Bei internet verbindung schaltet sich norton komplett ab |
||
---|---|---|
#0
| ||
29.06.2004, 14:47
...neu hier
Beiträge: 4 |
||
|
||
30.06.2004, 15:31
Ehrenmitglied
Beiträge: 29434 |
#2
Deinstalliere Web P2P Installer ..ist voller Spyware ! und lade Kazaa lite
Fixe mit dem HijackThis R1 - HKCU\Software\Microsoft\Internet Explorer,SearchAssistant = http://www.008i.com/search.html R1 - HKCU\Software\Microsoft\Internet Explorer,CustomizeSearch = http://www.008i.com/search.html R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.008i.com/search.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.008i.com/search.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.008i.com/search.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.008i.com/search.html R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.008i.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.008i.com/search.html F0 - system.ini: Shell= 2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe, O4 - HKLM\..\Run: [P2P Networking2] C:\WINDOWS\System32\P2P Networking\P2P Networking2.exe /AUTOSTART O9 - Extra button: Klicke hier um das Projekt xp-AntiSpy zu unterstützen - {E6408250-3F54-4FAF-BB1C-6BC0D77A1D51} - C:\Programme\xp-AntiSpy\sponsoring\sponsor.html (file missing) (HKCU) O9 - Extra 'Tools' menuitem: Unterstützung für xp-AntiSpy - {E6408250-3F54-4FAF-BB1C-6BC0D77A1D51} - C:\Programme\xp-AntiSpy\sponsoring\sponsor.html (file missing) (HKCU) O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file) O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) - O10 - Broken Internet access because of LSP provider 'xfire_lsp.dll' missing neustarten Gehe in den abgesicherten Modus...F8 beim Booten druecken und scanne dort mit dem escan (mwav.exe) neustarten #Deinstalliere den Norton und installiere neu #mache einen Onlinescann http://de.trendmicro-europe.com/enterprise/products/housecall_pre.php #Lade Cwhredder http://www.spywareinfo.com/~merijn/downloads.html #Lade Sp http://www.rokop-security.de/main/article.php?sid=746 #Lade AdAware free http://www.lavasoft.de/support/download/ #lade Spybot http://www.safer-networking.org/index.php?page=download〈=de #Lade Spysweeper free http://www.spysweeper.com/ MfG Sabina __________ MfG Sabina rund um die PC-Sicherheit Dieser Beitrag wurde am 30.06.2004 um 15:34 Uhr von Sabina editiert.
|
|
|
||
30.06.2004, 22:10
...neu hier
Themenstarter Beiträge: 4 |
#3
ah,danke,werd es gleich versuchen
mfg |
|
|
ich hab vor ungefähr 2 tage c defragmentieren lassen,kann es damit zusammenhängen???
hier das log dazu:
Logfile of HijackThis v1.98.0
Scan saved at 16:03:44, on 29.06.2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe
C:\Programme\Norton Internet Security Professional\NISUM.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\System32\LXSUPMON.EXE
C:\WINDOWS\System32\MMTray.exe
C:\WINDOWS\System32\MMTray2k.exe
C:\WINDOWS\System32\MMTrayLSI.exe
C:\Programme\Winamp3\winampa.exe
C:\Programme\QuickTime\qttask.exe
C:\Programme\T-Online\T-Online_Software_5\Basis-Software\Basis2\kernel.exe
C:\Programme\T-Online\T-Online_Software_5\Basis-Software\Basis2\sc_watch.exe
C:\PROGRA~1\T-Online\T-ONLI~1\BASIS-~1\Basis2\PROFIL~1.EXE
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\Programme\Norton Internet Security Professional\ccPxySvc.exe
C:\Programme\Norton AntiVirus\navapsvc.exe
C:\Programme\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\P2P Networking\P2P Networking2.exe
C:\Programme\ICQ\ICQ.exe
C:\PROGRAMME\T-ONLINE\T-ONLINE_SOFTWARE_5\BROWSER\BROWSER.EXE
C:\Programme\Gemeinsame Dateien\Symantec Shared\NMAIN.EXE
C:\Eigene Dateien\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchAssistant = http://www.008i.com/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer,CustomizeSearch = http://www.008i.com/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.008i.com/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.008i.com/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.008i.com/search.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.t-online.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.008i.com/search.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.008i.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.008i.com/search.html
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://cf.icq.com/cf/2003/lost_password.html
F0 - system.ini: Shell=
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programme\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programme\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\System32\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [MMTray] MMTray.exe
O4 - HKLM\..\Run: [MMTray2K] MMTray2k.exe
O4 - HKLM\..\Run: [MMTrayLSI] MMTrayLSI.exe
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [Mirabilis ICQ] C:\Programme\ICQ\NDetect.exe
O4 - HKLM\..\Run: [P2P Networking2] C:\WINDOWS\System32\P2P Networking\P2P Networking2.exe /AUTOSTART
O4 - HKLM\..\Run: [AltnetPointsManager] c:\program files\altnet\points manager\points manager.exe -s
O4 - HKLM\..\Run: [mwavscan] "C:\DOKUME~1\apexted\LOKALE~1\Temp\mwavscan.com" /s
O8 - Extra context menu item: Download with GetRight - C:\Programme\GetRight\GRdownload.htm
O8 - Extra context menu item: Open with GetRight Browser - C:\Programme\GetRight\GRbrowse.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Programme\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Programme\ICQ\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\MSMSGS.EXE (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\MSMSGS.EXE (file missing)
O9 - Extra button: Klicke hier um das Projekt xp-AntiSpy zu unterstützen - {E6408250-3F54-4FAF-BB1C-6BC0D77A1D51} - C:\Programme\xp-AntiSpy\sponsoring\sponsor.html (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Unterstützung für xp-AntiSpy - {E6408250-3F54-4FAF-BB1C-6BC0D77A1D51} - C:\Programme\xp-AntiSpy\sponsoring\sponsor.html (file missing) (HKCU)
O10 - Broken Internet access because of LSP provider 'xfire_lsp.dll' missing
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://www.ea.com/downloads/rtpatch/EARTPX.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/activedata/SymAData.cab
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/techsupp/activedata/ActiveData.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{AA235732-78F7-4525-81BF-FAEB61BC435F}: NameServer = 217.237.151.225 194.25.2.129