Öffne die Datei mit dem Editor und kopiere den gesamten Text in deinen Beitrag hier am Trojaner-Board. Na dann mach ich das doch mal :) Logfile of The Avenger Version 2.0, (c) by Swandog46 http://swandog46.geekstogo.com Platform: Windows XP ******************* Script file opened successfully. Script file read successfully. Backups directory opened successfully at C:\Avenger ******************* Beginning to process script file: Rootkit scan active. No rootkits found! Error: file "C:\WINDOWS\internat.exe" not found! Deletion of file "C:\WINDOWS\internat.exe" failed! Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND) --> the object does not exist Completed script processing. ******************* Finished! Terminate. |
Nochmal Avenger: Code: Registry keys to delete: |
Zitat:
*lach* soooo..hier das Ergebnis, aber irgendwie hat der wohl nix gemacht..so wirklich jedenfalls..naja, ich habsch eh keine Ahnung davon *grinsel* ////////////////////////////////////////// Avenger Pre-Processor log ////////////////////////////////////////// Platform: Windows XP (build 2600, Service Pack 3) Mon Jul 13 20:59:36 2009 20:59:30: Error: Invalid registry syntax in command: "[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\internat]" Only registry keys under the HKEY_LOCAL_MACHINE hive are accessible to this program. Skipping line. (Registry key deletion mode) ////////////////////////////////////////// Logfile of The Avenger Version 2.0, (c) by Swandog46 http://swandog46.geekstogo.com Platform: Windows XP ******************* Script file opened successfully. Script file read successfully. Backups directory opened successfully at C:\Avenger ******************* Beginning to process script file: Rootkit scan active. No rootkits found! Completed script processing. ******************* Finished! Terminate. |
Sorry mein Fehler :( nimms mir bitte nicht übel *schnieeef* fettes SORRY! Nochmal: diesmal: Code: Registry keys to delete: |
*doppellach* höhö..ich nehm Dir doch nix übel..schließlich hilfste mir *lächel* dieses Mal hat er was gemacht :) Logfile of The Avenger Version 2.0, (c) by Swandog46 http://swandog46.geekstogo.com Platform: Windows XP ******************* Script file opened successfully. Script file read successfully. Backups directory opened successfully at C:\Avenger ******************* Beginning to process script file: Rootkit scan active. No rootkits found! Registry key "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\internat" deleted successfully. Completed script processing. ******************* Finished! Terminate. Zitat:
|
Rüschtüsch, so solls auch sein :) Start >> ausführen >> notepad (hineinschreiben) Kopiere nun folgenden Text komplett ind das leere Textdokument Code: @ echo off Dateiname: cf.bat (hineinschreiben) DateiTyp : Alle Dateien (auswählen) Speichere die cf.bat auf den Desktop Doppelklick auf die .bat (die .bat sollte danach weg sein) |
Is ja auch very lieb von Disch :) Soo, hab ich erledigt..was liegt nu an?? Bin ganz Ohr...achne..ganz Auge *grinsel* Das Ding, was ich eben speichern sollte, ist jedenfalls nich mehr aufm Desktop zu sehen. Zitat:
|
Poste ein neues RSIT Logfile - danach lässt du nochmal Malwarebytes durchgehen und postest ein Log. |
Zitat:
Run by Manuela at 2009-07-13 21:35:05 Microsoft Windows XP Home Edition Service Pack 3 System drive C: has 49 GB (67%) free of 74 GB Total RAM: 447 MB (26% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:35:14, on 13.07.2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\Explorer.EXE C:\Programme\Gemeinsame Dateien\Symantec Shared\ccProxy.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe C:\WINDOWS\system32\spoolsv.exe C:\Programme\FRITZ!DSL\IGDCTRL.EXE C:\Programme\Prevx\prevx.exe C:\Programme\Java\jre6\bin\jqs.exe C:\Programme\Gemeinsame Dateien\MicroWorld\Agent\MWASER.EXE C:\Programme\Gemeinsame Dateien\MicroWorld\Agent\MWAgent.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Programme\Prevx\prevx.exe C:\WINDOWS\system32\VTTimer.exe C:\Programme\CyberLink\PowerDVD\PDVDServ.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\System32\svchost.exe C:\Programme\FRITZ!DSL\FwebProt.exe C:\Programme\FRITZ!DSL\StCenter.exe C:\Programme\Internet Explorer\IEXPLORE.EXE C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Console\NSCSRVCE.EXE C:\Dokumente und Einstellungen\Manuela\Desktop\rsit.exe C:\Dokumente und Einstellungen\Manuela\Desktop\Manuela.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com/?SearchSource=10&ctid=CT1561552 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll R3 - URLSearchHook: ScriptInocUI Class - - (no file) R3 - URLSearchHook: Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Programme\Hotspot_Shield\tbHot0.dll O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Orbitdownloader\orbitcth.dll O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\Programme\ICQToolbar\tbuA7\toolbaru.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll O2 - BHO: Buyertools - {7C7A8947-5935-4430-AC0E-E7D04697414E} - C:\BuyertoolsReminder\IEButtonBuyertoolsInterface.dll O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Programme\Gemeinsame Dateien\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Programme\Norton Internet Security\Norton AntiVirus\NavShExt.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Programme\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O2 - BHO: Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Programme\Hotspot_Shield\tbHot0.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Programme\Gemeinsame Dateien\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Programme\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Orbitdownloader\GrabPro.dll O3 - Toolbar: Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Programme\Hotspot_Shield\tbHot0.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [AudioDeck] C:\Programme\VIAudioi\SBADeck\ADeck.exe 1 O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe O4 - HKLM\..\Run: [RemoteControl] C:\Programme\CyberLink\PowerDVD\PDVDServ.exe O4 - HKLM\..\Run: [{1290A33C-85F5-4164-A1BE-7DD299D4986A}] C:\Programme\CyberLink\PowerBackup\PBKScheduler.exe O4 - HKLM\..\Run: [Ulead AutoDetector] C:\Programme\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe O4 - HKLM\..\Run: [AVMFBoxMonitor] "C:\Programme\FRITZ!Box Monitor\FRITZBoxMonitor.exe" O4 - HKLM\..\Run: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe" O4 - HKCU\..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - Startup: FRITZ!DSL Internet.lnk = C:\Programme\FRITZ!DSL\FritzDsl.exe O4 - Startup: FRITZ!DSL Protect.lnk = C:\Programme\FRITZ!DSL\FwebProt.exe O4 - Startup: FRITZ!DSL Startcenter.lnk = C:\Programme\FRITZ!DSL\StCenter.exe O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Orbit.lnk = C:\Orbitdownloader\orbitdm.exe O8 - Extra context menu item: &Download by Orbit - res://C:\Orbitdownloader\orbitmxt.dll/201 O8 - Extra context menu item: &Grab video by Orbit - res://C:\Orbitdownloader\orbitmxt.dll/204 O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Orbitdownloader\orbitmxt.dll/203 O8 - Extra context menu item: Down&load all by Orbit - res://C:\Orbitdownloader\orbitmxt.dll/202 O9 - Extra button: Buyertools Reminder - {27914077-B4D6-4A0E-9763-76B6E9DD9A81} - C:\BuyertoolsReminder\ReminderIE.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe O14 - IERESET.INF: START_PAGE_URL=http://www.hyrican.de O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1131082271875 O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by134fd.bay134.hotmail.msn.com/activex/HMAtchmt.ocx O17 - HKLM\System\CCS\Services\Tcpip\..\{1A7B4DC9-B06D-4960-814A-E08CC27158F3}: NameServer = 192.168.122.252,192.168.122.253 O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Programme\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O23 - Service: AVM IGD CTRL Service - AVM Berlin - C:\Programme\FRITZ!DSL\IGDCTRL.EXE O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Programme\Norton Internet Security\ccPwdSvc.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccProxy.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Programme\Norton Internet Security\comHost.exe O23 - Service: CSIScanner - Prevx - C:\Programme\Prevx\prevx.exe O23 - Service: AVM FRITZ!web Routing Service (de_serv) - AVM Berlin - C:\Programme\Gemeinsame Dateien\AVM\de_serv.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Programme\Hotspot Shield\bin\openvpnas.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe O23 - Service: MWAgent - MicroWorld Technologies Inc. - C:\Programme\Gemeinsame Dateien\MicroWorld\Agent\MWASER.EXE O23 - Service: Norton AntiVirus Auto-Protect-Dienst (navapsvc) - Symantec Corporation - C:\Programme\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Console\NSCSRVCE.EXE O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Programme\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec Core LC - Unknown owner - C:\Programme\Gemeinsame Dateien\Symantec Shared\CCPD-LC\symlcsvc.exe -- End of file - 10162 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\Norton AntiVirus - Vollständige Systemprüfung ausführen - Manuela.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000123B4-9B42-4900-B3F7-F4B073EFC214}] Octh Class - C:\Orbitdownloader\orbitcth.dll [2008-07-21 126152] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}] XTTBPos00 Class - C:\Programme\ICQToolbar\tbuA7\toolbaru.dll [2006-10-10 701952] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}] RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2009-03-26 312928] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java(tm) Plug-In SSV Helper - C:\Programme\Java\jre6\bin\ssv.dll [2008-11-10 320920] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C7A8947-5935-4430-AC0E-E7D04697414E}] Buyertools - C:\BuyertoolsReminder\IEButtonBuyertoolsInterface.dll [2007-03-09 681984] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live Anmelde-Hilfsprogramm - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9ECB9560-04F9-4bbc-943D-298DDF1699E1}] CNisExtBho Class - C:\Programme\Gemeinsame Dateien\Symantec Shared\AdBlocking\NISShExt.dll [2005-10-22 94336] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A8F38D8D-E480-4D52-B7A2-731BB6995FDD}] CNavExtBho Class - C:\Programme\Norton Internet Security\Norton AntiVirus\NavShExt.dll [2007-06-07 140912] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll [2009-06-19 259696] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Programme\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll [2009-06-23 669168] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}] Google Dictionary Compression sdch - C:\Programme\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-04-26 470512] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c95a4e8e-816d-4655-8c79-d736da1adb6d}] Hotspot Shield Toolbar - C:\Programme\Hotspot_Shield\tbHot0.dll [2009-06-02 2094616] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Programme\Java\jre6\bin\jp2ssv.dll [2008-11-10 34816] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-11-10 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - Norton Internet Security 2006 - C:\Programme\Gemeinsame Dateien\Symantec Shared\AdBlocking\NISShExt.dll [2005-10-22 94336] {C4069E3A-68F1-403E-B40E-20066696354B} - Norton AntiVirus - C:\Programme\Norton Internet Security\Norton AntiVirus\NavShExt.dll [2007-06-07 140912] {855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Programme\ICQ6Toolbar\ICQToolBar.dll [2008-06-12 958712] {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - Grab Pro - C:\Orbitdownloader\GrabPro.dll [2008-07-21 433272] {c95a4e8e-816d-4655-8c79-d736da1adb6d} - Hotspot Shield Toolbar - C:\Programme\Hotspot_Shield\tbHot0.dll [2009-06-02 2094616] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll [2009-06-19 259696] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "AudioDeck"=C:\Programme\VIAudioi\SBADeck\ADeck.exe [2005-04-08 512000] "VTTimer"=C:\WINDOWS\system32\VTTimer.exe [2005-03-08 53248] "VTTrayp"=C:\WINDOWS\system32\VTtrayp.exe [2006-02-02 163840] "RemoteControl"=C:\Programme\CyberLink\PowerDVD\PDVDServ.exe [2005-01-12 32768] "{1290A33C-85F5-4164-A1BE-7DD299D4986A}"=C:\Programme\CyberLink\PowerBackup\PBKScheduler.exe [2005-04-07 69728] "Ulead AutoDetector"=C:\Programme\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe [2003-11-19 45056] "AVMFBoxMonitor"=C:\Programme\FRITZ!Box Monitor\FRITZBoxMonitor.exe [2007-05-08 1482752] "ccApp"=C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe [2006-03-28 53408] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "swg"=C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-08-09 68856] C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart Microsoft Office.lnk - C:\Programme\Microsoft Office\Office\OSA9.EXE Orbit.lnk - C:\Orbitdownloader\orbitdm.exe C:\Dokumente und Einstellungen\Manuela\Startmenü\Programme\Autostart FRITZ!DSL Internet.lnk - C:\Programme\FRITZ!DSL\FritzDsl.exe FRITZ!DSL Protect.lnk - C:\Programme\FRITZ!DSL\FwebProt.exe FRITZ!DSL Startcenter.lnk - C:\Programme\FRITZ!DSL\StCenter.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2006-06-19 702768] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "SynchronousMachineGroupPolicy"=0 "SynchronousUserGroupPolicy"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=323 "NoDriveAutoRun"=67108863 "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= "NoDriveAutoRun"= "NoDriveTypeAutoRun"= "NoDrives"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Programme\FRITZ!DSL\IGDCTRL.EXE"="C:\Programme\FRITZ!DSL\IGDCTRL.EXE:*:Enabled:FRITZ!DSL - igdctrl.exe" "C:\Programme\FRITZ!DSL\FBOXUPD.EXE"="C:\Programme\FRITZ!DSL\FBOXUPD.EXE:*:Enabled:AVM FRITZ!Box Firmware-Update" "C:\Programme\ICQ6\ICQ.exe"="C:\Programme\ICQ6\ICQ.exe:*:Enabled:ICQ6" "C:\Orbitdownloader\orbitdm.exe"="C:\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit" "C:\Orbitdownloader\orbitnet.exe"="C:\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\PROGRA~1\GEMEIN~1\MICROW~1\Agent\MWAGENT.EXE"="C:\PROGRA~1\GEMEIN~1\MICROW~1\Agent\MWAGENT.EXE:*:Enabled:MicroWorld Management Agent" "C:\Programme\Internet Explorer\iexplore.exe"="C:\Programme\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Programme\concept design\onlineTV 3\onlineTV.exe"="C:\Programme\concept design\onlineTV 3\onlineTV.exe:*:Enabled:onlineTV" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Programme\Windows Live\Messenger\wlcsdk.exe"="C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Programme\Windows Live\Messenger\msnmsgr.exe"="C:\Programme\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\PROGRA~1\GEMEIN~1\MICROW~1\Agent\MWAGENT.EXE"="C:\PROGRA~1\GEMEIN~1\MICROW~1\Agent\MWAGENT.EXE:*:Enabled:MicroWorld Management Agent" "C:\PROGRA~1\GEMEIN~1\MICROW~1\eScanRAD\ESCANRAD.EXE"="C:\PROGRA~1\GEMEIN~1\MICROW~1\eScanRAD\ESCANRAD.EXE:*:Enabled:eScan Remote Administration Tool" 2. Teil vom log kommt gleich |
======List of files/folders created in the last 1 months====== 2009-07-13 21:17:07 ----A---- C:\avenger.txt 2009-07-13 20:43:48 ----D---- C:\Avenger 2009-07-13 19:35:25 ----D---- C:\rsit 2009-07-09 23:30:03 ----D---- C:\Dokumente und Einstellungen\Manuela\Anwendungsdaten\DonationCoder 2009-07-09 22:45:45 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DonationCoder 2009-07-09 22:45:43 ----D---- C:\ScreenshotCaptor 2009-07-09 21:58:05 ----D---- C:\WINDOWS\system32\Kaspersky Lab 2009-07-09 21:51:14 ----D---- C:\Programme\Prevx 2009-07-09 21:46:59 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PrevxCSI 2009-07-09 21:46:59 ----A---- C:\WINDOWS\wininit.ini 2009-07-09 21:18:07 ----SHD---- C:\RECYCLER 2009-07-09 19:31:51 ----D---- C:\WINDOWS\temp 2009-07-09 01:02:18 ----A---- C:\Boot.bak 2009-07-09 01:02:13 ----RASHD---- C:\cmdcons 2009-07-09 00:05:00 ----A---- C:\WINDOWS\ntbtlog.txt 2009-07-08 23:30:28 ----D---- C:\WINDOWS\ERDNT 2009-07-08 23:00:32 ----D---- C:\CCleaner 2009-07-08 22:59:48 ----A---- C:\ccsetup221.exe 2009-07-08 20:40:15 ----D---- C:\SmitfraudFix 2009-07-08 19:57:22 ----D---- C:\Dokumente und Einstellungen\Manuela\Anwendungsdaten\Malwarebytes 2009-07-08 19:57:04 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes 2009-07-08 19:57:02 ----D---- C:\Malwarebytes' Anti-Malware 2009-07-08 19:55:25 ----A---- C:\mbam-setup.exe 2009-07-08 18:21:36 ----D---- C:\PUB 2009-07-08 18:15:09 ----A---- C:\WINDOWS\system32\T.COM 2009-07-08 18:15:08 ----A---- C:\WINDOWS\R.COM 2009-07-08 18:14:04 ----D---- C:\Programme\Gemeinsame Dateien\MicroWorld 2009-07-08 18:13:06 ----A---- C:\WINDOWS\killproc.exe 2009-07-08 18:12:51 ----A---- C:\WINDOWS\system32\mwnsp.dll 2009-07-08 18:12:51 ----A---- C:\WINDOWS\system32\contfilt.dll 2009-07-08 18:12:48 ----A---- C:\WINDOWS\sporder.dll 2009-07-08 18:12:47 ----A---- C:\WINDOWS\sporder.exe 2009-07-08 18:12:46 ----A---- C:\WINDOWS\system32\ZIPDLL.DLL 2009-07-08 18:12:46 ----A---- C:\WINDOWS\system32\UNZDLL.DLL 2009-07-08 18:12:44 ----A---- C:\WINDOWS\system32\mwtsp.dll 2009-07-08 18:12:44 ----A---- C:\WINDOWS\inst_tsp.exe 2009-07-08 18:12:39 ----D---- C:\WINDOWS\system32\FLCSS.EXE 2009-07-08 18:10:56 ----A---- C:\iwn2k3ek.exe 2009-07-08 16:21:49 ----A---- C:\spybotsd162.exe 2009-07-08 15:58:33 ----A---- C:\SpywareTerminator_SFTSetup.exe 2009-06-18 20:29:25 ----D---- C:\WINDOWS\pss ======List of files/folders modified in the last 1 months====== 2009-07-13 21:20:43 ----D---- C:\Dokumente und Einstellungen\Manuela\Anwendungsdaten\Orbit 2009-07-13 21:17:07 ----D---- C:\WINDOWS\system32\drivers 2009-07-13 21:17:07 ----D---- C:\WINDOWS 2009-07-13 21:16:21 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-07-13 21:16:10 ----D---- C:\Dokumente und Einstellungen\Manuela\Anwendungsdaten\FRITZ! 2009-07-13 21:00:37 ----RD---- C:\Programme 2009-07-13 19:52:36 ----D---- C:\WINDOWS\Downloaded Program Files 2009-07-13 19:49:26 ----SHD---- C:\System Volume Information 2009-07-13 19:49:26 ----D---- C:\WINDOWS\system32\Restore 2009-07-13 19:49:11 ----D---- C:\WINDOWS\system32 2009-07-13 19:35:32 ----D---- C:\Programme\Gemeinsame Dateien\Symantec Shared 2009-07-13 08:36:53 ----D---- C:\WINDOWS\system32\CatRoot2 2009-07-13 08:33:02 ----DC---- C:\WINDOWS\system32\dllcache 2009-07-13 08:32:05 ----D---- C:\WINDOWS\inf 2009-07-10 00:06:45 ----D---- C:\Dokumente und Einstellungen\Manuela\Anwendungsdaten\BVS Solitaire Collection 2009-07-09 23:59:01 ----D---- C:\Film 2009-07-09 22:45:20 ----D---- C:\WINDOWS\Prefetch 2009-07-09 22:39:05 ----DC---- C:\WINDOWS\$NtServicePackUninstall$ 2009-07-09 19:34:36 ----A---- C:\WINDOWS\system.ini 2009-07-09 19:32:48 ----SHD---- C:\WINDOWS\system32\bookls 2009-07-09 19:29:20 ----D---- C:\WINDOWS\AppPatch 2009-07-09 19:29:11 ----D---- C:\Programme\Gemeinsame Dateien 2009-07-09 01:25:48 ----D---- C:\WINDOWS\Tasks 2009-07-09 01:17:31 ----D---- C:\WINDOWS\Installer 2009-07-09 01:02:18 ----RASH---- C:\boot.ini 2009-07-09 00:50:36 ----D---- C:\Programme\Symantec 2009-07-09 00:44:17 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Symantec 2009-07-09 00:39:11 ----A---- C:\WINDOWS\CD_START.INI 2009-07-08 23:57:11 ----D---- C:\Programme\Mozilla Firefox 2009-07-08 23:49:51 ----A---- C:\WINDOWS\win.ini 2009-07-08 23:23:42 ----D---- C:\WINDOWS\Debug 2009-07-08 23:23:39 ----D---- C:\WINDOWS\Minidump 2009-07-08 18:15:44 ----D---- C:\Dokumente und Einstellungen 2009-07-08 18:04:28 ----D---- C:\WINDOWS\Help 2009-07-08 16:26:59 ----D---- C:\Programme\Norton Internet Security 2009-06-29 11:07:11 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 AmdK8;AMD-Prozessortreiber; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 43008] R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\eeCtrl.sys [] R1 NETDSL;AVM PPP over Ethernet; C:\WINDOWS\system32\DRIVERS\netdsl.sys [2005-11-21 11264] R1 SYMTDI;SYMTDI; C:\WINDOWS\System32\Drivers\SYMTDI.SYS [2007-10-01 189320] R1 WS2IFSL;Windows Socket 2.0 Non-IFS-Dienstanbieter-Unterstützungsumgebung; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032] R2 symlcbrd;symlcbrd; \??\C:\WINDOWS\system32\drivers\symlcbrd.sys [] R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [] R3 FETND5BV;VIA Rhine-Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2005-03-18 42496] R3 HidUsb;Microsoft HID Class-Treiber; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 mouhid;Maus-HID-Treiber; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-18 12288] R3 NETFWDSL;AVM FRITZ!web DSL PPP; C:\WINDOWS\system32\DRIVERS\NETFWDSL.SYS [2005-11-21 367104] R3 SYMDNS;SYMDNS; C:\WINDOWS\System32\Drivers\SYMDNS.SYS [2007-10-01 12680] R3 SymEvent;SymEvent; \??\C:\Programme\Symantec\SYMEVENT.SYS [] R3 SYMFW;SYMFW; C:\WINDOWS\System32\Drivers\SYMFW.SYS [2007-10-01 98184] R3 SYMIDS;SYMIDS; C:\WINDOWS\System32\Drivers\SYMIDS.SYS [2007-10-01 31624] R3 SYMIDSCO;SYMIDSCO; \??\C:\PROGRA~1\GEMEIN~1\SYMANT~1\SymcData\idsdefs\20090707.005\symidsco.sys [] R3 SYMNDIS;SYMNDIS; C:\WINDOWS\System32\Drivers\SYMNDIS.SYS [2007-10-01 28040] R3 SYMREDRV;SYMREDRV; C:\WINDOWS\System32\Drivers\SYMREDRV.SYS [2007-10-01 23944] R3 usbehci;Miniporttreiber für erweiterten Microsoft USB 2.0-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;USB2-aktivierter Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 USBSTOR;USB-Massenspeichertreiber; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] R3 usbuhci;Miniporttreiber für universellen Microsoft USB-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 viagfx;viagfx; C:\WINDOWS\system32\DRIVERS\vtmini.sys [2006-02-02 247040] R3 VIAudio;Vinyl AC'97 Audio Controller (WDM); C:\WINDOWS\system32\drivers\vinyl97.sys [2005-04-08 179968] S3 CA504AV;MegaCam, WDM Video Capture; C:\WINDOWS\System32\Drivers\CA504AV.SYS [2001-11-23 512917] S3 catchme;catchme; \??\C:\DOKUME~1\Manuela\LOKALE~1\Temp\catchme.sys [] S3 CCDECODE;Untertiteldecoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5b.sys [2003-01-15 41984] S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS [] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;NABTS/FEC VBI-Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Microsoft TV-/Videoverbindung; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 SAVRT;SAVRT; \??\C:\Programme\Norton Internet Security\Norton AntiVirus\SAVRT.SYS [] S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 SONYPVU1;Sony USB-Filtertreiber (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552] S3 SQTECH9160;CAMERA; C:\WINDOWS\System32\Drivers\Capt9160.sys [2005-11-02 45711] S3 streamip;BDA-IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 Sunplus;MegaCam Still Image Capture, Sunplus Version 1.00; C:\WINDOWS\System32\Drivers\Bulk504.sys [2001-10-05 10952] S3 usbccgp;Microsoft Standard-USB-Haupttreiber; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] S3 WSTCODEC;World Standard Teletext-Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] S4 NAVENG;NAVENG; \??\C:\PROGRA~1\GEMEIN~1\SYMANT~1\VIRUSD~1\20060922.018\NAVENG.Sys [] S4 NAVEX15;NAVEX15; \??\C:\PROGRA~1\GEMEIN~1\SYMANT~1\VIRUSD~1\20060922.018\NavEx15.Sys [] S4 SAVRTPEL;SAVRTPEL; \??\C:\Programme\Norton Internet Security\Norton AntiVirus\SAVRTPEL.SYS [] S4 SPBBCDrv;SPBBCDrv; \??\C:\Programme\Gemeinsame Dateien\Symantec Shared\SPBBC\SPBBCDrv.sys [] S4 sr;Filtertreiber für Systemwiederherstellung; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-14 73472] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AVM IGD CTRL Service;AVM IGD CTRL Service; C:\Programme\FRITZ!DSL\IGDCTRL.EXE [2005-11-21 81920] R2 ccEvtMgr;Symantec Event Manager; C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe [2006-03-28 192160] R2 ccProxy;Symantec Network Proxy; C:\Programme\Gemeinsame Dateien\Symantec Shared\ccProxy.exe [2006-06-22 202400] R2 ccSetMgr;Symantec Settings Manager; C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe [2006-03-28 169632] R2 CSIScanner;CSIScanner; C:\Programme\Prevx\prevx.exe [2009-07-09 4368952] R2 JavaQuickStarterService;Java Quick Starter; C:\Programme\Java\jre6\bin\jqs.exe [2008-11-10 152984] R2 MWAgent;MWAgent; C:\Programme\Gemeinsame Dateien\MicroWorld\Agent\MWASER.EXE [2007-04-07 414208] R2 SNDSrvc;Symantec Network Drivers Service; C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe [2007-10-01 214408] R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912] R3 NSCService;Norton Protection Center Service; C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Console\NSCSRVCE.EXE [2006-12-15 750720] S2 HotspotShieldService;Hotspot Shield Service; C:\Programme\Hotspot Shield\bin\openvpnas.exe [2008-07-24 84440] S2 navapsvc;Norton AntiVirus Auto-Protect-Dienst; C:\Programme\Norton Internet Security\Norton AntiVirus\navapsvc.exe [2007-05-28 139888] S3 aspnet_state;ASP.NET-Zustandsdienst; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800] S3 ccISPwdSvc;Symantec Internet Security Password Validation; C:\Programme\Norton Internet Security\ccPwdSvc.exe [2006-03-24 72328] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144] S3 comHost;COM Host; C:\Programme\Norton Internet Security\comHost.exe [2007-02-01 45696] S3 de_serv;AVM FRITZ!web Routing Service; C:\Programme\Gemeinsame Dateien\AVM\de_serv.exe [2005-11-21 315392] S3 gusvc;Google Software Updater; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-02-03 182768] S3 SAVScan;Symantec AVScan; C:\Programme\Norton Internet Security\Norton AntiVirus\SAVScan.exe [2005-08-26 198368] S3 Symantec Core LC;Symantec Core LC; C:\Programme\Gemeinsame Dateien\Symantec Shared\CCPD-LC\symlcsvc.exe [2009-07-08 1251720] S3 WMConnectCDS;Windows Media Connect-Dienst; C:\Programme\Windows Media Connect 2\wmccds.exe [2005-10-06 856064] S4 SPBBCSvc;Symantec SPBBCSvc; C:\Programme\Gemeinsame Dateien\Symantec Shared\SPBBC\SPBBCSvc.exe [2006-05-11 1160848] -----------------EOF----------------- |
info.txt logfile of random's system information tool 1.06 2009-07-13 21:35:21 ======Uninstall list====== -->C:\PROGRA~1\GEMEIN~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{69640730-B830-4C24-BB5C-222DA1260548} -->C:\Programme\Gemeinsame Dateien\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 -->C:\WINDOWS\IsUn0407.exe -fC:\WINDOWS\orun32.isu -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Acronis*True*Image-->MsiExec.exe /X{CA83357B-931E-44DC-AD43-9996FEEB8116} Adobe Flash Player 9 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\UninstFl.exe -q Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Reader 9.1 - Deutsch-->MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-A91000000001} Ahead Nero Burning ROM-->C:\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL ANNO 1602-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{4C781ED5-4C2A-4495-875B-85CC9266F1F0}\Setup.exe" Athlon 64 Processor Driver-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe" -l0x7 AVM FRITZ!Box Monitor-->"C:\Programme\FRITZ!Box Monitor\install.exe" -d AVM FRITZ!DSL-->C:\WINDOWS\IsUn0407.exe -fC:\Programme\FRITZ!DSL\WebUnins.isu -cC:\Programme\FRITZ!DSL\Webunins.dll AVM FRITZ!fax-->C:\WINDOWS\IsUn0407.exe -fC:\Programme\FRITZ!fax\Uninst.isu -cC:\Programme\FRITZ!fax\UNINST.DLL Azureus-->C:\Programme\Azureus\Uninstall.exe Billiard Total-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{871EFABF-ED09-42A0-8C4C-000000000024}\Setup.exe" BitComet FLV Converter 1.0-->C:\BitComet FLV Converter\uninst.exe BrainSprinter 4.12-->MsiExec.exe /I{AEE82CE6-0D43-4D74-948B-20F780366F6A} Buyertools Reminder-->"C:\BuyertoolsReminder\Uninstall.exe" "C:\BuyertoolsReminder\install.log" -u BVS Solitaire Sammlung version 4.0-->"C:\BVS Solitaire Collection\unins000.exe" Camera-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{4EB9E9E6-45FF-4998-8477-D2E8A9C1ED5B}\Setup.exe" CC_ccProxyExt-->MsiExec.exe /I{2EBF25F1-F8A2-40EA-92BE-931C142A44E2} ccCommon-->MsiExec.exe /I{1248C09A-BD6B-47F5-BF3F-CD2B700D9FCB} CCleaner (remove only)-->"C:\CCleaner\uninst.exe" ccPxyCore-->MsiExec.exe /I{30738666-9805-4926-A78F-91DA33B6C437} CDBurnerXP Pro 3-->MsiExec.exe /I{896D642C-7125-44F0-AC49-A23ABF82209C} Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E} Cult-->C:\WINDOWS\ST5UNST.EXE -n "C:\Programme\Cult\ST5UNST.LOG" Das Amt-->C:\WINDOWS\IsUn0407.exe -f"C:\Greenwood\Das Amt\Uninst.isu" Der Planer 3-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{D11016EA-8CFB-4E07-91D4-28606762DF06}\Setup.exe" -l0x7 -UNINST Die Sims - Tierisch gut drauf-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{7C32C567-DC0F-4C80-B06C-7873850A2E06}\setup.exe" -l0007 Digital Camera Driver-->C:\PROGRA~1\DIGITA~1\UNWISE.EXE C:\PROGRA~1\DIGITA~1\INSTALL.LOG DVD Solution-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstall Easy Burning (remove only)-->C:\EasyBurning\Uninst Easy_Burning.exe FLV Player 1.3.3-->"C:\FLVPlayer\uninstall.exe" Free Video Converter V 1.2-->"C:\Free Video Converter\unins000.exe" Google Toolbar for Internet Explorer-->"C:\Programme\Google\Google Toolbar\Component\GoogleToolbarManager_9DE96A29E721D90A.exe" /uninstall Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C} GrabPro - Toolbar-->regsvr32 /u /s "C:\Orbitdownloader\GrabPro.dll" Hexedit-->C:\WINDOWS\uninst.exe -fC:\Hexedit\DeIsL1.isu -cC:\Hexedit\_ISREG32.DLL Hex-Editor MX-->"C:\Hex-Editor MX\unins000.exe" HighMAT-Erweiterung für den Microsoft Windows XP-Assistenten zum Schreiben von CDs-->MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F} HijackThis 2.0.2-->"C:\Dokumente und Einstellungen\Manuela\Desktop\HijackThis.exe" /uninstall Hotfix for Windows Media Format SDK (KB902344)-->"C:\WINDOWS\$NtUninstallKB902344$\spuninst\spuninst.exe" Hotfix für Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" Hotspot Shield 1.06-->C:\Programme\Hotspot Shield\Uninstall.exe Hotspot_Shield Toolbar-->C:\PROGRA~1\HOTSPO~2\UNWISE.EXE C:\PROGRA~1\HOTSPO~2\INSTALL.LOG ICQ6-->"C:\Programme\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\setup.exe" -runfromtemp -l0x0009 -removeonly Imperialismus-->C:\WINDOWS\unin0407.exe -fc:\Imperialismus\DeIsL1.isu Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF} Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070} LabelPrint 1.0-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\setup.exe" -uninstall Malwarebytes' Anti-Malware-->"C:\Malwarebytes' Anti-Malware\unins000.exe" MediaShow 3.0-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{D5A9B7C0-8751-11D8-9D75-000129760D75}\setup.exe" -uninstall Microsoft .NET Framework 1.1 German Language Pack-->MsiExec.exe /X{E78BFA60-5393-4C38-82AB-E8019E464EB4} Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 2.0 Language Pack - DEU-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - DEU\install.exe Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28} Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe" Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe" Microsoft Office 2000 Premium-->MsiExec.exe /I{00000407-78E1-11D2-B60F-006097C998E7} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7} Microsoft Windows-Journal-Viewer-->MsiExec.exe /X{43DCF766-6838-4F9A-8C91-D92DA586DFA7} Microsoft-Basissmartcard-Kryptografiedienstanbieterpaket-->"C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe" Mozilla Firefox (3.0.6)-->C:\Programme\Mozilla Firefox\uninstall\helper.exe MSRedist-->MsiExec.exe /I{B7C61755-DB48-4003-948F-3D34DB8EAF69} MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} Norton AntiSpam-->MsiExec.exe /I{3B29A786-5803-4E9E-9B58-3014A5B4E519} Norton AntiSpam-->MsiExec.exe /I{5677563D-0CB1-485F-9E18-C5025306BB3F} Norton AntiVirus 2006-->MsiExec.exe /X{C6F5B6CF-609C-428E-876F-CA83176C021B} Norton Internet Security 2006 (Symantec Corporation)-->"C:\Programme\Gemeinsame Dateien\Symantec Shared\SymSetup\{A93C9E60-29B6-49da-BA21-F70AC6AADE20}.exe" /X Norton Internet Security-->MsiExec.exe /I{12E2B9E9-05B1-407d-B0FD-B5F350535125} Norton Internet Security-->MsiExec.exe /I{48185814-A224-447a-81DA-71BD20580E1B} Norton Internet Security-->MsiExec.exe /I{A93C9E60-29B6-49da-BA21-F70AC6AADE20} Norton Internet Security-->MsiExec.exe /I{E3EFA461-EB83-4C3B-9C47-2C1D58A01555} Norton Internet Security-->MsiExec.exe /I{E5EE9939-259F-4DE2-8023-5C49E16A4F43} Norton Internet Security-->MsiExec.exe /I{FFB4DD53-28B7-4981-BFF0-9BD801F61095} Norton Protection Center-->MsiExec.exe /I{82A5BF38-8461-4A5C-B2C9-24F5256D92A6} Norton WMI Update-->MsiExec.exe /X{E85FA9A1-C241-4698-893B-DD99509B8DB0} Norton WMI Update-->MsiExec.exe /X{F64306A5-4C32-41bb-B153-53986527FAB4} PC SpeedScan Pro-->C:\Programme\InstallShield Installation Information\{80F24F31-F641-4349-83F3-59E335976D16}\setup.exe -runfromtemp -l0x0007 -removeonly Peron-->C:\WINDOWS\IsUn0407.exe -fC:\Greenwood\Peron\Uninst.isu PhotoNow! 1.0-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{D36DD326-7280-11D8-97C8-000129760CBE}\setup.exe" -uninstall Power2Go 4.0-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\setup.exe" -uninstall PowerBackup 1.0-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{ADD5DB49-72CF-11D8-9D75-000129760D75}\setup.exe" -uninstall PowerDVD Copy 1.0-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{E3D04529-6EDB-11D8-A372-0050BAE317E1}\setup.exe" -uninstall PowerDVD-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall PowerProducer-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\setup.exe" -uninstall Prevx 3.0-->"C:\Programme\Prevx\prevx.exe" /prop UNINSTALL=Y Quest For Glory V: Drachenfeuer-->C:\WINDOWS\IsUn0407.exe -fC:\SIERRA\QFG5\Uninst.isu QuickTime 3.0-->C:\WINDOWS\uninst.exe -fC:\Programme\QuickTime\DeIsL1.isu -c"C:\WINDOWS\system32\QTUninst.dll RealPlayer-->C:\Programme\Gemeinsame Dateien\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 Screenshot Captor 2.57.01-->"C:\ScreenshotCaptor\unins000.exe" Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} Sicherheitsupdate für Step by Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe" Sicherheitsupdate für Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe" Sicherheitsupdate für Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" Sicherheitsupdate für Windows Media Player 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe" Sicherheitsupdate für Windows Media Player 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe" Sicherheitsupdate für Windows Media Player 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB950759)-->"C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB963027)-->"C:\WINDOWS\$NtUninstallKB963027$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB969897)-->"C:\WINDOWS\$NtUninstallKB969897$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe" Sierra Print Artist 6.0-->C:\WINDOWS\IsUn0407.exe -fC:\SIERRA\PA6\Uninst.isu -c"C:\SIERRA\PA6\PASTP.DLL" SPBBC-->MsiExec.exe /I{77772678-817F-4401-9301-ED1D01A8DA56} Ulead Photo Explorer-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\0700\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{D271DAE0-8D68-4C97-8356-A126D48A1D8C}\Setup.exe" -l0x7 Ulead Photo Express 4.0 SE-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{BBC0D330-C37B-4472-BFB9-AA217CF0C95F}\setup.exe" Update für Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe" Update für Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe" Update für Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe" Update für Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe" VIA Platform Device Manager-->C:\PROGRA~1\GEMEIN~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169} VIA Rhine-Family Fast Ethernet Adapter-->Rundll32.exe vuins32.dll,vuins32Ex $Rhine $VIA VIA Vinyl Audio Codecs Driver Setup Program-->RunDll32.exe UnAudioNT.dll,UninstallAudio C:\WINDOWS\IsUn0407.exe -y-f"C:\PROGRA~1\VIAudioi\SBASetup\Uninst.isu" VIA/S3G Display Driver-->C:\PROGRA~1\S3\UChromeP\s3minset.exe /u UChromeP.uns Windows Genuine Advantage v1.3.0254.0-->MsiExec.exe /I{63569CE9-FA00-469C-AF5C-E5D4D93ACF91} Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe" Windows Live Anmelde-Assistent-->MsiExec.exe /I{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60} Windows Live Call-->MsiExec.exe /I{835686C5-8650-49EB-8CA0-4528B4035495} Windows Live Communications Platform-->MsiExec.exe /I{F69E83CF-B440-43F8-89E6-6EA80712109B} Windows Live Essentials-->C:\Programme\Windows Live\Installer\wlarp.exe Windows Live Essentials-->MsiExec.exe /I{DF5F687F-8018-4542-9F98-7084E9022917} Windows Live Messenger-->MsiExec.exe /X{837B6259-6FF5-4E66-87C1-A5A15ED36FF4} Windows Live-Uploadtool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} Windows Media Connect-->"C:\WINDOWS\$NtUninstallWMCSetup$\spuninst\spuninst.exe" Windows Media Format Runtime-->"C:\Programme\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Format SDK Hotfix - KB891122-->"C:\WINDOWS\$NtUninstallKB891122$\spuninst\spuninst.exe" Windows Media Player 10-->"C:\Programme\Windows Media Player\Setup_wm.exe" /Uninstall Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" WinRAR-->C:\WinRAR\uninstall.exe Xvid 1.1.3 final uninstall-->"C:\Programme\Xvid\unins000.exe" Yahtzee Deluxe-->"C:\Zylom Games\Yahtzee Deluxe\GameInstlr.exe" --uninstall UnInstall.log =====HijackThis Backups===== R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://einwahl.oleco.de/ [2009-07-08] F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\pavuppad.exe,C:\WINDOWS\system32\twext.exe, [2009-07-08] O4 - HKLM\..\Run: [winupdate.exe] C:\WINDOWS\system32\winupdate.exe [2009-07-08] F2 - REG:system.ini: UserInit=C:\WINDOWS\SYSTEM32\Userinit.exe,C:\WINDOWS\system32\pavuppad.exe,C:\WINDOWS\system32\twext.exe, [2009-07-08] F2 - REG:system.ini: UserInit=C:\WINDOWS\SYSTEM32\Userinit.exe,C:\WINDOWS\system32\twext.exe,C:\WINDOWS\system32\pavuppad.exe, [2009-07-08] F2 - REG:system.ini: UserInit=C:\WINDOWS\SYSTEM32\Userinit.exe,C:\WINDOWS\system32\pavuppad.exe,C:\WINDOWS\system32\twext.exe, [2009-07-08] F2 - REG:system.ini: UserInit=C:\WINDOWS\SYSTEM32\Userinit.exe,C:\WINDOWS\system32\twext.exe,C:\WINDOWS\system32\pavuppad.exe, [2009-07-09] ======Security center information====== AV: Norton Internet Security 2006 (disabled) (outdated) FW: Norton Internet Worm Protection (disabled) FW: Norton Internet Security 2006 ======System event log====== Computer Name: Event Code: 11 Message: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\D gefunden. Record Number: 11181 Source Name: Disk Time Written: 20090710032940.000000+120 Event Type: Fehler User: Computer Name: Event Code: 11 Message: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\D gefunden. Record Number: 11180 Source Name: Disk Time Written: 20090710032939.000000+120 Event Type: Fehler User: Computer Name: Event Code: 11 Message: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\D gefunden. Record Number: 11179 Source Name: Disk Time Written: 20090710032936.000000+120 Event Type: Fehler User: Computer Name: Event Code: 11 Message: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\D gefunden. Record Number: 11178 Source Name: Disk Time Written: 20090710032934.000000+120 Event Type: Fehler User: Computer Name: Event Code: 11 Message: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\D gefunden. Record Number: 11177 Source Name: Disk Time Written: 20090710032932.000000+120 Event Type: Fehler User: =====Application event log===== Computer Name: Event Code: 34 Message: Record Number: 15079 Source Name: NSCService Time Written: 20081128153945.000000+060 Event Type: Informationen User: NT-AUTORITÄT\SYSTEM Computer Name: Event Code: 1800 Message: Der Windows-Sicherheitscenterdienst wurde gestartet. Record Number: 15078 Source Name: SecurityCenter Time Written: 20081128153857.000000+060 Event Type: Informationen User: Computer Name: Event Code: 35 Message: Der Dienst 'Symantec Netzwerk-Proxy' wurde gestartet. Record Number: 15077 Source Name: ccProxy Time Written: 20081128153840.000000+060 Event Type: Informationen User: NT-AUTORITÄT\SYSTEM Computer Name: Event Code: 1 Message: Application started Record Number: 15076 Source Name: SNDSrvc Time Written: 20081128153836.000000+060 Event Type: Informationen User: NT-AUTORITÄT\SYSTEM Computer Name: Event Code: 26 Message: Application starting Record Number: 15075 Source Name: SNDSrvc Time Written: 20081128153836.000000+060 Event Type: Informationen User: NT-AUTORITÄT\SYSTEM ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Programme\Gemeinsame Dateien\Ulead Systems\MPEG;C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD;C:\Programme\Gemeinsame Dateien\Roxio Shared\DLLShared "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=15 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 44 Stepping 2, AuthenticAMD "PROCESSOR_REVISION"=2c02 "NUMBER_OF_PROCESSORS"=1 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP -----------------EOF----------------- |
Wow, nu konnte ich das durchlaufen lassen und mir ist gleich schlecht geworden..da ist ja noch so viel infiziert *seufzganzlaut* und nu??????? Malwarebytes' Anti-Malware 1.38 Datenbank Version: 2394 Windows 5.1.2600 Service Pack 3 13.07.2009 21:51:36 mbam-log-2009-07-13 (21-51-30).txt Scan-Methode: Quick-Scan Durchsuchte Objekte: 101814 Laufzeit: 9 minute(s), 32 second(s) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 6 Infizierte Registrierungswerte: 1 Infizierte Dateiobjekte der Registrierung: 1 Infizierte Verzeichnisse: 0 Infizierte Dateien: 4 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: HKEY_CLASSES_ROOT\TypeLib\{497dddb6-6eee-4561-9621-b77dc82c1f84} (Adware.Ascentive) -> No action taken. HKEY_CLASSES_ROOT\Interface\{4e980492-027b-47f1-a7ab-ab086dacbb9e} (Adware.Ascentive) -> No action taken. HKEY_CLASSES_ROOT\Interface\{5ead8321-fcbb-4c3f-888c-ac373d366c3f} (Adware.Ascentive) -> No action taken. HKEY_CLASSES_ROOT\CLSID\{31f3cf6e-a71a-4daa-852b-39ac230940b4} (Adware.Ascentive) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055fd26d-3a88-4e15-963d-dc8493744b1d} (Adware.BHO) -> No action taken. HKEY_CLASSES_ROOT\CLSID\{055fd26d-3a88-4e15-963d-dc8493744b1d} (Adware.BHO) -> No action taken. Infizierte Registrierungswerte: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\c:\WINDOWS\system32\SysRestore.dll (Adware.Ascentive) -> No action taken. Infizierte Dateiobjekte der Registrierung: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken. Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: c:\WINDOWS\system32\SysRestore.dll (Adware.Ascentive) -> No action taken. C:\WINDOWS\system32\pavuppad.exe (Trojan.Agent) -> No action taken. C:\WINDOWS\system32\critical_warning.html (Trojan.FakeAlert) -> No action taken. C:\Programme\ICQToolbar\tbuA7\toolbaru.dll (Adware.BHO) -> No action taken. |
Weiter mit Superantispyware und Log hierher: |
was mach ich eigentlich mit den Sachen, die bei malwarebytes als infiziert erkannt wurden??? soll ich das fenster einfach schließen?? |
Auswahl entfernen anklicken. |
Alle Zeitangaben in WEZ +1. Es ist jetzt 01:42 Uhr. |
Copyright ©2000-2024, Trojaner-Board