Shana Gast |
Hallo,
hab ein problem, wenn ich ins internet gehe bewegt sich manchmal die maus von selbst und macht seiten auf z.b. in der favouriten seite. Kann das ein virus sein. Oder kann jemand meinen computer steuern. Der PC arbeitet sehr langsam. Dann kommt unten rechts eine Anzeige mein computer wäre gefährdet. XP nicht die Originale Version sondern eine Kopie. Was kann ich machen um dieses Problem zu lösen?
Vielen Dank
Hat dir diese Antwort geholfen?
Falls der Spybot Teatimer installiert sein sollte, so ist dieser zuerst dauerhaft abzustellen (Erweitert -> Werkzeuge -> Resident --> Häkchen bei Teatimer entfernen -> PC Neustart).
In dieser Reihenfolge ausführen:
Malwarebytes anwenden, Funde löschen lassen, Report posten
http://www.virus-protect.org/artikel/tools/malwarebytes.html
CCleaner anwenden
http://virus-protect.org/ccleaner.html
lade combofix, klicke die Warnmeldung weg + poste hier den Report
http://virus-protect.org/artikel/tools/combofix.html
HijackThis log posten
http://hjt.klaffke.de/
Danke dir erstmal hier das erste:
Malwarebytes' Anti-Malware 1.12
Datenbank Version: 737
Scan Art: Komplett Scan (A:\|C:\|D:\|)
Objekte gescannt: 83132
Scan Dauer: 1 hour(s), 19 minute(s), 54 second(s)
Infizierte Speicher Prozesse: 0
Infizierte Speicher Module: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 1
Infizierte Datei Objekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicher Prozesse:
(Keine Malware Objekte gefunden)
Infizierte Speicher Module:
(Keine Malware Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine Malware Objekte gefunden)
Infizierte Registrierungswerte:
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{014da6c9-189f-421a-88cd-07cfe51cff10} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
Infizierte Datei Objekte der Registrierung:
(Keine Malware Objekte gefunden)
Infizierte Verzeichnisse:
(Keine Malware Objekte gefunden)
Infizierte Dateien:
(Keine Malware Objekte gefunden)
Deckard's System Scanner v20071014.68
Run by Hayet on 2008-05-11 13:30:33
Computer is in Normal Mode.
--------------------------------------------------------------------------------
Percentage of Memory in Use: 77% (more than 75%).
Total Physical Memory: 128 MiB (512 MiB recommended).
System Drive C: has 0.83 GiB (less than 15%) free.
-- HijackThis (run as Hayet.exe) -----------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:31:57, on 11.05.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Programme\QuickTime\qttask.exe
C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Programme\Alice\Signup\AliceCnn.exe
C:\Programme\Windows Live\Messenger\msnmsgr.exe
C:\Programme\Windows Live\Messenger\usnsvc.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Programme\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Dokumente und Einstellungen\Hayet\Lokale Einstellungen\Temporary Internet Files\Content.IE5\GHAJS5UB\dss[1].exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Hayet.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.bearshare.com/sidebar.html?src=ssb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://alice.aol.de
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://alice.aol.de
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll
O2 - BHO: (no name) - {FFFFFFA2-C40D-475D-8C91-9A9876ACFCDD} - C:\PROGRA~1\klickTel\KLICKT~2\KTTOOL~1.DLL
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &klickTel Toolbar - {FFFF8BAD-BB43-4A08-8258-BFB40A29FBD7} - C:\PROGRA~1\klickTel\KLICKT~2\KTTOOL~1.DLL
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [InfoCockpit] C:\Programme\T-Online\T-Online_Software_6\Info-Cockpit\INFOCOCKPIT.EXE /nosplash (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Windows Live Search - res://C:\Programme\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: In Windows Live Writer in &Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {9B17FE0E-51F2-4692-8B32-8EFB805FC0E7} (HPObjectInstaller Class) - http://h30155.www3.hp.com/ediags/dd/install/guidedsolutions.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
O17 - HKLM\System\CCS\Services\Tcpip\..\{063EF2FB-293F-4BD1-9DCA-3FB3A18430EE}: NameServer = 213.191.74.11 213.191.92.82
O17 - HKLM\System\CS1\Services\Tcpip\..\{063EF2FB-293F-4BD1-9DCA-3FB3A18430EE}: NameServer = 213.191.74.11 213.191.92.82
O20 - Winlogon Notify: SASWinLogon - C:\Programme\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programme\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 5354 bytes
-- Files created between 2008-04-11 and 2008-05-11 -----------------------------
2008-05-11 13:31:02 0 d-------- C:\Programme\Trend Micro
2008-05-10 17:10:12 0 d-------- C:\Programme\CCleaner
2008-05-10 15:24:57 0 d-------- C:\Programme\Malwarebytes' Anti-Malware
-- Find3M Report ---------------------------------------------------------------
2008-05-10 17:24:16 0 d-------- C:\Programme\ewido anti-malware
2008-05-10 15:25:41 0 d-------- C:\Dokumente und Einstellungen\Hayet\Anwendungsdaten\Malwarebytes
2008-04-08 01:14:20 0 d-------- C:\Programme\PONS Spanisch voll easy 2
2008-04-04 23:19:30 0 d-------- C:\Programme\Gemeinsame Dateien\Alice
2008-04-04 23:19:13 0 d-------- C:\Programme\Alice
2008-03-30 14:01:13 391000 --a------ C:\WINDOWS\system32\perfh007.dat
2008-03-30 14:01:13 63580 --a------ C:\WINDOWS\system32\perfc007.dat
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="C:\Programme\QuickTime\qttask.exe" [11.05.2007 19:08]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe" [02.07.2006 22:39]
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"InfoCockpit"=C:\Programme\T-Online\T-Online_Software_6\Info-Cockpit\INFOCOCKPIT.EXE /nosplash
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"=0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"=0 (0x0)
"NoDispAppearancePage"=0 (0x0)
"NoColorChoice"=0 (0x0)
"NoSizeChoice"=0 (0x0)
"NoDispBackgroundPage"=0 (0x0)
"NoDispScrSavPage"=0 (0x0)
"NoDispCPL"=0 (0x0)
"NoVisualStyleChoice"=0 (0x0)
"NoDispSettingsPage"=0 (0x0)
"disableregistrytools"=0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoActiveDesktopChanges"=0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoActiveDesktop"=0 (0x0)
"NoSaveSettings"=0 (0x0)
"NoThemesTab"=0 (0x0)
"ForceActiveDesktopOn"=0 (0x0)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Programme\SUPERAntiSpyware\SASSEH.DLL [16.02.2006 17:51 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\SASWinLogon]
C:\Programme\SUPERAntiSpyware\SASWINLO.DLL 02.07.2006 22:39 258048 C:\Programme\SUPERAntiSpyware\SASWINLO.DLL
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
AutoRun\command- preinst.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{582b3860-2f03-11dc-982b-00c126119105}]
AutoRun\command- E:\preinst.exe
-- End of Deckard's System Scanner: finished at 2008-05-11 13:33:16 ------------
So jetzt hab ich alles, bis auf combofix hat nicht funktioniert
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:40:13, on 11.05.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Programme\QuickTime\qttask.exe
C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Programme\Alice\Signup\AliceCnn.exe
C:\Programme\Windows Live\Messenger\msnmsgr.exe
C:\Programme\Windows Live\Messenger\usnsvc.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Programme\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\WINDOWS\notepad.exe
C:\Programme\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.bearshare.com/sidebar.html?src=ssb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://alice.aol.de
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://alice.aol.de
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll
O2 - BHO: (no name) - {FFFFFFA2-C40D-475D-8C91-9A9876ACFCDD} - C:\PROGRA~1\klickTel\KLICKT~2\KTTOOL~1.DLL
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &klickTel Toolbar - {FFFF8BAD-BB43-4A08-8258-BFB40A29FBD7} - C:\PROGRA~1\klickTel\KLICKT~2\KTTOOL~1.DLL
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [InfoCockpit] C:\Programme\T-Online\T-Online_Software_6\Info-Cockpit\INFOCOCKPIT.EXE /nosplash (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Windows Live Search - res://C:\Programme\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: In Windows Live Writer in &Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {9B17FE0E-51F2-4692-8B32-8EFB805FC0E7} (HPObjectInstaller Class) - http://h30155.www3.hp.com/ediags/dd/install/guidedsolutions.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
O17 - HKLM\System\CCS\Services\Tcpip\..\{063EF2FB-293F-4BD1-9DCA-3FB3A18430EE}: NameServer = 213.191.74.11 213.191.92.82
O17 - HKLM\System\CS1\Services\Tcpip\..\{063EF2FB-293F-4BD1-9DCA-3FB3A18430EE}: NameServer = 213.191.74.11 213.191.92.82
O20 - Winlogon Notify: SASWinLogon - C:\Programme\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programme\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 5273 bytes
Hat dir diese Antwort geholfen?
Hallo
Percentage of Memory in Use: 77% (more than 75%).Du hast zu wenig Arbeitsspeicher, oder es sind Module schadhaft!
Total Physical Memory: 128 MiB (512 MiB recommended).
Hallo
Scan History Details
Start Date: 11.05.2008 20:53:44
End Date: 11.05.2008 22:39:05
Total Time: 105 Min 21 Sec
Detected security risks
Cookie: BS.Serving-Sys Cookie (General) more information...
Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs.
Status: Deleted
Cookies detected
c:\dokumente und einstellungen\hayet\cookies\[email protected][1].txt
c:\dokumente und einstellungen\hayet\cookies\hayet@serving-sys[1].txt
Cookie: CGI-Bin Cookie (General) more information...
Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs.
Status: Deleted
Cookies detected
c:\dokumente und einstellungen\hayet\cookies\hayet@cgi-bin[1].txt
c:\dokumente und einstellungen\hayet\cookies\hayet@cgi-bin[3].txt
Weatherbug Low Risk Adware more information...
Details: Weatherbug is an ad supported desktop weather applicaton that provides updates on weather conditions and displays real time temperatures in the taskbar icon.
Status: Deleted
Registry entries detected
HKEY_LOCAL_MACHINE\Software\Classes\IMSIDE1EGATE.APPLICATION.1
HKEY_LOCAL_MACHINE\Software\Classes\IMSIDE1EGATE.APPLICATION.1
HKEY_LOCAL_MACHINE\Software\Classes\IMSIDE1EGATE.APPLICATION.1\CLSID
HKEY_LOCAL_MACHINE\Software\Classes\IMSIDE1EGATE.APPLICATION.1\CLSID
Paltalk Low Risk Adware more information...
Details: Paltalk is an advertising-supported instant messaging client.
Status: Deleted
Registry entries detected
HKEY_LOCAL_MACHINE\Software\Classes\.PALTALK
HKEY_LOCAL_MACHINE\Software\Classes\.PALTALK
HKEY_LOCAL_MACHINE\Software\Classes\.PALTALK
HKEY_LOCAL_MACHINE\Software\Classes\PALTALKFILE
HKEY_LOCAL_MACHINE\Software\Classes\PALTALKFILE\Shell
Cookie: PriceBandit Cookie (General) more information...
Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs.
Status: Deleted
Cookies detected
c:\dokumente und einstellungen\hayet\cookies\hayet@apmebf[1].txt
Teil 2:
SpyDawn Rogue Security Program more information...
Details: SpyDawn is a purported anti-spyware application to scan for and remove spyware from users' computers. SpyDawn may be downloaded and installed through exploits or under dubious circumstances without user consent.
Status: Deleted
Registry entries detected
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{189518DF-7EBA-4D31-A7E1-73B5BB60E8D5}
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{189518DF-7EBA-4D31-A7E1-73B5BB60E8D5}
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{189518DF-7EBA-4D31-A7E1-73B5BB60E8D5}\ProxyStubClsid
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{189518DF-7EBA-4D31-A7E1-73B5BB60E8D5}\ProxyStubClsid
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{189518DF-7EBA-4D31-A7E1-73B5BB60E8D5}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{189518DF-7EBA-4D31-A7E1-73B5BB60E8D5}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{189518DF-7EBA-4D31-A7E1-73B5BB60E8D5}\TypeLib
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{189518DF-7EBA-4D31-A7E1-73B5BB60E8D5}\TypeLib
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{189518DF-7EBA-4D31-A7E1-73B5BB60E8D5}\TypeLib
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{23D627FE-3F02-44CF-9EE1-7B9E44BD9E13}
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{23D627FE-3F02-44CF-9EE1-7B9E44BD9E13}
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{23D627FE-3F02-44CF-9EE1-7B9E44BD9E13}\ProxyStubClsid
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{23D627FE-3F02-44CF-9EE1-7B9E44BD9E13}\ProxyStubClsid
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{23D627FE-3F02-44CF-9EE1-7B9E44BD9E13}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{23D627FE-3F02-44CF-9EE1-7B9E44BD9E13}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{23D627FE-3F02-44CF-9EE1-7B9E44BD9E13}\TypeLib
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{23D627FE-3F02-44CF-9EE1-7B9E44BD9E13}\TypeLib
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{23D627FE-3F02-44CF-9EE1-7B9E44BD9E13}\TypeLib
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{43CFEFBE-8AE4-400E-BBE4-A2B61BB140FB}
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{43CFEFBE-8AE4-400E-BBE4-A2B61BB140FB}
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{43CFEFBE-8AE4-400E-BBE4-A2B61BB140FB}\ProxyStubClsid
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{43CFEFBE-8AE4-400E-BBE4-A2B61BB140FB}\ProxyStubClsid
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{43CFEFBE-8AE4-400E-BBE4-A2B61BB140FB}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{43CFEFBE-8AE4-400E-BBE4-A2B61BB140FB}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{43CFEFBE-8AE4-400E-BBE4-A2B61BB140FB}\TypeLib
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{43CFEFBE-8AE4-400E-BBE4-A2B61BB140FB}\TypeLib
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{43CFEFBE-8AE4-400E-BBE4-A2B61BB140FB}\TypeLib
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{5790B963-23C5-43C1-BCF5-01C9B5A3E44E}
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{5790B963-23C5-43C1-BCF5-01C9B5A3E44E}
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{5790B963-23C5-43C1-BCF5-01C9B5A3E44E}\ProxyStubClsid
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{5790B963-23C5-43C1-BCF5-01C9B5A3E44E}\ProxyStubClsid
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{5790B963-23C5-43C1-BCF5-01C9B5A3E44E}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{5790B963-23C5-43C1-BCF5-01C9B5A3E44E}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{5790B963-23C5-43C1-BCF5-01C9B5A3E44E}\TypeLib
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{5790B963-23C5-43C1-BCF5-01C9B5A3E44E}\TypeLib
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{5790B963-23C5-43C1-BCF5-01C9B5A3E44E}\TypeLib
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{5D42DDF4-81EB-4668-9951-819A1D5BEFC8}
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{5D42DDF4-81EB-4668-9951-819A1D5BEFC8}
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{5D42DDF4-81EB-4668-9951-819A1D5BEFC8}\ProxyStubClsid
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{5D42DDF4-81EB-4668-9951-819A1D5BEFC8}\ProxyStubClsid
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{5D42DDF4-81EB-4668-9951-819A1D5BEFC8}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{5D42DDF4-81EB-4668-9951-819A1D5BEFC8}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{5D42DDF4-81EB-4668-9951-819A1D5BEFC8}\TypeLib
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{5D42DDF4-81EB-4668-9951-819A1D5BEFC8}\TypeLib
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{5D42DDF4-81EB-4668-9951-819A1D5BEFC8}\TypeLib
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{76D06077-D5D3-40CA-B32D-6A67A7FF3F06}
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{76D06077-D5D3-40CA-B32D-6A67A7FF3F06}
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{76D06077-D5D3-40CA-B32D-6A67A7FF3F06}\ProxyStubClsid
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{76D06077-D5D3-40CA-B32D-6A67A7FF3F06}\ProxyStubClsid
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{76D06077-D5D3-40CA-B32D-6A67A7FF3F06}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{76D06077-D5D3-40CA-B32D-6A67A7FF3F06}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{76D06077-D5D3-40CA-B32D-6A67A7FF3F06}\TypeLib
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{76D06077-D5D3-40CA-B32D-6A67A7FF3F06}\TypeLib
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{76D06077-D5D3-40CA-B32D-6A67A7FF3F06}\TypeLib
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{86C7E6C3-EC47-44E5-AA08-EE0D0A25895F}
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{86C7E6C3-EC47-44E5-AA08-EE0D0A25895F}
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{86C7E6C3-EC47-44E5-AA08-EE0D0A25895F}\ProxyStubClsid
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{86C7E6C3-EC47-44E5-AA08-EE0D0A25895F}\ProxyStubClsid
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{86C7E6C3-EC47-44E5-AA08-EE0D0A25895F}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{86C7E6C3-EC47-44E5-AA08-EE0D0A25895F}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{86C7E6C3-EC47-44E5-AA08-EE0D0A25895F}\TypeLib
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{86C7E6C3-EC47-44E5-AA08-EE0D0A25895F}\TypeLib
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{86C7E6C3-EC47-44E5-AA08-EE0D0A25895F}\TypeLib
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{9283DAC1-43F5-4580-BF86-841F22AF2335}
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{9283DAC1-43F5-4580-BF86-841F22AF2335}
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{9283DAC1-43F5-4580-BF86-841F22AF2335}\ProxyStubClsid
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{9283DAC1-43F5-4580-BF86-841F22AF2335}\ProxyStubClsid
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{9283DAC1-43F5-4580-BF86-841F22AF2335}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{9283DAC1-43F5-4580-BF86-841F22AF2335}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{9283DAC1-43F5-4580-BF86-841F22AF2335}\TypeLib
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{9283DAC1-43F5-4580-BF86-841F22AF2335}\TypeLib
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{9283DAC1-43F5-4580-BF86-841F22AF2335}\TypeLib
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{AE90CAFC-09D4-47F0-9E11-CE621C424F08}
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{AE90CAFC-09D4-47F0-9E11-CE621C424F08}
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{AE90CAFC-09D4-47F0-9E11-CE621C424F08}\ProxyStubClsid
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{AE90CAFC-09D4-47F0-9E11-CE621C424F08}\ProxyStubClsid
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{AE90CAFC-09D4-47F0-9E11-CE621C424F08}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{AE90CAFC-09D4-47F0-9E11-CE621C424F08}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{AE90CAFC-09D4-47F0-9E11-CE621C424F08}\TypeLib
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{AE90CAFC-09D4-47F0-9E11-CE621C424F08}\TypeLib
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{AE90CAFC-09D4-47F0-9E11-CE621C424F08}\TypeLib
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{BA397E39-F67F-423F-BC6E-65939450093A}
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{BA397E39-F67F-423F-BC6E-65939450093A}
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{BA397E39-F67F-423F-BC6E-65939450093A}\ProxyStubClsid
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{BA397E39-F67F-423F-BC6E-65939450093A}\ProxyStubClsid
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{BA397E39-F67F-423F-BC6E-65939450093A}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{BA397E39-F67F-423F-BC6E-65939450093A}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{BA397E39-F67F-423F-BC6E-65939450093A}\TypeLib
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{BA397E39-F67F-423F-BC6E-65939450093A}\TypeLib
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{BA397E39-F67F-423F-BC6E-65939450093A}\TypeLib
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{BEC8A83D-01D4-4F15-B8A9-4B4AB24253A7}
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{BEC8A83D-01D4-4F15-B8A9-4B4AB24253A7}
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{BEC8A83D-01D4-4F15-B8A9-4B4AB24253A7}\ProxyStubClsid
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{BEC8A83D-01D4-4F15-B8A9-4B4AB24253A7}\ProxyStubClsid
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{BEC8A83D-01D4-4F15-B8A9-4B4AB24253A7}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{BEC8A83D-01D4-4F15-B8A9-4B4AB24253A7}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{BEC8A83D-01D4-4F15-B8A9-4B4AB24253A7}\TypeLib
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{BEC8A83D-01D4-4F15-B8A9-4B4AB24253A7}\TypeLib
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{BEC8A83D-01D4-4F15-B8A9-4B4AB24253A7}\TypeLib
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{C4EEDC19-992D-409A-B323-ED57D511AFA5}
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{C4EEDC19-992D-409A-B323-ED57D511AFA5}
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{C4EEDC19-992D-409A-B323-ED57D511AFA5}\ProxyStubClsid
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{C4EEDC19-992D-409A-B323-ED57D511AFA5}\ProxyStubClsid
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{C4EEDC19-992D-409A-B323-ED57D511AFA5}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{C4EEDC19-992D-409A-B323-ED57D511AFA5}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{C4EEDC19-992D-409A-B323-ED57D511AFA5}\TypeLib
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{C4EEDC19-992D-409A-B323-ED57D511AFA5}\TypeLib
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{C4EEDC19-992D-409A-B323-ED57D511AFA5}\TypeLib
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{DD90F677-D205-4F70-9014-659614AABCB2}
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{DD90F677-D205-4F70-9014-659614AABCB2}
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{DD90F677-D205-4F70-9014-659614AABCB2}\ProxyStubClsid
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{DD90F677-D205-4F70-9014-659614AABCB2}\ProxyStubClsid
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{DD90F677-D205-4F70-9014-659614AABCB2}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{DD90F677-D205-4F70-9014-659614AABCB2}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{DD90F677-D205-4F70-9014-659614AABCB2}\TypeLib
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{DD90F677-D205-4F70-9014-659614AABCB2}\TypeLib
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{DD90F677-D205-4F70-9014-659614AABCB2}\TypeLib
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{E3DF91F3-F24F-441E-9001-D61F36024322}
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{E3DF91F3-F24F-441E-9001-D61F36024322}
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{E3DF91F3-F24F-441E-9001-D61F36024322}\ProxyStubClsid
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{E3DF91F3-F24F-441E-9001-D61F36024322}\ProxyStubClsid
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{E3DF91F3-F24F-441E-9001-D61F36024322}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{E3DF91F3-F24F-441E-9001-D61F36024322}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{E3DF91F3-F24F-441E-9001-D61F36024322}\TypeLib
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{E3DF91F3-F24F-441E-9001-D61F36024322}\TypeLib
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{E3DF91F3-F24F-441E-9001-D61F36024322}\TypeLib
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{F459EADB-5903-48D5-864C-2B7B46AB1424}
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{F459EADB-5903-48D5-864C-2B7B46AB1424}
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{F459EADB-5903-48D5-864C-2B7B46AB1424}\ProxyStubClsid
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{F459EADB-5903-48D5-864C-2B7B46AB1424}\ProxyStubClsid
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{F459EADB-5903-48D5-864C-2B7B46AB1424}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{F459EADB-5903-48D5-864C-2B7B46AB1424}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{F459EADB-5903-48D5-864C-2B7B46AB1424}\TypeLib
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{F459EADB-5903-48D5-864C-2B7B46AB1424}\TypeLib
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{F459EADB-5903-48D5-864C-2B7B46AB1424}\TypeLib
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{FC4EDF66-0547-4F1A-AE96-7CFCAD711C90}
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{FC4EDF66-0547-4F1A-AE96-7CFCAD711C90}
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{FC4EDF66-0547-4F1A-AE96-7CFCAD711C90}\ProxyStubClsid
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{FC4EDF66-0547-4F1A-AE96-7CFCAD711C90}\ProxyStubClsid
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{FC4EDF66-0547-4F1A-AE96-7CFCAD711C90}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{FC4EDF66-0547-4F1A-AE96-7CFCAD711C90}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{FC4EDF66-0547-4F1A-AE96-7CFCAD711C90}\TypeLib
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{FC4EDF66-0547-4F1A-AE96-7CFCAD711C90}\TypeLib
HKEY_LOCAL_MACHINE\Software\Classes\INTERFACE\{FC4EDF66-0547-4F1A-AE96-7CFCAD711C90}\TypeLib
Hat dir diese Antwort geholfen?
Hallo
SDFix: Version 1.182
Run by Hayet on 13.05.2008 at 21:24
Microsoft Windows XP [Version 5.1.2600]
Running From: C:\SDFix
Checking Services :
Restoring Windows Registry Values
Restoring Windows Default Hosts File
Rebooting
Checking Files :
No Trojan Files Found
Removing Temp Files
ADS Check :
Final Check :
catchme 0.3.1359.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-13 21:49:03
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
Remaining Services :
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Programme\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Programme\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\\Programme\\Yahoo!\\Messenger\\YServer.exe"="C:\\Programme\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\\Programme\\T-Online\\T-Online_Software_6\\Browser\\browser.exe"="C:\\Programme\\T-Online\\T-Online_Software_6\\Browser\\browser.exe:*:Enabled:T-Online Browser 6.0"
"C:\\Programme\\Microsoft Office\\Office\\1031\\WFXMSRVR.EXE"="C:\\Programme\\Microsoft Office\\Office\\1031\\WFXMSRVR.EXE:*:Disabled:WFXMSRVR"
"C:\\Programme\\Messenger\\msmsgs.exe"="C:\\Programme\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Programme\\Paltalk Messenger\\paltalk.exe"="C:\\Programme\\Paltalk Messenger\\paltalk.exe:*:Disabled:Paltalk Messenger 8.3"
"C:\\Programme\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"="C:\\Programme\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe:*:Enabled:BlueSoleil"
"C:\\Programme\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Programme\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Programme\\Windows Live\\Messenger\\livecall.exe"="C:\\Programme\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Programme\\BearShare Applications\\BearShare\\BearShare.exe"="C:\\Programme\\BearShare Applications\\BearShare\\BearShare.exe:*:Enabled:BearShare"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Programme\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Programme\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Programme\\Windows Live\\Messenger\\livecall.exe"="C:\\Programme\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
Remaining Files :
File Backups: - C:\SDFix\backups\backups.zip
Files with Hidden Attributes :
Sun 12 Jan 2003 8,192 A..HR --- "C:\Alte C (ME)\Programme\Symantec\ProductReg.reg"
Thu 8 Jun 2000 53,248 A..H. --- "C:\Alte C (ME)\Programme\Zubeh”r\mspcx32.dll"
Sat 1 May 2004 19,968 A..H. --- "C:\Alte C (ME)\WINDOWS\TEMP\~WRL0005.tmp"
Thu 23 Jun 2005 19,968 A..H. --- "C:\Alte C (ME)\WINDOWS\TEMP\~WRL0006.tmp"
Sun 28 Mar 2004 19,968 A..H. --- "C:\Alte C (ME)\WINDOWS\TEMP\~WRL0362.tmp"
Sun 28 Mar 2004 19,968 A..H. --- "C:\Alte C (ME)\WINDOWS\TEMP\~WRL1336.tmp"
Sun 28 Mar 2004 19,456 A..H. --- "C:\Alte C (ME)\WINDOWS\TEMP\~WRL1654.tmp"
Sat 1 May 2004 36,864 A..H. --- "C:\Alte C (ME)\WINDOWS\TEMP\~WRL2598.tmp"
Thu 23 Jun 2005 20,992 A..H. --- "C:\Alte C (ME)\WINDOWS\TEMP\~WRL4083.tmp"
Thu 8 Jun 2000 110,592 A.SHR --- "C:\Alte C (ME)\WINDOWS\COMMAND\EBD\WINBOOT.SYS"
Thu 8 May 2008 46,080 ...H. --- "C:\Dokumente und Einstellungen\Hayet\Eigene Dateien\Bewerbung 2007\~WRL0002.tmp"
Mon 5 May 2008 46,592 ...H. --- "C:\Dokumente und Einstellungen\Hayet\Eigene Dateien\Bewerbung 2007\~WRL0004.tmp"
Thu 8 May 2008 1,524,224 ...H. --- "C:\Dokumente und Einstellungen\Hayet\Eigene Dateien\Bewerbung 2007\~WRL0005.tmp"
Fri 2 May 2008 46,080 ...H. --- "C:\Dokumente und Einstellungen\Hayet\Eigene Dateien\Bewerbung 2007\~WRL0796.tmp"
Wed 30 Apr 2008 1,524,224 ...H. --- "C:\Dokumente und Einstellungen\Hayet\Eigene Dateien\Bewerbung 2007\~WRL1500.tmp"
Thu 8 May 2008 46,592 ...H. --- "C:\Dokumente und Einstellungen\Hayet\Eigene Dateien\Bewerbung 2007\~WRL2397.tmp"
Wed 30 Apr 2008 46,080 ...H. --- "C:\Dokumente und Einstellungen\Hayet\Eigene Dateien\Bewerbung 2007\~WRL3906.tmp"
Sun 22 Oct 2006 22,016 ...H. --- "C:\Dokumente und Einstellungen\Hayet\Anwendungsdaten\Microsoft\Word\~WRL0001.tmp"
Sun 29 Oct 2006 47,104 ...H. --- "C:\Dokumente und Einstellungen\Hayet\Anwendungsdaten\Microsoft\Word\~WRL0004.tmp"
Thu 17 Apr 2008 19,968 ...H. --- "C:\Dokumente und Einstellungen\Hayet\Anwendungsdaten\Microsoft\Word\~WRL0134.tmp"
Wed 2 Apr 2008 27,136 ...H. --- "C:\Dokumente und Einstellungen\Hayet\Anwendungsdaten\Microsoft\Word\~WRL1001.tmp"
Thu 5 Oct 2006 32,768 ...H. --- "C:\Dokumente und Einstellungen\Hayet\Anwendungsdaten\Microsoft\Word\~WRL1077.tmp"
Mon 28 Nov 2005 26,112 ...H. --- "C:\Dokumente und Einstellungen\Hayet\Anwendungsdaten\Microsoft\Word\~WRL1321.tmp"
Thu 9 Nov 2006 20,992 ...H. --- "C:\Dokumente und Einstellungen\Hayet\Anwendungsdaten\Microsoft\Word\~WRL1624.tmp"
Wed 8 Nov 2006 19,456 ...H. --- "C:\Dokumente und Einstellungen\Hayet\Anwendungsdaten\Microsoft\Word\~WRL2111.tmp"
Mon 28 Nov 2005 27,136 ...H. --- "C:\Dokumente und Einstellungen\Hayet\Anwendungsdaten\Microsoft\Word\~WRL4081.tmp"
Finished!
Hat dir diese Antwort geholfen?
| « Mozillafenster öffnet sich automatisch | HILFE SPAM-VIRUS » | ||
Mein eigener Startbutton: Neuer Windows-Look
Soll der Windows-Startbutton eine neue Farbe oder einen anderen Text enthalten, geht das nicht mit d...
MicroSIM für iPad / iPhone selbst basteln: Ausschneiden & zuschneiden
Das iPad und das iPhone 4 brauchen statt einer normalen SIM Karte, die mit bisher fast allen aktuell...
Der virtuelle Computer
Wenn man sich einen neuen PC gekauft hat, erfreut man sich zunächst an dem neuen Design und den vie...
Computer schaltet sich selbst aus oder hängt sich auf. Hallo, ich kann keine vollständige Systemprüfung mit Avira durchführen ohne das mein Computer sic...
mein computer startet von selbstmein computer startet immer von allein. woran kann das liegen ? ...
Computer schaltet sich von selbst einHi, mein PC (Athlon 1200MHZ 512Ram Radeon9600XT) schaltet sich nachts über von selbst ein. Er läss...
Hallo,ich habe leider das Problem, das sich mein Computer, sobald ich ihn etwas forder schlagartig a...
hallo, ich hab ein problem:mein computer schaltet sich nach ein paar minuten von selbst ab!was könn...
Mainboard: Elitegroup 755-A2 Sockel 754 mit SIS 755 Chips...
Hallöchen,ich wollte mich nun einmal daran versuchen ein PC selbst zusammen zu schrauben.Er sollte ...
Hallo,habe da ein Problem mit meiner Firewall ( NIS2004).Folgendes passiert:bekomme alle paar Sekund...
