Nicht zu blockirende Popups

Dieses Thema im Forum "Netzwerk, Telefon, Internet" wurde erstellt von NeoNamek, 1. November 2006 .

Schlagworte:
Status des Themas:
Es sind keine weiteren Antworten möglich.
  1. Diese Seite verwendet Cookies. Wenn du dich weiterhin auf dieser Seite aufhältst, akzeptierst du unseren Einsatz von Cookies. Weitere Informationen
  1. #1 1. November 2006
    hi,
    Ich habe schon seid 1 Monat das Problem mit Popups sie sind zwar blockiert doch sie tauchem immer wieder auf, habs hier schon mehrmals gesehn als ich die SuFu benutzt habe, aber mein Problem is anders und manche Threads waren schon Stein alt.
    Manchmal kommen normale Popups zb von Promarkt oetc macnhmal auch sowas von Adultfriendfinder..., beim zocken kommen die auch und dabei minimiert sich mein Spiel.
    Ich hab schon sbybot search and destroy, antivirus und adaware drauf laufen lassen die haben nichts gefunden.
    Hier ma mein hijackthis logfile:

    Logfile of HijackThis v1.99.1
    Scan saved at 14:07:29, on 01.11.2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5700.0006)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Programme\AntiVir PersonalEdition Classic\sched.exe
    C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
    C:\Programme\FRITZ!DSL\IGDCTRL.EXE
    C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\oodag.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Programme\Java\jre1.5.0_06\bin\jusched.exe
    C:\WINDOWS\system32\sstray.exe
    C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe
    C:\WINDOWS\system32\carpserv.exe
    C:\Programme\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
    C:\Programme\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
    C:\Programme\QuickTime\qttask.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe
    C:\programme\valve\steam\steam.exe
    C:\Programme\Messenger\MSMSGS.EXE
    C:\Programme\Free Download Manager\fdm.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Programme\Logitech\SetPoint\SetPoint.exe
    C:\Programme\ATI Technologies\ATI.ACE\CLI.EXE
    C:\Programme\FRITZ!DSL\FritzDsl.exe
    C:\Programme\FRITZ!DSL\StCenter.exe
    c:\progra~1\intern~1\iexplore.exe
    C:\Programme\Internet Explorer\IEXPLORE.EXE
    C:\Programme\Gemeinsame Dateien\Logitech\khalshared\KHALMNPR.EXE
    C:\Programme\ATI Technologies\ATI.ACE\cli.exe
    C:\Programme\ATI Technologies\ATI.ACE\cli.exe
    C:\Programme\Xfire\Xfire.exe
    C:\Programme\Mozilla Firefox\firefox.exe
    C:\DOKUME~1\******\LOKALE~1\Temp\Rar$EX00.938\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Elektronik, Autos, Mode, Sammlerstücke, Gutscheine und mehr Online-Shopping | eBay
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=55245&clcid={SUB_CLCID}
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: (no name) - {87A331AE-CD39-DE87-BC85-E9DE17316C7D} - (no file)
    O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Programme\Free Download Manager\iefdmcks.dll
    O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programme\Canon\Easy-WebPrint\Toolband.dll
    O3 - Toolbar: GVDownloader - {ae4df123-9140-4f93-9b32-ff0186389cc3} - mscoree.dll (file missing)
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
    O4 - HKLM\..\Run: [ATIPTA] C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] "C:\Programme\Gemeinsame Dateien\Logitech\khalshared\KHALMNPR.EXE"
    O4 - HKLM\..\Run: [Zone Labs Client] "C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [ATICCC] "C:\Programme\ATI Technologies\ATI.ACE\CLIStart.exe"
    O4 - HKLM\..\Run: [CARPService] carpserv.exe
    O4 - HKLM\..\Run: [OpwareSE2] "C:\Programme\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Programme\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [NetPumper] "C:\Programme\NetPumper\NetPumperIEProxy.exe"
    O4 - HKLM\..\Run: [lockshtmshimtwo] C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\sitecakelockshtm\IdolDeaf.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\GEMEIN~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKCU\..\Run: [Steam] "c:\programme\valve\steam\steam.exe" -silent
    O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\MSMSGS.EXE" /background
    O4 - HKCU\..\Run: [Free Download Manager] C:\Programme\Free Download Manager\fdm.exe -autorun
    O4 - HKCU\..\Run: [bags funk] C:\DOKUME~1\*****\ANWEND~1\OPENPO~1\math drv owns.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - Startup: Adobe Gamma.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Startup: FRITZ!DSL Internet.lnk = C:\Programme\FRITZ!DSL\FritzDsl.exe
    O4 - Startup: FRITZ!DSL Startcenter.lnk = C:\Programme\FRITZ!DSL\StCenter.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Logitech SetPoint.lnk = ?
    O8 - Extra context menu item: Alles mit FDM herunterladen - file://C:\Programme\Free Download Manager\dlall.htm
    O8 - Extra context menu item: Auswahl mit FDM herunterladen - file://C:\Programme\Free Download Manager\dlselected.htm
    O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Programme\Free Download Manager\dlall.htm
    O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Programme\Free Download Manager\dlselected.htm
    O8 - Extra context menu item: Download with Free Download Manager - file://C:\Programme\Free Download Manager\dllink.htm
    O8 - Extra context menu item: Download with NetPumper - C:\Programme\NetPumper\AddUrl.htm
    O8 - Extra context menu item: Easy-WebPrint - Drucken - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
    O8 - Extra context menu item: Easy-WebPrint - Schnelldruck - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
    O8 - Extra context menu item: Easy-WebPrint - Vorschau - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
    O8 - Extra context menu item: Easy-WebPrint - Zu Druckliste hinzufügen - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
    O8 - Extra context menu item: Mit FDM herunterladen - file://C:\Programme\Free Download Manager\dllink.htm
    O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
    O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Programme\PartyGaming.Net\PartyPokerNet\RunPF.exe
    O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Programme\PartyGaming.Net\PartyPokerNet\RunPF.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://www.giga.de/giga-stream-test/Rawflow.cab
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20060912/qtinstall.info.apple.com/qtactivex/qtplugin.cab
    O16 - DPF: {072039AB-2117-4ED5-A85F-9B9EB903E021} (NowStarter Control) - http://www.clubbox.co.kr/neo.fld/NowStarter.cab
    O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.0.97.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1157035549031
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: AVM IGD CTRL Service - AVM Berlin - C:\Programme\FRITZ!DSL\IGDCTRL.EXE
    O23 - Service: AVM FRITZ!web Routing Service (de_serv) - AVM Berlin - C:\Programme\Gemeinsame Dateien\AVM\de_serv.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: NBService - Nero AG - C:\Programme\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
    O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Programme\TuneUp Utilities 2006\WinStylerThemeSvc.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

    Bin dankbar wenn ihr mir alle bösen dinger raussucht oder wenn einer ne Lösung zu meinem Problem hat.
     

  2. Anzeige
  3. #2 1. November 2006
    AW: Nicht zu blockirende Popups

    Also auf den ersten Blick ist da nix offensichtlich! Stell mal deinen Autostart rein! Also daraus würd ich den windows messanger nehmen und bei zone labs alles möglich blocken, was nicht auf das internet zuzugreifen hat!
    Also es sieht so aus, als wäre es das besste, wenn du deinen Rechner plätten würdest und Windows neu installieren!
     
  4. #3 1. November 2006
    AW: Nicht zu blockirende Popups

    Hab bei der Firewall alles blockiert was ich nicht brauche, hier mein Autostart Logfile:

    StartupList report, 01.11.2006, 15:13:24
    StartupList version: 1.52.2
    Started from : C:\DOKUME~1\****\LOKALE~1\Temp\Rar$EX00.891\HijackThis.EXE
    Detected: Windows XP SP2 (WinNT 5.01.2600)
    Detected: Internet Explorer v7.00 (7.00.5700.0006)
    * Using default options
    ==================================================

    Running processes:

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Programme\FRITZ!DSL\IGDCTRL.EXE
    C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\oodag.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Programme\Java\jre1.5.0_06\bin\jusched.exe
    C:\WINDOWS\system32\sstray.exe
    C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe
    C:\WINDOWS\system32\carpserv.exe
    C:\Programme\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
    C:\Programme\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
    C:\Programme\QuickTime\qttask.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe
    C:\programme\valve\steam\steam.exe
    C:\Programme\Messenger\MSMSGS.EXE
    C:\Programme\Free Download Manager\fdm.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Programme\Logitech\SetPoint\SetPoint.exe
    C:\Programme\ATI Technologies\ATI.ACE\CLI.EXE
    C:\Programme\FRITZ!DSL\FritzDsl.exe
    C:\Programme\FRITZ!DSL\StCenter.exe
    c:\progra~1\intern~1\iexplore.exe
    C:\Programme\Internet Explorer\IEXPLORE.EXE
    C:\Programme\Gemeinsame Dateien\Logitech\khalshared\KHALMNPR.EXE
    C:\Programme\ATI Technologies\ATI.ACE\cli.exe
    C:\Programme\ATI Technologies\ATI.ACE\cli.exe
    C:\Programme\Miranda\miranda32.exe
    C:\Programme\Mozilla Firefox\firefox.exe
    C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
    C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Programme\AntiVir PersonalEdition Classic\sched.exe
    C:\Programme\Xfire\Xfire.exe
    C:\DOKUME~1\*****\LOKALE~1\Temp\Rar$EX00.891\HijackThis.exe

    --------------------------------------------------

    Listing of startup folders:

    Shell folders Startup:
    [C:\Dokumente und Einstellungen\*****\Startmenü\Programme\Autostart]
    Adobe Gamma.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe
    FRITZ!DSL Internet.lnk = C:\Programme\FRITZ!DSL\FritzDsl.exe
    FRITZ!DSL Startcenter.lnk = C:\Programme\FRITZ!DSL\StCenter.exe

    Shell folders Common Startup:
    [C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart]
    Adobe Reader Speed Launch.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    Logitech SetPoint.lnk = ?

    --------------------------------------------------

    Checking Windows NT UserInit:

    [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    UserInit = C:\WINDOWS\system32\userinit.exe,

    --------------------------------------------------

    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run

    SunJavaUpdateSched = C:\Programme\Java\jre1.5.0_06\bin\jusched.exe
    nForce Tray Options = sstray.exe /r
    ATIPTA = C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
    avgnt = "C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min
    Logitech Hardware Abstraction Layer = "C:\Programme\Gemeinsame Dateien\Logitech\khalshared\KHALMNPR.EXE"
    Zone Labs Client = "C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe"
    ATICCC = "C:\Programme\ATI Technologies\ATI.ACE\CLIStart.exe"
    CARPService = carpserv.exe
    OpwareSE2 = "C:\Programme\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
    Adobe Photo Downloader = "C:\Programme\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
    NetPumper = "C:\Programme\NetPumper\NetPumperIEProxy.exe"
    lockshtmshimtwo = C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\sitecakelockshtm\IdolDeaf.exe
    NeroFilterCheck = C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe
    QuickTime Task = "C:\Programme\QuickTime\qttask.exe" -atboottime
    BluetoothAuthenticationAgent = rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    ISUSPM Startup = C:\PROGRA~1\GEMEIN~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
    ISUSScheduler = "C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe" -start
    (Default) =
    Kernel and Hardware Abstraction Layer = KHALMNPR.EXE

    --------------------------------------------------

    Autorun entries from Registry:
    HKCU\Software\Microsoft\Windows\CurrentVersion\Run

    Steam = "c:\programme\valve\steam\steam.exe" -silent
    MSMSGS = "C:\Programme\Messenger\MSMSGS.EXE" /background
    Free Download Manager = C:\Programme\Free Download Manager\fdm.exe -autorun
    bags funk = C:\DOKUME~1\*****\ANWEND~1\OPENPO~1\math drv owns.exe
    ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe

    --------------------------------------------------

    Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:

    Shell=*INI section not found*
    SCRNSAVE.EXE=*INI section not found*
    drivers=*INI section not found*

    Shell & screensaver key from Registry:

    Shell=Explorer.exe
    SCRNSAVE.EXE=*Registry value not found*
    drivers=*Registry value not found*

    Policies Shell key:

    HKCU\..\Policies: Shell=*Registry key not found*
    HKLM\..\Policies: Shell=*Registry value not found*

    --------------------------------------------------


    Enumerating Browser Helper Objects:

    (no name) - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
    (no name) - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
    (no name) - (no file) - {87A331AE-CD39-DE87-BC85-E9DE17316C7D}
    (no name) - C:\Programme\Free Download Manager\iefdmcks.dll - {CC59E0F9-7E43-44FA-9FAA-8377850BF205}

    --------------------------------------------------

    Enumerating Task Scheduler jobs:

    1-Click Maintenance.job
    AA2AF9A191A96ED5.job

    --------------------------------------------------

    Enumerating Download Program Files:

    [Rawflow ICD Client]
    InProcServer32 = C:\WINDOWS\DOWNLO~1\Rawflow.ocx
    CODEBASE = http://www.giga.de/giga-stream-test/Rawflow.cab

    [QuickTime Object]
    InProcServer32 = C:\Programme\QuickTime\QTPlugin.ocx
    CODEBASE = http://a1540.g.akamai.net/7/1540/52/20060912/qtinstall.info.apple.com/qtactivex/qtplugin.cab

    [NowStarter Control]
    InProcServer32 = C:\WINDOWS\DOWNLO~1\NOWSTA~1.OCX
    CODEBASE = http://www.clubbox.co.kr/neo.fld/NowStarter.cab

    [{33564D57-0000-0010-8000-00AA00389B71}]
    CODEBASE = http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB

    [FilePlanet Download Control Class]
    InProcServer32 = C:\Programme\IGN\Download Manager\FPDC.dll
    CODEBASE = http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.0.97.cab

    [WUWebControl Class]
    InProcServer32 = C:\WINDOWS\System32\wuweb.dll
    CODEBASE = http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1157035549031

    [Shockwave Flash Object]
    InProcServer32 = C:\WINDOWS\System32\Macromed\Flash\Flash9.ocx
    CODEBASE = http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

    --------------------------------------------------

    Enumerating Winsock LSP files:

    NameSpace #4: C:\WINDOWS\system32\wshbth.dll

    --------------------------------------------------

    Enumerating Windows NT logon/logoff scripts:
    *No scripts set to run*

    Windows NT checkdisk command:
    BootExecute = autocheck autochk *

    Windows NT 'Wininit.ini':
    PendingFileRenameOperations: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AntiVir PersonalEdition Classic\Update\AVUPDATE_4548a87b\UPDENGVDFTEST|||r

    --------------------------------------------------

    Enumerating ShellServiceObjectDelayLoad items:

    PostBootReminder: C:\WINDOWS\system32\SHELL32.dll
    CDBurn: C:\WINDOWS\system32\SHELL32.dll
    WebCheck: C:\WINDOWS\system32\webcheck.dll
    SysTray: C:\WINDOWS\System32\stobject.dll

    --------------------------------------------------
     

  5. Videos zum Thema
Die Seite wird geladen...