Mein andere PC kommt nicht mehr ins I-net verdacht auf Virus... |
||
---|---|---|
#0
| ||
28.01.2007, 21:48
Ehrenmitglied
Beiträge: 29434 |
||
|
||
28.01.2007, 22:17
Member
Themenstarter Beiträge: 30 |
#17
Okay gemacht das kam raus:
WARNING: not all files found by this scanner are bad. Consult with a knowledgable person before proceeding. If you see a message in the titlebar saying "Not responding..." you can ignore it. Windows somethimes displays this message due to the high volume of disk I/O. As long as the hard disk light is flashing, the program is still working properly. »»»»»»»»»»»»»»»»» Windows OS and Versions »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Product Name: Microsoft Windows XP Current Build: Service Pack 2 Current Build Number: 2600 Internet Explorer Version: 7.0.5730.11 »»»»»»»»»»»»»»»»» Checking Selected Standard Folders »»»»»»»»»»»»»»»»»»»» Checking %SystemDrive% folder... Checking %ProgramFilesDir% folder... Checking %WinDir% folder... Checking %System% folder... PEC2 29.08.2002 13:00:00 41118 C:\WINDOWS\SYSTEM32\dfrg.msc UPX! 18.05.2004 13:19:00 2920 C:\WINDOWS\SYSTEM32\fp.exe PTech 19.06.2006 15:19:42 571184 C:\WINDOWS\SYSTEM32\LegitCheckControl.dll PECompact2 03.01.2007 00:19:44 10980776 C:\WINDOWS\SYSTEM32\MRT.exe aspack 03.01.2007 00:19:44 10980776 C:\WINDOWS\SYSTEM32\MRT.exe aspack 04.08.2004 00:57:10 733696 C:\WINDOWS\SYSTEM32\ntdll.dll Umonitor 04.08.2004 00:57:34 686592 C:\WINDOWS\SYSTEM32\rasdlg.dll winsync 29.08.2002 13:00:00 1309184 C:\WINDOWS\SYSTEM32\wbdbase.deu PTech 19.06.2006 15:19:26 304944 C:\WINDOWS\SYSTEM32\WgaTray.exe Checking %System%\Drivers folder and sub-folders... PTech 03.08.2004 22:41:38 1309184 C:\WINDOWS\SYSTEM32\drivers\mtlstrm.sys Items found in C:\WINDOWS\SYSTEM32\drivers\etc\HOSTS Checking the Windows folder and sub-folders for system and hidden files within the last 60 days... 28.01.2007 16:48:30 S 2048 C:\WINDOWS\bootstat.dat 08.12.2006 03:11:16 S 9090 C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB923689.cat 22.12.2006 11:53:02 S 7894 C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB929969.cat 28.01.2007 20:16:54 H 1024 C:\WINDOWS\system32\config\default.LOG 28.01.2007 22:03:24 H 1024 C:\WINDOWS\system32\config\SAM.LOG 28.01.2007 20:16:54 H 1024 C:\WINDOWS\system32\config\SECURITY.LOG 28.01.2007 22:07:22 H 28672 C:\WINDOWS\system32\config\software.LOG 28.01.2007 22:07:20 H 36864 C:\WINDOWS\system32\config\system.LOG 13.01.2007 22:20:00 H 1024 C:\WINDOWS\system32\config\systemprofile\NTUSER.DAT.LOG 27.01.2007 10:47:14 HS 388 C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\3b2e813f-854f-4135-bd96-7db2f7e37982 27.01.2007 10:47:14 HS 24 C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\Preferred 24.12.2006 00:15:46 HS 388 C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\d4b25730-11de-4ce1-b98e-f9be6b0a46cd 24.12.2006 00:15:46 HS 24 C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\Preferred 28.01.2007 16:48:32 H 6 C:\WINDOWS\Tasks\SA.DAT Checking for CPL files... Microsoft Corporation 04.08.2004 00:58:24 70656 C:\WINDOWS\SYSTEM32\access.cpl Microsoft Corporation 04.08.2004 00:58:24 555008 C:\WINDOWS\SYSTEM32\appwiz.cpl Microsoft Corporation 04.08.2004 00:58:24 110592 C:\WINDOWS\SYSTEM32\bthprops.cpl Microsoft Corporation 04.08.2004 00:58:24 138240 C:\WINDOWS\SYSTEM32\desk.cpl Microsoft Corporation 04.08.2004 00:58:24 80384 C:\WINDOWS\SYSTEM32\firewall.cpl Microsoft Corporation 04.08.2004 00:58:24 157184 C:\WINDOWS\SYSTEM32\hdwwiz.cpl Microsoft Corporation 17.10.2006 12:05:48 1817088 C:\WINDOWS\SYSTEM32\inetcpl.cpl Microsoft Corporation 04.08.2004 00:58:24 133120 C:\WINDOWS\SYSTEM32\intl.cpl Microsoft Corporation 04.08.2004 00:58:24 381440 C:\WINDOWS\SYSTEM32\irprops.cpl Microsoft Corporation 04.08.2004 00:58:24 69632 C:\WINDOWS\SYSTEM32\joy.cpl Sun Microsystems, Inc. 10.11.2005 13:03:50 49265 C:\WINDOWS\SYSTEM32\jpicpl32.cpl Microsoft Corporation 29.08.2002 13:00:00 189440 C:\WINDOWS\SYSTEM32\main.cpl Microsoft Corporation 04.08.2004 00:58:24 625152 C:\WINDOWS\SYSTEM32\mmsys.cpl Microsoft Corporation 29.08.2002 13:00:00 35840 C:\WINDOWS\SYSTEM32\ncpa.cpl Microsoft Corporation 04.08.2004 00:58:24 25600 C:\WINDOWS\SYSTEM32\netsetup.cpl Microsoft Corporation 04.08.2004 00:58:24 260096 C:\WINDOWS\SYSTEM32\nusrmgr.cpl Microsoft Corporation 04.08.2004 00:58:24 32768 C:\WINDOWS\SYSTEM32\odbccp32.cpl Microsoft Corporation 04.08.2004 00:58:24 117248 C:\WINDOWS\SYSTEM32\powercfg.cpl Intersil Americas Inc. 04.08.2003 16:51:48 313418 C:\WINDOWS\SYSTEM32\PRISMCFG.cpl Davilex Software bv 23.05.2000 10:33:36 61952 C:\WINDOWS\SYSTEM32\SERVICE.CPL Microsoft Corporation 04.08.2004 00:58:24 303104 C:\WINDOWS\SYSTEM32\sysdm.cpl Microsoft Corporation 29.08.2002 13:00:00 28160 C:\WINDOWS\SYSTEM32\telephon.cpl Microsoft Corporation 04.08.2004 00:58:24 94208 C:\WINDOWS\SYSTEM32\timedate.cpl Microsoft Corporation 04.08.2004 00:58:24 148480 C:\WINDOWS\SYSTEM32\wscui.cpl Microsoft Corporation 26.05.2005 03:16:22 174872 C:\WINDOWS\SYSTEM32\wuaucpl.cpl Microsoft Corporation 17.10.2006 12:05:48 1817088 C:\WINDOWS\SYSTEM32\dllcache\inetcpl.cpl Microsoft Corporation 29.08.2002 13:00:00 189440 C:\WINDOWS\SYSTEM32\dllcache\main.cpl Microsoft Corporation 29.08.2002 13:00:00 35840 C:\WINDOWS\SYSTEM32\dllcache\ncpa.cpl Microsoft Corporation 29.08.2002 13:00:00 28160 C:\WINDOWS\SYSTEM32\dllcache\telephon.cpl Microsoft Corporation 26.05.2005 03:16:22 174872 C:\WINDOWS\SYSTEM32\dllcache\wuaucpl.cpl »»»»»»»»»»»»»»»»» Checking Selected Startup Folders »»»»»»»»»»»»»»»»»»»»» Checking files in %ALLUSERSPROFILE%\Startup folder... 20.11.2006 08:25:06 1741 C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Reader - Schnellstart.lnk 20.09.2003 15:50:10 HS 84 C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini 09.04.2006 19:45:28 1986 C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Lexware Info Service.lnk 02.02.2005 18:21:40 1713 C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Microsoft Office.lnk 28.02.2004 18:54:32 626 C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Start FalCPL.lnk Checking files in %ALLUSERSPROFILE%\Application Data folder... 20.09.2003 16:45:28 HS 62 C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\desktop.ini Checking files in %USERPROFILE%\Startup folder... 20.09.2003 15:50:10 HS 84 C:\Dokumente und Einstellungen\Klaus\Startmenü\Programme\Autostart\desktop.ini Checking files in %USERPROFILE%\Application Data folder... 20.09.2003 16:45:28 HS 62 C:\Dokumente und Einstellungen\Klaus\Anwendungsdaten\desktop.ini 16.04.2006 14:52:46 63824 C:\Dokumente und Einstellungen\Klaus\Anwendungsdaten\GDIPFONTCACHEV1.DAT 02.02.2005 20:18:22 21673 C:\Dokumente und Einstellungen\Klaus\Anwendungsdaten\Kommagetrennte Werte (DOS).ADR 02.02.2005 20:19:54 26593 C:\Dokumente und Einstellungen\Klaus\Anwendungsdaten\Kommagetrennte Werte (Windows).ADR 28.01.2007 20:52:02 42106 C:\Dokumente und Einstellungen\Klaus\Anwendungsdaten\wklnhst.dat »»»»»»»»»»»»»»»»» Checking Selected Registry Keys »»»»»»»»»»»»»»»»»»»»»»» [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved] [HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers] HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\ICQLiteMenu {73B24247-042E-4EF5-ADC2-42F62E6FD654} = C:\Programme\ICQLite\ICQLiteShell.dll HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\InoShell {DCED20BE-3645-11D4-BC95-00C04F0E0588} = C:\Programme\CA\eTrust Antivirus\InoShell.dll HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Offline Files {750fdf0e-2a26-11d1-a3ea-080036587f03} = %SystemRoot%\System32\cscui.dll HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Open With {09799AFB-AD67-11d1-ABCD-00C04FC30936} = %SystemRoot%\system32\SHELL32.dll HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Open With EncryptionMenu {A470F8CF-A1E8-4f65-8335-227475AA5C46} = %SystemRoot%\system32\SHELL32.dll HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\{a2a9545d-a0c2-42b4-9708-a0b2badd77c8} Start Menu Pin = %SystemRoot%\system32\SHELL32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers] HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\EncryptionMenu {A470F8CF-A1E8-4f65-8335-227475AA5C46} = %SystemRoot%\system32\SHELL32.dll HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\ICQLiteMenu {73B24247-042E-4EF5-ADC2-42F62E6FD654} = C:\Programme\ICQLite\ICQLiteShell.dll HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\InoShell {DCED20BE-3645-11D4-BC95-00C04F0E0588} = C:\Programme\CA\eTrust Antivirus\InoShell.dll HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\Offline Files {750fdf0e-2a26-11d1-a3ea-080036587f03} = %SystemRoot%\System32\cscui.dll HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\Sharing {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} = ntshrui.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers] HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{0D2E74C4-3C34-11d2-A27E-00C04FC30871} = %SystemRoot%\system32\SHELL32.dll HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{24F14F01-7B1C-11d1-838f-0000F80461CF} = %SystemRoot%\system32\SHELL32.dll HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{24F14F02-7B1C-11d1-838f-0000F80461CF} = %SystemRoot%\system32\SHELL32.dll HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{66742402-F9B9-11D1-A202-0000F81FEDEE} = %SystemRoot%\system32\SHELL32.dll HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{F9DB5320-233E-11D1-9F84-707F02C10627} = C:\Programme\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects] HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} Adobe PDF Reader Link Helper = C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F} = C:\Programme\Spybot - Search & Destroy\SDHelper.dll HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} SSVHelper Class = C:\Programme\Java\jre1.5.0_06\bin\ssv.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{4D5C8C25-D075-11d0-B416-00C04FB90376} &Tipps und Tricks = %SystemRoot%\System32\shdocvw.dll HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{FE54FA40-D68C-11d2-98FA-00C0F0318AFE} Real.com = C:\WINDOWS\System32\Shdocvw.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar] {855F3B16-6D32-4fe6-8A56-BBB695989046} = ICQ Toolbar : C:\Programme\ICQToolbar\toolbaru.dll {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} = &SearchBar : C:\Programme\MyWay\myBar\1.bin\MYBAR.DLL {EF99BD32-C1FB-11D2-892F-0090271D4F88} = Yahoo! Toolbar mit Pop-Up-Blocker : C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} MenuText = Sun Java Konsole : C:\Programme\Java\jre1.5.0_06\bin\npjpi150_06.dll HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B863453A-26C3-4e1f-A54D-A2CD196348E9} ButtonText = ICQ Lite : C:\Programme\ICQLite\ICQLite.exe HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CD67F990-D8E9-11d2-98FE-00C0F0318AFE} ButtonText = Real.com : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} MenuText = @xpsp3res.dll,-20001 : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{FB5F1910-F110-11d2-BB9E-00C04F795683} ButtonText = Messenger : C:\Programme\Messenger\msmsgs.exe [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{30D02401-6A81-11D0-8274-00C04FD5AE38} IE Search Band = C:\WINDOWS\system32\ieframe.dll HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{32683183-48a0-441b-a342-7c2a440a9478} = HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{EFA24E61-B078-11D0-89E4-00C04FC9E26E} Favorites Band = %SystemRoot%\System32\shdocvw.dll HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{EFA24E62-B078-11D0-89E4-00C04FC9E26E} History Band = %SystemRoot%\System32\shdocvw.dll HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{EFA24E64-B078-11D0-89E4-00C04FC9E26E} Explorer-Band = %SystemRoot%\System32\shdocvw.dll [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser {01E04581-4EEE-11D0-BFE9-00AA005B4383} = &Adresse : %SystemRoot%\System32\browseui.dll {0494D0D9-F8E0-41AD-92A3-14154ECE70AC} = &SearchBar : C:\Programme\MyWay\myBar\1.bin\MYBAR.DLL HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser {01E04581-4EEE-11D0-BFE9-00AA005B4383} = &Adresse : %SystemRoot%\System32\browseui.dll {0E5CBF21-D15F-11D0-8301-00AA005B4383} = &Links : %SystemRoot%\system32\SHELL32.dll {0494D0D9-F8E0-41AD-92A3-14154ECE70AC} = &SearchBar : C:\Programme\MyWay\myBar\1.bin\MYBAR.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] Cmaudio RunDll32 cmicnfg.cpl,CMICtrlWnd Dit Dit.exe Realtime Monitor C:\PROGRA~1\CA\ETRUST~1\realmon.exe -s CHotkey mHotkey.exe PCMService "C:\Programme\Medion Home Cinema XL II\PowerCinema\PCMService.exe" ATIPTA C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe PRISMSTA.EXE PRISMSTA.EXE START SunJavaUpdateSched C:\Programme\Java\jre1.5.0_06\bin\jusched.exe Microsoft Works Update Detection C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe SsAAD.exe C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe SmcService C:\PROGRA~1\Sygate\SPF\smc.exe -startgui [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents] IMAIL Installed = 1 MAPI Installed = 1 MSFS Installed = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] ctfmon.exe C:\WINDOWS\system32\ctfmon.exe updateMgr "C:\Programme\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1 SpybotSD TeaTimer C:\Programme\Spybot - Search & Destroy\TeaTimer.exe [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\load] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\run] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\state [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum {BDEADF00-C265-11D0-BCED-00A0C90AB50F} = C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL {6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} = {0DF44EAA-FF21-4412-828E-260A8728E7F1} = HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ratings HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system dontdisplaylastusername 0 legalnoticecaption legalnoticetext shutdownwithoutlogon 1 undockwithoutlogon 1 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies] HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Associations HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer NoDriveTypeAutoRun 145 HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] PostBootReminder {7849596a-48ea-486e-8937-a2a3009f31a9} = %SystemRoot%\system32\SHELL32.dll CDBurn {fbeb8a05-beee-4442-804e-409d6c4515e9} = %SystemRoot%\system32\SHELL32.dll WebCheck {E6FB5E20-DE35-11CF-9C87-00AA005127ED} = C:\WINDOWS\system32\webcheck.dll SysTray {35CEC8A3-2BE6-11D2-8773-92E220524153} = C:\WINDOWS\System32\stobject.dll Web Event Logger {79FEACFF-FFCE-815E-A900-316290B5B738} = C:\WINDOWS\System32\Aeocjm32.dll UPnPMonitor {e57ce738-33e8-4c51-8354-bb4de9d215d1} = C:\WINDOWS\system32\upnpui.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] UserInit = C:\WINDOWS\system32\userinit.exe, Shell = Explorer.exe System = HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain = crypt32.dll HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet = cryptnet.dll HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll = cscdll.dll HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp = wlnotify.dll HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule = wlnotify.dll HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy = sclgntfy.dll HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn = WlNotify.dll HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv = wlnotify.dll HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon = WgaLogon.dll HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon = wlnotify.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Your Image File Name Here without a path Debugger = ntsd -d [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] AppInit_DLLs »»»»»»»»»»»»»»»»»»»»»»»» Scan Complete »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» WinPFind v1.4.1 - Log file written to "WinPFind.Txt" in the WinPFind folder. Scan completed on 28.01.2007 22:11:12 |
|
|
||
28.01.2007, 23:28
Ehrenmitglied
Beiträge: 29434 |
#18
««
suche/loesche: C:\WINDOWS\System32\Aeocjm32.dll »» deaktiviere SpybotSD TeaTimer «« Den folgenden Text in den Editor (Start - Zubehör - Editor) kopieren und als fixme.reg mit 'Speichern unter' auf dem Desktop. Gebe bei Dateityp 'Alle Dateien' an. Du solltest jetzt auf dem Desktop diese Datei finden. Datei "fixme.reg" auf dem Desktop doppelklicken Zitat REGEDIT4PC neustarten »» deaktiviere Sygate- wahrschenilich kommst du wegen der firewall nicht ins net __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
29.01.2007, 19:06
Member
Themenstarter Beiträge: 30 |
#19
So habe alles abgearbeitet...
Jedoch dabei: «« suche/loesche: C:\WINDOWS\System32\Aeocjm32.dll Bin ich zu keinen Ergebniss gekommen , davon war nichts vorhanden Internet funktioniert leider weiterhin nicht |
|
|
||
30.01.2007, 00:18
Ehrenmitglied
Beiträge: 29434 |
#20
kannst du den router nicht mal abstoepseln und direkt ins Net gehen ?
wahrscheinlich ist er nicht richtig konfiguriert ..... poste dieses log http://virus-protect.org/registry_stuff.html __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
30.01.2007, 17:09
Member
Themenstarter Beiträge: 30 |
#21
Okay gemacht
Hier mein Log: doesn't exist HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Policies\System doesn't exist HKEY_LOCAL_MACHINE\SSYSTEM\CurrentControlSet\Services\windowsnetwork doesn't exist HKEY_CURRENT_USER\SYSTEM\CurrentControlSet\Control\Lsa doesn't exist HKEY_CURRENT_USER\Software\Microsoft\OLE doesn't exist HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry doesn't exist HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate ----------------------- ----------------------- REGEDIT4 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess] "Type"=dword:00000020 "Start"=dword:00000002 "ErrorControl"=dword:00000001 "ImagePath"=hex(2):25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,53,79,73,74,65,6d,33,\ 32,5c,73,76,63,68,6f,73,74,2e,65,78,65,20,2d,6b,20,6e,65,74,73,76,63,73,00 "DisplayName"="Windows-Firewall/Gemeinsame Nutzung der Internetverbindung" "DependOnService"=hex(7):4e,65,74,6d,61,6e,00,57,69,6e,4d,67,6d,74,00,00 "DependOnGroup"=hex(7):00 "ObjectName"="LocalSystem" "Description"="Bietet allen Computern in Privat- und Kleinunternehmensnetzwerken Dienste für die Netzwerkadressübersetzung, Adressierung, Namensauflösung und Eindringsschutz." [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch] "Epoch"=dword:000049f3 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters] "ServiceDll"=hex(2):25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,53,79,73,74,65,6d,\ 33,32,5c,69,70,6e,61,74,68,6c,70,2e,64,6c,6c,00 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Programme\\MSN Messenger\\msnmsgr.exe"="C:\\Programme\\MSN Messenger\\msnmsgr.exe:*:Enabled:MSN Messenger 7.5" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP"="139:TCP:*:Enabled:@xpsp2res.dll,-22004" "445:TCP"="445:TCP:*:Enabled:@xpsp2res.dll,-22005" "137:UDP"="137:UDP:*:Enabled:@xpsp2res.dll,-22001" "138:UDP"="138:UDP:*:Enabled:@xpsp2res.dll,-22002" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall"=dword:00000001 "DoNotAllowExceptions"=dword:00000000 "DisableNotifications"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Programme\\ICQLite\\ICQLite.exe"="C:\\Programme\\ICQLite\\ICQLite.exe:*:Enabled:ICQ Lite" "C:\\Programme\\EA GAMES\\Die Schlacht um Mittelerde(tm)\\game.dat"="C:\\Programme\\EA GAMES\\Die Schlacht um Mittelerde(tm)\\game.dat:*:Enabledie Schlacht um Mittelerde" "C:\\Programme\\Warcraft III\\Frozen Throne.exe"="C:\\Programme\\Warcraft III\\Frozen Throne.exe:*:Enabled:Warcraft III - The Frozen Throne" "C:\\Programme\\Warcraft III\\Warcraft III.exe"="C:\\Programme\\Warcraft III\\Warcraft III.exe:*:Enabled:Warcraft III" "C:\\Programme\\Valve\\hl.exe"="C:\\Programme\\Valve\\hl.exe:*:Enabled:Half-Life Launcher" "C:\\program files\\mIRC\\mirc.exe"="C:\\program files\\mIRC\\mirc.exe:*:Enabled:mIRC" "C:\\Programme\\Teamspeak2_RC2\\server_windows.exe"="C:\\Programme\\Teamspeak2_RC2\\server_windows.exe:*:Enabled:Server" "C:\\Programme\\EA GAMES\\Command and Conquer Generäle\\patchget.dat"="C:\\Programme\\EA GAMES\\Command and Conquer Generäle\\patchget.dat:*:Enabledatchgrabber" "C:\\Programme\\EA GAMES\\Command and Conquer Generäle\\generals.exe"="C:\\Programme\\EA GAMES\\Command and Conquer Generäle\\generals.exe:*:Enabled:Command & Conquer(TM) Generäle" "C:\\Programme\\THQ\\Dawn Of War\\W40kWA.exe"="C:\\Programme\\THQ\\Dawn Of War\\W40kWA.exe:*:Enabled:W40kWA" "C:\\Programme\\MSN Messenger\\msnmsgr.exe"="C:\\Programme\\MSN Messenger\\msnmsgr.exe:*:Enabled:MSN Messenger 7.5" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Programme\\Skype\\Phone\\Skype.exe"="C:\\Programme\\Skype\\Phone\\Skype.exe:*:Enabled:Skype" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "139:TCP"="139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004" "445:TCP"="445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005" "137:UDP"="137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001" "138:UDP"="138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002" "1900:UDP"="1900:UDP:LocalSubNetisabled:@xpsp2res.dll,-22007" "2869:TCP"="2869:TCP:LocalSubNetisabled:@xpsp2res.dll,-22008" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Security] "Security"=hex:01,00,14,80,90,00,00,00,9c,00,00,00,14,00,00,00,30,00,00,00,02,\ 00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,\ 00,00,02,00,60,00,04,00,00,00,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,\ 05,12,00,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,\ 20,02,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,0b,00,00,00,00,\ 00,18,00,fd,01,02,00,01,02,00,00,00,00,00,05,20,00,00,00,23,02,00,00,01,01,\ 00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup] "ServiceUpgrade"=dword:00000001 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate] "{E335DD02-5EAD-4B31-8319-CD8936402BBC}"=dword:00000001 "{61DDA531-5177-4294-A090-1C682006E411}"=dword:00000001 "{9EDCB3C2-75F7-4862-BE7D-77BE6C4A7D85}"=dword:00000001 "{175C1178-1FFE-4D5F-B7DD-6BA0BF6B6269}"=dword:00000001 "{00E72A76-AAB6-45AB-8144-85E310B5C504}"=dword:00000001 "{5181B182-0368-4496-AAE0-C90D4B56965F}"=dword:00000001 "{6E69B7B1-220F-4D26-8BD8-624A9E445D7B}"=dword:00000001 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum] "0"="Root\\LEGACY_SHAREDACCESS\\0000" "Count"=dword:00000001 "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc] "Type"=dword:00000020 "Start"=dword:00000002 "ErrorControl"=dword:00000001 "ImagePath"=hex(2):25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,53,79,73,74,65,6d,33,\ 32,5c,73,76,63,68,6f,73,74,2e,65,78,65,20,2d,6b,20,6e,65,74,73,76,63,73,00 "DisplayName"="Sicherheitscenter" "DependOnService"=hex(7):52,70,63,53,73,00,77,69,6e,6d,67,6d,74,00,00 "ObjectName"="LocalSystem" "Description"="Überwacht Systemsicherheitseinstellungen und -konfigurationen." [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc\Parameters] "ServiceDll"=hex(2):25,53,59,53,54,45,4d,52,4f,4f,54,25,5c,73,79,73,74,65,6d,\ 33,32,5c,77,73,63,73,76,63,2e,64,6c,6c,00 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc\Security] "Security"=hex:01,00,14,80,90,00,00,00,9c,00,00,00,14,00,00,00,30,00,00,00,02,\ 00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,\ 00,00,02,00,60,00,04,00,00,00,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,\ 05,12,00,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,\ 20,02,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,0b,00,00,00,00,\ 00,18,00,fd,01,02,00,01,02,00,00,00,00,00,05,20,00,00,00,23,02,00,00,01,01,\ 00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc\Enum] "0"="Root\\LEGACY_WSCSVC\\0000" "Count"=dword:00000001 "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters] "autodisconnect"=dword:0000000f "enableforcedlogoff"=dword:00000001 "enablesecuritysignature"=dword:00000000 "requiresecuritysignature"=dword:00000000 "NullSessionPipes"=hex(7):43,4f,4d,4e,41,50,00,43,4f,4d,4e,4f,44,45,00,53,51,\ 4c,5c,51,55,45,52,59,00,53,50,4f,4f,4c,53,53,00,4c,4c,53,52,50,43,00,62,72,\ 6f,77,73,65,72,00,00 "NullSessionShares"=hex(7):43,4f,4d,43,46,47,00,44,46,53,24,00,00 "ServiceDll"=hex(2):25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,53,79,73,74,65,6d,\ 33,32,5c,73,72,76,73,76,63,2e,64,6c,6c,00 "Lmannounce"=dword:00000000 "Size"=dword:00000001 "Guid"=hex:72,46,5f,af,f9,06,84,47,94,b5,69,2f,2e,6a,82,8a "AdjustedNullSessionPipes"=dword:00000001 "srvcomment"="Maxi" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanworkstation\parameters] "enableplaintextpassword"=dword:00000000 "enablesecuritysignature"=dword:00000001 "requiresecuritysignature"=dword:00000000 "ServiceDll"=hex(2):25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,53,79,73,74,65,6d,\ 33,32,5c,77,6b,73,73,76,63,2e,64,6c,6c,00 "OtherDomains"=hex(7):00 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Messenger] "Type"=dword:00000020 "Start"=dword:00000004 "ErrorControl"=dword:00000001 "ImagePath"=hex(2):25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,53,79,73,74,65,6d,33,\ 32,5c,73,76,63,68,6f,73,74,2e,65,78,65,20,2d,6b,20,6e,65,74,73,76,63,73,00 "DisplayName"="Nachrichtendienst" "DependOnService"=hex(7):4c,61,6e,6d,61,6e,57,6f,72,6b,73,74,61,74,69,6f,6e,00,\ 4e,65,74,42,49,4f,53,00,50,6c,75,67,50,6c,61,79,00,52,70,63,53,53,00,00 "DependOnGroup"=hex(7):00 "ObjectName"="LocalSystem" "Description"="Überträgt NET SEND- und Warndienstnachrichten zwischen Clients und Servern. Dieser Dienst ist nicht mit Windows Messenger verwandt. Der Warndienst überträgt keine Nachrichten, falls dieser Dienst beendet wird. Falls dieser Dienst deaktiviert wird, können die Dienste, die von diesem Dienst ausschließlich abhängig sind, nicht mehr gestartet werden." [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Messenger\Parameters] "ServiceDll"=hex(2):25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,53,79,73,74,65,6d,\ 33,32,5c,6d,73,67,73,76,63,2e,64,6c,6c,00 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Messenger\Security] "Security"=hex:01,00,14,80,78,00,00,00,84,00,00,00,14,00,00,00,30,00,00,00,02,\ 00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,\ 00,00,02,00,48,00,03,00,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,\ 05,0b,00,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,\ 20,02,00,00,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,05,12,00,00,00,01,\ 01,00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Messenger\Enum] "0"="Root\\LEGACY_MESSENGER\\0000" "Count"=dword:00000001 "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr] "Start"=dword:00000003 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole] "DefaultLaunchPermission"=hex:01,00,04,80,64,00,00,00,80,00,00,00,00,00,00,00,\ 14,00,00,00,02,00,50,00,03,00,00,00,00,00,18,00,01,00,00,00,01,01,00,00,00,\ 00,00,05,12,00,00,00,00,00,00,00,00,00,18,00,01,00,00,00,01,01,00,00,00,00,\ 00,05,04,00,00,00,00,00,00,00,00,00,18,00,01,00,00,00,01,02,00,00,00,00,00,\ 05,20,00,00,00,20,02,00,00,01,05,00,00,00,00,00,05,15,00,00,00,a0,5f,84,1f,\ 5e,2e,6b,49,ce,12,03,03,f4,01,00,00,01,05,00,00,00,00,00,05,15,00,00,00,a0,\ 5f,84,1f,5e,2e,6b,49,ce,12,03,03,f4,01,00,00 "EnableDCOM"="Y" "MachineLaunchRestriction"=hex:01,00,04,80,48,00,00,00,58,00,00,00,00,00,00,00,\ 14,00,00,00,02,00,34,00,02,00,00,00,00,00,18,00,1f,00,00,00,01,02,00,00,00,\ 00,00,05,20,00,00,00,20,02,00,00,00,00,14,00,0b,00,00,00,01,01,00,00,00,00,\ 00,01,00,00,00,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,01,02,00,\ 00,00,00,00,05,20,00,00,00,20,02,00,00 "MachineAccessRestriction"=hex:01,00,04,80,44,00,00,00,54,00,00,00,00,00,00,00,\ 14,00,00,00,02,00,30,00,02,00,00,00,00,00,14,00,03,00,00,00,01,01,00,00,00,\ 00,00,05,07,00,00,00,00,00,14,00,07,00,00,00,01,01,00,00,00,00,00,01,00,00,\ 00,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,01,02,00,00,00,00,00,\ 05,20,00,00,00,20,02,00,00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList] "{A50398B8-9075-4FBF-A7A1-456BF21937AD}"="1" "{AD65A69D-3831-40D7-9629-9B0B50A93843}"="1" "{0040D221-54A1-11D1-9DE0-006097042D69}"="1" "{2A6D72F1-6E7E-4702-B99C-E40D3DED33C3}"="1" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\NONREDIST] "System.EnterpriseServices.Thunk.dll"="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "Authentication Packages"=hex(7):6d,73,76,31,5f,30,00,00 "Bounds"=hex:00,30,00,00,00,20,00,00 "Security Packages"=hex(7):6b,65,72,62,65,72,6f,73,00,6d,73,76,31,5f,30,00,73,\ 63,68,61,6e,6e,65,6c,00,77,64,69,67,65,73,74,00,00 "LsaPid"=dword:000001ec "SecureBoot"=dword:00000001 "auditbaseobjects"=dword:00000000 "crashonauditfail"=dword:00000000 "disabledomaincreds"=dword:00000000 "everyoneincludesanonymous"=dword:00000000 "fipsalgorithmpolicy"=dword:00000000 "forceguest"=dword:00000001 "fullprivilegeauditing"=hex:00 "limitblankpassworduse"=dword:00000001 "lmcompatibilitylevel"=dword:00000000 "nodefaultadminowner"=dword:00000001 "nolmhash"=dword:00000000 "restrictanonymous"=dword:00000000 "restrictanonymoussam"=dword:00000001 "Notification Packages"=hex(7):73,63,65,63,6c,69,00,00 "ImpersonatePrivilegeUpgradeToolHasRun"=dword:00000001 "enabledcom"="y" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders] "ProviderOrder"=hex(7):57,69,6e,64,6f,77,73,20,4e,54,20,41,63,63,65,73,73,20,\ 50,72,6f,76,69,64,65,72,00,00 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\Windows NT Access Provider] "ProviderPath"=hex(2):25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,6d,\ 33,32,5c,6e,74,6d,61,72,74,61,2e,64,6c,6c,00 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\PerUserAuditing] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\PerUserAuditing\System] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Data] "Pattern"=hex:f5,72,23,a9,d4,04,5f,a5,87,4c,cb,76,41,ca,67,10,62,65,64,32,65,\ 39,66,38,00,00,00,00,01,00,00,00,bc,01,00,00,c0,01,00,00,34,ca,06,00,45,9d,\ b7,71,04,00,00,00,10,00,00,00,00,00,00,00,46,22,3d,95 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\GBG] "GrafBlumGroup"=hex:2f,c0,d1,07,a1,49,67,da,71 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\JD] "Lookup"=hex:7f,9a,67,d7,bc,2c [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Domains] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\SidCache] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\msv1_0] "ntlmminclientsec"=dword:00000000 "ntlmminserversec"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Skew1] "SkewMatrix"=hex:24,18,ab,7f,13,01,aa,82,df,2b,f3,fb,91,7b,65,2a [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\Passport1.4] "SSOURL"="http://www.passport.com" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache] "Time"=hex:f8,dd,b7,72,48,09,c5,01 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll] "Name"="Digest" "Comment"="Digest SSPI Authentication Package" "Capabilities"=dword:00004050 "RpcId"=dword:0000ffff "Version"=dword:00000001 "TokenSize"=dword:0000ffff "Time"=hex:00,c3,9c,9b,b5,79,c4,01 "Type"=dword:00000031 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll] "Name"="DPA" "Comment"="DPA Security Package" "Capabilities"=dword:00000037 "RpcId"=dword:00000011 "Version"=dword:00000001 "TokenSize"=dword:00000300 "Time"=hex:00,77,61,a0,b5,79,c4,01 "Type"=dword:00000031 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll] "Name"="MSN" "Comment"="MSN Security Package" "Capabilities"=dword:00000037 "RpcId"=dword:00000012 "Version"=dword:00000001 "TokenSize"=dword:00000300 "Time"=hex:00,a4,92,a1,b5,79,c4,01 "Type"=dword:00000031 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "AntiVirusDisableNotify"=dword:00000000 "FirewallDisableNotify"=dword:00000000 "UpdatesDisableNotify"=dword:00000000 "AntiVirusOverride"=dword:00000000 "FirewallOverride"=dword:00000000 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] |
|
|
||
31.01.2007, 01:03
Ehrenmitglied
Beiträge: 29434 |
#22
es ist alles in schoenster Ordnung - es muss also an der Routereinstellung liegen, dass du nicht ins net kommst.
ich habe den Thread verschoben............. __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
http://virus-protect.org/winpfind.html
__________
MfG Sabina
rund um die PC-Sicherheit