autoplay in Laufwerk C und suchfunktion bei CD Laufwerk |
||
---|---|---|
#0
| ||
01.04.2007, 10:09
Member
Beiträge: 25 |
||
|
||
01.04.2007, 13:17
Ehrenmitglied
Beiträge: 29434 |
#2
Tempest
um zu sehen, was los ist, arbeite das ab und poste die logs http://board.protecus.de/t23188.htm __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
02.04.2007, 12:21
Member
Themenstarter Beiträge: 25 |
#3
So hier die gewuenschten daten.
Logfile of HijackThis v1.99.1 Scan saved at 5:51:54 PM, on 4/2/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\winlogon.exe C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Logitech\Video\CameraAssistant.exe C:\WINDOWS\system32\ElkCtrl.exe C:\WINDOWS\system32\hkcmd.exe C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\QuickTime\qttask.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\RTHDCPL.EXE C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Belkin\Belkin 802.11g Wireless PCI Card Configuration Utility\utility.exe C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe C:\WINDOWS\system32\winlogon.exe C:\Program Files\Logitech\iTouch\iTouch.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\DOCUME~1\Tim\LOCALS~1\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://as.starware.com/dp/search?x=wKX1ILEOi+Vh7AfA98Gm4Me69ZMbubcDsnJKz/X5X zqAjX7PHdH5Xiz/UyDJJq8a+Qaf8La1 +hoAD2pKiAHiCI5ET7sO0cFCsD5WKOd/K23LDMJs0dTCY0e0Tics2G2aI4yteoEL0V54aT/EAfvuMqy4GIz158yXCS V6GXN6AeRTmlZDNnHeM/SRmbv+xywXmdJ8Avv1mzN4zQHWZmaHgw== R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch R3 - URLSearchHook: (no name) - - (no file) R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL O2 - BHO: (no name) - {0199DF25-9820-4bd5-9FEE-5A765AB4371E} - (no file) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL O2 - BHO: XBTB04651 Class - {1EAD0E5F-8B93-4c28-90BD-A9672968D6E3} - C:\DOCUME~1\Steve\Desktop\CHALLE~1\RACING~1.DLL (file missing) O2 - BHO: (no name) - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - (no file) O2 - BHO: (no name) - {77701e16-9bfe-4b63-a5b4-7bd156758a37} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL O4 - HKLM\..\Run: [ogleac] c:\windows\system32\ogleac.exe O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE OptiView Camera O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=0 O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Belkin 802.11g Wireless PCI Card Configuration Utility.lnk = C:\Program Files\Belkin\Belkin 802.11g Wireless PCI Card Configuration Utility\utility.exe O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZNxmk571YYAU O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [INTERNATIONAL] International* O16 - DPF: RaptisoftGameLoader - http://www.miniclip.com/haphazard/raptisoftgameloader.cab O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/potg_x.cab O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {04BEAB9D-5C42-4C40-BBF0-C6C7470AD2B2} (CupidBar) - http://www.incredidate.com/increditoolbar/Cupidstoolbar.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://signup.msn.com/pages/MsnInstC.cab O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.15-3.cab O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F99} (CR64Loader Object) - http://www.miniclip.com/platypus/miniclipGameLoader.dll O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst20040510.cab O16 - DPF: {3FE16C08-D6A7-4133-84FC-D5BFB4F7D886} (WebGameLoader Class) - http://www.miniclip.com/ricochet/ReflexiveWebGameLoader.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://jdhitchen.spaces.live.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} (Slide Image Uploader Control) - http://www.slide.com/uploader/SlideImageUploader.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1113228956671 O16 - DPF: {7A02704D-EAC8-45AF-B408-27D6FBA6C26D} (CandyBarBGM Control) - http://www.candybar.co.kr/common/ax/CandyBarBGM.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {91433D86-9F27-402C-B5E3-DEBDD122C339} - http://www.playqames.com/default.cab?uid=1&id=60764&1s&ex&ppd=4 O16 - DPF: {A1426AC5-8CE5-4A00-B71E-011D35709AC6} - http://advnt01.com/dialer/int_ver34.CAB O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.offexploring.com/journal/imageupload/ImageUploader3.cab O16 - DPF: {AF2E62B6-F9E1-4D4F-A10A-9DC8E6DCBCC0} - http://update.videoegg.com/Install/Windows/Initial/VideoEggPublisher.exe O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab O16 - DPF: {B64F4A7C-97C9-11DA-8BDE-F66BAD1E3F3A} - http://locator1.cdn.imagesrvr.com/sites/errorsafe.com/www/pages/scanner/ErrorSafeFreeInstall.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://static.photobox.co.uk/sg/common/uploader.cab O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - http://a532.g.akamai.net/f/532/6712/5m/virtools.download.akamai.com/6712/player/install/installer.exe O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://download.games.yahoo.com/games/web_games/gamehouse/frenzy/SproutLauncher.cab O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://aolsvc.aol.com/onlinegames/chuzzledeluxe/popcaploader_v7.cab O16 - DPF: {EE8B6D5F-FEF2-11D0-B13F-00A024798EF3} (Microsoft Search Settings Control) - http://lg.home.microsoft.com/search/lobby/searchsettings.cab O16 - DPF: {F919FBD3-A96B-4679-AF26-F551439BB5FD} - http://locator1.cdn.imagesrvr.com/sites/errorsafe.com/www/pages/scanner/ErrorSafeFreeInstall.cab O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C1} (GameDesire Pool 8) - http://67.15.101.3/g_bin/eng/billard8_2_0_0_24.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{B263D942-0E20-481C-93C5-FBBB693AF9BC}: NameServer = 85.255.116.69,85.255.112.110 O17 - HKLM\System\CCS\Services\Tcpip\..\{BB424ACA-8024-4DD7-886E-98B9B1082A0F}: NameServer = 85.255.116.69,85.255.112.110 O17 - HKLM\System\CCS\Services\Tcpip\..\{D04D2625-8B51-49A7-B15D-28819779CB1E}: NameServer = 85.255.116.69,85.255.112.110 O17 - HKLM\System\CCS\Services\Tcpip\..\{E5B18526-254D-4EE2-AEBB-BB1511F8F96D}: NameServer = 85.255.116.69,85.255.112.110 O17 - HKLM\System\CCS\Services\Tcpip\..\{FBDC8F7D-809D-49D1-8949-5F5E96D48E15}: NameServer = 85.255.116.69,85.255.112.110 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.69 85.255.112.110 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.69 85.255.112.110 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe "Tim" - 07-04-02 18:25:20 Service Pack 2 ComboFix 07-03-27.4.2 - Running from: "C:\Documents and Settings\Tim\Desktop" (((((((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) C:\WINDOWS\system32\temp1.exe c:\autorun.inf f:\autorun.inf f:\host.exe C:\Program Files\outlook\outlook.exe C:\Program Files\outlook\p.zip C:\Program Files\outlook\v.tmp C:\install.log C:\WINDOWS\autorun.inf C:\WINDOWS\xcopy.exe C:\Program Files\outlook ((((((((((((((((((((((((((((((( Files Created from 2007-03-02 to 2007-04-02 )))))))))))))))))))))))))))))))))) 2007-04-01 15:52 <DIR> d-------- C:\WINDOWS\network diagnostic 2007-04-01 14:25 <DIR> d-------- C:\Program Files\GetData 2007-04-01 14:21 <DIR> d-a------ C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP 2007-04-01 14:19 5,699,136 --a------ C:\BurnMyFiles-Setup.exe 2007-04-01 14:05 120,832 --a------ C:\tweakui.exe 2007-04-01 12:12 <DIR> d-------- C:\Program Files\Kaspersky Lab 2007-04-01 12:11 <DIR> d-------- C:\kav 2007-03-31 10:37 <DIR> d-------- C:\Clayton 2007-03-27 22:11 <DIR> d-------- C:\Program Files\MovieCommander 2007-03-24 07:06 <DIR> d-------- C:\DOCUME~1\TENNAN~1\APPLIC~1\FunWebProducts 2007-03-23 19:41 152,576 -ra------ C:\WINDOWS\system32\drivers\LV532AV.SYS 2007-03-22 05:02 <DIR> d-------- C:\DOCUME~1\TENNAN~1\APPLIC~1\Sony Corporation 2007-03-21 16:14 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\SonicStage 2007-03-21 16:10 90,112 --------- C:\WINDOWS\snymsico.dll 2007-03-21 16:10 38,951 --------- C:\WINDOWS\system32\drivers\NETMDUSB.sys 2007-03-21 16:10 36,679 --------- C:\WINDOWS\system32\drivers\NETMD052.sys 2007-03-21 16:10 36,232 --------- C:\WINDOWS\system32\drivers\NETMD033.sys 2007-03-21 16:10 35,319 --------- C:\WINDOWS\system32\drivers\NETMD031.sys 2007-03-21 16:10 27,255 --------- C:\WINDOWS\system32\drivers\NWWMUSB.sys 2007-03-21 16:10 11,510 --------- C:\WINDOWS\system32\drivers\VMCUSB.sys 2007-03-21 16:10 <DIR> d-------- C:\Program Files\Sony Corporation 2007-03-21 16:09 770,048 --a------ C:\WINDOWS\system32\CDDBUISony.dll 2007-03-21 16:09 73,728 --a------ C:\WINDOWS\system32\CddbLinkSony.dll 2007-03-21 16:09 643,072 --a------ C:\WINDOWS\system32\CDDBControlSony.dll 2007-03-21 16:09 585,728 --a------ C:\WINDOWS\system32\CddbMusicIDSony.dll 2007-03-21 16:09 20,640 --------- C:\WINDOWS\system32\drivers\PxHelp20.sys 2007-03-21 16:09 151,552 --------- C:\WINDOWS\system32\pxwma.dll 2007-03-21 16:09 109,568 --------- C:\WINDOWS\system32\pxinsi64.exe 2007-03-21 16:09 108,544 --------- C:\WINDOWS\system32\pxcpyi64.exe 2007-03-21 16:09 <DIR> d-------- C:\Program Files\Sony 2007-03-21 16:09 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Corporation 2007-03-21 16:08 <DIR> d-------- C:\Program Files\Common Files\Sony Shared 2007-03-21 16:08 <DIR> d-------- C:\DOCUME~1\Tim\APPLIC~1\Sony Corporation 2007-03-21 13:51 <DIR> d-------- C:\DOCUME~1\TENNAN~1\.limewire 2007-03-21 11:02 28,672 --a------ C:\WINDOWS\system32\f3PSSavr.scr 2007-03-21 11:02 <DIR> d-------- C:\Program Files\MyWebSearch 2007-03-21 11:01 <DIR> d-------- C:\Program Files\FunWebProducts 2007-03-08 19:20 <DIR> d-------- C:\DOCUME~1\Tim\APPLIC~1\EPSON 2007-03-03 12:46 21,504 --a------ C:\WINDOWS\system32\hidserv.dll 2007-03-03 12:46 <DIR> d-------- C:\DOCUME~1\TENNAN~1\APPLIC~1\U3 (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-03-29 16:05 -------- d-------- C:\Program Files\microsoft games 2007-03-23 19:58 -------- d-------- C:\DOCUME~1\Tim\APPLIC~1\teamspeak2 2007-03-21 16:10 -------- d--h----- C:\Program Files\installshield installation information 2007-03-21 11:02 -------- d-------- C:\Program Files\msn messenger 2007-03-10 08:14 -------- d-------- C:\DOCUME~1\Tim\APPLIC~1\ventrilo 2007-02-28 14:21 -------- d-------- C:\Program Files\epson 2007-02-15 17:33 -------- d-------- C:\Program Files\lemonade tycoon 2 2007-02-15 17:31 -------- d-------- C:\Program Files\pacificpoker 2007-02-09 07:13 -------- d-------- C:\Program Files\ventrilo 2007-02-09 07:13 -------- d-------- C:\Program Files\Common Files\wise installation wizard 2007-02-03 19:08 -------- d-------- C:\Program Files\reflexivearcade (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe" "LDM"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\BackWeb-8876480.exe" "msnmsgr"="\"C:\\Program Files\\MSN Messenger\\msnmsgr.exe\" /background" "Skype"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /nosplash /minimized" "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="\"C:\\Program Files\\Common Files\\Ahead\\Lib\\NMBgMonitor.exe\"" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "ogleac"="c:\\windows\\system32\\ogleac.exe" "BigDogPath"="C:\\WINDOWS\\VM_STI.EXE OptiView Camera" "LogitechCameraAssistant"="C:\\Program Files\\Logitech\\Video\\CameraAssistant.exe" "LogitechVideo[inspector]"="C:\\Program Files\\Logitech\\Video\\InstallHelper.exe /inspect" "LogitechCameraService(E)"="C:\\WINDOWS\\system32\\ElkCtrl.exe /automation" "High Definition Audio Property Page Shortcut"="HDAShCut.exe" "IgfxTray"="C:\\WINDOWS\\system32\\igfxtray.exe" "HotKeysCmds"="C:\\WINDOWS\\system32\\hkcmd.exe" "zBrowser Launcher"="C:\\Program Files\\Logitech\\iTouch\\iTouch.exe" "EM_EXEC"="C:\\PROGRA~1\\Logitech\\MOUSEW~1\\SYSTEM\\EM_EXEC.EXE" "LVCOMSX"="C:\\WINDOWS\\system32\\LVCOMSX.EXE" "QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime" "iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\"" "RTHDCPL"="RTHDCPL.EXE" "SkyTel"="SkyTel.EXE" "Alcmtr"="ALCMTR.EXE" "SsAAD.exe"="C:\\PROGRA~1\\Sony\\SONICS~1\\SsAAD.exe" "My Web Search Bar Search Scope Monitor"="\"C:\\PROGRA~1\\MYWEBS~1\\bar\\1.bin\\m3SrchMn.exe\" /m=0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk] "path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Adobe Reader Speed Launch.lnk" "backup"="C:\\WINDOWS\\pss\\Adobe Reader Speed Launch.lnkCommon Startup" "location"="Common Startup" "command"="C:\\PROGRA~1\\Adobe\\ACROBA~1.0\\Reader\\READER~1.EXE " "item"="Adobe Reader Speed Launch" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^GStartup.lnk] "path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\GStartup.lnk" "backup"="C:\\WINDOWS\\pss\\GStartup.lnkCommon Startup" "location"="Common Startup" "command"="C:\\Program Files\\Common Files\\GMT\\GMT.exe /startup" "item"="GStartup" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Evihkyo] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Hyfzp" "hkey"="HKLM" "command"="C:\\Program Files\\Jnberdg\\Hyfzp.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMC] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="imc" "hkey"="HKCU" "command"="C:\\Program Files\\FriendFinder\\FriendFinder Messenger 30\\imc.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IST Service] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="istsvc" "hkey"="HKLM" "command"="C:\\Program Files\\ISTsvc\\istsvc.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\outlook] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="outlook" "hkey"="HKLM" "command"="C:\\Program Files\\outlook\\outlook.exe /auto" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="jusched" "hkey"="HKLM" "command"="C:\\Program Files\\Java\\jre1.5.0_06\\bin\\jusched.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload] "UPnPMonitor"="{e57ce738-33e8-4c51-8354-bb4de9d215d1}" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoCDBurning"=dword:00000000 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\Run] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll" [color=red]SafeBoot registry key needs to be repaired. This machine cannot enter Safe Mode.[/color] [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost] LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0 NetworkService REG_MULTI_SZ DnsCache\0\0 rpcss REG_MULTI_SZ RpcSs\0\0 imgsvc REG_MULTI_SZ StiSvc\0\0 termsvcs REG_MULTI_SZ TermService\0\0 HTTPFilter REG_MULTI_SZ HTTPFilter\0\0 DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0 Usnsvc REG_MULTI_SZ usnsvc\0\0 [HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\C] Shell\AutoRun\command C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe [HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F] Shell\AutoRun\command C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe [HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{38146374-6cf4-11da-8cba-806d6172696f}] Shell\AutoRun\command C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe [HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{44af056b-d46d-11db-bd79-0011506671f7}] Shell\AutoRun\command C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe [HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{80f06a0f-b1cf-11db-bd3b-0011506671f7}] Shell\AutoRun\command C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe [HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8b30c4b4-8ab8-11db-bd25-0011506671f7}] Shell\AutoRun\command C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe ******************************************************************** catchme 0.2 W2K/XP/Vista - userland rootkit detector by Gmer, 17 October 2006 http://www.gmer.net scanning hidden processes ... scanning hidden services ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 ******************************************************************** Completion time: 07-04-02 18:29:07 Volume in drive C has no label. Volume Serial Number is 900A-34A7 Directory of C:\WINDOWS\system32 04/02/2007 04:05 PM 1,374 wpa.dbl 03/27/2007 11:17 PM 328,168 perfh009.dat 03/27/2007 11:17 PM 43,832 perfc009.dat 03/27/2007 11:17 PM 376,266 PerfStringBackup.INI 03/21/2007 11:02 AM 28,672 f3PSSavr.scr 03/08/2007 04:36 AM 12,619,736 MRT.exe 02/17/2007 02:01 AM 126,224 TZLog.log 02/17/2007 02:01 AM 4,681 MRT.INI 02/15/2007 05:01 PM 336,768 WgaTray.exe 02/15/2007 05:01 PM 1,476,992 LegitCheckControl.dll 02/15/2007 05:00 PM 236,928 WgaLogon.dll 01/29/2007 04:58 PM 60,416 tzchange.exe 01/24/2007 03:29 AM 546,304 hhctrl.ocx 01/04/2007 10:05 PM 1,498,112 shdocvw.dll 01/04/2007 10:05 PM 474,112 shlwapi.dll 01/04/2007 10:05 PM 1,022,976 browseui.dll 01/04/2007 10:05 PM 151,040 cdfview.dll 01/04/2007 10:05 PM 1,054,208 danim.dll 01/04/2007 06:50 PM 248,320 xpsp3res.dll 12/20/2006 05:52 AM 134,656 shsvcs.dll 12/20/2006 05:52 AM 8,453,632 shell32.dll 12/20/2006 02:16 AM 333,824 wiaservc.dll 12/19/2006 10:15 PM 2,136,064 ntoskrnl.exe 12/19/2006 08:55 PM 2,015,744 ntkrnlpa.exe 12/12/2006 03:28 PM 141,240 FNTCACHE.DAT 12/07/2006 01:29 PM 2,374,472 wmvcore.dll 12/03/2006 10:48 PM 75 LuResult.txt 11/27/2006 10:54 PM 539,136 msftedit.dll 11/27/2006 10:54 PM 433,152 riched20.dll 11/17/2006 02:14 PM 14,640 spmsg.dll 11/08/2006 01:06 PM 679,424 inetcomm.dll 11/07/2006 09:03 PM 3,577,856 mshtml.dll 11/07/2006 09:03 PM 475,648 mshtmled.dll 11/07/2006 09:03 PM 50,688 msfeedsbs.dll 11/07/2006 09:03 PM 191,488 iepeers.dll 11/07/2006 09:03 PM 458,752 msfeeds.dll 11/07/2006 09:03 PM 1,162,240 urlmon.dll 11/07/2006 09:03 PM 131,584 extmgr.dll 11/07/2006 09:03 PM 818,688 wininet.dll 11/07/2006 09:03 PM 27,136 jsproxy.dll 11/07/2006 09:03 PM 156,160 msls31.dll 11/07/2006 09:03 PM 670,720 mstime.dll 11/07/2006 09:03 PM 180,736 ieui.dll 11/07/2006 09:03 PM 231,424 webcheck.dll 11/07/2006 09:03 PM 413,696 vbscript.dll 11/07/2006 09:03 PM 6,049,280 ieframe.dll 11/07/2006 03:27 AM 382,976 iedkcs32.dll 11/07/2006 03:27 AM 229,376 ieaksie.dll 11/07/2006 03:26 AM 152,064 ieakeng.dll 11/07/2006 03:26 AM 71,680 admparse.dll 11/07/2006 03:26 AM 55,296 iesetup.dll 11/07/2006 03:26 AM 13,312 ieudinit.exe 11/07/2006 03:26 AM 54,784 ie4uinit.exe 11/07/2006 03:26 AM 43,008 iernonce.dll 11/07/2006 03:26 AM 123,904 advpack.dll 11/07/2006 03:26 AM 92,672 inseng.dll 11/07/2006 03:25 AM 10,240 advpack.dll.mui 11/07/2006 03:25 AM 161,792 ieakui.dll 11/07/2006 03:24 AM 56,483 ieuinit.inf 11/04/2006 02:14 PM 1,245,696 msxml4.dll 11/02/2006 03:17 AM 927,504 mfc40u.dll 10/25/2006 07:15 PM 65,536 QuickTimeVR.qtx 10/25/2006 07:15 PM 49,152 QuickTime.qts 10/19/2006 09:56 PM 713,216 sxs.dll 10/17/2006 12:06 PM 443,904 html.iec 10/17/2006 12:06 PM 78,336 ieencode.dll 10/17/2006 12:05 PM 206,336 WinFXDocObj.exe 10/17/2006 12:05 PM 1,817,088 inetcpl.cpl 10/17/2006 12:05 PM 105,984 url.dll 10/17/2006 12:05 PM 192,000 msrating.dll 10/17/2006 12:05 PM 40,960 licmgr10.dll 10/17/2006 12:04 PM 101,376 occache.dll 10/17/2006 12:03 PM 17,408 corpol.dll 10/17/2006 12:02 PM 991,232 ieframe.dll.mui 10/17/2006 12:00 PM 491,520 jscript.dll 10/17/2006 11:58 AM 12,288 msfeedssync.exe 10/17/2006 11:58 AM 61,952 icardie.dll 10/17/2006 11:58 AM 44,544 pngfilt.dll 10/17/2006 11:58 AM 346,624 dxtmsft.dll 10/17/2006 11:57 AM 36,352 imgutil.dll 10/17/2006 11:57 AM 214,528 dxtrans.dll 10/17/2006 11:57 AM 266,752 iertutil.dll 10/17/2006 11:56 AM 45,568 mshta.exe 10/17/2006 11:55 AM 66,560 tdc.ocx 10/17/2006 11:28 AM 48,128 mshtmler.dll 10/17/2006 11:27 AM 380,928 ieapfltr.dll 10/17/2006 11:19 AM 1,383,424 mshtml.tlb 10/17/2006 12:15 AM 122,880 oledlg.dll 10/15/2006 06:16 PM 1,192 Installer.log 10/15/2006 06:09 PM 4,854 lvcoinst.log 10/14/2006 04:13 PM 981,760 mfc42u.dll 10/13/2006 08:35 PM 142,336 nwprovau.dll Dieser Beitrag wurde am 02.04.2007 um 12:44 Uhr von Tempest editiert.
|
|
|
||
02.04.2007, 12:43
Ehrenmitglied
Beiträge: 29434 |
#4
Tempest
1. wende cleanup an http://virus-protect.org/cleanup.html 2. wende fixwareout an und poste den scanreport http://virus-protect.org/artikel/tools/fixwareout.html 3. öffne das HijackThis -- Button "scan" -- vor diese Einträge Häkchen setzen -- Button "Fix checked" -- PC neustarten Zitat R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://as.starware.com/dp/search?x=wKX1ILEOi+Vh7AfA98Gm4Me69ZMbubcDsnJKz/X5XPC neustarten 4. Arbeitsplatz - Systemsteuerung - Netzwerk Eigenschaften von TCP/IP, Register Allgemein, Option: IP-Adresse automatisch + DNS-Server-Adresse automatisch beziehen - anhaken 5. Um die Diensteverwaltung explizit aufzurufen, eingeben unter: Start - Ausführen : services.msc TCP/IP-NetBIOS-Hilfsprogramm - deaktivieren 6. Den folgenden Text in den Editor (Start - Zubehör - Editor) kopieren und als listen.bat mit 'Speichern unter' auf dem Desktop. Gebe bei Dateityp 'Alle Dateien' an. Du solltest jetzt auf dem Desktop diese Datei finden. --> die listen.bat doppelt klicken--> kopiere den Text, der erscheint Zitat cd\ __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
02.04.2007, 12:51
Member
Themenstarter Beiträge: 25 |
#5
Ok sorry das ist alles schon fast zu hoch fuer mich.
Was meinst du mit Editor? Habe da Notpat dann diese Dos funktion, wordpat und den Windows explorer. Dann wuesste ich auch nicht was du weiter meins. (mit und als listen.bat mit 'Speichern unter' auf dem Desktop. Gebe bei Dateityp 'Alle Dateien' an.) kannst du das noch mal besser erklaeren Bitte? |
|
|
||
02.04.2007, 12:54
Ehrenmitglied
Beiträge: 29434 |
#6
arbeite erst mal Punkt 1 bis 5 ab und poste dann das log vom <fixwareout + das neue HijackTHis, dann sehen wir weiter
__________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
02.04.2007, 13:03
Member
Themenstarter Beiträge: 25 |
#7
Ich dachte das haette ich gemacht.
also punkt 1: ist schon gepostet punkt 2 : Clean up habe ich durchlaufen lassen. (habe bloss nichts eingestellt einfach nur start gedrueckt) punkt 3: habe ich auch gemacht und gepostet punkt 4: gemacht und gepostet. sollte ich irgentwas vergessen haben lag es daran das das alles nicht so einfach ist sorry |
|
|
||
02.04.2007, 13:04
Ehrenmitglied
Beiträge: 29434 |
#8
wo ist der scanreport vom Fixwareout ?
dann fixe alles mit dem hijackTHis, was ich angegeben habe und poste das neue log vom HijacktHis __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
02.04.2007, 13:21
Member
Themenstarter Beiträge: 25 |
#9
Nach dem ich
öffne das HijackThis -- Button "scan" -- vor diese Einträge Häkchen setzen -- Button "Fix checked" -- PC neustarten gemacht habe ist das autoplay verschwunden und serch ist jetzt da. Also wenn ich doppelklick auf Laufwerk C mache oeffnet sich das suche Fenster von Windows wie schon beim CD Laufwerk. Haste jetzt ne ahnung was es sein kann? |
|
|
||
02.04.2007, 13:35
Ehrenmitglied
Beiträge: 29434 |
#10
so kann ich nicht arbeiten - und dein Rechner ist total verseucht - die internetverbindung wird auf einen Server in die Ukraine umgeleitet...usw. usw.
entweder formatiere gleich oder post die logs, die ich sehen moechte. (fixwareout + das neue Log vom HijackThis) __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
02.04.2007, 13:46
Member
Themenstarter Beiträge: 25 |
#11
Ist das jetzt das neue was du meinst?
Logfile of HijackThis v1.99.1 Scan saved at 7:45:15 PM, on 4/2/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe F:\Programme\HijackThis.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\ O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe und wenn du schreibst die internetverbindung wird auf einen Server in die Ukraine umgeleitet... wie schlimm ist das? |
|
|
||
02.04.2007, 13:59
Member
Themenstarter Beiträge: 25 |
#12
Fixwareout Last edited 2/11/2007
Post this report in the forums please ... »»»»»Prerun check »»»»» System restarted »»»»» Postrun check HKLM\SOFTWARE\~\Winlogon\ "System"="" .... .... »»»»» Misc files. .... »»»»» Checking for older varients. .... Search five digit cs, dm, kd, jb, other, files. The following files NEED TO BE SUBMITTED to one of the following URL'S for further inspection. Click browse, find the file then click submit. http://www.virustotal.com/flash/index_en.html Or http://virusscan.Jotti.org/ »»»»» Other »»»»» Current runs [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe" .... Hosts file was reset, If you use a custom hosts file please replace it »»»»» End report »»»»» |
|
|
||
02.04.2007, 14:00
Ehrenmitglied
Beiträge: 29434 |
#13
Den folgenden Text in den TEXTEditor - findest du unter: (Start - Zubehör - Editor) kopieren und als listen.bat mit 'Speichern unter' auf dem Desktop. Gebe bei Dateityp 'Alle Dateien' an. Du solltest jetzt auf dem Desktop diese Datei finden. --> die listen.bat doppelt klicken--> kopiere den Text, der erscheint
Zitat cd\ __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
02.04.2007, 14:05
Member
Themenstarter Beiträge: 25 |
#14
Ok muss fuer heute schluss machen bei mir ist schon recht spaet jetzt, danke dir erst mal rechtherzlich fuer deine Hilfe und sorry nochmals das ich es dir mit meiner unkompetenz noch schwer mache. Hoffentlich koennen wir das Problem morgen loesen
Volume in drive C has no label. Volume Serial Number is 900A-34A7 Directory of C:\WINDOWS\Downloaded Program Files 04/26/2004 02:25 PM 403 ATPartners.inf 10/25/2004 05:59 PM 1,996 CandyBarBGM.inf 01/03/2007 09:49 PM <DIR> CONFLICT.1 04/17/2006 04:06 AM <DIR> CONFLICT.10 04/17/2006 04:07 AM <DIR> CONFLICT.11 04/17/2006 04:07 AM <DIR> CONFLICT.12 04/17/2006 04:07 AM <DIR> CONFLICT.13 04/17/2006 04:07 AM <DIR> CONFLICT.14 04/17/2006 04:07 AM <DIR> CONFLICT.15 04/17/2006 04:07 AM <DIR> CONFLICT.16 04/17/2006 04:07 AM <DIR> CONFLICT.17 04/17/2006 04:07 AM <DIR> CONFLICT.18 04/17/2006 04:07 AM <DIR> CONFLICT.19 04/17/2006 04:07 AM <DIR> CONFLICT.2 04/17/2006 04:07 AM <DIR> CONFLICT.20 04/17/2006 04:07 AM <DIR> CONFLICT.21 04/17/2006 04:07 AM <DIR> CONFLICT.22 04/17/2006 04:07 AM <DIR> CONFLICT.23 04/17/2006 04:07 AM <DIR> CONFLICT.24 04/17/2006 04:07 AM <DIR> CONFLICT.25 04/17/2006 04:07 AM <DIR> CONFLICT.26 04/17/2006 04:13 AM <DIR> CONFLICT.27 04/17/2006 04:13 AM <DIR> CONFLICT.28 04/17/2006 04:13 AM <DIR> CONFLICT.29 04/17/2006 04:13 AM <DIR> CONFLICT.3 04/17/2006 04:13 AM <DIR> CONFLICT.30 04/17/2006 04:13 AM <DIR> CONFLICT.31 04/17/2006 04:13 AM <DIR> CONFLICT.4 04/17/2006 04:13 AM <DIR> CONFLICT.5 04/17/2006 04:13 AM <DIR> CONFLICT.6 04/17/2006 04:13 AM <DIR> CONFLICT.7 04/17/2006 04:13 AM <DIR> CONFLICT.8 04/17/2006 04:13 AM <DIR> CONFLICT.9 08/19/2005 03:53 PM 516 CTPID.inf 08/19/2005 03:52 PM 32,768 CTPID.ocx 06/23/2005 03:53 PM 523 CTSUEng.inf 06/22/2005 06:37 PM 225,280 CTSUEng.ocx 07/25/2002 06:13 PM 24,576 dwusplay.dll 07/25/2002 06:13 PM 196,608 dwusplay.exe 02/09/2005 04:54 PM 1,271 erma.inf 07/14/2005 03:28 PM 365 f3initialsetup1.0.0.15-3.inf 05/21/2005 01:36 PM 378 ImageUploader3.inf 07/02/2005 10:02 AM 1,873,432 ImageUploader3.ocx 12/27/2005 07:31 PM 1,467 int_ver34.INF 02/16/2005 05:15 PM 401,408 isusweb.dll 08/25/2003 06:12 PM 1,096 iuctl.inf 11/03/2005 08:24 PM 495 LegitCheckControl.inf 05/29/2003 03:00 PM 160,864 messengerstatsclient.dll 04/06/2004 07:03 PM 172,072 MessengerStatsPAClient.dll 01/20/2000 03:25 PM 1,162 Microsoft XML Parser for Java.osd 05/29/2003 02:00 PM 84,064 minesweeper.dll 02/14/2006 09:36 PM 133,232 miniclipGameLoader.dll 05/29/2003 03:00 PM 77,408 msgrchkr.dll 12/14/2005 10:24 AM 323,272 MsnInstC.dll 12/13/2005 05:10 PM 251 MsnInstC.inf 06/30/2005 03:19 PM 227 MsnMessengerSetupDownloader.inf 08/14/2005 12:26 AM 113,664 MsnMessengerSetupDownloader.ocx 06/20/2006 03:44 PM 379,704 MsnPUpld.dll 06/19/2006 02:40 PM 393 MsnPUpld.inf 06/29/2005 05:17 PM 227 opuc.inf 10/02/2004 10:34 PM 599 OSD28E7.OSD 11/09/2004 04:24 PM 126,976 popcaploader.dll 11/09/2004 01:22 PM 241 popcaploader.inf 05/31/2002 09:19 AM 117,328 puren-gb.dll 09/22/2004 03:59 PM 110,592 PURen-us.dll 01/08/2006 06:24 AM 123 qames.inf 12/04/2006 03:16 PM 144 QTPlugin.inf 09/10/2004 02:52 PM 139,264 ReflexiveWebGameLoader.dll 09/10/2004 02:52 PM 1,430 ReflexiveWebGameLoader.INF 10/02/2004 10:34 PM 151,552 RSGameLoader.dll 11/20/1997 09:23 PM 252 searchsettings.inf 11/20/1997 09:25 PM 34,816 searchsettings.ocx 09/13/2004 04:19 PM 249 SproutLauncher.inf 09/13/2004 04:26 PM 159,744 SproutWebLauncher.dll 11/09/2006 02:36 PM 5,019 swflash.inf 07/25/2006 01:02 PM 81,920 UERS_9999_N91S2507NetInstaller.exe 02/18/2005 10:11 AM 437,488 uploader.ocx 10/27/2002 07:32 PM 3,036 wmv9dmo.inf 06/30/2003 10:41 PM 1,689 WMV9VCM.inf 08/03/2004 02:51 PM 293 wuweb.inf 04/10/2006 03:48 PM 1,195 Yahoo! Pool 2.osd 01/26/2004 06:42 PM 856 yinst.inf 01/26/2004 06:40 PM 133,120 yinsthelper.dll 11/17/2004 10:44 PM 114,728 Zintro.ocx 53 File(s) 5,831,776 bytes 31 Dir(s) 74,539,479,040 bytes free Volume in drive C has no label. Volume Serial Number is 900A-34A7 Directory of C:\Program Files 04/02/2007 06:28 PM <DIR> . 04/02/2007 06:28 PM <DIR> .. 12/14/2005 09:40 PM <DIR> AAALOGO 07/09/2006 11:47 PM <DIR> Absolute Poker 02/07/2006 10:28 AM <DIR> AC3Filter 02/26/2007 04:32 PM <DIR> Activision 07/02/2005 06:59 PM <DIR> Adobe 12/12/2006 05:42 PM <DIR> AVSMedia 10/10/2005 08:06 PM <DIR> Belkin 02/25/2006 01:04 AM <DIR> BitLord 03/21/2007 04:08 PM <DIR> Common Files 12/04/2005 06:02 PM <DIR> Creative 06/18/2005 09:37 PM <DIR> directx 12/12/2006 05:44 PM <DIR> dvdSanta 01/20/2005 10:16 PM <DIR> eBlocs 01/19/2007 12:27 PM <DIR> ElastoMania111 12/12/2006 05:49 PM <DIR> EphPod 02/28/2007 02:21 PM <DIR> epson 02/08/2006 08:23 PM <DIR> Freeze.com 11/19/2006 12:10 PM <DIR> FriendFinder 03/21/2007 04:12 PM <DIR> FunWebProducts 10/11/2005 11:20 PM <DIR> fxsgts 08/27/2005 07:48 PM <DIR> FXtrainer 09/05/2005 06:26 AM <DIR> FXtrainerPro 05/01/2006 02:55 PM <DIR> GameHouse 04/02/2006 08:36 AM <DIR> GanymedeNet 04/01/2007 02:25 PM <DIR> GetData 02/17/2007 01:17 PM <DIR> Grisoft 11/18/2006 03:13 PM <DIR> IncrediMail 04/14/2006 02:59 PM <DIR> Infogrames 11/28/2005 02:41 PM <DIR> Intel 04/01/2007 06:36 PM <DIR> Internet Explorer 12/13/2006 04:40 PM <DIR> iPod 12/15/2005 12:03 AM <DIR> IrfanView 12/13/2006 04:40 PM <DIR> iTunes 04/16/2006 06:17 PM <DIR> Java 04/17/2006 01:53 AM <DIR> Jnberdg 12/12/2006 05:51 PM <DIR> JpegSizer 5 04/01/2007 12:12 PM <DIR> Kaspersky Lab 11/28/2005 03:31 PM <DIR> Lavasoft 02/15/2007 05:33 PM <DIR> Lemonade Tycoon 2 06/11/2006 01:24 PM 359,112 LimeWireWin.exe 01/16/2005 10:46 PM <DIR> linksw 12/12/2006 05:52 PM <DIR> Logitech 12/14/2005 09:40 PM <DIR> Logo Cre8or 03/25/2005 11:21 AM <DIR> LucasArts 11/28/2005 02:57 PM <DIR> Marvell 01/29/2006 06:44 PM <DIR> Messenger 12/22/2005 06:04 PM <DIR> microsoft frontpage 03/29/2007 04:05 PM <DIR> Microsoft Games 12/12/2006 05:55 PM <DIR> Microsoft Office 07/08/2006 09:38 PM <DIR> Mingjong 12/12/2006 05:56 PM <DIR> mIRC 12/18/2005 12:22 PM <DIR> Movie Maker 03/27/2007 10:11 PM <DIR> MovieCommander 12/12/2006 05:56 PM <DIR> Mozilla Firefox 12/14/2005 11:49 PM <DIR> MSN 05/05/2004 10:23 AM <DIR> MSN Gaming Zone 03/21/2007 11:02 AM <DIR> MSN Messenger 03/06/2006 06:07 PM <DIR> MusicMatch 03/21/2007 11:02 AM <DIR> MyWebSearch 04/30/2006 11:44 AM <DIR> Nero 10/07/2005 10:08 AM <DIR> NetComm 01/29/2006 06:44 PM <DIR> NetMeeting 12/03/2006 10:51 PM <DIR> Norton AntiVirus 11/11/2006 12:49 PM <DIR> Oberon Media 12/14/2005 09:35 PM <DIR> OfficeUpdate11 05/05/2004 10:26 AM <DIR> Online Services 02/25/2006 12:54 AM <DIR> OpenOffice.org 2.0 12/14/2005 09:37 PM <DIR> OpenOffice.org1.1.5 12/13/2006 09:14 PM <DIR> Outlook Express 02/15/2007 05:31 PM <DIR> PacificPoker 11/28/2005 12:09 PM <DIR> PowerQuest 12/13/2006 04:40 PM <DIR> QuickTime 12/20/2006 10:42 PM <DIR> Realtek 02/03/2007 07:08 PM <DIR> ReflexiveArcade 12/12/2006 05:59 PM <DIR> SiS Compatible VGA V2.05a.01 10/06/2006 03:44 PM 12,841,240 SkypeSetup.exe 03/21/2007 04:10 PM <DIR> Sony 03/21/2007 04:10 PM <DIR> Sony Corporation 07/09/2006 11:54 PM <DIR> SPYWAREfighter 12/03/2006 10:41 PM <DIR> The Weather Channel FW 04/13/2005 05:19 PM <DIR> THQ 02/09/2006 07:56 AM <DIR> VCW VicMan's Photo Editor 02/09/2007 07:13 AM <DIR> Ventrilo 12/12/2006 06:03 PM <DIR> Virtools 10/26/2005 05:24 PM <DIR> WebCams 04/03/2006 10:13 PM <DIR> WinAntiSpyware 2006 Scanner 12/12/2006 06:02 PM <DIR> Windows Live Toolbar 03/24/2005 03:00 AM <DIR> Windows Media Components 03/05/2007 04:39 PM <DIR> Windows Media Player 12/18/2005 12:22 PM <DIR> Windows NT 12/15/2005 12:10 AM <DIR> WinMX 11/04/2006 09:12 PM <DIR> WinZip 09/29/2006 05:49 PM 3,030,016 wrar351.exe 10/25/2006 05:16 PM 1,035,090 wrar361.exe 05/05/2004 10:28 AM <DIR> xerox 04/17/2006 01:16 AM <DIR> XoftSpy 12/12/2006 06:02 PM <DIR> Yahoo! 07/22/2005 11:44 AM <DIR> Zsysdrive 03/16/2006 04:48 PM <DIR> _uninstallation_info 4 File(s) 17,265,458 bytes 97 Dir(s) 74,539,474,944 bytes free Volume in drive C has no label. Volume Serial Number is 900A-34A7 Directory of C:\WINDOWS\Temp 04/02/2007 06:31 PM <DIR> . 04/02/2007 06:31 PM <DIR> .. 0 File(s) 0 bytes 2 Dir(s) 74,539,474,944 bytes free Volume in drive C has no label. Volume Serial Number is 900A-34A7 Directory of C:\Temp 03/31/2007 04:44 PM <DIR> . 03/31/2007 04:44 PM <DIR> .. 11/18/2006 03:08 PM 21,290,704 AdbeRdr708_en_US.exe 10/04/2005 10:42 PM 1,284 article.htm 04/01/2007 12:10 PM 21,793 debug.txt 05/17/2005 12:17 PM 5,228,544 diagcd20.iso 06/18/2005 09:23 PM 24,576 IadHide3.dll 11/18/2006 02:54 PM 7,050,552 psa30se_en_us.exe 03/31/2007 04:59 PM 452,715 WMALog.txt 11/18/2006 02:52 PM 762,512 ytb612_efgsip.exe 8 File(s) 34,832,680 bytes 2 Dir(s) 74,539,474,944 bytes free Volume in drive C has no label. Volume Serial Number is 900A-34A7 Directory of C:\ Volume in drive C has no label. Volume Serial Number is 900A-34A7 Directory of C:\Windows\tasks Volume in drive C has no label. Volume Serial Number is 900A-34A7 Directory of C:\WINDOWS\Downloaded Program Files 04-04-26 14:25 403 ATPartners.inf 07-04-02 19:11 <DIR> CONFLICT.1 06-04-17 04:06 <DIR> CONFLICT.10 06-04-17 04:07 <DIR> CONFLICT.11 06-04-17 04:07 <DIR> CONFLICT.12 06-04-17 04:07 <DIR> CONFLICT.13 06-04-17 04:07 <DIR> CONFLICT.14 06-04-17 04:07 <DIR> CONFLICT.15 06-04-17 04:07 <DIR> CONFLICT.16 06-04-17 04:07 <DIR> CONFLICT.17 06-04-17 04:07 <DIR> CONFLICT.18 06-04-17 04:07 <DIR> CONFLICT.19 06-04-17 04:07 <DIR> CONFLICT.2 06-04-17 04:07 <DIR> CONFLICT.20 06-04-17 04:07 <DIR> CONFLICT.21 06-04-17 04:07 <DIR> CONFLICT.22 06-04-17 04:07 <DIR> CONFLICT.23 06-04-17 04:07 <DIR> CONFLICT.24 06-04-17 04:07 <DIR> CONFLICT.25 06-04-17 04:07 <DIR> CONFLICT.26 06-04-17 04:13 <DIR> CONFLICT.27 06-04-17 04:13 <DIR> CONFLICT.28 06-04-17 04:13 <DIR> CONFLICT.29 06-04-17 04:13 <DIR> CONFLICT.3 06-04-17 04:13 <DIR> CONFLICT.30 07-04-02 19:11 <DIR> CONFLICT.31 06-04-17 04:13 <DIR> CONFLICT.4 06-04-17 04:13 <DIR> CONFLICT.5 06-04-17 04:13 <DIR> CONFLICT.6 06-04-17 04:13 <DIR> CONFLICT.7 06-04-17 04:13 <DIR> CONFLICT.8 06-04-17 04:13 <DIR> CONFLICT.9 05-08-19 15:53 516 CTPID.inf 05-08-19 15:52 32,768 CTPID.ocx 05-06-23 15:53 523 CTSUEng.inf 05-06-22 18:37 225,280 CTSUEng.ocx 02-07-25 18:13 24,576 dwusplay.dll 02-07-25 18:13 196,608 dwusplay.exe 05-02-09 16:54 1,271 erma.inf 05-02-16 17:15 401,408 isusweb.dll 03-08-25 18:12 1,096 iuctl.inf 05-11-03 20:24 495 LegitCheckControl.inf 00-01-20 15:25 1,162 Microsoft XML Parser for Java.osd 05-06-29 17:17 227 opuc.inf 04-10-02 22:34 599 OSD28E7.OSD 02-05-31 09:19 117,328 puren-gb.dll 04-09-22 15:59 110,592 PURen-us.dll 06-12-04 15:16 144 QTPlugin.inf 04-10-02 22:34 151,552 RSGameLoader.dll 06-11-09 14:36 5,019 swflash.inf 06-07-25 13:02 81,920 UERS_9999_N91S2507NetInstaller.exe 02-10-27 19:32 3,036 wmv9dmo.inf 03-06-30 22:41 1,689 WMV9VCM.inf 04-01-26 18:42 856 yinst.inf 04-01-26 18:40 133,120 yinsthelper.dll 24 File(s) 1,492,188 bytes 31 Dir(s) 74,108,243,968 bytes free Volume in drive C has no label. Volume Serial Number is 900A-34A7 Directory of C:\Program Files 07-04-02 19:27 <DIR> . 07-04-02 19:27 <DIR> .. 05-12-14 21:40 <DIR> AAALOGO 06-07-09 23:47 <DIR> Absolute Poker 06-02-07 10:28 <DIR> AC3Filter 07-02-26 16:32 <DIR> Activision 05-07-02 18:59 <DIR> Adobe 06-12-12 17:42 <DIR> AVSMedia 05-10-10 20:06 <DIR> Belkin 06-02-25 01:04 <DIR> BitLord 07-03-21 16:08 <DIR> Common Files 05-12-04 18:02 <DIR> Creative 05-06-18 21:37 <DIR> directx 06-12-12 17:44 <DIR> dvdSanta 05-01-20 22:16 <DIR> eBlocs 07-01-19 12:27 <DIR> ElastoMania111 06-12-12 17:49 <DIR> EphPod 07-02-28 14:21 <DIR> epson 06-02-08 20:23 <DIR> Freeze.com 06-11-19 12:10 <DIR> FriendFinder 07-03-21 16:12 <DIR> FunWebProducts 05-10-11 23:20 <DIR> fxsgts 05-08-27 19:48 <DIR> FXtrainer 05-09-05 06:26 <DIR> FXtrainerPro 06-05-01 14:55 <DIR> GameHouse 06-04-02 08:36 <DIR> GanymedeNet 07-04-01 14:25 <DIR> GetData 07-02-17 13:17 <DIR> Grisoft 06-11-18 15:13 <DIR> IncrediMail 06-04-14 14:59 <DIR> Infogrames 05-11-28 14:41 <DIR> Intel 07-04-01 18:36 <DIR> Internet Explorer 06-12-13 16:40 <DIR> iPod 05-12-15 00:03 <DIR> IrfanView 06-12-13 16:40 <DIR> iTunes 06-04-16 18:17 <DIR> Java 06-04-17 01:53 <DIR> Jnberdg 06-12-12 17:51 <DIR> JpegSizer 5 07-04-01 12:12 <DIR> Kaspersky Lab 05-11-28 15:31 <DIR> Lavasoft 07-02-15 17:33 <DIR> Lemonade Tycoon 2 06-06-11 13:24 359,112 LimeWireWin.exe 05-01-16 22:46 <DIR> linksw 06-12-12 17:52 <DIR> Logitech 05-12-14 21:40 <DIR> Logo Cre8or 05-03-25 11:21 <DIR> LucasArts 05-11-28 14:57 <DIR> Marvell 06-01-29 18:44 <DIR> Messenger 05-12-22 18:04 <DIR> microsoft frontpage 07-03-29 16:05 <DIR> Microsoft Games 06-12-12 17:55 <DIR> Microsoft Office 06-07-08 21:38 <DIR> Mingjong 06-12-12 17:56 <DIR> mIRC 05-12-18 12:22 <DIR> Movie Maker 07-03-27 22:11 <DIR> MovieCommander 06-12-12 17:56 <DIR> Mozilla Firefox 05-12-14 23:49 <DIR> MSN 04-05-05 10:23 <DIR> MSN Gaming Zone 07-03-21 11:02 <DIR> MSN Messenger 06-03-06 18:07 <DIR> MusicMatch 07-03-21 11:02 <DIR> MyWebSearch 06-04-30 11:44 <DIR> Nero 05-10-07 10:08 <DIR> NetComm 06-01-29 18:44 <DIR> NetMeeting 06-12-03 22:51 <DIR> Norton AntiVirus 06-11-11 12:49 <DIR> Oberon Media 05-12-14 21:35 <DIR> OfficeUpdate11 04-05-05 10:26 <DIR> Online Services 06-02-25 00:54 <DIR> OpenOffice.org 2.0 05-12-14 21:37 <DIR> OpenOffice.org1.1.5 06-12-13 21:14 <DIR> Outlook Express 07-02-15 17:31 <DIR> PacificPoker 07-04-02 19:27 <DIR> PENTAX 05-11-28 12:09 <DIR> PowerQuest 06-12-13 16:40 <DIR> QuickTime 06-12-20 22:42 <DIR> Realtek 07-02-03 19:08 <DIR> ReflexiveArcade 06-12-12 17:59 <DIR> SiS Compatible VGA V2.05a.01 06-10-06 15:44 12,841,240 SkypeSetup.exe 07-03-21 16:10 <DIR> Sony 07-03-21 16:10 <DIR> Sony Corporation 06-07-09 23:54 <DIR> SPYWAREfighter 06-12-03 22:41 <DIR> The Weather Channel FW 05-04-13 17:19 <DIR> THQ 06-02-09 07:56 <DIR> VCW VicMan's Photo Editor 07-02-09 07:13 <DIR> Ventrilo 06-12-12 18:03 <DIR> Virtools 05-10-26 17:24 <DIR> WebCams 06-04-03 22:13 <DIR> WinAntiSpyware 2006 Scanner 06-12-12 18:02 <DIR> Windows Live Toolbar 05-03-24 03:00 <DIR> Windows Media Components 07-03-05 16:39 <DIR> Windows Media Player 05-12-18 12:22 <DIR> Windows NT 05-12-15 00:10 <DIR> WinMX 06-11-04 21:12 <DIR> WinZip 06-09-29 17:49 3,030,016 wrar351.exe 06-10-25 17:16 1,035,090 wrar361.exe 04-05-05 10:28 <DIR> xerox 06-04-17 01:16 <DIR> XoftSpy 06-12-12 18:02 <DIR> Yahoo! 05-07-22 11:44 <DIR> Zsysdrive 06-03-16 16:48 <DIR> _uninstallation_info 4 File(s) 17,265,458 bytes 98 Dir(s) 74,108,239,872 bytes free Volume in drive C has no label. Volume Serial Number is 900A-34A7 Directory of C:\WINDOWS\Temp 07-04-02 19:59 <DIR> . 07-04-02 19:59 <DIR> .. 07-04-02 19:12 255 WGAErrLog.txt 1 File(s) 255 bytes 2 Dir(s) 74,108,239,872 bytes free Volume in drive C has no label. Volume Serial Number is 900A-34A7 Directory of C:\Temp 07-03-31 16:44 <DIR> . 07-03-31 16:44 <DIR> .. 06-11-18 15:08 21,290,704 AdbeRdr708_en_US.exe 05-10-04 22:42 1,284 article.htm 07-04-01 12:10 21,793 debug.txt 05-05-17 12:17 5,228,544 diagcd20.iso 05-06-18 21:23 24,576 IadHide3.dll 06-11-18 14:54 7,050,552 psa30se_en_us.exe 07-03-31 16:59 452,715 WMALog.txt 06-11-18 14:52 762,512 ytb612_efgsip.exe 8 File(s) 34,832,680 bytes 2 Dir(s) 74,108,239,872 bytes free Volume in drive C has no label. Volume Serial Number is 900A-34A7 Directory of C:\ Volume in drive C has no label. Volume Serial Number is 900A-34A7 Directory of C:\Windows\tasks |
|
|
||
02.04.2007, 14:24
Ehrenmitglied
Beiträge: 29434 |
#15
Avenger
http://virus-protect.org/artikel/tools/avenger.html Input script manually (anhaken) kopiere in: View/edit script Zitat registry keys to delete:Klicke die gruene Ampel das Script wird nun ausgeführt, dann wird der PC automatisch neustarten ----------------- «« scanne, stelle nach dem scan alles auf remove und poste den scanreport http://virus-protect.org/counterspy1.html __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
Nur hat als ich Kaspersky extra dafuer installiert habe dieses irgentwie ueber alles aufgeregt was ich gemacht habe.
Es hat ein paar (Invader gefunden und geloescht sowie 3 Tojaner.
Nach dem ich dann Kaspersky wieder deinstalliert habe und wie gewohnt auf meine Externe Festplatte klicken wollte kahm die Meldung:
Windows cannot find 'copy.exe'. Make sure you typed the name correctly and try again.
Wenn ich rechtsklick auf meine externe Festplatte oder auf Laufwerk C mache steht autoplay an erster stelle was mich sehr wundert.
Wenn ich rechtklick auf mein DVD Laufwerk mache steht die Suchfunktion an erster stellle. Also bei doppelklick auf dieses oeffnet er das suche Datei Fenster.
Hoffe das ihr mir helfen koennt danke schon mal fuer antworten.
PS: befinde mich in Australien deswegen die englische Meldung