| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Virus der alle Antivirus Seiten blockiert!Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
07.01.2011, 02:46
| #1 |
 |  Virus der alle Antivirus Seiten blockiert! Hallo & Zwar habe ich ein Problem, ich muss mir einen Virus eingefangen haben, der alle Sites die etwas mit Antivirus zu tuhen haben Blockiert. Hier mal ein Paar websites die ich getestet habe: Microsoft.com = Failed Avira.com = Failed Virustotal.com = Failed Kaspersky.com = Failed Ich habe die Anleitung dieses Threads befolgt: http://www.trojaner-board.de/69512-v...blockiert.html Jedoch gehe ich davon aus das es ab dem Punkt wo es um den Avenger geht ich einen anderen Code eingeben muss, weil anscheinend es andere Dateien sind, die gelöscht werden müssen. Ich habe ebenfalls wie in dem thread alles mit AVZ Gescannt & Hier ist die Sys_Info: Code:
ATTFilter <?xml version="1.0" encoding="windows-1251" ?>
- <!-- AVZ XML Report
-->
- <AVZ Version="4.34" LogDate="07.01.2011 02:33:05" WinDir="C:\WINXP\" OS_MjVer="5" OS_MiVer="1" OS_Build="2600" BootMode="0" OS_CSDV="Service Pack 3" ProfileDir="C:\Dokumente und Einstellungen\Administrator" Session="Console" IsWow64="False" IsAdmin="True" IsSRDisabled="True" MainDBDate="06.01.2011" CompHash="16121CB0EA16971D22795441D7926B69">
- <PROCESS>
<ITEM PID="2108" File="c:\programme\lexmark 3600-4600 series\lxdxmon.exe" CheckResult="-1" Descr="Printer Device Monitor" LegalCopyright="" Hidden="0" CmdLine="@quot;C:\Programme\Lexmark 3600-4600 Series\lxdxmon.exe@quot;" Size="668328" Attr="rsAh" CreateDate="03.01.2011 12:28:52" ChageDate="13.06.2008 17:04:01" MD5="C2C910A77828A48C572F64B664D05CCD" />
<ITEM PID="2156" File="c:\programme\lexmark 3600-4600 series\lxdxmsdmon.exe" CheckResult="-1" Descr="Printer Card Transfer Monitor" LegalCopyright="" Hidden="0" CmdLine="@quot;C:\Programme\Lexmark 3600-4600 Series\lxdxMsdMon.exe@quot;" Size="25256" Attr="rsAh" CreateDate="03.01.2011 12:28:58" ChageDate="13.06.2008 17:04:02" MD5="0E237DC64EF3C77BF4BD843B9894B9F1" />
<ITEM PID="668" File="c:\winxp\system32\winlogon.exe" CheckResult="0" Descr="Windows NT-Anmeldung" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Hidden="0" CmdLine="winlogon.exe" Size="513024" Attr="rsAh" CreateDate="14.04.2008 13:00:00" ChageDate="14.04.2008 13:00:00" MD5="F09A527B422E25C478E38CAA0E44417A" />
<ITEM PID="2080" File="c:\programme\avmwlanstick\wlangui.exe" CheckResult="-1" Descr="FRITZ!WLAN GUI" LegalCopyright="Copyright © 2006-2010" Hidden="0" CmdLine="@quot;C:\Programme\avmwlanstick\wlangui.exe@quot;" Size="2105344" Attr="rsAh" CreateDate="22.10.2010 02:00:00" ChageDate="22.10.2010 02:00:00" MD5="504C916D52ABA407FD4DC1E709AEA71E" />
<ITEM PID="1204" File="c:\programme\avmwlanstick\wlannetservice.exe" CheckResult="-1" Descr="AVMWlanService" LegalCopyright="Copyright © AVM Berlin 2006-2010" Hidden="0" CmdLine="C:\Programme\avmwlanstick\WlanNetService.exe" Size="376832" Attr="rsAh" CreateDate="22.10.2010 02:00:00" ChageDate="22.10.2010 02:00:00" MD5="C6F4C466B654C1BE98AF31418BB5AC30" />
</PROCESS>
- <DLL>
<ITEM File="C:\Programme\Lexmark 3600-4600 Series\lxdxscw.dll" CheckResult="-1" Descr="" LegalCopyright="" UsedBy="2108" Hidden="0" Size="380928" Attr="rsAh" CreateDate="03.01.2011 12:28:52" ChageDate="13.06.2008 16:11:44" MD5="DBF13458809BBD5D0DB44F2512504550" />
<ITEM File="C:\Programme\Lexmark 3600-4600 Series\lxdxDRS.dll" CheckResult="-1" Descr="Data Retriever" LegalCopyright="" UsedBy="2108" Hidden="0" Size="782336" Attr="rsAh" CreateDate="03.01.2011 12:28:52" ChageDate="13.06.2008 16:11:43" MD5="26198ED2D8CAD86D6D8DB97F51AD99F5" />
<ITEM File="C:\Programme\Lexmark 3600-4600 Series\lxdxmonr.dll" CheckResult="-1" Descr="" LegalCopyright="Copyright © 2005" UsedBy="2108" Hidden="0" Size="90112" Attr="rsAh" CreateDate="03.01.2011 12:28:51" ChageDate="13.06.2008 16:11:57" MD5="D91F2EA7610EDBFD780EC7625F785AE9" />
<ITEM File="C:\Programme\Lexmark 3600-4600 Series\App4R.Monitor.Common.dll" CheckResult="-1" Descr="" LegalCopyright="" UsedBy="2156" Hidden="0" Size="28672" Attr="rsAh" CreateDate="03.01.2011 12:28:57" ChageDate="28.02.2008 00:40:54" MD5="D7AD1476E49BF192A1C032B94890CD38" />
<ITEM File="C:\Programme\Lexmark 3600-4600 Series\App4R.Monitor.Core.dll" CheckResult="-1" Descr="" LegalCopyright="" UsedBy="2156" Hidden="0" Size="36864" Attr="rsAh" CreateDate="03.01.2011 12:28:57" ChageDate="28.02.2008 00:40:55" MD5="61EA1A93653D3C15F191EE393BA3E120" />
<ITEM File="C:\WINXP\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll" CheckResult="-1" Descr="Microsoft Common Language Runtime-Klassenbibliothek" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." UsedBy="2156" Hidden="0" Size="315392" Attr="rsAh" CreateDate="19.11.2010 17:10:38" ChageDate="19.11.2010 17:10:38" MD5="D2D8E81F23F500B9BD3D7E7A7094B299" />
<ITEM File="C:\Programme\Lexmark 3600-4600 Series\app4r.devmons.mcmdevmon.dll" CheckResult="-1" Descr="" LegalCopyright="" UsedBy="2156" Hidden="0" Size="61440" Attr="rsAh" CreateDate="03.01.2011 12:28:55" ChageDate="28.02.2008 00:40:02" MD5="C6714236F6DD585758E8C80066805859" />
<ITEM File="C:\Programme\Lexmark 3600-4600 Series\app4r.devmons.mcmdevmon.autoplayutil.dll" CheckResult="-1" Descr="" LegalCopyright="" UsedBy="2156" Hidden="0" Size="11776" Attr="rsAh" CreateDate="03.01.2011 12:28:55" ChageDate="22.11.2007 17:55:48" MD5="0F308FD7005AA6971D62051F65F9A3BD" />
<ITEM File="C:\WINXP\system32\WgaLogon.dll" CheckResult="-1" Descr="Windows Genuine Advantage Notification" LegalCopyright="© 1995-2007 Microsoft Corporation" UsedBy="668" Hidden="0" Size="3584" Attr="rsah" CreateDate="17.11.2010 19:54:03" ChageDate="22.03.2008 07:09:02" MD5="BD0423619882F3B317F6F390DDE31D71" />
<ITEM File="C:\Programme\avmwlanstick\avmwlapi.dll" CheckResult="-1" Descr="WLAN Configuration DLL 32 bit" LegalCopyright="AVM GmbH" UsedBy="1204" Hidden="0" Size="197120" Attr="rsAh" CreateDate="22.10.2010 02:00:00" ChageDate="22.10.2010 02:00:00" MD5="01944AB4A8F054ED4FC7F89B9E484D51" />
<ITEM File="C:\Programme\avmwlanstick\avmsysnet.dll" CheckResult="-1" Descr="AVM LAN + WLAN Helper" LegalCopyright="Copyright © 2006-2010" UsedBy="1204" Hidden="0" Size="331776" Attr="rsAh" CreateDate="22.10.2010 02:00:00" ChageDate="22.10.2010 02:00:00" MD5="517E057A184BDCEA5E016F8F7336FBEE" />
</DLL>
- <KERNELOBJ>
<ITEM File="C:\WINXP\System32\Drivers\dump_atapi.sys" CheckResult="-1" Base="B6E2B000" MemSize="018000" Descr="" LegalCopyright="" />
<ITEM File="C:\WINXP\System32\Drivers\dump_WMILIB.SYS" CheckResult="-1" Base="BA5E8000" MemSize="002000" Descr="" LegalCopyright="" />
</KERNELOBJ>
- <Service>
<ITEM File="C:\Programme\avmwlanstick\WlanNetService.exe" Name="AVM WLAN Connection Service" CheckResult="-1" Type="16" State="4" Size="376832" Attr="rsAh" CreateDate="22.10.2010 02:00:00" ChageDate="22.10.2010 02:00:00" MD5="C6F4C466B654C1BE98AF31418BB5AC30" />
</Service>
<Drivers />
- <AUTORUN>
<ITEM File="C:\Programme\Gamigo Games\Fiesta Online(EU_German)\FiestaOnline.exe" CheckResult="-1" Enabled="1" Type="LNK" Size="1454080" Attr="rsAh" CreateDate="18.06.2008 09:48:54" ChageDate="18.06.2008 09:48:54" MD5="41E5F8BBF3209F0DE5A8DF021248976E" X1="C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\" X2="C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Verknьpfung mit FiestaOnline.exe.lnk" X3="" />
<ITEM File="C:\Programme\Gemeinsame Dateien\System\usercontrol\usercontrol.bat" CheckResult="-1" Enabled="1" Type="REG" Size="153" Attr="rsAh" CreateDate="22.12.2010 14:53:02" ChageDate="22.12.2010 15:33:29" MD5="414002AD575605A35FB29564BB1111E8" X1="HKEY_LOCAL_MACHINE" X2="Software\Microsoft\Windows\CurrentVersion\Run" X3="Usercontrol" />
<ITEM File="C:\Programme\ICQ7.2\ICQ.exe" CheckResult="-1" Enabled="1" Type="REG" Size="133432" Attr="rsAh" CreateDate="04.12.2010 20:24:14" ChageDate="05.01.2011 09:18:50" MD5="83EBCCC27098B1D1F20F72E10D6BF309" X1="HKEY_CURRENT_USER" X2="Software\Microsoft\Windows\CurrentVersion\Run" X3="ICQ" />
<ITEM File="C:\Programme\ICQ7.2\ICQ.exe" CheckResult="-1" Enabled="1" Type="LNK" Size="133432" Attr="rsAh" CreateDate="04.12.2010 20:24:14" ChageDate="05.01.2011 09:18:50" MD5="83EBCCC27098B1D1F20F72E10D6BF309" X1="C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\" X2="C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Verknьpfung mit ICQ.exe.lnk" X3="" />
<ITEM File="C:\Programme\Kantaris\kantaris.exe" CheckResult="-1" Enabled="1" Type="LNK" Size="790016" Attr="rsAh" CreateDate="31.12.2010 12:50:35" ChageDate="12.06.2010 15:28:50" MD5="E7125069BA54B857657A743AF0B8AADF" X1="C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\" X2="C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Verknьpfung mit kantaris.exe.lnk" X3="" />
<ITEM File="C:\Programme\Lexmark 3600-4600 Series\lxdxamon.exe" CheckResult="-1" Enabled="1" Type="REG" Size="16040" Attr="rsAh" CreateDate="03.01.2011 12:28:58" ChageDate="13.06.2008 17:04:02" MD5="F3455B9139F246021B51EE91FB8C799C" X1="HKEY_LOCAL_MACHINE" X2="Software\Microsoft\Windows\CurrentVersion\Run" X3="lxdxamon" />
<ITEM File="C:\Programme\Lexmark 3600-4600 Series\lxdxmon.exe" CheckResult="-1" Enabled="1" Type="REG" Size="668328" Attr="rsAh" CreateDate="03.01.2011 12:28:52" ChageDate="13.06.2008 17:04:01" MD5="C2C910A77828A48C572F64B664D05CCD" X1="HKEY_LOCAL_MACHINE" X2="Software\Microsoft\Windows\CurrentVersion\Run" X3="lxdxmon.exe" />
<ITEM File="C:\Programme\Microsoft Visual Studio 8\Common7\IDE\msenv.dll" CheckResult="-1" Enabled="-1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\Application\Visual Studio - VsTemplate" X3="EventMessageFile" />
<ITEM File="C:\Programme\Microsoft Visual Studio 8\Common7\IDE\vbexpress.exe" CheckResult="-1" Enabled="-1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\Application\vbexpress" X3="EventMessageFile" />
<ITEM File="C:\Programme\WinRAR\rarext.dll" CheckResult="-1" Enabled="1" Type="REG" Size="120320" Attr="rsAh" CreateDate="19.11.2010 18:08:14" ChageDate="15.05.2003 14:43:24" MD5="77F809D8FC99062A219F61F6BA823F27" X1="HKEY_LOCAL_MACHINE" X2="Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" X3="{B41DB860-8EE4-11D2-9906-E49FADC173CA}" />
<ITEM File="C:\Programme\Windows Media Player\WMPNetwk.exe" CheckResult="-1" Enabled="-1" Type="REG" Size="920576" Attr="rsAh" CreateDate="17.11.2010 19:50:17" ChageDate="03.11.2006 10:56:28" MD5="BF05650BB7DF5E9EBDD25974E22403BB" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\WMPNetworkSvc" X3="EventMessageFile" />
<ITEM File="C:\Programme\avmwlanstick\WlanNetService.exe" CheckResult="-1" Enabled="-1" Type="REG" Size="376832" Attr="rsAh" CreateDate="22.10.2010 02:00:00" ChageDate="22.10.2010 02:00:00" MD5="C6F4C466B654C1BE98AF31418BB5AC30" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\AVM WLAN Connection Service" X3="EventMessageFile" />
<ITEM File="C:\Programme\avmwlanstick\wlangui.exe" CheckResult="-1" Enabled="1" Type="REG" Size="2105344" Attr="rsAh" CreateDate="22.10.2010 02:00:00" ChageDate="22.10.2010 02:00:00" MD5="504C916D52ABA407FD4DC1E709AEA71E" X1="HKEY_LOCAL_MACHINE" X2="Software\Microsoft\Windows\CurrentVersion\Run" X3="AVMWlanClient" />
<ITEM File="C:\WINXP\System32\Drivers\AliIde.sys" CheckResult="-1" Enabled="-1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\aliide" X3="EventMessageFile" />
<ITEM File="C:\WINXP\System32\Drivers\CmdIde.sys" CheckResult="-1" Enabled="-1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\cmdide" X3="EventMessageFile" />
<ITEM File="C:\WINXP\System32\Drivers\IntelIde.sys" CheckResult="-1" Enabled="-1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\intelide" X3="EventMessageFile" />
<ITEM File="C:\WINXP\System32\Drivers\TosIde.sys" CheckResult="-1" Enabled="-1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\toside" X3="EventMessageFile" />
<ITEM File="C:\WINXP\System32\Drivers\ViaIde.sys" CheckResult="-1" Enabled="-1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\viaide" X3="EventMessageFile" />
<ITEM File="C:\WINXP\System32\Drivers\lbrtfdc.sys" CheckResult="-1" Enabled="-1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\lbrtfdc" X3="EventMessageFile" />
<ITEM File="C:\WINXP\System32\PrintFilterPipelineSvc.exe" CheckResult="-1" Enabled="-1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\PrintFilterPipelineSvc" X3="EventMessageFile" />
<ITEM File="C:\WINXP\System32\igmpv2.dll" CheckResult="-1" Enabled="-1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\IGMPv2" X3="EventMessageFile" />
<ITEM File="C:\WINXP\System32\ipbootp.dll" CheckResult="-1" Enabled="-1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\IPBOOTP" X3="EventMessageFile" />
<ITEM File="C:\WINXP\System32\iprip2.dll" CheckResult="-1" Enabled="-1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\IPRIP2" X3="EventMessageFile" />
<ITEM File="C:\WINXP\System32\ospf.dll" CheckResult="-1" Enabled="-1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\OSPF" X3="EventMessageFile" />
<ITEM File="C:\WINXP\System32\ospfmib.dll" CheckResult="-1" Enabled="-1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\OSPFMib" X3="EventMessageFile" />
<ITEM File="C:\WINXP\System32\polagent.dll" CheckResult="-1" Enabled="-1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\PolicyAgent" X3="EventMessageFile" />
<ITEM File="C:\WINXP\System32\tssdis.exe" CheckResult="-1" Enabled="-1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\TermServSessDir" X3="EventMessageFile" />
<ITEM File="C:\WINXP\system32\KB905474\wgasetup.exe" CheckResult="-1" Enabled="-1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\Application\WgaSetup" X3="EventMessageFile" />
<ITEM File="C:\WINXP\system32\MsSip1.dll" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\WinTrust\SubjectPackages\MS Subjects 1" X3="$DLL" />
<ITEM File="C:\WINXP\system32\MsSip2.dll" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\WinTrust\SubjectPackages\MS Subjects 2" X3="$DLL" />
<ITEM File="C:\WINXP\system32\MsSip3.dll" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\WinTrust\SubjectPackages\MS Subjects 3" X3="$DLL" />
<ITEM File="C:\WINXP\system32\icardres.dll.mui" CheckResult="-1" Enabled="-1" Type="REG" Size="663552" Attr="rsAh" CreateDate="31.07.2008 02:19:54" ChageDate="31.07.2008 02:19:54" MD5="331248B58B886275FFFE22B73A7414C2" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\Application\CardSpace 4.0.0.0" X3="EventMessageFile" />
<ITEM File="C:\WINXP\system32\psxss.exe" CheckResult="-1" Enabled="-1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="System\CurrentControlSet\Control\Session Manager\SubSystems" X3="Posix" />
<ITEM File="C:\WINXP\system32\stisvc.exe" CheckResult="-1" Enabled="-1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System" X3="EventMessageFile" />
<ITEM File="C:\WINXP\system32\wmpshell.dll" CheckResult="-1" Enabled="1" Type="REG" Size="99840" Attr="rsAh" CreateDate="08.07.2008 22:09:11" ChageDate="08.07.2008 22:09:11" MD5="EAE97F85DE84C33A8D35ED101068CFD7" X1="HKEY_LOCAL_MACHINE" X2="Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" X3="{8DD448E6-C188-4aed-AF92-44956194EB1F}" />
<ITEM File="C:\WINXP\system32\wmpshell.dll" CheckResult="-1" Enabled="1" Type="REG" Size="99840" Attr="rsAh" CreateDate="08.07.2008 22:09:11" ChageDate="08.07.2008 22:09:11" MD5="EAE97F85DE84C33A8D35ED101068CFD7" X1="HKEY_LOCAL_MACHINE" X2="Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" X3="{CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C}" />
<ITEM File="C:\WINXP\system32\wmpshell.dll" CheckResult="-1" Enabled="1" Type="REG" Size="99840" Attr="rsAh" CreateDate="08.07.2008 22:09:11" ChageDate="08.07.2008 22:09:11" MD5="EAE97F85DE84C33A8D35ED101068CFD7" X1="HKEY_LOCAL_MACHINE" X2="Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" X3="{F1B9284F-E9DC-4e68-9D7E-42362A59F0FD}" />
<ITEM File="WgaLogon.dll" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon" X3="DLLName" />
<ITEM File="c:\WINXP\Microsoft.NET\Framework\v2.0.50727\de\aspnet_rc.dll" CheckResult="-1" Enabled="-1" Type="REG" Size="94208" Attr="rsAh" CreateDate="26.07.2008 01:55:12" ChageDate="26.07.2008 01:55:12" MD5="4F4D85471C68DD8B566CA561B573BD65" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\Application\ASP.NET 2.0.50727.0" X3="EventMessageFile" />
<ITEM File="c:\WINXP\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll.mui" CheckResult="-1" Enabled="-1" Type="REG" Size="29696" Attr="rsAh" CreateDate="31.07.2008 02:19:54" ChageDate="31.07.2008 02:19:54" MD5="1D8712889531F46A93E9F2FC2DFC6048" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\Application\CardSpace 3.0.0.0" X3="EventMessageFile" />
<ITEM File="c:\WINXP\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll.mui" CheckResult="-1" Enabled="-1" Type="REG" Size="29696" Attr="rsAh" CreateDate="31.07.2008 02:19:54" ChageDate="31.07.2008 02:19:54" MD5="1D8712889531F46A93E9F2FC2DFC6048" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\Application\Microsoft.Transactions.Bridge 3.0.0.0" X3="EventMessageFile" />
<ITEM File="c:\WINXP\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll.mui" CheckResult="-1" Enabled="-1" Type="REG" Size="29696" Attr="rsAh" CreateDate="31.07.2008 02:19:54" ChageDate="31.07.2008 02:19:54" MD5="1D8712889531F46A93E9F2FC2DFC6048" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\Application\ServiceModel Audit 3.0.0.0" X3="EventMessageFile" />
<ITEM File="c:\WINXP\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll.mui" CheckResult="-1" Enabled="-1" Type="REG" Size="29696" Attr="rsAh" CreateDate="31.07.2008 02:19:54" ChageDate="31.07.2008 02:19:54" MD5="1D8712889531F46A93E9F2FC2DFC6048" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\Application\System.IdentityModel 3.0.0.0" X3="EventMessageFile" />
<ITEM File="c:\WINXP\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll.mui" CheckResult="-1" Enabled="-1" Type="REG" Size="29696" Attr="rsAh" CreateDate="31.07.2008 02:19:54" ChageDate="31.07.2008 02:19:54" MD5="1D8712889531F46A93E9F2FC2DFC6048" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\Application\System.IO.Log 3.0.0.0" X3="EventMessageFile" />
<ITEM File="c:\WINXP\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll.mui" CheckResult="-1" Enabled="-1" Type="REG" Size="29696" Attr="rsAh" CreateDate="31.07.2008 02:19:54" ChageDate="31.07.2008 02:19:54" MD5="1D8712889531F46A93E9F2FC2DFC6048" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\Application\System.Runtime.Serialization 3.0.0.0" X3="EventMessageFile" />
<ITEM File="c:\WINXP\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll.mui" CheckResult="-1" Enabled="-1" Type="REG" Size="29696" Attr="rsAh" CreateDate="31.07.2008 02:19:54" ChageDate="31.07.2008 02:19:54" MD5="1D8712889531F46A93E9F2FC2DFC6048" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\Application\System.ServiceModel 3.0.0.0" X3="EventMessageFile" />
<ITEM File="c:\WINXP\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll.mui" CheckResult="-1" Enabled="-1" Type="REG" Size="29696" Attr="rsAh" CreateDate="31.07.2008 02:19:54" ChageDate="31.07.2008 02:19:54" MD5="1D8712889531F46A93E9F2FC2DFC6048" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\SMSvcHost 3.0.0.0" X3="EventMessageFile" />
<ITEM File="c:\WINXP\system32\icardres.dll.mui" CheckResult="-1" Enabled="-1" Type="REG" Size="663552" Attr="rsAh" CreateDate="31.07.2008 02:19:54" ChageDate="31.07.2008 02:19:54" MD5="331248B58B886275FFFE22B73A7414C2" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\Application\CardSpace 3.0.0.0" X3="EventMessageFile" />
<ITEM File="deskpan.dll" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" X3="{42071714-76d4-11d1-8b24-00a0c9068ff3}" />
<ITEM File="mvfs32.dll" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_USERS" X2=".DEFAULT\Control Panel\IOProcs" X3="MVB" />
<ITEM File="mvfs32.dll" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_USERS" X2="S-1-5-19\Control Panel\IOProcs" X3="MVB" />
<ITEM File="mvfs32.dll" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_USERS" X2="S-1-5-20\Control Panel\IOProcs" X3="MVB" />
<ITEM File="mvfs32.dll" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_USERS" X2="S-1-5-18\Control Panel\IOProcs" X3="MVB" />
<ITEM File="mvfs32.dll" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_CURRENT_USER" X2="Control Panel\IOProcs" X3="MVB" />
<ITEM File="vgafix.fon" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="Software\Microsoft\Windows NT\CurrentVersion\WOW\boot" X3="fixedfon.fon" />
<ITEM File="vgaoem.fon" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="Software\Microsoft\Windows NT\CurrentVersion\WOW\boot" X3="oemfonts.fon" />
<ITEM File="vgasys.fon" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="Software\Microsoft\Windows NT\CurrentVersion\WOW\boot" X3="fonts.fon" />
</AUTORUN>
- <BHO>
<ITEM File="C:\Programme\ICQ7.2\ICQ.exe" CheckResult="-1" Enabled="1" BHOType="3" RegKey="HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions" CLSID="{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" Descr="ICQ" LegalCopyright="Copyright (c) 1998-2010 ICQ, LLC." Size="133432" Attr="rsAh" CreateDate="04.12.2010 20:24:14" ChageDate="05.01.2011 09:18:50" MD5="83EBCCC27098B1D1F20F72E10D6BF309" />
</BHO>
- <ExplorerExt>
<ITEM File="deskpan.dll" CheckResult="-1" Enabled="1" ExtType="1" ExtName="CPL-Erweiterung fьr Anzeigeverschiebung" RegKey="SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" CLSID="{42071714-76d4-11d1-8b24-00a0c9068ff3}" Descr="" LegalCopyright="" />
<ITEM File="" CheckResult="-1" Enabled="1" ExtType="1" ExtName="Shellerweiterungen fьr die Dateikomprimierung" RegKey="SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" CLSID="{764BF0E1-F219-11ce-972D-00AA00A14F56}" Descr="" LegalCopyright="" />
<ITEM File="" CheckResult="-1" Enabled="1" ExtType="1" ExtName="Kontextmenь fьr die Verschlьsselung" RegKey="SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" CLSID="{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA}" Descr="" LegalCopyright="" />
<ITEM File="" CheckResult="-1" Enabled="1" ExtType="1" ExtName="Microsoft Browser Architecture" RegKey="SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" CLSID="{BC476F4C-D9D7-4100-8D4E-E043F6DEC409}" Descr="" LegalCopyright="" />
<ITEM File="" CheckResult="-1" Enabled="1" ExtType="1" ExtName="IE User Assist" RegKey="SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" CLSID="{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75}" Descr="" LegalCopyright="" />
<ITEM File="" CheckResult="-1" Enabled="1" ExtType="1" ExtName="Taskleiste und Startmenь" RegKey="SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" CLSID="{0DF44EAA-FF21-4412-828E-260A8728E7F1}" Descr="" LegalCopyright="" />
<ITEM File="" CheckResult="-1" Enabled="1" ExtType="1" ExtName="Benutzerkonten" RegKey="SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" CLSID="{7A9D77BD-5403-11d2-8785-2E0420524153}" Descr="" LegalCopyright="" />
<ITEM File="C:\WINXP\system32\wmpshell.dll" CheckResult="-1" Enabled="1" ExtType="1" ExtName="Windows Media Player Burn Audio CD Context Menu Handler" RegKey="SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" CLSID="{8DD448E6-C188-4aed-AF92-44956194EB1F}" Descr="Windows Media Player-Launcher" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="99840" Attr="rsAh" CreateDate="08.07.2008 22:09:11" ChageDate="08.07.2008 22:09:11" MD5="EAE97F85DE84C33A8D35ED101068CFD7" />
<ITEM File="C:\WINXP\system32\wmpshell.dll" CheckResult="-1" Enabled="1" ExtType="1" ExtName="Windows Media Player Play as Playlist Context Menu Handler" RegKey="SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" CLSID="{CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C}" Descr="Windows Media Player-Launcher" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="99840" Attr="rsAh" CreateDate="08.07.2008 22:09:11" ChageDate="08.07.2008 22:09:11" MD5="EAE97F85DE84C33A8D35ED101068CFD7" />
<ITEM File="C:\WINXP\system32\wmpshell.dll" CheckResult="-1" Enabled="1" ExtType="1" ExtName="Windows Media Player Add to Playlist Context Menu Handler" RegKey="SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" CLSID="{F1B9284F-E9DC-4e68-9D7E-42362A59F0FD}" Descr="Windows Media Player-Launcher" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="99840" Attr="rsAh" CreateDate="08.07.2008 22:09:11" ChageDate="08.07.2008 22:09:11" MD5="EAE97F85DE84C33A8D35ED101068CFD7" />
<ITEM File="C:\Programme\WinRAR\rarext.dll" CheckResult="-1" Enabled="1" ExtType="1" ExtName="WinRAR shell extension" RegKey="SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" CLSID="{B41DB860-8EE4-11D2-9906-E49FADC173CA}" Descr="" LegalCopyright="" Size="120320" Attr="rsAh" CreateDate="19.11.2010 18:08:14" ChageDate="15.05.2003 14:43:24" MD5="77F809D8FC99062A219F61F6BA823F27" />
<ITEM File="@quot;C:\Programme\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll@quot;" CheckResult="-1" Enabled="1" ExtType="2" ExtName="ColumnHandler" RegKey="SOFTWARE\Classes\Folder\shellex\ColumnHandlers" CLSID="{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" Descr="" LegalCopyright="" />
</ExplorerExt>
<PrintEXT />
- <TaskScheduler>
<ITEM File="C:\Programme\Google\Update\GoogleUpdate.exe" CheckResult="-1" Enabled="46490336" Descr="" LegalCopyright="" />
<ITEM File="C:\Programme\Google\Update\GoogleUpdate.exe" CheckResult="-1" Enabled="46490336" Descr="" LegalCopyright="" />
</TaskScheduler>
- <SPI>
<ITEM File="C:\WINXP\System32\mswsock.dll" CheckResult="-1" SPIType="1" SPINaim="TCP/IP" Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="247296" Attr="rsAh" CreateDate="20.06.2008 18:46:10" ChageDate="20.06.2008 18:46:10" MD5="ACD8BD448A74F344D46FCAF21BAB92AF" />
<ITEM File="C:\WINXP\System32\winrnr.dll" CheckResult="-1" SPIType="1" SPINaim="NTDS" Descr="LDAP RnR Provider DLL" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="16896" Attr="rsAh" CreateDate="14.04.2008 13:00:00" ChageDate="14.04.2008 13:00:00" MD5="4934FF44C8B6AE7B4CA0118B3D2CF666" />
<ITEM File="C:\WINXP\System32\mswsock.dll" CheckResult="-1" SPIType="1" SPINaim="NLA-Namespace" Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="247296" Attr="rsAh" CreateDate="20.06.2008 18:46:10" ChageDate="20.06.2008 18:46:10" MD5="ACD8BD448A74F344D46FCAF21BAB92AF" />
<ITEM File="C:\WINXP\system32\wshbth.dll" CheckResult="-1" SPIType="1" SPINaim="Bluetooth-Namespace" Descr="Windows Sockets Helper DLL" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="108032" Attr="rsAh" CreateDate="14.04.2008 13:00:00" ChageDate="14.04.2008 13:00:00" MD5="41CCC4CD535579D27AEAB485B36CEB9E" />
<ITEM File="C:\WINXP\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD Tcpip [TCP/IP]" Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="247296" Attr="rsAh" CreateDate="20.06.2008 18:46:10" ChageDate="20.06.2008 18:46:10" MD5="ACD8BD448A74F344D46FCAF21BAB92AF" />
<ITEM File="C:\WINXP\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD Tcpip [UDP/IP]" Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="247296" Attr="rsAh" CreateDate="20.06.2008 18:46:10" ChageDate="20.06.2008 18:46:10" MD5="ACD8BD448A74F344D46FCAF21BAB92AF" />
<ITEM File="C:\WINXP\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD Tcpip [RAW/IP]" Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="247296" Attr="rsAh" CreateDate="20.06.2008 18:46:10" ChageDate="20.06.2008 18:46:10" MD5="ACD8BD448A74F344D46FCAF21BAB92AF" />
<ITEM File="C:\WINXP\system32\rsvpsp.dll" CheckResult="-1" SPIType="3" SPINaim="RSVP UDP Service Provider" Descr="Microsoft Windows Rsvp 1.0 Service Provider" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="92672" Attr="rsAh" CreateDate="14.04.2008 13:00:00" ChageDate="14.04.2008 13:00:00" MD5="D6BE7BE7BD2EBF5879ABAE3569432A50" />
<ITEM File="C:\WINXP\system32\rsvpsp.dll" CheckResult="-1" SPIType="3" SPINaim="RSVP TCP Service Provider" Descr="Microsoft Windows Rsvp 1.0 Service Provider" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="92672" Attr="rsAh" CreateDate="14.04.2008 13:00:00" ChageDate="14.04.2008 13:00:00" MD5="D6BE7BE7BD2EBF5879ABAE3569432A50" />
<ITEM File="C:\WINXP\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD RfComm [Bluetooth]" Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="247296" Attr="rsAh" CreateDate="20.06.2008 18:46:10" ChageDate="20.06.2008 18:46:10" MD5="ACD8BD448A74F344D46FCAF21BAB92AF" />
<ITEM File="C:\WINXP\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD NetBIOS [\Device\NetBT_Tcpip_{03B60DAA-04FE-4B2F-B401-17177B6915F2}] SEQPACKET 5" Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="247296" Attr="rsAh" CreateDate="20.06.2008 18:46:10" ChageDate="20.06.2008 18:46:10" MD5="ACD8BD448A74F344D46FCAF21BAB92AF" />
<ITEM File="C:\WINXP\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD NetBIOS [\Device\NetBT_Tcpip_{03B60DAA-04FE-4B2F-B401-17177B6915F2}] DATAGRAM 5" Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="247296" Attr="rsAh" CreateDate="20.06.2008 18:46:10" ChageDate="20.06.2008 18:46:10" MD5="ACD8BD448A74F344D46FCAF21BAB92AF" />
<ITEM File="C:\WINXP\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD NetBIOS [\Device\NetBT_Tcpip_{0207D25E-B278-4BE6-99CF-D0154067EF0C}] SEQPACKET 4" Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="247296" Attr="rsAh" CreateDate="20.06.2008 18:46:10" ChageDate="20.06.2008 18:46:10" MD5="ACD8BD448A74F344D46FCAF21BAB92AF" />
<ITEM File="C:\WINXP\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD NetBIOS [\Device\NetBT_Tcpip_{0207D25E-B278-4BE6-99CF-D0154067EF0C}] DATAGRAM 4" Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="247296" Attr="rsAh" CreateDate="20.06.2008 18:46:10" ChageDate="20.06.2008 18:46:10" MD5="ACD8BD448A74F344D46FCAF21BAB92AF" />
<ITEM File="C:\WINXP\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD NetBIOS [\Device\NetBT_Tcpip_{30034FC0-A686-4E7B-B33E-0CD451C8CE45}] SEQPACKET 3" Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="247296" Attr="rsAh" CreateDate="20.06.2008 18:46:10" ChageDate="20.06.2008 18:46:10" MD5="ACD8BD448A74F344D46FCAF21BAB92AF" />
<ITEM File="C:\WINXP\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD NetBIOS [\Device\NetBT_Tcpip_{30034FC0-A686-4E7B-B33E-0CD451C8CE45}] DATAGRAM 3" Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="247296" Attr="rsAh" CreateDate="20.06.2008 18:46:10" ChageDate="20.06.2008 18:46:10" MD5="ACD8BD448A74F344D46FCAF21BAB92AF" />
<ITEM File="C:\WINXP\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD NetBIOS [\Device\NetBT_Tcpip_{CB457AAE-66BF-44D4-94F6-ACD8A6EF4AFC}] SEQPACKET 0" Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="247296" Attr="rsAh" CreateDate="20.06.2008 18:46:10" ChageDate="20.06.2008 18:46:10" MD5="ACD8BD448A74F344D46FCAF21BAB92AF" />
<ITEM File="C:\WINXP\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD NetBIOS [\Device\NetBT_Tcpip_{CB457AAE-66BF-44D4-94F6-ACD8A6EF4AFC}] DATAGRAM 0" Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="247296" Attr="rsAh" CreateDate="20.06.2008 18:46:10" ChageDate="20.06.2008 18:46:10" MD5="ACD8BD448A74F344D46FCAF21BAB92AF" />
<ITEM File="C:\WINXP\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD NetBIOS [\Device\NetBT_Tcpip_{9EB94B69-24BA-4DEB-9CAD-72AA8DE57AE6}] SEQPACKET 1" Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="247296" Attr="rsAh" CreateDate="20.06.2008 18:46:10" ChageDate="20.06.2008 18:46:10" MD5="ACD8BD448A74F344D46FCAF21BAB92AF" />
<ITEM File="C:\WINXP\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD NetBIOS [\Device\NetBT_Tcpip_{9EB94B69-24BA-4DEB-9CAD-72AA8DE57AE6}] DATAGRAM 1" Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="247296" Attr="rsAh" CreateDate="20.06.2008 18:46:10" ChageDate="20.06.2008 18:46:10" MD5="ACD8BD448A74F344D46FCAF21BAB92AF" />
<ITEM File="C:\WINXP\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD NetBIOS [\Device\NetBT_Tcpip_{83D3FEAF-04AA-4894-A0CC-965444DC2244}] SEQPACKET 2" Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="247296" Attr="rsAh" CreateDate="20.06.2008 18:46:10" ChageDate="20.06.2008 18:46:10" MD5="ACD8BD448A74F344D46FCAF21BAB92AF" />
<ITEM File="C:\WINXP\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD NetBIOS [\Device\NetBT_Tcpip_{83D3FEAF-04AA-4894-A0CC-965444DC2244}] DATAGRAM 2" Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="247296" Attr="rsAh" CreateDate="20.06.2008 18:46:10" ChageDate="20.06.2008 18:46:10" MD5="ACD8BD448A74F344D46FCAF21BAB92AF" />
</SPI>
- <DPF>
<ITEM File="C:\WINXP\Downloaded Program Files\mglaunch_USAv1005.dll" CheckResult="-1" Enabled="1" RegKey="SOFTWARE\Microsoft\Code Store Database\Distribution Units" CLSID="{99CAAA27-FA0C-4FA4-B88A-4AB1CC7A17FE}" CodeBase="hxxp://www.netgame.com/mplugin/mglaunch_USAv1005.cab" Descr="mglaunch USA Module" LegalCopyright="Copyright 2009" Size="193688" Attr="rsAh" CreateDate="09.11.2009 17:10:58" ChageDate="09.11.2009 17:10:58" MD5="BB7B4E93ECF97345CB794A70328D720E" />
</DPF>
<CPL />
<ActiveSetup />
- <HOSTS>
<ITEM Line="127.0.0.1 localhost" />
</HOSTS>
- <ProtocolExt>
<ITEM File="mscoree.dll" CheckResult="-1" Enabled="1" RegKey="SOFTWARE\Classes\PROTOCOLS\Filter\application/octet-stream" CLSID="{1E66F26B-79EE-11D2-8710-00C04F79ED0D}" Descr="Microsoft .NET Runtime Execution Engine" LegalCopyright="© Microsoft Corporation. All rights reserved." />
<ITEM File="mscoree.dll" CheckResult="-1" Enabled="1" RegKey="SOFTWARE\Classes\PROTOCOLS\Filter\application/x-complus" CLSID="{1E66F26B-79EE-11D2-8710-00C04F79ED0D}" Descr="Microsoft .NET Runtime Execution Engine" LegalCopyright="© Microsoft Corporation. All rights reserved." />
<ITEM File="mscoree.dll" CheckResult="-1" Enabled="1" RegKey="SOFTWARE\Classes\PROTOCOLS\Filter\application/x-msdownload" CLSID="{1E66F26B-79EE-11D2-8710-00C04F79ED0D}" Descr="Microsoft .NET Runtime Execution Engine" LegalCopyright="© Microsoft Corporation. All rights reserved." />
<ITEM File="C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll" CheckResult="-1" Enabled="1" RegKey="SOFTWARE\Classes\PROTOCOLS\Handler\ms-help" CLSID="{314111c7-a502-11d2-bbca-00c04f8ec294}" Descr="Microsoft® Help Data Services Module" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="866304" Attr="rsAh" CreateDate="23.09.2005 04:28:18" ChageDate="23.09.2005 04:28:18" MD5="9EC943E08561E30A01839AC977C89F34" />
</ProtocolExt>
- <SuspFiles>
<ITEM File="J:\autorun.inf" VirType="3" Descr="HSC: suspicion for hidden startup (high degree of probability)" />
<ITEM File="C:\WINXP\system32\01.tmp" VirType="3" Descr="HSC: suspicion for File with suspicious name (CH) (high degree of probability)" />
</SuspFiles>
- <IPU>
<ITEM Code="1" X1="RemoteRegistry" X2="Remote-Registrierung" />
<ITEM Code="1" X1="TermService" X2="Terminaldienste" />
<ITEM Code="1" X1="SSDPSRV" X2="SSDP-Suchdienst" />
<ITEM Code="1" X1="Schedule" X2="Taskplaner" />
<ITEM Code="1" X1="mnmsrvc" X2="NetMeeting-Remotedesktop-Freigabe" />
<ITEM Code="1" X1="RDSessMgr" X2="Sitzungs-Manager fьr Remotedesktophilfe" />
<ITEM Code="2" />
<ITEM Code="3" />
<ITEM Code="5" />
<ITEM Code="8" X1="1" />
</IPU>
- <WIZARD-TSW>
<ITEM ID="58" Level="3" Fixed="0" />
<ITEM ID="59" Level="3" Fixed="0" />
<ITEM ID="61" Level="2" Fixed="0" />
<ITEM ID="86" Level="3" Fixed="0" />
</WIZARD-TSW>
</AVZ>
Danke im Vorraus Hier nochmal die Sys_Info als XML vllt. übersichtlicher für euch: rapidshare.com/#!download|151tl2|441207718|avz_sysinfo.zip|18 Werde jetzt nicht Backschreiben I-Net geht um 3:00 aus  Gute Nacht alle Geändert von Ruischa (07.01.2011 um 02:54 Uhr) |
| Themen zu Virus der alle Antivirus Seiten blockiert! |
| .com, 32 bit, administrator, antivirus, assembly, autorun, bho, blockiert, bootmode, browser, dll, einstellungen, explorer, google, helper, internet, internet explorer, launch, löschen, monitor, notification, policyagent, problem, programme, seiten, software, stick, studio, system, taskleiste, tcp/ip, virus, virus eingefangen, visual studio, winlogon.exe, wmpshell.dll |
Baum-Darstellung