Antispywarebox und noch mehr? |
||
|---|---|---|
| #0
| ||
|
19.06.2006, 23:51
Member
Beiträge: 11 |
||
 
|
|
|
|
20.06.2006, 13:45
Ehrenmitglied
 Beiträge: 29434 |
#2
Avenger
http://virus-protect.org/artikel/tools/avenger.html kopiere rein: Zitat Files to delete:Klicke die gruene Ampel das Script wird nun ausgeführt, dann wird der PC automatisch neustarten ** poste das log vom Avenger ** öffne das HijackThis -- Button "scan" -- vor die Malware-Einträge Häkchen setzen -- Button "Fix checked" -- PC neustarten Zitat O2 - BHO: (no name) - {00000000-59D4-4008-9058-080011001200} - (no file)PC neustarten ---------------------------------------------------------------- wende smitfraudfix nach Anweisungen an http://virus-protect.org/artikel/tools/smitfrautfix.html ---------------------------------------------------------------- Lade echo.zip --> entpacken--> klicke echo.bat --> der Texteditor wird sich öffnen--> Text abkopieren http://virus-protect.org/bat/echo.zip __________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
|
20.06.2006, 18:47
Member
Themenstarter Beiträge: 11 |
#3
Avenger:
Logfile of The Avenger version 1, by Swandog46 Running from registry key: \Registry\Machine\System\CurrentControlSet\Services\baoihkur ******************* Script file located at: \??\C:\scfrkwqj.txt Script file opened successfully. Script file read successfully Backups directory opened successfully at C:\Avenger ******************* Beginning to process script file: File C:\WINDOWS\system32\users32.exe deleted successfully. File C:\WINDOWS\system32\winlogon.ini deleted successfully. File C:\WINDOWS\system32\lrf.dat deleted successfully. File C:\WINDOWS\system32\adobepnl.dll not found! Deletion of file C:\WINDOWS\system32\adobepnl.dll failed! Could not process line: C:\WINDOWS\system32\adobepnl.dll Status: 0xc0000034 File C:\WINDOWS\system32\vir.txt deleted successfully. File C:\WINDOWS\system32\my_update.exe deleted successfully. File C:\WINDOWS\system32\lud.dat deleted successfully. File C:\WINDOWS\system32\scngcf.dat deleted successfully. File C:\WINDOWS\system32\0,9310724 deleted successfully. File C:\WINDOWS\system32\winflash.dll deleted successfully. File C:\WINDOWS\system32\qjrkvy.exe deleted successfully. File C:\WINDOWS\system32\thlwin32.dll deleted successfully. File C:\WINDOWS\system32\a.exe deleted successfully. File C:\WINDOWS\system32\bridge.dll deleted successfully. File C:\WINDOWS\system32\jao.dll deleted successfully. File C:\WINDOWS\system32\udpmod.dll deleted successfully. File C:\WINDOWS\system32\questmod.dll deleted successfully. File C:\WINDOWS\system32\txfdb32.dll deleted successfully. File C:\WINDOWS\system32\runsrv32.exe deleted successfully. File C:\WINDOWS\system32\wstart.dll deleted successfully. File C:\WINDOWS\system32\runsrv32.dll deleted successfully. File C:\WINDOWS\system32\tcpservice2.exe deleted successfully. File C:\WINDOWS\system32\alxres.dll deleted successfully. File C:\WINDOWS\system32\dailytoolbar.dll deleted successfully. File C:\WINDOWS\system32\zlbw.dll deleted successfully. File C:\WINDOWS\system32\winsub.xml deleted successfully. File C:\WINDOWS\system32\svcp.csv deleted successfully. File C:\WINDOWS\system32\KeyHelp.ocx deleted successfully. File C:\WINDOWS\system32\stera.log deleted successfully. File C:\WINDOWS\system32\productregistry deleted successfully. File C:\Dokumente und Einstellungen\Marco\Lokale Einstellungen\Temp\tmp18.tmp deleted successfully. File C:\Dokumente und Einstellungen\Marco\Lokale Einstellungen\Temp\tmp7.tmp deleted successfully. File C:\Dokumente und Einstellungen\Marco\Lokale Einstellungen\Temp\EAD8.exe deleted successfully. File C:\Dokumente und Einstellungen\Marco\Lokale Einstellungen\Temp\EAD8.tmp deleted successfully. File C:\Dokumente und Einstellungen\Marco\Lokale Einstellungen\Temp\~DF1D38.tmp deleted successfully. File C:\Dokumente und Einstellungen\Marco\Lokale Einstellungen\Temp\~DF96C0.tmp deleted successfully. File C:\Dokumente und Einstellungen\Marco\Lokale Einstellungen\Temp\5psk0o99.exe deleted successfully. File C:\Dokumente und Einstellungen\Marco\Lokale Einstellungen\Temp\EAD7.exe deleted successfully. File C:\Dokumente und Einstellungen\Marco\Lokale Einstellungen\Temp\EAD7.tmp deleted successfully. File C:\Dokumente und Einstellungen\Marco\Lokale Einstellungen\Temp\EAD6.exe deleted successfully. File C:\Dokumente und Einstellungen\Marco\Lokale Einstellungen\Temp\EAD6.tmp deleted successfully. File C:\Dokumente und Einstellungen\Marco\Lokale Einstellungen\Temp\EAD5.exe deleted successfully. File C:\Dokumente und Einstellungen\Marco\Lokale Einstellungen\Temp\EAD5.tmp deleted successfully. File C:\Dokumente und Einstellungen\Marco\Lokale Einstellungen\Temp\tmp-3.xpi deleted successfully. File C:\Dokumente und Einstellungen\Marco\Lokale Einstellungen\Temp\EAD4.exe deleted successfully. File C:\Dokumente und Einstellungen\Marco\Lokale Einstellungen\Temp\EAD4.tmp deleted successfully. File C:\Dokumente und Einstellungen\Marco\Lokale Einstellungen\Temp\fc86D.tmp deleted successfully. File C:\Dokumente und Einstellungen\Marco\Lokale Einstellungen\Temp\cq76C.tmp deleted successfully. File C:\Dokumente und Einstellungen\Marco\Lokale Einstellungen\Temp\EAD3.exe deleted successfully. File C:\Dokumente und Einstellungen\Marco\Lokale Einstellungen\Temp\EAD3.tmp deleted successfully. File C:\Dokumente und Einstellungen\Marco\Lokale Einstellungen\Temp\EAD2.exe deleted successfully. File C:\Dokumente und Einstellungen\Marco\Lokale Einstellungen\Temp\EAD2.tmp deleted successfully. File C:\Dokumente und Einstellungen\Marco\Lokale Einstellungen\Temp\EAD1.exe deleted successfully. File C:\Dokumente und Einstellungen\Marco\Lokale Einstellungen\Temp\EAD1.tmp deleted successfully. File C:\WINDOWS\x.gif deleted successfully. File C:\WINDOWS\win_logo.gif deleted successfully. File C:\WINDOWS\warning_icon.gif deleted successfully. File C:\WINDOWS\v.gif deleted successfully. File C:\WINDOWS\warning-bar-ico.gif deleted successfully. File C:\WINDOWS\ts_header.gif deleted successfully. File C:\WINDOWS\ts.gif deleted successfully. File C:\WINDOWS\star_gray_small.gif deleted successfully. File C:\WINDOWS\star_gray.gif deleted successfully. File C:\WINDOWS\star_small.gif deleted successfully. File C:\WINDOWS\spacer.gif deleted successfully. File C:\WINDOWS\spyware-detected.gif deleted successfully. File C:\WINDOWS\spacer.gif' deleted successfully. File C:\WINDOWS\sep_vert.gif deleted successfully. File C:\WINDOWS\star.gif deleted successfully. File C:\WINDOWS\security_center_caption.gif deleted successfully. File C:\WINDOWS\security-center-logo.gif deleted successfully. File C:\WINDOWS\sep_hor.gif deleted successfully. File C:\WINDOWS\security-center-bg.gif deleted successfully. File C:\WINDOWS\scan_btn.gif deleted successfully. File C:\WINDOWS\rf_header.gif deleted successfully. File C:\WINDOWS\main_back.gif deleted successfully. File C:\WINDOWS\infected.gif deleted successfully. File C:\WINDOWS\header_4.gif deleted successfully. File C:\WINDOWS\rf.gif deleted successfully. File C:\WINDOWS\header_2.gif deleted successfully. File C:\WINDOWS\header_3.gif deleted successfully. File C:\WINDOWS\header_1.gif deleted successfully. File C:\WINDOWS\footer_back.gif deleted successfully. File C:\WINDOWS\download_box.gif deleted successfully. File C:\WINDOWS\features.gif deleted successfully. File C:\WINDOWS\footer_back.jpg deleted successfully. File C:\WINDOWS\close-bar.gif deleted successfully. File C:\WINDOWS\button_freescan.gif deleted successfully. File C:\WINDOWS\button_buynow.gif deleted successfully. File C:\WINDOWS\box_3.gif deleted successfully. File C:\WINDOWS\box_1.gif deleted successfully. File C:\WINDOWS\box_2.gif deleted successfully. File C:\WINDOWS\as_header.gif deleted successfully. File C:\WINDOWS\as.gif deleted successfully. File C:\WINDOWS\bg.gif deleted successfully. File C:\WINDOWS\about_spyware_bg.gif deleted successfully. File C:\WINDOWS\about_spyware_bottom.gif deleted successfully. File C:\WINDOWS\Pynix.dll deleted successfully. File C:\WINDOWS\dlmax.dll deleted successfully. File C:\WINDOWS\BTGrab.dll deleted successfully. File C:\WINDOWS\susp.exe deleted successfully. File C:\WINDOWS\ZServ.dll deleted successfully. File C:\WINDOWS\alexaie.dll deleted successfully. File C:\WINDOWS\alxtb1.dll deleted successfully. File C:\WINDOWS\alxie328.dll deleted successfully. Completed script processing. ******************* Finished! Terminate. ---------------------------- echo.zip: 10)DPF???? Datentr„ger in Laufwerk C: ist ACER Volumeseriennummer: 320D-180E Verzeichnis von C:\WINDOWS\Downloaded Program Files 31.03.2005 01:48 <DIR> . 31.03.2005 01:48 <DIR> .. 0 Datei(en) 0 Bytes Anzahl der angezeigten Dateien: 0 Datei(en) 0 Bytes 2 Verzeichnis(se), 15.496.314.880 Bytes frei ---------------------------------------------------------- hab ich alles richtig gemacht? :-) Dieser Beitrag wurde am 20.06.2006 um 19:08 Uhr von voudoo editiert.
|
|
|
|
|
|
|
20.06.2006, 23:46
Ehrenmitglied
Beiträge: 29434 |
#4
1.
um den Swizzor-Trojaner zu loeschen: look.zip laden - entpacken - look.bat - doppeltklicken - kopiere den Text ab, der erscheint http://virus-protect.org/zip/look.zip 2.. Arbeitsplatz-->Rechtsklick, dann auf Eigenschaften--->Reiter Systemwiederherstellung--->Häkchen setzen bei Systemwiederherstellung auf allen Laufwerken deaktivieren. 3. scanne mit kaspersky und poste den scanreport http://virus-protect.org/onlinescan.html __________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
|
09.07.2006, 14:19
Member
Themenstarter Beiträge: 11 |
#5
-------------------------------------------------
kaspersky: Scan Target Critical Areas C:\WINDOWS C:\DOKUME~1\Marco\LOKALE~1\Temp\ Scan Statistics Total number of scanned objects 13918 Number of viruses found 0 Number of infected objects 0 / 0 Number of suspicious objects 0 Duration of the scan process 00:08:54 Infected Object Name Virus Name Last Action C:\WINDOWS\system32\config\system.LOG Object is locked skipped C:\WINDOWS\system32\config\software.LOG Object is locked skipped C:\WINDOWS\system32\config\default.LOG Object is locked skipped C:\WINDOWS\system32\config\SECURITY Object is locked skipped C:\WINDOWS\system32\config\SAM Object is locked skipped C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped C:\WINDOWS\system32\config\SYSTEM Object is locked skipped C:\WINDOWS\system32\config\SOFTWARE Object is locked skipped C:\WINDOWS\system32\config\DEFAULT Object is locked skipped C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped C:\WINDOWS\system32\drivers\sptd6109.sys Object is locked skipped C:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped C:\WINDOWS\system32\h323log.txt Object is locked skipped C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\Sti_Trace.log Object is locked skipped C:\WINDOWS\wiaservc.log Object is locked skipped C:\WINDOWS\wiadebug.log Object is locked skipped C:\WINDOWS\WindowsUpdate.log Object is locked skipped C:\WINDOWS\SchedLgU.Txt Object is locked skipped C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped C:\DOKUME~1\Marco\LOKALE~1\Temp\~DF3092.tmp Object is locked skipped C:\DOKUME~1\Marco\LOKALE~1\Temp\~DF309C.tmp Object is locked skipped C:\DOKUME~1\Marco\LOKALE~1\Temp\~DF948A.tmp Object is locked skipped C:\DOKUME~1\Marco\LOKALE~1\Temp\~DF9494.tmp Object is locked skipped C:\DOKUME~1\Marco\LOKALE~1\Temp\~DF4318.tmp Object is locked skipped C:\DOKUME~1\Marco\LOKALE~1\Temp\~DF4325.tmp Object is locked skipped C:\DOKUME~1\Marco\LOKALE~1\Temp\~DF5152.tmp Object is locked skipped Scan process completed. |
|
|
|
|
|
|
09.07.2006, 14:25
Ehrenmitglied
Beiträge: 29434 |
#6
du hast die look.zip auf D:\ entpackt, dass hilft nicht weiter, entpacke sie bitte auf C:\
__________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
|
09.07.2006, 17:55
Member
Themenstarter Beiträge: 11 |
#7
nochmal look.zip:
Verzeichnis von C:\Dokumente und Einstellungen\Marco\Anwendungsdaten 13.03.2006 21:53 <DIR> . 13.03.2006 21:53 <DIR> .. 31.03.2005 01:55 <DIR> IDENTI~1 Identities 31.03.2005 17:11 <DIR> YOU'VE~1 You've Got Pictures Screensaver 31.03.2005 17:12 <DIR> AOL 14.03.2006 01:12 <DIR> MACROM~1 Macromedia 14.03.2006 01:16 <DIR> T-ONLINE T-Online 14.03.2006 01:20 <DIR> ADOBE Adobe 13.03.2006 23:40 <DIR> MOZILLA Mozilla 13.03.2006 23:45 <DIR> ICQLITE ICQLite 13.03.2006 23:51 <DIR> SYMANTEC Symantec 22.03.2006 14:58 <DIR> ADOBEUM AdobeUM 23.03.2006 19:13 <DIR> ELSEPL~1 Else plus 23.03.2006 19:13 <DIR> NETPUM~1 NetPumper 23.03.2006 19:23 <DIR> EQFILE~1 EQFILEARMY 29.03.2006 18:34 <DIR> THUNDE~1 Thunderbird 29.03.2006 18:34 <DIR> TALKBACK Talkback 10.04.2006 10:36 <DIR> CYBERL~1 CyberLink 18.04.2006 22:55 <DIR> SUN Sun 19.04.2006 08:20 <DIR> WINANT~1 WinAntiVirus Pro 2006 29.05.2006 13:13 <DIR> REAL Real 30.05.2006 17:06 <DIR> SKYPE Skype 30.05.2006 19:28 <DIR> TEAMSP~1 teamspeak2 31.05.2006 12:39 0 dm.ini 31.05.2006 12:39 2.788 ADOBEDLM.LOG AdobeDLM.log 08.06.2006 21:41 <DIR> LEADER~1 Leadertech 19.06.2006 20:31 <DIR> HELP Help 03.07.2006 16:37 <DIR> SMARTD~1 SmartDraw 2 Datei(en) 2.788 Bytes 26 Verzeichnis(se), 24.261.328.896 Bytes frei Datentr„ger in Laufwerk C: ist ACER Volumeseriennummer: 320D-180E Verzeichnis von C:\Dokumente und Einstellungen\All Users\Anwendungsdaten 31.03.2005 01:40 <DIR> . 31.03.2005 01:40 <DIR> .. 31.03.2005 02:10 <DIR> ADOBE Adobe 31.03.2005 17:10 <DIR> AOL 31.03.2005 17:11 <DIR> QUICKT~1 QuickTime 31.03.2005 17:11 <DIR> VIEWPO~1 Viewpoint 13.03.2006 21:55 <DIR> INTEL Intel 14.03.2006 01:15 <DIR> T-ONLINE T-Online 13.03.2006 23:51 <DIR> SYMANTEC Symantec 23.03.2006 19:13 <DIR> DOWNLO~1 downloadbirdbalmfrag 19.04.2006 08:20 <DIR> WINANT~1 WinAntiVirus Pro 2006 15.05.2006 08:40 <DIR> ANTIVI~1 AntiVir PersonalEdition Classic 15.05.2006 08:44 305 ADDR_F~1.HTM addr_file.html 30.05.2006 17:06 <DIR> SKYPE Skype 14.06.2006 10:41 <DIR> SECTAS~1 SecTaskMan 26.06.2006 17:26 <DIR> YAHOO!~1 Yahoo! Companion 08.07.2006 18:46 <DIR> PINNACLE Pinnacle 1 Datei(en) 305 Bytes 16 Verzeichnis(se), 24.261.328.896 Bytes frei Datentr„ger in Laufwerk C: ist ACER Volumeseriennummer: 320D-180E Verzeichnis von C:\WINDOWS\tasks 04.08.2004 05:00 65 desktop.ini 06.07.2006 15:27 6 SA.DAT 09.07.2006 17:00 264 A5EE6FC19185E509.job 3 Datei(en) 335 Bytes 0 Verzeichnis(se), 24.261.328.896 Bytes frei |
|
|
|
|
|
|
09.07.2006, 19:35
Ehrenmitglied
Beiträge: 29434 |
#8
voudoo
Information LOOP- Swizzor http://virus-protect.org/artikel/spyware/lop1.html da ist ja sogar ein WinAntiVirus Pro 2006 drauf !!!!!!!! der muss unbedingt geloescht werden ! nun weisst du, woher all die Viren auf dem Rechner kommen ! http://virus-protect.org/artikel/spyware/winantivirus_%20pro_%202006.html ----------------------------------------------------------------------- 1. Versteckte- und Systemdateien sichtbar machen http://virus-protect.org/invisible.html 2. PC neustarten (in den abgesicherten Modus) --> F8 drücken, wenn der PC hochfährt das ist notwendig, denn im Normalmodus kann man die Dateien nicht löschen 3. loeschen: C:\Dokumente und Einstellungen\Marco\Anwendungsdaten\Else plus C:\Dokumente und Einstellungen\Marco\Anwendungsdaten\NetPumper C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\downloadbirdbalmfrag C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WinAntiVirus Pro 2006 C:\WINDOWS\system32\fwsvc.sys C:\Programme\Gemeinsame Dateien\WinAntiVirus Pro 2006 C:\Programme\Common Files\Companion Wizard C:\Programme\WinAntiVirus Pro 2006-> desinstallieren ! 4. boote wieder in den Normalmodus 5. Arbeitsplatz --> Rechtsklick, dann auf Eigenschaften ---> Reiter Systemwiederherstellung ---> Häkchen setzen bei Systemwiederherstellung auf allen Laufwerken deaktivieren. (dann wieder aktivieren) 6. Start -- alle Programme -- Zubehör -- Editor und kopiere folgenden Text rein: Zitat %systemdrive%- Speichern als: remjob.bat - abspeichern unter : Dateityp: alle Dateien - speichere auf dem Desktop - Locate remjob.bat-- doppelklick auf die bat-Datei , der Editor öffnet sich kurz ist normal 7. Counterspy http://virus-protect.org/counterspy.html nach dem scan stelle alles auf "remove" und poste den scanreport __________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
|
09.07.2006, 21:36
Member
Themenstarter Beiträge: 11 |
#9
Spyware Scan Details
Start Date: 09.07.2006 21:20:16 End Date: 09.07.2006 21:33:28 Total Time: 13 mins 12 secs Detected spyware AntiLeech Plugin Adware (General) more information... Details: Plugin is an Ad-Ware software which enables the broadcasting of advertisements, and execution of e-commerce and other internet related services on the user-interface of the software. Status: Deleted Infected registry entries detected HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Anti-Leech ALIE NetPumper Adware Bundler more information... Details: Bundles with a number of adware components. Status: Deleted Infected files detected c:\programme\netpumper\zm\np_0070_1.exe Infected registry entries detected HKEY_LOCAL_MACHINE\SOFTWARE\NetPumper HKEY_LOCAL_MACHINE\SOFTWARE\NetPumper\Affiliated\Pro\Firstrun state 2 HKEY_LOCAL_MACHINE\SOFTWARE\NetPumper\Affiliated\Pro state 2 HKEY_LOCAL_MACHINE\SOFTWARE\NetPumper\Affiliated\Pro pkid coredown HKEY_LOCAL_MACHINE\SOFTWARE\NetPumper\Affiliated\Pro alid coredown HKEY_LOCAL_MACHINE\SOFTWARE\NetPumper\Affiliated\Pro iid {49970C54-4828-4167-B2A8-B925B3F00B1C} HKEY_LOCAL_MACHINE\SOFTWARE\NetPumper VersionInfo X6ZzNFYbdieX3UsHd3vNAk8ZnQZE7h5u-XUdEfwyxYvZgDNl6jhL16tEyXjNcY-9LCob+r99Ljqs-ZU61IoF-r3Ln7f-fhu4j0ony8eRCXoFwrS9d6PiGR4JqU8EoEdslj3Dwcju40stxe+LtRMCtOpQpWKMJtVNYVo5wQ-UvWqxXhDKvCK+2Vfe5l08mn15E4nQaa-C4UQc HKEY_CLASSES_ROOT\Interface\{A8B0F390-E6BF-4027-A4D4-1E4363F5E27B} HKEY_CLASSES_ROOT\Interface\{A8B0F390-E6BF-4027-A4D4-1E4363F5E27B}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{A8B0F390-E6BF-4027-A4D4-1E4363F5E27B}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{A8B0F390-E6BF-4027-A4D4-1E4363F5E27B}\TypeLib {1145A909-A836-44B8-B03A-48D858B0F43E} HKEY_CLASSES_ROOT\Interface\{A8B0F390-E6BF-4027-A4D4-1E4363F5E27B}\TypeLib Version 1.2 HKEY_CLASSES_ROOT\Interface\{A8B0F390-E6BF-4027-A4D4-1E4363F5E27B} IAddUrl HKEY_CLASSES_ROOT\Interface\{A9E33220-0B05-11D7-88D2-444553540000} HKEY_CLASSES_ROOT\Interface\{A9E33220-0B05-11D7-88D2-444553540000}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{A9E33220-0B05-11D7-88D2-444553540000}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{A9E33220-0B05-11D7-88D2-444553540000}\TypeLib {1145A909-A836-44B8-B03A-48D858B0F43E} HKEY_CLASSES_ROOT\Interface\{A9E33220-0B05-11D7-88D2-444553540000}\TypeLib Version 1.2 HKEY_CLASSES_ROOT\Interface\{A9E33220-0B05-11D7-88D2-444553540000} IAddPackage HKEY_CLASSES_ROOT\Interface\{E0ABBF96-17DC-44CA-96D0-6217064A97BA} HKEY_CLASSES_ROOT\Interface\{E0ABBF96-17DC-44CA-96D0-6217064A97BA}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{E0ABBF96-17DC-44CA-96D0-6217064A97BA}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{E0ABBF96-17DC-44CA-96D0-6217064A97BA}\TypeLib {F7258F6E-9F60-49C0-8C82-F0A0993D68E0} HKEY_CLASSES_ROOT\Interface\{E0ABBF96-17DC-44CA-96D0-6217064A97BA}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{E0ABBF96-17DC-44CA-96D0-6217064A97BA} INetscapeInterface HKEY_CLASSES_ROOT\TypeLib\{F7258F6E-9F60-49C0-8C82-F0A0993D68E0} HKEY_CLASSES_ROOT\TypeLib\{F7258F6E-9F60-49C0-8C82-F0A0993D68E0}\1.0\0\win32 C:\Programme\NetPumper\NetPumperNNProxy.dll HKEY_CLASSES_ROOT\TypeLib\{F7258F6E-9F60-49C0-8C82-F0A0993D68E0}\1.0\FLAGS 0 HKEY_CLASSES_ROOT\TypeLib\{F7258F6E-9F60-49C0-8C82-F0A0993D68E0}\1.0\HELPDIR C:\Programme\NetPumper\ HKEY_CLASSES_ROOT\TypeLib\{F7258F6E-9F60-49C0-8C82-F0A0993D68E0}\1.0 NetPumperNNProxy Library HKEY_CURRENT_USER\Software\NetPumper HKEY_CURRENT_USER\Software\NetPumper\Marco Field1 1001540419 HKEY_CURRENT_USER\Software\NetPumper\Marco Field2 352074586 HKEY_CURRENT_USER\Software\NetPumper\Marco Field3 1137531821 HKEY_CURRENT_USER\Software\NetPumper\Marco Field4 32439508 WinAntiVirus Pro Rogue Security Program more information... Status: Deleted Infected files detected C:\Programme\Common Files\Companion Wizard\WapCHK.dll Infected registry entries detected HKEY_CLASSES_ROOT\CLSID\{1AC5C88A-DEA7-462b-A232-04AF5CA42E7E} AppID HKEY_CLASSES_ROOT\CLSID\{1AC5C88A-DEA7-462b-A232-04AF5CA42E7E}\InprocServer32 ThreadingModel Apartment HKEY_CLASSES_ROOT\CLSID\{1AC5C88A-DEA7-462b-A232-04AF5CA42E7E}\Programmable HKEY_CLASSES_ROOT\TypeLib\{1234890A-5E6E-4867-8136-CA6F1456B235} HKEY_CLASSES_ROOT\TypeLib\{1234890A-5E6E-4867-8136-CA6F1456B235}\1.0\0\win32 C:\Programme\Common Files\Companion Wizard\WapCHK.dll HKEY_CLASSES_ROOT\TypeLib\{1234890A-5E6E-4867-8136-CA6F1456B235}\1.0\FLAGS 0 HKEY_CLASSES_ROOT\TypeLib\{1234890A-5E6E-4867-8136-CA6F1456B235}\1.0\HELPDIR C:\Programme\Common Files\Companion Wizard\ HKEY_CLASSES_ROOT\TypeLib\{1234890A-5E6E-4867-8136-CA6F1456B235}\1.0 CheckProduct2Lib HKEY_CLASSES_ROOT\TypeLib\{732B6533-7F78-4C47-9C01-2979BA0829B9} HKEY_CLASSES_ROOT\TypeLib\{732B6533-7F78-4C47-9C01-2979BA0829B9}\1.0\0\win32 C:\Programme\WinAntiVirus Pro 2006\WAV6COM.dll HKEY_CLASSES_ROOT\TypeLib\{732B6533-7F78-4C47-9C01-2979BA0829B9}\1.0\FLAGS 0 HKEY_CLASSES_ROOT\TypeLib\{732B6533-7F78-4C47-9C01-2979BA0829B9}\1.0\HELPDIR C:\Programme\WinAntiVirus Pro 2006\ HKEY_CLASSES_ROOT\TypeLib\{732B6533-7F78-4C47-9C01-2979BA0829B9}\1.0 WAV6COM 1.0 Type Library HKEY_CURRENT_USER\Software\WinAntiVirus Pro 2006 StoreHistory 0 HKEY_CURRENT_USER\Software\WinAntiVirus Pro 2006 AllowPopupClickType 1 HKEY_CURRENT_USER\Software\WinAntiVirus Pro 2006 NormalizeOpenedPopups 1 HKEY_CURRENT_USER\Software\WinAntiVirus Pro 2006 NormalizeAddBorders 1 HKEY_CURRENT_USER\Software\WinAntiVirus Pro 2006 NormalizeFitToDesktop 1 HKEY_CURRENT_USER\Software\WinAntiVirus Pro 2006 NormalizeAddMenuAndToolbar 1 HKEY_CURRENT_USER\Software\WinAntiVirus Pro 2006 TimedPopupLimit 2 HKEY_CURRENT_USER\Software\WinAntiVirus Pro 2006 StartBlockOnTimedPopups 0 HKEY_CURRENT_USER\Software\WinAntiVirus Pro 2006 BlockDomainPopupLimit 2 HKEY_CURRENT_USER\Software\WinAntiVirus Pro 2006 BlockDomainOnPopups 0 HKEY_CURRENT_USER\Software\WinAntiVirus Pro 2006 Active 1 HKEY_CURRENT_USER\Software\WinAntiVirus Pro 2006 DefaultAction 1 HKEY_CURRENT_USER\Software\WinAntiVirus Pro 2006\Settings VSScan 0 HKEY_CURRENT_USER\Software\WinAntiVirus Pro 2006\Settings VirusShield 1 HKEY_CURRENT_USER\Software\WinAntiVirus Pro 2006\Settings MailProtect 1 SexTracker.com Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count Status: Deleted Infected cookies detected c:\dokumente und einstellungen\marco\cookies\marco@sextracker[2].txt c:\dokumente und einstellungen\marco\cookies\marco@sextracker[1].txt Mediaplex.com Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count Status: Deleted Infected cookies detected c:\dokumente und einstellungen\marco\cookies\marco@mediaplex[1].txt c:\dokumente und einstellungen\marco\cookies\marco@mediaplex[2].txt Anti-Leech.com Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count Status: Deleted Infected cookies detected c:\dokumente und einstellungen\marco\cookies\marco@anti-leech[2].txt Lop.com Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count Status: Deleted Infected cookies detected c:\dokumente und einstellungen\marco\cookies\marco@lop[1].txt DoubleClick Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count Status: Deleted Infected cookies detected c:\dokumente und einstellungen\marco\cookies\marco@doubleclick[2].txt c:\dokumente und einstellungen\marco\cookies\marco@doubleclick[1].txt PriceBandit Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count Status: Deleted Infected cookies detected c:\dokumente und einstellungen\marco\cookies\marco@apmebf[2].txt c:\dokumente und einstellungen\marco\cookies\marco@apmebf[1].txt Advertising.com Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count Status: Deleted Infected cookies detected c:\dokumente und einstellungen\marco\cookies\marco@advertising[1].txt ATDMT.com Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count Status: Deleted Infected cookies detected c:\dokumente und einstellungen\marco\cookies\marco@atdmt[2].txt c:\dokumente und einstellungen\marco\cookies\marco@atdmt[3].txt Radar Spy 1.0 Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count Status: Deleted Infected cookies detected c:\dokumente und einstellungen\marco\cookies\marco@tradedoubler[2].txt c:\dokumente und einstellungen\marco\cookies\marco@tradedoubler[1].txt Weborama Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count Status: Deleted Infected cookies detected c:\dokumente und einstellungen\marco\cookies\marco@weborama[3].txt c:\dokumente und einstellungen\marco\cookies\marco@weborama[2].txt BS.Serving-Sys Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count Status: Deleted Infected cookies detected c:\dokumente und einstellungen\marco\cookies\marco@serving-sys[2].txt ad.yieldmanager Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count Status: Deleted Infected cookies detected c:\dokumente und einstellungen\marco\cookies\marco@ad.yieldmanager[2].txt SexList.com Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count Status: Deleted Infected cookies detected c:\dokumente und einstellungen\marco\cookies\marco@sexlist[1].txt |
|
|
|
|
|
|
10.07.2006, 01:53
Ehrenmitglied
Beiträge: 29434 |
#10
1.
ueberpruefe, ob das geloescht ist, wenn nicht, manuell loeschen: C:\Programme\WinAntiVirus Pro 2006 C:\Programme\Common Files c:\programme\netpumper 2. Counterspy killt immer nur einen Teil Dateien. Man muss also immer wieder den Quarantäne-Ordner von Counterspy leeren und wieder neu damit scannen, solange bis Counterspy nichts mehr findet. dann sollte wieder alles o.k. sein  Passe in Zukunft besser auf, was du laedst.__________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
|
10.07.2006, 08:37
Member
Themenstarter Beiträge: 11 |
#11
quarantände ordner war leer und die 3 ordner oben gibts auch nicht mehr
danke! muss ich in zukunft auf irgendwas bestimmtes achten? kann mich nämlich nicht dran erinnern mal was komisches runtergeladen zu haben greetz voudoo |
|
|
|
|
|
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!
bitte erst » hier kostenlos registrieren!!
Folgende Themen könnten Dich auch interessieren:
Seite(n): 1
Copyright © 2024, Protecus.de - Protecus Team - Impressum / Mediadaten
ich habe auch diesen antispywarebox und glaub noch einen, der pc will auch herunterfahren (mach dann "shutdown -a") und es kommt rechts unten der hinweis und ein link zu dieser antispywarebox.com und der prozess lsass.exe bringt einen fehler (fehlernr:1073741819).
ich hoffe mal, dass ich es richtig gemacht habe und poste mal die files:
hijickthis:
Logfile of HijackThis v1.99.1
Scan saved at 23:42:48, on 19.06.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Intel\Wireless\Bin\EvtEng.exe
C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\eManager\anbmServ.exe
C:\Programme\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
c:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe
D:\oracle\ora92\bin\omtsreco.exe
C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Synaptics\SynTP\SynTPLpr.exe
C:\Programme\Synaptics\SynTP\SynTPEnh.exe
C:\Programme\Arcade\PCMService.exe
C:\Programme\QuickTime\qttask.exe
C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\acer\epm\epm-dm.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programme\Launch Manager\QtZgAcer.EXE
C:\Programme\Acer\eRecovery\Monitor.exe
C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\ToADiMon.exe
C:\Programme\Java\jre1.5.0_06\bin\jusched.exe
C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe
C:\Programme\Real\RealPlayer\RealPlay.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Messenger\msmsgs.exe
C:\Programme\Skype\Phone\Skype.exe
C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\DOKUME~1\Marco\LOKALE~1\Temp\Rar$EX00.219\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://global.acer.com
O2 - BHO: (no name) - {00000000-59D4-4008-9058-080011001200} - (no file)
O2 - BHO: (no name) - {00000000-C1EC-0345-6EC2-4D0300000000} - (no file)
O2 - BHO: (no name) - {00000000-F09C-02B4-6EC2-AD0300000000} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {3ceff6cd-6f08-4e4d-bccd-ff7415288c3b} - (no file)
O2 - BHO: adobepnl.ADOBE_PANEL - {5E8FA924-DEF0-4E71-8A82-A11CA0C1413B} - C:\WINDOWS\system32\adobepnl.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7b55bb05-0b4d-44fd-81a6-b136188f5deb} - (no file)
O2 - BHO: (no name) - {8333c319-0669-4893-a418-f56d9249fca6} - (no file)
O2 - BHO: (no name) - {9c691a33-7dda-4c2f-be4c-c176083f35cf} - (no file)
O2 - BHO: (no name) - {e52dedbb-d168-4bdb-b229-c48160800e81} - (no file)
O2 - BHO: (no name) - {ffd2825e-0785-40c5-9a41-518f53a8261f} - (no file)
O3 - Toolbar: Yahoo! Toolbar mit Pop-Up-Blocker - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Programme\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [PCMService] "C:\Programme\Arcade\PCMService.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ATIPTA] C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [EPM-DM] c:\acer\epm\epm-dm.exe
O4 - HKLM\..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe boot
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [LManager] C:\Programme\Launch Manager\QtZgAcer.EXE
O4 - HKLM\..\Run: [eRecoveryService] C:\Programme\Acer\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [ToADiMon.exe] C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\ToADiMon.exe -TOnlineAutodialStart
O4 - HKLM\..\Run: [Balm frag jump web] C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\downloadbirdbalmfrag\16Time.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [RealTray] C:\Programme\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [Adware.Srv32] C:\WINDOWS\system32\runsrv32.exe
O4 - HKLM\..\Run: [Transponder] C:\WINDOWS\system32\susp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [book ante] C:\DOKUME~1\Marco\ANWEND~1\ELSEPL~1\AXISNEW.exe
O4 - HKCU\..\Run: [Skype] "C:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Startup: titanshield.lnk = C:\Programme\TitanShield Antispyware\titanshield.exe
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Senden an &Bluetooth - c:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O12 - Plugin for .mpeg: C:\Programme\Internet Explorer\PLUGINS\npqtplugin3.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: EvtEng - Intel Corporation - C:\Programme\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: OracleMTSRecoveryService - Oracle Corporation - D:\oracle\ora92\bin\omtsreco.exe
O23 - Service: OracleOraHome92ClientCache - Unknown owner - D:\oracle\ora92\BIN\ONRSD.EXE
O23 - Service: RegSrvc - Intel Corporation - C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
-----------------------------------------------------
datfind.bat:
system32.txt:
19.06.2006 23:25 0 eRLog.ini
19.06.2006 23:12 5.682 ikhcore.log
19.06.2006 22:48 0 users32.exe
19.06.2006 11:58 57.384 avsda.dll
19.06.2006 10:27 8 winlogon.ini
19.06.2006 10:27 0 lrf.dat
14.06.2006 10:16 26.112 adobepnl.dll
14.06.2006 10:16 67.076 vir.txt
14.06.2006 10:16 8.704 my_update.exe
14.06.2006 10:16 8 lud.dat
14.06.2006 10:16 963 scngcf.dat
14.06.2006 10:16 963 0,9310724
09.06.2006 11:12 13.312 winflash.dll
09.06.2006 11:12 13.312 qjrkvy.exe
09.06.2006 11:10 4 thlwin32.dll
09.06.2006 11:10 26.112 a.exe
09.06.2006 11:10 20.480 bridge.dll
09.06.2006 11:10 26.368 jao.dll
09.06.2006 11:10 12.544 udpmod.dll
09.06.2006 11:10 16.896 questmod.dll
09.06.2006 11:10 20.992 txfdb32.dll
09.06.2006 11:10 32.256 runsrv32.exe
09.06.2006 11:10 28.416 wstart.dll
09.06.2006 11:10 14.848 runsrv32.dll
09.06.2006 11:10 9.728 tcpservice2.exe
09.06.2006 11:10 16.128 alxres.dll
09.06.2006 11:10 11.776 dailytoolbar.dll
06.06.2006 13:40 1.158 wpa.dbl
06.06.2006 13:40 259.840 FNTCACHE.DAT
30.05.2006 17:32 34.064 lhacm.acm
29.05.2006 12:54 157.696 rmoc3260.dll
29.05.2006 12:54 25.088 prefscpl.cpl
29.05.2006 12:54 278.528 pncrt.dll
29.05.2006 12:54 6.656 pndx5016.dll
29.05.2006 12:54 5.632 pndx5032.dll
12.05.2006 20:48 100 LuResult.txt
04.05.2006 06:26 5.818.784 MRT.exe
27.04.2006 12:50 46.592 zlbw.dll
27.04.2006 12:49 4 winsub.xml
27.04.2006 12:49 62 svcp.csv
26.04.2006 14:59 250.544 KeyHelp.ocx
19.04.2006 13:30 2 stera.log
19.04.2006 13:28 7.932 jupdate-1.4.2_11-b06.log
18.04.2006 23:35 15.947 productregistry
18.04.2006 23:35 6.919 jupdate-1.5.0_06-b05.log
30.03.2006 11:26 1.492.480 shdocvw.dll
30.03.2006 03:16 18.944 xpsp3res.dll
23.03.2006 22:34 3.074.560 mshtml.dll
18.03.2006 13:09 615.424 urlmon.dll
17.03.2006 11:11 679.424 inetcomm.dll
17.03.2006 06:03 8.493.056 shell32.dll
17.03.2006 02:38 28.672 verclsid.exe
15.03.2006 07:29 53.770 perfc009.dat
15.03.2006 07:29 393.086 perfh007.dat
15.03.2006 07:29 902.476 PerfStringBackup.INI
15.03.2006 07:29 64.848 perfc007.dat
15.03.2006 07:29 382.026 perfh009.dat
14.03.2006 01:37 88 NULL
14.03.2006 01:37 23.392 nscompat.tlb
14.03.2006 01:37 16.832 amcompat.tlb
13.03.2006 21:55 308 results.txt
13.03.2006 21:52 856 $winnt$.inf
10.03.2006 06:09 5.533.696 wmp.dll
04.03.2006 05:34 664.064 wininet.dll
04.03.2006 05:34 39.424 pngfilt.dll
----------------------------------------------
temp.txt:
Datentr„ger in Laufwerk C: ist ACER
Volumeseriennummer: 320D-180E
Verzeichnis von C:\DOKUME~1\Marco\LOKALE~1\Temp
19.06.2006 23:34 10.927 jusched.log
19.06.2006 22:32 5.528 java_install_reg.log
19.06.2006 22:25 9.298.032 EAD8.exe
19.06.2006 22:24 0 EAD8.tmp
19.06.2006 21:11 16.384 ~DF1D38.tmp
19.06.2006 21:11 32.768 ~DF96C0.tmp
19.06.2006 20:55 32 PPGUID.txt
19.06.2006 20:30 1.540.712 5psk0o99.exe
19.06.2006 17:17 9.296.496 EAD7.exe
19.06.2006 17:17 0 EAD7.tmp
19.06.2006 17:11 16.384 ~DFED94.tmp
19.06.2006 17:11 32.768 ~DFC386.tmp
19.06.2006 17:11 16.384 ~DFFA81.tmp
19.06.2006 16:04 49.152 DW25F.tmp
19.06.2006 16:04 28.672 DW261.tmp
19.06.2006 16:04 473.920 ins59.tmp
19.06.2006 15:58 978 TmpICQMagic_{05736BBE-C20F-4F10-A6DE-4DB1E3564B0E}14775.html
19.06.2006 15:56 983 TmpICQMagic_{EC202595-1DFD-4301-A1EA-13C1E331B505}29394.html
18.06.2006 11:06 28.672 DW210.tmp
18.06.2006 11:06 49.152 DW2C.tmp
17.06.2006 09:23 28.672 DW271.tmp
17.06.2006 09:23 49.152 DW26F.tmp
16.06.2006 15:54 28.672 DW26A.tmp
16.06.2006 15:54 49.152 DW268.tmp
16.06.2006 15:10 717 control.xml
16.06.2006 04:11 114 DFC5A2B2.TMP
15.06.2006 16:44 49.152 DW24A.tmp
15.06.2006 16:44 28.672 DW24C.tmp
15.06.2006 11:56 49.152 DW242.tmp
15.06.2006 11:56 28.672 DW244.tmp
11.06.2006 11:42 49.152 DW22A.tmp
11.06.2006 11:42 28.672 DW22C.tmp
11.06.2006 11:31 49.152 DW221.tmp
11.06.2006 11:31 28.672 DW223.tmp
09.06.2006 11:27 28.672 DW2B.tmp
09.06.2006 11:27 49.152 DW29.tmp
09.06.2006 11:25 32.768 ~DF9A6F.tmp
08.06.2006 21:11 28.672 DW265.tmp
08.06.2006 21:11 49.152 DW263.tmp
08.06.2006 18:22 49.152 DW25C.tmp
08.06.2006 18:22 28.672 DW25E.tmp
08.06.2006 15:59 49.152 DW255.tmp
08.06.2006 15:59 28.672 DW257.tmp
08.06.2006 15:58 28.672 DW250.tmp
08.06.2006 15:58 49.152 DW24E.tmp
07.06.2006 17:23 28.672 DW21E.tmp
07.06.2006 17:23 49.152 DW21C.tmp
07.06.2006 12:26 28.672 DW216.tmp
07.06.2006 12:26 49.152 DW214.tmp
06.06.2006 16:47 28.672 DW2F.tmp
06.06.2006 16:47 49.152 DW2D.tmp
06.06.2006 14:09 28.672 DW28.tmp
06.06.2006 14:09 49.152 DW26.tmp
02.06.2006 13:07 16.384 ~DF8D0E.tmp
02.06.2006 13:07 16.384 ~DF9A94.tmp
02.06.2006 10:05 0 f6d201.tmp
01.06.2006 14:46 6.161 ICQ1B4.tmp
01.06.2006 14:46 17.972 ICQ1B5.tmp
01.06.2006 13:40 72.192 ~e5.0001
01.06.2006 10:02 2 Twain001.Mtx
01.06.2006 10:02 156 Twunk001.MTX
01.06.2006 10:02 723 TWAIN.LOG
01.06.2006 10:02 0 Twunk002.MTX
30.05.2006 10:54 227.328 EAD6.exe
30.05.2006 10:54 0 EAD6.tmp
29.05.2006 21:56 16.384 ~DF8E8D.tmp
29.05.2006 21:56 16.384 ~DFB371.tmp
29.05.2006 19:11 821.248 EAD5.exe
29.05.2006 19:11 0 EAD5.tmp
29.05.2006 18:37 16.384 ~DFFBB4.tmp
29.05.2006 18:37 16.384 ~DFC623.tmp
29.05.2006 13:12 12.264.732 tmp-3.xpi
29.05.2006 12:58 9.294.448 EAD4.exe
29.05.2006 12:57 0 EAD4.tmp
29.05.2006 12:54 16.384 ~DF9C63.tmp
29.05.2006 12:54 16.384 ~DF7B0F.tmp
29.05.2006 12:50 0 fc86D.tmp
29.05.2006 12:50 0 cq76C.tmp
29.05.2006 10:16 9.294.448 EAD3.exe
29.05.2006 10:15 0 EAD3.tmp
23.05.2006 12:11 939 jupdate1.5.0.xml
18.05.2006 20:54 32.768 ~DF1705.tmp
18.05.2006 20:54 16.384 ~DFCC0.tmp
18.05.2006 19:02 23.427 TFRB8.tmp
18.05.2006 19:02 71.682 TFRB4.tmp
18.05.2006 19:02 67.560 TFRC3.tmp
18.05.2006 19:02 21.122 TFRBD.tmp
18.05.2006 19:02 35.574 TFRB0.tmp
18.05.2006 19:02 10.225 TFRB3.tmp
18.05.2006 19:02 32.204 TFRAE.tmp
18.05.2006 19:02 27.777 TFRAD.tmp
18.05.2006 13:20 0 ir67F.tmp
16.05.2006 14:06 29.128 AAX56.tmp
16.05.2006 14:06 5.284 AAX58.tmp
16.05.2006 14:06 11.660 AAX52.tmp
16.05.2006 14:06 29.128 AAX46.tmp
15.05.2006 18:15 16.384 ~DF869E.tmp
15.05.2006 18:15 16.384 ~DF86B8.tmp
15.05.2006 18:15 16.384 ~DF8684.tmp
15.05.2006 18:15 16.384 ~DF39C9.tmp
15.05.2006 18:15 16.384 ~DF1D06.tmp
15.05.2006 18:15 16.384 ~DF86DA.tmp
15.05.2006 15:00 628.736 EAD2.exe
15.05.2006 15:00 0 EAD2.tmp
15.05.2006 08:32 4.165.632 EAD1.exe
15.05.2006 08:31 0 EAD1.tmp
12.05.2006 21:29 352.038 SNDUpdater54U.log
12.05.2006 21:28 12.720 SYMEVENT.LOG
12.05.2006 21:28 2.738 SNDunin.log
12.05.2006 21:28 5.035 IDSinst.LOG
12.05.2006 20:50 2.979.454 Norton AntiVirus 2005 5-12-2006 20h47m38s.log
12.05.2006 20:50 3.256 LSInstall.log
12.05.2006 20:50 63.084 symcprop.dat
12.05.2006 20:50 172 AVSTELiveUpdate.dat
12.05.2006 20:49 172 SSALiveUpdate.dat
12.05.2006 20:48 556 SymSCLiveUpdate.dat
12.05.2006 20:48 172 AVRES_OPTRF_LiveUpdate.dat
12.05.2006 20:46 19.132 MSIa4d9b.LOG
12.05.2006 20:46 19.132 MSIa4d99.LOG
12.05.2006 20:46 19.132 MSIa4d9a.LOG
12.05.2006 19:50 19.132 MSI6a721.LOG
12.05.2006 19:50 19.132 MSI6a720.LOG
12.05.2006 10:59 19.076 MSI51b12.LOG
12.05.2006 10:59 19.076 MSI51b11.LOG
12.05.2006 10:55 284 MSI10e43.LOG
12.05.2006 10:55 284 MSI10e44.LOG
12.05.2006 10:55 284 MSI10e45.LOG
11.05.2006 16:50 284 MSI12c89.LOG
10.05.2006 07:24 384 eclipse-project-desc8784bak
10.05.2006 07:24 226 eclipse-classpath-desc8785bak
09.05.2006 16:59 440 tmp18.tmp
09.05.2006 16:59 440 tmp7.tmp
09.05.2006 16:48 19.106 MSI5fda4.LOG
09.05.2006 16:48 19.106 MSI5fda3.LOG
09.05.2006 16:48 19.106 MSI5fda2.LOG
09.05.2006 08:33 284 MSI13803.LOG
08.05.2006 18:50 19.080 MSI1a2aa.LOG
08.05.2006 18:21 19.080 MSI6ab87.LOG
08.05.2006 11:33 284 MSI11ad6.LOG
07.05.2006 15:18 284 MSI107fa.LOG
06.05.2006 15:34 2.729 CdMkr70.ini
05.05.2006 15:28 0 832D0.dmp
05.05.2006 15:22 284 MSI13e7d.LOG
05.05.2006 15:22 284 MSI13e7c.LOG
05.05.2006 15:22 284 MSI13e7b.LOG
02.05.2006 19:37 39.424 1b4708.mst
02.05.2006 19:37 39.424 3621eb.mst
02.05.2006 18:40 284 MSI1654e.LOG
02.05.2006 18:40 284 MSI1654c.LOG
02.05.2006 18:40 284 MSI1654d.LOG
02.05.2006 18:36 40.645 CCCB.tmp
02.05.2006 18:36 40.632 CCC9.tmp
02.05.2006 18:36 40.609 CCC8.tmp
02.05.2006 18:31 284 MSI17d89.LOG
02.05.2006 18:31 284 MSI17d88.LOG
02.05.2006 18:31 284 MSI17d87.LOG
02.05.2006 16:39 28.028 AAX23.tmp
02.05.2006 16:39 30.400 AAX21.tmp
02.05.2006 16:23 30.400 AAX17.tmp
02.05.2006 12:55 284 MSI15c73.LOG
02.05.2006 12:55 284 MSI15c74.LOG
02.05.2006 12:55 284 MSI15c75.LOG
02.05.2006 12:50 284 MSI49365.LOG
02.05.2006 12:50 284 MSI49364.LOG
02.05.2006 12:50 284 MSI49363.LOG
02.05.2006 12:44 39.498 CC27E.tmp
02.05.2006 12:44 39.498 CC27D.tmp
02.05.2006 12:43 39.502 CC27C.tmp
02.05.2006 12:43 39.504 CC27B.tmp
02.05.2006 12:43 39.503 CC279.tmp
02.05.2006 12:29 39.674 CC188.tmp
02.05.2006 12:25 39.672 CC139.tmp
02.05.2006 11:14 284 MSI2fe6c.LOG
02.05.2006 11:14 284 MSI2fe6d.LOG
02.05.2006 11:14 284 MSI2fe6b.LOG
26.04.2006 15:19 19.080 MSI2346.LOG
24.04.2006 19:10 0 1.10.1.5230.deDE
24.04.2006 16:53 19.080 MSI9eb90.LOG
24.04.2006 16:53 19.080 MSI99469.LOG
24.04.2006 16:53 19.080 MSI99467.LOG
24.04.2006 16:53 19.080 MSI99468.LOG
24.04.2006 15:30 19.080 MSIe0b1f.LOG
24.04.2006 15:21 19.080 MSI529af.LOG
24.04.2006 15:19 19.080 MSI3944a.LOG
21.04.2006 16:57 19.024 MSI98423.LOG
21.04.2006 16:57 19.024 MSI98422.LOG
21.04.2006 10:51 19.080 MSI79e3d.LOG
20.04.2006 14:21 0 LAU2.tmp
20.04.2006 14:17 16.384 ~DF6EC.tmp
20.04.2006 14:17 16.384 ~DF2A00.tmp
19.04.2006 13:53 327.680 ~DFC417.tmp
19.04.2006 13:28 453.155 java_install.log
19.04.2006 13:27 143.872 1d963b1c.mst
19.04.2006 13:21 32.768 1d9131fd.mst
19.04.2006 08:28 461 wa6Support.log
19.04.2006 08:20 9.616.140 ~wa6psetup.exe
18.04.2006 23:35 219 Java_2_Platform__Enterprise_Edition_1.4_SDK_install.A04181130
18.04.2006 23:35 915.934 Java_2_Platform__Enterprise_Edition_1.4_SDK_install.B04181130
18.04.2006 23:35 1.917 Install_Application_Server_8PE_200604182330.log
18.04.2006 23:24 3.584 1a932d29.mst
18.04.2006 23:23 57.856 1a917680.mst
18.04.2006 23:02 3.584 1a7ed883.mst
18.04.2006 23:02 462 MSIdfb52.LOG
18.04.2006 23:00 57.856 1a7ced0e.mst
18.04.2006 22:59 304 GLF969.VBS
18.04.2006 22:57 224.569 Java_2_Platform__Enterprise_Edition_1.4_SDK_uninstall.B04181056
18.04.2006 22:57 207 Java_2_Platform__Enterprise_Edition_1.4_SDK_uninstall.A04181056
18.04.2006 22:56 270 Uninstall_Application_Server_8PE_200604182256.log
18.04.2006 22:55 462 MSI7aa70.LOG
18.04.2006 22:54 3.584 1a774bd5.mst
18.04.2006 18:46 57.856 1993de27.mst
18.04.2006 15:52 219 Java_2_Platform__Enterprise_Edition_1.4_SDK_install.A04180350
18.04.2006 15:52 870.374 Java_2_Platform__Enterprise_Edition_1.4_SDK_install.B04180350
18.04.2006 15:52 1.917 Install_Application_Server_8PE_200604181549.log
18.04.2006 11:00 0 1.10.0.5195.deDE
13.04.2006 12:58 16.384 ~DF1082.tmp
13.04.2006 12:58 16.384 ~DF773.tmp
12.04.2006 13:54 67.560 TFR9B.tmp
12.04.2006 13:54 27.777 TFR82.tmp
12.04.2006 13:54 32.204 TFR83.tmp
12.04.2006 13:54 35.574 TFR84.tmp
12.04.2006 13:54 21.122 TFR9A.tmp
12.04.2006 13:54 10.225 TFR86.tmp
12.04.2006 13:54 23.427 TFR94.tmp
12.04.2006 13:54 71.682 TFR87.tmp
12.04.2006 13:46 17.032 AAX7C.tmp
12.04.2006 13:45 42.948 +~JF49979.tmp
12.04.2006 13:45 47.144 +~JF49978.tmp
12.04.2006 13:32 47.144 +~JF62638.tmp
12.04.2006 13:26 4 install_end.txt
12.04.2006 13:26 2.845.657 tmp-2.xpi
12.04.2006 13:25 6 install_start.txt
12.04.2006 09:47 16.384 ~DF598F.tmp
12.04.2006 09:47 16.384 ~DF4E3A.tmp
11.04.2006 16:29 32.768 ~DFC632.tmp
11.04.2006 16:29 16.384 ~DFA033.tmp
11.04.2006 13:32 438 tmp5C.tmp
11.04.2006 11:15 426 IMTF.xml
11.04.2006 11:15 2.036 IMTE.xml
11.04.2006 11:15 797.676 IMT10.xml
11.04.2006 10:51 16.384 ~DF4A8C.tmp
11.04.2006 10:51 16.384 ~DF5530.tmp
10.04.2006 11:03 955 jinstall.cfg
10.04.2006 11:03 91.305 tmp-1.xpi
10.04.2006 08:49 3.661 msiutil(1).log
07.04.2006 09:27 0 3zm4BE.tmp
06.04.2006 11:59 9.638 Microsoft Office 2003 Setup(0001).txt
06.04.2006 11:59 14.259.972 Microsoft Office 2003 Setup(0001)_Task(0001).txt
06.04.2006 11:55 49.279 offcln11.log
31.03.2006 15:34 16.384 Perflib_Perfdata_d94.dat
29.03.2006 21:20 0 LAU12.tmp
29.03.2006 21:19 0 LAU10.tmp
29.03.2006 18:01 16.384 ~DF6C4B.tmp
29.03.2006 18:01 16.384 ~DF8E84.tmp
29.03.2006 13:54 0 WFT3AE.tmp
29.03.2006 13:54 0 WFT3AD.tmp
27.03.2006 09:28 0 LAU7.tmp
27.03.2006 09:27 0 LAU5.tmp
24.03.2006 03:58 0 LAU15.tmp
23.03.2006 20:39 11.467 Microsoft Office Visio for Enterprise Architects Setup(0001).txt
23.03.2006 20:39 93.164 Microsoft Office Visio for Enterprise Architects Setup(0001)_Task(0001).txt
23.03.2006 20:14 0 npvC.tmp
23.03.2006 19:14 16.384 ~DF9A17.tmp
23.03.2006 19:14 16.384 ~DFBE63.tmp
22.03.2006 09:31 0 LAUF.tmp
16.03.2006 18:39 0 LAU4.tmp
14.03.2006 22:24 7.216 netfxupdate.log
14.03.2006 22:23 17.064 netfxsl.log
14.03.2006 17:57 0 qzm4B.tmp
14.03.2006 14:30 919.931 tmp.xpi
14.03.2006 12:53 16.384 ~DF1ED4.tmp
14.03.2006 12:51 16.384 ~DFC2F7.tmp
14.03.2006 12:51 16.384 ~DF37A0.tmp
14.03.2006 12:51 512 ~DF37AA.tmp
14.03.2006 12:34 16.384 Perflib_Perfdata_710.dat
14.03.2006 07:40 16.384 ~DF1EEE.tmp
-----------------------------------------------------
windows.txt:
Datentr„ger in Laufwerk C: ist ACER
Volumeseriennummer: 320D-180E
Verzeichnis von C:\WINDOWS
19.06.2006 23:30 1.567.741 WindowsUpdate.log
19.06.2006 23:23 3.744 ModemLog_SoftV92 Data Fax Modem with SmartCP.txt
19.06.2006 23:23 0 0.log
19.06.2006 23:23 2.048 bootstat.dat
19.06.2006 23:21 168.404 ntbtlog.txt
19.06.2006 23:16 12 bthservsdp.dat
19.06.2006 23:16 32.234 SchedLgU.Txt
19.06.2006 18:03 0 pestpatrol5.INI
19.06.2006 18:01 900.439 setupapi.log
17.06.2006 18:15 830 win.ini
16.06.2006 15:10 71.446 wmsetup.log
09.06.2006 11:10 283 x.gif
09.06.2006 11:10 1.791 win_logo.gif
09.06.2006 11:10 3.877 warning_icon.gif
09.06.2006 11:10 291 v.gif
09.06.2006 11:10 1.014 warning-bar-ico.gif
09.06.2006 11:10 2.374 ts_header.gif
09.06.2006 11:10 688 ts.gif
09.06.2006 11:10 223 star_gray_small.gif
09.06.2006 11:10 425 star_gray.gif
09.06.2006 11:10 550 star_small.gif
09.06.2006 11:10 49 spacer.gif
09.06.2006 11:10 6.399 spyware-detected.gif
09.06.2006 11:10 963 spacer.gif'
09.06.2006 11:10 53 sep_vert.gif
09.06.2006 11:10 639 star.gif
09.06.2006 11:10 6.695 security_center_caption.gif
09.06.2006 11:10 10.809 security-center-logo.gif
09.06.2006 11:10 65 sep_hor.gif
09.06.2006 11:10 177 security-center-bg.gif
09.06.2006 11:10 2.735 scan_btn.gif
09.06.2006 11:10 2.271 rf_header.gif
09.06.2006 11:10 215 main_back.gif
09.06.2006 11:10 1.204 infected.gif
09.06.2006 11:10 11.077 header_4.gif
09.06.2006 11:10 611 rf.gif
09.06.2006 11:10 15.421 header_2.gif
09.06.2006 11:10 10.193 header_3.gif
09.06.2006 11:10 25.023 header_1.gif
09.06.2006 11:10 2.306 footer_back.gif
09.06.2006 11:10 2.238 download_box.gif
09.06.2006 11:10 592 features.gif
09.06.2006 11:10 2.922 footer_back.jpg
09.06.2006 11:10 64 close-bar.gif
09.06.2006 11:10 2.067 button_freescan.gif
09.06.2006 11:10 1.682 button_buynow.gif
09.06.2006 11:10 11.602 box_3.gif
09.06.2006 11:10 5.741 box_1.gif
09.06.2006 11:10 12.019 box_2.gif
09.06.2006 11:10 2.695 as_header.gif
09.06.2006 11:10 847 as.gif
09.06.2006 11:10 72 bg.gif
09.06.2006 11:10 110 about_spyware_bg.gif
09.06.2006 11:10 372 about_spyware_bottom.gif
09.06.2006 11:10 13.056 Pynix.dll
09.06.2006 11:10 13.056 dlmax.dll
09.06.2006 11:10 25.344 BTGrab.dll
09.06.2006 11:10 15.616 susp.exe
09.06.2006 11:10 13.312 ZServ.dll
09.06.2006 11:10 32.000 alexaie.dll
09.06.2006 11:10 14.336 alxtb1.dll
09.06.2006 11:10 31.744 alxie328.dll
08.06.2006 21:56 214 wiadebug.log
08.06.2006 21:56 50 wiaservc.log
06.06.2006 14:06 71.035 Directx.log
02.06.2006 12:23 6.812 mozver.dat
02.06.2006 10:05 69 NeroDigital.ini
31.05.2006 17:23 23 BlendSettings.ini
30.05.2006 12:24 54.156 QTFont.qfn
18.05.2006 16:47 1.409 QTFont.for
15.05.2006 09:23 14.226 KB913580.log
15.05.2006 09:23 109.221 comsetup.log
15.05.2006 09:23 64.370 ntdtcsetup.log
15.05.2006 09:23 116.956 tsoc.log
15.05.2006 09:23 16.275 ocmsn.log
15.05.2006 09:23 46.805 iis6.log
15.05.2006 09:23 1.374 imsins.log
15.05.2006 09:23 14.776 msgsocm.log
15.05.2006 09:23 145.905 ocgen.log
15.05.2006 09:23 313.367 FaxSetup.log
15.05.2006 09:21 18.526 updspapi.log
12.05.2006 21:29 13.269 LUINSTALL.LOG
27.04.2006 13:40 1.374 imsins.BAK
27.04.2006 13:40 12.634 KB900485.log
26.04.2006 22:04 219.905 setupact.log
20.04.2006 18:01 2 msoffice.ini
20.04.2006 14:45 21.616 KB908531.log
20.04.2006 14:45 15.143 KB911562.log
20.04.2006 14:45 18.218 KB912812.log
20.04.2006 14:45 11.421 KB911567.log
13.04.2006 19:35 1.830 spupdsvc.log
13.04.2006 12:59 20.960 KB911565.log
11.04.2006 13:24 2.425 A-T-PDF.ini
06.04.2006 11:58 400 ODBC.INI
14.03.2006 22:26 49.029 KB899587.log
14.03.2006 22:26 48.097 KB896422.log
14.03.2006 22:26 47.890 KB885835.log
14.03.2006 22:26 46.835 KB885836.log
14.03.2006 22:26 47.581 KB885250.log
14.03.2006 22:26 47.778 KB911927.log
14.03.2006 22:26 47.312 KB901017.log
14.03.2006 22:26 47.594 KB899591.log
14.03.2006 22:26 47.783 KB896424.log
14.03.2006 22:26 47.774 KB893756.log
14.03.2006 22:26 30.371 KB896423.log
14.03.2006 22:26 45.362 KB873339.log
14.03.2006 22:26 45.430 KB888113.log
14.03.2006 22:25 45.802 KB887742.log
14.03.2006 22:25 45.574 KB887472.log
14.03.2006 22:25 46.187 KB896358.log
14.03.2006 22:25 23.136 KB910437.log
14.03.2006 22:25 21.015 KB911564.log
14.03.2006 22:25 49.321 KB905915.log
14.03.2006 22:25 27.249 KB891781.log
14.03.2006 22:25 33.636 KB902400.log
14.03.2006 22:24 24.289 KB890046.log
14.03.2006 22:24 23.545 KB905414.log
14.03.2006 22:24 22.538 KB901214.log
14.03.2006 22:24 21.864 KB888302.log
14.03.2006 22:24 23.745 KB900725.log
14.03.2006 22:24 20.805 KB912919.log
14.03.2006 22:23 12.370 KB886185.log
14.03.2006 22:23 19.989 KB904706.log
14.03.2006 22:23 19.989 KB901190.log
14.03.2006 22:23 20.610 KB905749.log
14.03.2006 22:23 19.398 KB896428.log
14.03.2006 22:23 20.081 KB894391.log
14.03.2006 22:23 17.792 KB908519.log
14.03.2006 22:23 11.341 KB913446.log
14.03.2006 22:23 20.060 KB890859.log
14.03.2006 07:28 9.694 KB893803v2.log
14.03.2006 07:27 8.821 KB898461.log
14.03.2006 01:37 242 wmsetup10.log
14.03.2006 01:37 316.640 WMSysPr9.prx
14.03.2006 01:33 211 uno.ini
13.03.2006 23:41 107.134 UninstallFirefox.exe
13.03.2006 22:02 89 ALAUNCH.INI
-----------------------------------------------------------
c.txt:
Datentr„ger in Laufwerk C: ist ACER
Volumeseriennummer: 320D-180E
Verzeichnis von C:\
19.06.2006 23:38 0 sys.txt
19.06.2006 23:38 11.434 system.txt
19.06.2006 23:37 16.010 systemtemp.txt
19.06.2006 23:36 105.975 system32.txt
19.06.2006 23:23 1.071.763.456 hiberfil.sys
19.06.2006 23:23 1.610.612.736 pagefile.sys
19.06.2006 21:14 7.529 caisslog.txt
14.03.2006 01:37 597 TO_InstallLog.txt
13.03.2006 23:49 6 ISACER.ID
13.03.2006 21:52 211 boot.ini
31.03.2005 17:23 75 PRELOAD.AAA
31.03.2005 17:11 774 IPH.PH
31.03.2005 02:18 50 AUTOEXEC.BAT
31.03.2005 01:49 0 CONFIG.SYS
31.03.2005 01:49 0 IO.SYS
31.03.2005 01:49 0 MSDOS.SYS
04.08.2004 05:00 4.952 bootfont.bin
04.08.2004 05:00 251.184 ntldr
04.08.2004 05:00 47.564 NTDETECT.COM
19 Datei(en) 2.682.822.553 Bytes
0 Verzeichnis(se), 15.414.394.880 Bytes frei
--------------------------------------------------------
einfach anschreien wenn ich was falsch gemacht habe
(hätte ich es als anhang machen müssen?!)