Netscape installiert sich bei Firefox-Start - HiJackThis-Log inside |
||
---|---|---|
#0
| ||
02.01.2005, 19:46
Member
Beiträge: 117 |
||
|
||
04.01.2005, 12:20
Ehrenmitglied
Beiträge: 29434 |
#2
Hallo@smirni
Falls du vorhast, den PC ohne SicherheitsUpdates 2 Monate in andere Haende zu geben, richte dich darauf ein, dass es Probleme geben wird..... Installiere SP1 oder SP2 (nur mit gueltiger XP-cdkey moeglich) #Patches, Service Packs und Tools (XP) http://www.rz.uni-freiburg.de/pc/sys/winxp/index.php dann poste mir folgendes Log: #Ad-aware SE Personal 1.05 Updated http://fileforum.betanews.com/detail/965718306/1 Benachrichtige mich bitte, denn im Moment wird das Forum umgestellt und ich bekomme keine automatischen Benachrichtigungen, wenn was gepostet wird. __________ MfG Sabina rund um die PC-Sicherheit Dieser Beitrag wurde am 04.01.2005 um 12:20 Uhr von Sabina editiert.
|
|
|
||
04.01.2005, 12:55
Member
Beiträge: 1132 |
#3
Hallo smirni,
Zitat PS: Gibt es vielleicht irgendwo eine kleine Anleitung wie ich meine Logs selbst "verstehen" kann und die richtigen Sachen fixe? Schau mal hier nach: http://www.trojaner-info.de/anleitungen/hijackthis/htlogtutorial.html Gruß Heron __________ "Die Welt ist groß, weil der Kopf so klein" Wilhelm Busch |
|
|
||
04.01.2005, 13:37
Member
Themenstarter Beiträge: 117 |
#4
@Heron
Danke, werde ich bei Gelegenheit checken @Sabina Danke! SP1 ist jetzt installiert (unter SP2 lief er im Schneckentempo) Hier der AdAware Log... Ad-Aware SE Build 1.05 Logfile Created onienstag, 4. Januar 2005 13:30:20 Created with Ad-Aware SE Personal, free for private use. Using definitions file:SE1R24 29.12.2004 »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» References detected during the scan: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» MRU List(TAC index:0):12 total references »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Ad-Aware SE Settings =========================== Set : Search for negligible risk entries Set : Safe mode (always request confirmation) Set : Scan active processes Set : Scan registry Set : Deep-scan registry Set : Scan my IE Favorites for banned URLs Set : Scan my Hosts file Extended Ad-Aware SE Settings =========================== Set : Unload recognized processes & modules during scan Set : Scan registry for all users instead of current user only Set : Always try to unload modules before deletion Set : During removal, unload Explorer and IE if necessary Set : Let Windows remove files in use at next reboot Set : Delete quarantined objects after restoring Set : Include basic Ad-Aware settings in log file Set : Include additional Ad-Aware settings in log file Set : Include reference summary in log file Set : Include alternate data stream details in log file Set : Play sound at scan completion if scan locates critical objects 04.01.2005 13:30:20 - Scan started. (Smart mode) Listing running processes »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» #:1 [smss.exe] FilePath : \SystemRoot\System32\ ProcessID : 424 ThreadCreationTime : 04.01.2005 12:26:55 BasePriority : Normal #:2 [csrss.exe] FilePath : \??\C:\WINDOWS\system32\ ProcessID : 488 ThreadCreationTime : 04.01.2005 12:27:03 BasePriority : Normal #:3 [winlogon.exe] FilePath : \??\C:\WINDOWS\system32\ ProcessID : 516 ThreadCreationTime : 04.01.2005 12:27:10 BasePriority : High #:4 [services.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 568 ThreadCreationTime : 04.01.2005 12:27:20 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Betriebssystem Microsoft® Windows® CompanyName : Microsoft Corporation FileDescription : Anwendung für Dienste und Controller InternalName : services.exe LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten. OriginalFilename : services.exe #:5 [lsass.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 580 ThreadCreationTime : 04.01.2005 12:27:20 BasePriority : Normal FileVersion : 5.1.2600.1106 (xpsp1.020828-1920) ProductVersion : 5.1.2600.1106 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : LSA Shell (Export Version) InternalName : lsass.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : lsass.exe #:6 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 768 ThreadCreationTime : 04.01.2005 12:27:31 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:7 [svchost.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 812 ThreadCreationTime : 04.01.2005 12:27:33 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:8 [svchost.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 940 ThreadCreationTime : 04.01.2005 12:27:38 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:9 [svchost.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 980 ThreadCreationTime : 04.01.2005 12:27:39 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:10 [spoolsv.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1256 ThreadCreationTime : 04.01.2005 12:27:48 BasePriority : Normal FileVersion : 5.1.2600.0 (XPClient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Spooler SubSystem App InternalName : spoolsv.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : spoolsv.exe #:11 [cdac11ba.exe] FilePath : C:\WINDOWS\System32\drivers\ ProcessID : 1356 ThreadCreationTime : 04.01.2005 12:27:50 BasePriority : Normal FileVersion : 4.20.020 ProductVersion : 4.20.020 Windows NT 2002/12/10 ProductName : SafeCast Windows NT CompanyName : Macrovision FileDescription : Macrovision RTS Service InternalName : CDANTSRV LegalCopyright : Copyright (c) 1998-2002 Macrovision Corp. OriginalFilename : CDANTSRV.EXE Comments : StringFileInfo: U.S. English #:12 [ccevtmgr.exe] FilePath : C:\Programme\Gemeinsame Dateien\Symantec Shared\ ProcessID : 1380 ThreadCreationTime : 04.01.2005 12:27:50 BasePriority : Normal FileVersion : 1.03.4 ProductVersion : 1.03.4 ProductName : Event Manager CompanyName : Symantec Corporation FileDescription : Event Manager Service InternalName : ccEvtMgr LegalCopyright : Copyright (c) 2000-2002 Symantec Corporation. All rights reserved. OriginalFilename : ccEvtMgr.exe #:13 [navapsvc.exe] FilePath : C:\Programme\Norton AntiVirus\ ProcessID : 1460 ThreadCreationTime : 04.01.2005 12:27:53 BasePriority : Normal FileVersion : 9.05.1015 ProductVersion : 9.05.1015 ProductName : Norton AntiVirus CompanyName : Symantec Corporation FileDescription : Norton AntiVirus Auto-Protect Service InternalName : NAVAPSVC LegalCopyright : Copyright (c) 2000-2002 Symantec Corporation. All rights reserved. OriginalFilename : NAVAPSVC.EXE #:14 [nisum.exe] FilePath : C:\Programme\Norton Internet Security\ ProcessID : 1500 ThreadCreationTime : 04.01.2005 12:27:54 BasePriority : Normal FileVersion : 6.00.2036 ProductVersion : 6.00.2036 ProductName : Norton Internet Security CompanyName : Symantec Corporation FileDescription : Norton Internet Security NISUM InternalName : NISUM LegalCopyright : Copyright (c) 2000-2002 Symantec Corporation. All rights reserved. OriginalFilename : NISUM.exe #:15 [explorer.exe] FilePath : C:\WINDOWS\ ProcessID : 1796 ThreadCreationTime : 04.01.2005 12:27:57 BasePriority : Normal FileVersion : 6.00.2800.1106 (xpsp1.020828-1920) ProductVersion : 6.00.2800.1106 ProductName : Betriebssystem Microsoft® Windows® CompanyName : Microsoft Corporation FileDescription : Windows Explorer InternalName : explorer LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten. OriginalFilename : EXPLORER.EXE #:16 [slserv.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1884 ThreadCreationTime : 04.01.2005 12:27:59 BasePriority : Normal FileVersion : 2.80.00(24Apr2000) ProductVersion : 2.80.00 ProductName : Modem FileDescription : User-Level Modem Service InternalName : slserv LegalCopyright : Copyright © 1999-2000 OriginalFilename : slserv.exe #:17 [svchost.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 1916 ThreadCreationTime : 04.01.2005 12:28:00 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:18 [ccpxysvc.exe] FilePath : C:\Programme\Norton Internet Security\ ProcessID : 304 ThreadCreationTime : 04.01.2005 12:28:09 BasePriority : Normal FileVersion : 6.00.2036 ProductVersion : 6.00.2036 ProductName : Norton Internet Security CompanyName : Symantec Corporation FileDescription : Norton Internet Security Proxy Service InternalName : ccPxySvc LegalCopyright : Copyright (c) 2000-2002 Symantec Corporation. All rights reserved. OriginalFilename : ccPxySvc.exe #:19 [s3hotkey.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 1620 ThreadCreationTime : 04.01.2005 12:28:27 BasePriority : Normal FileVersion : 1.0.0.5 ProductVersion : 1.0.0.5 ProductName : S3 Graphics, Inc. S3Hotkey CompanyName : S3 Graphics, Inc. FileDescription : S3Hotkey InternalName : S3Hotkey LegalCopyright : Copyright © 2001 by S3 Graphics, Inc. OriginalFilename : S3Hotkey #:20 [dragdiag.exe] FilePath : C:\Programme\Alcatel\SpeedTouch USB\ ProcessID : 1908 ThreadCreationTime : 04.01.2005 12:28:40 BasePriority : Normal FileVersion : V161_5R ProductVersion : V161_5R ProductName : Alcatel Speedtouch USB Diagnostics CompanyName : Alcatel Bell FileDescription : Diagnostics InternalName : Diagnostics LegalCopyright : Copyright © Alcatel Bell 1999-2001 OriginalFilename : dragdiag.exe #:21 [ccapp.exe] FilePath : C:\Programme\Gemeinsame Dateien\Symantec Shared\ ProcessID : 324 ThreadCreationTime : 04.01.2005 12:28:41 BasePriority : Normal FileVersion : 1.0.9.002 ProductVersion : 1.0.9.002 ProductName : Common Client CompanyName : Symantec Corporation FileDescription : Common Client CC App InternalName : ccApp LegalCopyright : Copyright (c) 2000-2002 Symantec Corporation. All rights reserved. OriginalFilename : ccApp.exe #:22 [em_exec.exe] FilePath : C:\Programme\Logitech\MouseWare\system\ ProcessID : 1636 ThreadCreationTime : 04.01.2005 12:29:00 BasePriority : Normal FileVersion : 9.78.034 ProductVersion : 9.78.034 ProductName : MouseWare CompanyName : Logitech Inc. FileDescription : Logitech Events Handler Application InternalName : Em_Exec LegalCopyright : (C) 1987-2003 Logitech. All rights reserved. LegalTrademarks : Logitech® and MouseWare® are registered trademarks of Logitech Inc. OriginalFilename : Em_Exec.exe Comments : Created by the MouseWare team #:23 [ad-aware.exe] FilePath : C:\Programme\Ad-Aware\ ProcessID : 1200 ThreadCreationTime : 04.01.2005 12:29:45 BasePriority : Normal FileVersion : 6.2.0.206 ProductVersion : VI.Second Edition ProductName : Lavasoft Ad-Aware SE CompanyName : Lavasoft Sweden FileDescription : Ad-Aware SE Core application InternalName : Ad-Aware.exe LegalCopyright : Copyright © Lavasoft Sweden OriginalFilename : Ad-Aware.exe Comments : All Rights Reserved #:24 [msmsgs.exe] FilePath : C:\Programme\Messenger\ ProcessID : 1448 ThreadCreationTime : 04.01.2005 12:29:48 BasePriority : Normal FileVersion : 4.7.0041 ProductVersion : Version 4.7 ProductName : Messenger CompanyName : Microsoft Corporation FileDescription : Messenger InternalName : msmsgs LegalCopyright : Copyright (c) Microsoft Corporation 1997-2001 LegalTrademarks : Microsoft(R) is a registered trademark of Microsoft Corporation in the U.S. and/or other countries. OriginalFilename : msmsgs.exe Memory scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 0 Started registry scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Registry Scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 0 Started deep registry scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Deep registry scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 0 Started Tracking Cookie scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Tracking cookie scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 0 Deep scanning and examining files... »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Disk Scan Result for C:\WINDOWS »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 0 Disk Scan Result for C:\WINDOWS\System32 »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 0 Disk Scan Result for C:\DOKUME~1\STEFAN~1\LOKALE~1\Temp\ »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 0 Hosts file scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» 0 entries scanned. New critical objects:0 Objects found so far: 0 MRU List Object Recognized! Location: : S-1-5-21-1244572991-2690133624-1694720459-1005\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru Description : list of recently saved files, stored according to file extension MRU List Object Recognized! Location: : S-1-5-21-1244572991-2690133624-1694720459-1005\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru Description : list of recent programs opened MRU List Object Recognized! Location: : S-1-5-21-1244572991-2690133624-1694720459-1005\software\microsoft\windows\currentversion\explorer\recentdocs Description : list of recent documents opened MRU List Object Recognized! Location: : S-1-5-21-1244572991-2690133624-1694720459-1005\software\microsoft\office\10.0\excel\recent files Description : list of recent files used by microsoft excel MRU List Object Recognized! Location: : S-1-5-21-1244572991-2690133624-1694720459-1005\software\microsoft\mediaplayer\player\recentfilelist Description : list of recently used files in microsoft windows media player MRU List Object Recognized! Location: : S-1-5-21-1244572991-2690133624-1694720459-1005\software\realnetworks\realplayer\6.0\preferences Description : list of recent skins in realplayer MRU List Object Recognized! Location: : software\microsoft\directdraw\mostrecentapplication Description : most recent application to use microsoft directdraw MRU List Object Recognized! Location: : software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct3d MRU List Object Recognized! Location: : S-1-5-21-1244572991-2690133624-1694720459-1005\software\realnetworks\realplayer\6.0\preferences Description : list of recent clips in realplayer MRU List Object Recognized! Location: : software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct X MRU List Object Recognized! Location: : S-1-5-21-1244572991-2690133624-1694720459-1005\software\microsoft\windows media\wmsdk\general Description : windows media sdk MRU List Object Recognized! Location: : C:\Dokumente und Einstellungen\Stefan Brunner\recent Description : list of recently opened documents Performing conditional scans... »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Conditional scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 12 13:35:09 Scan Complete Summary Of This Scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Total scanning time:00:04:48.795 Objects scanned:59188 Objects identified:0 Objects ignored:0 New critical objects:0 (hoffe das ist das was du wolltest) LG |
|
|
||
06.01.2005, 02:06
Ehrenmitglied
Beiträge: 29434 |
||
|
||
06.01.2005, 12:16
Member
Themenstarter Beiträge: 117 |
||
|
||
Ich hatte gerade einige merkwürdige Erlebnisse.
Wollte Firefox öffnen und plötzlich kam ein Fenster von Netscape zur Installation, wollte dann HiJackThis starten und es wurde "HiJackThis ist bereits geöffnet" angezeigt. Alle Scans mit AdAware, CWShredder und Spybot haben gar nichts gebracht. Update von Norton, AdAware etc. klappte auch nicht, angeblich Fehler bei der Internet-Verbindung.
Nach dem Neustart gehts jetzt aber plötzlich, alles wie gewohnt
Vielleicht hätte dennoch jemand Zeit, mein HiJackThis-Log durchzusehen ob was nicht stimmt...
Logfile of HijackThis v1.99.0 (BETA)
Scan saved at 19:36:28, on 02.01.2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe
C:\Programme\Norton AntiVirus\navapsvc.exe
C:\Programme\Norton Internet Security\NISUM.EXE
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\S3hotkey.exe
C:\Programme\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe
C:\Programme\Logitech\MouseWare\system\em_exec.exe
C:\Programme\Norton Internet Security\ccPxySvc.exe
C:\Programme\HiJackThis199\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://members.aon.at/sbrunner/Index.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = ftp=proxy.aon.at:8080;http=proxy.aon.at:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.aon.at;<local>
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programme\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programme\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [S3hotkey] S3hotkey.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Programme\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccRegVfy.exe"
O4 - HKCU\..\Run: [PeerGuardian] C:\Programme\PeerGuardian\PeerGuardian_1.99b_pr14.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/2,0,0,4411/mcfscan.cab
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: Symantec Event Manager - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Proxy Service - Symantec Corporation - C:\Programme\Norton Internet Security\ccPxySvc.exe
O23 - Service: Norton AntiVirus Auto-Protect-Dienst - Symantec Corporation - C:\Programme\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Internet Security Accounts Manager - Symantec Corporation - C:\Programme\Norton Internet Security\NISUM.EXE
O23 - Service: ScriptBlocking Service - Symantec Corporation - C:\PROGRA~1\GEMEIN~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService - Unknown - slserv.exe (file missing)
O23 - Service: Symantec Network Drivers Service - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe
Apropos... folgendes kann ich fixen oder? (Programm wurde deinstalliert)
O4 - HKCU\..\Run: [PeerGuardian]
Vielen Dank!
LG
Stefan
PS: Gibt es vielleicht irgendwo eine kleine Anleitung wie ich meine Logs selbst "verstehen" kann und die richtigen Sachen fixe?