------------------------- Anti-Spyware session started ---------------------------------
Machine=JOSEFSCOMPUTER
Time=Fri Jan 20 13:09:42 2006
Product Version=3, 0, 1, 23
OS Version=Microsoft Windows XP Home Edition Service Pack 2 (Build 2600)

Started Scanning
Programs in Memory
Programs in Memory: Found 'WinMX.exe' in 'C:\Programme\Winmx'
Finished Scanning
Started Scanning
Internet Cookies
CoolWebSearch Variants (CWShredder)
Programs in Memory
Windows Registry
Windows Registry: Found '' in 'S-1-5-21-842925246-823518204-682003330-1004\Software\Kazaa'
Windows Registry: Found '' in 'S-1-5-21-842925246-823518204-682003330-1004\Software\Kazaa\ResultsFilter'
Windows Registry: Found '' in 'S-1-5-21-842925246-823518204-682003330-1004\Software\Kazaa\Settings'
Windows Registry: Found '' in 'Software\KaZaA\CloudLoad'
Windows Registry: Found '' in 'Software\KaZaA\ConnectionInfo'
Windows Registry: Found '' in 'Software\KaZaA\LocalContent'
Windows Registry: Found '' in 'S-1-5-21-842925246-823518204-682003330-1004\Software\TrayNotifier\MediaLoads'
Windows Registry: Found '' in 'SOFTWARE\Classes\ed2k'
Windows Registry: Found '' in 'Software\Kazaa'
Windows Registry: Found '' in 'S-1-5-21-842925246-823518204-682003330-1004\Software\Kazaa\UserDetails'
Windows Registry: Found '' in 'S-1-5-21-842925246-823518204-682003330-1004\Software\Kazaa\Advanced'
Windows Registry: Found '' in 'SOFTWARE\Kazaa\Bandwidth\in'
Windows Registry: Found '' in 'SOFTWARE\Kazaa\Bandwidth\LastEstimate'
Windows Registry: Found '' in 'SOFTWARE\Kazaa\Bandwidth\out'
Windows Registry: Found '' in '.DEFAULT\SOFTWARE\New.net'
Windows Registry: Found '' in 'S-1-5-21-842925246-823518204-682003330-1004\SOFTWARE\New.net'
Windows Registry: Found '' in 'S-1-5-18\SOFTWARE\New.net'
Windows Registry: Found '' in 'S-1-5-21-842925246-823518204-682003330-1004\SOFTWARE\TrayNotifier'
Windows Registry: Found '' in 'SOFTWARE\Classes\magnet'
Windows Registry: Found '' in 'SOFTWARE\Classes\magnet\shell\open\command'
Windows Registry: Found 'URL Protocol' in 'SOFTWARE\Classes\magnet'
Windows Registry: Found 'ScanFolder' in 'S-1-5-21-842925246-823518204-682003330-1004\Software\Kazaa\Advanced'
Windows Registry: Found 'b' in 'SOFTWARE\Kazaa\Bandwidth\LastEstimate'
Windows Registry: Found 'b0' in 'SOFTWARE\Kazaa\Bandwidth\in'
Windows Registry: Found 'b0' in 'SOFTWARE\Kazaa\Bandwidth\out'
Windows Registry: Found 'b0seconds' in 'SOFTWARE\Kazaa\Bandwidth\in'
Windows Registry: Found 'b0seconds' in 'SOFTWARE\Kazaa\Bandwidth\out'
Windows Registry: Found 'b1' in 'SOFTWARE\Kazaa\Bandwidth\in'
Windows Registry: Found 'b1' in 'SOFTWARE\Kazaa\Bandwidth\out'
Windows Registry: Found 'DatabaseDir' in 'SOFTWARE\Kazaa\LocalContent'
Windows Registry: Found 'Date' in 'S-1-5-21-842925246-823518204-682003330-1004\Software\Kazaa\Settings'
Windows Registry: Found 'DownloadDir' in 'SOFTWARE\Kazaa\LocalContent'
Windows Registry: Found 'FirewallStatus' in 'SOFTWARE\Kazaa'
Windows Registry: Found 'ListenPort' in 'SOFTWARE\Kazaa'
Windows Registry: Found 'my_ip_address' in 'SOFTWARE\Kazaa'
Windows Registry: Found 'network_config' in 'SOFTWARE\Kazaa'
Windows Registry: Found 'Tmp' in 'SOFTWARE\Kazaa'
Windows Registry: Found 'UDP_probe_successes' in 'SOFTWARE\Kazaa'
Windows Registry: Found 'UDP_receive_status' in 'SOFTWARE\Kazaa'
Windows Registry: Found 'time' in 'SOFTWARE\Kazaa\Bandwidth\LastEstimate'
Windows Registry: Found 'ShareDir' in 'SOFTWARE\Kazaa\CloudLoad'
Windows Registry: Found 'KazaaNet' in 'SOFTWARE\Kazaa\ConnectionInfo'
Windows Registry: Found '' in '.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\Range1'
Windows Registry: Found '' in 'S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\Range1'
Windows Registry: Found '' in 'S-1-5-19_Classes\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\Range1'
Windows Registry: Found '' in 'S-1-5-21-842925246-823518204-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\Range1'
Windows Registry: Found '' in 'S-1-5-21-842925246-823518204-682003330-1004_Classes\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\Range1'
Windows Registry: Found '' in 'S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\Range1'
Windows Registry: Found '' in 'S-1-5-21-842925246-823518204-682003330-1004\Software\Mirabilis'
Internet URL Shortcuts
Files and Directories
Files and Directories: Found 'UNZIP.EXE' in 'C:\DIVTOOLS\UNZIP'
Files and Directories: Found '_ISREG32.DLL' in 'C:\Dokumente und Einstellungen\Standard\Desktop\Spiele\Ghetto'
Files and Directories: Found '_ISREG32.DLL' in 'C:\Dokumente und Einstellungen\Standard\Desktop\Spiele\Sauber'
Files and Directories: Found 'UNZIP.EXE' in 'C:\OEMCUST\TOOLS\WIN32'
Files and Directories: Found '' in 'C:\Programme\Kazaa'
Files and Directories: Found '' in 'C:\Programme\Kazaa\Db'
Files and Directories: Found '' in 'C:\Programme\Kazaa\My Shared Folder'
Files and Directories: Found 'uninstall.exe' in 'C:\Programme\onlineTV'
Files and Directories: Found '' in 'C:\Programme\PowerStrip'
Finished Scanning
--------------------------------- Anti-Spyware session started ---------------------------------
Machine=JOSEFSCOMPUTER
Time=Fri Jan 20 13:52:04 2006
Product Version=3, 0, 1, 23
OS Version=Microsoft Windows XP Home Edition Service Pack 2 (Build 2600)

--------------------------------- Anti-Spyware session started ---------------------------------
Machine=JOSEFSCOMPUTER
Time=Fri Jan 20 13:52:04 2006
Product Version=3, 0, 1, 23
OS Version=Microsoft Windows XP Home Edition Service Pack 2 (Build 2600)

Started Scanning
Programs in Memory
Finished Scanning
Web Browser Security Settings: Found 'Start Page' in 'SOFTWARE\Microsoft\Internet Explorer\Main'
Web Browser Security Settings: Found 'Search Page' in 'SOFTWARE\Microsoft\Internet Explorer\Main'
Web Browser Security Settings: Found 'Search Page' in 'SOFTWARE\Microsoft\Internet Explorer\Main'
Web Browser Security Settings: Found 'DisableCachingOfSSLPages' in 'Software\Microsoft\Windows\CurrentVersion\Internet Settings'
Web Browser Security Settings: Found 'WarnOnZoneCrossing' in 'Software\Microsoft\Windows\CurrentVersion\Internet Settings'
Web Browser Security Settings: Found 'iexplore.exe' in 'Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN'
Web Browser Security Settings: Found 'msn' in 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ '
Web Browser Security Settings: Found 'http' in 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\all-tgp.org'
Web Browser Security Settings: Found 'https' in 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\all-tgp.org'
Web Browser Security Settings: Found 'http' in 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\free-spy-cam.net'
Web Browser Security Settings: Found 'https' in 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\free-spy-cam.net'
Web Browser Security Settings: Found 'http' in 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\loadcash.biz'
Web Browser Security Settings: Found 'https' in 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\loadcash.biz'
Web Browser Security Settings: Found 'https' in 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\microsoft.com \*.windowsupdate'
Web Browser Security Settings: Found 'http' in 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\s13.tempx.cc'
Web Browser Security Settings: Found 'https' in 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\s13.tempx.cc'
Web Browser Security Settings: Found 'http' in 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sex-pics.biz'
Web Browser Security Settings: Found 'https' in 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sex-pics.biz'
Web Browser Security Settings: Found 'http' in 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\toolbarbiz.biz'
Web Browser Security Settings: Found 'https' in 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\toolbarbiz.biz'
Web Browser Security Settings: Found 'http' in 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\trackhits.cc'
Web Browser Security Settings: Found 'https' in 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\trackhits.cc'
Web Browser Security Settings: Found 'http' in 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\tracktraff.cc'
Web Browser Security Settings: Found 'https' in 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\tracktraff.cc'
Web Browser Security Settings: Found 'http' in 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\traff-store.com'
Web Browser Security Settings: Found 'https' in 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\traff-store.com'
Web Browser Security Settings: Found 'http' in 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\vparivalka.com'
Web Browser Security Settings: Found 'https' in 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\vparivalka.com'
Web Browser Security Settings: Found 'http' in 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\win-eto.com'
Web Browser Security Settings: Found 'https' in 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\win-eto.com'
Web Browser Security Settings: Found 'http' in 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\windfind4u.com'
Web Browser Security Settings: Found 'https' in 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\windfind4u.com'
Web Browser Security Settings: Found 'https' in 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\windowsupdate.com '
Web Browser Security Settings: Found 'http' in 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\xawm.biz'
Web Browser Security Settings: Found 'https' in 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\xawm.biz'
Web Browser Security Settings: Found 'http' in 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zviframe.biz'
Web Browser Security Settings: Found 'https' in 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zviframe.biz'
IE Downloaded Program Files: Found 'WScanCtl Class' in 'C:\WINDOWS\arclib.dll,C:\WINDOWS\Downloaded Program Files\webscan.dll,C:\WINDOWS\Downloaded Program Files\webscan.inf'
IE Downloaded Program Files: Found 'ActiveScan Installer Class' in 'C:\WINDOWS\Downloaded Program Files\asinst.inf'
Hosts File Alterations: Found '127.0.0.1' in ''
...
Hosts File Alterations: Found '127.0.0.1' in ''
Hosts File Alterations: Found '127.0.0.1' in ''
Windows Policy Settings: Found 'restrictanonymous' in 'SYSTEM\CurrentControlSet\Control\Lsa'
Windows Policy Settings: Found 'forceunlocklogon' in 'SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon'
Services: Found 'Diskeeper' in ''
Services: Found 'RVS CommCenter' in ''
Services: Found 'RvscomSv' in ''
Services: Found 'RVS Installer' in ''
Services: Found 'Webroot Spy Sweeper Engine' in ''
Windows Shell Settings: Found 'Browse With Paint Shop Pro 7' in 'SOFTWARE\Classes\Folder\shell\Browse With Paint Shop Pro 7'
Windows Shell Settings: Found 'Browse with Paint Shop Pro 8' in 'SOFTWARE\Classes\Folder\shell\Browse with Paint Shop Pro 8'
Windows Shell Settings: Found 'Kaspersky Anti-Virus' in 'SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\Kaspersky Anti-Virus'
Windows Shell Settings: Found 'Record To CD' in 'SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\Record To CD'
Windows Shell Settings: Found 'Kaspersky Anti-Virus' in 'SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\Kaspersky Anti-Virus'
Windows Shell Settings: Found 'SpySweeper' in 'SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\SpySweeper'
Windows Shell Settings: Found '{A0752120-6D75-D111-B5B1-0800095A2318}' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved'
Windows Shell Settings: Found '{A426B331-7F6F-4937-9B08-676A10A62F95}' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved'
Windows Shell Settings: Found '{FED7043D-346A-414D-ACD7-550D052499A7}' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved'
Windows Shell Settings: Found '{2C49B5D0-ACE7-4D17-9DF0-A254A6C5A0C5}' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved'
Windows Shell Settings: Found '{40950107-FEA6-4d53-A65F-B2DCBA57DD58}' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved'
Windows Shell Settings: Found '{FBFE7864-D495-41f0-B7DC-4BB601CC295E}' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved'
Windows Shell Settings: Found '{C0C4375A-5B72-4efe-929D-3B848C3A1E91}' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved'
Windows Shell Settings: Found '{73B24247-042E-4EF5-ADC2-42F62E6FD654}' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved'
Windows Shell Settings: Found '{D72E7B03-805E-4574-BC8C-6B09FDA8447A}' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved'
Windows Shell Settings: Found '{936D7100-3321-439A-833A-FAD885EA27BA}' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved'
Windows Shell Settings: Found '{21569614-B795-46b1-85F4-E737A8DC09AD}' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved'
Windows Shell Settings: Found '{7C9D5882-CB4A-4090-96C8-430BFE8B795B}' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved'
Windows Shell Settings: Found '{00DF1F20-0849-A4D1-0239-00D0AF3E9CB0}' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved'
Windows Shell Settings: Found 'AppData' in 'Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders'
Windows Shell Settings: Found 'Favorites' in 'Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders'
Windows Shell Settings: Found 'NetHood' in 'Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders'
Windows Shell Settings: Found 'Personal' in 'Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders'
Windows Shell Settings: Found 'PrintHood' in 'Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders'
Windows Shell Settings: Found 'Start Menu' in 'Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders'
Windows Shell Settings: Found 'Templates' in 'Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders'
Windows Shell Settings: Found 'Programs' in 'Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders'
Windows Shell Settings: Found 'Startup' in 'Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders'
Windows Shell Settings: Found 'Local Settings' in 'Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders'
Windows Shell Settings: Found 'Local AppData' in 'Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders'
Windows Shell Settings: Found 'Cache' in 'Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders'
Windows Shell Settings: Found 'History' in 'Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders'
Windows Shell Settings: Found 'My Pictures' in 'Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders'
Windows Shell Settings: Found 'My Music' in 'Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders'
Windows Shell Settings: Found 'Administrative Tools' in 'Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders'
Windows Shell Settings: Found 'CD Burning' in 'Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders'
Windows Shell Settings: Found 'My Video' in 'Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders'
Windows Shell Settings: Found 'AppData' in 'Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders'
Windows Shell Settings: Found 'Favorites' in 'Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders'
Windows Shell Settings: Found 'NetHood' in 'Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders'
Windows Shell Settings: Found 'Personal' in 'Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders'
Windows Shell Settings: Found 'PrintHood' in 'Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders'
Windows Shell Settings: Found 'Programs' in 'Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders'
Windows Shell Settings: Found 'Start Menu' in 'Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders'
Windows Shell Settings: Found 'Startup' in 'Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders'
Windows Shell Settings: Found 'Templates' in 'Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders'
Windows Shell Settings: Found 'My Pictures' in 'Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders'
Windows Shell Settings: Found 'Local Settings' in 'Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders'
Windows Shell Settings: Found 'Local AppData' in 'Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders'
Windows Shell Settings: Found 'Cache' in 'Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders'
Windows Shell Settings: Found 'History' in 'Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders'
Windows Shell Settings: Found 'Common AppData' in 'Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders'
Windows Shell Settings: Found 'Common Programs' in 'Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders'
Windows Shell Settings: Found 'Common Documents' in 'Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders'
Windows Shell Settings: Found 'Common Start Menu' in 'Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders'
Windows Shell Settings: Found 'CommonPictures' in 'Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders'
Windows Shell Settings: Found 'CommonMusic' in 'Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders'
Windows Shell Settings: Found 'CommonVideo' in 'Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders'
Windows Shell Settings: Found 'Common Favorites' in 'Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders'
Windows Shell Settings: Found 'Common Startup' in 'Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders'
Windows Shell Settings: Found 'Common Administrative Tools' in 'Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders'
Windows Shell Settings: Found 'Common Templates' in 'Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders'
Windows Shell Settings: Found 'Personal' in 'Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders'
Windows Shell Settings: Found 'Common Start Menu' in 'Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders'
Windows Shell Settings: Found 'Common Programs' in 'Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders'
Windows Shell Settings: Found 'Common Startup' in 'Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders'
Windows Shell Settings: Found 'Common AppData' in 'Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders'
Windows Shell Settings: Found 'Common Templates' in 'Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders'
Windows Shell Settings: Found 'Common Favorites' in 'Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders'
Windows Shell Settings: Found 'Common Documents' in 'Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders'
Program Startup Areas: Found 'SoundMan' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
Program Startup Areas: Found 'TkBellExe' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
Program Startup Areas: Found 'MessengerPlus3' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
Program Startup Areas: Found 'DataLayer' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
Program Startup Areas: Found 'PCSuiteTrayApplication' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
Program Startup Areas: Found 'KAVPersonal50' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
Program Startup Areas: Found 'SpySweeper' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
Program Startup Areas: Found 'Norton SystemWorks' in '.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
Program Startup Areas: Found 'MessengerPlus3' in 'S-1-5-21-842925246-823518204-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
Program Startup Areas: Found 'WinMX' in 'S-1-5-21-842925246-823518204-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
Program Startup Areas: Found 'ICQ Lite' in 'S-1-5-21-842925246-823518204-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce'
Program Startup Areas: Found 'PcSync' in 'S-1-5-21-842925246-823518204-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices'
Program Startup Areas: Found 'Norton SystemWorks' in 'S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
Started Scanning
Internet Cookies
CoolWebSearch Variants (CWShredder)
Programs in Memory
Windows Registry
Windows Registry: Found '' in 'S-1-5-21-842925246-823518204-682003330-1004\Software\Kazaa'
Windows Registry: Found '' in 'S-1-5-21-842925246-823518204-682003330-1004\Software\TrayNotifier\MediaLoads'
Windows Registry: Found '' in 'Software\Kazaa'
Windows Registry: Found '' in '.DEFAULT\SOFTWARE\New.net'
Windows Registry: Found '' in 'S-1-5-21-842925246-823518204-682003330-1004\SOFTWARE\New.net'
Windows Registry: Found '' in 'S-1-5-18\SOFTWARE\New.net'
Windows Registry: Found '' in 'S-1-5-21-842925246-823518204-682003330-1004\SOFTWARE\TrayNotifier'
Windows Registry: Found '' in 'SOFTWARE\Classes\magnet'
Windows Registry: Found '' in 'S-1-5-21-842925246-823518204-682003330-1004\Software\Microsoft\SystemCertificates\TrustedPublisher\Certificates\BD8400524261DF1ADBD8860F22C9CE2B97471448'
Windows Registry: Found '' in 'S-1-5-21-842925246-823518204-682003330-1004\Software\Local AppWizard-Generated Applications\Popup'
Windows Registry: Found '' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A394E835-C8D6-4B4B-884B-D2709059F3BE}'
Internet URL Shortcuts
Files and Directories
Files and Directories: Found '_ISREG32.DLL' in 'C:\Dokumente und Einstellungen\Standard\Desktop\Spiele\Ghetto'
Files and Directories: Found '_ISREG32.DLL' in 'C:\Dokumente und Einstellungen\Standard\Desktop\Spiele\Sauber'
Files and Directories: Found '' in 'C:\Programme\Kazaa'
Files and Directories: Found '' in 'C:\Programme\PowerStrip'
Files and Directories: Found 'icont.exe' in 'C:\WINDOWS'
Files and Directories: Found 'ts.ico' in 'C:\WINDOWS\system32'
Finished Scanning
Started Backup
Finished Backup
Started Cleaning
Windows Registry: Cleaned '' in 'S-1-5-21-842925246-823518204-682003330-1004\Software\Kazaa'
Windows Registry: Cleaned '' in 'S-1-5-21-842925246-823518204-682003330-1004\Software\TrayNotifier\MediaLoads'
Windows Registry: Cleaned '' in 'Software\Kazaa'
Windows Registry: Cleaned '' in '.DEFAULT\SOFTWARE\New.net'
Windows Registry: Cleaned '' in 'S-1-5-21-842925246-823518204-682003330-1004\SOFTWARE\New.net'
Windows Registry: Cleaned '' in 'S-1-5-18\SOFTWARE\New.net'
Windows Registry: Cleaned '' in 'S-1-5-21-842925246-823518204-682003330-1004\SOFTWARE\TrayNotifier'
Windows Registry: Cleaned '' in 'SOFTWARE\Classes\magnet'
Windows Registry: Cleaned '' in 'S-1-5-21-842925246-823518204-682003330-1004\Software\Microsoft\SystemCertificates\TrustedPublisher\Certificates\BD8400524261DF1ADBD8860F22C9CE2B97471448'
Windows Registry: Cleaned '' in 'S-1-5-21-842925246-823518204-682003330-1004\Software\Local AppWizard-Generated Applications\Popup'
Windows Registry: Cleaned '' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A394E835-C8D6-4B4B-884B-D2709059F3BE}'
Files and Directories: Cleaned '_ISREG32.DLL' in 'C:\Dokumente und Einstellungen\Standard\Desktop\Spiele\Ghetto'
Files and Directories: Cleaned '_ISREG32.DLL' in 'C:\Dokumente und Einstellungen\Standard\Desktop\Spiele\Sauber'
Files and Directories: Cleaned 'PShook.dll' in 'C:\Programme\PowerStrip'
Files and Directories: Cleaned 'pstrip.bak' in 'C:\Programme\PowerStrip'
Files and Directories: Cleaned 'pstrip.ini' in 'C:\Programme\PowerStrip'
Files and Directories: Cleaned '' in 'C:\Programme\PowerStrip'
Checking for 'C:\WINDOWS\icont.exe' in shortcut areas.
Checking for 'C:\WINDOWS\icont.exe' in startup areas.
Checking for 'C:\WINDOWS\icont.exe' in Add/Remove Programs.
Add/Remove Programs: Found 'ABBYY FineReader 4.0 Sprint' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'Ad-Aware SE Personal' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'Adobe Acrobat 4.0' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'Adobe Acrobat 5.0' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'AGFINSTALL' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'AntiVir/XP' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'Art Dabbler 2.1' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'Ashampoo WinOptimizer Suite' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'Azureus' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'BKWAEXT' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'Browser Mouse Browser Mouse' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'CleanUp!' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'Cossacks : Back To War' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'Cossacks : The Art Of War' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'D-Link VGA Webcam' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'dBpowerAMP Mp3 (Fraunhofer IIS Mp3Enc CLI)' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'dBpowerAMP Mp3 Blade Codec' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'dBpowerAMP mp3PRO Input Codec' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'dBpowerAMP Music Converter' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'dBpowerAMP Winamp Codec' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'dBpowerAMP WMA V7 Codec' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'dBpowerAMP WMA V8 Codec' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'dBpowerAMP WMA V8 Encoder (CLI)' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'dBpowerAMP WMA V9 Codec' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'Der IndustrieGigant' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'dMC mp3PRO (CLI) Encoder' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'Doc´s AAM Tool 1.1.0d' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'EAX Unified' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'EW : Cossacks' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'GENEUIDE' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'Gothic II' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'HandyBits EasyCrypto Deluxe' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'HijackThis' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'HyperSnap-DX' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'ICQ' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'ICQLite' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'iexpedition' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'Indeo® software' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'InstallShield_{3ECED7D1-E469-4BC6-8A93-5CB0FFE5EBF5}' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'InstallShield_{55F84D06-02A4-4F16-A551-31757EC8E60F}' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'iOpus Secure Email Attachments (SEA)' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'iRaTe2' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'IrfanView' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'iWare iWare Mouse' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'Jamagic' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'jetCast - Winamp DSP plugin' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'JRE 1.1' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'jv16 PowerTools_is1' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'Kaspersky Anti-Virus Personal Pro' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'KB870669' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'KB873333' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'KB873339' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'KB885250' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'KB885492' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'KB885835' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'KB885836' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'KB885884' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'KB886185' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'KB887472' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'KB887742' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'KB887797' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'KB888113' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'KB888302' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'KB890046' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'KB890047' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'KB890175' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'KB890859' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'KB891781' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'KB893066' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'KB893086' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'KB893756' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'KB893803' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'KB893803v2' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'KB896358' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'KB896422' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'KB896423' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'KB896424' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'KB896428' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'KB898458' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'KB898461' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'KB899587' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'KB899591' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'KB900725' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'KB900930' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'KB901017' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'KB901214' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'KB902400' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'KB904706' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'KB905414' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'KB905749' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'KB905915' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'KB908519' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'KB910437' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'KB912919' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'LHTTSGED' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'M886903' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'Macromedia Shockwave Player' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'MAX2' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'MediaKey' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'Microsoft .NET Framework 1.1 (1033)' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'Microsoft Interactive Training' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'Mihov Blank Screen_is1' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'mIRC' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'Mozilla Firefox (1.0.7)' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'MRW!UninstallKey' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'MsgPlus! Plugin' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'MSN Toolbar' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'MSTTS' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'Mustek 1200 UB Plus v2.0' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'MyCDPro.exe' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'N.I.C.E. 2' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'Nero - Burning Rom!UninstallKey' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'NimoCorp' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'NMIX!UninstallKey' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'onlineTV' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'Panda ActiveScan' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'Panda spyXposer' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'PCHealth' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'QuickCam SDK' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'QuickTime' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'RealJukebox 1.0' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'RealPlayer 6.0' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'SetMyCache_is1' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'Shockwave' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'Sierra Utilities' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'Sierra-Dienstprogramme' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'SLAMRNTO' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'Spybot - Search & Destroy_is1' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'StarOffice 5.0' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'TDSLSM' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'Teamspeak 2 RC2_is1' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'Telekom TK-Soft' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'VN_VUIns_Rhine_VIA' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'Winamp' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'Winamp 5.02 Deutsche Sprachdatei v14' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'Windows XP Service Pack' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'WinMX' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'WinRAR archiver' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'WinZip' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'wm8eutil' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'WOLAPI' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found 'XoftSpy' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found '{0D93041A-03EC-11DA-BFBD-00065BBDC0B5}' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found '{0F6A7971-0F11-4A79-A0E9-133D0963A570}' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found '{0F9196C6-58B4-445B-B56E-B1200FECC151}' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found '{183B17C9-6BF5-4614-B00D-0E46C09BFFD3}' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found '{200F584F-848D-4B6B-B1A1-C74D735F18A4}' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found '{302AC480-43D2-11D5-A818-00500435FC18}' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found '{319D9385-EEC1-4ae5-BFD1-C5DE1E063F30}' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found '{3248F0A8-6813-11D6-A77B-00B0D0150020}' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found '{3248F0A8-6813-11D6-A77B-00B0D0150040}' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found '{43DCF766-6838-4F9A-8C91-D92DA586DFA7}' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found '{5AE68DC3-F16E-457D-947A-092D614C7ABD}_is1' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found '{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found '{63E921D9-799A-44F9-A742-DE3DC968AFEF}' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found '{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found '{78B283AC-7F3C-41ED-9102-28E12CE08026}' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found '{81A34902-9D0B-4920-A25C-4CDC5D14B328}' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found '{868D7896-99D4-4513-BC62-2B3AD3E24926}' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found '{8855FF30-19CE-4CB1-A654-87B38369CCE1}' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found '{90280407-6000-11D3-8CFE-0050048383C9}' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found '{9AA761E6-CA51-4FF2-A552-D51638BF0595}' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found '{BBF10B37-4ED3-11D5-A818-00500435FC18}' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found '{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found '{D07643A3-CE41-4286-8C78-EB9C83E76DDB}' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found '{D1B3874F-3057-11D6-B2EA-0050BA18806B}' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found '{D6DE02C7-1F47-11D4-9515-00105AE4B89A}' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found '{D77DBB31-D3EB-4405-8785-488CA60ECE46}' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found '{E142615E-5ED8-4511-9BF0-0284BFA25766}' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found '{E35B3C63-E958-4E31-A178-95D22024109A}' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found '{E78BFA60-5393-4C38-82AB-E8019E464EB4}' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found '{F09FB343-2806-4F48-846D-705352D30334}' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found '{F906B0E4-1A88-48A5-B698-E9C31B52BB83}' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Add/Remove Programs: Found '{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall'
Files and Directories: Cleaned 'icont.exe' in 'C:\WINDOWS'
Files and Directories: Cleaned 'ts.ico' in 'C:\WINDOWS\system32'
Finished Cleaning

#12 ja ja, wie man sich doch mit P2P den PC verseuchen kann...hoffe, du hast draus gelernt

Nun sollte eigentlich wieder alles in ordnung sein.

wende das noch an:
Hoster.zip
http://www.funkytoad.com/download/hoster.zip
Press 'Restore Original Hosts' and press 'OK' Exit Program.
__________
MfG Sabina

rund um die PC-Sicherheit

#13 Also ich sag dann mal danke. Werd das jetzt wohl noch nen Tag so probieren, und wenns dann alles wieder zufriedenstellend läuft, werd ich mal PayPal nutzen... Vielen DANK

#edit:
Also der Fehler bzw die Fehler sind leider immer noch da, obwohl ich die Hosts-Datei extra im abgesicherten Modus nochmal auf original umgeschrieben hab, weil ich dachte, dass es im normalen Modus nicht geht... sieht so aus als wars das böse P2P doch nicht ^^



#edit2: ich hab jetzt mal eScan drüber laufen lassen... 179 Viren und 685 Fehler... also gibt noch nen Haufen arbeit ^^

#14 dann kopiere hier den scanreport vom escan (die Fehler brauchst du nicht mit abzukopieren, nur die Viren
__________
MfG Sabina

rund um die PC-Sicherheit

#15 Gibts da auch ne einfache möglichkeit? Ich hab die Dinger ganz verstreut in der Log die ich anhängen möchte, was aber nicht geht, weil die Log-Datei über 20 MB groß ist...
Kann sein, dass ich mich getäuscht hab, aber gabs da nicht nen eScan, der ohne registrierung gecleant hat? (freeware)
Außerdem glaub ich, dass bei mir der l2mfix nix gebracht hat... was isn das fürn Kennwort wenn man den ausführen will in der Nummer 2?

edit: hab jetzt mal alle l2m-infizierte Dateien (lauter .dll) aus dem System32-Ordner gelöscht per hand mal schaun obs was bringt...

edit2: hat schonmal nix gebracht, hab sie jetzt vorsichtshalber wiederhergestellt...