Alexa Related kann nicht gelöscht werden

#1 Hallo,

mein Rechner lädt keine Exel Dateien mehr, bzw nur sehr langsam.
Nach dem Scanen erscheint " Alexa Related", kann aber nicht entfernt werden.Kann sich evtl. jemand dieser Sache annehmen

#2 wisky

Alexa ist kein sooo grosses Problem, schlimmer ist, dass Exel nicht mehr funktioniert.
Hast du das Programm schon einmal neu installiert ?
Mache es bitte und berichte.
__________
MfG Sabina

rund um die PC-Sicherheit

#3 danke für die hilfe,
ich habe die basic edition 2003 gelöscht und neu installiert
word und exel starten zwar, aber es dauert... so zehn minuten etwa

#4 das dauert ein bisschen lange

kopiere hier das Log vom HijackTHIS.
__________
MfG Sabina

rund um die PC-Sicherheit

#5 entschuldige die Verzögerung, hatte Streß.
wo finde ich das Log von HijackTHIS

#6 **

http://virus-protect.org/hjtkurz.html

-------------------------------

http://www.hijackthis.de/
dann direktdownload, dann do a system scan and save a log file
dann kommt nen bericht und den hier posten!
__________
don't hate, celébrate

#7 hallo thomasz,
anbei die, hoffentlich richtigen log file


Logfile of HijackThis v1.99.1
Scan saved at 18:38:46, on 22.04.2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\MGE\RunSC.exe
C:\WINDOWS\system32\MGE\PCtl.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\MGE\BIL.EXE
C:\WINDOWS\system32\MGE\CILUSB.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\System32\ctfmon.exe
C:\Programme\Messenger\msmsgs.exe
C:\Programme\Outlook Express\msimn.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Dokumente und Einstellungen\Sowinski\Lokale Einstellungen\Temp\Temporäres Verzeichnis 1 für hijackthis_199[1].zip\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
O4 - Global Startup: AutoCAD LT-Startbeschleuniger.lnk = C:\Programme\Gemeinsame Dateien\Autodesk Shared\acstart16.exe
O4 - Global Startup: db dialog updater.lnk = C:\Programme\db dialog\wiseupdt.EXE
O4 - Global Startup: Verknüpfung mit LOGON.lnk = C:\LOGON.BAT
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\MSMSGS.EXE
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec.com/techsupp/asa/LSSupCtl.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/asa/ctrl/SymAData.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{E58E8A9D-B288-4388-9A37-5CDA7843A931}: NameServer = 192.168.0.11,193.141.40.1
O23 - Service: Autodesk Licensing Service - Autodesk, Inc. - C:\Programme\Gemeinsame Dateien\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe
O23 - Service: MGE Service module - Unknown owner - C:\WINDOWS\system32\MGE\RunSC.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe
O23 - Service: Unterbrechungsfreie Stromversorgung (UPS) - Unknown owner - C:\WINDOWS\System32\ups2.exe (file missing)

#8 wisky

ServiceFilter.zip
http://virus-protect.org/artikel/tools/ServiceFilter.zip

- entzippen
- doppelklick auf die datei ServiceFilter.vbs
- versions-nummer bestätigen
- scannen
- öffnen von wordpad oder editor erlauben
- POST_THIS.TXT abkopieren
__________
MfG Sabina

rund um die PC-Sicherheit

#9 Hallo Sabina,

schön von Dir zu lesen. Anbei die gewünschte Datei.


The script did not recognize the services listed below.
This does not mean that they are a problem.

To copy the entire contents of this document for posting:
At the top of this window click "Edit" then "Select All"
Next click "Edit" again then "Copy"
Now right click in the forum post box then click "Paste"

########################################

ServiceFilter 1.1
by rand1038

Microsoft Windows XP Professional
Version: 5.1.2600 Service Pack 1
Apr 22, 2006 20:15:48


---> Begin Service Listing <---

Unknown Service # 1
Service Name: Autodesk Licensing Service
Display Name: Autodesk Licensing Service
Start Mode: Manual
Start Name: LocalSystem
Description: Anchor service for Autodesk products licensed with ...
Service Type: Own Process
Path: "c:\programme\gemeinsame dateien\autodesk shared\service\adskscsrv.exe"
State: Stopped
Process ID: 0
Started: Falsch
Exit Code: 1077
Accept Pause: Falsch
Accept Stop: Falsch

Unknown Service #2
Service Name: ccEvtMgr
Display Name: Symantec Event Manager
Start Mode: Auto
Start Name: LocalSystem
Description: Symantec Event ...
Service Type: Own Process
Path: "c:\programme\gemeinsame dateien\symantec shared\ccevtmgr.exe"
State: Stopped
Process ID: 0
Started: Falsch
Exit Code: 1068
Accept Pause: Falsch
Accept Stop: Falsch

Unknown Service #3
Service Name: ccPwdSvc
Display Name: Symantec Password Validation
Start Mode: Manual
Start Name: LocalSystem
Description: Symantec Password Validation ...
Service Type: Own Process
Path: "c:\programme\gemeinsame dateien\symantec shared\ccpwdsvc.exe"
State: Stopped
Process ID: 0
Started: Falsch
Exit Code: 1077
Accept Pause: Falsch
Accept Stop: Falsch

Unknown Service #4
Service Name: ccSetMgr
Display Name: Symantec Settings Manager
Start Mode: Auto
Start Name: LocalSystem
Description: Symantec Settings ...
Service Type: Own Process
Path: "c:\programme\gemeinsame dateien\symantec shared\ccsetmgr.exe"
State: Stopped
Process ID: 0
Started: Falsch
Exit Code: 1066
Accept Pause: Falsch
Accept Stop: Falsch

Unknown Service #5
Service Name: MDM
Display Name: Machine Debug Manager
Start Mode: Auto
Start Name: LocalSystem
Description: Unterstützt lokales und remotes Debuggen für Visual Studio- und Skript-Debugger. Wenn dieser ...
Service Type: Own Process
Path: "c:\programme\gemeinsame dateien\microsoft shared\vs7debug\mdm.exe"
State: Running
Process ID: 1756
Started: Wahr
Exit Code: 0
Accept Pause: Falsch
Accept Stop: Wahr

Unknown Service # 6
Service Name: MGE Service module
Display Name: MGE Service module
Start Mode: Auto
Start Name: LocalSystem
Description: ...
Service Type: Own Process
Path: c:\windows\system32\mge\runsc.exe
State: Running
Process ID: 1780
Started: Wahr
Exit Code: 0
Accept Pause: Falsch
Accept Stop: Wahr

Unknown Service #7
Service Name: ose
Display Name: Office Source Engine
Start Mode: Manual
Start Name: LocalSystem
Description: Speichert Installationsdateien, die für Updates und Reparieren verwendet werden, und ist für den ...
Service Type: Own Process
Path: c:\programme\gemeinsame dateien\microsoft shared\source engine\ose.exe
State: Stopped
Process ID: 0
Started: Falsch
Exit Code: 1077
Accept Pause: Falsch
Accept Stop: Falsch

Unknown Service #8
Service Name: SNDSrvc
Display Name: Symantec Network Drivers Service
Start Mode: Manual
Start Name: LocalSystem
Description: Symantec Network Drivers ...
Service Type: Own Process
Path: c:\programme\gemeinsame dateien\symantec shared\sndsrvc.exe
State: Stopped
Process ID: 0
Started: Falsch
Exit Code: 1077
Accept Pause: Falsch
Accept Stop: Falsch

Unknown Service #9
Service Name: SwPrv
Display Name: MS Software Shadow Copy Provider
Start Mode: Manual
Start Name: LocalSystem
Description: Verwaltet Software-basierte Schattenkopien des Volumeschattenkopie-Dienstes. Software-basierte ...
Service Type: Own Process
Path: c:\windows\system32\dllhost.exe /processid:{7ee46050-9d53-4ac7-b84c-80fd302d4d13}
State: Stopped
Process ID: 0
Started: Falsch
Exit Code: 1077
Accept Pause: Falsch
Accept Stop: Falsch

Unknown Service #10
Service Name: UPS
Display Name: Unterbrechungsfreie Stromversorgung
Start Mode: Manual
Start Name: LocalSystem
Description: Verwaltet eine an den Computer angeschlossene unterbrechungsfreie Stromversorgung ...
Service Type: Own Process
Path: c:\windows\system32\ups2.exe
State: Stopped
Process ID: 0
Started: Falsch
Exit Code: 1077
Accept Pause: Falsch
Accept Stop: Falsch

---> End Service Listing <---

There are 87 Win32 services on this machine.
10 were unrecognized.

Script Execution Time: 1,671875 seconds.

#10 Einzelne Dateien scannen
Oben auf der Seite --> die Datei ins Feld kopieren --> (oder)auf Durchsuchen klicken --> Datei aussuchen --> Doppelklick auf die zu prüfende Datei --> klick auf Submit... jetzt abwarten
http://www.virustotal.com/flash/index_en.html
http://sandbox.norman.no/live_4.html

c:\windows\system32\ups2.exe

poste hier die Ergebnisse
__________
MfG Sabina

rund um die PC-Sicherheit

#11 STATUS: QUEUEDYour file "ups.exe" is queued in position: 11. Estimated start time is between 22 and 96 seconds.

Antivirus Version Update Result


Aditional Information
Enter your email address and click "Browse" to find the file you want NSIC to analyse.
To submit the sample, press Enter or click "Submit sample for analysis".
Within a short time, the analysis of the file you submitted will be sent to
your email and added to the "Latest Submitted" list.


Warning: fputs(): 8 is not a valid stream resource in /var/www/localhost/htdocs/sandbox/include/functions.php on line 853

Warning: fgets(): 8 is not a valid stream resource in /var/www/localhost/htdocs/sandbox/include/functions.php on line 854

Warning: fputs(): 8 is not a valid stream resource in /var/www/localhost/htdocs/sandbox/include/functions.php on line 858

Warning: fclose(): 8 is not a valid stream resource in /var/www/localhost/htdocs/sandbox/include/functions.php on line 859

Warning: fputs(): 8 is not a valid stream resource in /var/www/localhost/htdocs/sandbox/include/functions.php on line 853

Warning: fgets(): 8 is not a valid stream resource in /var/www/localhost/htdocs/sandbox/include/functions.php on line 854

Warning: fputs(): 8 is not a valid stream resource in /var/www/localhost/htdocs/sandbox/include/functions.php on line 858

Warning: fclose(): 8 is not a valid stream resource in /var/www/localhost/htdocs/sandbox/include/functions.php on line 859

Warning: fputs(): 8 is not a valid stream resource in /var/www/localhost/htdocs/sandbox/include/functions.php on line 853

Warning: fgets(): 8 is not a valid stream resource in /var/www/localhost/htdocs/sandbox/include/functions.php on line 854

Warning: fputs(): 8 is not a valid stream resource in /var/www/localhost/htdocs/sandbox/include/functions.php on line 858

Warning: fclose(): 8 is not a valid stream resource in /var/www/localhost/htdocs/sandbox/include/functions.php on line 859

Warning: fputs(): 8 is not a valid stream resource in /var/www/localhost/htdocs/sandbox/include/functions.php on line 853

Warning: fgets(): 8 is not a valid stream resource in /var/www/localhost/htdocs/sandbox/include/functions.php on line 854

Warning: fputs(): 8 is not a valid stream resource in /var/www/localhost/htdocs/sandbox/include/functions.php on line 858

Warning: fclose(): 8 is not a valid stream resource in /var/www/localhost/htdocs/sandbox/include/functions.php on line 859

Warning: fclose(): 8 is not a valid stream resource in /var/www/localhost/htdocs/sandbox/include/functions.php on line 926
File(s) successfully uploaded


Norman is one of the world's leading companies within the field of data security. With products for antivirus (virus control), personal firewall, antispam, encryption, data recovery, and certified data erasure, the company plays an important role in the data industry.


ich bin mir nicht sicher ob ich alles richtig gemacht habe

schöne grüße..

#12 ja, so richtig kann ich damit nichts anfangen... versuche es mit:

http://www.virustotal.com/flash/index_en.html
__________
MfG Sabina

rund um die PC-Sicherheit

#13 Hallo Sabina,

ich glaub jetzt hat es funktioniert. Nur das Ergebnis ist wohl nicht so gut
Gruß wisky


STATUS: FINISHEDComplete scanning result of "ups.exe", received in VirusTotal at 04.25.2006, 17:53:00 (CET).

Antivirus Version Update Result
AntiVir 6.34.0.24 04.20.2006 no virus found
Avast 4.6.695.0 04.25.2006 no virus found
AVG 386 04.24.2006 no virus found
Avira 6.34.1.58 04.25.2006 no virus found
BitDefender 7.2 04.25.2006 no virus found
CAT-QuickHeal 8.00 04.25.2006 no virus found
ClamAV devel-20060202 04.25.2006 no virus found
DrWeb 4.33 04.25.2006 no virus found
eTrust-InoculateIT 23.71.138 04.25.2006 no virus found
eTrust-Vet 12.4.2177 04.25.2006 no virus found
Ewido 3.5 04.25.2006 no virus found
Fortinet 2.71.0.0 04.25.2006 no virus found
F-Prot 3.16c 04.21.2006 no virus found
Ikarus 0.2.59.0 04.25.2006 no virus found
Kaspersky 4.0.2.24 04.25.2006 no virus found
McAfee 4747 04.24.2006 no virus found
NOD32v2 1.1506 04.25.2006 no virus found
Norman 5.90.16 04.25.2006 no virus found
Panda 9.0.0.4 04.25.2006 no virus found
Sophos 4.05.0 04.25.2006 no virus found
Symantec 8.0 04.25.2006 no virus found
TheHacker 5.9.7.135 04.25.2006 no virus found
UNA 1.83 04.21.2006 no virus found
VBA32 3.11.0 04.25.2006 no virus found


Aditional Information
File size: 16384 bytes
MD5: 46c1714d207b3f051f4d9120787535df
SHA1: af4afb26cf3453e3201a3986fb96b54d6f927b43

VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far

#14 es ist alles in Ordnung ..was die Viren betrifft....

warum nun die Anwendungen so lange zum Laden brauchen... das ist nicht mehr mein Fach , wende dich bitte an:
http://board.protecus.de/f5.htm
und erklaere das Problem.
__________
MfG Sabina

rund um die PC-Sicherheit

#15 ja und was mach ich mit meiner Alexa????