Panda Scan zeigt viele Spyware Einträge |
||
|---|---|---|
| #0
| ||
|
01.08.2006, 10:54
...neu hier
Beiträge: 6 |
#1
Ich habe den Panda Scan durchgeführt und habe dabei entdeckt das ich doch viel Spyware auf dem PC habe. Ich hoffe auf eure Hilfe.
Anhang: Activescan.txt
|
|
 
|
|
|
|
01.08.2006, 16:32
Ehrenmitglied
 Beiträge: 29434 |
#2
FC_Liverpool
1. Look2Me-Destroyer V1.0.5 http://virus-protect.org/l2mfix.html poste den report 2. stelle den CleanUp genauso ein, wie hier angegeben: + Rechner neustarten http://virus-protect.org/cleanup.html 3. Den folgenden Text in den Editor (Start - Zubehör - Editor) kopieren und als listen.bat mit 'Speichern unter' auf dem Desktop. Gebe bei Dateityp 'Alle Dateien' an. Du solltest jetzt auf dem Desktop diese Datei finden. --> die listen.bat doppelt klicken--> kopiere den Text, der erscheint Zitat cd\4. Kopiere diese 4 Textdateien ab . (rechtsklick mit der Maus -> den Text markieren -> kopieren -> einfügen) Sie sind nach Datum geordnet. (kopiere nur die letzten 3 Monate ab) http://virus-protect.org/datfindbat.html 5. poste das log http://virus-protect.org/artikel/tools/combofix.html __________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
|
02.08.2006, 07:09
...neu hier
Themenstarter Beiträge: 6 |
#3
1.) Look2Me-Destroyer V1.0.12
Scanning for infected files..... Scan started at 02.08.2006 06:45:02 Infected! C:\WINDOWS\system32\hrp0057me.dll Infected! C:\WINDOWS\system32\j04olah31d4.dll Infected! C:\WINDOWS\system32\j2l40c3qef.dll Infected! C:\WINDOWS\system32\j40s0ed7eh0.dll Infected! C:\WINDOWS\system32\jt2207foe.dll Infected! C:\WINDOWS\system32\jt4607hse.dll Infected! C:\WINDOWS\system32\jt4u07h9e.dll Infected! C:\WINDOWS\system32\jt8607lse.dll Infected! C:\WINDOWS\system32\jtlu0739e.dll Infected! C:\WINDOWS\system32\k0pmla711d.dll Infected! C:\WINDOWS\system32\k244lchq1f4e.dll Infected! C:\WINDOWS\system32\k2pm0c71ef.dll Infected! C:\WINDOWS\system32\k462lejo1hoc.dll Infected! C:\WINDOWS\system32\k6080gdue6080.dll Infected! C:\WINDOWS\system32\k6260gfse6260.dll Infected! C:\WINDOWS\system32\k8noli5318.dll Infected! C:\WINDOWS\system32\kedmlt48.dll Infected! C:\WINDOWS\system32\kndkyr.dll Infected! C:\WINDOWS\system32\kodgae.dll Infected! C:\WINDOWS\system32\kt88l7lu1.dll Infected! C:\WINDOWS\system32\kt8ul7l91.dll Infected! C:\WINDOWS\system32\ktpol7731.dll Infected! C:\WINDOWS\system32\ktr2l79o1.dll Infected! C:\WINDOWS\system32\kwdur.dll Infected! C:\WINDOWS\system32\l60ulgd9160.dll Infected! C:\WINDOWS\system32\l62slgf7162.dll Infected! C:\WINDOWS\system32\l88mlil118q.dll Infected! C:\WINDOWS\system32\lv0609dse.dll Infected! C:\WINDOWS\system32\lv2809fue.dll Infected! C:\WINDOWS\system32\lv2u09f9e.dll Infected! C:\WINDOWS\system32\lv6q09j5e.dll Infected! C:\WINDOWS\system32\lvcalspl.dll Infected! C:\WINDOWS\system32\lvl6093se.dll Infected! C:\WINDOWS\system32\lvlm0931e.dll Infected! C:\WINDOWS\system32\lvnq0955e.dll Infected! C:\WINDOWS\system32\lvp4097qe.dll Infected! C:\WINDOWS\system32\lvr4099qe.dll Infected! C:\WINDOWS\system32\lvr8099ue.dll Infected! C:\WINDOWS\system32\lvrs0997e.dll Infected! C:\WINDOWS\system32\m0820aloedqc0.dll Infected! C:\WINDOWS\system32\m0ju0a19ed.dll Infected! C:\WINDOWS\system32\m2280cfuef280.dll Infected! C:\WINDOWS\system32\m4280efueh280.dll Infected! C:\WINDOWS\system32\m6640gjqe6oe0.dll Infected! C:\WINDOWS\system32\mcise.dll Infected! C:\WINDOWS\system32\mgxml3.dll Infected! C:\WINDOWS\system32\mixml3r.dll Infected! C:\WINDOWS\system32\mnisip.dll Infected! C:\WINDOWS\system32\mv4sl9h71.dll Infected! C:\WINDOWS\system32\mxrdim.dll Infected! C:\WINDOWS\system32\n06q0aj5edo.dll Infected! C:\WINDOWS\system32\n06qlaj51do.dll Infected! C:\WINDOWS\system32\n2p4lc7q1f.dll Infected! C:\WINDOWS\system32\n4l8le3u1h.dll Infected! C:\WINDOWS\system32\n84slih7184.dll Infected! C:\WINDOWS\system32\nbdsapi.dll Infected! C:\WINDOWS\system32\ndconrm.dll Infected! C:\WINDOWS\system32\nhlsapi.dll Infected! C:\WINDOWS\system32\nrwrseng.dll Infected! C:\WINDOWS\system32\nywrsde.dll Infected! C:\WINDOWS\system32\o0ns0a57ed.dll Infected! C:\WINDOWS\system32\o0ro0a93ed.dll Infected! C:\WINDOWS\system32\o2lu0c39ef.dll Infected! C:\WINDOWS\system32\o4480ehueh480.dll Infected! C:\WINDOWS\system32\o4pqle751h.dll Infected! C:\WINDOWS\system32\p0p6la7s1d.dll Infected! C:\WINDOWS\system32\p46s0ej7eho.dll Infected! C:\WINDOWS\system32\p8n80i5ue8.dll Infected! C:\WINDOWS\system32\pldrv.dll Infected! C:\WINDOWS\system32\ptrfts.dll Infected! C:\WINDOWS\system32\pyfmgr.dll Infected! C:\WINDOWS\system32\q2rq0c95ef.dll Infected! C:\WINDOWS\system32\q2rqlc951f.dll Infected! C:\WINDOWS\system32\q6nulg5916.dll Infected! C:\WINDOWS\system32\q8rq0i95e8.dll Infected! C:\WINDOWS\system32\r28s0cl7efq.dll Infected! C:\WINDOWS\system32\r2p80c7uef.dll Infected! C:\WINDOWS\system32\r46u0ej9eho.dll Infected! C:\WINDOWS\system32\r48s0el7ehq.dll Infected! C:\WINDOWS\system32\r66ulgj916o.dll Infected! C:\WINDOWS\system32\r86u0ij9e8o.dll Infected! C:\WINDOWS\system32\rfcns4.dll Infected! C:\WINDOWS\system32\rffsaps.dll Infected! C:\WINDOWS\system32\ripwsx.dll Infected! C:\WINDOWS\system32\rWsmxs.dll Infected! C:\WINDOWS\system32\rymps.dll Infected! C:\WINDOWS\system32\s0pula791d.dll Infected! C:\WINDOWS\system32\sdclient.dll Infected! C:\WINDOWS\system32\sesbkup.dll Infected! C:\WINDOWS\system32\slredir.dll Infected! C:\WINDOWS\system32\ssdoclc.dll Infected! C:\WINDOWS\system32\svgina.dll Infected! C:\WINDOWS\system32\t0r80a9ued.dll Infected! C:\WINDOWS\system32\u6rulg9916.dll Infected! C:\WINDOWS\system32\vqpodbc.dll Infected! C:\WINDOWS\system32\wcaservc.dll Infected! C:\WINDOWS\system32\wI5inf16.dll Infected! C:\WINDOWS\system32\wkhbth.dll Infected! C:\WINDOWS\system32\wperrDEU.dll Infected! C:\WINDOWS\system32\wvdtrace.dll Infected! C:\WINDOWS\system32\wvpdxm.dll Infected! C:\WINDOWS\system32\zapfldr.dll Attempting to delete infected files... Attempting to delete: C:\WINDOWS\system32\hrp0057me.dll C:\WINDOWS\system32\hrp0057me.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\j04olah31d4.dll C:\WINDOWS\system32\j04olah31d4.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\j2l40c3qef.dll C:\WINDOWS\system32\j2l40c3qef.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\j40s0ed7eh0.dll C:\WINDOWS\system32\j40s0ed7eh0.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\jt2207foe.dll C:\WINDOWS\system32\jt2207foe.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\jt4607hse.dll C:\WINDOWS\system32\jt4607hse.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\jt4u07h9e.dll C:\WINDOWS\system32\jt4u07h9e.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\jt8607lse.dll C:\WINDOWS\system32\jt8607lse.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\jtlu0739e.dll C:\WINDOWS\system32\jtlu0739e.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\k0pmla711d.dll C:\WINDOWS\system32\k0pmla711d.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\k244lchq1f4e.dll C:\WINDOWS\system32\k244lchq1f4e.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\k2pm0c71ef.dll C:\WINDOWS\system32\k2pm0c71ef.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\k462lejo1hoc.dll C:\WINDOWS\system32\k462lejo1hoc.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\k6080gdue6080.dll C:\WINDOWS\system32\k6080gdue6080.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\k6260gfse6260.dll C:\WINDOWS\system32\k6260gfse6260.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\k8noli5318.dll C:\WINDOWS\system32\k8noli5318.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\kedmlt48.dll C:\WINDOWS\system32\kedmlt48.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\kndkyr.dll C:\WINDOWS\system32\kndkyr.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\kodgae.dll C:\WINDOWS\system32\kodgae.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\kt88l7lu1.dll C:\WINDOWS\system32\kt88l7lu1.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\kt8ul7l91.dll C:\WINDOWS\system32\kt8ul7l91.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\ktpol7731.dll C:\WINDOWS\system32\ktpol7731.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\ktr2l79o1.dll C:\WINDOWS\system32\ktr2l79o1.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\kwdur.dll C:\WINDOWS\system32\kwdur.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\l60ulgd9160.dll C:\WINDOWS\system32\l60ulgd9160.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\l62slgf7162.dll C:\WINDOWS\system32\l62slgf7162.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\l88mlil118q.dll C:\WINDOWS\system32\l88mlil118q.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\lv0609dse.dll C:\WINDOWS\system32\lv0609dse.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\lv2809fue.dll C:\WINDOWS\system32\lv2809fue.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\lv2u09f9e.dll C:\WINDOWS\system32\lv2u09f9e.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\lv6q09j5e.dll C:\WINDOWS\system32\lv6q09j5e.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\lvcalspl.dll C:\WINDOWS\system32\lvcalspl.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\lvl6093se.dll C:\WINDOWS\system32\lvl6093se.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\lvlm0931e.dll C:\WINDOWS\system32\lvlm0931e.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\lvnq0955e.dll C:\WINDOWS\system32\lvnq0955e.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\lvp4097qe.dll C:\WINDOWS\system32\lvp4097qe.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\lvr4099qe.dll C:\WINDOWS\system32\lvr4099qe.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\lvr8099ue.dll C:\WINDOWS\system32\lvr8099ue.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\lvrs0997e.dll C:\WINDOWS\system32\lvrs0997e.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\m0820aloedqc0.dll C:\WINDOWS\system32\m0820aloedqc0.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\m0ju0a19ed.dll C:\WINDOWS\system32\m0ju0a19ed.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\m2280cfuef280.dll C:\WINDOWS\system32\m2280cfuef280.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\m4280efueh280.dll C:\WINDOWS\system32\m4280efueh280.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\m6640gjqe6oe0.dll C:\WINDOWS\system32\m6640gjqe6oe0.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\mcise.dll C:\WINDOWS\system32\mcise.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\mgxml3.dll C:\WINDOWS\system32\mgxml3.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\mixml3r.dll C:\WINDOWS\system32\mixml3r.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\mnisip.dll C:\WINDOWS\system32\mnisip.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\mv4sl9h71.dll C:\WINDOWS\system32\mv4sl9h71.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\mxrdim.dll C:\WINDOWS\system32\mxrdim.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\n06q0aj5edo.dll C:\WINDOWS\system32\n06q0aj5edo.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\n06qlaj51do.dll C:\WINDOWS\system32\n06qlaj51do.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\n2p4lc7q1f.dll C:\WINDOWS\system32\n2p4lc7q1f.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\n4l8le3u1h.dll C:\WINDOWS\system32\n4l8le3u1h.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\n84slih7184.dll C:\WINDOWS\system32\n84slih7184.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\nbdsapi.dll C:\WINDOWS\system32\nbdsapi.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\ndconrm.dll C:\WINDOWS\system32\ndconrm.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\nhlsapi.dll C:\WINDOWS\system32\nhlsapi.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\nrwrseng.dll C:\WINDOWS\system32\nrwrseng.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\nywrsde.dll C:\WINDOWS\system32\nywrsde.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\o0ns0a57ed.dll C:\WINDOWS\system32\o0ns0a57ed.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\o0ro0a93ed.dll C:\WINDOWS\system32\o0ro0a93ed.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\o2lu0c39ef.dll C:\WINDOWS\system32\o2lu0c39ef.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\o4480ehueh480.dll C:\WINDOWS\system32\o4480ehueh480.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\o4pqle751h.dll C:\WINDOWS\system32\o4pqle751h.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\p0p6la7s1d.dll C:\WINDOWS\system32\p0p6la7s1d.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\p46s0ej7eho.dll C:\WINDOWS\system32\p46s0ej7eho.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\p8n80i5ue8.dll C:\WINDOWS\system32\p8n80i5ue8.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\pldrv.dll C:\WINDOWS\system32\pldrv.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\ptrfts.dll C:\WINDOWS\system32\ptrfts.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\pyfmgr.dll C:\WINDOWS\system32\pyfmgr.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\q2rq0c95ef.dll C:\WINDOWS\system32\q2rq0c95ef.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\q2rqlc951f.dll C:\WINDOWS\system32\q2rqlc951f.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\q6nulg5916.dll C:\WINDOWS\system32\q6nulg5916.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\q8rq0i95e8.dll C:\WINDOWS\system32\q8rq0i95e8.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\r28s0cl7efq.dll C:\WINDOWS\system32\r28s0cl7efq.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\r2p80c7uef.dll C:\WINDOWS\system32\r2p80c7uef.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\r46u0ej9eho.dll C:\WINDOWS\system32\r46u0ej9eho.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\r48s0el7ehq.dll C:\WINDOWS\system32\r48s0el7ehq.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\r66ulgj916o.dll C:\WINDOWS\system32\r66ulgj916o.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\r86u0ij9e8o.dll C:\WINDOWS\system32\r86u0ij9e8o.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\rfcns4.dll C:\WINDOWS\system32\rfcns4.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\rffsaps.dll C:\WINDOWS\system32\rffsaps.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\ripwsx.dll C:\WINDOWS\system32\ripwsx.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\rWsmxs.dll C:\WINDOWS\system32\rWsmxs.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\rymps.dll C:\WINDOWS\system32\rymps.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\s0pula791d.dll C:\WINDOWS\system32\s0pula791d.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\sdclient.dll C:\WINDOWS\system32\sdclient.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\sesbkup.dll C:\WINDOWS\system32\sesbkup.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\slredir.dll C:\WINDOWS\system32\slredir.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\ssdoclc.dll C:\WINDOWS\system32\ssdoclc.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\svgina.dll C:\WINDOWS\system32\svgina.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\t0r80a9ued.dll C:\WINDOWS\system32\t0r80a9ued.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\u6rulg9916.dll C:\WINDOWS\system32\u6rulg9916.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\vqpodbc.dll C:\WINDOWS\system32\vqpodbc.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\wcaservc.dll C:\WINDOWS\system32\wcaservc.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\wI5inf16.dll C:\WINDOWS\system32\wI5inf16.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\wkhbth.dll C:\WINDOWS\system32\wkhbth.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\wperrDEU.dll C:\WINDOWS\system32\wperrDEU.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\wvdtrace.dll C:\WINDOWS\system32\wvdtrace.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\wvpdxm.dll C:\WINDOWS\system32\wvpdxm.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\zapfldr.dll C:\WINDOWS\system32\zapfldr.dll Deleted successfully! Making registry repairs. Restoring Windows certificates. Replaced hosts file with default windows hosts file Restoring SeDebugPrivilege for Administratoren – Succeeded --------------------------------------------------------------- 3.) Datentr„ger in Laufwerk C: ist System Volumeseriennummer: 34AB-C7E5 Verzeichnis von C:\WINDOWS\Downloaded Program Files 11.04.2006 17:10 135.168 asinst.dll 03.04.2006 11:00 537 asinst.inf 09.01.2004 13:39 3.237 awswax.inf 05.07.2005 17:19 251 DownloadManagerV2.inf 05.07.2005 17:30 262.144 DownloadManagerV2.ocx 25.07.2002 18:13 24.576 dwusplay.dll 25.07.2002 18:13 196.608 dwusplay.exe 09.02.2005 17:54 1.271 erma.inf 16.06.2004 06:02 323.584 isusweb.dll 29.06.2005 19:17 227 opuc.inf 08.12.2003 13:58 3.759 swflash.inf 03.08.2004 14:51 293 wuweb.inf 12 Datei(en) 951.655 Bytes 0 Verzeichnis(se), 67.282.210.816 Bytes frei Datentr„ger in Laufwerk C: ist System Volumeseriennummer: 34AB-C7E5 Verzeichnis von C:\Programme Datentr„ger in Laufwerk C: ist System Volumeseriennummer: 34AB-C7E5 Verzeichnis von C:\Dokumente und Einstellungen\Rossmann Datentr„ger in Laufwerk C: ist System Volumeseriennummer: 34AB-C7E5 Verzeichnis von C:\Program Files 01.11.2005 09:14 <DIR> . 01.11.2005 09:14 <DIR> .. 22.05.2006 06:51 <DIR> ICQLite 30.06.2005 19:30 <DIR> Musicmatch 0 Datei(en) 0 Bytes 4 Verzeichnis(se), 67.282.210.816 Bytes frei Datentr„ger in Laufwerk C: ist System Volumeseriennummer: 34AB-C7E5 Verzeichnis von C:\Dokumente und Einstellungen\Rossmann\Lokale Einstellungen\Temp 02.08.2006 06:55 <DIR> . 02.08.2006 06:55 <DIR> .. 24.07.2006 10:56 146.432 180980.mst 24.07.2006 10:56 146.432 56593b.mst 18.11.2004 22:25 684.032 AutoRun.exe 14.11.2004 16:08 929.792 AutoRunGUI.dll 25.07.2006 10:48 <DIR> bye14.tmp 26.07.2006 09:26 <DIR> bye5B.tmp 25.07.2006 10:44 <DIR> bye9.tmp 24.07.2006 10:57 81.920 ea1.rra 25.07.2006 10:48 <DIR> isp12.tmp 26.07.2006 09:25 <DIR> isp59.tmp 25.07.2006 10:44 <DIR> isp7.tmp 29.06.2006 16:28 237.810 MSI67d43.LOG 25.07.2006 10:49 107.512 Set38.tmp 23.06.2006 13:30 <DIR> VBE 26.07.2006 08:45 409 WGANotify.settings 29.06.2006 13:36 <DIR> Word8.0 07.09.2004 00:01 229.376 _is3A.tmp 07.09.2004 00:01 229.376 _is5.tmp 26.07.2006 09:08 <DIR> {4089999C-6CB7-4F9D-A2F6-DB158DBF91FB} 31.07.2006 10:49 <DIR> {70FF7DF1-E69E-47df-9AA6-F062FADD6146} 02.08.2006 06:43 16.384 ~DF5865.tmp 02.08.2006 06:43 512 ~DF586D.tmp 02.08.2006 06:43 16.384 ~DF607B.tmp 28.06.2006 06:48 16.384 ~DF92F3.tmp 29.06.2006 18:05 16.384 ~DF9375.tmp 29.06.2006 18:05 512 ~DF937D.tmp 28.06.2006 06:48 16.384 ~DF9B5A.tmp 29.06.2006 18:05 16.384 ~DFA166.tmp 04.07.2006 16:57 16.384 ~DFAAF9.tmp 04.07.2006 16:57 512 ~DFAB02.tmp 04.07.2006 16:57 16.384 ~DFB77B.tmp 01.08.2006 11:04 73.276 ~e5.0001 22 Datei(en) 2.998.975 Bytes 12 Verzeichnis(se), 67.282.210.816 Bytes frei Datentr„ger in Laufwerk C: ist System Volumeseriennummer: 34AB-C7E5 Verzeichnis von C:\WINDOWS\Temp 02.08.2006 06:55 <DIR> . 02.08.2006 06:55 <DIR> .. 02.08.2006 06:55 255 WGAErrLog.txt 02.08.2006 06:55 408 WGANotify.settings 02.08.2006 06:45 16.384 ~DF3CBE.tmp 3 Datei(en) 17.047 Bytes 2 Verzeichnis(se), 67.282.210.816 Bytes frei Datentr„ger in Laufwerk C: ist System Volumeseriennummer: 34AB-C7E5 Verzeichnis von C:\Temp 21.10.2005 06:51 <DIR> . 21.10.2005 06:51 <DIR> .. 0 Datei(en) 0 Bytes 2 Verzeichnis(se), 67.282.210.816 Bytes frei Datentr„ger in Laufwerk C: ist System Volumeseriennummer: 34AB-C7E5 Verzeichnis von C:\Programme 01.08.2006 09:32 <DIR> . 01.08.2006 09:32 <DIR> .. 02.03.2006 16:04 <DIR> Activision 20.11.2005 10:28 <DIR> Adobe 01.07.2005 14:32 <DIR> Ahead 09.06.2005 13:59 <DIR> Alcatel 01.06.2005 17:22 <DIR> AMD 01.08.2006 10:28 <DIR> AntiVir PersonalEdition Classic 09.06.2005 14:13 <DIR> ArcSoft 29.03.2006 17:20 <DIR> Bethesda Softworks 10.03.2006 14:22 <DIR> bitmedia 29.08.2005 09:23 <DIR> Borland 09.06.2005 14:14 <DIR> Canon 10.06.2006 11:36 <DIR> CCleaner 02.08.2006 06:51 <DIR> CleanUp! 01.06.2005 17:01 <DIR> ComPlus Applications 01.06.2005 22:23 <DIR> Creative 16.06.2006 17:00 <DIR> Cyanide 30.06.2005 19:10 <DIR> CyberLink 01.08.2006 09:38 <DIR> Das Fussball Studio 12.11.2005 17:07 <DIR> Deep Silver 21.05.2006 14:31 <DIR> Deluxe Ski Jump 3 26.05.2006 08:12 <DIR> directx 31.03.2006 07:23 <DIR> DivX 03.07.2006 14:21 <DIR> EA GAMES 06.06.2006 08:12 <DIR> EA SPORTS 27.06.2005 14:05 <DIR> Firaxis Games 03.07.2006 17:36 <DIR> Firefly Studios 07.06.2006 15:59 <DIR> GameSpy Arcade 29.08.2005 09:23 <DIR> GameStar 27.05.2006 12:53 <DIR> Gemeinsame Dateien 01.08.2006 10:40 <DIR> Google 31.07.2006 17:45 <DIR> ICQLite 27.05.2006 13:00 <DIR> Incomplete 01.08.2006 10:40 <DIR> Internet Explorer 01.06.2005 22:23 <DIR> InterVideo 25.09.2005 13:50 <DIR> iPod 01.08.2006 10:40 <DIR> iTunes 22.10.2005 10:49 <DIR> Jasc Software Inc 18.05.2006 16:31 <DIR> Java 07.01.2006 19:18 <DIR> JoWood 06.02.2006 07:59 <DIR> Kaspersky Lab 08.06.2006 16:50 <DIR> Lavasoft 29.05.2006 06:43 <DIR> Logitech 24.12.2005 21:47 <DIR> LucasArts 25.01.2006 15:53 <DIR> Macromedia 01.08.2006 10:41 <DIR> Messenger 01.06.2005 17:04 <DIR> microsoft frontpage 28.02.2006 11:53 <DIR> Microsoft Games 01.06.2005 22:20 <DIR> Microsoft Office 25.04.2006 17:58 <DIR> Midway Home Entertainment 10.12.2005 15:33 <DIR> Monte Cristo 01.06.2005 20:08 <DIR> Movie Maker 01.06.2005 22:56 <DIR> MSI 01.06.2005 20:22 <DIR> msn gaming zone 30.06.2005 19:11 <DIR> MUSICMATCH 15.09.2005 14:07 <DIR> Need2Find 01.06.2005 20:07 <DIR> NetMeeting 01.11.2005 09:34 <DIR> OfficeUpdate11 01.06.2005 17:03 <DIR> Online-Dienste 13.04.2006 10:25 <DIR> Outlook Express 28.05.2006 11:20 <DIR> PCMEdit 01.08.2006 10:43 <DIR> QuickTime 30.03.2006 07:03 <DIR> Real 09.06.2005 14:15 <DIR> ScanSoft 01.06.2005 23:08 <DIR> Setup Files 30.09.2005 06:59 <DIR> Skype 01.08.2006 10:43 <DIR> Spybot - Search & Destroy 07.06.2006 15:59 <DIR> Super Castle Attack 31.03.2006 07:13 <DIR> Windows Media Player 01.06.2005 20:07 <DIR> Windows NT 27.05.2006 13:00 <DIR> WinRAR 01.06.2005 22:38 <DIR> WinZip 27.05.2006 13:00 <DIR> WordView 01.06.2005 17:04 <DIR> xerox 01.06.2005 17:58 <DIR> xp-AntiSpy 0 Datei(en) 0 Bytes 76 Verzeichnis(se), 67.282.210.816 Bytes frei Datentr„ger in Laufwerk C: ist System Volumeseriennummer: 34AB-C7E5 Verzeichnis von C:\Programme\Gemeinsame Dateien\Windows 01.03.2006 16:29 <DIR> . 01.03.2006 16:29 <DIR> .. 0 Datei(en) 0 Bytes 2 Verzeichnis(se), 67.282.063.360 Bytes frei Datentr„ger in Laufwerk C: ist System Volumeseriennummer: 34AB-C7E5 Verzeichnis von C:\Dokumente und Einstellungen\Rossmann\Lokale Einstellungen\Anwendungsdaten 20.11.2005 10:30 <DIR> Adobe 01.07.2005 14:52 <DIR> Ahead 25.09.2005 13:51 <DIR> Apple Computer 28.05.2006 11:18 <DIR> ApplicationHistory 20.05.2006 10:26 7.168 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 24.10.2005 15:20 <DIR> Freelancer 06.09.2005 08:46 141 fusioncache.dat 28.05.2006 11:15 33.112 GDIPFONTCACHEV1.DAT 11.06.2005 09:28 <DIR> Help 09.06.2005 14:02 <DIR> Identities 01.07.2005 14:40 <DIR> MediaLife 02.07.2006 15:04 <DIR> Microsoft 03.02.2006 18:56 <DIR> Mozilla 22.12.2005 15:29 <DIR> Musicmatch 22.06.2005 07:22 <DIR> Skype 3 Datei(en) 40.421 Bytes 12 Verzeichnis(se), 67.281.424.384 Bytes frei Datentr„ger in Laufwerk C: ist System Volumeseriennummer: 34AB-C7E5 Verzeichnis von C:\Dokumente und Einstellungen\Rossmann\Anwendungsdaten 03.07.2006 14:31 <DIR> . 03.07.2006 14:31 <DIR> .. 10.03.2006 14:23 <DIR> .contentlauncher 14.04.2006 11:39 <DIR> Adobe 14.06.2006 06:46 <DIR> AdobeUM 25.09.2005 13:52 <DIR> Apple Computer 09.06.2005 14:39 <DIR> ArcSoft 28.03.2006 18:51 <DIR> Canon 10.03.2006 14:23 <DIR> ContentLauncher 01.07.2005 14:39 <DIR> CyberLink 02.09.2005 08:24 <DIR> Download Manager 21.06.2006 17:22 33.112 GDIPFONTCACHEV1.DAT 29.07.2005 08:26 <DIR> Google 11.06.2005 09:28 <DIR> Help 09.06.2005 17:44 <DIR> ICQLite 09.06.2005 14:07 <DIR> Identities 20.06.2005 16:08 <DIR> InterVideo 08.06.2006 16:51 <DIR> Lavasoft 09.06.2005 13:53 <DIR> Logitech 25.01.2006 15:54 <DIR> Macromedia 01.04.2006 08:54 <DIR> Media Player Classic 03.07.2006 14:31 <DIR> Meine Die Schlacht um Mittelerde-Dateien 03.07.2005 14:20 <DIR> Mozilla 22.12.2005 07:44 <DIR> Musicmatch 31.03.2006 07:33 <DIR> Real 09.06.2005 14:15 <DIR> ScanSoft 02.08.2006 06:55 <DIR> Skype 18.05.2006 16:50 <DIR> Sun 17.05.2006 17:01 <DIR> Talkback 27.05.2006 12:54 <DIR> TuneUp Software 30.11.2005 15:01 <DIR> Ulead Systems 1 Datei(en) 33.112 Bytes 30 Verzeichnis(se), 67.281.424.384 Bytes frei Datentr„ger in Laufwerk C: ist System Volumeseriennummer: 34AB-C7E5 Verzeichnis von C:\Programme\Gemeinsame Dateien 27.05.2006 12:53 <DIR> . 27.05.2006 12:53 <DIR> .. 01.06.2005 23:58 <DIR> Adobe 01.06.2005 22:16 <DIR> Ahead 01.06.2005 22:20 <DIR> Designer 01.06.2005 17:02 <DIR> Dienste 14.02.2006 10:01 <DIR> DirectX 02.09.2005 08:48 <DIR> InstallShield 01.06.2005 22:23 <DIR> InterVideo 18.05.2006 16:29 <DIR> Java 09.06.2005 13:51 <DIR> Logitech 01.11.2005 09:46 <DIR> Microsoft Shared 01.06.2005 17:02 <DIR> MSSoap 01.06.2005 17:47 <DIR> ODBC 31.03.2006 07:33 <DIR> Real 09.06.2005 14:15 <DIR> ScanSoft Shared 01.06.2005 17:47 <DIR> SpeechEngines 13.04.2006 10:25 <DIR> System 25.01.2006 15:53 <DIR> Vbox 01.03.2006 16:29 <DIR> Windows 0 Datei(en) 0 Bytes 20 Verzeichnis(se), 67.281.424.384 Bytes frei 4.) Datentr„ger in Laufwerk C: ist System Volumeseriennummer: 34AB-C7E5 Verzeichnis von C:\WINDOWS\system32 02.08.2006 07:05 11.430 nvModes.001 02.08.2006 06:55 2.262 wpa.dbl 02.08.2006 06:55 22.477 nvapps.xml 01.08.2006 15:08 11.430 nvModes.dat 01.08.2006 10:23 2.550 Uninstall.ico 01.08.2006 10:23 1.406 Help.ico 01.08.2006 10:23 30.590 pavas.ico 31.07.2006 17:28 0 asfiles.txt 23.07.2006 16:37 391.330 perfh007.dat 23.07.2006 16:37 63.778 perfc007.dat 23.07.2006 16:37 52.900 perfc009.dat 23.07.2006 16:37 380.486 perfh009.dat 23.07.2006 16:37 897.954 PerfStringBackup.INI 07.07.2006 03:21 6.757.792 MRT.exe 25.06.2006 08:40 1.775 bitmedia.log 22.06.2006 12:47 181.248 rasmans.dll 19.06.2006 16:20 702.768 WgaLogon.dll 19.06.2006 16:19 571.184 LegitCheckControl.dll 19.06.2006 16:19 304.944 WgaTray.exe 18.06.2006 14:19 21.840 SIntfNT.dll 18.06.2006 14:19 17.212 SIntf32.dll 18.06.2006 14:19 12.067 SIntf16.dll 11.06.2006 09:07 57.384 avsda.dll 01.06.2006 20:47 27.648 jgpl400.dll 01.06.2006 20:47 163.840 jgdw400.dll 29.05.2006 17:30 1.494.016 shdocvw.dll 27.05.2006 15:28 147.608 FNTCACHE.DAT 19.05.2006 17:09 3.073.536 mshtml.dll 19.05.2006 15:09 95.744 iphlpapi.dll 19.05.2006 15:09 112.128 dhcpcsvc.dll 19.05.2006 15:09 148.480 dnsapi.dll 18.05.2006 16:31 3.534 jupdate-1.5.0_03-b07.log 18.05.2006 07:36 450.560 jscript.dll 11.05.2006 14:20 233.572 guard.tmp_tobedeleted 11.05.2006 10:57 27.136 xpsp3res.dll 10.05.2006 07:23 664.064 wininet.dll 10.05.2006 07:22 615.936 urlmon.dll 10.05.2006 07:22 474.624 shlwapi.dll 10.05.2006 07:22 448.512 mshtmled.dll 10.05.2006 07:22 532.480 mstime.dll 10.05.2006 07:22 146.432 msrating.dll 10.05.2006 07:22 39.424 pngfilt.dll 10.05.2006 07:22 16.384 jsproxy.dll 10.05.2006 07:22 96.768 inseng.dll 10.05.2006 07:22 1.056.256 danim.dll 10.05.2006 07:22 205.312 dxtrans.dll 10.05.2006 07:22 251.392 iepeers.dll 10.05.2006 07:22 55.808 extmgr.dll 10.05.2006 07:22 357.888 dxtmsft.dll 10.05.2006 07:22 1.022.976 browseui.dll 10.05.2006 07:22 152.064 cdfview.dll Datentr„ger in Laufwerk C: ist System Volumeseriennummer: 34AB-C7E5 Verzeichnis von C:\WINDOWS 02.08.2006 06:55 0 0.log 02.08.2006 06:55 1.158.173 WindowsUpdate.log 02.08.2006 06:55 159 wiadebug.log 02.08.2006 06:55 50 wiaservc.log 02.08.2006 06:54 2.048 bootstat.dat 02.08.2006 06:54 19.918 SchedLgU.Txt 01.08.2006 10:23 32 pavsig.txt 31.07.2006 17:24 752 win.ini 31.07.2006 17:22 42.340 setupapi.log 29.07.2006 08:45 116 NeroDigital.ini 27.07.2006 09:24 1.409 QTFont.for 27.07.2006 09:24 54.156 QTFont.qfn 26.07.2006 09:25 1.988 DirectX.log 26.07.2006 09:25 684 wmsetup.log 26.07.2006 09:25 237 RomeTW.ini 26.07.2006 08:45 9.172 WgaNotify.log 23.07.2006 16:34 6.177 comsetup.log 23.07.2006 16:34 12.574 KB917159.log 23.07.2006 16:34 1.026 ocmsn.log 23.07.2006 16:34 1.374 imsins.log 23.07.2006 16:34 20.205 iis6.log 23.07.2006 16:34 3.741 ntdtcsetup.log 23.07.2006 16:34 933 tabletoc.log 23.07.2006 16:34 8.463 tsoc.log 23.07.2006 16:34 8.748 ocgen.log 23.07.2006 16:34 3.249 netfxocm.log 23.07.2006 16:34 1.275 MedCtrOC.log 23.07.2006 16:34 927 msgsocm.log 23.07.2006 16:34 18.546 FaxSetup.log 23.07.2006 16:34 5.672 msmqinst.log 23.07.2006 16:34 1.374 imsins.BAK 23.07.2006 16:34 13.084 KB914388.log 23.07.2006 16:34 829 updspapi.log 23.07.2006 16:34 11.223 KB916595.log 23.07.2006 16:34 0 setuperr.log 23.07.2006 16:34 0 setupact.log 02.07.2006 15:04 133 msicpl.ini 10.06.2006 15:10 0 Sti_Trace.log 10.06.2006 15:09 227 system.ini 06.06.2006 08:31 65.536 IFinst27.exe 26.05.2006 13:35 1.303 cdPlayer.ini 26.05.2006 08:14 395 SIERRA.INI 18.05.2006 16:41 20.818 awshkwv.ini 17.05.2006 17:01 107.132 UninstallFirefox.exe 17.05.2006 17:00 5.294 mozver.dat 11.05.2006 17:40 60.416 ALCFDRTM.VER Datentr„ger in Laufwerk C: ist System Volumeseriennummer: 34AB-C7E5 Verzeichnis von C:\DOKUME~1\Rossmann\LOKALE~1\Temp 02.08.2006 06:59 1.890 ~WRS0000.tmp 02.08.2006 06:59 512 ~DF1DE0.tmp 02.08.2006 06:59 512 ~DF136E.tmp 02.08.2006 06:43 16.384 ~DF607B.tmp 02.08.2006 06:43 16.384 ~DF5865.tmp 02.08.2006 06:43 512 ~DF586D.tmp 01.08.2006 11:04 73.276 ~e5.0001 26.07.2006 08:45 409 WGANotify.settings 25.07.2006 10:49 107.512 Set38.tmp 24.07.2006 10:57 81.920 ea1.rra 24.07.2006 10:56 146.432 56593b.mst 24.07.2006 10:56 146.432 180980.mst 04.07.2006 16:57 16.384 ~DFB77B.tmp 04.07.2006 16:57 512 ~DFAB02.tmp 04.07.2006 16:57 16.384 ~DFAAF9.tmp 29.06.2006 18:05 16.384 ~DFA166.tmp 29.06.2006 18:05 16.384 ~DF9375.tmp 29.06.2006 18:05 512 ~DF937D.tmp 29.06.2006 16:28 237.810 MSI67d43.LOG 28.06.2006 06:48 16.384 ~DF9B5A.tmp 28.06.2006 06:48 16.384 ~DF92F3.tmp 02.08.2006 07:07 0 sys.txt 02.08.2006 07:05 5.758 system.txt 02.08.2006 07:05 1.460 systemtemp.txt 02.08.2006 07:05 102.722 system32.txt 02.08.2006 06:54 1.610.612.736 pagefile.sys 10.06.2006 15:09 211 boot.ini ------------------------------------------------ 5.) Start Time= 02.08.2006 7:08:37,67 QuickScan did not find any signs of infected files (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2006-08-01 09:32:48 ( .D... ) "C:\Programme\Das Fussball Studio" 2006-07-03 14:31:20 ( .D... ) "C:\Dokumente und Einstellungen\Rossmann\Anwendungsdaten\Meine Die Schlacht um Mittelerde-Dateien" 2006-07-03 14:21:30 ( .D... ) "C:\Programme\EA GAMES" 2006-06-21 17:22:06 33112 ( A.... ) "C:\Dokumente und Einstellungen\Rossmann\Anwendungsdaten\GDIPFONTCACHEV1.DAT" 2006-06-19 16:20:42 702768 ( ..... ) "C:\WINDOWS\system32\WgaLogon.dll" 2006-06-18 14:19:22 21840 ( A.... ) "C:\WINDOWS\system32\SIntfNT.dll" 2006-06-18 14:19:22 17212 ( A.... ) "C:\WINDOWS\system32\SIntf32.dll" 2006-06-18 14:19:22 12067 ( A.... ) "C:\WINDOWS\system32\SIntf16.dll" 2006-06-11 10:01:48 ( .D... ) "C:\Programme\CleanUp!" 2006-06-11 09:07:46 57384 ( A.... ) "C:\WINDOWS\system32\avsda.dll" 2006-06-10 11:36:06 ( .D... ) "C:\Programme\CCleaner" 2006-06-08 16:50:58 ( .D... ) "C:\Programme\Lavasoft" 2006-06-06 08:31:48 65536 ( A.... ) "C:\WINDOWS\IFinst27.exe" 2006-05-19 15:09:50 148480 ( A.... ) "C:\WINDOWS\system32\dnsapi.dll" 2006-05-19 15:09:50 112128 ( A.... ) "C:\WINDOWS\system32\dhcpcsvc.dll" 2006-05-19 15:09:50 95744 ( A.... ) "C:\WINDOWS\system32\iphlpapi.dll" 2006-05-17 17:01:02 107132 ( A.... ) "C:\WINDOWS\UninstallFirefox.exe" (((((((((((((((((((((((((((((((((((((( Files Created - Last 30days ))))))))))))))))))))))))))))))))))))))))))) 2006-07-31 17:22 73.728 C:\WINDOWS\system32\asuninst.exe 2006-07-31 17:22 11.776 C:\WINDOWS\system32\ZPORT4AS.dll 2006-06-19 16:20 702.768 C:\WINDOWS\system32\WgaLogon.dll (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries are not shown [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup" "nwiz"="nwiz.exe /install" "SoundMan"="SOUNDMAN.EXE" "NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe" "Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" "SpeedTouch USB Diagnostics"="\"C:\\Programme\\Alcatel\\SpeedTouch USB\\Dragdiag.exe\" /icon" "NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit" "MMTray"="\"C:\\Programme\\MUSICMATCH\\MUSICMATCH Jukebox\\mm_tray.exe\"" "iTunesHelper"="\"C:\\Programme\\iTunes\\iTunesHelper.exe\"" "QuickTime Task"="\"C:\\Programme\\QuickTime\\qttask.exe\" -atboottime" "mmtask"="\"C:\\Programme\\MUSICMATCH\\MUSICMATCH Jukebox\\mmtask.exe\"" "avgnt"="\"C:\\Programme\\AntiVir PersonalEdition Classic\\avgnt.exe\" /min" "KernelFaultCheck"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,73,79,73,74,\ 65,6d,33,32,5c,64,75,6d,70,72,65,70,20,30,20,2d,6b,00 "OpwareSE2"="\"C:\\Programme\\ScanSoft\\OmniPageSE2.0\\OpwareSE2.exe\"" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL] "Installed"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI] "Installed"="1" "NoChange"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS] "Installed"="1" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] "MSMSGS"="\"C:\\Programme\\Messenger\\msmsgs.exe\" /background" "Skype"="\"C:\\Programme\\Skype\\Phone\\Skype.exe\" /nosplash /minimized" "SpybotSD TeaTimer"="C:\\Programme\\Spybot - Search & Destroy\\TeaTimer.exe" [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components] "DeskHtmlVersion"=dword:00000110 "DeskHtmlMinorVersion"=dword:00000005 "Settings"=dword:00000001 "GeneralFlags"=dword:00000001 [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Die derzeitige Homepage" "Flags"=dword:00000002 "Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e2,02,00,00,00,\ 00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00 "CurrentState"=hex:04,00,00,40 "OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\ ff,ff,04,00,00,00 "RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\ 00,00,01,00,00,00 [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE" [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE" [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"="" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "PCMService"="\"C:\\Programme\\Logitech\\MediaLife\\MediaLifeService.exe\"" "NVCLOCK"="rundll32 nvclock.dll,fnNvclock" Contents of the 'Scheduled Tasks' folder C:\WINDOWS\tasks\1-Klick-Wartung.job Completion time: 02.08.2006 7:08:47,00 ComboFix ver 06.07.15/28 - This logfile is located at C:\ComboFix.txt |
|
|
|
|
|
|
02.08.2006, 12:18
Ehrenmitglied
Beiträge: 29434 |
#4
FC_Liverpool
loesche manuell: (oder mit der killbox) http://virus-protect.org/killbox.html C:\Programme\Gemeinsame Dateien\Windows C:\WINDOWS\system32\guard.tmp_tobedeleted C:\WINDOWS\system32\cd_clint.dll c:\windows\system32\azebar.xml c:\windows\system32\mswinf32.dll c:\windows\winsysupd51.dat PC neustarten desinstalliere: c:\programme\Need2Find ** scanne mit ewido (Online ) und poste den report http://virus-protect.org/onlinescan.html __________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
|
03.08.2006, 08:02
...neu hier
Themenstarter Beiträge: 6 |
||
|
|
|
|
|
03.08.2006, 15:09
Ehrenmitglied
Beiträge: 29434 |
#6
1.
smitRem * Laden: SmitRem2.8 http://noahdfear.geekstogo.com/click%20counter/click.php?id=1 öffne smitRem ,Doppelklick: RunThis.bat warte, bis der Scan beendet ist (der Bildschirm wird blau werden. das ist normal) suche smitfiles.txt und poste die Textdatei 2. arbeite smitfraud.fix ab (Option 1 und 2 ) -poste beide scanreporte http://virus-protect.org/artikel/tools/smitfrautfix.html __________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
|
04.08.2006, 07:36
...neu hier
Themenstarter Beiträge: 6 |
#7
Hi Sabina,
erstmal danke für die schnelle Hilfe. Aber das 2.) bei deinem letzten Post verstehe ich nicht so ganz. Muss ich alle 6 Schritte machen, oder nur die ersten 2? Die erste txt. Datei hab ich aber schon hochgeladen. ------------------------------------------------------------------ smitRem © log file version 3.1 by noahdfear Microsoft Windows XP [Version 5.1.2600] "IE"="6.0000" Running from D:\Eigene Dateien\smitrem\smitRem ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Pre-run SharedTask Export (GetSTS.exe) SharedTaskScheduler exporter by Lawrence Abrams (Grinler) Copyright(C) 2006 BleepingComputer.com Registry Pseudo-Format Mode (Not a valid reg file): [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{438755C2-A8BA-11D1-B96B-00A0C90312E1}\InProcServer32] @="%SystemRoot%\System32\browseui.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8C7461EF-2B13-11d2-BE35-3078302C2030}\InProcServer32] @="%SystemRoot%\System32\browseui.dll" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ checking for ShudderLTD key ShudderLTD key not present! checking for PSGuard.com key PSGuard.com key not present! checking for WinHound.com key WinHound.com key not present! checking for drsmartload2 key drsmartload2 key not present! spyaxe uninstaller NOT present Winhound uninstaller NOT present SpywareStrike uninstaller NOT present AlfaCleaner uninstaller NOT present SpyFalcon uninstaller NOT present SpywareQuake uninstaller NOT present SpywareSheriff uninstaller NOT present Trust Cleaner uninstaller NOT present SpyHeal uninstaller NOT present ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Existing Pre-run Files ~~~ Program Files ~~~ ~~~ Shortcuts ~~~ ~~~ Favorites ~~~ ~~~ system32 folder ~~~ amcompat.tlb nscompat.tlb mswinf32.exe ~~~ Icons in System32 ~~~ ~~~ Windows directory ~~~ ~~~ Drive root ~~~ ~~~ Miscellaneous Files/folders ~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Starting registry repairs Registry repairs complete ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SharedTask Export after registry fix (GetSTS.exe) SharedTaskScheduler exporter by Lawrence Abrams (Grinler) Copyright(C) 2006 BleepingComputer.com Registry Pseudo-Format Mode (Not a valid reg file): [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{438755C2-A8BA-11D1-B96B-00A0C90312E1}\InProcServer32] @="%SystemRoot%\System32\browseui.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8C7461EF-2B13-11d2-BE35-3078302C2030}\InProcServer32] @="%SystemRoot%\System32\browseui.dll" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Deleting files ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Remaining Post-run Files ~~~ Program Files ~~~ ~~~ Shortcuts ~~~ ~~~ Favorites ~~~ ~~~ system32 folder ~~~ amcompat.tlb nscompat.tlb mswinf32.exe ~~~ Icons in System32 ~~~ ~~~ Windows directory ~~~ ~~~ Drive root ~~~ ~~~ Miscellaneous Files/folders ~~~ ~~~ Wininet.dll ~~~ wininet.dll is missing!! |
|
|
|
|
|
|
04.08.2006, 11:51
Ehrenmitglied
Beiträge: 29434 |
#8
die wininet.dll ist "missing", mal sehen, was man da noch machen kann:
arbeite smitfraud.fix ab - alle Schritte abarbeiten - (Option 1 und 2 ) - poste beide scanreporte http://virus-protect.org/artikel/tools/smitfrautfix.html __________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!
bitte erst » hier kostenlos registrieren!!
Folgende Themen könnten Dich auch interessieren:
Seite(n): 1
Copyright © 2024, Protecus.de - Protecus Team - Impressum / Mediadaten