Dialer oder Virus - exorbitante Tel-Rechnung |
||
---|---|---|
#0
| ||
24.01.2007, 14:07
Member
Beiträge: 25 |
||
|
||
24.01.2007, 14:16
Member
Themenstarter Beiträge: 25 |
#2
Spybot hat einiges gefunden - ich darf aber vorläufig nix reparieren wegen der Beweissicherung bezüglich Telefonrechnung:
--- Search result list --- Microsoft.WindowsSecurityCenter.AntiVirusDisableNotify: Einstellungen (Registrierungsdatenbank-Änderung, nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify!=dword:0 Microsoft.WindowsSecurityCenter.FirewallDisableNotify: Einstellungen (Registrierungsdatenbank-Änderung, nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify!=dword:0 Microsoft.WindowsSecurityCenter_disabled: Einstellungen (Registrierungsdatenbank-Änderung, nothing done) HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc\Start!=W=2 180Solutions.SearchAssistant: Interface (Registrierungsdatenbank-Schlüssel, nothing done) HKEY_CLASSES_ROOT\Interface\{F1F1E775-1B21-454D-8D38-7C16519969E5} 180Solutions.SearchAssistant: Root class (Registrierungsdatenbank-Schlüssel, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\ClientAX.RequiredComponent 180Solutions.SearchAssistant: Root class (Registrierungsdatenbank-Schlüssel, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\ClientAX.RequiredComponent.1 180Solutions.SearchAssistant: Class ID (Registrierungsdatenbank-Schlüssel, nothing done) HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{0AC49246-419B-4EE0-8917-8818DAAD6A4E} Zango: Daten (Datei, nothing done) C:\Programme\Seekmo\seekmo_gdf.dat Zango: Interface (Registrierungsdatenbank-Schlüssel, nothing done) HKEY_CLASSES_ROOT\Interface\{031CBF6A-C70E-4177-A0D4-C5268EE311FB} Zango: Programmgruppe (Verzeichnis, nothing done) C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Seekmo Search Assistant\ HitBox: Verfolgender Cookie (Internet Explorer: NoldeP) (Cookie, nothing done) CasaleMedia: Verfolgender Cookie (Internet Explorer: NoldeP) (Cookie, nothing done) SexTracker: Verfolgender Cookie (Internet Explorer: NoldeP) (Cookie, nothing done) ReliableStats: Verfolgender Cookie (Internet Explorer: NoldeP) (Cookie, nothing done) HitBox: Verfolgender Cookie (Internet Explorer: NoldeP) (Cookie, nothing done) CoolWWWSearch: Verfolgender Cookie (Internet Explorer: NoldeP) (Cookie, nothing done) Statcounter: Verfolgender Cookie (Internet Explorer: NoldeP) (Cookie, nothing done) SexTracker: Verfolgender Cookie (Internet Explorer: NoldeP) (Cookie, nothing done) SexList: Verfolgender Cookie (Internet Explorer: NoldeP) (Cookie, nothing done) Winsoftware.WinAntiVirusPro2006: Verfolgender Cookie (Internet Explorer: NoldeP) (Cookie, nothing done) WinFixer: Verfolgender Cookie (Internet Explorer: NoldeP) (Cookie, nothing done) WinFixer: Verfolgender Cookie (Internet Explorer: NoldeP) (Cookie, nothing done) SexTracker: Verfolgender Cookie (Internet Explorer: NoldeP) (Cookie, nothing done) CasinoPopupStuff: Verfolgender Cookie (Internet Explorer: NoldeP) (Cookie, nothing done) SexTracker: Verfolgender Cookie (Internet Explorer: NoldeP) (Cookie, nothing done) Winsoftware.WinAntiVirusPro2006: Verfolgender Cookie (Internet Explorer: NoldeP) (Cookie, nothing done) SexTracker: Verfolgender Cookie (Internet Explorer: NoldeP) (Cookie, nothing done) SexTracker: Verfolgender Cookie (Internet Explorer: NoldeP) (Cookie, nothing done) CoolWWWSearch: Verfolgender Cookie (Internet Explorer: NoldeP) (Cookie, nothing done) Win32.Small.ddx: Verfolgender Cookie (Internet Explorer: NoldeP) (Cookie, nothing done) 7FaSSt: Verfolgender Cookie (Internet Explorer: NoldeP) (Cookie, nothing done) ErrorSafe: Verfolgender Cookie (Internet Explorer: NoldeP) (Cookie, nothing done) Zedo: Verfolgender Cookie (Internet Explorer: NoldeP) (Cookie, nothing done) MediaPlex: Verfolgender Cookie (Internet Explorer: NoldeP) (Cookie, nothing done) Winsoftware.WinAntiVirusPro2006: Verfolgender Cookie (Internet Explorer: NoldeP) (Cookie, nothing done) CoolWWWSearch: Verfolgender Cookie (Internet Explorer: NoldeP) (Cookie, nothing done) Smitfraud-C.: Verfolgender Cookie (Internet Explorer: NoldeP) (Cookie, nothing done) ErrorSafe: Verfolgender Cookie (Internet Explorer: NoldeP) (Cookie, nothing done) CurePCSolution: Verfolgender Cookie (Internet Explorer: NoldeP) (Cookie, nothing done) CoolWWWSearch: Verfolgender Cookie (Internet Explorer: NoldeP) (Cookie, nothing done) SexTracker: Verfolgender Cookie (Internet Explorer: NoldeP) (Cookie, nothing done) CoolWWWSearch: Verfolgender Cookie (Internet Explorer: NoldeP) (Cookie, nothing done) Tradedoubler: Verfolgender Cookie (Internet Explorer: NoldeP) (Cookie, nothing done) CoolWWWSearch: Verfolgender Cookie (Internet Explorer: NoldeP) (Cookie, nothing done) ErrorSafe: Verfolgender Cookie (Internet Explorer: NoldeP) (Cookie, nothing done) CoolWWWSearch: Verfolgender Cookie (Internet Explorer: NoldeP) (Cookie, nothing done) LinkSynergy: Verfolgender Cookie (Internet Explorer: NoldeP) (Cookie, nothing done) HitBox: Verfolgender Cookie (Internet Explorer: NoldeP) (Cookie, nothing done) SystemDoctor2006: Verfolgender Cookie (Internet Explorer: NoldeP) (Cookie, nothing done) Marketengines: Verfolgender Cookie (Internet Explorer: NoldeP) (Cookie, nothing done) DoubleClick: Verfolgender Cookie (Internet Explorer: NoldeP) (Cookie, nothing done) SystemDoctor2006: Verfolgender Cookie (Internet Explorer: NoldeP) (Cookie, nothing done) Zedo: Verfolgender Cookie (Internet Explorer: NoldeP) (Cookie, nothing done) SexTracker: Verfolgender Cookie (Internet Explorer: NoldeP) (Cookie, nothing done) TagASaurus: Verfolgender Cookie (Internet Explorer: NoldeP) (Cookie, nothing done) SexTracker: Verfolgender Cookie (Internet Explorer: NoldeP) (Cookie, nothing done) SexTracker: Verfolgender Cookie (Internet Explorer: NoldeP) (Cookie, nothing done) SexTracker: Verfolgender Cookie (Internet Explorer: NoldeP) (Cookie, nothing done) Avenue A, Inc.: Verfolgender Cookie (Internet Explorer: NoldeP) (Cookie, nothing done) SexTracker: Verfolgender Cookie (Internet Explorer: NoldeP) (Cookie, nothing done) HitBox: Verfolgender Cookie (Internet Explorer: NoldeP) (Cookie, nothing done) --- Spybot - Search & Destroy version: 1.4 (build: 20050523) --- 2005-05-31 blindman.exe (1.0.0.1) 2005-05-31 SpybotSD.exe (1.4.0.3) 2005-05-31 TeaTimer.exe (1.4.0.2) 2007-01-23 unins000.exe (51.41.0.0) 2005-05-31 Update.exe (1.4.0.0) 2007-01-15 advcheck.dll (1.2.1.0) 2005-05-31 aports.dll (2.1.0.0) 2005-05-31 borlndmm.dll (7.0.4.453) 2005-05-31 delphimm.dll (7.0.4.453) 2005-05-31 SDHelper.dll (1.4.0.0) 2005-05-31 Tools.dll (2.0.0.2) 2005-05-31 UnzDll.dll (1.73.1.1) 2005-05-31 ZipDll.dll (1.73.2.0) 2007-01-19 Includes\Cookies.sbi (*) 2006-12-08 Includes\Dialer.sbi (*) 2007-01-19 Includes\DialerC.sbi (*) 2006-11-24 Includes\Hijackers.sbi (*) 2007-01-19 Includes\HijackersC.sbi (*) 2006-10-27 Includes\Keyloggers.sbi (*) 2007-01-19 Includes\KeyloggersC.sbi (*) 2007-01-12 Includes\Malware.sbi (*) 2007-01-19 Includes\MalwareC.sbi (*) 2007-01-19 Includes\PUPSC.sbi (*) 2007-01-19 Includes\Revision.sbi (*) 2006-12-08 Includes\Security.sbi (*) 2007-01-19 Includes\SecurityC.sbi (*) 2006-10-13 Includes\Spybots.sbi (*) 2007-01-19 Includes\SpybotsC.sbi (*) 2005-02-17 Includes\Tracks.uti 2006-12-08 Includes\Trojans.sbi (*) 2007-01-19 Includes\TrojansC.sbi (*) --- System information --- Windows XP (Build: 2600) Service Pack 2 / .NETFramework / 1.0: Microsoft .NET Framework 1.0 Hotfix (KB887998) / .NETFramework / 1.1: Microsoft .NET Framework 1.1 Hotfix (KB886903) / .NETFramework / 1.1: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) / Media Center 2005 / SP4: Update Rollup 2 für Windows XP Media Center Edition 2005 / Microsoft .NET Framework 2.0: This Security Update is for Microsoft .NET Framework 2.0. \n If you later install a more recent service pack, this Security Update will be uninstalled automatically. \n For more information, visit http://support.microsoft.com/kb/917283 / Microsoft .NET Framework 2.0: This Security Update is for Microsoft .NET Framework 2.0. \n If you later install a more recent service pack, this Security Update will be uninstalled automatically. \n For more information, visit http://support.microsoft.com/kb/922770 / Windows Media Player 10: Sicherheitsupdate für Windows Media Player 10 (KB911565) / Windows Media Player 10: Update für Windows Media Player 10 (KB913800) / Windows Media Player 10: Sicherheitsupdate für Windows Media Player 10 (KB917734) / Windows Media Player 10: Update für Windows Media Player 10 (KB926251) / Windows Media Player 6.4: Sicherheitsupdate für Windows Media Player 6.4 (KB925398) / Windows XP: Sicherheitsupdate für Windows XP (KB923689) / Windows XP / SP3: Windows XP-Hotfix - KB873339 / Windows XP / SP3: Windows XP-Hotfix - KB885250 / Windows XP / SP3: Windows XP-Hotfix - KB885835 / Windows XP / SP3: Windows XP-Hotfix - KB885836 / Windows XP / SP3: Windows XP-Hotfix - KB886185 / Windows XP / SP3: Windows XP-Hotfix - KB887472 / Windows XP / SP3: Windows XP-Hotfix - KB887742 / Windows XP / SP3: Windows XP-Hotfix - KB887797 / Windows XP / SP3: Microsoft .NET Framework 1.0 Hotfix (KB887998) / Windows XP / SP3: Windows XP-Hotfix - KB888113 / Windows XP / SP3: Windows XP-Hotfix - KB888302 / Windows XP / SP3: Hotfix für Windows XP (KB888795) / Windows XP / SP3: Sicherheitsupdate für Windows XP (KB890046) / Windows XP / SP3: Windows XP-Hotfix - KB890859 / Windows XP / SP3: Hotfix für Windows XP (KB891593) / Windows XP / SP3: Windows XP-Hotfix - KB891781 / Windows XP / SP3: Sicherheitsupdate für Windows XP (KB893756) / Windows XP / SP3: Windows Installer 3.1 (KB893803) / Windows XP / SP3: Update für Windows XP (KB894391) / Windows XP / SP3: Sicherheitsupdate für Windows XP (KB896358) / Windows XP / SP3: Sicherheitsupdate für Windows XP (KB896422) / Windows XP / SP3: Sicherheitsupdate für Windows XP (KB896423) / Windows XP / SP3: Sicherheitsupdate für Windows XP (KB896424) / Windows XP / SP3: Sicherheitsupdate für Windows XP (KB896428) / Windows XP / SP3: Update für Windows XP (KB898461) / Windows XP / SP3: Hotfix für Windows XP (KB899337) / Windows XP / SP3: Hotfix für Windows XP (KB899510) / Windows XP / SP3: Sicherheitsupdate für Windows XP (KB899587) / Windows XP / SP3: Sicherheitsupdate für Windows XP (KB899589) / Windows XP / SP3: Sicherheitsupdate für Windows XP (KB899591) / Windows XP / SP3: Update für Windows XP (KB900485) / Windows XP / SP3: Sicherheitsupdate für Windows XP (KB900725) / Windows XP / SP3: Update für Windows XP (KB900930) / Windows XP / SP3: Sicherheitsupdate für Windows XP (KB901017) / Windows XP / SP3: Sicherheitsupdate für Windows XP (KB901214) / Windows XP / SP3: Sicherheitsupdate für Windows XP (KB902400) / Windows XP / SP3: Hotfix für Windows XP (KB902841) / Windows XP / SP3: Sicherheitsupdate für Windows XP (KB904706) / Windows XP / SP3: Update für Windows XP (KB904942) / Windows XP / SP3: Sicherheitsupdate für Windows XP (KB905414) / Windows XP / SP3: Sicherheitsupdate für Windows XP (KB905749) / Windows XP / SP3: Sicherheitsupdate für Windows XP (KB905915) / Windows XP / SP3: Sicherheitsupdate für Windows XP (KB908519) / Windows XP / SP3: Sicherheitsupdate für Windows XP (KB908531) / Windows XP / SP3: Update für Windows XP (KB910437) / Windows XP / SP3: Update für Windows XP (KB911280) / Windows XP / SP3: Sicherheitsupdate für Windows XP (KB911562) / Windows XP / SP3: Sicherheitsupdate für Windows XP (KB911567) / Windows XP / SP3: Sicherheitsupdate für Windows XP (KB911927) / Windows XP / SP3: Hotfix für Windows XP (KB912024) / Windows XP / SP3: Sicherheitsupdate für Windows XP (KB912812) / Windows XP / SP3: Sicherheitsupdate für Windows XP (KB912919) / Windows XP / SP3: Update für Windows XP (KB912945) / Windows XP / SP3: Sicherheitsupdate für Windows XP (KB913446) / Windows XP / SP3: Sicherheitsupdate für Windows XP (KB913580) / Windows XP / SP3: Sicherheitsupdate für Windows XP (KB914388) / Windows XP / SP3: Sicherheitsupdate für Windows XP (KB914389) / Windows XP / SP3: Sicherheitsupdate für Windows XP (KB916281) / Windows XP / SP3: Update für Windows XP (KB916595) / Windows XP / SP3: Sicherheitsupdate für Windows XP (KB917159) / Windows XP / SP3: Sicherheitsupdate für Windows XP (KB917344) / Windows XP / SP3: Sicherheitsupdate für Windows XP (KB917422) / Windows XP / SP3: Sicherheitsupdate für Windows XP (KB917953) / Windows XP / SP3: Sicherheitsupdate für Windows XP (KB918439) / Windows XP / SP3: Sicherheitsupdate für Windows XP (KB918899) / Windows XP / SP3: Sicherheitsupdate für Windows XP (KB919007) / Windows XP / SP3: Sicherheitsupdate für Windows XP (KB920213) / Windows XP / SP3: Sicherheitsupdate für Windows XP (KB920214) / Windows XP / SP3: Sicherheitsupdate für Windows XP (KB920670) / Windows XP / SP3: Sicherheitsupdate für Windows XP (KB920683) / Windows XP / SP3: Sicherheitsupdate für Windows XP (KB920685) / Windows XP / SP3: Update für Windows XP (KB920872) / Windows XP / SP3: Sicherheitsupdate für Windows XP (KB921398) / Windows XP / SP3: Sicherheitsupdate für Windows XP (KB921883) / Windows XP / SP3: Update für Windows XP (KB922582) / Windows XP / SP3: Sicherheitsupdate für Windows XP (KB922616) / Windows XP / SP3: Sicherheitsupdate für Windows XP (KB922760) / Windows XP / SP3: Sicherheitsupdate für Windows XP (KB922819) / Windows XP / SP3: Sicherheitsupdate für Windows XP (KB923191) / Windows XP / SP3: Sicherheitsupdate für Windows XP (KB923414) / Windows XP / SP3: Sicherheitsupdate für Windows XP (KB923694) / Windows XP / SP3: Sicherheitsupdate für Windows XP (KB923980) / Windows XP / SP3: Sicherheitsupdate für Windows XP (KB924191) / Windows XP / SP3: Sicherheitsupdate für Windows XP (KB924270) / Windows XP / SP3: Sicherheitsupdate für Windows XP (KB924496) / Windows XP / SP3: Sicherheitsupdate für Windows XP (KB925454) / Windows XP / SP3: Sicherheitsupdate für Windows XP (KB925486) / Windows XP / SP3: Sicherheitsupdate für Windows XP (KB926255) / Windows XP / SP3: Sicherheitsupdate für Windows XP (KB929969) --- Startup entries list --- Located: HK_LM:Run, Alcmtr command: ALCMTR.EXE file: C:\WINDOWS\ALCMTR.EXE size: 69632 MD5: 8b4cbba1ea526830c7f97e7822e2493a Located: HK_LM:Run, AOLDialer command: C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe file: C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe size: 497240 MD5: 0fbbab949dc3de2377677770d7fe0cfb Located: HK_LM:Run, ATICCC command: "C:\Programme\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay file: C:\Programme\ATI Technologies\ATI.ACE\cli.exe size: 45056 MD5: 64c4c17bf6a40ff1cd21205e6fd415b8 Located: HK_LM:Run, ccApp command: "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe" file: C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe size: 52848 MD5: 8500d5c1affd58e1c0a076689f8aa573 Located: HK_LM:Run, DMXLauncher command: C:\Programme\Roxio\CinePlayer\DMXLauncher.exe file: C:\Programme\Roxio\CinePlayer\DMXLauncher.exe size: 102400 MD5: e34a3b8d11d2b7cbf518d218861ad944 Located: HK_LM:Run, ehTray command: C:\WINDOWS\ehome\ehtray.exe file: C:\WINDOWS\ehome\ehtray.exe size: 64512 MD5: 9c69e6a25f5500501b14af43311f8d8b Located: HK_LM:Run, Eval command: "C:\Programme\Phoenix Technologies\cME\RPro\Eval\Eval.exe" file: C:\Programme\Phoenix Technologies\cME\RPro\Eval\Eval.exe size: 2457600 MD5: 28f9e5cabc804ca135c0590efe262473 Located: HK_LM:Run, farstone command: file: Located: HK_LM:Run, Guard command: "C:\Programme\Phoenix Technologies\cME\Guard\Guard.exe" /background file: C:\Programme\Phoenix Technologies\cME\Guard\Guard.exe size: 573440 MD5: c24f1a4cbedc0c83f53f317cd1396ecc Located: HK_LM:Run, High Definition Audio Property Page Shortcut command: HDAShCut.exe file: C:\WINDOWS\system32\HDAShCut.exe size: 61952 MD5: 9c3b2302b60fb0efb13bc880a5e3e93e Located: HK_LM:Run, ISUSPM Startup command: C:\PROGRA~1\GEMEIN~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup file: C:\PROGRA~1\GEMEIN~1\INSTAL~1\UPDATE~1\ISUSPM.exe size: 221184 MD5: fb9e5c251cf6c37749f296bacb34a69b Located: HK_LM:Run, ISUSScheduler command: "C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe" -start file: C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe size: 81920 MD5: 763dab43bdab27316dbf3373192823d7 Located: HK_LM:Run, QuickTime Task command: "C:\Programme\QuickTime\qttask.exe" -atboottime file: C:\Programme\QuickTime\qttask.exe size: 98304 MD5: 9b4c1812595c389ab9ccf1ff3b315248 Located: HK_LM:Run, RestoreIT! command: "C:\Programme\Phoenix Technologies\cME\RPro\ XP\VBPTASK.EXE" VBStart file: C:\Programme\Phoenix Technologies\cME\RPro\ XP\VBPTASK.EXE size: 118784 MD5: e0b387eb1c7399c2593fef98a0aaac19 Located: HK_LM:Run, RTHDCPL command: RTHDCPL.EXE file: C:\WINDOWS\RTHDCPL.EXE size: 14854144 MD5: 8d6c32d982dc380287d446de1d166e48 Located: HK_CU:Run, CTFMON.EXE command: C:\WINDOWS\system32\ctfmon.exe file: C:\WINDOWS\system32\ctfmon.exe size: 15360 MD5: 7ce20569925df6789c31799f0c538f29 Located: HK_CU:Run, MSMSGS command: "C:\Programme\Messenger\msmsgs.exe" /background file: C:\Programme\Messenger\msmsgs.exe size: 1694208 MD5: 74e6e96c6f0e2eca4edbb7f7a468f259 Located: HK_CU:Run, SpybotSD TeaTimer command: C:\Programme\Spybot - Search & Destroy\TeaTimer.exe file: C:\Programme\Spybot - Search & Destroy\TeaTimer.exe size: 1415824 MD5: 70496eee0ddbe485f658693826f44d38 Located: Startup (allgemein), Adobe Reader - Schnellstart.lnk command: C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe file: C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe size: 29696 MD5: 43362b96870ce8649f4f2ec893da93f0 Located: Startup (allgemein), AOL 9.0 Tray-Symbol.lnk command: C:\Programme\AOL 9.0\aoltray.exe file: C:\Programme\AOL 9.0\aoltray.exe size: 156784 MD5: 0243b985d3b4f7699f922a572bc54057 Located: Startup (Benutzer), StarOffice 7.lnk command: C:\Program Files\StarOffice7\program\quickstart.exe file: C:\Program Files\StarOffice7\program\quickstart.exe size: 122880 MD5: 153ad79557b44557d7cc172027d34db8 Located: WinLogon, AtiExtEvent command: Ati2evxx.dll file: Ati2evxx.dll Located: WinLogon, crypt32chain command: crypt32.dll file: crypt32.dll Located: WinLogon, cryptnet command: cryptnet.dll file: cryptnet.dll Located: WinLogon, cscdll command: cscdll.dll file: cscdll.dll Located: WinLogon, ScCertProp command: wlnotify.dll file: wlnotify.dll Located: WinLogon, Schedule command: wlnotify.dll file: wlnotify.dll Located: WinLogon, sclgntfy command: sclgntfy.dll file: sclgntfy.dll Located: WinLogon, SensLogn command: WlNotify.dll file: WlNotify.dll Located: WinLogon, termsrv command: wlnotify.dll file: wlnotify.dll Located: WinLogon, wlballoon command: wlnotify.dll file: wlnotify.dll --- Browser helper object list --- {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} (NAV Helper) BHO name: NAV Helper CLSID name: CNavExtBho Class Path: C:\Programme\Norton Internet Security\Norton AntiVirus\ Long name: NavShExt.dll Short name: Date (created): 11.10.2005 17:58:06 Date (last access): 23.01.2007 19:33:38 Date (last write): 11.10.2005 17:58:06 Filesize: 140912 Attributes: archive MD5: 4A799EB12582B248D2CAB1F1C71BB9D6 CRC32: BD888F92 Version: 12.0.2.5 --- ActiveX list --- {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) DPF name: CLSID name: WUWebControl Class Installer: C:\WINDOWS\Downloaded Program Files\wuweb.inf Codebase: http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1141546086265 Path: C:\WINDOWS\system32\ Long name: wuweb.dll Short name: Date (created): 03.03.2006 20:25:56 Date (last access): 21.01.2007 00:01:52 Date (last write): 26.05.2005 04:19:32 Filesize: 173536 Attributes: archive MD5: C459F2D5E64C942F3F66E1CD7F1C4C00 CRC32: EEF66B50 Version: 5.8.0.2469 --- Process list --- PID: 0 ( 0) [System] PID: 600 ( 4) \SystemRoot\System32\smss.exe PID: 652 ( 600) \??\C:\WINDOWS\system32\csrss.exe PID: 680 ( 600) \??\C:\WINDOWS\system32\winlogon.exe PID: 724 ( 680) C:\WINDOWS\system32\services.exe size: 108544 MD5: EDB6B81761BD60F32F740BBC40AFB676 PID: 736 ( 680) C:\WINDOWS\system32\lsass.exe size: 13312 MD5: 183805EB05BCA5A1E4AAAED4D2BE3690 PID: 904 ( 724) C:\WINDOWS\system32\Ati2evxx.exe size: 405504 MD5: BBA22521D24625C7A7B8D57FB20A812E PID: 920 ( 724) C:\WINDOWS\system32\svchost.exe size: 14336 MD5: 65A819B121EB6FDAB4400EA42BDFFE64 PID: 972 ( 724) C:\WINDOWS\system32\svchost.exe size: 14336 MD5: 65A819B121EB6FDAB4400EA42BDFFE64 PID: 1016 ( 724) C:\WINDOWS\System32\svchost.exe size: 14336 MD5: 65A819B121EB6FDAB4400EA42BDFFE64 PID: 1104 ( 724) C:\WINDOWS\system32\svchost.exe size: 14336 MD5: 65A819B121EB6FDAB4400EA42BDFFE64 PID: 1132 ( 724) C:\WINDOWS\system32\svchost.exe size: 14336 MD5: 65A819B121EB6FDAB4400EA42BDFFE64 PID: 1192 ( 724) C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe size: 169584 MD5: 436F416AECA76315EFBB6BCFEA374DEF PID: 1316 ( 724) C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe size: 192112 MD5: 937EB691B1F69936FD6F124B49821E83 PID: 1404 ( 724) C:\Programme\Gemeinsame Dateien\Symantec Shared\ccProxy.exe size: 202352 MD5: BFFDC1411B9A0E32D28B0DA51035E128 PID: 1416 ( 724) C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe size: 214672 MD5: D09CFA6D5866ACBDD75AA3888225DFBA PID: 1468 ( 724) C:\Programme\Gemeinsame Dateien\Symantec Shared\SPBBC\SPBBCSvc.exe size: 1160800 MD5: 780DE647691972907D86194577F58C43 PID: 1496 ( 724) C:\Programme\Gemeinsame Dateien\Symantec Shared\CCPD-LC\symlcsvc.exe size: 1119888 MD5: 2DCEF866D958573DE3D9960CD72E9A0C PID: 1720 ( 724) C:\WINDOWS\system32\spoolsv.exe size: 57856 MD5: DA81EC57ACD4CDC3D4C51CF3D409AF9F PID: 1956 ( 724) C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe size: 1140312 MD5: BDC85FCE7F8A349DAFB667DDCC809586 PID: 128 ( 724) C:\WINDOWS\eHome\ehRecvr.exe size: 237568 MD5: D039A0C347632622934906BD59A4E1EA PID: 172 ( 724) C:\WINDOWS\eHome\ehSched.exe size: 102912 MD5: E774BF24A6CB798DCE67AD1C8E917152 PID: 260 ( 724) C:\Programme\Norton Internet Security\Norton AntiVirus\navapsvc.exe size: 133744 MD5: B7D415FADB8C8487B15EC5C21182A7A3 PID: 432 ( 724) C:\WINDOWS\system32\PhnxCDSvr.exe size: 49152 MD5: 0B3DCBCF76005ABC186F0366946A3C82 PID: 552 ( 724) C:\WINDOWS\system32\svchost.exe size: 14336 MD5: 65A819B121EB6FDAB4400EA42BDFFE64 PID: 1076 ( 724) C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe size: 20480 MD5: 5A0C788C5BC5F2C993CB60940ADCF95E PID: 1756 ( 724) C:\WINDOWS\ehome\mcrdsvc.exe size: 99328 MD5: 52404CC76E9D53843BDF97564BB16BED PID: 2164 ( 724) C:\WINDOWS\system32\dllhost.exe size: 5120 MD5: BED2C7627AB78CA721EFB8B49EFB13EE PID: 2552 ( 920) C:\WINDOWS\system32\wbem\wmiprvse.exe size: 218112 MD5: 971132068954F67FF53D4B82FCAD844C PID: 2596 ( 724) C:\WINDOWS\System32\alg.exe size: 44544 MD5: 6596DD260FFDE1BDC994C1DF236307BB PID: 3188 ( 724) C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Console\NSCSRVCE.EXE size: 749696 MD5: CE7F0175579109B85A6C9A87D6AEF9D1 PID: 2320 ( 680) C:\WINDOWS\system32\Ati2evxx.exe size: 405504 MD5: BBA22521D24625C7A7B8D57FB20A812E PID: 376 (2116) C:\WINDOWS\Explorer.EXE size: 1035264 MD5: 22FE1BE02EADDE1632E478E4125639E0 PID: 2868 (1016) C:\WINDOWS\system32\wuauclt.exe size: 124696 MD5: F75C8C6EFAEC023FE61A6F1C4AD6BC99 PID: 3876 ( 376) C:\WINDOWS\ehome\ehtray.exe size: 64512 MD5: 9C69E6A25F5500501B14AF43311F8D8B PID: 252 ( 376) C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe size: 497240 MD5: 0FBBAB949DC3DE2377677770D7FE0CFB PID: 2992 ( 376) C:\Programme\QuickTime\qttask.exe size: 98304 MD5: 9B4C1812595C389AB9CCF1FF3B315248 PID: 568 ( 376) C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe size: 81920 MD5: 763DAB43BDAB27316DBF3373192823D7 PID: 3844 ( 376) C:\WINDOWS\RTHDCPL.EXE size: 14854144 MD5: 8D6C32D982DC380287D446DE1D166E48 PID: 132 ( 376) C:\Programme\ATI Technologies\ATI.ACE\cli.exe size: 45056 MD5: 64C4C17BF6A40FF1CD21205E6FD415B8 PID: 2420 ( 376) C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe size: 52848 MD5: 8500D5C1AFFD58E1C0A076689F8AA573 PID: 3316 ( 376) C:\Programme\Roxio\CinePlayer\DMXLauncher.exe size: 102400 MD5: E34A3B8D11D2B7CBF518D218861AD944 PID: 2828 ( 376) C:\Programme\Phoenix Technologies\cME\Guard\Guard.exe size: 573440 MD5: C24F1A4CBEDC0C83F53F317CD1396ECC PID: 2444 ( 376) C:\WINDOWS\system32\ctfmon.exe size: 15360 MD5: 7CE20569925DF6789C31799F0C538F29 PID: 640 ( 376) C:\Programme\Messenger\msmsgs.exe size: 1694208 MD5: 74E6E96C6F0E2ECA4EDBB7F7A468F259 PID: 1100 ( 376) C:\Programme\AOL 9.0\aoltray.exe size: 156784 MD5: 0243B985D3B4F7699F922A572BC54057 PID: 3984 ( 920) C:\WINDOWS\eHome\ehmsas.exe size: 46592 MD5: DAEFB050AC8FEE4F1097FCF7CB97220E PID: 1508 (2120) C:\Program Files\StarOffice7\program\soffice.exe size: 655360 MD5: C95CE047CAE76598CD241E99BA248E2D PID: 1156 ( 132) C:\Programme\ATI Technologies\ATI.ACE\cli.exe size: 45056 MD5: 64C4C17BF6A40FF1CD21205E6FD415B8 PID: 1428 ( 132) C:\Programme\ATI Technologies\ATI.ACE\cli.exe size: 45056 MD5: 64C4C17BF6A40FF1CD21205E6FD415B8 PID: 3572 ( 376) C:\Programme\PopUpKiller\PopUpKiller.exe size: 1247232 MD5: EC4B52F8D360D80552AD673026120A53 PID: 2052 (3684) C:\Programme\Spybot - Search & Destroy\SpybotSD.exe size: 4393096 MD5: 09CA174A605B480318731E691DC98539 PID: 3504 (1016) C:\WINDOWS\system32\wuauclt.exe size: 124696 MD5: F75C8C6EFAEC023FE61A6F1C4AD6BC99 PID: 4 ( 0) System --- Browser start & search pages list --- Spybot - Search & Destroy browser pages report, 23.01.2007 20:33:02 HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page C:\WINDOWS\system32\blank.htm HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page http://www.slypornmovies.com/ to verify your age, REQUIRED! WARNING! Adult pictures are featured in this site. Only adults permitted beyond this point! Are you at least 18 years old HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page %SystemRoot%\system32\blank.htm HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm --- Winsock Layered Service Provider list --- --- Uninstall list --- Windows Driver Package - Pinnacle Systems (3xHybrid) MEDIA (08/30/2005 1.3.3.0) 08/30/2005 1.3.3.0 (259538F9B430E2EFD77FF23BCCEA06F735264EEF) uninstall cmd: rundll32.exe C:\PROGRA~1\DIFX\8755E77F25DC1E64C835635CE9C61DB77D88BC99\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\WINDOWS\system32\DRVSTORE\PCTV300i_5739AF099F25A64570FD33E7C75F6A6B1D0F0F56\PCTV300i.inf publisher: Pinnacle Systems Windows Driver Package - Pinnacle Systems (3xHybrid) MEDIA (08/30/2005 1.3.3.0) 08/30/2005 1.3.3.0 (2DBC1839DB68F9FDF98712F65581ED4735D4A40A) uninstall cmd: rundll32.exe C:\PROGRA~1\DIFX\8755E77F25DC1E64C835635CE9C61DB77D88BC99\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\WINDOWS\system32\DRVSTORE\PCTV310i_802A9248B3A03BF839A0D259DC02F3EDBBC072F6\PCTV310i.inf publisher: Pinnacle Systems Windows Driver Package - Pinnacle Systems (3xHybrid) MEDIA (08/30/2005 1.3.3.0) 08/30/2005 1.3.3.0 (9BB1E02AD36D0290FD110ACD847027286BC25C29) uninstall cmd: rundll32.exe C:\PROGRA~1\DIFX\8755E77F25DC1E64C835635CE9C61DB77D88BC99\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\WINDOWS\system32\DRVSTORE\PCTV110i_0DFC79B789FA9D65B85A8D502EE4D0AF741B5586\PCTV110i.inf publisher: Pinnacle Systems (AddressBook) ATI - Software Uninstall Utility 6.14.10.1014 (All ATI Software) install location: C:\Programme\ATI Technologies\UninstallAll uninstall cmd: C:\Programme\ATI Technologies\UninstallAll\AtiCimUn.exe AOL Deutschland (America Online de) uninstall cmd: C:\Programme\Gemeinsame Dateien\aolshare\Aolunins_de.exe AOL Optimized Dial-In (AOL Connectivity Services) uninstall cmd: "C:\Programme\Gemeinsame Dateien\AOL\ACS\AcsUninstall.exe" /c AOL Meine Fotos Bildschirmschoner (AOL YGP Screensaver) uninstall cmd: C:\Programme\Gemeinsame Dateien\AOL\Screensaver\uninst_ygpss.exe AOL Coach Version 1.0(Build:20040229.1 de) (AOLCoach de) uninstall cmd: "C:\Programme\Gemeinsame Dateien\aolshare\Coach\AolCInUn.exe" -lang="de-de" ATI Display Driver 8.231-060221a1-030895C-ATI (ATI Display Driver) uninstall cmd: rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_classISPLAY -clean (Branding) Canon i560 (CANONBJ_Deinstall_CNMCP58.DLL) uninstall cmd: C:\WINDOWS\system32\CNMCP58.exe "-PRINTERNAMECanon i560" "-HELPERDLLC:\BJPrinter\CNMWINDOWS\Canon i560 Installer\Inst2\cnmis.dll" "-RCDLLC:\BJPrinter\CNMWINDOWS\Canon i560 Installer\Inst2\cnmi0407.dll" (Connection Manager) (DirectAnimation) (DirectDrawEx) (DXM_Runtime) (Fontcore) HijackThis 1.99.1 1.99.1 (HijackThis) uninstall cmd: C:\DOKUME~1\NoldeP\LOKALE~1\Temp\Temporäres Verzeichnis 1 für hijackthis.zip\HijackThis.exe /uninstall publisher: Soeperman Enterprises Ltd. (ICW) (IE40) (IE4Data) (IE5BAKEX) (IEData) (InstallShield Uninstall Information) Phoenix Core Managed Environment (cME) 1.0.2.20 (InstallShield_{9B365D9D-C47D-458D-A46F-491A4B33EEAB}) version: 16777218 version (major): 1 estimated size: 5971 install date: 20060331 install location: C:\Programme\Phoenix Technologies\cME\ install source: e:\ uninstall cmd: C:\PROGRA~1\GEMEIN~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{9B365D9D-C47D-458D-A46F-491A4B33EEAB} /l1031 publisher: Phoenix Technologies Ltd contact: Abteilung für Technischen Support help link: http://support.phoenix.com Windows XP-Hotfix - KB873339 20041117.092459 (KB873339) uninstall cmd: C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=873339 (KB884016) Windows XP-Hotfix - KB885250 20050118.202711 (KB885250) uninstall cmd: C:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=885250 Windows XP-Hotfix - KB885835 20041027.181713 (KB885835) uninstall cmd: C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=885835 Windows XP-Hotfix - KB885836 20041028.173203 (KB885836) uninstall cmd: C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=885836 Windows XP-Hotfix - KB886185 20041021.090540 (KB886185) uninstall cmd: C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=886185 Windows XP-Hotfix - KB887472 20041014.162858 (KB887472) uninstall cmd: C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=887472 Windows XP-Hotfix - KB887742 20041103.095002 (KB887742) uninstall cmd: C:\WINDOWS\$NtUninstallKB887742$\spuninst\spuninst.exe publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=887742 Windows XP-Hotfix - KB887797 20041018.133824 (KB887797) uninstall cmd: C:\WINDOWS\$NtUninstallKB887797$\spuninst\spuninst.exe publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=887797 Microsoft .NET Framework 1.0 Hotfix (KB887998) (KB887998) install date: 20060305 uninstall cmd: "C:\WINDOWS\$NtUninstallKB887998$\spuninst\spuninst.exe" publisher: Microsoft Corporation High Definition Audio Driver Package - KB888111 20040219.000000 (KB888111WXPSP2) uninstall cmd: "C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=KB888111 Windows XP-Hotfix - KB888113 20041116.131036 (KB888113) uninstall cmd: C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=888113 Windows XP-Hotfix - KB888302 20041207.111426 (KB888302) uninstall cmd: C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=888302 Hotfix für Windows XP (KB888795) 3 (KB888795) uninstall cmd: "C:\WINDOWS\$NtUninstallKB888795$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=888795 Sicherheitsupdate für Windows XP (KB890046) 1 (KB890046) install date: 20060305 uninstall cmd: "C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=890046 Windows XP-Hotfix - KB890859 1 (KB890859) install date: 20060305 uninstall cmd: "C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=890859 Hotfix für Windows XP (KB891593) 2 (KB891593) uninstall cmd: "C:\WINDOWS\$NtUninstallKB891593$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=891593 Windows XP-Hotfix - KB891781 20050110.165439 (KB891781) uninstall cmd: C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=891781 Sicherheitsupdate für Windows XP (KB893756) 1 (KB893756) install date: 20060305 uninstall cmd: "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=893756 (KB893803) Windows Installer 3.1 (KB893803) 3.1 (KB893803v2) uninstall cmd: "C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://go.microsoft.com/fwlink/?LinkId=42467 Update für Windows XP (KB894391) 1 (KB894391) install date: 20060305 uninstall cmd: "C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=894391 Windows XP-Hotfix - KB895961 1 (KB895961) uninstall cmd: "C:\WINDOWS\$NtUninstallKB895961$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=895961 Sicherheitsupdate für Windows XP (KB896358) 1 (KB896358) install date: 20060305 uninstall cmd: "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=896358 Sicherheitsupdate für Windows XP (KB896422) 1 (KB896422) install date: 20060305 uninstall cmd: "C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=896422 Sicherheitsupdate für Windows XP (KB896423) 1 (KB896423) install date: 20060305 uninstall cmd: "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=896423 Sicherheitsupdate für Windows XP (KB896424) 1 (KB896424) install date: 20060305 uninstall cmd: "C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=896424 Sicherheitsupdate für Windows XP (KB896428) 1 (KB896428) install date: 20060305 uninstall cmd: "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=896428 Update für Windows XP (KB898461) 1 (KB898461) install date: 20060305 uninstall cmd: "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=898461 Hotfix für Windows XP (KB899337) 5 (KB899337) uninstall cmd: "C:\WINDOWS\$NtUninstallKB899337$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=899337 Hotfix für Windows XP (KB899510) 1 (KB899510) uninstall cmd: "C:\WINDOWS\$NtUninstallKB899510$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=899510 Sicherheitsupdate für Windows XP (KB899587) 1 (KB899587) install date: 20060305 uninstall cmd: "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=899587 Sicherheitsupdate für Windows XP (KB899589) 1 (KB899589) install date: 20060305 uninstall cmd: "C:\WINDOWS\$NtUninstallKB899589$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=899589 Sicherheitsupdate für Windows XP (KB899591) 1 (KB899591) install date: 20060305 uninstall cmd: "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=899591 Update Rollup 2 für Windows XP Media Center Edition 2005 (KB900325) uninstall cmd: C:\WINDOWS\$NtUninstallKB900325$\spuninst\spuninst.exe publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=900325 Update für Windows XP (KB900485) 2 (KB900485) install date: 20060426 uninstall cmd: "C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=900485 Sicherheitsupdate für Windows XP (KB900725) 1 (KB900725) install date: 20060305 uninstall cmd: "C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=900725 Update für Windows XP (KB900930) 1 (KB900930) uninstall cmd: "C:\WINDOWS\$NtUninstallKB900930$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=900930 Sicherheitsupdate für Windows XP (KB901017) 1 (KB901017) install date: 20060305 uninstall cmd: "C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=901017 Sicherheitsupdate für Windows XP (KB901214) 1 (KB901214) install date: 20060305 uninstall cmd: "C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=901214 Sicherheitsupdate für Windows XP (KB902400) 1 (KB902400) install date: 20060305 uninstall cmd: "C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=902400 Hotfix für Windows XP (KB902841) 1 (KB902841) uninstall cmd: "C:\WINDOWS\$NtUninstallKB902841$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=902841 Hotfix for Windows Media Player 10 (KB903157) (KB903157) uninstall cmd: "C:\WINDOWS\$NtUninstallKB903157$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=903157 Sicherheitsupdate für Windows XP (KB904706) 2 (KB904706) install date: 20060305 uninstall cmd: "C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=904706 Update für Windows XP (KB904942) 2 (KB904942) install date: 20060305 uninstall cmd: "C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=904942 Sicherheitsupdate für Windows XP (KB905414) 1 (KB905414) install date: 20060305 uninstall cmd: "C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=905414 Sicherheitsupdate für Windows XP (KB905749) 1 (KB905749) install date: 20060305 uninstall cmd: "C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=905749 Sicherheitsupdate für Windows XP (KB905915) 1 (KB905915) install date: 20060305 uninstall cmd: "C:\WINDOWS\$NtUninstallKB905915$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=905915 Sicherheitsupdate für Windows XP (KB908519) 1 (KB908519) install date: 20060305 uninstall cmd: "C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=908519 Sicherheitsupdate für Windows XP (KB908531) 1 (KB908531) install date: 20060424 uninstall cmd: "C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=908531 Update für Windows Media Player 10 (KB910393) (KB910393) install date: 20060305 uninstall cmd: "C:\WINDOWS\$NtUninstallKB910393$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com/?kbid=910393 Update für Windows XP (KB910437) 1 (KB910437) install date: 20060305 uninstall cmd: "C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=910437 Update für Windows XP (KB911280) 2 (KB911280) install date: 20060628 uninstall cmd: "C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=911280 Sicherheitsupdate für Windows XP (KB911562) 1 (KB911562) install date: 20060424 uninstall cmd: "C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=911562 Sicherheitsupdate für Windows Media Player 10 (KB911565) (KB911565) install date: 20060305 uninstall cmd: "C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com/?kbid=911565 Sicherheitsupdate für Windows XP (KB911567) 1 (KB911567) install date: 20060424 uninstall cmd: "C:\WINDOWS\$NtUninstallKB911567$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=911567 Sicherheitsupdate für Windows XP (KB911927) 1 (KB911927) install date: 20060305 uninstall cmd: "C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=911927 Hotfix für Windows XP (KB912024) 2 (KB912024) install date: 20060305 uninstall cmd: "C:\WINDOWS\$NtUninstallKB912024$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=912024 Windows XP Media Center Edition 2005 KB912067 (KB912067) install date: 20060305 uninstall cmd: "C:\WINDOWS\$NtUninstallKB912067$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=912067 Sicherheitsupdate für Windows XP (KB912812) 1 (KB912812) install date: 20060424 uninstall cmd: "C:\WINDOWS\$NtUninstallKB912812$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=912812 Sicherheitsupdate für Windows XP (KB912919) 1 (KB912919) install date: 20060305 uninstall cmd: "C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=912919 Update für Windows XP (KB912945) 1 (KB912945) install date: 20060305 uninstall cmd: "C:\WINDOWS\$NtUninstallKB912945$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=912945 Sicherheitsupdate für Windows XP (KB913446) 1 (KB913446) install date: 20060305 uninstall cmd: "C:\WINDOWS\$NtUninstallKB913446$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=913446 Sicherheitsupdate für Windows XP (KB913580) 1 (KB913580) install date: 20060510 uninstall cmd: "C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=913580 Update für Windows Media Player 10 (KB913800) (KB913800) install date: 20060428 uninstall cmd: "C:\WINDOWS\$NtUninstallKB913800$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com/?kbid=913800 Sicherheitsupdate für Windows XP (KB914388) 1 (KB914388) install date: 20060714 uninstall cmd: "C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=914388 Sicherheitsupdate für Windows XP (KB914389) 1 (KB914389) install date: 20060619 uninstall cmd: "C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=914389 Sicherheitsupdate für Windows XP (KB916281) 1 (KB916281) install date: 20060622 uninstall cmd: "C:\WINDOWS\$NtUninstallKB916281$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=916281 Update für Windows XP (KB916595) 1 (KB916595) install date: 20060714 uninstall cmd: "C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=916595 Sicherheitsupdate für Windows XP (KB917159) 1 (KB917159) install date: 20060714 uninstall cmd: "C:\WINDOWS\$NtUninstallKB917159$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=917159 Security Update for Microsoft .NET Framework 2.0 (KB917283) 1 (KB917283.T1_1ToU93_1) uninstall cmd: C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {967B098A-042D-4367-BAC9-8BC11684174F} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} publisher: Microsoft Corporation help link: http://support.microsoft.com/kb/917283 Sicherheitsupdate für Windows XP (KB917344) 1 (KB917344) install date: 20060616 uninstall cmd: "C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=917344 Sicherheitsupdate für Windows XP (KB917422) 1 (KB917422) install date: 20060818 uninstall cmd: "C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=917422 Sicherheitsupdate für Windows Media Player 10 (KB917734) (KB917734_WMP10) install date: 20060622 uninstall cmd: "C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com/?kbid=917734 Sicherheitsupdate für Windows XP (KB917953) 1 (KB917953) install date: 20060619 uninstall cmd: "C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=917953 Sicherheitsupdate für Windows XP (KB918439) 1 (KB918439) install date: 20060619 uninstall cmd: "C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=918439 Sicherheitsupdate für Windows XP (KB918899) 1 (KB918899) install date: 20060819 uninstall cmd: "C:\WINDOWS\$NtUninstallKB918899$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=918899 Sicherheitsupdate für Windows XP (KB919007) 1 (KB919007) install date: 20060916 uninstall cmd: "C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=919007 Sicherheitsupdate für Windows XP (KB920213) 1 (KB920213) install date: 20061116 uninstall cmd: "C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=920213 Sicherheitsupdate für Windows XP (KB920214) 1 (KB920214) install date: 20060817 uninstall cmd: "C:\WINDOWS\$NtUninstallKB920214$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=920214 Sicherheitsupdate für Windows XP (KB920670) 1 (KB920670) install date: 20060818 uninstall cmd: "C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=920670 Sicherheitsupdate für Windows XP (KB920683) 1 (KB920683) install date: 20060818 uninstall cmd: "C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=920683 Sicherheitsupdate für Windows XP (KB920685) 1 (KB920685) install date: 20060915 uninstall cmd: "C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=920685 Update für Windows XP (KB920872) 1 (KB920872) install date: 20060915 uninstall cmd: "C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=920872 Sicherheitsupdate für Windows XP (KB921398) 1 (KB921398) install date: 20060818 uninstall cmd: "C:\WINDOWS\$NtUninstallKB921398$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=921398 Sicherheitsupdate für Windows XP (KB921883) 1 (KB921883) install date: 20060810 uninstall cmd: "C:\WINDOWS\$NtUninstallKB921883$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=921883 Update für Windows XP (KB922582) 1 (KB922582) install date: 20060916 uninstall cmd: "C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=922582 Sicherheitsupdate für Windows XP (KB922616) 1 (KB922616) install date: 20060817 uninstall cmd: "C:\WINDOWS\$NtUninstallKB922616$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=922616 Sicherheitsupdate für Windows XP (KB922760) 1 (KB922760) install date: 20061119 uninstall cmd: "C:\WINDOWS\$NtUninstallKB922760$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=922760 Security Update für Microsoft .NET Framework 2.0 (KB922770) 1 (KB922770.T1_1ToU168_1) uninstall cmd: C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {0E92DD42-76F5-4EF2-B381-F9C1D72BE23D} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} publisher: Microsoft Corporation help link: http://support.microsoft.com/kb/922770 Sicherheitsupdate für Windows XP (KB922819) 1 (KB922819) install date: 20061012 uninstall cmd: "C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=922819 Sicherheitsupdate für Windows XP (KB923191) 1 (KB923191) install date: 20061014 uninstall cmd: "C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=923191 Sicherheitsupdate für Windows XP (KB923414) 1 (KB923414) install date: 20061011 uninstall cmd: "C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=923414 Sicherheitsupdate für Windows XP (KB923689) (KB923689) install date: 20061216 uninstall cmd: "C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=923689 Sicherheitsupdate für Windows XP (KB923694) 1 (KB923694) install date: 20061216 uninstall cmd: "C:\WINDOWS\$NtUninstallKB923694$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=923694 Sicherheitsupdate für Windows XP (KB923980) 1 (KB923980) install date: 20061116 uninstall cmd: "C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=923980 Sicherheitsupdate für Windows XP (KB924191) 1 (KB924191) install date: 20061014 uninstall cmd: "C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=924191 Sicherheitsupdate für Windows XP (KB924270) 1 (KB924270) install date: 20061116 uninstall cmd: "C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=924270 Sicherheitsupdate für Windows XP (KB924496) 1 (KB924496) install date: 20061014 uninstall cmd: "C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=924496 Sicherheitsupdate für Windows Media Player 6.4 (KB925398) (KB925398_WMP64) install date: 20061216 uninstall cmd: "C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com/?kbid=925398 Sicherheitsupdate für Windows XP (KB925454) 1 (KB925454) install date: 20061217 uninstall cmd: "C:\WINDOWS\$NtUninstallKB925454$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=925454 Sicherheitsupdate für Windows XP (KB925486) 1 (KB925486) install date: 20060926 uninstall cmd: "C:\WINDOWS\$NtUninstallKB925486$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=925486 Update für Windows Media Player 10 (KB926251) (KB926251) install date: 20061216 uninstall cmd: "C:\WINDOWS\$NtUninstallKB926251$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com/?kbid=926251 Sicherheitsupdate für Windows XP (KB926255) 1 (KB926255) install date: 20061215 uninstall cmd: "C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=926255 Sicherheitsupdate für Windows XP (KB929969) 1 (KB929969) install date: 20070114 uninstall cmd: "C:\WINDOWS\$NtUninstallKB929969$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=929969 (KBKB895961) LiveUpdate 2.7 (Symantec Corporation) 2.7.39.0 (LiveUpdate) install location: "C:\Programme\Symantec\LiveUpdate" uninstall cmd: "C:\Programme\Symantec\LiveUpdate\LSETUP.EXE" /U publisher: Symantec Corporation Microsoft .NET Framework 1.1 Hotfix (KB886903) (M886903) uninstall cmd: "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M886903\M886903Uninstall.msp" Microsoft .NET Framework 1.1 (Microsoft .NET Framework 1.1 (1033)) uninstall cmd: msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} readme: file://C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\RepairRedist.htm Microsoft .NET Framework 2.0 (Microsoft .NET Framework 2.0) install location: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ uninstall cmd: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe publisher: Microsoft Corporation help link: http://go.microsoft.com/fwlink/?LinkId=45396 Microsoft .NET Framework 2.0 Language Pack - DEU (Microsoft .NET Framework 2.0 Language Pack - DEU) install location: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ uninstall cmd: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - DEU\install.exe publisher: Microsoft Corporation help link: http://go.microsoft.com/fwlink/?LinkId=45396 (MobileOptionPack) (MPlayer2) (MSI30-Beta1) (MSI30-Beta2) (MSI30-KB884016) (MSI30-RC1) (MSI30-RC2) (MSI30a-KB884016) (MSI31-Beta) (MSI31-RC1) (NetMeeting) (OutlookExpress) (PCHealth) uninstall cmd: rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf PopUpKiller & DialerDetector 2.3 (PopUpKiller & DialerDetector_is1) uninstall cmd: C:\Programme\PopUpKiller\unins000.exe help link: http://www.boesherz-online.de QuickTime (QuickTime) uninstall cmd: C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log RealPlayer Basic (RealPlayer 6.0) uninstall cmd: C:\Programme\Gemeinsame Dateien\Real\Update\\rnuninst.exe RealNetworks|RealPlayer|6.0 (RecordNow.exe) uninstall cmd: C:\WINDOWS\system32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19} (RestoreIT!) uninstall cmd: C:\Programme\Phoenix Technologies\cME\RPro\ XP\un_vback.exe (SBWIN32.EXE) uninstall cmd: C:\WINDOWS\system32\\MSIEXEC.EXE /x {60E971B7-51A0-48CA-8687-C6B8F094A409} (SchedulingAgent) Seekmo Search Assistant (seekmo) uninstall cmd: c:\programme\seekmo\seekmo.exe /uninst_simple_init=y (Sevinst) (ShockwaveFlash) Spybot - Search & Destroy 1.4 1.4 (Spybot - Search & Destroy_is1) install location: C:\Programme\Spybot - Search & Destroy\ uninstall cmd: "C:\Programme\Spybot - Search & Destroy\unins000.exe" publisher: Safer Networking Limited Learn2 Player (Uninstall Only) (StreetPlugin) uninstall cmd: C:\Programme\Learn2.com\StRunner\stuninst.exe Norton Internet Security 2006 (Symantec Corporation) 9.0.3.4 (SymSetup.{A93C9E60-29B6-49da-BA21-F70AC6AADE20}) install location: C:\Programme\Norton Internet Security install source: h: uninstall cmd: "C:\Programme\Gemeinsame Dateien\Symantec Shared\SymSetup\{A93C9E60-29B6-49da-BA21-F70AC6AADE20}.exe" /X publisher: Symantec Corporation Viewpoint Media Player (ViewpointMediaPlayer) uninstall cmd: C:\Programme\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u Windows Genuine Advantage Validation Tool (WGA) install date: 20060305 publisher: Microsoft Corporation help link: http://www.microsoft.com/genuine Windows Media Format Runtime (Windows Media Format Runtime) uninstall cmd: "C:\Programme\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Connect (WMCSetup) uninstall cmd: "C:\WINDOWS\$NtUninstallWMCSetup$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://go.microsoft.com/fwlink/?LinkId=47544 X10 Hardware(TM) (X10Hardware) uninstall cmd: C:\WINDOWS\UNWISE.EXE C:\PROGRA~1\X10HAR~1\Install.log ccCommon 104.0.1.17 ({1248C09A-BD6B-47F5-BF3F-CD2B700D9FCB}) version: 1744830465 version (major): 104 estimated size: 6099 install date: 20060314 install source: h:\Support\ccCommon\ uninstall cmd: MsiExec.exe /I{1248C09A-BD6B-47F5-BF3F-CD2B700D9FCB} publisher: Symantec Norton Internet Security 9.0.3.4 ({12E2B9E9-05B1-407d-B0FD-B5F350535125}) version: 150994947 version (major): 9 estimated size: 20891 install date: 20060314 install source: h:\Setup\ uninstall cmd: MsiExec.exe /I{12E2B9E9-05B1-407d-B0FD-B5F350535125} publisher: Symantec Corporation Roxio CinePlayer 3.2 ({1B683082-8791-4D00-8ADE-6C8986FCCC68}) version: 50462720 version (major): 3 version (minor): 2 estimated size: 100918 install date: 20060331 install source: E:\CP3.2_322b05B_VBS\ uninstall cmd: MsiExec.exe /I{1B683082-8791-4D00-8ADE-6C8986FCCC68} publisher: Roxio Sonic MyDVD 6.0 ({21657574-BD54-48A2-9450-EB03B2C7FC29}) version: 100663296 version (major): 6 estimated size: 99744 install date: 20060305 install source: h:\MYDVD_60\ uninstall cmd: MsiExec.exe /I{21657574-BD54-48A2-9450-EB03B2C7FC29} publisher: Sonic Solutions SymNet 6.0.0.99 ({2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2}) version: 100663296 version (major): 6 estimated size: 2710 install date: 20060314 install source: h:\Support\SymNet\ uninstall cmd: MsiExec.exe /I{2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2} publisher: Symantec Corporation CC_ccProxyExt 104.0.1.17 ({2EBF25F1-F8A2-40EA-92BE-931C142A44E2}) version: 1744830465 version (major): 104 estimated size: 688 install date: 20060314 install source: h:\Support\Proxy\ uninstall cmd: MsiExec.exe /I{2EBF25F1-F8A2-40EA-92BE-931C142A44E2} publisher: Symantec Sonic Update Manager 3.0.0 ({30465B6C-B53F-49A1-9EBA-A3F187AD502E}) version: 50331648 version (major): 3 estimated size: 2444 install date: 20060305 install source: h:\UPDATEMANAGER_MSI\ uninstall cmd: MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E} publisher: Sonic Solutions ccPxyCore 104.0.1.17 ({30738666-9805-4926-A78F-91DA33B6C437}) version: 1744830465 version (major): 104 estimated size: 2826 install date: 20060314 install source: h:\Support\Proxy\ uninstall cmd: MsiExec.exe /I{30738666-9805-4926-A78F-91DA33B6C437} publisher: Symantec WebFldrs XP 9.50.7523 ({350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}) version: 154279267 version (major): 9 version (minor): 50 estimated size: 2604 install date: 20060303 install source: C:\WINDOWS\system32\ publisher: Microsoft Corporation help link: http://www.microsoft.com/windows Norton Internet Security 9.0.3.4 ({3672B097-EA69-4bfe-B92F-29AE6D9D2B34}) version: 150994947 version (major): 9 estimated size: 289 install date: 20060314 install source: h:\Support\SymMCEAI\ uninstall cmd: MsiExec.exe /I{3672B097-EA69-4bfe-B92F-29AE6D9D2B34} publisher: Symantec Corporation Norton AntiSpam 2006.2.0.150 ({3B29A786-5803-4E9E-9B58-3014A5B4E519}) version (major): 2006 version (minor): 2 estimated size: 1553 install date: 20060314 install source: h:\Setup\ uninstall cmd: MsiExec.exe /I{3B29A786-5803-4E9E-9B58-3014A5B4E519} publisher: Symantec Corporation Norton Internet Security 9.0.3.4 ({48185814-A224-447a-81DA-71BD20580E1B}) version: 150994947 version (major): 9 estimated size: 4201 install date: 20060314 install source: h:\Setup\ uninstall cmd: MsiExec.exe /I{48185814-A224-447a-81DA-71BD20580E1B} publisher: Symantec Corporation Norton AntiSpam 2006.2.0.153 ({5677563D-0CB1-485F-9E18-C5025306BB3F}) version (major): 2006 version (minor): 2 estimated size: 8964 install date: 20060314 install source: h:\Setup\ uninstall cmd: MsiExec.exe /I{5677563D |
|
|
||
24.01.2007, 14:22
Ehrenmitglied
Beiträge: 29434 |
#3
Zerberus
igitt öffne das HijackThis -- Button "scan" -- vor diesen Eintrag Häkchen setzen -- Button "Fix checked" -- PC neustarten Zitat R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.slypornmovies.com/ to verify your age, REQUIRED! WARNING! Adult pictures are featured in this site. Only adults permitted beyond this point! Are you at least 18 years oldposte dieses log http://virus-protect.org/artikel/tools/combofix.html __________ MfG Sabina rund um die PC-Sicherheit |
|
|
Bitte um kurze Beurteilung: ( ich denke der Explorer wird in die SU umgeleitet )
Logfile of HijackThis v1.99.1
Scan saved at 20:10:47, on 23.01.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccProxy.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Programme\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\PhnxCDSvr.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\WINDOWS\system32\dllhost.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe
C:\Programme\QuickTime\qttask.exe
C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Programme\ATI Technologies\ATI.ACE\cli.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe
C:\Programme\Roxio\CinePlayer\DMXLauncher.exe
C:\Programme\Phoenix Technologies\cME\Guard\Guard.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Messenger\msmsgs.exe
C:\Programme\AOL 9.0\aoltray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\StarOffice7\program\soffice.exe
C:\Programme\ATI Technologies\ATI.ACE\cli.exe
C:\Programme\ATI Technologies\ATI.ACE\cli.exe
C:\Programme\Spybot - Search & Destroy\SpybotSD.exe
C:\Programme\PopUpKiller\PopUpKiller.exe
C:\WINDOWS\system32\rundll32.exe
C:\DOKUME~1\NoldeP\LOKALE~1\Temp\Temporäres Verzeichnis 2 für hijackthis.zip\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.slypornmovies.com/ to verify your age, REQUIRED! WARNING! Adult pictures are featured in this site. Only adults permitted beyond this point! Are you at least 18 years old
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Programme\Gemeinsame Dateien\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Programme\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Programme\Gemeinsame Dateien\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Programme\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\GEMEIN~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ATICCC] "C:\Programme\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [DMXLauncher] C:\Programme\Roxio\CinePlayer\DMXLauncher.exe
O4 - HKLM\..\Run: [RestoreIT!] "C:\Programme\Phoenix Technologies\cME\RPro\ XP\VBPTASK.EXE" VBStart
O4 - HKLM\..\Run: [Eval] "C:\Programme\Phoenix Technologies\cME\RPro\Eval\Eval.exe"
O4 - HKLM\..\Run: [Guard] "C:\Programme\Phoenix Technologies\cME\Guard\Guard.exe" /background
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: StarOffice 7.lnk = C:\Program Files\StarOffice7\program\quickstart.exe
O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: AOL 9.0 Tray-Symbol.lnk = C:\Programme\AOL 9.0\aoltray.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1141546086265
O17 - HKLM\System\CCS\Services\Tcpip\..\{06063220-DB7C-471A-80F5-0B264176E888}: NameServer = 62.53.206.3 193.189.244.205
O17 - HKLM\System\CS1\Services\Tcpip\..\{06063220-DB7C-471A-80F5-0B264176E888}: NameServer = 62.53.206.3 193.189.244.205
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Programme\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Programme\Norton Internet Security\comHost.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Norton AntiVirus Auto-Protect-Dienst (navapsvc) - Symantec Corporation - C:\Programme\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Phoenix VCD Service (PhnxVCDService) - Phoenix Technologies Ltd. - C:\WINDOWS\system32\PhnxCDSvr.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Programme\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: 8865-234D
Verzeichnis von C:\WINDOWS
23.01.2007 20:10 523.412 setupapi.log
23.01.2007 19:47 1.568.403 WindowsUpdate.log
23.01.2007 19:39 14.694 ModemLog_MicroLink 56k basic PnP.txt
23.01.2007 19:38 0 0.log
23.01.2007 19:38 2.048 bootstat.dat
23.01.2007 19:37 32.620 SchedLgU.Txt
14.01.2007 01:28 36.990 ehOCGen.log
14.01.2007 01:28 86.316 MedCtrOC.log
14.01.2007 01:28 135.156 ntdtcsetup.log
14.01.2007 01:28 225.990 comsetup.log
14.01.2007 01:28 731.950 iis6.log
14.01.2007 01:28 303.985 tsoc.log
14.01.2007 01:28 1.374 imsins.log
14.01.2007 01:28 33.327 tabletoc.log
14.01.2007 01:28 35.769 ocmsn.log
14.01.2007 01:28 12.140 KB929969.log
14.01.2007 01:28 75.005 plusoc.log
14.01.2007 01:28 127.381 netfxocm.log
14.01.2007 01:28 315.080 ocgen.log
14.01.2007 01:28 32.698 msgsocm.log
14.01.2007 01:28 648.366 FaxSetup.log
14.01.2007 01:28 202.920 msmqinst.log
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: 8865-234D
Verzeichnis von C:\DOKUME~1\NoldeP\LOKALE~1\Temp
23.01.2007 19:54 16.384 Perflib_Perfdata_8fc.dat
23.01.2007 19:48 16.384 Perflib_Perfdata_594.dat
23.01.2007 19:48 16.384 Perflib_Perfdata_484.dat
23.01.2007 19:48 16.384 Perflib_Perfdata_84.dat
02.01.2007 03:44 295.040 38b4_appcompat.txt
27.12.2006 04:12 136.406 f778_appcompat.txt
18.10.2006 03:20 285.638 f7c1_appcompat.txt
07.10.2006 23:54 285.548 1dad_appcompat.txt
18.09.2006 00:45 717 control.xml
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: 8865-234D
Verzeichnis von C:\WINDOWS\system32
20.01.2007 23:46 1.158 wpa.dbl
03.01.2007 00:19 10.980.776 MRT.exe
07.12.2006 05:14 2.330.624 wmvcore.dll
08.11.2006 06:06 679.424 inetcomm.dll
29.10.2006 13:28 401.064 perfh009.dat
29.10.2006 13:28 62.344 perfc009.dat
29.10.2006 13:28 74.950 perfc007.dat
29.10.2006 13:28 415.414 perfh007.dat
29.10.2006 13:28 965.968 PerfStringBackup.INI
23.10.2006 16:34 3.082.240 mshtml.dll
23.10.2006 16:34 617.984 urlmon.dll
23.10.2006 16:34 474.624 shlwapi.dll
23.10.2006 16:34 1.497.600 shdocvw.dll
23.10.2006 16:34 670.208 wininet.dll
23.10.2006 16:34 532.480 mstime.dll
23.10.2006 16:34 448.512 mshtmled.dll
23.10.2006 16:34 39.424 pngfilt.dll
23.10.2006 16:34 146.432 msrating.dll
23.10.2006 16:34 96.768 inseng.dll
23.10.2006 16:34 251.904 iepeers.dll
23.10.2006 16:34 205.312 dxtrans.dll
23.10.2006 16:34 55.808 extmgr.dll
23.10.2006 16:34 357.888 dxtmsft.dll
23.10.2006 16:34 15.872 jsproxy.dll
23.10.2006 16:34 1.056.256 danim.dll
23.10.2006 16:34 152.064 cdfview.dll
23.10.2006 16:34 1.022.976 browseui.dll
23.10.2006 12:43 270.336 xpsp3res.dll
20.10.2006 02:38 715.776 sxs.dll
13.10.2006 13:35 64.000 nwapi32.dll
13.10.2006 13:35 65.536 nwwks.dll
13.10.2006 13:35 146.432 nwprovau.dll
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: 8865-234D
Verzeichnis von C:\WINDOWS\Temp
15.10.2006 00:29 5.012 ASPNETSetup_00001.log
14.07.2006 22:23 5.012 ASPNETSetup_00000.log
"Silent Runners.vbs", revision RED (R28) (Echo output), launched at: 20:20
Operating System: Windows XP SP2
Startup items buried in registry:
---------------------------------
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\
"CTFMON.EXE" = "C:\WINDOWS\system32\ctfmon.exe" [MS]
"MSMSGS" = ""C:\Programme\Messenger\msmsgs.exe" /background" [MS]
"SpybotSD TeaTimer" = "C:\Programme\Spybot - Search & Destroy\TeaTimer.exe" ["Safer Networking Limited"]
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\
"ehTray" = "C:\WINDOWS\ehome\ehtray.exe" [MS]
"AOLDialer" = "C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe" ["America Online, Inc"]
"QuickTime Task" = ""C:\Programme\QuickTime\qttask.exe" -atboottime" ["Apple Computer, Inc."]
"ISUSPM Startup" = "C:\PROGRA~1\GEMEIN~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup" ["InstallShield Software Corporation"]
"ISUSScheduler" = ""C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe" -start" ["InstallShield Software Corporation"]
"High Definition Audio Property Page Shortcut" = "HDAShCut.exe" ["Windows (R) Server 2003 DDK provider"]
"RTHDCPL" = "RTHDCPL.EXE" ["Realtek Semiconductor Corp."]
"Alcmtr" = "ALCMTR.EXE" ["Realtek Semiconductor Corp."]
"ATICCC" = ""C:\Programme\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay" [null data]
"ccApp" = ""C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe"" ["Symantec Corporation"]
"DMXLauncher" = "C:\Programme\Roxio\CinePlayer\DMXLauncher.exe" [null data]
"farstone" = "" [(file not found)]
"RestoreIT!" = ""C:\Programme\Phoenix Technologies\cME\RPro\ XP\VBPTASK.EXE" VBStart" [null data]
"Eval" = ""C:\Programme\Phoenix Technologies\cME\RPro\Eval\Eval.exe"" [empty string]
"Guard" = ""C:\Programme\Phoenix Technologies\cME\Guard\Guard.exe" /background" ["Phoenix Technologies Ltd."]
HKLM\Software\Microsoft\Active Setup\Installed Components\
">{22d6f312-b0f6-11d0-94ab-0080c74c7e95}\(Default)" = "Microsoft Windows Media Player"
\StubPath = "C:\WINDOWS\inf\unregmp2.exe /ShowWMP" [MS]
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = "AcroIEHlprObj Class"
-> resolves to: {CLSID}\InprocServer32\(Default) = "C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll" ["Adobe Systems Incorporated"]
{53707962-6F74-2D53-2644-206D7942484F}\(Default) = (no title provided)
-> resolves to: {CLSID}\InprocServer32\(Default) = "C:\Programme\Spybot - Search & Destroy\SDHelper.dll" ["Safer Networking Limited"]
{9ECB9560-04F9-4bbc-943D-298DDF1699E1}\(Default) = "Norton Internet Security 2006"
-> resolves to: {CLSID}\InprocServer32\(Default) = "C:\Programme\Gemeinsame Dateien\Symantec Shared\AdBlocking\NISShExt.dll" ["Symantec Corporation"]
{A8F38D8D-E480-4D52-B7A2-731BB6995FDD}\(Default) = "NAV Helper"
-> resolves to: {CLSID}\InprocServer32\(Default) = "C:\Programme\Norton Internet Security\Norton AntiVirus\NavShExt.dll" ["Symantec Corporation"]
HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\
"PostBootReminder" = "{7849596a-48ea-486e-8937-a2a3009f31a9}"
-> resolves to: {CLSID}\InprocServer32\(Default) = "C:\WINDOWS\system32\SHELL32.dll" [MS]
"CDBurn" = "{fbeb8a05-beee-4442-804e-409d6c4515e9}"
-> resolves to: {CLSID}\InprocServer32\(Default) = "C:\WINDOWS\system32\SHELL32.dll" [MS]
"WebCheck" = "{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
-> resolves to: {CLSID}\InprocServer32\(Default) = "C:\WINDOWS\system32\webcheck.dll" [MS]
"SysTray" = "{35CEC8A3-2BE6-11D2-8773-92E220524153}"
-> resolves to: {CLSID}\InprocServer32\(Default) = "C:\WINDOWS\system32\stobject.dll" [MS]
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
INFECTION WARNING! "AtiExtEvent\DLLName" = "Ati2evxx.dll" ["ATI Technologies Inc."]
Startup items in "NoldeP" & "All Users" startup folders:
---------------------------------------------------------
C:\Dokumente und Einstellungen\NoldeP\Startmen\Programme\Autostart
"StarOffice 7" -> shortcut to: "C:\Program Files\StarOffice7\program\quickstart.exe" [null data]
C:\Dokumente und Einstellungen\All Users\Startmen\Programme\Autostart
"Adobe Reader - Schnellstart" -> shortcut to: "C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe" ["Adobe Systems Incorporated"]
"AOL 9.0 Tray-Symbol" -> shortcut to: "C:\Programme\AOL 9.0\aoltray.exe -check" ["America Online, Inc."]
Enabled Scheduled Tasks:
------------------------
"Norton AntiVirus - Vollst„ndige Systemprfung ausfhren - NoldeP" -> launches: "C:\PROGRA~1\NORTON~1\NORTON~1\Navw32.exe /TASK:"C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Symantec\Norton AntiVirus\Tasks\mycomp.sca"" ["Symantec Corporation"]
"Symantec NetDetect" -> launches: "C:\Programme\Symantec\LiveUpdate\NDETECT.EXE" ["Symantec Corporation"]
Running Services (Display Name, Service Name, Path {Service DLL}):
------------------------------------------------------------------
AOL Connectivity Service, AOL ACS, ""C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe"" ["America Online, Inc."]
Arbeitsstationsdienst, lanmanworkstation, "C:\WINDOWS\system32\svchost.exe -k netsvcs" {"C:\WINDOWS\System32\wkssvc.dll" [MS]}
Ati HotKey Poller, Ati HotKey Poller, "C:\WINDOWS\system32\Ati2evxx.exe" ["ATI Technologies Inc."]
Automatische Updates, wuauserv, "C:\WINDOWS\system32\svchost.exe -k netsvcs" {"C:\WINDOWS\system32\wuauserv.dll" [MS]}
COM+-Ereignissystem, EventSystem, "C:\WINDOWS\system32\svchost.exe -k netsvcs" {"C:\WINDOWS\system32\es.dll" [MS]}
COM+-Systemanwendung, COMSysApp, "C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}" [MS]
Computerbrowser, Browser, "C:\WINDOWS\system32\svchost.exe -k netsvcs" {"C:\WINDOWS\System32\browser.dll" [MS]}
DCOM-Server-Prozessstart, DcomLaunch, "C:\WINDOWS\system32\svchost -k DcomLaunch" {"C:\WINDOWS\system32\rpcss.dll" [MS]}
Designs, Themes, "C:\WINDOWS\System32\svchost.exe -k netsvcs" {"C:\WINDOWS\System32\shsvcs.dll" [MS]}
DHCP-Client, Dhcp, "C:\WINDOWS\system32\svchost.exe -k netsvcs" {"C:\WINDOWS\System32\dhcpcsvc.dll" [MS]}
DNS-Client, Dnscache, "C:\WINDOWS\system32\svchost.exe -k NetworkService" {"C:\WINDOWS\System32\dnsrslvr.dll" [MS]}
Druckwarteschlange, Spooler, "C:\WINDOWS\system32\spoolsv.exe" [MS]
Ereignisprotokoll, Eventlog, "C:\WINDOWS\system32\services.exe" [MS]
Fehlerberichterstattungsdienst, ERSvc, "C:\WINDOWS\System32\svchost.exe -k netsvcs" {"C:\WINDOWS\System32\ersvc.dll" [MS]}
Gatewaydienst auf Anwendungsebene, ALG, "C:\WINDOWS\System32\alg.exe" [MS]
Geschtzter Speicher, ProtectedStorage, "C:\WINDOWS\system32\lsass.exe" [MS]
HID Input Service, HidServ, "C:\WINDOWS\System32\svchost.exe -k netsvcs" {"C:\WINDOWS\System32\hidserv.dll" [MS]}
Hilfe und Support, helpsvc, "C:\WINDOWS\System32\svchost.exe -k netsvcs" {"C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll" [MS]}
Intelligenter Hintergrundbertragungsdienst, BITS, "C:\WINDOWS\system32\svchost.exe -k netsvcs" {"C:\WINDOWS\system32\qmgr.dll" [MS]}
IPSEC-Dienste, PolicyAgent, "C:\WINDOWS\system32\lsass.exe" [MS]
Kompatibilit„t fr schnelle Benutzerumschaltung, FastUserSwitchingCompatibility, "C:\WINDOWS\System32\svchost.exe -k netsvcs" {"C:\WINDOWS\System32\shsvcs.dll" [MS]}
Konfigurationsfreie drahtlose Verbindung, WZCSVC, "C:\WINDOWS\System32\svchost.exe -k netsvcs" {"C:\WINDOWS\System32\wzcsvc.dll" [MS]}
Kryptografiedienste, CryptSvc, "C:\WINDOWS\system32\svchost.exe -k netsvcs" {"C:\WINDOWS\System32\cryptsvc.dll" [MS]}
Media Center Extender Service, McrdSvc, "C:\WINDOWS\ehome\mcrdsvc.exe" [MS]
Media Center Receiver Service, ehRecvr, "C:\WINDOWS\eHome\ehRecvr.exe" [MS]
Media Center-Planerdienst, ehSched, "C:\WINDOWS\eHome\ehSched.exe" [MS]
Netzwerkverbindungen, Netman, "C:\WINDOWS\System32\svchost.exe -k netsvcs" {"C:\WINDOWS\System32\netman.dll" [MS]}
NLA (Network Location Awareness), Nla, "C:\WINDOWS\system32\svchost.exe -k netsvcs" {"C:\WINDOWS\System32\mswsock.dll" [MS]}
Norton AntiVirus Auto-Protect-Dienst, navapsvc, ""C:\Programme\Norton Internet Security\Norton AntiVirus\navapsvc.exe"" ["Symantec Corporation"]
Norton Protection Center Service, NSCService, ""C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Console\NSCSRVCE.EXE"" ["Symantec Corporation"]
Phoenix VCD Service, PhnxVCDService, "C:\WINDOWS\system32\PhnxCDSvr.exe" ["Phoenix Technologies Ltd."]
RAS-Verbindungsverwaltung, RasMan, "C:\WINDOWS\system32\svchost.exe -k netsvcs" {"C:\WINDOWS\System32\rasmans.dll" [MS]}
Remote-Registrierung, RemoteRegistry, "C:\WINDOWS\system32\svchost.exe -k LocalService" {"C:\WINDOWS\system32\regsvc.dll" [MS]}
Remoteprozeduraufruf (RPC), RpcSs, "C:\WINDOWS\system32\svchost -k rpcss" {"C:\WINDOWS\system32\rpcss.dll" [MS]}
Sekund„re Anmeldung, seclogon, "C:\WINDOWS\System32\svchost.exe -k netsvcs" {"C:\WINDOWS\System32\seclogon.dll" [MS]}
Server, lanmanserver, "C:\WINDOWS\system32\svchost.exe -k netsvcs" {"C:\WINDOWS\System32\srvsvc.dll" [MS]}
Shellhardwareerkennung, ShellHWDetection, "C:\WINDOWS\System32\svchost.exe -k netsvcs" {"C:\WINDOWS\System32\shsvcs.dll" [MS]}
Sicherheitskontenverwaltung, SamSs, "C:\WINDOWS\system32\lsass.exe" [MS]
SSDP Discovery Service, SSDPSRV, "C:\WINDOWS\system32\svchost.exe -k LocalService" {"C:\WINDOWS\System32\ssdpsrv.dll" [MS]}
Symantec Core LC, Symantec Core LC, ""C:\Programme\Gemeinsame Dateien\Symantec Shared\CCPD-LC\symlcsvc.exe"" ["Symantec Corporation"]
Symantec Event Manager, ccEvtMgr, ""C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe"" ["Symantec Corporation"]
Symantec Network Drivers Service, SNDSrvc, ""C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe"" ["Symantec Corporation"]
Symantec Network Proxy, ccProxy, ""C:\Programme\Gemeinsame Dateien\Symantec Shared\ccProxy.exe"" ["Symantec Corporation"]
Symantec Settings Manager, ccSetMgr, ""C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe"" ["Symantec Corporation"]
Symantec SPBBCSvc, SPBBCSvc, ""C:\Programme\Gemeinsame Dateien\Symantec Shared\SPBBC\SPBBCSvc.exe"" ["Symantec Corporation"]
Systemereignisbenachrichtigung, SENS, "C:\WINDOWS\system32\svchost.exe -k netsvcs" {"C:\WINDOWS\system32\sens.dll" [MS]}
Systemwiederherstellungsdienst, srservice, "C:\WINDOWS\system32\svchost.exe -k netsvcs" {"C:\WINDOWS\system32\srsvc.dll" [MS]}
Taskplaner, Schedule, "C:\WINDOWS\System32\svchost.exe -k netsvcs" {"C:\WINDOWS\system32\schedsvc.dll" [MS]}
TCP/IP-NetBIOS-Hilfsprogramm, LmHosts, "C:\WINDOWS\system32\svchost.exe -k LocalService" {"C:\WINDOWS\System32\lmhsvc.dll" [MS]}
Telefonie, TapiSrv, "C:\WINDOWS\System32\svchost.exe -k netsvcs" {"C:\WINDOWS\System32\tapisrv.dll" [MS]}
Terminaldienste, TermService, "C:\WINDOWS\System32\svchost -k DComLaunch" {"C:\WINDOWS\System32\termsrv.dll" [MS]}
Verwaltung logischer Datentr„ger, dmserver, "C:\WINDOWS\System32\svchost.exe -k netsvcs" {"C:\WINDOWS\System32\dmserver.dll" ["Microsoft Corp."]}
Webclient, WebClient, "C:\WINDOWS\system32\svchost.exe -k LocalService" {"C:\WINDOWS\System32\webclnt.dll" [MS]}
Windows Audio, AudioSrv, "C:\WINDOWS\System32\svchost.exe -k netsvcs" {"C:\WINDOWS\System32\audiosrv.dll" [MS]}
Windows-Firewall/Gemeinsame Nutzung der Internetverbindung, SharedAccess, "C:\WINDOWS\system32\svchost.exe -k netsvcs" {"C:\WINDOWS\System32\ipnathlp.dll" [MS]}
Windows-Verwaltungsinstrumentation, winmgmt, "C:\WINDOWS\system32\svchost.exe -k netsvcs" {"C:\WINDOWS\system32\wbem\WMIsvc.dll" [MS]}
Windows-Zeitgeber, W32Time, "C:\WINDOWS\System32\svchost.exe -k netsvcs" {"C:\WINDOWS\system32\w32time.dll" [MS]}
X10 Device Network Service, x10nets, "C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe" ["X10"]
šberwachung verteilter Verknpfungen (Client), TrkWks, "C:\WINDOWS\system32\svchost.exe -k netsvcs" {"C:\WINDOWS\system32\trkwks.dll" [MS]}