Home » Viren, Trojaner & Malware Forum » Fenster in Outlook und Explorer schliessen sich von selbst » Themenansicht

Fenster in Outlook und Explorer schliessen sich von selbst
#0
04.01.2005, 15:31
lengua
...neu hier

Beiträge: 1
#1 Fenster in Outlook und Explorer schliessen sich plötzlich von selbst.

Wer kann helfen, woran liegt das?

Logfile of HijackThis v1.99.0
Scan saved at 15:26:59, on 04.01.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\pctspk.exe
C:\Programme\Teledat\WCOM\SYSTEM\RVSINST.EXE
C:\WINDOWS\System32\svchost.exe
C:\Programme\Teledat\WCOM\SYSTEM\RVSCC.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Programme\Java\j2re1.4.2_03\bin\jusched.exe
C:\WINDOWS\htpatch.exe
C:\Programme\Steganos Trace Destructor 6.5\itd.exe
C:\Programme\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Programme\Messenger\msmsgs.exe
C:\Programme\Telekom\Eumex 704PC DSL\Capictrl.exe
C:\Programme\DATA BECKER\DATA BECKERs GhostTyper\GhostTyp.exe
C:\Programme\Telekom\Eumex 704PC DSL\HNetCtrl.exe
C:\Programme\Teledat\WCOM\SYSTEM\ccui.exe
C:\Programme\Teledat\WCOM\SYSTEM\RVSRmd.exe
C:\PROGRA~1\Teledat\WCOM\SYSTEM\ADBSERV.EXE
C:\Programme\Teledat\WCOM\SYSTEM\CCSRV.EXE
C:\Programme\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Programme\Teledat\WCOM\SYSTEM\CCSRV.EXE
C:\Programme\Microsoft Office\Office\WINWORD.EXE
C:\WINDOWS\system32\ntvdm.exe
C:\Programme\Teledat\WCOM\SYSTEM\RVSCOMSV.EXE
C:\WINDOWS\System32\WISPTIS.EXE
C:\Programme\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\ULTIMA~1\uzip.exe
C:\DOKUME~1\JOERG\LOKALE~1\TEMP\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ycomp_wave/defaults/sb/*http://www.yahoo.com/search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ycomp_wave/defaults/sp/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.multimeta.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ycomp_wave/defaults/su/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer von T-Online
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {4BD9653E-D4C7-454B-9151-A8517B84BA08} - (no file)
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Programme\Siber Systems\AI RoboForm\RoboForm.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar1.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Programme\Siber Systems\AI RoboForm\RoboForm.dll
O3 - Toolbar: &Multimeta - {70E1F00F-DD39-4C24-A93C-DD5BADD08F25} - C:\Programme\MultimetaToolbar\tbmmeta.dll
O3 - Toolbar: Dme&x Toolbar - {3F756BC4-26CB-497E-9409-8F09C1850C80} - C:\Programme\DMEXBar\dmexbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [PCDRealtime] C:\WINDOWS\realtime.exe
O4 - HKLM\..\Run: [HTpatch] C:\WINDOWS\htpatch.exe
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [hplampc] C:\WINDOWS\System32\hplampc.exe
O4 - HKCU\..\Run: [ITD65_ITD] "C:\Programme\Steganos Trace Destructor 6.5\itd.exe" /booting
O4 - HKCU\..\Run: [RoboForm] "C:\Programme\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
O4 - HKCU\..\RunOnce: [CommCenter] "C:\Programme\Teledat\WCOM\SYSTEM\ccui.exe"
O4 - Global Startup: CAPIControl.lnk = ?
O4 - Global Startup: DATA BECKERs GhostTyper.lnk = C:\Programme\DATA BECKER\DATA BECKERs GhostTyper\GhostTyp.exe
O4 - Global Startup: HomeNet Control.lnk = ?
O4 - Global Startup: Quicken 2005 Zahlungserinnerung.lnk = C:\Programme\Quicken2005\billmind.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Google Search - res://c:\programme\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Im Cache gespeicherte Seite - res://c:\programme\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: RF - &Formular speichern - file://C:\Programme\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: RF - &Menü anpassen - file://C:\Programme\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: RF - Formular ausf&üllen - file://C:\Programme\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Verweisseiten - res://c:\programme\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Ähnliche Seiten - res://c:\programme\google\GoogleToolbar1.dll/cmsimilar.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Ausfüllen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Programme\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: RF - Formular ausf&üllen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Programme\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Speichern - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Programme\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: RF - &Formular speichern - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Programme\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Programme\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RF - RoboForm-S&ymbolleiste - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Programme\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall-Kontrolle) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {861FDA2A-2B57-4BDA-8B8B-305C9D5D8604} (_Multimedia Player) - http://www.pussyharem.com/stream/mmp.cab
O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab
O23 - Service: CPUCooLServer Service - Unknown - C:\Programme\CPUCooL\CooLSrv.exe (file missing)
O23 - Service: PCTEL Speaker Phone - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
O23 - Service: RVS CommCenter - Unknown - C:\Programme\Teledat\WCOM\SYSTEM\RVSCC.EXE
O23 - Service: RvscomSv - RVS Datentechnik GmbH, München - C:\Programme\Teledat\WCOM\SYSTEM\RVSCOMSV.EXE
O23 - Service: RVS Installer - RVS Datentechnik GmbH, München - C:\Programme\Teledat\WCOM\SYSTEM\RVSINST.EXE
O23 - Service: Univer$e UNIV50_CAL_A - Unknown - C:\Univer$e\5.0.1\exec\UniServCal.exe
O23 - Service: Univer$e UNIV50_CAL_I - Unknown - C:\Univer$e\5.0.1\exec\UniServCal.exe
O23 - Service: Univer$e UNIV50_CAL_S - Unknown - C:\Univer$e\5.0.1\exec\UniServCal.exe
O23 - Service: Univer$e UNIV50_CAL_X - Unknown - C:\Univer$e\5.0.1\exec\UniServCal.exe
O23 - Service: Univer$e UNIV50_CDJ_A - Unknown - C:\Univer$e\5.0.1\exec\UniServCdj.exe
O23 - Service: Univer$e UNIV50_CDJ_I - Unknown - C:\Univer$e\5.0.1\exec\UniServCdj.exe
O23 - Service: Univer$e UNIV50_CDJ_S - Unknown - C:\Univer$e\5.0.1\exec\UniServCdj.exe
O23 - Service: Univer$e UNIV50_CDJ_X - Unknown - C:\Univer$e\5.0.1\exec\UniServCdj.exe
O23 - Service: Univer$e UNIV50_CMD - Unknown - C:\Univer$e\5.0.1\exec\UniServCmd.exe
O23 - Service: Univer$e UNIV50_ECH_A - Unknown - C:\Univer$e\5.0.1\exec\UniServEch.exe
O23 - Service: Univer$e UNIV50_ECH_I - Unknown - C:\Univer$e\5.0.1\exec\UniServEch.exe
O23 - Service: Univer$e UNIV50_ECH_S - Unknown - C:\Univer$e\5.0.1\exec\UniServEch.exe
O23 - Service: Univer$e UNIV50_ECH_X - Unknown - C:\Univer$e\5.0.1\exec\UniServEch.exe
O23 - Service: Univer$e UNIV50_IO_A - Unknown - C:\Univer$e\5.0.1\exec\UniServIo.exe
O23 - Service: Univer$e UNIV50_IO_I - Unknown - C:\Univer$e\5.0.1\exec\UniServIo.exe
O23 - Service: Univer$e UNIV50_IO_S - Unknown - C:\Univer$e\5.0.1\exec\UniServIo.exe
O23 - Service: Univer$e UNIV50_IO_X - Unknown - C:\Univer$e\5.0.1\exec\UniServIo.exe
O23 - Service: Univer$e UNIV50_ORD_A - Unknown - C:\Univer$e\5.0.1\exec\UniServOrd.exe
O23 - Service: Univer$e UNIV50_ORD_I - Unknown - C:\Univer$e\5.0.1\exec\UniServOrd.exe
O23 - Service: Univer$e UNIV50_ORD_S - Unknown - C:\Univer$e\5.0.1\exec\UniServOrd.exe
O23 - Service: Univer$e UNIV50_ORD_X - Unknown - C:\Univer$e\5.0.1\exec\UniServOrd.exe
O23 - Service: Univer$e UNIV50_SUR - Unknown - C:\Univer$e\5.0.1\exec\UniServSur.exe
O23 - Service: Univer$e Universe - Unknown - C:\Univer$e\5.0.1\exec\UniServU.exe
O23 - Service: Univer$e _DQM_ - Unknown - C:\Univer$e\5.0.1\exec\UniServDqm.exe
Seitenanfang Seitenende
04.01.2005, 21:23
raman
Moderator

Beiträge: 7805
#2 Das log sieht eigentlich relativ normal aus.

Fix mal das:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ycomp_wave/defaults/sb/*http://www.yahoo.com/search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ycomp_wave/defaults/sp/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.multimeta.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ycomp_wave/defaults/su/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer von T-Online
O2 - BHO: (no name) - {4BD9653E-D4C7-454B-9151-A8517B84BA08} - (no file)
O3 - Toolbar: &Multimeta - {70E1F00F-DD39-4C24-A93C-DD5BADD08F25} - C:\Programme\MultimetaToolbar\tbmmeta.dll *(wenn du es nicht nutzt)*
O23 - Service: CPUCooLServer Service - Unknown - C:\Programme\CPUCooL\CooLSrv.exe (file missing) (Du hast von Win9X/ME upgedatet?)


Die Software "Univer$e" kenne ich leider nicht und kann dir so nicht sagen, was fuer einen effekt das fixen der Eintraege haette. Solltest du diese fixen wollen, nutz bitte MSCONFIG dazu!
__________
MfG Ralf
SEO-Spam Hunter
Seitenanfang Seitenende
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!

Folgende Themen könnten Dich auch interessieren:
Seite(n): 1