|
|
Topics
|
FindIt für Windows Nt/2000/Xp
Link: FindItNt2kXP
Download:
http://lineofire.geekstogo.com/
Warning! This utility will find legitimate files in addition to malware.
Do not remove anything unless you are sure you know what you're doing.
------- System Files in System32 Directory -------
Verzeichnis von C:\WINNT\System32
02.01.2005 18:56 dllcache
0 Datei(en) 0 Bytes
1 Verzeichnis(se), 491.741.184 Bytes frei
------- Hidden Files in System32 Directory -------
Verzeichnis von C:\WINNT\System32
02.01.2005 18:56 dllcache
10.04.2004 14:47 GroupPolicy
10.04.2004 14:40 21.817 folder.htt
10.04.2004 14:40 271 desktop.ini
2 Datei(en) 22.088 Bytes
2 Verzeichnis(se), 491.741.184 Bytes frei
---------- Files Named "Guard" -------------
Verzeichnis von C:\WINNT\System32
--------- Temp Files in System32 Directory --------
Verzeichnis von C:\WINNT\System32
05.05.2004 21:50 135.952 SET1BE.tmp
11.11.2002 14:35 123.664 SET1B8.tmp
11.11.2002 14:35 131.344 SET1B9.tmp
11.11.2002 14:35 512.272 SET1B7.tmp
11.11.2002 14:35 62.736 SET1BA.tmp
11.11.2002 14:35 49.424 SET1BB.tmp
11.11.2002 14:35 472.336 SET1BC.tmp
11.11.2002 14:35 91.920 SET1BD.tmp
10.12.1999 13:00 2.951 CONFIG.TMP
9 Datei(en) 1.582.599 Bytes
0 Verzeichnis(se), 491.741.184 Bytes frei
---------------- User Agent ------------
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\UserAgent\Post Platform]
"DT"="IEAK"
|
------------ Keys Under Notify ------------
REGEDIT4
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows
NT\CurrentVersion\Winlogon\Notify\crypt32chain]
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000000
"DllName"=hex(2):63,72,79,70,74,33,32,2e,64,6c,6c,00
"Logoff"="ChainWlxLogoffEvent"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000000
"DllName"=hex(2):63,72,79,70,74,6e,65,74,2e,64,6c,6c,00
"Logoff"="CryptnetWlxLogoffEvent"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
"DLLName"="cscdll.dll"
"Logon"="WinlogonLogonEvent"
"Logoff"="WinlogonLogoffEvent"
"ScreenSaver"="WinlogonScreenSaverEvent"
"Startup"="WinlogonStartupEvent"
"Shutdown"="WinlogonShutdownEvent"
"StartShell"="WinlogonStartShellEvent"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000001
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
"Logoff"="WLEventLogoff"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000001
"DllName"=hex(2):73,63,6c,67,6e,74,66,79,2e,64,6c,6c,00
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
"DLLName"="WlNotify.dll"
"Lock"="SensLockEvent"
"Logon"="SensLogonEvent"
"Logoff"="SensLogoffEvent"
"Safe"=dword:00000001
"MaxWait"=dword:00000258
"StartScreenSaver"="SensStartScreenSaverEvent"
"StopScreenSaver"="SensStopScreenSaverEvent"
"Startup"="SensStartupEvent"
"Shutdown"="SensShutdownEvent"
"StartShell"="SensStartShellEvent"
"Unlock"="SensUnlockEvent"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001
---------------- Xfind Results -----------------
Der Befehl "Xfind" ist entweder falsch geschrieben oder
konnte nicht gefunden werden.
-------------- Locate.com Results ---------------
Link: defaultreg
Link: FindItNt2kXP
|
|
Startseite |
Gästebuch |
Kontakt |
Protecus.de Forum |
Virus Weltkarte
