Ständige Werbefenster |
||
---|---|---|
#0
| ||
17.09.2005, 19:30
Ehrenmitglied
Beiträge: 29434 |
||
|
||
18.09.2005, 16:41
...neu hier
Themenstarter Beiträge: 9 |
#17
sieht doch ganz gut aus oder??
------------------------------------------------------------------------------- KASPERSKY ON-LINE SCANNER REPORT Sunday, September 18, 2005 16:21:37 Operating System: Microsoft Windows XP Professional, Service Pack 1 (Build 2600) Kaspersky On-line Scanner version: 5.0.67.0 Kaspersky Anti-Virus database last update: 18/09/2005 Kaspersky Anti-Virus database records: 140840 ------------------------------------------------------------------------------- Scan Settings: Scan using the following antivirus database: standard Scan Archives: true Scan Mail Bases: true Scan Target - My Computer: A:\ C:\ D:\ E:\ G:\ H:\ I:\ J:\ Scan Statistics: Total number of scanned objects: 73576 Number of viruses found: 0 Number of infected objects: 0 Number of suspicious objects: 0 Duration of the scan process: 4005 sec No malware has been detected. The sections that have been scanned are CLEAN. Scan process completed. ich habe auch mal ein ad aware log erstellt. vielleit kannst du damit ja noch was anfagen Ad-Aware SE Build 1.06r1 Logfile Created on:Sonntag, 18. September 2005 16:23:08 Created with Ad-Aware SE Personal, free for private use. Using definitions file:SE1R66 14.09.2005 »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» References detected during the scan: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Claria(TAC index:7):1 total references EzuLa(TAC index:6):5 total references MRU List(TAC index:0):20 total references Tracking Cookie(TAC index:3):11 total references »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Ad-Aware SE Settings =========================== Set : Search for negligible risk entries Set : Search for low-risk Thread Set : Safe mode (always request confirmation) Set : Scan active processes Set : Scan registry Set : Deep-scan registry Set : Scan my IE Favorites for banned URLs Set : Scan my Hosts file Extended Ad-Aware SE Settings =========================== Set : Unload recognized processes & modules during scan Set : Scan registry for all users instead of current user only Set : Always try to unload modules before deletion Set : During removal, unload Explorer and IE if necessary Set : Let Windows remove files in use at next reboot Set : Delete quarantined objects after restoring Set : Include basic Ad-Aware settings in log file Set : Include additional Ad-Aware settings in log file Set : Include reference summary in log file Set : Include alternate data stream details in log file Set : Play sound at scan completion if scan locates critical objects 18.09.2005 16:23:08 - Scan started. (Full System Scan) MRU List Object Recognized! Location: : C:\Dokumente und Einstellungen\Kati\recent Description : list of recently opened documents MRU List Object Recognized! Location: : S-1-5-21-2262210842-1081218078-2496759010-1005\software\microsoft\automap\11.0\findmru Description : list of recently used find queries used in microsoft automap-based products MRU List Object Recognized! Location: : software\microsoft\directdraw\mostrecentapplication Description : most recent application to use microsoft directdraw MRU List Object Recognized! Location: : S-1-5-21-2262210842-1081218078-2496759010-1005\software\microsoft\internet explorer Description : last download directory used in microsoft internet explorer MRU List Object Recognized! Location: : S-1-5-21-2262210842-1081218078-2496759010-1005\software\microsoft\internet explorer\typedurls Description : list of recently entered addresses in microsoft internet explorer MRU List Object Recognized! Location: : S-1-5-21-2262210842-1081218078-2496759010-1005\software\microsoft\mediaplayer\medialibraryui Description : last selected node in the microsoft windows media player media library MRU List Object Recognized! Location: : S-1-5-21-2262210842-1081218078-2496759010-1005\software\microsoft\mediaplayer\player\settings Description : last save as directory used in jasc paint shop pro MRU List Object Recognized! Location: : S-1-5-21-2262210842-1081218078-2496759010-1005\software\microsoft\mediaplayer\preferences Description : last playlist index loaded in microsoft windows media player MRU List Object Recognized! Location: : S-1-5-21-2262210842-1081218078-2496759010-1005\software\microsoft\mediaplayer\preferences Description : last playlist loaded in microsoft windows media player MRU List Object Recognized! Location: : S-1-5-21-2262210842-1081218078-2496759010-1005\software\microsoft\office\10.0\excel\recent files Description : list of recent files used by microsoft excel MRU List Object Recognized! Location: : S-1-5-21-2262210842-1081218078-2496759010-1005\software\microsoft\search assistant\acmru Description : list of recent search terms used with the search assistant MRU List Object Recognized! Location: : S-1-5-21-2262210842-1081218078-2496759010-1005\software\microsoft\windows\currentversion\applets\paint\recent file list Description : list of files recently opened using microsoft paint MRU List Object Recognized! Location: : S-1-5-21-2262210842-1081218078-2496759010-1005\software\microsoft\windows\currentversion\applets\regedit Description : last key accessed using the microsoft registry editor MRU List Object Recognized! Location: : S-1-5-21-2262210842-1081218078-2496759010-1005\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru Description : list of recent programs opened MRU List Object Recognized! Location: : S-1-5-21-2262210842-1081218078-2496759010-1005\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru Description : list of recently saved files, stored according to file extension MRU List Object Recognized! Location: : S-1-5-21-2262210842-1081218078-2496759010-1005\software\microsoft\windows\currentversion\explorer\recentdocs Description : list of recent documents opened MRU List Object Recognized! Location: : S-1-5-21-2262210842-1081218078-2496759010-1005\software\realnetworks\realplayer\6.0\preferences Description : list of recent skins in realplayer MRU List Object Recognized! Location: : S-1-5-21-2262210842-1081218078-2496759010-1005\software\realnetworks\realplayer\6.0\preferences Description : list of recent clips in realplayer MRU List Object Recognized! Location: : S-1-5-21-2262210842-1081218078-2496759010-1005\software\microsoft\windows media\wmsdk\general Description : windows media sdk MRU List Object Recognized! Location: : S-1-5-21-2262210842-1081218078-2496759010-1005\software\winrar\dialogedithistory\extrpath Description : winrar "extract-to" history Listing running processes »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» #:1 [smss.exe] FilePath : \SystemRoot\System32\ ProcessID : 540 ThreadCreationTime : 18.09.2005 11:43:54 BasePriority : Normal #:2 [csrss.exe] FilePath : \??\C:\WINDOWS\system32\ ProcessID : 600 ThreadCreationTime : 18.09.2005 11:43:59 BasePriority : Normal #:3 [winlogon.exe] FilePath : \??\C:\WINDOWS\system32\ ProcessID : 624 ThreadCreationTime : 18.09.2005 11:44:00 BasePriority : High #:4 [services.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 668 ThreadCreationTime : 18.09.2005 11:44:00 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Betriebssystem Microsoft® Windows® CompanyName : Microsoft Corporation FileDescription : Anwendung für Dienste und Controller InternalName : services.exe LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten. OriginalFilename : services.exe #:5 [lsass.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 680 ThreadCreationTime : 18.09.2005 11:44:00 BasePriority : Normal FileVersion : 5.1.2600.1106 (xpsp1.020828-1920) ProductVersion : 5.1.2600.1106 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : LSA Shell (Export Version) InternalName : lsass.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : lsass.exe #:6 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 840 ThreadCreationTime : 18.09.2005 11:44:01 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:7 [svchost.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 904 ThreadCreationTime : 18.09.2005 11:44:01 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:8 [svchost.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 1068 ThreadCreationTime : 18.09.2005 11:44:02 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:9 [svchost.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 1100 ThreadCreationTime : 18.09.2005 11:44:02 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:10 [spoolsv.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1252 ThreadCreationTime : 18.09.2005 11:44:02 BasePriority : Normal FileVersion : 5.1.2600.0 (XPClient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Spooler SubSystem App InternalName : spoolsv.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : spoolsv.exe #:11 [explorer.exe] FilePath : C:\WINDOWS\ ProcessID : 1512 ThreadCreationTime : 18.09.2005 11:44:05 BasePriority : Normal FileVersion : 6.00.2800.1106 (xpsp1.020828-1920) ProductVersion : 6.00.2800.1106 ProductName : Betriebssystem Microsoft® Windows® CompanyName : Microsoft Corporation FileDescription : Windows Explorer InternalName : explorer LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten. OriginalFilename : EXPLORER.EXE #:12 [ehtray.exe] FilePath : C:\WINDOWS\ehome\ ProcessID : 1668 ThreadCreationTime : 18.09.2005 11:44:06 BasePriority : Normal FileVersion : 5.1.2600.1217 (WXPMCE.030729-0430) ProductVersion : 5.1.2600.1217 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Media Center Tray Applet InternalName : ehtray LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : ehtray.exe #:13 [soundman.exe] FilePath : C:\WINDOWS\ ProcessID : 1700 ThreadCreationTime : 18.09.2005 11:44:06 BasePriority : Normal FileVersion : 5.1.09 ProductVersion : 5.1.09 ProductName : Realtek Sound Manager CompanyName : Realtek Semiconductor Corp. FileDescription : Realtek Sound Manager InternalName : ALSMTray LegalCopyright : Copyright (c) 2001-2003 Realtek Semiconductor Corp. OriginalFilename : ALSMTray.exe Comments : Realtek AC97 Audio Sound Manager #:14 [hpztsb07.exe] FilePath : C:\WINDOWS\System32\spool\drivers\w32x86\3\ ProcessID : 1716 ThreadCreationTime : 18.09.2005 11:44:06 BasePriority : Normal FileVersion : 2,140,0,0 ProductVersion : 2,140,0,0 ProductName : HP DeskJet CompanyName : HP LegalCopyright : Copyright (c) Hewlett-Packard Company 1999-2002 #:15 [wkufind.exe] FilePath : C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\ ProcessID : 1732 ThreadCreationTime : 18.09.2005 11:44:07 BasePriority : Normal FileVersion : 9.00.0603.0 ProductVersion : 9.00.0603.0 ProductName : Update Detection Module CompanyName : Microsoft® Corporation FileDescription : Microsoft® Works-Aktualisierungserkennung InternalName : WkUFind LegalCopyright : Copyright © 1987-2003 Microsoft Corporation. OriginalFilename : WkUFind.exe #:16 [jusched.exe] FilePath : C:\Programme\Java\j2re1.4.2_03\bin\ ProcessID : 1744 ThreadCreationTime : 18.09.2005 11:44:07 BasePriority : Normal #:17 [ituneshelper.exe] FilePath : C:\Programme\iTunesQuicktime\ ProcessID : 1752 ThreadCreationTime : 18.09.2005 11:44:07 BasePriority : Normal FileVersion : 4.2.0.72 ProductVersion : 4.2.0.72 ProductName : iTunes CompanyName : Apple Computer, Inc. FileDescription : iTunesHelper Module InternalName : iTunesHelper LegalCopyright : © Apple Computer, Inc. 2003 OriginalFilename : iTunesHelper.exe #:18 [qttask.exe] FilePath : C:\Programme\QuickTime\ ProcessID : 1760 ThreadCreationTime : 18.09.2005 11:44:07 BasePriority : Normal FileVersion : 6.5 ProductVersion : QuickTime 6.5 ProductName : QuickTime CompanyName : Apple Computer, Inc. InternalName : QuickTime Task LegalCopyright : © Apple Computer, Inc. 2001-2004 OriginalFilename : QTTask.exe #:19 [realsched.exe] FilePath : C:\Programme\Gemeinsame Dateien\Real\Update_OB\ ProcessID : 1768 ThreadCreationTime : 18.09.2005 11:44:07 BasePriority : Normal FileVersion : 0.1.0.3208 ProductVersion : 0.1.0.3208 ProductName : RealPlayer (32-bit) CompanyName : RealNetworks, Inc. FileDescription : RealNetworks Scheduler InternalName : schedapp LegalCopyright : Copyright © RealNetworks, Inc. 1995-2004 LegalTrademarks : RealAudio(tm) is a trademark of RealNetworks, Inc. OriginalFilename : realsched.exe #:20 [ctfmon.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 1776 ThreadCreationTime : 18.09.2005 11:44:07 BasePriority : Normal FileVersion : 5.1.2600.1106 (xpsp1.020828-1920) ProductVersion : 5.1.2600.1106 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : CTF Loader InternalName : CTFMON LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : CTFMON.EXE #:21 [rundll32.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 1784 ThreadCreationTime : 18.09.2005 11:44:07 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Betriebssystem Microsoft® Windows® CompanyName : Microsoft Corporation FileDescription : Eine DLL-Datei als Anwendung ausführen InternalName : rundll LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten. OriginalFilename : RUNDLL.EXE #:22 [bttray.exe] FilePath : C:\Programme\Sitecom\Bluetooth Software\ ProcessID : 1812 ThreadCreationTime : 18.09.2005 11:44:07 BasePriority : Normal FileVersion : 1.4.2 Build 10 ProductVersion : 1.4.2 Build 10 ProductName : Bluetooth Software 1.4.2 Build 10 CompanyName : WIDCOMM, Inc. FileDescription : Bluetooth Tray Application InternalName : BTTray LegalCopyright : Copyright WIDCOMM, Inc. 2000-2003. OriginalFilename : BTTray.exe #:23 [watch.exe] FilePath : C:\WINDOWS\twain_32\A4CIS600\ ProcessID : 1840 ThreadCreationTime : 18.09.2005 11:44:08 BasePriority : Normal FileVersion : 1, 1, 0, 0 ProductVersion : 1, 1, 0, 0 ProductName : Watch Dog CompanyName : Common Group FileDescription : Watch Dog InternalName : Gloria LegalCopyright : Copyright (C) 1998 OriginalFilename : WATCH.EXE #:24 [icq.exe] FilePath : C:\PROGRA~1\ICQ\ ProcessID : 1896 ThreadCreationTime : 18.09.2005 11:44:08 BasePriority : Normal FileVersion : 5,5,6,3916 ProductVersion : 2003b ProductName : ICQ CompanyName : ICQ Inc. FileDescription : ICQ InternalName : ICQ LegalCopyright : Copyright © 1996 - 2001 ICQ Inc. All Rights Reserved. OriginalFilename : ICQ.exe Comments : ICQ V2003b #:25 [alg.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 1928 ThreadCreationTime : 18.09.2005 11:44:08 BasePriority : Normal FileVersion : 5.1.2600.1106 (xpsp1.020828-1920) ProductVersion : 5.1.2600.1106 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Application Layer Gateway Service InternalName : ALG.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : ALG.exe #:26 [avwupsrv.exe] FilePath : C:\Programme\AVPersonal antivir\ ProcessID : 1940 ThreadCreationTime : 18.09.2005 11:44:08 BasePriority : Normal #:27 [btwdins.exe] FilePath : C:\Programme\Sitecom\Bluetooth Software\bin\ ProcessID : 1956 ThreadCreationTime : 18.09.2005 11:44:09 BasePriority : Normal FileVersion : 1.4.2 Build 10 ProductVersion : 1.4.2 Build 10 ProductName : Bluetooth Software 1.4.2 Build 10 CompanyName : WIDCOMM, Inc. FileDescription : Bluetooth Support Server InternalName : BTWDIns LegalCopyright : Copyright WIDCOMM, Inc. 2000-2003. OriginalFilename : BTWDIns.EXE #:28 [ehsched.exe] FilePath : C:\WINDOWS\ehome\ ProcessID : 1980 ThreadCreationTime : 18.09.2005 11:44:09 BasePriority : Normal FileVersion : 5.1.2600.1217 (WXPMCE.030729-0430) ProductVersion : 5.1.2600.1217 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Media Center Scheduler Service InternalName : ehSched LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : ehSched.exe #:29 [ewidoctrl.exe] FilePath : C:\Programme\ewido\security suite\ ProcessID : 2004 ThreadCreationTime : 18.09.2005 11:44:09 BasePriority : Normal FileVersion : 3, 0, 0, 1 ProductVersion : 3, 0, 0, 1 ProductName : ewido control CompanyName : ewido networks FileDescription : ewido control InternalName : ewido control LegalCopyright : Copyright © 2004 OriginalFilename : ewidoctrl.exe #:30 [gearsec.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 2040 ThreadCreationTime : 18.09.2005 11:44:09 BasePriority : Normal FileVersion : 1, 0, 0, 6 ProductVersion : 1, 0, 0, 6 ProductName : gearsec CompanyName : GEAR Software FileDescription : gearsec InternalName : gearsec LegalCopyright : Copyright © 2001-2003 GEAR Software OriginalFilename : gearsec.exe #:31 [nvsvc32.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 212 ThreadCreationTime : 18.09.2005 11:44:09 BasePriority : Normal FileVersion : 6.14.01.4351 ProductVersion : 6.14.01.4351 ProductName : NVIDIA Driver Helper Service, Version 43.51 CompanyName : NVIDIA Corporation FileDescription : NVIDIA Driver Helper Service, Version 43.51 InternalName : NVSVC LegalCopyright : (C) NVIDIA Corporation. All rights reserved. OriginalFilename : nvsvc32.exe #:32 [wdfmgr.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 412 ThreadCreationTime : 18.09.2005 11:44:09 BasePriority : Normal FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act) ProductVersion : 5.2.3790.1230 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Windows User Mode Driver Manager InternalName : WdfMgr LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : WdfMgr.exe #:33 [ipodservice.exe] FilePath : C:\Programme\iPod\bin\ ProcessID : 1680 ThreadCreationTime : 18.09.2005 11:44:14 BasePriority : Normal FileVersion : 4.2.0.72 ProductVersion : 4.2.0.72 ProductName : iTunes CompanyName : Apple Computer, Inc. FileDescription : iPodService Module InternalName : iPodService LegalCopyright : © Apple Computer, Inc. 2003 OriginalFilename : iPodService.exe #:34 [ehmsas.exe] FilePath : C:\WINDOWS\ehome\ ProcessID : 2216 ThreadCreationTime : 18.09.2005 11:44:15 BasePriority : Normal FileVersion : 5.1.2600.1217 (WXPMCE.030729-0430) ProductVersion : 5.1.2600.1217 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Media Center Media Status Aggregator Service InternalName : eHMSAS LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : ehMSAS.exe #:35 [wuauclt.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 2540 ThreadCreationTime : 18.09.2005 11:45:26 BasePriority : Normal FileVersion : 5.4.3630.1106 (xpsp1.020828-1920) ProductVersion : 5.4.3630.1106 ProductName : Betriebssystem Microsoft® Windows® CompanyName : Microsoft Corporation FileDescription : Client des automatischen Updates von Windows Update InternalName : wuauclt.exe LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten. OriginalFilename : wuauclt.exe #:36 [iexplore.exe] FilePath : C:\Programme\Internet Explorer\ ProcessID : 3604 ThreadCreationTime : 18.09.2005 11:58:24 BasePriority : Normal FileVersion : 6.00.2800.1106 (xpsp1.020828-1920) ProductVersion : 6.00.2800.1106 ProductName : Betriebssystem Microsoft® Windows® CompanyName : Microsoft Corporation FileDescription : Internet Explorer InternalName : iexplore LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten. OriginalFilename : IEXPLORE.EXE #:37 [acrord32.exe] FilePath : C:\Programme\Adobe\Acrobat 6.0\Reader\ ProcessID : 360 ThreadCreationTime : 18.09.2005 12:03:56 BasePriority : Normal FileVersion : 6.0.0.2003051900 ProductVersion : 6.0.0.2003051900 ProductName : Adobe Reader CompanyName : Adobe Systems Incorporated FileDescription : Adobe Reader 6.0 LegalCopyright : Copyright 1984-2003 Adobe Systems Incorporated and its licensors. All rights reserved. OriginalFilename : AcroRd32.exe #:38 [wisptis.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 572 ThreadCreationTime : 18.09.2005 12:04:31 BasePriority : High FileVersion : 1.0.2201.0 (xpsp1.020828-1920) ProductVersion : 1.0.2201.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Microsoft Tablet PC Platform Component InternalName : WISPTIS.EXE LegalCopyright : Copyright © 1998-2002 Microsoft Corporation. OriginalFilename : WISPTIS.EXE #:39 [iexplore.exe] FilePath : C:\Programme\Internet Explorer\ ProcessID : 1308 ThreadCreationTime : 18.09.2005 14:11:04 BasePriority : Normal FileVersion : 6.00.2800.1106 (xpsp1.020828-1920) ProductVersion : 6.00.2800.1106 ProductName : Betriebssystem Microsoft® Windows® CompanyName : Microsoft Corporation FileDescription : Internet Explorer InternalName : iexplore LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten. OriginalFilename : IEXPLORE.EXE #:40 [notepad.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 3896 ThreadCreationTime : 18.09.2005 14:21:42 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Betriebssystem Microsoft® Windows® CompanyName : Microsoft Corporation FileDescription : Editor InternalName : Notepad LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten. OriginalFilename : NOTEPAD.EXE #:41 [ad-aware.exe] FilePath : C:\Programme\Ad-Aware SE Personal\ ProcessID : 4016 ThreadCreationTime : 18.09.2005 14:22:56 BasePriority : Normal FileVersion : 6.2.0.236 ProductVersion : SE 106 ProductName : Lavasoft Ad-Aware SE CompanyName : Lavasoft Sweden FileDescription : Ad-Aware SE Core application InternalName : Ad-Aware.exe LegalCopyright : Copyright © Lavasoft AB Sweden OriginalFilename : Ad-Aware.exe Comments : All Rights Reserved Memory scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 20 Started registry scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» EzuLa Object Recognized! Type : Regkey Data : TAC Rating : 6 Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : ezulabootexe.installctrl.1 EzuLa Object Recognized! Type : Regkey Data : TAC Rating : 6 Category : Data Miner Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\classes\ezulabootexe.installctrl.1 Registry Scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 2 Objects found so far: 22 Started deep registry scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Deep registry scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 22 Started Tracking Cookie scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Tracking Cookie Object Recognized! Type : IECache Entry Data : kati@partners.webmasterplan[2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:10 Value : Cookie:kati@partners.webmasterplan.com/ Expires : 11.09.2015 LastSync : Hits:10 UseCount : 0 Hits : 10 Tracking Cookie Object Recognized! Type : IECache Entry Data : kati@mediaplex[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:1 Value : Cookie:kati@mediaplex.com/ Expires : 22.06.2009 02:00:00 LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : kati@advertising[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:1 Value : Cookie:kati@advertising.com/ Expires : 17.09.2010 16:18:46 LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : kati@cgi-bin[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:5 Value : Cookie:kati@imrworldwide.com/cgi-bin Expires : 16.09.2015 15:02:32 LastSync : Hits:5 UseCount : 0 Hits : 5 Tracking Cookie Object Recognized! Type : IECache Entry Data : kati@doubleclick[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:4 Value : Cookie:kati@doubleclick.net/ Expires : 16.09.2008 19:45:34 LastSync : Hits:4 UseCount : 0 Hits : 4 Tracking Cookie Object Recognized! Type : IECache Entry Data : kati@atdmt[2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:4 Value : Cookie:kati@atdmt.com/ Expires : 12.09.2010 02:00:00 LastSync : Hits:4 UseCount : 0 Hits : 4 Tracking Cookie Object Recognized! Type : IECache Entry Data : kati@2o7[2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:10 Value : Cookie:kati@2o7.net/ Expires : 17.09.2010 16:21:14 LastSync : Hits:10 UseCount : 0 Hits : 10 Tracking Cookie Object Recognized! Type : IECache Entry Data : kati@real[2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:14 Value : Cookie:kati@real.com/ Expires : 02.11.2005 12:53:00 LastSync : Hits:14 UseCount : 0 Hits : 14 Tracking Cookie Object Recognized! Type : IECache Entry Data : kati@as1.falkag[2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:25 Value : Cookie:kati@as1.falkag.de/ Expires : 18.10.2005 16:20:16 LastSync : Hits:25 UseCount : 0 Hits : 25 Tracking Cookie Object Recognized! Type : IECache Entry Data : kati@tradedoubler[2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:6 Value : Cookie:kati@tradedoubler.com/ Expires : 12.09.2025 13:36:14 LastSync : Hits:6 UseCount : 0 Hits : 6 Tracking Cookie Object Recognized! Type : IECache Entry Data : kati@servedby.advertising[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:1 Value : Cookie:kati@servedby.advertising.com/ Expires : 18.10.2005 16:18:46 LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking cookie scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 11 Objects found so far: 33 Deep scanning and examining files (C »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Claria Object Recognized! Type : File Data : A0021593.exe TAC Rating : 7 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{E20F4D18-5573-4984-AFCE-37F5525C946C}\RP222\ FileVersion : 4.1.0.4 ProductVersion : 4.1.0.4 OriginalFilename : Trickler.exe Disk Scan Result for C:\ »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 34 Scanning Hosts file...... Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts". »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Hosts file scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» 1 entries scanned. New critical objects:0 Objects found so far: 34 Performing conditional scans... »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» EzuLa Object Recognized! Type : Regkey Data : TAC Rating : 6 Category : Data Miner Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\downloadmanager EzuLa Object Recognized! Type : Folder TAC Rating : 6 Category : Data Miner Comment : EzuLa Object : C:\Dokumente und Einstellungen\Kati\Startmenü\Programme\TopText iLookup EzuLa Object Recognized! Type : File Data : ezstub.exe TAC Rating : 6 Category : Data Miner Comment : Object : C:\WINDOWS\System32\ FileVersion : 2, 0, 70, 00 ProductVersion : 1, 0, 0, 1 ProductName : eZstub Module CompanyName : Imesh20 FileDescription : eZstub Module InternalName : eZstub LegalCopyright : Copyright 2000 OriginalFilename : eZstub.EXE Conditional scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 3 Objects found so far: 37 16:39:04 Scan Complete Summary Of This Scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Total scanning time:00:15:56.360 Objects scanned:154097 Objects identified:17 Objects ignored:0 New critical objects:17 |
|
|
||
19.09.2005, 00:23
Ehrenmitglied
Beiträge: 29434 |
#18
Hallo@Kati
fein ich denke, dass nun alles in Ordnung ist __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
19.09.2005, 16:56
...neu hier
Themenstarter Beiträge: 9 |
#19
hey super!! ganz dickes DANKE!!!!
nur noch eine sache. was empfiehlst du mir, dass es auch in ordnung bleibt?? |
|
|
||
21.09.2005, 11:37
Ehrenmitglied
Beiträge: 29434 |
#20
lade die WindowsUpdates (SP2) , und surfe nur noch mit dem Firefox, nicht mit dem IE
#Alternativbrowser zum IE Firefox http://www.firefox-browser.de/windows.php http://www.mozilla-europe.org/de/ Installation+Konfiguration Firefox http://www.pcwelt.de/know-how/software/103924/index1.html __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
23.09.2005, 14:59
...neu hier
Beiträge: 1 |
#21
ich hab auch nen problem mit popups und evtl. mit winfix
hier meine hijack logs ebenfalls bekomme ich gerade virenwarnung von exploit-mht.redirg Logfile of HijackThis v1.99.1 Scan saved at 14:40:11, on 23.09.2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\SCardSvr.exe C:\Programme\ Network Associates\McAfee Desktop Firewall für Windows XP\FireSvc.exe C:\Programme\CA\SharedComponents\CA_LIC\LogWatNT.exe C:\Programme\Network Associates\Common Framework\FrameworkService.exe C:\Programme\Network Associates\VirusScan\Mcshield.exe C:\Programme\Network Associates\VirusScan\VsTskMgr.exe C:\PROGRA~1\NETWOR~1\COMMON~1\naPrdMgr.exe C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\wdfmgr.exe C:\WINDOWS\System32\alg.exe C:\Programme\Network Associates\VirusScan\MCUPDATE.EXE C:\Programme\Network Associates\Common Framework\McScript_InUse.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SOUNDMAN.EXE C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Programme\Network Associates\VirusScan\SHSTAT.EXE C:\Programme\Network Associates\Common Framework\UpdaterUI.exe C:\Programme\Gemeinsame Dateien\Network Associates\TalkBack\TBMon.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe C:\Programme\Hewlett-Packard\HP Software Update\HPWuSchd.exe C:\WINDOWS\system32\hphmon05.exe C:\Programme\Java\jre1.5.0_04\bin\jusched.exe C:\Programme\NetPumper\NetPumperIEProxy.exe C:\Programme\Internet Explorer\iexplore.exe C:\WINDOWS\system32\ctfmon.exe C:\Programme\ATI Multimedia\main\launchpd.exe C:\Programme\ATI Multimedia\main\ATIDtct.EXE C:\Programme\ATI Multimedia\RemCtrl\ATIRW.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\rundll32.exe C:\Programme\T-Online\T-Online_Software_5\Basis-Software\Basis2\kernel.exe C:\Programme\T-Online\T-Online_Software_5\Basis-Software\Basis2\sc_watch.exe C:\PROGRA~1\T-Online\T-ONLI~1\BASIS-~1\Basis2\PROFIL~1.EXE C:\PROGRAMME\INTERNET EXPLORER\IEXPLORE.EXE C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SOUNDMAN.EXE C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Programme\Network Associates\VirusScan\SHSTAT.EXE C:\Programme\Network Associates\Common Framework\UpdaterUI.exe C:\Programme\Gemeinsame Dateien\Network Associates\TalkBack\TBMon.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe C:\Programme\Hewlett-Packard\HP Software Update\HPWuSchd.exe C:\WINDOWS\system32\hphmon05.exe C:\Programme\Java\jre1.5.0_04\bin\jusched.exe C:\Programme\NetPumper\NetPumperIEProxy.exe C:\WINDOWS\system32\ctfmon.exe C:\Programme\ATI Multimedia\main\ATIDtct.EXE C:\Programme\ATI Multimedia\RemCtrl\ATIRW.exe C:\Programme\Spybot - Search & Destroy\TeaTimer.exe c:\progra~1\intern~1\iexplore.exe C:\Programme\T-Online\T-Online_Software_5\Basis-Software\Basis2\kernel.exe C:\Programme\T-Online\T-Online_Software_5\Basis-Software\Basis2\sc_watch.exe C:\PROGRA~1\T-Online\T-ONLI~1\BASIS-~1\Basis2\PROFIL~1.EXE C:\Programme\Internet Explorer\iexplore.exe C:\PROGRAMME\INTERNET EXPLORER\IEXPLORE.EXE C:\Programme\Internet Explorer\IEXPLORE.EXE C:\Programme\Steam\Steam.exe C:\Programme\s-t-i-n-g-e-r.exe C:\Programme\WinRAR\WinRAR.exe C:\DOKUME~1\Robin\LOKALE~1\Temp\Rar$EX05.203\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.t-online.de/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.targa.de R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.t-online.de/service/redir/tosw5_webtour.htm R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar1.dll O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar1.dll O4 - HKLM\..\Run: [Verknüpfung mit der High Definition Audio-Eigenschaftenseite] HDAudPropShortcut.exe O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AlcWzrd] REM ALCWZRD.EXE O4 - HKLM\..\Run: [Alcmtr] REM ALCMTR.EXE O4 - HKLM\..\Run: [CARPService] REM carpserv.exe O4 - HKLM\..\Run: [ATIPTA] C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [PinnacleDriverCheck] REM C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg O4 - HKLM\..\Run: [NeroFilterCheck] REM C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [OEM-Reset] REM O4 - HKLM\..\Run: [ICQ Lite] REM C:\Programme\ICQLite\ICQLite.exe -minimize O4 - HKLM\..\Run: [ShStatEXE] "C:\Programme\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Programme\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Programme\Gemeinsame Dateien\Network Associates\TalkBack\TBMon.exe" O4 - HKLM\..\Run: [McAfeeFireTray] C:\Programme\ Network Associates\McAfee Desktop Firewall für Windows XP\Firetray.exe O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe O4 - HKLM\..\Run: [HPHUPD05] C:\Programme\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe O4 - HKLM\..\Run: [HP Software Update] "C:\Programme\Hewlett-Packard\HP Software Update\HPWuSchd.exe" O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_04\bin\jusched.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [NetPumper] "C:\Programme\NetPumper\NetPumperIEProxy.exe" O4 - HKLM\..\Run: [exit file surf live] C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ByteAmenExitFile\teamfind.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [] REM O4 - HKCU\..\Run: [ATI Launchpad] "C:\Programme\ATI Multimedia\main\launchpd.exe" O4 - HKCU\..\Run: [ATI DeviceDetect] C:\Programme\ATI Multimedia\main\ATIDtct.EXE O4 - HKCU\..\Run: [ATI Remote Control] C:\Programme\ATI Multimedia\RemCtrl\ATIRW.exe O4 - HKCU\..\Run: [chinhole] C:\DOKUME~1\Robin\ANWEND~1\UPLOAD~1\Obj dog.exe O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: &Google Search - res://C:\Programme\Google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Programme\ICQToolbar\toolbaru.dll/SEARCH.HTML O8 - Extra context menu item: &Translate English Word - res://C:\Programme\Google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Backward Links - res://C:\Programme\Google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Programme\Google\GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: Download with NetPumper - C:\Programme\NetPumper\AddUrl.htm O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Similar Pages - res://C:\Programme\Google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Translate Page into English - res://C:\Programme\Google\GoogleToolbar1.dll/cmtrans.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - C:\Programme\ATI Multimedia\tv\EXPLBAR.DLL (file missing) O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe (file missing) O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe (file missing) O14 - IERESET.INF: START_PAGE_URL=http://www.targa.de O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1121345254814 O17 - HKLM\System\CCS\Services\Tcpip\..\{0488DDF0-AACF-420D-A164-91F4AC13060C}: NameServer = 217.237.151.161 217.237.151.33 O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: CA-Lizenz-Client (CA_LIC_CLNT) - Computer Associates - C:\Programme\CA\SharedComponents\CA_LIC\lic98rmt.exe O23 - Service: CA-Lizenzserver (CA_LIC_SRVR) - Computer Associates - C:\Programme\CA\SharedComponents\CA_LIC\lic98rmtd.exe O23 - Service: McAfee Desktop Firewall Service (FireSvc) - Networks Associates Technology, Inc. - C:\Programme\ Network Associates\McAfee Desktop Firewall für Windows XP\FireSvc.exe O23 - Service: Ereignisprotokoll-Überwachung (LogWatch) - Computer Associates - C:\Programme\CA\SharedComponents\CA_LIC\LogWatNT.exe O23 - Service: McAfee Framework-Dienst (McAfeeFramework) - Network Associates, Inc. - C:\Programme\Network Associates\Common Framework\FrameworkService.exe O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Programme\Network Associates\VirusScan\Mcshield.exe O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Programme\Network Associates\VirusScan\VsTskMgr.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: X10 Device Network Service (x10nets) - Unknown owner - C:\PROGRA~1\ATIMUL~1\RemCtrl\x10nets.exe (file missing) Dieser Beitrag wurde am 23.09.2005 um 15:03 Uhr von Mastero editiert.
|
|
|
||
23.09.2005, 16:36
Ehrenmitglied
Beiträge: 29434 |
#22
Hallo@Mastero
CCleaner (loesche alle temp.Dateien) http://virus-protect.org/virusprotect/temp.html #öffne das HijackThis-->> Button "scan" -->> Häkchen setzen -->> Button "Fix checked" -->> PC neustarten O4 - HKLM\..\Run: [NetPumper] "C:\Programme\NetPumper\NetPumperIEProxy.exe" O4 - HKLM\..\Run: [exit file surf live] C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ByteAmenExitFile\teamfind.exe O4 - HKCU\..\Run: [chinhole] C:\DOKUME~1\Robin\ANWEND~1\UPLOAD~1\Obj dog.exe PC neustarten deinstallieren: C:\Programme\NetPumper scanne mit escan und poste mir, was infiziert und target ist: http://virus-protect.org/virusprotect/escan.html __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
loesche alles BackUps vom HijackThis, dann :
loesche mit der Killbox:
C:\System Volume Information\_restore{E20F4D18-5573-4984-AFCE-37F5525C946C}\RP236\A0024175.exe
PC neustarten
falls es weg ist, brauchst du nicht die gesamte Systemwiederherstellung zu deaktivieren.
Ueberpruefe mit Kaspersky, ob der Eintrag geloescht wurde und berichte
__________
MfG Sabina
rund um die PC-Sicherheit