Hi,
ich habe seit kurzem non-stop irgendwelche Fenster auf dem Monitor wie adultfinder und so..
Ist wohl ein Trojaner denkeich.
Bin recht neu im Geschäft. Was muß ich tun, um die loszuwerden ?
Warum kostenlos registrieren?
Nur als registriertes Mitglied hast Du vollen Zugriff auf alle Funktionen unserer Website. So kannst Du eigene Fragen stellen und hast die volle Übersicht über neue interessante Themen im Forum.
Jetzt kostenlos registrieren.
Login
Trojaner ?
8 Beiträge • Seite 1 von 1
von automatix am 10.10.2006, 23:25
Bitte mit Hijackthis scannen:
http://computercops.biz/zx/Merijn/hijackthis.zip
http://virus-protect.org/hjtkurz.html
Lade/entpacke HijackThis in einem Ordner
--> None of the above just start the program --> Save--> Savelog -->es öffnet sich der Editor
nun das KOMPLETTE Log mit rechtem Mausklick abkopieren und ins Forum mit rechtem Mausklick "einfügen"
Bebilderte Anleitung: http://hjt.klaffke.de/
http://computercops.biz/zx/Merijn/hijackthis.zip
http://virus-protect.org/hjtkurz.html
Lade/entpacke HijackThis in einem Ordner
--> None of the above just start the program --> Save--> Savelog -->es öffnet sich der Editor
nun das KOMPLETTE Log mit rechtem Mausklick abkopieren und ins Forum mit rechtem Mausklick "einfügen"
Bebilderte Anleitung: http://hjt.klaffke.de/
- automatix
- Administrator
- Beiträge: 14572
- Registriert: 12.09.2004, 13:58
- Wohnort: 95138 Bad Steben
Hijack Protokoll
von burt4711 am 22.10.2006, 19:28
Logfile of HijackThis v1.99.1
Scan saved at 19:26:40, on 22.10.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programme\CyberLink\PowerDVD\PDVDServ.exe
C:\Programme\Lexmark X1100 Series\lxbkbmgr.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0P1.EXE
C:\Programme\Java\jre1.5.0_06\bin\jusched.exe
C:\Programme\Lexmark X1100 Series\lxbkbmon.exe
D:\CloneCD\CloneCDTray.exe
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
D:\NetPumper\NetPumperIEProxy.exe
C:\Programme\Internet Explorer\iexplore.exe
D:\Programme\ICQLite\ICQLite.exe
D:\Programme\Winamp\winampa.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Google\Google Desktop Search\GoogleDesktop.exe
D:\spiele\half-life ii\steam.exe
C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
c:\progra~1\intern~1\iexplore.exe
C:\Programme\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
C:\PROGRA~1\MICROS~2\Office10\OUTLOOK.EXE
C:\Programme\Messenger\msmsgs.exe
C:\Programme\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Programme\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe
C:\Programme\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\AntiVir PersonalEdition Classic\avcenter.exe
D:\Downloads\s-11\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.t-online.de/
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - D:\Programme\ICQToolbar\toolbaru.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1291E4B5-BB7D-76EE-E679-2B77393CD802} - C:\DOKUME~1\Oliver\ANWEND~1\SOFTON~1\MOVE SITE.exe
O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - C:\Programme\Need2Find\bar\2.bin\ND2FNBAR.DLL (file missing)
O2 - BHO: RXResultTracker Class - {59879FA4-4790-461c-A1CC-4EC4DE4CA483} - C:\PROGRA~1\RXTOOL~1\sfcont.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar2.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - D:\Programme\ICQToolbar\toolbaru.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] C:\Programme\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Programme\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [EPSON PictureMate] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0P1.EXE /P17 "EPSON PictureMate" /O6 "USB002" /M "PictureMate"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [ToADiMon.exe] C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\ToADiMon.exe -TOnlineAutodialStart
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [CloneCDTray] "D:\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NetPumper] "D:\NetPumper\NetPumperIEProxy.exe"
O4 - HKLM\..\Run: [Aim drive 1 online] C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Error This Aim Drive\Funk Each.exe
O4 - HKLM\..\Run: [KAZAA] C:\Programme\Kazaa\Kazaa.exe /SYSTRAY
O4 - HKLM\..\Run: [ICQ Lite] "D:\Programme\ICQLite\ICQLite.exe" -minimize
O4 - HKLM\..\Run: [WinampAgent] D:\Programme\Winamp\winampa.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Desktop Search] "C:\Programme\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [T-Online_Software_6\WLAN-Access Finder] C:\Programme\T-Online\WLAN-Access Finder\ToWLaAcF.exe /StartMinimized
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programme\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Steam] "d:\spiele\half-life ii\steam.exe" -silent
O4 - HKCU\..\Run: [bowsinternet] C:\DOKUME~1\Oliver\ANWEND~1\LITECL~1\data find dale.exe
O4 - HKCU\..\Run: [tbon] C:\Programme\TBONBin\tbon.exe /r
O4 - HKCU\..\Run: [LDM] C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
O4 - HKCU\..\RunOnce: [ICQ Lite] D:\Programme\ICQLite\ICQLite.exe -trayboot
O8 - Extra context menu item: &ICQ Toolbar Search - res://D:\Programme\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: &Search - http://ku.bar.need2find.com/KU/menusearch.html?p=KU
O8 - Extra context menu item: Download with NetPumper - D:\NetPumper\AddUrl.htm
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = PC
O17 - HKLM\Software\..\Telephony: DomainName = PC
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = PC
O18 - Protocol: bw+0 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - C:\PROGRA~1\RXTOOL~1\sfcont.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Programme\Gemeinsame Dateien\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pdowsm - Unknown owner - (no file)
Scan saved at 19:26:40, on 22.10.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programme\CyberLink\PowerDVD\PDVDServ.exe
C:\Programme\Lexmark X1100 Series\lxbkbmgr.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0P1.EXE
C:\Programme\Java\jre1.5.0_06\bin\jusched.exe
C:\Programme\Lexmark X1100 Series\lxbkbmon.exe
D:\CloneCD\CloneCDTray.exe
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
D:\NetPumper\NetPumperIEProxy.exe
C:\Programme\Internet Explorer\iexplore.exe
D:\Programme\ICQLite\ICQLite.exe
D:\Programme\Winamp\winampa.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Google\Google Desktop Search\GoogleDesktop.exe
D:\spiele\half-life ii\steam.exe
C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
c:\progra~1\intern~1\iexplore.exe
C:\Programme\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
C:\PROGRA~1\MICROS~2\Office10\OUTLOOK.EXE
C:\Programme\Messenger\msmsgs.exe
C:\Programme\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Programme\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe
C:\Programme\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\AntiVir PersonalEdition Classic\avcenter.exe
D:\Downloads\s-11\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.t-online.de/
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - D:\Programme\ICQToolbar\toolbaru.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1291E4B5-BB7D-76EE-E679-2B77393CD802} - C:\DOKUME~1\Oliver\ANWEND~1\SOFTON~1\MOVE SITE.exe
O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - C:\Programme\Need2Find\bar\2.bin\ND2FNBAR.DLL (file missing)
O2 - BHO: RXResultTracker Class - {59879FA4-4790-461c-A1CC-4EC4DE4CA483} - C:\PROGRA~1\RXTOOL~1\sfcont.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar2.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - D:\Programme\ICQToolbar\toolbaru.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] C:\Programme\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Programme\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [EPSON PictureMate] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0P1.EXE /P17 "EPSON PictureMate" /O6 "USB002" /M "PictureMate"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [ToADiMon.exe] C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\ToADiMon.exe -TOnlineAutodialStart
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [CloneCDTray] "D:\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NetPumper] "D:\NetPumper\NetPumperIEProxy.exe"
O4 - HKLM\..\Run: [Aim drive 1 online] C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Error This Aim Drive\Funk Each.exe
O4 - HKLM\..\Run: [KAZAA] C:\Programme\Kazaa\Kazaa.exe /SYSTRAY
O4 - HKLM\..\Run: [ICQ Lite] "D:\Programme\ICQLite\ICQLite.exe" -minimize
O4 - HKLM\..\Run: [WinampAgent] D:\Programme\Winamp\winampa.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Desktop Search] "C:\Programme\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [T-Online_Software_6\WLAN-Access Finder] C:\Programme\T-Online\WLAN-Access Finder\ToWLaAcF.exe /StartMinimized
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programme\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Steam] "d:\spiele\half-life ii\steam.exe" -silent
O4 - HKCU\..\Run: [bowsinternet] C:\DOKUME~1\Oliver\ANWEND~1\LITECL~1\data find dale.exe
O4 - HKCU\..\Run: [tbon] C:\Programme\TBONBin\tbon.exe /r
O4 - HKCU\..\Run: [LDM] C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
O4 - HKCU\..\RunOnce: [ICQ Lite] D:\Programme\ICQLite\ICQLite.exe -trayboot
O8 - Extra context menu item: &ICQ Toolbar Search - res://D:\Programme\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: &Search - http://ku.bar.need2find.com/KU/menusearch.html?p=KU
O8 - Extra context menu item: Download with NetPumper - D:\NetPumper\AddUrl.htm
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = PC
O17 - HKLM\Software\..\Telephony: DomainName = PC
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = PC
O18 - Protocol: bw+0 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {F1588B34-9918-432C-ACC1-1A3C1789BFF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - C:\PROGRA~1\RXTOOL~1\sfcont.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Programme\Gemeinsame Dateien\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pdowsm - Unknown owner - (no file)
- burt4711
- Beiträge: 13
- Registriert: 07.07.2006, 14:57
von Nikita am 25.10.2006, 15:28
der Swizzor-Trojaner..........
1.
Cleanup anwenden
http://virus-protect.org/cleanup.html
2.
Den folgenden Text in den Editor (Start - Zubehör - Editor) kopieren und als listen.bat mit 'Speichern unter' auf dem Desktop. Gebe bei Dateityp 'Alle Dateien' an. Du solltest jetzt auf dem Desktop diese Datei finden. --> die listen.bat doppelt klicken--> kopiere den Text, der erscheint
1.
Cleanup anwenden
http://virus-protect.org/cleanup.html
2.
Den folgenden Text in den Editor (Start - Zubehör - Editor) kopieren und als listen.bat mit 'Speichern unter' auf dem Desktop. Gebe bei Dateityp 'Alle Dateien' an. Du solltest jetzt auf dem Desktop diese Datei finden. --> die listen.bat doppelt klicken--> kopiere den Text, der erscheint
cd\
dir "C:\WINDOWS\Downloaded Program Files" >>files.txt
dir "C:\Programme\Common Files" >>files.txt
dir "C:\Dokumente und Einstellungen\%UserName%" >>files.txt
dir "C:\Dokumente und Einstellungen\%UserName%\Eigene Dateien" >>files.txt
dir "C:\Program Files" >>files.txt
dir "C:\Dokumente und Einstellungen\%UserName%\Lokale Einstellungen\Temp" >>files.txt
dir "C:\WINDOWS\Temp" >>files.txt
dir "C:\Temp" >>files.txt
dir "C:\Programme" >>files.txt
dir "C:\Dokumente und Einstellungen\%UserName%\Lokale Einstellungen\Anwendungsdaten" >>files.txt
dir "C:\Dokumente und Einstellungen\%UserName%\Anwendungsdaten" >>files.txt
dir "C:\Dokumente und Einstellungen\All Users\Anwendungsdaten" >>files.txt
dir "C:\Programme\Gemeinsame Dateien" >>files.txt
dir "C:Windows\tasks" >>files.txt
notepad files.txt
- Nikita
- Moderator
- Beiträge: 11478
- Registriert: 07.12.2003, 16:53
- Wohnort: Lissabon
listen.bat
von burt4711 am 25.10.2006, 20:02
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D41F-02AB
Verzeichnis von C:\Programme
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D41F-02AB
Verzeichnis von C:\Programme\Need2Find\bar\2.bin
26.05.2006 18:29 <DIR> .
26.05.2006 18:29 <DIR> ..
26.05.2006 18:29 4.793 N2FFXTBR.JAR
26.05.2006 18:29 4.928 N2NTSTBR.JAR
26.05.2006 18:29 45.056 N2PLUGIN.DLL
26.05.2006 18:29 233.472 ND2FNBAR.DLL
26.05.2006 18:29 24.576 NPND2FN.DLL
26.05.2006 18:29 167 PARTNER.DAT
6 Datei(en) 312.992 Bytes
2 Verzeichnis(se), 3.561.594.880 Bytes frei
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D41F-02AB
Verzeichnis von C:\Programme\Need2Find\bar
26.05.2006 18:29 <DIR> .
26.05.2006 18:29 <DIR> ..
26.05.2006 18:29 <DIR> 2.bin
13.12.2005 12:23 <DIR> Cache
02.12.2005 19:08 <DIR> History
02.12.2005 19:08 <DIR> Settings
0 Datei(en) 0 Bytes
6 Verzeichnis(se), 3.561.590.784 Bytes frei
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D41F-02AB
Verzeichnis von C:\Programme\Need2Find
02.12.2005 19:03 <DIR> .
02.12.2005 19:03 <DIR> ..
26.05.2006 18:29 <DIR> bar
0 Datei(en) 0 Bytes
3 Verzeichnis(se), 3.561.590.784 Bytes frei
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D41F-02AB
Verzeichnis von C:\WINDOWS\Temp
14.07.2006 18:10 <DIR> .
14.07.2006 18:10 <DIR> ..
14.07.2006 18:10 40.960 rtdrvmon.exe
1 Datei(en) 40.960 Bytes
2 Verzeichnis(se), 3.561.590.784 Bytes frei
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D41F-02AB
Verzeichnis von C:\Temp
03.12.2005 19:54 <DIR> .
03.12.2005 19:54 <DIR> ..
0 Datei(en) 0 Bytes
2 Verzeichnis(se), 3.561.590.784 Bytes frei
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D41F-02AB
Verzeichnis von C:\Programme
12.07.2006 17:59 <DIR> .
12.07.2006 17:59 <DIR> ..
05.02.2006 15:46 <DIR> Adobe
13.11.2005 15:19 <DIR> Adventure Soft
09.11.2005 18:14 <DIR> Ahead
14.04.2006 14:55 <DIR> Alcohol Soft
09.11.2005 17:37 <DIR> AMD
28.03.2006 20:20 <DIR> Anti-Leech
18.05.2006 19:29 <DIR> AntiVir PersonalEdition Classic
16.02.2006 20:47 <DIR> Avanquest update
09.11.2005 17:37 <DIR> AvRack
10.07.2006 18:10 <DIR> CleanUp!
09.04.2006 21:20 <DIR> Common Files
09.11.2005 17:14 <DIR> ComPlus Applications
09.11.2005 18:25 <DIR> CyberLink
27.11.2005 20:56 <DIR> directx
03.04.2006 17:30 <DIR> ElsterFormular2005
13.11.2005 16:13 <DIR> EPSON
31.05.2006 19:44 <DIR> Gemeinsame Dateien
02.05.2006 21:03 <DIR> Google
02.04.2006 22:43 <DIR> HbTools_Icons
01.07.2006 19:05 <DIR> Internet Explorer
10.03.2006 18:19 <DIR> Java
02.04.2006 13:05 <DIR> Lexmark X1100 Series
20.05.2006 17:08 <DIR> Lite Clock Wave
31.05.2006 19:45 <DIR> Logitech
07.12.2005 21:33 <DIR> Matrix
01.12.2005 15:11 <DIR> Messenger
09.11.2005 17:17 <DIR> microsoft frontpage
02.12.2005 17:28 <DIR> Microsoft Office
16.02.2006 20:47 <DIR> Motorola Phone Tools
09.11.2005 17:15 <DIR> Movie Maker
13.11.2005 20:13 <DIR> Mplayer
09.11.2005 17:13 <DIR> MSN
09.11.2005 17:14 <DIR> MSN Gaming Zone
31.05.2006 19:46 <DIR> MUSICMATCH
02.12.2005 19:03 <DIR> Need2Find
13.11.2005 20:56 <DIR> NETGEAR
09.11.2005 17:15 <DIR> NetMeeting
20.05.2006 17:08 <DIR> NetPumper
09.11.2005 17:14 <DIR> Online Services
09.11.2005 17:15 <DIR> Online-Dienste
13.04.2006 20:22 <DIR> Outlook Express
27.12.2005 21:56 <DIR> Pinnacle
09.11.2005 17:37 <DIR> Realtek Sound Manager
20.11.2005 18:38 <DIR> Sierra On-Line
27.12.2005 20:28 <DIR> SigmaTel
27.12.2005 22:04 <DIR> SmartSound Software
13.12.2005 23:38 <DIR> T-Online
27.05.2006 14:05 <DIR> TBONBin
09.07.2006 19:00 <DIR> THQ
18.01.2006 22:28 <DIR> thriXXX
12.11.2005 18:51 <DIR> Ubi Soft
04.03.2006 21:07 <DIR> VideoLAN
06.04.2006 20:25 <DIR> Weight Watchers FlexPoints
29.12.2005 22:58 <DIR> WinAce
11.04.2006 19:12 <DIR> WinAntiVirus Pro 2006
13.11.2005 16:01 <DIR> Windows Media Components
18.02.2006 15:52 <DIR> Windows Media Player
09.11.2005 17:14 <DIR> Windows NT
20.11.2005 18:23 <DIR> WinZip
09.11.2005 17:17 <DIR> xerox
0 Datei(en) 0 Bytes
62 Verzeichnis(se), 3.561.586.688 Bytes frei
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D41F-02AB
Verzeichnis von C:\Programme\NetPumper
20.05.2006 17:08 <DIR> .
20.05.2006 17:08 <DIR> ..
09.04.2002 14:18 819 AddUrl.htm
20.05.2006 17:08 <DIR> Anti-Leech
20.05.2006 17:08 <DIR> help
23.11.2005 23:46 2.249.728 NetPumper.exe
03.07.2004 21:06 704.000 NetPumperIEProxy.exe
07.03.2004 07:05 648.192 NetPumperNNProxy.dll
06.03.2004 10:08 124.928 NPNetPumper_Application.dll
06.03.2004 10:08 124.416 NPNetPumper_Audio.dll
06.03.2004 10:08 124.416 NPNetPumper_Video.dll
28.09.2005 00:57 14.327 README.txt
06.03.2004 10:09 114.176 shutdown.exe
06.03.2004 10:12 486.400 TurnLog.exe
20.05.2006 17:08 9.446 unins000.dat
20.05.2006 17:08 72.884 unins000.exe
08.02.2005 02:50 36 x.bat
20.05.2006 17:08 <DIR> ZM
13 Datei(en) 4.673.768 Bytes
5 Verzeichnis(se), 3.561.586.688 Bytes frei
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D41F-02AB
Verzeichnis von C:\Dokumente und Einstellungen\Oliver\Anwendungsdaten\Lite Clock Wave
20.05.2006 17:08 <DIR> .
20.05.2006 17:08 <DIR> ..
20.05.2006 17:08 10.498 base less flap.exe
28.03.2006 20:20 365.403 czmaqoqc.exe
20.05.2006 17:08 201.314 data find dale.exe
28.03.2006 20:23 365.403 datrpfex.exe
20.05.2006 17:08 368.582 gyiqpboc.exe
29.03.2006 20:23 365.403 jocntrdu.exe
20.05.2006 12:04 368.582 oxogrlby.exe
7 Datei(en) 2.045.185 Bytes
2 Verzeichnis(se), 3.561.586.688 Bytes frei
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D41F-02AB
Verzeichnis von C:\Dokumente und Einstellungen\Oliver\Anwendungsdaten\NetPumper
07.07.2006 15:22 <DIR> .
07.07.2006 15:22 <DIR> ..
07.07.2006 15:22 15.570 Oliver.1.ini
10.07.2006 18:33 18.925 Oliver.2.ini
07.07.2006 15:22 32.182 Oliver.ini
3 Datei(en) 66.677 Bytes
2 Verzeichnis(se), 3.561.586.688 Bytes frei
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D41F-02AB
Verzeichnis von C:\Dokumente und Einstellungen\Oliver\Anwendungsdaten\Soft One Noun
20.05.2006 17:09 <DIR> .
20.05.2006 17:09 <DIR> ..
20.05.2006 17:08 15.526 MOVE SITE.exe
1 Datei(en) 15.526 Bytes
2 Verzeichnis(se), 3.561.582.592 Bytes frei
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D41F-02AB
Verzeichnis von C:\Dokumente und Einstellungen\Oliver\Anwendungsdaten\WinAntiVirus Pro 2006
09.04.2006 21:20 <DIR> .
09.04.2006 21:20 <DIR> ..
09.04.2006 21:20 <DIR> Logs
09.04.2006 21:54 3.072 PGE.dat
1 Datei(en) 3.072 Bytes
3 Verzeichnis(se), 3.561.582.592 Bytes frei
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D41F-02AB
Verzeichnis von C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Error This Aim Drive
20.05.2006 17:08 <DIR> .
20.05.2006 17:08 <DIR> ..
20.05.2006 17:08 368.582 Build pure.exe
20.05.2006 12:04 368.582 FOUR MFCD.exe
28.03.2006 20:23 365.403 GLUE FILM.exe
29.03.2006 20:23 365.403 Readmeblue.exe
4 Datei(en) 1.467.970 Bytes
2 Verzeichnis(se), 3.561.582.592 Bytes frei
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D41F-02AB
Verzeichnis von C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WinAntiVirus Pro 2006
09.04.2006 21:20 <DIR> .
09.04.2006 21:20 <DIR> ..
0 Datei(en) 0 Bytes
2 Verzeichnis(se), 3.561.582.592 Bytes frei
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D41F-02AB
Verzeichnis von C:\Programme\Gemeinsame Dateien\WinAntiVirus Pro 2006
09.04.2006 21:19 <DIR> .
09.04.2006 21:19 <DIR> ..
19.12.2005 10:37 48.128 WapCHK.dll
1 Datei(en) 48.128 Bytes
2 Verzeichnis(se), 3.561.582.592 Bytes frei
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D41F-02AB
Verzeichnis von C:\Programme\Common Files\Companion Wizard
10.07.2006 17:58 <DIR> .
10.07.2006 17:58 <DIR> ..
09.04.2006 21:20 48.128 WapCHK.dll
1 Datei(en) 48.128 Bytes
2 Verzeichnis(se), 3.561.582.592 Bytes frei
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D41F-02AB
Verzeichnis von C:\Programme\WinAntiVirus Pro 2006
11.04.2006 19:12 <DIR> .
11.04.2006 19:12 <DIR> ..
09.04.2006 21:54 13.312 history.db
1 Datei(en) 13.312 Bytes
2 Verzeichnis(se), 3.561.582.592 Bytes frei
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D41F-02AB
Verzeichnis von C:\Programme\Need2Find\bar
26.05.2006 18:29 <DIR> .
26.05.2006 18:29 <DIR> ..
26.05.2006 18:29 <DIR> 2.bin
13.12.2005 12:23 <DIR> Cache
02.12.2005 19:08 <DIR> History
02.12.2005 19:08 <DIR> Settings
0 Datei(en) 0 Bytes
6 Verzeichnis(se), 3.521.232.896 Bytes frei
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D41F-02AB
Verzeichnis von C:\Programme\NetPumper\Anti-Leech
20.05.2006 17:08 <DIR> .
20.05.2006 17:08 <DIR> ..
27.09.2005 00:48 244.167 ALPlugin-setup.exe
27.09.2005 00:47 261.740 ALPluginIE-1.0.2.2-setup.exe
16.04.2005 22:35 773 LICENSE.txt
3 Datei(en) 506.680 Bytes
2 Verzeichnis(se), 3.521.232.896 Bytes frei
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D41F-02AB
Verzeichnis von C:\Programme\NetPumper\help
20.05.2006 17:08 <DIR> .
20.05.2006 17:08 <DIR> ..
05.05.2004 05:44 9.286 compat.htm
05.05.2004 05:50 7.342 details.htm
03.07.2004 22:51 3.570 features.htm
20.05.2006 17:08 <DIR> images
05.05.2004 05:27 7.787 index.htm
02.07.2004 14:34 40.835 mainwin.htm
13.04.2003 17:33 178 nphelp.css
27.09.2005 16:28 31.958 prefwindow.htm
05.05.2004 05:48 9.561 register.htm
05.05.2004 05:47 14.183 schedwin.htm
04.08.2004 04:35 30.219 tips.htm
10 Datei(en) 154.919 Bytes
3 Verzeichnis(se), 3.521.228.800 Bytes frei
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D41F-02AB
Verzeichnis von C:\Programme\NetPumper\ZM
20.05.2006 17:08 <DIR> .
20.05.2006 17:08 <DIR> ..
07.11.2005 10:13 14.658 NP_0132_1.exe
1 Datei(en) 14.658 Bytes
2 Verzeichnis(se), 3.521.228.800 Bytes frei
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D41F-02AB
Verzeichnis von C:\Programme\TBONBin
27.05.2006 14:05 <DIR> .
27.05.2006 14:05 <DIR> ..
26.05.2006 18:28 83.456 tbon.exe
14.07.2006 22:26 45 tboninst.cfg
01.02.2005 17:07 86.528 TBONWnd.EXE
26.05.2006 18:28 83.456 Uninstall.exe
4 Datei(en) 253.485 Bytes
2 Verzeichnis(se), 3.521.228.800 Bytes frei
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D41F-02AB
Verzeichnis von C:\Programme\Anti-Leech
28.03.2006 20:20 <DIR> .
28.03.2006 20:20 <DIR> ..
20.05.2006 17:08 <DIR> ALIE_1.0.2.2
27.09.2005 00:44 <DIR> ALNN
0 Datei(en) 0 Bytes
4 Verzeichnis(se), 3.521.228.800 Bytes frei
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D41F-02AB
Verzeichnis von C:\Programme\HbTools_Icons
02.04.2006 22:43 <DIR> .
02.04.2006 22:43 <DIR> ..
02.02.2006 18:01 3.262 Jamster2.ico
19.02.2006 17:17 3.262 lw_JAMSTmzmCC_DE_a_ICON.ico
2 Datei(en) 6.524 Bytes
2 Verzeichnis(se), 3.521.228.800 Bytes frei
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D41F-02AB
Verzeichnis von C:\Programme\Lite Clock Wave
20.05.2006 17:08 <DIR> .
20.05.2006 17:08 <DIR> ..
0 Datei(en) 0 Bytes
2 Verzeichnis(se), 3.521.228.800 Bytes frei
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D41F-02AB
Verzeichnis von C:\WINDOWS\Downloaded Program Files
15.09.2004 11:20 740 jinstall-1_5_0.inf
27.03.2006 13:00 5.019 swflash.inf
2 Datei(en) 5.759 Bytes
0 Verzeichnis(se), 5.717.590.016 Bytes frei
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D41F-02AB
Verzeichnis von C:\Programme\Common Files
09.04.2006 21:20 <DIR> .
09.04.2006 21:20 <DIR> ..
15.07.2006 18:22 <DIR> Companion Wizard
0 Datei(en) 0 Bytes
3 Verzeichnis(se), 5.717.590.016 Bytes frei
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D41F-02AB
Verzeichnis von C:\Dokumente und Einstellungen\Oliver
22.10.2006 21:11 <DIR> .
22.10.2006 21:11 <DIR> ..
16.02.2006 20:45 7.194 1155497109-oem18.inf
16.02.2006 20:45 14.302 1155497109-oem18.PNF
16.02.2006 20:45 5.877 1155497109-oem19.inf
16.02.2006 20:45 12.836 1155497109-oem19.PNF
16.02.2006 20:45 5.798 1155497109-oem20.inf
16.02.2006 20:45 12.482 1155497109-oem20.PNF
26.02.2006 14:52 <DIR> Application Data
02.04.2006 22:18 104 default.pls
25.10.2006 19:58 <DIR> Desktop
09.07.2006 19:02 <DIR> Eigene Dateien
29.09.2006 14:16 <DIR> Favoriten
04.03.2006 13:13 75 LuResult.txt
13.08.2006 21:25 27.952 Motorola_Driver_Log.txt
13.11.2005 20:05 <DIR> Startmen
Volumeseriennummer: D41F-02AB
Verzeichnis von C:\Programme
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D41F-02AB
Verzeichnis von C:\Programme\Need2Find\bar\2.bin
26.05.2006 18:29 <DIR> .
26.05.2006 18:29 <DIR> ..
26.05.2006 18:29 4.793 N2FFXTBR.JAR
26.05.2006 18:29 4.928 N2NTSTBR.JAR
26.05.2006 18:29 45.056 N2PLUGIN.DLL
26.05.2006 18:29 233.472 ND2FNBAR.DLL
26.05.2006 18:29 24.576 NPND2FN.DLL
26.05.2006 18:29 167 PARTNER.DAT
6 Datei(en) 312.992 Bytes
2 Verzeichnis(se), 3.561.594.880 Bytes frei
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D41F-02AB
Verzeichnis von C:\Programme\Need2Find\bar
26.05.2006 18:29 <DIR> .
26.05.2006 18:29 <DIR> ..
26.05.2006 18:29 <DIR> 2.bin
13.12.2005 12:23 <DIR> Cache
02.12.2005 19:08 <DIR> History
02.12.2005 19:08 <DIR> Settings
0 Datei(en) 0 Bytes
6 Verzeichnis(se), 3.561.590.784 Bytes frei
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D41F-02AB
Verzeichnis von C:\Programme\Need2Find
02.12.2005 19:03 <DIR> .
02.12.2005 19:03 <DIR> ..
26.05.2006 18:29 <DIR> bar
0 Datei(en) 0 Bytes
3 Verzeichnis(se), 3.561.590.784 Bytes frei
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D41F-02AB
Verzeichnis von C:\WINDOWS\Temp
14.07.2006 18:10 <DIR> .
14.07.2006 18:10 <DIR> ..
14.07.2006 18:10 40.960 rtdrvmon.exe
1 Datei(en) 40.960 Bytes
2 Verzeichnis(se), 3.561.590.784 Bytes frei
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D41F-02AB
Verzeichnis von C:\Temp
03.12.2005 19:54 <DIR> .
03.12.2005 19:54 <DIR> ..
0 Datei(en) 0 Bytes
2 Verzeichnis(se), 3.561.590.784 Bytes frei
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D41F-02AB
Verzeichnis von C:\Programme
12.07.2006 17:59 <DIR> .
12.07.2006 17:59 <DIR> ..
05.02.2006 15:46 <DIR> Adobe
13.11.2005 15:19 <DIR> Adventure Soft
09.11.2005 18:14 <DIR> Ahead
14.04.2006 14:55 <DIR> Alcohol Soft
09.11.2005 17:37 <DIR> AMD
28.03.2006 20:20 <DIR> Anti-Leech
18.05.2006 19:29 <DIR> AntiVir PersonalEdition Classic
16.02.2006 20:47 <DIR> Avanquest update
09.11.2005 17:37 <DIR> AvRack
10.07.2006 18:10 <DIR> CleanUp!
09.04.2006 21:20 <DIR> Common Files
09.11.2005 17:14 <DIR> ComPlus Applications
09.11.2005 18:25 <DIR> CyberLink
27.11.2005 20:56 <DIR> directx
03.04.2006 17:30 <DIR> ElsterFormular2005
13.11.2005 16:13 <DIR> EPSON
31.05.2006 19:44 <DIR> Gemeinsame Dateien
02.05.2006 21:03 <DIR> Google
02.04.2006 22:43 <DIR> HbTools_Icons
01.07.2006 19:05 <DIR> Internet Explorer
10.03.2006 18:19 <DIR> Java
02.04.2006 13:05 <DIR> Lexmark X1100 Series
20.05.2006 17:08 <DIR> Lite Clock Wave
31.05.2006 19:45 <DIR> Logitech
07.12.2005 21:33 <DIR> Matrix
01.12.2005 15:11 <DIR> Messenger
09.11.2005 17:17 <DIR> microsoft frontpage
02.12.2005 17:28 <DIR> Microsoft Office
16.02.2006 20:47 <DIR> Motorola Phone Tools
09.11.2005 17:15 <DIR> Movie Maker
13.11.2005 20:13 <DIR> Mplayer
09.11.2005 17:13 <DIR> MSN
09.11.2005 17:14 <DIR> MSN Gaming Zone
31.05.2006 19:46 <DIR> MUSICMATCH
02.12.2005 19:03 <DIR> Need2Find
13.11.2005 20:56 <DIR> NETGEAR
09.11.2005 17:15 <DIR> NetMeeting
20.05.2006 17:08 <DIR> NetPumper
09.11.2005 17:14 <DIR> Online Services
09.11.2005 17:15 <DIR> Online-Dienste
13.04.2006 20:22 <DIR> Outlook Express
27.12.2005 21:56 <DIR> Pinnacle
09.11.2005 17:37 <DIR> Realtek Sound Manager
20.11.2005 18:38 <DIR> Sierra On-Line
27.12.2005 20:28 <DIR> SigmaTel
27.12.2005 22:04 <DIR> SmartSound Software
13.12.2005 23:38 <DIR> T-Online
27.05.2006 14:05 <DIR> TBONBin
09.07.2006 19:00 <DIR> THQ
18.01.2006 22:28 <DIR> thriXXX
12.11.2005 18:51 <DIR> Ubi Soft
04.03.2006 21:07 <DIR> VideoLAN
06.04.2006 20:25 <DIR> Weight Watchers FlexPoints
29.12.2005 22:58 <DIR> WinAce
11.04.2006 19:12 <DIR> WinAntiVirus Pro 2006
13.11.2005 16:01 <DIR> Windows Media Components
18.02.2006 15:52 <DIR> Windows Media Player
09.11.2005 17:14 <DIR> Windows NT
20.11.2005 18:23 <DIR> WinZip
09.11.2005 17:17 <DIR> xerox
0 Datei(en) 0 Bytes
62 Verzeichnis(se), 3.561.586.688 Bytes frei
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D41F-02AB
Verzeichnis von C:\Programme\NetPumper
20.05.2006 17:08 <DIR> .
20.05.2006 17:08 <DIR> ..
09.04.2002 14:18 819 AddUrl.htm
20.05.2006 17:08 <DIR> Anti-Leech
20.05.2006 17:08 <DIR> help
23.11.2005 23:46 2.249.728 NetPumper.exe
03.07.2004 21:06 704.000 NetPumperIEProxy.exe
07.03.2004 07:05 648.192 NetPumperNNProxy.dll
06.03.2004 10:08 124.928 NPNetPumper_Application.dll
06.03.2004 10:08 124.416 NPNetPumper_Audio.dll
06.03.2004 10:08 124.416 NPNetPumper_Video.dll
28.09.2005 00:57 14.327 README.txt
06.03.2004 10:09 114.176 shutdown.exe
06.03.2004 10:12 486.400 TurnLog.exe
20.05.2006 17:08 9.446 unins000.dat
20.05.2006 17:08 72.884 unins000.exe
08.02.2005 02:50 36 x.bat
20.05.2006 17:08 <DIR> ZM
13 Datei(en) 4.673.768 Bytes
5 Verzeichnis(se), 3.561.586.688 Bytes frei
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D41F-02AB
Verzeichnis von C:\Dokumente und Einstellungen\Oliver\Anwendungsdaten\Lite Clock Wave
20.05.2006 17:08 <DIR> .
20.05.2006 17:08 <DIR> ..
20.05.2006 17:08 10.498 base less flap.exe
28.03.2006 20:20 365.403 czmaqoqc.exe
20.05.2006 17:08 201.314 data find dale.exe
28.03.2006 20:23 365.403 datrpfex.exe
20.05.2006 17:08 368.582 gyiqpboc.exe
29.03.2006 20:23 365.403 jocntrdu.exe
20.05.2006 12:04 368.582 oxogrlby.exe
7 Datei(en) 2.045.185 Bytes
2 Verzeichnis(se), 3.561.586.688 Bytes frei
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D41F-02AB
Verzeichnis von C:\Dokumente und Einstellungen\Oliver\Anwendungsdaten\NetPumper
07.07.2006 15:22 <DIR> .
07.07.2006 15:22 <DIR> ..
07.07.2006 15:22 15.570 Oliver.1.ini
10.07.2006 18:33 18.925 Oliver.2.ini
07.07.2006 15:22 32.182 Oliver.ini
3 Datei(en) 66.677 Bytes
2 Verzeichnis(se), 3.561.586.688 Bytes frei
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D41F-02AB
Verzeichnis von C:\Dokumente und Einstellungen\Oliver\Anwendungsdaten\Soft One Noun
20.05.2006 17:09 <DIR> .
20.05.2006 17:09 <DIR> ..
20.05.2006 17:08 15.526 MOVE SITE.exe
1 Datei(en) 15.526 Bytes
2 Verzeichnis(se), 3.561.582.592 Bytes frei
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D41F-02AB
Verzeichnis von C:\Dokumente und Einstellungen\Oliver\Anwendungsdaten\WinAntiVirus Pro 2006
09.04.2006 21:20 <DIR> .
09.04.2006 21:20 <DIR> ..
09.04.2006 21:20 <DIR> Logs
09.04.2006 21:54 3.072 PGE.dat
1 Datei(en) 3.072 Bytes
3 Verzeichnis(se), 3.561.582.592 Bytes frei
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D41F-02AB
Verzeichnis von C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Error This Aim Drive
20.05.2006 17:08 <DIR> .
20.05.2006 17:08 <DIR> ..
20.05.2006 17:08 368.582 Build pure.exe
20.05.2006 12:04 368.582 FOUR MFCD.exe
28.03.2006 20:23 365.403 GLUE FILM.exe
29.03.2006 20:23 365.403 Readmeblue.exe
4 Datei(en) 1.467.970 Bytes
2 Verzeichnis(se), 3.561.582.592 Bytes frei
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D41F-02AB
Verzeichnis von C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WinAntiVirus Pro 2006
09.04.2006 21:20 <DIR> .
09.04.2006 21:20 <DIR> ..
0 Datei(en) 0 Bytes
2 Verzeichnis(se), 3.561.582.592 Bytes frei
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D41F-02AB
Verzeichnis von C:\Programme\Gemeinsame Dateien\WinAntiVirus Pro 2006
09.04.2006 21:19 <DIR> .
09.04.2006 21:19 <DIR> ..
19.12.2005 10:37 48.128 WapCHK.dll
1 Datei(en) 48.128 Bytes
2 Verzeichnis(se), 3.561.582.592 Bytes frei
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D41F-02AB
Verzeichnis von C:\Programme\Common Files\Companion Wizard
10.07.2006 17:58 <DIR> .
10.07.2006 17:58 <DIR> ..
09.04.2006 21:20 48.128 WapCHK.dll
1 Datei(en) 48.128 Bytes
2 Verzeichnis(se), 3.561.582.592 Bytes frei
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D41F-02AB
Verzeichnis von C:\Programme\WinAntiVirus Pro 2006
11.04.2006 19:12 <DIR> .
11.04.2006 19:12 <DIR> ..
09.04.2006 21:54 13.312 history.db
1 Datei(en) 13.312 Bytes
2 Verzeichnis(se), 3.561.582.592 Bytes frei
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D41F-02AB
Verzeichnis von C:\Programme\Need2Find\bar
26.05.2006 18:29 <DIR> .
26.05.2006 18:29 <DIR> ..
26.05.2006 18:29 <DIR> 2.bin
13.12.2005 12:23 <DIR> Cache
02.12.2005 19:08 <DIR> History
02.12.2005 19:08 <DIR> Settings
0 Datei(en) 0 Bytes
6 Verzeichnis(se), 3.521.232.896 Bytes frei
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D41F-02AB
Verzeichnis von C:\Programme\NetPumper\Anti-Leech
20.05.2006 17:08 <DIR> .
20.05.2006 17:08 <DIR> ..
27.09.2005 00:48 244.167 ALPlugin-setup.exe
27.09.2005 00:47 261.740 ALPluginIE-1.0.2.2-setup.exe
16.04.2005 22:35 773 LICENSE.txt
3 Datei(en) 506.680 Bytes
2 Verzeichnis(se), 3.521.232.896 Bytes frei
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D41F-02AB
Verzeichnis von C:\Programme\NetPumper\help
20.05.2006 17:08 <DIR> .
20.05.2006 17:08 <DIR> ..
05.05.2004 05:44 9.286 compat.htm
05.05.2004 05:50 7.342 details.htm
03.07.2004 22:51 3.570 features.htm
20.05.2006 17:08 <DIR> images
05.05.2004 05:27 7.787 index.htm
02.07.2004 14:34 40.835 mainwin.htm
13.04.2003 17:33 178 nphelp.css
27.09.2005 16:28 31.958 prefwindow.htm
05.05.2004 05:48 9.561 register.htm
05.05.2004 05:47 14.183 schedwin.htm
04.08.2004 04:35 30.219 tips.htm
10 Datei(en) 154.919 Bytes
3 Verzeichnis(se), 3.521.228.800 Bytes frei
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D41F-02AB
Verzeichnis von C:\Programme\NetPumper\ZM
20.05.2006 17:08 <DIR> .
20.05.2006 17:08 <DIR> ..
07.11.2005 10:13 14.658 NP_0132_1.exe
1 Datei(en) 14.658 Bytes
2 Verzeichnis(se), 3.521.228.800 Bytes frei
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D41F-02AB
Verzeichnis von C:\Programme\TBONBin
27.05.2006 14:05 <DIR> .
27.05.2006 14:05 <DIR> ..
26.05.2006 18:28 83.456 tbon.exe
14.07.2006 22:26 45 tboninst.cfg
01.02.2005 17:07 86.528 TBONWnd.EXE
26.05.2006 18:28 83.456 Uninstall.exe
4 Datei(en) 253.485 Bytes
2 Verzeichnis(se), 3.521.228.800 Bytes frei
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D41F-02AB
Verzeichnis von C:\Programme\Anti-Leech
28.03.2006 20:20 <DIR> .
28.03.2006 20:20 <DIR> ..
20.05.2006 17:08 <DIR> ALIE_1.0.2.2
27.09.2005 00:44 <DIR> ALNN
0 Datei(en) 0 Bytes
4 Verzeichnis(se), 3.521.228.800 Bytes frei
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D41F-02AB
Verzeichnis von C:\Programme\HbTools_Icons
02.04.2006 22:43 <DIR> .
02.04.2006 22:43 <DIR> ..
02.02.2006 18:01 3.262 Jamster2.ico
19.02.2006 17:17 3.262 lw_JAMSTmzmCC_DE_a_ICON.ico
2 Datei(en) 6.524 Bytes
2 Verzeichnis(se), 3.521.228.800 Bytes frei
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D41F-02AB
Verzeichnis von C:\Programme\Lite Clock Wave
20.05.2006 17:08 <DIR> .
20.05.2006 17:08 <DIR> ..
0 Datei(en) 0 Bytes
2 Verzeichnis(se), 3.521.228.800 Bytes frei
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D41F-02AB
Verzeichnis von C:\WINDOWS\Downloaded Program Files
15.09.2004 11:20 740 jinstall-1_5_0.inf
27.03.2006 13:00 5.019 swflash.inf
2 Datei(en) 5.759 Bytes
0 Verzeichnis(se), 5.717.590.016 Bytes frei
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D41F-02AB
Verzeichnis von C:\Programme\Common Files
09.04.2006 21:20 <DIR> .
09.04.2006 21:20 <DIR> ..
15.07.2006 18:22 <DIR> Companion Wizard
0 Datei(en) 0 Bytes
3 Verzeichnis(se), 5.717.590.016 Bytes frei
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D41F-02AB
Verzeichnis von C:\Dokumente und Einstellungen\Oliver
22.10.2006 21:11 <DIR> .
22.10.2006 21:11 <DIR> ..
16.02.2006 20:45 7.194 1155497109-oem18.inf
16.02.2006 20:45 14.302 1155497109-oem18.PNF
16.02.2006 20:45 5.877 1155497109-oem19.inf
16.02.2006 20:45 12.836 1155497109-oem19.PNF
16.02.2006 20:45 5.798 1155497109-oem20.inf
16.02.2006 20:45 12.482 1155497109-oem20.PNF
26.02.2006 14:52 <DIR> Application Data
02.04.2006 22:18 104 default.pls
25.10.2006 19:58 <DIR> Desktop
09.07.2006 19:02 <DIR> Eigene Dateien
29.09.2006 14:16 <DIR> Favoriten
04.03.2006 13:13 75 LuResult.txt
13.08.2006 21:25 27.952 Motorola_Driver_Log.txt
13.11.2005 20:05 <DIR> Startmen
- burt4711
- Beiträge: 13
- Registriert: 07.07.2006, 14:57
von Nikita am 26.10.2006, 00:17
Avenger
http://virus-protect.org/artikel/tools/avenger.html
kopiere rein
Klicke die grüne Ampel
das Script wird nun ausgeführt, dann wird der PC automatisch neustarten
**
poste hier das log vom avenger, was nach neustart erscheint
««
öffne das HijackThis -- Button "scan" -- vor diese Einträge Häkchen setzen -- Button "Fix checked" -- PC neustarten
http://virus-protect.org/artikel/tools/avenger.html
kopiere rein
registry keys to delete:
HKEY_LOCAL_MACHINE\SOFTWARE\WinAntiVirus Pro 2006
HKEY_LOCAL_MACHINE\SOFTWARE\WinSoftware
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WA6P_is1
HKEY_LOCAL_MACHINE\SOFTWARE\Purchased Products\WinAntiVirus Pro 2006
HKEY_LOCAL_MACHINE\SOFTWARE\SupportUninstall\WinAntiVirus Pro 2006
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{723D54C7-7483-4EB8-8EED-CE5B2AEA534D}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1AC5C88A-DEA7-462b-A232-04AF5CA42E7E}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2178F3FB-2560-458f-BDEE-631E2FE0DFE4}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B2A3156E-3332-4b47-AF5A-5B121503514F}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B646F5E2-0A48-421d-AC91-F96C92BFC17A}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E69F0D6A-1C69-4A04-8709-5EAC2019D9BE}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B5141620-C2B2-4d95-9F0F-134D99C87AB0}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0903FECD-7F7A-4790-A819-A3CE08416732}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{85C99188-BEFD-4c61-A54B-5D7CB0204C1E}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{B32FE740-8B67-409A-BCA8-3297263C354E}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{1234890A-5E6E-4867-8136-CA6F1456B235}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{732B6533-7F78-4C47-9C01-2979BA0829B9}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{FC0B8EB8-AE24-4FD6-B479-E2B464F32DA6}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{367A86A5-D048-4785-86BE-4E2706AAFDD9}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{2BC32EF8-BB73-4099-BB2E-0F2951B3E276}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_VSPF
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vspf_hk
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vspf
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\FWSvc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\FWSvc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\FWSvc
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FWSvc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_FWSVC
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_FWSVC
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_FWSVC
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_FWSVC
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\FOPN
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\FOPN
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\FOPN
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FOPN
Files to delete:
C:\WINDOWS\system32\drivers\vspf5.sys
C:\WINDOWS\system32\drivers\vspf_hk5.sys
C:\WINDOWS\system32\drivers\fopn.sys
C:\WINDOWS\system32\av.cpl
C:\WINDOWS\system32\stera.log
C:\WINDOWS\system32\stera.exe
C:\WINDOWS\system32\stera.job
C:\WINDOWS\system32\atl71.dll
C:\WINDOWS\system32\SpOrder.dll
C:\WINDOWS\system32\msvcp71.dll
C:\WINDOWS\system32\msvcr71.dll
C:\WINDOWS\system32\mfc71.dll
Folders to delete:
C:\Programme\Need2Find
C:\Programme\Anti-Leech
C:\Programme\HbTools_Icons
C:\Programme\Lite Clock Wave
C:\Programme\NetPumper
C:\Programme\TBONBin
C:\Programme\Common Files\Companion Wizard
C:\Programme\WinAntiVirus Pro 2006
C:\Programme\Gemeinsame Dateien\WinAntiVirus Pro 2006
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WinAntiVirus Pro 2006
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Error This Aim Drive
C:\Dokumente und Einstellungen\Oliver\Anwendungsdaten\Soft One Noun
C:\Dokumente und Einstellungen\Oliver\Anwendungsdaten\WinAntiVirus Pro 2006
C:\Dokumente und Einstellungen\Oliver\Anwendungsdaten\NetPumper
C:\Dokumente und Einstellungen\Oliver\Anwendungsdaten\Lite Clock Wave
Klicke die grüne Ampel
das Script wird nun ausgeführt, dann wird der PC automatisch neustarten
**
poste hier das log vom avenger, was nach neustart erscheint
««
öffne das HijackThis -- Button "scan" -- vor diese Einträge Häkchen setzen -- Button "Fix checked" -- PC neustarten
O2 - BHO: (no name) - {1291E4B5-BB7D-76EE-E679-2B77393CD802} - C:\DOKUME~1\Oliver\ANWEND~1\SOFTON~1\MOVE SITE.exe
O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - C:\Programme\Need2Find\bar\2.bin\ND2FNBAR.DLL (file missing)
O2 - BHO: RXResultTracker Class - {59879FA4-4790-461c-A1CC-4EC4DE4CA483} - C:\PROGRA~1\RXTOOL~1\sfcont.dll (file missing)
O4 - HKLM\..\Run: [NetPumper] "D:\NetPumper\NetPumperIEProxy.exe"
O4 - HKLM\..\Run: [Aim drive 1 online] C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Error This Aim Drive\Funk Each.exe
O4 - HKLM\..\Run: [KAZAA] C:\Programme\Kazaa\Kazaa.exe /SYSTRAY
O4 - HKCU\..\Run: [bowsinternet] C:\DOKUME~1\Oliver\ANWEND~1\LITECL~1\data find dale.exe
O4 - HKCU\..\Run: [tbon] C:\Programme\TBONBin\tbon.exe /r
O8 - Extra context menu item: &Search - http://ku.bar.need2find.com/KU/menusearch.html?p=KU
O8 - Extra context menu item: Download with NetPumper - D:\NetPumper\AddUrl.htm
O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - C:\PROGRA~1\RXTOOL~1\sfcont.dll
- Nikita
- Moderator
- Beiträge: 11478
- Registriert: 07.12.2003, 16:53
- Wohnort: Lissabon
avenger
von burt4711 am 26.10.2006, 22:59
Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\danmects
*******************
Script file located at: \??\C:\WINDOWS\qbgusrqn.txt
Script file opened successfully.
Script file read successfully
Backups directory opened successfully at C:\Avenger
*******************
Beginning to process script file:
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_VSPF not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_VSPF failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_VSPF
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vspf_hk deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vspf deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\FWSvc not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\FWSvc failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\FWSvc
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\FWSvc not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\FWSvc failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\FWSvc
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\FWSvc not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\FWSvc failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\FWSvc
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FWSvc not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FWSvc failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FWSvc
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_FWSVC not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_FWSVC failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_FWSVC
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_FWSVC not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_FWSVC failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_FWSVC
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_FWSVC not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_FWSVC failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_FWSVC
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_FWSVC not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_FWSVC failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_FWSVC
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\FOPN not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\FOPN failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\FOPN
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\FOPN not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\FOPN failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\FOPN
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\FOPN not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\FOPN failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\FOPN
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FOPN not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FOPN failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FOPN
Status: 0xc0000034
File C:\WINDOWS\system32\drivers\vspf5.sys not found!
Deletion of file C:\WINDOWS\system32\drivers\vspf5.sys failed!
Could not process line:
C:\WINDOWS\system32\drivers\vspf5.sys
Status: 0xc0000034
File C:\WINDOWS\system32\drivers\vspf_hk5.sys not found!
Deletion of file C:\WINDOWS\system32\drivers\vspf_hk5.sys failed!
Could not process line:
C:\WINDOWS\system32\drivers\vspf_hk5.sys
Status: 0xc0000034
File C:\WINDOWS\system32\drivers\fopn.sys not found!
Deletion of file C:\WINDOWS\system32\drivers\fopn.sys failed!
Could not process line:
C:\WINDOWS\system32\drivers\fopn.sys
Status: 0xc0000034
File C:\WINDOWS\system32\av.cpl not found!
Deletion of file C:\WINDOWS\system32\av.cpl failed!
Could not process line:
C:\WINDOWS\system32\av.cpl
Status: 0xc0000034
File C:\WINDOWS\system32\stera.log not found!
Deletion of file C:\WINDOWS\system32\stera.log failed!
Could not process line:
C:\WINDOWS\system32\stera.log
Status: 0xc0000034
File C:\WINDOWS\system32\stera.exe not found!
Deletion of file C:\WINDOWS\system32\stera.exe failed!
Could not process line:
C:\WINDOWS\system32\stera.exe
Status: 0xc0000034
File C:\WINDOWS\system32\stera.job deleted successfully.
File C:\WINDOWS\system32\atl71.dll deleted successfully.
File C:\WINDOWS\system32\SpOrder.dll deleted successfully.
File C:\WINDOWS\system32\msvcp71.dll deleted successfully.
File C:\WINDOWS\system32\msvcr71.dll deleted successfully.
File C:\WINDOWS\system32\mfc71.dll deleted successfully.
Folder C:\Programme\Need2Find deleted successfully.
Folder C:\Programme\Anti-Leech deleted successfully.
Folder C:\Programme\HbTools_Icons deleted successfully.
Folder C:\Programme\Lite Clock Wave deleted successfully.
Folder C:\Programme\NetPumper deleted successfully.
Folder C:\Programme\TBONBin deleted successfully.
Folder C:\Programme\Common Files\Companion Wizard deleted successfully.
Folder C:\Programme\WinAntiVirus Pro 2006 deleted successfully.
Folder C:\Programme\Gemeinsame Dateien\WinAntiVirus Pro 2006 deleted successfully.
Folder C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WinAntiVirus Pro 2006 deleted successfully.
Folder C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Error This Aim Drive deleted successfully.
Folder C:\Dokumente und Einstellungen\Oliver\Anwendungsdaten\Soft One Noun deleted successfully.
Folder C:\Dokumente und Einstellungen\Oliver\Anwendungsdaten\WinAntiVirus Pro 2006 deleted successfully.
Folder C:\Dokumente und Einstellungen\Oliver\Anwendungsdaten\NetPumper deleted successfully.
Folder C:\Dokumente und Einstellungen\Oliver\Anwendungsdaten\Lite Clock Wave deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\WinAntiVirus Pro 2006 not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\WinAntiVirus Pro 2006 failed!
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\WinSoftware not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\WinSoftware failed!
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WA6P_is1 not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WA6P_is1 failed!
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Purchased Products\WinAntiVirus Pro 2006 not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Purchased Products\WinAntiVirus Pro 2006 failed!
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\SupportUninstall\WinAntiVirus Pro 2006 not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\SupportUninstall\WinAntiVirus Pro 2006 failed!
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{723D54C7-7483-4EB8-8EED-CE5B2AEA534D} not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{723D54C7-7483-4EB8-8EED-CE5B2AEA534D} failed!
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1AC5C88A-DEA7-462b-A232-04AF5CA42E7E} not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1AC5C88A-DEA7-462b-A232-04AF5CA42E7E} failed!
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2178F3FB-2560-458f-BDEE-631E2FE0DFE4} not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2178F3FB-2560-458f-BDEE-631E2FE0DFE4} failed!
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B2A3156E-3332-4b47-AF5A-5B121503514F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B646F5E2-0A48-421d-AC91-F96C92BFC17A} not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B646F5E2-0A48-421d-AC91-F96C92BFC17A} failed!
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E69F0D6A-1C69-4A04-8709-5EAC2019D9BE} not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E69F0D6A-1C69-4A04-8709-5EAC2019D9BE} failed!
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B5141620-C2B2-4d95-9F0F-134D99C87AB0} not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B5141620-C2B2-4d95-9F0F-134D99C87AB0} failed!
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0903FECD-7F7A-4790-A819-A3CE08416732} not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0903FECD-7F7A-4790-A819-A3CE08416732} failed!
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{85C99188-BEFD-4c61-A54B-5D7CB0204C1E} not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{85C99188-BEFD-4c61-A54B-5D7CB0204C1E} failed!
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{B32FE740-8B67-409A-BCA8-3297263C354E} not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{B32FE740-8B67-409A-BCA8-3297263C354E} failed!
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{1234890A-5E6E-4867-8136-CA6F1456B235} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{732B6533-7F78-4C47-9C01-2979BA0829B9} not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{732B6533-7F78-4C47-9C01-2979BA0829B9} failed!
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{FC0B8EB8-AE24-4FD6-B479-E2B464F32DA6} not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{FC0B8EB8-AE24-4FD6-B479-E2B464F32DA6} failed!
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{367A86A5-D048-4785-86BE-4E2706AAFDD9} not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{367A86A5-D048-4785-86BE-4E2706AAFDD9} failed!
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{2BC32EF8-BB73-4099-BB2E-0F2951B3E276} not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{2BC32EF8-BB73-4099-BB2E-0F2951B3E276} failed!
Status: 0xc0000034
Completed script processing.
*******************
Finished! Terminate.
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\danmects
*******************
Script file located at: \??\C:\WINDOWS\qbgusrqn.txt
Script file opened successfully.
Script file read successfully
Backups directory opened successfully at C:\Avenger
*******************
Beginning to process script file:
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_VSPF not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_VSPF failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_VSPF
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vspf_hk deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vspf deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\FWSvc not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\FWSvc failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\FWSvc
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\FWSvc not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\FWSvc failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\FWSvc
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\FWSvc not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\FWSvc failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\FWSvc
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FWSvc not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FWSvc failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FWSvc
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_FWSVC not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_FWSVC failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_FWSVC
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_FWSVC not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_FWSVC failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_FWSVC
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_FWSVC not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_FWSVC failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_FWSVC
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_FWSVC not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_FWSVC failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_FWSVC
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\FOPN not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\FOPN failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\FOPN
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\FOPN not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\FOPN failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\FOPN
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\FOPN not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\FOPN failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\FOPN
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FOPN not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FOPN failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FOPN
Status: 0xc0000034
File C:\WINDOWS\system32\drivers\vspf5.sys not found!
Deletion of file C:\WINDOWS\system32\drivers\vspf5.sys failed!
Could not process line:
C:\WINDOWS\system32\drivers\vspf5.sys
Status: 0xc0000034
File C:\WINDOWS\system32\drivers\vspf_hk5.sys not found!
Deletion of file C:\WINDOWS\system32\drivers\vspf_hk5.sys failed!
Could not process line:
C:\WINDOWS\system32\drivers\vspf_hk5.sys
Status: 0xc0000034
File C:\WINDOWS\system32\drivers\fopn.sys not found!
Deletion of file C:\WINDOWS\system32\drivers\fopn.sys failed!
Could not process line:
C:\WINDOWS\system32\drivers\fopn.sys
Status: 0xc0000034
File C:\WINDOWS\system32\av.cpl not found!
Deletion of file C:\WINDOWS\system32\av.cpl failed!
Could not process line:
C:\WINDOWS\system32\av.cpl
Status: 0xc0000034
File C:\WINDOWS\system32\stera.log not found!
Deletion of file C:\WINDOWS\system32\stera.log failed!
Could not process line:
C:\WINDOWS\system32\stera.log
Status: 0xc0000034
File C:\WINDOWS\system32\stera.exe not found!
Deletion of file C:\WINDOWS\system32\stera.exe failed!
Could not process line:
C:\WINDOWS\system32\stera.exe
Status: 0xc0000034
File C:\WINDOWS\system32\stera.job deleted successfully.
File C:\WINDOWS\system32\atl71.dll deleted successfully.
File C:\WINDOWS\system32\SpOrder.dll deleted successfully.
File C:\WINDOWS\system32\msvcp71.dll deleted successfully.
File C:\WINDOWS\system32\msvcr71.dll deleted successfully.
File C:\WINDOWS\system32\mfc71.dll deleted successfully.
Folder C:\Programme\Need2Find deleted successfully.
Folder C:\Programme\Anti-Leech deleted successfully.
Folder C:\Programme\HbTools_Icons deleted successfully.
Folder C:\Programme\Lite Clock Wave deleted successfully.
Folder C:\Programme\NetPumper deleted successfully.
Folder C:\Programme\TBONBin deleted successfully.
Folder C:\Programme\Common Files\Companion Wizard deleted successfully.
Folder C:\Programme\WinAntiVirus Pro 2006 deleted successfully.
Folder C:\Programme\Gemeinsame Dateien\WinAntiVirus Pro 2006 deleted successfully.
Folder C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WinAntiVirus Pro 2006 deleted successfully.
Folder C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Error This Aim Drive deleted successfully.
Folder C:\Dokumente und Einstellungen\Oliver\Anwendungsdaten\Soft One Noun deleted successfully.
Folder C:\Dokumente und Einstellungen\Oliver\Anwendungsdaten\WinAntiVirus Pro 2006 deleted successfully.
Folder C:\Dokumente und Einstellungen\Oliver\Anwendungsdaten\NetPumper deleted successfully.
Folder C:\Dokumente und Einstellungen\Oliver\Anwendungsdaten\Lite Clock Wave deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\WinAntiVirus Pro 2006 not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\WinAntiVirus Pro 2006 failed!
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\WinSoftware not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\WinSoftware failed!
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WA6P_is1 not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WA6P_is1 failed!
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Purchased Products\WinAntiVirus Pro 2006 not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Purchased Products\WinAntiVirus Pro 2006 failed!
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\SupportUninstall\WinAntiVirus Pro 2006 not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\SupportUninstall\WinAntiVirus Pro 2006 failed!
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{723D54C7-7483-4EB8-8EED-CE5B2AEA534D} not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{723D54C7-7483-4EB8-8EED-CE5B2AEA534D} failed!
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1AC5C88A-DEA7-462b-A232-04AF5CA42E7E} not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1AC5C88A-DEA7-462b-A232-04AF5CA42E7E} failed!
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2178F3FB-2560-458f-BDEE-631E2FE0DFE4} not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2178F3FB-2560-458f-BDEE-631E2FE0DFE4} failed!
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B2A3156E-3332-4b47-AF5A-5B121503514F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B646F5E2-0A48-421d-AC91-F96C92BFC17A} not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B646F5E2-0A48-421d-AC91-F96C92BFC17A} failed!
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E69F0D6A-1C69-4A04-8709-5EAC2019D9BE} not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E69F0D6A-1C69-4A04-8709-5EAC2019D9BE} failed!
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B5141620-C2B2-4d95-9F0F-134D99C87AB0} not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B5141620-C2B2-4d95-9F0F-134D99C87AB0} failed!
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0903FECD-7F7A-4790-A819-A3CE08416732} not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0903FECD-7F7A-4790-A819-A3CE08416732} failed!
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{85C99188-BEFD-4c61-A54B-5D7CB0204C1E} not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{85C99188-BEFD-4c61-A54B-5D7CB0204C1E} failed!
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{B32FE740-8B67-409A-BCA8-3297263C354E} not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{B32FE740-8B67-409A-BCA8-3297263C354E} failed!
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{1234890A-5E6E-4867-8136-CA6F1456B235} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{732B6533-7F78-4C47-9C01-2979BA0829B9} not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{732B6533-7F78-4C47-9C01-2979BA0829B9} failed!
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{FC0B8EB8-AE24-4FD6-B479-E2B464F32DA6} not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{FC0B8EB8-AE24-4FD6-B479-E2B464F32DA6} failed!
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{367A86A5-D048-4785-86BE-4E2706AAFDD9} not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{367A86A5-D048-4785-86BE-4E2706AAFDD9} failed!
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{2BC32EF8-BB73-4099-BB2E-0F2951B3E276} not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{2BC32EF8-BB73-4099-BB2E-0F2951B3E276} failed!
Status: 0xc0000034
Completed script processing.
*******************
Finished! Terminate.
- burt4711
- Beiträge: 13
- Registriert: 07.07.2006, 14:57
von Nikita am 28.10.2006, 01:13
loesche das backup vom Avenger unter c:\Avenger\backup.zip
scanne und poste den scanreport
http://virus-protect.org/counterspy.html
scanne und poste den scanreport
http://virus-protect.org/counterspy.html
- Nikita
- Moderator
- Beiträge: 11478
- Registriert: 07.12.2003, 16:53
- Wohnort: Lissabon
8 Beiträge • Seite 1 von 1
Ähnliche Themen
| Kann zwei Trojaner nicht löschen! Forum: Online- und PC-Sicherheit Autor: istud Antworten: |
Hilfe Trojaner Forum: Online- und PC-Sicherheit Autor: Anonymous Antworten: |
Trojaner Forum: Online- und PC-Sicherheit Autor: AbcAeffchen Antworten: |
Trojaner scanner Forum: Online- und PC-Sicherheit Autor: AbcAeffchen Antworten: |
Trojaner als Spamroboter entdeckt Forum: Aktuelles und News (hier sind die Forenregeln) Autor: schwedenmann Antworten: |
Zurück zu Online- und PC-Sicherheit
Wer ist online?
Mitglieder in diesem Forum: 0 Mitglieder und 0 Gäste