HAbe mir Alcra.B gefangen, -und bin überfordert |
||
---|---|---|
#0
| ||
21.08.2005, 13:40
Member
Beiträge: 279 |
||
|
||
21.08.2005, 18:41
Member
Themenstarter Beiträge: 13 |
#17
So, mit dem LP hat es zwar nicht geklappt, aber ich hab das ganze dann in Englisch Konfiguriert ( war heute morgen nur zu Faul den Kopf zu benutzen )
Der erste scan hat nochmal 5 Dateien gefunden, der zweite war dann aber sauber! Hier ist der Logfile vom zweiten scan... Ad-Aware SE Build 1.06r1 Logfile Created on:Sonntag, 21. August 2005 18:24:04 Created with Ad-Aware SE Personal, free for private use. Using definitions file:SE1R62 17.08.2005 »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» References detected during the scan: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» None »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Definition File: ========================= Definitions File Loaded: Reference Number : SE1R62 17.08.2005 Internal build : 72 File location : D:\Programme\Security\Ad-Aware SE Personal\defs.ref File size : 509965 Bytes Total size : 1536749 Bytes Signature data size : 1503983 Bytes Reference data size : 32254 Bytes Signatures total : 42805 CSI Fingerprints total : 1012 CSI data size : 35821 Bytes Target categories : 15 Target families : 731 Memory + processor status: ========================== Number of processors : 1 Processor architecture : Non Intel Memory available:22 % Total physical memory:261600 kb Available physical memory:56152 kb Total page file size:633528 kb Available on page file:504512 kb Total virtual memory:2097024 kb Available virtual memory:2031532 kb OS:Microsoft Windows XP Home Edition Service Pack 1 (Build 2600) Ad-Aware SE Settings =========================== Set : Search for negligible risk entries Set : Safe mode (always request confirmation) Set : Scan active processes Set : Scan registry Set : Deep-scan registry Set : Scan my IE Favorites for banned URLs Set : Scan within archives Set : Scan my Hosts file Extended Ad-Aware SE Settings =========================== Set : Unload recognized processes & modules during scan Set : Obtain command line of scanned processes Set : Scan registry for all users instead of current user only Set : Always try to unload modules before deletion Set : During removal, unload Explorer and IE if necessary Set : Let Windows remove files in use at next reboot Set : Delete quarantined objects after restoring Set : Write-protect system files after repair (Hosts file, etc.) Set : Include basic Ad-Aware settings in log file Set : Include additional Ad-Aware settings in log file Set : Include reference summary in log file Set : Include alternate data stream details in log file Set : Play sound at scan completion if scan locates critical objects 21.08.2005 18:24:04 - Scan started. (Custom mode) Listing running processes »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» #:1 [smss.exe] ModuleName : \SystemRoot\System32\smss.exe Command Line : n/a ProcessID : 440 ThreadCreationTime : 21.08.2005 16:12:43 BasePriority : Normal #:2 [csrss.exe] ModuleName : \??\C:\WINDOWS\system32\csrss.exe Command Line : C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestTh ProcessID : 488 ThreadCreationTime : 21.08.2005 16:12:45 BasePriority : Normal #:3 [winlogon.exe] ModuleName : \??\C:\WINDOWS\system32\winlogon.exe Command Line : winlogon.exe ProcessID : 512 ThreadCreationTime : 21.08.2005 16:12:46 BasePriority : High #:4 [services.exe] ModuleName : C:\WINDOWS\system32\services.exe Command Line : C:\WINDOWS\system32\services.exe ProcessID : 556 ThreadCreationTime : 21.08.2005 16:12:46 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Betriebssystem Microsoft® Windows® CompanyName : Microsoft Corporation FileDescription : Anwendung für Dienste und Controller InternalName : services.exe LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten. OriginalFilename : services.exe #:5 [lsass.exe] ModuleName : C:\WINDOWS\system32\lsass.exe Command Line : C:\WINDOWS\system32\lsass.exe ProcessID : 568 ThreadCreationTime : 21.08.2005 16:12:46 BasePriority : Normal FileVersion : 5.1.2600.1106 (xpsp1.020828-1920) ProductVersion : 5.1.2600.1106 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : LSA Shell (Export Version) InternalName : lsass.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : lsass.exe #:6 [svchost.exe] ModuleName : C:\WINDOWS\system32\svchost.exe Command Line : C:\WINDOWS\system32\svchost -k rpcss ProcessID : 736 ThreadCreationTime : 21.08.2005 16:12:47 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:7 [svchost.exe] ModuleName : C:\WINDOWS\System32\svchost.exe Command Line : C:\WINDOWS\System32\svchost.exe -k netsvcs ProcessID : 788 ThreadCreationTime : 21.08.2005 16:12:47 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:8 [svchost.exe] ModuleName : C:\WINDOWS\System32\svchost.exe Command Line : C:\WINDOWS\System32\svchost.exe -k NetworkService ProcessID : 928 ThreadCreationTime : 21.08.2005 16:12:47 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:9 [svchost.exe] ModuleName : C:\WINDOWS\System32\svchost.exe Command Line : C:\WINDOWS\System32\svchost.exe -k LocalService ProcessID : 972 ThreadCreationTime : 21.08.2005 16:12:48 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:10 [spoolsv.exe] ModuleName : C:\WINDOWS\system32\spoolsv.exe Command Line : C:\WINDOWS\system32\spoolsv.exe ProcessID : 1168 ThreadCreationTime : 21.08.2005 16:12:49 BasePriority : Normal FileVersion : 5.1.2600.0 (XPClient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Spooler SubSystem App InternalName : spoolsv.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : spoolsv.exe #:11 [explorer.exe] ModuleName : C:\WINDOWS\Explorer.EXE Command Line : C:\WINDOWS\Explorer.EXE ProcessID : 1336 ThreadCreationTime : 21.08.2005 16:12:53 BasePriority : Normal FileVersion : 6.00.2800.1106 (xpsp1.020828-1920) ProductVersion : 6.00.2800.1106 ProductName : Betriebssystem Microsoft® Windows® CompanyName : Microsoft Corporation FileDescription : Windows Explorer InternalName : explorer LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten. OriginalFilename : EXPLORER.EXE #:12 [delttray.exe] ModuleName : C:\WINDOWS\System32\DeltTray.exe Command Line : "C:\WINDOWS\System32\DeltTray.exe" ProcessID : 1400 ThreadCreationTime : 21.08.2005 16:12:54 BasePriority : Normal FileVersion : 5.1.0.01 ProductVersion : 5.1.0.01 ProductName : M Audio Delta Control Panel Interface System Tray Applet CompanyName : Doug Fetter Software Wizardry FileDescription : M Audio Delta Control Panel Interface System Tray Applet InternalName : Delta Panel System Tray Applet LegalCopyright : Copyright © 2002 Midiman, Inc. All rights reserved. LegalTrademarks : M Audio (TM) is a legal trademark of MIDIMAN, Inc. OriginalFilename : DeltTray.EXE Comments : Developed by Doug Fetter Software Wizardry #:13 [winampa.exe] ModuleName : D:\Programme\Player\Winamp\winampa.exe Command Line : "D:\Programme\Player\Winamp\winampa.exe" ProcessID : 1436 ThreadCreationTime : 21.08.2005 16:12:55 BasePriority : Normal #:14 [jusched.exe] ModuleName : C:\Programme\Java\jre1.5.0_04\bin\jusched.exe Command Line : "C:\Programme\Java\jre1.5.0_04\bin\jusched.exe" ProcessID : 1444 ThreadCreationTime : 21.08.2005 16:12:55 BasePriority : Normal #:15 [realsched.exe] ModuleName : C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe Command Line : "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot ProcessID : 1452 ThreadCreationTime : 21.08.2005 16:12:55 BasePriority : Normal FileVersion : 0.1.0.3292 ProductVersion : 0.1.0.3292 ProductName : RealPlayer (32-bit) CompanyName : RealNetworks, Inc. FileDescription : RealNetworks Scheduler InternalName : schedapp LegalCopyright : Copyright © RealNetworks, Inc. 1995-2004 LegalTrademarks : RealAudio(tm) is a trademark of RealNetworks, Inc. OriginalFilename : realsched.exe #:16 [ctfmon.exe] ModuleName : C:\WINDOWS\System32\ctfmon.exe Command Line : "C:\WINDOWS\System32\ctfmon.exe" ProcessID : 1496 ThreadCreationTime : 21.08.2005 16:12:56 BasePriority : Normal FileVersion : 5.1.2600.1106 (xpsp1.020828-1920) ProductVersion : 5.1.2600.1106 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : CTF Loader InternalName : CTFMON LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : CTFMON.EXE #:17 [ad-aware.exe] ModuleName : D:\Programme\Security\Ad-Aware SE Personal\Ad-Aware.exe Command Line : "D:\Programme\Security\Ad-Aware SE Personal\Ad-Aware.exe" ProcessID : 1820 ThreadCreationTime : 21.08.2005 16:13:22 BasePriority : Normal FileVersion : 6.2.0.236 ProductVersion : SE 106 ProductName : Lavasoft Ad-Aware SE CompanyName : Lavasoft Sweden FileDescription : Ad-Aware SE Core application InternalName : Ad-Aware.exe LegalCopyright : Copyright © Lavasoft AB Sweden OriginalFilename : Ad-Aware.exe Comments : All Rights Reserved #:18 [alg.exe] ModuleName : C:\WINDOWS\System32\alg.exe Command Line : C:\WINDOWS\System32\alg.exe ProcessID : 2004 ThreadCreationTime : 21.08.2005 16:13:54 BasePriority : Normal FileVersion : 5.1.2600.1106 (xpsp1.020828-1920) ProductVersion : 5.1.2600.1106 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Application Layer Gateway Service InternalName : ALG.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : ALG.exe #:19 [avguard.exe] ModuleName : D:\Programme\anti VIR\AVGUARD.EXE Command Line : "D:\Programme\anti VIR\AVGUARD.EXE" ProcessID : 2024 ThreadCreationTime : 21.08.2005 16:13:55 BasePriority : Normal #:20 [avwupsrv.exe] ModuleName : D:\Programme\anti VIR\AVWUPSRV.EXE Command Line : "D:\Programme\anti VIR\AVWUPSRV.EXE" ProcessID : 2036 ThreadCreationTime : 21.08.2005 16:13:56 BasePriority : Normal #:21 [cisvc.exe] ModuleName : C:\WINDOWS\System32\cisvc.exe Command Line : C:\WINDOWS\System32\cisvc.exe ProcessID : 124 ThreadCreationTime : 21.08.2005 16:13:56 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Content Index service InternalName : cisvc.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : cisvc.exe #:22 [ewidoctrl.exe] ModuleName : D:\Programme\Security\security suite\ewidoctrl.exe Command Line : "D:\Programme\Security\security suite\ewidoctrl.exe" ProcessID : 172 ThreadCreationTime : 21.08.2005 16:13:57 BasePriority : Normal FileVersion : 3, 0, 0, 1 ProductVersion : 3, 0, 0, 1 ProductName : ewido control CompanyName : ewido networks FileDescription : ewido control InternalName : ewido control LegalCopyright : Copyright © 2004 OriginalFilename : ewidoctrl.exe #:23 [wuauclt.exe] ModuleName : C:\WINDOWS\System32\wuauclt.exe Command Line : "C:\WINDOWS\System32\wuauclt.exe" ProcessID : 1792 ThreadCreationTime : 21.08.2005 16:15:18 BasePriority : Normal FileVersion : 5.8.0.2469 built by: lab01_n(wmbla) ProductVersion : 5.8.0.2469 ProductName : Betriebssystem Microsoft® Windows® CompanyName : Microsoft Corporation FileDescription : Automatische Updates InternalName : wuauclt.exe LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten. OriginalFilename : wuauclt.exe #:24 [cidaemon.exe] ModuleName : C:\WINDOWS\System32\cidaemon.exe Command Line : cidaemon.exe DownLevelDaemon "c:\system volume information\catalog.wci" 196672l 124l ProcessID : 1740 ThreadCreationTime : 21.08.2005 16:20:46 BasePriority : Idle FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Indexing Service filter daemon InternalName : cidaemon.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : cidaemon.exe Memory scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 0 Started registry scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Registry Scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 0 Started deep registry scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Deep registry scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 0 Started Tracking Cookie scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Tracking cookie scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 0 Deep scanning and examining files (C »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Disk Scan Result for C:\ »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 0 Deep scanning and examining files (D »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Disk Scan Result for D:\ »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 0 Deep scanning and examining files (E »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Disk Scan Result for E:\ »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 0 Deep scanning and examining files (F »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Not Avaliable Disk Scan Result for F:\ »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 0 Scanning Hosts file...... Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts". »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Hosts file scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» 1 entries scanned. New critical objects:0 Objects found so far: 0 18:32:53 Scan Complete Summary Of This Scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Total scanning time:00:08:49.632 Objects scanned:110508 Objects identified:0 Objects ignored:0 New critical objects:0 ... der log von HJT kommt auch gleich! Und hier ist er auch schon! Logfile of HijackThis v1.99.1 Scan saved at 18:48:54, on 21.08.2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\DeltTray.exe D:\Programme\Player\Winamp\winampa.exe C:\Programme\Java\jre1.5.0_04\bin\jusched.exe C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe C:\WINDOWS\System32\ctfmon.exe D:\Programme\anti VIR\AVGUARD.EXE D:\Programme\anti VIR\AVWUPSRV.EXE C:\WINDOWS\System32\cisvc.exe D:\Programme\Security\security suite\ewidoctrl.exe C:\WINDOWS\System32\wuauclt.exe C:\WINDOWS\System32\cidaemon.exe C:\Programme\T-Online\T-Online_Software_5\Basis-Software\Basis2\kernel.exe C:\Programme\T-Online\T-Online_Software_5\Basis-Software\Basis2\sc_watch.exe C:\PROGRA~1\T-Online\T-ONLI~1\BASIS-~1\Basis2\PROFIL~1.EXE D:\Programme\Firefox\firefox.exe D:\Programme\Security\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.web.de/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.de/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - D:\Programme\ICQToolbar\toolbaru.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programme\Reader\ActiveX\AcroIEHelper.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - D:\Programme\ICQToolbar\toolbaru.dll O4 - HKLM\..\Run: [DeltTray] DeltTray.exe O4 - HKLM\..\Run: [AVGCtrl] D:\Programme\anti VIR\AVGNT.EXE /min O4 - HKLM\..\Run: [Zone Labs Client] D:\Programme\Zone Labs\ZoneAlarm\zlclient.exe O4 - HKLM\..\Run: [WinampAgent] D:\Programme\Player\Winamp\winampa.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_04\bin\jusched.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [ICQ Lite] D:\Programme\ICQLite\ICQLite.exe -minimize O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\RunOnce: [ICQ Lite] D:\Programme\ICQLite\ICQLite.exe -trayboot O8 - Extra context menu item: &ICQ Toolbar Search - res://D:\Programme\ICQToolbar\toolbaru.dll/SEARCH.HTML O8 - Extra context menu item: Bild in &Microsoft PhotoDraw öffnen - res://D:\PROGRA~1\Office\1031\phdintl.dll/phdContext.htm O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://D:\OFFICE~1\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\Programme\ICQLite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\Programme\ICQLite\ICQLite.exe O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/v45/yacscom.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{FCF6F0F3-675B-4A58-AC8E-E34182A14875}: NameServer = 217.237.149.161 217.237.150.97 O18 - Filter: text/html - {53B95211-7D77-11D2-9F80-00104B107C96} - (no file) O18 - Filter: text/plain - {53B95211-7D77-11D2-9F80-00104B107C96} - (no file) O19 - User stylesheet: C:\WINDOWS\hh.htt (file missing) (HKLM) O20 - AppInit_DLLs: cpan.dll O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - D:\Programme\anti VIR\AVGUARD.EXE O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - D:\Programme\anti VIR\AVWUPSRV.EXE O23 - Service: ewido security suite control - ewido networks - D:\Programme\Security\security suite\ewidoctrl.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe Bis gleich... Dieser Beitrag wurde am 21.08.2005 um 18:53 Uhr von Tobi79 editiert.
|
|
|
||
21.08.2005, 22:06
Ehrenmitglied
Beiträge: 29434 |
#18
Fixe mit dem HijackThis:
O18 - Filter: text/html - {53B95211-7D77-11D2-9F80-00104B107C96} - (no file) O18 - Filter: text/plain - {53B95211-7D77-11D2-9F80-00104B107C96} - (no file) O19 - User stylesheet: C:\WINDOWS\hh.htt (file missing) (HKLM) neustarten loesche. C:\WINDOWS\hh.htt cpan.dll #neue Startseite gehe zur Systemsteuerung --> Internetoptionen --> auf dem Reiter Allgemein bei Temporäre Internetdateien klickst du Dateien löschen --> auch bei Alle Offlineinhalte löschen das Häkchen setzen und mit OK bestätigen --> Auf den Reiter Programme gehen und dort auf Webeinstellungen zurücksetzen klicken, mit Ja bestätigen, fall Nachfrage kommt --> auf Übernehmen und abschließend auf OK klicken •CWShredder http://virus-protect.org/antispywaretools.html * Double-click on CWShredder.exe. WÄHREND des Scanvorganges müssen ALLE sonstige Anwendungen beendet werden und alle Browserfenster müssen geschlossen sein! * Click "Fix ->" und click "OK" * CWShredder scannen lassen * Click "Next->" und dann "Exit". Onlinescan mit panda -->wenn der Antivirus "meckert" -->nicht beachten--->berichte vom Scan http://virus-protect.org/onlinescan.html __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
lade Dir das LP einfach runter. Es ist eine extrahierende Setup. Installiere, starte Adaware und dann folge den Anweisungen die ich auf Nikitas Seite übersetzt habe...
MfG,
__________
Yourhighness
Yourhighness' Seite / Mein Blog (Englisch)