Logfile - böse :@

tarantel · 25.05.2007, 14:45

Guten Tag!!!
Ich hatte vor einiger Zeit ein Virus oben -Isamini- wenn ich mich recht erinnere. Nun ja dachte dass ich ihn eliminiert habe. Heute hat aber der PC gehakt. Als ich ihn runterfuhr kammen einige Prozesse die noch am laufen waren (wollen sie dieses Prozess sofort beenden). Das war auch alles noch normal. Doch kam da ein Prozess der hieß böse.exe und dahinter war noch ein :@ Tja keine Ahnung was das ist, hat mich aber echt misstrauisch gemacht. Der explorer.exe Prozess hat in letzter Zeit auch schon öfter nicht mehr reagiert. Da wollt ich mal nachfragen. Vielen Dank schon mal für eure Zeit

Logfile of HijackThis v1.99.1
Scan saved at 15:32:33, on 25.05.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16441)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\Programme\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\Programme\Gemeinsame Dateien\Autodesk Shared\Service\AdskScSrv.exe
C:\WINDOWS\system32\HPConfig.exe
C:\Programme\HPQ\Notebook Utilities\HPWirelessMgr.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programme\Microsoft SQL Server\MSSQL$KBMSS\Binn\sqlservr.exe
C:\Programme\CyberLink\Shared Files\RichVideo.exe
C:\Programme\Gemeinsame Dateien\D.P.Technology\Floating License\lservnt.exe
C:\Programme\Gemeinsame Dateien\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Synaptics\SynTP\SynTPLpr.exe
C:\Programme\Synaptics\SynTP\SynTPEnh.exe
C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programme\Skype\Phone\Skype.exe
C:\Programme\HPQ\One-Touch\OneTouch.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe
C:\Programme\SyncroSoft\Pos\H2O\cledx.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Microsoft ActiveSync\WCESCOMM.EXE
C:\Programme\Siemens\Gigaset PC Card 54\GigasetWLANMonitor.exe
C:\Programme\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Programme\Skype\Plugin Manager\skypePM.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\WINDOWS\Explorer.EXE
F:\Programme\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = h**p://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = h**p://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = h**p://www.hp.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Acrobat Reader 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {CA356D79-679B-4b4c-8E49-5AF97014F4C1} - C:\Programme\Starware369\bin\Starware369.dll
O3 - Toolbar: Steganos Internet Anonym - {00000000-5736-4205-0008-f7ed0776fb27} - c:\programme\steganos internet anonym 2006\sia2006iep.dll
O3 - Toolbar: Starware Musik-Toolbar - {D49E9D35-254C-4c6a-9D17-95018D228FF5} - C:\Programme\Starware369\bin\Starware369.dll
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Programme\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Cpqset] C:\Programme\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [Desktop Zoom] C:\Programme\HPQ\Desktop Zoom\hpwinadj.exe -s
O4 - HKLM\..\Run: [TV Now] C:\Programme\HPQ\Notebook Utilities\TvNow.exe /RK
O4 - HKLM\..\Run: [Display Settings] C:\Programme\HPQ\Notebook Utilities\hptasks.exe /s
O4 - HKLM\..\Run: [QT4HPOT] C:\Programme\HPQ\One-Touch\OneTouch.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SNM] C:\Programme\SpyNoMore\SNM.exe /startup
O4 - HKLM\..\Run: [H2O] C:\Programme\SyncroSoft\Pos\H2O\cledx.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Programme\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Gigaset WLAN Adapter Monitor.lnk = C:\Programme\Siemens\Gigaset PC Card 54\GigasetWLANMonitor.exe
O4 - Global Startup: Service Manager.lnk = C:\Programme\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra button: Mobilen Favoriten erstellen - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Programme\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Programme\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Mobilen Favoriten erstellen... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Programme\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=h**p://w*w.hp.com
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Programme\Gemeinsame Dateien\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: claviscom - SAD control service (CLASADCtrl) - Unknown owner - C:\Programme\claviscom\data drive\ClaSDCtrlSer.exe (file missing)
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: HP Configuration Interface Service (HPConfig) - Hewlett-Packard - C:\WINDOWS\system32\HPConfig.exe
O23 - Service: HPWirelessMgr - Hewlett-Packard Co. - C:\Programme\HPQ\Notebook Utilities\HPWirelessMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LckFldService - Unknown owner - C:\WINDOWS\system32\LckFldService.exe
O23 - Service: RaySat_3dsmax8 Server (mi-raysat_3dsmax8) - Unknown owner - C:\Programme\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS (file missing)
O23 - Service: PACSPTISVR - Sony Corporation - C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programme\CyberLink\Shared Files\RichVideo.exe
O23 - Service: SentinelLM - Rainbow Technologies, Inc. - C:\Programme\Gemeinsame Dateien\D.P.Technology\Floating License\lservnt.exe
O23 - Service: Sentinel Protection Server (SentinelProtectionServer) - SafeNet, Inc - C:\Programme\Gemeinsame Dateien\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Unknown owner - C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\SSScsiSV.exe (file missing)
O23 - Service: TSMService - Unknown owner - C:\Programme\T-DSL SpeedManager\tsmsvc.exe (file missing)
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Programme\TuneUp Utilities 2004\WinStylerThemeSvc.exe

**Sunny** · 25.05.2007, 15:07

Hallo.

Es könnte möglich sein das immer noch Reste im System vorhanden sind, arbeite daher mal diese Anleitung durch und poste das Ergebnis:

ComboFix

-Lade dir das Tool hier herunter -> KLICK
-Starte nun die combofix.exe, bestätige mit (Y)es, lass die Bereinigung durchlaufen
und kopiere nun den Text ab, und füge ihn in deinen Beitrag im Board ein!

Video-ActiveX Object

Arbeite das Avengerscript ab (Videoactive.zip laden - entpacken und den videoactive.txt anwenden)

Anleitung SmitfraudFix:

Lade dir dieses Tool -> SmitfraudFix
-Starte es dann und lass das System durchsuchen. (Option 1)
-Poste danach wie in der Anleitung beschrieben, das Ergebnis des Scans

Gruß

Sunny

tarantel · 25.05.2007, 16:09

Danke für die schnelle Hilfe, verwundert mich jedesmal wieder wieviele hilfsbereite MEnschen es hier gibt.

Nun folgendes bei der Prüfung mit video ActiveX kam folgender Fehler in einem textdokument:

Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\qqueaqnn

*******************

Script file located at: owrdlkci

Could not open script file! Error

Could not open script file! Status: 0xc000003b Abort!

Ich hatte die Scriptfile auf dem Desktop wie in der Anleitung beschrieben.

Nun ja die Smitfrautfix gab es folgendes Ergebnis:

SmitFraudFix v2.171

Scan done at 16:58:21.40, 2005-05-25
Run from F:\Programme\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in normal mode

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\Programme\Gemeinsame Dateien\Autodesk Shared\Service\AdskScSrv.exe
C:\WINDOWS\system32\HPConfig.exe
C:\Programme\HPQ\Notebook Utilities\HPWirelessMgr.exe
C:\WINDOWS\system32\LckFldService.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programme\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
C:\Programme\Microsoft SQL Server\MSSQL$KBMSS\Binn\sqlservr.exe
C:\Programme\CyberLink\Shared Files\RichVideo.exe
C:\Programme\Gemeinsame Dateien\D.P.Technology\Floating License\lservnt.exe
C:\Programme\Gemeinsame Dateien\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\system32\carpserv.exe
C:\Programme\Synaptics\SynTP\SynTPLpr.exe
C:\Programme\Synaptics\SynTP\SynTPEnh.exe
C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programme\HPQ\One-Touch\OneTouch.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe
C:\Programme\SyncroSoft\Pos\H2O\cledx.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Microsoft ActiveSync\WCESCOMM.EXE
C:\Programme\Siemens\Gigaset PC Card 54\GigasetWLANMonitor.exe
C:\Programme\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts

»»»»»»»»»»»»»»»»»»»»»»»» C:\

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

»»»»»»»»»»»»»»»»»»»»»»»» C:\Dokumente und Einstellungen\admin

»»»»»»»»»»»»»»»»»»»»»»»» C:\Dokumente und Einstellungen\admin\Application Data

»»»»»»»»»»»»»»»»»»»»»»»» Start Menu

»»»»»»»»»»»»»»»»»»»»»»»» C:\DOKUME~1\admin\FAVORI~1

»»»»»»»»»»»»»»»»»»»»»»»» Desktop

»»»»»»»»»»»»»»»»»»»»»»»» C:\Programme

»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys

»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components

»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""

»»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32-huy32

»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: National Semiconductor DP83815-basierter PCI-Fast Ethernet-Adapter - Paketplaner-Miniport
DNS Server Search Order: 192.168.1.1

HKLM\SYSTEM\CCS\Services\Tcpip\..\{966C650E-12E3-4972-B6E3-F4EB03B6134A}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{966C650E-12E3-4972-B6E3-F4EB03B6134A}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1

»»»»»»»»»»»»»»»»»»»»»»»» Scanning for wininet.dll infection

»»»»»»»»»»»»»»»»»»»»»»»» End

Dann war da noch ein zweites Fenster:

SmitFraudFix v2.171

Scan done at 16:58:36.93, 2005-05-25
Run from F:\Programme\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in normal mode

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Killing process

»»»»»»»»»»»»»»»»»»»»»»»» hosts

127.0.0.1 localhost

»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files

»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: National Semiconductor DP83815-basierter PCI-Fast Ethernet-Adapter - Paketplaner-Miniport
DNS Server Search Order: 192.168.1.1

HKLM\SYSTEM\CCS\Services\Tcpip\..\{966C650E-12E3-4972-B6E3-F4EB03B6134A}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{966C650E-12E3-4972-B6E3-F4EB03B6134A}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1

»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""

»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

Registry Cleaning done.

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» End

Hoffe hab alles richtig gemacht.

Weiß nicht ob das was mit den Programmen zu tun hat, aber meine Uhr ist auf einmal English??? Seit dem Neustart???

**Sunny** · 25.05.2007, 16:18

Dann versuch mal folgendes:

Anleitung Avenger:

1.) Lade dir das Tool Avenger und speichere es auf dem Desktop:

2.) Klicke nun auf die Option „Input Script manually“ -> klicke jetzt auf die Lupe und kopiere folgenden Text rein aus dieser Datei welche ich angehängt habe!!! Einfach alles markieren und einfügen!!!

Hat es diesesmal geklappt, poste auf jeden Fall nochmal das Log vom Avenger!

Gruß
Sunny

tarantel · 25.05.2007, 17:38

Jetzt hat es geklappt. Nur ist sie zu lang (sogar als anhang). Scheint ein haufen kaputt zu sein. Werd sie über mehrere messages schicken. Beim durchlesen hab ich gemerkt dass einige dll´s fehlen. Das Problem hab ich schon etwas länger und hab jetzt auch einige Programme neuinstalliert.

Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\jlyobmmf

*******************

Script file located at: \??\C:\WINDOWS\system32\xkuwosmc.txt
Script file opened successfully.

Script file read successfully

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

File C:\WINDOWS\system32\dbqlrij.dll not found!
Deletion of file C:\WINDOWS\system32\dbqlrij.dll failed!

Could not process line:
C:\WINDOWS\system32\dbqlrij.dll
Status: 0xc0000034

File C:\WINDOWS\system32\xxfgmy.dll not found!
Deletion of file C:\WINDOWS\system32\xxfgmy.dll failed!

Could not process line:
C:\WINDOWS\system32\xxfgmy.dll
Status: 0xc0000034

File C:\WINDOWS\system32\tpedvf.dll not found!
Deletion of file C:\WINDOWS\system32\tpedvf.dll failed!

Could not process line:
C:\WINDOWS\system32\tpedvf.dll
Status: 0xc0000034

File C:\WINDOWS\system32\vcehaeb.dll not found!
Deletion of file C:\WINDOWS\system32\vcehaeb.dll failed!

Could not process line:
C:\WINDOWS\system32\vcehaeb.dll
Status: 0xc0000034

File C:\WINDOWS\system32\xqpauzx.dll not found!
Deletion of file C:\WINDOWS\system32\xqpauzx.dll failed!

Could not process line:
C:\WINDOWS\system32\xqpauzx.dll
Status: 0xc0000034

File C:\WINDOWS\system32\mlraakb.dll not found!
Deletion of file C:\WINDOWS\system32\mlraakb.dll failed!

Could not process line:
C:\WINDOWS\system32\mlraakb.dll
Status: 0xc0000034

File C:\WINDOWS\System32\rosdzop.dll not found!
Deletion of file C:\WINDOWS\System32\rosdzop.dll failed!

Could not process line:
C:\WINDOWS\System32\rosdzop.dll
Status: 0xc0000034

File C:\WINDOWS\system32\qrzsyr.dll not found!
Deletion of file C:\WINDOWS\system32\qrzsyr.dll failed!

Could not process line:
C:\WINDOWS\system32\qrzsyr.dll
Status: 0xc0000034

File C:\WINDOWS\system32\olnohdw.dll not found!
Deletion of file C:\WINDOWS\system32\olnohdw.dll failed!

Could not process line:
C:\WINDOWS\system32\olnohdw.dll
Status: 0xc0000034

File C:\WINDOWS\system32\hzclqhc.dll not found!
Deletion of file C:\WINDOWS\system32\hzclqhc.dll failed!

Could not process line:
C:\WINDOWS\system32\hzclqhc.dll
Status: 0xc0000034

File C:\WINDOWS\system32\gqagksr.dll not found!
Deletion of file C:\WINDOWS\system32\gqagksr.dll failed!

Could not process line:
C:\WINDOWS\system32\gqagksr.dll
Status: 0xc0000034

File C:\WINDOWS\system32\hjpprpu.dll not found!
Deletion of file C:\WINDOWS\system32\hjpprpu.dll failed!

Could not process line:
C:\WINDOWS\system32\hjpprpu.dll
Status: 0xc0000034

File C:\WINDOWS\system32\cwfsoopt.dll not found!
Deletion of file C:\WINDOWS\system32\cwfsoopt.dll failed!

Could not process line:
C:\WINDOWS\system32\cwfsoopt.dll
Status: 0xc0000034

File C:\WINDOWS\system32\vwfps.dll not found!
Deletion of file C:\WINDOWS\system32\vwfps.dll failed!

Could not process line:
C:\WINDOWS\system32\vwfps.dll
Status: 0xc0000034

File C:\WINDOWS\system32\cthkpcv.dll not found!
Deletion of file C:\WINDOWS\system32\cthkpcv.dll failed!

Could not process line:
C:\WINDOWS\system32\cthkpcv.dll
Status: 0xc0000034

File C:\WINDOWS\system32\ixt1.dll not found!
Deletion of file C:\WINDOWS\system32\ixt1.dll failed!

Could not process line:
C:\WINDOWS\system32\ixt1.dll
Status: 0xc0000034

File C:\WINDOWS\system32\ishost.exe not found!
Deletion of file C:\WINDOWS\system32\ishost.exe failed!

Could not process line:
C:\WINDOWS\system32\ishost.exe
Status: 0xc0000034

File C:\WINDOWS\system32\ismini.exe not found!
Deletion of file C:\WINDOWS\system32\ismini.exe failed!

Could not process line:
C:\WINDOWS\system32\ismini.exe
Status: 0xc0000034

File C:\WINDOWS\system32\isnotify.exe not found!
Deletion of file C:\WINDOWS\system32\isnotify.exe failed!

Could not process line:
C:\WINDOWS\system32\isnotify.exe
Status: 0xc0000034

File C:\WINDOWS\system32\issearch.exe not found!
Deletion of file C:\WINDOWS\system32\issearch.exe failed!

Could not process line:
C:\WINDOWS\system32\issearch.exe
Status: 0xc0000034

File C:\WINDOWS\system32\ixt0.dll not found!
Deletion of file C:\WINDOWS\system32\ixt0.dll failed!

Could not process line:
C:\WINDOWS\system32\ixt0.dll
Status: 0xc0000034

File C:\WINDOWS\system32\ot.ico not found!
Deletion of file C:\WINDOWS\system32\ot.ico failed!

Could not process line:
C:\WINDOWS\system32\ot.ico
Status: 0xc0000034

File C:\WINDOWS\system32\ts.ico not found!
Deletion of file C:\WINDOWS\system32\ts.ico failed!

Could not process line:
C:\WINDOWS\system32\ts.ico
Status: 0xc0000034

File C:\WINDOWS\System32\res.dll not found!
Deletion of file C:\WINDOWS\System32\res.dll failed!

Could not process line:
C:\WINDOWS\System32\res.dll
Status: 0xc0000034

File C:\WINDOWS\system32\nzdd.dll not found!
Deletion of file C:\WINDOWS\system32\nzdd.dll failed!

Could not process line:
C:\WINDOWS\system32\nzdd.dll
Status: 0xc0000034

File C:\WINDOWS\system32\pbdev2.dll not found!
Deletion of file C:\WINDOWS\system32\pbdev2.dll failed!

Could not process line:
C:\WINDOWS\system32\pbdev2.dll
Status: 0xc0000034

File C:\WINDOWS\System32\wnafdlyd.dll not found!
Deletion of file C:\WINDOWS\System32\wnafdlyd.dll failed!

Could not process line:
C:\WINDOWS\System32\wnafdlyd.dll
Status: 0xc0000034

Could not open file C:\Temp\vb_distrib.exe for deletion
Deletion of file C:\Temp\vb_distrib.exe failed!

Could not process line:
C:\Temp\vb_distrib.exe
Status: 0xc000003a

Could not open file C:\Temp\vb_distrib(2).exe for deletion
Deletion of file C:\Temp\vb_distrib(2).exe failed!

Could not process line:
C:\Temp\vb_distrib(2).exe
Status: 0xc000003a

File C:\Dokumente und Einstellungen\admin\run.exe not found!
Deletion of file C:\Dokumente und Einstellungen\admin\run.exe failed!

Could not process line:
C:\Dokumente und Einstellungen\admin\run.exe
Status: 0xc0000034

File C:\Dokumente und Einstellungen\admin\bearkey.exe not found!
Deletion of file C:\Dokumente und Einstellungen\admin\bearkey.exe failed!

Could not process line:
C:\Dokumente und Einstellungen\admin\bearkey.exe
Status: 0xc0000034

File C:\Dokumente und Einstellungen\admin\Favoriten\Antivirus Test Online.url not found!
Deletion of file C:\Dokumente und Einstellungen\admin\Favoriten\Antivirus Test Online.url failed!

Could not process line:
C:\Dokumente und Einstellungen\admin\Favoriten\Antivirus Test Online.url
Status: 0xc0000034

File C:\Dokumente und Einstellungen\admin\Favoriten\Online Security Test.url not found!
Deletion of file C:\Dokumente und Einstellungen\admin\Favoriten\Online Security Test.url failed!

Could not process line:
C:\Dokumente und Einstellungen\admin\Favoriten\Online Security Test.url
Status: 0xc0000034

File C:\Dokumente und Einstellungen\All Users\Startmenü\Online Security Guide.url not found!
Deletion of file C:\Dokumente und Einstellungen\All Users\Startmenü\Online Security Guide.url failed!

Could not process line:
C:\Dokumente und Einstellungen\All Users\Startmenü\Online Security Guide.url
Status: 0xc0000034

File C:\Dokumente und Einstellungen\All Users\Startmenü\Security Troubleshooting.url not found!
Deletion of file C:\Dokumente und Einstellungen\All Users\Startmenü\Security Troubleshooting.url failed!

Could not process line:
C:\Dokumente und Einstellungen\All Users\Startmenü\Security Troubleshooting.url
Status: 0xc0000034

File C:\Dokumente und Einstellungen\admin\Desktop\Virus-Bursters.lnk not found!
Deletion of file C:\Dokumente und Einstellungen\admin\Desktop\Virus-Bursters.lnk failed!

Could not process line:
C:\Dokumente und Einstellungen\admin\Desktop\Virus-Bursters.lnk
Status: 0xc0000034

File C:\Dokumente und Einstellungen\admin\Desktop\vb_distrib.exe not found!
Deletion of file C:\Dokumente und Einstellungen\admin\Desktop\vb_distrib.exe failed!

Could not process line:
C:\Dokumente und Einstellungen\admin\Desktop\vb_distrib.exe
Status: 0xc0000034

File C:\Dokumente und Einstellungen\admin\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Virus-Bursters 6.3.lnk not found!
Deletion of file C:\Dokumente und Einstellungen\admin\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Virus-Bursters 6.3.lnk failed!

Could not process line:
C:\Dokumente und Einstellungen\admin\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Virus-Bursters 6.3.lnk
Status: 0xc0000034

File C:\Dokumente und Einstellungen\admin\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\VirusBurster 6.3.lnk not found!
Deletion of file C:\Dokumente und Einstellungen\admin\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\VirusBurster 6.3.lnk failed!

Could not process line:
C:\Dokumente und Einstellungen\admin\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\VirusBurster 6.3.lnk
Status: 0xc0000034

File C:\Dokumente und Einstellungen\admin\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\AntiVermins 2.1.lnk not found!
Deletion of file C:\Dokumente und Einstellungen\admin\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\AntiVermins 2.1.lnk failed!

Could not process line:
C:\Dokumente und Einstellungen\admin\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\AntiVermins 2.1.lnk
Status: 0xc0000034

File C:\Dokumente und Einstellungen\admin\Startmenü\AntiVermins 2.1.lnk not found!
Deletion of file C:\Dokumente und Einstellungen\admin\Startmenü\AntiVermins 2.1.lnk failed!

Could not process line:
C:\Dokumente und Einstellungen\admin\Startmenü\AntiVermins 2.1.lnk
Status: 0xc0000034

File C:\Dokumente und Einstellungen\admin\Desktop\AntiVermins.lnk not found!
Deletion of file C:\Dokumente und Einstellungen\admin\Desktop\AntiVermins.lnk failed!

Could not process line:
C:\Dokumente und Einstellungen\admin\Desktop\AntiVermins.lnk
Status: 0xc0000034

File C:\Dokumente und Einstellungen\admin\Lokale Einstellungen\Temp\VBLanguage.ini not found!
Deletion of file C:\Dokumente und Einstellungen\admin\Lokale Einstellungen\Temp\VBLanguage.ini failed!

Could not process line:
C:\Dokumente und Einstellungen\admin\Lokale Einstellungen\Temp\VBLanguage.ini
Status: 0xc0000034

File C:\Dokumente und Einstellungen\admin\Lokale Einstellungen\Temp\vb49.exe not found!
Deletion of file C:\Dokumente und Einstellungen\admin\Lokale Einstellungen\Temp\vb49.exe failed!

Could not process line:
C:\Dokumente und Einstellungen\admin\Lokale Einstellungen\Temp\vb49.exe
Status: 0xc0000034

File C:\Dokumente und Einstellungen\admin\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\SpywareHeal 2.2.lnk not found!
Deletion of file C:\Dokumente und Einstellungen\admin\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\SpywareHeal 2.2.lnk failed!

Could not process line:
C:\Dokumente und Einstellungen\admin\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\SpywareHeal 2.2.lnk
Status: 0xc0000034

File C:\Dokumente und Einstellungen\admin\Desktop\SpywareHeal.lnk not found!
Deletion of file C:\Dokumente und Einstellungen\admin\Desktop\SpywareHeal.lnk failed!

Could not process line:
C:\Dokumente und Einstellungen\admin\Desktop\SpywareHeal.lnk
Status: 0xc0000034

File C:\Dokumente und Einstellungen\admin\Startmenü\SpywareHeal 2.2.lnk not found!
Deletion of file C:\Dokumente und Einstellungen\admin\Startmenü\SpywareHeal 2.2.lnk failed!

Could not process line:
C:\Dokumente und Einstellungen\admin\Startmenü\SpywareHeal 2.2.lnk
Status: 0xc0000034

Folder C:\Programme\Video ActiveX Object not found!
Deletion of folder C:\Programme\Video ActiveX Object failed!

Could not process line:
C:\Programme\Video ActiveX Object
Status: 0xc0000034

Folder C:\Programme\System Alert Popup not found!
Deletion of folder C:\Programme\System Alert Popup failed!

Could not process line:
C:\Programme\System Alert Popup
Status: 0xc0000034

Folder C:\Programme\VirusBurster not found!
Deletion of folder C:\Programme\VirusBurster failed!

Could not process line:
C:\Programme\VirusBurster
Status: 0xc0000034

Folder C:\Programme\Virus-Bursters not found!
Deletion of folder C:\Programme\Virus-Bursters failed!

Could not process line:
C:\Programme\Virus-Bursters
Status: 0xc0000034

Folder C:\Programme\AntiVermins not found!
Deletion of folder C:\Programme\AntiVermins failed!

Could not process line:
C:\Programme\AntiVermins
Status: 0xc0000034

Folder C:\Programme\DriveCleaner 2006 Free not found!
Deletion of folder C:\Programme\DriveCleaner 2006 Free failed!

Could not process line:
C:\Programme\DriveCleaner 2006 Free
Status: 0xc0000034

Folder C:\Programme\IntCodec not found!
Deletion of folder C:\Programme\IntCodec failed!

Could not process line:
C:\Programme\IntCodec
Status: 0xc0000034

Folder C:\WINDOWS\system32\components not found!
Deletion of folder C:\WINDOWS\system32\components failed!

Could not process line:
C:\WINDOWS\system32\components
Status: 0xc0000034

Folder C:\Dokumente und Einstellungen\admin\Lokale Einstellungen\Temp\~nsu.tmp not found!
Deletion of folder C:\Dokumente und Einstellungen\admin\Lokale Einstellungen\Temp\~nsu.tmp failed!

Could not process line:
C:\Dokumente und Einstellungen\admin\Lokale Einstellungen\Temp\~nsu.tmp
Status: 0xc0000034

Folder C:\Dokumente und Einstellungen\admin\Startmenü\Programme\Virus-Bursters not found!
Deletion of folder C:\Dokumente und Einstellungen\admin\Startmenü\Programme\Virus-Bursters failed!

Could not process line:
C:\Dokumente und Einstellungen\admin\Startmenü\Programme\Virus-Bursters
Status: 0xc0000034

Folder C:\Dokumente und Einstellungen\admin\Startmenü\Programme\VirusBurster not found!
Deletion of folder C:\Dokumente und Einstellungen\admin\Startmenü\Programme\VirusBurster failed!

Could not process line:
C:\Dokumente und Einstellungen\admin\Startmenü\Programme\VirusBurster
Status: 0xc0000034

Folder C:\Dokumente und Einstellungen\admin\Startmenü\Programme\AntiVermins not found!
Deletion of folder C:\Dokumente und Einstellungen\admin\Startmenü\Programme\AntiVermins failed!

Could not process line:
C:\Dokumente und Einstellungen\admin\Startmenü\Programme\AntiVermins
Status: 0xc0000034

Folder C:\Dokumente und Einstellungen\admin\Startmenü\Programme\VirusRescue not found!
Deletion of folder C:\Dokumente und Einstellungen\admin\Startmenü\Programme\VirusRescue failed!

Could not process line:
C:\Dokumente und Einstellungen\admin\Startmenü\Programme\VirusRescue
Status: 0xc0000034

Folder C:\Dokumente und Einstellungen\admin\Anwendungsdaten\DriveCleaner 2006 Free not found!
Deletion of folder C:\Dokumente und Einstellungen\admin\Anwendungsdaten\DriveCleaner 2006 Free failed!

Could not process line:
C:\Dokumente und Einstellungen\admin\Anwendungsdaten\DriveCleaner 2006 Free
Status: 0xc0000034

Folder C:\Dokumente und Einstellungen\admin\Startmenü\Programme\SpywareHeal not found!
Deletion of folder C:\Dokumente und Einstellungen\admin\Startmenü\Programme\SpywareHeal failed!

Could not process line:
C:\Dokumente und Einstellungen\admin\Startmenü\Programme\SpywareHeal
Status: 0xc0000034

Folder C:\Program Files\PestTrap not found!
Deletion of folder C:\Program Files\PestTrap failed!

Could not process line:
C:\Program Files\PestTrap
Status: 0xc0000034

Folder C:\Programme\SpyNoMore not found!
Deletion of folder C:\Programme\SpyNoMore failed!

Could not process line:
C:\Programme\SpyNoMore
Status: 0xc0000034

Folder C:\Programme\Perfect Codec not found!
Deletion of folder C:\Programme\Perfect Codec failed!

Could not process line:
C:\Programme\Perfect Codec
Status: 0xc0000034

Folder C:\Programme\iVideoCodec not found!
Deletion of folder C:\Programme\iVideoCodec failed!

Could not process line:
C:\Programme\iVideoCodec
Status: 0xc0000034

Folder C:\Programme\SoftCodec not found!
Deletion of folder C:\Programme\SoftCodec failed!

Could not process line:
C:\Programme\SoftCodec
Status: 0xc0000034

Folder C:\Programme\QualityCodec not found!
Deletion of folder C:\Programme\QualityCodec failed!

Could not process line:
C:\Programme\QualityCodec
Status: 0xc0000034

Folder C:\Programme\Safety Bar not found!
Deletion of folder C:\Programme\Safety Bar failed!

Could not process line:
C:\Programme\Safety Bar
Status: 0xc0000034

Folder C:\Programme\VirusRescue not found!
Deletion of folder C:\Programme\VirusRescue failed!

Could not process line:
C:\Programme\VirusRescue
Status: 0xc0000034

Folder C:\Programme\SpywareHeal not found!
Deletion of folder C:\Programme\SpywareHeal failed!

Could not process line:
C:\Programme\SpywareHeal
Status: 0xc0000034

tarantel · 25.05.2007, 17:40

Und hier kommt der Rest, man ich glaub ich muss neu aufsetzten:

Could not delete registry value HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{84938242-5C5B-4A55-B6B9-A1507543B418}
Deletion of registry value HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{84938242-5C5B-4A55-B6B9-A1507543B418} failed!
Status: 0xc0000034

Could not delete registry value HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{0D045BAA-4BD3-4C94-BE8B-21536BD6BD9F}
Deletion of registry value HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{0D045BAA-4BD3-4C94-BE8B-21536BD6BD9F} failed!
Status: 0xc0000034

Could not delete registry value HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{96ebbe6a-2864-4345-b32b-26ee9be524b5}
Deletion of registry value HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{96ebbe6a-2864-4345-b32b-26ee9be524b5} failed!
Status: 0xc0000034

Could not delete registry value HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{5d4831e0-5a7c-4a46-afd5-a79ab8ce36c2}
Deletion of registry value HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{5d4831e0-5a7c-4a46-afd5-a79ab8ce36c2} failed!
Status: 0xc0000034

Could not delete registry value HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{4E7BD74F-2B8D-469E-A0E8-FA68B685FA7D}
Deletion of registry value HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{4E7BD74F-2B8D-469E-A0E8-FA68B685FA7D} failed!
Status: 0xc0000034

Could not delete registry value HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{18668683-731c-48fa-b1b9-ad013748fb00}
Deletion of registry value HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{18668683-731c-48fa-b1b9-ad013748fb00} failed!
Status: 0xc0000034

Could not delete registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run|isamonitor.exe
Deletion of registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run|isamonitor.exe failed!
Status: 0xc0000034

Could not delete registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run|pmsngr.exe
Deletion of registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run|pmsngr.exe failed!
Status: 0xc0000034

Could not delete registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run|isamini.exe
Deletion of registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run|isamini.exe failed!
Status: 0xc0000034

Could not delete registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run|wininet.dll
Deletion of registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run|wininet.dll failed!
Status: 0xc0000034

Could not delete registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run|none
Deletion of registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run|none failed!
Status: 0xc0000034

Could not delete registry value HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run|ISHOST.EXE
Deletion of registry value HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run|ISHOST.EXE failed!
Status: 0xc0000034

Could not delete registry value HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run|issearch.exe
Deletion of registry value HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run|issearch.exe failed!
Status: 0xc0000034

Could not delete registry value HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run|kernel32.dll
Deletion of registry value HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run|kernel32.dll failed!
Status: 0xc0000034

Could not delete registry value HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run|Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\%s
Deletion of registry value HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run|Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\%s failed!
Status: 0xc0000034

Could not delete registry value HKLM\software\microsoft\windows\currentversion\shellserviceobjectdelayload|benumbment
Deletion of registry value HKLM\software\microsoft\windows\currentversion\shellserviceobjectdelayload|benumbment failed!
Status: 0xc0000034

Could not delete registry value HKLM\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler|{af4fd984-a939-4c32-82b2-8bae7abe9aec}
Deletion of registry value HKLM\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler|{af4fd984-a939-4c32-82b2-8bae7abe9aec} failed!
Status: 0xc0000034

Could not delete registry value HKLM\software\microsoft\windows\currentversion\shellserviceobjectdelayload|emptins
Deletion of registry value HKLM\software\microsoft\windows\currentversion\shellserviceobjectdelayload|emptins failed!
Status: 0xc0000034

Could not delete registry value HKLM\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler|{588599f4-de26-4c28-ba14-f4eb17e33481}
Deletion of registry value HKLM\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler|{588599f4-de26-4c28-ba14-f4eb17e33481} failed!
Status: 0xc0000034

Could not delete registry value HKLM\software\microsoft\windows\currentversion\shellserviceobjectdelayload|expatriates
Deletion of registry value HKLM\software\microsoft\windows\currentversion\shellserviceobjectdelayload|expatriates failed!
Status: 0xc0000034

Could not delete registry value HKLM\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler|{1a01a98c-4f25-42e1-971a-185cf63569b2}
Deletion of registry value HKLM\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler|{1a01a98c-4f25-42e1-971a-185cf63569b2} failed!
Status: 0xc0000034

Could not delete registry value HKLM\software\microsoft\windows\currentversion\shellserviceobjectdelayload|flammei
Deletion of registry value HKLM\software\microsoft\windows\currentversion\shellserviceobjectdelayload|flammei failed!
Status: 0xc0000034

Could not delete registry value HKLM\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler|{9d635a36-6b3c-4146-8625-f3aaf507bbf8}
Deletion of registry value HKLM\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler|{9d635a36-6b3c-4146-8625-f3aaf507bbf8} failed!
Status: 0xc0000034

Could not delete registry value HKLM\software\microsoft\windows\currentversion\shellserviceobjectdelayload|blippers
Deletion of registry value HKLM\software\microsoft\windows\currentversion\shellserviceobjectdelayload|blippers failed!
Status: 0xc0000034

Could not delete registry value HKLM\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler|{f2efa195-4785-4db1-9316-b48c64bb71da}
Deletion of registry value HKLM\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler|{f2efa195-4785-4db1-9316-b48c64bb71da} failed!
Status: 0xc0000034

Could not delete registry value HKLM\software\microsoft\windows\currentversion\shellserviceobjectdelayload|gloomily
Deletion of registry value HKLM\software\microsoft\windows\currentversion\shellserviceobjectdelayload|gloomily failed!
Status: 0xc0000034

Could not delete registry value HKLM\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler|{9cc1c589-4b22-4dae-8e12-4c3b5fa12b3f}
Deletion of registry value HKLM\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler|{9cc1c589-4b22-4dae-8e12-4c3b5fa12b3f} failed!
Status: 0xc0000034

Could not delete registry value HKLM\software\microsoft\windows\currentversion\shellserviceobjectdelayload|impasse
Deletion of registry value HKLM\software\microsoft\windows\currentversion\shellserviceobjectdelayload|impasse failed!
Status: 0xc0000034

Could not delete registry value HKLM\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler|{bb720bab-2f75-456b-a850-04d77b20f6b8}
Deletion of registry value HKLM\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler|{bb720bab-2f75-456b-a850-04d77b20f6b8} failed!
Status: 0xc0000034

Could not delete registry value HKLM\software\microsoft\windows\currentversion\shellserviceobjectdelayload|boob
Deletion of registry value HKLM\software\microsoft\windows\currentversion\shellserviceobjectdelayload|boob failed!
Status: 0xc0000034

Could not delete registry value HKLM\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler|{01b55afa-f451-474b-9e91-c35b24d02641}
Deletion of registry value HKLM\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler|{01b55afa-f451-474b-9e91-c35b24d02641} failed!
Status: 0xc0000034

Could not delete registry value HKLM\software\microsoft\windows\currentversion\shellserviceobjectdelayload|astral
Deletion of registry value HKLM\software\microsoft\windows\currentversion\shellserviceobjectdelayload|astral failed!
Status: 0xc0000034

Could not delete registry value HKLM\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler|{5f938c17-fbc7-4a3c-8526-85e5b1a1f762}
Deletion of registry value HKLM\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler|{5f938c17-fbc7-4a3c-8526-85e5b1a1f762} failed!
Status: 0xc0000034

Could not delete registry value HKLM\software\microsoft\windows\currentversion\shellserviceobjectdelayload|articulation
Deletion of registry value HKLM\software\microsoft\windows\currentversion\shellserviceobjectdelayload|articulation failed!
Status: 0xc0000034

Could not delete registry value HKLM\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler|{8dc1f789-e073-4363-b40d-07376bc5ecc5}
Deletion of registry value HKLM\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler|{8dc1f789-e073-4363-b40d-07376bc5ecc5} failed!
Status: 0xc0000034

Could not delete registry value HKLM\software\microsoft\windows\currentversion\shellserviceobjectdelayload|haematobia
Deletion of registry value HKLM\software\microsoft\windows\currentversion\shellserviceobjectdelayload|haematobia failed!
Status: 0xc0000034

Could not delete registry value HKLM\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler|{3c767c6b-602d-4b9b-829d-a3dc5b2d89dd}
Deletion of registry value HKLM\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler|{3c767c6b-602d-4b9b-829d-a3dc5b2d89dd} failed!
Status: 0xc0000034

Could not delete registry value HKLM\software\microsoft\windows\currentversion\shellserviceobjectdelayload|hydrodictyon
Deletion of registry value HKLM\software\microsoft\windows\currentversion\shellserviceobjectdelayload|hydrodictyon failed!
Status: 0xc0000034

Could not delete registry value HKLM\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler|{b166be07-30a4-4d38-b781-44528a630706}
Deletion of registry value HKLM\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler|{b166be07-30a4-4d38-b781-44528a630706} failed!
Status: 0xc0000034

Could not delete registry value HKLM\software\microsoft\windows\currentversion\shellserviceobjectdelayload|beeper
Deletion of registry value HKLM\software\microsoft\windows\currentversion\shellserviceobjectdelayload|beeper failed!
Status: 0xc0000034

Could not delete registry value HKLM\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler|{951a98d0-dad6-4a77-8280-a494279a884b}
Deletion of registry value HKLM\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler|{951a98d0-dad6-4a77-8280-a494279a884b} failed!
Status: 0xc0000034

Could not delete registry value HKLM\software\microsoft\windows\currentversion\shellserviceobjectdelayload|buprestidae
Deletion of registry value HKLM\software\microsoft\windows\currentversion\shellserviceobjectdelayload|buprestidae failed!
Status: 0xc0000034

Could not delete registry value HKLM\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler|{b59f3ba4-98da-4b5f-8a2d-7b56fb11140b}
Deletion of registry value HKLM\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler|{b59f3ba4-98da-4b5f-8a2d-7b56fb11140b} failed!
Status: 0xc0000034

Could not delete registry value HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run|Virus-Bursters
Deletion of registry value HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run|Virus-Bursters failed!
Status: 0xc0000034

Could not delete registry value HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run|VirusBurster
Deletion of registry value HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run|VirusBurster failed!
Status: 0xc0000034

Registry value HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run|SNM deleted successfully.

Could not delete registry value HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run|DllRunning
Deletion of registry value HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run|DllRunning failed!
Status: 0xc0000034

Could not delete registry value HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run|AntiVermins
Deletion of registry value HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run|AntiVermins failed!
Status: 0xc0000034

Could not delete registry value HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run|VirusRescue
Deletion of registry value HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run|VirusRescue failed!
Status: 0xc0000034

Could not delete registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|SpywareHeal
Deletion of registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|SpywareHeal failed!
Status: 0xc0000034

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{96ebbe6a-2864-4345-b32b-26ee9be524b5} not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{96ebbe6a-2864-4345-b32b-26ee9be524b5} failed!
Status: 0xc0000034

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ae18da4e-be15-4925-81bb-890c04af0200} not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ae18da4e-be15-4925-81bb-890c04af0200} failed!
Status: 0xc0000034

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1a1ddc19-5893-43ab-a73f-f41a0f34d115} not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1a1ddc19-5893-43ab-a73f-f41a0f34d115} failed!
Status: 0xc0000034

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1771E3F7-9819-4C60-A806-ACFDAE55A58B} not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1771E3F7-9819-4C60-A806-ACFDAE55A58B} failed!
Status: 0xc0000034

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5d4831e0-5a7c-4a46-afd5-a79ab8ce36c2} not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5d4831e0-5a7c-4a46-afd5-a79ab8ce36c2} failed!
Status: 0xc0000034

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{951a98d0-dad6-4a77-8280-a494279a884b} not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{951a98d0-dad6-4a77-8280-a494279a884b} failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Classes\CLSID\{b59f3ba4-98da-4b5f-8a2d-7b56fb11140b} not found!
Deletion of registry key HKLM\SOFTWARE\Classes\CLSID\{b59f3ba4-98da-4b5f-8a2d-7b56fb11140b} failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Classes\CLSID\{3c767c6b-602d-4b9b-829d-a3dc5b2d89dd} not found!
Deletion of registry key HKLM\SOFTWARE\Classes\CLSID\{3c767c6b-602d-4b9b-829d-a3dc5b2d89dd} failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Classes\CLSID\{8dc1f789-e073-4363-b40d-07376bc5ecc5} not found!
Deletion of registry key HKLM\SOFTWARE\Classes\CLSID\{8dc1f789-e073-4363-b40d-07376bc5ecc5} failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Classes\CLSID\{0D045BAA-4BD3-4C94-BE8B-21536BD6BD9F} not found!
Deletion of registry key HKLM\SOFTWARE\Classes\CLSID\{0D045BAA-4BD3-4C94-BE8B-21536BD6BD9F} failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Classes\CLSID\{67982BB7-0F95-44C5-92DC-E3AF3DC19D6D} not found!
Deletion of registry key HKLM\SOFTWARE\Classes\CLSID\{67982BB7-0F95-44C5-92DC-E3AF3DC19D6D} failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Video ActiveX Object deleted successfully.

Registry key HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Video ActiveX Object not found!
Deletion of registry key HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Video ActiveX Object failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\System Alert Popup not found!
Deletion of registry key HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\System Alert Popup failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Internet Explorer Security Plugin 2006 not found!
Deletion of registry key HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Internet Explorer Security Plugin 2006 failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Internet Security Add-On not found!
Deletion of registry key HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Internet Security Add-On failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Public Messenger ver 2.03 not found!
Deletion of registry key HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Public Messenger ver 2.03 failed!
Status: 0xc0000034

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\QualityCodec not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\QualityCodec failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Classes\CLSID\{af4fd984-a939-4c32-82b2-8bae7abe9aec} not found!
Deletion of registry key HKLM\SOFTWARE\Classes\CLSID\{af4fd984-a939-4c32-82b2-8bae7abe9aec} failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Classes\CLSID\{588599f4-de26-4c28-ba14-f4eb17e33481} not found!
Deletion of registry key HKLM\SOFTWARE\Classes\CLSID\{588599f4-de26-4c28-ba14-f4eb17e33481} failed!
Status: 0xc0000034

tarantel · 25.05.2007, 17:41

Hat immer noch nicht gepasst hier wirklich das ende

Registry key HKLM\SOFTWARE\Classes\CLSID\{1a01a98c-4f25-42e1-971a-185cf63569b2} not found!
Deletion of registry key HKLM\SOFTWARE\Classes\CLSID\{1a01a98c-4f25-42e1-971a-185cf63569b2} failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Classes\CLSID\{9d635a36-6b3c-4146-8625-f3aaf507bbf8} not found!
Deletion of registry key HKLM\SOFTWARE\Classes\CLSID\{9d635a36-6b3c-4146-8625-f3aaf507bbf8} failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Classes\CLSID\{f2efa195-4785-4db1-9316-b48c64bb71da} not found!
Deletion of registry key HKLM\SOFTWARE\Classes\CLSID\{f2efa195-4785-4db1-9316-b48c64bb71da} failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Classes\CLSID\{9cc1c589-4b22-4dae-8e12-4c3b5fa12b3f} not found!
Deletion of registry key HKLM\SOFTWARE\Classes\CLSID\{9cc1c589-4b22-4dae-8e12-4c3b5fa12b3f} failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Classes\CLSID\{bb720bab-2f75-456b-a850-04d77b20f6b8} not found!
Deletion of registry key HKLM\SOFTWARE\Classes\CLSID\{bb720bab-2f75-456b-a850-04d77b20f6b8} failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Classes\CLSID\{01b55afa-f451-474b-9e91-c35b24d02641} not found!
Deletion of registry key HKLM\SOFTWARE\Classes\CLSID\{01b55afa-f451-474b-9e91-c35b24d02641} failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Classes\CLSID\{5f938c17-fbc7-4a3c-8526-85e5b1a1f762} not found!
Deletion of registry key HKLM\SOFTWARE\Classes\CLSID\{5f938c17-fbc7-4a3c-8526-85e5b1a1f762} failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Classes\CLSID\{b166be07-30a4-4d38-b781-44528a630706} not found!
Deletion of registry key HKLM\SOFTWARE\Classes\CLSID\{b166be07-30a4-4d38-b781-44528a630706} failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Classes\CLSID\{4E7BD74F-2B8D-469E-A0E8-FA68B685FA7D} not found!
Deletion of registry key HKLM\SOFTWARE\Classes\CLSID\{4E7BD74F-2B8D-469E-A0E8-FA68B685FA7D} failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Classes\CLSID\{f4d74aaa-a178-4463-846b-b4bc87a024e0} not found!
Deletion of registry key HKLM\SOFTWARE\Classes\CLSID\{f4d74aaa-a178-4463-846b-b4bc87a024e0} failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Classes\CLSID\{18668683-731c-48fa-b1b9-ad013748fb00} not found!
Deletion of registry key HKLM\SOFTWARE\Classes\CLSID\{18668683-731c-48fa-b1b9-ad013748fb00} failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Classes\CLSID\{EBCDDA60-2A68-11D3-8A43-0060083CFB9C} not found!
Deletion of registry key HKLM\SOFTWARE\Classes\CLSID\{EBCDDA60-2A68-11D3-8A43-0060083CFB9C} failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Virus-Bursters not found!
Deletion of registry key HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Virus-Bursters failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\virus-bursters.exe not found!
Deletion of registry key HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\virus-bursters.exe failed!
Status: 0xc0000034

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\virusburster.exe not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\virusburster.exe failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\virusburster.exe not found!
Deletion of registry key HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\virusburster.exe failed!
Status: 0xc0000034

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{6470B552-2B54-4AAB-BFA2-9376A5328AEC} not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{6470B552-2B54-4AAB-BFA2-9376A5328AEC} failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\VirusBurster not found!
Deletion of registry key HKLM\SOFTWARE\VirusBurster failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Virus-Bursters not found!
Deletion of registry key HKLM\SOFTWARE\Virus-Bursters failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Virus-Bursters not found!
Deletion of registry key HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Virus-Bursters failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Classes\TypeLib\{F83E8F99-AE49-45D6-92B4-59854BF0A759} not found!
Deletion of registry key HKLM\SOFTWARE\Classes\TypeLib\{F83E8F99-AE49-45D6-92B4-59854BF0A759} failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Classes\TypeLib\{C97C3B7C-E022-4FA8-B1A7-1C28270FFAFF} not found!
Deletion of registry key HKLM\SOFTWARE\Classes\TypeLib\{C97C3B7C-E022-4FA8-B1A7-1C28270FFAFF} failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Classes\TypeLib\{02A40EA7-B5B4-4F41-B2FF-2A8A0AEC50CF} not found!
Deletion of registry key HKLM\SOFTWARE\Classes\TypeLib\{02A40EA7-B5B4-4F41-B2FF-2A8A0AEC50CF} failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Classes\TypeLib\{A569F6C9-29F0-43BC-80CF-6BA138C66108} not found!
Deletion of registry key HKLM\SOFTWARE\Classes\TypeLib\{A569F6C9-29F0-43BC-80CF-6BA138C66108} failed!
Status: 0xc0000034

Registry key HKLM\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EBCDDA60-2A68-11D3-8A43-0060083CFB9C} not found!
Deletion of registry key HKLM\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EBCDDA60-2A68-11D3-8A43-0060083CFB9C} failed!
Status: 0xc0000034

Registry key HKLM\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E7BD74F-2B8D-469E-A0E8-FA68B685FA7D} not found!
Deletion of registry key HKLM\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E7BD74F-2B8D-469E-A0E8-FA68B685FA7D} failed!
Status: 0xc0000034

Registry key HKLM\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1771E3F7-9819-4C60-A806-ACFDAE55A58B} not found!
Deletion of registry key HKLM\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1771E3F7-9819-4C60-A806-ACFDAE55A58B} failed!
Status: 0xc0000034

Registry key HKLM\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ae18da4e-be15-4925-81bb-890c04af0200} not found!
Deletion of registry key HKLM\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ae18da4e-be15-4925-81bb-890c04af0200} failed!
Status: 0xc0000034

Registry key HKLM\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1a1ddc19-5893-43ab-a73f-f41a0f34d115} not found!
Deletion of registry key HKLM\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1a1ddc19-5893-43ab-a73f-f41a0f34d115} failed!
Status: 0xc0000034

Registry key HKLM\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{67270207-b9ee-4d26-9270-860fdb060ca1} not found!
Deletion of registry key HKLM\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{67270207-b9ee-4d26-9270-860fdb060ca1} failed!
Status: 0xc0000034

Registry key HKLM\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} not found!
Deletion of registry key HKLM\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} failed!
Status: 0xc0000034

Registry key HKLM\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f4d74aaa-a178-4463-846b-b4bc87a024e0} not found!
Deletion of registry key HKLM\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f4d74aaa-a178-4463-846b-b4bc87a024e0} failed!
Status: 0xc0000034

Registry key HKLM\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{67982BB7-0F95-44C5-92DC-E3AF3DC19D6D} not found!
Deletion of registry key HKLM\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{67982BB7-0F95-44C5-92DC-E3AF3DC19D6D} failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Classes\CLSID\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} deleted successfully.

Registry key HKLM\SOFTWARE\Classes\CLSID\{67270207-b9ee-4d26-9270-860fdb060ca1} not found!
Deletion of registry key HKLM\SOFTWARE\Classes\CLSID\{67270207-b9ee-4d26-9270-860fdb060ca1} failed!
Status: 0xc0000034

Registry key HKLM\software\microsoft\shared tools\msconfig\startupreg\PestTrap not found!
Deletion of registry key HKLM\software\microsoft\shared tools\msconfig\startupreg\PestTrap failed!
Status: 0xc0000034

Registry key HKLM\software\microsoft\shared tools\msconfig\startupreg\VirusBurster not found!
Deletion of registry key HKLM\software\microsoft\shared tools\msconfig\startupreg\VirusBurster failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Virus-Bursters not found!
Deletion of registry key HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Virus-Bursters failed!
Status: 0xc0000034

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Perfect Codec not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Perfect Codec failed!
Status: 0xc0000034

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Perfect Codec not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Perfect Codec failed!
Status: 0xc0000034

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{6B112EBD-0C90-4AC4-A969-F36797F00006} not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{6B112EBD-0C90-4AC4-A969-F36797F00006} failed!
Status: 0xc0000034

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{600B9825-0AC9-4541-8C42-73B405413560} not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{600B9825-0AC9-4541-8C42-73B405413560} failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\AntiVermins not found!
Deletion of registry key HKLM\SOFTWARE\AntiVermins failed!
Status: 0xc0000034

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{AFA75D89-F998-4F7C-B1BF-D7BCB85DFB2E} not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{AFA75D89-F998-4F7C-B1BF-D7BCB85DFB2E} failed!
Status: 0xc0000034

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ESENT\Process\SpywareHeal not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ESENT\Process\SpywareHeal failed!
Status: 0xc0000034

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SpywareHeal.exe not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SpywareHeal.exe failed!
Status: 0xc0000034

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpywareHeal not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpywareHeal failed!
Status: 0xc0000034

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\SpywareHeal not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\SpywareHeal failed!
Status: 0xc0000034

Completed script processing.

*******************

Finished! Terminate.

tarantel · 25.05.2007, 17:44

Und zu guter letzt die von ComboFix - man das ist ja mehr Text als in einem Roman

"admin" - 2005-05-25 17:11:03 Service Pack 2
ComboFix 07-05.25.3V - Running from: "C:\Dokumente und Einstellungen\admin\Desktop\"

((((((((((((((((((((((((((((((( Files Created from 2005-04-05 to 2005-05-25 ))))))))))))))))))))))))))))))))))

2005-05-26 04:16 18,200 --a------ C:\WINDOWS\system32\wups2.dll
2005-05-25 18:15 60,416 --a------ C:\WINDOWS\system32\drivers\ouanuomf.sys
2005-05-25 18:15 14,503 --a------ C:\avexport.bat
2005-05-25 18:15 126,976 --a------ C:\zip.exe
2005-05-25 18:15 1,080 --a------ C:\cpidsvsa.bat
2005-05-25 16:55 <DIR> d-------- C:\avenger
2005-05-24 15:39 <DIR> d-------- C:\DOKUME~1\ALLUSE~1\ANWEND~1\Stylus Studio
2005-05-24 15:36 <DIR> d-------- C:\DOKUME~1\admin\ANWEND~1\Stylus Studio
2005-05-24 15:33 <DIR> d-------- C:\Programme\Stylus Studio 2007 XML Enterprise Suite Release 2
2005-05-23 13:45 <DIR> d-------- C:\DOKUME~1\ALLUSE~1\ANWEND~1\Google
2005-05-23 13:37 <DIR> d-------- C:\Programme\Google
2005-05-19 12:50 49,152 --a------ C:\WINDOWS\system32\mgxasio2.dll
2005-05-19 12:50 430,080 --a------ C:\WINDOWS\system32\MXRestore.exe
2005-05-19 12:50 <DIR> d-------- C:\Programme\Gemeinsame Dateien\MAGIX Shared
2005-05-19 12:43 85,504 --a------ C:\WINDOWS\system32\HtmlWH.dll
2005-05-19 12:43 49,152 --a------ C:\WINDOWS\system32\INETWH32.dll
2005-05-19 12:43 1,089,536 --a------ C:\WINDOWS\system32\ROBOEX32.DLL
2005-05-19 12:43 <DIR> d-------- C:\WINDOWS\system32\MAGIX
2005-05-19 12:43 <DIR> d-------- C:\MAGIX
2005-05-16 15:20 6,656 --a------ C:\WINDOWS\system32\drivers\sfhlp02.sys
2005-05-14 06:48 <DIR> d-------- C:\DOKUME~1\admin\ANWEND~1\DivX
2005-05-13 23:01 <DIR> d-------- C:\Programme\DivX
2005-05-12 21:48 <DIR> d-------- C:\DOKUME~1\admin\ANWEND~1\Thunderbird
2005-05-12 21:18 <DIR> d-------- C:\Programme\Mozilla Thunderbird
2005-05-12 17:10 <DIR> d-------- C:\Programme\Digidesign
2005-05-12 17:09 <DIR> d-------- C:\Programme\Zero-G
2005-05-08 23:02 110,592 --a------ C:\WINDOWS\system32\tsccvid.dll
2005-05-04 19:45 <DIR> d-------- C:\Programme\MAGIX music maker 2004 deLuxe
2005-05-04 17:47 <DIR> d-------- C:\Programme\Cakewalk
2005-04-26 11:18 49,152 --a------ C:\WINDOWS\system32\tbtmon98Language.dll

(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-05-24 19:24:52 -------- d-----w C:\DOKUME~1\admin\ANWEND~1\Starware369
2007-05-23 14:42:21 -------- d-----w C:\DOKUME~1\admin\ANWEND~1\Google
2007-05-21 14:03:08 -------- d-----w C:\Programme\Gemeinsame Dateien\Autodesk Shared
2007-05-19 10:28:14 -------- d-----w C:\DOKUME~1\admin\ANWEND~1\Steinberg
2007-05-19 10:26:27 -------- d-----w C:\Programme\Steinberg
2007-05-19 10:20:35 -------- d-----w C:\Programme\Syncrosoft
2007-05-19 08:18:33 -------- d-----w C:\Programme\Half Life 2
2007-05-13 15:05:10 -------- d-----w C:\Programme\SpaceCAD 4
2007-05-11 17:54:15 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
2007-05-11 04:37:15 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
2007-05-11 04:37:15 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
2007-05-11 04:37:15 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
2007-05-11 04:37:15 740,442 ----a-w C:\WINDOWS\system32\DivX.dll
2007-05-10 14:42:36 -------- d-----w C:\DOKUME~1\admin\ANWEND~1\Winamp
2007-05-03 06:05:06 -------- d-----w C:\DOKUME~1\admin\ANWEND~1\NetPumper
2007-05-02 17:24:14 81,920 ----a-w C:\WINDOWS\system32\emfxp.dll
2007-05-02 17:24:14 36,864 ----a-w C:\WINDOWS\system32\unpdf.exe
2007-04-30 17:22:16 -------- d-----w C:\Programme\Winamp
2007-04-30 12:46:19 -------- d-----w C:\DOKUME~1\admin\ANWEND~1\GetRightToGo
2007-04-29 18:43:59 -------- d-----w C:\Programme\CyberLink
2007-04-29 18:31:33 -------- d-----w C:\DOKUME~1\admin\ANWEND~1\CyberLink
2007-04-29 15:55:25 -------- d-----w C:\Programme\QuickTime
2007-04-29 13:47:00 -------- d-----w C:\Programme\ReflexiveArcade
2007-04-25 14:25:28 -------- d-----w C:\Programme\The Cleaner
2007-04-25 05:40:03 -------- d-----w C:\Programme\RegCleaner
2007-04-25 04:42:27 -------- d-----w C:\Programme\AmoK
2007-04-25 04:38:50 -------- d-----w C:\Programme\UZC
2007-04-24 12:45:02 1,152 ----a-w C:\WINDOWS\system32\windrv.sys
2007-04-24 12:17:30 -------- d-----w C:\DOKUME~1\admin\ANWEND~1\PC Suite
2007-04-24 12:14:06 -------- d-----w C:\Programme\Namo
2007-04-24 12:12:20 -------- d-----w C:\Programme\Image-Line
2007-04-24 08:57:51 -------- d-----w C:\Programme\Orion Studios HD
2007-04-23 00:15:29 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2007-04-23 00:15:25 36,624 ------w C:\WINDOWS\system32\drivers\PxHelp20.sys
2007-04-23 00:15:24 129,784 ------w C:\WINDOWS\system32\pxafs.dll
2007-04-23 00:15:24 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe
2007-04-23 00:15:24 116,472 ------w C:\WINDOWS\system32\pxcpyi64.exe
2007-04-23 00:15:18 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2007-04-23 00:15:18 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2007-04-23 00:02:34 73,728 ----a-w C:\WINDOWS\system32\dpl100.dll
2007-04-23 00:02:34 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
2007-04-23 00:02:33 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
2007-04-23 00:02:31 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
2007-04-23 00:02:31 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
2007-04-23 00:02:31 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
2007-04-23 00:02:31 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
2007-04-23 00:02:31 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
2007-04-23 00:01:47 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
2007-04-23 00:01:46 124,472 ----a-w C:\WINDOWS\system32\DivXCodecUpdateChecker.exe
2007-04-21 18:13:56 -------- d-----w C:\DOKUME~1\admin\ANWEND~1\SecondLife
2007-04-21 14:47:04 -------- d-----w C:\Programme\FDRLab
2007-04-20 22:12:40 -------- d-----w C:\Programme\Messenger
2007-04-20 22:06:05 -------- d-----w C:\Programme\MSXML 4.0
2007-04-20 19:11:18 -------- d-----w C:\DOKUME~1\admin\ANWEND~1\Roxio
2007-04-18 22:05:38 205 ----a-w C:\WINDOWS\system32\lsprst7.dll
2007-04-18 19:08:27 -------- d-----w C:\DOKUME~1\admin\ANWEND~1\SmartDraw
2007-04-18 17:29:40 -------- d-----w C:\Programme\smartDraw flyer software
2007-04-18 16:13:24 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll
2007-04-18 09:24:12 233,472 ----a-w C:\WINDOWS\system32\REX Shared Library.dll
2007-04-18 09:24:12 -------- d-----w C:\DOKUME~1\admin\ANWEND~1\Propellerhead Software
2007-04-18 09:22:09 -------- d-----w C:\Programme\Propellerhead
2007-04-17 18:54:22 -------- d-----w C:\Programme\Radiograbber
2007-04-16 15:07:04 17,801 ----a-w C:\WINDOWS\system32\drivers\AegisP.sys
2007-04-16 15:06:32 -------- d-----w C:\Programme\Siemens
2007-04-16 14:03:30 -------- d-----w C:\Programme\MSN Messenger
2007-04-16 11:34:22 -------- d-----w C:\DOKUME~1\admin\ANWEND~1\Real
2007-04-16 11:23:56 -------- d-----w C:\Programme\Gemeinsame Dateien\xing shared
2007-04-16 11:23:47 -------- d-----w C:\Programme\Gemeinsame Dateien\Real
2007-04-16 11:22:28 -------- d-----w C:\Programme\Real
2007-04-08 17:48:01 1,152 ----a-w C:\WINDOWS\mozver.dat
2007-04-08 17:24:27 -------- d-----w C:\Programme\Steganos Internet Anonym 2006
2007-04-08 17:24:27 -------- d-----w C:\Programme\Secure Surfing Engine
2007-03-17 13:44:25 293,376 ----a-w C:\WINDOWS\system32\winsrv.dll
2007-03-16 21:06:29 -------- d-----w C:\Programme\Microsoft SQL Server
2007-03-16 21:00:29 -------- d-----w C:\Programme\Microsoft.NET
2007-03-16 20:38:08 -------- d-----w C:\Programme\Microsoft Device Emulator
2007-03-16 18:55:21 -------- d-----w C:\Programme\Microsoft Visual Studio 8
2007-03-16 18:54:12 -------- d-----w C:\Programme\MSBuild
2007-03-16 18:53:34 -------- d-----w C:\Programme\HTML Help Workshop
2007-03-16 18:52:03 -------- d-----w C:\Programme\Gemeinsame Dateien\Merge Modules
2007-03-16 18:33:34 -------- d-----w C:\Programme\Gemeinsame Dateien\Business Objects
2007-03-16 17:54:45 -------- d-----w C:\Programme\CE Remote Tools
2007-03-09 12:44:42 39,325 --sha-w C:\WINDOWS\system32\kas.exe
2007-03-08 15:36:30 579,072 ----a-w C:\WINDOWS\system32\user32.dll
2007-03-08 15:36:30 40,960 ----a-w C:\WINDOWS\system32\mf3216.dll
2007-03-08 15:36:30 281,600 ----a-w C:\WINDOWS\system32\gdi32.dll
2007-03-08 15:32:24 1,843,712 ----a-w C:\WINDOWS\system32\win32k.sys
2007-03-05 07:35:32 4,103,032 ----a-w C:\WINDOWS\system32\SpoonUninstall.exe
2007-03-02 15:27:35 -------- d-----w C:\Programme\Autodesk
2007-03-02 14:42:16 -------- d-----w C:\Programme\Apo202
2007-03-01 21:18:32 -------- d-----w C:\Programme\ptc
2007-03-01 20:36:58 -------- d-----w C:\Programme\PowerQuest
2007-02-28 14:29:26 -------- d-----w C:\Programme\QTam
2007-02-18 20:48:21 -------- d-----w C:\Programme\Movie Maker
2007-02-18 20:48:17 -------- d-----w C:\Programme\ESPRIT CD 2006
2007-02-16 19:31:02 -------- d-----w C:\Programme\Groove Networks
2007-02-16 19:30:28 -------- d-----w C:\Programme\PTC Collaboration Tools
2007-02-16 19:19:09 -------- d-----w C:\Programme\mechWildfire 2.0
2007-02-09 21:17:54 -------- d-----w C:\Programme\Sony
2007-02-09 21:16:23 -------- d-----w C:\Programme\Sony Setup
2007-02-09 11:10:35 574,464 ----a-w C:\WINDOWS\system32\drivers\ntfs.sys
2007-02-05 20:18:44 185,856 ----a-w C:\WINDOWS\system32\upnphost.dll
2007-02-03 22:04:56 163,644 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2007-02-02 15:45:11 -------- d-----w C:\Programme\ESPRIT 2006
2007-02-02 14:15:30 1,025 ----a-w C:\WINDOWS\system32\sysprs7.dll
2007-02-02 14:15:30 1,025 ----a-w C:\WINDOWS\system32\serauth2.dll
2007-02-02 14:15:30 1,025 ----a-w C:\WINDOWS\system32\serauth1.dll
2007-02-02 14:15:24 -------- d-----w C:\Programme\Gemeinsame Dateien\D.P.Technology
2007-02-02 14:14:34 -------- d-----w C:\Programme\Gemeinsame Dateien\Wise Installation Wizard
2007-02-02 13:49:01 -------- d-----w C:\Programme\SafeNet Sentinel
2007-02-02 13:49:01 -------- d-----w C:\Programme\Gemeinsame Dateien\SafeNet Sentinel
2007-01-30 10:40:47 118,784 ----a-w C:\WINDOWS\dsdxirmv.exe
2007-01-25 20:49:01 -------- d-----w C:\Programme\Bradbury
2007-01-19 10:53:04 51,056 ----a-w C:\WINDOWS\system32\sirenacm.dll
2007-01-14 16:23:02 -------- d-----w C:\Programme\Windows NT
2007-01-08 17:01:14 17,408 ----a-w C:\WINDOWS\system32\corpol.dll
2007-01-05 20:26:19 -------- d-----w C:\Programme\CONEXANT
2007-01-02 17:48:47 -------- d-----w C:\Programme\Gemeinsame Dateien\Marmiko Shared
2007-01-02 08:37:59 -------- d-----w C:\Programme\Gemeinsame Dateien\SWF Studio
2006-12-21 16:58:53 -------- d-----w C:\Programme\InterVideo
2006-12-19 16:30:13 -------- d-----w C:\Programme\Nokia
2006-12-19 16:29:12 -------- d-----w C:\Programme\Gemeinsame Dateien\PCSuite
2006-12-19 16:29:09 -------- d-----w C:\Programme\Gemeinsame Dateien\Nokia
2006-11-18 09:26:49 -------- d-----w C:\Programme\HPQ
2006-11-16 13:41:53 -------- d-----w C:\Programme\Gemeinsame Dateien\McNeel Shared
2006-11-08 05:06:12 679,424 ----a-w C:\WINDOWS\system32\inetcomm.dll
2006-11-07 19:03:36 413,696 ----a-w C:\WINDOWS\system32\vbscript.dll
2006-11-07 19:03:36 156,160 ----a-w C:\WINDOWS\system32\msls31.dll
2006-11-07 01:26:44 71,680 ----a-w C:\WINDOWS\system32\admparse.dll
2006-11-07 01:26:42 55,296 ----a-w C:\WINDOWS\system32\iesetup.dll
2006-11-04 18:25:50 1,321,744 ----a-w C:\WINDOWS\system32\msxml6.dll
2006-11-04 12:14:00 1,245,696 ------w C:\WINDOWS\system32\msxml4.dll
2006-11-01 19:17:41 927,504 ----a-w C:\WINDOWS\system32\mfc40u.dll
2006-10-31 08:15:22 -------- d-----w C:\Programme\Gemeinsame Dateien\Vbox
2006-10-23 14:27:48 643,072 ----a-w C:\WINDOWS\system32\mgxoschk.dll
2006-10-23 06:55:08 710,656 ----a-w C:\WINDOWS\system32\libmcl-3.1.3.dll
2006-10-23 06:55:08 3,425,792 ----a-w C:\WINDOWS\system32\libfilefmt-1.1.2.dll
2006-10-23 06:55:08 20,480 ----a-w C:\WINDOWS\system32\libavi-dd-1.2.1.dll
2006-10-20 10:54:53 -------- d-----w C:\Programme\Ebner
2006-10-20 01:38:26 715,776 ----a-w C:\WINDOWS\system32\sxs.dll
2006-10-18 11:18:14 49,604 ----a-w C:\WINDOWS\system32\RadLightOFRUninstall.exe
2006-10-18 11:18:03 51,600 ----a-w C:\WINDOWS\system32\RadLightMPCUninstall.exe
2006-10-18 11:17:42 36,734 ----a-w C:\WINDOWS\system32\OggDSuninst.exe
2006-10-18 11:16:05 33,540 ----a-w C:\WINDOWS\system32\CoreFLACDecoder-uninstall.exe
2006-10-17 10:06:00 78,336 ----a-w C:\WINDOWS\system32\ieencode.dll
2006-10-17 10:05:10 40,960 ----a-w C:\WINDOWS\system32\licmgr10.dll
2006-10-17 09:57:58 36,352 ----a-w C:\WINDOWS\system32\imgutil.dll
2006-10-17 09:56:10 45,568 ----a-w C:\WINDOWS\system32\mshta.exe
2006-10-17 09:28:56 48,128 ----a-w C:\WINDOWS\system32\mshtmler.dll
2006-10-16 16:15:58 126,976 ----a-w C:\WINDOWS\system32\oledlg.dll
2006-10-14 08:13:25 981,760 ----a-w C:\WINDOWS\system32\mfc42u.dll
2006-10-13 16:31:00 4,022,528 ----a-r C:\WINDOWS\system32\drivers\alcxwdm.sys
2006-10-13 12:35:14 146,432 ----a-w C:\WINDOWS\system32\nwprovau.dll
2006-10-10 19:49:52 -------- d-----w C:\Programme\Gemeinsame Dateien\Sony Shared
2006-10-10 19:49:38 -------- d-----w C:\Programme\Sony Corporation
2006-10-06 19:19:42 -------- d-----w C:\Programme\Direct X 9.0
2006-10-06 19:15:08 194,560 ----a-w C:\WINDOWS\Evolution IX screensaver.scr
2006-10-06 19:14:56 606,848 ----a-w C:\WINDOWS\flashax.exe
2006-10-06 19:14:56 12,288 ----a-w C:\WINDOWS\impborl.dll
2006-10-06 16:48:12 -------- d-----w C:\Programme\Gemeinsame Dateien\Adobe Systems Shared
2006-10-06 16:32:13 259,456 ----a-w C:\WINDOWS\system32\drivers\Cdudf_xp.sys
2006-10-06 16:31:26 -------- d-----w C:\Programme\Gemeinsame Dateien\Roxio Shared
2006-10-06 16:31:06 -------- d-----w C:\Programme\Roxio
2006-10-06 16:24:36 28,922 ----a-w C:\WINDOWS\hpoins03.dat
2006-10-06 16:20:01 357,828 ----a-w C:\WINDOWS\WBDDA34I.DLL
2006-10-06 16:15:54 -------- d-----w C:\Programme\Gemeinsame Dateien\Hewlett-Packard
2006-10-06 16:15:10 -------- d-----w C:\Programme\HP
2006-10-06 16:13:40 -------- d-----w C:\Programme\Gemeinsame Dateien\HP
2006-10-06 16:13:33 43,488 ----a-w C:\WINDOWS\system32\drivers\AFS2K.SYS
2006-10-06 14:49:09 -------- d-----w C:\Programme\Microsoft Works
2006-10-06 14:26:15 -------- d-----w C:\Programme\ATI Technologies
2006-10-06 14:24:59 -------- d-----w C:\Programme\Synaptics
2006-10-06 14:24:32 -------- d-----w C:\Programme\NSC
2006-10-06 14:24:14 -------- d-----w C:\Programme\Gemeinsame Dateien\InstallShield
2006-10-06 13:09:18 -------- d-----w C:\Programme\Gemeinsame Dateien\ODBC
2006-10-06 13:09:15 -------- d-----w C:\Programme\Gemeinsame Dateien\SpeechEngines
2006-10-06 12:55:25 -------- d-----w C:\Programme\microsoft frontpage
2006-10-06 12:55:18 0 --sha-r C:\MSDOS.SYS
2006-10-06 12:55:18 0 --sha-r C:\IO.SYS

tarantel · 25.05.2007, 17:45

Und hier der Rest der comboFix hoffe du kannst dich in dem Wirr Warr noch zurechtfinden:

Werd morgen in Urlaub fahren, bin erst wieder am Mittwoch zurück. Hat also noch Zeit:

2006-10-06 12:55:18 0 ----a-w C:\CONFIG.SYS
2006-10-06 12:55:18 0 ----a-w C:\AUTOEXEC.BAT
2006-10-06 12:54:05 -------- d-----w C:\Programme\Online-Dienste
2006-10-06 12:53:04 -------- d-----w C:\Programme\Gemeinsame Dateien\Dienste
2006-10-06 12:52:55 -------- d-----w C:\Programme\Gemeinsame Dateien\MSSoap
2006-10-06 12:52:23 21,740 ----a-w C:\WINDOWS\system32\emptyregdb.dat
2006-10-06 12:51:35 -------- d--h--w C:\Programme\WindowsUpdate
2006-10-06 12:51:35 -------- d-----w C:\Programme\Online Services
2006-10-06 12:51:21 -------- d-----w C:\Programme\MSN Gaming Zone
2006-09-28 14:05:56 237,848 ----a-w C:\WINDOWS\system32\xactengine2_4.dll
2006-09-28 14:05:20 2,414,360 ----a-w C:\WINDOWS\system32\d3dx9_31.dll
2006-09-28 14:03:28 15,128 ----a-w C:\WINDOWS\system32\x3daudio1_1.dll
2006-09-21 12:18:02 6,730,825 ----a-w C:\WINDOWS\system32\Magnus Choir.dat
2006-09-21 12:17:58 1,859,584 ----a-w C:\WINDOWS\system32\Magnus Choir.dll
2006-09-13 05:02:07 1,084,416 ----a-w C:\WINDOWS\system32\msxml3.dll
2006-09-06 14:42:32 22,752 ----a-w C:\WINDOWS\system32\spupdsvc.exe
2006-08-30 12:10:50 64,000 --sha-w C:\WINDOWS\system32\autorun3.exe
2006-08-25 15:46:47 617,472 ----a-w C:\WINDOWS\system32\comctl32.dll
2006-08-25 03:47:00 2,560 ------w C:\WINDOWS\system32\drivers\cdralw2k.sys
2006-08-25 03:47:00 2,432 ------w C:\WINDOWS\system32\drivers\cdr4_xp.sys
2006-08-24 11:19:40 246,814 ----a-w C:\WINDOWS\system32\strmdll.dll
2006-08-24 11:17:12 500,278 ----a-w C:\WINDOWS\system32\dxmasf.dll
2006-08-21 12:26:05 16,896 ----a-w C:\WINDOWS\system32\fltlib.dll
2006-08-21 09:14:58 23,040 ----a-w C:\WINDOWS\system32\fltmc.exe
2006-08-21 09:14:58 128,896 ------w C:\WINDOWS\system32\drivers\fltmgr.sys
2006-08-20 12:48:03 356,352 ----a-w C:\WINDOWS\system32\eSellerateEngine.dll
2006-08-17 12:28:44 729,600 ----a-w C:\WINDOWS\system32\lsasrv.dll
2006-08-17 12:28:44 132,096 ----a-w C:\WINDOWS\system32\wkssvc.dll
2006-08-16 11:58:06 100,352 ----a-w C:\WINDOWS\system32\6to4svc.dll
2006-08-16 09:37:30 225,664 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2006-08-14 10:34:41 332,928 ----a-w C:\WINDOWS\system32\drivers\srv.sys
2006-08-10 06:27:50 10,528,768 ----a-w C:\WINDOWS\system32\RTLCPL.exe
2006-08-03 04:12:36 577,536 ----a-w C:\WINDOWS\soundman.exe
2006-08-01 14:02:00 49,152 ----a-w C:\WINDOWS\system32\ChCfg.exe
2006-08-01 13:58:20 143,360 ----a-w C:\WINDOWS\system32\RtlCPAPI.dll
2006-07-31 10:27:30 217,088 ----a-w C:\WINDOWS\Alcrmv.exe
2006-07-31 10:19:00 315,392 ----a-w C:\WINDOWS\alcupd.exe
2006-07-28 07:30:32 236,824 ----a-w C:\WINDOWS\system32\xactengine2_3.dll
2006-07-28 07:30:14 62,744 ----a-w C:\WINDOWS\system32\xinput1_2.dll
2006-07-21 08:29:00 72,704 ----a-w C:\WINDOWS\system32\hlink.dll
2006-07-13 08:48:58 202,240 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2006-07-03 13:42:10 356,864 ----a-w C:\WINDOWS\TrueCrypt Setup.exe
2006-06-29 06:05:44 26,112 ------w C:\WINDOWS\system32\idndl.dll
2006-06-29 06:05:44 23,552 ------w C:\WINDOWS\system32\normaliz.dll
2006-06-28 15:59:26 24,576 ------w C:\WINDOWS\system32\nlsdl.dll
2006-06-22 05:06:24 1,441,792 ----a-w C:\WINDOWS\system32\query.dll
2006-06-22 05:06:23 69,120 ----a-w C:\WINDOWS\system32\ciodm.dll
2006-06-14 09:00:45 82,944 ----a-w C:\WINDOWS\system32\drivers\wdmaud.sys
2006-06-14 08:47:46 6,400 ----a-w C:\WINDOWS\system32\drivers\splitter.sys
2006-06-14 08:47:45 172,416 ----a-w C:\WINDOWS\system32\drivers\kmixer.sys
2006-05-05 09:47:57 174,592 ----a-w C:\WINDOWS\system32\drivers\rdbss.sys
2006-05-05 09:41:45 453,120 ----a-w C:\WINDOWS\system32\drivers\mrxsmb.sys
2006-04-27 15:49:30 288,417 ----a-w C:\WINDOWS\system32\SrchSTS.exe
2006-04-20 12:18:35 360,576 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2006-03-31 07:39:12 724,992 ----a-w C:\WINDOWS\system32\RhinoShExt.dll
2006-03-28 17:25:10 106,496 ----a-w C:\WINDOWS\system32\TosBtSDDB.dll
2006-03-28 16:21:02 151,552 ----a-w C:\WINDOWS\system32\TosBtAPI.dll
2006-03-24 04:37:55 49,152 ----a-w C:\WINDOWS\system32\wdigest.dll
2006-03-23 14:20:32 462,848 ----a-w C:\WINDOWS\system32\DLLAV32.dll
2006-03-23 12:33:58 94,208 ----a-w C:\WINDOWS\system32\DLLCPY32.dll
2006-03-23 12:33:52 36,864 ----a-w C:\WINDOWS\system32\DLLPNT32.dll
2006-03-23 12:33:50 49,152 ----a-w C:\WINDOWS\system32\DLLIO32.dll
2006-03-23 12:33:46 163,840 ----a-w C:\WINDOWS\system32\DLLDEV32.dll
2006-03-23 12:33:42 151,552 ----a-w C:\WINDOWS\system32\DLLDRV32.dll
2006-03-23 12:33:38 188,416 ----a-w C:\WINDOWS\system32\DLLRES32.dll
2006-03-23 12:33:36 32,768 ----a-w C:\WINDOWS\system32\STRING32.dll
2006-03-20 14:52:58 49,664 ----a-w C:\WINDOWS\system32\drivers\tosdbt.sys
2006-03-17 00:38:01 28,672 ------w C:\WINDOWS\system32\verclsid.exe
2006-03-17 00:33:10 262,784 ------w C:\WINDOWS\system32\drivers\http.sys
2006-03-16 09:45:12 37,632 ----a-w C:\WINDOWS\system32\drivers\tosrfbnp.sys
2006-03-15 09:52:40 52,864 ----a-w C:\WINDOWS\system32\drivers\tosrfsnd.sys
2006-03-07 16:46:40 90,112 ----a-w C:\WINDOWS\system32\TosAvctAPI.dll
2006-03-07 16:46:24 131,072 ----a-w C:\WINDOWS\system32\TosAvdtAPI.dll
2006-03-07 16:45:10 53,248 ----a-w C:\WINDOWS\system32\TosAvAPI.dll
2006-03-01 19:43:33 956,416 ----a-w C:\WINDOWS\system32\msdtctm.dll
2006-03-01 19:43:33 91,136 ----a-w C:\WINDOWS\system32\mtxoci.dll
2006-03-01 19:43:33 66,560 ----a-w C:\WINDOWS\system32\mtxclu.dll
2006-03-01 19:43:33 426,496 ----a-w C:\WINDOWS\system32\msdtcprx.dll
2006-03-01 19:43:33 161,280 ----a-w C:\WINDOWS\system32\msdtcuiu.dll
2006-03-01 19:43:33 11,776 ----a-w C:\WINDOWS\system32\xolehlp.dll
2006-03-01 09:04:00 110,592 ----a-w C:\WINDOWS\system32\TosSndPlug.dll
2006-02-27 16:01:32 106,496 ----a-w C:\WINDOWS\system32\TosBtCapApi.dll
2006-02-24 00:37:00 40,192 ----a-w C:\WINDOWS\system32\drivers\tosrfusb.sys
2006-02-17 18:58:42 1,875,968 ----a-w C:\WINDOWS\system32\TosBtExt.dll
2006-02-15 00:22:26 142,464 ----a-w C:\WINDOWS\system32\drivers\aec.sys
2006-02-10 10:17:46 47,488 ----a-w C:\WINDOWS\system32\drivers\tosporte.sys
2006-02-08 16:33:34 62,848 ----a-w C:\WINDOWS\system32\drivers\tosrfhid.sys
2006-02-03 06:41:40 63,696 ----a-w C:\WINDOWS\system32\dxdllreg.exe
2006-02-02 22:16:08 108,928 ----a-w C:\WINDOWS\system32\drivers\tosrfbd.sys
2006-01-30 22:29:50 73,728 ----a-w C:\WINDOWS\system32\TosBtAerialAPI.dll
2006-01-26 08:00:00 499,712 ----a-w C:\WINDOWS\system32\msvcp71.dll
2006-01-04 03:35:01 68,096 ----a-w C:\WINDOWS\system32\webclnt.dll
2005-12-09 19:18:32 6,656 --s-a-w C:\WINDOWS\system32\stdftde.dll
2005-12-09 11:24:54 118,784 ----a-w C:\WINDOWS\system32\msstdfmt.dll
2005-12-09 11:24:20 837,904 ----a-w C:\WINDOWS\system32\hha.dll
2005-12-09 09:40:10 153,800 ----a-w C:\WINDOWS\system32\vsjitdebugger.exe
2005-12-01 12:32:24 -------- d-----w C:\Programme\Toshiba
2005-11-22 09:03:00 98,304 ----a-w C:\WINDOWS\system32\TosBdAPI.dll
2005-11-08 19:07:18 65,536 ----a-w C:\WINDOWS\system32\TosHidAPI.dll
2005-11-03 18:09:06 274,432 ----a-w C:\WINDOWS\system32\MagicP.exe
2005-10-27 12:36:53 41,888 ----a-w C:\WINDOWS\system32\drivers\Oreans.sys
2005-10-20 22:25:05 1,094,144 ----a-w C:\WINDOWS\system32\esent.dll
2005-10-17 21:20:02 80,896 ----a-w C:\WINDOWS\system32\fontsub.dll
2005-10-17 21:20:02 118,272 ----a-w C:\WINDOWS\system32\t2embed.dll
2005-10-17 19:59:51 -------- d-----w C:\Programme\VOB
2005-10-17 07:35:06 704,512 ----a-w C:\WINDOWS\system32\SYNSOACC.dll
2005-10-14 10:51:01 66,264 ----a-w C:\WINDOWS\system32\sqlctr90.dll
2005-10-14 02:51:26 2,208,016 ----a-w C:\WINDOWS\system32\sqlncli.dll
2005-09-30 15:03:00 30,208 ----a-w C:\WINDOWS\system32\sx32w.dll
2005-09-30 15:02:58 860,160 ----a-w C:\WINDOWS\system32\c1qschg1.dll
2005-09-30 15:02:58 619,520 ----a-w C:\WINDOWS\system32\fh_ole.dll
2005-09-30 15:02:58 450,560 ----a-w C:\WINDOWS\system32\FFOLE32.DLL
2005-09-30 15:02:58 42,496 ----a-w C:\WINDOWS\system32\FFBMP32.dll
2005-09-30 15:02:58 21,760 ----a-w C:\WINDOWS\system32\FFOLE16.DLL
2005-09-30 15:02:58 17,696 ----a-w C:\WINDOWS\system32\FH_BMP.DLL
2005-09-30 15:02:58 141,312 ----a-w C:\WINDOWS\system32\FFBTN32.dll
2005-09-30 15:02:58 100,512 ----a-w C:\WINDOWS\system32\FF_BTN.DLL
2005-09-30 07:42:18 40,960 ------w C:\WINDOWS\system32\ov530ext.dll
2005-09-29 00:18:06 100,040 ----a-w C:\WINDOWS\system32\msxml6r.dll
2005-09-23 06:28:52 74,240 ----a-w C:\WINDOWS\system32\mscories.dll
2005-09-23 06:28:52 270,848 ----a-w C:\WINDOWS\system32\mscoree.dll
2005-09-23 06:28:52 150,016 ----a-w C:\WINDOWS\system32\mscorier.dll
2005-09-23 06:28:38 83,456 ----a-w C:\WINDOWS\system32\dfshim.dll
2005-09-16 17:08:42 282,624 ----a-w C:\WINDOWS\system32\LCWizard.dll
2005-09-10 01:54:27 2,067,968 ----a-w C:\WINDOWS\system32\cdosys.dll
2005-09-09 13:47:10 9,344 ----a-w C:\WINDOWS\system32\drivers\tosrfec.sys
2005-09-07 13:18:54 49,152 ----a-w C:\WINDOWS\system32\TosBtHSPAPI.dll
2005-09-02 15:19:50 548,864 ----a-w C:\WINDOWS\system32\tosBtShell.dll
2005-09-02 13:44:08 110,592 ----a-w C:\WINDOWS\system32\TosBtAcc.dll
2005-09-01 01:44:41 19,968 ----a-w C:\WINDOWS\system32\linkinfo.dll
2005-08-30 03:55:35 1,292,800 ----a-w C:\WINDOWS\system32\quartz.dll
2005-08-23 03:39:57 124,416 ----a-w C:\WINDOWS\system32\umpnpmgr.dll
2005-08-22 18:31:48 197,632 ----a-w C:\WINDOWS\system32\netman.dll
2005-08-10 12:44:04 50,688 ----a-w C:\WINDOWS\system32\drivers\sfdrv01.sys
2005-08-01 15:45:08 64,896 ----a-w C:\WINDOWS\system32\drivers\tosrfcom.sys
2005-07-26 04:39:50 74,752 ----a-w C:\WINDOWS\system32\olecli32.dll
2005-07-26 04:39:50 397,824 ----a-w C:\WINDOWS\system32\rpcss.dll
2005-07-26 04:39:50 37,888 ----a-w C:\WINDOWS\system32\olecnv32.dll
2005-07-26 04:39:50 101,376 ----a-w C:\WINDOWS\system32\txflog.dll
2005-07-26 04:39:49 1,285,120 ----a-w C:\WINDOWS\system32\ole32.dll
2005-07-26 04:39:46 540,160 ----a-w C:\WINDOWS\system32\comuid.dll
2005-07-26 04:39:46 243,200 ----a-w C:\WINDOWS\system32\es.dll
2005-07-26 04:39:45 1,267,200 ----a-w C:\WINDOWS\system32\comsvcs.dll
2005-07-26 04:39:44 97,792 ----a-w C:\WINDOWS\system32\comrepl.dll
2005-07-26 04:39:44 60,416 ----a-w C:\WINDOWS\system32\colbact.dll
2005-07-26 04:39:44 498,688 ----a-w C:\WINDOWS\system32\clbcatq.dll
2005-07-26 04:39:43 625,152 ----a-w C:\WINDOWS\system32\catsrvut.dll
2005-07-26 04:39:43 225,792 ----a-w C:\WINDOWS\system32\catsrv.dll
2005-07-26 04:39:43 110,080 ----a-w C:\WINDOWS\system32\clbcatex.dll
2005-07-22 20:30:20 65,536 ----a-w C:\WINDOWS\system32\TosCommAPI.dll
2005-07-11 17:58:56 3,712 ----a-w C:\WINDOWS\system32\drivers\toshidpt.sys
2005-07-08 16:28:23 249,344 ----a-w C:\WINDOWS\system32\tapisrv.dll
2005-07-03 00:30:52 1,295,582 ----a-w C:\WINDOWS\system32\cygwin1.dll
2005-06-29 01:49:39 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
2005-06-29 01:49:39 254,976 ----a-w C:\WINDOWS\system32\icm32.dll
2005-06-21 08:29:00 245,408 ----a-w C:\WINDOWS\system32\unicows.dll
2005-06-15 17:49:56 295,936 ----a-w C:\WINDOWS\system32\kerberos.dll
2005-06-11 09:47:00 45,056 ----a-w C:\WINDOWS\system32\fpprintmon.dll
2005-06-10 23:53:32 57,856 ----a-w C:\WINDOWS\system32\spoolsv.exe
2005-06-10 04:10:27 139,528 ----a-w C:\WINDOWS\system32\drivers\rdpwd.sys
2005-06-04 07:11:50 85,504 ----a-w C:\WINDOWS\system32\encdnet.dll
2005-06-04 07:09:52 61,952 ----a-w C:\WINDOWS\system32\decdnet.dll
2005-06-04 07:09:46 130,560 ----a-w C:\WINDOWS\system32\pnc3250.dll
2005-06-04 07:09:32 131,072 ----a-w C:\WINDOWS\system32\pneng50.dll
2005-06-04 07:09:28 352,768 ----a-w C:\WINDOWS\system32\pngu3263.dll
2005-06-04 07:09:22 81,920 ----a-w C:\WINDOWS\system32\ra3214_4.dll
2005-06-04 07:09:12 72,704 ----a-w C:\WINDOWS\system32\ra3228_8.dll
2005-06-04 07:09:06 21,504 ----a-w C:\WINDOWS\system32\ra32dnet.dll
2005-06-04 07:08:56 87,040 ----a-w C:\WINDOWS\system32\ra32sipr.dll
2005-06-04 07:08:52 487,936 ----a-w C:\WINDOWS\system32\rmbe3260.dll
2005-06-04 07:08:46 487,424 ----a-w C:\WINDOWS\system32\msvcp70.dll
2005-06-04 07:08:40 344,064 ----a-w C:\WINDOWS\system32\msvcr70.dll
2005-05-30 14:45:06 465,888 ----a-w C:\WINDOWS\system32\drivers\ar5211.sys
2005-05-27 02:04:47 41,472 ----a-w C:\WINDOWS\system32\hhsetup.dll
2005-05-27 02:04:47 155,136 ----a-w C:\WINDOWS\system32\itircl.dll
2005-05-27 02:04:47 137,216 ----a-w C:\WINDOWS\system32\itss.dll
2005-05-26 23:22:01 10,752 ----a-w C:\WINDOWS\hh.exe
2005-05-26 14:34:52 2,297,552 ----a-w C:\WINDOWS\system32\d3dx9_26.dll
2005-05-26 02:16:30 41,240 ----a-w C:\WINDOWS\system32\wups.dll
2005-05-26 02:16:30 173,536 ----a-w C:\WINDOWS\system32\wuweb.dll
2005-05-26 02:16:30 1,343,768 ----a-w C:\WINDOWS\system32\wuaueng.dll
2005-05-26 02:16:24 75,544 ----a-w C:\WINDOWS\system32\cdm.dll
2005-05-26 02:16:24 198,424 ----a-w C:\WINDOWS\system32\iuengine.dll
2005-05-26 02:16:22 466,200 ----a-w C:\WINDOWS\system32\wuapi.dll
2005-05-26 02:16:22 194,840 ----a-w C:\WINDOWS\system32\wuaueng1.dll
2005-05-26 02:16:22 174,872 ----a-w C:\WINDOWS\system32\wuauclt1.exe
2005-05-26 02:16:22 128,280 ----a-w C:\WINDOWS\system32\wucltui.dll
2005-05-26 02:16:22 124,696 ----a-w C:\WINDOWS\system32\wuauclt.exe
2005-05-25 16:22:16 24,876 ----a-w C:\backup.reg
2005-05-25 16:20:42 73 ----a-w C:\WINDOWS\system32\nsprs.dll
2005-05-25 14:58:45 3,666 ----a-w C:\WINDOWS\system32\tmp.reg
2005-05-25 14:05:19 -------- d-----w C:\DOKUME~1\admin\ANWEND~1\Skype
2005-05-25 12:51:16 -------- d--h--w C:\Programme\InstallShield Installation Information
2005-05-25 08:15:26 36,864 ----a-w C:\WINDOWS\system32\acs.exe
2005-05-25 08:13:34 372,736 ----a-w C:\WINDOWS\system32\athcfg11.dll
2005-05-25 08:12:12 77,824 ----a-w C:\WINDOWS\system32\athcfg11res.dll
2005-05-25 08:04:50 192,512 ----a-r C:\WINDOWS\system32\AegisI5.exe
2005-05-25 08:04:50 1,396,835 ----a-r C:\WINDOWS\system32\AegisE5.dll
2005-05-22 08:00:01 -------- d-----w C:\Programme\No23 Recorder
2005-05-15 11:57:34 528,394 ----a-w C:\WINDOWS\system32\perfh007.dat
2005-05-15 11:57:34 122,470 ----a-w C:\WINDOWS\system32\perfc007.dat
2005-05-12 14:19:04 -------- d-----w C:\Programme\TerraTec
2005-05-11 02:30:02 78,336 ----a-w C:\WINDOWS\system32\telnet.exe
2005-05-09 18:08:40 33,792 ----a-w C:\WINDOWS\system32\drivers\cledx.sys
2005-05-04 17:07:21 -------- d-----w C:\DOKUME~1\admin\ANWEND~1\Cakewalk
2005-04-23 20:31:46 -------- d-----w C:\Programme\GameSpy Arcade
2005-04-23 19:11:01 -------- d-----w C:\Programme\Codemasters
2005-04-23 17:53:40 -------- d-----w C:\Programme\Starware369
2005-04-19 09:53:22 -------- d-----w C:\Programme\BearShare Applications
2005-04-18 15:54:54 -------- d-----w C:\DOKUME~1\admin\ANWEND~1\Help
2005-04-17 13:55:33 -------- d-----w C:\Programme\Skype
2005-04-17 13:55:33 -------- d-----w C:\Programme\Gemeinsame Dateien\Skype
2005-04-16 05:31:02 395,074 ----a-w C:\WINDOWS\system32\prfh0407.dat
2005-04-16 05:30:59 64,994 ----a-w C:\WINDOWS\system32\prfc0407.dat
2005-04-15 20:39:54 -------- d-----w C:\DOKUME~1\admin\ANWEND~1\ArcSoft
2005-04-15 20:09:23 -------- d-----w C:\Programme\Gemeinsame Dateien\ArcSoft
2005-04-15 20:06:42 -------- d-----w C:\Programme\Hercules
2005-04-15 14:27:48 -------- d-----w C:\DOKUME~1\admin\ANWEND~1\OpenOffice.org2
2005-04-15 13:10:04 -------- d-----w C:\Programme\Gemeinsame Dateien\Macromedia Shared
2005-04-14 11:20:02 -------- d-----w C:\Programme\FolderAccess
2005-04-14 10:27:45 -------- d-----w C:\Programme\CCleaner
2005-04-14 10:25:24 -------- d-----w C:\Programme\TuneUp Utilities 2004
2005-04-14 10:25:04 -------- d-----w C:\DOKUME~1\admin\ANWEND~1\TuneUp Software
2005-04-12 15:21:06 225,280 ------w C:\WINDOWS\system32\rewire.dll
2005-04-12 04:32:22 -------- d-----w C:\Programme\Valve Hammer Editor
2005-04-12 04:13:17 -------- d-----w C:\Programme\VAZ Modular
2005-04-11 12:16:30 -------- d-----w C:\DOKUME~1\admin\ANWEND~1\Steganos Internet Anonym 2006
2005-04-10 19:11:44 -------- d-----w C:\Programme\Xara
2005-04-10 19:11:43 -------- d-----w C:\Programme\Common Files
2005-04-08 15:28:15 0 ----a-w C:\WINDOWS\nsreg.dat
2005-03-22 11:28:02 134,656 ----a-w C:\WINDOWS\system32\ConnAPI.dll
2005-03-22 06:36:11 -------- d-----w C:\DOKUME~1\admin\ANWEND~1\Publish Providers
2005-03-22 06:36:11 -------- d-----w C:\DOKUME~1\admin\ANWEND~1\NetMedia Providers
2005-03-22 06:36:10 -------- d-----w C:\DOKUME~1\admin\ANWEND~1\Sony
2005-03-21 14:00:22 884,736 ----a-w C:\WINDOWS\system32\msimsg.dll
2005-03-21 14:00:22 78,848 ----a-w C:\WINDOWS\system32\msiexec.exe
2005-03-21 14:00:22 271,360 ----a-w C:\WINDOWS\system32\msihnd.dll
2005-03-21 14:00:22 15,360 ----a-w C:\WINDOWS\system32\msisip.dll
2005-03-17 15:36:33 -------- d-----w C:\DOKUME~1\admin\ANWEND~1\AdobeUM
2005-03-17 12:49:54 25,600 ----a-w C:\WINDOWS\system32\NclTools.dll
2005-03-15 15:04:00 161,792 ------w C:\WINDOWS\system32\drivers\ov530vid.sys
2005-03-12 06:51:25 -------- d-----w C:\Programme\Digital Ear
2005-03-10 17:46:59 -------- d-----w C:\Programme\Gemeinsame Dateien\DirectX
2005-03-07 17:45:18 -------- d-----w C:\DOKUME~1\admin\ANWEND~1\InterVideo
2005-03-06 21:00:13 -------- d-----w C:\DOKUME~1\admin\ANWEND~1\vlc
2005-03-06 20:50:53 -------- d-----w C:\Programme\ESPRIT2006
2005-03-05 18:50:53 -------- d-----w C:\Programme\proeWildfire 2.0
2005-03-05 18:44:04 -------- d-----w C:\DOKUME~1\admin\ANWEND~1\PTC
2005-03-05 10:48:25 13,009 ----a-w C:\WINDOWS\system32\SpoonUninstall-dBpoweramp Music Converter.dat
2005-03-05 06:32:15 -------- d-----w C:\Programme\claviscom
2005-03-02 18:09:46 56,832 ----a-w C:\WINDOWS\system32\authz.dll
2005-02-24 13:10:42 274,432 ----a-w C:\WINDOWS\system32\Detect108HW.exe
2005-02-23 23:32:46 249,856 ----a-w C:\WINDOWS\system32\WinXPDisableWZCS.exe

(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{CA356D79-679B-4b4c-8E49-5AF97014F4C1}=C:\Programme\Starware369\bin\Starware369.dll [2007-02-20 19:36]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CARPService"="carpserv.exe" [2003-05-21 15:35 C:\WINDOWS\system32\carpserv.exe]
"SynTPLpr"="C:\Programme\Synaptics\SynTP\SynTPLpr.exe" [2003-05-22 22:10]
"SynTPEnh"="C:\Programme\Synaptics\SynTP\SynTPEnh.exe" [2003-05-22 23:06]
"ATIModeChange"="Ati2mdxx.exe" [2001-09-04 17:24 C:\WINDOWS\system32\Ati2mdxx.exe]
"ATIPTA"="C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2003-06-25 15:30]
"Cpqset"="C:\Programme\HPQ\Default Settings\cpqset.exe" [2003-07-17 13:50]
"Desktop Zoom"="C:\Programme\HPQ\Desktop Zoom\hpwinadj.exe" [2002-10-09 10:18]
"TV Now"="C:\Programme\HPQ\Notebook Utilities\TvNow.exe" [2003-01-30 10:34]
"Display Settings"="C:\Programme\HPQ\Notebook Utilities\hptasks.exe" [2002-08-15 06:26]
"QT4HPOT"="C:\Programme\HPQ\One-Touch\OneTouch.EXE" [2003-10-03 21:07]
"SoundMan"="SOUNDMAN.EXE" []
"avgnt"="C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" [2007-04-25 06:54]
"H2O"="C:\Programme\SyncroSoft\Pos\H2O\cledx.exe" [2005-10-23 00:00]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 01:57]
"H/PC Connection Agent"="C:\Programme\Microsoft ActiveSync\WCESCOMM.EXE" [2004-02-09 12:32]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"SIA2006"="C:\Programme\Steganos Internet Anonym 2006\SIA2006.exe" -firstboot

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Bluetooth Manager.lnk]
path=C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Bluetooth Manager.lnk
backup=C:\WINDOWS\pss\Bluetooth Manager.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SIA2006]
"C:\Programme\Steganos Internet Anonym 2006\SIA2006.exe" -boot

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"LckFldService"=2 (0x2)
"GrooveInstallerService"=3 (0x3)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{adcebc41-553b-11db-92cd-806d6172696f}]
AutoRun\command- H:\Setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c31579e1-55de-11db-92d5-000f2021a559}]
1\Command- .\RECYCLER\RECYCLER\autorun.exe
2\Command- .\RECYCLER\RECYCLER\autorun.exe
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL .\RECYCLER\RECYCLER\autorun.exe

Contents of the 'Scheduled Tasks' folder
2005-05-20 15:15:00 C:\WINDOWS\tasks\1-Klick-Wartung.job

********************************************************************

catchme 0.3.681 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2005-05-25 18:20:59
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = C:\Programme\HPQ\Default Settings\cpqset.exe????????????3?7?7?6??????? ?deB???????????????B????????

scanning hidden files ...

********************************************************************

Completion time: 2007-05-25 18:25:15
C:\ComboFix-quarantined-files.txt ... 2007-05-25 18:24

--- E O F ---

tarantel · 29.05.2007, 13:20

Hm ich bin wieder da. Konnte jemand was finden?

tarantel · 31.05.2007, 07:54

hmmm

tarantel · 01.06.2007, 11:15

Ok jetzt hab ich wieder neue Info. Beim explorer kann ich unter explorer leiste starware 369 einschalten. Meines Wissens nach ist das ja ein Virus. Hat jemand eine Idee wie ich den runterbekomm.

Win32/Jeefo · 01.06.2007, 12:55

Bitte erstelle ein neues HijackThis Log.

tarantel · 02.06.2007, 12:54

Logfile of HijackThis v1.99.1
Scan saved at 13:51:40, on 02.06.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16441)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\Programme\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\Programme\Gemeinsame Dateien\Autodesk Shared\Service\AdskScSrv.exe
C:\WINDOWS\system32\HPConfig.exe
C:\Programme\HPQ\Notebook Utilities\HPWirelessMgr.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programme\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
C:\Programme\Microsoft SQL Server\MSSQL$KBMSS\Binn\sqlservr.exe
C:\Programme\CyberLink\Shared Files\RichVideo.exe
C:\Programme\Gemeinsame Dateien\D.P.Technology\Floating License\lservnt.exe
C:\Programme\Gemeinsame Dateien\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\carpserv.exe
C:\Programme\Synaptics\SynTP\SynTPLpr.exe
C:\Programme\Synaptics\SynTP\SynTPEnh.exe
C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programme\HPQ\One-Touch\OneTouch.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
C:\Programme\Java\jre1.5.0_03\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Microsoft ActiveSync\WCESCOMM.EXE
C:\Programme\Siemens\Gigaset PC Card 54\GigasetWLANMonitor.exe
C:\Programme\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Mozilla Firefox\firefox.exe
F:\Programme\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = h**p://w*w.hp.com/
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: Steganos Internet Anonym - {00000000-5736-4205-0008-f7ed0776fb27} - c:\programme\steganos internet anonym 2006\sia2006iep.dll
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Programme\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Cpqset] C:\Programme\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [Desktop Zoom] C:\Programme\HPQ\Desktop Zoom\hpwinadj.exe -s
O4 - HKLM\..\Run: [TV Now] C:\Programme\HPQ\Notebook Utilities\TvNow.exe /RK
O4 - HKLM\..\Run: [Display Settings] C:\Programme\HPQ\Notebook Utilities\hptasks.exe /s
O4 - HKLM\..\Run: [QT4HPOT] C:\Programme\HPQ\One-Touch\OneTouch.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Programme\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Gigaset WLAN Adapter Monitor.lnk = C:\Programme\Siemens\Gigaset PC Card 54\GigasetWLANMonitor.exe
O4 - Global Startup: Service Manager.lnk = C:\Programme\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Mobilen Favoriten erstellen - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Programme\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Programme\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Mobilen Favoriten erstellen... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Programme\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=h**p://w*w.hp.com
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Programme\Gemeinsame Dateien\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: claviscom - SAD control service (CLASADCtrl) - Unknown owner - C:\Programme\claviscom\data drive\ClaSDCtrlSer.exe (file missing)
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: HP Configuration Interface Service (HPConfig) - Hewlett-Packard - C:\WINDOWS\system32\HPConfig.exe
O23 - Service: HPWirelessMgr - Hewlett-Packard Co. - C:\Programme\HPQ\Notebook Utilities\HPWirelessMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LckFldService - Unknown owner - C:\WINDOWS\system32\LckFldService.exe (file missing)
O23 - Service: RaySat_3dsmax8 Server (mi-raysat_3dsmax8) - Unknown owner - C:\Programme\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS (file missing)
O23 - Service: PACSPTISVR - Sony Corporation - C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programme\CyberLink\Shared Files\RichVideo.exe
O23 - Service: SentinelLM - Rainbow Technologies, Inc. - C:\Programme\Gemeinsame Dateien\D.P.Technology\Floating License\lservnt.exe
O23 - Service: Sentinel Protection Server (SentinelProtectionServer) - SafeNet, Inc - C:\Programme\Gemeinsame Dateien\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Unknown owner - C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\SSScsiSV.exe (file missing)
O23 - Service: TSMService - Unknown owner - C:\Programme\T-DSL SpeedManager\tsmsvc.exe (file missing)
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Programme\TuneUp Utilities 2004\WinStylerThemeSvc.exe

tarantel · 05.06.2007, 14:47

Und jetzt? Alles sauber?

Logfile - böse :@

Log-Analyse und Auswertung: Logfile - böse :@

Logfile - böse :@

Logfile - böse :@

Logfile - böse :@

Logfile - böse :@

Logfile - böse :@

Logfile - böse :@

Logfile - böse :@

Logfile - böse :@

Logfile - böse :@

Logfile - böse :@

Logfile - böse :@

Logfile - böse :@

Logfile - böse :@

Logfile - böse :@

Logfile - böse :@

Ähnliche Themen: Logfile - böse :@

29.05.2007, 13:20	#10
tarantel	Logfile - böse :@ Hm ich bin wieder da. Konnte jemand was finden?

01.06.2007, 11:15	#12
tarantel	Logfile - böse :@ Ok jetzt hab ich wieder neue Info. Beim explorer kann ich unter explorer leiste starware 369 einschalten. Meines Wissens nach ist das ja ein Virus. Hat jemand eine Idee wie ich den runterbekomm.

01.06.2007, 12:55	#13
Win32/Jeefo	Logfile - böse :@ Bitte erstelle ein neues HijackThis Log.

05.06.2007, 14:47	#15
tarantel	Logfile - böse :@ Und jetzt? Alles sauber?