Home » Viren, Trojaner & Malware Forum » Ist dieser PC von allen befreit ??? Viren, Malware etc. frei ??? » Themenansicht
Ist dieser PC von allen befreit ??? Viren, Malware etc. frei ??? |
||
|---|---|---|
| #0
| ||
|
17.07.2008, 15:28
Member
Beiträge: 42 |
||
 
|
|
|
|
20.07.2008, 10:39
Member
Beiträge: 519 |
#2
- IE nicht ganz up-to-date
Zitat R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.findthewebsiteyouneed.comwelche Firewall verwendest du ? |
|
|
|
|
|
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!
bitte erst » hier kostenlos registrieren!!
Folgende Themen könnten Dich auch interessieren:
Seite(n): 1
Copyright © 2024, Protecus.de - Protecus Team - Impressum / Mediadaten
---------------------
ComboFix 08-07-07.3 - c 2008-07-17 13:35:36.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.0.1252.1.1031.18.94 [GMT 2:00]
ausgeführt von:: C:\Dokumente und Einstellungen\c\Desktop\ComboFix.exe
* Neuer Wiederherstellungspunkt wurde erstellt
[color=red]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/color]
.
(((((((((((((((((((((((((((((((((((( Weitere L”schungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WinAntiVirus Pro 2006
C:\Dokumente und Einstellungen\c\Anwendungsdaten\WinAntiVirus Pro 2006
C:\Dokumente und Einstellungen\c\Anwendungsdaten\WinAntiVirus Pro 2006\Logs\update.log
C:\Dokumente und Einstellungen\c\Anwendungsdaten\WinAntiVirus Pro 2006\Logs\wa6Support.log
C:\Dokumente und Einstellungen\c\Anwendungsdaten\WinAntiVirus Pro 2006\Logs\winav.log
C:\Dokumente und Einstellungen\c\Anwendungsdaten\WinAntiVirus Pro 2006\PGE.dat
C:\Dokumente und Einstellungen\c\err.log
C:\Dokumente und Einstellungen\Download Account\Anwendungsdaten\WinAntiVirus Pro 2006
C:\Dokumente und Einstellungen\Download Account\Anwendungsdaten\WinAntiVirus Pro 2006\Logs\update.log
C:\Dokumente und Einstellungen\Download Account\Anwendungsdaten\WinAntiVirus Pro 2006\Logs\wa6Support.log
C:\Dokumente und Einstellungen\Download Account\Anwendungsdaten\WinAntiVirus Pro 2006\Logs\winav.log
C:\Dokumente und Einstellungen\Download Account\err.log
C:\Dokumente und Einstellungen\Download Account\Lokale Einstellungen\Anwendungsdaten\Microsoft\Windows Media\10.0\WMSDKNSD.XML
C:\Dokumente und Einstellungen\Ramona Lederer\Anwendungsdaten\WinAntiVirus Pro 2006
C:\Dokumente und Einstellungen\Ramona Lederer\Anwendungsdaten\WinAntiVirus Pro 2006\Logs\update.log
C:\Dokumente und Einstellungen\Ramona Lederer\Anwendungsdaten\WinAntiVirus Pro 2006\Logs\wa6Support.log
C:\Dokumente und Einstellungen\Ramona Lederer\Anwendungsdaten\WinAntiVirus Pro 2006\Logs\winav.log
C:\Dokumente und Einstellungen\Ramona Lederer\err.log
C:\Programme\Gemeinsame Dateien\winantivirus pro 2006
C:\Programme\Gemeinsame Dateien\winantivirus pro 2006\err.log
C:\Programme\newdotnet
C:\Programme\newdotnet\readme.html
C:\Programme\WhenUSearch
C:\Programme\WhenUSearch\Content~\css\dialog.css
C:\Programme\WhenUSearch\Content~\css\menu.css
C:\Programme\WhenUSearch\Content~\css\module_weather.css
C:\Programme\WhenUSearch\Content~\css\module_weather_dialog.css
C:\Programme\WhenUSearch\Content~\css\quick.css
C:\Programme\WhenUSearch\Content~\customize.html
C:\Programme\WhenUSearch\Content~\global.js
C:\Programme\WhenUSearch\Content~\images\_wtext.gif
C:\Programme\WhenUSearch\Content~\images\_wtext_sm.gif
C:\Programme\WhenUSearch\Content~\images\65_wtext.gif
C:\Programme\WhenUSearch\Content~\images\65_wtext_sm.gif
C:\Programme\WhenUSearch\Content~\images\66_wtext.gif
C:\Programme\WhenUSearch\Content~\images\66_wtext_sm.gif
C:\Programme\WhenUSearch\Content~\images\67_wtext.gif
C:\Programme\WhenUSearch\Content~\images\67_wtext_sm.gif
C:\Programme\WhenUSearch\Content~\images\68_wtext.gif
C:\Programme\WhenUSearch\Content~\images\68_wtext_sm.gif
C:\Programme\WhenUSearch\Content~\images\69_wtext.gif
C:\Programme\WhenUSearch\Content~\images\69_wtext_sm.gif
C:\Programme\WhenUSearch\Content~\images\70_wtext.gif
C:\Programme\WhenUSearch\Content~\images\70_wtext_sm.gif
C:\Programme\WhenUSearch\Content~\images\71_wtext.gif
C:\Programme\WhenUSearch\Content~\images\71_wtext_sm.gif
C:\Programme\WhenUSearch\Content~\images\72_wtext.gif
C:\Programme\WhenUSearch\Content~\images\72_wtext_sm.gif
C:\Programme\WhenUSearch\Content~\images\73_wtext.gif
C:\Programme\WhenUSearch\Content~\images\73_wtext_sm.gif
C:\Programme\WhenUSearch\Content~\images\74_wtext.gif
C:\Programme\WhenUSearch\Content~\images\74_wtext_sm.gif
C:\Programme\WhenUSearch\Content~\images\75_wtext.gif
C:\Programme\WhenUSearch\Content~\images\75_wtext_sm.gif
C:\Programme\WhenUSearch\Content~\images\76_wtext.gif
C:\Programme\WhenUSearch\Content~\images\76_wtext_sm.gif
C:\Programme\WhenUSearch\Content~\images\77_wtext.gif
C:\Programme\WhenUSearch\Content~\images\77_wtext_sm.gif
C:\Programme\WhenUSearch\Content~\images\78_wtext.gif
C:\Programme\WhenUSearch\Content~\images\78_wtext_sm.gif
C:\Programme\WhenUSearch\Content~\images\79_wtext.gif
C:\Programme\WhenUSearch\Content~\images\79_wtext_sm.gif
C:\Programme\WhenUSearch\Content~\images\80_wtext.gif
C:\Programme\WhenUSearch\Content~\images\80_wtext_sm.gif
C:\Programme\WhenUSearch\Content~\images\81_wtext.gif
C:\Programme\WhenUSearch\Content~\images\81_wtext_sm.gif
C:\Programme\WhenUSearch\Content~\images\82_wtext.gif
C:\Programme\WhenUSearch\Content~\images\82_wtext_sm.gif
C:\Programme\WhenUSearch\Content~\images\83_wtext.gif
C:\Programme\WhenUSearch\Content~\images\83_wtext_sm.gif
C:\Programme\WhenUSearch\Content~\images\84_wtext.gif
C:\Programme\WhenUSearch\Content~\images\84_wtext_sm.gif
C:\Programme\WhenUSearch\Content~\images\85_wtext.gif
C:\Programme\WhenUSearch\Content~\images\85_wtext_sm.gif
C:\Programme\WhenUSearch\Content~\images\87_wtext.gif
C:\Programme\WhenUSearch\Content~\images\87_wtext_sm.gif
C:\Programme\WhenUSearch\Content~\images\88_wtext.gif
C:\Programme\WhenUSearch\Content~\images\88_wtext_sm.gif
C:\Programme\WhenUSearch\Content~\images\89_wtext.gif
C:\Programme\WhenUSearch\Content~\images\89_wtext_sm.gif
C:\Programme\WhenUSearch\Content~\images\90_wtext.gif
C:\Programme\WhenUSearch\Content~\images\90_wtext_sm.gif
C:\Programme\WhenUSearch\Content~\images\91_wtext.gif
C:\Programme\WhenUSearch\Content~\images\91_wtext_sm.gif
C:\Programme\WhenUSearch\Content~\images\92_wtext.gif
C:\Programme\WhenUSearch\Content~\images\92_wtext_sm.gif
C:\Programme\WhenUSearch\Content~\images\93_wtext.gif
C:\Programme\WhenUSearch\Content~\images\93_wtext_sm.gif
C:\Programme\WhenUSearch\Content~\images\94_wtext.gif
C:\Programme\WhenUSearch\Content~\images\94_wtext_sm.gif
C:\Programme\WhenUSearch\Content~\images\arrow_down.gif
C:\Programme\WhenUSearch\Content~\images\arrow_down_on.gif
C:\Programme\WhenUSearch\Content~\images\arrow_right.gif
C:\Programme\WhenUSearch\Content~\images\arrow_right_on.gif
C:\Programme\WhenUSearch\Content~\images\button_arrow_down.gif
C:\Programme\WhenUSearch\Content~\images\button_arrow_off.gif
C:\Programme\WhenUSearch\Content~\images\button_arrow_on.gif
C:\Programme\WhenUSearch\Content~\images\button_go.gif
C:\Programme\WhenUSearch\Content~\images\button_go_down.gif
C:\Programme\WhenUSearch\Content~\images\button_go_on.gif
C:\Programme\WhenUSearch\Content~\images\button_pop.gif
C:\Programme\WhenUSearch\Content~\images\button_pop_ups_allowed.gif
C:\Programme\WhenUSearch\Content~\images\button_pop_ups_blocked.gif
C:\Programme\WhenUSearch\Content~\images\button_pop_ups_blocked_anim.gif
C:\Programme\WhenUSearch\Content~\images\button_pop_ups_blocked_down.gif
C:\Programme\WhenUSearch\Content~\images\button_pop_ups_blocked_on.gif
C:\Programme\WhenUSearch\Content~\images\button_search_down.gif
C:\Programme\WhenUSearch\Content~\images\button_search_off.gif
C:\Programme\WhenUSearch\Content~\images\button_search_on.gif
C:\Programme\WhenUSearch\Content~\images\button_search_sm_down.gif
C:\Programme\WhenUSearch\Content~\images\button_search_sm_off.gif
C:\Programme\WhenUSearch\Content~\images\button_search_sm_on.gif
C:\Programme\WhenUSearch\Content~\images\button_specials_on.gif
C:\Programme\WhenUSearch\Content~\images\button_ucontrol_down.gif
C:\Programme\WhenUSearch\Content~\images\button_ucontrol_off.gif
C:\Programme\WhenUSearch\Content~\images\button_ucontrol_on.gif
C:\Programme\WhenUSearch\Content~\images\button_weather.gif
C:\Programme\WhenUSearch\Content~\images\button_weather_down.gif
C:\Programme\WhenUSearch\Content~\images\button_weather_on.gif
C:\Programme\WhenUSearch\Content~\images\corner_bottom_left.gif
C:\Programme\WhenUSearch\Content~\images\corner_top_left.gif
C:\Programme\WhenUSearch\Content~\images\customize_bottom.gif
C:\Programme\WhenUSearch\Content~\images\divider.gif
C:\Programme\WhenUSearch\Content~\images\dollar_icon.gif
C:\Programme\WhenUSearch\Content~\images\dollar_icon_on.gif
C:\Programme\WhenUSearch\Content~\images\dollar_icon2.gif
C:\Programme\WhenUSearch\Content~\images\dot_orange.gif
C:\Programme\WhenUSearch\Content~\images\icon_about.gif
C:\Programme\WhenUSearch\Content~\images\icon_blingtunez.gif
C:\Programme\WhenUSearch\Content~\images\icon_browser.gif
C:\Programme\WhenUSearch\Content~\images\icon_close.gif
C:\Programme\WhenUSearch\Content~\images\icon_customize.gif
C:\Programme\WhenUSearch\Content~\images\icon_dollar.gif
C:\Programme\WhenUSearch\Content~\images\icon_email.gif
C:\Programme\WhenUSearch\Content~\images\icon_games.gif
C:\Programme\WhenUSearch\Content~\images\icon_games_lg.gif
C:\Programme\WhenUSearch\Content~\images\icon_help.gif
C:\Programme\WhenUSearch\Content~\images\icon_ie.gif
C:\Programme\WhenUSearch\Content~\images\icon_im.gif
C:\Programme\WhenUSearch\Content~\images\icon_personals.gif
C:\Programme\WhenUSearch\Content~\images\icon_search.gif
C:\Programme\WhenUSearch\Content~\images\icon_ucontrol.gif
C:\Programme\WhenUSearch\Content~\images\icon_weather.gif
C:\Programme\WhenUSearch\Content~\images\icon_whenusearch.gif
C:\Programme\WhenUSearch\Content~\images\input_logo_sm.gif
C:\Programme\WhenUSearch\Content~\images\instructions_border_corner.gif
C:\Programme\WhenUSearch\Content~\images\instructions_border_right.gif
C:\Programme\WhenUSearch\Content~\images\instructions_border_top.gif
C:\Programme\WhenUSearch\Content~\images\link.gif
C:\Programme\WhenUSearch\Content~\images\logo_searchbar_down.gif
C:\Programme\WhenUSearch\Content~\images\logo_searchbar_off.gif
C:\Programme\WhenUSearch\Content~\images\logo_searchbar_on.gif
C:\Programme\WhenUSearch\Content~\images\logo_whenusearch.gif
C:\Programme\WhenUSearch\Content~\images\logo_whenusearch_down.gif
C:\Programme\WhenUSearch\Content~\images\logo_whenusearch_on.gif
C:\Programme\WhenUSearch\Content~\images\main_bg.gif
C:\Programme\WhenUSearch\Content~\images\menu_aim_bw.gif
C:\Programme\WhenUSearch\Content~\images\menu_arrow_right.gif
C:\Programme\WhenUSearch\Content~\images\menu_main_bw.gif
C:\Programme\WhenUSearch\Content~\images\menu_pbandit_bw.gif
C:\Programme\WhenUSearch\Content~\images\menu_ucontrol_bw.gif
C:\Programme\WhenUSearch\Content~\images\menu_ucontrol_filler_bw.gif
C:\Programme\WhenUSearch\Content~\images\message_alert.gif
C:\Programme\WhenUSearch\Content~\images\min_new_results_new.gif
C:\Programme\WhenUSearch\Content~\images\min_new_results_new_down.gif
C:\Programme\WhenUSearch\Content~\images\min_new_results_new_on.gif
C:\Programme\WhenUSearch\Content~\images\min_new_results_new_text.gif
C:\Programme\WhenUSearch\Content~\images\min_new_results_new_text_on.gif
C:\Programme\WhenUSearch\Content~\images\module_weather_left_bg_top.gif
C:\Programme\WhenUSearch\Content~\images\more_bg.gif
C:\Programme\WhenUSearch\Content~\images\more_bottom_bg.gif
C:\Programme\WhenUSearch\Content~\images\more_bottom_main.gif
C:\Programme\WhenUSearch\Content~\images\more_bottom_main_bg.gif
C:\Programme\WhenUSearch\Content~\images\more_left_bg.gif
C:\Programme\WhenUSearch\Content~\images\more_right_bg.gif
C:\Programme\WhenUSearch\Content~\images\more_top_bg.gif
C:\Programme\WhenUSearch\Content~\images\more_top_left.gif
C:\Programme\WhenUSearch\Content~\images\more_top_left_bw.gif
C:\Programme\WhenUSearch\Content~\images\more_top_right.gif
C:\Programme\WhenUSearch\Content~\images\more_top_right_bw.gif
C:\Programme\WhenUSearch\Content~\images\more_top_x.gif
C:\Programme\WhenUSearch\Content~\images\more_top_x_bw.gif
C:\Programme\WhenUSearch\Content~\images\more_top_x_down.gif
C:\Programme\WhenUSearch\Content~\images\more_top_x_on.gif
C:\Programme\WhenUSearch\Content~\images\notyet.gif
C:\Programme\WhenUSearch\Content~\images\notyet_bw.gif
C:\Programme\WhenUSearch\Content~\images\open_bg.gif
C:\Programme\WhenUSearch\Content~\images\open_bottom_bg.gif
C:\Programme\WhenUSearch\Content~\images\open_bottom_left.gif
C:\Programme\WhenUSearch\Content~\images\open_bottom_left_bw.gif
C:\Programme\WhenUSearch\Content~\images\open_bottom_right.gif
C:\Programme\WhenUSearch\Content~\images\open_bottom_right_bw.gif
C:\Programme\WhenUSearch\Content~\images\open_cancel.gif
C:\Programme\WhenUSearch\Content~\images\open_cancel_down.gif
C:\Programme\WhenUSearch\Content~\images\open_cancel_on.gif
C:\Programme\WhenUSearch\Content~\images\open_defaults.gif
C:\Programme\WhenUSearch\Content~\images\open_defaults_down.gif
C:\Programme\WhenUSearch\Content~\images\open_defaults_on.gif
C:\Programme\WhenUSearch\Content~\images\open_open.gif
C:\Programme\WhenUSearch\Content~\images\open_open_down.gif
C:\Programme\WhenUSearch\Content~\images\open_open_on.gif
C:\Programme\WhenUSearch\Content~\images\open_save.gif
C:\Programme\WhenUSearch\Content~\images\open_save_down.gif
C:\Programme\WhenUSearch\Content~\images\open_save_on.gif
C:\Programme\WhenUSearch\Content~\images\open_search.gif
C:\Programme\WhenUSearch\Content~\images\open_search_down.gif
C:\Programme\WhenUSearch\Content~\images\open_search_on.gif
C:\Programme\WhenUSearch\Content~\images\right_bg.gif
C:\Programme\WhenUSearch\Content~\images\right_bg_grey.gif
C:\Programme\WhenUSearch\Content~\images\right_instructions.gif
C:\Programme\WhenUSearch\Content~\images\right_instructions_on.gif
C:\Programme\WhenUSearch\Content~\images\right_instructions_red.gif
C:\Programme\WhenUSearch\Content~\images\right_left.gif
C:\Programme\WhenUSearch\Content~\images\right_left_grey.gif
C:\Programme\WhenUSearch\Content~\images\right_main_bg.gif
C:\Programme\WhenUSearch\Content~\images\right_more_left.gif
C:\Programme\WhenUSearch\Content~\images\right_more_off.gif
C:\Programme\WhenUSearch\Content~\images\right_more_on.gif
C:\Programme\WhenUSearch\Content~\images\right_more_up.gif
C:\Programme\WhenUSearch\Content~\images\spacer.gif
C:\Programme\WhenUSearch\Content~\images\tab_left_bg.gif
C:\Programme\WhenUSearch\Content~\images\tab_left_down.gif
C:\Programme\WhenUSearch\Content~\images\tab_left_off.gif
C:\Programme\WhenUSearch\Content~\images\tab_left_on.gif
C:\Programme\WhenUSearch\Content~\images\tab_right_down.gif
C:\Programme\WhenUSearch\Content~\images\tab_right_off.gif
C:\Programme\WhenUSearch\Content~\images\tab_right_on.gif
C:\Programme\WhenUSearch\Content~\images\tooltip_ucontrol.gif
C:\Programme\WhenUSearch\Content~\images\tooltip_weather.gif
C:\Programme\WhenUSearch\Content~\images\weather_5_day.gif
C:\Programme\WhenUSearch\Content~\images\weather_5_day_bottom.gif
C:\Programme\WhenUSearch\Content~\images\weather_5_day_bottom_right.gif
C:\Programme\WhenUSearch\Content~\images\weather_5_day_dot.gif
C:\Programme\WhenUSearch\Content~\images\weather_5_day_top_right.gif
C:\Programme\WhenUSearch\Content~\images\weather_bg_bottom.gif
C:\Programme\WhenUSearch\Content~\images\weather_bg_top.gif
C:\Programme\WhenUSearch\Content~\images\weather_bottom_.gif
C:\Programme\WhenUSearch\Content~\images\weather_bottom_Friday.gif
C:\Programme\WhenUSearch\Content~\images\weather_bottom_Monday.gif
C:\Programme\WhenUSearch\Content~\images\weather_bottom_Saturday.gif
C:\Programme\WhenUSearch\Content~\images\weather_bottom_Sunday.gif
C:\Programme\WhenUSearch\Content~\images\weather_bottom_Thursday.gif
C:\Programme\WhenUSearch\Content~\images\weather_bottom_Tuesday.gif
C:\Programme\WhenUSearch\Content~\images\weather_bottom_Wednesday.gif
C:\Programme\WhenUSearch\Content~\images\weather_change_location.gif
C:\Programme\WhenUSearch\Content~\images\weather_change_location_on.gif
C:\Programme\WhenUSearch\Content~\images\weather_choose_map.gif
C:\Programme\WhenUSearch\Content~\images\weather_current.gif
C:\Programme\WhenUSearch\Content~\images\weather_current_location.gif
C:\Programme\WhenUSearch\Content~\images\weather_info_na.gif
C:\Programme\WhenUSearch\Content~\images\weather_left_dot.gif
C:\Programme\WhenUSearch\Content~\images\weather_left_top_left.gif
C:\Programme\WhenUSearch\Content~\images\weather_left_top_right.gif
C:\Programme\WhenUSearch\Content~\images\weather_less_info.gif
C:\Programme\WhenUSearch\Content~\images\weather_less_info_on.gif
C:\Programme\WhenUSearch\Content~\images\weather_location_bl.gif
C:\Programme\WhenUSearch\Content~\images\weather_location_br.gif
C:\Programme\WhenUSearch\Content~\images\weather_location_lr.gif
C:\Programme\WhenUSearch\Content~\images\weather_location_tl.gif
C:\Programme\WhenUSearch\Content~\images\weather_location_tr.gif
C:\Programme\WhenUSearch\Content~\images\weather_location_white_bl.gif
C:\Programme\WhenUSearch\Content~\images\weather_location_white_br.gif
C:\Programme\WhenUSearch\Content~\images\weather_location_white_tl.gif
C:\Programme\WhenUSearch\Content~\images\weather_location_white_tr.gif
C:\Programme\WhenUSearch\Content~\images\weather_maps.gif
C:\Programme\WhenUSearch\Content~\images\weather_maps_corner_bl.gif
C:\Programme\WhenUSearch\Content~\images\weather_maps_corner_br.gif
C:\Programme\WhenUSearch\Content~\images\weather_maps_corner_tl.gif
C:\Programme\WhenUSearch\Content~\images\weather_maps_corner_tr.gif
C:\Programme\WhenUSearch\Content~\images\weather_maps_divider.gif
C:\Programme\WhenUSearch\Content~\images\weather_maps_loading.gif
C:\Programme\WhenUSearch\Content~\images\weather_maps_on.gif
C:\Programme\WhenUSearch\Content~\images\weather_metric_off.gif
C:\Programme\WhenUSearch\Content~\images\weather_metric_on.gif
C:\Programme\WhenUSearch\Content~\images\weather_metric_over.gif
C:\Programme\WhenUSearch\Content~\images\weather_mid_.gif
C:\Programme\WhenUSearch\Content~\images\weather_mid_Friday.gif
C:\Programme\WhenUSearch\Content~\images\weather_mid_Monday.gif
C:\Programme\WhenUSearch\Content~\images\weather_mid_Saturday.gif
C:\Programme\WhenUSearch\Content~\images\weather_mid_Sunday.gif
C:\Programme\WhenUSearch\Content~\images\weather_mid_Thursday.gif
C:\Programme\WhenUSearch\Content~\images\weather_mid_Tuesday.gif
C:\Programme\WhenUSearch\Content~\images\weather_mid_Wednesday.gif
C:\Programme\WhenUSearch\Content~\images\weather_more_info.gif
C:\Programme\WhenUSearch\Content~\images\weather_more_info_on.gif
C:\Programme\WhenUSearch\Content~\images\weather_new_location.gif
C:\Programme\WhenUSearch\Content~\images\weather_prefs_loading.gif
C:\Programme\WhenUSearch\Content~\images\weather_print.gif
C:\Programme\WhenUSearch\Content~\images\weather_print_on.gif
C:\Programme\WhenUSearch\Content~\images\weather_set_location.gif
C:\Programme\WhenUSearch\Content~\images\weather_today.gif
C:\Programme\WhenUSearch\Content~\images\weather_top_.gif
C:\Programme\WhenUSearch\Content~\images\weather_top_Friday.gif
C:\Programme\WhenUSearch\Content~\images\weather_top_Monday.gif
C:\Programme\WhenUSearch\Content~\images\weather_top_Saturday.gif
C:\Programme\WhenUSearch\Content~\images\weather_top_Sunday.gif
C:\Programme\WhenUSearch\Content~\images\weather_top_Thursday.gif
C:\Programme\WhenUSearch\Content~\images\weather_top_Tuesday.gif
C:\Programme\WhenUSearch\Content~\images\weather_top_Wednesday.gif
C:\Programme\WhenUSearch\Content~\images\weather_units.gif
C:\Programme\WhenUSearch\Content~\images\weather_us_off.gif
C:\Programme\WhenUSearch\Content~\images\weather_us_on.gif
C:\Programme\WhenUSearch\Content~\images\weather_us_over.gif
C:\Programme\WhenUSearch\Content~\images\weather_world_off.gif
C:\Programme\WhenUSearch\Content~\images\weather_world_on.gif
C:\Programme\WhenUSearch\Content~\images\weather_world_over.gif
C:\Programme\WhenUSearch\Content~\index.htm
C:\Programme\WhenUSearch\Content~\instructions.html
C:\Programme\WhenUSearch\Content~\loading.html
C:\Programme\WhenUSearch\Content~\main_menu_sub.html
C:\Programme\WhenUSearch\Content~\menu_main.html
C:\Programme\WhenUSearch\Content~\menu_ucontrol.html
C:\Programme\WhenUSearch\Content~\message.html
C:\Programme\WhenUSearch\Content~\module_weather.html
C:\Programme\WhenUSearch\Content~\module_weather_maps.html
C:\Programme\WhenUSearch\Content~\module_weather_maps_world.html
C:\Programme\WhenUSearch\Content~\module_weather_prefs.html
C:\Programme\WhenUSearch\Content~\module_weather_prefs_main.html
C:\Programme\WhenUSearch\Content~\module_weather_prefs_top.html
C:\Programme\WhenUSearch\Content~\module_weather_print.html
C:\Programme\WhenUSearch\Content~\module_weather_toolbar.html
C:\Programme\WhenUSearch\Content~\movement.js
C:\Programme\WhenUSearch\Content~\newresults.html
C:\Programme\WhenUSearch\Content~\open_browser.html
C:\Programme\WhenUSearch\Content~\open_search.html
C:\Programme\WhenUSearch\Content~\quick_coupon.html
C:\Programme\WhenUSearch\Content~\quick_instructions.html
C:\Programme\WhenUSearch\Content~\quick_search.html
C:\Programme\WhenUSearch\Content~\quick_tutorial.html
C:\Programme\WhenUSearch\Content~\tooltip_ucontrol.html
C:\Programme\WhenUSearch\Content~\tooltip_weather.html
C:\Programme\WhenUSearch\search.db
C:\Programme\WhenUSearch\store.db
C:\Programme\winantivirus pro 2006
C:\Programme\winantivirus pro 2006\msvcp71.dll
C:\Programme\winantivirus pro 2006\msvcr71.dll
C:\WA6P
C:\WINDOWS\keyboard131.dat
C:\WINDOWS\newname.dat
C:\WINDOWS\system32\AutoRun.inf
C:\WINDOWS\system32\stera.job
C:\WINDOWS\system32\stera.log
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_FOPN
-------\Legacy_VSPF
-------\Legacy_VSPF_HK
-------\Service_FOPN
-------\Service_vspf
-------\Service_vspf_hk
((((((((((((((((((((((( Dateien erstellt von 2008-06-17 bis 2008-07-17 ))))))))))))))))))))))))))))))
.
2008-07-17 12:54 . 2008-07-17 12:54 <DIR> d-------- C:\Dokumente und Einstellungen\c\Anwendungsdaten\Malwarebytes
2008-07-17 12:54 . 2008-07-17 12:54 <DIR> d-------- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
2008-07-17 12:54 . 2008-07-07 17:35 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-07-17 12:54 . 2008-07-07 17:35 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-07-17 12:52 . 2008-07-17 12:52 <DIR> d-------- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ViceVersa PRO 2
2008-07-17 12:40 . 2008-07-17 12:54 <DIR> d-------- C:\Programme\Virusentferner
2008-07-17 12:37 . 2008-07-17 12:53 <DIR> d-------- C:\Programme\Virenentferner
2008-07-17 12:27 . 2008-07-17 12:31 <DIR> d-------- C:\WINDOWS\SxsCaPendDel
2008-07-17 12:27 . 2008-07-17 12:28 <DIR> d-------- C:\Programme\Gemeinsame Dateien\Adobe
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-17 11:29 --------- d-----w C:\Programme\Save
2008-07-16 16:10 --------- d-----w C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Google Updater
2008-05-24 09:28 --------- d-----w C:\Dokumente und Einstellungen\Ramona Lederer\Anwendungsdaten\HPAppData
2008-05-21 18:21 --------- d-----w C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WEBREG
2008-05-21 18:20 --------- d-----w C:\Programme\HP
2008-05-21 18:20 --------- d-----w C:\Dokumente und Einstellungen\c\Anwendungsdaten\HPAppData
2008-05-21 18:20 --------- d-----w C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\HP
2008-05-21 18:19 --------- d-----w C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\HPSSUPPLY
2008-05-21 18:19 --------- d-----w C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\HP Product Assistant
2008-05-21 18:17 --------- d-----w C:\Programme\Gemeinsame Dateien\HP
2008-05-21 18:09 --------- d-----w C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Hewlett-Packard
2008-05-20 18:38 --------- d-----w C:\Programme\Avira
2008-05-20 18:38 --------- d-----w C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira
2008-05-20 17:37 --------- d-----w C:\Dokumente und Einstellungen\c\Anwendungsdaten\TeamViewer
2008-05-20 12:52 --------- d-----w C:\Programme\FRITZ!DSL
.
------- Sigcheck -------
2004-08-04 09:58 507392 2b6a0baf33a9918f09442d873848ff72 C:\WINDOWS\SoftwareDistribution\Download\84e71ea11258afcace4e790f6b073745\winlogon.exe
2001-08-23 14:00 430080 2b0e480e975ee51f2d5ce5f068fed6e2 C:\WINDOWS\system32\winlogon.exe
.
(((((((((((((((((((((((((((( Autostart Punkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Hinweis* leere Eintrage & legitime Standardeintrage werden nicht angezeigt.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2001-08-18 14:00 13312]
"NVIEW"="nview.dll" [2003-01-10 16:04 774213 C:\WINDOWS\system32\nview.dll]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2003-01-10 16:04 4263936]
"avgnt"="C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-05-20 20:47 262401]
"Adobe Reader Speed Launcher"="C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2001-08-18 14:00 13312]
[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Google Updater.lnk]
path=C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Google Updater.lnk
backup=C:\WINDOWS\pss\Google Updater.lnkCommon Startup
[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^HP Digital Imaging Monitor.lnk]
path=C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\HP Digital Imaging Monitor.lnk
backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup
[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Microsoft Office.lnk]
path=C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Microsoft Office.lnk
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup
[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Photo Loader resident.lnk]
path=C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Photo Loader resident.lnk
backup=C:\WINDOWS\pss\Photo Loader resident.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
--a------ 2005-06-06 23:46 57344 C:\Programme\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2008-01-11 22:16 39792 C:\Programme\Adobe\Reader 8.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
--a------ 2005-10-28 16:25 94208 C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Easy-PrintToolBox]
--a------ 2004-01-14 03:10 409600 C:\Programme\Canon\Easy-PrintToolBox\BJPSMAIN.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
--a------ 2007-03-11 21:34 49152 C:\Programme\HP\HP Software Update\hpwuSchd2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--a------ 2001-08-02 07:14 1077277 C:\Programme\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]
--a------ 2001-07-09 10:50 155648 C:\WINDOWS\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2001-07-09 10:50 155648 C:\WINDOWS\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PhonostarAgent]
--a------ 2006-03-07 16:06 98304 C:\Programme\phonostar\ps_agent.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PhonostarTimer]
--a------ 2006-03-07 16:12 151552 C:\Programme\phonostar\ps_timer.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2006-12-15 04:23 75520 C:\Programme\Java\jre1.5.0_11\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
--a------ 2007-04-10 11:22 68856 C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 2006-04-24 11:33 180269 C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
-ra------ 2003-01-10 16:04 315392 C:\WINDOWS\system32\nwiz.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"SAVScan"=3 (0x3)
"navapsvc"=2 (0x2)
"ccSetMgr"=2 (0x2)
"ccPwdSvc"=3 (0x3)
"ccEvtMgr"=2 (0x2)
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntivirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
R0 avgntmgr;avgntmgr;C:\WINDOWS\System32\DRIVERS\avgntmgr.sys [2008-05-20 20:47]
R1 avgntdd;avgntdd;C:\WINDOWS\System32\DRIVERS\avgntdd.sys [2008-05-20 20:47]
R2 Automatisches LiveUpdate - Scheduler;Automatisches LiveUpdate - Scheduler;C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2006-08-03 18:34]
R2 ousbehci;NEC PCI to USB Enhanced Host Controller;C:\WINDOWS\System32\Drivers\ousbehci.sys [2002-12-24 07:52]
R3 ousb2hub;OrangeWare USB 2.0 Root Hub Support;C:\WINDOWS\System32\DRIVERS\ousb2hub.sys [2002-12-24 07:52]
S2 FILESpy;FILESpy;C:\Programme\Softwin\BitDefender9\filespy.sys []
S3 AVMUNET;AVM FRITZ!Box;C:\WINDOWS\System32\DRIVERS\avmunet.sys [2005-02-22 03:00]
S3 cdrmkaun;cdrmkaun;C:\DOKUME~1\c\LOKALE~1\Temp\cdrmkaun.sys []
S3 SetupNTGLM7X;SetupNTGLM7X;I:\NTGLM7X.sys []
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Inhalt des "geplante Tasks" Ordners
"2007-11-21 21:54:57 C:\WINDOWS\Tasks\1-Klick-Wartung.job"
- C:\Programme\TuneUp Utilities 2007\SystemOptimizer.exe
.
- - - - ORPHANS REMOVED - - - -
MSConfigStartUp-AIM - C:\PROGRA~1\AIM95\aim.exe
MSConfigStartUp-AVP - C:\Programme\Kaspersky Lab\Kaspersky Security Suite V\avp.exe
MSConfigStartUp-BDAgent - C:\Programme\Softwin\BitDefender10\bdagent.exe
MSConfigStartUp-BDMCon - C:\Programme\Softwin\BitDefender10\bdmcon.exe
MSConfigStartUp-BDSwitchAgent - C:\PROGRA~1\Softwin\BITDEF~1\bdswitch.exe
MSConfigStartUp-BearShare - C:\Programme\BearShare\BearShare.exe
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-17 13:41:41
Windows 5.1.2600 NTFS
Scanne versteckte Prozesse...
Scanne versteckte Autostart Eintr„ge...
Scanne versteckte Dateien...
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\system32\rundll32.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2008-07-17 13:47:53 - machine was rebooted
ComboFix-quarantined-files.txt 2008-07-17 11:47:45
10 Verzeichnis(se), 2,315,100,160 Bytes frei
14 Verzeichnis(se), 2,351,910,912 Bytes frei
507 --- E O F --- 2008-05-21 18:36:36
---------
HJT
---------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:27:01, on 17.07.2008
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\WgaTray.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\explorer.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Programme\Virenentferner\HJT\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.findthewebsiteyouneed.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Programme\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Programme\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: CD-MENU.LNK = I:\MENU.exe
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: HP Sammelmappe - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Programme\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Intelligente Auswahl - {700259D7-1666-479a-93B1-3250410481E8} - C:\Programme\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM95\aim.exe (file missing)
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1211307565983
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Automatisches LiveUpdate - Scheduler - Symantec Corporation - C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVM FRITZ!web Routing Service (de_serv) - Unknown owner - C:\Programme\Gemeinsame Dateien\AVM\de_serv.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
--
End of file - 5812 bytes
-----------------
Malwarebyte
-----------------
Malwarebytes' Anti-Malware 1.20
Datenbank Version: 960
Windows 5.1.2600
13:29:09 17.07.2008
mbam-log-7-17-2008 (13-29-09).txt
Scan Art: Komplett Scan (C:\|J:\|)
Objekte gescannt: 138944
Scan Dauer: 33 minute(s), 39 second(s)
Infizierte Speicher Prozesse: 1
Infizierte Speicher Module: 0
Infizierte Registrierungsschlüssel: 9
Infizierte Registrierungswerte: 1
Infizierte Datei Objekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 2
Infizierte Speicher Prozesse:
C:\Programme\Save\Save.exe (Adware.WhenUSave) -> Unloaded process successfully.
Infizierte Speicher Module:
(Keine Malware Objekte gefunden)
Infizierte Registrierungsschlüssel:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{42f2c9ba-614f-47c0-b3e3-ecfd34eed658} (Adware.ISTBar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{127df9b4-d75d-44a6-af78-8c3a8ceb03db} (Adware.WhenUSave) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\acm.acmfactory (Adware.WhenUSave) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\acm.acmfactory.1 (Adware.WhenUSave) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a9aae1ab-9688-42c5-86f5-c12f6b9015ad} (Adware.WhenUSave) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{43382522-a846-46f4-ac57-1f71ae6e1086} (Adware.WhenUSave) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{572fb162-c0ba-4edf-8cff-e3846153b9b0} (Adware.WhenUSave) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{72a836d1-bc00-43c0-a941-17960e4fb842} (Adware.WhenUSave) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{df901432-1b9f-4f5b-9e56-301c553f9095} (Adware.WhenUSave) -> Quarantined and deleted successfully.
Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\whenusave (Adware.WhenUSave) -> Quarantined and deleted successfully.
Infizierte Datei Objekte der Registrierung:
(Keine Malware Objekte gefunden)
Infizierte Verzeichnisse:
(Keine Malware Objekte gefunden)
Infizierte Dateien:
C:\Programme\Save\Save.exe (Adware.WhenUSave) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\c\Eigene Dateien\Download\msts\HORGERTE_de.exe (Rogue.Installer) -> Quarantined and deleted successfully.