Home » Spyware & Browser Hijacker Support Forum » befallen von Spyaxe und Co » Themenansicht

befallen von Spyaxe und Co
#0
03.01.2006, 21:55
Chatt
...neu hier

Beiträge: 5
#1 Hi Sabina,
erstmal grosses Lob an das sehr kompetente ForumTeam!

Folgendes Problem:
Seit ich ausversehen beim surfen eine Datei ausgeführt habe, läuft mein ganzer Rechner langsamer und der IE spinnt.

Ich habe soeben Kaspersky online durchgeführt und es wurde einiges gefunden:

-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Tuesday, January 03, 2006 21:44:58
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version: 5.0.67.0
Kaspersky Anti-Virus database last update: 3/01/2006
Kaspersky Anti-Virus database records: 158598
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: standard
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\
G:\
H:\
I:\
J:\
K:\

Scan Statistics:
Total number of scanned objects: 116291
Number of viruses found: 15
Number of infected objects: 62
Number of suspicious objects: 0
Duration of the scan process: 8335 sec

Infected Object Name - Virus Name
C:\Dokumente und Einstellungen\Chatt\Lokale Einstellungen\Temp\Temporäres Verzeichnis 1 für Resco.Audio.Recorder.v3.20.ARM.PPC.incl.keyg*hier nicht*-RCAPDA.zip\Resco.Audio.Recorder.v3.20.ARM.PPC.incl.keyg*hier nicht*-RCAPDA\r-000627.zip/keyg*hier nicht*.rar/keyg*hier nicht*.exe Infected: Trojan-Spy.Win32.ProAgent.t
C:\Dokumente und Einstellungen\Chatt\Lokale Einstellungen\Temp\Temporäres Verzeichnis 1 für Resco.Audio.Recorder.v3.20.ARM.PPC.incl.keyg*hier nicht*-RCAPDA.zip\Resco.Audio.Recorder.v3.20.ARM.PPC.incl.keyg*hier nicht*-RCAPDA\r-000627.zip/keyg*hier nicht*.rar Infected: Trojan-Spy.Win32.ProAgent.t
C:\Dokumente und Einstellungen\Chatt\Lokale Einstellungen\Temp\Temporäres Verzeichnis 1 für Resco.Audio.Recorder.v3.20.ARM.PPC.incl.keyg*hier nicht*-RCAPDA.zip\Resco.Audio.Recorder.v3.20.ARM.PPC.incl.keyg*hier nicht*-RCAPDA\r-000627.zip Infected: Trojan-Spy.Win32.ProAgent.t
C:\Dokumente und Einstellungen\Chatt\Lokale Einstellungen\Temporary Internet Files\Content.IE5\0PUZ41MR\prompt[1].htm Infected: Trojan-Downloader.JS.IstBar.j
C:\Dokumente und Einstellungen\Chatt\Lokale Einstellungen\Temporary Internet Files\Content.IE5\892R8HAJ\z1[1].htm Infected: Exploit.Win32.MS05-013.gen
C:\System Volume Information\_restore{46547952-647E-444E-BC54-C01EB0BD352D}\RP164\A0038518.tlb Infected: Trojan-Downloader.Win32.Zlob.dk
C:\System Volume Information\_restore{46547952-647E-444E-BC54-C01EB0BD352D}\RP164\A0038677.tlb Infected: Trojan-Downloader.Win32.Zlob.dk
C:\System Volume Information\_restore{46547952-647E-444E-BC54-C01EB0BD352D}\RP164\A0038678.dll Infected: not-virus:Hoax.Win32.Renos.af
C:\System Volume Information\_restore{46547952-647E-444E-BC54-C01EB0BD352D}\RP164\A0038899.tlb Infected: Trojan-Downloader.Win32.Zlob.dk
C:\System Volume Information\_restore{46547952-647E-444E-BC54-C01EB0BD352D}\RP165\A0038950.exe Infected: Trojan-Downloader.Win32.Zlob.dk
C:\System Volume Information\_restore{46547952-647E-444E-BC54-C01EB0BD352D}\RP165\A0038951.tlb Infected: Trojan-Downloader.Win32.Zlob.dk
C:\System Volume Information\_restore{46547952-647E-444E-BC54-C01EB0BD352D}\RP165\A0038963.tlb Infected: Trojan-Downloader.Win32.Zlob.dk
C:\System Volume Information\_restore{46547952-647E-444E-BC54-C01EB0BD352D}\RP165\A0039176.tlb Infected: Trojan-Downloader.Win32.Zlob.dk
C:\System Volume Information\_restore{46547952-647E-444E-BC54-C01EB0BD352D}\RP165\A0039187.tlb Infected: Trojan-Downloader.Win32.Zlob.dk
C:\System Volume Information\_restore{46547952-647E-444E-BC54-C01EB0BD352D}\RP165\A0039394.tlb Infected: Trojan-Downloader.Win32.Zlob.dk
C:\System Volume Information\_restore{46547952-647E-444E-BC54-C01EB0BD352D}\RP165\A0039428.tlb Infected: Trojan-Downloader.Win32.Zlob.dk
C:\System Volume Information\_restore{46547952-647E-444E-BC54-C01EB0BD352D}\RP166\A0039472.tlb Infected: Trojan-Downloader.Win32.Zlob.dk
C:\System Volume Information\_restore{46547952-647E-444E-BC54-C01EB0BD352D}\RP166\A0039490.exe Infected: Trojan-Downloader.Win32.Zlob.dk
C:\System Volume Information\_restore{46547952-647E-444E-BC54-C01EB0BD352D}\RP166\A0039514.exe Infected: Trojan-Downloader.Win32.Zlob.dk
C:\System Volume Information\_restore{46547952-647E-444E-BC54-C01EB0BD352D}\RP166\A0039522.tlb Infected: Trojan-Downloader.Win32.Zlob.dl
C:\System Volume Information\_restore{46547952-647E-444E-BC54-C01EB0BD352D}\RP166\A0039560.tlb Infected: Trojan-Downloader.Win32.Zlob.dl
C:\System Volume Information\_restore{46547952-647E-444E-BC54-C01EB0BD352D}\RP166\A0039564.exe Infected: Trojan-Downloader.Win32.Zlob.dl
C:\System Volume Information\_restore{46547952-647E-444E-BC54-C01EB0BD352D}\RP167\A0039593.tlb Infected: Trojan-Downloader.Win32.Zlob.dl
C:\System Volume Information\_restore{46547952-647E-444E-BC54-C01EB0BD352D}\RP167\A0039597.exe Infected: Trojan-Downloader.Win32.Zlob.dl
C:\System Volume Information\_restore{46547952-647E-444E-BC54-C01EB0BD352D}\RP167\A0039621.exe Infected: Trojan-Downloader.Win32.Zlob.bu
C:\System Volume Information\_restore{46547952-647E-444E-BC54-C01EB0BD352D}\RP167\A0039630.tlb Infected: Trojan-Downloader.Win32.Zlob.do
C:\System Volume Information\_restore{46547952-647E-444E-BC54-C01EB0BD352D}\RP167\A0039634.exe Infected: Trojan.Win32.Agent.il
C:\System Volume Information\_restore{46547952-647E-444E-BC54-C01EB0BD352D}\RP167\A0039635.exe Infected: Trojan-Downloader.Win32.Zlob.do
C:\System Volume Information\_restore{46547952-647E-444E-BC54-C01EB0BD352D}\RP167\A0039643.tlb Infected: Trojan-Downloader.Win32.Zlob.dr
C:\System Volume Information\_restore{46547952-647E-444E-BC54-C01EB0BD352D}\RP167\A0039650.exe Infected: Trojan.Win32.Agent.il
C:\System Volume Information\_restore{46547952-647E-444E-BC54-C01EB0BD352D}\RP168\A0039667.tlb Infected: Trojan-Downloader.Win32.Zlob.dr
C:\System Volume Information\_restore{46547952-647E-444E-BC54-C01EB0BD352D}\RP169\A0039722.tlb Infected: Trojan-Downloader.Win32.Zlob.dr
C:\System Volume Information\_restore{46547952-647E-444E-BC54-C01EB0BD352D}\RP169\A0039761.tlb Infected: Trojan-Downloader.Win32.Zlob.dr
C:\System Volume Information\_restore{46547952-647E-444E-BC54-C01EB0BD352D}\RP170\A0039837.tlb Infected: Trojan-Downloader.Win32.Zlob.dr
C:\WINDOWS\system32\mscornet.exe Infected: Trojan-Downloader.Win32.Zlob.bv
C:\WINDOWS\system32\mssearchnet.exe Infected: Trojan-Downloader.Win32.Zlob.bu
C:\WINDOWS\system32\msvol.tlb Infected: Trojan-Downloader.Win32.Zlob.dr
C:\WINDOWS\system32\nvctrl.exe Infected: Trojan-Downloader.Win32.Zlob.dr
D:\EMuleDateien\Nero.Burning.Rom.v6.3.1.6.Ultra.Edition.PowerPack.Deutsch.Full.+.Alle.Handbücher.(by.king-alp).rar/NeroBurningRom 6.3.0.3 keyg*hier nicht*.exe Infected: Trojan-Dropper.Win32.Delf.gi
D:\EMuleDateien\Nero.Burning.Rom.v6.3.1.6.Ultra.Edition.PowerPack.Deutsch.Full.+.Alle.Handbücher.(by.king-alp).rar Infected: Trojan-Dropper.Win32.Delf.gi
G:\ChattsDateien\Software IPAQ hx4700\HX4700\Software\Resco audiorec\Resco.Audio.Recorder.v3.20.ARM.PPC.incl.keyg*hier nicht*-RCAPDA\r-000627.zip/keyg*hier nicht*.rar/keyg*hier nicht*.exe Infected: Trojan-Spy.Win32.ProAgent.t
G:\ChattsDateien\Software IPAQ hx4700\HX4700\Software\Resco audiorec\Resco.Audio.Recorder.v3.20.ARM.PPC.incl.keyg*hier nicht*-RCAPDA\r-000627.zip/keyg*hier nicht*.rar Infected: Trojan-Spy.Win32.ProAgent.t
G:\ChattsDateien\Software IPAQ hx4700\HX4700\Software\Resco audiorec\Resco.Audio.Recorder.v3.20.ARM.PPC.incl.keyg*hier nicht*-RCAPDA\r-000627.zip Infected: Trojan-Spy.Win32.ProAgent.t
H:\Programme\Norton AntiVirus\Quarantine\02D52BE4.tmp Infected: Trojan-Downloader.Win32.Zlob.dm
H:\Programme\Norton AntiVirus\Quarantine\02D855E1.tmp Infected: Trojan-Downloader.Win32.Zlob.dr
H:\Programme\Norton AntiVirus\Quarantine\0300656B.tmp Infected: Trojan-Downloader.Win32.Zlob.dm
H:\Programme\Norton AntiVirus\Quarantine\09554AC1.tmp Infected: Trojan-Downloader.Win32.Zlob.dp
H:\Programme\Norton AntiVirus\Quarantine\0A4C1FF8.tmp Infected: Trojan-Downloader.Win32.Zlob.dr
H:\Programme\Norton AntiVirus\Quarantine\18642352.tmp Infected: Trojan-Downloader.Win32.Zlob.dr
H:\Programme\Norton AntiVirus\Quarantine\18E41679.tmp Infected: Trojan-Downloader.Win32.Zlob.dr
H:\Programme\Norton AntiVirus\Quarantine\1A270E40.tmp Infected: Trojan-Downloader.Win32.Zlob.dl
H:\Programme\Norton AntiVirus\Quarantine\27AF1913.tmp Infected: Trojan-Downloader.Win32.Zlob.dl
H:\Programme\Norton AntiVirus\Quarantine\2CD3316B.tmp Infected: Trojan-Downloader.Win32.Zlob.dl
H:\Programme\Norton AntiVirus\Quarantine\57437824.tmp Infected: Trojan-Downloader.Win32.Zlob.dp
H:\Programme\Norton AntiVirus\Quarantine\57A94888.tmp Infected: Trojan-Downloader.Win32.Zlob.dm
H:\Programme\Norton AntiVirus\Quarantine\57AC7285.tmp Infected: Trojan-Downloader.Win32.Zlob.dr
H:\Programme\Norton AntiVirus\Quarantine\60184239.tmp Infected: Trojan-Downloader.Win32.Zlob.dr
H:\Programme\Norton AntiVirus\Quarantine\6E2F26E8.tmp Infected: Trojan-Downloader.Win32.Zlob.dr
H:\Programme\Norton AntiVirus\Quarantine\6F511288.exe Infected: Trojan-Downloader.Win32.Zlob.dk
H:\Programme\Norton AntiVirus\Quarantine\72781510.tmp Infected: Trojan-Downloader.Win32.Zlob.dl
H:\Programme\Norton AntiVirus\Quarantine\757D660A.dll Infected: not-virus:Hoax.Win32.Renos.af
H:\Programme\Norton AntiVirus\Quarantine\78042BD0.wmf Infected: Trojan-Downloader.Win32.Agent.acd

Scan process completed.




Ausserdem auch HijackThis:


Logfile of HijackThis v1.99.1
Scan saved at 21:48:47, on 03.01.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
h:\Programme\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Gemeinsame Dateien\EPSON\EBAPI\SAgent2.exe
H:\Programme\Norton AntiVirus\navapsvc.exe
H:\Programme\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\mssearchnet.exe
C:\WINDOWS\system32\nvctrl.exe
C:\WINDOWS\TBPanel.exe
C:\Programme\Java\jre1.5.0_06\bin\jusched.exe
C:\Programme\Gemeinsame Dateien\Logitech\QCDriver3\LVCOMS.EXE
C:\Programme\Logitech\ImageStudio\LogiTray.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Programme\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
C:\WINDOWS\system32\RUNDLL32.EXE
H:\Programme\D-Tools\daemon.exe
H:\Programme\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
H:\Programme\Ahead\InCD\InCD.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe
C:\WINDOWS\System32\svchost.exe
H:\Programme\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Steam\Steam.exe
C:\Programme\MSN Messenger\MsnMsgr.Exe
C:\Programme\Microsoft ActiveSync\WCESCOMM.EXE
H:\Programme\Spybot - Search & Destroy\TeaTimer.exe
C:\DOKUME~1\Chatt\LOKALE~1\Temp\bwgo0001a41a.exe
C:\Programme\Logitech\SetPoint\SetPoint.exe
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spontania4IM\spontania4IM.exe
C:\Programme\Gemeinsame Dateien\Logitech\KHAL\KHALMNPR.EXE
C:\Programme\FlashGet\flashget.exe
C:\Programme\Adobe\Acrobat 5.0\Reader\AcroRd32.exe
C:\Programme\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Dokumente und Einstellungen\Chatt\Desktop\HijackThis1991.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
O2 - BHO: HomepageBHO - {e0103cd4-d1ce-411a-b75b-4fec072867f4} - C:\WINDOWS\system32\hp2572.tmp (file missing)
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - H:\Programme\Norton AntiVirus\NavShExt.dll (file missing)
O4 - HKLM\..\Run: [NVIDIA nTune] "C:\Programme\NVIDIA Corporation\nTune\\nTune.exe" clear
O4 - HKLM\..\Run: [Gainward] C:\WINDOWS\TBPanel.exe /A
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [LVCOMS] C:\Programme\Gemeinsame Dateien\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Programme\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Programme\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NVMixerTray] "C:\Programme\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [nTrayFw] C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [DAEMON Tools-1033] "H:\Programme\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "h:\Programme\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [InCD] h:\Programme\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [BootWarn] H:\Programme\Norton AntiVirus\BootWarn.exe /a
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [Zone Labs Client] h:\Programme\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] C:\Programme\Steam\Steam.exe -silent
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programme\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Programme\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [LDM] C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] h:\Programme\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE
O4 - Global Startup: Logitech Desktop Messenger Agent.lnk = C:\Programme\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = H:\Programme\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Spontania Monitor.lnk = C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spontania4IM\spontania4IM.exe
O8 - Extra context menu item: Alles mit FlashGet laden - C:\Programme\FlashGet\jc_all.htm
O8 - Extra context menu item: Mit FlashGet laden - C:\Programme\FlashGet\jc_link.htm
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://H:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll (file missing)
O9 - Extra button: Mobilen Favoriten erstellen - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Programme\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Programme\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Mobilen Favoriten erstellen... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Programme\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - h:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - h:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Programme\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Programme\FlashGet\flashget.exe
O9 - Extra button: Klicke hier um das Projekt xp-AntiSpy zu unterstützen - {5BF0E29A-3994-441F-A0CA-0D9277687C8F} - C:\Programme\xp-AntiSpy\sponsoring\sponsor.html (HKCU)
O9 - Extra 'Tools' menuitem: Unterstützung für xp-AntiSpy - {5BF0E29A-3994-441F-A0CA-0D9277687C8F} - C:\Programme\xp-AntiSpy\sponsoring\sponsor.html (HKCU)
O12 - Plugin for .spop: C:\Programme\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/downloads/kws/kavwebscan_unicode.cab
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/install/hpobjinstaller_gmn.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{23316DEB-0823-493F-931C-179449A906E3}: NameServer = 192.168.1.1
O18 - Protocol: bw+0 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Programme\Gemeinsame Dateien\EPSON\EBAPI\SAgent2.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - h:\Programme\Ahead\InCD\InCDsrv.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - H:\Programme\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - H:\Programme\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - H:\Programme\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\GEMEIN~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe


Ich hoffe mir kann noch geholfen werden!

Vielen Dank!
Seitenanfang Seitenende
04.01.2006, 15:07
Sabina
Ehrenmitglied
Avatar Sabina

Beiträge: 29434
#2 Chatt

stelle den Cleaner genauso ein, wie hier angegeben:
http://virus-protect.org/cleanup.html

kopiere die 4 Textdateien
http://virus-protect.org/datfindbat.html
__________
MfG Sabina

rund um die PC-Sicherheit
Seitenanfang Seitenende
04.01.2006, 15:28
Chatt
...neu hier

Themenstarter

Beiträge: 5
#3 Also wie erklärt alles nach Reihenfolge abgearbeitet!

Verzeichnis von C:\WINDOWS\system32

04.01.2006 15:25 29.253 nvapps.xml
04.01.2006 15:24 5.632 msvol.tlb
04.01.2006 15:24 5.128 ncompat.tlb
04.01.2006 13:14 35.870 vsconfig.xml
03.01.2006 15:17 2.206 wpa.dbl
31.12.2005 13:08 15.732 nvctrl.exe
30.12.2005 16:09 9.796 mssearchnet.exe
27.12.2005 23:57 4.212 zllictbl.dat
26.12.2005 17:33 4.286 ot.ico
26.12.2005 17:26 14.624 mscornet.exe
09.12.2005 01:21 2.723.680 MRT.exe
07.12.2005 08:27 7.006 jupdate-1.5.0_06-b05.log
01.12.2005 12:14 86.091 S32EVNT1.DLL
01.12.2005 04:31 1.492.480 shdocvw.dll
24.11.2005 00:58 3.013.632 mshtml.dll
24.11.2005 00:58 1.022.464 browseui.dll
21.11.2005 07:06 113.376 FNTCACHE.DAT
15.11.2005 00:51 71.440 zlcommdb.dll
15.11.2005 00:51 79.624 zlcomm.dll
15.11.2005 00:51 100.104 vsxml.dll
15.11.2005 00:51 382.728 vsutil.dll
15.11.2005 00:51 71.440 vsregexp.dll
15.11.2005 00:50 227.088 vspubapi.dll
15.11.2005 00:50 104.208 vsmonapi.dll
15.11.2005 00:50 141.064 vsinit.dll
15.11.2005 00:50 372.816 vsdatant.sys
15.11.2005 00:50 83.720 vsdata.dll
15.11.2005 00:34 54.960 vsutil_loc0407.dll
13.11.2005 16:47 16.832 amcompat.tlb
13.11.2005 16:47 23.392 nscompat.tlb
10.11.2005 20:12 519 nmp.log
10.11.2005 13:03 127.078 javaws.exe
10.11.2005 13:03 49.265 jpicpl32.cpl
10.11.2005 11:27 49.250 javaw.exe
10.11.2005 11:27 49.248 java.exe
05.11.2005 04:16 606.208 urlmon.dll
05.11.2005 04:16 1.056.256 danim.dll
30.10.2005 08:40 48.354 perfc007.dat
30.10.2005 08:40 311.740 perfh009.dat
30.10.2005 08:40 316.924 perfh007.dat
30.10.2005 08:40 40.128 perfc009.dat
30.10.2005 08:40 723.744 PerfStringBackup.INI
30.10.2005 08:39 252 lvcoinst.log
21.10.2005 04:40 664.064 wininet.dll
21.10.2005 04:40 474.112 shlwapi.dll
21.10.2005 04:40 530.944 mstime.dll
21.10.2005 04:40 39.424 pngfilt.dll
21.10.2005 04:40 146.432 msrating.dll
21.10.2005 04:40 448.512 mshtmled.dll
21.10.2005 04:40 96.768 inseng.dll
21.10.2005 04:40 251.392 iepeers.dll
21.10.2005 04:40 205.312 dxtrans.dll
21.10.2005 04:40 152.064 cdfview.dll
21.10.2005 04:40 55.808 extmgr.dll
20.10.2005 23:25 1.094.144 esent.dll
13.10.2005 00:11 15.584 spmsg.dll
12.10.2005 23:11 118.784 sirenacm.dll
06.10.2005 04:18 280.064 gdi32.dll
06.10.2005 04:08 1.839.616 win32k.sys


Verzeichnis von C:\DOKUME~1\Chatt\LOKALE~1\Temp

04.01.2006 15:25 224 WCESCOMM.LOG
08.07.2005 15:32 16.384 bwgo00781390.exe
08.07.2005 15:32 16.384 bwgo000166c3.exe
3 Datei(en) 32.992 Bytes
0 Verzeichnis(se), 3.995.406.336 Bytes frei


Verzeichnis von C:\WINDOWS

04.01.2006 15:19 513 DFC.INI
04.01.2006 15:07 32.574 SchedLgU.Txt
04.01.2006 13:14 1.434.535 WindowsUpdate.log
04.01.2006 13:14 0 0.log
04.01.2006 13:14 159 wiadebug.log
04.01.2006 13:14 53 wiaservc.log
04.01.2006 13:14 2.048 bootstat.dat
02.01.2006 14:20 49 NeroDigital.ini
02.01.2006 13:23 19.187 setupapi.log
29.12.2005 16:11 573 win.ini
29.12.2005 02:06 17.035 wmsetup.log
27.12.2005 17:36 15 oleco.ini
26.12.2005 18:08 20.531 LUINSTALL.LOG
23.12.2005 17:15 192 winamp.ini
14.12.2005 10:27 108.427 comsetup.log
14.12.2005 10:27 378.357 iis6.log
14.12.2005 10:27 65.019 ntdtcsetup.log
14.12.2005 10:27 9.435 KB910437.log
14.12.2005 10:27 14.936 tabletoc.log
14.12.2005 10:27 16.476 ocmsn.log
14.12.2005 10:27 139.679 tsoc.log
14.12.2005 10:27 1.393 imsins.log
14.12.2005 10:27 51.520 netfxocm.log
14.12.2005 10:27 154.458 ocgen.log
14.12.2005 10:27 16.050 msgsocm.log
14.12.2005 10:27 20.969 MedCtrOC.log
14.12.2005 10:27 288.443 FaxSetup.log
14.12.2005 10:27 101.112 msmqinst.log
14.12.2005 10:27 22.246 updspapi.log
14.12.2005 10:27 1.393 imsins.BAK
14.12.2005 10:27 16.445 KB905915.log
02.12.2005 11:52 1.204.295 setupapi.log.0.old
30.11.2005 17:05 24 magix.ini
20.11.2005 12:37 400 ODBC.INI
13.11.2005 16:48 380 wmsetup10.log
13.11.2005 16:47 316.640 WMSysPr9.prx
10.11.2005 07:22 11.890 KB896424.log
30.10.2005 08:40 180.056 setupact.log
21.10.2005 02:01 23.250 KB901017.log
21.10.2005 02:01 26.818 KB902400.log
21.10.2005 02:01 16.936 KB896688.log
21.10.2005 02:00 13.963 KB899589.log
21.10.2005 02:00 14.284 KB905414.log
21.10.2005 02:00 14.214 KB900725.log
21.10.2005 02:00 11.408 KB904706.log
21.10.2005 02:00 12.053 KB905749.log
09.10.2005 11:17 355 nsw.log


Verzeichnis von C:\

04.01.2006 15:27 0 sys.txt
04.01.2006 15:27 9.567 system.txt
04.01.2006 15:26 401 systemtemp.txt
04.01.2006 15:26 106.485 system32.txt
04.01.2006 13:14 1.610.612.736 pagefile.sys
02.09.2005 16:34 1.024 .rnd


Ich hoffe, hab alles richtig gemacht!

Vielen Dank!
Seitenanfang Seitenende
04.01.2006, 18:37
Sabina
Ehrenmitglied
Avatar Sabina

Beiträge: 29434
#4 Chatt

mit der rechten Maustaste auf den Link klicken und aus dem Auswahlmenü, Ziel speichern unter -> Desktop wählen -> dann erscheint eine mcor.reg auf dem Bildschirm

http://virus-protect.org/reg/mcor.reg

rechtsklick auf den Link --> Ziel speichern unter... --> wähle Desktop - dann erscheint eine spyaxe.reg auf dem Bildschirm.

http://virus-protect.org/reg/spyaxe.reg

-----------------------------------------------------------------------------
öffne das HijackThis-- Button "scan" -- vor die Malware-Einträge Häkchen setzen -- Button "Fix checked"

O2 - BHO: HomepageBHO - {e0103cd4-d1ce-411a-b75b-4fec072867f4} - C:\WINDOWS\system32\hp2572.tmp (file missing)

O4 - HKCU\..\Run: [LDM] C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech Desktop Messenger Agent.lnk = C:\Programme\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/install/hpobjinstaller_gmn.cab

O18 - Protocol: bw+0 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {433E2F8B-72C5-4551-89E4-131300AA6F06} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll


KILLBOX - Pocket KillBox
http://virus-protect.org/killbox.html

Options: Delete on Reboot / Process all in List )--> anhaken
reinkopieren:
und klicke auf das rote Kreuz, wenn gefragt wird, ob "Do you want to reboot? "---- klicke auf "no",und kopiere das nächste rein, erst beim letzten auf "yes"

C:\WINDOWS\system32\nvapps.xml
C:\WINDOWS\system32\msvol.tlb
C:\WINDOWS\system32\ncompat.tlb
C:\WINDOWS\system32\vsconfig.xml
C:\WINDOWS\system32\wpa.dbl
C:\WINDOWS\system32\nvctrl.exe
C:\WINDOWS\system32\mssearchnet.exe
C:\WINDOWS\system32\ot.ico
C:\DOKUME~1\Chatt\LOKALE~1\Temp\bwgo00781390.exe
C:\DOKUME~1\Chatt\LOKALE~1\Temp\bwgo000166c3.exe
C:\WINDOWS\system32\mscornet.exe

starten den PC neu --> in den abgesicherten Modus (F8 druecken, wenn der PC hochfaehrt , waehle abgesicherter Modus, melde dich als Administrator an
und klicke die

mcor.reg
spyaxe.reg

doppelt --> fuege sie mit "ja" oder "yes" der Registry bei

------------------------------------------------------------
SmitRem2.8
http://noahdfear.geekstogo.com/click%20counter/click.php?id=1

laden--> in den abgesicherten Modus booten --> öffne smitRem folder --> Doppelklick: RunThis.bat warte, bis der Scan beendet ist (der Bildschirm wird blau werden. das ist normal)

-----------------------------------------------------------------------------
deaktiviere die Systemwiederherstellung (XP) (dann aktiviere sie wieder)
http://virus-protect.org/systemwiederherstellung.html

scanne mit Kaspersky und etrust --> loesche dann manuell, was gefunden wird
http://virus-protect.org/onlinescan.html

scanne mit Panda --> loesche dann manuell, was gefunden wird
http://virus-protect.org/onlinescan.html
__________
MfG Sabina

rund um die PC-Sicherheit
Seitenanfang Seitenende
10.01.2006, 18:34
Chatt
...neu hier

Themenstarter

Beiträge: 5
#5 Alles wie beschrieben gemacht, jedoch konnte ich mich zwar im abgesicherten Modus als admin anmelden, konnte aber nicht auf die Dateien vom Desktop zugreifen, da sie nicht da waren.
Habe mich also mit meinem Benutzerkonto eingeloggt und die Dateien wie beschrieben ausgeführt.

Das Problem scheint zwar behoben zu sein, aber trotzdem ist der Rechner noch sehr langsam beim hochfahren und es wird immer der Arbeitsplatz geöffnet.

Trotzdem aber vielen Dank für die kompetente Hilfe! Hätte nie gedacht, dass es ein solches Forum gibt!
Seitenanfang Seitenende
11.01.2006, 00:35
Sabina
Ehrenmitglied
Avatar Sabina

Beiträge: 29434
#6 Chatt

ist denn alles sauber ? Und die Logitech-Software aus dem Autostart raus ?...der PC ist unwahrscheinlich vollgeknallt mit dieser software....und alles im Autostart...ich verstehe nicht...wieso...
Was meinen denn Kaspersky-Onlinesanner&Co ?? alles sauber?

TuneUp 2006 (30 Tage free) Shareware
http://virus-protect.org/reinigungstoolsregistry.html
wende an:
Cleanup repair -- TuneUp Diskcleaner
Cleanup repair -- Registry Cleaner
__________
MfG Sabina

rund um die PC-Sicherheit
Seitenanfang Seitenende
12.01.2006, 07:45
Chatt
...neu hier

Themenstarter

Beiträge: 5
#7 Tune Up hab ich angewendet! Scheint etwas besser zu sein.
Aber Viren findet Kaspersky immernoch:

-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Thursday, January 12, 2006 07:42:46
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version: 5.0.67.0
Kaspersky Anti-Virus database last update: 11/01/2006
Kaspersky Anti-Virus database records: 160228
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: standard
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\
G:\
H:\
J:\

Scan Statistics:
Total number of scanned objects: 99488
Number of viruses found: 7
Number of infected objects: 20
Number of suspicious objects: 0
Duration of the scan process: 8231 sec

Infected Object Name - Virus Name
C:\System Volume Information\_restore{46547952-647E-444E-BC54-C01EB0BD352D}\RP171\A0040086.exe Infected: Trojan-Downloader.Win32.Zlob.bu
C:\System Volume Information\_restore{46547952-647E-444E-BC54-C01EB0BD352D}\RP171\A0040087.exe Infected: Trojan-Downloader.Win32.Zlob.bv
C:\System Volume Information\_restore{46547952-647E-444E-BC54-C01EB0BD352D}\RP171\A0040088.tlb Infected: Trojan-Downloader.Win32.Zlob.dr
C:\System Volume Information\_restore{46547952-647E-444E-BC54-C01EB0BD352D}\RP171\A0040089.exe Infected: Trojan-Downloader.Win32.Zlob.dr
C:\System Volume Information\_restore{46547952-647E-444E-BC54-C01EB0BD352D}\RP183\A0040666.exe Infected: Trojan-Downloader.Win32.Zlob.bv
C:\System Volume Information\_restore{46547952-647E-444E-BC54-C01EB0BD352D}\RP183\A0040667.tlb Infected: Trojan-Downloader.Win32.Zlob.dr
C:\System Volume Information\_restore{46547952-647E-444E-BC54-C01EB0BD352D}\RP183\A0040668.exe Infected: Trojan-Downloader.Win32.Zlob.dr
H:\Programme\Norton AntiVirus\Quarantine\002F0E96.anr Infected: Trojan-Downloader.Win32.Ani.c
H:\Programme\Norton AntiVirus\Quarantine\0FF440D8.anr Infected: Trojan-Downloader.Win32.Ani.c
H:\Programme\Norton AntiVirus\Quarantine\10EF42EC.anr Infected: Trojan-Downloader.Win32.Ani.c
H:\Programme\Norton AntiVirus\Quarantine\11C04206.anr Infected: Trojan-Downloader.Win32.Ani.c
H:\Programme\Norton AntiVirus\Quarantine\140D6311.anr Infected: Trojan-Downloader.Win32.Ani.c
H:\Programme\Norton AntiVirus\Quarantine\47B36A0C.exe Infected: Trojan-Clicker.Win32.Small.is
H:\Programme\Norton AntiVirus\Quarantine\4842216E.exe Infected: Trojan-Clicker.Win32.Small.is
H:\Programme\Norton AntiVirus\Quarantine\48E22ABE.anr Infected: Trojan-Downloader.Win32.Ani.c
H:\Programme\Norton AntiVirus\Quarantine\79565CD1.anr Infected: Trojan-Downloader.Win32.Ani.c
H:\System Volume Information\_restore{46547952-647E-444E-BC54-C01EB0BD352D}\RP171\A0040091.exe Infected: Trojan-Downloader.Win32.Zlob.dk
H:\System Volume Information\_restore{46547952-647E-444E-BC54-C01EB0BD352D}\RP171\A0040092.dll Infected: not-virus:Hoax.Win32.Renos.af
H:\System Volume Information\_restore{46547952-647E-444E-BC54-C01EB0BD352D}\RP183\A0040732.exe Infected: Trojan-Downloader.Win32.Zlob.dk
H:\System Volume Information\_restore{46547952-647E-444E-BC54-C01EB0BD352D}\RP183\A0040733.dll Infected: not-virus:Hoax.Win32.Renos.af

Scan process completed.
Seitenanfang Seitenende
12.01.2006, 11:02
Sabina
Ehrenmitglied
Avatar Sabina

Beiträge: 29434
#8 sollte eigentlich (siehe oben) schon laengst erledigt sein..........................

Arbeitsplatz-->rechtsklick, dann auf Eigenschaften--->Reiter Systemwiederherstellung--->Häkchen setzen bei Systemwiederherstellung auf allen Laufwerken deaktivieren.
http://virus-protect.org/systemwiederherstellung.html

scanne noch mal, danach aktiviere die Systemwiederhestellung wieder ;)
__________
MfG Sabina

rund um die PC-Sicherheit
Seitenanfang Seitenende
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!

Folgende Themen könnten Dich auch interessieren:
Seite(n): 1