Kein Internet und verdacht auf Virus |
||
---|---|---|
#0
| ||
13.04.2005, 16:49
...neu hier
Beiträge: 10 |
||
|
||
13.04.2005, 22:30
Member
Beiträge: 1132 |
#2
Hallo TheTrueSnake,
HijackThis 1.99.1 http://www.downloads.subratam.org/hijackthis.zip http://www.spywareinfo.com/~merijn/files/hijackthis.zip Installiere das Programm in einem eigenen Ordner. Starte das Programm mit der exe-Datei => Scan drücken => Save Log drücken => der Texteditor mit dem Log öffnet sich. Den gesamten Text abkopieren und hierher posten. Gruß Heron __________ "Die Welt ist groß, weil der Kopf so klein" Wilhelm Busch |
|
|
||
13.04.2005, 23:21
...neu hier
Themenstarter Beiträge: 10 |
#3
ok hier:
Logfile of HijackThis v1.99.1 Scan saved at 23:21:17, on 13.04.2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Programme\Java\j2re1.4.2_04\bin\jusched.exe C:\WINDOWS\Twain_32\SlimU2\HotKey.exe C:\Programme\PERFECT SERIES\OPTICAL MOUSE\4.0\MOUSE32A.EXE C:\Programme\HP\HP Software Update\HPWuSchd.exe C:\Programme\HP\hpcoretech\hpcmpmgr.exe C:\Programme\Deamon Tool\daemon.exe C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe C:\Programme\QuickTime\qttask.exe C:\Programme\Musicmatch\Musicmatch Jukebox\mm_server.exe C:\Programme\Musicmatch\Musicmatch Jukebox\mmtask.exe C:\Programme\Gemeinsame Dateien\CMEII\CMESys.exe C:\Programme\Musicmatch\Musicmatch Jukebox\MMDiag.exe C:\WINDOWS\System32\ctfmon.exe C:\Programme\Gemeinsame Dateien\GMT\GMT.exe C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe C:\Programme\Common\Bin\WinCinemaMgr.exe C:\Programme\DeTeMedien\Das Telefonbuch für Deutschland\OMAlarm.exe C:\Programme\Ulead Photo Express 4.0 SE\CalCheck.exe C:\Programme\Logitech\MouseWare\system\em_exec.exe C:\Programme\VLC\vlc.exe C:\WINDOWS\system32\notepad.exe C:\Programme\Hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://best-search.cc/search.php?v=6&aff=6170146 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://best-search.cc/index.php?v=6&aff=6170146 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tgr-bielefeld.de/ R3 - URLSearchHook: (no name) - {20EC3D2D-33C1-4C9D-BC37-C2D500688DA2} - (no file) O1 - Hosts file is located at: C:\WINDOWS\nsdb\hosts O1 - Hosts: 81.211.105.69 lender-search.com O1 - Hosts: 81.211.105.68 hot-searches.com O2 - BHO: MultiMPPObj Class - {002EB272-2590-4693-B166-FBD5D9B6FEA6} - C:\WINDOWS\multimpp.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FLASHG~1.50\jccatch.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar1.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHG~1.50\fgiebar.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar1.dll O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\j2re1.4.2_04\bin\jusched.exe O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe O4 - HKLM\..\Run: [HotKey] C:\WINDOWS\Twain_32\SlimU2\HotKey.exe O4 - HKLM\..\Run: [LWBMOUSE] C:\Programme\PERFECT SERIES\OPTICAL MOUSE\4.0\MOUSE32A.EXE O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [HP Software Update] "C:\Programme\HP\HP Software Update\HPWuSchd.exe" O4 - HKLM\..\Run: [HP Component Manager] "C:\Programme\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Programme\Deamon Tool\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [bcncubtgwt] C:\WINDOWS\System32\fumews.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [mm_server] C:\Programme\Musicmatch\Musicmatch Jukebox\mm_server.exe O4 - HKLM\..\Run: [mmtask] C:\Programme\Musicmatch\Musicmatch Jukebox\mmtask.exe O4 - HKLM\..\Run: [CMESys] "C:\Programme\Gemeinsame Dateien\CMEII\CMESys.exe" O4 - HKLM\..\Run: [EbatesMoeMoneyMaker0] "C:\Programme\Ebates_MoeMoneyMaker\EbatesMoeMoneyMaker0.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: GStartup.lnk = C:\Programme\Gemeinsame Dateien\GMT\GMT.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Programme\Common\Bin\WinCinemaMgr.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programme\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: OfficeManager Terminerinnerung.lnk = ? O4 - Global Startup: Ulead Kalendar Checker 4.0 SE.lnk = C:\Programme\Ulead Photo Express 4.0 SE\CalCheck.exe O8 - Extra context menu item: &Google Search - res://c:\programme\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Alles mit FlashGet laden - C:\Programme\Flash Get 1.50\jc_all.htm O8 - Extra context menu item: Ebates - file://C:\Programme\Ebates_MoeMoneyMaker\Sy350\Tp350\scri350a.htm O8 - Extra context menu item: Im Cache gespeicherte Seite - res://c:\programme\google\GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: Mit FlashGet laden - C:\Programme\Flash Get 1.50\jc_link.htm O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Verweisseiten - res://c:\programme\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Ähnliche Seiten - res://c:\programme\google\GoogleToolbar1.dll/cmsimilar.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing) O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing) O9 - Extra button: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Programme\ICQ\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Programme\ICQ\ICQ.exe O9 - Extra button: ICQ 4 - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHG~1.50\flashget.exe O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHG~1.50\flashget.exe O9 - Extra button: Ebates - {6685509E-B47B-4f47-8E16-9A5F3A62F683} - file://C:\Programme\Ebates_MoeMoneyMaker\Sy350\Tp350\scri350a.htm (HKCU) O15 - Trusted Zone: *.musicmatch.com O15 - Trusted Zone: *.musicmatch.com (HKLM) O16 - DPF: {14A3221B-1678-1982-A355-7263B1281987} - ms-its:mhtml:file://C:\foo.mht!http://195.190.118.140/e9xr2.chm::/file.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1101772197673 O16 - DPF: {CA034DCC-A580-4333-B52F-15F98C42E04C} (Downloader Class) - http://www.stopzilla.com/_download/Auto_Installer/dwnldr.cab O16 - DPF: {FB48C7B0-EB66-4BE6-A1C5-9DDF3C37249A} (MCSendMessageHandler Class) - http://xtraz.icq.com/xtraz/activex/MISBH.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{E73FB0C1-68E1-43E6-851C-8107752777A4}: NameServer = 192.168.2.1 O18 - Filter: text/html - {4F7681E5-6CAF-478D-9CB8-4CA593BEE7FB} - (no file) O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe |
|
|
||
14.04.2005, 00:46
Member
Beiträge: 20 |
#4
Vorweg: Diese Datei (C:\WINDOWS\System32\fumews.exe) bitte zu allererst bei jotti -> http://virusscan.jotti.org/de/ prüfen und Ergebnis hier posten.
Zitat TheTrueSnake postete Das SP2 fehlt! C:\Programme\Java\j2re1.4.2_04\bin\jusched.exe Java ist veraltet (=erhebliche Sicherheitslücken!). Bitte updaten. C:\Programme\Gemeinsame Dateien\CMEII\CMESys.exe Das ist Spyware. C:\Programme\Gemeinsame Dateien\GMT\GMT.exe Ebenfalls. R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://best-search.cc/search.php?v=6&aff=6170146 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://best-search.cc/index.php?v=6&aff=6170146 Der Browser wurde entführt. Diese Einträge löschen (IE schließen, Einträge in HijackThis markieren, "Fix checked" wählen). R3 - URLSearchHook: (no name) - {20EC3D2D-33C1-4C9D-BC37-C2D500688DA2} - (no file) O1 - Hosts file is located at: C:\WINDOWS\nsdb\hosts O1 - Hosts: 81.211.105.69 lender-search.com O1 - Hosts: 81.211.105.68 hot-searches.com O2 - BHO: MultiMPPObj Class - {002EB272-2590-4693-B166-FBD5D9B6FEA6} - C:\WINDOWS\multimpp.dll O4 - HKLM\..\Run: [bcncubtgwt] C:\WINDOWS\System32\fumews.exe O4 - HKLM\..\Run: [CMESys] "C:\Programme\Gemeinsame Dateien\CMEII\CMESys.exe" O4 - HKLM\..\Run: [EbatesMoeMoneyMaker0] "C:\Programme\Ebates_MoeMoneyMaker\EbatesMoeMoneyMaker0.exe" O4 - Global Startup: GStartup.lnk = C:\Programme\Gemeinsame Dateien\GMT\GMT.exe O8 - Extra context menu item: Ebates - file://C:\Programme\Ebates_MoeMoneyMaker\Sy350\Tp350\scri350a.htm O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra button: Ebates - {6685509E-B47B-4f47-8E16-9A5F3A62F683} - file://C:\Programme\Ebates_MoeMoneyMaker\Sy350\Tp350\scri350a.htm (HKCU) O15 - Trusted Zone: *.musicmatch.com O15 - Trusted Zone: *.musicmatch.com (HKLM) O16 - DPF: {14A3221B-1678-1982-A355-7263B1281987} - ms-its:mhtml:file://C:\foo.mht!http://195.190.118.140/e9xr2.chm::/file.exe O18 - Filter: text/html - {4F7681E5-6CAF-478D-9CB8-4CA593BEE7FB} - (no file) Das ebenfalls entfernen, eine Mischung aus verschiedenen Schädlingen. |
|
|
||
14.04.2005, 01:48
...neu hier
Themenstarter Beiträge: 10 |
#5
Ok das klingt schonmal alles sehr nützlich
nur ähm soll nu keine Kritik sein ich hör schon immer von allen möglichen Leuten man muss SP2 drauf machen, ich hab aber auch gehört das dann viele Programme nicht mehr funktionieren ... Ist da was dran oder nicht? Edit: Bei dem Scan ganz oben kommt diese Meldung: Zitat The file you uploaded is 0 bytes. It is very likely a firewall or a piece of malware is prohibiting you from uploading this file Also das geht nicht und an der Firewall kanns net liegen ... Außerdem konnte ich die Datei nicht "erbrowsern" nur wenn ich sie direkt eingetragen habe gings Edit2: Habe alles soweit fertig bis auf den Virenscan oben und das SP2 und habe nochmal Antivir drüber laufen lassen der meinte das ich folgende Viren habe: TR/Dldr.Stubb:C TR/Hijack.MultiPP TR/Dldr.Krapper.3 Alle in *.cab Dateien, aber löschen oder reparieren bietet er mir nicht an Was kann man damit wiederrum machen? Dieser Beitrag wurde am 14.04.2005 um 02:27 Uhr von TheTrueSnake editiert.
|
|
|
||
14.04.2005, 09:36
Member
Beiträge: 1132 |
#6
Poste erst einmal ein aktuelles HJT Log, damit man sehen kann, was Du bisher erreicht hast.
Gruß Heron __________ "Die Welt ist groß, weil der Kopf so klein" Wilhelm Busch |
|
|
||
14.04.2005, 13:02
...neu hier
Themenstarter Beiträge: 10 |
#7
Bitte schön
Logfile of HijackThis v1.99.1 Scan saved at 13:04:37, on 14.04.2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Programme\Java\jre1.5.0_02\bin\jusched.exe C:\WINDOWS\Twain_32\SlimU2\HotKey.exe C:\Programme\PERFECT SERIES\OPTICAL MOUSE\4.0\MOUSE32A.EXE C:\Programme\Antivir\AVWUPSRV.EXE C:\Programme\HP\HP Software Update\HPWuSchd.exe C:\Programme\HP\hpcoretech\hpcmpmgr.exe C:\Programme\Deamon Tool\daemon.exe C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\System32\svchost.exe C:\Programme\QuickTime\qttask.exe C:\Programme\Musicmatch\Musicmatch Jukebox\mm_server.exe C:\Programme\Musicmatch\Musicmatch Jukebox\mmtask.exe C:\Programme\Antivir\AVGNT.EXE C:\WINDOWS\System32\ctfmon.exe C:\Programme\Musicmatch\Musicmatch Jukebox\MMDiag.exe C:\Programme\Logitech\MouseWare\system\em_exec.exe C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe C:\Programme\Common\Bin\WinCinemaMgr.exe C:\Programme\DeTeMedien\Das Telefonbuch für Deutschland\OMAlarm.exe C:\Programme\Ulead Photo Express 4.0 SE\CalCheck.exe C:\Programme\Antivir\AVGUARD.EXE C:\Programme\Hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tgr-bielefeld.de/ O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FLASHG~1.50\jccatch.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar1.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHG~1.50\fgiebar.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar1.dll O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_02\bin\jusched.exe O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe O4 - HKLM\..\Run: [HotKey] C:\WINDOWS\Twain_32\SlimU2\HotKey.exe O4 - HKLM\..\Run: [LWBMOUSE] C:\Programme\PERFECT SERIES\OPTICAL MOUSE\4.0\MOUSE32A.EXE O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [HP Software Update] "C:\Programme\HP\HP Software Update\HPWuSchd.exe" O4 - HKLM\..\Run: [HP Component Manager] "C:\Programme\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Programme\Deamon Tool\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [mm_server] C:\Programme\Musicmatch\Musicmatch Jukebox\mm_server.exe O4 - HKLM\..\Run: [mmtask] C:\Programme\Musicmatch\Musicmatch Jukebox\mmtask.exe O4 - HKLM\..\Run: [AVGCtrl] C:\Programme\Antivir\AVGNT.EXE /min O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Programme\Common\Bin\WinCinemaMgr.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programme\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: OfficeManager Terminerinnerung.lnk = ? O4 - Global Startup: Ulead Kalendar Checker 4.0 SE.lnk = C:\Programme\Ulead Photo Express 4.0 SE\CalCheck.exe O8 - Extra context menu item: &Google Search - res://c:\programme\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Alles mit FlashGet laden - C:\Programme\Flash Get 1.50\jc_all.htm O8 - Extra context menu item: Im Cache gespeicherte Seite - res://c:\programme\google\GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: Mit FlashGet laden - C:\Programme\Flash Get 1.50\jc_link.htm O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Verweisseiten - res://c:\programme\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Ähnliche Seiten - res://c:\programme\google\GoogleToolbar1.dll/cmsimilar.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_02\bin\npjpi150_02.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_02\bin\npjpi150_02.dll O9 - Extra button: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Programme\ICQ\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Programme\ICQ\ICQ.exe O9 - Extra button: ICQ 4 - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHG~1.50\flashget.exe O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHG~1.50\flashget.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{E73FB0C1-68E1-43E6-851C-8107752777A4}: NameServer = 192.168.2.1 O23 - Service: Adobe LM Service - Unknown owner - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Programme\Antivir\AVGUARD.EXE O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Programme\Antivir\AVWUPSRV.EXE O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Programme\Gemeinsame Dateien\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe |
|
|
||
14.04.2005, 14:20
Ehrenmitglied
Beiträge: 29434 |
#8
TheTrueSnake
•HOSTFILE: öffne das HijackThis "Do a system scan only"-->Config--> Misc Tools-->Open Hosts file Manager--> delet line(s) lösche alles , lasse nur stehen: 127.0.0.1 localhost •KillBox http://www.bleepingcomputer.com/files/killbox.php •Delete File on Reboot <--anhaken und klick auf das rote Kreuz, wenn gefragt wird, ob "Do you want to reboot? "----> klicke auf "no",und kopiere das naechste rein, erst beim letzten auf "yes" C:\Programme\Ebates_MoeMoneyMaker\EbatesMoeMoneyMaker0.exe C:\WINDOWS\System32\fumews.exe C:\WINDOWS\multimpp.dll C:\Programme\Gemeinsame Dateien\CMEII\GIoclClient.dll C:\Programme\Gemeinsame Dateien\CMEII\GMTProxy.dll C:\Programme\Gemeinsame Dateien\CMEII\GObjs.dll C:\Programme\Gemeinsame Dateien\CMEII\GStore.dll C:\Programme\Gemeinsame Dateien\CMEII\GStoreServer.dll C:\Programme\Gemeinsame Dateien\CMEII\Gtools.dll C:\Programme\Gemeinsame Dateien\CMEII\CMEIIAPI.dll C:\Programme\Gemeinsame Dateien\CMEII\GAppMgr.dll C:\Programme\Gemeinsame Dateien\CMEII\GController.dll C:\Programme\Gemeinsame Dateien\CMEII\GDwldEng.dll C:\Programme\Gemeinsame Dateien\CMEII\GIocl.dll C:\Programme\Gemeinsame Dateien\GMT\gtrawbm.fil C:\Programme\Gemeinsame Dateien\GMT\EGGCEngine.dll C:\Programme\Gemeinsame Dateien\GMT\egIEEngine.dll C:\Programme\Gemeinsame Dateien\GMT\EGIEProcess.dll C:\Programme\Gemeinsame Dateien\GMT\EGNSEngine.dll C:\Programme\Gemeinsame Dateien\GMT\GatorRes.dll C:\Programme\Gemeinsame Dateien\GMT\GatorStubSetup.exe C:\Programme\Gemeinsame Dateien\GMT\GUninstaller.exe C:\Programme\Gemeinsame Dateien\GMT\GMT.exe NEUSTARTEN C:\Programme\Ebates_MoeMoneyMaker\<--loeschen Loeschen temporaere Dateien --> loesche die Dateien in den Ordnern, nicht die Temp-ordner selbst C:\WINDOWS\Temp\ C:\Temp\ C:\Dokumente und Einstellungen\username\Lokale Einstellungen\Temp\ C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temporary Internet Files\Content.IE5 [loesche nicht die index.dat) CCleaner--> alle *temp-Datein loeschen http://www.ccleaner.com/ccdownload.asp •eScan-Erkennungstool eSan ist hier unter dem Namen Free eScan Antivirus Toolkit Utility kostenlos erhältlich: http://www.mwti.net/antivirus/free_utilities.asp oeffne den Scanner--> noch nicht scannen--> gehe in Start<Ausfuehren< schreib rein: %temp% und suche kavupd.exe, die klickst du an--> (Update- in DOS) ausführen -->mwav.exe oeffnen-->alle Haekchen setzen-->scannen-->View Log anklicken--> Bearbeiten anklicken--> "infected" reinschreiben und nun alles rauskopieren, was angezeigt wird--> __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
14.04.2005, 15:08
...neu hier
Themenstarter Beiträge: 10 |
#9
C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temporary Internet Files\Content.IE5 [loesche nicht die index.dat)
Das geht nicht wenn ich in den Temporary Internet Files Ordner will bricht der ab und macht das Fenster einfach zu. Und wie lösche ich mit dem CCleaner die *.temp dateien? Edit: Ok das mit den Temporären Dateien hab ich gefunden bei System das ne? Hab die gelöscht... Nur das oben klappt halt nicht, was mach ich da? Dieser Beitrag wurde am 14.04.2005 um 15:12 Uhr von TheTrueSnake editiert.
|
|
|
||
15.04.2005, 01:22
Ehrenmitglied
Beiträge: 29434 |
#10
Hallo@TheTrueSnake
ich verstehe kein Wort--> Zitat das da oben klappt nicht ????????????? •eScan-Erkennungstool eSan ist hier unter dem Namen Free eScan Antivirus Toolkit Utility kostenlos erhältlich: http://www.mwti.net/antivirus/free_utilities.asp oeffne den Scanner--> noch nicht scannen--> gehe in Start<Ausfuehren< schreib rein: %temp% und suche kavupd.exe, die klickst du an--> (Update- in DOS) ausführen gehe in den abgesicherten Modus http://www.tu-berlin.de/www/software/virus/savemode.shtml und den Scanner mit der "mwav.exe"[oder:MWAVSCAN.COM] starten. Alle Häkchen setzen : Auswählen: "all files", Memory, Startup-Folders, Registry, System Folders, Services, Drive/All Local drives, Folder [C:\WINDOWS], Include SubDirectory -->und "Scan " klicken. •Gehe wieder in den Normalmodus: •mache bitte folgendes: nun öffnest du mit dem editor, die mwav.txt und gehst unter bearbeiten -> suchen, hier gibst du "infected" ein •jene zeile in der infected steht, markieren, und hier einfügen, weitersuchen usw. •und ganz unten steht die zusammenfassung, diese auch hier posten __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
15.04.2005, 17:04
...neu hier
Themenstarter Beiträge: 10 |
#11
Zitat C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temporary Internet Files\Content.IE5 [loesche nicht die index.dat) Das hier geht nicht immer wenn ich in den Temporary Internet Files Ordner will geht das Fenster zu |
|
|
||
18.04.2005, 11:52
Ehrenmitglied
Beiträge: 29434 |
#12
Hallo@TheTrueSnake
ClaerProg..lade die neuste Version <1.4.1 http://www.clearprog.de/downloads.php <und saeubere den Browser. Das Programm löscht die Surfspuren des Internet Explorers ab Version 5.0, des Netscape/Mozilla und des Opera: - Cookies - Verlauf - Temporäre Internetfiles (Cache) - index.dat •eScan-Erkennungstool eSan ist hier unter dem Namen Free eScan Antivirus Toolkit Utility kostenlos erhältlich: http://www.mwti.net/antivirus/free_utilities.asp oeffne den Scanner--> noch nicht scannen--> gehe in Start<Ausfuehren< schreib rein: %temp% und suche kavupd.exe, die klickst du an--> (Update- in DOS) ausführen gehe in den abgesicherten Modus http://www.tu-berlin.de/www/software/virus/savemode.shtml und den Scanner mit der "mwav.exe"[oder:MWAVSCAN.COM] starten. Alle Häkchen setzen : Auswählen: "all files", Memory, Startup-Folders, Registry, System Folders, Services, Drive/All Local drives, Folder [C:\WINDOWS], Include SubDirectory -->und "Scan " klicken. •Gehe wieder in den Normalmodus: •mache bitte folgendes: nun öffnest du mit dem editor, die mwav.txt und gehst unter bearbeiten -> suchen, hier gibst du "infected" ein •jene zeile in der infected steht, markieren, und hier einfügen, weitersuchen usw. •und ganz unten steht die zusammenfassung, diese auch hier posten __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
19.04.2005, 01:05
...neu hier
Themenstarter Beiträge: 10 |
#13
Spyware/Adware ({c95fe080-8f5d-11d2-a20b-00aa003c157a})! Action taken: No Action Taken.
Mon Apr 18 20:30:20 2005 => File System Found infected by "Alexa Spyware/Adware" Virus. Action Taken: No Action Taken. Mon Apr 18 20:30:21 2005 => System found infected with Gator Spyware/Adware ({21FFB6C0-0DA1-11D5-A9D5-00500413153C})! Action taken: No Action Taken. Mon Apr 18 20:30:21 2005 => File System Found infected by "Gator Spyware/Adware" Virus. Action Taken: No Action Taken. Mon Apr 18 20:30:21 2005 => System found infected with 180Solutions Spyware/Adware! Action taken: No Action Taken. Mon Apr 18 20:30:21 2005 => File System Found infected by "180Solutions Spyware/Adware" Virus. Action Taken: No Action Taken. Mon Apr 18 20:30:21 2005 => System found infected with gator.com Spyware/Adware! Action taken: No Action Taken. Mon Apr 18 20:30:21 2005 => File System Found infected by "gator.com Spyware/Adware" Virus. Action Taken: No Action Taken. Mon Apr 18 20:30:21 2005 => System found infected with vendor Spyware/Adware! Action taken: No Action Taken. Mon Apr 18 20:30:21 2005 => File System Found infected by "vendor Spyware/Adware" Virus. Action Taken: No Action Taken. Mon Apr 18 20:30:21 2005 => System found infected with msbb Spyware/Adware! Action taken: No Action Taken. Mon Apr 18 20:30:21 2005 => File System Found infected by "msbb Spyware/Adware" Virus. Action Taken: No Action Taken. Mon Apr 18 21:44:52 2005 => Scanning Folder: C:\Programme\AntiVir\INFECTED\*.* Mon Apr 18 21:48:04 2005 => File C:\Programme\Flash Get 1.50\fgf150.exe infected by "not-a-virus:AdWare.Cydoor" Virus. Action Taken: No Action Taken. C:\Programme\Hijackthis\backups\backup-20050414-021923-873.dll infected by "not-a-virus:AdWare.BiSpy.t" Virus. Action Taken: No Action Taken. Mon Apr 18 23:26:03 2005 => File C:\System Volume Information\_restore{58BE883D-80D6-475C-9890-D5C0D8FB3D8F}\RP69\A0104470.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken. Mon Apr 18 23:26:35 2005 => File C:\System Volume Information\_restore{58BE883D-80D6-475C-9890-D5C0D8FB3D8F}\RP70\A0104985.exe infected by "not-a-virusorn-Dialer.Win32.Star" Virus. Action Taken: No Action Taken. Mon Apr 18 23:27:17 2005 => File C:\System Volume Information\_restore{58BE883D-80D6-475C-9890-D5C0D8FB3D8F}\RP71\A0106401.dll infected by "not-a-virus:AdWare.Gator.5115" Virus. Action Taken: No Action Taken. Mon Apr 18 23:27:17 2005 => File C:\System Volume Information\_restore{58BE883D-80D6-475C-9890-D5C0D8FB3D8F}\RP71\A0106411.exe infected by "not-a-virus:AdWare.Gator.6034" Virus. Action Taken: No Action Taken. Mon Apr 18 23:27:18 2005 => File C:\System Volume Information\_restore{58BE883D-80D6-475C-9890-D5C0D8FB3D8F}\RP71\A0106414.dll infected by "not-a-virus:AdWare.Gator.3124" Virus. Action Taken: No Action Taken. Mon Apr 18 23:27:18 2005 => File C:\System Volume Information\_restore{58BE883D-80D6-475C-9890-D5C0D8FB3D8F}\RP71\A0106415.dll infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken. Mon Apr 18 23:27:18 2005 => File C:\System Volume Information\_restore{58BE883D-80D6-475C-9890-D5C0D8FB3D8F}\RP71\A0106416.dll infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken. Mon Apr 18 23:27:18 2005 => File C:\System Volume Information\_restore{58BE883D-80D6-475C-9890-D5C0D8FB3D8F}\RP71\A0106417.dll infected by "not-a-virus:AdWare.Gator.6051" Virus. Action Taken: No Action Taken. Mon Apr 18 23:27:18 2005 => File C:\System Volume Information\_restore{58BE883D-80D6-475C-9890-D5C0D8FB3D8F}\RP71\A0106418.dll infected by "not-a-virus:AdWare.Gator.6051" Virus. Action Taken: No Action Taken. Mon Apr 18 23:27:18 2005 => File C:\System Volume Information\_restore{58BE883D-80D6-475C-9890-D5C0D8FB3D8F}\RP71\A0106419.dll infected by "not-a-virus:AdWare.Gator.6051" Virus. Action Taken: No Action Taken. Mon Apr 18 23:27:18 2005 => File C:\System Volume Information\_restore{58BE883D-80D6-475C-9890-D5C0D8FB3D8F}\RP71\A0106420.dll infected by "not-a-virus:AdWare.Gator.6051" Virus. Action Taken: No Action Taken. Mon Apr 18 23:27:21 2005 => File C:\System Volume Information\_restore{58BE883D-80D6-475C-9890-D5C0D8FB3D8F}\RP71\A0106438.dll infected by "not-a-virus:AdWare.Gator.5017" Virus. Action Taken: No Action Taken. Mon Apr 18 23:27:21 2005 => File C:\System Volume Information\_restore{58BE883D-80D6-475C-9890-D5C0D8FB3D8F}\RP71\A0106439.dll infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken. Mon Apr 18 23:27:21 2005 => File C:\System Volume Information\_restore{58BE883D-80D6-475C-9890-D5C0D8FB3D8F}\RP71\A0106440.exe infected by "not-a-virus:AdWare.Gator.5112" Virus. Action Taken: No Action Taken. Mon Apr 18 23:27:25 2005 => File C:\System Volume Information\_restore{58BE883D-80D6-475C-9890-D5C0D8FB3D8F}\RP71\A0106499.dll infected by "not-a-virus:AdWare.BiSpy.t" Virus. Action Taken: No Action Taken. Mon Apr 18 23:27:26 2005 => File C:\System Volume Information\_restore{58BE883D-80D6-475C-9890-D5C0D8FB3D8F}\RP71\A0106502.dll infected by "not-a-virus:AdWare.BiSpy.n" Virus. Action Taken: No Action Taken. Mon Apr 18 23:27:26 2005 => File C:\System Volume Information\_restore{58BE883D-80D6-475C-9890-D5C0D8FB3D8F}\RP71\A0106503.exe infected by "not-a-virus:AdWare.BiSpy.q" Virus. Action Taken: No Action Taken. Mon Apr 18 23:27:26 2005 => File C:\System Volume Information\_restore{58BE883D-80D6-475C-9890-D5C0D8FB3D8F}\RP71\A0106504.exe infected by "not-a-virus:AdWare.BiSpy.o" Virus. Action Taken: No Action Taken. Mon Apr 18 23:27:26 2005 => File C:\System Volume Information\_restore{58BE883D-80D6-475C-9890-D5C0D8FB3D8F}\RP71\A0106505.dll infected by "not-a-virus:AdWare.ToolBar.FWN.a" Virus. Action Taken: No Action Taken. Mon Apr 18 23:27:27 2005 => File C:\System Volume Information\_restore{58BE883D-80D6-475C-9890-D5C0D8FB3D8F}\RP71\A0106506.exe infected by "not-a-virus:AdWare.BargainBuddy.j" Virus. Action Taken: No Action Taken. Mon Apr 18 23:27:27 2005 => File C:\System Volume Information\_restore{58BE883D-80D6-475C-9890-D5C0D8FB3D8F}\RP71\A0106507.exe infected by "not-a-virus:AdWare.BargainBuddy.n" Virus. Action Taken: No Action Taken. Mon Apr 18 23:27:27 2005 => File C:\System Volume Information\_restore{58BE883D-80D6-475C-9890-D5C0D8FB3D8F}\RP71\A0106508.dll infected by "not-a-virus:AdWare.EZula.ac" Virus. Action Taken: No Action Taken. Mon Apr 18 23:27:27 2005 => File C:\System Volume Information\_restore{58BE883D-80D6-475C-9890-D5C0D8FB3D8F}\RP71\A0106509.dll infected by "not-a-virus:AdWare.BargainBuddy.l" Virus. Action Taken: No Action Taken. Mon Apr 18 23:27:27 2005 => File C:\System Volume Information\_restore{58BE883D-80D6-475C-9890-D5C0D8FB3D8F}\RP71\A0106510.exe infected by "Trojan-Downloader.Win32.Esepor.q" Virus. Action Taken: No Action Taken. Mon Apr 18 23:27:27 2005 => File C:\System Volume Information\_restore{58BE883D-80D6-475C-9890-D5C0D8FB3D8F}\RP71\A0106511.exe infected by "not-a-virus:AdWare.ToolBar.VB.f" Virus. Action Taken: No Action Taken. Mon Apr 18 23:27:27 2005 => File C:\System Volume Information\_restore{58BE883D-80D6-475C-9890-D5C0D8FB3D8F}\RP71\A0106512.exe infected by "not-a-virus:AdWare.WinAD.b" Virus. Action Taken: No Action Taken. Mon Apr 18 23:27:27 2005 => File C:\System Volume Information\_restore{58BE883D-80D6-475C-9890-D5C0D8FB3D8F}\RP71\A0106513.dll infected by "not-a-virus:AdWare.WinAD.b" Virus. Action Taken: No Action Taken. Mon Apr 18 23:27:28 2005 => File C:\System Volume Information\_restore{58BE883D-80D6-475C-9890-D5C0D8FB3D8F}\RP71\A0106518.exe infected by "not-a-virus:AdWare.WebRebates.d" Virus. Action Taken: No Action Taken. Mon Apr 18 23:27:28 2005 => File C:\System Volume Information\_restore{58BE883D-80D6-475C-9890-D5C0D8FB3D8F}\RP71\A0106519.exe infected by "not-a-virus:AdWare.WebRebates.c" Virus. Action Taken: No Action Taken. Mon Apr 18 23:46:24 2005 => ***** Scanning complete. ***** Mon Apr 18 23:46:24 2005 => Total Objects Scanned: 120172 Mon Apr 18 23:46:24 2005 => Total Virus(es) Found: 66 Mon Apr 18 23:46:24 2005 => Total Disinfected Files: 0 Mon Apr 18 23:46:24 2005 => Total Files Renamed: 0 Mon Apr 18 23:46:24 2005 => Total Deleted Objects: 0 Mon Apr 18 23:46:24 2005 => Total Errors: 286 Mon Apr 18 23:46:24 2005 => Time Elapsed: 03:18:32 Mon Apr 18 23:46:24 2005 => Virus Database Date: 2005/04/16 Mon Apr 18 23:46:24 2005 => Virus Database Count: 126266 Mon Apr 18 23:46:24 2005 => Scan Completed. Wusste gar nicht was man sich im Internet alles einfangen kann |
|
|
||
19.04.2005, 17:28
Ehrenmitglied
Beiträge: 29434 |
#14
Hallo@@TheTrueSnake
Deaktivieren Wiederherstellung «XP Arbeitsplatz-->rechtsklick, dann auf Eigenschaften--->Reiter Systemwiederherstellung--->Häkchen setzen bei Systemwiederherstellung auf allen Laufwerken deaktivieren. starte den PC neu, dann aktiviere sie wieder Download the beta* of our new anti-spyware software today http://www.microsoft.com/athome/security/spyware/software/default.mspx #Ad-aware SE Personal 1.05 Updated http://fileforum.betanews.com/detail/965718306/1 Laden--> Updaten-->scannen-->PC neustarten--> noch mal scannen--> poste das Log vom Scann __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
19.04.2005, 21:05
...neu hier
Themenstarter Beiträge: 10 |
#15
Ad-Aware SE Build 1.05
Logfile Created onienstag, 19. April 2005 20:42:48 Created with Ad-Aware SE Personal, free for private use. Using definitions file:SE1R39 15.04.2005 »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» References detected during the scan: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» MRU List(TAC index:0):30 total references »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Ad-Aware SE Settings =========================== Set : Search for negligible risk entries Set : Safe mode (always request confirmation) Set : Scan active processes Set : Scan registry Set : Deep-scan registry Set : Scan my IE Favorites for banned URLs Set : Scan my Hosts file Extended Ad-Aware SE Settings =========================== Set : Unload recognized processes & modules during scan Set : Scan registry for all users instead of current user only Set : Always try to unload modules before deletion Set : During removal, unload Explorer and IE if necessary Set : Let Windows remove files in use at next reboot Set : Delete quarantined objects after restoring Set : Include basic Ad-Aware settings in log file Set : Include additional Ad-Aware settings in log file Set : Include reference summary in log file Set : Include alternate data stream details in log file Set : Play sound at scan completion if scan locates critical objects 19.04.2005 20:42:48 - Scan started. (Full System Scan) MRU List Object Recognized! Location: : C:\Dokumente und Einstellungen\Udo\recent Description : list of recently opened documents MRU List Object Recognized! Location: : S-1-5-21-3006880278-1819221912-3917891486-1007\software\microsoft\search assistant\acmru Description : list of recent search terms used with the search assistant MRU List Object Recognized! Location: : S-1-5-21-3006880278-1819221912-3917891486-1007\software\microsoft\office\10.0\powerpoint\recenttemplatelist Description : list of recent templates used by microsoft powerpoint MRU List Object Recognized! Location: : S-1-5-21-3006880278-1819221912-3917891486-1007\software\microsoft\office\10.0\powerpoint\recent templates Description : list of recent templates used by microsoft powerpoint MRU List Object Recognized! Location: : S-1-5-21-3006880278-1819221912-3917891486-1007\software\microsoft\internet explorer\main Description : last save directory used in microsoft internet explorer MRU List Object Recognized! Location: : S-1-5-21-3006880278-1819221912-3917891486-1007\software\realnetworks\realplayer\6.0\preferences Description : list of recent skins in realplayer MRU List Object Recognized! Location: : S-1-5-21-3006880278-1819221912-3917891486-1007\software\microsoft\internet explorer Description : last download directory used in microsoft internet explorer MRU List Object Recognized! Location: : software\microsoft\directdraw\mostrecentapplication Description : most recent application to use microsoft directdraw MRU List Object Recognized! Location: : S-1-5-21-3006880278-1819221912-3917891486-1007\software\microsoft\frontpage\editor\recent templates Description : list of recently used templates in microsoft publisher MRU List Object Recognized! Location: : S-1-5-21-3006880278-1819221912-3917891486-1007\software\google\navclient\1.1\history Description : list of recently used search terms in the google toolbar MRU List Object Recognized! Location: : S-1-5-21-3006880278-1819221912-3917891486-1007\software\adobe\acrobat reader\6.0\avgeneral\crecentfiles Description : list of recently used files in adobe reader MRU List Object Recognized! Location: : S-1-5-21-3006880278-1819221912-3917891486-1007\software\smartftp\connection data Description : list of recently accessed servers using smartftp MRU List Object Recognized! Location: : S-1-5-21-3006880278-1819221912-3917891486-1007\software\microsoft\directinput\mostrecentapplication Description : most recent application to use microsoft directinput MRU List Object Recognized! Location: : S-1-5-21-3006880278-1819221912-3917891486-1007\software\microsoft\mediaplayer\player\settings Description : last open directory used in jasc paint shop pro MRU List Object Recognized! Location: : S-1-5-21-3006880278-1819221912-3917891486-1007\software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct3d MRU List Object Recognized! Location: : software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct3d MRU List Object Recognized! Location: : software\musicmatch Description : download location of the musicmatch installer MRU List Object Recognized! Location: : S-1-5-21-3006880278-1819221912-3917891486-1007\software\realnetworks\realplayer\6.0\preferences Description : list of recent clips in realplayer MRU List Object Recognized! Location: : S-1-5-21-3006880278-1819221912-3917891486-1007\software\microsoft\directinput\mostrecentapplication Description : most recent application to use microsoft directinput MRU List Object Recognized! Location: : software\musicmatch\musicmatch jukebox\4.0\mmradio Description : information on the last station listened to using musicmatch radio MRU List Object Recognized! Location: : S-1-5-21-3006880278-1819221912-3917891486-1007\software\microsoft\frontpage Description : default save location in microsoft frontpage MRU List Object Recognized! Location: : S-1-5-21-3006880278-1819221912-3917891486-1007\software\realnetworks\realplayer\6.0\preferences Description : last login time in realplayer MRU List Object Recognized! Location: : S-1-5-21-3006880278-1819221912-3917891486-1007\software\microsoft\office\10.0\clip organizer\search\last query Description : last query in microsoft clip organizer MRU List Object Recognized! Location: : software\musicmatch\musicmatch jukebox\4.0\fileconv Description : file conversion location settings in musicmatch jukebox MRU List Object Recognized! Location: : S-1-5-21-3006880278-1819221912-3917891486-1007\software\microsoft\frontpage\explorer\frontpage explorer\recently created servers Description : list of recently created servers in microsoft frontpage MRU List Object Recognized! Location: : S-1-5-21-3006880278-1819221912-3917891486-1007\software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct X MRU List Object Recognized! Location: : software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct X MRU List Object Recognized! Location: : .DEFAULT\software\microsoft\windows media\wmsdk\general Description : windows media sdk MRU List Object Recognized! Location: : S-1-5-18\software\microsoft\windows media\wmsdk\general Description : windows media sdk MRU List Object Recognized! Location: : S-1-5-21-3006880278-1819221912-3917891486-1007\software\microsoft\windows media\wmsdk\general Description : windows media sdk Listing running processes »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» #:1 [smss.exe] FilePath : \SystemRoot\System32\ ProcessID : 612 ThreadCreationTime : 19.04.2005 18:41:27 BasePriority : Normal #:2 [csrss.exe] FilePath : \??\C:\WINDOWS\system32\ ProcessID : 660 ThreadCreationTime : 19.04.2005 18:41:33 BasePriority : Normal #:3 [winlogon.exe] FilePath : \??\C:\WINDOWS\system32\ ProcessID : 684 ThreadCreationTime : 19.04.2005 18:41:35 BasePriority : High #:4 [services.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 728 ThreadCreationTime : 19.04.2005 18:41:35 BasePriority : Normal FileVersion : 5.1.2600.1224 (xpsp2.030516-0318) ProductVersion : 5.1.2600.1224 ProductName : Betriebssystem Microsoft® Windows® CompanyName : Microsoft Corporation FileDescription : Anwendung für Dienste und Controller InternalName : services.exe LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten. OriginalFilename : services.exe #:5 [lsass.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 740 ThreadCreationTime : 19.04.2005 18:41:35 BasePriority : Normal FileVersion : 5.1.2600.1106 (xpsp1.020828-1920) ProductVersion : 5.1.2600.1106 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : LSA Shell (Export Version) InternalName : lsass.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : lsass.exe #:6 [ati2evxx.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 892 ThreadCreationTime : 19.04.2005 18:41:36 BasePriority : Normal #:7 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 932 ThreadCreationTime : 19.04.2005 18:41:36 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:8 [svchost.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 1024 ThreadCreationTime : 19.04.2005 18:41:36 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:9 [svchost.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 1188 ThreadCreationTime : 19.04.2005 18:41:37 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:10 [svchost.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 1220 ThreadCreationTime : 19.04.2005 18:41:37 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:11 [spoolsv.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1268 ThreadCreationTime : 19.04.2005 18:41:37 BasePriority : Normal FileVersion : 5.1.2600.0 (XPClient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Spooler SubSystem App InternalName : spoolsv.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : spoolsv.exe #:12 [avguard.exe] FilePath : C:\Programme\Antivir\ ProcessID : 1380 ThreadCreationTime : 19.04.2005 18:41:43 BasePriority : Normal #:13 [avwupsrv.exe] FilePath : C:\Programme\Antivir\ ProcessID : 1392 ThreadCreationTime : 19.04.2005 18:41:43 BasePriority : Normal #:14 [mdm.exe] FilePath : C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\ ProcessID : 1424 ThreadCreationTime : 19.04.2005 18:41:43 BasePriority : Normal FileVersion : 7.00.9064.9150 ProductVersion : 7.00.9064.9150 ProductName : Microsoft Development Environment CompanyName : Microsoft Corporation FileDescription : Machine Debug Manager InternalName : mdm.exe LegalCopyright : Copyright (C) Microsoft Corp. 1997-2000 OriginalFilename : mdm.exe #:15 [slserv.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1452 ThreadCreationTime : 19.04.2005 18:41:43 BasePriority : Normal FileVersion : 2.80.00(24Apr2000) ProductVersion : 2.80.00 ProductName : Modem FileDescription : User-Level Modem Service InternalName : slserv LegalCopyright : Copyright © 1999-2000 OriginalFilename : slserv.exe #:16 [svchost.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 1484 ThreadCreationTime : 19.04.2005 18:41:43 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:17 [explorer.exe] FilePath : C:\WINDOWS\ ProcessID : 336 ThreadCreationTime : 19.04.2005 18:42:08 BasePriority : Normal FileVersion : 6.00.2800.1106 (xpsp1.020828-1920) ProductVersion : 6.00.2800.1106 ProductName : Betriebssystem Microsoft® Windows® CompanyName : Microsoft Corporation FileDescription : Windows Explorer InternalName : explorer LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten. OriginalFilename : EXPLORER.EXE #:18 [atiptaxx.exe] FilePath : C:\Program Files\ATI Technologies\ATI Control Panel\ ProcessID : 512 ThreadCreationTime : 19.04.2005 18:42:11 BasePriority : Normal FileVersion : 6.14.10.5079 ProductVersion : 6.14.10.5079 ProductName : ATI Desktop Component CompanyName : ATI Technologies, Inc. FileDescription : ATI Desktop Control Panel InternalName : Atiptaxx.exe LegalCopyright : Copyright (C) 1998-2002 ATI Technologies Inc. OriginalFilename : Atiptaxx.exe #:19 [jusched.exe] FilePath : C:\Programme\Java\jre1.5.0_02\bin\ ProcessID : 520 ThreadCreationTime : 19.04.2005 18:42:11 BasePriority : Normal #:20 [hotkey.exe] FilePath : C:\WINDOWS\Twain_32\SlimU2\ ProcessID : 536 ThreadCreationTime : 19.04.2005 18:42:11 BasePriority : Normal FileVersion : 1,1,3,5 ProductVersion : 1,1,3,5 ProductName : OneTouchHotKey Application CompanyName : Pmx. Electronics Ltd. FileDescription : OneTouchHotKey MFC Application InternalName : OneTouchHotKey LegalCopyright : Copyright (C) 2002 OriginalFilename : HotKey.EXE #:21 [mouse32a.exe] FilePath : C:\Programme\PERFECT SERIES\OPTICAL MOUSE\4.0\ ProcessID : 544 ThreadCreationTime : 19.04.2005 18:42:12 BasePriority : Normal FileVersion : 3.0.1.0 ProductVersion : 3.0.0.0 LegalCopyright : Copyright 2001 by LEE,WEI-BIN. #:22 [hpwuschd.exe] FilePath : C:\Programme\HP\HP Software Update\ ProcessID : 560 ThreadCreationTime : 19.04.2005 18:42:12 BasePriority : Normal FileVersion : 1, 0, 0, 2 ProductVersion : 1, 0, 0, 2 ProductName : Hewlett-Packard hpwuSchd CompanyName : Hewlett-Packard FileDescription : hpwuSchd InternalName : hpwuSchd LegalCopyright : Copyright © 2003 OriginalFilename : hpwuSchd.exe #:23 [hpcmpmgr.exe] FilePath : C:\Programme\HP\hpcoretech\ ProcessID : 576 ThreadCreationTime : 19.04.2005 18:42:12 BasePriority : Normal FileVersion : 1.76.0 ProductVersion : 1.76.0 ProductName : hp coretech (COmponent REuse TECHnology) CompanyName : Hewlett-Packard Company FileDescription : HP Framework Component Manager Service InternalName : HPComponentManagerService module LegalCopyright : Copyright (C) Hewlett-Packard. 2002-2003 OriginalFilename : HPCmpMgr.exe #:24 [daemon.exe] FilePath : C:\Programme\Deamon Tool\ ProcessID : 396 ThreadCreationTime : 19.04.2005 18:42:12 BasePriority : Normal #:25 [realsched.exe] FilePath : C:\Programme\Gemeinsame Dateien\Real\Update_OB\ ProcessID : 604 ThreadCreationTime : 19.04.2005 18:42:12 BasePriority : Normal FileVersion : 0.1.0.3208 ProductVersion : 0.1.0.3208 ProductName : RealPlayer (32-bit) CompanyName : RealNetworks, Inc. FileDescription : RealNetworks Scheduler InternalName : schedapp LegalCopyright : Copyright © RealNetworks, Inc. 1995-2004 LegalTrademarks : RealAudio(tm) is a trademark of RealNetworks, Inc. OriginalFilename : realsched.exe #:26 [qttask.exe] FilePath : C:\Programme\QuickTime\ ProcessID : 632 ThreadCreationTime : 19.04.2005 18:42:12 BasePriority : Normal FileVersion : 6.4 ProductVersion : QuickTime 6.4 ProductName : QuickTime CompanyName : Apple Computer, Inc. InternalName : QuickTime Task LegalCopyright : © Apple Computer, Inc. 2001-2003 OriginalFilename : QTTask.exe #:27 [mm_server.exe] FilePath : C:\Programme\Musicmatch\Musicmatch Jukebox\ ProcessID : 636 ThreadCreationTime : 19.04.2005 18:42:12 BasePriority : Normal FileVersion : 9.0.0.1 ProductVersion : 9.0.0.1 ProductName : Musicmatch Jukebox CompanyName : Musicmatch Inc. FileDescription : Musicmatch Music Server InternalName : MusicServer.exe LegalCopyright : (c) Musicmatch Inc.. All rights reserved. OriginalFilename : MusicServer.exe #:28 [mmtask.exe] FilePath : C:\Programme\Musicmatch\Musicmatch Jukebox\ ProcessID : 656 ThreadCreationTime : 19.04.2005 18:42:13 BasePriority : Normal FileVersion : 9.0.0.1 ProductVersion : 9.0.0.1 ProductName : Musicmatch Jukebox CompanyName : Musicmatch Inc. FileDescription : <Musicmatch System Tray Application> InternalName : mmtask.exe LegalCopyright : (c) Musicmatch Inc.. All rights reserved. OriginalFilename : mmtask.exe #:29 [pdvdserv.exe] FilePath : C:\Programme\CyberLink\PowerDVD\ ProcessID : 652 ThreadCreationTime : 19.04.2005 18:42:13 BasePriority : Normal FileVersion : 6.00.1027 ProductVersion : 6.00.1027 ProductName : PowerDVD CompanyName : Cyberlink Corp. FileDescription : PowerDVD RC Service InternalName : PowerDVD RC Service LegalCopyright : Copyright (c) CyberLink Corp. 1997-2004 OriginalFilename : PDVDSERV.EXE #:30 [avgnt.exe] FilePath : C:\Programme\Antivir\ ProcessID : 664 ThreadCreationTime : 19.04.2005 18:42:13 BasePriority : Normal #:31 [em_exec.exe] FilePath : C:\Programme\Logitech\MouseWare\system\ ProcessID : 812 ThreadCreationTime : 19.04.2005 18:42:13 BasePriority : Normal FileVersion : 9.76.046 ProductVersion : 9.76.046 ProductName : MouseWare CompanyName : Logitech Inc. FileDescription : Logitech Events Handler Application InternalName : Em_Exec LegalCopyright : (C) 1987-2003 Logitech. All rights reserved. LegalTrademarks : Logitech® and MouseWare® are registered trademarks of Logitech Inc. OriginalFilename : Em_Exec.exe Comments : Created by the MouseWare team #:32 [gcasserv.exe] FilePath : C:\Programme\Microsoft AntiSpyware\ ProcessID : 780 ThreadCreationTime : 19.04.2005 18:42:14 BasePriority : Idle FileVersion : 1.00.0509 ProductVersion : 1.00.0509 ProductName : Microsoft AntiSpyware (Beta 1) CompanyName : Microsoft Corporation FileDescription : Microsoft AntiSpyware Service InternalName : gcasServ LegalCopyright : Copyright © 2004-2005 Microsoft Corporation. All rights reserved. LegalTrademarks : Microsoft® and Windows® are registered trademarks of Microsoft Corporation. SpyNet(tm) is a trademark of Microsoft Corporation. OriginalFilename : gcasServ.exe #:33 [ctfmon.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 952 ThreadCreationTime : 19.04.2005 18:42:14 BasePriority : Normal FileVersion : 5.1.2600.1106 (xpsp1.020828-1920) ProductVersion : 5.1.2600.1106 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : CTF Loader InternalName : CTFMON LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : CTFMON.EXE #:34 [mmdiag.exe] FilePath : C:\Programme\Musicmatch\Musicmatch Jukebox\ ProcessID : 984 ThreadCreationTime : 19.04.2005 18:42:15 BasePriority : Normal FileVersion : 9.00.0171 ProductVersion : 9.00.0171 ProductName : Musicmatch Jukebox CompanyName : Musicmatch, Inc. FileDescription : Logging and tracing manager InternalName : MMTraceExe LegalCopyright : Copyright © Musicmatch 1998-2004 LegalTrademarks : OriginalFilename : MMTraceExe.EXE #:35 [hpqtra08.exe] FilePath : C:\Programme\HP\Digital Imaging\bin\ ProcessID : 1068 ThreadCreationTime : 19.04.2005 18:42:16 BasePriority : Normal FileVersion : 5.31.0.147 ProductVersion : 005.031.000.147 ProductName : hp digital imaging - hp all-in-one series CompanyName : Hewlett-Packard Co. FileDescription : HP Digital Imaging Monitor (CUE) InternalName : HPQTRA00 LegalCopyright : Copyright (C) Hewlett-Packard Co. 1995-2001 OriginalFilename : HPQTRA00.EXE Comments : HP Digital Imaging Monitor (CUE) #:36 [wincinemamgr.exe] FilePath : C:\Programme\Common\Bin\ ProcessID : 1112 ThreadCreationTime : 19.04.2005 18:42:16 BasePriority : Normal FileVersion : 1.8.1 ProductVersion : 1, 8, 1, 0 ProductName : WinCinema Manager for InterVideo WinCinema products CompanyName : InterVideo Inc. FileDescription : WinCinema Manager InternalName : WinCinema Manager LegalCopyright : Copyright 1999-2003 InterVideo, Inc. All rights reserved. OriginalFilename : WinCinemaMgr.EXE #:37 [omalarm.exe] FilePath : C:\Programme\DeTeMedien\Das Telefonbuch für Deutschland\ ProcessID : 1196 ThreadCreationTime : 19.04.2005 18:42:17 BasePriority : Normal FileVersion : 1, 0, 0, 1 ProductVersion : 1, 0, 0, 1 ProductName : Anwendung OMAlarm FileDescription : MFC-Anwendung OMAlarm InternalName : OMAlarm LegalCopyright : Copyright (C) 1999 OriginalFilename : OMAlarm.EXE #:38 [calcheck.exe] FilePath : C:\Programme\Ulead Photo Express 4.0 SE\ ProcessID : 1236 ThreadCreationTime : 19.04.2005 18:42:17 BasePriority : Normal FileVersion : 4, 0, 0, 0 ProductVersion : 4, 0, 0, 0 ProductName : Calendar Checker Application CompanyName : Ulead Systems, Inc. FileDescription : Photo Express -- Calendar Checker InternalName : CalCheck LegalCopyright : Copyright (C) 1992-1999.Ulead Systems, Inc. LegalTrademarks : Ulead Systems, MediaStudio, PhotoImpact and Photo Express are registered trademarks of Ulead Systems, Inc. OriginalFilename : CalCheck.EXE #:39 [gcasdtserv.exe] FilePath : C:\Programme\Microsoft AntiSpyware\ ProcessID : 1612 ThreadCreationTime : 19.04.2005 18:42:29 BasePriority : Normal FileVersion : 1.00.0509 ProductVersion : 1.00.0509 ProductName : Microsoft AntiSpyware (Beta 1) CompanyName : Microsoft Corporation FileDescription : Microsoft AntiSpyware Data Service InternalName : gcasDtServ LegalCopyright : Copyright © 2004-2005 Microsoft Corporation. All rights reserved. LegalTrademarks : Microsoft® and Windows® are registered trademarks of Microsoft Corporation. SpyNet(tm) is a trademark of Microsoft Corporation. OriginalFilename : gcasDtServ.exe #:40 [ad-aware.exe] FilePath : C:\Programme\Ad-Aware\Ad-Aware SE Personal\ ProcessID : 4028 ThreadCreationTime : 19.04.2005 18:42:39 BasePriority : Normal FileVersion : 6.2.0.206 ProductVersion : VI.Second Edition ProductName : Lavasoft Ad-Aware SE CompanyName : Lavasoft Sweden FileDescription : Ad-Aware SE Core application InternalName : Ad-Aware.exe LegalCopyright : Copyright © Lavasoft Sweden OriginalFilename : Ad-Aware.exe Comments : All Rights Reserved Memory scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 30 Started registry scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Registry Scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 30 Started deep registry scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Deep registry scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 30 Started Tracking Cookie scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Tracking cookie scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 30 Deep scanning and examining files (C »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Disk Scan Result for C:\ »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 30 Deep scanning and examining files (G »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Disk Scan Result for G:\ »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 30 Scanning Hosts file...... Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts". »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Hosts file scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» 1 entries scanned. New critical objects:0 Objects found so far: 30 Performing conditional scans... »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Conditional scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 30 21:04:10 Scan Complete Summary Of This Scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Total scanning time:00:21:21.242 Objects scanned:184912 Objects identified:0 Objects ignored:0 New critical objects:0 Hier |
|
|
||
das mein erster Post hier und ich brauch dringend Hilfe hab über die Suchfunktion nichts gefunden.
Also:
Folgendes hab da nen Rechner mit Windows XP Home Edition mit Internet über einen Wlan Router der auch gleichzeitig das Modem ist, der Rechner ist aber über ein Kabel an dem Router angeschlossen und der gewärt mir seit neuestem keinen Zugriff aufs Internet mehr ...
Habe nichts verstellt oder so ging von einem auf den anderen Moment los und da lag mir der verdacht auf einen Virus nahe ... also immer wenn ich aufs Internet zugreifen will geht der Browser nach ein paar Sekunden einfach aus, genau so bei ICQ, Outlook und jeglichen Anwendungen die aufs Intertnet zugreifen ... ebenfalls wenn ich den Router anpingen will geht das MS-DOS Fenster nach dem 2. Ping versuch aus ...
Also was kann das sein und was kann ich tun?
Danke schonmal
MfG
TheTrueSnake
(PS: Wenn der Snake der hier schon registriert ist das ließt, bitte nicht provoziert von meinem Namen fühlen plz, mir viel nichts besseres ein weil ich mich normalerweise auch Snake nennen )