|
Über Systemsteuerung-> Software müsstest du die Programme deinstallieren können. Dort sollten die Einträge eigentlich vorhanden sein. Zitat:
Spybot Search&Destroy und Ad-Aware |
nochmal kurz für mich...Bin nämlich blond.;O) Also den Search Helper habe ich mir nun über die Systemsteuerung deinstallieren können. Was genau sollte ich denn nun noch deinstallieren... Den Divx-Codec komlett inklusive der gaintrickler.exe? Und wofür brauche ich spyboot und ad-ware? |
Du wolltest den DivX-Codec doch unbedingt behalten. Die beiden Programme sollten in der Lage sein, nur die Adware zu entfernen. BTW: Treten deine Probleme noch auf? |
Weder Spyboot oder Ad-ware haben mir im abgesicherten Modus die Adware (trickler-exe) angezweigt, somit bekam ich auch leider nicht die Möglichkeit die beiden zu löschen. Und laut escan ist die Ad-Ware gaing_trickler nachwievor vorhanden. Das Problem beim Internet-Explorer hat sich leider nachwievor noch nicht erledigt. Versuche ich als Startseite eine Standardseite zu definieren, bekomme ich irgendwelche Zeichen angezeigt, aber nicht die Seite die ich eigentlich hier eintragen möchte. |
Lade und aktualisiere CWShredder und lass ihn laufen. Poste das Logfile. Zitat:
|
Escan gibt mir in seinem view log folgende Infos: Mon Jan 02 00:13:56 2006 => ***** Scanning Registry and File system for Adware/Spyware ***** Mon Jan 02 00:13:56 2006 => Loading Spyware Signatures from new External Database (Size: 146525). Mon Jan 02 00:13:59 2006 => Indexed Spyware Databases Successfully Created... Mon Jan 02 00:14:26 2006 => Offending Key found: HKLM\Software\gnu !!! Mon Jan 02 00:14:30 2006 => Object "bearshare Spyware/Adware" found in File System! Action Taken: No Action Taken. Mon Jan 02 00:14:31 2006 => Offending Key found: HKCU\Software\ed2k !!! Mon Jan 02 00:14:31 2006 => Object "bearshare Spyware/Adware" found in File System! Action Taken: No Action Taken. Mon Jan 02 00:14:31 2006 => Offending Key found: HKCU\Software\gnu !!! Mon Jan 02 00:14:31 2006 => Object "bearshare Spyware/Adware" found in File System! Action Taken: No Action Taken. Mon Jan 02 00:14:31 2006 => Offending Key found: HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartupReg\trickler !!! Mon Jan 02 00:14:31 2006 => Object "gain.gator Spyware/Adware" found in File System! Action Taken: No Action Taken. Mon Jan 02 00:14:43 2006 => System found infected with cws.therealsearch Spyware/Adware (waol.exe)! Action taken: No Action Taken. Mon Jan 02 00:14:43 2006 => System found infected with cws.therealsearch Spyware/Adware (waol.exe)! Action taken: No Action Taken. Mon Jan 02 00:14:43 2006 => Offending file found: C:\WINDOWS\system32\uninstall.exe Mon Jan 02 00:14:43 2006 => System found infected with cws.smartsearch Spyware/Adware (C:\WINDOWS\system32\uninstall.exe)! Action taken: No Action Taken. Mon Jan 02 00:14:44 2006 => ***** Scanning Registry for errors created because of Adware/Spyware ***** Mon Jan 02 00:14:44 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\System32\MSCOMCTL.OCX". Action Taken: No Action Taken. Mon Jan 02 00:14:45 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Gemeinsame Dateien\Ahead\DSFilter\NeVideoAnalyzer.ax". Action Taken: No Action Taken. Mon Jan 02 00:14:45 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Gemeinsame Dateien\Ahead\DSFilter\NeEm2a.dll". Action Taken: No Action Taken. Mon Jan 02 00:14:45 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Gemeinsame Dateien\Ahead\DSFilter\NeVcr.dll". Action Taken: No Action Taken. Mon Jan 02 00:14:45 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Gemeinsame Dateien\Ahead\DSFilter\em2v.dll". Action Taken: No Action Taken. Mon Jan 02 00:14:45 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Gemeinsame Dateien\Ahead\DSFilter\NeAcEnc.dll". Action Taken: No Action Taken. Mon Jan 02 00:14:45 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Gemeinsame Dateien\Ahead\DSFilter\NePSMuxer.ax". Action Taken: No Action Taken. Mon Jan 02 00:14:45 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero ShowTime\NeRSDB.dll". Action Taken: No Action Taken. Mon Jan 02 00:14:45 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero BackItUp\BackItUp.exe". Action Taken: No Action Taken. Mon Jan 02 00:14:45 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero BackItUp\BackItUp-Deu.nls". Action Taken: No Action Taken. Mon Jan 02 00:14:45 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\system32\COMDLG32.OCX". Action Taken: No Action Taken. Mon Jan 02 00:14:46 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\Downloaded Program Files\Snooker.dll". Action Taken: No Action Taken. Mon Jan 02 00:14:46 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Gemeinsame Dateien\Microsoft Shared\MSSearch\Bin\SRCHADM.DLL". Action Taken: No Action Taken. Mon Jan 02 00:14:46 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Gemeinsame Dateien\Microsoft Shared\MSSearch\Common\MSSITLB.DLL". Action Taken: No Action Taken. Mon Jan 02 00:14:46 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Gemeinsame Dateien\Microsoft Shared\MSSearch\Bin\MSSERROR.DLL". Action Taken: No Action Taken. Mon Jan 02 00:14:46 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Gemeinsame Dateien\Microsoft Shared\MSSearch\Bin\MSSADMWS.DLL". Action Taken: No Action Taken. Mon Jan 02 00:14:46 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Gemeinsame Dateien\Microsoft Shared\MSSearch\Bin\MSSADMIN.DLL". Action Taken: No Action Taken. Mon Jan 02 00:14:46 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Gemeinsame Dateien\Microsoft Shared\MSSearch\Bin\SrchAdmStp.exe". Action Taken: No Action Taken. Mon Jan 02 00:14:47 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\msimn.exe" refers to invalid object "%ProgramFiles%\Outlook Express\msimn.exe". Action Taken: No Action Taken. Mon Jan 02 00:14:47 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\wab.exe" refers to invalid object "%ProgramFiles%\Outlook Express\wab.exe". Action Taken: No Action Taken. Mon Jan 02 00:14:47 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\wabmig.exe" refers to invalid object "%ProgramFiles%\Outlook Express\wabmig.exe". Action Taken: No Action Taken. Mon Jan 02 00:14:48 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Programme\Gemeinsame Dateien\Symantec Shared\Script Blocking\". Action Taken: No Action Taken. Mon Jan 02 00:14:48 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Works\". Action Taken: No Action Taken. Mon Jan 02 00:14:48 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Programme\Gemeinsame Dateien\Microsoft Shared\MSSearch\Bin\". Action Taken: No Action Taken. Mon Jan 02 00:14:48 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Programme\Gemeinsame Dateien\Microsoft Shared\MSSearch\". Action Taken: No Action Taken. Mon Jan 02 00:14:48 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Programme\Gemeinsame Dateien\Microsoft Shared\MSSearch\Common\". Action Taken: No Action Taken. Mon Jan 02 00:14:48 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Programme\ahead\Nero ToolKit\". Action Taken: No Action Taken. Mon Jan 02 00:14:48 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Programme\Yanicsoft\WinXP Manager\". Action Taken: No Action Taken. Mon Jan 02 00:14:48 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Programme\Yanicsoft\". Action Taken: No Action Taken. Mon Jan 02 00:14:49 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Programme\Nokia\". Action Taken: No Action Taken. Mon Jan 02 00:14:49 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Programme\Nokia\Nokia PC Suite 6\". Action Taken: No Action Taken. Mon Jan 02 00:14:49 2006 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".$$$". Action Taken: No Action Taken. Mon Jan 02 00:14:49 2006 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".001_004cPfrei". Action Taken: No Action Taken. Mon Jan 02 00:14:49 2006 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".7z". Action Taken: No Action Taken. Mon Jan 02 00:14:49 2006 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".ABI". Action Taken: No Action Taken. Mon Jan 02 00:14:49 2006 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".bak". Action Taken: No Action Taken. Mon Jan 02 00:14:49 2006 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".cdp". Action Taken: No Action Taken. Mon Jan 02 00:14:49 2006 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".dat". Action Taken: No Action Taken. Mon Jan 02 00:14:49 2006 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".dump". Action Taken: No Action Taken. Mon Jan 02 00:14:49 2006 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".lic". Action Taken: No Action Taken. Mon Jan 02 00:14:49 2006 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".npl". Action Taken: No Action Taken. Mon Jan 02 00:14:49 2006 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".part". Action Taken: No Action Taken. Mon Jan 02 00:14:49 2006 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".sbi". Action Taken: No Action Taken. Mon Jan 02 00:14:49 2006 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".sfv". Action Taken: No Action Taken. Mon Jan 02 00:14:49 2006 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".SPW". Action Taken: No Action Taken. Mon Jan 02 00:14:49 2006 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".THM". Action Taken: No Action Taken. Mon Jan 02 00:14:49 2006 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".tmp". Action Taken: No Action Taken. Mon Jan 02 00:14:49 2006 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".xvid". Action Taken: No Action Taken. Mon Jan 02 00:14:49 2006 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".~lk". Action Taken: No Action Taken. Mon Jan 02 00:14:49 2006 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object "OpenWithList". Action Taken: No Action Taken. Mon Jan 02 00:14:49 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Ad-aware 6 Personal". Action Taken: No Action Taken. Mon Jan 02 00:14:49 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "AOL Privacy Protection". Action Taken: No Action Taken. Mon Jan 02 00:14:49 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "bdeplayer". Action Taken: No Action Taken. Mon Jan 02 00:14:49 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "DownloadWare". Action Taken: No Action Taken. Mon Jan 02 00:14:49 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "FirstLook". Action Taken: No Action Taken. Mon Jan 02 00:14:49 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "GSpot". Action Taken: No Action Taken. Mon Jan 02 00:14:49 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "HDCleaner". Action Taken: No Action Taken. Mon Jan 02 00:14:49 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "IrfanView". Action Taken: No Action Taken. Mon Jan 02 00:14:49 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "MediaLoads Enhanced". Action Taken: No Action Taken. Mon Jan 02 00:14:49 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "NeroVision!UninstallKey". Action Taken: No Action Taken. Mon Jan 02 00:14:49 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "SaveNow". Action Taken: No Action Taken. Mon Jan 02 00:14:49 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "XviD". Action Taken: No Action Taken. Mon Jan 02 00:14:49 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{2AB5E1A3-0A89-11D6-9C3F-0001021625FE}". Action Taken: No Action Taken. Mon Jan 02 00:14:49 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{5D422994-9E10-11D4-AEB1-00D0B7237D97}". Action Taken: No Action Taken. Mon Jan 02 00:14:49 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{61C1E4FF-3203-4CE0-B4AF-6480607D0AA3}". Action Taken: No Action Taken. Mon Jan 02 00:14:49 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{8F8A0923-9987-4791-9014-968B5A984A4B}". Action Taken: No Action Taken. Mon Jan 02 00:14:49 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{A2756524-E9F9-4AC1-AF4E-15F3460ACB3E}". Action Taken: No Action Taken. Mon Jan 02 00:14:49 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{EDCD4CE3-DE92-49A9-87F9-FE09B2FBA16C}". Action Taken: No Action Taken. Mon Jan 02 00:14:49 2006 => Entry "HKCR\CLSID\{06BE7323-EF34-11d1-ACD8-00C04FA31009}" refers to invalid object "%ProgramFiles%\Outlook Express\msoe.dll". Action Taken: No Action Taken. Mon Jan 02 00:14:49 2006 => Entry "HKCR\CLSID\{0A522730-A626-11D0-8D60-00C04FD6202B}" refers to invalid object "%ProgramFiles%\Outlook Express\oeimport.dll". Action Taken: No Action Taken. Mon Jan 02 00:14:49 2006 => Entry "HKCR\CLSID\{0A522732-A626-11D0-8D60-00C04FD6202B}" refers to invalid object "%ProgramFiles%\Outlook Express\oeimport.dll". Action Taken: No Action Taken. Mon Jan 02 00:14:49 2006 => Entry "HKCR\CLSID\{0A522733-A626-11D0-8D60-00C04FD6202B}" refers to invalid object "%ProgramFiles%\Outlook Express\oeimport.dll". Action Taken: No Action Taken. Mon Jan 02 00:14:50 2006 => Entry "HKCR\CLSID\{101A8FB9-F1B9-11d1-9A56-00C04FA309D4}" refers to invalid object "%ProgramFiles%\Outlook Express\msoe.dll". Action Taken: No Action Taken. Mon Jan 02 00:14:50 2006 => Entry "HKCR\CLSID\{1198A2C0-0940-11d1-838F-00C04FBD7C09}" refers to invalid object "%ProgramFiles%\Outlook Express\oeimport.dll". Action Taken: No Action Taken. Mon Jan 02 00:14:50 2006 => Entry "HKCR\CLSID\{233A9692-667E-11d1-9DFB-006097D50408}" refers to invalid object "%ProgramFiles%\Outlook Express\msoe.dll". Action Taken: No Action Taken. Mon Jan 02 00:14:50 2006 => Entry "HKCR\CLSID\{233A9694-667E-11d1-9DFB-006097D50408}" refers to invalid object "%ProgramFiles%\Outlook Express\msoe.dll". Action Taken: No Action Taken. Mon Jan 02 00:14:50 2006 => Entry "HKCR\CLSID\{2524A5A2-6DE6-433B-A067-33AAA8CF1587}" refers to invalid object "c:\PROGRA~2\INTERA~1\INTERA~1\iplayer.exe". Action Taken: No Action Taken. Mon Jan 02 00:14:50 2006 => Entry "HKCR\CLSID\{32714800-2E5F-11d0-8B85-00AA0044F941}" refers to invalid object "C:\Programme\Outlook Express\wabfind.dll". Action Taken: No Action Taken. Mon Jan 02 00:14:51 2006 => Entry "HKCR\CLSID\{5F8F8CE7-96A6-11D3-B183-D2896D000000}" refers to invalid object "C:\PROGRA~1\Nokia\NOKIAP~1\PcSync2.exe". Action Taken: No Action Taken. Mon Jan 02 00:14:51 2006 => Entry "HKCR\CLSID\{5F8F8DC9-96A6-11D3-B183-D2896D000000}" refers to invalid object "C:\PROGRA~1\Nokia\NOKIAP~1\PcSync2.exe". Action Taken: No Action Taken. Mon Jan 02 00:14:51 2006 => Entry "HKCR\CLSID\{626BAFE1-E5D6-11D1-B1DD-006097D503D9}" refers to invalid object "%ProgramFiles%\Outlook Express\msoe.dll". Action Taken: No Action Taken. Mon Jan 02 00:14:51 2006 => Entry "HKCR\CLSID\{6F74FDC5-E366-11d1-9A4E-00C04FA309D4}" refers to invalid object "%ProgramFiles%\Outlook Express\msoe.dll". Action Taken: No Action Taken. |
Mon Jan 02 00:14:51 2006 => Entry "HKCR\CLSID\{6F74FDC6-E366-11d1-9A4E-00C04FA309D4}" refers to invalid object "%ProgramFiles%\Outlook Express\msoe.dll". Action Taken: No Action Taken. Mon Jan 02 00:14:51 2006 => Entry "HKCR\CLSID\{8F0C5675-AEEF-11d0-84F0-00C04FD43F8F}" refers to invalid object "%ProgramFiles%\Outlook Express\msoe.dll". Action Taken: No Action Taken. Mon Jan 02 00:14:52 2006 => Entry "HKCR\CLSID\{A08AF898-C2A3-11d1-BE23-00C04FA31009}" refers to invalid object "%ProgramFiles%\Outlook Express\msoe.dll". Action Taken: No Action Taken. Mon Jan 02 00:14:52 2006 => Entry "HKCR\CLSID\{A1006DE3-2173-11d2-9A7C-00C04FA309D4}" refers to invalid object "%ProgramFiles%\Outlook Express\oemiglib.dll". Action Taken: No Action Taken. Mon Jan 02 00:14:52 2006 => Entry "HKCR\CLSID\{A1031BAF-3039-4dd6-BC5E-522F007DAF8B}" refers to invalid object ""C:\Programme\Messenger\msmsgs.exe"". Action Taken: No Action Taken. Mon Jan 02 00:14:52 2006 => Entry "HKCR\CLSID\{abc00000-0000-0000-0000-000000000000}" refers to invalid object "%ProgramFiles%\Outlook Express\msoe.dll". Action Taken: No Action Taken. Mon Jan 02 00:14:52 2006 => Entry "HKCR\CLSID\{B7AAC060-2638-11d1-83A9-00C04FBD7C09}" refers to invalid object "%ProgramFiles%\Outlook Express\oeimport.dll". Action Taken: No Action Taken. Mon Jan 02 00:14:52 2006 => Entry "HKCR\CLSID\{B977CB11-1FF5-11d2-9A7A-00C04FA309D4}" refers to invalid object "%ProgramFiles%\Outlook Express\oeimport.dll". Action Taken: No Action Taken. Mon Jan 02 00:14:52 2006 => Entry "HKCR\CLSID\{BC20CB75-A981-460e-81D4-F06F61B59247}" refers to invalid object ""C:\Programme\Messenger\msmsgs.exe"". Action Taken: No Action Taken. Mon Jan 02 00:14:52 2006 => Entry "HKCR\CLSID\{BCE9E2E7-1FDD-11d2-9A79-00C04FA309D4}" refers to invalid object "%ProgramFiles%\Outlook Express\oeimport.dll". Action Taken: No Action Taken. Mon Jan 02 00:14:52 2006 => Entry "HKCR\CLSID\{BE09F473-7FEB-11d2-9962-00C04FA309D4}" refers to invalid object "%ProgramFiles%\Outlook Express\msoe.dll". Action Taken: No Action Taken. Mon Jan 02 00:14:52 2006 => Entry "HKCR\CLSID\{C6F46A3A-01EC-41c1-9BD7-E1D99CD188F2}" refers to invalid object "C:\Dokumente und Einstellungen\xxxxx\.housecall\ExtUICallback.dll". Action Taken: No Action Taken. Mon Jan 02 00:14:52 2006 => Entry "HKCR\CLSID\{CAE80521-F685-11d1-AF32-00C04FA31B90}" refers to invalid object "%ProgramFiles%\Outlook Express\msoe.dll". Action Taken: No Action Taken. Mon Jan 02 00:14:53 2006 => Entry "HKCR\CLSID\{E0B8F398-BB08-4298-87F0-34502693902E}" refers to invalid object ""C:\Programme\Messenger\msmsgs.exe"". Action Taken: No Action Taken. Mon Jan 02 00:14:53 2006 => Entry "HKCR\CLSID\{E70C92A9-4BFD-11d1-8A95-00C04FB951F3}" refers to invalid object "%ProgramFiles%\Outlook Express\msoe.dll". Action Taken: No Action Taken. Mon Jan 02 00:14:53 2006 => Entry "HKCR\CLSID\{F8632B0C-2EB4-4391-8DF4-45DADBCF9F45}" refers to invalid object "C:\Programme\Gemeinsame Dateien\Microsoft Shared\MSPaper\MSPSCAN.EXE /StiDevice:%1 /StiEvent:%2". Action Taken: No Action Taken. Mon Jan 02 00:14:53 2006 => Entry "HKCR\TypeLib\{1679484B-ACA8-42C0-8934-AB2968790E3C}" refers to invalid object "C:\Dokumente und Einstellungen\xxxxx\.housecall\ExtUICallback.dll". Action Taken: No Action Taken. Mon Jan 02 00:14:53 2006 => Entry "HKCR\TypeLib\{60ACE49B-F247-4E12-B740-EF8DB1941D0F}" refers to invalid object "C:\Programme\ewido anti-malware\context.dll". Action Taken: No Action Taken. Mon Jan 02 00:14:54 2006 => Entry "HKCR\.iti" refers to invalid object "ITIClient.Document". Action Taken: No Action Taken. Mon Jan 02 00:14:54 2006 => Entry "HKCR\Automatische Zuordnung.Map.EU" refers to invalid object "{A49EEA01-9231-4C77-AA9E-2F89D72B4804}". Action Taken: No Action Taken. Mon Jan 02 00:14:54 2006 => Entry "HKCR\Automatische Zuordnung.Map.EU.9" refers to invalid object "{A49EEA01-9231-4C77-AA9E-2F89D72B4804}". Action Taken: No Action Taken. Mon Jan 02 00:14:54 2006 => Entry "HKCR\Automatische Zuordnung.Template.EU.9" refers to invalid object "{A49EEA01-9231-4C77-AA9E-2F89D72B4804}". Action Taken: No Action Taken. Mon Jan 02 00:14:54 2006 => Entry "HKCR\BinFileImage\shell\open\command" refers to invalid object ""C:\Programme\Smart Projects\IsoBuster\IsoBuster.exe" "%1"". Action Taken: No Action Taken. Mon Jan 02 00:14:54 2006 => Entry "HKCR\bittorrent\shell\open\command" refers to invalid object ""C:\Programme\Shareaza\Shareaza.exe" "%1"". Action Taken: No Action Taken. Mon Jan 02 00:14:54 2006 => Entry "HKCR\CDblListClass" refers to invalid object "{AE1229E1-02C0-11D5-A0F1-00A0CC596826}". Action Taken: No Action Taken. Mon Jan 02 00:14:54 2006 => Entry "HKCR\Class" refers to invalid object "{A9AC8FDE-6DA4-4D90-B6F8-5EB24CA74B9B}". Action Taken: No Action Taken. Mon Jan 02 00:14:54 2006 => Entry "HKCR\CLngListClass" refers to invalid object "{2C04D3C1-FE11-11D4-A0F1-00A0CC596826}". Action Taken: No Action Taken. Mon Jan 02 00:14:54 2006 => Entry "HKCR\Context.test" refers to invalid object "{57BD36D7-CE32-4600-9B1C-1A0C47EFC02E}". Action Taken: No Action Taken. Mon Jan 02 00:14:54 2006 => Entry "HKCR\Context.test.1" refers to invalid object "{57BD36D7-CE32-4600-9B1C-1A0C47EFC02E}". Action Taken: No Action Taken. Mon Jan 02 00:14:54 2006 => Entry "HKCR\Control.1" refers to invalid object "{A0739DE5-571F-11D2-A031-0060977F760C}". Action Taken: No Action Taken. Mon Jan 02 00:14:54 2006 => Entry "HKCR\CueFileImage\shell\open\command" refers to invalid object ""C:\Programme\Smart Projects\IsoBuster\IsoBuster.exe" "%1"". Action Taken: No Action Taken. Mon Jan 02 00:14:55 2006 => Entry "HKCR\gnet\shell\open\command" refers to invalid object ""C:\Programme\Shareaza\Shareaza.exe" "%L"". Action Taken: No Action Taken. Mon Jan 02 00:14:55 2006 => Entry "HKCR\gnutella\shell\open\command" refers to invalid object ""C:\Programme\Shareaza\Shareaza.exe" "%L"". Action Taken: No Action Taken. Mon Jan 02 00:14:55 2006 => Entry "HKCR\IrfanView.ani\shell\open\command" refers to invalid object ""C:\Programme\IrfanView\I_VIEW32.EXE" "%1"". Action Taken: No Action Taken. Mon Jan 02 00:14:55 2006 => Entry "HKCR\IrfanView.b3d\shell\open\command" refers to invalid object ""C:\Programme\IrfanView\I_VIEW32.EXE" "%1"". Action Taken: No Action Taken. Mon Jan 02 00:14:55 2006 => Entry "HKCR\IrfanView.cam\shell\open\command" refers to invalid object ""C:\Programme\IrfanView\I_VIEW32.EXE" "%1"". Action Taken: No Action Taken. Mon Jan 02 00:14:55 2006 => Entry "HKCR\IrfanView.clp\shell\open\command" refers to invalid object ""C:\Programme\IrfanView\I_VIEW32.EXE" "%1"". Action Taken: No Action Taken. Mon Jan 02 00:14:55 2006 => Entry "HKCR\IrfanView.cr2\shell\open\command" refers to invalid object ""C:\Programme\IrfanView\I_VIEW32.EXE" "%1"". Action Taken: No Action Taken. Mon Jan 02 00:14:55 2006 => Entry "HKCR\IrfanView.crw\shell\open\command" refers to invalid object ""C:\Programme\IrfanView\I_VIEW32.EXE" "%1"". Action Taken: No Action Taken. Mon Jan 02 00:14:55 2006 => Entry "HKCR\IrfanView.cur\shell\open\command" refers to invalid object ""C:\Programme\IrfanView\I_VIEW32.EXE" "%1"". Action Taken: No Action Taken. Mon Jan 02 00:14:55 2006 => Entry "HKCR\IrfanView.dcm\shell\open\command" refers to invalid object ""C:\Programme\IrfanView\I_VIEW32.EXE" "%1"". Action Taken: No Action Taken. Mon Jan 02 00:14:55 2006 => Entry "HKCR\IrfanView.dcx\shell\open\command" refers to invalid object ""C:\Programme\IrfanView\I_VIEW32.EXE" "%1"". Action Taken: No Action Taken. Mon Jan 02 00:14:55 2006 => Entry "HKCR\IrfanView.dds\shell\open\command" refers to invalid object ""C:\Programme\IrfanView\I_VIEW32.EXE" "%1"". Action Taken: No Action Taken. Mon Jan 02 00:14:55 2006 => Entry "HKCR\IrfanView.djvu\shell\open\command" refers to invalid object ""C:\Programme\IrfanView\I_VIEW32.EXE" "%1"". Action Taken: No Action Taken. Mon Jan 02 00:14:55 2006 => Entry "HKCR\IrfanView.ecw\shell\open\command" refers to invalid object ""C:\Programme\IrfanView\I_VIEW32.EXE" "%1"". Action Taken: No Action Taken. Mon Jan 02 00:14:55 2006 => Entry "HKCR\IrfanView.eps\shell\open\command" refers to invalid object ""C:\Programme\IrfanView\I_VIEW32.EXE" "%1"". Action Taken: No Action Taken. Mon Jan 02 00:14:55 2006 => Entry "HKCR\IrfanView.fsh\shell\open\command" refers to invalid object ""C:\Programme\IrfanView\I_VIEW32.EXE" "%1"". Action Taken: No Action Taken. Mon Jan 02 00:14:55 2006 => Entry "HKCR\IrfanView.g3\shell\open\command" refers to invalid object ""C:\Programme\IrfanView\I_VIEW32.EXE" "%1"". Action Taken: No Action Taken. Mon Jan 02 00:14:55 2006 => Entry "HKCR\IrfanView.icl\shell\open\command" refers to invalid object ""C:\Programme\IrfanView\I_VIEW32.EXE" "%1"". Action Taken: No Action Taken. Mon Jan 02 00:14:55 2006 => Entry "HKCR\IrfanView.ics\shell\open\command" refers to invalid object ""C:\Programme\IrfanView\I_VIEW32.EXE" "%1"". Action Taken: No Action Taken. Mon Jan 02 00:14:55 2006 => Entry "HKCR\IrfanView.ids\shell\open\command" refers to invalid object ""C:\Programme\IrfanView\I_VIEW32.EXE" "%1"". Action Taken: No Action Taken. Mon Jan 02 00:14:55 2006 => Entry "HKCR\IrfanView.iff\shell\open\command" refers to invalid object ""C:\Programme\IrfanView\I_VIEW32.EXE" "%1"". Action Taken: No Action Taken. Mon Jan 02 00:14:55 2006 => Entry "HKCR\IrfanView.jng\shell\open\command" refers to invalid object ""C:\Programme\IrfanView\I_VIEW32.EXE" "%1"". Action Taken: No Action Taken. Mon Jan 02 00:14:55 2006 => Entry "HKCR\IrfanView.jp2\shell\open\command" refers to invalid object ""C:\Programme\IrfanView\I_VIEW32.EXE" "%1"". Action Taken: No Action Taken. Mon Jan 02 00:14:55 2006 => Entry "HKCR\IrfanView.jpm\shell\open\command" refers to invalid object ""C:\Programme\IrfanView\I_VIEW32.EXE" "%1"". Action Taken: No Action Taken. Mon Jan 02 00:14:55 2006 => Entry "HKCR\IrfanView.kdc\shell\open\command" refers to invalid object ""C:\Programme\IrfanView\I_VIEW32.EXE" "%1"". Action Taken: No Action Taken. Mon Jan 02 00:14:55 2006 => Entry "HKCR\IrfanView.ldf\shell\open\command" refers to invalid object ""C:\Programme\IrfanView\I_VIEW32.EXE" "%1"". Action Taken: No Action Taken. Mon Jan 02 00:14:55 2006 => Entry "HKCR\IrfanView.lwf\shell\open\command" refers to invalid object ""C:\Programme\IrfanView\I_VIEW32.EXE" "%1"". Action Taken: No Action Taken. Mon Jan 02 00:14:55 2006 => Entry "HKCR\IrfanView.mng\shell\open\command" refers to invalid object ""C:\Programme\IrfanView\I_VIEW32.EXE" "%1"". Action Taken: No Action Taken. Mon Jan 02 00:14:55 2006 => Entry "HKCR\IrfanView.nlm\shell\open\command" refers to invalid object ""C:\Programme\IrfanView\I_VIEW32.EXE" "%1"". Action Taken: No Action Taken. Mon Jan 02 00:14:55 2006 => Entry "HKCR\IrfanView.pbm\shell\open\command" refers to invalid object ""C:\Programme\IrfanView\I_VIEW32.EXE" "%1"". Action Taken: No Action Taken. Mon Jan 02 00:14:55 2006 => Entry "HKCR\IrfanView.pcd\shell\open\command" refers to invalid object ""C:\Programme\IrfanView\I_VIEW32.EXE" "%1"". Action Taken: No Action Taken. Mon Jan 02 00:14:55 2006 => Entry "HKCR\IrfanView.pcx\shell\open\command" refers to invalid object ""C:\Programme\IrfanView\I_VIEW32.EXE" "%1"". Action Taken: No Action Taken. Mon Jan 02 00:14:55 2006 => Entry "HKCR\IrfanView.pgm\shell\open\command" refers to invalid object ""C:\Programme\IrfanView\I_VIEW32.EXE" "%1"". Action Taken: No Action Taken. Mon Jan 02 00:14:55 2006 => Entry "HKCR\IrfanView.ppm\shell\open\command" refers to invalid object ""C:\Programme\IrfanView\I_VIEW32.EXE" "%1"". Action Taken: No Action Taken. Mon Jan 02 00:14:55 2006 => Entry "HKCR\IrfanView.psp\shell\open\command" refers to invalid object ""C:\Programme\IrfanView\I_VIEW32.EXE" "%1"". Action Taken: No Action Taken. Mon Jan 02 00:14:55 2006 => Entry "HKCR\IrfanView.ras\shell\open\command" refers to invalid object ""C:\Programme\IrfanView\I_VIEW32.EXE" "%1"". Action Taken: No Action Taken. Mon Jan 02 00:14:55 2006 => Entry "HKCR\IrfanView.raw\shell\open\command" refers to invalid object ""C:\Programme\IrfanView\I_VIEW32.EXE" "%1"". Action Taken: No Action Taken. Mon Jan 02 00:14:55 2006 => Entry "HKCR\IrfanView.rle\shell\open\command" refers to invalid object ""C:\Programme\IrfanView\I_VIEW32.EXE" "%1"". Action Taken: No Action Taken. Mon Jan 02 00:14:55 2006 => Entry "HKCR\IrfanView.sff\shell\open\command" refers to invalid object ""C:\Programme\IrfanView\I_VIEW32.EXE" "%1"". Action Taken: No Action Taken. Mon Jan 02 00:14:55 2006 => Entry "HKCR\IrfanView.sfw\shell\open\command" refers to invalid object ""C:\Programme\IrfanView\I_VIEW32.EXE" "%1"". Action Taken: No Action Taken. Mon Jan 02 00:14:55 2006 => Entry "HKCR\IrfanView.sgi\shell\open\command" refers to invalid object ""C:\Programme\IrfanView\I_VIEW32.EXE" "%1"". Action Taken: No Action Taken. Mon Jan 02 00:14:55 2006 => Entry "HKCR\IrfanView.sid\shell\open\command" refers to invalid object ""C:\Programme\IrfanView\I_VIEW32.EXE" "%1"". Action Taken: No Action Taken. Mon Jan 02 00:14:55 2006 => Entry "HKCR\IrfanView.tga\shell\open\command" refers to invalid object ""C:\Programme\IrfanView\I_VIEW32.EXE" "%1"". Action Taken: No Action Taken. Mon Jan 02 00:14:55 2006 => Entry "HKCR\IrfanView.wbmp\shell\open\command" refers to invalid object ""C:\Programme\IrfanView\I_VIEW32.EXE" "%1"". Action Taken: No Action Taken. Mon Jan 02 00:14:55 2006 => Entry "HKCR\IrfanView.xbm\shell\open\command" refers to invalid object ""C:\Programme\IrfanView\I_VIEW32.EXE" "%1"". Action Taken: No Action Taken. Mon Jan 02 00:14:55 2006 => Entry "HKCR\IrfanView.xpm\shell\open\command" refers to invalid object ""C:\Programme\IrfanView\I_VIEW32.EXE" "%1"". Action Taken: No Action Taken. Mon Jan 02 00:14:55 2006 => Entry "HKCR\MCI.MMControl" refers to invalid object "{C1A8AF25-1257-101B-8FB0-0020AF039CA3}". Action Taken: No Action Taken. Mon Jan 02 00:14:55 2006 => Entry "HKCR\MCI.MMControl.1" refers to invalid object "{C1A8AF25-1257-101B-8FB0-0020AF039CA3}". Action Taken: No Action Taken. Mon Jan 02 00:14:55 2006 => Entry "HKCR\met_auto_file\shell\open\command" refers to invalid object ""C:\Dokumente und Einstellungen\xxxxx\Desktop\gdonkey.exe" "%1"". Action Taken: No Action Taken. Mon Jan 02 00:14:55 2006 => Entry "HKCR\Microsoft Internet Mail Message\shell\open\command" refers to invalid object ""%ProgramFiles%\Outlook Express\msimn.exe" /eml:%1". Action Taken: No Action Taken. Mon Jan 02 00:14:55 2006 => Entry "HKCR\Microsoft Internet News Message\shell\open\command" refers to invalid object ""%ProgramFiles%\Outlook Express\msimn.exe" /nws:%1". Action Taken: No Action Taken. Mon Jan 02 00:14:55 2006 => Entry "HKCR\mp2p\shell\open\command" refers to invalid object ""C:\Programme\Shareaza\Shareaza.exe" "%L"". Action Taken: No Action Taken. Mon Jan 02 00:14:55 2006 => Entry "HKCR\MSSearch.Admin" refers to invalid object "{C7310572-AC80-11D1-8DF3-00C04FB6EF4F}". Action Taken: No Action Taken. Mon Jan 02 00:14:55 2006 => Entry "HKCR\MSSearch.Admin.1" refers to invalid object "{C7310572-AC80-11D1-8DF3-00C04FB6EF4F}". Action Taken: No Action Taken. Mon Jan 02 00:14:56 2006 => Entry "HKCR\NBBACKUPType\shell\open\command" refers to invalid object ""C:\Programme\Ahead\Nero BackItUp\backitup.exe" "%1"". Action Taken: No Action Taken. Mon Jan 02 00:14:56 2006 => Entry "HKCR\NBCOMPRESSType\shell\open\command" refers to invalid object ""C:\Programme\Ahead\Nero BackItUp\nbr.exe" "%1"". Action Taken: No Action Taken. Mon Jan 02 00:14:56 2006 => Entry "HKCR\NBJOBType\shell\open\command" refers to invalid object ""C:\Programme\Ahead\Nero BackItUp\nbj.exe" "%1"". Action Taken: No Action Taken. Mon Jan 02 00:14:56 2006 => Entry "HKCR\nntp\shell\open\command" refers to invalid object ""%ProgramFiles%\Outlook Express\msimn.exe" /newsurl:%1". Action Taken: No Action Taken. Mon Jan 02 00:14:56 2006 => Entry "HKCR\ObjCreator.ObjCreator" refers to invalid object "{C73105A3-AC80-11D1-8DF3-00C04FB6EF4F}". Action Taken: No Action Taken. Mon Jan 02 00:14:56 2006 => Entry "HKCR\ObjCreator.ObjCreator.1" refers to invalid object "{C73105A3-AC80-11D1-8DF3-00C04FB6EF4F}". Action Taken: No Action Taken. Mon Jan 02 00:14:56 2006 => Entry "HKCR\ogmfile\shell\open\command" refers to invalid object ""C:\Programme\K-Lite Codec Pack\media player classic\mplayerc.exe" "%L"". Action Taken: No Action Taken. Mon Jan 02 00:14:56 2006 => Entry "HKCR\Plenoptic.Plenoptic" refers to invalid object "{607C27E9-AB27-11d3-A116-A0EA50C10801}". Action Taken: No Action Taken. Mon Jan 02 00:14:56 2006 => Entry "HKCR\Plenoptic.Plenoptic.1" refers to invalid object "{607C27E9-AB27-11d3-A116-A0EA50C10801}". Action Taken: No Action Taken. Mon Jan 02 00:14:56 2006 => Entry "HKCR\shareaza\shell\open\command" refers to invalid object ""C:\Programme\Shareaza\Shareaza.exe" "%L"". Action Taken: No Action Taken. Mon Jan 02 00:14:56 2006 => Entry "HKCR\Shareaza.AVIPreviewer.1" refers to invalid object "{394011F0-6D5C-42a3-96C6-24B9AD6B010C}". Action Taken: No Action Taken. Mon Jan 02 00:14:56 2006 => Entry "HKCR\Shareaza.AVIThumb.1" refers to invalid object "{4956C5F5-D9A8-4CBB-8994-F53CF55CFDF5}". Action Taken: No Action Taken. Mon Jan 02 00:14:56 2006 => Entry "HKCR\Shareaza.Collection\shell\open\command" refers to invalid object ""C:\Programme\Shareaza\Shareaza.exe" "%1"". Action Taken: No Action Taken. Mon Jan 02 00:14:56 2006 => Entry "HKCR\Shareaza.ImageViewerPlugin.1" refers to invalid object "{2EE9D739-7726-41cf-8F18-4B1B8763BC63}". Action Taken: No Action Taken. Mon Jan 02 00:14:56 2006 => Entry "HKCR\Shareaza.JPEGReader.1" refers to invalid object "{5E6309F2-9971-4683-9445-F548E81BEC07}". Action Taken: No Action Taken. Mon Jan 02 00:14:56 2006 => Entry "HKCR\Shareaza.MediaPlayer.1" refers to invalid object "{3DC28AA6-A597-4E03-96DF-ADA19155B0BE}". Action Taken: No Action Taken. Mon Jan 02 00:14:56 2006 => Entry "HKCR\Shareaza.MP3Previewer.1" refers to invalid object "{BF00DBCC-90A2-4f46-8171-7D4F929D035F}". Action Taken: No Action Taken. Mon Jan 02 00:14:56 2006 => Entry "HKCR\Shareaza.MPEGPreviewer.1" refers to invalid object "{9AA8DF47-B8FE-47da-AB1A-2DAA0DA0B646}". Action Taken: No Action Taken. Mon Jan 02 00:14:56 2006 => Entry "HKCR\Shareaza.PNGReader.1" refers to invalid object "{D427C22F-23FB-4E51-A8B8-70F2036ED3BA}". Action Taken: No Action Taken. Mon Jan 02 00:14:56 2006 => Entry "HKCR\Shareaza.SimpleScope.1" refers to invalid object "{591A5CFF-3172-4020-A067-238542DDE9C2}". Action Taken: No Action Taken. Mon Jan 02 00:14:56 2006 => Entry "HKCR\Shareaza.SkinFile\shell\open\command" refers to invalid object ""C:\Programme\Shareaza\skin.exe" "%1"". Action Taken: No Action Taken. Mon Jan 02 00:14:56 2006 => Entry "HKCR\Shareaza.SkinInfoExtractor.1" refers to invalid object "{0EEDB912-C5FA-486F-8334-57288578C627}". Action Taken: No Action Taken. Mon Jan 02 00:14:56 2006 => Entry "HKCR\Shareaza.SoniqueVis.1" refers to invalid object "{D07E630D-A850-4f11-AD29-3D3848B67EFE}". Action Taken: No Action Taken. Mon Jan 02 00:14:56 2006 => Entry "HKCR\Shareaza.VideoThumb.1" refers to invalid object "{17BF74FD-69AF-4BD5-A982-EA6DE6F3449C}". Action Taken: No Action Taken. Mon Jan 02 00:14:56 2006 => Entry "HKCR\Shareaza.WMPVis.1" refers to invalid object "{C3B7B25C-6B8B-481A-BC48-59F9A6F7B69A}". Action Taken: No Action Taken. Mon Jan 02 00:14:56 2006 => Entry "HKCR\snews\shell\open\command" refers to invalid object ""%ProgramFiles%\Outlook Express\msimn.exe" /newsurl:%1". Action Taken: No Action Taken. Mon Jan 02 00:14:56 2006 => Entry "HKCR\StrList.UDTList" refers to invalid object "{DA4AC941-0775-11D5-A0F1-00A0CC596826}". Action Taken: No Action Taken. Mon Jan 02 00:14:56 2006 => Entry "HKCR\StrList.UDTList.1" refers to invalid object "{DA4AC941-0775-11D5-A0F1-00A0CC596826}". Action Taken: No Action Taken. Mon Jan 02 00:14:56 2006 => Entry "HKCR\Winamp3.File\shell\open\command" refers to invalid object ""C:\Programme\Winamp3\Studio.exe" "%1"". Action Taken: No Action Taken. Mon Jan 02 00:14:56 2006 => Entry "HKCR\Winamp3.Playlist\shell\open\command" refers to invalid object ""C:\Programme\Winamp3\Studio.exe" "%1"". Action Taken: No Action Taken. Mon Jan 02 00:14:56 2006 => Entry "HKCR\Winamp3.SkinZip\shell\open\command" refers to invalid object ""C:\Programme\Winamp3\Studio.exe" "/installskin=%1"". Action Taken: No Action Taken. Mon Jan 02 00:14:56 2006 => Entry "HKCR\WMPPublsihCntr.WMPPublsihCntr" refers to invalid object "{939438A9-CF0F-44d8-9140-599736F0D3A2}". Action Taken: No Action Taken. Mon Jan 02 00:14:56 2006 => Entry "HKCR\WMPPublsihCntr.WMPPublsihCntr.1" refers to invalid object "{939438A9-CF0F-44d8-9140-599736F0D3A2}". Action Taken: No Action Taken. |
System Report vom CWShredder **** Run Keys **** RUN: [LWBMOUSE] C:\Programme\iWare\iWare Mouse\3.2\lwbwheel.exe RUN: [AOLDialer] C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe RUN: [AVGCtrl] C:\Programme\AVPersonal\AVGNT.EXE /min RUN: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_06\bin\jusched.exe RUN: [HostManager] C:\Programme\Gemeinsame Dateien\AOL\1135703820\ee\AOLHostManager.exe RUN: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime **** Browser Helper Objects **** BHO: [AcroIEHlprObj Class] C:\Programme\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx BHO: [SSVHelper Class] C:\Programme\Java\jre1.5.0_06\bin\ssv.dll **** IE Toolbars **** TOOLBAR: [&Radio] C:\WINDOWS\System32\msdxm.ocx **** IE Extensions **** IEExt: [Web Browser Applet Control] C:\WINDOWS\System32\msjava.dll IEExt: [AOL Instant Messenger (TM)] C:\WINDOWS\System32\msjava.dll IEExt: [Real.com] C:\WINDOWS\System32\msjava.dll **** Hosts File Entries **** HOSTS: 127.0.0.1 localhost HOSTS: 127.0.0.1 localhost **** IE Settings **** Local Page: C:\WINDOWS\System32\blank.htm Search Bar: http://www.google.com/ie Search Page: http://www.google.com **** IE Context Menu (Right click) **** **** Layered Service Providers **** LSP: MSAFD Tcpip [TCP/IP] LSP: MSAFD Tcpip [UDP/IP] LSP: RSVP UDP Service Provider LSP: RSVP TCP Service Provider LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{FDCD44A7-C558-4FE2-8B48-6487D72D5325}] SEQPACKET 6 LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{FDCD44A7-C558-4FE2-8B48-6487D72D5325}] DATAGRAM 6 LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{598E5D85-B87C-42A4-8408-353556F566BE}] SEQPACKET 2 LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{598E5D85-B87C-42A4-8408-353556F566BE}] DATAGRAM 2 LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{80871756-6345-458E-888E-CA15BBBC1C1F}] SEQPACKET 0 LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{80871756-6345-458E-888E-CA15BBBC1C1F}] DATAGRAM 0 LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{38E6F71B-E48D-4C8F-AC4F-8AC6C726A75A}] SEQPACKET 1 LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{38E6F71B-E48D-4C8F-AC4F-8AC6C726A75A}] DATAGRAM 1 LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{A31B1583-28A1-460C-B038-DBB1FA35D25D}] SEQPACKET 3 LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{A31B1583-28A1-460C-B038-DBB1FA35D25D}] DATAGRAM 3 LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{7B420890-69E3-4604-9756-6BF56779F84A}] SEQPACKET 4 LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{7B420890-69E3-4604-9756-6BF56779F84A}] DATAGRAM 4 LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{A1AB573F-7CD4-4EBB-9922-DA462CEEED43}] SEQPACKET 5 LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{A1AB573F-7CD4-4EBB-9922-DA462CEEED43}] DATAGRAM 5 LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{9B0D66ED-9AE8-4536-8BE1-DE2E35A01CC6}] SEQPACKET 7 LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{9B0D66ED-9AE8-4536-8BE1-DE2E35A01CC6}] DATAGRAM 7 **** Blocked Control Panel Items **** BLOCKED: [ncpa.cpl] No BLOCKED: [odbccp32.cpl] No **** Downloaded Program Files **** DirectAnimation Java Classes [file://C:\WINDOWS\Java\classes\dajava.cab] Microsoft XML Parser for Java [file://C:\WINDOWS\Java\classes\xmldso.cab] {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} [http://www.apple.com/qtactivex/qtplugin.cab] {166B1BCA-3F9C-11CF-8075-444553540000} [http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab] {33564D57-0000-0010-8000-00AA00389B71} [http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB] {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} [http://aolcc.aol.de/computercheckup/qdiagcc.cab] C:\WINDOWS\System32\DAntivirus.ini C:\WINDOWS\System32\DView.cfg C:\WINDOWS\System32\DProg.ini C:\WINDOWS\System32\DLPT.sys C:\WINDOWS\System32\DDMI.VXD C:\WINDOWS\System32\DLPT.VXD C:\WINDOWS\System32\DDMI2.sys C:\WINDOWS\System32\qdiagcc.ocx {6414512B-B978-451D-A0D8-FCFDF33E833C} [http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1135851086796] {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} [http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1135851632328] {8AD9C840-044E-11D1-B3E9-00805F499D93} [http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab] {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} [http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab] {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab] {D27CDB6E-AE6D-11CF-96B8-444553540000} [http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab] **** Windows Services **** [Alerter] %SystemRoot%\System32\svchost.exe -k LocalService [ALG] %SystemRoot%\System32\alg.exe [AntiVirService] "C:\Programme\AVPersonal\AVGUARD.EXE" [AOL ACS] "C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe" [AppMgmt] %SystemRoot%\system32\svchost.exe -k netsvcs [aspnet_state] %SystemRoot%\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [AudioSrv] %SystemRoot%\System32\svchost.exe -k netsvcs [AVWUpSrv] "C:\Programme\AVPersonal\AVWUPSRV.EXE" [BITS] %SystemRoot%\System32\svchost.exe -k netsvcs [Browser] %SystemRoot%\System32\svchost.exe -k netsvcs [CiSvc] %SystemRoot%\system32\cisvc.exe [ClipSrv] %SystemRoot%\system32\clipsrv.exe [COMSysApp] C:\WINDOWS\System32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} [CryptSvc] %SystemRoot%\system32\svchost.exe -k netsvcs [Dhcp] %SystemRoot%\System32\svchost.exe -k netsvcs [dmadmin] %SystemRoot%\System32\dmadmin.exe /com [dmserver] %SystemRoot%\System32\svchost.exe -k netsvcs [Dnscache] %SystemRoot%\System32\svchost.exe -k NetworkService [ERSvc] %SystemRoot%\System32\svchost.exe -k netsvcs [Eventlog] %SystemRoot%\system32\services.exe [EventSystem] C:\WINDOWS\System32\svchost.exe -k netsvcs [FastUserSwitchingCompatibility] %SystemRoot%\System32\svchost.exe -k netsvcs [helpsvc] %SystemRoot%\System32\svchost.exe -k netsvcs [HidServ] %SystemRoot%\System32\svchost.exe -k netsvcs [ImapiService] C:\WINDOWS\System32\imapi.exe [lanmanserver] %SystemRoot%\System32\svchost.exe -k netsvcs [lanmanworkstation] %SystemRoot%\System32\svchost.exe -k netsvcs [LexBceS] C:\WINDOWS\system32\LEXBCES.EXE [LmHosts] %SystemRoot%\System32\svchost.exe -k LocalService [MDM] "C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe" [Messenger] %SystemRoot%\System32\svchost.exe -k netsvcs [mnmsrvc] C:\WINDOWS\System32\mnmsrvc.exe [MSDTC] C:\WINDOWS\System32\msdtc.exe [MSIServer] C:\WINDOWS\System32\msiexec.exe /V [NetDDE] %SystemRoot%\system32\netdde.exe [NetDDEdsdm] %SystemRoot%\system32\netdde.exe [Netlogon] %SystemRoot%\System32\lsass.exe [Netman] %SystemRoot%\System32\svchost.exe -k netsvcs [Nla] %SystemRoot%\System32\svchost.exe -k netsvcs [NtLmSsp] %SystemRoot%\System32\lsass.exe [NtmsSvc] %SystemRoot%\system32\svchost.exe -k netsvcs [NVSvc] %SystemRoot%\System32\nvsvc32.exe [PlugPlay] %SystemRoot%\system32\services.exe [PolicyAgent] %SystemRoot%\System32\lsass.exe [ProtectedStorage] %SystemRoot%\system32\lsass.exe [RasAuto] %SystemRoot%\System32\svchost.exe -k netsvcs [RasMan] %SystemRoot%\System32\svchost.exe -k netsvcs [RDSessMgr] C:\WINDOWS\system32\sessmgr.exe [RemoteAccess] %SystemRoot%\System32\svchost.exe -k netsvcs [RpcLocator] %SystemRoot%\System32\locator.exe [RpcSs] %SystemRoot%\system32\svchost -k rpcss [RSVP] %SystemRoot%\System32\rsvp.exe [SamSs] %SystemRoot%\system32\lsass.exe [SCardDrv] %SystemRoot%\System32\SCardSvr.exe [SCardSvr] %SystemRoot%\System32\SCardSvr.exe [Schedule] %SystemRoot%\System32\svchost.exe -k netsvcs [seclogon] %SystemRoot%\System32\svchost.exe -k netsvcs [SENS] %SystemRoot%\system32\svchost.exe -k netsvcs [SharedAccess] %SystemRoot%\System32\svchost.exe -k netsvcs [ShellHWDetection] %SystemRoot%\System32\svchost.exe -k netsvcs [SLService] slserv.exe [Spooler] %SystemRoot%\system32\spoolsv.exe [srservice] %SystemRoot%\System32\svchost.exe -k netsvcs [SSDPSRV] %SystemRoot%\System32\svchost.exe -k LocalService [stisvc] %SystemRoot%\System32\svchost.exe -k imgsvc [SwPrv] C:\WINDOWS\System32\dllhost.exe /Processid:{150E2623-C14B-4B3C-ABD5-34F2693A67F1} [SysmonLog] %SystemRoot%\system32\smlogsvc.exe [TapiSrv] %SystemRoot%\System32\svchost.exe -k netsvcs [TermService] %SystemRoot%\System32\svchost.exe -k netsvcs [Themes] %SystemRoot%\System32\svchost.exe -k netsvcs [TrkWks] %SystemRoot%\system32\svchost.exe -k netsvcs [uploadmgr] %SystemRoot%\System32\svchost.exe -k netsvcs [upnphost] %SystemRoot%\System32\svchost.exe -k LocalService [UPS] %SystemRoot%\System32\ups.exe [VSS] %SystemRoot%\System32\vssvc.exe [W32Time] %SystemRoot%\System32\svchost.exe -k netsvcs [WANMiniportService] "C:\WINDOWS\wanmpsvc.exe" [WebClient] %SystemRoot%\System32\svchost.exe -k LocalService [winmgmt] %systemroot%\system32\svchost.exe -k netsvcs [WmdmPmSN] %SystemRoot%\System32\svchost.exe -k netsvcs [WmiApSrv] C:\WINDOWS\System32\wbem\wmiapsrv.exe [wuauserv] %systemroot%\system32\svchost.exe -k netsvcs [WZCSVC] %SystemRoot%\System32\svchost.exe -k netsvcs **** Custom IE Search Items **** SEARCH: [SearchAssistant] http://www.google.com/ie SEARCH: [CustomizeSearch] http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm **** Complete IE Options **** IEOPT: [NoUpdateCheck] IEOPT: [NoJITSetup] IEOPT: [Disable Script Debugger] yes IEOPT: [Start Page] http://www.u2tour.de/ IEOPT: [Show_ChannelBand] No IEOPT: [Anchor Underline] yes IEOPT: [Cache_Update_Frequency] Once_Per_Session IEOPT: [Display Inline Images] yes IEOPT: [Do404Search] IEOPT: [Local Page] C:\WINDOWS\System32\blank.htm IEOPT: [Save_Session_History_On_Exit] no IEOPT: [Show_FullURL] no IEOPT: [Show_StatusBar] yes IEOPT: [Show_ToolBar] yes IEOPT: [Show_URLinStatusBar] yes IEOPT: [Show_URLToolBar] yes IEOPT: [Use_DlgBox_Colors] yes IEOPT: [FullScreen] no IEOPT: [Window_Placement] , IEOPT: [Use FormSuggest] yes IEOPT: [ShowedCheckBrowser] Yes IEOPT: [Error Dlg Displayed On Every Error] no IEOPT: [Error Dlg Details Pane Open] no IEOPT: [NotifyDownloadComplete] no IEOPT: [Check_Associations] no IEOPT: [Use Search Asst] no IEOPT: [AddToFavoritesExpanded] IEOPT: [FormSuggest PW Ask] no IEOPT: [Force Offscreen Composition] IEOPT: [Enable Browser Extensions] yes IEOPT: [ShowGoButton] yes IEOPT: [NoWebJITSetup] IEOPT: [Friendly http errors] yes IEOPT: [FavIntelliMenus] no IEOPT: [NscSingleExpand] IEOPT: [SmoothScroll] IEOPT: [Page_Transitions] IEOPT: [AllowWindowReuse] IEOPT: [UseThemes] IEOPT: [Print_Background] no IEOPT: [Expand Alt Text] yes IEOPT: [Move System Caret] no IEOPT: [Play_Animations] yes IEOPT: [Enable AutoImageResize] yes IEOPT: [Enable_MyPics_Hoverbar] yes IEOPT: [Show image placeholders] IEOPT: [Play_Background_Sounds] yes IEOPT: [Display Inline Videos] yes IEOPT: [LastCheckedHi] IEOPT: [Use Custom Search URL] IEOPT: [AutoSearch] IEOPT: [Search Page] http://www.google.com IEOPT: [Search Bar] http://www.google.com/ie IEOPT: [Enable_Disk_Cache] yes IEOPT: [Cache_Percent_of_Disk] IEOPT: [Delete_Temp_Files_On_Exit] yes IEOPT: [Local Page] %SystemRoot%\system32\blank.htm IEOPT: [Anchor_Visitation_Horizon] IEOPT: [Use_Async_DNS] yes IEOPT: [Placeholder_Width] IEOPT: [Placeholder_Height] IEOPT: [Start Page] about:blank IEOPT: [CompanyName] Microsoft Corporation IEOPT: [Custom_Key] MICROSO IEOPT: [Wizard_Version] 6.00.2800.1017 IEOPT: [FullScreen] no IEOPT: [Check_Associations] no |
| Alle Zeitangaben in WEZ +1. Es ist jetzt 03:04 Uhr. |
Copyright ©2000-2025, Trojaner-Board