Norten Internet Security/C:\Programme\websx\int327777.exe |
||
---|---|---|
#0
| ||
03.04.2005, 14:30
Member
Beiträge: 29 |
||
|
||
03.04.2005, 14:44
Member
Beiträge: 239 |
#2
Du hast eine alte Version von HijackThis.
Lade dir bitte die neue und poste dann die neue Logfile Rolfs |
|
|
||
03.04.2005, 15:07
Member
Themenstarter Beiträge: 29 |
#3
Die neue Logfile
Logfile of HijackThis v1.99.1 Scan saved at 15:07:09, on 03.04.2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe C:\Programme\Java\j2re1.4.2_06\bin\jusched.exe C:\Programme\Viren,Trojaner,Würmer\AVWUPSRV.EXE C:\Programme\Gemeinsame Dateien\Symantec Shared\ccProxy.exe C:\Programme\Norton Internet Security\Norton AntiVirus\navapsvc.exe C:\Programme\Norton Internet Security\Norton AntiVirus\SAVScan.exe C:\Programme\Internet Explorer\IEXPLORE.EXE C:\Programme\Messenger\msmsgs.exe C:\Temp\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/ O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Programme\Gemeinsame Dateien\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programme\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Programme\Gemeinsame Dateien\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programme\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r O4 - HKLM\..\Run: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Programme\Norton Internet Security\UrlLstCk.exe O4 - HKLM\..\Run: [REGSHAVE] C:\Programme\REGSHAVE\REGSHAVE.EXE /AUTORUN O4 - HKLM\..\Run: [websx] C:\Programme\websx\int327777.exe -auto O4 - HKLM\..\Run: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -minimize O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\j2re1.4.2_06\bin\jusched.exe O4 - HKLM\..\Run: [Bluethooth] C:\Programme\Bluetooth Software\BTTray.exe O4 - HKLM\..\Run: [CorelDRAW Graphics Suite 11b] C:\Programme\Corel\Corel Graphics 12\Languages\DE\Programs\Registration.exe /title="CorelDRAW Graphics Suite 12" /date=041705 Seri*hier nicht!*=DR12WEB-6913797-JVQ lang=DE O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -trayboot O4 - Startup: HotSync Manager.LNK = C:\Programme\Palm\HOTSYNC.EXE O4 - Global Startup: HotSync Manager.LNK = C:\Programme\Palm\HOTSYNC.EXE O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Send To &Bluetooth - C:\Programme\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra button: ICQ 4.1 - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Bluetooth Software\btsendto_ie.htm O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1094046719226 O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O16 - DPF: {7589EEE6-E336-11D4-8A7E-EE1D971D9B47} (AcontiX Control) - http://secure.aconti.net/acontix/acontix.cab O16 - DPF: {8FA9D107-547B-4DBC-9D88-FABD891EDB0A} (shizmoo Class) - http://playroom.icq.com/odyssey_web11.cab O16 - DPF: {9E98E84C-79E1-49C3-82EB-798FCD552EFB} (VacPro.internazionale_ver4) - http://advnt01.com/dialer/internazionale_ver4.CAB O16 - DPF: {AABB591F-CEB3-404A-A979-AA30B16CB914} (IPLabs Image Uploader 2.5) - http://asp03.photoprintit.de/microsite/2976/defaults/activex/ImageUploader2.cab O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IP-Uploader Control) - http://asp03.photoprintit.de/microsite/2976/defaults/activex/ImageUploader3.cab O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/hpdj/de/check/qdiagh.cab?322 O16 - DPF: {F0BC061F-DAF9-4533-8011-53BCB4C10307} (Installations Assistent) - http://install.serviceurl.de/InstallationsAssistent.ocx O17 - HKLM\System\CCS\Services\Tcpip\..\{9E7A7CE6-A601-4C3C-8DEC-9354A07AB1F1}: NameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{B8D6F283-6966-42F6-92A7-EDC18C06C0B7}: NameServer = 192.168.0.1 O23 - Service: Adobe LM Service - Unknown owner - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Programme\Viren,Trojaner,Würmer\AVGUARD.EXE O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Programme\Viren,Trojaner,Würmer\AVWUPSRV.EXE O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Programme\Bluetooth Software\bin\btwdins.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Programme\Gemeinsame Dateien\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: Norton AntiVirus Auto-Protect-Dienst (navapsvc) - Symantec Corporation - C:\Programme\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: SAVScan - Symantec Corporation - C:\Programme\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\GEMEIN~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Center\SymWSC.exe |
|
|
||
03.04.2005, 18:08
Ehrenmitglied
Beiträge: 29434 |
#4
Hallo@Scholle21
#öffne das HijackThis-->> Button "scan" -->> Häkchen setzen -->> Button "Fix checked" -->> PC neustarten O4 - HKLM\..\Run: [websx] C:\Programme\websx\int327777.exe -auto O16 - DPF: {F0BC061F-DAF9-4533-8011-53BCB4C10307} (Installations Assistent) - http://install.serviceurl.de/InstallationsAssistent.ocx neustarten--> in den abgesicherten Modus C:\Programme\websx\int327777.exe<<loeschen C:\Windows\Downloaded Program Files\InstallationsAssistent.ocx<<loeschen __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
03.04.2005, 20:16
Member
Themenstarter Beiträge: 29 |
#5
Die Neue Logfile!
Logfile of HijackThis v1.99.1 Scan saved at 20:14:31, on 03.04.2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe C:\Programme\Java\j2re1.4.2_06\bin\jusched.exe C:\Programme\Viren,Trojaner,Würmer\AVWUPSRV.EXE C:\Programme\Gemeinsame Dateien\Symantec Shared\ccProxy.exe C:\Programme\Norton Internet Security\Norton AntiVirus\navapsvc.exe C:\Programme\Norton Internet Security\Norton AntiVirus\SAVScan.exe C:\Programme\Internet Explorer\IEXPLORE.EXE C:\Programme\Messenger\msmsgs.exe C:\Temp\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/ O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Programme\Gemeinsame Dateien\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programme\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Programme\Gemeinsame Dateien\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programme\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r O4 - HKLM\..\Run: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Programme\Norton Internet Security\UrlLstCk.exe O4 - HKLM\..\Run: [REGSHAVE] C:\Programme\REGSHAVE\REGSHAVE.EXE /AUTORUN O4 - HKLM\..\Run: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -minimize O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\j2re1.4.2_06\bin\jusched.exe O4 - HKLM\..\Run: [Bluethooth] C:\Programme\Bluetooth Software\BTTray.exe O4 - HKLM\..\Run: [CorelDRAW Graphics Suite 11b] C:\Programme\Corel\Corel Graphics 12\Languages\DE\Programs\Registration.exe /title="CorelDRAW Graphics Suite 12" /date=041705 Seri*hier nicht!*=DR12WEB-6913797-JVQ lang=DE O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -trayboot O4 - Startup: HotSync Manager.LNK = C:\Programme\Palm\HOTSYNC.EXE O4 - Global Startup: HotSync Manager.LNK = C:\Programme\Palm\HOTSYNC.EXE O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Send To &Bluetooth - C:\Programme\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra button: ICQ 4.1 - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Bluetooth Software\btsendto_ie.htm O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1094046719226 O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O16 - DPF: {7589EEE6-E336-11D4-8A7E-EE1D971D9B47} (AcontiX Control) - http://secure.aconti.net/acontix/acontix.cab O16 - DPF: {8FA9D107-547B-4DBC-9D88-FABD891EDB0A} (shizmoo Class) - http://playroom.icq.com/odyssey_web11.cab O16 - DPF: {9E98E84C-79E1-49C3-82EB-798FCD552EFB} (VacPro.internazionale_ver4) - http://advnt01.com/dialer/internazionale_ver4.CAB O16 - DPF: {AABB591F-CEB3-404A-A979-AA30B16CB914} (IPLabs Image Uploader 2.5) - http://asp03.photoprintit.de/microsite/2976/defaults/activex/ImageUploader2.cab O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IP-Uploader Control) - http://asp03.photoprintit.de/microsite/2976/defaults/activex/ImageUploader3.cab O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/hpdj/de/check/qdiagh.cab?322 O17 - HKLM\System\CCS\Services\Tcpip\..\{9E7A7CE6-A601-4C3C-8DEC-9354A07AB1F1}: NameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{B8D6F283-6966-42F6-92A7-EDC18C06C0B7}: NameServer = 192.168.0.1 O23 - Service: Adobe LM Service - Unknown owner - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Programme\Viren,Trojaner,Würmer\AVGUARD.EXE O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Programme\Viren,Trojaner,Würmer\AVWUPSRV.EXE O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Programme\Bluetooth Software\bin\btwdins.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Programme\Gemeinsame Dateien\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: Norton AntiVirus Auto-Protect-Dienst (navapsvc) - Symantec Corporation - C:\Programme\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: SAVScan - Symantec Corporation - C:\Programme\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\GEMEIN~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Center\SymWSC.exe Danke Sabina! Schönen Abend. Ciao |
|
|
||
03.04.2005, 21:43
Ehrenmitglied
Beiträge: 29434 |
#6
Hallo@Scholle21
sorry, hatte ich uebersehen: Fixe mit dem HijackThis O16 - DPF: {7589EEE6-E336-11D4-8A7E-EE1D971D9B47} (AcontiX Control) - http://secure.aconti.net/acontix/acontix.cab O16 - DPF: {9E98E84C-79E1-49C3-82EB-798FCD552EFB} (VacPro.internazionale_ver4) - http://advnt01.com/dialer/internazionale_ver4.CAB neustarten loesche. internazionale_ver4.CAB C:\Windows\Downloaded Program Files\internazionale_ver4.ocx __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
03.04.2005, 22:16
Member
Themenstarter Beiträge: 29 |
#7
Habe ich gemacht und jetzt sieht es so aus.
Logfile of HijackThis v1.99.1 Scan saved at 22:16:02, on 03.04.2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Programme\Viren,Trojaner,Würmer\AVWUPSRV.EXE C:\Programme\Bluetooth Software\bin\btwdins.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\ccProxy.exe C:\Programme\Norton Internet Security\Norton AntiVirus\navapsvc.exe C:\Programme\Norton Internet Security\Norton AntiVirus\SAVScan.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe C:\Programme\Java\j2re1.4.2_06\bin\jusched.exe C:\Programme\Messenger\msmsgs.exe C:\Programme\Internet Explorer\IEXPLORE.EXE C:\Temp\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/ O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Programme\Gemeinsame Dateien\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programme\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Programme\Gemeinsame Dateien\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programme\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r O4 - HKLM\..\Run: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Programme\Norton Internet Security\UrlLstCk.exe O4 - HKLM\..\Run: [REGSHAVE] C:\Programme\REGSHAVE\REGSHAVE.EXE /AUTORUN O4 - HKLM\..\Run: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -minimize O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\j2re1.4.2_06\bin\jusched.exe O4 - HKLM\..\Run: [Bluethooth] C:\Programme\Bluetooth Software\BTTray.exe O4 - HKLM\..\Run: [CorelDRAW Graphics Suite 11b] C:\Programme\Corel\Corel Graphics 12\Languages\DE\Programs\Registration.exe /title="CorelDRAW Graphics Suite 12" /date=041705 Seri*hier nicht!*=DR12WEB-6913797-JVQ lang=DE O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -trayboot O4 - Startup: HotSync Manager.LNK = C:\Programme\Palm\HOTSYNC.EXE O4 - Global Startup: HotSync Manager.LNK = C:\Programme\Palm\HOTSYNC.EXE O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Send To &Bluetooth - C:\Programme\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra button: ICQ 4.1 - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Bluetooth Software\btsendto_ie.htm O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1094046719226 O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O16 - DPF: {8FA9D107-547B-4DBC-9D88-FABD891EDB0A} (shizmoo Class) - http://playroom.icq.com/odyssey_web11.cab O16 - DPF: {AABB591F-CEB3-404A-A979-AA30B16CB914} (IPLabs Image Uploader 2.5) - http://asp03.photoprintit.de/microsite/2976/defaults/activex/ImageUploader2.cab O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IP-Uploader Control) - http://asp03.photoprintit.de/microsite/2976/defaults/activex/ImageUploader3.cab O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/hpdj/de/check/qdiagh.cab?322 O17 - HKLM\System\CCS\Services\Tcpip\..\{9E7A7CE6-A601-4C3C-8DEC-9354A07AB1F1}: NameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{B8D6F283-6966-42F6-92A7-EDC18C06C0B7}: NameServer = 192.168.0.1 O23 - Service: Adobe LM Service - Unknown owner - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Programme\Viren,Trojaner,Würmer\AVGUARD.EXE O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Programme\Viren,Trojaner,Würmer\AVWUPSRV.EXE O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Programme\Bluetooth Software\bin\btwdins.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Programme\Gemeinsame Dateien\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: Norton AntiVirus Auto-Protect-Dienst (navapsvc) - Symantec Corporation - C:\Programme\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: SAVScan - Symantec Corporation - C:\Programme\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\GEMEIN~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Center\SymWSC.exe Danke schön. Ciao |
|
|
||
04.04.2005, 10:36
Ehrenmitglied
Beiträge: 29434 |
#8
Hallo@Scholle21
#ClaerProg..lade die neuste Version <1.4.1 http://www.clearprog.de/downloads.php <und saeubere den Browser. Das Programm löscht die Surfspuren des Internet Explorers ab Version 5.0, des Netscape/Mozilla und des Opera: - Cookies - Verlauf - Temporäre Internetfiles (Cache) #Ad-aware SE Personal 1.05 Updated http://fileforum.betanews.com/detail/965718306/1 Laden--> Updaten-->scannen-->PC neustarten--> noch mal scannen--> poste das Log vom Scann ____________________________________________________________________ Wie kann ich das Service Pack 2 installieren? Sie können Windows XP Service Pack 2 mit der Funktion Windows Update oder von CD installieren. [A] Installation über Windows Update (Internet) 1. Wählen Sie im Start-Menü den Befehl Windows Update. Sie werden automatisch mit der Internetseite Windows Update verbunden (Internetverbindung vorausgesetzt). 2. Aktivieren Sie Windows XP Servicepack 2 und Updates installieren. Installation von CD 1. Legen Sie die CD mit Service Pack 2 in das CD-Laufwerk Ihres PCs ein. 2. Klicken Sie nach dem Autostart auf Weiter. 3. Lesen Sie aufmerksam die Informationen Was sie wissen sollten, bevor sie mit der Installation beginnen. 4. Starten Sie das Setup, in dem Sie Jetzt installieren klicken. 5. Folgen Sie den weiteren Anweisungen. Am Sichersten ist es, wenn man das SP2 schon von einer CD vor dem Anschluss ans Internet installiert hat. Diese Updates werden regelmässig in PC-Zeitschriften angeboten oder man lädt und brennt sie sich selbst , so dass man sie zur Hand hat, wenn eine Neuinstallation notwendig geworden ist. Außerdem gibt es beim Microsoft-Support auch die Möglichkeit diese CD kostenlos anzufordern und sich zuschicken zu lassen. __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
04.04.2005, 16:54
Member
Themenstarter Beiträge: 29 |
#9
Bitte schön
Ad-Aware SE Build 1.05 Logfile Created on:Montag, 4. April 2005 16:44:08 Created with Ad-Aware SE Personal, free for private use. Using definitions file:SE1R36 01.04.2005 »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» References detected during the scan: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Aconti-Dialer(TAC index:5):2 total references Alexa(TAC index:5):11 total references MRU List(TAC index:0):40 total references Other(TAC index:5):1 total references Tracking Cookie(TAC index:3):79 total references »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Ad-Aware SE Settings =========================== Set : Search for negligible risk entries Set : Safe mode (always request confirmation) Set : Scan active processes Set : Scan registry Set : Deep-scan registry Set : Scan my IE Favorites for banned URLs Set : Scan my Hosts file Extended Ad-Aware SE Settings =========================== Set : Unload recognized processes & modules during scan Set : Scan registry for all users instead of current user only Set : Always try to unload modules before deletion Set : During removal, unload Explorer and IE if necessary Set : Let Windows remove files in use at next reboot Set : Delete quarantined objects after restoring Set : Include basic Ad-Aware settings in log file Set : Include additional Ad-Aware settings in log file Set : Include reference summary in log file Set : Include alternate data stream details in log file Set : Play sound at scan completion if scan locates critical objects 04.04.2005 16:44:08 - Scan started. (Full System Scan) MRU List Object Recognized! Location: : S-1-5-21-789336058-573735546-725345543-1001\software\nico mak computing\winzip\filemenu Description : winzip recently used archives MRU List Object Recognized! Location: : S-1-5-21-789336058-573735546-725345543-1001\software\microsoft\windows\currentversion\applets\wordpad\recent file list Description : list of recent files opened using wordpad MRU List Object Recognized! Location: : S-1-5-21-789336058-573735546-725345543-1001\software\microsoft\windows\currentversion\applets\paint\recent file list Description : list of files recently opened using microsoft paint MRU List Object Recognized! Location: : S-1-5-21-789336058-573735546-725345543-1001\software\microsoft\search assistant\acmru Description : list of recent search terms used with the search assistant MRU List Object Recognized! Location: : S-1-5-21-789336058-573735546-725345543-1001\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru Description : list of recently saved files, stored according to file extension MRU List Object Recognized! Location: : S-1-5-21-789336058-573735546-725345543-1001\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru Description : list of recent programs opened MRU List Object Recognized! Location: : S-1-5-21-789336058-573735546-725345543-1001\software\microsoft\windows\currentversion\explorer\recentdocs Description : list of recent documents opened MRU List Object Recognized! Location: : S-1-5-21-789336058-573735546-725345543-1001\software\microsoft\office\10.0\powerpoint\recenttemplatelist Description : list of recent templates used by microsoft powerpoint MRU List Object Recognized! Location: : S-1-5-21-789336058-573735546-725345543-1001\software\microsoft\office\10.0\powerpoint\recentfolderlist Description : list of recent folders used by microsoft powerpoint MRU List Object Recognized! Location: : S-1-5-21-789336058-573735546-725345543-1001\software\microsoft\office\10.0\excel\recent files Description : list of recent files used by microsoft excel MRU List Object Recognized! Location: : S-1-5-21-789336058-573735546-725345543-1001\software\microsoft\office\10.0\powerpoint\recent file list Description : list of recent files used by microsoft powerpoint MRU List Object Recognized! Location: : S-1-5-21-789336058-573735546-725345543-1001\software\microsoft\office\10.0\powerpoint\recent templates Description : list of recent templates used by microsoft powerpoint MRU List Object Recognized! Location: : S-1-5-21-789336058-573735546-725345543-1001\software\adobe\adobe acrobat\6.0\avgeneral\crecentfiles Description : list of recently used files in adobe acrobat MRU List Object Recognized! Location: : S-1-5-21-789336058-573735546-725345543-1001\software\microsoft\mediaplayer\player\recentfilelist Description : list of recently used files in microsoft windows media player MRU List Object Recognized! Location: : S-1-5-21-789336058-573735546-725345543-1001\software\microsoft\internet explorer Description : last download directory used in microsoft internet explorer MRU List Object Recognized! Location: : software\microsoft\directdraw\mostrecentapplication Description : most recent application to use microsoft directdraw MRU List Object Recognized! Location: : S-1-5-21-789336058-573735546-725345543-1001\software\microsoft\microsoft management console\recent file list Description : list of recent snap-ins used in the microsoft management console MRU List Object Recognized! Location: : S-1-5-21-789336058-573735546-725345543-1001\software\microsoft\office\10.0\common\general Description : list of recently used symbols in microsoft office MRU List Object Recognized! Location: : S-1-5-21-789336058-573735546-725345543-1001\software\microsoft\internet explorer\typedurls Description : list of recently entered addresses in microsoft internet explorer MRU List Object Recognized! Location: : S-1-5-21-789336058-573735546-725345543-1001\software\microsoft\office\10.0\powerpoint\recent typeface list Description : list of recently used typefaces in microsoft powerpoint MRU List Object Recognized! Location: : S-1-5-21-789336058-573735546-725345543-1001\software\microsoft\directinput\mostrecentapplication Description : most recent application to use microsoft directinput MRU List Object Recognized! Location: : S-1-5-21-789336058-573735546-725345543-1001\software\microsoft\mediaplayer\player\settings Description : last open directory used in jasc paint shop pro MRU List Object Recognized! Location: : S-1-5-21-789336058-573735546-725345543-1001\software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct3d MRU List Object Recognized! Location: : software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct3d MRU List Object Recognized! Location: : S-1-5-21-789336058-573735546-725345543-1001\software\microsoft\mediaplayer\preferences Description : last playlist index loaded in microsoft windows media player MRU List Object Recognized! Location: : S-1-5-21-789336058-573735546-725345543-1001\software\microsoft\windows\currentversion\applets\regedit Description : last key accessed using the microsoft registry editor MRU List Object Recognized! Location: : S-1-5-21-789336058-573735546-725345543-1001\software\microsoft\frontpage\explorer\frontpage explorer\recent web list Description : list of recently used webs in microsoft frontpage MRU List Object Recognized! Location: : S-1-5-21-789336058-573735546-725345543-1001\software\microsoft\directinput\mostrecentapplication Description : most recent application to use microsoft directinput MRU List Object Recognized! Location: : S-1-5-21-789336058-573735546-725345543-1001\software\microsoft\mediaplayer\preferences Description : last playlist loaded in microsoft windows media player MRU List Object Recognized! Location: : S-1-5-21-789336058-573735546-725345543-1001\software\microsoft\office\10.0\clip organizer\search\last query Description : last query in microsoft clip organizer MRU List Object Recognized! Location: : S-1-5-21-789336058-573735546-725345543-1001\software\microsoft\frontpage\explorer\frontpage explorer\recent file list Description : list of recently used files in microsoft frontpage MRU List Object Recognized! Location: : S-1-5-21-789336058-573735546-725345543-1001\software\microsoft\office\10.0\common\search\last query Description : last query in microsoft office MRU List Object Recognized! Location: : S-1-5-21-789336058-573735546-725345543-1001\software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct X MRU List Object Recognized! Location: : software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct X MRU List Object Recognized! Location: : S-1-5-21-789336058-573735546-725345543-1001\software\winrar\dialogedithistory\extrpath Description : winrar "extract-to" history MRU List Object Recognized! Location: : .DEFAULT\software\microsoft\windows media\wmsdk\general Description : windows media sdk MRU List Object Recognized! Location: : S-1-5-18\software\microsoft\windows media\wmsdk\general Description : windows media sdk MRU List Object Recognized! Location: : S-1-5-21-789336058-573735546-725345543-1001\software\microsoft\windows media\wmsdk\general Description : windows media sdk MRU List Object Recognized! Location: : C:\Dokumente und Einstellungen\HAI.HAI-DLRG\Anwendungsdaten\microsoft\office\recent Description : list of recently opened documents using microsoft office MRU List Object Recognized! Location: : C:\Dokumente und Einstellungen\HAI.HAI-DLRG\recent Description : list of recently opened documents Listing running processes »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» #:1 [smss.exe] FilePath : \SystemRoot\System32\ ProcessID : 636 ThreadCreationTime : 04.04.2005 14:42:22 BasePriority : Normal #:2 [csrss.exe] FilePath : \??\C:\WINDOWS\system32\ ProcessID : 684 ThreadCreationTime : 04.04.2005 14:42:24 BasePriority : Normal #:3 [winlogon.exe] FilePath : \??\C:\WINDOWS\system32\ ProcessID : 708 ThreadCreationTime : 04.04.2005 14:42:25 BasePriority : High #:4 [services.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 752 ThreadCreationTime : 04.04.2005 14:42:25 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Betriebssystem Microsoft® Windows® CompanyName : Microsoft Corporation FileDescription : Anwendung für Dienste und Controller InternalName : services.exe LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten. OriginalFilename : services.exe #:5 [lsass.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 764 ThreadCreationTime : 04.04.2005 14:42:25 BasePriority : Normal FileVersion : 5.1.2600.1106 (xpsp1.020828-1920) ProductVersion : 5.1.2600.1106 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : LSA Shell (Export Version) InternalName : lsass.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : lsass.exe #:6 [ati2evxx.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 912 ThreadCreationTime : 04.04.2005 14:42:26 BasePriority : Normal #:7 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 936 ThreadCreationTime : 04.04.2005 14:42:26 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:8 [svchost.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 988 ThreadCreationTime : 04.04.2005 14:42:26 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:9 [svchost.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 1176 ThreadCreationTime : 04.04.2005 14:42:26 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:10 [svchost.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 1188 ThreadCreationTime : 04.04.2005 14:42:26 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:11 [ati2evxx.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1376 ThreadCreationTime : 04.04.2005 14:42:27 BasePriority : Normal #:12 [explorer.exe] FilePath : C:\WINDOWS\ ProcessID : 1500 ThreadCreationTime : 04.04.2005 14:42:27 BasePriority : Normal FileVersion : 6.00.2800.1221 (xpsp2.030511-1403) ProductVersion : 6.00.2800.1221 ProductName : Betriebssystem Microsoft® Windows® CompanyName : Microsoft Corporation FileDescription : Windows Explorer InternalName : explorer LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten. OriginalFilename : EXPLORER.EXE #:13 [ccsetmgr.exe] FilePath : C:\Programme\Gemeinsame Dateien\Symantec Shared\ ProcessID : 1520 ThreadCreationTime : 04.04.2005 14:42:27 BasePriority : Normal FileVersion : 2.1.6.3 ProductVersion : 2.1.6.3 ProductName : Common Client CompanyName : Symantec Corporation FileDescription : Common Client Settings Manager Service InternalName : ccSetMgr LegalCopyright : Copyright (c) 2000-2003 Symantec Corporation. All rights reserved. OriginalFilename : ccSetMgr.exe #:14 [sndsrvc.exe] FilePath : C:\Programme\Gemeinsame Dateien\Symantec Shared\ ProcessID : 1532 ThreadCreationTime : 04.04.2005 14:42:27 BasePriority : Normal FileVersion : 5.4.4.17 ProductVersion : 5.4 ProductName : Symantec Security Drivers CompanyName : Symantec Corporation FileDescription : Network Driver Service InternalName : SndSrvc LegalCopyright : Copyright 2002, 2003, 2004 Symantec Corporation OriginalFilename : SndSrvc.exe #:15 [ccevtmgr.exe] FilePath : C:\Programme\Gemeinsame Dateien\Symantec Shared\ ProcessID : 1612 ThreadCreationTime : 04.04.2005 14:42:27 BasePriority : Normal FileVersion : 2.1.6.3 ProductVersion : 2.1.6.3 ProductName : Common Client CompanyName : Symantec Corporation FileDescription : Common Client Event Manager Service InternalName : ccEvtMgr LegalCopyright : Copyright (c) 2000-2003 Symantec Corporation. All rights reserved. OriginalFilename : ccEvtMgr.exe #:16 [spoolsv.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1792 ThreadCreationTime : 04.04.2005 14:42:28 BasePriority : Normal FileVersion : 5.1.2600.0 (XPClient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Spooler SubSystem App InternalName : spoolsv.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : spoolsv.exe #:17 [ccapp.exe] FilePath : C:\Programme\Gemeinsame Dateien\Symantec Shared\ ProcessID : 1896 ThreadCreationTime : 04.04.2005 14:42:29 BasePriority : Normal FileVersion : 2.1.6.3 ProductVersion : 2.1.6.3 ProductName : Common Client CompanyName : Symantec Corporation FileDescription : Common Client User Session InternalName : ccApp LegalCopyright : Copyright (c) 2000-2003 Symantec Corporation. All rights reserved. OriginalFilename : ccApp.exe #:18 [icqlite.exe] FilePath : C:\Programme\ICQLite\ ProcessID : 1984 ThreadCreationTime : 04.04.2005 14:42:29 BasePriority : Normal FileVersion : 555 ProductVersion : 1, 0, 0 ProductName : ICQLite CompanyName : ICQ Ltd. FileDescription : ICQLite InternalName : ICQ Lite LegalCopyright : Copyright (C) 2002 OriginalFilename : ICQLite.exe #:19 [jusched.exe] FilePath : C:\Programme\Java\j2re1.4.2_06\bin\ ProcessID : 2016 ThreadCreationTime : 04.04.2005 14:42:29 BasePriority : Normal #:20 [bttray.exe] FilePath : C:\Programme\Bluetooth Software\ ProcessID : 2024 ThreadCreationTime : 04.04.2005 14:42:29 BasePriority : Normal FileVersion : 1.4.3 Build 4 ProductVersion : 1.4.3 Build 4 ProductName : Bluetooth Software 1.4.3 Build 4 CompanyName : WIDCOMM, Inc. FileDescription : Bluetooth Tray Application InternalName : BTTray LegalCopyright : Copyright WIDCOMM, Inc. 2000-2004. OriginalFilename : BTTray.exe #:21 [hotsync.exe] FilePath : C:\Programme\Palm\ ProcessID : 2044 ThreadCreationTime : 04.04.2005 14:42:30 BasePriority : Normal FileVersion : 4.0.2 ProductVersion : 4.0.2 ProductName : HotSync® Manager, Palm Desktop CompanyName : Palm, Inc. FileDescription : HotSync® Manager Application InternalName : HotSync® LegalCopyright : Copyright © 1995-2001 Palm, Inc. LegalTrademarks : HotSync® is a registered trademark of Palm, Inc. OriginalFilename : Hotsync.exe #:22 [msmsgs.exe] FilePath : C:\Programme\Messenger\ ProcessID : 420 ThreadCreationTime : 04.04.2005 14:42:31 BasePriority : Normal FileVersion : 4.7.0041 ProductVersion : Version 4.7 ProductName : Messenger CompanyName : Microsoft Corporation FileDescription : Messenger InternalName : msmsgs LegalCopyright : Copyright (c) Microsoft Corporation 1997-2001 LegalTrademarks : Microsoft(R) is a registered trademark of Microsoft Corporation in the U.S. and/or other countries. OriginalFilename : msmsgs.exe #:23 [btstac~1.exe] FilePath : C:\PROGRA~1\BLUETO~1\ ProcessID : 616 ThreadCreationTime : 04.04.2005 14:42:33 BasePriority : Normal FileVersion : 1.4.3 Build 4 ProductVersion : 1.4.3 Build 4 ProductName : Bluetooth Software 1.4.3 Build 4 CompanyName : WIDCOMM, Inc. FileDescription : Bluetooth Stack COM Server InternalName : BTStackServer LegalCopyright : Copyright WIDCOMM, Inc. 2000-2004. OriginalFilename : BTStackServer.exe #:24 [avwupsrv.exe] FilePath : C:\Programme\Viren,Trojaner,Würmer\ ProcessID : 156 ThreadCreationTime : 04.04.2005 14:42:34 BasePriority : Normal #:25 [btwdins.exe] FilePath : C:\Programme\Bluetooth Software\bin\ ProcessID : 964 ThreadCreationTime : 04.04.2005 14:42:34 BasePriority : Normal FileVersion : 1.4.3 Build 4 ProductVersion : 1.4.3 Build 4 ProductName : Bluetooth Software 1.4.3 Build 4 CompanyName : WIDCOMM, Inc. FileDescription : Bluetooth Support Server InternalName : BTWDIns LegalCopyright : Copyright WIDCOMM, Inc. 2000-2004. OriginalFilename : BTWDIns.EXE #:26 [ccproxy.exe] FilePath : C:\Programme\Gemeinsame Dateien\Symantec Shared\ ProcessID : 980 ThreadCreationTime : 04.04.2005 14:42:34 BasePriority : Normal FileVersion : 2.1.6.3 ProductVersion : 2.1.6.3 ProductName : Common Client CompanyName : Symantec Corporation FileDescription : Common Client Network Proxy Service InternalName : ccProxy LegalCopyright : Copyright (c) 2000-2003 Symantec Corporation. All rights reserved. OriginalFilename : ccProxy.exe #:27 [navapsvc.exe] FilePath : C:\Programme\Norton Internet Security\Norton AntiVirus\ ProcessID : 1264 ThreadCreationTime : 04.04.2005 14:42:35 BasePriority : Normal FileVersion : 10.00.13 ProductVersion : 10.00.13 ProductName : Norton AntiVirus CompanyName : Symantec Corporation FileDescription : Norton AntiVirus Auto-Protect Service InternalName : NAVAPSVC LegalCopyright : Norton AntiVirus 2004 for Windows 98/ME/2000/XP Copyright (c) 2003 Symantec Corporation. All rights reserved. OriginalFilename : NAVAPSVC.EXE #:28 [wdfmgr.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 1540 ThreadCreationTime : 04.04.2005 14:42:36 BasePriority : Normal FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act) ProductVersion : 5.2.3790.1230 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Windows User Mode Driver Manager InternalName : WdfMgr LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : WdfMgr.exe #:29 [savscan.exe] FilePath : C:\Programme\Norton Internet Security\Norton AntiVirus\ ProcessID : 2572 ThreadCreationTime : 04.04.2005 14:42:44 BasePriority : Normal ProductVersion : 9.2 ProductName : Symantec AntiVirus AutoProtect CompanyName : Symantec Corporation FileDescription : Symantec AntiVirus Scanner InternalName : SAVSCAN LegalCopyright : Copyright (c) 2004 Symantec Corporation OriginalFilename : SAVSCAN.EXE #:30 [wuauclt.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 160 ThreadCreationTime : 04.04.2005 14:43:21 BasePriority : Normal FileVersion : 5.4.3790.2182 built by: srv03_rtm(ntvbl04) ProductVersion : 5.4.3790.2182 ProductName : Betriebssystem Microsoft® Windows® CompanyName : Microsoft Corporation FileDescription : Automatische Updates InternalName : wuauclt.exe LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten. OriginalFilename : wuauclt.exe #:31 [ad-aware.exe] FilePath : C:\Programme\Viren,Trojaner,Würmer\Ad-Aware SE Personal\ ProcessID : 3340 ThreadCreationTime : 04.04.2005 14:43:55 BasePriority : Normal FileVersion : 6.2.0.206 ProductVersion : VI.Second Edition ProductName : Lavasoft Ad-Aware SE CompanyName : Lavasoft Sweden FileDescription : Ad-Aware SE Core application InternalName : Ad-Aware.exe LegalCopyright : Copyright © Lavasoft Sweden OriginalFilename : Ad-Aware.exe Comments : All Rights Reserved Memory scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 40 Started registry scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Aconti-Dialer Object Recognized! Type : Regkey Data : Category : Malware Comment : Rootkey : HKEY_CLASSES_ROOT Object : acontixcontrol Aconti-Dialer Object Recognized! Type : RegValue Data : Category : Malware Comment : Rootkey : HKEY_CLASSES_ROOT Object : acontixcontrol Value : Alexa Object Recognized! Type : Regkey Data : Category : Data Miner Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} Alexa Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} Value : MenuText Alexa Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} Value : MenuStatusBar Alexa Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} Value : Script Alexa Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} Value : clsid Alexa Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} Value : Icon Alexa Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} Value : HotIcon Alexa Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} Value : ButtonText Other Object Recognized! Type : Regkey Data : Category : Data Miner Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\aveo Alexa Object Recognized! Type : RegValue Data : Category : Data Miner Comment : "{c95fe080-8f5d-11d2-a20b-00aa003c157a}" Rootkey : HKEY_USERS Object : .DEFAULT\software\microsoft\internet explorer\extensions\cmdmapping Value : {c95fe080-8f5d-11d2-a20b-00aa003c157a} Alexa Object Recognized! Type : RegValue Data : Category : Data Miner Comment : "{c95fe080-8f5d-11d2-a20b-00aa003c157a}" Rootkey : HKEY_USERS Object : S-1-5-18\software\microsoft\internet explorer\extensions\cmdmapping Value : {c95fe080-8f5d-11d2-a20b-00aa003c157a} Alexa Object Recognized! Type : RegValue Data : Category : Data Miner Comment : "{c95fe080-8f5d-11d2-a20b-00aa003c157a}" Rootkey : HKEY_USERS Object : S-1-5-21-789336058-573735546-725345543-1001\software\microsoft\internet explorer\extensions\cmdmapping Value : {c95fe080-8f5d-11d2-a20b-00aa003c157a} Registry Scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 14 Objects found so far: 54 Started deep registry scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Deep registry scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 54 Started Tracking Cookie scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@cgi-bin[4].txt Category : Data Miner Comment : Hits:1 Value : Cookie:hai@www.filmundo.de/cgi-bin/ Expires : 29.11.2004 13:39:42 LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@adserver[1].txt Category : Data Miner Comment : Hits:1 Value : Cookie:hai@moon.interia.pl/adserver/ Expires : 12.02.2005 01:45:16 LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@tradedoubler[1].txt Category : Data Miner Comment : Hits:103 Value : Cookie:hai@tradedoubler.com/ Expires : 23.09.2024 18:20:42 LastSync : Hits:103 UseCount : 0 Hits : 103 Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@adserver.71i[1].txt Category : Data Miner Comment : Hits:169 Value : Cookie:hai@adserver.71i.de/ Expires : 30.12.2037 18:00:00 LastSync : Hits:169 UseCount : 0 Hits : 169 Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@atdmt[2].txt Category : Data Miner Comment : Hits:5 Value : Cookie:hai@atdmt.com/ Expires : 02.04.2010 02:00:00 LastSync : Hits:5 UseCount : 0 Hits : 5 Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@cgi-bin[9].txt Category : Data Miner Comment : Hits:2 Value : Cookie:hai@wetteronline.de/cgi-bin/ Expires : 23.03.2005 18:01:14 LastSync : Hits:2 UseCount : 0 Hits : 2 Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@www.smartadserver[1].txt Category : Data Miner Comment : Hits:2 Value : Cookie:hai@www.smartadserver.com/ Expires : 27.11.2010 01:00:00 LastSync : Hits:2 UseCount : 0 Hits : 2 Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@redeye.willhill[2].txt Category : Data Miner Comment : Hits:121 Value : Cookie:hai@redeye.willhill.com/ Expires : 01.01.2036 02:00:00 LastSync : Hits:121 UseCount : 0 Hits : 121 Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@2o7[1].txt Category : Data Miner Comment : Hits:382 Value : Cookie:hai@2o7.net/ Expires : 03.04.2010 16:42:52 LastSync : Hits:382 UseCount : 0 Hits : 382 Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@cgi-bin[1].txt Category : Data Miner Comment : Hits:38 Value : Cookie:hai@www.bonprix-shop.de/mall/cgi-bin/ Expires : 01.05.2005 13:25:32 LastSync : Hits:38 UseCount : 0 Hits : 38 Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@tripod[1].txt Category : Data Miner Comment : Hits:3 Value : Cookie:hai@tripod.com/ Expires : 31.10.2005 16:20:52 LastSync : Hits:3 UseCount : 0 Hits : 3 Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@adserver.notebookinfo[1].txt Category : Data Miner Comment : Hits:1 Value : Cookie:hai@adserver.notebookinfo.de/ Expires : 22.10.2005 19:00:46 LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@smm.valueclick[2].txt Category : Data Miner Comment : Hits:12 Value : Cookie:hai@smm.valueclick.net/ Expires : 23.08.2005 21:36:56 LastSync : Hits:12 UseCount : 0 Hits : 12 Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@mediaplex[1].txt Category : Data Miner Comment : Hits:5 Value : Cookie:hai@mediaplex.com/ Expires : 22.06.2009 02:00:00 LastSync : Hits:5 UseCount : 0 Hits : 5 Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@z1.adserver[1].txt Category : Data Miner Comment : Hits:26 Value : Cookie:hai@z1.adserver.com/ Expires : 23.03.2006 10:30:52 LastSync : Hits:26 UseCount : 0 Hits : 26 Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@trafficmp[2].txt Category : Data Miner Comment : Hits:127 Value : Cookie:hai@trafficmp.com/ Expires : 26.02.2006 22:34:30 LastSync : Hits:127 UseCount : 0 Hits : 127 Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@adtech[2].txt Category : Data Miner Comment : Hits:121 Value : Cookie:hai@adtech.de/ Expires : 17.10.2014 14:40:44 LastSync : Hits:121 UseCount : 0 Hits : 121 Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@serving-sys[1].txt Category : Data Miner Comment : Hits:556 Value : Cookie:hai@serving-sys.com/ Expires : 01.01.2038 07:00:00 LastSync : Hits:556 UseCount : 0 Hits : 556 Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@bfast[2].txt Category : Data Miner Comment : Hits:30 Value : Cookie:hai@bfast.com/ Expires : 02.04.2025 21:07:54 LastSync : Hits:30 UseCount : 0 Hits : 30 Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@as-us.falkag[2].txt Category : Data Miner Comment : Hits:15 Value : Cookie:hai@as-us.falkag.net/ Expires : 04.04.2006 16:28:32 LastSync : Hits:15 UseCount : 0 Hits : 15 Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@partners.webmasterplan[1].txt Category : Data Miner Comment : Hits:160 Value : Cookie:hai@partners.webmasterplan.com/ Expires : 02.05.2005 LastSync : Hits:160 UseCount : 0 Hits : 160 Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@cgi-bin[3].txt Category : Data Miner Comment : Hits:57 Value : Cookie:hai@edgar.de/cgi-bin/ Expires : 06.02.2022 13:12:00 LastSync : Hits:57 UseCount : 0 Hits : 57 Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@overture[2].txt Category : Data Miner Comment : Hits:68 Value : Cookie:hai@overture.com/ Expires : 13.03.2015 22:01:18 LastSync : Hits:68 UseCount : 0 Hits : 68 Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@count.xhit[2].txt Category : Data Miner Comment : Hits:257 Value : Cookie:hai@count.xhit.com/ Expires : 27.01.2006 18:22:40 LastSync : Hits:257 UseCount : 0 Hits : 257 Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@adserver.kindergaudi[2].txt Category : Data Miner Comment : Hits:16 Value : Cookie:hai@adserver.kindergaudi.de/ Expires : 01.03.2005 09:40:04 LastSync : Hits:16 UseCount : 0 Hits : 16 Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@cxoadfarm.dyndns[1].txt Category : Data Miner Comment : Hits:22 Value : Cookie:hai@cxoadfarm.dyndns.info/ Expires : 21.02.2006 00:28:30 LastSync : Hits:22 UseCount : 0 Hits : 22 Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@doubleclick[1].txt Category : Data Miner Comment : Hits:8 Value : Cookie:hai@doubleclick.net/ Expires : 02.04.2008 14:48:40 LastSync : Hits:8 UseCount : 0 Hits : 8 Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@server.iad.liveperson[1].txt Category : Data Miner Comment : Hits:15 Value : Cookie:hai@server.iad.liveperson.net/ Expires : 01.10.2005 20:07:14 LastSync : Hits:15 UseCount : 0 Hits : 15 Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@qsrch[2].txt Category : Data Miner Comment : Hits:20 Value : Cookie:hai@qsrch.com/ Expires : 01.04.2005 20:27:16 LastSync : Hits:20 UseCount : 0 Hits : 20 Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@as1.falkag[2].txt Category : Data Miner Comment : Hits:2557 Value : Cookie:hai@as1.falkag.de/ Expires : 03.05.2005 22:09:40 LastSync : Hits:2557 UseCount : 0 Hits : 2557 Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@www.inside-adserver[2].txt Category : Data Miner Comment : Hits:4 Value : Cookie:hai@www.inside-adserver.de/ Expires : 15.10.2005 14:02:56 LastSync : Hits:4 UseCount : 0 Hits : 4 Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@as-eu.falkag[1].txt Category : Data Miner Comment : Hits:785 Value : Cookie:hai@as-eu.falkag.net/ Expires : 21.03.2006 19:18:14 LastSync : Hits:785 UseCount : 0 Hits : 785 Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@gator[1].txt Category : Data Miner Comment : Hits:27 Value : Cookie:hai@gator.com/ Expires : 13.03.2005 23:43:50 LastSync : Hits:27 UseCount : 0 Hits : 27 Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@please[2].txt Category : Data Miner Comment : Hits:3 Value : Cookie:hai@ad2.de.mediainter.net/please/ Expires : 06.01.2006 22:20:38 LastSync : Hits:3 UseCount : 0 Hits : 3 Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@bluestreak[1].txt Category : Data Miner Comment : Hits:3 Value : Cookie:hai@bluestreak.com/ Expires : 19.10.2014 16:40:28 LastSync : Hits:3 UseCount : 0 Hits : 3 Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@cgi-bin[7].txt Category : Data Miner Comment : Hits:1491 Value : Cookie:hai@imrworldwide.com/cgi-bin Expires : 02.04.2015 16:20:40 LastSync : Hits:1491 UseCount : 0 Hits : 1491 Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@kelkoo[1].txt Category : Data Miner Comment : Hits:12 Value : Cookie:hai@kelkoo.de/ Expires : 22.10.2006 18:33:50 LastSync : Hits:12 UseCount : 0 Hits : 12 Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@a.as-eu.falkag[2].txt Category : Data Miner Comment : Hits:236 Value : Cookie:hai@a.as-eu.falkag.net/ Expires : 08.10.2005 17:47:08 LastSync : Hits:236 UseCount : 0 Hits : 236 Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@adverserve[2].txt Category : Data Miner Comment : Hits:6 Value : Cookie:hai@adverserve.net/ Expires : 01.01.2011 02:00:00 LastSync : Hits:6 UseCount : 0 Hits : 6 Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@questionmarket[1].txt Category : Data Miner Comment : Hits:1 Value : Cookie:hai@questionmarket.com/ Expires : 17.05.2006 11:04:14 LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@stats1.clicktracks[2].txt Category : Data Miner Comment : Hits:38 Value : Cookie:hai@stats1.clicktracks.com/ Expires : 10.03.2015 21:26:46 LastSync : Hits:38 UseCount : 0 Hits : 38 Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@versiontracker[1].txt Category : Data Miner Comment : Hits:12 Value : Cookie:hai@versiontracker.com/ Expires : 04.04.2007 16:39:46 LastSync : Hits:12 UseCount : 0 Hits : 12 Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@adserver.ath[1].txt Category : Data Miner Comment : Hits:18 Value : Cookie:hai@adserver.ath.cx/ Expires : 12.11.2005 21:14:04 LastSync : Hits:18 UseCount : 0 Hits : 18 Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@cgi-bin[8].txt Category : Data Miner Comment : Hits:3 Value : Cookie:hai@customerservice.fwctc.com/cgi-bin/ Expires : 27.03.2005 05:04:16 LastSync : Hits:3 UseCount : 0 Hits : 3 Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@estat[1].txt Category : Data Miner Comment : Hits:34 Value : Cookie:hai@estat.com/ Expires : 24.02.2015 22:13:30 LastSync : Hits:34 UseCount : 0 Hits : 34 Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@realmedia[1].txt Category : Data Miner Comment : Hits:1 Value : Cookie:hai@realmedia.com/ Expires : 01.01.2011 02:00:00 LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@bilbo.counted[2].txt Category : Data Miner Comment : Hits:2 Value : Cookie:hai@bilbo.counted.com/ Expires : 27.01.2006 16:43:58 LastSync : Hits:2 UseCount : 0 Hits : 2 Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@sel.as-eu.falkag[1].txt Category : Data Miner Comment : Hits:28 Value : Cookie:hai@sel.as-eu.falkag.net/ Expires : 02.05.2005 17:23:44 LastSync : Hits:28 UseCount : 0 Hits : 28 Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@tickle[1].txt Category : Data Miner Comment : Hits:3 Value : Cookie:hai@tickle.com/ Expires : 24.03.2005 10:31:10 LastSync : Hits:3 UseCount : 0 Hits : 3 Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@tophits4u[1].txt Category : Data Miner Comment : Hits:1 Value : Cookie:hai@tophits4u.de/ Expires : 31.12.2010 02:00:00 LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@adserver.speed5[2].txt Category : Data Miner Comment : Hits:3 Value : Cookie:hai@adserver.speed5.de/ Expires : 03.03.2005 08:43:16 LastSync : Hits:3 UseCount : 0 Hits : 3 Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@promo.match[2].txt Category : Data Miner Comment : Hits:13 Value : Cookie:hai@promo.match.com/ Expires : 28.12.2004 04:41:58 LastSync : Hits:13 UseCount : 0 Hits : 13 Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@cgi-bin[2].txt Category : Data Miner Comment : Hits:1 Value : Cookie:hai@www.timelife-europe.com/cgi-bin Expires : 12.12.2004 18:19:42 LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@tribalfusion[1].txt Category : Data Miner Comment : Hits:1 Value : Cookie:hai@tribalfusion.com/ Expires : 01.01.2038 02:00:00 LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@www.falkag[2].txt Category : Data Miner Comment : Hits:2 Value : Cookie:hai@www.falkag.de/ Expires : 01.01.2020 02:00:00 LastSync : Hits:2 UseCount : 0 Hits : 2 Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@fastclick[1].txt Category : Data Miner Comment : Hits:61 Value : Cookie:hai@fastclick.net/ Expires : 28.02.2007 22:10:14 LastSync : Hits:61 UseCount : 0 Hits : 61 Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@valueclick[2].txt Category : Data Miner Comment : Hits:5 Value : Cookie:hai@valueclick.net/ Expires : 22.01.2030 21:51:28 LastSync : Hits:5 UseCount : 0 Hits : 5 Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@count.eanalyzer[1].txt Category : Data Miner Comment : Hits:3 Value : Cookie:hai@count.eanalyzer.de/ Expires : 12.12.2005 22:25:04 LastSync : Hits:3 UseCount : 0 Hits : 3 Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@www.counter-gratis[2].txt Category : Data Miner Comment : Hits:4 Value : Cookie:hai@www.counter-gratis.com/ Expires : 15.01.2005 19:24:34 LastSync : Hits:4 UseCount : 0 Hits : 4 Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@www.trackreport[2].txt Category : Data Miner Comment : Hits:4 Value : Cookie:hai@www.trackreport.de/ Expires : 17.12.2014 19:04:52 LastSync : Hits:4 UseCount : 0 Hits : 4 Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@bs.serving-sys[2].txt Category : Data Miner Comment : Hits:9 Value : Cookie:hai@bs.serving-sys.com/ Expires : 01.01.2038 07:00:00 LastSync : Hits:9 UseCount : 0 Hits : 9 Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@maxserving[2].txt Category : Data Miner Comment : Hits:2 Value : Cookie:hai@maxserving.com/ Expires : 31.03.2015 21:08:16 LastSync : Hits:2 UseCount : 0 Hits : 2 Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@apmebf[1].txt Category : Data Miner Comment : Hits:9 Value : Cookie:hai@apmebf.com/ Expires : 03.01.2010 20:19:34 LastSync : Hits:9 UseCount : 0 Hits : 9 Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@servedby.netshelter[1].txt Category : Data Miner Comment : Hits:9 Value : Cookie:hai@servedby.netshelter.net/ Expires : 11.04.2005 16:16:46 LastSync : Hits:9 UseCount : 0 Hits : 9 Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@casalemedia[1].txt Category : Data Miner Comment : Hits:155 Value : Cookie:hai@casalemedia.com/ Expires : 03.03.2006 19:08:02 LastSync : Hits:155 UseCount : 0 Hits : 155 Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@statcounter[1].txt Category : Data Miner Comment : Hits:1 Value : Cookie:hai@statcounter.com/ Expires : 07.03.2010 18:40:48 LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@cgi-bin[6].txt Category : Data Miner Comment : Hits:4 Value : Cookie:hai@timelife-europe.com/cgi-bin/ Expires : 10.01.2005 18:20:32 LastSync : Hits:4 UseCount : 0 Hits : 4 Tracking cookie scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 67 Objects found so far: 121 Deep scanning and examining files (C »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@adserver.71i[1].txt Category : Data Miner Comment : Value : C:\Dokumente und Einstellungen\HAI.HAI-DLRG\Lokale Einstellungen\Temp\Cookies\hai@adserver.71i[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@adtech[2].txt Category : Data Miner Comment : Value : C:\Dokumente und Einstellungen\HAI.HAI-DLRG\Lokale Einstellungen\Temp\Cookies\hai@adtech[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@as1.falkag[1].txt Category : Data Miner Comment : Value : C:\Dokumente und Einstellungen\HAI.HAI-DLRG\Lokale Einstellungen\Temp\Cookies\hai@as1.falkag[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@atdmt[2].txt Category : Data Miner Comment : Value : C:\Dokumente und Einstellungen\HAI.HAI-DLRG\Lokale Einstellungen\Temp\Cookies\hai@atdmt[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@bfast[2].txt Category : Data Miner Comment : Value : C:\Dokumente und Einstellungen\HAI.HAI-DLRG\Lokale Einstellungen\Temp\Cookies\hai@bfast[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@cgi-bin[2].txt Category : Data Miner Comment : Value : C:\Dokumente und Einstellungen\HAI.HAI-DLRG\Lokale Einstellungen\Temp\Cookies\hai@cgi-bin[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@count.xhit[2].txt Category : Data Miner Comment : Value : C:\Dokumente und Einstellungen\HAI.HAI-DLRG\Lokale Einstellungen\Temp\Cookies\hai@count.xhit[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@doubleclick[1].txt Category : Data Miner Comment : Value : C:\Dokumente und Einstellungen\HAI.HAI-DLRG\Lokale Einstellungen\Temp\Cookies\hai@doubleclick[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@ehg-sonyeu.hitbox[2].txt Category : Data Miner Comment : Value : C:\Dokumente und Einstellungen\HAI.HAI-DLRG\Lokale Einstellungen\Temp\Cookies\hai@ehg-sonyeu.hitbox[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@ehg.hitbox[2].txt Category : Data Miner Comment : Value : C:\Dokumente und Einstellungen\HAI.HAI-DLRG\Lokale Einstellungen\Temp\Cookies\hai@ehg.hitbox[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@hitbox[2].txt Category : Data Miner Comment : Value : C:\Dokumente und Einstellungen\HAI.HAI-DLRG\Lokale Einstellungen\Temp\Cookies\hai@hitbox[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : hai@mediaplex[1].txt Category : Data Miner Comment : Value : C:\Dokumente und Einstellungen\HAI.HAI-DLRG\Lokale Einstellungen\Temp\Cookies\hai@mediaplex[1].txt Disk Scan Result for C:\ »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 133 Deep scanning and examining files (D »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Disk Scan Result for D:\ »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 133 Scanning Hosts file...... Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts". »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Hosts file scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» 1 entries scanned. New critical objects:0 Objects found so far: 133 Performing conditional scans... »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Conditional scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 133 16:53:10 Scan Complete Summary Of This Scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Total scanning time:00:09:02.31 Objects scanned:142700 Objects identified:93 Objects ignored:0 New critical objects:93 |
|
|
||
05.04.2005, 00:00
Ehrenmitglied
Beiträge: 29434 |
#10
Hallo@Scholle21
#ClaerProg..lade die neuste Version <1.4.1 http://www.clearprog.de/downloads.php <und saeubere den Browser. Das Programm löscht die Surfspuren des Internet Explorers ab Version 5.0, des Netscape/Mozilla und des Opera: - Cookies - Verlauf - Temporäre Internetfiles (Cache) #Alternativbrowser zum IE Firefox http://www.firefox-browser.de/windows.php http://www.mozilla-europe.org/de/ Installation+Konfiguration Firefox http://www.pcwelt.de/know-how/software/103924/index1.html __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
05.04.2005, 22:07
Member
Themenstarter Beiträge: 29 |
||
|
||
Mein Internet Security zeigt an das ich ein virus habe. Kann ihn aber nich löschen oder isolieren. Kann bitte einmal jemand auf mein hijackthis Logfile schauen. Danke
kenn mich damit nicht aus und bin auf eure Hilfe angewiesen. Ein rises Danke schön.
Logfile of HijackThis v1.98.2
Scan saved at 14:26:47, on 03.04.2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe
C:\Programme\Java\j2re1.4.2_06\bin\jusched.exe
C:\Programme\Viren,Trojaner,Würmer\AVWUPSRV.EXE
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccProxy.exe
C:\Programme\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Programme\Norton Internet Security\Norton AntiVirus\SAVScan.exe
C:\Programme\Messenger\msmsgs.exe
C:\Programme\Viren,Trojaner,Würmer\ZIP\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Programme\Gemeinsame Dateien\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programme\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Programme\Gemeinsame Dateien\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programme\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Programme\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Programme\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [websx] C:\Programme\websx\int327777.exe -auto
O4 - HKLM\..\Run: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -minimize
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\j2re1.4.2_06\bin\jusched.exe
O4 - HKLM\..\Run: [Bluethooth] C:\Programme\Bluetooth Software\BTTray.exe
O4 - HKLM\..\Run: [CorelDRAW Graphics Suite 11b] C:\Programme\Corel\Corel Graphics 12\Languages\DE\Programs\Registration.exe /title="CorelDRAW Graphics Suite 12" /date=041705 Seri*hier nicht!*=DR12WEB-6913797-JVQ lang=DE
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -trayboot
O4 - Startup: HotSync Manager.LNK = C:\Programme\Palm\HOTSYNC.EXE
O4 - Global Startup: HotSync Manager.LNK = C:\Programme\Palm\HOTSYNC.EXE
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Programme\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: ICQ 4.1 - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Bluetooth Software\btsendto_ie.htm
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1094046719226
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {7589EEE6-E336-11D4-8A7E-EE1D971D9B47} (AcontiX Control) - http://secure.aconti.net/acontix/acontix.cab
O16 - DPF: {8FA9D107-547B-4DBC-9D88-FABD891EDB0A} (shizmoo Class) - http://playroom.icq.com/odyssey_web11.cab
O16 - DPF: {9E98E84C-79E1-49C3-82EB-798FCD552EFB} (VacPro.internazionale_ver4) - http://advnt01.com/dialer/internazionale_ver4.CAB
O16 - DPF: {AABB591F-CEB3-404A-A979-AA30B16CB914} (IPLabs Image Uploader 2.5) - http://asp03.photoprintit.de/microsite/2976/defaults/activex/ImageUploader2.cab
O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IP-Uploader Control) - http://asp03.photoprintit.de/microsite/2976/defaults/activex/ImageUploader3.cab
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/hpdj/de/check/qdiagh.cab?322
O16 - DPF: {F0BC061F-DAF9-4533-8011-53BCB4C10307} (Installations Assistent) - http://install.serviceurl.de/InstallationsAssistent.ocx
O17 - HKLM\System\CCS\Services\Tcpip\..\{9E7A7CE6-A601-4C3C-8DEC-9354A07AB1F1}: NameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{B8D6F283-6966-42F6-92A7-EDC18C06C0B7}: NameServer = 192.168.0.1