| |
| |||||||
Log-Analyse und Auswertung: Bitte kurz reinschauen E-Scan + Hijack log + smitfilesWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
18.11.2006, 14:09
| #1 |
 |  Bitte kurz reinschauen E-Scan + Hijack log + smitfiles Hallo! mein Antivir hat vor ein paar Tagen Alarm geschlagen und den Trojaner Dr/Dldr.zlob.ate gefunden und beim aktiv Scan von Panda als ich ihn machen wollte, hat er den w95/Blumblebee.1738 gefunden. Hab mich hier im Forum mal umgekuckt und paar Sachen schon gemacht im Abgesicherten Modus. Wie das hier: http://www.trojaner-board.de/21709-a...fakeale-c.html Weiß jetzt aber nicht wie ich weiter vorgehen soll oder was soll ich nun löschen? Die killbox hab ich mir auch runtergeladen. Danke für eure Mithilfe. Logfile of HijackThis v1.99.1 Scan saved at 1:42:29 PM, on 11/18/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Programme\AntiVir PersonalEdition Classic\sched.exe C:\Programme\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\RunDll32.exe C:\Programme\Spyware Doctor\sdhelp.exe C:\Programme\Java\jre1.5.0_06\bin\jusched.exe C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\ctfmon.exe C:\Programme\Skype\Phone\Skype.exe C:\WINDOWS\system32\spupdsvc.exe C:\Programme\SPYWAREfighter\spfprc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spnpinst.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\system32\Sysocmgr.exe C:\WINDOWS\System32\svchost.exe C:\Programme\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\notepad.exe C:\Dokumente und Einstellungen\Administrator\Desktop\HijackThis.exe R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar2.dll O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar2.dll O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [ATIPTA] C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [spywarefighterguard] C:\Programme\SPYWAREfighter\spftray.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [updateMgr] C:\Programme\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_5 O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Programme\Yahoo!\Messenger\YahooMessenger.exe" -quiet O4 - HKCU\..\Run: [Skype] "C:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [Spyware Doctor] "C:\Programme\Spyware Doctor\swdoctor.exe" /Q O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: &Google Search - res://c:\programme\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: Im Cache gespeicherte Seite - res://c:\programme\google\GoogleToolbar2.dll/cmcache.html O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Verweisseiten - res://c:\programme\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Ähnliche Seiten - res://c:\programme\google\GoogleToolbar2.dll/cmsimilar.html O9 - Extra button: Coral Eurobet Poker - {050AC5CD-E1E1-41ab-8CE0-61B56EFA7FA1} - C:\Programme\CoralEurobetPoker\coraleurobetpoker.exe (file missing) O9 - Extra 'Tools' menuitem: Coral Eurobet Poker - {050AC5CD-E1E1-41ab-8CE0-61B56EFA7FA1} - C:\Programme\CoralEurobetPoker\coraleurobetpoker.exe (file missing) O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Programme\Titan Poker\casino.exe O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Programme\Titan Poker\casino.exe O9 - Extra button: PartyGammon.com - {59A861EE-32B3-42cd-8CCA-FC130EDF3A44} - C:\Programme\PartyGaming\PartyGammon\RunBackGammon.exe O9 - Extra 'Tools' menuitem: PartyGammon.com - {59A861EE-32B3-42cd-8CCA-FC130EDF3A44} - C:\Programme\PartyGaming\PartyGammon\RunBackGammon.exe O9 - Extra button: EmpirePoker - {77E68763-4284-41d6-B7E7-B6E1F053A9E7} - C:\Programme\EmpirePoker\EmpirePoker.exe O9 - Extra 'Tools' menuitem: EmpirePoker - {77E68763-4284-41d6-B7E7-B6E1F053A9E7} - C:\Programme\EmpirePoker\EmpirePoker.exe O9 - Extra button: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Programme\UltimateBet\UltimateBet.exe O9 - Extra 'Tools' menuitem: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Programme\UltimateBet\UltimateBet.exe O9 - Extra button: PartyCasino.com - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Programme\Partycasino\PartyCasino\RunCasino.exe O9 - Extra 'Tools' menuitem: PartyCasino.com - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Programme\Partycasino\PartyCasino\RunCasino.exe O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programme\PartyGaming\PartyPoker\RunApp.exe O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programme\PartyGaming\PartyPoker\RunApp.exe O9 - Extra button: PartyBingo.com - {B987E7E7-5997-4330-A5F9-9FFEFC1CCFD0} - C:\Programme\PartyGaming\PartyBingo\RunBingo.exe O9 - Extra 'Tools' menuitem: PartyBingo.com - {B987E7E7-5997-4330-A5F9-9FFEFC1CCFD0} - C:\Programme\PartyGaming\PartyBingo\RunBingo.exe O9 - Extra button: eBay - Homepage - {EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} - C:\Programme\IrfanView\Ebay\Ebay.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Programme\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Programme\Yahoo!\Common\yinsthelper.dll O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-18.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{634F191B-6B93-4AE2-A870-E820FFA81C46}: NameServer = 194.25.0.70,217.237.151.97 O17 - HKLM\System\CS1\Services\Tcpip\..\{634F191B-6B93-4AE2-A870-E820FFA81C46}: NameServer = 194.25.0.70,217.237.151.97 O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - AVIRA GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Programme\Spyware Doctor\sdhelp.exe O23 - Service: SPYWAREfighterRP - SpamFighter APS - C:\Programme\SPYWAREfighter\spfprc.exe E-Scan weiß jetzt nicht was ich rein posten soll, sagt mir was ich rein posten soll: Sat Nov 18 13:26:54 2006 => ***** Scanning complete. ***** Sat Nov 18 13:26:54 2006 => Total Objects Scanned: 18840 Sat Nov 18 13:26:54 2006 => Total Critical Objects: 11 Sat Nov 18 13:26:55 2006 => Total Disinfected Objects: 0 Sat Nov 18 13:26:55 2006 => Total Objects Renamed: 0 Sat Nov 18 13:26:55 2006 => Total Deleted Objects: 0 Sat Nov 18 13:26:55 2006 => Total Errors: 34 Sat Nov 18 13:26:55 2006 => Time Elapsed: 00:02:16 Sat Nov 18 13:26:55 2006 => Virus Database Date: 11/18/2006 Sat Nov 18 13:26:55 2006 => Virus Database Count: 242712 Sat Nov 18 13:26:55 2006 => Scan Completed. Sat Nov 18 13:27:04 2006 => Virus Database Date: 11/18/2006 Sat Nov 18 13:27:04 2006 => Virus Database Count: 242712 Sat Nov 18 13:27:18 2006 => AV Library Unloaded (3)... Sat Nov 18 13:40:28 2006 => ********************************************************** Sat Nov 18 13:40:28 2006 => MicroWorld Anti Virus & Spyware Toolkit Utility. Sat Nov 18 13:40:28 2006 => Copyright © 2003-2006, MicroWorld Technologies Inc. Sat Nov 18 13:40:28 2006 => ********************************************************** Sat Nov 18 13:40:28 2006 => Source: C:\DOKUME~1\ADMINI~1\Desktop\mwav.exe Sat Nov 18 13:40:28 2006 => Version 8.7.4 (C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\mexe.com) Sat Nov 18 13:40:28 2006 => Log File: C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\MWAV.LOG Sat Nov 18 13:40:28 2006 => Last Scan Date and Time: 18.11.2006 13:24:36 Sat Nov 18 13:40:28 2006 => MWAV Registered: FALSE. Sat Nov 18 13:40:28 2006 => User Account: Administrator Sat Nov 18 13:40:28 2006 => OS Type: Windows Workstation Sat Nov 18 13:40:28 2006 => OS: Windows XP Sat Nov 18 13:40:28 2006 => Ver: Service Pack 2 (Build 2600) Sat Nov 18 13:40:28 2006 => Windows Root Folder: C:\WINDOWS Sat Nov 18 13:40:28 2006 => Windows Sys32 Folder: C:\WINDOWS\system32 Sat Nov 18 13:40:28 2006 => Local Fixed Drives: c:\,d:\ Sat Nov 18 13:40:28 2006 => MWAV Mode: Only Scan files. Sat Nov 18 13:40:28 2006 => Latest Date of files inside MWAV: 18 Nov 2006 05:01:2. Sat Nov 18 13:40:29 2006 => AV Library Loaded... Sat Nov 18 13:40:29 2006 => MWAV doing self scanning... Sat Nov 18 13:40:29 2006 => Scanning File C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\Getvlist.exe Sat Nov 18 13:40:29 2006 => Scanning File C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\main.avi Sat Nov 18 13:40:29 2006 => Scanning File C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\virus.avi Sat Nov 18 13:40:29 2006 => Scanning File C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\ScanningProcess.exe Sat Nov 18 13:40:29 2006 => Scanning File C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\Kave.dll Sat Nov 18 13:40:29 2006 => Scanning File C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\prloader.dll Sat Nov 18 13:40:29 2006 => MWAV files are clean. Sat Nov 18 13:40:30 2006 => Virus Database Date: 11/18/2006 Sat Nov 18 13:40:30 2006 => Virus Database Count: 242712 smitfiles: smitRem © log file version 3.2 by noahdfear Microsoft Windows XP [Version 5.1.2600] "IE"="6.0000" Running from C:\Bases_X\smitRem ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Pre-run SharedTask Export (GetSTS.exe) SharedTaskScheduler exporter by Lawrence Abrams (Grinler) Copyright(C) 2006 BleepingComputer.com Registry Pseudo-Format Mode (Not a valid reg file): [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{438755C2-A8BA-11D1-B96B-00A0C90312E1}\InProcServer32] @="%SystemRoot%\System32\browseui.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8C7461EF-2B13-11d2-BE35-3078302C2030}\InProcServer32] @="%SystemRoot%\System32\browseui.dll" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Appinitdll check ........ Thank you Grinler! dumphive.exe (C)2000-2004 Markus Stephany REGEDIT4 [Windows] "AppInit_DLLs"="" "DeviceNotSelectedTimeout"="15" "GDIProcessHandleQuota"=dword:00002710 "Spooler"="yes" "swapdisk"="" "TransmissionRetryTimeout"="90" "USERProcessHandleQuota"=dword:00002710 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ XP Firewall allowed access Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Sierra\\Counter-Strike\\cstrike.exe"="C:\\Sierra\\Counter-Strike\\cstrike.exe:*:Enabled:CounterStrike Launcher" "C:\\Programme\\EA Games\\Need for Speed Underground 2\\speed2.exe"="C:\\Programme\\EA Games\\Need for Speed Underground 2\\speed2.exe:*:Enabled:speed2" "C:\\Programme\\EA Games\\Command and Conquer Generals\\game.dat"="C:\\Programme\\EA Games\\Command and Conquer Generals\\game.dat:*:Enabled:game" "C:\\Programme\\PartyPoker\\PartyPoker.exe"="C:\\Programme\\PartyPoker\\PartyPoker.exe:*:Enabled:PartyPoker" "C:\\Programme\\Yahoo!\\Messenger\\YPager.exe"="C:\\Programme\\Yahoo!\\Messenger\\YPager.exe:*:Enabled:Yahoo! Messenger" "C:\\Programme\\Yahoo!\\Messenger\\YServer.exe"="C:\\Programme\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server" "C:\\Dokumente und Einstellungen\\*:Enabled:hl2" "C:\\Programme\\Microsoft Games\\Age of Empires III\\age3.exe"="C:\\Programme\\Microsoft Games\\Age of Empires III\\age3.exe:*:Enabled:Age of Empires 3" "C:\\Programme\\Messenger\\msmsgs.exe"="C:\\Programme\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger" "C:\\Programme\\Java\\jre1.5.0_06\\bin\\javaw.exe"="C:\\Programme\\Java\\jre1.5.0_06\\bin\\javaw.exe:*  isabled:Java(TM) 2 Platform Standard Edition binary""C:\\Programme\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Programme\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Enabled:Yahoo! Messenger" "C:\\Programme\\Skype\\Phone\\Skype.exe"="C:\\Programme\\Skype\\Phone\\Skype.exe:*:Enabled:Skype" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ checking for ShudderLTD key ShudderLTD key not present! checking for PSGuard.com key PSGuard.com key not present! checking for WinHound.com key WinHound.com key not present! checking for drsmartload2 key drsmartload2 key not present! spyaxe uninstaller NOT present Winhound uninstaller NOT present SpywareStrike uninstaller NOT present AlfaCleaner uninstaller NOT present SpyFalcon uninstaller NOT present SpywareQuake uninstaller NOT present SpywareSheriff uninstaller NOT present Trust Cleaner uninstaller NOT present SpyHeal uninstaller NOT present VirusBurst uninstaller NOT present BraveSentry uninstaller NOT present AntiVermins uninstaller NOT present VirusBursters uninstaller NOT present ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Existing Pre-run Files ~~~ Program Files ~~~ ~~~ Shortcuts ~~~ ~~~ Favorites ~~~ ~~~ system32 folder ~~~ ~~~ Icons in System32 ~~~ ~~~ Windows directory ~~~ ~~~ Drive root ~~~ ~~~ Miscellaneous Files/folders ~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03 Copyright(C) 2002-2003 Craig.Peacock@beyondlogic.org Killing PID 748 'explorer.exe' Killing PID 748 'explorer.exe' Starting registry repairs Registry repairs complete ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SharedTask Export after registry fix (GetSTS.exe) SharedTaskScheduler exporter by Lawrence Abrams (Grinler) Copyright(C) 2006 BleepingComputer.com Registry Pseudo-Format Mode (Not a valid reg file): [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{438755C2-A8BA-11D1-B96B-00A0C90312E1}\InProcServer32] @="%SystemRoot%\System32\browseui.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8C7461EF-2B13-11d2-BE35-3078302C2030}\InProcServer32] @="%SystemRoot%\System32\browseui.dll" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Deleting files ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Remaining Post-run Files ~~~ Program Files ~~~ ~~~ Shortcuts ~~~ ~~~ Favorites ~~~ ~~~ system32 folder ~~~ ~~~ Icons in System32 ~~~ ~~~ Windows directory ~~~ ~~~ Drive root ~~~ ~~~ Miscellaneous Files/folders ~~~ ~~~ Wininet.dll ~~~ CLEAN!  |
| Themen zu Bitte kurz reinschauen E-Scan + Hijack log + smitfiles |
| .com, antivir, appinit_dlls, avira, bho, browser, browseui preloader, desktop, ebay, excel, firefox, google, grinler, hijack, hijackthis, homepage, internet, internet explorer, log file, löschen?, mozilla, mozilla firefox, need for speed, pc tools spyware doctor, rundll, scan, sierra, spyware, system, trojaner, urlsearchhook, virus, windows, windows xp |
Baum-Darstellung