Win32 Zlob.btg eingefangen |
||
|---|---|---|
| #0
| ||
|
26.05.2007, 12:11
...neu hier
Beiträge: 9 |
||
 
|
|
|
|
26.05.2007, 12:15
Ehrenmitglied
 Beiträge: 6028 |
#2
Download: RemoveVideoActiveXObject by Smeenk,zum Desktop
Danach dopplelklicken Moeglich startet der Uninstaller von ein Roquescanner schliesse es nicht ab aber lass es seine Arbeit tun Rechner neu starten und nochmals RemoveVideoActiveXObject.exe Doppelklicken Poste nachher den logfile C:\RVAXO-results.log in dein folgender Bericht zusammen mit ein log von HijackThis __________ MfG Argus |
|
|
|
|
|
|
26.05.2007, 18:12
...neu hier
Themenstarter Beiträge: 9 |
#3
Danke für die Antwort, hier die Log Files:
Logfile of HijackThis v1.99.1 Scan saved at 18:09:07, on 26.05.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\brss01a.exe C:\WINDOWS\Explorer.EXE F:\Kaspersky\avp.exe C:\WINDOWS\system32\Brmfrmps.exe C:\WINDOWS\SOUNDMAN.EXE C:\Programme\ASUS\WLAN Card Utilities\Center.exe C:\Programme\Java\jre1.5.0_11\bin\jusched.exe F:\Kaspersky\avp.exe C:\Programme\Saitek\Software\SaiMfd.exe C:\WINDOWS\system32\rundll32.exe F:\Daemon Tools\daemon.exe C:\WINDOWS\system32\ctfmon.exe F:\Bluetooth\bin\btwdins.exe C:\Programme\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\WINDOWS\Resources\Themes\DameK UltraBlue\AquaDock\Aqua Dock.exe C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe F:\Alcohol120%\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\Programme\ATI Technologies\ATI.ACE\Core-Static\ccc.exe F:\Firefox\Mozilla Firefox\firefox.exe F:\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.incredimail.com/page.asp?page=reg_success&lang=7&version=5242528&setup_id=7000007&aff_id=102&addon=IncrediMail O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Adobe Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - F:\Spybot\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_11\bin\ssv.dll O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [Ptipbmf] rundll32.exe ptipbmf.dll,SetWriteCacheMode O4 - HKLM\..\Run: [Control Center] C:\Programme\ASUS\WLAN Card Utilities\Center.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre1.5.0_11\bin\jusched.exe" O4 - HKLM\..\Run: [kis] "F:\Kaspersky\avp.exe" O4 - HKLM\..\Run: [SaiMfd] C:\Programme\Saitek\Software\SaiMfd.exe O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [DAEMON Tools] "F:\Daemon Tools\daemon.exe" -lang 1033 O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe O4 - HKCU\..\Run: [SpybotSD TeaTimer] F:\Spybot\Spybot - Search & Destroy\TeaTimer.exe O4 - Startup: Aqua Dock.lnk = C:\WINDOWS\Resources\Themes\DameK UltraBlue\AquaDock\Aqua Dock.exe O8 - Extra context menu item: &Clean Traces - F:\Download Accelerator\DAP\Privacy Package\dapcleanerie.htm O8 - Extra context menu item: &Download with &DAP - F:\Download Accelerator\DAP\dapextie.htm O8 - Extra context menu item: Download &all with DAP - F:\Download Accelerator\DAP\dapextie2.htm O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://F:\OFFICE~1\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Senden an &Bluetooth - F:\Bluetooth\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra button: Web-Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - F:\Kaspersky\scieplugin.dll O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - F:\ICQ\ICQLite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - F:\ICQ\ICQLite\ICQLite.exe O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - F:\Bluetooth\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - F:\Bluetooth\btsendto_ie.htm O16 - DPF: {0835BC90-6ABC-4F52-A103-4FC3A61F2C33} (A18X Control) - http://www.albatross18.com/season2/cabs/A18X.ocx O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\btxppanel.dll O20 - AppInit_DLLs: F:\KASPER~1\adialhk.dll O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Kaspersky Lab - F:\Kaspersky\avp.exe O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Unknown owner - C:\WINDOWS\system32\Brmfrmps.exe" -service (file missing) O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation - F:\Bluetooth\bin\btwdins.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe O23 - Service: NBService - Nero AG - F:\Nero7\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - F:\Alcohol120%\Alcohol 120\StarWind\StarWindService.exe ----------------RemoveVideoActiveXObject.exe first run------------- Files found: C:\Dokumente und Einstellungen\Sp4wN\FAVORI~1\Online Security Test.url Uninstallers Rogue scanners: Folders Found: --------------RemoveVideoActiveXObject.exe last run--------------- Files found: Uninstallers Rogue scanners: Folders Found: |
|
|
|
|
|
|
26.05.2007, 18:17
Ehrenmitglied
Beiträge: 6028 |
#4
C:\RVAXO-results.log – loeschen und Papierkorb leeren
Dein Java software ist veraltet,download jre-6-windows-i586.exe Srcolle runter nach "Java Runtime Environment (JRE) 6u1 The Java SE Runtime Environment (JRE) allows end-users to run Java applications. Klicke auf "Download" Setze in haeckchen bei "Accept License Agreement". Klicke “Windows Offline Installation, Multi-language” um “jre-6-windows-i586.exe”zum Desktop zu installieren Schliesse alle Programme auch dein Webbrowser Ueber "Start -> Einstellungen -> Systemsteuerung -> Software Und entferne alle aeltere versionen von Java Runtime Environment (JRE of J2SE) Nachdem alles entfernt wurde,Rechner neu starten Installiere jetzt vom Desktop aus “jre-6-windows-i586.exe” __________ MfG Argus |
|
|
|
|
|
|
26.05.2007, 18:26
...neu hier
Themenstarter Beiträge: 9 |
#5
Der Download funktioniert leider nicht
Fatal Error: We're sorry, an unexpected error occurred, so your transaction cannot be completed at this time. Please help us resolve this error as soon as possible by e-mailing our support department at ( Download Center Customer Service ) the name and/or URL of the page you were on and a copy of the following error message: Unknown error encountered |
|
|
|
|
|
|
26.05.2007, 18:38
Ehrenmitglied
Beiträge: 6028 |
||
|
|
|
|
|
26.05.2007, 19:07
...neu hier
Themenstarter Beiträge: 9 |
||
|
|
|
|
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!
bitte erst » hier kostenlos registrieren!!
Folgende Themen könnten Dich auch interessieren:
Seite(n): 1
Copyright © 2024, Protecus.de - Protecus Team - Impressum / Mediadaten
hab mir das oben genannte Teil eingefangen.Ad-Aware und Spybot konnten mir nicht weiterhelfen.
Logfile of HijackThis v1.99.1
Scan saved at 11:49:17, on 26.05.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\Explorer.EXE
F:\Kaspersky\avp.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Programme\ASUS\WLAN Card Utilities\Center.exe
C:\Programme\Java\jre1.5.0_11\bin\jusched.exe
F:\Kaspersky\avp.exe
C:\Programme\Saitek\Software\SaiMfd.exe
C:\Programme\Video ActiveX Access\imsmn.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\Brmfrmps.exe
F:\Daemon Tools\daemon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\Resources\Themes\DameK UltraBlue\AquaDock\Aqua Dock.exe
C:\Programme\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
F:\Bluetooth\bin\btwdins.exe
C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
F:\Alcohol120%\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
F:\Firefox\Mozilla Firefox\firefox.exe
F:\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.incredimail.com/page.asp?page=reg_success&lang=7&version=5242528&setup_id=7000007&aff_id=102&addon=IncrediMail
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Adobe Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - F:\Spybot\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_11\bin\ssv.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Ptipbmf] rundll32.exe ptipbmf.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [Control Center] C:\Programme\ASUS\WLAN Card Utilities\Center.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [kis] "F:\Kaspersky\avp.exe"
O4 - HKLM\..\Run: [SaiMfd] C:\Programme\Saitek\Software\SaiMfd.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [DAEMON Tools] "F:\Daemon Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] F:\Spybot\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: Aqua Dock.lnk = C:\WINDOWS\Resources\Themes\DameK UltraBlue\AquaDock\Aqua Dock.exe
O8 - Extra context menu item: &Clean Traces - F:\Download Accelerator\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - F:\Download Accelerator\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - F:\Download Accelerator\DAP\dapextie2.htm
O8 - Extra context menu item: Hinzufügen zu Kaspersky Anti-Banner - F:\Kaspersky\\ie_banner_deny.htm
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://F:\OFFICE~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Senden an &Bluetooth - F:\Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Web-Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - F:\Kaspersky\scieplugin.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - F:\ICQ\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - F:\ICQ\ICQLite\ICQLite.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - F:\Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - F:\Bluetooth\btsendto_ie.htm
O16 - DPF: {0835BC90-6ABC-4F52-A103-4FC3A61F2C33} (A18X Control) - http://www.albatross18.com/season2/cabs/A18X.ocx
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\btxppanel.dll
O20 - AppInit_DLLs: F:\KASPER~1\adialhk.dll
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Kaspersky Lab - F:\Kaspersky\avp.exe
O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Unknown owner - C:\WINDOWS\system32\Brmfrmps.exe" -service (file missing)
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation - F:\Bluetooth\bin\btwdins.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - F:\Nero7\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - F:\Alcohol120%\Alcohol 120\StarWind\StarWindService.exe
Die Auswertung ergab,das er sich in C:\Programme\Video ActiveX Access\imsmn.exe versteckt.
Bitte um eure Hilfe,
Gruss Arel