Hallodri!
Seit mehreren Wochen meldet Antivir täglich verschiedene Dateien als Virus, welche sich immer wieder von alleine erstellen wenn ich diese lösche.. Hier ein Paar Beispiele aus der Logfile von Antivir:
C:\PROGRAMME\GEMEINSAME DATEIEN\QORDTCQE\QPNQOEDRDR\PCUARSNSN.EXE
[INFO] Die Datei wurde gelöscht!
12.10.2005,23:50:11 [WARNUNG] Enthält eine Signatur des (gefährlichen) Backdoorprogrammes BDS/Agent.AY!
C:\PROGRAMME\GEMEINSAME DATEIEN\QORDTCQE\BUSQMTLC\CAURRTPB.EXE
[INFO] Die Datei wurde gelöscht!
13.10.2005,23:10:09 [WARNUNG] Enthält eine Signatur des (gefährlichen) Backdoorprogrammes BDS/Agent.AY!
C:\PROGRAMME\GEMEINSAME DATEIEN\QORDTCQE\QPNQOEDRDR\PCUARSNSN.EXE
[INFO] Die Datei wurde gelöscht!
14.10.2005,00:00:16 [WARNUNG] Enthält eine Signatur des (gefährlichen) Backdoorprogrammes BDS/Agent.AY!
C:\PROGRAMME\GEMEINSAME DATEIEN\QORDTCQE\BUSQMTLC\CAURRTPB.EXE
[INFO] Die Datei wurde gelöscht!
15.10.2005,00:10:12 [WARNUNG] Enthält eine Signatur des (gefährlichen) Backdoorprogrammes BDS/Agent.AY!
C:\PROGRAMME\GEMEINSAME DATEIEN\QORDTCQE\BUSQMTLC\CAURRTPB.EXE
[INFO] Die Datei wurde gelöscht!
14.10.2005,23:10:23 [WARNUNG] Enthält eine Signatur des (gefährlichen) Backdoorprogrammes BDS/Agent.AY!
C:\PROGRAMME\GEMEINSAME DATEIEN\QORDTCQE\QPNQOEDRDR\PCUARSNSN.EXE
[INFO] Die Datei wurde gelöscht!
Ich habe schon mal eine Logfile mit Hijackthis gemacht, welche ihr hier seht:
Logfile of HijackThis v1.99.1
Scan saved at 12:26:21, on 14.10.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Gemeinsame Dateien\Logitech\Bluetooth\LBTSERV.EXE
C:\WINDOWS\system32\spoolsv.exe
e:\Programme\AVPersonal\AVGUARD.EXE
e:\Programme\AVPersonal\AVWUPSRV.EXE
C:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Programme\Logitech\Easy Synchronization\servicestub.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Logitech\Easy Synchronization\LogitechEasySync.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
E:\Programme\VMware\VMware Workstation\vmware-authd.exe
C:\WINDOWS\system32\vmnat.exe
C:\WINDOWS\system32\vmnetdhcp.exe
C:\WINDOWS\System32\nvraidservice.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Programme\Java\jre1.5.0_04\bin\jusched.exe
C:\Programme\Gemeinsame Dateien\CMEII\CMESys.exe
C:\Programme\D-Tools\daemon.exe
C:\Programme\WinFast\WFTVFM\WFWIZ.exe
C:\Programme\Logitech\iTouch\iTouch.exe
C:\Programme\MSI\Live Update 3\LMonitor.exe
E:\Programme\AVPersonal\AVGNT.EXE
C:\Programme\Logitech\MediaLife\MediaLifeService.exe
C:\Programme\Logitech\SetPoint\LBTWiz.exe
C:\Programme\Logitech\Easy Synchronization\LogitechEasySync.exe
C:\Programme\WinPortrait\wpctrl.exe
C:\WINDOWS\System32\wbem\unsecapp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Programme\MSI\Core Center\CoreCenter.exe
C:\Programme\Logitech\SetPoint\SetPoint.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Programme\Gemeinsame Dateien\GMT\GMT.exe
C:\Programme\WinPortrait\floater.exe
C:\Programme\Gemeinsame Dateien\Logitech\KHAL\KHALMNPR.EXE
C:\Programme\ICQ\Icq.exe
E:\Programme\totalcmd\Totalcmd.exe
C:\Programme\MYIE2\MyIE.exe
C:\Programme\MessengerPlus! 3\MsgPlus.exe
C:\Programme\MSN Messenger\msnmsgr.exe
E:\Programme\Steam\Steam.exe
E:\Programme\Winamp\winamp.exe
C:\Programme\IrfanView\I_VIEW32.EXE
E:\Programme\hijackthis\HijackThis.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Programme\GetRight\xx2gr.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NVRaidService] C:\WINDOWS\System32\nvraidservice.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Programme\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [CMESys] "C:\Programme\Gemeinsame Dateien\CMEII\CMESys.exe"
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Programme\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WinFast Schedule] C:\Programme\WinFast\WFTVFM\WFWIZ.exe
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Programme\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [LiveMonitor] C:\Programme\MSI\Live Update 3\LMonitor.exe
O4 - HKLM\..\Run: [AVGCtrl] "e:\Programme\AVPersonal\AVGNT.EXE" /min
O4 - HKLM\..\Run: [MediaLifeService] "C:\Programme\Logitech\MediaLife\MediaLifeService.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Logitech BT Wizard] LBTWiz.exe -silent
O4 - HKLM\..\Run: [Easy Synchronization] C:\Programme\Logitech\Easy Synchronization\LogitechEasySync.exe
O4 - HKLM\..\Run: [PivotSoftware] "C:\Programme\WinPortrait\wpctrl.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: CoreCenter.lnk = C:\Programme\MSI\Core Center\CoreCenter.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programme\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &Google-Suche - res://C:\Programme\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Ins Deutsche übersetzen - res://C:\Programme\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Download with GetRight - C:\Programme\GetRight\GRdownload.htm
O8 - Extra context menu item: Im Cache gespeicherte Seite - res://C:\Programme\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://E:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Open with GetRight Browser - C:\Programme\GetRight\GRbrowse.htm
O8 - Extra context menu item: Verweisseiten - res://C:\Programme\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Ähnliche Seiten - res://C:\Programme\Google\GoogleToolbar1.dll/cmsimilar.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/Mi ... b31267.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 4292611562
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnme ... loader.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/So ... b31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{20DDBBE0-A60B-41C2-AE05-9F0108759DDD}: NameServer = 192.168.0.1
O18 - Protocol: bw+0 - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {6AD36612-0985-4E01-84EE-49247DC7687F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: LBTWlgn - c:\programme\gemeinsame dateien\logitech\bluetooth\LBTWlgn.dll
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - e:\Programme\AVPersonal\AVGUARD.EXE
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - e:\Programme\AVPersonal\AVWUPSRV.EXE
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech Inc. - C:\Programme\Gemeinsame Dateien\Logitech\Bluetooth\LBTSERV.EXE
O23 - Service: Logitech Easy Synchronization - Unknown owner - C:\Programme\Logitech\Easy Synchronization\servicestub.exe
O23 - Service: MATLAB Server (matlabserver) - Unknown owner - e:\Programme\MATLAB704\webserver\bin\win32\matlabserver.exe
O23 - Service: WinFast(R) Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - E:\Programme\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe
Ich habe auch schon einen escan durchgeführt, dessen Logfile ist allerdings sehr groß (laut MS Word 27 Seiten) Ist es eigentlich wirklich notwendig den escan im abgesicherten Modus durchzuführen? Der abgesicherte Modus ist äußerst lästig zu starten und schlecht zu benutzen (keine Grafikkartentreiber etc.)
Vielen Dank schon mal für die Hilfe!
FrEe
Warum kostenlos registrieren?
Nur als registriertes Mitglied hast Du vollen Zugriff auf alle Funktionen unserer Website. So kannst Du eigene Fragen stellen und hast die volle Übersicht über neue interessante Themen im Forum.
Jetzt kostenlos registrieren.
Login
Ordner/Dateien erstellen sich alleine,AntiVir meldet diese
12 Beiträge • Seite 1 von 1
von automatix am 17.10.2005, 15:33
Ich weiß nicht was mehr Arbeit macht, die Kiste formatieren oder die 80-90 Einträge löschen.
Wenn du in die Textbox dein Log einträgst und dann auf auswerten klickst, bekommst du die automatische Auswertung. Alles was "?" und "!" ist bitte fixen und dann neu starten. Dann nochmal das Hjt ausführen und das Log hier posten.
Wenn du in die Textbox dein Log einträgst und dann auf auswerten klickst, bekommst du die automatische Auswertung. Alles was "?" und "!" ist bitte fixen und dann neu starten. Dann nochmal das Hjt ausführen und das Log hier posten.
- automatix
- Administrator
- Beiträge: 14557
- Registriert: 12.09.2004, 13:58
- Wohnort: 95138 Bad Steben
von Holy Marcell am 17.10.2005, 17:25
@Automatix bitte verweise nicht (unerfahrene?) user auf diese Seite.
FORMATIERE schleunigst! und Nach dem format installierst du alle windows-updates und dieses hier:
Firewall: SyGate
* Modernster Schutz, den eine Software heute bieten kann:
Intruder Detection System, Protokollschutz auf 4 Ebenen,
Active Response, Anti IP, Anti- MAC Spoofing,
Application DLL Approving, Firewall Termination Prevention
* Multilayer-Firewall
* TCP/IP-, UDP- und ICMP-IP-Schutz
* Backtrace/WHOIS
* Automatische Einrichtung und selbständiger Schutz nach der Installation
* Umfangreiche Statistikfunktionen
(www.sygate.de)
Zur Privaten Nutzung Kostenlos
Antiviren: Antivir
* Schutz vor kostenverursachenden Einwahlprogrammen (Dialer)
* erkennt und entfernt über 130.000 Viren
* zahlreiche Bestnoten bei Tests in Fachzeitschriften
* der ständig aktive Virenwächter wacht permanent über Ihre Software,
beispielsweise bei Downloads aus dem Internet
* Suche von Makroviren und Reparatur infizierter Dateien
* Schutz vor bislang unbekannten Makroviren
* Schutz vor Trojanern, Würmern, Backdoors, Jokes und anderen schädlichen Programmen
* klare Bedienung
* leichte Aktualisierung durch Internet-Update-Wizard
* Schutz vor unbekannten Bootsektor- und Master-Bootsektorviren
(www.free-av.de)
Download zum Privaten gebrauch kostenlos
Anti-Spyware: SpyBot Serch & Destroy
* Eine Anwendung, die nach Spyware, Adware, Hijackern und anderer
bösartiger Software sucht.Eine Anwendung, die nach Spyware, Adware,
Hijackern und anderer bösartiger Software sucht.
(http://www.safer-networking.org/de/download/index.html)
Download Frei
Anti-Adware: Ad-Aware
Download frei
FORMATIERE schleunigst! und Nach dem format installierst du alle windows-updates und dieses hier:
Firewall: SyGate
* Modernster Schutz, den eine Software heute bieten kann:
Intruder Detection System, Protokollschutz auf 4 Ebenen,
Active Response, Anti IP, Anti- MAC Spoofing,
Application DLL Approving, Firewall Termination Prevention
* Multilayer-Firewall
* TCP/IP-, UDP- und ICMP-IP-Schutz
* Backtrace/WHOIS
* Automatische Einrichtung und selbständiger Schutz nach der Installation
* Umfangreiche Statistikfunktionen
(www.sygate.de)
Zur Privaten Nutzung Kostenlos
Antiviren: Antivir
* Schutz vor kostenverursachenden Einwahlprogrammen (Dialer)
* erkennt und entfernt über 130.000 Viren
* zahlreiche Bestnoten bei Tests in Fachzeitschriften
* der ständig aktive Virenwächter wacht permanent über Ihre Software,
beispielsweise bei Downloads aus dem Internet
* Suche von Makroviren und Reparatur infizierter Dateien
* Schutz vor bislang unbekannten Makroviren
* Schutz vor Trojanern, Würmern, Backdoors, Jokes und anderen schädlichen Programmen
* klare Bedienung
* leichte Aktualisierung durch Internet-Update-Wizard
* Schutz vor unbekannten Bootsektor- und Master-Bootsektorviren
(www.free-av.de)
Download zum Privaten gebrauch kostenlos
Anti-Spyware: SpyBot Serch & Destroy
* Eine Anwendung, die nach Spyware, Adware, Hijackern und anderer
bösartiger Software sucht.Eine Anwendung, die nach Spyware, Adware,
Hijackern und anderer bösartiger Software sucht.
(http://www.safer-networking.org/de/download/index.html)
Download Frei
Anti-Adware: Ad-Aware
Download frei- Holy Marcell
von mrfreeman1985 am 17.10.2005, 18:03
Ist das dein Ernst mit der Formatierung? Reicht denn wenigstens die Systempartition, denn sonst wäre ich erstmal ne ganze weile mit brennen beschäftigt (400gb hdd) und ich wüsste auch ehrlich gesagt nicht, was ich brennen kann und was nicht, da ich nicht weiss, was befallen ist von Viren und was nicht..
Naja danke schonmal im VOrraus für die ermunternden Antworten =)
FrEe
Naja danke schonmal im VOrraus für die ermunternden Antworten =)
FrEe
- mrfreeman1985
- Beiträge: 5
- Registriert: 17.10.2005, 14:06
- Wohnort: Bonn
von mrfreeman1985 am 18.10.2005, 20:39
hier die neuste log, nach der deinstallation des logitech desktop messengers...
Logfile of HijackThis v1.99.1
Scan saved at 20:38:51, on 18.10.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Gemeinsame Dateien\Logitech\Bluetooth\LBTSERV.EXE
C:\WINDOWS\system32\spoolsv.exe
E:\PROGRAMME\AVPERSONAL\AVGUARD.EXE
C:\WINDOWS\Explorer.EXE
e:\Programme\AVPersonal\AVWUPSRV.EXE
C:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Programme\Logitech\Easy Synchronization\servicestub.exe
C:\Programme\Logitech\Easy Synchronization\LogitechEasySync.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
E:\Programme\VMware\VMware Workstation\vmware-authd.exe
C:\WINDOWS\system32\vmnat.exe
C:\WINDOWS\System32\nvraidservice.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Programme\Java\jre1.5.0_04\bin\jusched.exe
C:\WINDOWS\system32\vmnetdhcp.exe
C:\Programme\MessengerPlus! 3\MsgPlus.exe
C:\Programme\Gemeinsame Dateien\CMEII\CMESys.exe
C:\Programme\D-Tools\daemon.exe
C:\Programme\WinFast\WFTVFM\WFWIZ.exe
C:\Programme\Logitech\iTouch\iTouch.exe
C:\Programme\MSI\Live Update 3\LMonitor.exe
E:\Programme\AVPersonal\AVGNT.EXE
C:\WINDOWS\System32\wbem\unsecapp.exe
C:\Programme\Logitech\MediaLife\MediaLifeService.exe
C:\Programme\Logitech\SetPoint\LBTWiz.exe
C:\Programme\Logitech\Easy Synchronization\LogitechEasySync.exe
C:\Programme\WinPortrait\wpctrl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Programme\MSI\Core Center\CoreCenter.exe
C:\Programme\WinPortrait\floater.exe
C:\Programme\Gemeinsame Dateien\GMT\GMT.exe
C:\Programme\Logitech\SetPoint\SetPoint.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Programme\Gemeinsame Dateien\Logitech\KHAL\KHALMNPR.EXE
C:\Programme\ICQ\Icq.exe
C:\Programme\MSN Messenger\msnmsgr.exe
E:\Programme\totalcmd\Totalcmd.exe
C:\Programme\MYIE2\MyIE.exe
C:\WINDOWS\ALCFDRTM.EXE
E:\Programme\Winamp\winamp.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programme\WinRAR\WinRAR.exe
C:\DOKUME~1\NooNoo1\LOKALE~1\Temp\Rar$EX00.125\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Programme\GetRight\xx2gr.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NVRaidService] C:\WINDOWS\System32\nvraidservice.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Programme\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [CMESys] "C:\Programme\Gemeinsame Dateien\CMEII\CMESys.exe"
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Programme\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WinFast Schedule] C:\Programme\WinFast\WFTVFM\WFWIZ.exe
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Programme\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [LiveMonitor] C:\Programme\MSI\Live Update 3\LMonitor.exe
O4 - HKLM\..\Run: [AVGCtrl] "e:\Programme\AVPersonal\AVGNT.EXE" /min
O4 - HKLM\..\Run: [MediaLifeService] "C:\Programme\Logitech\MediaLife\MediaLifeService.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Logitech BT Wizard] LBTWiz.exe -silent
O4 - HKLM\..\Run: [Easy Synchronization] C:\Programme\Logitech\Easy Synchronization\LogitechEasySync.exe
O4 - HKLM\..\Run: [PivotSoftware] "C:\Programme\WinPortrait\wpctrl.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: CoreCenter.lnk = C:\Programme\MSI\Core Center\CoreCenter.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &Google-Suche - res://C:\Programme\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Ins Deutsche übersetzen - res://C:\Programme\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Download with GetRight - C:\Programme\GetRight\GRdownload.htm
O8 - Extra context menu item: Im Cache gespeicherte Seite - res://C:\Programme\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://E:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Open with GetRight Browser - C:\Programme\GetRight\GRbrowse.htm
O8 - Extra context menu item: Verweisseiten - res://C:\Programme\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Ähnliche Seiten - res://C:\Programme\Google\GoogleToolbar1.dll/cmsimilar.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/Mi ... b31267.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 4292611562
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnme ... loader.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/So ... b31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{20DDBBE0-A60B-41C2-AE05-9F0108759DDD}: NameServer = 192.168.0.1
O20 - Winlogon Notify: LBTWlgn - c:\programme\gemeinsame dateien\logitech\bluetooth\LBTWlgn.dll
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - E:\PROGRAMME\AVPERSONAL\AVGUARD.EXE
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - e:\Programme\AVPersonal\AVWUPSRV.EXE
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech Inc. - C:\Programme\Gemeinsame Dateien\Logitech\Bluetooth\LBTSERV.EXE
O23 - Service: Logitech Easy Synchronization - Unknown owner - C:\Programme\Logitech\Easy Synchronization\servicestub.exe
O23 - Service: WinFast(R) Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - E:\Programme\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe
Logfile of HijackThis v1.99.1
Scan saved at 20:38:51, on 18.10.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Gemeinsame Dateien\Logitech\Bluetooth\LBTSERV.EXE
C:\WINDOWS\system32\spoolsv.exe
E:\PROGRAMME\AVPERSONAL\AVGUARD.EXE
C:\WINDOWS\Explorer.EXE
e:\Programme\AVPersonal\AVWUPSRV.EXE
C:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Programme\Logitech\Easy Synchronization\servicestub.exe
C:\Programme\Logitech\Easy Synchronization\LogitechEasySync.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
E:\Programme\VMware\VMware Workstation\vmware-authd.exe
C:\WINDOWS\system32\vmnat.exe
C:\WINDOWS\System32\nvraidservice.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Programme\Java\jre1.5.0_04\bin\jusched.exe
C:\WINDOWS\system32\vmnetdhcp.exe
C:\Programme\MessengerPlus! 3\MsgPlus.exe
C:\Programme\Gemeinsame Dateien\CMEII\CMESys.exe
C:\Programme\D-Tools\daemon.exe
C:\Programme\WinFast\WFTVFM\WFWIZ.exe
C:\Programme\Logitech\iTouch\iTouch.exe
C:\Programme\MSI\Live Update 3\LMonitor.exe
E:\Programme\AVPersonal\AVGNT.EXE
C:\WINDOWS\System32\wbem\unsecapp.exe
C:\Programme\Logitech\MediaLife\MediaLifeService.exe
C:\Programme\Logitech\SetPoint\LBTWiz.exe
C:\Programme\Logitech\Easy Synchronization\LogitechEasySync.exe
C:\Programme\WinPortrait\wpctrl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Programme\MSI\Core Center\CoreCenter.exe
C:\Programme\WinPortrait\floater.exe
C:\Programme\Gemeinsame Dateien\GMT\GMT.exe
C:\Programme\Logitech\SetPoint\SetPoint.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Programme\Gemeinsame Dateien\Logitech\KHAL\KHALMNPR.EXE
C:\Programme\ICQ\Icq.exe
C:\Programme\MSN Messenger\msnmsgr.exe
E:\Programme\totalcmd\Totalcmd.exe
C:\Programme\MYIE2\MyIE.exe
C:\WINDOWS\ALCFDRTM.EXE
E:\Programme\Winamp\winamp.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programme\WinRAR\WinRAR.exe
C:\DOKUME~1\NooNoo1\LOKALE~1\Temp\Rar$EX00.125\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Programme\GetRight\xx2gr.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NVRaidService] C:\WINDOWS\System32\nvraidservice.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Programme\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [CMESys] "C:\Programme\Gemeinsame Dateien\CMEII\CMESys.exe"
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Programme\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WinFast Schedule] C:\Programme\WinFast\WFTVFM\WFWIZ.exe
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Programme\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [LiveMonitor] C:\Programme\MSI\Live Update 3\LMonitor.exe
O4 - HKLM\..\Run: [AVGCtrl] "e:\Programme\AVPersonal\AVGNT.EXE" /min
O4 - HKLM\..\Run: [MediaLifeService] "C:\Programme\Logitech\MediaLife\MediaLifeService.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Logitech BT Wizard] LBTWiz.exe -silent
O4 - HKLM\..\Run: [Easy Synchronization] C:\Programme\Logitech\Easy Synchronization\LogitechEasySync.exe
O4 - HKLM\..\Run: [PivotSoftware] "C:\Programme\WinPortrait\wpctrl.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: CoreCenter.lnk = C:\Programme\MSI\Core Center\CoreCenter.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &Google-Suche - res://C:\Programme\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Ins Deutsche übersetzen - res://C:\Programme\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Download with GetRight - C:\Programme\GetRight\GRdownload.htm
O8 - Extra context menu item: Im Cache gespeicherte Seite - res://C:\Programme\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://E:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Open with GetRight Browser - C:\Programme\GetRight\GRbrowse.htm
O8 - Extra context menu item: Verweisseiten - res://C:\Programme\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Ähnliche Seiten - res://C:\Programme\Google\GoogleToolbar1.dll/cmsimilar.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/Mi ... b31267.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 4292611562
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnme ... loader.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/So ... b31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{20DDBBE0-A60B-41C2-AE05-9F0108759DDD}: NameServer = 192.168.0.1
O20 - Winlogon Notify: LBTWlgn - c:\programme\gemeinsame dateien\logitech\bluetooth\LBTWlgn.dll
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - E:\PROGRAMME\AVPERSONAL\AVGUARD.EXE
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - e:\Programme\AVPersonal\AVWUPSRV.EXE
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech Inc. - C:\Programme\Gemeinsame Dateien\Logitech\Bluetooth\LBTSERV.EXE
O23 - Service: Logitech Easy Synchronization - Unknown owner - C:\Programme\Logitech\Easy Synchronization\servicestub.exe
O23 - Service: WinFast(R) Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - E:\Programme\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe
- mrfreeman1985
- Beiträge: 5
- Registriert: 17.10.2005, 14:06
- Wohnort: Bonn
von Holy Marcell am 18.10.2005, 20:50
Wah, ist das viel:
==============================
[windows-taste]+[Pause]
http://www.dirks-computerecke.de/worksh ... /bild3.jpg
Häkchen rein ==> neustart ==> Häkchen raus ==> neustart
==============================
(Danke für das Bild Dirk)
==============================
Lade dir Adaware und Spybot (Oben) und lasse sie laufen. Dann neues log von HJT
==============================
[windows-taste]+[Pause]
http://www.dirks-computerecke.de/worksh ... /bild3.jpg
Häkchen rein ==> neustart ==> Häkchen raus ==> neustart
==============================
(Danke für das Bild Dirk)
==============================
Lade dir Adaware und Spybot (Oben) und lasse sie laufen. Dann neues log von HJT
- Holy Marcell
von Holy Marcell am 18.10.2005, 20:56
Deinstalliere über die Software:
~gmt
~CMEII
~Adverts
=========================
Führe den CrapCleaner aus und hake alles an:
http://virus-protect.net/temp.html
Lade dir Ewido, Scanne, poste den Report und deinsatlliere es nach getaener Arbeit (Virenentfernung)
http://virus-protect.net/ewido.html
========================
~gmt
~CMEII
~Adverts
=========================
Führe den CrapCleaner aus und hake alles an:
http://virus-protect.net/temp.html
Lade dir Ewido, Scanne, poste den Report und deinsatlliere es nach getaener Arbeit (Virenentfernung)
http://virus-protect.net/ewido.html
========================
- Holy Marcell
von Holy Marcell am 18.10.2005, 21:07
==============================
Lösche folgende Dateien/Ordner mit der Killbox und "Delte on Reboot":
http://virus-protect.net/killbox.html
C:\WINDOWS\iun6002.exe
C:\Programme\Adverts
E:\Installs\cd mate\cm25417a.zip
E:\Installs\lan <== Solltest du echt alles löschen und bei der nächsten Lan nur mit aktivem virenscanner und sofort danach voller Systemscan.
E:\zeugs\mails\eing
E:\Programme\AVPersonal\INFECTED\ <== nur den Inhalt löschen falls da was drin ist.
C:\Programme\Gemeinsame Dateien\CMEII
C:\Programme\Gemeinsame Dateien\GMT
==============================
So keine Lust mehr (-; wir sehen uns morgen.
Lösche folgende Dateien/Ordner mit der Killbox und "Delte on Reboot":
http://virus-protect.net/killbox.html
C:\WINDOWS\iun6002.exe
C:\Programme\Adverts
E:\Installs\cd mate\cm25417a.zip
E:\Installs\lan <== Solltest du echt alles löschen und bei der nächsten Lan nur mit aktivem virenscanner und sofort danach voller Systemscan.
E:\zeugs\mails\eing
E:\Programme\AVPersonal\INFECTED\ <== nur den Inhalt löschen falls da was drin ist.
C:\Programme\Gemeinsame Dateien\CMEII
C:\Programme\Gemeinsame Dateien\GMT
==============================
So keine Lust mehr (-; wir sehen uns morgen.
- Holy Marcell
von mrfreeman1985 am 18.10.2005, 22:41
Sooo, ich hoffe ich habe alles soweit erledigt und nichts vergessen.. Ich als Laie kann in der neuen Logfile von HJT allerdings keine Verbesserung feststellen.. Hier die Logfile:
Logfile of HijackThis v1.99.1
Scan saved at 22:34:57, on 18.10.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Gemeinsame Dateien\Logitech\Bluetooth\LBTSERV.EXE
C:\WINDOWS\system32\spoolsv.exe
E:\PROGRAMME\AVPERSONAL\AVGUARD.EXE
e:\Programme\AVPersonal\AVWUPSRV.EXE
C:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Logitech\Easy Synchronization\servicestub.exe
C:\Programme\Logitech\Easy Synchronization\LogitechEasySync.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\nvraidservice.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Programme\Java\jre1.5.0_04\bin\jusched.exe
C:\Programme\MessengerPlus! 3\MsgPlus.exe
C:\Programme\D-Tools\daemon.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Programme\WinFast\WFTVFM\WFWIZ.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Logitech\iTouch\iTouch.exe
E:\Programme\VMware\VMware Workstation\vmware-authd.exe
C:\Programme\MSI\Live Update 3\LMonitor.exe
E:\Programme\AVPersonal\AVGNT.EXE
C:\WINDOWS\system32\vmnat.exe
C:\Programme\Logitech\MediaLife\MediaLifeService.exe
C:\WINDOWS\system32\vmnetdhcp.exe
C:\Programme\Logitech\SetPoint\LBTWiz.exe
C:\Programme\Logitech\Easy Synchronization\LogitechEasySync.exe
C:\Programme\WinPortrait\wpctrl.exe
C:\WINDOWS\system32\ctfmon.exe
E:\programme\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\System32\wbem\unsecapp.exe
C:\Programme\WinPortrait\floater.exe
C:\Programme\MSI\Core Center\CoreCenter.exe
C:\Programme\Logitech\SetPoint\SetPoint.exe
C:\Programme\MYIE2\MyIE.exe
C:\Programme\Gemeinsame Dateien\Logitech\KHAL\KHALMNPR.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Programme\MSN Messenger\msnmsgr.exe
C:\Programme\ICQ\Icq.exe
E:\Programme\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
C:\WINDOWS\System32\msiexec.exe
C:\Programme\WinRAR\WinRAR.exe
C:\DOKUME~1\NooNoo1\LOKALE~1\Temp\Rar$EX00.640\HijackThis.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Programme\GetRight\xx2gr.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NVRaidService] C:\WINDOWS\System32\nvraidservice.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Programme\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Programme\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WinFast Schedule] C:\Programme\WinFast\WFTVFM\WFWIZ.exe
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Programme\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [LiveMonitor] C:\Programme\MSI\Live Update 3\LMonitor.exe
O4 - HKLM\..\Run: [AVGCtrl] "e:\Programme\AVPersonal\AVGNT.EXE" /min
O4 - HKLM\..\Run: [MediaLifeService] "C:\Programme\Logitech\MediaLife\MediaLifeService.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Logitech BT Wizard] LBTWiz.exe -silent
O4 - HKLM\..\Run: [Easy Synchronization] C:\Programme\Logitech\Easy Synchronization\LogitechEasySync.exe
O4 - HKLM\..\Run: [PivotSoftware] "C:\Programme\WinPortrait\wpctrl.exe"
O4 - HKLM\..\Run: [SmcService] E:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\RunOnce: [Easy Synchronization] C:\Programme\Logitech\Easy Synchronization\LogitechEasySync.exe --ports
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] E:\programme\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: CoreCenter.lnk = C:\Programme\MSI\Core Center\CoreCenter.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &Google-Suche - res://C:\Programme\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Ins Deutsche übersetzen - res://C:\Programme\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Download with GetRight - C:\Programme\GetRight\GRdownload.htm
O8 - Extra context menu item: Im Cache gespeicherte Seite - res://C:\Programme\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://E:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Open with GetRight Browser - C:\Programme\GetRight\GRbrowse.htm
O8 - Extra context menu item: Verweisseiten - res://C:\Programme\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Ähnliche Seiten - res://C:\Programme\Google\GoogleToolbar1.dll/cmsimilar.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/Mi ... b31267.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 4292611562
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnme ... loader.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/So ... b31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{20DDBBE0-A60B-41C2-AE05-9F0108759DDD}: NameServer = 192.168.0.1
O20 - Winlogon Notify: LBTWlgn - c:\programme\gemeinsame dateien\logitech\bluetooth\LBTWlgn.dll
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - E:\PROGRAMME\AVPERSONAL\AVGUARD.EXE
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - e:\Programme\AVPersonal\AVWUPSRV.EXE
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech Inc. - C:\Programme\Gemeinsame Dateien\Logitech\Bluetooth\LBTSERV.EXE
O23 - Service: Logitech Easy Synchronization - Unknown owner - C:\Programme\Logitech\Easy Synchronization\servicestub.exe
O23 - Service: WinFast(R) Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - E:\Programme\Sygate\SPF\smc.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - E:\Programme\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe
Nen scan mit Ewido hatte ich auch durchgeführt und ne Logfile erstellt, welche mir bei der Deinstallation von Ewido allerdings wieder verloren gegangen ist. Da stand aber auch nichts weltbewegendes drin, Ewido hat lediglich 8 Cookies die es für trojaner hielt gefunden und auf Anweisung von mir gelöscht.. Aber wenn die Logfile unbedingt noch gebraucht wird kann ich auch noch mal den abgesicherten Modus starten...
Warte auf weitere Instruktionen..
mFg
FrEe
[EDIT]
Die Ewido Log ist doch nicht verloren gegangen bei der Deinstallation, hab sie nur übersehen...
---------------------------------------------------------
ewido security suite - Scan Report
---------------------------------------------------------
+ Erstellt am: 22:20:45, 18.10.2005
+ Report-Checksumme: EE357824
+ Scanergebnis:
C:\Dokumente und Einstellungen\NooNoo1\Cookies\noonoo1@ad.adition[2].txt -> Spyware.Cookie.Adition : Gesäubert mit Backup
C:\Dokumente und Einstellungen\NooNoo1\Cookies\noonoo1@axa.addcontrol[1].txt -> Spyware.Cookie.Addcontrol : Gesäubert mit Backup
C:\Dokumente und Einstellungen\NooNoo1\Cookies\noonoo1@com[2].txt -> Spyware.Cookie.Com : Gesäubert mit Backup
C:\Dokumente und Einstellungen\NooNoo1\Cookies\noonoo1@ivwbox[1].txt -> Spyware.Cookie.Ivwbox : Gesäubert mit Backup
C:\Dokumente und Einstellungen\NooNoo1\Cookies\noonoo1@srv1.ad.adition[1].txt -> Spyware.Cookie.Adition : Gesäubert mit Backup
E:\zeugs\NooNoo1\Cookies\noonoo1@com[1].txt -> Spyware.Cookie.Com : Gesäubert mit Backup
E:\zeugs\NooNoo1\Cookies\noonoo1@geizhals.oewabox[1].txt -> Spyware.Cookie.Oewabox : Gesäubert mit Backup
E:\zeugs\NooNoo1\Cookies\noonoo1@ivwbox[1].txt -> Spyware.Cookie.Ivwbox : Gesäubert mit Backup
::Report Ende
Logfile of HijackThis v1.99.1
Scan saved at 22:34:57, on 18.10.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Gemeinsame Dateien\Logitech\Bluetooth\LBTSERV.EXE
C:\WINDOWS\system32\spoolsv.exe
E:\PROGRAMME\AVPERSONAL\AVGUARD.EXE
e:\Programme\AVPersonal\AVWUPSRV.EXE
C:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Logitech\Easy Synchronization\servicestub.exe
C:\Programme\Logitech\Easy Synchronization\LogitechEasySync.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\nvraidservice.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Programme\Java\jre1.5.0_04\bin\jusched.exe
C:\Programme\MessengerPlus! 3\MsgPlus.exe
C:\Programme\D-Tools\daemon.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Programme\WinFast\WFTVFM\WFWIZ.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Logitech\iTouch\iTouch.exe
E:\Programme\VMware\VMware Workstation\vmware-authd.exe
C:\Programme\MSI\Live Update 3\LMonitor.exe
E:\Programme\AVPersonal\AVGNT.EXE
C:\WINDOWS\system32\vmnat.exe
C:\Programme\Logitech\MediaLife\MediaLifeService.exe
C:\WINDOWS\system32\vmnetdhcp.exe
C:\Programme\Logitech\SetPoint\LBTWiz.exe
C:\Programme\Logitech\Easy Synchronization\LogitechEasySync.exe
C:\Programme\WinPortrait\wpctrl.exe
C:\WINDOWS\system32\ctfmon.exe
E:\programme\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\System32\wbem\unsecapp.exe
C:\Programme\WinPortrait\floater.exe
C:\Programme\MSI\Core Center\CoreCenter.exe
C:\Programme\Logitech\SetPoint\SetPoint.exe
C:\Programme\MYIE2\MyIE.exe
C:\Programme\Gemeinsame Dateien\Logitech\KHAL\KHALMNPR.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Programme\MSN Messenger\msnmsgr.exe
C:\Programme\ICQ\Icq.exe
E:\Programme\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
C:\WINDOWS\System32\msiexec.exe
C:\Programme\WinRAR\WinRAR.exe
C:\DOKUME~1\NooNoo1\LOKALE~1\Temp\Rar$EX00.640\HijackThis.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Programme\GetRight\xx2gr.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NVRaidService] C:\WINDOWS\System32\nvraidservice.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Programme\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Programme\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WinFast Schedule] C:\Programme\WinFast\WFTVFM\WFWIZ.exe
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Programme\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [LiveMonitor] C:\Programme\MSI\Live Update 3\LMonitor.exe
O4 - HKLM\..\Run: [AVGCtrl] "e:\Programme\AVPersonal\AVGNT.EXE" /min
O4 - HKLM\..\Run: [MediaLifeService] "C:\Programme\Logitech\MediaLife\MediaLifeService.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Logitech BT Wizard] LBTWiz.exe -silent
O4 - HKLM\..\Run: [Easy Synchronization] C:\Programme\Logitech\Easy Synchronization\LogitechEasySync.exe
O4 - HKLM\..\Run: [PivotSoftware] "C:\Programme\WinPortrait\wpctrl.exe"
O4 - HKLM\..\Run: [SmcService] E:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\RunOnce: [Easy Synchronization] C:\Programme\Logitech\Easy Synchronization\LogitechEasySync.exe --ports
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] E:\programme\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: CoreCenter.lnk = C:\Programme\MSI\Core Center\CoreCenter.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &Google-Suche - res://C:\Programme\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Ins Deutsche übersetzen - res://C:\Programme\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Download with GetRight - C:\Programme\GetRight\GRdownload.htm
O8 - Extra context menu item: Im Cache gespeicherte Seite - res://C:\Programme\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://E:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Open with GetRight Browser - C:\Programme\GetRight\GRbrowse.htm
O8 - Extra context menu item: Verweisseiten - res://C:\Programme\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Ähnliche Seiten - res://C:\Programme\Google\GoogleToolbar1.dll/cmsimilar.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/Mi ... b31267.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 4292611562
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnme ... loader.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/So ... b31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{20DDBBE0-A60B-41C2-AE05-9F0108759DDD}: NameServer = 192.168.0.1
O20 - Winlogon Notify: LBTWlgn - c:\programme\gemeinsame dateien\logitech\bluetooth\LBTWlgn.dll
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - E:\PROGRAMME\AVPERSONAL\AVGUARD.EXE
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - e:\Programme\AVPersonal\AVWUPSRV.EXE
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech Inc. - C:\Programme\Gemeinsame Dateien\Logitech\Bluetooth\LBTSERV.EXE
O23 - Service: Logitech Easy Synchronization - Unknown owner - C:\Programme\Logitech\Easy Synchronization\servicestub.exe
O23 - Service: WinFast(R) Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - E:\Programme\Sygate\SPF\smc.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - E:\Programme\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe
Nen scan mit Ewido hatte ich auch durchgeführt und ne Logfile erstellt, welche mir bei der Deinstallation von Ewido allerdings wieder verloren gegangen ist. Da stand aber auch nichts weltbewegendes drin, Ewido hat lediglich 8 Cookies die es für trojaner hielt gefunden und auf Anweisung von mir gelöscht.. Aber wenn die Logfile unbedingt noch gebraucht wird kann ich auch noch mal den abgesicherten Modus starten...
Warte auf weitere Instruktionen..
mFg
FrEe
[EDIT]
Die Ewido Log ist doch nicht verloren gegangen bei der Deinstallation, hab sie nur übersehen...
---------------------------------------------------------
ewido security suite - Scan Report
---------------------------------------------------------
+ Erstellt am: 22:20:45, 18.10.2005
+ Report-Checksumme: EE357824
+ Scanergebnis:
C:\Dokumente und Einstellungen\NooNoo1\Cookies\noonoo1@ad.adition[2].txt -> Spyware.Cookie.Adition : Gesäubert mit Backup
C:\Dokumente und Einstellungen\NooNoo1\Cookies\noonoo1@axa.addcontrol[1].txt -> Spyware.Cookie.Addcontrol : Gesäubert mit Backup
C:\Dokumente und Einstellungen\NooNoo1\Cookies\noonoo1@com[2].txt -> Spyware.Cookie.Com : Gesäubert mit Backup
C:\Dokumente und Einstellungen\NooNoo1\Cookies\noonoo1@ivwbox[1].txt -> Spyware.Cookie.Ivwbox : Gesäubert mit Backup
C:\Dokumente und Einstellungen\NooNoo1\Cookies\noonoo1@srv1.ad.adition[1].txt -> Spyware.Cookie.Adition : Gesäubert mit Backup
E:\zeugs\NooNoo1\Cookies\noonoo1@com[1].txt -> Spyware.Cookie.Com : Gesäubert mit Backup
E:\zeugs\NooNoo1\Cookies\noonoo1@geizhals.oewabox[1].txt -> Spyware.Cookie.Oewabox : Gesäubert mit Backup
E:\zeugs\NooNoo1\Cookies\noonoo1@ivwbox[1].txt -> Spyware.Cookie.Ivwbox : Gesäubert mit Backup
::Report Ende
- mrfreeman1985
- Beiträge: 5
- Registriert: 17.10.2005, 14:06
- Wohnort: Bonn
von Holy Marcell am 19.10.2005, 14:06
Nun, Ewido hat sie nicht als Trojaner erkannt aber gelöscht.In deinem Log findet sich immernoch eine ganze Menge Ligitech Software. Wenn du diese nicht selbst installiert hast deinstallierst du sie bitte wieder.
==============================
Arbeite diese Anleitung bitte vollständig ab und poste das Ergebniss:
http://yourhighness.eddys-domain.de/escan.html
==============================
scanne mit AdAware SE
http://virus-protect.net/adaware.html
Mit Spybot:
http://download.freenet.de/archiv_s/spy ... _4656.html
============================
==============================
Arbeite diese Anleitung bitte vollständig ab und poste das Ergebniss:
http://yourhighness.eddys-domain.de/escan.html
==============================
scanne mit AdAware SE
http://virus-protect.net/adaware.html
Mit Spybot:
http://download.freenet.de/archiv_s/spy ... _4656.html
============================
- Holy Marcell
von mrfreeman1985 am 19.10.2005, 19:29
So, der Escancheck ist durch, allerdings im normalen und nicht im abgesicherten Modus... Hier die Logfile:
--------------------------------------------------
-------------------- INFECTED --------------------
--------------------------------------------------
1: Wed Oct 19 13:59:16 2005 => System found infected with searchexe Spyware/Adware ({807553e5-5146-11d5-a672-00b0d022e945})! Action taken: No Action Taken.
2: Wed Oct 19 13:59:17 2005 => Offending file found: C:\DOKUME~1\NooNoo1\LOKALE~1\Temp\insthelp.dll
3: Wed Oct 19 13:59:17 2005 => System found infected with redv Spyware/Adware (insthelp.dll)! Action taken: No Action Taken.
4: Wed Oct 19 13:59:19 2005 => Offending file found: C:\Dokumente und Einstellungen\NooNoo1\Lokale Einstellungen\temp\insthelp.dll
5: Wed Oct 19 13:59:19 2005 => System found infected with redv Spyware/Adware (insthelp.dll)! Action taken: No Action Taken.
6: Wed Oct 19 13:59:19 2005 => Offending file found: C:\Dokumente und Einstellungen\NooNoo1\Lokale Einstellungen\temporary internet files\content.ie5\0da34lqf\adsend[1].js
7: Wed Oct 19 13:59:19 2005 => System found infected with whenu.savenow Spyware/Adware (adsend[1].js)! Action taken: No Action Taken.
8: Wed Oct 19 13:59:19 2005 => Offending file found: C:\Dokumente und Einstellungen\NooNoo1\Lokale Einstellungen\temporary internet files\content.ie5\0da34lqf\ads[1].htm
9: Wed Oct 19 13:59:19 2005 => System found infected with whenu.savenow Spyware/Adware (ads[1].htm)! Action taken: No Action Taken.
10: Wed Oct 19 13:59:19 2005 => Offending file found: C:\Dokumente und Einstellungen\NooNoo1\Lokale Einstellungen\temporary internet files\content.ie5\0da34lqf\ads[2].htm
11: Wed Oct 19 13:59:19 2005 => System found infected with whenu.savenow Spyware/Adware (ads[2].htm)! Action taken: No Action Taken.
12: Wed Oct 19 13:59:19 2005 => Offending file found: C:\Dokumente und Einstellungen\NooNoo1\Lokale Einstellungen\temporary internet files\content.ie5\0da34lqf\formie[1].css
13: Wed Oct 19 13:59:19 2005 => System found infected with whenu.savenow Spyware/Adware (formie[1].css)! Action taken: No Action Taken.
14: Wed Oct 19 13:59:19 2005 => Offending file found: C:\Dokumente und Einstellungen\NooNoo1\Lokale Einstellungen\temporary internet files\content.ie5\at309c7a\formie[1].css
15: Wed Oct 19 13:59:19 2005 => System found infected with whenu.savenow Spyware/Adware (formie[1].css)! Action taken: No Action Taken.
16: Wed Oct 19 13:59:19 2005 => Offending file found: C:\Dokumente und Einstellungen\NooNoo1\Lokale Einstellungen\temporary internet files\content.ie5\at309c7a\show_ads[2].js
17: Wed Oct 19 13:59:19 2005 => System found infected with whenu.savenow Spyware/Adware (show_ads[2].js)! Action taken: No Action Taken.
18: Wed Oct 19 13:59:19 2005 => Offending file found: C:\Dokumente und Einstellungen\NooNoo1\Lokale Einstellungen\temporary internet files\content.ie5\i5mmlac4\adswrapper[1].js
19: Wed Oct 19 13:59:19 2005 => System found infected with whenu.savenow Spyware/Adware (adswrapper[1].js)! Action taken: No Action Taken.
20: Wed Oct 19 13:59:19 2005 => Offending file found: C:\Dokumente und Einstellungen\NooNoo1\Lokale Einstellungen\temporary internet files\content.ie5\i5mmlac4\blank[1].htm
21: Wed Oct 19 13:59:19 2005 => System found infected with whenu.savenow Spyware/Adware (blank[1].htm)! Action taken: No Action Taken.
22: Wed Oct 19 13:59:19 2005 => Offending file found: C:\Dokumente und Einstellungen\NooNoo1\Lokale Einstellungen\temporary internet files\content.ie5\i5mmlac4\global[1].js
23: Wed Oct 19 13:59:19 2005 => System found infected with redv Spyware/Adware (global[1].js)! Action taken: No Action Taken.
24: Wed Oct 19 13:59:19 2005 => Offending file found: C:\Dokumente und Einstellungen\NooNoo1\Lokale Einstellungen\temporary internet files\content.ie5\kz2nudyt\adswrapper[1].js
25: Wed Oct 19 13:59:19 2005 => System found infected with whenu.savenow Spyware/Adware (adswrapper[1].js)! Action taken: No Action Taken.
26: Wed Oct 19 13:59:19 2005 => Offending file found: C:\Dokumente und Einstellungen\NooNoo1\Lokale Einstellungen\temporary internet files\content.ie5\kz2nudyt\index[1].html
27: Wed Oct 19 13:59:19 2005 => System found infected with whenu.savenow Spyware/Adware (index[1].html)! Action taken: No Action Taken.
28: Wed Oct 19 13:59:19 2005 => Offending file found: C:\Dokumente und Einstellungen\NooNoo1\Lokale Einstellungen\temporary internet files\content.ie5\opqrstuv\adsend[1].js
29: Wed Oct 19 13:59:19 2005 => System found infected with whenu.savenow Spyware/Adware (adsend[1].js)! Action taken: No Action Taken.
30: Wed Oct 19 13:59:19 2005 => Offending file found: C:\Dokumente und Einstellungen\NooNoo1\Lokale Einstellungen\Temporary Internet Files\content.ie5\0da34lqf\adsend[1].js
31: Wed Oct 19 13:59:19 2005 => System found infected with whenu.savenow Spyware/Adware (adsend[1].js)! Action taken: No Action Taken.
32: Wed Oct 19 13:59:19 2005 => Offending file found: C:\Dokumente und Einstellungen\NooNoo1\Lokale Einstellungen\Temporary Internet Files\content.ie5\0da34lqf\ads[1].htm
33: Wed Oct 19 13:59:19 2005 => System found infected with whenu.savenow Spyware/Adware (ads[1].htm)! Action taken: No Action Taken.
34: Wed Oct 19 13:59:19 2005 => Offending file found: C:\Dokumente und Einstellungen\NooNoo1\Lokale Einstellungen\Temporary Internet Files\content.ie5\0da34lqf\ads[2].htm
35: Wed Oct 19 13:59:19 2005 => System found infected with whenu.savenow Spyware/Adware (ads[2].htm)! Action taken: No Action Taken.
36: Wed Oct 19 13:59:19 2005 => Offending file found: C:\Dokumente und Einstellungen\NooNoo1\Lokale Einstellungen\Temporary Internet Files\content.ie5\0da34lqf\formie[1].css
37: Wed Oct 19 13:59:19 2005 => System found infected with whenu.savenow Spyware/Adware (formie[1].css)! Action taken: No Action Taken.
38: Wed Oct 19 13:59:19 2005 => Offending file found: C:\Dokumente und Einstellungen\NooNoo1\Lokale Einstellungen\Temporary Internet Files\content.ie5\at309c7a\formie[1].css
39: Wed Oct 19 13:59:19 2005 => System found infected with whenu.savenow Spyware/Adware (formie[1].css)! Action taken: No Action Taken.
40: Wed Oct 19 13:59:19 2005 => Offending file found: C:\Dokumente und Einstellungen\NooNoo1\Lokale Einstellungen\Temporary Internet Files\content.ie5\at309c7a\show_ads[2].js
41: Wed Oct 19 13:59:19 2005 => System found infected with whenu.savenow Spyware/Adware (show_ads[2].js)! Action taken: No Action Taken.
42: Wed Oct 19 13:59:19 2005 => Offending file found: C:\Dokumente und Einstellungen\NooNoo1\Lokale Einstellungen\Temporary Internet Files\content.ie5\i5mmlac4\adswrapper[1].js
43: Wed Oct 19 13:59:19 2005 => System found infected with whenu.savenow Spyware/Adware (adswrapper[1].js)! Action taken: No Action Taken.
44: Wed Oct 19 13:59:19 2005 => Offending file found: C:\Dokumente und Einstellungen\NooNoo1\Lokale Einstellungen\Temporary Internet Files\content.ie5\i5mmlac4\blank[1].htm
45: Wed Oct 19 13:59:19 2005 => System found infected with whenu.savenow Spyware/Adware (blank[1].htm)! Action taken: No Action Taken.
46: Wed Oct 19 13:59:19 2005 => Offending file found: C:\Dokumente und Einstellungen\NooNoo1\Lokale Einstellungen\Temporary Internet Files\content.ie5\i5mmlac4\global[1].js
47: Wed Oct 19 13:59:19 2005 => System found infected with redv Spyware/Adware (global[1].js)! Action taken: No Action Taken.
48: Wed Oct 19 13:59:19 2005 => Offending file found: C:\Dokumente und Einstellungen\NooNoo1\Lokale Einstellungen\Temporary Internet Files\content.ie5\kz2nudyt\adswrapper[1].js
49: Wed Oct 19 13:59:19 2005 => System found infected with whenu.savenow Spyware/Adware (adswrapper[1].js)! Action taken: No Action Taken.
50: Wed Oct 19 13:59:19 2005 => Offending file found: C:\Dokumente und Einstellungen\NooNoo1\Lokale Einstellungen\Temporary Internet Files\content.ie5\kz2nudyt\index[1].html
51: Wed Oct 19 13:59:19 2005 => System found infected with whenu.savenow Spyware/Adware (index[1].html)! Action taken: No Action Taken.
52: Wed Oct 19 13:59:19 2005 => Offending file found: C:\Dokumente und Einstellungen\NooNoo1\Lokale Einstellungen\Temporary Internet Files\content.ie5\opqrstuv\adsend[1].js
53: Wed Oct 19 13:59:19 2005 => System found infected with whenu.savenow Spyware/Adware (adsend[1].js)! Action taken: No Action Taken.
54: Wed Oct 19 14:21:16 2005 => Scanning File D:\Mp3s\Barthezz - infected.mp3 [**]
55: Wed Oct 19 14:21:16 2005 => Scanning File D:\Mp3s\Barthezz - Infected3.mp3 [**]
56: Wed Oct 19 14:36:06 2005 => Scanning Folder: E:\Programme\AVPersonal\INFECTED\*.*
--------------------------------------------------
--------------------- TAGGED ---------------------
--------------------------------------------------
1: Wed Oct 19 14:25:42 2005 => File E:\Installs\dirc-321.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.601. No Action Taken.
2: Wed Oct 19 14:26:16 2005 => File E:\Installs\fgf096a.zip tagged as "not-a-virus:AdWare.Win32.Aureate.a". Action Taken: No Action Taken.
3: Wed Oct 19 14:28:24 2005 => File E:\Installs\kmd171gu_en.exe tagged as "not-a-virus:AdWare.Win32.Cydoor". Action Taken: No Action Taken.
4: Wed Oct 19 14:31:49 2005 => File E:\Installs\lan\Net\VNC\vnc-4.0b5-x86_win32.zip tagged as not-a-virus:RemoteAdmin.Win32.WinVNC.4. No Action Taken.
5: Wed Oct 19 14:34:09 2005 => File E:\Installs\mirc612.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.612. No Action Taken.
6: Wed Oct 19 14:34:09 2005 => File E:\Installs\mirc616.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.616. No Action Taken.
7: Wed Oct 19 14:34:32 2005 => File E:\Installs\pwlview.zip tagged as not-a-virus:PSWTool.Win32.WinPassViewer.203. No Action Taken.
8: Wed Oct 19 14:36:08 2005 => File E:\Programme\dIRC\dIRC.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.601. No Action Taken.
9: Wed Oct 19 14:37:29 2005 => Scanning File E:\Programme\Media_Manager_2004\Icons\Tagged Image File Format.ico [**]
10: Wed Oct 19 14:41:02 2005 => File E:\Programme\mIRC\backup\mirc.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.603. No Action Taken.
11: Wed Oct 19 14:41:04 2005 => File E:\Programme\mIRC\mirc.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.612. No Action Taken.
12: Wed Oct 19 14:41:05 2005 => File E:\Programme\mirctest\backup\mirc.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.603. No Action Taken.
13: Wed Oct 19 14:41:07 2005 => File E:\Programme\mirctest\mirc.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.612. No Action Taken.
14: Wed Oct 19 14:49:28 2005 => File G:\Gamez\half-life\hltv.exe tagged as not-a-virus:Server-Proxy.Win32.Hltv. No Action Taken.
--------------------------------------------------
--------------------- ERRORS ---------------------
--------------------------------------------------
1: Wed Oct 19 13:59:05 2005 => ERROR!!! Invalid Entry Logitech BT Wizard = LBTWiz.exe -silent (in key SOFTWARE\Microsoft\Windows\CurrentVersion\Run). No Action Taken.
2: Wed Oct 19 13:59:11 2005 => ERROR!!! Invalid Entry \??\F:\INSTALL\GMSIPCI.SYS in SYSTEM\CurrentControlSet\Services\GMSIPCI...
3: Wed Oct 19 13:59:21 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\WMPBurn.exe" refers to invalid object "\WMPBurn\WMPBurn.exe". Action Taken: No Action Taken.
4: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".0-Beta1-Extra/". Action Taken: No Action Taken.
5: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".0-Beta1-Extra/kernel-modules+firmware/". Action Taken: No Action Taken.
6: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".0-Beta1-Extra/kernel-modules+firmware/i386/". Action Taken: No Action Taken.
7: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".0-Beta2-Extra/". Action Taken: No Action Taken.
8: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".0-Beta2-Extra/kernel-modules+firmware/". Action Taken: No Action Taken.
9: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".0-Beta2-Extra/kernel-modules+firmware/CD1/". Action Taken: No Action Taken.
10: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".0-Beta2-Extra/kernel-modules+firmware/CD1/suse/". Action Taken: No Action Taken.
11: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".0-Beta2-Extra/kernel-modules+firmware/CD1/suse/i586/". Action Taken: No Action Taken.
12: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".0/". Action Taken: No Action Taken.
13: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".0/ap1/". Action Taken: No Action Taken.
14: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".0/d1/". Action Taken: No Action Taken.
15: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".0/ham1/". Action Taken: No Action Taken.
16: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".0/k2de3/". Action Taken: No Action Taken.
17: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".0/n2/". Action Taken: No Action Taken.
18: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".0/suse1/". Action Taken: No Action Taken.
19: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".0/zq1/". Action Taken: No Action Taken.
20: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".1/". Action Taken: No Action Taken.
21: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".1/suse/". Action Taken: No Action Taken.
22: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".1/suse/i686/". Action Taken: No Action Taken.
23: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".3-i386/". Action Taken: No Action Taken.
24: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".3-i386/base/". Action Taken: No Action Taken.
25: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".3-x86_64/". Action Taken: No Action Taken.
26: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".3-x86_64/base/". Action Taken: No Action Taken.
27: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".3/". Action Taken: No Action Taken.
28: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".3/iso/". Action Taken: No Action Taken.
29: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".3/yast-source/". Action Taken: No Action Taken.
30: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".3/yast-source/suse/". Action Taken: No Action Taken.
31: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".3/yast-source/suse/setup/". Action Taken: No Action Taken.
32: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".3/yast-source/suse/setup/descr/". Action Taken: No Action Taken.
33: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".3/yast-source/suse/src/". Action Taken: No Action Taken.
34: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".acr". Action Taken: No Action Taken.
35: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".b3d". Action Taken: No Action Taken.
36: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".cam". Action Taken: No Action Taken.
37: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".com/". Action Taken: No Action Taken.
38: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".com/contrib/". Action Taken: No Action Taken.
39: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".com/pub/suse/i386/". Action Taken: No Action Taken.
40: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".com/suse/". Action Taken: No Action Taken.
41: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".com/suse/i386/". Action Taken: No Action Taken.
42: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".com/suse/i386/supplementary/". Action Taken: No Action Taken.
43: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".com/suse/i386/supplementary/KDE/". Action Taken: No Action Taken.
44: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".cr2". Action Taken: No Action Taken.
45: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".crw". Action Taken: No Action Taken.
46: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".cue". Action Taken: No Action Taken.
47: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".dcm". Action Taken: No Action Taken.
48: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".dcx". Action Taken: No Action Taken.
49: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".dds". Action Taken: No Action Taken.
50: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/". Action Taken: No Action Taken.
51: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/projects/". Action Taken: No Action Taken.
52: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/pub/linux/distributions/suse/". Action Taken: No Action Taken.
53: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/pub/linux/distributions/suse/apt/". Action Taken: No Action Taken.
54: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/pub/linux/distributions/suse/apt/SuSE/". Action Taken: No Action Taken.
55: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/pub/linux/suse/i386/". Action Taken: No Action Taken.
56: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/suse/". Action Taken: No Action Taken.
57: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/suse/i386/". Action Taken: No Action Taken.
58: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/suse/i386/update/". Action Taken: No Action Taken.
59: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/suse/ia64/". Action Taken: No Action Taken.
60: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/suse/ppc/". Action Taken: No Action Taken.
61: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".djvu". Action Taken: No Action Taken.
62: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".ecw". Action Taken: No Action Taken.
63: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".fpx". Action Taken: No Action Taken.
64: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".fsh". Action Taken: No Action Taken.
65: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".g3". Action Taken: No Action Taken.
66: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".gsm". Action Taken: No Action Taken.
67: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".gxt". Action Taken: No Action Taken.
68: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".icl". Action Taken: No Action Taken.
69: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".iff". Action Taken: No Action Taken.
70: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".img". Action Taken: No Action Taken.
71: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".iw44". Action Taken: No Action Taken.
72: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".j2k". Action Taken: No Action Taken.
73: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".jng". Action Taken: No Action Taken.
74: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".jp2". Action Taken: No Action Taken.
75: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".jpc". Action Taken: No Action Taken.
76: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".jpm". Action Taken: No Action Taken.
77: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".kdc". Action Taken: No Action Taken.
78: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".lbm". Action Taken: No Action Taken.
79: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".ldf". Action Taken: No Action Taken.
80: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".lds". Action Taken: No Action Taken.
81: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".lwf". Action Taken: No Action Taken.
82: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".mng". Action Taken: No Action Taken.
83: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".ngg". Action Taken: No Action Taken.
84: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".nlm". Action Taken: No Action Taken.
85: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".nol". Action Taken: No Action Taken.
86: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".obsolete/". Action Taken: No Action Taken.
87: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".obsolete/suse_update/". Action Taken: No Action Taken.
88: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".old". Action Taken: No Action Taken.
89: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".org/Namibia/". Action Taken: No Action Taken.
90: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".org/pub/pure-ftpd/releases/". Action Taken: No Action Taken.
91: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".pan". Action Taken: No Action Taken.
92: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".pbm". Action Taken: No Action Taken.
93: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".pgm". Action Taken: No Action Taken.
94: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".ppm". Action Taken: No Action Taken.
95: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".psp". Action Taken: No Action Taken.
96: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".ras". Action Taken: No Action Taken.
97: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".raw". Action Taken: No Action Taken.
98: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".rgb". Action Taken: No Action Taken.
99: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".sff". Action Taken: No Action Taken.
100: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".sfw". Action Taken: No Action Taken.
101: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".sgi". Action Taken: No Action Taken.
102: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".sid". Action Taken: No Action Taken.
103: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".sun". Action Taken: No Action Taken.
104: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".tga". Action Taken: No Action Taken.
105: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".wbmp". Action Taken: No Action Taken.
106: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".xpm". Action Taken: No Action Taken.
107: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object "OpenWithList". Action Taken: No Action Taken.
108: Wed Oct 19 13:59:21 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "eMusic Promotion". Action Taken: No Action Taken.
109: Wed Oct 19 13:59:24 2005 => Entry "HKCR\TypeLib\{0588145C-4180-4204-A567-BC804D76EE64}" refers to invalid object "C:\DOKUME~1\NooNoo1\LOKALE~1\Temp\VBE\RefEdit.exd". Action Taken: No Action Taken.
110: Wed Oct 19 13:59:24 2005 => Entry "HKCR\TypeLib\{191651DC-F223-4CD8-86A0-F7BB5B5FE35D}" refers to invalid object "e:\Programme\MATLAB704\toolbox\rtw\targets\xpc\api\xpcapiCOM.dll". Action Taken: No Action Taken.
111: Wed Oct 19 13:59:24 2005 => Entry "HKCR\TypeLib\{29939855-DA8F-44E8-9853-95C60A2E6E7F}" refers to invalid object "C:\DOKUME~1\NooNoo1\LOKALE~1\Temp\VBE\MSForms.exd". Action Taken: No Action Taken.
112: Wed Oct 19 13:59:24 2005 => Entry "HKCR\TypeLib\{2FE3D0BC-E0E2-476B-B485-63E01345F0F8}" refers to invalid object "e:\Programme\MATLAB704\toolbox\rtw\targets\xpc\xpc\xpcmngr\ocx\mwxPCpanelCtrlsx2x7x1.ocx". Action Taken: No Action Taken.
113: Wed Oct 19 13:59:24 2005 => Entry "HKCR\TypeLib\{3732EC5C-C584-44B8-B4DA-04E0054414C0}" refers to invalid object "C:\Programme\Logitech\Desktop Messenger\8876480\Program\SyncExt.dll". Action Taken: No Action Taken.
114: Wed Oct 19 13:59:24 2005 => Entry "HKCR\TypeLib\{602F20F1-DF66-11D1-A21D-00A024E7DC56}" refers to invalid object "e:\Programme\MATLAB704\toolbox\daq\daq\private\mwwinsound.dll". Action Taken: No Action Taken.
115: Wed Oct 19 13:59:24 2005 => Entry "HKCR\TypeLib\{60ACE49B-F247-4E12-B740-EF8DB1941D0F}" refers to invalid object "e:\Programme\ewido\security suite\context.dll". Action Taken: No Action Taken.
116: Wed Oct 19 13:59:24 2005 => Entry "HKCR\TypeLib\{649D582F-3401-11D1-8C47-0080C7C43E7F}" refers to invalid object "E:\Programme\Microsoft Office\Office\1031\WFXRSTRZ.DLL". Action Taken: No Action Taken.
117: Wed Oct 19 13:59:24 2005 => Entry "HKCR\TypeLib\{82351433-9094-11D1-A24B-00A0C932C7DF}" refers to invalid object "C:\WINDOWS\system32\AniGIF.ocx". Action Taken: No Action Taken.
118: Wed Oct 19 13:59:24 2005 => Entry "HKCR\TypeLib\{87708F04-48EA-4C25-8D71-27F3E29FB83D}" refers to invalid object "e:\Programme\MATLAB704\toolbox\daq\daq\private\mwparallel.dll". Action Taken: No Action Taken.
119: Wed Oct 19 13:59:24 2005 => Entry "HKCR\TypeLib\{886257EB-E47C-11D3-8ED1-95743DE02879}" refers to invalid object "e:\Programme\MATLAB704\toolbox\rtw\targets\xpc\xpc\xpcmngr\ocx\MBSplit.ocx". Action Taken: No Action Taken.
120: Wed Oct 19 13:59:24 2005 => Entry "HKCR\TypeLib\{BE1EFB01-5751-4D22-8B4E-497018109E39}" refers to invalid object "e:\Programme\MATLAB704\toolbox\rtw\targets\xpc\xpc\xpcmngr\ocx\mwxpccontrolsx2x7x1.ocx". Action Taken: No Action Taken.
121: Wed Oct 19 13:59:24 2005 => Entry "HKCR\TypeLib\{DCB43485-19FB-4D6D-BB3D-73C7F48D5F00}" refers to invalid object "C:\Programme\Messenger\rtcimsp.dll". Action Taken: No Action Taken.
122: Wed Oct 19 13:59:24 2005 => Entry "HKCR\.col" refers to invalid object "COLFile". Action Taken: No Action Taken.
123: Wed Oct 19 13:59:24 2005 => Entry "HKCR\.idc" refers to invalid object "idcfile". Action Taken: No Action Taken.
124: Wed Oct 19 13:59:25 2005 => Entry "HKCR\.sll" refers to invalid object "SSLFile". Action Taken: No Action Taken.
125: Wed Oct 19 13:59:25 2005 => Entry "HKCR\.tuw" refers to invalid object "TUWFile". Action Taken: No Action Taken.
126: Wed Oct 19 13:59:25 2005 => Entry "HKCR\Matlab.Application.Single" refers to invalid object "{2A021682-B0D6-4734-BCBF-F8FF3A987E65}". Action Taken: No Action Taken.
127: Wed Oct 19 13:59:25 2005 => Entry "HKCR\Matlab.Application.Single.7" refers to invalid object "{2A021682-B0D6-4734-BCBF-F8FF3A987E65}". Action Taken: No Action Taken.
128: Wed Oct 19 13:59:25 2005 => Entry "HKCR\MBSplit.Splitter" refers to invalid object "{886257EF-E47C-11D3-8ED1-95743DE02879}". Action Taken: No Action Taken.
129: Wed Oct 19 13:59:26 2005 => Entry "HKCR\mwWinsound.Adaptor" refers to invalid object "{E3A3FC7A-B3CE-11D3-B32F-00A0C9F223E0}". Action Taken: No Action Taken.
130: Wed Oct 19 13:59:26 2005 => Entry "HKCR\mwWinsound.Adaptor.1" refers to invalid object "{E3A3FC7A-B3CE-11D3-B32F-00A0C9F223E0}". Action Taken: No Action Taken.
131: Wed Oct 19 13:59:26 2005 => Entry "HKCR\mwwinsound.output" refers to invalid object "{93DA44DB-C20F-11D3-A53E-00902757EA8D}". Action Taken: No Action Taken.
132: Wed Oct 19 13:59:26 2005 => Entry "HKCR\mwwinsound.output.1" refers to invalid object "{93DA44DB-C20F-11D3-A53E-00902757EA8D}". Action Taken: No Action Taken.
133: Wed Oct 19 13:59:26 2005 => Entry "HKCR\mwxpccontrolsx2x7x1.EmptyXCtrl" refers to invalid object "{DBF82505-88CB-4A66-9907-FFD17EAC583F}". Action Taken: No Action Taken.
134: Wed Oct 19 13:59:26 2005 => Entry "HKCR\mwxpccontrolsx2x7x1.ImageListCtrl" refers to invalid object "{73F8D0B3-68E9-471A-9C83-668DA42BF608}". Action Taken: No Action Taken.
135: Wed Oct 19 13:59:26 2005 => Entry "HKCR\mwxpccontrolsx2x7x1.listviewctrl" refers to invalid object "{42DBC9E2-2F0D-4DED-B7E5-7F4DB8E6FE38}". Action Taken: No Action Taken.
136: Wed Oct 19 13:59:26 2005 => Entry "HKCR\mwxpccontrolsx2x7x1.mshflexgridCtrl" refers to invalid object "{B936D94F-F049-49EB-88FA-0A1EF1FA5E1E}". Action Taken: No Action Taken.
137: Wed Oct 19 13:59:26 2005 => Entry "HKCR\mwxpccontrolsx2x7x1.PathChooserCtrl" refers to invalid object "{77647D31-6BE8-4041-B9EC-C1905956A586}". Action Taken: No Action Taken.
138: Wed Oct 19 13:59:26 2005 => Entry "HKCR\mwxpccontrolsx2x7x1.richtextboxCtrl" refers to invalid object "{A801536B-C85B-4514-A8EA-2178FADD735F}". Action Taken: No Action Taken.
139: Wed Oct 19 13:59:26 2005 => Entry "HKCR\mwxpccontrolsx2x7x1.treeviewctrl" refers to invalid object "{BF6AB797-3FAF-4612-9633-F35545175211}". Action Taken: No Action Taken.
140: Wed Oct 19 13:59:26 2005 => Entry "HKCR\mwxPCPanelCtrlsx2x7x1.xPCAppPanel" refers to invalid object "{30387EC1-68B2-44DB-A05F-39AC2111AA94}". Action Taken: No Action Taken.
141: Wed Oct 19 13:59:26 2005 => Entry "HKCR\mwxPCPanelCtrlsx2x7x1.xPCBlkptPanel" refers to invalid object "{9496DE05-4D53-426F-9A48-2EE34784DAB3}". Action Taken: No Action Taken.
142: Wed Oct 19 13:59:26 2005 => Entry "HKCR\mwxPCPanelCtrlsx2x7x1.xpcCCPanel" refers to invalid object "{4EE18D51-42C7-45FC-89BA-A4CF919C24C7}". Action Taken: No Action Taken.
143: Wed Oct 19 13:59:26 2005 => Entry "HKCR\mwxPCPanelCtrlsx2x7x1.xPCCommPanel" refers to invalid object "{4490E5E3-7B7F-463E-890D-935DD0B324BD}". Action Taken: No Action Taken.
144: Wed Oct 19 13:59:26 2005 => Entry "HKCR\mwxPCPanelCtrlsx2x7x1.xPCConfigPanel" refers to invalid object "{41D960C6-A519-467F-BEFF-1497FD64AFE7}". Action Taken: No Action Taken.
145: Wed Oct 19 13:59:26 2005 => Entry "HKCR\mwxPCPanelCtrlsx2x7x1.xpcScopePanel" refers to invalid object "{C54850D1-6F45-4478-8090-3E10DE5AA2D9}". Action Taken: No Action Taken.
146: Wed Oct 19 13:59:26 2005 => Entry "HKCR\mwxPCPanelCtrlsx2x7x1.xPCSetsPanel" refers to invalid object "{1CCCE7B8-3C43-4DF2-9EE9-58EFBAF36D41}". Action Taken: No Action Taken.
147: Wed Oct 19 13:59:26 2005 => Entry "HKCR\mwxPCPanelCtrlsx2x7x1.xPCtgAppPanel" refers to invalid object "{634B1D28-88CF-484E-9F6B-FF95D91A66BF}". Action Taken: No Action Taken.
148: Wed Oct 19 13:59:26 2005 => Entry "HKCR\ParallelAdaptor.ParallelAdapt" refers to invalid object "{890C55F6-1DEF-4719-B1A6-5C3726DC054F}". Action Taken: No Action Taken.
149: Wed Oct 19 13:59:26 2005 => Entry "HKCR\ParallelAdaptor.ParallelAdapt.1" refers to invalid object "{890C55F6-1DEF-4719-B1A6-5C3726DC054F}". Action Taken: No Action Taken.
150: Wed Oct 19 13:59:26 2005 => Entry "HKCR\ParallelAdaptor.ParallelDio" refers to invalid object "{42B1047E-5A2D-4BB1-9646-361C6A53D9F1}". Action Taken: No Action Taken.
151: Wed Oct 19 13:59:26 2005 => Entry "HKCR\ParallelAdaptor.ParallelDio.1" refers to invalid object "{42B1047E-5A2D-4BB1-9646-361C6A53D9F1}". Action Taken: No Action Taken.
152: Wed Oct 19 13:59:26 2005 => Entry "HKCR\RTCIMSP.RTCIMService" refers to invalid object "{83D4679F-B6D7-11D2-BF36-00C04FB90A03}". Action Taken: No Action Taken.
153: Wed Oct 19 13:59:26 2005 => Entry "HKCR\RTCIMSP.RTCIMService.1" refers to invalid object "{83D4679F-B6D7-11D2-BF36-00C04FB90A03}". Action Taken: No Action Taken.
154: Wed Oct 19 13:59:26 2005 => Entry "HKCR\XpcapiCOM.xPCFileSystem" refers to invalid object "{396436CD-5289-46FA-AEF9-DD6180E8F8C7}". Action Taken: No Action Taken.
155: Wed Oct 19 13:59:26 2005 => Entry "HKCR\XpcapiCOM.xPCFileSystem.1" refers to invalid object "{396436CD-5289-46FA-AEF9-DD6180E8F8C7}". Action Taken: No Action Taken.
156: Wed Oct 19 13:59:26 2005 => Entry "HKCR\XpcapiCOM.xPCProtocol" refers to invalid object "{475D91C7-7A6B-4190-8697-FD355C78A9D5}". Action Taken: No Action Taken.
157: Wed Oct 19 13:59:26 2005 => Entry "HKCR\XpcapiCOM.xPCProtocol.1" refers to invalid object "{475D91C7-7A6B-4190-8697-FD355C78A9D5}". Action Taken: No Action Taken.
158: Wed Oct 19 13:59:26 2005 => Entry "HKCR\XpcapiCOM.xPCScopes" refers to invalid object "{B43C500D-2BEE-4BE7-BF40-056974A98086}". Action Taken: No Action Taken.
159: Wed Oct 19 13:59:26 2005 => Entry "HKCR\XpcapiCOM.xPCScopes.1" refers to invalid object "{B43C500D-2BEE-4BE7-BF40-056974A98086}". Action Taken: No Action Taken.
160: Wed Oct 19 13:59:26 2005 => Entry "HKCR\XpcapiCOM.xPCTarget" refers to invalid object "{3C06BCA0-15F3-4A17-A599-F615667A0647}". Action Taken: No Action Taken.
161: Wed Oct 19 13:59:26 2005 => Entry "HKCR\XpcapiCOM.xPCTarget.1" refers to invalid object "{3C06BCA0-15F3-4A17-A599-F615667A0647}". Action Taken: No Action Taken.
162: Wed Oct 19 14:01:09 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\GAINDashBar.zip is Not Scanned
163: Wed Oct 19 14:01:09 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\GAINGator.zip is Not Scanned
164: Wed Oct 19 14:01:09 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\GAINGator1.zip is Not Scanned
165: Wed Oct 19 14:01:09 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\GAINGator10.zip is Not Scanned
166: Wed Oct 19 14:01:09 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\GAINGator11.zip is Not Scanned
167: Wed Oct 19 14:01:09 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\GAINGator13.zip is Not Scanned
168: Wed Oct 19 14:01:09 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\GAINGator14.zip is Not Scanned
169: Wed Oct 19 14:01:09 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\GAINGator15.zip is Not Scanned
170: Wed Oct 19 14:01:09 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\GAINGator16.zip is Not Scanned
171: Wed Oct 19 14:01:10 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\GAINGator2.zip is Not Scanned
172: Wed Oct 19 14:01:10 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\GAINGator3.zip is Not Scanned
173: Wed Oct 19 14:01:10 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\GAINGator4.zip is Not Scanned
174: Wed Oct 19 14:01:10 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\GAINGator5.zip is Not Scanned
175: Wed Oct 19 14:01:10 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\GAINGator6.zip is Not Scanned
176: Wed Oct 19 14:01:10 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\GAINGator7.zip is Not Scanned
177: Wed Oct 19 14:01:10 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\GAINGator8.zip is Not Scanned
178: Wed Oct 19 14:01:10 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\GAINGator9.zip is Not Scanned
179: Wed Oct 19 14:01:10 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\WindowsSecurityCenterAntiVirusOverride.zip is Not Scanned
180: Wed Oct 19 14:01:10 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\WindowsSecurityCenterFirewallOverride.zip is Not Scanned
181: Wed Oct 19 14:23:29 2005 => Result: ERROR!!! File E:\Installs\cd-client-4_27_3-en.exe is Not Scanned
182: Wed Oct 19 14:35:09 2005 => Result: ERROR!!! File E:\Installs\winzip\WinZip-8-win-full-serial-61924847.exe is Not Scanned
183: Wed Oct 19 14:43:53 2005 => Result: ERROR!!! File F:\download\InterVideo.WinDVD.Platinum.v7.0.B27.066.Really.Working.KeyGen.Only-AGAiN.by.GEAR.for.www.goldesel.to.rar is Not Scanned
184: Wed Oct 19 14:47:13 2005 => Result: ERROR!!! File F:\download\Need.For.Speed.Underground.2.German.Patch.02.by.GEAR.for.www.goldesel.6x.to.rar is Not Scanned
--------------------------------------------------
-------- DATEIEN ZUM LÖSCHEN HINZUGEFÜGT ---------
--------------------------------------------------
1: E:\Installs\dirc-321.exe => tagged:Client-IRC.Win32.mIRC.601.
2: E:\Installs\lan\Net\VNC\vnc-4.0b5-x86_win32.zip => tagged:RemoteAdmin.Win32.WinVNC.4.
3: E:\Installs\mirc612.exe => tagged:Client-IRC.Win32.mIRC.612.
4: E:\Installs\mirc616.exe => tagged:Client-IRC.Win32.mIRC.616.
5: E:\Installs\pwlview.zip => tagged:PSWTool.Win32.WinPassViewer.203.
6: E:\Programme\dIRC\dIRC.exe => tagged:Client-IRC.Win32.mIRC.601.
7: E:\Programme\mIRC\backup\mirc.exe => tagged:Client-IRC.Win32.mIRC.603.
8: E:\Programme\mIRC\mirc.exe => tagged:Client-IRC.Win32.mIRC.612.
9: E:\Programme\mirctest\backup\mirc.exe => tagged:Client-IRC.Win32.mIRC.603.
10: E:\Programme\mirctest\mirc.exe => tagged:Client-IRC.Win32.mIRC.612.
11: G:\Gamez\half-life\hltv.exe => tagged:Server-Proxy.Win32.Hltv.
--------------------------------------------------
-------------------- Statistik -------------------
--------------------------------------------------
Wed Oct 19 14:55:44 2005 => Total Objects Scanned: 188186
Wed Oct 19 14:55:44 2005 => Total Virus(es) Found: 50
Wed Oct 19 14:55:44 2005 => Total Errors: 184
Wed Oct 19 14:55:44 2005 => Virus Database Date: 2005/10/16
Wed Oct 19 14:55:44 2005 => Virus Database Count: 154391
Wed Oct 19 19:08:52 2005 => Total Objects Scanned: 188186
Wed Oct 19 19:08:52 2005 => Total Virus(es) Found: 50
Wed Oct 19 19:08:52 2005 => Total Errors: 184
--------------------------------------------------
-------------------- INFECTED --------------------
--------------------------------------------------
1: Wed Oct 19 13:59:16 2005 => System found infected with searchexe Spyware/Adware ({807553e5-5146-11d5-a672-00b0d022e945})! Action taken: No Action Taken.
2: Wed Oct 19 13:59:17 2005 => Offending file found: C:\DOKUME~1\NooNoo1\LOKALE~1\Temp\insthelp.dll
3: Wed Oct 19 13:59:17 2005 => System found infected with redv Spyware/Adware (insthelp.dll)! Action taken: No Action Taken.
4: Wed Oct 19 13:59:19 2005 => Offending file found: C:\Dokumente und Einstellungen\NooNoo1\Lokale Einstellungen\temp\insthelp.dll
5: Wed Oct 19 13:59:19 2005 => System found infected with redv Spyware/Adware (insthelp.dll)! Action taken: No Action Taken.
6: Wed Oct 19 13:59:19 2005 => Offending file found: C:\Dokumente und Einstellungen\NooNoo1\Lokale Einstellungen\temporary internet files\content.ie5\0da34lqf\adsend[1].js
7: Wed Oct 19 13:59:19 2005 => System found infected with whenu.savenow Spyware/Adware (adsend[1].js)! Action taken: No Action Taken.
8: Wed Oct 19 13:59:19 2005 => Offending file found: C:\Dokumente und Einstellungen\NooNoo1\Lokale Einstellungen\temporary internet files\content.ie5\0da34lqf\ads[1].htm
9: Wed Oct 19 13:59:19 2005 => System found infected with whenu.savenow Spyware/Adware (ads[1].htm)! Action taken: No Action Taken.
10: Wed Oct 19 13:59:19 2005 => Offending file found: C:\Dokumente und Einstellungen\NooNoo1\Lokale Einstellungen\temporary internet files\content.ie5\0da34lqf\ads[2].htm
11: Wed Oct 19 13:59:19 2005 => System found infected with whenu.savenow Spyware/Adware (ads[2].htm)! Action taken: No Action Taken.
12: Wed Oct 19 13:59:19 2005 => Offending file found: C:\Dokumente und Einstellungen\NooNoo1\Lokale Einstellungen\temporary internet files\content.ie5\0da34lqf\formie[1].css
13: Wed Oct 19 13:59:19 2005 => System found infected with whenu.savenow Spyware/Adware (formie[1].css)! Action taken: No Action Taken.
14: Wed Oct 19 13:59:19 2005 => Offending file found: C:\Dokumente und Einstellungen\NooNoo1\Lokale Einstellungen\temporary internet files\content.ie5\at309c7a\formie[1].css
15: Wed Oct 19 13:59:19 2005 => System found infected with whenu.savenow Spyware/Adware (formie[1].css)! Action taken: No Action Taken.
16: Wed Oct 19 13:59:19 2005 => Offending file found: C:\Dokumente und Einstellungen\NooNoo1\Lokale Einstellungen\temporary internet files\content.ie5\at309c7a\show_ads[2].js
17: Wed Oct 19 13:59:19 2005 => System found infected with whenu.savenow Spyware/Adware (show_ads[2].js)! Action taken: No Action Taken.
18: Wed Oct 19 13:59:19 2005 => Offending file found: C:\Dokumente und Einstellungen\NooNoo1\Lokale Einstellungen\temporary internet files\content.ie5\i5mmlac4\adswrapper[1].js
19: Wed Oct 19 13:59:19 2005 => System found infected with whenu.savenow Spyware/Adware (adswrapper[1].js)! Action taken: No Action Taken.
20: Wed Oct 19 13:59:19 2005 => Offending file found: C:\Dokumente und Einstellungen\NooNoo1\Lokale Einstellungen\temporary internet files\content.ie5\i5mmlac4\blank[1].htm
21: Wed Oct 19 13:59:19 2005 => System found infected with whenu.savenow Spyware/Adware (blank[1].htm)! Action taken: No Action Taken.
22: Wed Oct 19 13:59:19 2005 => Offending file found: C:\Dokumente und Einstellungen\NooNoo1\Lokale Einstellungen\temporary internet files\content.ie5\i5mmlac4\global[1].js
23: Wed Oct 19 13:59:19 2005 => System found infected with redv Spyware/Adware (global[1].js)! Action taken: No Action Taken.
24: Wed Oct 19 13:59:19 2005 => Offending file found: C:\Dokumente und Einstellungen\NooNoo1\Lokale Einstellungen\temporary internet files\content.ie5\kz2nudyt\adswrapper[1].js
25: Wed Oct 19 13:59:19 2005 => System found infected with whenu.savenow Spyware/Adware (adswrapper[1].js)! Action taken: No Action Taken.
26: Wed Oct 19 13:59:19 2005 => Offending file found: C:\Dokumente und Einstellungen\NooNoo1\Lokale Einstellungen\temporary internet files\content.ie5\kz2nudyt\index[1].html
27: Wed Oct 19 13:59:19 2005 => System found infected with whenu.savenow Spyware/Adware (index[1].html)! Action taken: No Action Taken.
28: Wed Oct 19 13:59:19 2005 => Offending file found: C:\Dokumente und Einstellungen\NooNoo1\Lokale Einstellungen\temporary internet files\content.ie5\opqrstuv\adsend[1].js
29: Wed Oct 19 13:59:19 2005 => System found infected with whenu.savenow Spyware/Adware (adsend[1].js)! Action taken: No Action Taken.
30: Wed Oct 19 13:59:19 2005 => Offending file found: C:\Dokumente und Einstellungen\NooNoo1\Lokale Einstellungen\Temporary Internet Files\content.ie5\0da34lqf\adsend[1].js
31: Wed Oct 19 13:59:19 2005 => System found infected with whenu.savenow Spyware/Adware (adsend[1].js)! Action taken: No Action Taken.
32: Wed Oct 19 13:59:19 2005 => Offending file found: C:\Dokumente und Einstellungen\NooNoo1\Lokale Einstellungen\Temporary Internet Files\content.ie5\0da34lqf\ads[1].htm
33: Wed Oct 19 13:59:19 2005 => System found infected with whenu.savenow Spyware/Adware (ads[1].htm)! Action taken: No Action Taken.
34: Wed Oct 19 13:59:19 2005 => Offending file found: C:\Dokumente und Einstellungen\NooNoo1\Lokale Einstellungen\Temporary Internet Files\content.ie5\0da34lqf\ads[2].htm
35: Wed Oct 19 13:59:19 2005 => System found infected with whenu.savenow Spyware/Adware (ads[2].htm)! Action taken: No Action Taken.
36: Wed Oct 19 13:59:19 2005 => Offending file found: C:\Dokumente und Einstellungen\NooNoo1\Lokale Einstellungen\Temporary Internet Files\content.ie5\0da34lqf\formie[1].css
37: Wed Oct 19 13:59:19 2005 => System found infected with whenu.savenow Spyware/Adware (formie[1].css)! Action taken: No Action Taken.
38: Wed Oct 19 13:59:19 2005 => Offending file found: C:\Dokumente und Einstellungen\NooNoo1\Lokale Einstellungen\Temporary Internet Files\content.ie5\at309c7a\formie[1].css
39: Wed Oct 19 13:59:19 2005 => System found infected with whenu.savenow Spyware/Adware (formie[1].css)! Action taken: No Action Taken.
40: Wed Oct 19 13:59:19 2005 => Offending file found: C:\Dokumente und Einstellungen\NooNoo1\Lokale Einstellungen\Temporary Internet Files\content.ie5\at309c7a\show_ads[2].js
41: Wed Oct 19 13:59:19 2005 => System found infected with whenu.savenow Spyware/Adware (show_ads[2].js)! Action taken: No Action Taken.
42: Wed Oct 19 13:59:19 2005 => Offending file found: C:\Dokumente und Einstellungen\NooNoo1\Lokale Einstellungen\Temporary Internet Files\content.ie5\i5mmlac4\adswrapper[1].js
43: Wed Oct 19 13:59:19 2005 => System found infected with whenu.savenow Spyware/Adware (adswrapper[1].js)! Action taken: No Action Taken.
44: Wed Oct 19 13:59:19 2005 => Offending file found: C:\Dokumente und Einstellungen\NooNoo1\Lokale Einstellungen\Temporary Internet Files\content.ie5\i5mmlac4\blank[1].htm
45: Wed Oct 19 13:59:19 2005 => System found infected with whenu.savenow Spyware/Adware (blank[1].htm)! Action taken: No Action Taken.
46: Wed Oct 19 13:59:19 2005 => Offending file found: C:\Dokumente und Einstellungen\NooNoo1\Lokale Einstellungen\Temporary Internet Files\content.ie5\i5mmlac4\global[1].js
47: Wed Oct 19 13:59:19 2005 => System found infected with redv Spyware/Adware (global[1].js)! Action taken: No Action Taken.
48: Wed Oct 19 13:59:19 2005 => Offending file found: C:\Dokumente und Einstellungen\NooNoo1\Lokale Einstellungen\Temporary Internet Files\content.ie5\kz2nudyt\adswrapper[1].js
49: Wed Oct 19 13:59:19 2005 => System found infected with whenu.savenow Spyware/Adware (adswrapper[1].js)! Action taken: No Action Taken.
50: Wed Oct 19 13:59:19 2005 => Offending file found: C:\Dokumente und Einstellungen\NooNoo1\Lokale Einstellungen\Temporary Internet Files\content.ie5\kz2nudyt\index[1].html
51: Wed Oct 19 13:59:19 2005 => System found infected with whenu.savenow Spyware/Adware (index[1].html)! Action taken: No Action Taken.
52: Wed Oct 19 13:59:19 2005 => Offending file found: C:\Dokumente und Einstellungen\NooNoo1\Lokale Einstellungen\Temporary Internet Files\content.ie5\opqrstuv\adsend[1].js
53: Wed Oct 19 13:59:19 2005 => System found infected with whenu.savenow Spyware/Adware (adsend[1].js)! Action taken: No Action Taken.
54: Wed Oct 19 14:21:16 2005 => Scanning File D:\Mp3s\Barthezz - infected.mp3 [**]
55: Wed Oct 19 14:21:16 2005 => Scanning File D:\Mp3s\Barthezz - Infected3.mp3 [**]
56: Wed Oct 19 14:36:06 2005 => Scanning Folder: E:\Programme\AVPersonal\INFECTED\*.*
--------------------------------------------------
--------------------- TAGGED ---------------------
--------------------------------------------------
1: Wed Oct 19 14:25:42 2005 => File E:\Installs\dirc-321.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.601. No Action Taken.
2: Wed Oct 19 14:26:16 2005 => File E:\Installs\fgf096a.zip tagged as "not-a-virus:AdWare.Win32.Aureate.a". Action Taken: No Action Taken.
3: Wed Oct 19 14:28:24 2005 => File E:\Installs\kmd171gu_en.exe tagged as "not-a-virus:AdWare.Win32.Cydoor". Action Taken: No Action Taken.
4: Wed Oct 19 14:31:49 2005 => File E:\Installs\lan\Net\VNC\vnc-4.0b5-x86_win32.zip tagged as not-a-virus:RemoteAdmin.Win32.WinVNC.4. No Action Taken.
5: Wed Oct 19 14:34:09 2005 => File E:\Installs\mirc612.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.612. No Action Taken.
6: Wed Oct 19 14:34:09 2005 => File E:\Installs\mirc616.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.616. No Action Taken.
7: Wed Oct 19 14:34:32 2005 => File E:\Installs\pwlview.zip tagged as not-a-virus:PSWTool.Win32.WinPassViewer.203. No Action Taken.
8: Wed Oct 19 14:36:08 2005 => File E:\Programme\dIRC\dIRC.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.601. No Action Taken.
9: Wed Oct 19 14:37:29 2005 => Scanning File E:\Programme\Media_Manager_2004\Icons\Tagged Image File Format.ico [**]
10: Wed Oct 19 14:41:02 2005 => File E:\Programme\mIRC\backup\mirc.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.603. No Action Taken.
11: Wed Oct 19 14:41:04 2005 => File E:\Programme\mIRC\mirc.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.612. No Action Taken.
12: Wed Oct 19 14:41:05 2005 => File E:\Programme\mirctest\backup\mirc.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.603. No Action Taken.
13: Wed Oct 19 14:41:07 2005 => File E:\Programme\mirctest\mirc.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.612. No Action Taken.
14: Wed Oct 19 14:49:28 2005 => File G:\Gamez\half-life\hltv.exe tagged as not-a-virus:Server-Proxy.Win32.Hltv. No Action Taken.
--------------------------------------------------
--------------------- ERRORS ---------------------
--------------------------------------------------
1: Wed Oct 19 13:59:05 2005 => ERROR!!! Invalid Entry Logitech BT Wizard = LBTWiz.exe -silent (in key SOFTWARE\Microsoft\Windows\CurrentVersion\Run). No Action Taken.
2: Wed Oct 19 13:59:11 2005 => ERROR!!! Invalid Entry \??\F:\INSTALL\GMSIPCI.SYS in SYSTEM\CurrentControlSet\Services\GMSIPCI...
3: Wed Oct 19 13:59:21 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\WMPBurn.exe" refers to invalid object "\WMPBurn\WMPBurn.exe". Action Taken: No Action Taken.
4: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".0-Beta1-Extra/". Action Taken: No Action Taken.
5: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".0-Beta1-Extra/kernel-modules+firmware/". Action Taken: No Action Taken.
6: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".0-Beta1-Extra/kernel-modules+firmware/i386/". Action Taken: No Action Taken.
7: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".0-Beta2-Extra/". Action Taken: No Action Taken.
8: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".0-Beta2-Extra/kernel-modules+firmware/". Action Taken: No Action Taken.
9: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".0-Beta2-Extra/kernel-modules+firmware/CD1/". Action Taken: No Action Taken.
10: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".0-Beta2-Extra/kernel-modules+firmware/CD1/suse/". Action Taken: No Action Taken.
11: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".0-Beta2-Extra/kernel-modules+firmware/CD1/suse/i586/". Action Taken: No Action Taken.
12: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".0/". Action Taken: No Action Taken.
13: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".0/ap1/". Action Taken: No Action Taken.
14: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".0/d1/". Action Taken: No Action Taken.
15: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".0/ham1/". Action Taken: No Action Taken.
16: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".0/k2de3/". Action Taken: No Action Taken.
17: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".0/n2/". Action Taken: No Action Taken.
18: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".0/suse1/". Action Taken: No Action Taken.
19: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".0/zq1/". Action Taken: No Action Taken.
20: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".1/". Action Taken: No Action Taken.
21: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".1/suse/". Action Taken: No Action Taken.
22: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".1/suse/i686/". Action Taken: No Action Taken.
23: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".3-i386/". Action Taken: No Action Taken.
24: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".3-i386/base/". Action Taken: No Action Taken.
25: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".3-x86_64/". Action Taken: No Action Taken.
26: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".3-x86_64/base/". Action Taken: No Action Taken.
27: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".3/". Action Taken: No Action Taken.
28: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".3/iso/". Action Taken: No Action Taken.
29: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".3/yast-source/". Action Taken: No Action Taken.
30: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".3/yast-source/suse/". Action Taken: No Action Taken.
31: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".3/yast-source/suse/setup/". Action Taken: No Action Taken.
32: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".3/yast-source/suse/setup/descr/". Action Taken: No Action Taken.
33: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".3/yast-source/suse/src/". Action Taken: No Action Taken.
34: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".acr". Action Taken: No Action Taken.
35: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".b3d". Action Taken: No Action Taken.
36: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".cam". Action Taken: No Action Taken.
37: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".com/". Action Taken: No Action Taken.
38: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".com/contrib/". Action Taken: No Action Taken.
39: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".com/pub/suse/i386/". Action Taken: No Action Taken.
40: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".com/suse/". Action Taken: No Action Taken.
41: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".com/suse/i386/". Action Taken: No Action Taken.
42: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".com/suse/i386/supplementary/". Action Taken: No Action Taken.
43: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".com/suse/i386/supplementary/KDE/". Action Taken: No Action Taken.
44: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".cr2". Action Taken: No Action Taken.
45: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".crw". Action Taken: No Action Taken.
46: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".cue". Action Taken: No Action Taken.
47: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".dcm". Action Taken: No Action Taken.
48: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".dcx". Action Taken: No Action Taken.
49: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".dds". Action Taken: No Action Taken.
50: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/". Action Taken: No Action Taken.
51: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/projects/". Action Taken: No Action Taken.
52: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/pub/linux/distributions/suse/". Action Taken: No Action Taken.
53: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/pub/linux/distributions/suse/apt/". Action Taken: No Action Taken.
54: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/pub/linux/distributions/suse/apt/SuSE/". Action Taken: No Action Taken.
55: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/pub/linux/suse/i386/". Action Taken: No Action Taken.
56: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/suse/". Action Taken: No Action Taken.
57: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/suse/i386/". Action Taken: No Action Taken.
58: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/suse/i386/update/". Action Taken: No Action Taken.
59: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/suse/ia64/". Action Taken: No Action Taken.
60: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".de/suse/ppc/". Action Taken: No Action Taken.
61: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".djvu". Action Taken: No Action Taken.
62: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".ecw". Action Taken: No Action Taken.
63: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".fpx". Action Taken: No Action Taken.
64: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".fsh". Action Taken: No Action Taken.
65: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".g3". Action Taken: No Action Taken.
66: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".gsm". Action Taken: No Action Taken.
67: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".gxt". Action Taken: No Action Taken.
68: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".icl". Action Taken: No Action Taken.
69: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".iff". Action Taken: No Action Taken.
70: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".img". Action Taken: No Action Taken.
71: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".iw44". Action Taken: No Action Taken.
72: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".j2k". Action Taken: No Action Taken.
73: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".jng". Action Taken: No Action Taken.
74: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".jp2". Action Taken: No Action Taken.
75: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".jpc". Action Taken: No Action Taken.
76: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".jpm". Action Taken: No Action Taken.
77: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".kdc". Action Taken: No Action Taken.
78: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".lbm". Action Taken: No Action Taken.
79: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".ldf". Action Taken: No Action Taken.
80: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".lds". Action Taken: No Action Taken.
81: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".lwf". Action Taken: No Action Taken.
82: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".mng". Action Taken: No Action Taken.
83: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".ngg". Action Taken: No Action Taken.
84: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".nlm". Action Taken: No Action Taken.
85: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".nol". Action Taken: No Action Taken.
86: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".obsolete/". Action Taken: No Action Taken.
87: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".obsolete/suse_update/". Action Taken: No Action Taken.
88: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".old". Action Taken: No Action Taken.
89: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".org/Namibia/". Action Taken: No Action Taken.
90: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".org/pub/pure-ftpd/releases/". Action Taken: No Action Taken.
91: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".pan". Action Taken: No Action Taken.
92: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".pbm". Action Taken: No Action Taken.
93: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".pgm". Action Taken: No Action Taken.
94: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".ppm". Action Taken: No Action Taken.
95: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".psp". Action Taken: No Action Taken.
96: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".ras". Action Taken: No Action Taken.
97: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".raw". Action Taken: No Action Taken.
98: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".rgb". Action Taken: No Action Taken.
99: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".sff". Action Taken: No Action Taken.
100: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".sfw". Action Taken: No Action Taken.
101: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".sgi". Action Taken: No Action Taken.
102: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".sid". Action Taken: No Action Taken.
103: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".sun". Action Taken: No Action Taken.
104: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".tga". Action Taken: No Action Taken.
105: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".wbmp". Action Taken: No Action Taken.
106: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".xpm". Action Taken: No Action Taken.
107: Wed Oct 19 13:59:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object "OpenWithList". Action Taken: No Action Taken.
108: Wed Oct 19 13:59:21 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "eMusic Promotion". Action Taken: No Action Taken.
109: Wed Oct 19 13:59:24 2005 => Entry "HKCR\TypeLib\{0588145C-4180-4204-A567-BC804D76EE64}" refers to invalid object "C:\DOKUME~1\NooNoo1\LOKALE~1\Temp\VBE\RefEdit.exd". Action Taken: No Action Taken.
110: Wed Oct 19 13:59:24 2005 => Entry "HKCR\TypeLib\{191651DC-F223-4CD8-86A0-F7BB5B5FE35D}" refers to invalid object "e:\Programme\MATLAB704\toolbox\rtw\targets\xpc\api\xpcapiCOM.dll". Action Taken: No Action Taken.
111: Wed Oct 19 13:59:24 2005 => Entry "HKCR\TypeLib\{29939855-DA8F-44E8-9853-95C60A2E6E7F}" refers to invalid object "C:\DOKUME~1\NooNoo1\LOKALE~1\Temp\VBE\MSForms.exd". Action Taken: No Action Taken.
112: Wed Oct 19 13:59:24 2005 => Entry "HKCR\TypeLib\{2FE3D0BC-E0E2-476B-B485-63E01345F0F8}" refers to invalid object "e:\Programme\MATLAB704\toolbox\rtw\targets\xpc\xpc\xpcmngr\ocx\mwxPCpanelCtrlsx2x7x1.ocx". Action Taken: No Action Taken.
113: Wed Oct 19 13:59:24 2005 => Entry "HKCR\TypeLib\{3732EC5C-C584-44B8-B4DA-04E0054414C0}" refers to invalid object "C:\Programme\Logitech\Desktop Messenger\8876480\Program\SyncExt.dll". Action Taken: No Action Taken.
114: Wed Oct 19 13:59:24 2005 => Entry "HKCR\TypeLib\{602F20F1-DF66-11D1-A21D-00A024E7DC56}" refers to invalid object "e:\Programme\MATLAB704\toolbox\daq\daq\private\mwwinsound.dll". Action Taken: No Action Taken.
115: Wed Oct 19 13:59:24 2005 => Entry "HKCR\TypeLib\{60ACE49B-F247-4E12-B740-EF8DB1941D0F}" refers to invalid object "e:\Programme\ewido\security suite\context.dll". Action Taken: No Action Taken.
116: Wed Oct 19 13:59:24 2005 => Entry "HKCR\TypeLib\{649D582F-3401-11D1-8C47-0080C7C43E7F}" refers to invalid object "E:\Programme\Microsoft Office\Office\1031\WFXRSTRZ.DLL". Action Taken: No Action Taken.
117: Wed Oct 19 13:59:24 2005 => Entry "HKCR\TypeLib\{82351433-9094-11D1-A24B-00A0C932C7DF}" refers to invalid object "C:\WINDOWS\system32\AniGIF.ocx". Action Taken: No Action Taken.
118: Wed Oct 19 13:59:24 2005 => Entry "HKCR\TypeLib\{87708F04-48EA-4C25-8D71-27F3E29FB83D}" refers to invalid object "e:\Programme\MATLAB704\toolbox\daq\daq\private\mwparallel.dll". Action Taken: No Action Taken.
119: Wed Oct 19 13:59:24 2005 => Entry "HKCR\TypeLib\{886257EB-E47C-11D3-8ED1-95743DE02879}" refers to invalid object "e:\Programme\MATLAB704\toolbox\rtw\targets\xpc\xpc\xpcmngr\ocx\MBSplit.ocx". Action Taken: No Action Taken.
120: Wed Oct 19 13:59:24 2005 => Entry "HKCR\TypeLib\{BE1EFB01-5751-4D22-8B4E-497018109E39}" refers to invalid object "e:\Programme\MATLAB704\toolbox\rtw\targets\xpc\xpc\xpcmngr\ocx\mwxpccontrolsx2x7x1.ocx". Action Taken: No Action Taken.
121: Wed Oct 19 13:59:24 2005 => Entry "HKCR\TypeLib\{DCB43485-19FB-4D6D-BB3D-73C7F48D5F00}" refers to invalid object "C:\Programme\Messenger\rtcimsp.dll". Action Taken: No Action Taken.
122: Wed Oct 19 13:59:24 2005 => Entry "HKCR\.col" refers to invalid object "COLFile". Action Taken: No Action Taken.
123: Wed Oct 19 13:59:24 2005 => Entry "HKCR\.idc" refers to invalid object "idcfile". Action Taken: No Action Taken.
124: Wed Oct 19 13:59:25 2005 => Entry "HKCR\.sll" refers to invalid object "SSLFile". Action Taken: No Action Taken.
125: Wed Oct 19 13:59:25 2005 => Entry "HKCR\.tuw" refers to invalid object "TUWFile". Action Taken: No Action Taken.
126: Wed Oct 19 13:59:25 2005 => Entry "HKCR\Matlab.Application.Single" refers to invalid object "{2A021682-B0D6-4734-BCBF-F8FF3A987E65}". Action Taken: No Action Taken.
127: Wed Oct 19 13:59:25 2005 => Entry "HKCR\Matlab.Application.Single.7" refers to invalid object "{2A021682-B0D6-4734-BCBF-F8FF3A987E65}". Action Taken: No Action Taken.
128: Wed Oct 19 13:59:25 2005 => Entry "HKCR\MBSplit.Splitter" refers to invalid object "{886257EF-E47C-11D3-8ED1-95743DE02879}". Action Taken: No Action Taken.
129: Wed Oct 19 13:59:26 2005 => Entry "HKCR\mwWinsound.Adaptor" refers to invalid object "{E3A3FC7A-B3CE-11D3-B32F-00A0C9F223E0}". Action Taken: No Action Taken.
130: Wed Oct 19 13:59:26 2005 => Entry "HKCR\mwWinsound.Adaptor.1" refers to invalid object "{E3A3FC7A-B3CE-11D3-B32F-00A0C9F223E0}". Action Taken: No Action Taken.
131: Wed Oct 19 13:59:26 2005 => Entry "HKCR\mwwinsound.output" refers to invalid object "{93DA44DB-C20F-11D3-A53E-00902757EA8D}". Action Taken: No Action Taken.
132: Wed Oct 19 13:59:26 2005 => Entry "HKCR\mwwinsound.output.1" refers to invalid object "{93DA44DB-C20F-11D3-A53E-00902757EA8D}". Action Taken: No Action Taken.
133: Wed Oct 19 13:59:26 2005 => Entry "HKCR\mwxpccontrolsx2x7x1.EmptyXCtrl" refers to invalid object "{DBF82505-88CB-4A66-9907-FFD17EAC583F}". Action Taken: No Action Taken.
134: Wed Oct 19 13:59:26 2005 => Entry "HKCR\mwxpccontrolsx2x7x1.ImageListCtrl" refers to invalid object "{73F8D0B3-68E9-471A-9C83-668DA42BF608}". Action Taken: No Action Taken.
135: Wed Oct 19 13:59:26 2005 => Entry "HKCR\mwxpccontrolsx2x7x1.listviewctrl" refers to invalid object "{42DBC9E2-2F0D-4DED-B7E5-7F4DB8E6FE38}". Action Taken: No Action Taken.
136: Wed Oct 19 13:59:26 2005 => Entry "HKCR\mwxpccontrolsx2x7x1.mshflexgridCtrl" refers to invalid object "{B936D94F-F049-49EB-88FA-0A1EF1FA5E1E}". Action Taken: No Action Taken.
137: Wed Oct 19 13:59:26 2005 => Entry "HKCR\mwxpccontrolsx2x7x1.PathChooserCtrl" refers to invalid object "{77647D31-6BE8-4041-B9EC-C1905956A586}". Action Taken: No Action Taken.
138: Wed Oct 19 13:59:26 2005 => Entry "HKCR\mwxpccontrolsx2x7x1.richtextboxCtrl" refers to invalid object "{A801536B-C85B-4514-A8EA-2178FADD735F}". Action Taken: No Action Taken.
139: Wed Oct 19 13:59:26 2005 => Entry "HKCR\mwxpccontrolsx2x7x1.treeviewctrl" refers to invalid object "{BF6AB797-3FAF-4612-9633-F35545175211}". Action Taken: No Action Taken.
140: Wed Oct 19 13:59:26 2005 => Entry "HKCR\mwxPCPanelCtrlsx2x7x1.xPCAppPanel" refers to invalid object "{30387EC1-68B2-44DB-A05F-39AC2111AA94}". Action Taken: No Action Taken.
141: Wed Oct 19 13:59:26 2005 => Entry "HKCR\mwxPCPanelCtrlsx2x7x1.xPCBlkptPanel" refers to invalid object "{9496DE05-4D53-426F-9A48-2EE34784DAB3}". Action Taken: No Action Taken.
142: Wed Oct 19 13:59:26 2005 => Entry "HKCR\mwxPCPanelCtrlsx2x7x1.xpcCCPanel" refers to invalid object "{4EE18D51-42C7-45FC-89BA-A4CF919C24C7}". Action Taken: No Action Taken.
143: Wed Oct 19 13:59:26 2005 => Entry "HKCR\mwxPCPanelCtrlsx2x7x1.xPCCommPanel" refers to invalid object "{4490E5E3-7B7F-463E-890D-935DD0B324BD}". Action Taken: No Action Taken.
144: Wed Oct 19 13:59:26 2005 => Entry "HKCR\mwxPCPanelCtrlsx2x7x1.xPCConfigPanel" refers to invalid object "{41D960C6-A519-467F-BEFF-1497FD64AFE7}". Action Taken: No Action Taken.
145: Wed Oct 19 13:59:26 2005 => Entry "HKCR\mwxPCPanelCtrlsx2x7x1.xpcScopePanel" refers to invalid object "{C54850D1-6F45-4478-8090-3E10DE5AA2D9}". Action Taken: No Action Taken.
146: Wed Oct 19 13:59:26 2005 => Entry "HKCR\mwxPCPanelCtrlsx2x7x1.xPCSetsPanel" refers to invalid object "{1CCCE7B8-3C43-4DF2-9EE9-58EFBAF36D41}". Action Taken: No Action Taken.
147: Wed Oct 19 13:59:26 2005 => Entry "HKCR\mwxPCPanelCtrlsx2x7x1.xPCtgAppPanel" refers to invalid object "{634B1D28-88CF-484E-9F6B-FF95D91A66BF}". Action Taken: No Action Taken.
148: Wed Oct 19 13:59:26 2005 => Entry "HKCR\ParallelAdaptor.ParallelAdapt" refers to invalid object "{890C55F6-1DEF-4719-B1A6-5C3726DC054F}". Action Taken: No Action Taken.
149: Wed Oct 19 13:59:26 2005 => Entry "HKCR\ParallelAdaptor.ParallelAdapt.1" refers to invalid object "{890C55F6-1DEF-4719-B1A6-5C3726DC054F}". Action Taken: No Action Taken.
150: Wed Oct 19 13:59:26 2005 => Entry "HKCR\ParallelAdaptor.ParallelDio" refers to invalid object "{42B1047E-5A2D-4BB1-9646-361C6A53D9F1}". Action Taken: No Action Taken.
151: Wed Oct 19 13:59:26 2005 => Entry "HKCR\ParallelAdaptor.ParallelDio.1" refers to invalid object "{42B1047E-5A2D-4BB1-9646-361C6A53D9F1}". Action Taken: No Action Taken.
152: Wed Oct 19 13:59:26 2005 => Entry "HKCR\RTCIMSP.RTCIMService" refers to invalid object "{83D4679F-B6D7-11D2-BF36-00C04FB90A03}". Action Taken: No Action Taken.
153: Wed Oct 19 13:59:26 2005 => Entry "HKCR\RTCIMSP.RTCIMService.1" refers to invalid object "{83D4679F-B6D7-11D2-BF36-00C04FB90A03}". Action Taken: No Action Taken.
154: Wed Oct 19 13:59:26 2005 => Entry "HKCR\XpcapiCOM.xPCFileSystem" refers to invalid object "{396436CD-5289-46FA-AEF9-DD6180E8F8C7}". Action Taken: No Action Taken.
155: Wed Oct 19 13:59:26 2005 => Entry "HKCR\XpcapiCOM.xPCFileSystem.1" refers to invalid object "{396436CD-5289-46FA-AEF9-DD6180E8F8C7}". Action Taken: No Action Taken.
156: Wed Oct 19 13:59:26 2005 => Entry "HKCR\XpcapiCOM.xPCProtocol" refers to invalid object "{475D91C7-7A6B-4190-8697-FD355C78A9D5}". Action Taken: No Action Taken.
157: Wed Oct 19 13:59:26 2005 => Entry "HKCR\XpcapiCOM.xPCProtocol.1" refers to invalid object "{475D91C7-7A6B-4190-8697-FD355C78A9D5}". Action Taken: No Action Taken.
158: Wed Oct 19 13:59:26 2005 => Entry "HKCR\XpcapiCOM.xPCScopes" refers to invalid object "{B43C500D-2BEE-4BE7-BF40-056974A98086}". Action Taken: No Action Taken.
159: Wed Oct 19 13:59:26 2005 => Entry "HKCR\XpcapiCOM.xPCScopes.1" refers to invalid object "{B43C500D-2BEE-4BE7-BF40-056974A98086}". Action Taken: No Action Taken.
160: Wed Oct 19 13:59:26 2005 => Entry "HKCR\XpcapiCOM.xPCTarget" refers to invalid object "{3C06BCA0-15F3-4A17-A599-F615667A0647}". Action Taken: No Action Taken.
161: Wed Oct 19 13:59:26 2005 => Entry "HKCR\XpcapiCOM.xPCTarget.1" refers to invalid object "{3C06BCA0-15F3-4A17-A599-F615667A0647}". Action Taken: No Action Taken.
162: Wed Oct 19 14:01:09 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\GAINDashBar.zip is Not Scanned
163: Wed Oct 19 14:01:09 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\GAINGator.zip is Not Scanned
164: Wed Oct 19 14:01:09 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\GAINGator1.zip is Not Scanned
165: Wed Oct 19 14:01:09 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\GAINGator10.zip is Not Scanned
166: Wed Oct 19 14:01:09 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\GAINGator11.zip is Not Scanned
167: Wed Oct 19 14:01:09 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\GAINGator13.zip is Not Scanned
168: Wed Oct 19 14:01:09 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\GAINGator14.zip is Not Scanned
169: Wed Oct 19 14:01:09 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\GAINGator15.zip is Not Scanned
170: Wed Oct 19 14:01:09 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\GAINGator16.zip is Not Scanned
171: Wed Oct 19 14:01:10 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\GAINGator2.zip is Not Scanned
172: Wed Oct 19 14:01:10 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\GAINGator3.zip is Not Scanned
173: Wed Oct 19 14:01:10 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\GAINGator4.zip is Not Scanned
174: Wed Oct 19 14:01:10 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\GAINGator5.zip is Not Scanned
175: Wed Oct 19 14:01:10 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\GAINGator6.zip is Not Scanned
176: Wed Oct 19 14:01:10 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\GAINGator7.zip is Not Scanned
177: Wed Oct 19 14:01:10 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\GAINGator8.zip is Not Scanned
178: Wed Oct 19 14:01:10 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\GAINGator9.zip is Not Scanned
179: Wed Oct 19 14:01:10 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\WindowsSecurityCenterAntiVirusOverride.zip is Not Scanned
180: Wed Oct 19 14:01:10 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\WindowsSecurityCenterFirewallOverride.zip is Not Scanned
181: Wed Oct 19 14:23:29 2005 => Result: ERROR!!! File E:\Installs\cd-client-4_27_3-en.exe is Not Scanned
182: Wed Oct 19 14:35:09 2005 => Result: ERROR!!! File E:\Installs\winzip\WinZip-8-win-full-serial-61924847.exe is Not Scanned
183: Wed Oct 19 14:43:53 2005 => Result: ERROR!!! File F:\download\InterVideo.WinDVD.Platinum.v7.0.B27.066.Really.Working.KeyGen.Only-AGAiN.by.GEAR.for.www.goldesel.to.rar is Not Scanned
184: Wed Oct 19 14:47:13 2005 => Result: ERROR!!! File F:\download\Need.For.Speed.Underground.2.German.Patch.02.by.GEAR.for.www.goldesel.6x.to.rar is Not Scanned
--------------------------------------------------
-------- DATEIEN ZUM LÖSCHEN HINZUGEFÜGT ---------
--------------------------------------------------
1: E:\Installs\dirc-321.exe => tagged:Client-IRC.Win32.mIRC.601.
2: E:\Installs\lan\Net\VNC\vnc-4.0b5-x86_win32.zip => tagged:RemoteAdmin.Win32.WinVNC.4.
3: E:\Installs\mirc612.exe => tagged:Client-IRC.Win32.mIRC.612.
4: E:\Installs\mirc616.exe => tagged:Client-IRC.Win32.mIRC.616.
5: E:\Installs\pwlview.zip => tagged:PSWTool.Win32.WinPassViewer.203.
6: E:\Programme\dIRC\dIRC.exe => tagged:Client-IRC.Win32.mIRC.601.
7: E:\Programme\mIRC\backup\mirc.exe => tagged:Client-IRC.Win32.mIRC.603.
8: E:\Programme\mIRC\mirc.exe => tagged:Client-IRC.Win32.mIRC.612.
9: E:\Programme\mirctest\backup\mirc.exe => tagged:Client-IRC.Win32.mIRC.603.
10: E:\Programme\mirctest\mirc.exe => tagged:Client-IRC.Win32.mIRC.612.
11: G:\Gamez\half-life\hltv.exe => tagged:Server-Proxy.Win32.Hltv.
--------------------------------------------------
-------------------- Statistik -------------------
--------------------------------------------------
Wed Oct 19 14:55:44 2005 => Total Objects Scanned: 188186
Wed Oct 19 14:55:44 2005 => Total Virus(es) Found: 50
Wed Oct 19 14:55:44 2005 => Total Errors: 184
Wed Oct 19 14:55:44 2005 => Virus Database Date: 2005/10/16
Wed Oct 19 14:55:44 2005 => Virus Database Count: 154391
Wed Oct 19 19:08:52 2005 => Total Objects Scanned: 188186
Wed Oct 19 19:08:52 2005 => Total Virus(es) Found: 50
Wed Oct 19 19:08:52 2005 => Total Errors: 184
- mrfreeman1985
- Beiträge: 5
- Registriert: 17.10.2005, 14:06
- Wohnort: Bonn
12 Beiträge • Seite 1 von 1
Ähnliche Themen
| PC hängt sich beim Runterladen mit flashget auf Forum: Software-Hilfe Autor: Anonymous Antworten: |
ICQ aus "Eigene Dateien" löschen Forum: Software-Hilfe Autor: pet58 Antworten: |
Dateien lassen sich nicht mit dem Photo-Editor verknüpfen Forum: Software-Hilfe Autor: Anonymous Antworten: |
Neuer Virus ''Blaster'' verbreitet sich rasch Forum: Online- und PC-Sicherheit Autor: Computerdirk Antworten: |
Computer macht sich selbstständig..!? Forum: Hardware-Hilfe Autor: Anonymous Antworten: |