| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Warning!!! Your computer contains various signs of viruses and malware..Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
| |
29.07.2009, 21:28
| #1 |
 |  Warning!!! Your computer contains various signs of viruses and malware.. Hallo zusammen, ich habe folgende Probleme, von denen ich nicht weiß, ob sie zusammengehören, bin aber mittlerweile sehr ratlos und fasse mal hier alles zusammen in der Hoffnung, dass ihr mir helfen könnt: Symptom 1: Der Avira Antivir Guard startet normalerweise selbständig, war aber seit einiger Zeit immer deaktiviert. Man kann ihn dan zwar händisch aktivieren, aber die Einstellung nicht ändern. Ich habe das Problem behoben, indem ich das Programm gänzlich neu installiert habe. Jetzt geht das wieder. Symptom 2: Bei jedem Herunterfahren zeigt eine Meldung, dass die Datei "rundll32.exe" nicht beendet werden kann. Dieses Problem kann ich leider nach wie vor nicht alleine beheben. Syptom 3 und allerschlimmstes: Wenn ich meinen Internet Explorer öffne, kommt vereinzelt eine Meldung: "Warning!!! Your computer contains various signs of viruses and malware programs presence. Your system requires immediate anti viruses check! System Security will perform a quick and free scanning of your PC for viuses and malicious programs." Leider glaube ich, dass ich in der Vergangenheit schon einmal 'okay' geklickt habe und sich dann so ein Fake Virenscanner geöffnet hat, der mir fröhlich verkündete, dass ich 109 Trojaner auf meiner Festplatte hätte...  Symptom 4: Mein Internet ist sehr langsam. Seiten öffnen sich vereinzelt überhaupt nicht. Leider ist es nun so, dass ich mich mit all diesem Zeug sehr wenig auskenne und meine letzte Chance seid jetzt ihr in diesem Forum. Vielleicht das hier noch zur Info: Habe einen etwas älteren Laptop mit Win XP Home Edition. Internet Explorer 8.0. Ich treibe mich zum ersten Mal in so einem Forum herum, daher seht es mir nach, wenn ich jetzt irgendwelche wichtigen Infos vergessen habe. Werden dann schnell nachgeliefert, versprochen! Den CCleaner habe ich schon laufen lassen. Dieses Malware Ding konnte ich zwar runterladen, dann aber nicht öffnen. Was mache ich bloß falsch??  Ich freue mich auf eure Antworten. Besten Dank schonmal und viele Grüße, Jennifer |
|
29.07.2009, 21:44
| #2 |
  |  Warning!!! Your computer contains various signs of viruses and malware.. Versuche mal die Liste abzuarbeiten unter Punkt 2: http://www.trojaner-board.de/69886-a...-beachten.html
__________________Wenn Programme nicht gehen sollten wie Malwarebytes oder HijackThis benenne sie um auf "iexplore". Poste anschließend wenn alles geht hier alle Logfiles.
__________________ |
|
30.07.2009, 22:19
| #3 |
| | Warning!!! Your computer contains various signs of viruses and malware.. So, hallo, da hab ich aber eine kleine Weile gebraucht, bis ich diese ganzen Files zusammen hatte... Es passt leider alles nicht in einen Beitrag, daher versuche ich mal, alles nacheinander zu posten.
__________________Ich hoffe, das ist okay... Mir sagt das alles überhaupt nichts  Was müsste ich als nächstes machen? Ich bin so froh, dass ihr mir helfen könnt!  Tausend Dank und viele Grüße, Jennifer Hier das Malwarebytes File: Malwarebytes' Anti-Malware 1.39 Datenbank Version: 2531 Windows 5.1.2600 Service Pack 3 30.07.2009 22:46:04 mbam-log-2009-07-30 (22-46-04).txt Scan-Methode: Vollständiger Scan (C:\|D:\|E:\|) Durchsuchte Objekte: 190974 Laufzeit: 1 hour(s), 23 minute(s), 34 second(s) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 2 Infizierte Registrierungsschlüssel: 119 Infizierte Registrierungswerte: 6 Infizierte Dateiobjekte der Registrierung: 2 Infizierte Verzeichnisse: 24 Infizierte Dateien: 96 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: C:\Programme\MyWebSearch\bar\1.bin\MWSBAR.DLL (Adware.MyWeb) -> Delete on reboot. C:\WINDOWS\system32\catsrvut32.dll (Trojan.Agent) -> Delete on reboot. Infizierte Registrierungsschlüssel: HKEY_CLASSES_ROOT\TypeLib\{07b18ea0-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{07b18eaa-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{07b18eac-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{f87d7fb5-9dc5-4c8c-b998-d8dfe02e2978} (Adware.MyWeb) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{53ced2d0-5e9a-4761-9005-648404e6f7e5} (Adware.MyWeb) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\funwebproducts.shellviewcontrol (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\TypeLib\{621feacd-8857-43a6-ae26-451d670d5370} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{2763e333-b168-41a0-a112-d35f96f410c0} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{2eff3cf7-99c1-4c29-bc2b-68e057e22340} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2eff3cf7-99c1-4c29-bc2b-68e057e22340} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\funwebproducts.shellviewcontrol.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\mywebsearch.chatsessionplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\TypeLib\{e79dfbc0-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{72ee7f04-15bd-4845-a005-d6711144d86a} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{e79dfbc9-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{e79dfbcb-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\mywebsearch.chatsessionplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\mywebsearch.htmlpanel (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\TypeLib\{3e720450-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{3e720451-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{3e720453-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\mywebsearch.htmlpanel.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\mywebsearch.outlookaddin (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{adb01e81-3c79-4272-a0f1-7b2be7a782dc} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\mywebsearch.outlookaddin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\TypeLib\{7473d290-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{7473d291-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{7473d293-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{7473d295-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{7473d297-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{7473d292-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{7473d296-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\TypeLib\{29d67d3c-509a-4544-903f-c8c1b8236554} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{2e3537fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{938aa51a-996c-4884-98ce-80dd16a5c9da} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{1093995a-ba37-41d2-836e-091067c4ad17} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{120927bf-1700-43bc-810f-fab92549b390} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{17de5e5e-bfe3-4e83-8e1f-8755795359ec} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{1f52a5fa-a705-4415-b975-88503b291728} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{247a115f-06c2-4fb3-967d-2d62d3cf4f0a} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{38a7c9da-8db7-4d0f-a7b1-c4b1a305bddb} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{3e1656ed-f60e-4597-b6aa-b6a58e171495} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{3e53e2cb-86db-4a4a-8bd9-ffeb7a64df82} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{63d0ed2b-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{63d0ed2d-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{6e74766c-4d93-4cc0-96d1-47b8e07ff9ca} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{8d292ec0-6792-4a38-82ed-73a087e41ba6} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{90449521-d834-4703-bb4e-d3aa44042ff8} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{991aac62-b100-47ce-8b75-253965244f69} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{a626cdbd-3d13-4f78-b819-440a28d7e8fc} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{bbabdc90-f3d5-4801-863a-ee6ae529862d} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{d6ff3684-ad3b-48eb-bbb4-b9e6c5a355c1} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{de38c398-b328-4f4c-a3ad-1b5e4ed93477} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25e} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25f} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{eb9e5c1c-b1f9-4c2b-be8a-27d6446fdaf8} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{1e0de227-5ce4-4ea3-ab0c-8b03e1aa76bc} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{84da4fdf-a1cf-4195-8688-3e961f505983} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{a4730ebe-43a6-443e-9776-36915d323ad3} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{0d26bc71-a633-4e71-ad31-eadc3a1b6a3a} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{8ca01f0e-987c-49c3-b852-2f1ac4a7094c} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{8e6f1830-9607-4440-8530-13be7c4b1d14} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{98635087-3f5d-418f-990c-b1efe0797a3b} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{c8cecde3-1ae1-4c4a-ad82-6d5b00212144} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{e47caee0-deea-464a-9326-3f2801535a4d} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{f42228fb-e84e-479e-b922-fbbd096e792c} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{a6573479-9075-4a65-98a6-19fd29cf7374} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\e025f8d9648 (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\MIME\Database\Content Type\application/x-f3embed (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully. Infizierte Registrierungswerte: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Search\(default) (Adware.Hotbar) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources\f3PopularScreensavers (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully. Infizierte Dateiobjekte der Registrierung: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Agent) -> Data: c:\windows\system32\catsrvut32.dll -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Agent) -> Data: system32\catsrvut32.dll -> Quarantined and deleted successfully. Infizierte Verzeichnisse: C:\Programme\MyWebSearch (Adware.MyWebSearch) -> Delete on reboot. c:\programme\mywebsearch\bar (Adware.MyWebSearch) -> Delete on reboot. c:\programme\mywebsearch\bar\1.bin (Adware.MyWebSearch) -> Delete on reboot. c:\programme\mywebsearch\bar\Avatar (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\Cache (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\Game (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\History (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\icons (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\Message (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\Notifier (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\Settings (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\SrchAstt (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\SrchAstt\1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Programme\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\funwebproducts\PopSwatr (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\funwebproducts\PopSwatr\History (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\funwebproducts\ScreenSaver (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\funwebproducts\screensaver\Images (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\funwebproducts\Shared (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\funwebproducts\Shared\Cache (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Dokumente und Einstellungen\Jennifer\Anwendungsdaten\FunWebProducts (Adware.MyWay) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\Jennifer\anwendungsdaten\funwebproducts\Data (Adware.MyWay) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\Jennifer\anwendungsdaten\funwebproducts\Data\Jennifer (Adware.MyWay) -> Quarantined and deleted successfully. C:\WINDOWS\system32\SystemX86 (Worm.Archive) -> Quarantined and deleted successfully. |
|
30.07.2009, 22:20
| #4 |
| | Warning!!! Your computer contains various signs of viruses and malware.. hier der Rest vom Malwarebytes File: Infizierte Dateien: C:\Programme\MyWebSearch\bar\1.bin\M3SRCHMN.EXE (Adware.MyWeb) -> Delete on reboot. C:\Programme\MyWebSearch\bar\1.bin\MWSBAR.DLL (Adware.MyWeb) -> Delete on reboot. C:\Programme\MyWebSearch\bar\1.bin\F3SHLLVW.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Programme\MyWebSearch\bar\1.bin\M3MSG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Programme\MyWebSearch\bar\1.bin\M3HTML.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Programme\MyWebSearch\bar\1.bin\M3OUTLCN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Programme\MyWebSearch\bar\1.bin\M3SKIN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Programme\MyWebSearch\bar\1.bin\F3SCRCTR.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Programme\MyWebSearch\bar\1.bin\F3CJPEG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Programme\MyWebSearch\bar\1.bin\MWSOEPLG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\Jennifer\lokale einstellungen\Temp\16.tmp (Trojan.Agent) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\Jennifer\lokale einstellungen\Temp\1A.tmp (Trojan.Agent) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\Jennifer\lokale einstellungen\Temp\1E.tmp (Trojan.Agent) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\Jennifer\lokale einstellungen\Temp\2.tmp (Trojan.Agent) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\Jennifer\lokale einstellungen\Temp\27.tmp (Trojan.Agent) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\Jennifer\lokale einstellungen\Temp\4.tmp (Trojan.Agent) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\Jennifer\lokale einstellungen\Temp\5.tmp (Trojan.Agent) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\Jennifer\lokale einstellungen\Temp\6.tmp (Trojan.Agent) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\Jennifer\lokale einstellungen\Temp\A.tmp (Trojan.Agent) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\Jennifer\lokale einstellungen\Temp\F.tmp (Trojan.Agent) -> Quarantined and deleted successfully. c:\programme\msn messenger\riched20.dll (Adware.MyWeb.FunWeb) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\1.bin\F3RESTUB.DLL (Adware.MyWeb.FunWeb) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\1.bin\F3SCHMON.EXE (Adware.MyWeb.FunWeb) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\1.bin\M3IDLE.DLL (Adware.MyWeb) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\1.bin\M3IMPIPE.EXE (Adware.MyWeb) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\1.bin\M3PLUGIN.DLL (Adware.MyWeb) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\1.bin\M3SKPLAY.EXE (Adware.MyWeb) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\1.bin\M3SLSRCH.EXE (Adware.MyWeb) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\1.bin\MWSOESTB.DLL (Adware.MyWeb) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\1.bin\NPMYWEBS.DLL (Adware.MyWeb) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\1.bin\F3BKGERR.JPG (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\1.bin\F3REPROX.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\1.bin\F3SPACER.WMV (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\1.bin\F3WALLPP.DAT (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\1.bin\F3WPHOOK.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\1.bin\M3FFXTBR.JAR (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\1.bin\M3FFXTBR.MANIFEST (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\1.bin\M3NTSTBR.JAR (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\1.bin\M3NTSTBR.MANIFEST (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\Avatar\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\Cache\001765FD (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\Cache\00265990.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\Cache\002675D3.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\Cache\0026790F.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\Cache\00267C7A.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\Cache\002F46A9 (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\Cache\003F1D2A.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\Cache\00606917.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\Cache\00606B1B.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\Cache\00606C92.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\Cache\01141EB4 (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\Cache\01142D2C (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\Cache\01143EDF.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\Cache\0114477A.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\Cache\01144A87.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\Cache\01144DB4.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\Cache\0114519C.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\Cache\files.ini (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\Game\CHECKERS.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\Game\CHESS.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\Game\REVERSI.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\History\search2 (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\icons\CM.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\icons\MFC.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\icons\PSS.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\icons\SMILEY.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\icons\WB.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\icons\ZWINKY.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\Message\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\Notifier\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\Notifier\DOG.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\Notifier\FISH.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\Notifier\KUNGFU.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\Notifier\LIFEGARD.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\Notifier\MAID.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\Notifier\MAILBOX.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\Notifier\OPERA.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\Notifier\ROBOT.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\Notifier\SEDUCT.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\Settings\prevcfg2.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\Settings\setting2.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\Settings\setting2.htm.bak (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\Settings\settings.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\Settings\settings.dat.bak (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\funwebproducts\PopSwatr\History\allowed (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\funwebproducts\PopSwatr\History\notallow (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\funwebproducts\Shared\Cache\AvatarSmallBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\funwebproducts\Shared\Cache\CursorManiaBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\funwebproducts\Shared\Cache\FunBuddyIconBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\funwebproducts\Shared\Cache\MailStampBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\funwebproducts\Shared\Cache\MyFunCardsIMBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\funwebproducts\Shared\Cache\MyStationeryBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\funwebproducts\Shared\Cache\SmileyCentralBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\funwebproducts\Shared\Cache\WebfettiBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\WINDOWS\system32\CATSRVUT32.dll (Trojan.Agent) -> Delete on reboot. |
|
30.07.2009, 22:22
| #5 |
| | Warning!!! Your computer contains various signs of viruses and malware.. hier RSIT File info.txt: info.txt logfile of random's system information tool 1.06 2009-07-30 22:53:00 ======Uninstall list====== -->C:\Programme\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL -->C:\WINDOWS\IsUn0407.exe -fC:\WINDOWS\orun32.isu -->C:\WINDOWS\UNNeroVision.exe /UNINSTALL -->C:\WINDOWS\UNNMP.exe /UNINSTALL -->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{D43F13A1-1E39-4BD4-9682-DF889FE75421}\SETUP.EXE" -l0x7 -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Acronis*True*Image-->MsiExec.exe /X{CA83357B-931E-44DC-AD43-9996FEEB8116} Adobe Acrobat 7.0 Professional - English, Français, Deutsch-->msiexec /I {AC76BA86-1033-F400-7760-000000000002} Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe InDesign CS-->RunDll32 "C:\Programme\Gemeinsame Dateien\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll",LaunchSetup "C:\Programme\InstallShield Installation Information\{416DFEDD-9F1B-4EFC-AF70-FCA891AE0251}\zidxp.exe" Adobe Photoshop 7.0-->C:\WINDOWS\ISUN0407.EXE -f"C:\Programme\Adobe\Photoshop 7.0\Uninst.isu" -c"C:\Programme\Adobe\Photoshop 7.0\Uninst.dll" Adobe Reader 7.0.5 - Deutsch-->MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-A70000000000} Agere Systems HDA Modem-->agrsmdel Apple Mobile Device Support-->MsiExec.exe /I{C337BDAF-CB4E-47E2-BE1A-CB31BB7DD0E3} Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033} ASAPI Update-->C:\PROGRA~1\VOB\ASAPIU~1\IWUNIN~1.EXE -uninstall C:\WINDOWS\ISUNINST.EXE -fC:\PROGRA~1\VOB\ASAPIU~1\ASAPI.isu Avira AntiVir Personal - Free Antivirus-->C:\Programme\Avira\AntiVir Desktop\setup.exe /REMOVE Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B} CCleaner (remove only)-->"C:\Programme\CCleaner\uninst.exe" Creative PC-CAM Center-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{D43F13A1-1E39-4BD4-9682-DF889FE75421}\SETUP.EXE" -l0x7 /remove Creative WebCam NX Pro Driver (1.00.06.0512)-->C:\WINDOWS\CtDrvIns.exe -uninstall -script Pd1130.uns -unsext NT -plugin P1130Pin.dll -pluginres P1130Pin.crl DivX Player-->C:\Programme\DivX\DivXPlayerUninstall.exe /PLAYER DivX Pro-->C:\Programme\DivX\DivXCodecUninstall.exe /CODEC DivX User Guide-->C:\Programme\DivX\DivXUserGuideUninstall /USERGUIDE eTrust Registration-->MsiExec.exe /X{6BFF4534-7608-41F0-85F7-31A0569D8960} Free Video to iPhone Converter version 1.3-->"C:\Programme\DVDVideoSoft\Free Video to iPhone Converter\unins000.exe" Free Video to iPod Converter version 3.1-->"C:\Programme\DVDVideoSoft\Free Video to iPod Converter\unins000.exe" Free WMA to MP3 Converter 1.16-->"C:\Programme\Free WMA to MP3 Converter\unins000.exe" Free YouTube to iPhone Converter version 2.1-->"C:\Programme\DVDVideoSoft\Free YouTube to iPhone Converter\unins000.exe" Google Earth-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}\setup.exe" -l0x7 -removeonly Google Toolbar for Internet Explorer-->"C:\Programme\Google\Google Toolbar\Component\GoogleToolbarManager_9DE96A29E721D90A.exe" /uninstall Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C} High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe" HighMAT-Erweiterung für den Microsoft Windows XP-Assistenten zum Schreiben von CDs-->MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F} HijackThis 2.0.2-->"C:\Programme\trend micro\HijackThis.exe" /uninstall Hotfix for Windows Media Format SDK (KB902344)-->"C:\WINDOWS\$NtUninstallKB902344$\spuninst\spuninst.exe" Hotfix für Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe" Hotfix für Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" HP Photo & Imaging 3.1-->D:\Programme\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat HP PSC & OfficeJet 3.0-->"D:\Programme\HP\Digital Imaging\{F38FA38A-7E5A-4209-88ED-4DE21CD20EEF}\setup\hpzscr01.exe" -datfile hposcr03.dat HP Software Update-->MsiExec.exe /X{CC0A24CB-87C9-4F1C-A1F2-F87D8D4DDCAF} ICQ6-->"C:\Programme\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\setup.exe" -runfromtemp -l0x0009 -removeonly Informationen über Ihren PC-->MsiExec.exe /I{3D1A6B70-3E02-49BC-88B0-916C80274632} iPod for Windows 2005-06-26-->C:\Programme\Gemeinsame Dateien\InstallShield\Driver\8\Intel 32\IDriver.exe /M{654F0312-CB3D-4FE2-962C-6BB9752E9146} /l1031 iTunes-->MsiExec.exe /I{99ECF41F-5CCA-42BD-B8B8-A8333E2E2944} J2SE Runtime Environment 5.0 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150050} Launch Manager V1.2.8-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{D0846526-66DD-4DC9-A02C-98F9A2806812}\Setup.exe" -l0x7 -uninst Learn2 Player (Uninstall Only)-->C:\Programme\Learn2.com\StRunner\stuninst.exe LetsTrade Komponenten-->C:\WINDOWS\fpuninst.exe -uninstall:"c:\programme\letstrade\uninst\uninst.ini" LimeWire 4.18.8-->"C:\Programme\LimeWire\uninstall.exe" Macromedia Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log Malwarebytes' Anti-Malware-->"C:\Programme\Malwarebytes' Anti-Malware\unins000.exe" MediaShow 3.0-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{D5A9B7C0-8751-11D8-9D75-000129760D75}\setup.exe" -uninstall Memories Disc Creator 2.0-->MsiExec.exe /X{2E132061-C78A-48D4-A899-1D13B9D189FA} Microsoft .NET Framework 1.1 German Language Pack-->MsiExec.exe /X{E78BFA60-5393-4C38-82AB-E8019E464EB4} Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft ActiveSync 3.7-->"C:\WINDOWS\ISUN0407.EXE" -f"C:\Programme\Microsoft ActiveSync\DeIsL1.isu" -c"C:\Programme\Microsoft ActiveSync\ceuninst.dll" Microsoft Foto 2006 Standard Edition-->"C:\Programme\Gemeinsame Dateien\Microsoft Shared\Picture It!\RmvSuite.exe" ADDREMOVE=1 SKU=PREM VERSION=11 Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe" Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe" Microsoft Office XP Professional mit FrontPage-->MsiExec.exe /I{90280407-6000-11D3-8CFE-0050048383C9} Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Microsoft Windows-Journal-Viewer-->MsiExec.exe /X{43DCF766-6838-4F9A-8C91-D92DA586DFA7} Microsoft Works-->MsiExec.exe /I{4EA2F95F-A537-4D17-9E7F-6B3FF8D9BBE3} Microsoft-Basissmartcard-Kryptografiedienstanbieterpaket-->"C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe" MobileMe Control Panel-->MsiExec.exe /I{DDBB28C8-B2AA-45A1-8DCE-059A798509FB} Mozilla Firefox (2.0.0.14)-->C:\Programme\Mozilla Firefox\uninstall\helper.exe Mozilla Thunderbird (2.0.0.19)-->C:\Programme\Mozilla Thunderbird\uninstall\helper.exe MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F} MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} Nero Suite-->C:\Programme\Gemeinsame Dateien\Nero\Uninstall\setupx.exe /uninstall ExtraUninstallID="" NETGEAR WG111 Software-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{21B9CC18-8AB7-402F-B343-CD2127FC3CFC}\SETUP.EXE" -uninst NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI OmniPass-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{F4E57F49-84B4-4CF2-B0A1-8CA1752BDF7E}\setup.exe" -l0x7 PowerCinema Linux 4.7-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{D5F82F8F-4DE2-11D9-A373-0050BAE317E1}\setup.exe" -uninstall PowerCinema-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\setup.exe" -uninstall PowerDirector-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\setup.exe" -uninstall PowerDVD-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall PowerProducer-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\setup.exe" -uninstall QuickTime-->MsiExec.exe /I{C78EAC6F-7A73-452E-8134-DBB2165C5A68} REALTEK Gigabit and Fast Ethernet NIC Driver-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{94FB906A-CF42-4128-A509-D353026A607E}\Setup.exe" -l0x7 REMOVE Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x7 -removeonly Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Sicherheitsupdate für Step by Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe" Sicherheitsupdate für Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB929969)-->"C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB969897)-->"C:\WINDOWS\ie7updates\KB969897-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 8 (KB969897)-->"C:\WINDOWS\ie8updates\KB969897-IE8\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 8 (KB972260)-->"C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe" Sicherheitsupdate für Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" Sicherheitsupdate für Windows Media Player 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe" Sicherheitsupdate für Windows Media Player 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe" Sicherheitsupdate für Windows Media Player 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe" Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82} Steinberg WaveLab v4.00c-->C:\PROGRA~1\STEINB~1\Wavelab\UNWISE.EXE C:\PROGRA~1\STEINB~1\Wavelab\INSTALL.LOG Synaptics Pointing Device Driver-->rundll32.exe "C:\Programme\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall TeamViewer 4-->C:\Programme\TeamViewer\Version4\uninstall.exe Texas Instruments PCIxx21/x515 drivers.-->C:\PROGRA~1\GEMEIN~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{425ECED4-23ED-4E05-A88A-B59700DAF2AD} Tobit.Software clipinc.fx-->C:\WINDOWS\CISUnins.exe "G:\Tobit ClipInc\Server\CISUnins.inf" Uninstall 1.0.0.0-->"C:\Programme\Gemeinsame Dateien\DVDVideoSoft\unins000.exe" Update für Windows Internet Explorer 8 (KB972636)-->"C:\WINDOWS\ie8updates\KB972636-IE8\spuninst\spuninst.exe" Update für Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe" Update für Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe" Update für Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe" Update für Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe" videon-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{261D0486-9127-4071-BA1D-FE784310752E}\Setup.exe" -l0x7 Viewpoint Media Player-->C:\Programme\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u Windows Genuine Advantage v1.3.0254.0-->MsiExec.exe /I{63569CE9-FA00-469C-AF5C-E5D4D93ACF91} Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe" Windows Live Anmelde-Assistent-->MsiExec.exe /I{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60} Windows Live installer-->MsiExec.exe /X{7A7B0BF3-2F00-4F03-8A9B-6ABCC07B90C6} Windows Live Messenger-->MsiExec.exe /X{2B091530-69AA-442E-AB09-39ED06B58220} Windows Media Connect-->"C:\WINDOWS\$NtUninstallWMCSetup$\spuninst\spuninst.exe" Windows Media Format Runtime-->"C:\Programme\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Format SDK Hotfix - KB891122-->"C:\WINDOWS\$NtUninstallKB891122$\spuninst\spuninst.exe" Windows Media Player 10-->"C:\Programme\Windows Media Player\Setup_wm.exe" /Uninstall Windows Messenger 5.1-->MsiExec.exe /I{9D1C26BD-E792-4159-9D16-07EA222D8EF0} Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" Windows-Sicherungsprogramm-->MsiExec.exe /I{76EFFC7C-17A6-479D-9E47-8E658C1695AE} WinRAR Archivierer-->C:\Programme\WinRAR\uninstall.exe WISO Mein Geld 2006 Professional-->MsiExec.exe /I{20FD5B04-CE35-4F5B-A2F3-6D9FD644EB70} X10 Hardware(TM)-->C:\WINDOWS\UNWISE.EXE C:\PROGRA~1\X10HAR~1\Install.log Zattoo 3.3.1 Beta-->C:\Programme\Zattoo\uninst.exe ======Security center information====== AV: AntiVir PersonalEdition Classic Virenschutz AV: AntiVir PersonalEdition Classic Virenschutz AV: AntiVir Desktop AV: AntiVir PersonalEdition Classic Virenschutz AV: AntiVir PersonalEdition Classic Virenschutz ======System event log====== Computer Name: * Event Code: 7035 Message: Der Steuerbefehl "starten" wurde erfolgreich an den Dienst "Google Updater Service" gesendet. Record Number: 66990 Source Name: Service Control Manager Time Written: 20090415193041.000000+120 Event Type: Informationen User: NT-AUTORITÄT\SYSTEM Computer Name: * Event Code: 36 Message: Der Zeitdienst konnte die Systemzeit seit 49152 Sekunden nicht synchronisieren, da kein Zeitanbieter einen gültigen Zeitstempel anbieten konnte. Die Systemuhr ist nicht synchronisiert. Record Number: 66989 Source Name: W32Time Time Written: 20090415082408.000000+120 Event Type: Warnung User: Computer Name: * Event Code: 7036 Message: Dienst "Google Updater Service" befindet sich jetzt im Status "Beendet". Record Number: 66988 Source Name: Service Control Manager Time Written: 20090414200050.000000+120 Event Type: Informationen User: Computer Name: * Event Code: 7036 Message: Dienst "Google Updater Service" befindet sich jetzt im Status "Ausgeführt". Record Number: 66987 Source Name: Service Control Manager Time Written: 20090414195850.000000+120 Event Type: Informationen User: Computer Name: * Event Code: 7035 Message: Der Steuerbefehl "starten" wurde erfolgreich an den Dienst "Google Updater Service" gesendet. Record Number: 66986 Source Name: Service Control Manager Time Written: 20090414195850.000000+120 Event Type: Informationen User: NT-AUTORITÄT\SYSTEM =====Application event log===== Computer Name: * Event Code: 100 Message: Recording on slot 1 terminates at 00:00:56 14.05.2009 Record Number: 25086 Source Name: ClipInc 001 Time Written: 20090514000056.000000+120 Event Type: Informationen User: Computer Name: * Event Code: 100 Message: Recording on slot 1 terminates at 00:00:56 14.05.2009 Restart streaming Record Number: 25085 Source Name: ClipInc 001 Time Written: 20090514000056.000000+120 Event Type: Informationen User: Computer Name: * Event Code: 100 Message: Capture for slot 0 started at 00:00:51 14.05.2009 Record Number: 25084 Source Name: ClipInc 001 Time Written: 20090514000051.000000+120 Event Type: Informationen User: Computer Name: * Event Code: 100 Message: Recording on slot 1 started at 00:00:51 14.05.2009 Record Number: 25083 Source Name: ClipInc 001 Time Written: 20090514000051.000000+120 Event Type: Informationen User: Computer Name: * Event Code: 100 Message: Capture for slot 1 started at 00:00:50 14.05.2009 Record Number: 25082 Source Name: ClipInc 001 Time Written: 20090514000050.000000+120 Event Type: Informationen User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Programme\Softex\OmniPass;C:\Programme\QuickTime\QTSystem\ "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 13 Stepping 8, GenuineIntel "PROCESSOR_REVISION"=0d08 "NUMBER_OF_PROCESSORS"=1 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "CLASSPATH"=.;C:\Programme\Java\jre1.5.0_05\lib\ext\QTJava.zip "QTJAVA"=C:\Programme\Java\jre1.5.0_05\lib\ext\QTJava.zip -----------------EOF----------------- |
|
30.07.2009, 22:24
| #6 |
| | Warning!!! Your computer contains various signs of viruses and malware.. und als letztes das RSIT File log.txt: Bitte um Hilfe! Logfile of random's system information tool 1.06 (written by random/random) Run by Jennifer at 2009-07-30 22:52:44 Microsoft Windows XP Home Edition Service Pack 3 System drive C: has 9 GB (17%) free of 50 GB Total RAM: 1022 MB (52% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:52:55, on 30.07.2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Programme\Avira\AntiVir Desktop\sched.exe C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe C:\Programme\Avira\AntiVir Desktop\avguard.exe C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Programme\Bonjour\mDNSResponder.exe C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe C:\Programme\Home Cinema\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\Programme\Softex\OmniPass\Omniserv.exe C:\Programme\CyberLink\Shared Files\RichVideo.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe C:\Programme\Softex\OmniPass\OPXPApp.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\AGRSMMSG.exe C:\Programme\Launch Manager\LaunchAp.exe C:\Programme\Launch Manager\HotkeyApp.exe C:\Programme\Launch Manager\OSD.exe C:\Programme\Launch Manager\Wbutton.exe C:\Programme\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\RTHDCPL.EXE C:\Programme\Home Cinema\PowerDVD\PDVDServ.exe C:\Programme\Home Cinema\PowerCinema\PCMService.exe C:\Programme\Softex\OmniPass\scureapp.exe C:\Programme\Adobe\Acrobat 7.0\Distillr\Acrotray.exe C:\Programme\Acronis\TrueImage\TrueImageMonitor.exe C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe D:\Programme\HP\HP Software Update\HPWuSchd.exe D:\Programme\HP\Digital Imaging\Promotions\HPpromo.exe C:\WINDOWS\system32\wuauclt.exe C:\Programme\Avira\AntiVir Desktop\avgnt.exe C:\Programme\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\NCLAUNCH.EXe C:\Programme\Messenger\msmsgs.exe C:\Programme\Microsoft ActiveSync\WCESCOMM.EXE C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Programme\Adobe\Acrobat 7.0\Acrobat\acrobat_sl.exe C:\WINDOWS\System32\svchost.exe D:\Programme\HP\Digital Imaging\bin\hpqtra08.exe C:\Programme\NETGEAR\WG111 Configuration Utility\WG111CFG.exe C:\Programme\iPod\bin\iPodService.exe C:\Dokumente und Einstellungen\Jennifer\Desktop\RSIT.exe C:\Programme\trend micro\Jennifer.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.de/0SEDEDE/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.de/0SEDEDE/SAOS01?FORM=TOOLBR R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/ig?hl=de&ie=UTF-8&source=iglk R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.de/0SEDEDE/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {6754A456-BAD9-11D4-93D3-00B0D03A2F91} - (no file) O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Programme\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [LaunchAp] "C:\Programme\Launch Manager\LaunchAp.exe" O4 - HKLM\..\Run: [HotkeyApp] "C:\Programme\Launch Manager\HotkeyApp.exe" O4 - HKLM\..\Run: [CtrlVol] "C:\Programme\Launch Manager\CtrlVol.exe" O4 - HKLM\..\Run: [LMgrOSD] "C:\Programme\Launch Manager\OSD.exe" O4 - HKLM\..\Run: [Wbutton] "C:\Programme\Launch Manager\Wbutton.exe" O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [SynTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [RemoteControl] "C:\Programme\Home Cinema\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [PCMService] "C:\Programme\Home Cinema\PowerCinema\PCMService.exe" O4 - HKLM\..\Run: [AntivirusRegistration] C:\Programme\CA\Etrust Antivirus\Register.exe O4 - HKLM\..\Run: [InstantOn] "C:\Programme\CyberLink\PowerCinema Linux\ion_install.exe /c " O4 - HKLM\..\Run: [OmniPass] C:\Programme\Softex\OmniPass\scureapp.exe O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Programme\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Programme\Acronis\TrueImage\TrueImageMonitor.exe O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe" O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w O4 - HKLM\..\Run: [HP Software Update] "D:\Programme\HP\HP Software Update\HPWuSchd.exe" O4 - HKLM\..\Run: [DXDllRegExe] dxdllreg.exe O4 - HKLM\..\Run: [HPpromo psc 1300 series] "D:\Programme\HP\Digital Imaging\Promotions\HPpromo.exe" /N "psc 1300 series" -r O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [iTunesHelper] "C:\Programme\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [NCLaunch] C:\WINDOWS\NCLAUNCH.EXe O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Programme\Microsoft ActiveSync\WCESCOMM.EXE" O4 - HKCU\..\Run: [ClipIncSrvTray] "G:\Tobit ClipInc\Player\ClipIncTray.exe" O4 - HKCU\..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [ccleaner] "C:\Programme\CCleaner\CCleaner.exe" /AUTO O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Acrobat - Schnellstart.lnk = ? O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\Programme\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Smart Wizard Wireless Settings.lnk = ? O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: In Adobe PDF konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: In vorhandene PDF-Datei konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_05\bin\npjpi150_05.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_05\bin\npjpi150_05.dll O9 - Extra button: Mobilen Favoriten erstellen - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Programme\Microsoft ActiveSync\inetrepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Programme\Microsoft ActiveSync\inetrepl.dll O9 - Extra 'Tools' menuitem: Mobilen Favoriten erstellen... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Programme\Microsoft ActiveSync\inetrepl.dll O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (file missing) O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (file missing) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe O9 - Extra button: @C:\Programme\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: @C:\Programme\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} - http://upload.facebook.com/controls/FacebookPhotoUploader3.cab O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://static.pe.studivz.net/photouploader/ImageUploader5.cab?nocache=1219934322 O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1135960497062 O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} - http://static.ak.studivz.net/photouploader/ImageUploader4.cab?nocache=20071128-1 O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab O16 - DPF: {96512D57-F751-4088-A689-5778FCC77F7A} (Photo Uploader Control) - http://www.studivz.net/lib/photouploader/PhotoUploader.cab O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/DigWXMSN.cab O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} (Image Uploader Control) - http://static.ak.studivz.net/photouploader/ImageUploader5.cab?nocache=20080115-1 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) - http://upload.facebook.com/controls/FacebookPhotoUploader4_5.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Programme\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Programme\Bonjour\mDNSResponder.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe O23 - Service: ClipInc 001 (ClipInc001) - Unknown owner - G:\Tobit ClipInc\Server\ClipInc-Server.exe (file missing) O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Programme\Home Cinema\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Programme\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Softex OmniPass Service (omniserv) - Softex Inc. - C:\Programme\Softex\OmniPass\Omniserv.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programme\CyberLink\Shared Files\RichVideo.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- End of file - 16777 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\AppleSoftwareUpdate.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] AcroIEHlprObj Class - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2005-09-24 63136] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6754A456-BAD9-11D4-93D3-00B0D03A2F91}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live Anmelde-Hilfsprogramm - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll [2009-06-23 259696] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}] AcroIEToolbarHelper Class - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004-12-14 225280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Programme\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll [2009-06-29 669168] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}] Google Dictionary Compression sdch - C:\Programme\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-04-30 470512] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004-12-14 225280] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll [2009-06-23 259696] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2005-11-22 7335936] "nwiz"=nwiz.exe /install [] "AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2005-08-24 88203] "LaunchAp"=C:\Programme\Launch Manager\LaunchAp.exe [2005-07-25 32768] "HotkeyApp"=C:\Programme\Launch Manager\HotkeyApp.exe [2005-11-30 61440] "CtrlVol"=C:\Programme\Launch Manager\CtrlVol.exe [2003-09-16 20480] "LMgrOSD"=C:\Programme\Launch Manager\OSD.exe [2005-03-16 204800] "Wbutton"=C:\Programme\Launch Manager\Wbutton.exe [2005-11-08 81920] "IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-04 208952] "MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-04 59392] "PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-04 455168] "PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-04 455168] "SynTPEnh"=C:\Programme\Synaptics\SynTP\SynTPEnh.exe [2005-11-10 761945] "NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648] "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2005-12-19 15797248] "Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632] "RemoteControl"=C:\Programme\Home Cinema\PowerDVD\PDVDServ.exe [2004-11-02 32768] "PCMService"=C:\Programme\Home Cinema\PowerCinema\PCMService.exe [2005-12-30 139264] "AntivirusRegistration"=C:\Programme\CA\Etrust Antivirus\Register.exe [2005-08-22 258048] "InstantOn"=C:\Programme\CyberLink\PowerCinema Linux\ion_install.exe [2005-09-22 93640] "OmniPass"=C:\Programme\Softex\OmniPass\scureapp.exe [2005-11-15 1847296] "Acrobat Assistant 7.0"=C:\Programme\Adobe\Acrobat 7.0\Distillr\Acrotray.exe [2004-12-14 483328] ""= [] "TrueImageMonitor.exe"=C:\Programme\Acronis\TrueImage\TrueImageMonitor.exe [2005-10-25 988565] "Acronis Scheduler2 Service"=C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe [2005-10-25 118784] "My Web Search Bar Search Scope Monitor"=C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe /m=2 /w [] "HP Software Update"=D:\Programme\HP\HP Software Update\HPWuSchd.exe [2003-06-25 49152] "DXDllRegExe"=dxdllreg.exe [] "HPpromo psc 1300 series"=D:\Programme\HP\Digital Imaging\Promotions\HPpromo.exe [2003-10-09 126976] "AppleSyncNotifier"=C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-05-13 177472] "QuickTime Task"=C:\Programme\QuickTime\QTTask.exe [2009-05-26 413696] "avgnt"=C:\Programme\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153] "iTunesHelper"=C:\Programme\iTunes\iTunesHelper.exe [2009-07-13 292128] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "NCLaunch"=C:\WINDOWS\NCLAUNCH.EXe [2006-03-13 28672] "MSMSGS"=C:\Programme\Messenger\msmsgs.exe [2005-08-31 1658592] "H/PC Connection Agent"=C:\Programme\Microsoft ActiveSync\WCESCOMM.EXE [2004-02-09 401491] "ClipIncSrvTray"=G:\Tobit ClipInc\Player\ClipIncTray.exe [] "swg"=C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-02-14 39408] "ccleaner"=C:\Programme\CCleaner\CCleaner.exe [2009-06-25 1578736] |
|
30.07.2009, 22:28
| #7 |
| | Warning!!! Your computer contains various signs of viruses and malware.. Gut RSIT Logfile, danach nochmal ein Malwarebytes scan - lasse Malwarebytes zuvor updaten. Danach lässt du nochmal SUPERAntiSpyware laufen,
__________________ Avira Upgrade 10 ist auf dem Markt! Agressive Einstellung von Avira What goes around comes around!  |
|
30.07.2009, 22:32
| #8 |
| | Warning!!! Your computer contains various signs of viruses and malware.. Wow, vielen Dank für deine schnelle Antwort! Ich habe Malwarebytes upgedated und lasse es gerade nochmal laufen. Danach dann dieses andere Programm. Ist mein PC dann wieder gesund? Woran kann ich denn das in diesen Logfiles sehen? LG |
|
30.07.2009, 22:39
| #9 |
| | Warning!!! Your computer contains various signs of viruses and malware.. Ob dein PC wieder "gesund" ist wird sich nach weiteren Scans und der Überprüfung deines RSIT Logs zeigen. Wie ist gerade der Zwischenstand? Kommen noch diese Meldungen? Ich bin ab Morgen ca. gegen 17 Uhr oder 18 Uhr wieder zu erreichen. Poste einfach die Logs herrein, ich schau sie mir dann an, wenn ich @ Home bin
__________________ Avira Upgrade 10 ist auf dem Markt! Agressive Einstellung von Avira What goes around comes around! |
|
04.08.2009, 21:00
| #10 |
| | Warning!!! Your computer contains various signs of viruses and malware.. Anleitung Avenger (by swandog46) Lade dir das Tool Hopsassa und speichere es auf dem Desktop:
Code:
ATTFilter Drivers to delete:
mailKmd
gusvc
Files to delete:
C:\WINDOWS\system32\drivers\mailKmd.sys
__________________ Avira Upgrade 10 ist auf dem Markt! Agressive Einstellung von Avira What goes around comes around! Geändert von Angel21 (04.08.2009 um 21:09 Uhr) |
|
04.08.2009, 22:14
| #11 |
| | Warning!!! Your computer contains various signs of viruses and malware.. Vielen Dank für deine Anwort. Ich hab das gleich mal probiert. Habe Hopsassa runtergeladen und gestartet. Der PC hat dann neugestartet. Leider kam er beim Hochfahren dann nur bis zum Blue Screen. Ich musste nochmal neustarten. Dann fragte er über diese DOS-Seite in welchem Modus (abgesichert / letzte als funktionierend bekannte konfiguration etc.) starten soll. Zuerst hab ichs mit normal starten probier. Da kam er aber auch nur bis zum Blue Screen. Dann hab ichs mit der letzten als funktionierend bekannten Konfoguration probiert. Dann hat er wieder gestartet und Windows hochgefahren. Hab ich jetzt ein neues Problem? Unter C: und auch sonst auf meiner Festplate findet sich leider keine Datei avenger.txt. Nur eine backup.reg. Soll ich mit der irgendwas machen? Brrr, bin schon wieder ein bisschen verwirrt...  |
|
04.08.2009, 22:25
| #12 |
| | Warning!!! Your computer contains various signs of viruses and malware.. Nachtrag: Ich hab das jetzt nochmal gemacht mit Hopsassa, weil ich dachte, dass ich den falschen Text reinkopiert hatte. Er hat dann jetzt wieder ewig gebraucht, tausend blue screens gebracht, um am Ende wieder nur mit der letzten bekannten blabla Konfoguration hochzufahren... Hab ichs noch schlimmer gemacht?? *schreck |
|
04.08.2009, 22:50
| #13 |
| | Warning!!! Your computer contains various signs of viruses and malware.. Stoppe vorerste die Aktionen mit Avenger und mache hier weiter: Kaspersky - Onlinescanner Dieser Scanner entfernt die Funde nicht, gibt aber einen guten Überblick über die vorhandene Malware. ---> hier herunterladen => Kaspersky Online Scanner => Hinweise zu älteren Versionen beachten! => Voraussetzung: Internet Explorer 6.0 oder höher => die nötigen ActiveX-Steuerelemente installieren => Update der Signaturen => Weiter => Scan-Einstellungen => Standard wählen => OK => Link "Arbeitsplatz" anklicken => Scan beginnt automatisch => Untersuchung wurde abgeschlossen => Protokoll speichern als => Dateityp auf .txt umstellen => auf dem Desktop als Kaspersky.txt speichern => Log hier posten => Deinstallation => Systemsteuerung => Software => Kaspersky Online Scanner entfernen
__________________ Avira Upgrade 10 ist auf dem Markt! Agressive Einstellung von Avira What goes around comes around! |
|
05.08.2009, 22:02
| #14 |
| | Warning!!! Your computer contains various signs of viruses and malware.. ich bin dran. sorry, dass es immer so lange dauert. leider vermute ich, dass es noch ne weile dauert. ich denke, ich poste das file dann morgen erst. danke schonmal, gute nacht und bis morgen! |
|
05.08.2009, 22:06
| #15 | |
| | Warning!!! Your computer contains various signs of viruses and malware.. Ist alles kein Problem, lass dir ruhig Zeit Hallo, aber bevor du in die Heia gehst möchte ich mit dir noch eine Aufgabe erledigen die sehr sehr wichtig ist: Also stelle die Ordneransicht schonmal so ein: 1. geschützte Systemdatein ausblenden -> Haken weg 2. alle Ordner anzeigen -> Haken (punkt) rein Danach - Start - Ausführen - cmd eingeben -OK - sc stop mailkmd eingeben exit. Danach suche diesen Pfad: Zitat:
hochladen.
__________________ Avira Upgrade 10 ist auf dem Markt! Agressive Einstellung von Avira What goes around comes around! Geändert von Angel21 (05.08.2009 um 22:17 Uhr) |
|
| Themen zu Warning!!! Your computer contains various signs of viruses and malware.. |
| antivir, antivir guard, avira, computer, dll, einstellung, explorer, fake, festplatte, free scan, herunterfahren, home, internet, internet explorer, malware, neu, programm, ratlos, rundll, scan, security, seiten, seiten öffnen sich, system, trojaner, warning |
Hybrid-Darstellung
