autoplay in Laufwerk C und suchfunktion bei CD Laufwerk |
||
---|---|---|
#0
| ||
03.04.2007, 14:11
Member
Themenstarter Beiträge: 25 |
||
|
||
03.04.2007, 16:21
Ehrenmitglied
Beiträge: 29434 |
#17
wenns fertig ist, lasse alles gefundene mit remove loeschen und dann poste den report
__________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
05.04.2007, 12:54
Member
Themenstarter Beiträge: 25 |
#18
Ich habe nach dem loeschen der ganzen Datein einen neustart und dann einen erneuten scan gemacht. Jetzt bin ich mir nicht sicher ob du genau den Report von dem ersten scan haben wolltest da wo ich alles geloescht habe.
Weil er zeigt ja immer nur den Bericht vom letzten scan an. |
|
|
||
05.04.2007, 13:00
Ehrenmitglied
Beiträge: 29434 |
#19
Tempest
dann lass - es geht in Ordnung, weil du ja schon alles geloescht hast «« scanne mit Bitdefender/Online und poste den report http://virus-protect.org/onlinescan.html + berichte, ob der Rechner nun korrekt funktioniert (oder welche Probleme es noch gibt) __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
06.04.2007, 16:40
Member
Themenstarter Beiträge: 25 |
#20
Ich habe es 2 mal checken muessen weil er beim ersten mal stehen geblieben ist. Die meisten sachen wurden schon beim ersten mal geloescht deswegen ist es jetzt so wenig.
Leider besteht das Problem immer noch Es ist bei Laufwerk C, meiner externen Festplatte sowie bei meinem DVD Laufwerk die funktion serch ganz oben wenn ich rechtsklick mache (es oeffnet sich das suce Datei Fenster von Windows wenn ich doppelklick mache) Ich kann es nur oeffnen wenn ich rechtsklick und dann das 2 von oben (oeffnen) benutze. Das muss man doch irgentwo einstellen koennen? BitDefender Online Scanner - Real Time Virus Report Generated at: Fri, Apr 06, 2007 - 22:36:34 Infected Files 5 Virus Detected Win32.Jeefo.A 3 Trojan.Peed.Gen 1 Trojan.Startpage.DLL 1 -------------------------------------------------------------------------------- This summary of the scan process will be used by the BitDefender Antivirus Lab to create agregate statistics about virus activity around the world. |
|
|
||
06.04.2007, 17:20
Ehrenmitglied
Beiträge: 29434 |
#21
««
poste dieses log http://virus-protect.org/silentrunner.html «« und wenn es klappt, dieses log auch http://virus-protect.org/winpfind.html __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
07.04.2007, 06:57
Member
Themenstarter Beiträge: 25 |
#22
"Silent Runners.vbs", revision R50, http://www.silentrunners.org/
Operating System: Windows XP SP2 Output limited to non-default values, except where indicated by "{++}" Startup items buried in registry: --------------------------------- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++} "ctfmon.exe" = "C:\WINDOWS\system32\ctfmon.exe" [MS] "msnmsgr" = ""C:\Program Files\MSN Messenger\msnmsgr.exe" /background" [MS] "swg" = "C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" ["Google Inc."] "BitTorrent" = ""F:\Programme\BitTorrent\bittorrent.exe" --force_start_minimized" [null data] HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ {++} "(Default)" = "(empty string)" [file not found] "SBCSTray" = "C:\Program Files\Sunbelt Software\CounterSpy\SBCSTray.exe" ["Sunbelt Software"] "SsAAD.exe" = "C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe" [null data] HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ {AA58ED58-01DD-4d91-8333-CF10577473F7}\(Default) = (no title provided) -> {HKLM...CLSID} = "Google Toolbar Helper" \InProcServer32\(Default) = "c:\program files\google\googletoolbar2.dll" ["Google Inc."] HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ "{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Display Panning CPL Extension" -> {HKLM...CLSID} = "Display Panning CPL Extension" \InProcServer32\(Default) = "deskpan.dll" [file not found] "{88895560-9AA2-1069-930E-00AA0030EBC8}" = "HyperTerminal Icon Ext" -> {HKLM...CLSID} = "HyperTerminal Icon Ext" \InProcServer32\(Default) = "C:\WINDOWS\System32\hticons.dll" ["Hilgraeve, Inc."] "{cc86590a-b60a-48e6-996b-41d25ed39a1e}" = "Portable Media Devices Menu" -> {HKLM...CLSID} = "Portable Media Devices Menu" \InProcServer32\(Default) = "C:\WINDOWS\system32\Audiodev.dll" [MS] "{5464D816-CF16-4784-B9F3-75C0DB52B499}" = "Yahoo! Mail" -> {HKLM...CLSID} = "YMailShellExt Class" \InProcServer32\(Default) = "C:\PROGRA~1\Yahoo!\Common\ymmapi.dll" [file not found] "{A68865DD-EE3C-4442-9BE9-1BAB2576E3FA}" = "NOMAD Explorer" -> {HKLM...CLSID} = "NOMAD Explorer" \InProcServer32\(Default) = "C:\Program Files\Creative\NOMAD Explorer\CTJBNS.DLL" ["Creative Technology Ltd"] "{E0D79304-84BE-11CE-9641-444553540000}" = "WinZip" -> {HKLM...CLSID} = "WinZip" \InProcServer32\(Default) = "C:\PROGRA~1\WINZIP\WZSHLSTB.DLL" ["WinZip Computing LP"] "{E0D79305-84BE-11CE-9641-444553540000}" = "WinZip" -> {HKLM...CLSID} = "WinZip" \InProcServer32\(Default) = "C:\PROGRA~1\WINZIP\WZSHLSTB.DLL" ["WinZip Computing LP"] "{E0D79306-84BE-11CE-9641-444553540000}" = "WinZip" -> {HKLM...CLSID} = "WinZip" \InProcServer32\(Default) = "C:\PROGRA~1\WINZIP\WZSHLSTB.DLL" ["WinZip Computing LP"] "{E0D79307-84BE-11CE-9641-444553540000}" = "WinZip" -> {HKLM...CLSID} = "WinZip" \InProcServer32\(Default) = "C:\PROGRA~1\WINZIP\WZSHLSTB.DLL" ["WinZip Computing LP"] "{FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D}" = "Messenger Sharing Folders" -> {HKLM...CLSID} = "My Sharing Folders" \InProcServer32\(Default) = "C:\Program Files\MSN Messenger\fsshext.8.0.0812.00.dll" [MS] "{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF}" = "iTunes" -> {HKLM...CLSID} = "iTunes" \InProcServer32\(Default) = "C:\Program Files\iTunes\iTunesMiniPlayer.dll" ["Apple Computer, Inc."] "{e57ce731-33e8-4c51-8354-bb4de9d215d1}" = "Universal Plug and Play Devices" -> {HKLM...CLSID} = "Universal Plug and Play Devices" \InProcServer32\(Default) = "C:\WINDOWS\system32\upnpui.dll" [MS] "{B327765E-D724-4347-8B16-78AE18552FC3}" = "NeroDigitalIconHandler" -> {HKLM...CLSID} = "NeroDigitalIconHandler Class" \InProcServer32\(Default) = "C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll" [file not found] "{7F1CF152-04F8-453A-B34C-E609530A9DC8}" = "NeroDigitalPropSheetHandler" -> {HKLM...CLSID} = "NeroDigitalPropSheetHandler Class" \InProcServer32\(Default) = "C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll" [file not found] "{329E4C0E-9B95-4EA9-83AF-5B6FBD190477}" = "*" -> {HKLM...CLSID} = "Burn My Files ( New ) " \InProcServer32\(Default) = "C:\PROGRA~1\GetData\BURNMY~1\BURNMY~1.DLL" ["GetData Pty Ltd"] HKLM\Software\Classes\Folder\shellex\ColumnHandlers\ {7D4D6379-F301-4311-BEBA-E26EB0561882}\(Default) = "NeroDigitalExt.NeroDigitalColumnHandler" -> {HKLM...CLSID} = "NeroDigitalColumnHandler Class" \InProcServer32\(Default) = "C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll" [file not found] {F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = "PDF Column Info" -> {HKLM...CLSID} = "PDF Shell Extension" \InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll" ["Adobe Systems, Inc."] HKLM\Software\Classes\*\shellex\ContextMenuHandlers\ EPPShellEx\(Default) = "{509FE1AF-ADD5-49EC-BC55-7CF81FD16E78}" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = "C:\Program Files\EPSON\Creativity Suite\Easy Photo Print\EPPShell.dll" ["SEIKO EPSON CORPORATION"] WinZip\(Default) = "{E0D79304-84BE-11CE-9641-444553540000}" -> {HKLM...CLSID} = "WinZip" \InProcServer32\(Default) = "C:\PROGRA~1\WINZIP\WZSHLSTB.DLL" ["WinZip Computing LP"] Yahoo! Mail\(Default) = "{5464D816-CF16-4784-B9F3-75C0DB52B499}" -> {HKLM...CLSID} = "YMailShellExt Class" \InProcServer32\(Default) = "C:\PROGRA~1\Yahoo!\Common\ymmapi.dll" [file not found] HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\ WinZip\(Default) = "{E0D79304-84BE-11CE-9641-444553540000}" -> {HKLM...CLSID} = "WinZip" \InProcServer32\(Default) = "C:\PROGRA~1\WINZIP\WZSHLSTB.DLL" ["WinZip Computing LP"] HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\ WinZip\(Default) = "{E0D79304-84BE-11CE-9641-444553540000}" -> {HKLM...CLSID} = "WinZip" \InProcServer32\(Default) = "C:\PROGRA~1\WINZIP\WZSHLSTB.DLL" ["WinZip Computing LP"] HKLM\Software\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\ *\(Default) = "{329E4C0E-9B95-4EA9-83AF-5B6FBD190477}" -> {HKLM...CLSID} = "Burn My Files ( New ) " \InProcServer32\(Default) = "C:\PROGRA~1\GetData\BURNMY~1\BURNMY~1.DLL" ["GetData Pty Ltd"] Group Policies {policy setting}: -------------------------------- Note: detected settings may not have any effect. HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\ "NoDrives" = (REG_BINARY) hex2 FF FF 03 {unrecognized setting} HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\ "NoCDBurning" = (REG_DWORD) hex:0x00000000 {unrecognized setting} HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\ "shutdownwithoutlogon" = (REG_DWORD) hex:0x00000001 {Shutdown: Allow system to be shut down without having to log on} "undockwithoutlogon" = (REG_DWORD) hex:0x00000001 {Devices: Allow undock without having to log on} Active Desktop and Wallpaper: ----------------------------- Active Desktop may be disabled at this entry: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState Displayed if Active Desktop enabled and wallpaper not set by Group Policy: HKCU\Software\Microsoft\Internet Explorer\Desktop\General\ "Wallpaper" = "C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Wallpaper1.bmp" Displayed if Active Desktop disabled and wallpaper not set by Group Policy: HKCU\Control Panel\Desktop\ "Wallpaper" = "C:\Documents and Settings\Tim\Local Settings\Application Data\Microsoft\Wallpaper1.bmp" Winsock2 Service Provider DLLs: ------------------------------- Namespace Service Providers HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++} 000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS] 000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS] 000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS] Transport Service Providers HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++} 0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range: %SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 19 %SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05 Toolbars, Explorer Bars, Extensions: ------------------------------------ Toolbars HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\ "{07B18EA9-A523-4961-B6BB-170DE4475CCA}" -> {HKLM...CLSID} = "My Web Search" \InProcServer32\(Default) = "C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL" [file not found] "{2318C2B1-4965-11D4-9B18-009027A5CD4F}" -> {HKLM...CLSID} = "&Google" \InProcServer32\(Default) = "c:\program files\google\googletoolbar2.dll" ["Google Inc."] HKLM\Software\Microsoft\Internet Explorer\Toolbar\ "{2318C2B1-4965-11D4-9B18-009027A5CD4F}" = (no title provided) -> {HKLM...CLSID} = "&Google" \InProcServer32\(Default) = "c:\program files\google\googletoolbar2.dll" ["Google Inc."] Explorer Bars HKLM\Software\Microsoft\Internet Explorer\Explorer Bars\ HKLM\Software\Classes\CLSID\{1E0DE227-5CE4-4EA3-AB0C-8B03E1AA76BC}\(Default) = "My Web Search Quick View" Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar] InProcServer32\(Default) = "C:\WINDOWS\system32\shdocvw.dll" [MS] Und hier das vom 2. WARNING: not all files found by this scanner are bad. Consult with a knowledgable person before proceeding. If you see a message in the titlebar saying "Not responding..." you can ignore it. Windows somethimes displays this message due to the high volume of disk I/O. As long as the hard disk light is flashing, the program is still working properly. »»»»»»»»»»»»»»»»» Windows OS and Versions »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Product Name: Microsoft Windows XP Current Build: Service Pack 2 Current Build Number: 2600 Internet Explorer Version: 7.0.5730.11 »»»»»»»»»»»»»»»»» Checking Selected Standard Folders »»»»»»»»»»»»»»»»»»»» Checking %SystemDrive% folder... PEC2 06-08-31 05:30:14 769996 C:\DSCF0929.JPG Checking %ProgramFilesDir% folder... Checking %WinDir% folder... UPX! 06-07-12 10:52:30 18432 C:\WINDOWS\ss3unstl.exe Checking %System% folder... aspack 05-12-05 17:09:18 2323664 C:\WINDOWS\SYSTEM32\d3dx9_28.dll aspack 06-03-31 11:40:58 2388176 C:\WINDOWS\SYSTEM32\d3dx9_30.dll PEC2 01-08-18 20:00:00 41397 C:\WINDOWS\SYSTEM32\dfrg.msc PTech 07-03-15 18:19:28 1476992 C:\WINDOWS\SYSTEM32\LegitCheckControl.dll PECompact2 07-03-08 04:36:32 12619736 C:\WINDOWS\SYSTEM32\MRT.exe aspack 07-03-08 04:36:32 12619736 C:\WINDOWS\SYSTEM32\MRT.exe aspack 04-08-04 00:56:38 708096 C:\WINDOWS\SYSTEM32\ntdll.dll Umonitor 04-08-04 00:56:46 657920 C:\WINDOWS\SYSTEM32\rasdlg.dll winsync 01-08-18 20:00:00 1309184 C:\WINDOWS\SYSTEM32\wbdbase.deu PTech 07-03-15 18:17:08 336768 C:\WINDOWS\SYSTEM32\WgaTray.exe Checking %System%\Drivers folder and sub-folders... PTech 04-08-03 22:41:38 1309184 C:\WINDOWS\SYSTEM32\drivers\mtlstrm.sys Items found in C:\WINDOWS\SYSTEM32\drivers\etc\hosts Checking the Windows folder and sub-folders for system and hidden files within the last 60 days... 07-04-05 19:54:40 S 2048 C:\WINDOWS\bootstat.dat 07-04-02 10:03:22 HS 7680 C:\WINDOWS\Thumbs.db 07-04-01 14:11:22 HS 67 C:\WINDOWS\Fonts\desktop.ini 07-04-06 13:12:56 H 0 C:\WINDOWS\LastGood\INF\oem52.inf 07-04-06 13:12:56 H 0 C:\WINDOWS\LastGood\INF\oem52.PNF 07-03-05 16:51:10 H 25755448 C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\909f0d72f3fc599f99f54ad85fc3b8b4\BIT69.tmp 07-03-09 00:02:22 S 13402 C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB925902.cat 07-03-15 18:19:50 S 9798 C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\WgaNotify.cat 07-04-06 13:27:42 H 1024 C:\WINDOWS\system32\config\default.LOG 07-04-07 12:28:12 H 1024 C:\WINDOWS\system32\config\SAM.LOG 07-04-07 12:29:00 H 1024 C:\WINDOWS\system32\config\SECURITY.LOG 07-04-07 13:01:40 H 1024 C:\WINDOWS\system32\config\software.LOG 07-04-07 12:29:00 H 1024 C:\WINDOWS\system32\config\system.LOG 07-04-01 15:52:58 H 1024 C:\WINDOWS\system32\config\systemprofile\ntuser.dat.LOG 07-03-16 07:36:26 HS 388 C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\ba4be335-968f-49f7-8046-b676c34c6df5 07-03-16 07:36:26 HS 24 C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\Preferred 07-04-05 19:54:42 H 6 C:\WINDOWS\Tasks\SA.DAT Checking for CPL files... 03-08-19 15:20:04 180224 C:\WINDOWS\SYSTEM32\ac3filter.cpl Microsoft Corporation 04-08-04 00:56:58 68608 C:\WINDOWS\SYSTEM32\access.cpl Realtek Semiconductor Corp. 05-09-22 01:25:50 299008 C:\WINDOWS\SYSTEM32\ALSndMgr.Cpl Microsoft Corporation 04-08-04 00:56:58 549888 C:\WINDOWS\SYSTEM32\appwiz.cpl Microsoft Corporation 04-08-04 00:56:58 110592 C:\WINDOWS\SYSTEM32\bthprops.cpl Logitech Inc. 05-12-07 10:25:52 350720 C:\WINDOWS\SYSTEM32\camcpl.cpl Microsoft Corporation 04-08-04 00:56:58 135168 C:\WINDOWS\SYSTEM32\desk.cpl Microsoft Corporation 04-08-04 00:56:58 80384 C:\WINDOWS\SYSTEM32\firewall.cpl Microsoft Corporation 04-08-04 00:56:58 155136 C:\WINDOWS\SYSTEM32\hdwwiz.cpl Intel Corporation 04-06-06 11:43:28 94208 C:\WINDOWS\SYSTEM32\igfxcpl.cpl Microsoft Corporation 07-01-08 19:02:10 1823744 C:\WINDOWS\SYSTEM32\inetcpl.cpl Microsoft Corporation 04-08-04 00:56:58 129536 C:\WINDOWS\SYSTEM32\intl.cpl Microsoft Corporation 04-08-04 00:56:58 380416 C:\WINDOWS\SYSTEM32\irprops.cpl Microsoft Corporation 04-08-04 00:56:58 68608 C:\WINDOWS\SYSTEM32\joy.cpl Microsoft Corporation 01-08-18 20:00:00 187904 C:\WINDOWS\SYSTEM32\main.cpl Microsoft Corporation 04-08-04 00:56:58 618496 C:\WINDOWS\SYSTEM32\mmsys.cpl Microsoft Corporation 01-08-18 20:00:00 35840 C:\WINDOWS\SYSTEM32\ncpa.cpl Microsoft Corporation 04-08-04 00:56:58 25600 C:\WINDOWS\SYSTEM32\netsetup.cpl Microsoft Corporation 04-08-04 00:56:58 257024 C:\WINDOWS\SYSTEM32\nusrmgr.cpl Microsoft Corporation 04-08-04 00:56:58 32768 C:\WINDOWS\SYSTEM32\odbccp32.cpl Microsoft Corporation 04-08-04 00:56:58 114688 C:\WINDOWS\SYSTEM32\powercfg.cpl Realtek Semiconductor Corp. 06-08-18 21:58:12 282624 C:\WINDOWS\SYSTEM32\RTSndMgr.Cpl Microsoft Corporation 04-08-04 00:56:58 298496 C:\WINDOWS\SYSTEM32\sysdm.cpl Microsoft Corporation 01-08-18 20:00:00 28160 C:\WINDOWS\SYSTEM32\telephon.cpl Microsoft Corporation 04-08-04 00:56:58 94208 C:\WINDOWS\SYSTEM32\timedate.cpl Microsoft Corporation 04-08-04 00:56:58 148480 C:\WINDOWS\SYSTEM32\wscui.cpl Microsoft Corporation 05-05-26 04:16:30 174360 C:\WINDOWS\SYSTEM32\wuaucpl.cpl Microsoft Corporation 07-01-08 19:02:10 1823744 C:\WINDOWS\SYSTEM32\dllcache\inetcpl.cpl Microsoft Corporation 01-08-18 20:00:00 187904 C:\WINDOWS\SYSTEM32\dllcache\main.cpl Microsoft Corporation 01-08-18 20:00:00 35840 C:\WINDOWS\SYSTEM32\dllcache\ncpa.cpl Microsoft Corporation 01-08-18 20:00:00 28160 C:\WINDOWS\SYSTEM32\dllcache\telephon.cpl Microsoft Corporation 05-05-26 04:16:30 174360 C:\WINDOWS\SYSTEM32\dllcache\wuaucpl.cpl »»»»»»»»»»»»»»»»» Checking Selected Startup Folders »»»»»»»»»»»»»»»»»»»»» Checking files in %ALLUSERSPROFILE%\Startup folder... 05-12-14 23:53:28 HS 84 C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini Checking files in %ALLUSERSPROFILE%\Application Data folder... 05-12-14 22:58:50 HS 62 C:\Documents and Settings\All Users\Application Data\desktop.ini 07-01-01 14:04:02 0 C:\Documents and Settings\All Users\Application Data\ISx1.tmp 06-12-30 23:31:02 0 C:\Documents and Settings\All Users\Application Data\ISx1AA.tmp 06-12-31 21:17:28 0 C:\Documents and Settings\All Users\Application Data\ISx67.tmp 06-12-12 13:07:48 0 C:\Documents and Settings\All Users\Application Data\ISx73.tmp 06-12-13 16:55:20 1755 C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache 07-04-05 19:54:44 6322 C:\Documents and Settings\All Users\Application Data\Svclog.log Checking files in %USERPROFILE%\Startup folder... 05-12-14 23:53:28 HS 84 C:\Documents and Settings\Tim\Start Menu\Programs\Startup\desktop.ini Checking files in %USERPROFILE%\Application Data folder... 06-12-12 17:35:50 0 C:\Documents and Settings\Tim\Application Data\AVSDVDPlayer.m3u 05-12-14 22:58:50 HS 62 C:\Documents and Settings\Tim\Application Data\desktop.ini »»»»»»»»»»»»»»»»» Checking Selected Registry Keys »»»»»»»»»»»»»»»»»»»»»»» [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved] [HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers] HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\EPPShellEx {509FE1AF-ADD5-49EC-BC55-7CF81FD16E78} = C:\Program Files\EPSON\Creativity Suite\Easy Photo Print\EPPShell.dll HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Offline Files {750fdf0e-2a26-11d1-a3ea-080036587f03} = %SystemRoot%\System32\cscui.dll HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Open With {09799AFB-AD67-11d1-ABCD-00C04FC30936} = %SystemRoot%\system32\SHELL32.dll HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Open With EncryptionMenu {A470F8CF-A1E8-4f65-8335-227475AA5C46} = %SystemRoot%\system32\SHELL32.dll HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\WinRAR = HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\WinZip {E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Yahoo! Mail {5464D816-CF16-4784-B9F3-75C0DB52B499} = C:\PROGRA~1\Yahoo!\Common\ymmapi.dll HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\{a2a9545d-a0c2-42b4-9708-a0b2badd77c8} Start Menu Pin = %SystemRoot%\system32\SHELL32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers] HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\WinRAR = HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\WinZip {E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers] HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\EncryptionMenu {A470F8CF-A1E8-4f65-8335-227475AA5C46} = %SystemRoot%\system32\SHELL32.dll HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\Offline Files {750fdf0e-2a26-11d1-a3ea-080036587f03} = %SystemRoot%\System32\cscui.dll HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\Sharing {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} = ntshrui.dll HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\WinRAR = HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\WinZip {E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers] HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{0D2E74C4-3C34-11d2-A27E-00C04FC30871} = %SystemRoot%\system32\SHELL32.dll HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{24F14F01-7B1C-11d1-838f-0000F80461CF} = %SystemRoot%\system32\SHELL32.dll HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{24F14F02-7B1C-11d1-838f-0000F80461CF} = %SystemRoot%\system32\SHELL32.dll HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{66742402-F9B9-11D1-A202-0000F81FEDEE} = %SystemRoot%\system32\SHELL32.dll HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{7D4D6379-F301-4311-BEBA-E26EB0561882} = C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{F9DB5320-233E-11D1-9F84-707F02C10627} = C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects] HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7} Google Toolbar Helper = c:\program files\google\googletoolbar2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{04BEAB9D-5C42-4C40-BBF0-C6C7470AD2B2} = HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{4528BBE0-4E08-11D5-AD55-00010333D0AD} = HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{4D5C8C25-D075-11d0-B416-00C04FB90376} &Tip of the Day = %SystemRoot%\System32\shdocvw.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} = &Google : c:\program files\google\googletoolbar2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{85d1f590-48f4-11d9-9669-0800200c9a66} MenuText = Uninstall BitDefender Online Scanner v8 : [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{2D51D869-C36B-42BD-AE68-0A81BC771FA5} = HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{32683183-48a0-441b-a342-7c2a440a9478} = HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{9A7D6AD2-0881-451F-BB27-F5E2EE2C5B14} = [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} = : HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser {01E04581-4EEE-11D0-BFE9-00AA005B4383} = &Address : %SystemRoot%\System32\browseui.dll {0E5CBF21-D15F-11D0-8301-00AA005B4383} = &Links : %SystemRoot%\system32\SHELL32.dll {EF99BD32-C1FB-11D2-892F-0090271D4F88} = &Yahoo! Toolbar : {07B18EA9-A523-4961-B6BB-170DE4475CCA} = My Web Search : C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL {2318C2B1-4965-11D4-9B18-009027A5CD4F} = &Google : c:\program files\google\googletoolbar2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] SBCSTray C:\Program Files\Sunbelt Software\CounterSpy\SBCSTray.exe SsAAD.exe C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] ctfmon.exe C:\WINDOWS\system32\ctfmon.exe msnmsgr "C:\Program Files\MSN Messenger\msnmsgr.exe" /background swg C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe BitTorrent "F:\Programme\BitTorrent\bittorrent.exe" --force_start_minimized [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\load] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\run] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk path C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk backup C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup location Common Startup command C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE item Adobe Reader Speed Launch path C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk backup C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup location Common Startup command C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE item Adobe Reader Speed Launch HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^GStartup.lnk path C:\Documents and Settings\All Users\Start Menu\Programs\Startup\GStartup.lnk backup C:\WINDOWS\pss\GStartup.lnkCommon Startup location Common Startup command C:\Program Files\Common Files\GMT\GMT.exe /startup item GStartup path C:\Documents and Settings\All Users\Start Menu\Programs\Startup\GStartup.lnk backup C:\WINDOWS\pss\GStartup.lnkCommon Startup location Common Startup command C:\Program Files\Common Files\GMT\GMT.exe /startup item GStartup HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IMC key SOFTWARE\Microsoft\Windows\CurrentVersion\Run item imc hkey HKCU command C:\Program Files\FriendFinder\FriendFinder Messenger 30\imc.exe inimapping 0 key SOFTWARE\Microsoft\Windows\CurrentVersion\Run item imc hkey HKCU command C:\Program Files\FriendFinder\FriendFinder Messenger 30\imc.exe inimapping 0 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched key SOFTWARE\Microsoft\Windows\CurrentVersion\Run item jusched hkey HKLM command C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe inimapping 0 key SOFTWARE\Microsoft\Windows\CurrentVersion\Run item jusched hkey HKLM command C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe inimapping 0 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\state system.ini 0 win.ini 0 bootini 0 services 0 startup 2 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer NoCDBurning 0 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum {BDEADF00-C265-11D0-BCED-00A0C90AB50F} = C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL {6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} = {0DF44EAA-FF21-4412-828E-260A8728E7F1} = HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ratings Key ÐtÜLMXÛ³?%Rê FileName0 C:\WINDOWS\system32\RSACi.rat Hint the password is "steve" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ratings\.Default Allow_Unknowns 0 PleaseMom 0 Enabled 0 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ratings\.Default\http://www.rsac.org/ratingsv01.html l 0 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ratings\PICSRules HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ratings\PICSRules\.Default NumSys 0 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system dontdisplaylastusername 0 legalnoticecaption legalnoticetext shutdownwithoutlogon 1 undockwithoutlogon 1 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies] HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Associations HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer NoDriveTypeAutoRun 145 NoDrives ÒÿÿLMXÛ³?%Rê HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] PostBootReminder {7849596a-48ea-486e-8937-a2a3009f31a9} = %SystemRoot%\system32\SHELL32.dll CDBurn {fbeb8a05-beee-4442-804e-409d6c4515e9} = %SystemRoot%\system32\SHELL32.dll WebCheck {E6FB5E20-DE35-11CF-9C87-00AA005127ED} = C:\WINDOWS\system32\webcheck.dll SysTray {35CEC8A3-2BE6-11D2-8773-92E220524153} = C:\WINDOWS\System32\stobject.dll UPnPMonitor {e57ce738-33e8-4c51-8354-bb4de9d215d1} = C:\WINDOWS\system32\upnpui.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] UserInit = C:\WINDOWS\system32\userinit.exe, Shell = Explorer.exe System = HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain = crypt32.dll HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet = cryptnet.dll HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll = cscdll.dll HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp = wlnotify.dll HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule = wlnotify.dll HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy = sclgntfy.dll HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn = WlNotify.dll HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv = wlnotify.dll HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon = WgaLogon.dll HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon = wlnotify.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Your Image File Name Here without a path Debugger = ntsd -d [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] AppInit_DLLs »»»»»»»»»»»»»»»»»»»»»»»» Scan Complete »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» WinPFind v1.4.1 - Log file written to "WinPFind.Txt" in the WinPFind folder. Scan completed on 07-04-07 13:09:22 Dieser Beitrag wurde am 07.04.2007 um 08:49 Uhr von Tempest editiert.
|
|
|
||
07.04.2007, 14:05
Ehrenmitglied
Beiträge: 29434 |
#23
Relevanter Eintrag:
"nodrives" für "Diese angegebenen Datenträger im Arbeitsplatz ausblenden" und "noviewondrive" für "Zugriff auf Laufwerke vom Arbeitsplatz nicht zulassen" beides sind Reg_DWords. -------------------------------------------------------------------- Start - Ausfuehren - regedit klicke dich durch zu den schluesseln: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer NoDrives - ÒÿÿLMXÛ³?%Rê - loeschen http://www.windowspage.de/frame.php?http://www.windowspage.de/gemeinsame/desktop/nodrives.html -------- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ratings Key - ÐtÜLMXÛ³?%Rê - loeschen Hint the password is "steve" loeschen PC neustarten __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
08.04.2007, 08:09
Member
Themenstarter Beiträge: 25 |
#24
Ok alle dateien geloescht aber nichts passiert.
Selbe Problem. |
|
|
||
08.04.2007, 12:55
Ehrenmitglied
Beiträge: 29434 |
#25
Oeffne den Texteditor (Notepad) und kopiere diesen Text rein. mit 'Speichern unter' auf dem Desktop. Gebe bei Dateityp 'Alle Dateien' an. abspeichern als: 018.bat
Doppeltklicken und kopiere den Text ab, der angezeigt wird. - c:\key4.txt Zitat regedit /e c:\key4.txt "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer" __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
09.04.2007, 09:51
Member
Themenstarter Beiträge: 25 |
#26
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run] |
|
|
||
09.04.2007, 17:13
Ehrenmitglied
Beiträge: 29434 |
#27
Den folgenden Text in den Editor (Start - Zubehör - Editor) kopieren und als fixme.reg mit 'Speichern unter' auf dem Desktop. Gebe bei Dateityp 'Alle Dateien' an. Du solltest jetzt auf dem Desktop diese Datei finden.
Die Datei "fixme.reg" auf dem Desktop doppelklicken - und der registry beifuegen (mit Y ) Zitat REGEDIT4PC neustarten ´´´´´´´´´´´´ beschreibe das Problem noch mal korrekt, so dass ich es verstehe............. Es ist bei Laufwerk C, meiner externen Festplatte sowie bei meinem DVD Laufwerk die funktion serch ganz oben........... __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
10.04.2007, 12:12
Member
Themenstarter Beiträge: 25 |
#28
gibt es die Moeglichkeit dir einen screenshot zu posten?
Ich weis bloss nicht wo er die screenshots abspeichert Dieser Beitrag wurde am 10.04.2007 um 12:49 Uhr von Tempest editiert.
|
|
|
||
10.04.2007, 14:38
Ehrenmitglied
Beiträge: 29434 |
||
|
||
10.04.2007, 14:57
Member
Themenstarter Beiträge: 25 |
#30
nun weis ich aber immer noch in welchen ordner er die screenshots packt kann sie nicht finden ; )
Ok ich beschreibe es nochmal. Wenn ich mit meiner Maus im Explorer doppelklick auf (Laufwerk C, Meine Tragbare Festplatte oder das DVD Laufwerk) mache oeffnet sich die suchfunktion von Windows. wenn ich mit der rechten Maustaste wuf eines dieser laufwerke klicke steht an erster stelle search an 2 stelle open und an 3 explore. als ich hier zum ersten mal mein Problem geschildert hatte war noch bei Laufwerk C und und meiner externen Festplatte die Autoplay funktion an erster stelle und er hatte mir eine error meldung angezeigt wenn ich doppelklick drauf gemacht hatte. Dieses Problem haben wir aber irgentwie behoben mit einer deiner fehlersuchfunktionen. Nun wuerde ich noch gern irgentwie diese suchfunktion wieder raus bekommen. Dieser Beitrag wurde am 10.04.2007 um 15:33 Uhr von Tempest editiert.
|
|
|
||
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\ygafittg
*******************
Script file located at: \??\C:\Documents and Settings\xxcpywkk.txt
Script file opened successfully.
Script file read successfully
Backups directory opened successfully at C:\Avenger
*******************
Beginning to process script file:
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\uwasfsd not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\uwasfsd failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\uwasfsd
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\uwasfsd not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\uwasfsd failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\uwasfsd
Status: 0xc0000034
File C:\WINDOWS\Downloaded Program Files\UERS_9999_N91S2507NetInstaller.exe deleted successfully.
File C:\WINDOWS\Downloaded Program Files\popcaploader.inf not found!
Deletion of file C:\WINDOWS\Downloaded Program Files\popcaploader.inf failed!
Could not process line:
C:\WINDOWS\Downloaded Program Files\popcaploader.inf
Status: 0xc0000034
File C:\WINDOWS\Downloaded Program Files\miniclipGameLoader.dll not found!
Deletion of file C:\WINDOWS\Downloaded Program Files\miniclipGameLoader.dll failed!
Could not process line:
C:\WINDOWS\Downloaded Program Files\miniclipGameLoader.dll
Status: 0xc0000034
File C:\WINDOWS\Downloaded Program Files\popcaploader.dll not found!
Deletion of file C:\WINDOWS\Downloaded Program Files\popcaploader.dll failed!
Could not process line:
C:\WINDOWS\Downloaded Program Files\popcaploader.dll
Status: 0xc0000034
File C:\WINDOWS\Downloaded Program Files\f3initialsetup1.0.0.15-3.inf not found!
Deletion of file C:\WINDOWS\Downloaded Program Files\f3initialsetup1.0.0.15-3.inf failed!
Could not process line:
C:\WINDOWS\Downloaded Program Files\f3initialsetup1.0.0.15-3.inf
Status: 0xc0000034
File C:\WINDOWS\Downloaded Program Files\ATPartners.inf deleted successfully.
File C:\WINDOWS\Downloaded Program Files\CandyBarBGM.inf not found!
Deletion of file C:\WINDOWS\Downloaded Program Files\CandyBarBGM.inf failed!
Could not process line:
C:\WINDOWS\Downloaded Program Files\CandyBarBGM.inf
Status: 0xc0000034
File C:\WINDOWS\system32\f3PSSavr.scr deleted successfully.
File c:\windows\system32\ogleac.exe not found!
Deletion of file c:\windows\system32\ogleac.exe failed!
Could not process line:
c:\windows\system32\ogleac.exe
Status: 0xc0000034
File C:\Windows\System32\drivers\uwasfsd.sys deleted successfully.
Folder C:\Program Files\Common Files\GMT not found!
Deletion of folder C:\Program Files\Common Files\GMT failed!
Could not process line:
C:\Program Files\Common Files\GMT
Status: 0xc0000034
Folder C:\WINDOWS\Downloaded Program Files\CONFLICT.1 deleted successfully.
Folder C:\WINDOWS\Downloaded Program Files\CONFLICT.10 deleted successfully.
Folder C:\WINDOWS\Downloaded Program Files\CONFLICT.11 deleted successfully.
Folder C:\WINDOWS\Downloaded Program Files\CONFLICT.12 deleted successfully.
Folder C:\WINDOWS\Downloaded Program Files\CONFLICT.13 deleted successfully.
Folder C:\WINDOWS\Downloaded Program Files\CONFLICT.14 deleted successfully.
Folder C:\WINDOWS\Downloaded Program Files\CONFLICT.15 deleted successfully.
Folder C:\WINDOWS\Downloaded Program Files\CONFLICT.16 deleted successfully.
Folder C:\WINDOWS\Downloaded Program Files\CONFLICT.17 deleted successfully.
Folder C:\WINDOWS\Downloaded Program Files\CONFLICT.18 deleted successfully.
Folder C:\WINDOWS\Downloaded Program Files\CONFLICT.19 deleted successfully.
Folder C:\WINDOWS\Downloaded Program Files\CONFLICT.2 deleted successfully.
Folder C:\WINDOWS\Downloaded Program Files\CONFLICT.20 deleted successfully.
Folder C:\WINDOWS\Downloaded Program Files\CONFLICT.21 deleted successfully.
Folder C:\WINDOWS\Downloaded Program Files\CONFLICT.22 deleted successfully.
Folder C:\WINDOWS\Downloaded Program Files\CONFLICT.23 deleted successfully.
Folder C:\WINDOWS\Downloaded Program Files\CONFLICT.24 deleted successfully.
Folder C:\WINDOWS\Downloaded Program Files\CONFLICT.25 deleted successfully.
Folder C:\WINDOWS\Downloaded Program Files\CONFLICT.26 deleted successfully.
Folder C:\WINDOWS\Downloaded Program Files\CONFLICT.27 deleted successfully.
Folder C:\WINDOWS\Downloaded Program Files\CONFLICT.28 deleted successfully.
Folder C:\WINDOWS\Downloaded Program Files\CONFLICT.29 deleted successfully.
Folder C:\WINDOWS\Downloaded Program Files\CONFLICT.3 deleted successfully.
Folder C:\WINDOWS\Downloaded Program Files\CONFLICT.30 deleted successfully.
Folder C:\WINDOWS\Downloaded Program Files\CONFLICT.31 deleted successfully.
Folder C:\WINDOWS\Downloaded Program Files\CONFLICT.4 deleted successfully.
Folder C:\WINDOWS\Downloaded Program Files\CONFLICT.5 deleted successfully.
Folder C:\WINDOWS\Downloaded Program Files\CONFLICT.6 deleted successfully.
Folder C:\WINDOWS\Downloaded Program Files\CONFLICT.7 deleted successfully.
Folder C:\WINDOWS\Downloaded Program Files\CONFLICT.8 deleted successfully.
Folder C:\WINDOWS\Downloaded Program Files\CONFLICT.9 deleted successfully.
Folder C:\Program Files\Absolute Poker deleted successfully.
Folder C:\Program Files\FunWebProducts deleted successfully.
Folder C:\Program Files\Jnberdg deleted successfully.
Folder C:\Program Files\MyWebSearch deleted successfully.
Folder C:\Program Files\PacificPoker deleted successfully.
Folder C:\Program Files\PowerQuest deleted successfully.
Folder C:\Program Files\WinAntiSpyware 2006 Scanner deleted successfully.
Folder C:\Program Files\Common Files\WinAntiSpyware 2006 Free not found!
Deletion of folder C:\Program Files\Common Files\WinAntiSpyware 2006 Free failed!
Could not process line:
C:\Program Files\Common Files\WinAntiSpyware 2006 Free
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WinAntiSpyware 2006 Scanner_is1 not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WinAntiSpyware 2006 Scanner_is1 failed!
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6217428-905B-452F-B14D-1D2FEA169D52} not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6217428-905B-452F-B14D-1D2FEA169D52} failed!
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\WinAntiSpyware 2006 Scanner not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\WinAntiSpyware 2006 Scanner failed!
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IST Service deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\outlook deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Evihkyo deleted successfully.
Completed script processing.
*******************
Finished! Terminate.
ok lade gerade http://virus-protect.org/counterspy1.html runter dauert aber noch ne gute stunde