Browser schliesst bei bestimmter Seite von alleine alle offenen Fenster

#16 Siehst du, es gibt fuer (fast)alles eine Loesung
__________
MfG Sabina

rund um die PC-Sicherheit

#17 Vielen Dank.




mfg -bLaZe-

#18 Hallo !! Bin durch die Google Suche auf Euer Forum gestoßen und find es klasse das es so ein Forum gibt... Hoffe Ihr könnt mir auch weiterhelfen. Habe das selbe Problem wie die meisten in diesen Thread. Bei mir schließt der Explorer auch immer einfach... habe mal die Log Datei kopiert... Vielleicht kann mir ja jemand helfen.... Danke schon mal...

Logfile of HijackThis v1.99.0
Scan saved at 18:42:05, on 31.01.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programme\Java\j2re1.4.2_06\bin\jusched.exe
C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe
D:\System\SpeedFan\speedfan.exe
C:\WINDOWS\system32\wscntfy.exe
d:\System\AntiVirenKit 2005\AVKWCtl.exe
C:\Programme\Gemeinsame Dateien\G DATA\AVKMail\AVKPOP.EXE
d:\System\AntiVirenKit 2005\AVKService.exe
C:\WINDOWS\System32\svchost.exe
D:\Internet\eMule\eMule.exe
D:\System\Total Commander\TOTALCMD.EXE
C:\Programme\T-Online\T-Online_Software_5\Browser\browser.exe
C:\Dokumente und Einstellungen\Marcoooh\Desktop\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\System\Adobe Acrobat REader 6\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: WebCGMHlprObj Class - {56B38F40-4E70-11d4-A076-0080AD86BA2F} - C:\WINDOWS\cgmopenbho.dll
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file)
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "D:\Brenner\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [BDSwitchAgent] D:\Antivirus\Bitdefender 7\bdswitch.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\j2re1.4.2_06\bin\jusched.exe
O4 - HKLM\..\Run: [AVK Mail Checker] "C:\Programme\Gemeinsame Dateien\G DATA\AVKMail\AVKPOP.EXE"
O4 - HKCU\..\Run: [AVKBar] "d:\System\AntiVirenKit 2005\AVKBar.exe"
O4 - Startup: SpeedFan.lnk = D:\System\SpeedFan\speedfan.exe
O8 - Extra context menu item: Alles mit FlashGet laden - D:\Internet\FlashGet\jc_all.htm
O8 - Extra context menu item: Mit FlashGet laden - D:\Internet\FlashGet\jc_link.htm
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://D:\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\MICROS~1\OFFICE11\REFIEBAR.DLL
O23 - Service: AVK Service - Unknown - d:\System\AntiVirenKit 2005\AVKService.exe
O23 - Service: AVK Wächter - Unknown - d:\System\AntiVirenKit 2005\AVKWCtl.exe
O23 - Service: bh611 - Unknown - D:\System\TIS 2000\EPC\BHROOT\BIN\NT611SVC.EXE (file missing)
O23 - Service: Bell & Howell Monitor Service - Unknown - D:\System\TIS 2000\EPC\BHROOT\BIN\monitor.exe (file missing)
O23 - Service: NVIDIA Display Driver Service - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: ONC/RPC Portmapper - Unknown - D:\System\TIS 2000\EPC\BHROOT\BIN\PORTMAP.EXE (file missing)
O23 - Service: Ulead Burning Helper - Ulead Systems, Inc. - C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe

#19 Hallo@Marcoooh

#Gehe auf diese Seite: http://www.lavasofthelp.com/submit/
kopiere folgendes Submit)
Copy and paste the full filepaths below and hit "submit", one at a time:

reinkopieren:

C:\WINDOWS\cgmopenbho.dll

Download Registry Search Tool :
http://www.billsway.com/vbspage/vbsfiles/RegSrch.zip
Doppelklick:regsrch.vbs

kopiere rein:
{56B38F40-4E70-11d4-A076-0080AD86BA2F}

Press 'OK'
warten, bis die Suche beendet ist. (Ergebnis bitte posten)

{A5366673-E8CA-11D3-9CD9-0090271D075B}

Press 'OK'
warten, bis die Suche beendet ist. (Ergebnis bitte posten)

#öffne das HijackThis-->> Button "scan" -->> Häkchen setzen -->> Button "Fix checked" -->> PC neustarten

O2 - BHO: WebCGMHlprObj Class - {56B38F40-4E70-11d4-A076-0080AD86BA2F} - C:\WINDOWS\cgmopenbho.dll
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file)

PC neustarten

Loesche:
C:\WINDOWS\cgmopenbho.dll

Download AdAware SE and install.
http://www.lavasoft.de/support/download/
laden-->Updaten-->Scannen-->PC neustarten--> noch mal scannen--> poste das log vom Scann

#ClaerProg..lade die neuste Version <1.4.0 Final
http://www.clearprog.de/downloads.php
<und saeubere den Browser.
Das Programm löscht die Surfspuren des Internet Explorers ab Version 5.0, des Netscape/Mozilla und des Opera:
- Cookies
- Verlauf
- Temporäre Internetfiles (Cache)
- die eingetragenen URLs

Please download DllCompare from here
http://www.atribune.org/downloads/DllCompare.exe
<klick: Locate.com button.
wenn der Scan beendet ist
<klick:Compare button
<klick: und erstelle das Log--->bitte posten

und poste das neue Log vom HijackThis
__________
MfG Sabina

rund um die PC-Sicherheit

#20 Hallo,

zunächst erstmal vielen Dank dafür, daß es euch gibt.

ich habe ein ähnliches Problem wie die Threadstarter. Ich wäre für Hilfe sehr dankbar. Hier ist mein HijackThis - Log.

Logfile of HijackThis v1.99.1
Scan saved at 09:33:30, on 31.03.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\Program Files\AVPersonal\AVGUARD.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVPersonal\AVWUPSRV.EXE
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\pctspk.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE
C:\Program Files\AVPersonal\AVGNT.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX75.368\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKLM\..\Run: [EPSON Stylus C64 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C64 Series" /O5 "LPT1:" /M "Stylus C64"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Camera Detector] C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE -autorun
O4 - HKLM\..\Run: [AVGCtrl] C:\Program Files\AVPersonal\AVGNT.EXE /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Cisco Systems VPN Client.lnk = C:\Program Files\Cisco Systems\VPN Client\vpngui.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697519} (NsvPlayX Control) - http://www.nullsoft.com/nsv/embed/nsvplayx_vp6_aac.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://utu.popcap.com/games/popcaploader_v6.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{689532A4-293E-4511-9C6B-266D2FA3E4A4}: NameServer = 193.49.199.1,193.49.199.3
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AVPersonal\AVGUARD.EXE
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

#21 Hallo@rft123

#öffne das HijackThis-->> Button "scan" -->> Häkchen setzen -->> Button "Fix checked" -->> PC neustarten

O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://utu.popcap.com/games/popcaploader_v6.cab

neustarten





Start<Ausfuehren<regedit

loesche mit rechtsklick, falls du diese Eintraege findest:

[HKEY_CLASSES_ROOT\CLSID\{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}]
@="PopCapLoader Object"

[HKEY_CLASSES_ROOT\CLSID\{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}\Control]

[HKEY_CLASSES_ROOT\CLSID\{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}\InprocServer32]
@="C:\\WINDOWS\\Downloaded Program Files\\CONFLICT.3\\popcaploader.dll"
"ThreadingModel"="Apartment"

[HKEY_CLASSES_ROOT\CLSID\{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}\MiscStatus]
@="0"

[HKEY_CLASSES_ROOT\CLSID\{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}\MiscStatus\1]
@="131473"

[HKEY_CLASSES_ROOT\CLSID\{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}\ProgID]
@="PopCapLoader.PopCapLoaderCtrl2.1"

[HKEY_CLASSES_ROOT\CLSID\{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}\Programmable]

[HKEY_CLASSES_ROOT\CLSID\{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}\ToolboxBitmap32]
@="C:\\WINDOWS\\Downloaded Program Files\\CONFLICT.3\\popcaploader.dll, 101"

[HKEY_CLASSES_ROOT\CLSID\{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}\TypeLib]
@="{C9C5DEAF-0A1F-4660-8279-9EDFAD6FEFE1}"

[HKEY_CLASSES_ROOT\CLSID\{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}\Version]
@="1.0"

[HKEY_CLASSES_ROOT\CLSID\{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}\VersionIndependentProgID]
@="PopCapLoader.PopCapLoaderCtrl2"

[HKEY_CLASSES_ROOT\Interface\{E4E3E0F8-CD30-4380-8CE9-B96904BDEFCA}]
@="IPopCapLoaderCtrl"

[HKEY_CLASSES_ROOT\Interface\{E4E3E0F8-CD30-4380-8CE9-B96904BDEFCA}\ProxyStubClsid]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_CLASSES_ROOT\Interface\{E4E3E0F8-CD30-4380-8CE9-B96904BDEFCA}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_CLASSES_ROOT\Interface\{E4E3E0F8-CD30-4380-8CE9-B96904BDEFCA}\TypeLib]
@="{C9C5DEAF-0A1F-4660-8279-9EDFAD6FEFE1}"
"Version"="1.0"

[HKEY_CLASSES_ROOT\Interface\{FE8A736F-4124-4D9C-B4B1-3B12381EFABE}]
@="_IPopCapLoaderCtrlEvents"

[HKEY_CLASSES_ROOT\Interface\{FE8A736F-4124-4D9C-B4B1-3B12381EFABE}\ProxyStubClsid]
@="{00020420-0000-0000-C000-000000000046}"

[HKEY_CLASSES_ROOT\Interface\{FE8A736F-4124-4D9C-B4B1-3B12381EFABE}\ProxyStubClsid32]
@="{00020420-0000-0000-C000-000000000046}"

[HKEY_CLASSES_ROOT\Interface\{FE8A736F-4124-4D9C-B4B1-3B12381EFABE}\TypeLib]
@="{C9C5DEAF-0A1F-4660-8279-9EDFAD6FEFE1}"
"Version"="1.0"

[HKEY_CLASSES_ROOT\PopCapLoader.PopCapLoaderCtrl2]
@="PopCapLoader Object"

[HKEY_CLASSES_ROOT\PopCapLoader.PopCapLoaderCtrl2\CLSID]
@="{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}"

[HKEY_CLASSES_ROOT\PopCapLoader.PopCapLoaderCtrl2\CurVer]
@="PopCapLoader.PopCapLoaderCtrl2.1"

[HKEY_CLASSES_ROOT\PopCapLoader.PopCapLoaderCtrl2.1]
@="PopCapLoader Object"

[HKEY_CLASSES_ROOT\PopCapLoader.PopCapLoaderCtrl2.1\CLSID]
@="{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}"

[HKEY_CLASSES_ROOT\TypeLib\{C9C5DEAF-0A1F-4660-8279-9EDFAD6FEFE1}]

[HKEY_CLASSES_ROOT\TypeLib\{C9C5DEAF-0A1F-4660-8279-9EDFAD6FEFE1}\1.0]
@="POPCAPLOADERLib"

[HKEY_CLASSES_ROOT\TypeLib\{C9C5DEAF-0A1F-4660-8279-9EDFAD6FEFE1}\1.0\0]

[HKEY_CLASSES_ROOT\TypeLib\{C9C5DEAF-0A1F-4660-8279-9EDFAD6FEFE1}\1.0\0\win32]
@="C:\\WINDOWS\\Downloaded Program Files\\CONFLICT.3\\popcaploader.dll"

[HKEY_CLASSES_ROOT\TypeLib\{C9C5DEAF-0A1F-4660-8279-9EDFAD6FEFE1}\1.0\FLAGS]
@="0"

[HKEY_CLASSES_ROOT\TypeLib\{C9C5DEAF-0A1F-4660-8279-9EDFAD6FEFE1}\1.0\HELPDIR]
@="C:\\WINDOWS\\Downloaded Program Files\\CONFLICT.3\\"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/CONFLICT.1/popcaploader.dll]
".Owner"="{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}"
"{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/CONFLICT.2/popcaploader.dll]
".Owner"="{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}"
"{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/CONFLICT.3/popcaploader.dll]
".Owner"="{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}"
"{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/popcaploader.dll]
".Owner"="{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}"
"{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}"=""

neustarten

loeschen:
C:\WINDOWS\Downloaded Program Files\CONFLICT.2\popcaploader.dll
C:\WINDOWS\Downloaded Program Files\CONFLICT.3\popcaploader.dll
C:\WINDOWS\Downloaded Program Files\popcaploader.dll

•/Ad-aware Standard Edition (free)
http://www.lavasoftusa.com/german/software/adaware/
http://www.lavasoft.de/support/download/
VOR jedem Scanvorgang das Programm Updaten!
waehrend des Scanvorganges müssen ALLE sonstige
Anwendungen beendet werden und alle Browserfenster müssen
geschlossen sein!
__________
MfG Sabina

rund um die PC-Sicherheit

#22 Hallo Sabina,

vielen Dank, daß Du Dich meiner annimmst. Ich habe Schritt für Schritt Deine Empfehlungen befolgt. Allerdings besteht das Problem weiter (es ist für bestimmte Internetseiten zu 100% reproduzierbar, zB ein bestimmter Artikel auf www.spiegel.de.

In der Registry habe ich nur einige der Einträge gefunden, die Du erwähntest. Nicht gefunden habe ich die Einträge
[HKEY_CLASSES_ROOT\CLSID\{DF780F87-FF2B- usw.
[HKEY_CLASSES_ROOT\Interface\{FE8A736F-4124- usw.
[HKEY_CLASSES_ROOT\PopCapLoader.PopCapLoaderCtrl2] usw.
[HKEY_CLASSES_ROOT\TypeLib\{C9C5DEAF-0A1F usw.

gefunden habe ich dagegen die anderen. Diese habe ich gelöscht. Ich habe mit der Suchfunktion nach popcap gesucht und einen weiteren Eintrag gefunden, den ich ebenfalls gelöscht habe.

Die folgenden Dateien habe ich nicht gefunden. Ich hatte aber zuvor sämtliche History und Temp-Dateien gelöscht.

C:\WINDOWS\Downloaded Program Files\CONFLICT.2\popcaploader.dll
C:\WINDOWS\Downloaded Program Files\CONFLICT.3\popcaploader.dll
C:\WINDOWS\Downloaded Program Files\popcaploader.dll

Adaware hat folgendes Log ausgegeben:

Ad-Aware SE Build 1.05
Logfile Created ononnerstag, 31. März 2005 11:32:50
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R34 23.03.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
MRU List(TAC index:0):32 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects


31.03.2005 11:32:50 - Scan started. (Smart mode)

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 744
ThreadCreationTime : 31.03.2005 09:18:33
BasePriority : Normal


#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 832
ThreadCreationTime : 31.03.2005 09:18:40
BasePriority : Normal


#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 856
ThreadCreationTime : 31.03.2005 09:18:41
BasePriority : High


#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 900
ThreadCreationTime : 31.03.2005 09:18:41
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe

#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 912
ThreadCreationTime : 31.03.2005 09:18:41
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1068
ThreadCreationTime : 31.03.2005 09:18:41
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1184
ThreadCreationTime : 31.03.2005 09:18:42
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1268
ThreadCreationTime : 31.03.2005 09:18:42
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1320
ThreadCreationTime : 31.03.2005 09:18:42
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:10 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1528
ThreadCreationTime : 31.03.2005 09:18:42
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:11 [brsvc01a.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1656
ThreadCreationTime : 31.03.2005 09:18:42
BasePriority : Normal
FileVersion : 1, 0, 0, 2
ProductVersion : 1, 0, 0, 2
ProductName : brother Industries Ltd brsvc01a
CompanyName : brother Industries Ltd
FileDescription : brsvc01a
InternalName : brsvc01a
LegalCopyright : Copyright © Brother Industries, Ltd 2001
OriginalFilename : brsvc01a.exe

#:12 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1672
ThreadCreationTime : 31.03.2005 09:18:42
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:13 [brss01a.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1688
ThreadCreationTime : 31.03.2005 09:18:42
BasePriority : Normal
FileVersion : 1.004
ProductVersion : 1, 0, 0, 4
ProductName : brother Industries Ltd brss01a.exe
CompanyName : brother Industries Ltd
FileDescription : brss01a.exe
InternalName : brss01a.exe
LegalCopyright : Copyright ? 2001
OriginalFilename : brss01a.exe
Comments : Brsplproc XP wrapper

#:14 [avguard.exe]
FilePath : C:\Program Files\AVPersonal\
ProcessID : 1960
ThreadCreationTime : 31.03.2005 09:18:49
BasePriority : Normal


#:15 [avwupsrv.exe]
FilePath : C:\Program Files\AVPersonal\
ProcessID : 1972
ThreadCreationTime : 31.03.2005 09:18:49
BasePriority : Normal


#:16 [cvpnd.exe]
FilePath : C:\Program Files\Cisco Systems\VPN Client\
ProcessID : 1992
ThreadCreationTime : 31.03.2005 09:18:49
BasePriority : Normal
FileVersion : 4.6.00.0045
ProductVersion : 4.6.00.0045
ProductName : Cisco Systems VPN Client
CompanyName : Cisco Systems, Inc.
FileDescription : Cisco Systems VPN Client
InternalName : cvpnd
LegalCopyright : Copyright © 1998-2004 Cisco Systems, Inc.
OriginalFilename : CVPND.EXE

#:17 [nvsvc32.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2036
ThreadCreationTime : 31.03.2005 09:18:49
BasePriority : Normal
FileVersion : 6.13.10.3220
ProductVersion : 6.13.10.3220
ProductName : NVIDIA Driver Helper Service, Version 32.20
CompanyName : NVIDIA Corporation
FileDescription : NVIDIA Driver Helper Service, Version 32.20
InternalName : NVSVC
LegalCopyright : (c) NVIDIA Corporation. All rights reserved.
OriginalFilename : nvsvc32.exe

#:18 [wdfmgr.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 400
ThreadCreationTime : 31.03.2005 09:18:57
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: dnsrv(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe

#:19 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 1128
ThreadCreationTime : 31.03.2005 09:19:01
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE

#:20 [pctspk.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1336
ThreadCreationTime : 31.03.2005 09:19:02
BasePriority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : pctvoice Application
FileDescription : pctvoice MFC Application
InternalName : pctvoice
LegalCopyright : Copyright (C) 2001
OriginalFilename : pctvoice.EXE

#:21 [syntplpr.exe]
FilePath : C:\Program Files\Synaptics\SynTP\
ProcessID : 1348
ThreadCreationTime : 31.03.2005 09:19:02
BasePriority : Normal
FileVersion : 7.0.5 25Oct02
ProductVersion : 7.0.5 25Oct02
ProductName : Progressive Touch
CompanyName : Synaptics, Inc.
FileDescription : TouchPad Driver Helper Application
InternalName : SynTPLpr
LegalCopyright : Copyright (C) Synaptics, Inc. 1996-2002
OriginalFilename : SynTPLpr.exe

#:22 [syntpenh.exe]
FilePath : C:\Program Files\Synaptics\SynTP\
ProcessID : 1360
ThreadCreationTime : 31.03.2005 09:19:02
BasePriority : Normal
FileVersion : 7.0.5 25Oct02
ProductVersion : 7.0.5 25Oct02
ProductName : Progressive Touch
CompanyName : Synaptics, Inc.
FileDescription : Synaptics TouchPad Enhancements
InternalName : Scrolleroo
LegalCopyright : Copyright (C) Synaptics, Inc. 1996-2002
OriginalFilename : SynTPEnh.exe

#:23 [jusched.exe]
FilePath : C:\Program Files\Java\j2re1.4.2_05\bin\
ProcessID : 1396
ThreadCreationTime : 31.03.2005 09:19:02
BasePriority : Normal


#:24 [e_s10ic2.exe]
FilePath : C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\
ProcessID : 1456
ThreadCreationTime : 31.03.2005 09:19:02
BasePriority : Normal
FileVersion : 3.08
ProductVersion : 3.08
ProductName : EPSON Status Monitor 3
CompanyName : SEIKO EPSON CORPORATION
FileDescription : EPSON Status Monitor 3
InternalName : E_S10IC2
LegalCopyright : Copyright (C) SEIKO EPSON CORP. 2003
OriginalFilename : E_S10IC2.EXE

#:25 [qttask.exe]
FilePath : C:\Program Files\QuickTime\
ProcessID : 1460
ThreadCreationTime : 31.03.2005 09:19:02
BasePriority : Normal
FileVersion : 6.5.1
ProductVersion : QuickTime 6.5.1
ProductName : QuickTime
CompanyName : Apple Computer, Inc.
InternalName : QuickTime Task
LegalCopyright : © Apple Computer, Inc. 2001-2004
OriginalFilename : QTTask.exe

#:26 [devdet~1.exe]
FilePath : C:\PROGRA~1\ACDSYS~1\DEVDET~1\
ProcessID : 1472
ThreadCreationTime : 31.03.2005 09:19:02
BasePriority : Normal
FileVersion : 1, 3, 2, 1
ProductVersion : 1, 3, 2, 1
ProductName : Device Detector
CompanyName : ACD Systems, Ltd.
FileDescription : Device Detector
InternalName : DevDetect
LegalCopyright : Copyright © 2002
OriginalFilename : DevDetect.exe

#:27 [avgnt.exe]
FilePath : C:\Program Files\AVPersonal\
ProcessID : 1496
ThreadCreationTime : 31.03.2005 09:19:02
BasePriority : Normal


#:28 [ctfmon.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1504
ThreadCreationTime : 31.03.2005 09:19:02
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE

#:29 [alg.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 2148
ThreadCreationTime : 31.03.2005 09:20:17
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe

#:30 [firefox.exe]
FilePath : C:\Program Files\Mozilla Firefox\
ProcessID : 2860
ThreadCreationTime : 31.03.2005 09:23:05
BasePriority : Normal


#:31 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\
ProcessID : 3572
ThreadCreationTime : 31.03.2005 09:32:34
BasePriority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0



Deep scanning and examining files...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0

Disk Scan Result for C:\WINDOWS\system32
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0

Disk Scan Result for C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 0



MRU List Object Recognized!
Location: : S-1-5-21-57989841-507921405-1060284298-500\software\microsoft\windows\currentversion\applets\wordpad\recent file list
Description : list of recent files opened using wordpad


MRU List Object Recognized!
Location: : S-1-5-21-57989841-507921405-1060284298-500\software\microsoft\windows\currentversion\explorer\runmru
Description : mru list for items opened in start | run


MRU List Object Recognized!
Location: : S-1-5-21-57989841-507921405-1060284298-500\software\microsoft\search assistant\acmru
Description : list of recent search terms used with the search assistant


MRU List Object Recognized!
Location: : S-1-5-21-57989841-507921405-1060284298-500\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension


MRU List Object Recognized!
Location: : S-1-5-21-57989841-507921405-1060284298-500\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened


MRU List Object Recognized!
Location: : S-1-5-21-57989841-507921405-1060284298-500\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened


MRU List Object Recognized!
Location: : S-1-5-21-57989841-507921405-1060284298-500\software\microsoft\office\11.0\common\open find\microsoft office word\settings\open\file name mru
Description : list of recent documents opened by microsoft word


MRU List Object Recognized!
Location: : S-1-5-21-57989841-507921405-1060284298-500\software\microsoft\office\11.0\powerpoint\recent file list
Description : list of recent files used by microsoft powerpoint


MRU List Object Recognized!
Location: : S-1-5-21-57989841-507921405-1060284298-500\software\microsoft\office\11.0\common\open find\microsoft office word\settings\save as\file name mru
Description : list of recent documents saved by microsoft word


MRU List Object Recognized!
Location: : S-1-5-21-57989841-507921405-1060284298-500\software\realnetworks\realplayer\6.0\preferences
Description : list of recent skins in realplayer


MRU List Object Recognized!
Location: : S-1-5-21-57989841-507921405-1060284298-500\software\microsoft\internet explorer
Description : last download directory used in microsoft internet explorer


MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw


MRU List Object Recognized!
Location: : S-1-5-21-57989841-507921405-1060284298-500\software\microsoft\microsoft management console\recent file list
Description : list of recent snap-ins used in the microsoft management console


MRU List Object Recognized!
Location: : S-1-5-21-57989841-507921405-1060284298-500\software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer


MRU List Object Recognized!
Location: : S-1-5-21-57989841-507921405-1060284298-500\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput


MRU List Object Recognized!
Location: : S-1-5-21-57989841-507921405-1060284298-500\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d


MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d


MRU List Object Recognized!
Location: : S-1-5-21-57989841-507921405-1060284298-500\software\microsoft\mediaplayer\preferences
Description : last playlist index loaded in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-57989841-507921405-1060284298-500\software\realnetworks\realplayer\6.0\preferences
Description : list of recent clips in realplayer


MRU List Object Recognized!
Location: : S-1-5-21-57989841-507921405-1060284298-500\software\microsoft\windows\currentversion\applets\regedit
Description : last key accessed using the microsoft registry editor


MRU List Object Recognized!
Location: : S-1-5-21-57989841-507921405-1060284298-500\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput


MRU List Object Recognized!
Location: : S-1-5-21-57989841-507921405-1060284298-500\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-57989841-507921405-1060284298-500\software\realnetworks\realplayer\6.0\preferences
Description : last login time in realplayer


MRU List Object Recognized!
Location: : S-1-5-21-57989841-507921405-1060284298-500\software\microsoft\office\11.0\common\general
Description : list of recently used symbols in microsoft office


MRU List Object Recognized!
Location: : S-1-5-21-57989841-507921405-1060284298-500\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X


MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X


MRU List Object Recognized!
Location: : S-1-5-21-57989841-507921405-1060284298-500\software\winrar\dialogedithistory\extrpath
Description : winrar "extract-to" history


MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows media\wmsdk\general
Description : windows media sdk


MRU List Object Recognized!
Location: : S-1-5-18\software\microsoft\windows media\wmsdk\general
Description : windows media sdk


MRU List Object Recognized!
Location: : S-1-5-21-57989841-507921405-1060284298-500\software\microsoft\windows media\wmsdk\general
Description : windows media sdk


MRU List Object Recognized!
Location: : C:\Documents and Settings\Administrator\Application Data\microsoft\office\recent
Description : list of recently opened documents using microsoft office


MRU List Object Recognized!
Location: : C:\Documents and Settings\Administrator\recent
Description : list of recently opened documents



Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 32

11:34:13 Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:01:22.428
Objects scanned:60946
Objects identified:0
Objects ignored:0
New critical objects:0

#23 die Browser-Abstuerze geschehen mit dem IE oder dem Firefox?

Kennen Sie die IP oder die Domäne '193.49.199.1,193.49.199.3'??????????????
O17 - HKLM\System\CCS\Services\Tcpip\..\{689532A4-293E-4511-9C6B-266D2FA3E4A4}: NameServer = 193.49.199.1,193.49.199.3
__________
MfG Sabina

rund um die PC-Sicherheit

#24 Die Browser Abstürze geschehen mit Firefox.

Die IPs kenne ich, das sind die DNS (1. und 2.) einer Bibliothek in Paris in der ich manchmal bin.

#25 NameServer = 193.49.199.1,193.49.199.3
--> muesste deine
zugewiesenen IP Adresse sein , also nicht irgendweine Bibliothek, es sei denn , du sitzt im Momet dort und hast Anschluss ans Internet.

Deinstalliere den Firefox und lade ihn neu.
__________
MfG Sabina

rund um die PC-Sicherheit

#26 So ist es, ich schreibe Dir gerade aus dieser Bibliothek. Ich muß die oben genannte IP eingeben, damit das internet erreichbar ist.

Ich habe Firefox deinstalliert und jetzt version 1.0.2 neu installiert. Ich habe auch den Computer neu gestartet. Das Problem besteht aber weiterhin. Das was mich wundert, ist daß es nur bestimmte Seiten sind. ZB: ist es unmöglich die Seite http://www.spiegel.de/wirtschaft/0,1518,343380,00.html mehr als eine halbe sekunde angezeigt zu bekommen, kaum klicke ich auf diesen Link schließen alle Fenster von Firefox.

#27 ich sags ja nicht gern, aber ich bin ueberfragt, zumal es eine Seite ist, die man wunderbar ansurfen kann (ich jedenfalls)

Es gibt Seiten und Scripts, die einen Browser zum Absturz bringen koennen, wobei ich aber nicht denke, dass das bei der Spiegelseite der Fall ist

Surfe also mit dem IE und falls du es doch mal rausfindest, woran es lag, lasse es mich bitte wissen.
__________
MfG Sabina

rund um die PC-Sicherheit

#28 Danke für Deine Bemühungen und für Dein Engagement. Da es nicht allzuviele Seiten sind, werde ich einfach andere Seiten lesen, ich habe keine Lust Windows neu zu installieren...


Gruß
rft

P.S.: Schade ich hätte doch gern gewusst was nun mit den Golfbällen ist...

#29 Also damit hatte ich gar nicht gerechnet vielen Dank nochmal.

Gruß aus Paris
rtf


Update: das Problem besteht auch bei IE.

#30 Hallo,
bin über ne Google Suche auf die Site hier gestoßen.
Benutze Firefox und ich manchmal passierts einfach, dass sich der komplett schließt. Er macht einfach so alle Fenster zu. Das liegt nicht an bestimmten Seiten, mal macht er es und mal macht er es einfach nicht.
Bitte daher einfach mal um Prüfung meines HijackThis Logs wenns geht ^_~

Logfile of HijackThis v1.99.1
Scan saved at 15:28:48, on 08.04.2005
Platform: Windows 2000 SP2 (WinNT 5.00.2195)
MSIE: Internet Explorer v5.00 SP2 (5.00.2920.0000)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
D:\Anti Viren Kit\AVKService.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\System32\nvsvc32.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
D:\Virtual CD\System\vcdsecs.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\Programme\Microsoft IntelliPoint\point32.exe
C:\WINNT\System32\rundll32.exe
D:\Anti Viren Kit\Firewall\KAVPF.exe
D:\Microsoft Office\Office\WINWORD.EXE
D:\Miranda IM\miranda32.exe
D:\Winamp 5\winamp.exe
D:\Firefox\firefox.exe
C:\Programme\BitTorrent\btdownloadgui.exe
J:\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = file://H:\DOKUME~1\Turtle\LOKALE~1\Temp\sp.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = file://H:\DOKUME~1\Turtle\LOKALE~1\Temp\sp.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = file://H:\DOKUME~1\Turtle\LOKALE~1\Temp\sp.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = file://H:\DOKUME~1\Turtle\LOKALE~1\Temp\sp.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = H:\WINNT\System32\blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 4000:80
F2 - REG:system.ini: UserInit=C:\WINNT\system32\userinit.exe,H:\WINNT\system32\userinit.exe,
O2 - BHO: EMES X Class - {000000DA-0786-4633-87C6-1AA7A4429EF1} - H:\WINNT\System32\emesx.dll (file missing)
O2 - BHO: DAPHelper Class - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - D:\DAP\DAPBHO.dll
O2 - BHO: Poly HTML Filter BHO - {0140DF95-9128-4053-AE72-F43F0CFCA062} - C:\WINNT\system32\SiKernel.dll
O2 - BHO: SIPAKBHO Class - {40FB69E1-9B7B-453F-B238-37D8E9528929} - D:\Anti Viren Kit\Webfilter\PAKIEPlugins.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\SPYBOT~1\SDHelper.dll
O2 - BHO: WebSpeechBHO Class - {83A30C59-3A50-49E6-9DAF-4923C4EA3C23} - H:\Programme\Gemeinsame Dateien\WebSpeech.4.0\LgxIEBar.dll (file missing)
O2 - BHO: (no name) - {83DE62E0-5805-11D8-9B25-00E04C60FAF2} - H:\WINNT\2_0_1browserhelper2.dll (file missing)
O2 - BHO: Offliner AdFilter Helper - {DC9377A2-2E8D-44A1-99DB-F8A821DF254D} - C:\WINNT\system32\SiPlugins.dll
O3 - Toolbar: @msdxmLC.dll,-1@1031,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: WebFilter-Leiste - {75CD0BC5-E317-449C-9FF6-4986B3D48F64} - D:\ANTIVI~1\WEBFIL~1\PAKIEGUI.dll
O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - D:\DAP\DAPIEBar.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [LWBMOUSE] C:\Programme\Browser Mouse\Browser Mouse\1.0\lwbwheel.exe
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "D:\CloneCD Neu\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [ElbyCheckElbyCDFL] "d:\clone cd\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [IntelliPoint] "C:\Programme\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [AVK Mail Checker] "D:\Anti Viren Kit\AVKPOP.EXE"
O4 - HKLM\..\Run: [iTunesHelper] D:\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\RunOnce: [InstallShieldSetup] C:\PROGRA~1\GEMEIN~1\INSTAL~1\Driver\8\INTEL3~1\IDriver.exe /reboot{3CB41017-F5CA-4C56-934C-ED02156251E6} /z
O4 - HKCU\..\Run: [FreeMem Pro] "H:\Dokumente und Einstellungen\Turtle\Desktop\FMem.exe" Startup
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "D:\POPUPS~1\PSFREE.EXE"
O8 - Extra context menu item: &Download with &DAP - D:\DAP\dapextie.htm
O8 - Extra context menu item: Add selected links to Link Container - D:\ANTIVI~1\WEBFIL~1\System\Scripts\off_collector_sel.htm
O8 - Extra context menu item: Download &all with DAP - D:\DAP\dapextie2.htm
O8 - Extra context menu item: Show domain links - D:\ANTIVI~1\WEBFIL~1\System\Scripts\off_domain_links.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNT\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNT\System32\msjava.dll
O9 - Extra button: WebSpeech - {1CE4DE72-7FCC-4eb8-8F66-AE6A56A0A54D} - H:\Programme\Gemeinsame Dateien\WebSpeech.4.0\LgxIEBar.dll (file missing)
O9 - Extra 'Tools' menuitem: Seite/Markierung vorlesen (WebSpeech) - {1CE4DE72-7FCC-4eb8-8F66-AE6A56A0A54D} - H:\Programme\Gemeinsame Dateien\WebSpeech.4.0\LgxIEBar.dll (file missing)
O9 - Extra button: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - D:\Programme\ICQ 2001b\ICQ.EXE (file missing)
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - D:\Programme\ICQ 2001b\ICQ.EXE (file missing)
O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - D:\DAP\DAP.EXE
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O14 - IERESET.INF: SEARCH_PAGE_URL=
O14 - IERESET.INF: START_PAGE_URL=
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windupdates.com/get_file.php?bt=ie&p=d5ce257857a083868c1f4672b0407c8b9379fe5496c0e7d74dd5b79e931ad6d6d9b0f3669e53e51b8fba848fa8088c3fc64cb0edfedca287d6c4c1b056f368:c05c8ac2b23f939ff11a0351cafa03db
O16 - DPF: {E0B795B4-FD95-4ABD-A375-27962EFCE8CF} - http://install.stardialer.de/StarInstall.ocx
O23 - Service: AVK Service (AVKService) - Unknown owner - D:\Anti Viren Kit\AVKService.exe
O23 - Service: Antivirus Wächter (AVKWCtl) - Unknown owner - D:\AVK\AVKWCtl.exe (file missing)
O23 - Service: Creative Service for CDROM Access - Unknown owner - H:\WINNT\System32\CTSvcCDA.exe (file missing)
O23 - Service: Verwaltungsdienst für die Verwaltung logischer Datenträger (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: NetMeeting-Remotedesktop-Freigabe (mnmsrvc) - Unknown owner - H:\WINNT\System32\mnmsrvc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\System32\nvsvc32.exe
O23 - Service: Steganos Live Encryption Engine (Version 401) [Service] (SLEE_401_SERVICE) - Unknown owner - H:\WINNT\System32\SLEE401.exe (file missing)
O23 - Service: Virtual CD v4 Security service (VCDSecS) - H+H Software GmbH - D:\Virtual CD\System\vcdsecs.exe