Ebenfalls das Problem mit dem IVideo Codec |
||
---|---|---|
#0
| ||
06.11.2006, 15:27
Member
Beiträge: 22 |
||
|
||
06.11.2006, 15:52
Ehrenmitglied
Beiträge: 29434 |
#2
Avenger
http://virus-protect.org/artikel/tools/avenger.html kopiere rein Zitat Registry values to delete:Klicke die grüne Ampel das Script wird nun ausgeführt, dann wird der PC automatisch neustarten »» loesche das Backup vom Avenger unter C:\Avenger\backup.zip + leere den Papierkorb «« scanne mit smitfraudfix - Option 1 und 2 ( lasse auch die Registry mitreinigen) http://virus-protect.org/artikel/tools/smitfrautfix.html __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
06.11.2006, 16:13
Member
Themenstarter Beiträge: 22 |
#3
Danke, jetzt sind die PopUps weniger geworden, aber es gibt noch welche...
Unzwar wegen einem "ITBarLayout", was kann ich jetzt tun? MfG Thaniel |
|
|
||
06.11.2006, 16:56
Ehrenmitglied
Beiträge: 29434 |
#4
scanne, stelle dann alles auf "remove" auch den BearShare
und poste den scanreport http://virus-protect.org/counterspy.html __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
06.11.2006, 19:03
Member
Themenstarter Beiträge: 22 |
#5
Ok, das hab ich gemacht, diese ITBarLayout macht immernoch Probleme...
Hier der Scanreport: Spyware Scan Details Start Date: 06.11.2006 18:20:41 End Date: 06.11.2006 18:59:52 Total Time: 39 mins 11 secs Detected spyware BearShare P2P Program more information... Details: BearShare is a peer-to-peer (P2P) application that allows its users to join together in a network via the Internet and share files from each other's hard drives. Status: Deleted Infected files detected c:\programme\bearshare\bearshare.dat c:\programme\bearshare\freepeers.ini c:\programme\bearshare\db\config.bin c:\programme\bearshare\db\gwebcache.dat c:\programme\bearshare\db\hostiles.txt c:\programme\bearshare\db\library.2.db c:\programme\bearshare\db\library.2.db.lastgoodload.bak c:\programme\bearshare\db\library.db c:\programme\bearshare\db\library.db.lastgoodload.bak MyGlobalSearch.Toolbar Potentially Unwanted Program more information... Details: MyGlobalSearch.Toolbar is an IE plugin with its own Search Field. Status: Deleted Infected files detected c:\programme\myglobalsearch\bar\1.bin\m9ffxtbr.jar c:\programme\myglobalsearch\bar\1.bin\m9ffxtbr.manifest c:\programme\myglobalsearch\bar\1.bin\m9ntstbr.jar c:\programme\myglobalsearch\bar\1.bin\m9ntstbr.manifest c:\programme\myglobalsearch\bar\cache\00049f49.bin c:\programme\myglobalsearch\bar\cache\0004a218.bin c:\programme\myglobalsearch\bar\cache\0004a43b.bin c:\programme\myglobalsearch\bar\cache\002627d2 c:\programme\myglobalsearch\bar\cache\files.ini c:\programme\myglobalsearch\bar\history\search c:\programme\myglobalsearch\bar\settings\prevcfg.htm Infected registry entries detected HKEY_CLASSES_ROOT\CLSID\{37B85A2B-692B-4205-9CAD-2626E4993404} HKEY_CLASSES_ROOT\CLSID\{37B85A2B-692B-4205-9CAD-2626E4993404}\InprocServer32 C:\Programme\MyGlobalSearch\bar\1.bin\MGSBAR.DLL HKEY_CLASSES_ROOT\CLSID\{37B85A2B-692B-4205-9CAD-2626E4993404}\InprocServer32 ThreadingModel Apartment HKEY_CLASSES_ROOT\CLSID\{37B85A2B-692B-4205-9CAD-2626E4993404}\MiscStatus\1 131473 HKEY_CLASSES_ROOT\CLSID\{37B85A2B-692B-4205-9CAD-2626E4993404}\MiscStatus 0 HKEY_CLASSES_ROOT\CLSID\{37B85A2B-692B-4205-9CAD-2626E4993404}\ProgID MyGlobalSearchBar.SettingsPlugin.1 HKEY_CLASSES_ROOT\CLSID\{37B85A2B-692B-4205-9CAD-2626E4993404}\TypeLib {37B85A20-692B-4205-9CAD-2626E4993404} HKEY_CLASSES_ROOT\CLSID\{37B85A2B-692B-4205-9CAD-2626E4993404}\Version 1.0 HKEY_CLASSES_ROOT\CLSID\{37B85A2B-692B-4205-9CAD-2626E4993404}\VersionIndependentProgID MyGlobalSearchBar.SettingsPlugin HKEY_CLASSES_ROOT\CLSID\{37B85A2B-692B-4205-9CAD-2626E4993404} My Global Search Bar Settings HKEY_CLASSES_ROOT\Interface\{37B85A2A-692B-4205-9CAD-2626E4993404} HKEY_CLASSES_ROOT\Interface\{37B85A2A-692B-4205-9CAD-2626E4993404}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{37B85A2A-692B-4205-9CAD-2626E4993404}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{37B85A2A-692B-4205-9CAD-2626E4993404}\TypeLib {37B85A20-692B-4205-9CAD-2626E4993404} HKEY_CLASSES_ROOT\Interface\{37B85A2A-692B-4205-9CAD-2626E4993404}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{37B85A2A-692B-4205-9CAD-2626E4993404} IMyGlobalSearchSettings HKEY_CLASSES_ROOT\Interface\{37B85A2C-692B-4205-9CAD-2626E4993404} HKEY_CLASSES_ROOT\Interface\{37B85A2C-692B-4205-9CAD-2626E4993404}\ProxyStubClsid {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{37B85A2C-692B-4205-9CAD-2626E4993404}\ProxyStubClsid32 {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{37B85A2C-692B-4205-9CAD-2626E4993404}\TypeLib {37B85A20-692B-4205-9CAD-2626E4993404} HKEY_CLASSES_ROOT\Interface\{37B85A2C-692B-4205-9CAD-2626E4993404}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{37B85A2C-692B-4205-9CAD-2626E4993404} _IMyGlobalSearchSettingsEvents HKEY_CLASSES_ROOT\MyGlobalSearchBar.SettingsPlugin HKEY_CLASSES_ROOT\MyGlobalSearchBar.SettingsPlugin\CLSID {37B85A2B-692B-4205-9CAD-2626E4993404} HKEY_CLASSES_ROOT\MyGlobalSearchBar.SettingsPlugin\CurVer MyGlobalSearchBar.SettingsPlugin.1 HKEY_CLASSES_ROOT\MyGlobalSearchBar.SettingsPlugin My Global Search Bar Settings Plugin HKEY_CLASSES_ROOT\MyGlobalSearchBar.SettingsPlugin.1 HKEY_CLASSES_ROOT\MyGlobalSearchBar.SettingsPlugin.1\CLSID {37B85A2B-692B-4205-9CAD-2626E4993404} HKEY_CLASSES_ROOT\MyGlobalSearchBar.SettingsPlugin.1 My Global Search Bar Settings Plugin HKEY_CLASSES_ROOT\MyGlobalSearchBar.ToolbarPlugin HKEY_CLASSES_ROOT\MyGlobalSearchBar.ToolbarPlugin\CLSID {EF281620-A3A3-4f08-874F-D68CFC9B7945} HKEY_CLASSES_ROOT\MyGlobalSearchBar.ToolbarPlugin\CurVer MyGlobalSearchBar.ToolbarPlugin.1 HKEY_CLASSES_ROOT\MyGlobalSearchBar.ToolbarPlugin MyGlobalSearch Toolbar Plugin HKEY_CLASSES_ROOT\MyGlobalSearchBar.ToolbarPlugin.1 HKEY_CLASSES_ROOT\MyGlobalSearchBar.ToolbarPlugin.1\CLSID {EF281620-A3A3-4f08-874F-D68CFC9B7945} HKEY_CLASSES_ROOT\MyGlobalSearchBar.ToolbarPlugin.1 MyGlobalSearch Toolbar Plugin HKEY_CLASSES_ROOT\TypeLib\{37B85A20-692B-4205-9CAD-2626E4993404} HKEY_CLASSES_ROOT\TypeLib\{37B85A20-692B-4205-9CAD-2626E4993404}\1.0\0\win32 C:\Programme\MyGlobalSearch\bar\1.bin\MGSBAR.DLL HKEY_CLASSES_ROOT\TypeLib\{37B85A20-692B-4205-9CAD-2626E4993404}\1.0\FLAGS 0 HKEY_CLASSES_ROOT\TypeLib\{37B85A20-692B-4205-9CAD-2626E4993404}\1.0\HELPDIR C:\Programme\MyGlobalSearch\bar\1.bin\ HKEY_CLASSES_ROOT\TypeLib\{37B85A20-692B-4205-9CAD-2626E4993404}\1.0 Toolbar 1.0 Type Library HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\My Global Search Uninstall HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\My Global Search Uninstall SlowInfoCache HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\My Global Search Uninstall Changed 0 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{37B85A21-692B-4205-9CAD-2626E4993404} HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\My Global Search Uninstall HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\My Global Search Uninstall DisplayName My Global Search Bar HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\My Global Search Uninstall HelpLink http://help.myglobalsearch.com/searchbar.html HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\My Global Search Uninstall Publisher My Global Search Bar HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\My Global Search Uninstall UninstallString rundll32 C:\PROGRA~1\MYGLOB~1\bar\1.bin\mgsBar.dll,O HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\My Global Search Uninstall UrlInfoAbout http://www.myglobalbsearch.com/jsp/softwareterms.jsp HKEY_LOCAL_MACHINE\SOFTWARE\MyGlobalSearch HKEY_LOCAL_MACHINE\SOFTWARE\MyGlobalSearch\bar Maximized 1 HKEY_LOCAL_MACHINE\SOFTWARE\MyGlobalSearch\bar pid IK HKEY_LOCAL_MACHINE\SOFTWARE\MyGlobalSearch\bar Dir C:\Programme\MyGlobalSearch\bar\ HKEY_LOCAL_MACHINE\SOFTWARE\MyGlobalSearch\bar PluginPath C:\Programme\MyGlobalSearch\bar\1.bin\ HKEY_LOCAL_MACHINE\SOFTWARE\MyGlobalSearch\bar CurInstall 1 HKEY_LOCAL_MACHINE\SOFTWARE\MyGlobalSearch\bar sr 0 HKEY_LOCAL_MACHINE\SOFTWARE\MyGlobalSearch\bar pl 7 HKEY_LOCAL_MACHINE\SOFTWARE\MyGlobalSearch\bar Id 5E30CC4A-8888-4437-815D-4A40265EE08A HKEY_LOCAL_MACHINE\SOFTWARE\MyGlobalSearch\bar CacheDir C:\Programme\MyGlobalSearch\bar\Cache\ HKEY_LOCAL_MACHINE\SOFTWARE\MyGlobalSearch\bar HistoryDir C:\Programme\MyGlobalSearch\bar\History\ HKEY_LOCAL_MACHINE\SOFTWARE\MyGlobalSearch\bar SettingsDir C:\Programme\MyGlobalSearch\bar\Settings\ HKEY_LOCAL_MACHINE\SOFTWARE\MyGlobalSearch\bar ConfigRevision 5 HKEY_LOCAL_MACHINE\SOFTWARE\MyGlobalSearch\bar ConfigRevisionURL http://cfg.myglobalsearch.com/barcfg.jsp?s=gs&p=IK HKEY_LOCAL_MACHINE\SOFTWARE\MyGlobalSearch\bar ConfigDateStamp 2006081323 HKEY_LOCAL_MACHINE\SOFTWARE\MyGlobalSearch\bar NextConfigRequest EHOMkFz0xgE- HKEY_LOCAL_MACHINE\SOFTWARE\MyGlobalSearch\bar LastConfigRequest EDs_a0P0xgE- HKEY_LOCAL_MACHINE\SOFTWARE\MyGlobalSearch\bar Flags 530 HKEY_LOCAL_MACHINE\SOFTWARE\MyGlobalSearch\bar Visible 1 Zango.SearchAssistant Adware (General) more information... Details: Zango Search Assistant opens new browser windows showing websites based on the previous websites you visit. Status: Deleted Infected files detected c:\programme\mozilla firefox\plugins\npclntax.dll IStartHere Toolbar more information... Details: IStartHere is a program that installs a toolbar in Internet Explorer and changes the user's home page. Status: Deleted Infected files detected C:\Programme\Alcohol Soft\Alcohol 120% Toolbar\icons.bmp Backdoor.Rbot.steam Backdoor more information... Details: Rbot is the name of a family of backdoor trojans, also known as worms, used by hackers to control a machine without the owner's knowledge. Status: Deleted Infected files detected C:\Programme\Valve\platform\steam_dev.exe Cookie: Radar Spy Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count Status: Deleted Infected cookies detected c:\dokumente und einstellungen\administrator\cookies\administrator@tradedoubler[2].txt Cookie: Zedo Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count Status: Deleted Infected cookies detected c:\dokumente und einstellungen\administrator\cookies\administrator@zedo[2].txt |
|
|
||
07.11.2006, 00:16
Ehrenmitglied
Beiträge: 29434 |
#6
wende die Anleitung an:
http://www.wintotal.de/Tipps/Eintrag.php?RBID=1&TID=894&URBID=3 __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
08.11.2006, 15:44
Member
Themenstarter Beiträge: 22 |
#7
Sry für meine später Antwort...:
Es hat leider nicht geholfen, die Meldungen über das ITBarLayout kommen weiter...ich hab auch die ganze Registry durchsucht...aber nichts weiter über dieses ITBarLayout gefunden. MfG Thaniel |
|
|
||
08.11.2006, 15:54
Ehrenmitglied
Beiträge: 29434 |
#8
Zitat Um das Problem zu lösen, geht man in die Registry (Start/Ausführen/regedit) und begibt sich zum Schlüssel:«« Download und auf dem Desktop entzippen: http://www.fbeej.dk/Programmer/iereg.zip Klicke: iereg bat PC neustarten und pruefen, ob der IE korrekt funktioniert __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
ich hab wie soviele andere in letzter Zeit auch das Problem mit dem IVideoCodec...
Mein Spybot blockiert die Anwendungen zwar, aber ist es nervig immer soviele PopUps zu haben.
Ich habe hier zunächst einmal die Hjack This Log und weiter unten auch noch die von Combofix und dem datFind:
Hijack This:
Logfile of HijackThis v1.99.1
Scan saved at 15:05:51, on 06.11.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Java\jre1.5.0_07\bin\jusched.exe
C:\Programme\Analog Devices\SoundMAX\SMTray.exe
C:\Programme\Analog Devices\SoundMAX\DrvLsnr.exe
C:\Programme\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programme\Gemeinsame Dateien\PCSuite\DataLayer\DataLayer.exe
C:\Programme\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Programme\QuickTime\qttask.exe
C:\Programme\iVideoCodec\pmmon.exe
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
C:\Programme\DAEMON Tools\daemon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
C:\Programme\TGTSoft\StyleXP\StyleXP.exe
C:\PROGRA~1\GEMEIN~1\PCSuite\Services\SERVIC~1.EXE
C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe
C:\Programme\Spamihilator\spamihilator.exe
C:\Programme\Gadu-Gadu\gg.exe
C:\Programme\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\PROGRA~1\GEMEIN~1\Nokia\MPAPI\MPAPI3s.exe
C:\Programme\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programme\Agnitum\Outpost Firewall\outpost.exe
C:\Programme\Analog Devices\SoundMAX\SMAgent.exe
C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\Programme\DynDNS Updater\DynDNS.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Downs\hijackthis(2)\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.compaq.com/1Q00CDT/0407/bl8.asp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.compaq.com/1Q00CDT/0407/bl7.asp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.compaq.com/1Q00CDT/0407/bl8.asp
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.compaq.com/1Q00CDT/0407/bl7.asp
O2 - BHO: XBTP05231 - {031F120A-BBAF-45d8-B306-375F2A6B9398} - C:\PROGRA~1\ALCOHO~1\ALCOHO~2\a120_tb.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {37B85A21-692B-4205-9CAD-2626E4993404} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_07\bin\ssv.dll
O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Programme\TGTSoft\StyleXP\TGT_BHO.dll
O3 - Toolbar: Alcohol Soft - Alcohol 120% Toolbar - {1CE4EE89-2D5C-4361-AF3B-D902AB545381} - C:\Programme\Alcohol Soft\Alcohol 120% Toolbar\a120_tb.dll
O3 - Toolbar: Protection Bar - {1a29a79a-b9c8-44a9-bedf-7fadde3cf33f} - C:\Programme\iVideoCodec\iesplugin.dll (file missing)
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_07\bin\jusched.exe
O4 - HKLM\..\Run: [Smapp] C:\Programme\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [DrvLsnr] C:\Programme\Analog Devices\SoundMAX\DrvLsnr.exe
O4 - HKLM\..\Run: [srmclean] C:\Cpqs\Scom\srmclean.exe
O4 - HKLM\..\Run: [SetRefresh] C:\Programme\Compaq\SetRefresh\SetRefresh.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Programme\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [ATIPTA] C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [DataLayer] C:\Programme\Gemeinsame Dateien\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Programme\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Outpost Firewall] C:\Programme\Agnitum\Outpost Firewall\outpost.exe /waitservice
O4 - HKLM\..\Run: [OutpostFeedBack] C:\Programme\Agnitum\Outpost Firewall\feedback.exe /dump:os_startup
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programme\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [InCD] C:\Programme\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [CloneDVDElbyDelay] "E:\Programme\CloneDVD\ElbyCheck.exe" /L ElbyDelay
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Programme\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [BearShare] "C:\Programme\BearShare\BearShare.exe" /pause
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [STYLEXP] C:\Programme\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Spamihilator] "C:\Programme\Spamihilator\spamihilator.exe"
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Programme\Gadu-Gadu\gg.exe" /tray
O4 - HKCU\..\Run: [PcSync] C:\Programme\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -trayboot
O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra button: Outpost Firewall Pro Quick Tune - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Programme\Agnitum\Outpost Firewall\Plugins\BrowserBar\ie_bar.dll
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Agnitum\OUTPOS~1\wl_hook.dll
O20 - Winlogon Notify: switcher - C:\WINDOWS\
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: DynDNS Updater Service (DynDNS_Updater_Service) - Kana Solution - C:\Programme\DynDNS Updater\DynDNS.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Programme\Gemeinsame Dateien\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum Ltd. - C:\Programme\Agnitum\Outpost Firewall\outpost.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programme\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: StyleXPService - Unknown owner - C:\Programme\TGTSoft\StyleXP\StyleXPService.exe
Und nun die Log von Combofix:
Administrator - 06-11-06 15:15:19,23 Service Pack 2
ComboFix 06.10.19 - Running from: "C:\Dokumente und Einstellungen\Administrator"
((((((((((((((((((((((((((((((( Files Created from 2006-10-06 to 2006-11-06 ))))))))))))))))))))))))))))))))))
2006-10-07 10:52 299,520 --a------ C:\WINDOWS\uninst.exe
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2006-11-06 15:12 -------- d-------- C:\Programme\Mozilla Firefox
2006-11-06 15:07 -------- d-------- C:\Programme\CleanUp!
2006-11-06 14:27 -------- d-------- C:\Programme\Spamihilator
2006-11-06 14:27 -------- d-------- C:\Programme\DynDNS Updater
2006-11-05 22:51 -------- d-------- C:\Programme\iVideoCodec
2006-11-04 20:41 -------- d---s---- C:\Programme\Xfire
2006-11-04 19:28 -------- d-------- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Xfire
2006-11-04 18:44 -------- d-------- C:\Programme\Steam
2006-11-02 14:45 -------- d-------- C:\Programme\Miranda IM 5.1
2006-10-24 13:45 -------- d-------- C:\Programme\ATI Technologies
2006-10-21 14:01 -------- d-------- C:\Programme\eMule
2006-10-16 18:56 -------- d--h----- C:\Programme\InstallShield Installation Information
2006-10-16 18:45 -------- d-------- C:\Programme\Activision
2006-10-16 16:13 -------- d-------- C:\Programme\LimeWire
2006-10-09 11:59 -------- d-------- C:\Programme\Digitale Bibliothek 4
2006-10-07 12:50 -------- d-------- C:\Programme\The GodFather
2006-10-07 10:52 -------- d-------- C:\Programme\ALCATech
2006-10-07 00:11 -------- d-------- C:\Programme\Valve
2006-10-03 12:18 -------- d-------- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\MSN6
2006-09-29 21:46 -------- d-------- C:\Programme\TI Education
2006-09-29 21:46 -------- d-------- C:\Programme\Gemeinsame Dateien\TI Shared
2006-09-29 21:46 -------- d-------- C:\Programme\Gemeinsame Dateien
2006-09-29 21:44 -------- d-------- C:\Programme\Gemeinsame Dateien\Wise Installation Wizard
2006-09-14 14:17 -------- d-------- C:\Programme\ICQLite
2006-09-14 14:17 -------- d-------- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\ICQLite
2006-09-14 14:16 -------- d-------- C:\Programme\ICQ
2006-09-14 14:05 -------- d-------- C:\Programme\Jap
2006-09-13 14:20 -------- d-------- C:\Programme\BearShare
2006-09-13 06:02 1084416 --a------ C:\WINDOWS\system32\msxml3.dll
2006-09-11 21:07 -------- d---s---- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft
2006-09-09 18:40 457 --a------ C:\Programme\INSTALL.LOG
2006-09-09 18:40 -------- d-------- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\ICQ
2006-09-09 18:12 -------- d-------- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\.gaim
2006-09-09 11:11 -------- d-------- C:\Programme\Gaim
2006-09-09 11:10 -------- d-------- C:\Programme\Common Files
2006-08-25 16:46 617472 --a------ C:\WINDOWS\system32\comctl32.dll
2006-08-23 03:11 307200 --a------ C:\WINDOWS\system32\atiiiexx.dll
2006-08-23 02:53 260096 --a------ C:\WINDOWS\system32\ati2dvag.dll
2006-08-23 02:47 114688 --a------ C:\WINDOWS\system32\atipdlxx.dll
2006-08-23 02:46 86016 --a------ C:\WINDOWS\system32\ati2evxx.dll
2006-08-23 02:46 77824 --a------ C:\WINDOWS\system32\Oemdspif.dll
2006-08-23 02:46 41984 --a------ C:\WINDOWS\system32\ati2edxx.dll
2006-08-23 02:46 26112 --a------ C:\WINDOWS\system32\Ati2mdxx.exe
2006-08-23 02:45 413696 --a------ C:\WINDOWS\system32\ati2evxx.exe
2006-08-23 02:44 53248 --a------ C:\WINDOWS\system32\ATIDDC.DLL
2006-08-23 02:38 2401984 --a------ C:\WINDOWS\system32\ati3duag.dll
2006-08-23 02:33 303104 --a------ C:\WINDOWS\system32\ATIDEMGR.dll
2006-08-23 02:33 2510752 --a------ C:\WINDOWS\system32\ativvaxx.dll
2006-08-23 02:27 6684672 --a------ C:\WINDOWS\system32\atioglx1.dll
2006-08-23 02:24 5140480 --a------ C:\WINDOWS\system32\atioglxx.dll
2006-08-23 02:21 221184 --a------ C:\WINDOWS\system32\atikvmag.dll
2006-08-23 02:19 17408 --a------ C:\WINDOWS\system32\atitvo32.dll
2006-08-23 02:14 290816 --a------ C:\WINDOWS\system32\ati2cqag.dll
2006-08-22 20:05 520192 --------- C:\WINDOWS\system32\ati2sgag.exe
2006-08-21 13:26 16896 --a------ C:\WINDOWS\system32\fltlib.dll
2006-08-21 10:14 23040 --a------ C:\WINDOWS\system32\fltmc.exe
2006-08-16 12:58 100352 --a------ C:\WINDOWS\system32\6to4svc.dll
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries are not shown
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
"SpybotSD TeaTimer"="C:\\Programme\\Spybot - Search & Destroy\\TeaTimer.exe"
"STYLEXP"="C:\\Programme\\TGTSoft\\StyleXP\\StyleXP.exe -Hide"
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="\"C:\\Programme\\Gemeinsame Dateien\\Ahead\\Lib\\NMBgMonitor.exe\""
"Spamihilator"="\"C:\\Programme\\Spamihilator\\spamihilator.exe\""
"Gadu-Gadu"="\"C:\\Programme\\Gadu-Gadu\\gg.exe\" /tray"
"PcSync"="C:\\Programme\\Nokia\\Nokia PC Suite 6\\PcSync2.exe /NoDialog"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runonce]
"ICQ Lite"="C:\\Programme\\ICQLite\\ICQLite.exe -trayboot"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"SunJavaUpdateSched"="C:\\Programme\\Java\\jre1.5.0_07\\bin\\jusched.exe"
"Smapp"="C:\\Programme\\Analog Devices\\SoundMAX\\SMTray.exe"
"DrvLsnr"="C:\\Programme\\Analog Devices\\SoundMAX\\DrvLsnr.exe"
"srmclean"="C:\\Cpqs\\Scom\\srmclean.exe"
"SetRefresh"="C:\\Programme\\Compaq\\SetRefresh\\SetRefresh.exe"
"Adobe Photo Downloader"="\"C:\\Programme\\Adobe\\Photoshop Album Starter Edition\\3.0\\Apps\\apdproxy.exe\""
"ATIPTA"="C:\\Programme\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe"
"DataLayer"="C:\\Programme\\Gemeinsame Dateien\\PCSuite\\DataLayer\\DataLayer.exe"
"PCSuiteTrayApplication"="C:\\Programme\\Nokia\\Nokia PC Suite 6\\LaunchApplication.exe -onlytray"
"QuickTime Task"="\"C:\\Programme\\QuickTime\\qttask.exe\" -atboottime"
"Outpost Firewall"="C:\\Programme\\Agnitum\\Outpost Firewall\\outpost.exe /waitservice"
"OutpostFeedBack"="C:\\Programme\\Agnitum\\Outpost Firewall\\feedback.exe /dump:os_startup"
"TkBellExe"="\"C:\\Programme\\Gemeinsame Dateien\\Real\\Update_OB\\realsched.exe\" -osboot"
"iTunesHelper"="\"C:\\Programme\\iTunes\\iTunesHelper.exe\""
"InCD"="C:\\Programme\\Nero\\Nero 7\\InCD\\InCD.exe"
"CloneDVDElbyDelay"="\"E:\\Programme\\CloneDVD\\ElbyCheck.exe\" /L ElbyDelay"
"DAEMON Tools"="\"C:\\Programme\\DAEMON Tools\\daemon.exe\" -lang 1033"
"BearShare"="\"C:\\Programme\\BearShare\\BearShare.exe\" /pause"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000005
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Die derzeitige Homepage"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,00,01,00,00,00,00,00,00,00,04,00,00,00,04,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\
00,00,01,00,00,00
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE"
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"
"{11853d5f-f894-4cc7-bbc3-fc7a9dcfd896}"="bonspells"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
"NoUserNameInStartMenu"=dword:00000001
"NoRecentDocsMenu"=dword:00000001
"NoSMHelp"=dword:00000001
"NoStartMenuNetworkPlaces"=dword:00000001
"NoInstrumentation"=dword:00000001
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"AllowLegacyWebView"=dword:00000001
"AllowUnhashedWebView"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]
"isamonitor.exe"="C:\\Programme\\iVideoCodec\\isamonitor.exe"
"pmsngr.exe"="C:\\Programme\\iVideoCodec\\pmsngr.exe"
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BearShare]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="BearShare"
"hkey"="HKLM"
"command"="\"C:\\Programme\\BearShare\\BearShare.exe\" /pause"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneDVDElbyDelay]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ElbyCheck"
"hkey"="HKLM"
"command"="\"E:\\Programme\\CloneDVD\\ElbyCheck.exe\" /L ElbyDelay"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="daemon"
"hkey"="HKLM"
"command"="\"C:\\Programme\\DAEMON Tools\\daemon.exe\" -lang 1033"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="InCD"
"hkey"="HKLM"
"command"="C:\\Programme\\Nero\\Nero 7\\InCD\\InCD.exe"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iTunesHelper"
"hkey"="HKLM"
"command"="\"C:\\Programme\\iTunes\\iTunesHelper.exe\""
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PcSync]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="PcSync2"
"hkey"="HKCU"
"command"="C:\\Programme\\Nokia\\Nokia PC Suite 6\\PcSync2.exe /NoDialog"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"iPodService"=dword:00000003
"InCDsrv"=dword:00000002
"Imapi Helper"=dword:00000003
"G6FTPServer"=dword:00000002
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\switcher
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
Completion time: 06-11-06 15:17:04.68
C:\ComboFix.txt ... 06-11-06 15:17
Jetzt von datFind:
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: 4C76-8CA0
Verzeichnis von C:\WINDOWS\system32
06.11.2006 15:13 1.158 wpa.dbl
29.10.2006 08:50 403.528 perfh009.dat
29.10.2006 08:50 63.130 perfc009.dat
29.10.2006 08:50 418.624 perfh007.dat
29.10.2006 08:50 76.006 perfc007.dat
29.10.2006 08:50 973.820 PerfStringBackup.INI
24.10.2006 14:04 5.632 d3d9caps.dat
04.10.2006 21:03 9.639.336 MRT.exe
01.10.2006 18:32 259.048 FNTCACHE.DAT
13.09.2006 06:02 1.084.416 msxml3.dll
04.09.2006 07:12 1.494.016 shdocvw.dll
25.08.2006 16:46 617.472 comctl32.dll
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: 4C76-8CA0
Verzeichnis von C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp
13.08.2006 17:26 368.458 Zdjecie224.jpg
13.08.2006 17:25 362.910 Zdjecie225.jpg
2 Datei(en) 731.368 Bytes
0 Verzeichnis(se), 88.142.925.824 Bytes frei
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: 4C76-8CA0
Verzeichnis von C:\WINDOWS
06.11.2006 15:13 159 wiadebug.log
06.11.2006 15:13 50 wiaservc.log
06.11.2006 15:13 0 0.log
06.11.2006 15:12 2.031.380 WindowsUpdate.log
06.11.2006 15:12 522 ODBC.INI
06.11.2006 15:11 49 transp.gif
06.11.2006 15:11 2.048 bootstat.dat
06.11.2006 15:10 32.630 SchedLgU.Txt
05.11.2006 22:51 1.636 wincmd.ini
05.11.2006 11:48 544.913 setupapi.log
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: 4C76-8CA0
Verzeichnis von C:\WINDOWS\Temp
06.11.2006 15:12 0 JETE937.tmp
1 Datei(en) 0 Bytes
0 Verzeichnis(se), 88.142.905.344 Bytes frei
In der Down.txt sind 2 Einträge die jeweils älter als 3 Monate sind!
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: 4C76-8CA0
Verzeichnis von C:\
06.11.2006 15:25 0 sys.txt
06.11.2006 15:24 345 down.txt
06.11.2006 15:24 276 tmp.txt
06.11.2006 15:24 11.651 system.txt
06.11.2006 15:23 350 systemtemp.txt
06.11.2006 15:22 105.956 system32.txt
06.11.2006 15:17 12.352 ComboFix.txt
06.11.2006 15:11 1.073.270.784 hiberfil.sys
06.11.2006 15:11 1.610.612.736 pagefile.sys
06.11.2006 14:35 0 avenger.txt
06.11.2006 14:33 3.302 kobrjddr.txt
30.10.2006 18:14 55.599 treeinfo.wc
20.10.2006 13:01 211 boot.ini
09.10.2006 14:41 0 ASPI.LOG
29.09.2006 19:59 0 Test.txt
20.09.2006 20:40 3.742.412 perico.wmv
06.09.2006 19:31 656 info.html
Ich hoffe mit den Infos könnt ihr mir weiterhelfen, danke schonmal im voraus!
MfG
Thaniel