vundo - troj/agent-DJ lässt sich nich entfernen |
||
---|---|---|
#0
| ||
30.12.2006, 20:01
Member
Beiträge: 11 |
||
|
||
30.12.2006, 20:05
Ehrenmitglied
Beiträge: 29434 |
#32
vd12
arbeitet das ab und postet die logs hier http://board.protecus.de/t23187.htm __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
30.12.2006, 20:14
Member
Beiträge: 11 |
#33
DANKEEEEEEEEEEEEEEEEE
Logfile of HijackThis v1.99.1 Scan saved at 20:09:41, on 30.12.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\system32\spoolsv.exe C:\Programme\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe C:\Programme\ewido\security suite\ewidoctrl.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\svchost.exe C:\Programme\Lexmark X6100 Series\lxbfbmgr.exe C:\Programme\ATI Technologies\ATI.ACE\cli.exe C:\Programme\Java\jre1.5.0_10\bin\jusched.exe C:\Programme\Lexmark X6100 Series\lxbfbmon.exe C:\Programme\Gemeinsame Dateien\{3C42492C-0876-1031-0719-040407190031}\Update.exe C:\Programme\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe C:\Programme\Messenger\MSMSGS.EXE C:\WINDOWS\system32\ctfmon.exe C:\Programme\Gemeinsame Dateien\Ahead\lib\NMBgMonitor.exe C:\Programme\Spybot - Search & Destroy\TeaTimer.exe C:\Programme\ATI Technologies\ATI.ACE\cli.exe C:\Programme\ATI Technologies\ATI.ACE\cli.exe C:\WINDOWS\system32\wuauclt.exe C:\Dokumente und Einstellungen\Xphstos\Desktop\drweb-cureit.exe C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\_start.exe C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\cureit.exe C:\Programme\Internet Explorer\iexplore.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\Dokumente und Einstellungen\Xphstos\Desktop\hijackthis_199\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.bearshare.com/sidebar.html?src=ssb R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.bearshare.com/sidebar.html?src=ssb R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.freenet.de/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb R3 - URLSearchHook: (no name) - {FD45C3A3-2614-05CB-11D0-71F2BA5016C7} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_10\bin\ssv.dll O2 - BHO: (no name) - {E1412445-4FF8-410e-8D24-F2CF86B171A4} - (no file) O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [Lexmark X6100 Series] "C:\Programme\Lexmark X6100 Series\lxbfbmgr.exe" O4 - HKLM\..\Run: [ATICCC] "C:\Programme\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre1.5.0_10\bin\jusched.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\isuspm.exe" -startup O4 - HKLM\..\Run: [ISUSScheduler] "C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Programme\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [{3C42492C-0876-1031-0719-040407190031}] "C:\Programme\Gemeinsame Dateien\{3C42492C-0876-1031-0719-040407190031}\Update.exe" mc-110-12-0000137 O4 - HKLM\..\Run: [{3C42492C-0875-1031-0719-040407190031}] "C:\Programme\Gemeinsame Dateien\{3C42492C-0875-1031-0719-040407190031}\Update.exe" mc-110-12-0000137 O4 - HKLM\..\Run: [AVP] "C:\Programme\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" O4 - HKLM\..\Run: [p2p networking] p2pnetworking.exe O4 - HKLM\..\RunServices: [p2p networking] p2pnetworking.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\MSMSGS.EXE" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programme\Gemeinsame Dateien\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe O4 - Startup: Adobe Gamma.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office OneNote 2003 Schnellstart.lnk = C:\Programme\Microsoft Office\OFFICE11\ONENOTEM.EXE O8 - Extra context menu item: Hinzufügen zu Kaspersky Anti-Banner - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 6.0\ie_banner_deny.htm O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Open with WordPerfect - C:\Programme\WordPerfect Office X3\Programs\WPLauncher.hta O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra button: Web-Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1158493691390 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1158695555109 O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - AppInit_DLLs: "C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll" O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Unknown owner - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" -r (file missing) O23 - Service: ewido security suite control - ewido networks - C:\Programme\ewido\security suite\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - C:\Programme\ewido\security suite\ewidoguard.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE |
|
|
||
30.12.2006, 20:23
Ehrenmitglied
Beiträge: 29434 |
||
|
||
30.12.2006, 20:27
Member
Beiträge: 11 |
#35
CleanUp! started on 12/30/06 20:17:19.
... C:\DOKUME~1\Xphstos\LOKALE~1\Temp\Adobe\Bridge\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\Adobe\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\Adobe Stock Photos\en_US1.0.7.1\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\Adobe Stock Photos\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\Adobelm_Cleanup.0001.dir.0000\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\bye10.tmp\Disk1\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\bye10.tmp\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\CDM\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\CopyFileList\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\Corel\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\e4j1.tmp_dir19620\exe4jlib.jar - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\e4j1.tmp_dir23575\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\e4j12.tmp_dir23716\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\e4j13.tmp_dir23716\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\e4j32.tmp_dir19809\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\ff_temp\xpcom.ns\bin\components\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\ff_temp\xpcom.ns\bin\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\ff_temp\xpcom.ns\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\ff_temp\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\GGS1.tmp\Fake Profile\extensions\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\GGS1.tmp\Fake Profile\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\GGS1.tmp\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\GGS6A.tmp\Fake Profile\extensions\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\GGS6A.tmp\Fake Profile\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\GGS6A.tmp\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\hsperfdata_Xphstos\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\iss4.tmp\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\msohtml\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\msohtml1\01\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\msohtml1\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\NEW145.tmp\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\NEW152.tmp\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\nro.log\log\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\nro.log\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\Ntmo\index.dat - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\Ntmo\T1.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\Ntmo\T10.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\Ntmo\T11.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\Ntmo\T12.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\Ntmo\T13.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\Ntmo\T14.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\Ntmo\T15.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\Ntmo\T16.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\Ntmo\T17.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\Ntmo\T18.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\Ntmo\T19.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\Ntmo\T1A.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\Ntmo\T1B.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\Ntmo\T1C.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\Ntmo\T1D.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\Ntmo\T1E.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\Ntmo\T3.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\Ntmo\T4.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\Ntmo\T5.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\Ntmo\T6.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\Ntmo\T7.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\Ntmo\T8.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\Ntmo\T9.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\Ntmo\TA.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\Ntmo\TB.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\Ntmo\TC.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\Ntmo\TD.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\Ntmo\TE.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\Ntmo\TF.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\OIS\cacheFiles\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\OIS\temp\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\OIS\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\outlook logging\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\pft7.tmp\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\photoshop9-en_US-RET\Photoshop_902_Update\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\photoshop9-en_US-RET\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\plugtmp\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\plugtmp-1\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\plugtmp-10\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\plugtmp-11\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\plugtmp-12\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\plugtmp-2\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\plugtmp-3\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\plugtmp-4\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\plugtmp-5\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\plugtmp-6\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\plugtmp-7\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\plugtmp-8\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\plugtmp-9\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43300.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43301.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43302.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43303.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43304.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43305.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43306.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43307.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43308.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43309.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43310.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43311.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43312.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43313.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43314.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43315.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43316.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43317.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43318.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43319.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43320.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43321.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43322.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43323.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43324.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43325.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43326.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43327.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43328.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43329.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43330.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43331.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43332.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43333.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crwebase.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crwnasty.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crwrisky.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crwtoday.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\cs-cureit.dwl - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\cs-cureit.txt - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\cureit.dll - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\cureit.exe - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\cureit.key - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\cureit_me.ini - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\cureit_xp.ini - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\cwn43301.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\cwn43302.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\cwntoday.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\cwrtoday.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\de-cureit.dwl - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\de-cureit.txt - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\dwebio16.dll - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\dwebio32.dll - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\dwebllio.dll - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\en-cureit.txt - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\en-drwebgui.cnt - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\en-drwebgui.hlp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\esla-cureit.dwl - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\esla-cureit.txt - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\et-cureit.dwl - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\et-cureit.txt - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\fr-cureit.dwl - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\fr-cureit.txt - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\hu-cureit.dwl - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\hu-cureit.txt - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\lt-cureit.dwl - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\lt-cureit.txt - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\lv-cureit.dwl - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\lv-cureit.txt - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\pl-cureit.dwl - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\pl-cureit.txt - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\pt-cureit.dwl - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\pt-cureit.txt - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\ru-cureit.dwl - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\ru-cureit.txt - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\ru-drwebgui.cnt - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\ru-drwebgui.hlp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\sk-cureit.dwl - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\sk-cureit.txt - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\_start.exe - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\_start.ini - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\VBE\MSForms.exd - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\VBE\RefEdit.exd - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\WER1468.dir00\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\WER1f28.dir00\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\WPDNSE\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\_isB2\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\{236BB7C4-4419-42FD-0409-1E257A25E34D}\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\{a5ba14e0-7384-11d4-bae7-00409631a2c8}\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\{C94E45B0-6AA6-4FB9-9AAE-22085F631880}\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\{C9FB6FFC-B3D2-4AA0-AC05-73DB7796B638}\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\{F73619B9-74A0-4205-92C3-6FF545FD1750}\{BB8774C6-2751-484E-99B3-9348549E6B64}\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\{F73619B9-74A0-4205-92C3-6FF545FD1750}\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\~nsu.tmp\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\~wmvtmp2\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\~wmvtmp3\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\~wmvtmp4\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\~wmvtmp5\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\~wmvtmp6\ - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\caevents.log - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\InstHelp.dll - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\java_install.log - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\java_install_reg.log - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\jinstall.cfg - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\jusched.log - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\kl-install-2006-12-29-19-44-11.log - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\MSI210af.LOG - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\MSI210b0.LOG - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\MSI210b1.LOG - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\MSI8ae43.LOG - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\smurfs.cdr - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\wmplog00.sqm - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\wmplog01.sqm - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\~3.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\~9.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\~DF332F.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\~DF4B9E.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\~DF534C.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\~DF5FAD.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\~DF686A.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\~DF7E82.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\~DF80D0.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\~DF8B56.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\~DF8C00.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\~DF8C95.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\~DF9255.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\~DFAEE3.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\~DFBCD.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\~DFBD3.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\~DFD87F.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\~DFE47B.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\~DFFA9F.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\~F.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\AAWTMP\TMP\256647 - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\AAWTMP\TMP\947746 - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\AAWTMP\TMP\aawbckprestore.reg - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\e4j1.tmp_dir19620\exe4jlib.jar - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\Ntmo\index.dat - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\Ntmo\T1.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\Ntmo\T10.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\Ntmo\T11.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\Ntmo\T12.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\Ntmo\T13.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\Ntmo\T14.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\Ntmo\T15.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\Ntmo\T16.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\Ntmo\T17.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\Ntmo\T18.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\Ntmo\T19.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\Ntmo\T1A.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\Ntmo\T1B.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\Ntmo\T1C.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\Ntmo\T1D.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\Ntmo\T1E.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\Ntmo\T3.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\Ntmo\T4.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\Ntmo\T5.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\Ntmo\T6.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\Ntmo\T7.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\Ntmo\T8.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\Ntmo\T9.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\Ntmo\TA.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\Ntmo\TB.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\Ntmo\TC.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\Ntmo\TD.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\Ntmo\TE.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\Ntmo\TF.tmp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43300.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43301.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43302.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43303.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43304.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43305.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43306.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43307.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43308.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43309.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43310.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43311.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43312.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43313.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43314.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43315.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43316.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43317.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43318.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43319.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43320.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43321.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43322.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43323.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43324.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43325.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43326.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43327.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43328.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43329.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43330.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43331.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43332.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crw43333.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crwebase.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crwnasty.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crwrisky.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\crwtoday.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\cs-cureit.dwl - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\cs-cureit.txt - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\cureit.dll - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\cureit.exe - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\cureit.key - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\cureit_me.ini - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\cureit_xp.ini - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\cwn43301.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\cwn43302.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\cwntoday.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\cwrtoday.cdb - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\de-cureit.dwl - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\de-cureit.txt - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\dwebio16.dll - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\dwebio32.dll - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\dwebllio.dll - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\en-cureit.txt - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\en-drwebgui.cnt - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\en-drwebgui.hlp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\esla-cureit.dwl - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\esla-cureit.txt - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\et-cureit.dwl - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\et-cureit.txt - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\fr-cureit.dwl - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\fr-cureit.txt - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\hu-cureit.dwl - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\hu-cureit.txt - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\lt-cureit.dwl - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\lt-cureit.txt - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\lv-cureit.dwl - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\lv-cureit.txt - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\pl-cureit.dwl - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\pl-cureit.txt - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\pt-cureit.dwl - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\pt-cureit.txt - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\ru-cureit.dwl - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\ru-cureit.txt - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\ru-drwebgui.cnt - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\ru-drwebgui.hlp - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\sk-cureit.dwl - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\sk-cureit.txt - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\_start.exe - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\RarSFX0\_start.ini - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\VBE\MSForms.exd - deleted C:\DOKUME~1\Xphstos\LOKALE~1\Temp\VBE\RefEdit.exd - deleted C:\WINDOWS\temp\ASPNETSetup_00000.log - deleted C:\WINDOWS\temp\ASPNETSetup_00001.log - deleted C:\WINDOWS\temp\atinbtxx.sys - deleted C:\WINDOWS\temp\atinmdxx.sys - deleted C:\WINDOWS\temp\atinpdxx.sys - deleted C:\WINDOWS\temp\atinraxx.sys - deleted C:\WINDOWS\temp\atinrvxx.sys - deleted C:\WINDOWS\temp\atinsnxx.sys - deleted C:\WINDOWS\temp\atinttxx.sys - deleted C:\WINDOWS\temp\atintuxx.sys - deleted C:\WINDOWS\temp\atinxbxx.sys - deleted C:\WINDOWS\temp\atinxsxx.sys - deleted C:\WINDOWS\temp\ativdaxx.ax - deleted C:\WINDOWS\temp\ativmc20.cod - deleted C:\WINDOWS\temp\ativmvxx.ax - deleted C:\WINDOWS\temp\ativtmxx.dll - deleted C:\WINDOWS\temp\atixpwdm.cat - deleted C:\WINDOWS\temp\atixpwdm.inf - deleted C:\WINDOWS\temp\cch~27a6a8322.htp - deleted C:\WINDOWS\temp\cch~27a6a8748.htp - deleted C:\WINDOWS\temp\cch~27a6add4d.htp - deleted C:\WINDOWS\temp\cch~27a6d06df.htp - deleted C:\WINDOWS\temp\cch~b2bbbbb2e.htp - deleted C:\WINDOWS\temp\cch~b2bbbc0d6.htp - deleted C:\WINDOWS\temp\cch~b2ccae41a.htp - deleted C:\WINDOWS\temp\cch~b2ccae890.htp - deleted C:\WINDOWS\temp\cch~b8b368af1.htp - deleted C:\WINDOWS\temp\cch~b8b369024.htp - deleted C:\WINDOWS\temp\cch~b8b6b5ad6.htp - deleted C:\WINDOWS\temp\cch~b8b6b5f1f.htp - deleted C:\WINDOWS\temp\PR5A.tmp - deleted C:\WINDOWS\temp\PRA9.tmp - deleted C:\WINDOWS\temp\VisioCA.log - deleted C:\WINDOWS\temp\WGAErrLog.txt - deleted C:\WINDOWS\temp\WGANotify.settings - deleted C:\WINDOWS\temp\ASHeuristic\ - deleted C:\WINDOWS\temp\plugtmp\ - deleted C:\WINDOWS\temp\plugtmp-1\NEWS_WPR_de.xml - deleted C:\WINDOWS\temp\plugtmp-1\WPR_de.xml - deleted C:\WINDOWS\temp\_ISTMP0.DIR\ - deleted C:\Dokumente und Einstellungen\Xphstos\Cookies\index.dat - deleted C:\Dokumente und Einstellungen\Xphstos\Cookies\xphstos@activescan[1].txt - deleted C:\Dokumente und Einstellungen\Xphstos\Cookies\xphstos@freenet[1].txt - deleted C:\Dokumente und Einstellungen\Xphstos\Cookies\index.dat - deleted C:\Dokumente und Einstellungen\Xphstos\Cookies\xphstos@activescan[1].txt - deleted C:\Dokumente und Einstellungen\Xphstos\Cookies\xphstos@freenet[1].txt - deleted C:\Dokumente und Einstellungen\NetworkService\Cookies\index.dat - deleted C:\Dokumente und Einstellungen\NetworkService\Cookies\index.dat - deleted C:\Dokumente und Einstellungen\LocalService\Cookies\index.dat - deleted C:\Dokumente und Einstellungen\LocalService\Cookies\index.dat - deleted C:\Dokumente und Einstellungen\Default User\Cookies\index.dat - deleted C:\Dokumente und Einstellungen\Default User\Cookies\index.dat - deleted C:\WINDOWS\Prefetch\AAWSEPERSONAL106(2).EXE-24BE993E.pf - deleted C:\WINDOWS\Prefetch\ACRORD32.EXE-0EC716D9.pf - deleted C:\WINDOWS\Prefetch\ACRORD32INFO.EXE-30CEC19C.pf - deleted C:\WINDOWS\Prefetch\AD-AWARE.EXE-0B387BE8.pf - deleted C:\WINDOWS\Prefetch\AD-AWARE.EXE-308139F4.pf - deleted C:\WINDOWS\Prefetch\AGENT.EXE-027CAB18.pf - deleted C:\WINDOWS\Prefetch\ALG.EXE-0F138680.pf - deleted C:\WINDOWS\Prefetch\AVP.EXE-19E58FCA.pf - deleted C:\WINDOWS\Prefetch\AZUREUS.EXE-018E10AA.pf - deleted C:\WINDOWS\Prefetch\B116.EXE-3A59C04E.pf - deleted C:\WINDOWS\Prefetch\CLEANUP.EXE-3438663A.pf - deleted C:\WINDOWS\Prefetch\CLEANUP452.EXE-1C54B960.pf - deleted C:\WINDOWS\Prefetch\CORELDRW.EXE-31078C74.pf - deleted C:\WINDOWS\Prefetch\CUREIT.EXE-2AA25EA2.pf - deleted C:\WINDOWS\Prefetch\DRWEB-CUREIT.EXE-2EFC8F13.pf - deleted C:\WINDOWS\Prefetch\DRWTSN32.EXE-2B4B52AC.pf - deleted C:\WINDOWS\Prefetch\DUMPREP.EXE-1B46F901.pf - deleted C:\WINDOWS\Prefetch\DWWIN.EXE-30875ADC.pf - deleted C:\WINDOWS\Prefetch\EMULE.EXE-184A63F1.pf - deleted C:\WINDOWS\Prefetch\EWIDO-SETUP.EXE-17DED8D5.pf - deleted C:\WINDOWS\Prefetch\EWIDOCTRL.EXE-051B8DB5.pf - deleted C:\WINDOWS\Prefetch\EWIDOGUARD.EXE-14B7B31A.pf - deleted C:\WINDOWS\Prefetch\FIREFOX.EXE-17EE503B.pf - deleted C:\WINDOWS\Prefetch\FIREFOX.EXE-1D57670A.pf - deleted C:\WINDOWS\Prefetch\GLB1A2B.EXE-33686814.pf - deleted C:\WINDOWS\Prefetch\HELPSVC.EXE-2878DDA2.pf - deleted C:\WINDOWS\Prefetch\HH.EXE-2D1A70B3.pf - deleted C:\WINDOWS\Prefetch\HIJACKTHIS.EXE-31EFCEE8.pf - deleted C:\WINDOWS\Prefetch\IEXPLORE.EXE-2CA9778D.pf - deleted C:\WINDOWS\Prefetch\IMAPI.EXE-0BF740A4.pf - deleted C:\WINDOWS\Prefetch\INSTALL.EXE-1672F607.pf - deleted C:\WINDOWS\Prefetch\Layout.ini - deleted C:\WINDOWS\Prefetch\MSIEXEC.EXE-2F8A8CAE.pf - deleted C:\WINDOWS\Prefetch\NMINDEXSTORESVR.EXE-1DBCF9FD.pf - deleted C:\WINDOWS\Prefetch\NOTEPAD.EXE-336351A9.pf - deleted C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf - deleted C:\WINDOWS\Prefetch\OIS.EXE-33076924.pf - deleted C:\WINDOWS\Prefetch\PLLANGS.EXE-0B73BDB1.pf - deleted C:\WINDOWS\Prefetch\REGSVR32.EXE-25EEFE2F.pf - deleted C:\WINDOWS\Prefetch\RUNDLL32.EXE-13802325.pf - deleted C:\WINDOWS\Prefetch\RUNDLL32.EXE-14D6F7C1.pf - deleted C:\WINDOWS\Prefetch\RUNDLL32.EXE-1B3C57D7.pf - deleted C:\WINDOWS\Prefetch\RUNDLL32.EXE-27A76B5B.pf - deleted C:\WINDOWS\Prefetch\RUNDLL32.EXE-2E8E28CD.pf - deleted C:\WINDOWS\Prefetch\RUNDLL32.EXE-363F34DA.pf - deleted C:\WINDOWS\Prefetch\RUNDLL32.EXE-36E71C7B.pf - deleted C:\WINDOWS\Prefetch\RUNDLL32.EXE-3A6DEF42.pf - deleted C:\WINDOWS\Prefetch\RUNDLL32.EXE-43C619F6.pf - deleted C:\WINDOWS\Prefetch\RUNDLL32.EXE-451FC2C0.pf - deleted C:\WINDOWS\Prefetch\RUNONCE.EXE-2803F297.pf - deleted C:\WINDOWS\Prefetch\SECURITYSUITE.EXE-28B6B557.pf - deleted C:\WINDOWS\Prefetch\SHOWTIME.EXE-1713ECDC.pf - deleted C:\WINDOWS\Prefetch\SPYBOTSD.EXE-1D495A65.pf - deleted C:\WINDOWS\Prefetch\SVCHOSTS.EXE-06B6C8D2.pf - deleted C:\WINDOWS\Prefetch\TASKMGR.EXE-20256C55.pf - deleted C:\WINDOWS\Prefetch\TU_LOGONUI.EXE-381C5638.pf - deleted C:\WINDOWS\Prefetch\UNREGAAW.EXE-088D06FB.pf - deleted C:\WINDOWS\Prefetch\UNSVCHOSTS.EXE-2BA40E9C.pf - deleted C:\WINDOWS\Prefetch\UNWISE.EXE-0AFE923E.pf - deleted C:\WINDOWS\Prefetch\UNWISE.EXE-0E00D609.pf - deleted C:\WINDOWS\Prefetch\UPDATE.EXE-208B81B7.pf - deleted C:\WINDOWS\Prefetch\UPDATE.EXE-36BDAEAA.pf - deleted C:\WINDOWS\Prefetch\VERCLSID.EXE-3667BD89.pf - deleted C:\WINDOWS\Prefetch\VLC.EXE-29851A71.pf - deleted C:\WINDOWS\Prefetch\WGATRAY.EXE-0ED38BED.pf - deleted C:\WINDOWS\Prefetch\WINRAR.EXE-3588DFE8.pf - deleted C:\WINDOWS\Prefetch\WINWORD.EXE-3395695A.pf - deleted C:\WINDOWS\Prefetch\WMIPRVSE.EXE-28F301A9.pf - deleted C:\WINDOWS\Prefetch\WSCNTFY.EXE-1B24F5EB.pf - deleted C:\WINDOWS\Prefetch\WUAUCLT.EXE-399A8E72.pf - deleted C:\WINDOWS\Prefetch\_START.EXE-17228C38.pf - deleted Emptied Recycle Bin on drive C: 'Run MRU' list - removed from the registry. 'Doc Find Spec MRU' list - removed from the registry. 'FindComputerMRU' list - removed from the registry. 'ComputerNameMRU' list - removed from the registry. 'ContainingTextMRU' list - removed from the registry. 'FilesNamedMRU' list - removed from the registry. Search Assistant MRU list - removed from the registry. Explorer Open/Save MRU list - removed from the registry. Explorer Last Visited MRU list - removed from the registry. Paint Recent File List - removed from the registry. WordPad Recent File List - removed from the registry. Telnet's MRU list - removed from the registry. Windows Media Player Recent File List - removed from the registry. WinZip Extract MRU list - removed from the registry. WinZip File MRU list - removed from the registry. CleanUp! 4.5.2 recovered 626.0 MB of disk space from 1083 files. CleanUp! finished on 12/30/06 20:17:31. |
|
|
||
30.12.2006, 20:29
Ehrenmitglied
Beiträge: 29434 |
#36
o.k.
nun combofix-log und datfindbat ( 6 logs, ca. 3 monate von jedem) __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
30.12.2006, 21:07
Member
Beiträge: 11 |
#37
Xphstos - 06-12-30 20:59:07.51 Service Pack 2
ComboFix 06.11.27 - Running from: "C:\Dokumente und Einstellungen\Xphstos\Desktop" (((((((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) C:\Programme\Ipwins C:\Programme\winupdates C:\Programme\Gemeinsame Dateien\{3C42492C-0876-1031-0719-040407190031} ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ Purity ~ ~ ~ ~ ~ ~ ~ ~~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ Folders Quarantined: C:\QooBox\Purity\Dokumente und Einstellungen\Xphstos\Eigene Dateien\STEM~1 C:\QooBox\Purity\Programme\SCURIT~1 C:\QooBox\Purity\WINDOWS\CURITY~1 C:\QooBox\Purity\WINDOWS\YMBOLS~1 C:\QooBox\Purity\WINDOWS\system32\RACLE~1 C:\QooBox\Purity\WINDOWS\system32\SEMBLY~1 C:\QooBox\Purity\WINDOWS\system32\TSKS~1 ((((((((((((((((((((((((((((((( Files Created from 2006-11-30 to 2006-12-30 )))))))))))))))))))))))))))))))))) 2006-12-30 20:16 <DIR> d-------- C:\Programme\CleanUp! 2006-12-30 19:36 <DIR> d-------- C:\WINDOWS\system32\ActiveScan 2006-12-30 16:51 <DIR> d-------- C:\Dokumente und Einstellungen\Xphstos\DoctorWeb 2006-12-30 12:37 <DIR> d-------- C:\Programme\ewido 2006-12-30 00:26 <DIR> d-------- C:\Programme\Spybot - Search & Destroy 2006-12-30 00:26 <DIR> d-------- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy 2006-12-29 23:24 <DIR> d-------- C:\Dokumente und Einstellungen\Xphstos\Anwendungsdaten\Lavasoft 2006-12-29 22:51 <DIR> d-------- C:\Programme\Lavasoft 2006-12-29 19:45 61,584 --a------ C:\WINDOWS\system32\drivers\klick.sys 2006-12-29 19:45 59,536 --a------ C:\WINDOWS\system32\drivers\klin.sys 2006-12-29 19:45 <DIR> d-------- C:\Programme\Kaspersky Lab 2006-12-29 19:45 <DIR> d-------- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Kaspersky Lab 2006-12-29 19:44 <DIR> d-------- C:\kav 2006-12-28 16:42 36,224 --a------ C:\WINDOWS\system32\drivers\an983.sys 2006-12-21 07:26 0 --a------ C:\WINDOWS\system32\6.exe 2006-12-19 13:56 <DIR> d-------- C:\WINDOWS\WBEM 2006-12-19 13:56 <DIR> d-------- C:\WINDOWS\system32\de-de 2006-12-19 13:53 121,856 --------- C:\WINDOWS\system32\xmllite.dll 2006-12-19 13:53 <DIR> d-------- C:\WINDOWS\network diagnostic 2006-12-18 16:57 6,656 --a------ C:\WINDOWS\system32\haspvdd.dll 2006-12-18 16:57 47,616 --a------ C:\WINDOWS\system32\drivers\Haspnt.sys 2006-12-18 16:57 383 --a------ C:\WINDOWS\system32\haspdos.sys 2006-12-18 16:57 28,976 --a------ C:\WINDOWS\system\D2HTOOLS.DLL 2006-12-18 16:57 <DIR> d-------- C:\Programme\EUROSYSTEMS 2006-12-17 13:30 <DIR> d-------- C:\Programme\eMule 2006-12-17 09:30 <DIR> d-------- C:\Programme\ASIBA 2006-12-17 09:29 <DIR> d-------- C:\Programme\procutz 2006-12-17 09:28 74,752 --a------ C:\WINDOWS\ST6UNST.EXE 2006-12-17 09:28 253,952 --------- C:\WINDOWS\Setup1.exe 2006-12-17 06:16 <DIR> d--h----- C:\Programme\Gemeinsame Dateien\Uninstall Information 2006-12-16 18:42 93,509 --a------ C:\Dokumente und Einstellungen\Xphstos\install.exe 2006-12-16 18:17 89,360 --a------ C:\WINDOWS\system32\VB5DB.DLL 2006-12-16 18:16 409,600 --------- C:\WINDOWS\system32\SCINT78.DLL 2006-12-16 18:16 409,600 --------- C:\WINDOWS\system32\SCINT70.DLL 2006-12-16 18:16 245,400 --------- C:\WINDOWS\system32\UNICOWS.DLL 2006-12-16 18:16 225,347 --------- C:\WINDOWS\system32\SCINT110.DLL 2006-12-16 18:16 225,280 --------- C:\WINDOWS\system32\SCINT100.DLL 2006-12-16 18:16 218,112 --------- C:\WINDOWS\system32\SCINT80.DLL 2006-12-16 18:06 <DIR> d-------- C:\Programme\PeDevice 2006-12-15 20:12 2 --a------ C:\WINDOWS\system32\wnsintit.exe 2006-12-15 17:46 24,072 --a------ C:\WINDOWS\system32\uxtuneup.dll 2006-12-15 17:45 <DIR> d-------- C:\Programme\TuneUp Utilities 2007 2006-12-15 17:22 536,576 --a------ C:\WINDOWS\system32\msvcr70d.dll 2006-12-15 17:22 102,912 --a------ C:\WINDOWS\system32\Kernel.dll 2006-12-15 17:22 <DIR> d-------- C:\Programme\P2 2006-12-09 03:39 41,888 --a------ C:\WINDOWS\system32\drivers\Oreans.sys 2006-12-09 02:01 73,216 --a------ C:\WINDOWS\cadkasdeinst01.exe 2006-12-03 21:16 94,064 -ra------ C:\WINDOWS\system32\drivers\w810mdm.sys 2006-12-03 21:16 85,408 -ra------ C:\WINDOWS\system32\drivers\w810mgmt.sys 2006-12-03 21:16 83,344 -ra------ C:\WINDOWS\system32\drivers\w810obex.sys 2006-12-03 21:16 8,336 -ra------ C:\WINDOWS\system32\drivers\w810mdfl.sys 2006-12-03 21:16 6,176 -ra------ C:\WINDOWS\system32\drivers\w810cmnt.sys 2006-12-03 21:16 6,176 -ra------ C:\WINDOWS\system32\drivers\w810cm.sys 2006-12-03 21:16 58,288 -ra------ C:\WINDOWS\system32\drivers\w810bus.sys 2006-12-03 21:16 5,808 -ra------ C:\WINDOWS\system32\drivers\w810whnt.sys 2006-12-03 21:16 5,808 -ra------ C:\WINDOWS\system32\drivers\w810wh.sys 2006-12-03 20:54 <DIR> d-------- C:\Dokumente und Einstellungen\Xphstos\Anwendungsdaten\Help 2006-12-03 12:10 81,728 -ra------ C:\WINDOWS\system32\drivers\k750mgmt.sys 2006-12-03 12:10 79,488 -ra------ C:\WINDOWS\system32\drivers\k750obex.sys 2006-12-03 12:09 89,872 -ra------ C:\WINDOWS\system32\drivers\k750mdm.sys 2006-12-03 12:09 6,576 -ra------ C:\WINDOWS\system32\drivers\k750mdfl.sys 2006-12-03 12:09 6,144 -ra------ C:\WINDOWS\system32\drivers\k750cmnt.sys 2006-12-03 12:09 6,144 -ra------ C:\WINDOWS\system32\drivers\k750cm.sys 2006-12-03 12:09 55,216 -ra------ C:\WINDOWS\system32\drivers\k750bus.sys 2006-12-03 12:09 5,744 -ra------ C:\WINDOWS\system32\drivers\k750whnt.sys 2006-12-03 12:09 5,744 -ra------ C:\WINDOWS\system32\drivers\k750wh.sys (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2006-12-30 21:02 -------- d-------- C:\Programme\Gemeinsame Dateien 2006-12-30 20:45 -------- d-------- C:\Programme\Mozilla Firefox 2006-12-30 20:28 -------- d-------- C:\Programme\WinRAR 2006-12-30 20:26 -------- d-------- C:\Programme\MSN Messenger 2006-12-30 20:23 -------- d-------- C:\Programme\Messenger 2006-12-30 20:21 -------- d-------- C:\Programme\Lexmark X6100 Series 2006-12-30 20:19 -------- d-------- C:\Programme\Internet Explorer 2006-12-30 10:40 -------- d-------- C:\Dokumente und Einstellungen\Xphstos\Anwendungsdaten\Azureus 2006-12-27 20:37 -------- d-------- C:\Programme\Java 2006-12-21 20:47 -------- d--h----- C:\Programme\InstallShield Installation Information 2006-12-17 11:34 -------- d-------- C:\Programme\SignCut X2 2006-12-17 09:30 -------- d-------- C:\Programme\Corel 2006-12-16 18:35 147456 --a------ C:\WINDOWS\system32\vbzip10.dll 2006-12-16 18:29 -------- d-------- C:\Programme\Gemeinsame Dateien\DESIGNER 2006-12-15 19:07 -------- d---s---- C:\Dokumente und Einstellungen\Xphstos\Anwendungsdaten\Microsoft 2006-12-15 17:45 -------- d-------- C:\Programme\Gemeinsame Dateien\Wise Installation Wizard 2006-12-15 03:03 -------- d-------- C:\Programme\Outlook Express 2006-12-15 03:03 -------- d-------- C:\Programme\Gemeinsame Dateien\System 2006-11-21 11:47 0 --a------ C:\WINDOWS\system32\taskkill.exe 2006-11-21 11:46 0 --a------ C:\WINDOWS\b.exe 2006-11-21 10:56 191488 --a------ C:\WINDOWS\system32\hlvdd.dll 2006-11-15 15:44 18273 --a------ C:\WINDOWS\system32\drivers\klop.sys 2006-11-15 10:21 -------- d-------- C:\Dokumente und Einstellungen\Xphstos\Anwendungsdaten\Zoner 2006-11-15 10:20 -------- d-------- C:\Programme\Zoner 2006-11-13 19:27 -------- d-------- C:\Dokumente und Einstellungen\Xphstos\Anwendungsdaten\Teleca 2006-11-13 19:25 -------- d-------- C:\Programme\Gemeinsame Dateien\Teleca Shared 2006-11-13 19:24 -------- d-------- C:\Programme\Sony Ericsson 2006-11-11 19:18 -------- d-------- C:\Dokumente und Einstellungen\Xphstos\Anwendungsdaten\Corel 2006-11-11 19:15 -------- d-------- C:\Programme\Gemeinsame Dateien\Corel 2006-11-08 06:06 679424 --a------ C:\WINDOWS\system32\inetcomm.dll 2006-11-07 03:26 13312 --a------ C:\WINDOWS\system32\ieudinit.exe 2006-11-04 14:14 1245696 --a------ C:\WINDOWS\system32\msxml4.dll 2006-11-04 11:18 6580 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys 2006-11-04 11:18 152 -r-hs---- C:\WINDOWS\system32\9EDB5D3B11.sys 2006-11-01 17:42 94314 --a------ C:\WINDOWS\system32\klogon.dll 2006-11-01 12:09 29392 --a------ C:\WINDOWS\system32\drivers\secdrv.sys 2006-10-20 02:38 715776 --a------ C:\WINDOWS\system32\sxs.dll 2006-10-14 11:49 23796 --a------ C:\Programme\Uninst.isu 2006-10-13 13:35 146432 --a------ C:\WINDOWS\system32\nwprovau.dll 2006-10-02 10:52 49152 -ra------ C:\WINDOWS\system32\inetwh32.dll 2006-10-02 10:52 1044480 -ra------ C:\WINDOWS\system32\roboex32.dll 2006-09-17 13:12 62 --ahs---- C:\Dokumente und Einstellungen\Xphstos\Anwendungsdaten\desktop.ini (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries are not shown [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] "MSMSGS"="\"C:\\Programme\\Messenger\\MSMSGS.EXE\" /background" "ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe" "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="\"C:\\Programme\\Gemeinsame Dateien\\Ahead\\lib\\NMBgMonitor.exe\"" "SpybotSD TeaTimer"="C:\\Programme\\Spybot - Search & Destroy\\TeaTimer.exe" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "Cmaudio"="RunDll32 cmicnfg.cpl,CMICtrlWnd" "Lexmark X6100 Series"="\"C:\\Programme\\Lexmark X6100 Series\\lxbfbmgr.exe\"" "ATICCC"="\"C:\\Programme\\ATI Technologies\\ATI.ACE\\cli.exe\" runtime -Delay" "SunJavaUpdateSched"="\"C:\\Programme\\Java\\jre1.5.0_10\\bin\\jusched.exe\"" "NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe" "ISUSPM Startup"="\"C:\\Programme\\Gemeinsame Dateien\\InstallShield\\UpdateService\\isuspm.exe\" -startup" "ISUSScheduler"="\"C:\\Programme\\Gemeinsame Dateien\\InstallShield\\UpdateService\\issch.exe\" -start" @="" "Sony Ericsson PC Suite"="\"C:\\Programme\\Sony Ericsson\\Mobile2\\Application Launcher\\Application Launcher.exe\" /startoptions" "{3C42492C-0876-1031-0719-040407190031}"="\"C:\\Programme\\Gemeinsame Dateien\\{3C42492C-0876-1031-0719-040407190031}\\Update.exe\" mc-110-12-0000137" "{3C42492C-0875-1031-0719-040407190031}"="\"C:\\Programme\\Gemeinsame Dateien\\{3C42492C-0875-1031-0719-040407190031}\\Update.exe\" mc-110-12-0000137" "AVP"="\"C:\\Programme\\Kaspersky Lab\\Kaspersky Internet Security 6.0\\avp.exe\"" "p2p networking"="p2pnetworking.exe" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL] "Installed"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI] "Installed"="1" "NoChange"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS] "Installed"="1" [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components] "DeskHtmlVersion"=dword:00000110 "DeskHtmlMinorVersion"=dword:00000005 "Settings"=dword:00000001 "GeneralFlags"=dword:00000005 [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Die derzeitige Homepage" "Flags"=dword:00000002 "Position"=hex:2c,00,00,00,00,01,00,00,00,00,00,00,00,04,00,00,e0,03,00,00,00,\ 00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00 "CurrentState"=hex:04,00,00,40 "OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\ ff,ff,04,00,00,00 "RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\ 00,00,01,00,00,00 [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE" [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"="" "{54D9498B-CF93-414F-8984-8CE7FDE0D391}"="ewido shell guard" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload] "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}" "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}" "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}" "WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll" Contents of the 'Scheduled Tasks' folder C:\WINDOWS\tasks\1-Klick-Wartung.job Completion time: 06-12-30 21:03:55.00 C:\ComboFix.txt ... 06-12-30 21:03 C:\ComboFix2.txt ... 06-12-30 20:55 C:\ComboFix3.txt ... 06-12-30 20:53 ======================================================= Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 3C42-492C Verzeichnis von c:\ 30.12.2006 21:09 0 dirdat.txt 30.12.2006 21:03 13.776 ComboFix.txt 30.12.2006 21:01 805.306.368 pagefile.sys 30.12.2006 20:55 136 ComboFix2.txt 30.12.2006 20:53 136 ComboFix3.txt 03.12.2006 13:08 268 sqmdata02.sqm 03.12.2006 13:08 244 sqmnoopt02.sqm 02.12.2006 06:22 268 sqmdata01.sqm 02.12.2006 06:22 244 sqmnoopt01.sqm 01.12.2006 06:29 268 sqmdata00.sqm 01.12.2006 06:29 244 sqmnoopt00.sqm 29.11.2006 20:08 268 sqmdata19.sqm 29.11.2006 20:08 244 sqmnoopt19.sqm 27.11.2006 21:41 268 sqmdata18.sqm 27.11.2006 21:41 244 sqmnoopt18.sqm 26.11.2006 21:12 268 sqmdata17.sqm 26.11.2006 21:12 244 sqmnoopt17.sqm 24.11.2006 08:49 268 sqmdata16.sqm 24.11.2006 08:49 244 sqmnoopt16.sqm 21.11.2006 12:33 268 sqmdata15.sqm 21.11.2006 12:33 244 sqmnoopt15.sqm 19.11.2006 10:27 268 sqmdata14.sqm 19.11.2006 10:27 244 sqmnoopt14.sqm 19.11.2006 08:04 268 sqmdata13.sqm 19.11.2006 08:04 244 sqmnoopt13.sqm 19.11.2006 08:02 268 sqmdata12.sqm 19.11.2006 08:02 244 sqmnoopt12.sqm 16.11.2006 03:10 268 sqmdata11.sqm 16.11.2006 03:10 244 sqmnoopt11.sqm 15.11.2006 13:52 268 sqmdata10.sqm 15.11.2006 13:52 244 sqmnoopt10.sqm 15.11.2006 07:55 268 sqmdata09.sqm 15.11.2006 07:55 244 sqmnoopt09.sqm 13.11.2006 19:39 268 sqmdata08.sqm 13.11.2006 19:39 244 sqmnoopt08.sqm 12.11.2006 19:40 268 sqmdata07.sqm 12.11.2006 19:40 244 sqmnoopt07.sqm 12.11.2006 17:48 268 sqmdata06.sqm 12.11.2006 17:48 244 sqmnoopt06.sqm 04.11.2006 14:17 268 sqmdata05.sqm 04.11.2006 14:17 244 sqmnoopt05.sqm 01.11.2006 11:50 268 sqmdata04.sqm 01.11.2006 11:50 244 sqmnoopt04.sqm 01.11.2006 11:16 268 sqmdata03.sqm 01.11.2006 11:16 244 sqmnoopt03.sqm 20.09.2006 21:30 389 boot.ini 19.09.2006 22:05 47.564 NTDETECT.COM 19.09.2006 22:05 251.184 ntldr 17.09.2006 12:23 0 CONFIG.SYS 17.09.2006 12:23 0 IO.SYS 17.09.2006 12:23 0 MSDOS.SYS 17.09.2006 12:23 0 AUTOEXEC.BAT 29.08.2002 13:00 4.952 bootfont.bin 53 Datei(en) 805.634.745 Bytes 0 Verzeichnis(se), 86.230.446.080 Bytes frei Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 3C42-492C ----------------------------------------------------------------- Verzeichnis von C:\WINDOWS\system32 30.12.2006 21:02 13.646 wpa.dbl 30.12.2006 19:39 0 asfiles.txt 30.12.2006 19:36 2.550 Uninstall.ico 30.12.2006 19:36 1.406 Help.ico 30.12.2006 19:36 30.590 pavas.ico 29.12.2006 19:55 0 6.exe 29.12.2006 19:55 910 unsvchosts.lzma 29.12.2006 18:44 72.566 MobileSidewalkRON_2.ico 29.12.2006 18:23 2 wnsintit.exe 28.12.2006 14:08 230 spupdsvc.inf 27.12.2006 20:37 9.074 jupdate-1.5.0_10-b03.log 23.12.2006 10:19 512 WTCY9853.dat 18.12.2006 16:57 6.656 haspvdd.dll 18.12.2006 16:57 383 haspdos.sys 18.12.2006 16:57 2.994 CONFIG.NT 17.12.2006 16:43 4.441.216 FNTCACHE.DAT 17.12.2006 09:31 5.169 HLDRV.LOG 16.12.2006 18:35 147.456 vbzip10.dll 15.12.2006 03:03 4.390 MRT.INI 07.12.2006 15:13 10.716.584 MRT.exe 26.11.2006 22:09 8.833 jupdate-1.5.0_09-b03.log 23.11.2006 16:45 24.072 uxtuneup.dll 21.11.2006 11:47 0 taskkill.exe 21.11.2006 10:56 191.488 hlvdd.dll 09.11.2006 15:07 127.078 javaws.exe 09.11.2006 15:07 49.265 jpicpl32.cpl 09.11.2006 13:28 53.346 javaw.exe 09.11.2006 13:28 49.248 java.exe 08.11.2006 06:06 679.424 inetcomm.dll 07.11.2006 03:26 13.312 ieudinit.exe 04.11.2006 14:14 1.245.696 msxml4.dll 04.11.2006 11:18 6.580 KGyGaAvL.sys 04.11.2006 11:18 152 9EDB5D3B11.sys 01.11.2006 17:42 94.314 klogon.dll 30.10.2006 22:07 69.528 perfc009.dat 30.10.2006 22:07 434.790 perfh007.dat 30.10.2006 22:07 417.168 perfh009.dat 30.10.2006 22:07 84.046 perfc007.dat 30.10.2006 22:07 1.018.702 PerfStringBackup.INI 23.10.2006 16:34 3.082.240 mshtml.dll 23.10.2006 16:34 1.497.600 shdocvw.dll 23.10.2006 16:34 474.624 shlwapi.dll 23.10.2006 16:34 617.984 urlmon.dll 23.10.2006 16:34 670.208 wininet.dll 23.10.2006 16:34 448.512 mshtmled.dll 23.10.2006 16:34 532.480 mstime.dll 23.10.2006 16:34 39.424 pngfilt.dll 23.10.2006 16:34 146.432 msrating.dll 23.10.2006 16:34 205.312 dxtrans.dll 23.10.2006 16:34 357.888 dxtmsft.dll 23.10.2006 16:34 55.808 extmgr.dll 23.10.2006 16:34 96.768 inseng.dll 23.10.2006 16:34 251.904 iepeers.dll 23.10.2006 16:34 15.872 jsproxy.dll 23.10.2006 16:34 1.056.256 danim.dll 23.10.2006 16:34 152.064 cdfview.dll 23.10.2006 16:34 1.022.976 browseui.dll 23.10.2006 12:43 270.336 xpsp3res.dll 20.10.2006 02:38 715.776 sxs.dll 13.10.2006 13:35 146.432 nwprovau.dll 02.10.2006 10:52 1.044.480 roboex32.dll 02.10.2006 10:52 49.152 inetwh32.dll ------------------------------------------------------------------- Verzeichnis von C:\WINDOWS 30.12.2006 21:04 1.071.891 WindowsUpdate.log 30.12.2006 21:02 0 0.log 30.12.2006 21:02 157 wiadebug.log 30.12.2006 21:02 50 wiaservc.log 30.12.2006 21:02 0 TempFile 30.12.2006 21:01 2.048 bootstat.dat 30.12.2006 20:42 28.648 SchedLgU.Txt 30.12.2006 19:39 709 win.ini 30.12.2006 19:37 22.958 setupapi.log 30.12.2006 12:09 116 NeroDigital.ini 23.12.2006 10:19 24 Artcut6.INI 23.12.2006 09:55 520 lexstat.ini 19.12.2006 13:56 1.393 imsins.BAK 19.12.2006 13:52 0 setupact.log 17.12.2006 12:18 2.492 fnerr.dat 17.12.2006 09:28 253.952 Setup1.exe 17.12.2006 09:28 74.752 ST6UNST.EXE 09.12.2006 02:01 73.216 cadkasdeinst01.exe 03.12.2006 13:07 0 mngui.INI 21.11.2006 11:46 0 b.exe 13.11.2006 19:23 54.156 QTFont.qfn 13.11.2006 19:23 1.409 QTFont.for 24.10.2006 20:41 3.509 mozver.dat 19.09.2006 22:32 1.174 OEWABLog.txt 19.09.2006 22:31 316.640 WMSysPr9.prx 19.09.2006 22:21 1.024.687 setupapi.log.0.old 19.09.2006 21:54 2.318 Active Setup Log.txt 19.09.2006 21:47 63 vbaddin.ini 19.09.2006 21:19 9.626 Active Setup Log.BAK 19.09.2006 20:52 0 setuperr.log 19.09.2006 19:32 400 ODBC.INI 18.09.2006 05:26 1.448 UPGRADE.TXT 17.09.2006 13:26 0 nsreg.dat 17.09.2006 13:13 0 Sti_Trace.log 17.09.2006 13:12 231 system.ini 17.09.2006 12:25 8.192 REGLOCS.OLD 17.09.2006 12:23 0 control.ini 17.09.2006 12:23 299.552 WMSysPrx.prx 17.09.2006 12:23 4.161 ODBCINST.INI 17.09.2006 12:22 749 WindowsShell.Manifest 17.09.2006 12:21 36 vb.ini ---------------------------------------------------------------------------- Verzeichnis von C:\DOKUME~1\Xphstos\LOKALE~1\Temp 30.12.2006 21:05 398 ~3.tmp 1 Datei(en) 398 Bytes 0 Verzeichnis(se), 86.230.335.488 Bytes frei ------------------------------------------------------------------------------ Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 3C42-492C Verzeichnis von C:\WINDOWS\Temp 30.12.2006 21:05 318 MSI3dfc2.LOG 1 Datei(en) 318 Bytes 0 Verzeichnis(se), 86.230.036.480 Bytes frei ------------------------------------------------------------------------------ Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 3C42-492C Verzeichnis von C:\WINDOWS\Downloaded Program Files 17.09.2006 12:22 65 desktop.ini 24.08.2006 08:28 141.424 asinst.dll 22.08.2006 09:06 537 asinst.inf 22.06.2006 10:41 5.032 swflash.inf 11.08.2005 15:30 417.792 isusweb.dll 26.05.2005 03:19 291 wuweb.inf 26.05.2005 03:19 293 muweb.inf 25.07.2002 17:13 24.576 dwusplay.dll 25.07.2002 17:13 196.608 dwusplay.exe 20.01.2000 14:25 1.162 Microsoft XML Parser for Java.osd 14.10.1997 17:52 697 DirectAnimation Java Classes.osd 11 Datei(en) 788.477 Bytes 0 Verzeichnis(se), 86.230.032.384 Bytes frei Dieser Beitrag wurde am 30.12.2006 um 21:24 Uhr von vd12 editiert.
|
|
|
||
30.12.2006, 21:36
Ehrenmitglied
Beiträge: 29434 |
#38
virustotal
Oben auf der Seite --> auf Durchsuchen klicken --> Datei aussuchen (oder gleich die Datei mit korrektem Pfad einkopieren) --> Doppelklick auf die zu prüfende Datei --> klick auf "Send"... jetzt abwarten - dann mit der rechten Maustaste den Text markieren -> kopieren - einfügen http://www.virustotal.com/flash/index_en.html C:\WINDOWS\system32\6.exe C:\WINDOWS\system32\haspvdd.dll C:\WINDOWS\system32\p2pnetworking.exe C:\WINDOWS\system32\wnsintit.exe C:\WINDOWS\system32\WTCY9853.dat C:\WINDOWS\system32\vbzip10.dll C:\WINDOWS\system32\taskkill.exe C:\WINDOWS\b.exe C:\Dokumente und Einstellungen\Xphstos\install.exe C:\WINDOWS\system32\drivers\Oreans.sys poste die reporte hier ------ das ist malware, brauchst du nicht zu ueberpruefen C:\WINDOWS\system32\spupdsvc.inf C:\WINDOWS\system32\unsvchosts.lzma C:\WINDOWS\system32\MobileSidewalkRON_2.ico __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
30.12.2006, 22:22
Member
Beiträge: 11 |
#39
Antivirus Version Update Result
AntiVir 7.3.0.21 12.30.2006 no virus found Authentium 4.93.8 12.30.2006 no virus found Avast 4.7.892.0 12.30.2006 no virus found AVG 386 12.30.2006 no virus found BitDefender 7.2 12.30.2006 no virus found CAT-QuickHeal 8.00 12.30.2006 no virus found ClamAV devel-20060426 12.30.2006 no virus found DrWeb 4.33 12.30.2006 no virus found eSafe 7.0.14.0 12.30.2006 no virus found eTrust-InoculateIT 23.73.102 12.30.2006 no virus found eTrust-Vet 30.3.3289 12.29.2006 no virus found Ewido 4.0 12.30.2006 no virus found Fortinet 2.82.0.0 12.30.2006 no virus found F-Prot 3.16f 12.30.2006 no virus found F-Prot4 4.2.1.29 12.30.2006 no virus found Ikarus T3.1.0.27 12.30.2006 no virus found Kaspersky 4.0.2.24 12.30.2006 no virus found McAfee 4929 12.29.2006 no virus found Microsoft 1.1904 12.30.2006 no virus found NOD32v2 1949 12.30.2006 no virus found Norman 5.80.02 12.29.2006 no virus found Panda 9.0.0.4 12.30.2006 no virus found Prevx1 V2 12.30.2006 no virus found Sophos 4.13.0 12.30.2006 no virus found Sunbelt 2.2.907.0 12.18.2006 no virus found TheHacker 6.0.3.139 12.29.2006 no virus found UNA 1.83 12.29.2006 no virus found VBA32 3.11.1 12.30.2006 no virus found VirusBuster 4.3.19:9 12.30.2006 no virus found Aditional Information File size: 0 bytes MD5: d41d8cd98f00b204e9800998ecf8427e SHA1: da39a3ee5e6b4b0d3255bfef95601890afd80709 =================================================== Antivirus Version Update Result AntiVir 7.3.0.21 12.30.2006 no virus found Authentium 4.93.8 12.30.2006 no virus found Avast 4.7.892.0 12.30.2006 no virus found AVG 386 12.30.2006 no virus found BitDefender 7.2 12.30.2006 no virus found CAT-QuickHeal 8.00 12.30.2006 no virus found ClamAV devel-20060426 12.30.2006 no virus found DrWeb 4.33 12.30.2006 no virus found eSafe 7.0.14.0 12.30.2006 no virus found eTrust-InoculateIT 23.73.102 12.30.2006 no virus found eTrust-Vet 30.3.3289 12.29.2006 no virus found Ewido 4.0 12.30.2006 no virus found Fortinet 2.82.0.0 12.30.2006 no virus found F-Prot 3.16f 12.30.2006 no virus found F-Prot4 4.2.1.29 12.30.2006 no virus found Ikarus T3.1.0.27 12.30.2006 no virus found Kaspersky 4.0.2.24 12.30.2006 no virus found McAfee 4929 12.29.2006 no virus found Microsoft 1.1904 12.30.2006 no virus found NOD32v2 1949 12.30.2006 no virus found Norman 5.80.02 12.29.2006 no virus found Panda 9.0.0.4 12.30.2006 no virus found Prevx1 V2 12.30.2006 no virus found Sophos 4.13.0 12.30.2006 no virus found Sunbelt 2.2.907.0 12.18.2006 no virus found TheHacker 6.0.3.139 12.29.2006 no virus found UNA 1.83 12.29.2006 no virus found VBA32 3.11.1 12.30.2006 no virus found VirusBuster 4.3.19:9 12.30.2006 no virus found Aditional Information File size: 6656 bytes MD5: d796fb313840aeb45fcff441d15eac0e SHA1: c137b05e9c29692893ab6740ad567fe0fe593074 ================================================= Antivirus Version Update Result AntiVir 7.3.0.21 12.30.2006 no virus found Authentium 4.93.8 12.30.2006 no virus found Avast 4.7.892.0 12.30.2006 no virus found AVG 386 12.30.2006 no virus found BitDefender 7.2 12.30.2006 no virus found CAT-QuickHeal 8.00 12.30.2006 no virus found ClamAV devel-20060426 12.30.2006 no virus found DrWeb 4.33 12.30.2006 no virus found eSafe 7.0.14.0 12.30.2006 Win32.Xorpix.al eTrust-InoculateIT 23.73.102 12.30.2006 no virus found eTrust-Vet 30.3.3289 12.29.2006 no virus found Ewido 4.0 12.30.2006 Trojan.Small Fortinet 2.82.0.0 12.30.2006 no virus found F-Prot 3.16f 12.30.2006 no virus found F-Prot4 4.2.1.29 12.30.2006 no virus found Ikarus T3.1.0.27 12.30.2006 no virus found Kaspersky 4.0.2.24 12.30.2006 no virus found McAfee 4929 12.29.2006 no virus found Microsoft 1.1904 12.30.2006 no virus found NOD32v2 1949 12.30.2006 no virus found Norman 5.80.02 12.29.2006 no virus found Panda 9.0.0.4 12.30.2006 no virus found Prevx1 V2 12.30.2006 Polymorphic Trojans Sophos 4.13.0 12.30.2006 no virus found Sunbelt 2.2.907.0 12.18.2006 no virus found TheHacker 6.0.3.139 12.29.2006 no virus found UNA 1.83 12.29.2006 no virus found VBA32 3.11.1 12.30.2006 no virus found VirusBuster 4.3.19:9 12.30.2006 no virus found Aditional Information File size: 2 bytes MD5: 4f3dd0ffb3e41c5f74b5b0d8c1f10bb5 SHA1: e688cf7414fb701c4495010d43a4eaaaeac71768 Prevx info: http://fileinfo.prevx.com/fileinfo.asp?PXC=4f3d691635 =================================================== Antivirus Version Update Result AntiVir 7.3.0.21 12.30.2006 no virus found Authentium 4.93.8 12.30.2006 no virus found Avast 4.7.892.0 12.30.2006 no virus found AVG 386 12.30.2006 no virus found BitDefender 7.2 12.30.2006 no virus found CAT-QuickHeal 8.00 12.30.2006 no virus found ClamAV devel-20060426 12.30.2006 no virus found DrWeb 4.33 12.30.2006 no virus found eSafe 7.0.14.0 12.30.2006 no virus found eTrust-InoculateIT 23.73.102 12.30.2006 no virus found eTrust-Vet 30.3.3289 12.29.2006 no virus found Ewido 4.0 12.30.2006 no virus found Fortinet 2.82.0.0 12.30.2006 no virus found F-Prot 3.16f 12.30.2006 no virus found F-Prot4 4.2.1.29 12.30.2006 no virus found Ikarus T3.1.0.27 12.30.2006 no virus found Kaspersky 4.0.2.24 12.30.2006 no virus found McAfee 4929 12.29.2006 no virus found Microsoft 1.1904 12.30.2006 no virus found NOD32v2 1949 12.30.2006 no virus found Norman 5.80.02 12.29.2006 no virus found Panda 9.0.0.4 12.30.2006 no virus found Prevx1 V2 12.30.2006 no virus found Sophos 4.13.0 12.30.2006 no virus found Sunbelt 2.2.907.0 12.18.2006 no virus found TheHacker 6.0.3.139 12.29.2006 no virus found UNA 1.83 12.29.2006 no virus found VBA32 3.11.1 12.30.2006 no virus found VirusBuster 4.3.19:9 12.30.2006 no virus found Aditional Information File size: 512 bytes MD5: 3da8d9a4841057591791677039e420ff SHA1: c1250e0b07a36c5689192be938d2c96e793e6a99 ================================================= Complete scanning result of "vbzip10.dll", received in VirusTotal at 12.30.2006, 22:06:14 (CET). Antivirus Version Update Result AntiVir 7.3.0.21 12.30.2006 no virus found Authentium 4.93.8 12.30.2006 no virus found Avast 4.7.892.0 12.30.2006 no virus found AVG 386 12.30.2006 no virus found BitDefender 7.2 12.30.2006 no virus found CAT-QuickHeal 8.00 12.30.2006 no virus found ClamAV devel-20060426 12.30.2006 no virus found DrWeb 4.33 12.30.2006 no virus found eSafe 7.0.14.0 12.30.2006 no virus found eTrust-InoculateIT 23.73.102 12.30.2006 no virus found eTrust-Vet 30.3.3289 12.29.2006 no virus found Ewido 4.0 12.30.2006 no virus found Fortinet 2.82.0.0 12.30.2006 no virus found F-Prot 3.16f 12.30.2006 no virus found F-Prot4 4.2.1.29 12.30.2006 no virus found Ikarus T3.1.0.27 12.30.2006 no virus found Kaspersky 4.0.2.24 12.30.2006 no virus found McAfee 4929 12.29.2006 no virus found Microsoft 1.1904 12.30.2006 no virus found NOD32v2 1949 12.30.2006 no virus found Norman 5.80.02 12.29.2006 no virus found Panda 9.0.0.4 12.30.2006 no virus found Prevx1 V2 12.30.2006 no virus found Sophos 4.13.0 12.30.2006 no virus found Sunbelt 2.2.907.0 12.18.2006 no virus found TheHacker 6.0.3.139 12.29.2006 no virus found UNA 1.83 12.29.2006 Backdoor.IRCBot.29C4 VBA32 3.11.1 12.30.2006 no virus found VirusBuster 4.3.19:9 12.30.2006 no virus found Aditional Information File size: 147456 bytes MD5: 5b25690cc2e55a6d4bc965068a7ba1ef SHA1: 58a5f2613df475b69e60b691215d5c60462cedb3 ============================================== Complete scanning result of "taskkill.exe", received in VirusTotal at 12.30.2006, 22:11:40 (CET). Antivirus Version Update Result AntiVir 7.3.0.21 12.30.2006 no virus found Authentium 4.93.8 12.30.2006 no virus found Avast 4.7.892.0 12.30.2006 no virus found AVG 386 12.30.2006 no virus found BitDefender 7.2 12.30.2006 no virus found CAT-QuickHeal 8.00 12.30.2006 no virus found ClamAV devel-20060426 12.30.2006 no virus found DrWeb 4.33 12.30.2006 no virus found eSafe 7.0.14.0 12.30.2006 no virus found eTrust-InoculateIT 23.73.102 12.30.2006 no virus found eTrust-Vet 30.3.3289 12.29.2006 no virus found Ewido 4.0 12.30.2006 no virus found Fortinet 2.82.0.0 12.30.2006 no virus found F-Prot 3.16f 12.30.2006 no virus found F-Prot4 4.2.1.29 12.30.2006 no virus found Ikarus T3.1.0.27 12.30.2006 no virus found Kaspersky 4.0.2.24 12.30.2006 no virus found McAfee 4929 12.29.2006 no virus found Microsoft 1.1904 12.30.2006 no virus found NOD32v2 1949 12.30.2006 no virus found Norman 5.80.02 12.29.2006 no virus found Panda 9.0.0.4 12.30.2006 no virus found Prevx1 V2 12.30.2006 no virus found Sophos 4.13.0 12.30.2006 no virus found Sunbelt 2.2.907.0 12.18.2006 no virus found TheHacker 6.0.3.139 12.29.2006 no virus found UNA 1.83 12.29.2006 no virus found VBA32 3.11.1 12.30.2006 no virus found VirusBuster 4.3.19:9 12.30.2006 no virus found Aditional Information File size: 0 bytes MD5: d41d8cd98f00b204e9800998ecf8427e SHA1: da39a3ee5e6b4b0d3255bfef95601890afd80709 ================================================== Complete scanning result of "b.exe", received in VirusTotal at 12.30.2006, 22:14:35 (CET). Antivirus Version Update Result AntiVir 7.3.0.21 12.30.2006 no virus found Authentium 4.93.8 12.30.2006 no virus found Avast 4.7.892.0 12.30.2006 no virus found AVG 386 12.30.2006 no virus found BitDefender 7.2 12.30.2006 no virus found CAT-QuickHeal 8.00 12.30.2006 no virus found ClamAV devel-20060426 12.30.2006 no virus found DrWeb 4.33 12.30.2006 no virus found eSafe 7.0.14.0 12.30.2006 no virus found eTrust-InoculateIT 23.73.102 12.30.2006 no virus found eTrust-Vet 30.3.3289 12.29.2006 no virus found Ewido 4.0 12.30.2006 no virus found Fortinet 2.82.0.0 12.30.2006 no virus found F-Prot 3.16f 12.30.2006 no virus found F-Prot4 4.2.1.29 12.30.2006 no virus found Ikarus T3.1.0.27 12.30.2006 no virus found Kaspersky 4.0.2.24 12.30.2006 no virus found McAfee 4929 12.29.2006 no virus found Microsoft 1.1904 12.30.2006 no virus found NOD32v2 1949 12.30.2006 no virus found Norman 5.80.02 12.29.2006 no virus found Panda 9.0.0.4 12.30.2006 no virus found Prevx1 V2 12.30.2006 no virus found Sophos 4.13.0 12.30.2006 no virus found Sunbelt 2.2.907.0 12.18.2006 no virus found TheHacker 6.0.3.139 12.29.2006 no virus found UNA 1.83 12.29.2006 no virus found VBA32 3.11.1 12.30.2006 no virus found VirusBuster 4.3.19:9 12.30.2006 no virus found Aditional Information File size: 0 bytes MD5: d41d8cd98f00b204e9800998ecf8427e SHA1: da39a3ee5e6b4b0d3255bfef95601890afd80709 ================================================ Complete scanning result of "install.exe", received in VirusTotal at 12.30.2006, 22:17:22 (CET). Antivirus Version Update Result AntiVir 7.3.0.21 12.30.2006 ADSPY/MaxSearch.1 Authentium 4.93.8 12.30.2006 no virus found Avast 4.7.892.0 12.30.2006 no virus found AVG 386 12.30.2006 no virus found BitDefender 7.2 12.30.2006 no virus found CAT-QuickHeal 8.00 12.30.2006 Adware.MaxSearch (Not a Virus) ClamAV devel-20060426 12.30.2006 no virus found DrWeb 4.33 12.30.2006 no virus found eSafe 7.0.14.0 12.30.2006 Spyware.MaxSearch eTrust-InoculateIT 23.73.102 12.30.2006 no virus found eTrust-Vet 30.3.3289 12.29.2006 no virus found Ewido 4.0 12.30.2006 no virus found Fortinet 2.82.0.0 12.30.2006 Matcash!tr F-Prot 3.16f 12.30.2006 no virus found F-Prot4 4.2.1.29 12.30.2006 no virus found Ikarus T3.1.0.27 12.30.2006 no virus found Kaspersky 4.0.2.24 12.30.2006 no virus found McAfee 4929 12.29.2006 Matcash Microsoft 1.1904 12.30.2006 no virus found NOD32v2 1949 12.30.2006 no virus found Norman 5.80.02 12.29.2006 no virus found Panda 9.0.0.4 12.30.2006 Adware/Maxifiles Prevx1 V2 12.30.2006 Malware:SysCovert Sophos 4.13.0 12.30.2006 no virus found Sunbelt 2.2.907.0 12.18.2006 no virus found TheHacker 6.0.3.139 12.29.2006 no virus found UNA 1.83 12.29.2006 no virus found VBA32 3.11.1 12.30.2006 no virus found VirusBuster 4.3.19:9 12.30.2006 no virus found Aditional Information File size: 93509 bytes MD5: 6f9093d44a7e0f058a3434c41d72b3f0 SHA1: eb70eccc4ed322a7f29afc20c1162efda69826e3 Prevx info: http://fileinfo.prevx.com/fileinfo.asp?PXC=f97065109363 ===================================================== Complete scanning result of "Oreans.sys", received in VirusTotal at 12.30.2006, 22:20:39 (CET). Antivirus Version Update Result AntiVir 7.3.0.21 12.30.2006 no virus found Authentium 4.93.8 12.30.2006 no virus found Avast 4.7.892.0 12.30.2006 no virus found AVG 386 12.30.2006 no virus found BitDefender 7.2 12.30.2006 no virus found CAT-QuickHeal 8.00 12.30.2006 no virus found ClamAV devel-20060426 12.30.2006 no virus found DrWeb 4.33 12.30.2006 no virus found eSafe 7.0.14.0 12.30.2006 no virus found eTrust-InoculateIT 23.73.102 12.30.2006 no virus found eTrust-Vet 30.3.3289 12.29.2006 no virus found Ewido 4.0 12.30.2006 no virus found Fortinet 2.82.0.0 12.30.2006 no virus found F-Prot 3.16f 12.30.2006 no virus found F-Prot4 4.2.1.29 12.30.2006 no virus found Ikarus T3.1.0.27 12.30.2006 no virus found Kaspersky 4.0.2.24 12.30.2006 no virus found McAfee 4929 12.29.2006 no virus found Microsoft 1.1904 12.30.2006 no virus found NOD32v2 1949 12.30.2006 no virus found Norman 5.80.02 12.29.2006 no virus found Panda 9.0.0.4 12.30.2006 no virus found Prevx1 V2 12.30.2006 no virus found Sophos 4.13.0 12.30.2006 no virus found Sunbelt 2.2.907.0 12.18.2006 no virus found TheHacker 6.0.3.139 12.29.2006 no virus found UNA 1.83 12.29.2006 no virus found VBA32 3.11.1 12.30.2006 no virus found VirusBuster 4.3.19:9 12.30.2006 no virus found Aditional Information File size: 41888 bytes MD5: 61fb906541b1aafae0932ef42fd9eff3 SHA1: f9516f8fc7dbb453c13d4c68040618b4af060fe7 [/u] |
|
|
||
31.12.2006, 14:15
Ehrenmitglied
Beiträge: 29434 |
#40
Den folgenden Text in den Editor (Start - Zubehör - Editor) kopieren und als list.bat mit 'Speichern unter' auf dem Desktop. Gebe bei Dateityp 'Alle Dateien' an. Du solltest jetzt auf dem Desktop diese Datei finden.--> die list.bat doppelt klicken--> kopiere den Text, der erscheint
Zitat cd\ __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
31.12.2006, 14:23
Member
Beiträge: 11 |
#41
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: 3C42-492C Verzeichnis von C:\WINDOWS\Downloaded Program Files 24.08.2006 08:28 141.424 asinst.dll 22.08.2006 09:06 537 asinst.inf 14.10.1997 17:52 697 DirectAnimation Java Classes.osd 25.07.2002 17:13 24.576 dwusplay.dll 25.07.2002 17:13 196.608 dwusplay.exe 11.08.2005 15:30 417.792 isusweb.dll 20.01.2000 14:25 1.162 Microsoft XML Parser for Java.osd 26.05.2005 03:19 293 muweb.inf 22.06.2006 10:41 5.032 swflash.inf 26.05.2005 03:19 291 wuweb.inf 10 Datei(en) 788.412 Bytes 0 Verzeichnis(se), 83.680.010.240 Bytes frei Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 3C42-492C Verzeichnis von C:\Programme Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 3C42-492C Verzeichnis von C:\Dokumente und Einstellungen\Xphstos 30.12.2006 16:51 <DIR> . 30.12.2006 16:51 <DIR> .. 26.09.2006 11:56 <DIR> Application Data 03.12.2006 13:12 <DIR> Contacts 30.12.2006 10:20 331 default.pls 31.12.2006 14:22 <DIR> Desktop 30.12.2006 17:40 <DIR> DoctorWeb 30.12.2006 21:00 <DIR> Eigene Dateien 19.12.2006 14:05 <DIR> Favoriten 15.12.2006 18:03 <DIR> Incomplete 29.12.2006 19:55 93.509 install.exe 31.12.2006 14:19 4.980.736 ntuser.dat 29.12.2006 19:25 5.242.880 ntuser.dat_BAK_87382 14.10.2006 15:05 <DIR> Startmen 19.09.2006 20:42 <DIR> WINDOWS 4 Datei(en) 10.317.456 Bytes 11 Verzeichnis(se), 83.680.006.144 Bytes frei Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 3C42-492C Verzeichnis von C:\ Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 3C42-492C Verzeichnis von C:\Dokumente und Einstellungen\Xphstos\Lokale Einstellungen\Temporary Internet Files\Content.IE5 31.12.2006 14:21 32.768 index.dat 1 Datei(en) 32.768 Bytes 0 Verzeichnis(se), 83.680.006.144 Bytes frei Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 3C42-492C Verzeichnis von C:\Dokumente und Einstellungen\Xphstos\Lokale Einstellungen\Temp 31.12.2006 11:49 <DIR> . 31.12.2006 11:49 <DIR> .. 31.12.2006 00:02 <DIR> e4j36.tmp_dir6032 31.12.2006 00:03 <DIR> e4j38.tmp_dir6137 30.12.2006 21:25 54.272 ginstall.dll 31.12.2006 00:03 <DIR> hsperfdata_Xphstos 31.12.2006 11:54 519 jusched.log 31.12.2006 11:49 <DIR> WPDNSE 30.12.2006 21:05 398 ~3.tmp 3 Datei(en) 55.189 Bytes 6 Verzeichnis(se), 83.680.006.144 Bytes frei Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 3C42-492C Verzeichnis von C:\WINDOWS\Temp 31.12.2006 11:52 <DIR> . 31.12.2006 11:52 <DIR> .. 30.12.2006 21:05 318 MSI3dfc2.LOG 31.12.2006 11:48 255 WGAErrLog.txt 31.12.2006 11:49 409 WGANotify.settings 3 Datei(en) 982 Bytes 2 Verzeichnis(se), 83.680.002.048 Bytes frei Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 3C42-492C Verzeichnis von C:\ Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 3C42-492C Verzeichnis von C:\Programme 30.12.2006 21:00 <DIR> . 30.12.2006 21:00 <DIR> .. 30.09.2006 14:27 <DIR> Adobe 17.12.2006 09:30 <DIR> ASIBA 19.09.2006 21:38 <DIR> ATI Technologies 20.09.2006 20:11 <DIR> Azureus 13.07.2006 12:58 221.303 CDLabelCheck.dll 30.12.2006 20:16 <DIR> CleanUp! 17.09.2006 12:21 <DIR> ComPlus Applications 17.12.2006 09:30 <DIR> Corel 19.10.2006 13:04 <DIR> eBay 29.12.2006 22:33 <DIR> eMule 18.12.2006 16:57 <DIR> EUROSYSTEMS 30.12.2006 12:37 <DIR> ewido 29.09.2006 05:44 <DIR> FitSMS2 30.12.2006 21:02 <DIR> Gemeinsame Dateien 14.10.2006 11:49 <DIR> help 30.12.2006 20:19 <DIR> Internet Explorer 19.09.2006 19:24 <DIR> Ipswitch 27.12.2006 20:37 <DIR> Java 29.12.2006 19:45 <DIR> Kaspersky Lab 30.12.2006 10:39 <DIR> Lavasoft 30.12.2006 20:21 <DIR> Lexmark X6100 Series 14.10.2006 11:49 <DIR> lib 14.10.2006 16:27 <DIR> Macromedia 30.12.2006 20:23 <DIR> Messenger 17.09.2006 12:23 <DIR> microsoft frontpage 19.09.2006 19:30 <DIR> Microsoft Office 19.09.2006 19:26 <DIR> Microsoft.NET 19.09.2006 22:08 <DIR> Movie Maker 31.12.2006 14:17 <DIR> Mozilla Firefox 17.09.2006 12:21 <DIR> MSN 17.09.2006 12:21 <DIR> MSN Gaming Zone 30.12.2006 20:26 <DIR> MSN Messenger 26.09.2006 12:51 <DIR> Nero 19.09.2006 22:06 <DIR> NetMeeting 14.10.2006 11:49 <DIR> newtuku 17.09.2006 12:21 <DIR> Online Services 17.09.2006 12:22 <DIR> Online-Dienste 15.12.2006 03:03 <DIR> Outlook Express 15.12.2006 17:30 <DIR> P2 30.12.2006 02:44 <DIR> PeDevice 17.12.2006 09:42 <DIR> procutz 14.10.2006 11:51 <DIR> progeng 14.10.2006 12:11 <DIR> samples 17.12.2006 11:34 <DIR> SignCut X2 30.09.2006 14:34 <DIR> Smart Projects 13.11.2006 19:24 <DIR> Sony Ericsson 30.12.2006 20:28 <DIR> Spybot - Search & Destroy 30.12.2006 20:28 <DIR> TuneUp Utilities 2007 14.10.2006 11:49 23.796 Uninst.isu 20.09.2006 04:58 <DIR> VideoLAN 19.09.2006 22:39 <DIR> Windows Media Player 19.09.2006 22:06 <DIR> Windows NT 30.12.2006 20:28 <DIR> WinRAR 17.09.2006 12:23 <DIR> xerox 15.11.2006 10:20 <DIR> Zoner 2 Datei(en) 245.099 Bytes 55 Verzeichnis(se), 83.680.002.048 Bytes frei Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 3C42-492C Verzeichnis von C:\Dokumente und Einstellungen\Xphstos\Lokale Einstellungen\Anwendungsdaten 30.09.2006 14:37 <DIR> Adobe 26.09.2006 15:48 <DIR> Ahead 19.09.2006 21:40 <DIR> ATI 30.12.2006 10:16 109.056 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 17.12.2006 16:45 1.775.088 GDIPFONTCACHEV1.DAT 03.12.2006 20:54 <DIR> Help 17.09.2006 15:22 <DIR> Identities 19.12.2006 21:48 <DIR> Microsoft 17.09.2006 13:26 <DIR> Mozilla 03.12.2006 12:08 <DIR> Sony Ericsson 2 Datei(en) 1.884.144 Bytes 8 Verzeichnis(se), 83.679.997.952 Bytes frei Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 3C42-492C Verzeichnis von C:\Dokumente und Einstellungen\Xphstos\Anwendungsdaten 15.10.2006 08:28 <DIR> Adobe 30.09.2006 14:37 <DIR> AdobeUM 03.10.2006 10:02 <DIR> Ahead 19.09.2006 21:40 <DIR> ATI 31.12.2006 11:05 <DIR> Azureus 11.11.2006 19:18 <DIR> Corel 20.09.2006 20:05 <DIR> DVD Shrink 23.09.2006 16:36 <DIR> dvdcss 03.12.2006 20:54 <DIR> Help 17.09.2006 12:28 <DIR> Identities 19.09.2006 19:24 <DIR> Ipswitch 14.10.2006 11:07 <DIR> Kazaa Lite 30.12.2006 10:39 <DIR> Lavasoft 16.10.2006 18:41 <DIR> Macromedia 17.09.2006 13:26 <DIR> Mozilla 24.10.2006 12:10 <DIR> Sun 13.11.2006 19:27 <DIR> Teleca 17.09.2006 13:58 <DIR> TuneUp Software 20.09.2006 04:58 <DIR> vlc 15.11.2006 10:21 <DIR> Zoner 0 Datei(en) 0 Bytes 20 Verzeichnis(se), 83.679.997.952 Bytes frei Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 3C42-492C Verzeichnis von C:\Dokumente und Einstellungen\All Users\Anwendungsdaten 30.09.2006 14:29 <DIR> Adobe 20.09.2006 20:08 <DIR> Adobe Systems 13.10.2006 22:39 <DIR> Borland 13.10.2006 21:41 <DIR> Corel 13.10.2006 21:43 <DIR> InstallShield 19.09.2006 19:24 <DIR> Ipswitch 29.12.2006 19:45 <DIR> Kaspersky Lab 14.10.2006 16:23 <DIR> Macromedia 13.11.2006 19:25 <DIR> Sony Ericsson 30.12.2006 00:41 <DIR> Spybot - Search & Destroy 13.11.2006 19:25 <DIR> Teleca 17.09.2006 13:58 <DIR> TuneUp Software 17.09.2006 13:56 <DIR> Windows Genuine Advantage 0 Datei(en) 0 Bytes 13 Verzeichnis(se), 83.679.997.952 Bytes frei Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 3C42-492C Verzeichnis von C:\Programme\Gemeinsame Dateien 30.12.2006 21:02 <DIR> . 30.12.2006 21:02 <DIR> .. 22.09.2006 15:39 <DIR> Adobe 20.09.2006 20:08 <DIR> Adobe Systems Shared 26.09.2006 12:51 <DIR> Ahead 11.11.2006 19:15 <DIR> Corel 16.12.2006 18:29 <DIR> DESIGNER 17.09.2006 12:22 <DIR> Dienste 13.10.2006 21:43 <DIR> InstallShield 20.09.2006 05:07 <DIR> Java 14.10.2006 16:25 <DIR> Macromedia 14.10.2006 15:05 <DIR> Microsoft Shared 17.09.2006 12:21 <DIR> MSSoap 17.09.2006 13:12 <DIR> ODBC 17.09.2006 13:12 <DIR> SpeechEngines 15.12.2006 03:03 <DIR> System 13.11.2006 19:25 <DIR> Teleca Shared 15.12.2006 17:45 <DIR> Wise Installation Wizard 0 Datei(en) 0 Bytes 18 Verzeichnis(se), 83.679.997.952 Bytes frei Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 3C42-492C Verzeichnis von C:\Programme\Gemeinsame Dateien Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 3C42-492C Verzeichnis von C:\Programme\Gemeinsame Dateien Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 3C42-492C Verzeichnis von C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders 19.09.2006 19:27 <DIR> . 19.09.2006 19:27 <DIR> .. 19.09.2006 19:27 <DIR> 1031 19.09.2006 19:27 <DIR> 1033 11.07.2003 01:15 1.292.872 MSONSEXT.DLL 14.07.2003 21:52 35.896 MSOSV.DLL 19.03.1999 21:46 127.032 MSOWS407.DLL 04.06.1999 14:09 122.937 MSOWS409.DLL 11.07.2003 01:25 80.448 PKMWS.DLL 5 Datei(en) 1.659.185 Bytes 4 Verzeichnis(se), 83.679.993.856 Bytes frei |
|
|
||
31.12.2006, 15:15
Ehrenmitglied
Beiträge: 29434 |
#42
««
arbeite die p2pnetwork.bfu - genau nach Anweisung ab http://virus-protect.org/artikel/bfu/p2pbfuhtml.html nur die bfu abarbeiten, alle andere Anweisungen auf der seite ignoriere.... _____________________________________________________________ «« Avenger http://virus-protect.org/artikel/tools/avenger.html kopiere rein (ohne "Zitat" ) Zitat Files to delete:Klicke die grüne Ampel das Script wird nun ausgeführt, dann wird der PC automatisch neustarten »» lösche das Backup vom Avenger unter C:\Avenger\backup.zip + leere den Papierkorb «« öffne das HijackThis -- Button "scan" -- vor diese Einträge Häkchen setzen -- Button "Fix checked" -- PC neustarten Zitat R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssbPC neustarten «« Download Registry Search by Bobbi Flekman http://virus-protect.org/artikel/tools/regsearch.html und doppelklicken, um zu starten. in: "Enter search strings" (reinschreiben oder reinkopieren) XPROTECTOR in edit und klicke "Ok". Notepad wird sich öffnen -- kopiere den Text ab und poste ihn. __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
mein freund hat sich auch nen trojaner und viel mehr eingefangen. kannst du uns weiterhelfen und was sollen wir tun?