Newnet foistware but can't find it with hijack

#1 Hallo liebe Experten,

ich habe ein Problem mit dem Newnet, Spybot gibt mir jedesmal eine Warnung aus dass ich diese Foistware habe, jedoch finde ich keinen entsprechenden Eintrag mit meinem hijacklog, habe auch schon 2mal im abgesicherten Modus Ewido und Ccleaner gestartet, trotzdem nervt mich jedesmal bei dem Normalstart Newnet..... :-( Könnt Ihr mir helfen????

Hier die Log-File:


Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\system32\ICO.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\Program Files\Drag'n Drop CD+DVD\BinFiles\DragDrop.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Logitech\QCDriver2\LVCOMS.EXE
C:\Program Files\KKman\script\aceagent.exe
C:\Program Files\Google\Gmail Notifier\G001-1.0.25.0\gnotify.exe
C:\Program Files\Apoint\Apntex.exe
C:\WINDOWS\system32\conime.exe
C:\Program Files\Sony\HotKey Utility\HKWnd.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logicool\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\Program Files\Messenger\MSMSGS.EXE
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\PowerPanel\Program\PcfMgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Leanne Feng\ƒfƒXƒNƒgƒbƒv\Hijack\HijackThis.exe

R3 - Default URLSearchHook is missing
O2 - BHO: Yahoo! Companion BHO - {024738-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\YCOMP5~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: MSNToolBandBHO - {BDBDAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\zh-tw\msntb.dll
O3 - Toolbar: FlashGet Bar - {E0E739AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: MSN - {BDAC1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\zh-tw\msntb.dll
O3 - Toolbar: &Yahoo!ƒc�[ƒ‹ƒo�[ - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\YCOMP5~1.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [Drag'n Drop CD+DVD] C:\Program Files\Drag'n Drop CD+DVD\BinFiles\DragDrop.exe /StartUp
O4 - HKLM\..\Run: [IMJPMIG9.0] C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMJP9\IMJPMIG.EXE /Preload /Migration32
O4 - HKLM\..\Run: [script] C:\Program Files\KKman\script\kkscript.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TempCom] C:\WINDOWS\FONTS\C66351.com
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver2\LVCOMS.EXE
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\G001-1.0.25.0\gnotify.exe
O4 - HKLM\..\Run: [eDonkey2000] C:\Program Files\eDonkey2000\eDonkey2000.exe -t
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Executive Software\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logicool\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O8 - Extra context menu item: Download All by FlashGet - C:\PROGRA~1\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\PROGRA~1\FlashGet\jc_link.htm
O8 - Extra context menu item: Google ŒŸ�õ(&G) - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Microsoft Excel ‚ɃGƒNƒXƒ|�[ƒg(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: ‚±‚̃y�[ƒW‚̃LƒƒƒbƒVƒ… - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: ƒŠƒ“ƒNŒ³ - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: –|–ó(&T) - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: ŠÖ˜Aƒy�[ƒW - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O9 - Extra button: ƒŠƒT�[ƒ` - {92782H25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [!IESearch] !IESearch
O14 - IERESET.INF: START_PAGE_URL=http://www.vaio.sony.co.jp/
O16 - DPF: {17435023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4F1C8B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {6E31D70A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1134284733752
O16 - DPF: {8E0D4CE4-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab28578.cab
O18 - Protocol: mp3 - (no CLSID) - (no file)
O18 - Protocol: msjwwdat - {BAAB02DC-913E-40AA-B9ED-8068DEE42CFA} - C:\Program Files\Microsoft Office\Home Style\JWW\JWWData.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: vskype - (no CLSID) - (no file)
O23 - Service: AntiVir Scheduler (AntiVirScheduler) - H+BEDV Datentechnik GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Smart Network Service (BeService) - Sony Corporation - C:\Program Files\Sony\Smart Network\BeService.exe
O23 - Service: Common MEET Library (coms_server) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\Common MEET Library\CmsServer.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\Pacsptisvr.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\Sptisrv.exe
O23 - Service: VAIO Media Music Server (VAIOMediaPlatform-MusicServer-AppServer) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Music\SSSvr.exe" /Service=VAIOMediaPlatform-MusicServer-AppServer /DisplayName="VAIO Media Music Server (file missing)
O23 - Service: VAIO Media Music Server (HTTP) (VAIOMediaPlatform-MusicServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-MusicServer-HTTP /RegRoot="Software\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\MusicServer\HTTP (file missing)
O23 - Service: VAIO Media Music Server (UPnP) (VAIOMediaPlatform-MusicServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Photo Server (VAIOMediaPlatform-PhotoServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Photo\appsrv\PhotoAppSrv.exe
O23 - Service: VAIO Media Photo Server (HTTP) (VAIOMediaPlatform-PhotoServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-PhotoServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\PhotoServer\HTTP (file missing)
O23 - Service: VAIO Media Photo Server (UPnP) (VAIOMediaPlatform-PhotoServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Video\GPVSvr.exe" /Service=VAIOMediaPlatform-VideoServer-AppServer /DisplayName="VAIO Media Video Server (file missing)
O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-VideoServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\VideoServer\HTTP (file missing)
O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe


Daaaaanke

Pete

#2 JustPete

nimm den eDonkey2000 aus dem Autostart..............

Kopiere diese 4 Textdateien. Sie sind nach Datum geordnet. (kopiere nur die letzten 3 Monate ab)
http://virus-protect.org/datfindbat.html
__________
MfG Sabina

rund um die PC-Sicherheit

#3 hallo, vielen vielen dank für deine hilfe, here we go:

C:\WINDOWS\system32 のディレクトリ

2006/02/21 00:35 912 FxGaobot.log
2006/02/20 23:27 1,158 wpa.dbl
2006/02/13 16:20 12,208 KGyGaAvL.sys
2006/02/10 23:01 154,632 FNTCACHE.DAT
2006/02/08 14:23 4,513,120 MRT.exe
2006/01/18 13:06 57,344 avsda.dll
2006/01/13 00:16 565,170 large.bnk
2006/01/13 00:16 278,528 livesnth.dll
2006/01/13 00:16 11,333 cf_lic.txt
2006/01/13 00:16 203,776 clrviddc.dll
2006/01/04 12:35 68,096 webclnt.dll
2005/12/29 11:56 280,064 gdi32.dll
2005/12/14 17:24 118,784 sirenacm.dll
2005/12/06 06:02 5,533,696 wmp.dll
2005/12/01 12:31 1,492,480 shdocvw.dll
2005/11/24 09:01 3,013,632 mshtml.dll
2005/11/24 09:01 1,022,464 browseui.dll
2005/11/16 19:18 23,392 nscompat.tlb
2005/11/16 19:18 16,832 amcompat.tlb
2005/11/05 12:16 600,064 urlmon.dll
2005/11/05 12:16 1,051,136 danim.dll
2005/11/04 16:27 534,280 LegitCheckControl.DLL


C:\DOCUME~1\LEANNE~1\LOCALS~1\Temp のディレクトリ

2006/02/21 15:52 49,152 ~DFFE4.tmp
2006/02/20 23:24 0 6B904E7.dmp
2006/02/20 15:33 0 TempCover2
2006/02/18 22:43 371 wecerr.txt
2006/02/18 22:43 415 EXCEL.log
2006/02/16 20:45 601,818 IMT14.xml
2006/02/16 20:45 426 IMT13.xml
2006/02/16 20:45 1,932 IMT12.xml
2006/02/16 20:33 601,818 IMT9.xml
2006/02/16 20:33 426 IMT8.xml
2006/02/16 20:33 1,932 IMT7.xml
2006/02/16 20:20 601,818 IMT18.xml
2006/02/16 20:20 426 IMT17.xml
2006/02/16 20:20 1,932 IMT16.xml
2006/02/15 21:39 16,384 ~DFF8E5.tmp
2006/02/12 22:46 594,510 gtb39.tmp.cab
2006/02/12 22:46 0 gtb39.tmp
2006/02/11 20:38 47,071 ~蛛・悄髯ｳ蝌芽ｼ・-8-013[1].jpg
2006/02/11 20:38 21 ~a868805b169ea31c621b539c2600.jpd
2006/02/11 20:38 2,930 ~a868805b169ea31c621b539c2600.jpg
2006/02/11 20:38 21 ~3e68806f101ebd1c621b539c2600.jpd
2006/02/11 20:38 2,753 ~3e68806f101ebd1c621b539c2600.jpg
2006/02/11 20:38 2,389 ~109fe9b61585191c621b539c2600.jpg
2006/02/11 20:38 21 ~109fe9b61585191c621b539c2600.jpd
2006/02/11 20:38 21 ~4a68806eebe911c621b526af900.jpd
2006/02/11 20:38 2,596 ~4a68806eebe911c621b526af900.jpg
2006/02/11 20:38 2,896 ~9e68806e1846da1c621b526af900.jpg
2006/02/11 20:38 21 ~9e68806e1846da1c621b526af900.jpd
2006/02/11 20:38 3,294 ~3a68806f1b72291c621b526af900.jpg
2006/02/11 20:38 21 ~3a68806f1b72291c621b526af900.jpd
2006/02/11 20:38 2,639 ~68806f1570f51c621b4b8821300.jpg
2006/02/11 20:38 21 ~68806f1570f51c621b4b8821300.jpd
2006/02/11 20:38 2,501 ~7668806e13fb961c621b4b8821300.jpg
2006/02/11 20:38 21 ~7668806e13fb961c621b4b8821300.jpd
2006/02/11 20:38 21 ~5668806e15c9341c621b4b750e600.jpd
2006/02/11 20:38 2,832 ~5668806e15c9341c621b4b750e600.jpg
2006/02/11 20:38 21 ~a668806f11ee041c621b4b750e600.jpd
2006/02/11 20:38 2,560 ~a668806f11ee041c621b4b750e600.jpg
2006/02/11 20:38 21 ~c68806e15680e1c621b4b750e600.jpd
2006/02/11 20:38 2,844 ~c68806e15680e1c621b4b750e600.jpg
2006/02/11 20:38 2,652 ~e868806e1755621c621b5229ab800.jpg
2006/02/11 20:38 21 ~e868806e1755621c621b5229ab800.jpd
2006/02/11 20:38 21 ~be6880731b19b11c621b5229ab800.jpd
2006/02/11 20:38 2,575 ~be6880731b19b11c621b5229ab800.jpg
2006/02/11 20:38 21 ~ca6880721b0a171c621b5229ab800.jpd
2006/02/11 20:38 2,666 ~ca6880721b0a171c621b5229ab800.jpg
2006/02/11 20:38 21 ~109f98e61659801c621b521698b00.jpd
2006/02/11 20:38 2,742 ~109f98e61659801c621b521698b00.jpg
2006/02/11 20:38 3,255 ~1e68807214db931c621b521698b00.jpg
2006/02/11 20:38 21 ~1e68807214db931c621b521698b00.jpd
2006/02/11 20:38 21 ~ba688073e910b1c621b521698b00.jpd
2006/02/11 20:38 2,330 ~ba688073e910b1c621b521698b00.jpg
2006/02/11 20:38 21 ~8068807315b2e11c621b46b05a600.jpd
2006/02/11 20:38 2,869 ~8068807315b2e11c621b46b05a600.jpg
2006/02/11 20:38 21 ~f668807214656c1c621b46b05a600.jpd
2006/02/11 20:38 2,841 ~f668807214656c1c621b46b05a600.jpg
2006/02/11 20:38 21 ~d66880721576c01c621b469d47900.jpd
2006/02/11 20:38 2,627 ~d66880721576c01c621b469d47900.jpg
2006/02/11 20:38 21 ~2668807311fe931c621b469d47900.jpd
2006/02/11 20:38 2,525 ~2668807311fe931c621b469d47900.jpg
2006/02/11 20:38 3,224 ~8c6880721343491c621b469d47900.jpg
2006/02/11 20:38 21 ~8c6880721343491c621b469d47900.jpd
2006/02/11 20:38 21 ~71ddec4c1022701c61c4496ccdd00.jpd
2006/02/11 20:38 2,722 ~71ddec4c1022701c61c4496ccdd00.jpg
2006/02/11 20:38 21 ~2c134b367e6ee1c61e91c45a9600.jpd
2006/02/11 20:38 2,182 ~2c134b367e6ee1c61e91c45a9600.jpg
2006/02/11 20:38 2,495 ~12134b3282a271c61e91e48a5500.jpg
2006/02/11 20:38 21 ~12134b3282a271c61e91e48a5500.jpd
2006/02/11 20:38 2,352 ~66134b338f85e1c61e91b4db4d00.jpg
2006/02/11 20:38 21 ~66134b338f85e1c61e91b4db4d00.jpd
2006/02/11 20:38 2,123 ~26134b38953211c61e929033a500.jpg
2006/02/11 20:38 21 ~26134b38953211c61e929033a500.jpd
2006/02/11 20:38 2,591 ~72134bccfc5e01c61c458d904000.jpg
2006/02/11 20:38 21 ~72134bccfc5e01c61c458d904000.jpd
2006/02/11 20:38 1,833 ~d6134bcd1079a21c61c4544d88700.jpg
2006/02/11 20:38 21 ~d6134bcd1079a21c61c4544d88700.jpd
2006/02/11 20:38 21 ~ec134bcdfd03e1c61c43e19a2500.jpd
2006/02/11 20:38 2,186 ~ec134bcdfd03e1c61c43e19a2500.jpg
2006/02/11 20:38 21 ~9a134bccf88b01c61c44959bb000.jpd
2006/02/11 20:38 2,673 ~9a134bccf88b01c61c44959bb000.jpg
2006/02/11 20:38 21 ~ba134bccfbb9d1c61c458d904000.jpd
2006/02/11 20:38 2,659 ~ba134bccfbb9d1c61c458d904000.jpg
2006/02/11 20:38 21 ~4a134bcdfe1011c61c4544d88700.jpd
2006/02/11 20:38 2,655 ~4a134bcdfe1011c61c4544d88700.jpg
2006/02/11 20:38 21 ~e0134bccfb4ae1c61c43e068f800.jpd
2006/02/11 20:38 2,600 ~e0134bccfb4ae1c61c43e068f800.jpg
2006/02/11 20:38 2,779 ~4134bccfe0971c61c44959bb000.jpg
2006/02/11 20:38 21 ~4134bccfe0971c61c44959bb000.jpd
2006/02/11 20:38 2,449 ~12134e2f10ba0f1c61c458d904000.jpg
2006/02/11 20:38 21 ~12134e2f10ba0f1c61c458d904000.jpd
2006/02/11 20:38 2,853 ~16134e2ffc2d11c61c4543a75a00.jpg
2006/02/11 20:38 21 ~16134e2ffc2d11c61c4543a75a00.jpd
2006/02/11 20:38 21 ~2c134e2ffe65f1c61c43e068f800.jpd
2006/02/11 20:38 2,470 ~2c134e2ffe65f1c61c43e068f800.jpg
2006/02/11 20:38 21 ~5a134e2e108b821c61c44959bb000.jpd
2006/02/11 20:38 2,603 ~5a134e2e108b821c61c44959bb000.jpg
2006/02/11 20:38 2,525 ~7a134e2effc1f1c61c458c5f1300.jpg
2006/02/11 20:38 21 ~7a134e2effc1f1c61c458c5f1300.jpd
2006/02/11 20:38 21 ~8a134e2f10160c1c61c4543a75a00.jpd
2006/02/11 20:38 2,632 ~8a134e2f10160c1c61c4543a75a00.jpg
2006/02/11 20:38 2,639 ~20134e2e10100e1c61c43e068f800.jpg
2006/02/11 20:38 21 ~20134e2e10100e1c61c43e068f800.jpd
2006/02/11 20:38 21 ~c4134e2ef94be1c61c44946a8300.jpd
2006/02/11 20:38 3,038 ~c4134e2ef94be1c61c44946a8300.jpg
2006/02/11 20:38 21 ~92134e01fde611c61c458c5f1300.jpd
2006/02/11 20:38 2,898 ~92134e01fde611c61c458c5f1300.jpg
2006/02/11 20:38 21 ~e6134e00fc7141c61c4543a75a00.jpd
2006/02/11 20:38 2,965 ~e6134e00fc7141c61c4543a75a00.jpg
2006/02/11 20:38 21 ~32134e001046001c61c43df37cb00.jpd
2006/02/11 20:38 2,204 ~32134e001046001c61c43df37cb00.jpg
2006/02/11 20:38 21 ~96134e011006611c61c44959bb000.jpd
2006/02/11 20:38 2,225 ~96134e011006611c61c44959bb000.jpg
2006/02/11 20:38 21 ~ac134e01109fc01c61c458d904000.jpd
2006/02/11 20:38 2,252 ~ac134e01109fc01c61c458d904000.jpg
2006/02/11 20:38 2,583 ~da134e001029e01c61c4543a75a00.jpg
2006/02/11 20:38 21 ~da134e001029e01c61c4543a75a00.jpd
2006/02/11 20:38 21 ~a0134e00fcad21c61c43df37cb00.jpd
2006/02/11 20:38 2,678 ~a0134e00fcad21c61c43df37cb00.jpg
2006/02/11 20:38 21 ~12134e1b1018481c61c44946a8300.jpd
2006/02/11 20:38 2,725 ~12134e1b1018481c61c44946a8300.jpg
2006/02/11 20:38 2,743 ~b2134e1afe0721c61c458c5f1300.jpg
2006/02/11 20:38 21 ~b2134e1afe0721c61c458c5f1300.jpd
2006/02/11 20:38 21 ~2c134e1bfe0121c61c4542762d00.jpd
2006/02/11 20:38 2,776 ~2c134e1bfe0121c61c4542762d00.jpg
2006/02/11 20:38 2,770 ~5a134e1afe07a1c61c43df37cb00.jpg
2006/02/11 20:38 21 ~5a134e1afe07a1c61c43df37cb00.jpd
2006/02/11 20:38 21 ~7a134e1afaa761c61c44946a8300.jpd
2006/02/11 20:38 2,577 ~7a134e1afaa761c61c44946a8300.jpg
2006/02/11 20:38 21 ~8a134e1bf96291c61c458b2de600.jpd
2006/02/11 20:38 2,435 ~8a134e1bf96291c61c458b2de600.jpg
2006/02/11 20:38 2,469 ~20134e1af960f1c61c4542762d00.jpg
2006/02/11 20:38 21 ~20134e1af960f1c61c4542762d00.jpd
2006/02/11 20:38 21 ~c4134e1af914a1c61c43df37cb00.jpd
2006/02/11 20:38 2,500 ~c4134e1af914a1c61c43df37cb00.jpg
2006/02/11 20:38 2,560 ~92134e2ff943c1c61c4493395600.jpg
2006/02/11 20:38 21 ~92134e2ff943c1c61c4493395600.jpd
2006/02/11 20:38 21 ~e6134e2ef9f0a1c61c458b2de600.jpd
2006/02/11 20:38 2,632 ~e6134e2ef9f0a1c61c458b2de600.jpg
2006/02/11 20:38 2,879 ~12134e3cfe4a61c61c4542762d00.jpg
2006/02/11 20:38 21 ~12134e3cfe4a61c61c4542762d00.jpd
2006/02/11 20:38 21 ~66134e3dfece31c61c43de069e00.jpd
2006/02/11 20:38 2,849 ~66134e3dfece31c61c43de069e00.jpg
2006/02/11 20:38 2,770 ~b2134e3dfb3ff1c61c4493395600.jpg
2006/02/11 20:38 21 ~b2134e3dfb3ff1c61c4493395600.jpd
2006/02/11 20:38 21 ~16134e3cfecf41c61c458b2de600.jpd
[16:02:05] Leanne says: 2006/02/11 20:38 2,886 ~16134e3cfecf41c61c458b2de600.jpg
2006/02/11 20:38 21 ~2c134e3cfc7621c61c4541450000.jpd
2006/02/11 20:38 2,854 ~2c134e3cfc7621c61c4541450000.jpg
2006/02/11 20:38 21 ~7a134e3dfce6a1c61c43de069e00.jpd
2006/02/11 20:38 2,840 ~7a134e3dfce6a1c61c43de069e00.jpg
2006/02/11 20:38 2,698 ~8a134e3cfd4411c61c4493395600.jpg
2006/02/11 20:38 21 ~8a134e3cfd4411c61c4493395600.jpd
2006/02/11 20:38 2,796 ~20134e3dfa15a1c61c4589fcb900.jpg
2006/02/11 20:38 21 ~20134e3dfa15a1c61c4589fcb900.jpd
2006/02/11 20:38 2,865 ~c4134e3df9c491c61c4541450000.jpg
2006/02/11 20:38 21 ~c4134e3df9c491c61c4541450000.jpd
2006/02/11 20:38 2,664 ~52134e09fae121c61c43de069e00.jpg
2006/02/11 20:38 21 ~52134e09fae121c61c43de069e00.jpd
2006/02/11 20:37 21 ~56134e09ff9851c61c4493395600.jpd
2006/02/11 20:37 2,624 ~56134e09ff9851c61c4493395600.jpg
2006/02/11 20:37 21 ~6c134e09ffb021c61c4589fcb900.jpd
2006/02/11 20:37 2,643 ~6c134e09ffb021c61c4589fcb900.jpg
2006/02/11 20:37 2,927 ~1a134e0811ee6a1c61c4541450000.jpg
2006/02/11 20:37 21 ~1a134e0811ee6a1c61c4541450000.jpd
2006/02/11 20:37 2,674 ~3a134e081016001c61c43de069e00.jpg
2006/02/11 20:37 21 ~3a134e081016001c61c43de069e00.jpd
2006/02/11 20:37 21 ~698d06611a473e1c5e0534edde700.jpd
2006/02/11 20:37 2,939 ~698d06611a473e1c5e0534edde700.jpg
2006/02/11 20:37 21 ~998d066017e5301c5e0534dacba00.jpd
2006/02/11 20:37 2,605 ~998d066017e5301c5e0534dacba00.jpg
2006/02/11 20:37 2,159 ~338d06611ce9a41c5e0534c7b8d00.jpg
2006/02/11 20:37 21 ~338d06611ce9a41c5e0534c7b8d00.jpd
2006/02/11 20:37 2,246 ~d78d06611deef31c5e0534b4a6000.jpg
2006/02/11 20:37 21 ~d78d06611deef31c5e0534b4a6000.jpd
2006/02/11 20:37 2,824 ~818d067ca32751c5e05348e80600.jpg
2006/02/11 20:37 21 ~818d067ca32751c5e05348e80600.jpd
2006/02/11 20:37 21 ~f58d067d7dd641c5e05348e80600.jpd
2006/02/11 20:37 2,342 ~f58d067d7dd641c5e05348e80600.jpg
2006/02/11 20:37 21 ~218d067d6757e1c5e05347b6d900.jpd
2006/02/11 20:37 2,260 ~218d067d6757e1c5e05347b6d900.jpg
2006/02/11 20:37 21 ~858d067c672ef1c5e05347b6d900.jpd
2006/02/11 20:37 2,315 ~858d067c672ef1c5e05347b6d900.jpg
2006/02/11 20:37 21 ~bf8d067c6b9351c5e05347b6d900.jpd
2006/02/11 20:37 2,112 ~bf8d067c6b9351c5e05347b6d900.jpg
2006/02/11 20:37 21 ~c98d067d747fa1c5e05347b6d900.jpd
2006/02/11 20:37 2,287 ~c98d067d747fa1c5e05347b6d900.jpg
2006/02/11 20:37 21 ~e98d067d6978c1c5e0534685ac00.jpd
2006/02/11 20:37 2,096 ~e98d067d6978c1c5e0534685ac00.jpg
2006/02/11 20:37 2,333 ~198d067c782e51c5e0534685ac00.jpg
2006/02/11 20:37 21 ~198d067c782e51c5e0534685ac00.jpd
2006/02/11 20:37 2,278 ~b38d067d7c5931c5e05345547f00.jpg
2006/02/11 20:37 21 ~b38d067d7c5931c5e05345547f00.jpd
2006/02/11 20:37 21 ~6e6b93f219fd611c5e7872d81a700.jpd
2006/02/11 20:37 2,245 ~6e6b93f219fd611c5e7872d81a700.jpg
2006/02/11 20:37 21 ~aa113d3f1809c81c5e78680a72a00.jpd
2006/02/11 20:37 2,581 ~aa113d3f1809c81c5e78680a72a00.jpg
2006/02/11 20:37 21 ~5a113d3e145a661c5e786cf54c400.jpd
2006/02/11 20:37 2,009 ~5a113d3e145a661c5e786cf54c400.jpg
2006/02/11 20:37 2,383 ~14113d3f1665e31c5e786c6fc8900.jpg
2006/02/11 20:37 21 ~14113d3f1665e31c5e786c6fc8900.jpd
2006/02/11 20:37 21 ~42113d2216427d1c5e786c49a2f00.jpd
2006/02/11 20:37 2,287 ~42113d2216427d1c5e786c49a2f00.jpg
2006/02/11 20:37 21 ~36113d231406c11c5e786c3690200.jpd
2006/02/11 20:37 2,272 ~36113d231406c11c5e786c3690200.jpg
2006/02/11 20:37 2,576 ~e2113d2319e5da1c5e7867ab14900.jpg
2006/02/11 20:37 21 ~e2113d2319e5da1c5e7867ab14900.jpd
2006/02/11 20:37 21 ~70113d23165f381c5e786acc2ab00.jpd
2006/02/11 20:37 2,123 ~70113d23165f381c5e786acc2ab00.jpg
2006/02/11 19:44 15,354 2c8_appcompat.txt
2006/02/11 19:09 49,152 ~DFA95C.tmp
2006/02/11 01:26 16,384 ~DF5639.tmp
2006/02/10 23:47 415 POWERPNT.log



C:\WINDOWS のディレクトリ

2006/02/21 15:55 1,409 QTFont.for
2006/02/21 15:55 54,156 QTFont.qfn
2006/02/21 15:46 0 0.log
2006/02/21 15:46 159 wiadebug.log
2006/02/21 15:46 19,486 WindowsUpdate.log
2006/02/21 15:46 50 wiaservc.log
2006/02/21 15:45 2,048 bootstat.dat
2006/02/21 02:25 1,480 SchedLgU.Txt
2006/02/21 01:24 54,992 ntbtlog.txt
2006/02/21 01:21 0 Sti_Trace.log
2006/01/13 00:25 69 NeroDigital.ini
2006/01/13 00:19 248 cdplayer.ini
2006/01/11 21:06 583 win.ini
2005/12/03 12:32 1,125 winamp.ini
2005/11/16 19:18 316,640 WMSysPr9.prx
2005/11/02 00:14 25,918 ModemLog_CXT AC-Link Modem for Intel.txt
2005/10/04 20:57 227 system.ini

C:\ のディレクトリ

2006/02/21 16:06 0 sys.txt
2006/02/21 16:03 4,547 system.txt
2006/02/21 16:00 14,910 systemtemp.txt
2006/02/21 15:55 111,221 system32.txt
2006/02/21 15:45 535,875,584 hiberfil.sys
2006/02/21 15:45 805,306,368 pagefile.sys
2005/10/04 20:57 211 boot.ini
2005/04/21 20:52 181 LogiSetup.log


ist ein japanischer rechner, darum bitte nicht wundern wegen der schriftzeichen, vielen dank und hoffe mein pc kann gerettet werden!

ciao
pete

#4 JustPete

Start --> Ausfuehren --> regedit

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\new.net startup

HKEY_CLASSES_ROOT\CLSID --> und loesche folgende Schluessel:

4A2AACF3-ADF6-11D5-98A9-00E018981B9E
DD521A1D-1F98-11D4-9676-00E018981B9E
DD770A75-CE18-11D5-98D8-00E018981B9E ( bei aelteren Versionen )

--------------------------------------------------------------------------

stelle den Cleaner genauso ein, wie hier angegeben:
http://virus-protect.org/cleanup.html

ich kann nichts weiter finden.
suche eine sporder.dll und loesche sie, fass es sie gibt .

Dann scanne mit panda und poste den scanreport
http://virus-protect.org/onlinescan.html
__________
MfG Sabina

rund um die PC-Sicherheit

#5 Incident Status Location

Adware:Adware/Lop Not disinfected C:\Documents and Settings\Leanne Feng\My Documents\Žó�M‚µ‚½ƒtƒ@ƒCƒ‹\new_uninstall.exe
Hacktool:HackTool/EvID Not disinfected C:\Program Files\Common Files\Synacast\SynaLive\EvID4226Patch.exe
Adware:Adware/BDSToolbar Not disinfected C:\WINDOWS\Downloaded Program Files\BDSearch.inf
Adware:adware/cydoor Not disinfected C:\WINDOWS\system32\CD_CLINT.DLL

und vielen vielen dank!

#6 der LOP.... so so....

Versteckte- und Systemdateien sichtbar machen
http://virus-protect.org/invisible.html

Loesche mit der Killbox:
http://virus-protect.org/killbox.html
C:\WINDOWS\Downloaded Program Files\BDSearch.inf
C:\WINDOWS\system32\CD_CLINT.DLL

loesche manuell ...am besten im abgesicherten Modus
C:\Program Files\Common Files\Synacast
C:\Documents and Settings\Leanne Feng\My Documents\Žó�M‚µ‚½ƒtƒ@ƒCƒ‹

Start -- alle Programme -- Zubehör -- Editor und kopiere folgenden Text rein:

dir %Windir%\tasks /a h > files.txt
notepad files.txt

- Speichern als: findjobs.bat
- abspeichern unter : Dateityp: alle Dateien
- speichere auf dem Desktop
- Locate findjobs.bat-- doppelklick auf die bat-Datei , der Editor öffnet sich -- poste den Text
__________
MfG Sabina

rund um die PC-Sicherheit

#7 LOP??????

warte auf mail von meiner freundin, ist nämlich ihr pc, vielen dank auch von ihr!!! :-)

#8 kleine Lektuere zum Lop-Trojaner TR/Swizzor
http://virus-protect.org/artikel/spyware/lop.html
__________
MfG Sabina

rund um die PC-Sicherheit

#9 ドライブ C のボリューム ラベルがありません。
ボリューム シリアル番号は 54A5-8EF0 です

C:\WINDOWS\tasks のディレクトリ

2005/01/30 14:22 <DIR> .
2005/01/30 14:22 <DIR> ..
2002/08/31 21:00 65 desktop.ini
2006/02/23 01:36 6 SA.DAT
2006/02/23 01:36 424 Symantec NetDetect.job
3 個のファイル 495 バイト

C:\Documents and Settings\Leanne Feng\デスクトップ のディレクトリ

here we go

#10 das ist sauber...also scheint das Prob behoben, wenn du loeschst, was der Virenscanner angezeigt hat...und wenn du es dann noch mal ueberpruefst
__________
MfG Sabina

rund um die PC-Sicherheit

#11 sorry bin ein bisschen blöde, also was muss ich bzw.meine freundin jetzt machen? und thx again

#12

Zitat

Loesche mit der Killbox:
http://virus-protect.org/killbox.html
C:\WINDOWS\Downloaded Program Files\BDSearch.inf
C:\WINDOWS\system32\CD_CLINT.DLL

loesche manuell ...am besten im abgesicherten Modus
C:\Program Files\Common Files\Synacast
C:\Documents and Settings\Leanne Feng\My Documents\Žó�M‚µ‚½ƒtƒ@ƒCƒ‹

dann noch mal zur Ueberpruefung mit panda scannen
__________
MfG Sabina

rund um die PC-Sicherheit

#13 so gelöscht und gescannt mit panda und alles war ok, nun mit spybot nochmal gescannt und spybot sagt immer noch das newdotnet da ist hkey_users\default\software\new.net
hkey\users\s-1-5-18\software\new.net

aaa wir kriegen noch die krise, welche Idoit programmieren sowas:-((((

#14 gehe in die Registry
Start-->Ausfuehren--> regedit

bearbeiten--> suchen--> new.net

hkey_users\default\software\new.net<--loeschen
hkey\users\s-1-5-18\software\new.net <--loeschen

PC neustarten
__________
MfG Sabina

rund um die PC-Sicherheit