Informationsarchiv.net > Foren-Übersicht > Computerprobleme > Online- und PC-Sicherheit
Warum kostenlos registrieren?

Nur als registriertes Mitglied hast Du vollen Zugriff auf alle Funktionen unserer Website. So kannst Du eigene Fragen stellen und hast die volle Übersicht über neue interessante Themen im Forum.
Jetzt kostenlos registrieren.

Login


TR/Dldr.Small.ckj.2

Warnungen vor Sicherheitslücken und Hilfe beim Enfernen von Viren, Würmern und Trojanern.
Antwort erstellen

TR/Dldr.Small.ckj.2

Beitragvon Dannykster am 27.03.2006, 17:46

Hi Leute

Ich bekomme einfach diesen *lol* Trojaner nicht runter, seid Samstag versuche ich es krampfhaft. Habe schon mehrere Virenscanner und spysweeper drüberlaufen lassen, auch im abgesichertem Modus. Bei jedem Neustart ist er wieder da :cry:

Wisst Ihr Rat?

LG Danny
Dannykster
 
Beiträge: 4
Registriert: 27.03.2006, 17:40
Wohnort: Magdeburg
Nach oben

Beitragvon Nikita am 27.03.2006, 17:55

stelle den CleanUp genauso ein, wie hier angegeben:
http://virus-protect.org/cleanup.html

Kopiere hier diese 4 Textdateien. Sie sind nach Datum geordnet. (kopiere nur die letzten 3 Monate ab)
http://virus-protect.org/datfindbat.html


Hijackthis
http://computercops.biz/zx/Merijn/hijackthis.zip
http://virus-protect.org/hjtkurz.html
Lade/entpacke HijackThis in einem Ordner
--> None of the above just start the program --> Save--> Savelog -->es öffnet sich der Editor
nun das KOMPLETTE Log mit rechtem Mausklick abkopieren und ins Forum mit rechtem Mausklick "einfügen"
Nikita
Moderator
 
Beiträge: 11478
Registriert: 07.12.2003, 16:53
Wohnort: Lissabon
Nach oben

Beitragvon Dannykster am 27.03.2006, 18:03

OK Danke für die schnelle Antwort, werde ich machen. :D
Dannykster
 
Beiträge: 4
Registriert: 27.03.2006, 17:40
Wohnort: Magdeburg
Nach oben

Beitragvon Dannykster am 27.03.2006, 18:12

Ich hoffe ich mach das jetzt hier richtig, wenn nicht net böse sein habe davon echt keine Ahnung:

leanUp! started on 03/27/06 18:07:23.
...
Cookie:fred künnemann@ivwbox.de/ - deleted
Cookie:fred künnemann@www.dannyksters.de/ - deleted
Cookie:fred künnemann@www.avira.com/ - deleted
Cookie:fred künnemann@emsisoft.com/ - deleted
Cookie:fred künnemann@www.go-clicks.de/ - deleted
Cookie:fred künnemann@as1.falkag.de/ - deleted
Cookie:fred künnemann@imageshack.us/ - deleted
Cookie:anyuser@od2.com/ - deleted
Cookie:fred künnemann@www.sponsorpro.de/ - deleted
Cookie:fred künnemann@serviceswitching.metaservices.microsoft.com/serviceswitching/ - deleted
Cookie:fred künnemann@www.firstload.de/ - deleted
Cookie:fred künnemann@msn.com/ - deleted
Cookie:fred künnemann@bitdefender.de/ - deleted
Cookie:fred künnemann@www.hacks4wbb.de/ - deleted
Cookie:fred künnemann@www.chip.de/ - deleted
Cookie:fred künnemann@www.mpnrs.com/ - deleted
Cookie:fred künnemann@www.primacom.de/ - deleted
Cookie:fred künnemann@www.imageshack.us/ - deleted
Cookie:fred künnemann@emsisoft.de/ - deleted
Cookie:fred künnemann@www.glaskasten.net/wbb2/ - deleted
C:\Dokumente und Einstellungen\Fred Künnemann\Recent\856182282.lnk - deleted
C:\Dokumente und Einstellungen\Fred Künnemann\Recent\antivir.PE.V.7.lnk - deleted
C:\Dokumente und Einstellungen\Fred Künnemann\Recent\brennNort.lnk - deleted
C:\Dokumente und Einstellungen\Fred Künnemann\Recent\CD-Laufwerk.lnk - deleted
C:\Dokumente und Einstellungen\Fred Künnemann\Recent\Eigene Bilder.lnk - deleted
C:\Dokumente und Einstellungen\Fred Künnemann\Recent\firofox1.lnk - deleted
C:\Dokumente und Einstellungen\Fred Künnemann\Recent\Stven BUSHIDO Album.lnk - deleted
C:\Dokumente und Einstellungen\Fred Künnemann\Recent\Track05.lnk - deleted
C:\Dokumente und Einstellungen\Fred Künnemann\Recent\Track12.lnk - deleted
C:\Dokumente und Einstellungen\Fred Künnemann\Recent\Trojaner.lnk - deleted
C:\Dokumente und Einstellungen\Fred Künnemann\Recent\ub_amd.lnk - deleted
C:\Dokumente und Einstellungen\Fred Künnemann\Recent\ub_green1.lnk - deleted
C:\Dokumente und Einstellungen\Fred Künnemann\Recent\ub_IE1.lnk - deleted
C:\Dokumente und Einstellungen\Fred Künnemann\Recent\ub_intel.lnk - deleted
C:\Dokumente und Einstellungen\Fred Künnemann\Recent\ub_ps7.lnk - deleted
C:\Dokumente und Einstellungen\Fred Künnemann\Recent\ub_pscs.lnk - deleted
C:\Dokumente und Einstellungen\Fred Künnemann\Recent\ub_red1.lnk - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\$b17a2e8.tmp - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\allservices.xml - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\Click.wav - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\delus.exe - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\delus.ini - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\DFC5A2B2.TMP - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\IEC2.tmp - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\insmagic.log - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\MPCA.tmp - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\nsf3.tmp - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\nsq1E.tmp - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\Pal.pal - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\Perflib_Perfdata_16c.dat - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\Perflib_Perfdata_1b4.dat - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\serviceinfo.xml - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\setb0.tmp - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\setb1.tmp - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\setb2.tmp - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\Shine.wav - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\Skin.ini - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\tmp.xpi - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WER10.tmp - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WER10A.tmp - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WER11.tmp - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WER12.tmp - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WER13.tmp - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WER14.tmp - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WER15.tmp - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WER16.tmp - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WER17.tmp - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WER18.tmp - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WER19.tmp - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WER1A.tmp - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WER1B.tmp - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WER1C.tmp - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WER2.tmp - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WER20.tmp - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WER3.tmp - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WER4.tmp - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WER5.tmp - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WER6.tmp - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WER7.tmp - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WER8.tmp - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WERA.tmp - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WERB.tmp - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WERC.tmp - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WERD.tmp - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WERE.tmp - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WERE5.tmp - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WERF.tmp - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\AVSETUP_4426ab98\setup.log - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\AVSETUP_4426ab98\ - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\ff_temp\xpcom.ns\bin\js3250.dll - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\ff_temp\xpcom.ns\bin\nspr4.dll - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\ff_temp\xpcom.ns\bin\plc4.dll - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\ff_temp\xpcom.ns\bin\plds4.dll - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\ff_temp\xpcom.ns\bin\xpcom_compat.dll - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\ff_temp\xpcom.ns\bin\xpcom_core.dll - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\ff_temp\xpcom.ns\bin\components\jar50.dll - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\ff_temp\xpcom.ns\bin\components\xpinstal.dll - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\ff_temp\xpcom.ns\bin\components\ - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\ff_temp\xpcom.ns\bin\ - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\ff_temp\xpcom.ns\ - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\ff_temp\ - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\is-1CSJI.tmp\_isetup\_shfoldr.dll - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\is-1CSJI.tmp\_isetup\ - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\is-1CSJI.tmp\ - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\is-64JVT.tmp\is-92UTH.tmp - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\is-64JVT.tmp\ - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\is-FD95E.tmp\_isdecmp.dll - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\is-FD95E.tmp\_isetup\_shfoldr.dll - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\is-FD95E.tmp\_isetup\ - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\is-FD95E.tmp\ - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\is-G47TF.tmp\_isetup\_shfoldr.dll - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\is-G47TF.tmp\_isetup\ - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\is-G47TF.tmp\ - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\is-G7SAG.tmp\_isdecmp.dll - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\is-G7SAG.tmp\_isetup\_shfoldr.dll - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\is-G7SAG.tmp\_isetup\ - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\is-G7SAG.tmp\ - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\is-OE77G.tmp\is-4E46C.tmp - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\is-OE77G.tmp\ - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\is-TD346.tmp\SecurityUtil.dll - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\is-TD346.tmp\ - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\nsf4.tmp\ads.ini - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\nsf4.tmp\ANTIHACKER_keypage.ini - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\nsf4.tmp\ANTISPAM_OE_keypage.ini - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\nsf4.tmp\AVPERSONAL_keypage.ini - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\nsf4.tmp\chkkey.dll - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\nsf4.tmp\ci.ini - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\nsf4.tmp\filedlg.dll - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\nsf4.tmp\ii.ini - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\nsf4.tmp\InstallOptions.dll - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\nsf4.tmp\ioSpecial.ini - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\nsf4.tmp\kah_rm.dll - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\nsf4.tmp\modern-header.bmp - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\nsf4.tmp\modern-wizard.bmp - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\nsf4.tmp\osver.dll - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\nsf4.tmp\SS_keypage.ini - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\nsf4.tmp\System.dll - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\nsf4.tmp\UserInfo.dll - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\nsf4.tmp\Utils.dll - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\nsf4.tmp\ - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\nsl1F.tmp\ads.ini - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\nsl1F.tmp\AVPERSONAL_keypage.ini - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\nsl1F.tmp\chkkey.dll - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\nsl1F.tmp\ci.ini - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\nsl1F.tmp\ii.ini - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\nsl1F.tmp\InstallOptions.dll - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\nsl1F.tmp\ioSpecial.ini - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\nsl1F.tmp\modern-header.bmp - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\nsl1F.tmp\modern-wizard.bmp - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\nsl1F.tmp\nsSCM.dll - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\nsl1F.tmp\osver.dll - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\nsl1F.tmp\SS_keypage.ini - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\nsl1F.tmp\System.dll - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\nsl1F.tmp\UserInfo.dll - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\nsl1F.tmp\Utils.dll - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\nsl1F.tmp\ - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\plugtmp\ - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WER10.tmp.dir00\ - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WER10A.tmp.dir00\appcompat.txt - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WER10A.tmp.dir00\ - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WER11.tmp.dir00\ - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WER12.tmp.dir00\ - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WER13.tmp.dir00\ - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WER14.tmp.dir00\ - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WER15.tmp.dir00\ - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WER16.tmp.dir00\ - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WER17.tmp.dir00\ - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WER18.tmp.dir00\ - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WER19.tmp.dir00\ - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WER1A.tmp.dir00\ - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WER1B.tmp.dir00\appcompat.txt - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WER1B.tmp.dir00\ - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WER1C.tmp.dir00\appcompat.txt - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WER1C.tmp.dir00\ - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WER2.tmp.dir00\ - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WER20.tmp.dir00\appcompat.txt - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WER20.tmp.dir00\ - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WER3.tmp.dir00\appcompat.txt - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WER3.tmp.dir00\ - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WER4.tmp.dir00\appcompat.txt - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WER4.tmp.dir00\Integrator.exe.hdmp - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WER4.tmp.dir00\Integrator.exe.mdmp - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WER4.tmp.dir00\manifest.txt - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WER4.tmp.dir00\ - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WER5.tmp.dir00\appcompat.txt - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WER5.tmp.dir00\iexplore.exe.mdmp - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WER5.tmp.dir00\manifest.txt - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WER5.tmp.dir00\ - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WER6.tmp.dir00\appcompat.txt - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WER6.tmp.dir00\firefox.exe.hdmp - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WER6.tmp.dir00\firefox.exe.mdmp - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WER6.tmp.dir00\manifest.txt - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WER6.tmp.dir00\ - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WER7.tmp.dir00\appcompat.txt - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WER7.tmp.dir00\Integrator.exe.mdmp - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WER7.tmp.dir00\manifest.txt - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WER7.tmp.dir00\ - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WER8.tmp.dir00\appcompat.txt - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WER8.tmp.dir00\ - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WERA.tmp.dir00\ - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WERB.tmp.dir00\ - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WERC.tmp.dir00\ - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WERD.tmp.dir00\ - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WERE.tmp.dir00\ - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WERE5.tmp.dir00\appcompat.txt - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WERE5.tmp.dir00\ - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\WERF.tmp.dir00\ - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\{3c02ed4f-46b0-4e9e-87f7-47aeba4031c8}\FONTTEMP.INI - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\{3c02ed4f-46b0-4e9e-87f7-47aeba4031c8}\hhupd.exe - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\{3c02ed4f-46b0-4e9e-87f7-47aeba4031c8}\io_PCTVwdm.dll - deleted
C:\DOKUME~1\FREDKN~1\LOKALE~1\Temp\{3c02ed4f-46b0-4e9e-87f7-47aeba4031c8}\ - deleted
C:\WINDOWS\001157_.tmp - deleted
C:\WINDOWS\002311_.tmp - deleted
C:\WINDOWS\emdat.tmp - deleted
C:\WINDOWS\SET1C.tmp - deleted
C:\WINDOWS\SET28.tmp - deleted
C:\WINDOWS\SET3.tmp - deleted
C:\WINDOWS\SET7.tmp - deleted
C:\WINDOWS\system.tmp - deleted
C:\WINDOWS\win.tmp - deleted
C:\WINDOWS\temp\$_2341233.TMP - deleted
C:\WINDOWS\temp\$_2341234.TMP - deleted
C:\WINDOWS\temp\$_2341235.TMP - deleted
C:\WINDOWS\temp\.bak - deleted
C:\WINDOWS\temp\6.tmp - deleted
C:\WINDOWS\temp\845G.CAT - deleted
C:\WINDOWS\temp\845G.INF - deleted
C:\WINDOWS\temp\access - deleted
C:\WINDOWS\temp\domains - deleted
C:\WINDOWS\temp\ICH4CORE.CAT - deleted
C:\WINDOWS\temp\ICH4CORE.INF - deleted
C:\WINDOWS\temp\ICH4IDE.CAT - deleted
C:\WINDOWS\temp\ICH4IDE.INF - deleted
C:\WINDOWS\temp\ICH4USB.CAT - deleted
C:\WINDOWS\temp\ICH4USB.INF - deleted
C:\WINDOWS\temp\kaw - deleted
C:\WINDOWS\temp\kawkgs - deleted
C:\WINDOWS\temp\map.txt - deleted
C:\WINDOWS\temp\Perflib_Perfdata_4ac.dat - deleted
C:\WINDOWS\temp\Perflib_Perfdata_4cc.dat - deleted
C:\WINDOWS\temp\Perflib_Perfdata_4d4.dat - deleted
C:\WINDOWS\temp\Perflib_Perfdata_4d8.dat - deleted
C:\WINDOWS\temp\Perflib_Perfdata_4e4.dat - deleted
C:\WINDOWS\temp\Perflib_Perfdata_4e8.dat - deleted
C:\WINDOWS\temp\Perflib_Perfdata_4ec.dat - deleted
C:\WINDOWS\temp\Perflib_Perfdata_4f4.dat - deleted
C:\WINDOWS\temp\Perflib_Perfdata_504.dat - deleted
C:\WINDOWS\temp\Perflib_Perfdata_50c.dat - deleted
C:\WINDOWS\temp\Perflib_Perfdata_510.dat - deleted
C:\WINDOWS\temp\Perflib_Perfdata_514.dat - deleted
C:\WINDOWS\temp\Perflib_Perfdata_518.dat - deleted
C:\WINDOWS\temp\Perflib_Perfdata_51c.dat - deleted
C:\WINDOWS\temp\Perflib_Perfdata_528.dat - deleted
C:\WINDOWS\temp\Perflib_Perfdata_530.dat - deleted
C:\WINDOWS\temp\Perflib_Perfdata_534.dat - deleted
C:\WINDOWS\temp\Perflib_Perfdata_538.dat - deleted
C:\WINDOWS\temp\Perflib_Perfdata_540.dat - deleted
C:\WINDOWS\temp\Perflib_Perfdata_544.dat - deleted
C:\WINDOWS\temp\Perflib_Perfdata_548.dat - deleted
C:\WINDOWS\temp\Perflib_Perfdata_550.dat - deleted
C:\WINDOWS\temp\Perflib_Perfdata_554.dat - deleted
C:\WINDOWS\temp\Perflib_Perfdata_558.dat - deleted
C:\WINDOWS\temp\Perflib_Perfdata_55c.dat - deleted
C:\WINDOWS\temp\Perflib_Perfdata_560.dat - deleted
C:\WINDOWS\temp\Perflib_Perfdata_564.dat currently in use. Will be deleted when Windows is restarted.
C:\WINDOWS\temp\Perflib_Perfdata_568.dat - deleted
C:\WINDOWS\temp\Perflib_Perfdata_56c.dat - deleted
C:\WINDOWS\temp\Perflib_Perfdata_58c.dat - deleted
C:\WINDOWS\temp\Perflib_Perfdata_590.dat - deleted
C:\WINDOWS\temp\Perflib_Perfdata_598.dat - deleted
C:\WINDOWS\temp\Perflib_Perfdata_5a0.dat - deleted
C:\WINDOWS\temp\Perflib_Perfdata_5a4.dat - deleted
C:\WINDOWS\temp\Perflib_Perfdata_5b0.dat - deleted
C:\WINDOWS\temp\Perflib_Perfdata_5ec.dat - deleted
C:\WINDOWS\temp\Perflib_Perfdata_608.dat - deleted
C:\WINDOWS\temp\Perflib_Perfdata_610.dat - deleted
C:\WINDOWS\temp\Perflib_Perfdata_620.dat - deleted
C:\WINDOWS\temp\Perflib_Perfdata_624.dat - deleted
C:\WINDOWS\temp\Perflib_Perfdata_628.dat - deleted
C:\WINDOWS\temp\Perflib_Perfdata_634.dat - deleted
C:\WINDOWS\temp\Perflib_Perfdata_63c.dat - deleted
C:\WINDOWS\temp\Perflib_Perfdata_658.dat - deleted
C:\WINDOWS\temp\Perflib_Perfdata_684.dat - deleted
C:\WINDOWS\temp\Perflib_Perfdata_704.dat - deleted
C:\WINDOWS\temp\Perflib_Perfdata_71c.dat - deleted
C:\WINDOWS\temp\Perflib_Perfdata_75c.dat - deleted
C:\WINDOWS\temp\Perflib_Perfdata_7cc.dat - deleted
C:\WINDOWS\temp\Perflib_Perfdata_7f4.dat - deleted
C:\WINDOWS\temp\Perflib_Perfdata_a4.dat - deleted
C:\WINDOWS\temp\Perflib_Perfdata_a50.dat - deleted
C:\WINDOWS\temp\Perflib_Perfdata_ae0.dat - deleted
C:\WINDOWS\temp\Perflib_Perfdata_b2c.dat - deleted
C:\WINDOWS\temp\Perflib_Perfdata_b50.dat - deleted
C:\WINDOWS\temp\Perflib_Perfdata_b5c.dat - deleted
C:\WINDOWS\temp\Perflib_Perfdata_f2c.dat - deleted
C:\WINDOWS\temp\Perflib_Perfdata_f74.dat - deleted
C:\WINDOWS\temp\Urcr\index.dat - deleted
C:\WINDOWS\temp\Urcr\T1D.tmp - deleted
C:\WINDOWS\temp\Urcr\T1F.tmp - deleted
C:\WINDOWS\temp\Urcr\T20.tmp - deleted
C:\WINDOWS\temp\Urcr\T21.tmp - deleted
C:\WINDOWS\temp\Urcr\T22.tmp - deleted
C:\WINDOWS\temp\Urcr\T23.tmp - deleted
C:\WINDOWS\temp\Urcr\T24.tmp - deleted
C:\WINDOWS\temp\Urcr\T25.tmp - deleted
C:\WINDOWS\temp\Urcr\T26.tmp - deleted
C:\WINDOWS\temp\Urcr\T27.tmp - deleted
C:\WINDOWS\temp\Urcr\T28.tmp - deleted
C:\WINDOWS\temp\Urcr\T29.tmp - deleted
C:\WINDOWS\temp\Urcr\T2A.tmp - deleted
C:\WINDOWS\temp\Urcr\T2B.tmp - deleted
C:\WINDOWS\temp\Urcr\T2C.tmp - deleted
C:\WINDOWS\temp\Urcr\T2D.tmp - deleted
C:\WINDOWS\temp\Urcr\T2E.tmp - deleted
C:\WINDOWS\temp\Urcr\T2F.tmp - deleted
C:\WINDOWS\temp\Urcr\T30.tmp - deleted
C:\WINDOWS\temp\Urcr\T31.tmp - deleted
C:\WINDOWS\temp\Urcr\T32.tmp - deleted
C:\WINDOWS\temp\Urcr\T33.tmp - deleted
C:\WINDOWS\temp\Urcr\T34.tmp - deleted
C:\WINDOWS\temp\Urcr\T35.tmp - deleted
C:\WINDOWS\temp\Urcr\T36.tmp - deleted
C:\WINDOWS\temp\Urcr\T37.tmp - deleted
C:\WINDOWS\temp\Urcr\T38.tmp - deleted
C:\WINDOWS\temp\Urcr\T39.tmp - deleted
C:\WINDOWS\temp\Urcr\T3A.tmp - deleted
C:\WINDOWS\temp\Urcr\ - deleted
C:\WINDOWS\temp\~VIS0000\ENGLISH.VLG - deleted
C:\WINDOWS\temp\~VIS0000\vise32.dll - deleted
C:\WINDOWS\temp\~VIS0000\x9232564.dll - deleted
C:\WINDOWS\temp\~VIS0000\ - deleted
C:\Dokumente und Einstellungen\LocalService\Cookies\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Dokumente und Einstellungen\LocalService\Cookies\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Dokumente und Einstellungen\Fred Künnemann\Cookies\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Dokumente und Einstellungen\Fred Künnemann\Cookies\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Dokumente und Einstellungen\Fred\Cookies\fred@1070847646[1].txt - deleted
C:\Dokumente und Einstellungen\Fred\Cookies\fred@forum[2].txt - deleted
C:\Dokumente und Einstellungen\Fred\Cookies\fred@google[1].txt - deleted
C:\Dokumente und Einstellungen\Fred\Cookies\fred@live[1].txt - deleted
C:\Dokumente und Einstellungen\Fred\Cookies\fred@microsoft[2].txt - deleted
C:\Dokumente und Einstellungen\Fred\Cookies\fred@msn[2].txt - deleted
C:\Dokumente und Einstellungen\Fred\Cookies\fred@pctools[1].txt - deleted
C:\Dokumente und Einstellungen\Fred\Cookies\fred@registryupdate[2].txt - deleted
C:\Dokumente und Einstellungen\Fred\Cookies\fred@survey[1].txt - deleted
C:\Dokumente und Einstellungen\Fred\Cookies\fred@www.avira[1].txt - deleted
C:\Dokumente und Einstellungen\Fred\Cookies\fred@www.dannyksters[1].txt - deleted
C:\Dokumente und Einstellungen\Fred\Cookies\fred@www.hacks4wbb[2].txt - deleted
C:\Dokumente und Einstellungen\Fred\Cookies\fred@www.microsoft[2].txt - deleted
C:\Dokumente und Einstellungen\Fred\Cookies\fred@www.primacom[2].txt - deleted
C:\Dokumente und Einstellungen\Fred\Cookies\index.dat - deleted
C:\Dokumente und Einstellungen\Fred\Cookies\MM2048.DAT - deleted
C:\Dokumente und Einstellungen\Fred\Cookies\MM256.DAT - deleted
C:\Dokumente und Einstellungen\Default User\Cookies\index.dat - deleted
C:\Dokumente und Einstellungen\Administrator\Cookies\index.dat - deleted
C:\WINDOWS\Prefetch\A.EXE-349D4D75.pf - deleted
C:\WINDOWS\Prefetch\ASSETUP.EXE-26058E6C.pf - deleted
C:\WINDOWS\Prefetch\AUTORUN.EXE-055703AF.pf - deleted
C:\WINDOWS\Prefetch\CMD.EXE-087B4001.pf - deleted
C:\WINDOWS\Prefetch\CRACK.EXE-2F6BEBCD.pf - deleted
C:\WINDOWS\Prefetch\DASETUP.EXE-0CF8583B.pf - deleted
C:\WINDOWS\Prefetch\DCSETUP.EXE-2565E8B0.pf - deleted
C:\WINDOWS\Prefetch\DRWTSN32.EXE-2B4B52AC.pf - deleted
C:\WINDOWS\Prefetch\ERASEME_53464.EXE-2EF29545.pf - deleted
C:\WINDOWS\Prefetch\FIREFOX.EXE-1D57670A.pf - deleted
C:\WINDOWS\Prefetch\FTP.EXE-0FFFB5A3.pf - deleted
C:\WINDOWS\Prefetch\FXSASSER.EXE-184EFB50.pf - deleted
C:\WINDOWS\Prefetch\GUARDGUI.EXE-1BD45C30.pf - deleted
C:\WINDOWS\Prefetch\HELPCTR.EXE-3862B6F5.pf - deleted
C:\WINDOWS\Prefetch\HELPSVC.EXE-2878DDA2.pf - deleted
C:\WINDOWS\Prefetch\IE6.0-KB834707-WINDOWSXP-X86--0A05863E.pf - deleted
C:\WINDOWS\Prefetch\IEXPLORE.EXE-2CA9778D.pf - deleted
C:\WINDOWS\Prefetch\IKERNEL.EXE-092EF074.pf - deleted
C:\WINDOWS\Prefetch\JS56NDE.EXE-0A10510B.pf - deleted
C:\WINDOWS\Prefetch\KASPERSKY PERSONAL SECURITY S-03FD3F1B.pf - deleted
C:\WINDOWS\Prefetch\LOGAGENT.EXE-027AF92B.pf - deleted
C:\WINDOWS\Prefetch\LOGON.SCR-151EFAEA.pf - deleted
C:\WINDOWS\Prefetch\LOGONUI.EXE-0AF22957.pf - deleted
C:\WINDOWS\Prefetch\MDAC_TYP.EXE-159C8058.pf - deleted
C:\WINDOWS\Prefetch\MRT.EXE-1B4A8D49.pf - deleted
C:\WINDOWS\Prefetch\MRTSTUB.EXE-05DEBFDF.pf - deleted
C:\WINDOWS\Prefetch\MSINFO32.EXE-20B2F2A1.pf - deleted
C:\WINDOWS\Prefetch\NOTEPAD.EXE-336351A9.pf - deleted
C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf - deleted
C:\WINDOWS\Prefetch\PCLESCHEDULER.EXE-1F268E86.pf - deleted
C:\WINDOWS\Prefetch\PCTVASSI.EXE-187FC67E.pf - deleted
C:\WINDOWS\Prefetch\PIXIETOOL.EXE-03F8F408.pf - deleted
C:\WINDOWS\Prefetch\Q323255_X86_DE.EXE-27D5C78B.pf - deleted
C:\WINDOWS\Prefetch\Q329048_XP.EXE-0C05766F.pf - deleted
C:\WINDOWS\Prefetch\Q329115_WXP_SP2_X86_DEU.EXE-370C062A.pf - deleted
C:\WINDOWS\Prefetch\Q329170_WXP_SP2_DE.EXE-17ACCDB4.pf - deleted
C:\WINDOWS\Prefetch\Q329390_WXP_SP2_X86_DEU.EXE-07BEC593.pf - deleted
C:\WINDOWS\Prefetch\Q329834_WXP_SP2_DE.EXE-31E27D75.pf - deleted
C:\WINDOWS\Prefetch\Q810577_WXP_DE.EXE-06CA8858.pf - deleted
C:\WINDOWS\Prefetch\Q810833_WXP_SP2_X86_DEU.EXE-2AF6C238.pf - deleted
C:\WINDOWS\Prefetch\Q811630_WXP_SP2_DE.EXE-0F4AC883.pf - deleted
C:\WINDOWS\Prefetch\Q817606_WXP_SP2_X86_DEU.EXE-11B2DF5E.pf - deleted
C:\WINDOWS\Prefetch\REGSVR32.EXE-25EEFE2F.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-1197B7C6.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-1245AEEA.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-128CE2BB.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-12A87056.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-15291BE5.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-1615DAB5.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-1940EEC4.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-19F57947.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-1A0D4B6C.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-1FECF7FB.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-25DB3D71.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-26DA8C9B.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-28033D36.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-287A0F19.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-2A59AA93.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-2F8AC90D.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-2FFA77CA.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-327D1112.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-32EF5B7A.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-33F6DC04.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-35AE65C8.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-35FEF084.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-37E068C5.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-3C651F02.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-40419843.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-451FC2C0.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-4688242C.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-47FB7F4D.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-48233408.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-491DAF22.pf - deleted
C:\WINDOWS\Prefetch\RUNONCE.EXE-2803F297.pf - deleted
C:\WINDOWS\Prefetch\SELECT.EXE-2CEAFCF2.pf - deleted
C:\WINDOWS\Prefetch\SERVER.EXE-34B50812.pf - deleted
C:\WINDOWS\Prefetch\SERVER.EXE-3659B8D3.pf - deleted
C:\WINDOWS\Prefetch\SETUP.EXE-0456E129.pf - deleted
C:\WINDOWS\Prefetch\SETUP_WM.EXE-19AC5A9B.pf - deleted
C:\WINDOWS\Prefetch\SETUP_WM.EXE-1E292C15.pf - deleted
C:\WINDOWS\Prefetch\TASKMGR.EXE-20256C55.pf - deleted
C:\WINDOWS\Prefetch\UNREGMP2.EXE-07CACB61.pf - deleted
C:\WINDOWS\Prefetch\UPDATE.EXE-025B95A2.pf - deleted
C:\WINDOWS\Prefetch\UPDATE.EXE-042ECCCD.pf - deleted
C:\WINDOWS\Prefetch\UPDATE.EXE-0CBBAC53.pf - deleted
C:\WINDOWS\Prefetch\UPDATE.EXE-0D15B016.pf - deleted
C:\WINDOWS\Prefetch\UPDATE.EXE-0DEEAD1D.pf - deleted
C:\WINDOWS\Prefetch\UPDATE.EXE-17763285.pf - deleted
C:\WINDOWS\Prefetch\UPDATE.EXE-18310A2E.pf - deleted
C:\WINDOWS\Prefetch\UPDATE.EXE-1E92CF35.pf - deleted
C:\WINDOWS\Prefetch\UPDATE.EXE-22058927.pf - deleted
C:\WINDOWS\Prefetch\UPDATE.EXE-25E499F8.pf - deleted
C:\WINDOWS\Prefetch\UPDATE.EXE-2730A3D4.pf - deleted
C:\WINDOWS\Prefetch\UPDATE.EXE-2BB0BA89.pf - deleted
C:\WINDOWS\Prefetch\UPDATE.EXE-314413D3.pf - deleted
C:\WINDOWS\Prefetch\UPDATE.EXE-3144EBBA.pf - deleted
C:\WINDOWS\Prefetch\UPDATE.EXE-35A08971.pf - deleted
C:\WINDOWS\Prefetch\VBI_SERVER4.EXE-17D97B1A.pf - deleted
C:\WINDOWS\Prefetch\VISION.EXE-1CB15153.pf - deleted
C:\WINDOWS\Prefetch\WIN32SSR.EXE-009C93FB.pf - deleted
C:\WINDOWS\Prefetch\WINDOWS-KB890830-V1.14.EXE-01D3C620.pf - deleted
C:\WINDOWS\Prefetch\WINDOWSXP-KB329441-X86-DEU.EX-29B8033A.pf - deleted
C:\WINDOWS\Prefetch\WINDOWSXP-KB823559-X86-DEU.EX-16B925C9.pf - deleted
C:\WINDOWS\Prefetch\WINDOWSXP-KB828741-X86-DEU.EX-3644C835.pf - deleted
C:\WINDOWS\Prefetch\WINDOWSXP-KB835732-X86-DEU.EX-18CC214F.pf - deleted
C:\WINDOWS\Prefetch\WINRAR.EXE-3588DFE8.pf - deleted
C:\WINDOWS\Prefetch\WMAD.EXE-167990A2.pf - deleted
C:\WINDOWS\Prefetch\WMFADIST.EXE-06BD0168.pf - deleted
C:\WINDOWS\Prefetch\WMFDIST.EXE-29ED9DB2.pf - deleted
C:\WINDOWS\Prefetch\WMIADAP.EXE-2DF425B2.pf - deleted
C:\WINDOWS\Prefetch\WMINF.EXE-2E4B976E.pf - deleted
C:\WINDOWS\Prefetch\WMIPRVSE.EXE-28F301A9.pf - deleted
C:\WINDOWS\Prefetch\WMPCDCS8.EXE-0457C785.pf - deleted
C:\WINDOWS\Prefetch\WMPLAYER.EXE-09969332.pf - deleted
C:\WINDOWS\Prefetch\WPABALN.EXE-18F87702.pf - deleted
C:\WINDOWS\Prefetch\WUAUCLT.EXE-399A8E72.pf - deleted
C:\WINDOWS\Prefetch\WUPDMGR.EXE-2F30BEAB.pf - deleted
C:\WINDOWS\Prefetch\XPSP1HFM.EXE-02B31A4B.pf - deleted
C:\WINDOWS\Prefetch\XPSP1HFM.EXE-0AC709D6.pf - deleted
C:\WINDOWS\Prefetch\XPSP1HFM.EXE-1A09EB80.pf - deleted
C:\WINDOWS\Prefetch\XPSP1HFM.EXE-1A10CB8D.pf - deleted
C:\WINDOWS\Prefetch\XPSP1HFM.EXE-1F962EBA.pf - deleted
C:\WINDOWS\Prefetch\XPSP1HFM.EXE-2F35B870.pf - deleted
C:\WINDOWS\Prefetch\XPSP1HFM.EXE-30A26AC0.pf - deleted
C:\WINDOWS\Prefetch\XPSP1HFM.EXE-320A19CD.pf - deleted
C:\WINDOWS\Prefetch\XPSP1HFM.EXE-35F1841D.pf - deleted
C:\WINDOWS\Prefetch\XPSP1HFM.EXE-370354F8.pf - deleted
C:\WINDOWS\Prefetch\XPSP1HFM.EXE-3731ECC3.pf - deleted
C:\WINDOWS\Prefetch\_WMANSCP.EXE-0864F798.pf - deleted
Telnet's MRU list - removed from the registry.
CleanUp! 4.0 recovered 142.7 MB of disk space from 2487 files.
CleanUp! finished on 03/27/06 18:07:49.

kann diese Hijackthis net entpacken ist ne Rar Datei, das hat bestimmt mit dem Virus zu tun.
Dannykster
 
Beiträge: 4
Registriert: 27.03.2006, 17:40
Wohnort: Magdeburg
Nach oben

Beitragvon Dannykster am 27.03.2006, 18:15

Und nochwas

Logfile of HijackThis v1.99.1
Scan saved at 18:14:29, on 27.3.2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\dnscntrl.exe
C:\WINDOWS\system32\mnmsrv.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\snmp.exe
C:\Programme\Webroot\Spy Sweeper\WRSSSDK.exe
C:\WINDOWS\win32ssr.exe
C:\WINDOWS\explorer.exe
C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe
C:\Programme\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\wpabaln.exe
C:\Programme\CleanUp!\Cleanup.exe
C:\Dokumente und Einstellungen\Fred Künnemann\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.primacom.de/
F2 - REG:system.ini: Shell=explorer.exe "C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\ibm00015.exe"
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Service startup] C:\WINDOWS\System32\svcgms32.exe
O4 - HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SpySweeper] "C:\Programme\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.de/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 3223203078
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 3260978842
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Network Browser (NBSystem) - Unknown owner - C:\WINDOWS\system32\nbsystem.exe (file missing)
O23 - Service: Network Monitor - Unknown owner - C:\Programme\Network Monitor\netmon.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Programme\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Programme\TuneUp Utilities 2006\WinStylerThemeSvc.exe
O23 - Service: Win32Sr - Unknown owner - C:\WINDOWS\win32ssr.exe
Dannykster
 
Beiträge: 4
Registriert: 27.03.2006, 17:40
Wohnort: Magdeburg
Nach oben

Beitragvon Nikita am 27.03.2006, 18:46

1.Kopiere hier diese 4 Textdateien. Sie sind nach Datum geordnet. (kopiere nur die letzten 3 Monate ab)
http://virus-protect.org/datfindbat.html

-------------------------------------------------------------------------

2.Download Registry Search by Bobbi Flekman
http://virus-protect.org/artikel/tools/regsearch.html
und doppelklicken, um zu starten. in: "Enter search strings" (reinschreiben oder reinkopieren)

Network Monitor

in edit und klicke "Ok".
Notepad wird sich oeffnen -- kopiere den Text ab und poste ihn.

in: "Enter search strings" (reinschreiben oder reinkopieren)

Network Browser

in edit und klicke "Ok".
Notepad wird sich oeffnen -- kopiere den Text ab und poste ihn.

in: "Enter search strings" (reinschreiben oder reinkopieren)

Win32Sr

in edit und klicke "Ok".
Notepad wird sich oeffnen -- kopiere den Text ab und poste ihn.

------------------------------------------------------------------------------------
3.Den folgenden Text in den Editor (Start - Zubehör - Editor) kopieren und als list.bat mit 'Speichern unter' auf dem Desktop. Gebe bei Dateityp 'Alle Dateien' an. Du solltest jetzt auf dem Desktop diese Datei finden.--> die list.bat doppelt klicken--> kopiere den Text, der erscheint
Code: Alles auswählen
cd\
dir "C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders" >> files.txt
dir "C:\Programme\Gemeinsame Dateien" >> files.txt
notepad files.txt
Nikita
Moderator
 
Beiträge: 11478
Registriert: 07.12.2003, 16:53
Wohnort: Lissabon
Nach oben
Antwort erstellen

Ähnliche Themen

Alle 10 Sek das Trojanische Pferd TR/Small.GS.2
Forum: Online- und PC-Sicherheit
Autor: Richard Ritter
Antworten:
Ständig Trojaner "Small" in allen Variationen
Forum: Online- und PC-Sicherheit
Autor: Asmodina
Antworten:
Temp\se.dll + TR/Dldr.Agent.BQ
Forum: Online- und PC-Sicherheit
Autor: Nikita
Antworten:
update von small business auf professional
Forum: Treiber-Hilfe
Autor: Isa99880
Antworten:
Trojanisches Pferd TR/Dldr.QDown.L
Forum: Online- und PC-Sicherheit
Autor: matzeee
Antworten:
Nach oben

Zurück zu Online- und PC-Sicherheit

Wer ist online?

Mitglieder in diesem Forum: 0 Mitglieder und 1 Gast

Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
Deutsche Übersetzung durch phpBB.de
phpBB SEO