ifizierter lap top |
||
|---|---|---|
| #0
| ||
|
21.12.2008, 16:46
...neu hier
Beiträge: 3 |
#1
habe viren probleme mit meinem lap top! habe windows vista und bin wahrscheinlich mit trojanern und würmern befallen. bitte dringen um hilfe, danke!
|
|
 
|
|
|
|
21.12.2008, 16:50
Member
Beiträge: 3716 |
#2
willkommen ;-) beschreibe dein problem näher arbeite diese seite ab und poste logs:
http://board.protecus.de/t23188.htm |
|
|
|
|
|
|
21.12.2008, 21:17
...neu hier
Themenstarter Beiträge: 3 |
#3
1. Bisher nur 60 tägiger testscanner. mittlerweile habe ich einige trojaner und würmer am lap top. immer wieder hängt div programme.
2. Datenträgerbereinigung durchgeführt 3. Bericht für Mailwarebytes: Malwarebytes' Anti-Malware 1.31 Datenbank Version: 1528 Windows 6.0.6000 21.12.2008 20:33:11 mbam-log-2008-12-21 (20-33-11).txt Scan-Methode: Vollständiger Scan (C:\|D:\|E:\|F:\|) Durchsuchte Objekte: 155818 Laufzeit: 3 hour(s), 21 minute(s), 31 second(s) Infizierte Speicherprozesse: 3 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 8 Infizierte Registrierungswerte: 6 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 2 Infizierte Dateien: 22 Infizierte Speicherprozesse: C:\Users\Gernot\AppData\Local\Temp\yyy1957.exe (Trojan.Downloader) -> Unloaded process successfully. C:\Users\Gernot\AppData\Local\Temp\~tmpb.exe (Trojan.FakeAlert) -> Unloaded process successfully. C:\Users\Gernot\AppData\Local\Temp\~tmpc.exe (Trojan.FakeAlert) -> Unloaded process successfully. Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: HKEY_CURRENT_USER\SOFTWARE\{5222008a-dd62-49c7-a735-7bd18ecc7350} (Rogue.VirusRemover) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\{5222008a-dd62-49c7-a735-7bd18ecc7350} (Rogue.VirusRemover) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Spyware Guard 2008 (Rogue.SpywareGuard) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\virusremover2008 (Rogue.VirusRemove) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\virusremover2008 (Rogue.VirusRemove) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\virusremover2008 (Rogue.VirusRemove) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\MSFox (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\spyware guard (Rogue.SpywareGuard) -> Quarantined and deleted successfully. Infizierte Registrierungswerte: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\msfox (Trojan.Downloader) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\virusremover2008 (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Cognac (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.securewebinfo.com (Trojan.Zlob) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.safetyincludes.com (Trojan.Zlob) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.securemanaging.com (Trojan.Zlob) -> Quarantined and deleted successfully. Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: C:\Program Files\VirusRemover2008 (Rogue.VirusRemove) -> Quarantined and deleted successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VirusRemover2008 (Rogue.VirusRemove) -> Quarantined and deleted successfully. Infizierte Dateien: C:\Users\Gernot\AppData\Local\Temp\yyy1957.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Program Files\VirusRemover2008\VRM2008.exe (Rogue.Installer) -> Quarantined and deleted successfully. C:\Users\Gernot\AppData\Local\Temp\~tmpe.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Gernot\AppData\Local\Temp\~tmpg.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Gernot\AppData\Local\Temp\~tmpi.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Gernot\AppData\Local\Temp\~tmpk.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Gernot\AppData\Local\Temp\yyy1964.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Users\Gernot\Desktop\VirusRemover2008_Setup_Free_en.exe (Rogue.Installer) -> Quarantined and deleted successfully. C:\Program Files\VirusRemover2008\Viruses.bdt (Rogue.VirusRemove) -> Quarantined and deleted successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VirusRemover2008\VirusRemover2008.lnk (Rogue.VirusRemove) -> Quarantined and deleted successfully. C:\Users\Gernot\AppData\Local\Temp\~tmpb.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Users\Gernot\Desktop\VirusRemover2008.lnk (Rogue.VirusRemove) -> Quarantined and deleted successfully. C:\Users\Gernot\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\VirusRemover2008.lnk (Rogue.VirusRemove) -> Quarantined and deleted successfully. C:\Users\Gernot\AppData\Local\Temp\~tmpa.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Users\Gernot\AppData\Local\Temp\~tmpc.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Users\Gernot\AppData\Local\Temp\~tmpd.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Users\Gernot\AppData\Local\Temp\~tmpf.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Users\Gernot\AppData\Local\Temp\~tmph.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Users\Gernot\AppData\Local\Temp\~tmpj.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Users\Gernot\AppData\Local\Temp\xrg1.exe (Trojan.Zlob) -> Quarantined and deleted successfully. C:\Users\Gernot\AppData\Local\Temp\xrg2.exe (Trojan.Zlob) -> Quarantined and deleted successfully. C:\Users\Gernot\Favorites\Antivirus Scan.url (Rogue.Link) -> Quarantined and deleted successfully. 4. Combofix: ComboFix 08-12-21.01 - Gernot 2008-12-21 20:46:46.1 - NTFSx86 Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1031.18.1407.740 [GMT 1:00] ausgeführt von:: c:\users\Gernot\Desktop\ComboFix.exe . (((((((((((((((((((((((((((((((((((( Weitere Löschungen )))))))))))))))))))))))))))))))))))))))))))))))) . c:\users\Gernot\Documents\My Documents.url c:\windows\system32\acovcnt.exe c:\windows\system32\AutoRun.inf . ((((((((((((((((((((((( Dateien erstellt von 2008-11-21 bis 2008-12-21 )))))))))))))))))))))))))))))) . 2008-12-21 17:10 . 2008-12-21 17:10 <DIR> d-------- c:\users\Gernot\AppData\Roaming\Malwarebytes 2008-12-21 17:10 . 2008-12-21 17:10 <DIR> d-------- c:\programdata\Malwarebytes 2008-12-21 17:10 . 2008-12-21 17:10 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware 2008-12-21 17:10 . 2008-12-03 19:52 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys 2008-12-21 17:10 . 2008-12-03 19:52 15,504 --a------ c:\windows\System32\drivers\mbam.sys 2008-12-21 16:27 . 2008-12-21 16:27 <DIR> d-------- c:\windows\System32\Kaspersky Lab 2008-12-14 09:08 . 2008-10-22 00:31 2,048 --a------ c:\windows\System32\tzres.dll 2008-12-11 22:35 . 2008-11-01 00:38 4,247,552 --a------ c:\windows\System32\GameUXLegacyGDFs.dll 2008-12-11 22:35 . 2008-11-01 04:33 1,687,040 --a------ c:\windows\System32\gameux.dll 2008-12-11 22:35 . 2008-11-01 04:33 28,672 --a------ c:\windows\System32\Apphlpdm.dll 2008-12-11 22:32 . 2008-06-23 02:52 2,855,424 --a------ c:\windows\System32\mf.dll 2008-12-11 22:32 . 2008-06-23 02:52 996,352 --a------ c:\windows\System32\WMNetMgr.dll 2008-12-11 22:32 . 2008-06-23 02:52 98,816 --a------ c:\windows\System32\mfps.dll 2008-12-11 22:32 . 2008-06-23 02:52 94,720 --a------ c:\windows\System32\logagent.exe 2008-12-11 22:32 . 2008-06-23 02:52 52,736 --a------ c:\windows\System32\rrinstaller.exe 2008-12-11 22:32 . 2008-06-23 02:52 24,576 --a------ c:\windows\System32\mfpmp.exe 2008-12-11 22:32 . 2008-06-22 23:34 2,048 --a------ c:\windows\System32\mferror.dll 2008-12-11 22:26 . 2008-10-29 07:20 2,923,520 --a------ c:\windows\explorer.exe 2008-12-11 22:25 . 2008-10-21 06:16 297,472 --a------ c:\windows\System32\gdi32.dll 2008-12-03 19:53 . 2008-10-16 22:13 1,809,944 --a------ c:\windows\System32\wuaueng.dll 2008-12-03 19:53 . 2008-10-16 21:56 1,524,736 --a------ c:\windows\System32\wucltux.dll 2008-12-03 19:53 . 2008-10-16 22:09 51,224 --a------ c:\windows\System32\wuauclt.exe 2008-12-03 19:53 . 2008-10-16 22:09 43,544 --a------ c:\windows\System32\wups2.dll 2008-12-03 19:52 . 2008-10-16 22:12 561,688 --a------ c:\windows\System32\wuapi.dll 2008-12-03 19:52 . 2008-10-16 14:08 162,064 --a------ c:\windows\System32\wuwebv.dll 2008-12-03 19:52 . 2008-10-16 21:55 83,456 --a------ c:\windows\System32\wudriver.dll 2008-12-03 19:52 . 2008-10-16 22:08 34,328 --a------ c:\windows\System32\wups.dll 2008-12-03 19:52 . 2008-10-16 13:56 31,232 --a------ c:\windows\System32\wuapp.exe 2008-11-25 21:03 . 2008-10-21 06:16 1,645,568 --a------ c:\windows\System32\connect.dll 2008-11-25 21:03 . 2008-08-28 04:24 712,192 --a------ c:\windows\System32\WindowsCodecs.dll 2008-11-25 21:03 . 2008-08-28 04:24 425,472 --a------ c:\windows\System32\PhotoMetadataHandler.dll 2008-11-25 21:03 . 2008-08-28 04:24 347,136 --a------ c:\windows\System32\WindowsCodecsExt.dll 2008-11-25 21:03 . 2008-10-22 04:43 241,152 --a------ c:\windows\System32\PortableDeviceApi.dll 2008-11-25 21:03 . 2008-10-22 04:43 160,768 --a------ c:\windows\System32\PortableDeviceTypes.dll 2008-11-25 21:03 . 2008-10-22 04:43 95,232 --a------ c:\windows\System32\PortableDeviceClassExtension.dll . (((((((((((((((((((((((((((((((((((( Find3M Bericht )))))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-12-14 08:36 174 --sha-w c:\program files\desktop.ini 2008-12-14 08:33 --------- d-----w c:\program files\Windows Mail 2008-11-09 15:26 --------- d--h--w c:\program files\InstallShield Installation Information 2008-11-09 15:26 --------- d-----w c:\program files\EA Games 2008-11-01 03:33 537,600 ----a-w c:\windows\AppPatch\AcLayers.dll 2008-11-01 03:33 52,736 ----a-w c:\windows\AppPatch\iebrshim.dll 2008-11-01 03:33 449,536 ----a-w c:\windows\AppPatch\AcSpecfc.dll 2008-11-01 03:33 2,144,256 ----a-w c:\windows\AppPatch\AcGenral.dll 2008-11-01 03:33 173,056 ----a-w c:\windows\AppPatch\AcXtrnal.dll 2008-10-31 23:23 2,560 ----a-w c:\windows\AppPatch\AcRes.dll 2008-10-28 14:57 --------- d-----w c:\program files\Common Files\AVSMedia 2008-10-28 14:57 --------- d-----w c:\program files\AVS4YOU 2008-10-27 23:46 --------- d-----w c:\users\Gernot\AppData\Roaming\AVS4YOU 2008-10-27 23:46 --------- d-----w c:\programdata\AVS4YOU 2008-10-25 16:49 --------- d-----w c:\program files\Google 2008-10-21 16:55 --------- d-----w c:\program files\GameSpy Arcade 2008-10-16 04:40 826,368 ----a-w c:\windows\System32\wininet.dll 2008-10-16 04:40 56,320 ----a-w c:\windows\System32\iesetup.dll 2008-10-16 04:40 26,624 ----a-w c:\windows\System32\ieUnatt.exe 2008-09-30 15:43 1,286,152 ----a-w c:\windows\System32\msxml4.dll 2008-08-31 19:07 16,384 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat 2008-08-31 19:07 32,768 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat 2008-08-31 19:07 16,384 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat . (((((((((((((((((((((((((((( Autostartpunkte der Registrierung )))))))))))))))))))))))))))))))))))))))) . . *Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-07-01 1232896] "LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-06-20 451872] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440] "swg"="c:\program files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2008-10-25 171448] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 201728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2006-11-22 630784] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-03-01 857648] "ASUS Screen Saver Protector"="c:\windows\ASScrPro.exe" [2008-03-04 33136] "ASUS Camera ScreenSaver"="c:\windows\ASScrProlog.exe" [2008-03-04 37232] "NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136] "ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2007-01-09 115816] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 49152] "Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 583048] "RtHDVCpl"="RtHDVCpl.exe" [2007-02-15 c:\windows\RtHDVCpl.exe] c:\users\Gernot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Xfire.lnk - c:\program files\Xfire\Xfire.exe [2005-09-28 3088520] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe [2006-10-23 40048] Adobe Reader Synchronizer.lnk - c:\program files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2006-10-22 734872] HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-03-11 210520] [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UacDisableNotify"=dword:00000001 "InternetSettingsDisableNotify"=dword:00000001 "AutoUpdateDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{E8DDDB06-7414-4890-9B31-CD2E9511DE49}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook [HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System] "DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic| [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile] "EnableFirewall"= 0 (0x0) R1 IDSvix86;Symantec Intrusion Prevention Driver;\??\c:\progra~2\Symantec\DEFINI~1\SymcData\idsdefs\20080723.001\IDSvix86.sys [2008-07-24 261680] R2 Automatisches LiveUpdate - Scheduler;Automatisches LiveUpdate - Scheduler;"c:\program files\Symantec\LiveUpdate\ALUSchedulerSvc.exe" [2008-04-26 554352] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;\??\c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2008-07-24 109616] R3 SYMNDISV;SYMNDISV;c:\windows\system32\Drivers\SYMNDISV.SYS [2007-01-09 38200] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bthsvcs REG_MULTI_SZ BthServ HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2b09078b-ea13-11dc-bb5d-806e6f6e6963}] \shell\AutoRun\command - E:\autoplay.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7fddc29b-5a83-11dd-a16e-001e8c242921}] \shell\AutoRun\command - F:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e31863a4-7854-11dd-8e0b-001e8c242921}] \shell\AutoRun\command - G:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fdae68e9-4691-11dd-98e3-001e8c242921}] \shell\AutoRun\command - F:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fdae68fc-4691-11dd-98e3-001e8c242921}] \shell\AutoRun\command - F:\AutoRun.exe *Newly Created Service* - COMHOST *Newly Created Service* - PROCEXP90 [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] "c:\program files\Common Files\LightScribe\LSRunOnce.exe" . Inhalt des "geplante Tasks" Ordners 2008-12-15 c:\windows\Tasks\Norton Internet Security - Systemprüfung ausführen - Gernot.job - c:\program files\Norton Internet Security\Norton AntiVirus\Navw32.exe [2007-01-14 02:09] 2008-12-21 c:\windows\Tasks\User_Feed_Synchronization-{1B25F06E-44E9-4A96-B48B-8C1DAED68035}.job - c:\windows\system32\msfeedssync.exe [2006-11-02 10:45] 2008-10-28 c:\windows\Tasks\WebReg Deskjet F4100 series.job - c:\program files\HP\Digital Imaging\bin\hpqwrg.exe [2007-03-11 20:27] . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-12-21 20:50:34 Windows 6.0.6000 NTFS Scanne versteckte Prozesse... Scanne versteckte Autostarteinträge... Scanne versteckte Dateien... Scan erfolgreich abgeschlossen versteckte Dateien: 0 ************************************************************************** . Zeit der Fertigstellung: 2008-12-21 20:58:17 ComboFix-quarantined-files.txt 2008-12-21 19:58:12 Vor Suchlauf: 17 Verzeichnis(se), 12.490.805.248 Bytes frei Nach Suchlauf: 17 Verzeichnis(se), 13,346,320,384 Bytes frei 168 --- E O F --- 2008-12-14 08:13:38 5. Hijackthis-logfile: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:05:13, on 21.12.2008 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16764) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\Windows\RtHDVCpl.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Windows\ASScrPro.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Windows\Explorer.exe C:\Program Files\tele.ring\tele.ring Mobile Internet.exe C:\Program Files\Internet Explorer\IEUser.exe C:\Program Files\HP\Smart Web Printing\hpswp_clipbook.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\WerCon.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.energy.at/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\ASScrProlog.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: HP Sammelmappe - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll O9 - Extra button: HP Intelligente Auswahl - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O17 - HKLM\System\CCS\Services\Tcpip\..\{D8E7AD05-71CC-434E-906B-AFCAAAF91BE4}: NameServer = 213.162.69.169 213.162.65.1 O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: Automatisches LiveUpdate - Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe -- End of file - 7663 bytes 6. Uninstallliste 2007 Microsoft Office system 32 Bit HP CIO Components Installer Activation Assistant for the 2007 Microsoft Office suites Adobe Flash Player 10 ActiveX Adobe Reader 8 ANNO 1503 AppCore ASUS Live Update ASUS MultiFrame ASUS Splendid Video Enhancement Technology Asus_Camera_ScreenSaver Atheros Driver Installation Program ATK Hotkey ATKOSD2 AV AVS4YOU Software Navigator 1.2 Birth of the Federation ccCommon Command & Conquer Alarmstufe Rot 2 Command & Conquer Die ersten 10 Jahre Gemeinsam genutzte Internet-Komponenten von Westwood Google Toolbar for Internet Explorer Google Toolbar for Internet Explorer HijackThis 2.0.2 HP Customer Participation Program 9.0 HP Deskjet All-In-One Software 9.0 HP Imaging Device Functions 9.0 HP Photosmart Essential 2.01 HP Smart Web Printing HP Solution Center 9.0 HP Update HPSSupply Kaspersky Online Scanner LiveUpdate 3.2 (Symantec Corporation) LiveUpdate Notice (Symantec Corporation) Malwarebytes' Anti-Malware Microsoft Office Access MUI (Dutch) 2007 Microsoft Office Access MUI (English) 2007 Microsoft Office Access MUI (French) 2007 Microsoft Office Access MUI (German) 2007 Microsoft Office Access MUI (Italian) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Excel MUI (Dutch) 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office Excel MUI (French) 2007 Microsoft Office Excel MUI (German) 2007 Microsoft Office Excel MUI (Italian) 2007 Microsoft Office Outlook MUI (Dutch) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office Outlook MUI (French) 2007 Microsoft Office Outlook MUI (German) 2007 Microsoft Office Outlook MUI (Italian) 2007 Microsoft Office PowerPoint MUI (Dutch) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office PowerPoint MUI (French) 2007 Microsoft Office PowerPoint MUI (German) 2007 Microsoft Office PowerPoint MUI (Italian) 2007 Microsoft Office Professional Hybrid 2007 Microsoft Office Proof (Arabic) 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proof (Italian) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (Dutch) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing (French) 2007 Microsoft Office Proofing (German) 2007 Microsoft Office Proofing (Italian) 2007 Microsoft Office Publisher MUI (Dutch) 2007 Microsoft Office Publisher MUI (English) 2007 Microsoft Office Publisher MUI (French) 2007 Microsoft Office Publisher MUI (German) 2007 Microsoft Office Publisher MUI (Italian) 2007 Microsoft Office Shared MUI (Dutch) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared MUI (French) 2007 Microsoft Office Shared MUI (German) 2007 Microsoft Office Shared MUI (Italian) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (Dutch) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Office Word MUI (French) 2007 Microsoft Office Word MUI (German) 2007 Microsoft Office Word MUI (Italian) 2007 Microsoft Visual C++ 2005 Redistributable Motorola SM56 Data Fax Modem MSRedist MSXML 4.0 SP2 (KB927978) MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB941833) MSXML 4.0 SP2 (KB954430) NB Probe Nero 7 Essentials neroxml Norton AntiVirus Norton Confidential Browser Component Norton Confidential Web Protection Component Norton Internet Security Norton Internet Security Norton Internet Security Norton Internet Security Norton Internet Security Norton Internet Security (Symantec Corporation) Norton Protection Center Power4Gear eXtreme Realtek High Definition Audio Driver RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01 SPBBC 32bit Star Trek Armada II Star Trek Starfleet Command III Symantec Real Time Storage Protection Component SymNet Synaptics Pointing Device Driver tele.ring Mobile Internet WinFlash Wireless Console 2 Xfire (remove only) |
|
|
|
|
|
|
21.12.2008, 21:29
Member
Beiträge: 3716 |
#4
also brauchst du ein neues antivirenprogramm? kostenlos oder kann es etwas kosten?
|
|
|
|
|
|
|
22.12.2008, 20:50
...neu hier
Themenstarter Beiträge: 3 |
#5
Gratis wär mir ehrlich gesagt lieber, da ich den lap top nur privat nutze.
|
|
|
|
|
|
|
22.12.2008, 20:58
Member
Beiträge: 3716 |
#6
hallo, wir nutzen jetzt mal noch ne testversion ;-)
www.avira.com/de/produkte/avira_antivir_premium.html - 29k - bitte instalieren und updaten. http://board.protecus.de/t23979.htm so einstellen alle deine platten scannen, funde in quarantäne log posten. wie läuft der laptop? nutzt du das von norton? wenn nicht hauen wir das auch noch runter. |
|
|
|
|
|
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!
bitte erst » hier kostenlos registrieren!!
Folgende Themen könnten Dich auch interessieren:
Seite(n): 1
Copyright © 2024, Protecus.de - Protecus Team - Impressum / Mediadaten