So, dabin ich wieder...
Sitz hier grad am PC von einem Kumpel...und ähm...der ist etwas vervirt:
HijackthisLogfile
Logfile of HijackThis v1.99.1
Scan saved at 21:18:40, on 14.05.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\eTrust Antivirus\ISafe.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Programme\Schönherr Personal Firewall\driver\spfirewallsvc.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\Elaborate Bytes\CloneCD\CloneCDTray.exe
C:\eTrust Antivirus\VetMsg.exe
C:\Programme\Browser mouse\1.3\mouse32a.exe
C:\ahead\InCD\InCD.exe
C:\programme\schönherr personal firewall\bin\sppfw.exe
C:\D-Tools\daemon.exe
C:\eTrust Antivirus\CAVTray.exe
C:\eTrust Antivirus\CAVRID.exe
C:\Programme\Messenger\msmsgs.exe
C:\802.11 Wireless LAN\802.11b Wireless CardBus & PCI Adapter HW.11 V1.10\WlanCU.exe
C:\WINDOWS\System32\alg.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Dokumente und Einstellungen\Alf\Desktop\Neuer Ordner\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customi ... ch/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customi ... .yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.giga.de/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customi ... .yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.ulead.com.tw/uleadAp/Push/do ... YPE=320102
O2 - BHO: (no name) - {00A6FAF1-072E-44cf-8957-5838F569A31D} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\apps\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Programme\Gemeinsame Dateien\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar2.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - (no file)
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\ycomp5_5_5_0.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar2.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Programme\Gemeinsame Dateien\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - (no file)
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [CloneCDTray] "C:\Elaborate Bytes\CloneCD\CloneCDTray.exe"
O4 - HKLM\..\Run: [FLMMEDIONMOUSE] C:\Programme\Browser mouse\1.3\mouse32a.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [IS CfgWiz] C:\Programme\Gemeinsame Dateien\Symantec Shared\cfgwiz.exe /GUID NIS /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [Securepoint Personal Firewall] c:\programme\schönherr personal firewall\bin\sppfw.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [CaAvTray] "C:\eTrust Antivirus\CAVTray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\eTrust Antivirus\CAVRID.exe"
O4 - HKCU\..\Run: [Update Service] C:\PROGRA~1\GEMEIN~1\TEKNUM~1\update.exe /startup
O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Steam] C:\Spiele + Demos\Half Life 2 Demo\Steam.exe -silent
O4 - Global Startup: InterVideo WinCinema Manager.lnk = ?
O4 - Global Startup: Wireless Configuration Utility.lnk = C:\802.11 Wireless LAN\802.11b Wireless CardBus & PCI Adapter HW.11 V1.10\WlanCU.exe
O8 - Extra context menu item: &Google Search - res://c:\programme\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Im Cache gespeicherte Seite - res://c:\programme\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Verweisseiten - res://c:\programme\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Ähnliche Seiten - res://c:\programme\google\GoogleToolbar2.dll/cmsimilar.html
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{0F755549-6768-4609-B7A4-88A68ED90D46}: NameServer = 194.25.2.129,194.25.2.130
O17 - HKLM\System\CCS\Services\Tcpip\..\{7655D87C-83B3-468F-ADC2-3380258FB0A7}: NameServer = 192.168.122.252,192.168.122.253
O17 - HKLM\System\CS1\Services\Tcpip\..\{0F755549-6768-4609-B7A4-88A68ED90D46}: NameServer = 194.25.2.129,194.25.2.130
O17 - HKLM\System\CS2\Services\Tcpip\..\{0F755549-6768-4609-B7A4-88A68ED90D46}: NameServer = 194.25.2.129,194.25.2.130
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\eTrust Antivirus\ISafe.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccProxy.exe
O23 - Service: AVM FRITZ!web Routing Service (de_serv) - AVM Berlin - C:\Programme\Gemeinsame Dateien\AVM\de_serv.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Securepoint Personal Firewall (spfirewallsvc) - Securepoint Latinoamerica S.A. de C.V. - C:\Programme\Schönherr Personal Firewall\driver\spfirewallsvc.exe
O23 - Service: TSMService - T-Systems Nova, Berkom - C:\Programme\T-DSL SpeedManager\tsmsvc.exe
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\eTrust Antivirus\VetMsg.exe
-----------------------------------------------------
und das LOgfile vom escan, aus dem Statusfenster:
Taken.
File C:\DOKUME~1\Alf\LOKALE~1\Temp\ICD1.tmp\pinLoader.dll infected by "Trojan-Downloader.Win32.Small.uu" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\Alf\LOKALE~1\Temp\iinstall.exe infected by "Trojan-Downloader.Win32.IstBar.gen" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Alf\Desktop\Neuer Ordner\backups\backup-20050514-181633-928 infected by "Exploit.HTML.Mht" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Alf\Desktop\Neuer Ordner\backups\backup-20050514-181634-526.dll infected by "Trojan-Downloader.Win32.IstBar.gen" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Alf\Desktop\Neuer Ordner\backups\backup-20050514-181635-931.dll infected by "Trojan-Downloader.Win32.Stardler.a" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Alf\Lokale Einstellungen\Temp\ICD1.tmp\pinLoader.dll infected by "Trojan-Downloader.Win32.Small.uu" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Alf\Lokale Einstellungen\Temp\iinstall.exe infected by "Trojan-Downloader.Win32.IstBar.gen" Virus. Action Taken: No Action Taken.
File C:\PNP\MOBO\AGP\HTPATCH\HTPATCH.EXE tagged as not-a-virus:Tool.Win32.HTPatch.a. No Action Taken.
File C:\Programme\KONAMI\Yu-Gi-Oh! Power of Chaos YUGI THE DESTINY\dabytr2.exe tagged as not-a-virus:Cracker.Game.HotHook. No Action Taken.
File C:\Programme\MyWebSearch\bar\1.bin\F3HISTSW.DLL infected by "not-a-virus:AdWare.ToolBar.MyWebSearch" Virus. Action Taken: No Action Taken.
File C:\Programme\MyWebSearch\bar\1.bin\F3HTMLMU.DLL infected by "not-a-virus:AdWare.ToolBar.MyWebSearch" Virus. Action Taken: No Action Taken.
File C:\Programme\MyWebSearch\bar\1.bin\F3SCHMON.EXE infected by "not-a-virus:AdWare.ToolBar.MyWebSearch" Virus. Action Taken: No Action Taken.
File C:\Programme\MyWebSearch\bar\1.bin\F3SCRCTR.DLL infected by "not-a-virus:AdWare.ToolBar.MyWebSearch" Virus. Action Taken: No Action Taken.
File C:\Programme\MyWebSearch\bar\1.bin\MWSBAR.DLL infected by "not-a-virus:AdWare.ToolBar.MyWebSearch" Virus. Action Taken: No Action Taken.
File C:\Programme\MyWebSearch\bar\1.bin\MWSOEPLG.DLL infected by "not-a-virus:AdWare.ToolBar.MyWebSearch" Virus. Action Taken: No Action Taken.
File C:\Programme\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL infected by "not-a-virus:AdWare.ToolBar.MyWebSearch" Virus. Action Taken: No Action Taken.
File C:\Programme\Yu-Gi-Oh! - Yugi the Destiny\Yugi The Destiny 2.0 - Trainer.exe tagged as not-a-virus:Cracker.Game.HotHook. No Action Taken.
File C:\Spiele + Demos\Half Life\Counter-Strike\hltv.exe tagged as not-a-virus:RiskWare.Proxy.Hltv. No Action Taken.
File C:\Spiele + Demos\Quake3 Arena\Extras\WorldNet\PCVKIT.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken.
File C:\System Volume Information\_restore{D93FF896-00B8-44C3-84C8-3CC3523157C0}\RP352\A0055027.exe tagged as not-a-virus:RiskWare.Proxy.Hltv. No Action Taken.
File C:\System Volume Information\_restore{D93FF896-00B8-44C3-84C8-3CC3523157C0}\RP369\A0060806.exe infected by "Trojan-Clicker.Win32.Agent.as" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{D93FF896-00B8-44C3-84C8-3CC3523157C0}\RP380\A0062622.exe infected by "not-a-virus:Porn-Dialer.Win32.Intexdial" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{D93FF896-00B8-44C3-84C8-3CC3523157C0}\RP380\A0062623.exe infected by "not-a-virus:Porn-Dialer.Win32.Intexdial" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{D93FF896-00B8-44C3-84C8-3CC3523157C0}\RP409\A0065734.DLL tagged as not-a-virus:Cracker.Game.HotHook.dll. No Action Taken.
File C:\System Volume Information\_restore{D93FF896-00B8-44C3-84C8-3CC3523157C0}\RP409\A0065750.DLL tagged as not-a-virus:Cracker.Game.HotHook.dll. No Action Taken.
File C:\System Volume Information\_restore{D93FF896-00B8-44C3-84C8-3CC3523157C0}\RP410\A0065764.DLL tagged as not-a-virus:Cracker.Game.HotHook.dll. No Action Taken.
File C:\System Volume Information\_restore{D93FF896-00B8-44C3-84C8-3CC3523157C0}\RP411\A0066766.DLL tagged as not-a-virus:Cracker.Game.HotHook.dll. No Action Taken.
File C:\System Volume Information\_restore{D93FF896-00B8-44C3-84C8-3CC3523157C0}\RP411\A0066780.DLL tagged as not-a-virus:Cracker.Game.HotHook.dll. No Action Taken.
File C:\System Volume Information\_restore{D93FF896-00B8-44C3-84C8-3CC3523157C0}\RP412\A0066802.DLL tagged as not-a-virus:Cracker.Game.HotHook.dll. No Action Taken.
File C:\System Volume Information\_restore{D93FF896-00B8-44C3-84C8-3CC3523157C0}\RP413\A0066916.exe tagged as not-a-virus:Cracker.Game.HotHook. No Action Taken.
File C:\System Volume Information\_restore{D93FF896-00B8-44C3-84C8-3CC3523157C0}\RP423\A0068155.DLL tagged as not-a-virus:Cracker.Game.HotHook.dll. No Action Taken.
File C:\System Volume Information\_restore{D93FF896-00B8-44C3-84C8-3CC3523157C0}\RP424\A0068168.exe tagged as not-a-virus:Cracker.Game.HotHook. No Action Taken.
File C:\System Volume Information\_restore{D93FF896-00B8-44C3-84C8-3CC3523157C0}\RP424\A0068184.exe tagged as not-a-virus:Cracker.Game.HotHook. No Action Taken.
File C:\System Volume Information\_restore{D93FF896-00B8-44C3-84C8-3CC3523157C0}\RP426\A0068192.DLL tagged as not-a-virus:Cracker.Game.HotHook.dll. No Action Taken.
File C:\WINDOWS\Downloaded Program Files\axload.dll infected by "Trojan.Win32.Dialer.ep" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\Downloaded Program Files\pinLoader.dll infected by "Trojan-Downloader.Win32.Small.uu" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\htpatch.exe tagged as not-a-virus:Tool.Win32.HTPatch.a. No Action Taken.
File C:\WINDOWS\Manga-Sex[air-10025,1].exe infected by "not-a-virus:Porn-Dialer.Win32.Intexdial" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\RESTORE.INS tagged as not-a-virus:NetTool.PsKill. No Action Taken.
File C:\WINDOWS\system\RESTORE.INS tagged as not-a-virus:NetTool.PsKill. No Action Taken.
File C:\WINDOWS\system32\H@tKeysH@@k.DLL tagged as not-a-virus:Cracker.Game.HotHook.dll. No Action Taken.
File C:\WINDOWS\Downloaded Program Files\axload.dll infected by "Trojan.Win32.Dialer.ep" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\Downloaded Program Files\pinLoader.dll infected by "Trojan-Downloader.Win32.Small.uu" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\htpatch.exe tagged as not-a-virus:Tool.Win32.HTPatch.a. No Action Taken.
File C:\WINDOWS\Manga-Sex[air-10025,1].exe infected by "not-a-virus:Porn-Dialer.Win32.Intexdial" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\RESTORE.INS tagged as not-a-virus:NetTool.PsKill. No Action Taken.
File C:\WINDOWS\system\RESTORE.INS tagged as not-a-virus:NetTool.PsKill. No Action Taken.
File C:\WINDOWS\system32\H@tKeysH@@k.DLL tagged as not-a-virus:Cracker.Game.HotHook.dll. No Action
----------------------------------------------------------------
und per "infected-Suche", aus dem Editorfile:
Sat May 14 18:20:42 2005 => File C:\WINDOWS\Manga-Sex[air-10025,1].exe infected by "not-a-virus:Porn-Dialer.Win32.Intexdial" Virus. Action Taken: No Action Taken.
Sat May 14 18:23:00 2005 => File C:\DOKUME~1\Alf\LOKALE~1\Temp\ICD1.tmp\pinLoader.dll infected by "Trojan-Downloader.Win32.Small.uu" Virus. Action Taken: No Action Taken.
Sat May 14 18:23:03 2005 => File C:\DOKUME~1\Alf\LOKALE~1\Temp\iinstall.exe infected by "Trojan-Downloader.Win32.IstBar.gen" Virus. Action Taken: No Action Taken.
Sat May 14 18:34:04 2005 => File C:\Dokumente und Einstellungen\Alf\Desktop\Neuer Ordner\backups\backup-20050514-181633-928 infected by "Exploit.HTML.Mht" Virus. Action Taken: No Action Taken.
Sat May 14 18:37:21 2005 => File C:\Dokumente und Einstellungen\Alf\Lokale Einstellungen\Temp\ICD1.tmp\pinLoader.dll infected by "Trojan-Downloader.Win32.Small.uu" Virus. Action Taken: No Action Taken.
Sat May 14 18:37:24 2005 => File C:\Dokumente und Einstellungen\Alf\Lokale Einstellungen\Temp\iinstall.exe infected by "Trojan-Downloader.Win32.IstBar.gen" Virus. Action Taken: No Action Taken.
Sat May 14 18:45:54 2005 => File C:\WINDOWS\Manga-Sex[air-10025,1].exe infected by "not-a-virus:Porn-Dialer.Win32.Intexdial" Virus. Action Taken: No Action Taken.
Sat May 14 18:48:10 2005 => File C:\DOKUME~1\Alf\LOKALE~1\Temp\ICD1.tmp\pinLoader.dll infected by "Trojan-Downloader.Win32.Small.uu" Virus. Action Taken: No Action Taken.
Sat May 14 18:51:18 2005 => File C:\Dokumente und Einstellungen\Alf\Desktop\Neuer Ordner\backups\backup-20050514-181633-928 infected by "Exploit.HTML.Mht" Virus. Action Taken: No Action Taken.
Sat May 14 18:51:18 2005 => File C:\Dokumente und Einstellungen\Alf\Desktop\Neuer Ordner\backups\backup-20050514-181634-526.dll infected by "Trojan-Downloader.Win32.IstBar.gen" Virus. Action Taken: No Action Taken.
Sat May 14 18:51:18 2005 => File C:\Dokumente und Einstellungen\Alf\Desktop\Neuer Ordner\backups\backup-20050514-181635-931.dll infected by "Trojan-Downloader.Win32.Stardler.a" Virus. Action Taken: No Action Taken.
Sat May 14 18:54:32 2005 => File C:\Dokumente und Einstellungen\Alf\Lokale Einstellungen\Temp\ICD1.tmp\pinLoader.dll infected by "Trojan-Downloader.Win32.Small.uu" Virus. Action Taken: No Action Taken.
Sat May 14 18:54:35 2005 => File C:\Dokumente und Einstellungen\Alf\Lokale Einstellungen\Temp\iinstall.exe infected by "Trojan-Downloader.Win32.IstBar.gen" Virus. Action Taken: No Action Taken.
Sat May 14 19:03:51 2005 => File C:\Programme\MyWebSearch\bar\1.bin\F3HISTSW.DLL infected by "not-a-virus:AdWare.ToolBar.MyWebSearch" Virus. Action Taken: No Action Taken.
Sat May 14 19:03:51 2005 => File C:\Programme\MyWebSearch\bar\1.bin\F3HTMLMU.DLL infected by "not-a-virus:AdWare.ToolBar.MyWebSearch" Virus. Action Taken: No Action Taken.
Sat May 14 19:03:51 2005 => File C:\Programme\MyWebSearch\bar\1.bin\F3SCHMON.EXE infected by "not-a-virus:AdWare.ToolBar.MyWebSearch" Virus. Action Taken: No Action Taken.
at May 14 19:03:51 2005 => Scanning File C:\Programme\MyWebSearch\bar\1.bin\F3SCRCTR.DLL
Sat May 14 19:03:51 2005 => File C:\Programme\MyWebSearch\bar\1.bin\F3SCRCTR.DLL infected by "not-a-virus:AdWare.ToolBar.MyWebSearch" Virus. Action Taken: No Action Taken.
Sat May 14 19:03:51 2005 => File C:\Programme\MyWebSearch\bar\1.bin\MWSBAR.DLL infected by "not-a-virus:AdWare.ToolBar.MyWebSearch" Virus. Action Taken: No Action Taken.
Sat May 14 19:03:51 2005 => Scanning File C:\Programme\MyWebSearch\bar\1.bin\MWSOEPLG.DLL
Sat May 14 19:03:51 2005 => File C:\Programme\MyWebSearch\bar\1.bin\MWSOEPLG.DLL infected by "not-a-virus:AdWare.ToolBar.MyWebSearch" Virus. Action Taken: No Action Taken.
Sat May 14 19:03:52 2005 => File C:\Programme\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL infected by "not-a-virus:AdWare.ToolBar.MyWebSearch" Virus. Action Taken: No Action Taken.
Sat May 14 20:02:14 2005 => File C:\System Volume Information\_restore{D93FF896-00B8-44C3-84C8-3CC3523157C0}\RP369\A0060806.exe infected by "Trojan-Clicker.Win32.Agent.as" Virus. Action Taken: No Action Taken.
Sat May 14 20:03:31 2005 => Scanning File C:\System Volume Information\_restore{D93FF896-00B8-44C3-84C8-3CC3523157C0}\RP380\A0062623.exe
Sat May 14 20:03:32 2005 => File C:\System Volume Information\_restore{D93FF896-00B8-44C3-84C8-3CC3523157C0}\RP380\A0062623.exe infected by "not-a-virus:Porn-Dialer.Win32.Intexdial" Virus. Action Taken: No Action Taken.
Sat May 14 20:10:57 2005 => File C:\WINDOWS\Downloaded Program Files\axload.dll infected by "Trojan.Win32.Dialer.ep" Virus. Action Taken: No Action Taken.
Sat May 14 20:24:53 2005 => File C:\WINDOWS\Manga-Sex[air-10025,1].exe infected by "not-a-virus:Porn-Dialer.Win32.Intexdial" Virus. Action Taken: No Action Taken.
Sat May 14 20:38:09 2005 => File C:\WINDOWS\Downloaded Program Files\pinLoader.dll infected by "Trojan-Downloader.Win32.Small.uu" Virus. Action Taken: No Action Taken.
Sat May 14 20:38:09 2005 => File C:\WINDOWS\Downloaded Program Files\pinLoader.dll infected by "Trojan-Downloader.Win32.Small.uu" Virus. Action Taken: No Action Taken.
Sat May 14 20:38:09 2005 => File C:\WINDOWS\Downloaded Program Files\pinLoader.dll infected by "Trojan-Downloader.Win32.Small.uu" Virus. Action Taken: No Action Taken.
--------------------------------
Grundlegendes Problem ist der PC selbst...hängt genrell (was bei dem Virenzoo kein Wunder sein sollte, Dateien werden umbenannt, die Laufbalken in Textprogrammen funktionieren nicht mehr...
Warum kostenlos registrieren?
Nur als registriertes Mitglied hast Du vollen Zugriff auf alle Funktionen unserer Website. So kannst Du eigene Fragen stellen und hast die volle Übersicht über neue interessante Themen im Forum.
Jetzt kostenlos registrieren.
Login
C:\Programme\MyWebSearch\bar\
6 Beiträge • Seite 1 von 1
C:\Programme\MyWebSearch\bar\
von Snafu am 14.05.2005, 21:22
Zuletzt geändert von Snafu am 16.05.2005, 00:11, insgesamt 1-mal geändert.
- Snafu
- Beiträge: 148
- Registriert: 25.01.2005, 16:12
- Wohnort: Leipzig
von Snafu am 15.05.2005, 17:00
Wäre nett, wenn jemand Hand anlegen könnte, auf dem PC dümpeln einige wichtige Daten... 
- Snafu
- Beiträge: 148
- Registriert: 25.01.2005, 16:12
- Wohnort: Leipzig
von Nikita am 16.05.2005, 12:41
Hallo@Snafu
#öffne das HijackThis-->> Button "scan" -->> Häkchen setzen -->> Button "Fix checked" -->> PC neustarten
O2 - BHO: (no name) - {00A6FAF1-072E-44cf-8957-5838F569A31D} - (no file)
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - (no file)
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\ycomp5_5_5_0.dll (file missing)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - (no file)
•KillBox
http://www.bleepingcomputer.com/files/killbox.php
Anleitung: (bebildert)
http://nikita.eddys-domain.de/killbox.html
•Delete File on Reboot <--anhaken
und klicke auf das rote Kreuz,
wenn gefragt wird, ob "Do you want to reboot? "----> klicke auf "no",und kopiere das naechste rein, erst beim letzten auf "yes"
C:\Dokumente und Einstellungen\Alf\Desktop\Neuer Ordner\backups\backup-20050514-181634-526.dll
C:\Dokumente und Einstellungen\Alf\Desktop\Neuer Ordner\backups\backup-20050514-181635-931.dll
C:\Dokumente und Einstellungen\Alf\Lokale Einstellungen\Temp\ICD1.tmp\pinLoader.dll
C:\Dokumente und Einstellungen\Alf\Lokale Einstellungen\Temp\iinstall.exe
C:\Programme\MyWebSearch\bar\1.bin\F3HISTSW.DLL
C:\Programme\MyWebSearch\bar\1.bin\F3HTMLMU.DLL
C:\Programme\MyWebSearch\bar\1.bin\F3SCHMON.EXE
C:\Programme\MyWebSearch\bar\1.bin\F3SCRCTR.DLL
C:\Programme\MyWebSearch\bar\1.bin\MWSBAR.DLL
C:\Programme\MyWebSearch\bar\1.bin\MWSOEPLG.DLL
C:\Programme\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
C:\WINDOWS\Downloaded Program Files\pinLoader.dll
C:\WINDOWS\Downloaded Program Files\axload.dll
C:\WINDOWS\Manga-Sex[air-10025,1].exe
PC neustarten
Deaktivieren Wiederherstellung
«XP
Arbeitsplatz-->rechtsklick, dann auf Eigenschaften--->Reiter
Systemwiederherstellung--->Häkchen setzen bei
Systemwiederherstellung auf allen Laufwerken deaktivieren.
(dann aktiviere sie wieder)
suche den Panda-Scan --> scannen+ berichten
http://nikita.eddys-domain.de/onlinescan.html
#öffne das HijackThis-->> Button "scan" -->> Häkchen setzen -->> Button "Fix checked" -->> PC neustarten
O2 - BHO: (no name) - {00A6FAF1-072E-44cf-8957-5838F569A31D} - (no file)
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - (no file)
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\ycomp5_5_5_0.dll (file missing)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - (no file)
•KillBox
http://www.bleepingcomputer.com/files/killbox.php
Anleitung: (bebildert)
http://nikita.eddys-domain.de/killbox.html
•Delete File on Reboot <--anhaken
und klicke auf das rote Kreuz,
wenn gefragt wird, ob "Do you want to reboot? "----> klicke auf "no",und kopiere das naechste rein, erst beim letzten auf "yes"
C:\Dokumente und Einstellungen\Alf\Desktop\Neuer Ordner\backups\backup-20050514-181634-526.dll
C:\Dokumente und Einstellungen\Alf\Desktop\Neuer Ordner\backups\backup-20050514-181635-931.dll
C:\Dokumente und Einstellungen\Alf\Lokale Einstellungen\Temp\ICD1.tmp\pinLoader.dll
C:\Dokumente und Einstellungen\Alf\Lokale Einstellungen\Temp\iinstall.exe
C:\Programme\MyWebSearch\bar\1.bin\F3HISTSW.DLL
C:\Programme\MyWebSearch\bar\1.bin\F3HTMLMU.DLL
C:\Programme\MyWebSearch\bar\1.bin\F3SCHMON.EXE
C:\Programme\MyWebSearch\bar\1.bin\F3SCRCTR.DLL
C:\Programme\MyWebSearch\bar\1.bin\MWSBAR.DLL
C:\Programme\MyWebSearch\bar\1.bin\MWSOEPLG.DLL
C:\Programme\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
C:\WINDOWS\Downloaded Program Files\pinLoader.dll
C:\WINDOWS\Downloaded Program Files\axload.dll
C:\WINDOWS\Manga-Sex[air-10025,1].exe
PC neustarten
Deaktivieren Wiederherstellung
«XP
Arbeitsplatz-->rechtsklick, dann auf Eigenschaften--->Reiter
Systemwiederherstellung--->Häkchen setzen bei
Systemwiederherstellung auf allen Laufwerken deaktivieren.
(dann aktiviere sie wieder)
suche den Panda-Scan --> scannen+ berichten
http://nikita.eddys-domain.de/onlinescan.html
- Nikita
- Moderator
- Beiträge: 11478
- Registriert: 07.12.2003, 16:53
- Wohnort: Lissabon
von Snafu am 19.05.2005, 21:25
Danke erstmal, ich werd mich morgen darum kümmern, denn mitlerweile fährt der PC auch nicht mehr hoch... (genaue Infos, wenn ich selbst wieder dran gesessen hab). 
- Snafu
- Beiträge: 148
- Registriert: 25.01.2005, 16:12
- Wohnort: Leipzig
von Snafu am 09.06.2005, 16:53
So, lang lang ists her..
S.O. - alles gemacht,
der Bericht vom PandaScan und ein neues HuijackthisLofile:
PANDA
Incident Status Location
Spyware:Spyware/ISTbar No disinfected Windows Registry
Adware:Adware/MyWebSearch No disinfected C:\Programme\MyWebSearch
Adware:Adware/MyWebSearch No disinfected C:\!Submit\MWSSRCAS.DLL
Adware:Adware/FunWeb No disinfected C:\Dokumente und Einstellungen\Alf\Desktop\Neuer Ordner\backups\backup-20050514-181633-844.inf
Hijackthis Logfile:
Logfile of HijackThis v1.99.1
Scan saved at 16:52:10, on 09.06.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\eTrust Antivirus\ISafe.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Programme\Schönherr Personal Firewall\driver\spfirewallsvc.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\Elaborate Bytes\CloneCD\CloneCDTray.exe
C:\Programme\Browser mouse\1.3\mouse32a.exe
C:\eTrust Antivirus\VetMsg.exe
C:\ahead\InCD\InCD.exe
C:\programme\schönherr personal firewall\bin\sppfw.exe
C:\D-Tools\daemon.exe
C:\eTrust Antivirus\CAVTray.exe
C:\eTrust Antivirus\CAVRID.exe
C:\Programme\Messenger\msmsgs.exe
C:\802.11 Wireless LAN\802.11b Wireless CardBus & PCI Adapter HW.11 V1.10\WlanCU.exe
C:\WINDOWS\System32\alg.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Dokumente und Einstellungen\Alf\Desktop\Neuer Ordner\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customi ... ch/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customi ... .yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.giga.de/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customi ... .yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.ulead.com.tw/uleadAp/Push/do ... YPE=320102
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\apps\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Programme\Gemeinsame Dateien\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar2.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Programme\Gemeinsame Dateien\Symantec Shared\AdBlocking\NISShExt.dll
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [CloneCDTray] "C:\Elaborate Bytes\CloneCD\CloneCDTray.exe"
O4 - HKLM\..\Run: [FLMMEDIONMOUSE] C:\Programme\Browser mouse\1.3\mouse32a.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [IS CfgWiz] C:\Programme\Gemeinsame Dateien\Symantec Shared\cfgwiz.exe /GUID NIS /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [Securepoint Personal Firewall] c:\programme\schönherr personal firewall\bin\sppfw.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [CaAvTray] "C:\eTrust Antivirus\CAVTray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\eTrust Antivirus\CAVRID.exe"
O4 - HKCU\..\Run: [Update Service] C:\PROGRA~1\GEMEIN~1\TEKNUM~1\update.exe /startup
O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Steam] C:\Spiele + Demos\Half Life 2 Demo\Steam.exe -silent
O4 - Global Startup: InterVideo WinCinema Manager.lnk = ?
O4 - Global Startup: Wireless Configuration Utility.lnk = C:\802.11 Wireless LAN\802.11b Wireless CardBus & PCI Adapter HW.11 V1.10\WlanCU.exe
O8 - Extra context menu item: &Google Search - res://c:\programme\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Im Cache gespeicherte Seite - res://c:\programme\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Verweisseiten - res://c:\programme\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Ähnliche Seiten - res://c:\programme\google\GoogleToolbar2.dll/cmsimilar.html
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0F755549-6768-4609-B7A4-88A68ED90D46}: NameServer = 194.25.2.129,194.25.2.130
O17 - HKLM\System\CCS\Services\Tcpip\..\{7655D87C-83B3-468F-ADC2-3380258FB0A7}: NameServer = 192.168.122.252,192.168.122.253
O17 - HKLM\System\CS1\Services\Tcpip\..\{0F755549-6768-4609-B7A4-88A68ED90D46}: NameServer = 194.25.2.129,194.25.2.130
O17 - HKLM\System\CS2\Services\Tcpip\..\{0F755549-6768-4609-B7A4-88A68ED90D46}: NameServer = 194.25.2.129,194.25.2.130
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\eTrust Antivirus\ISafe.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccProxy.exe
O23 - Service: AVM FRITZ!web Routing Service (de_serv) - AVM Berlin - C:\Programme\Gemeinsame Dateien\AVM\de_serv.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Securepoint Personal Firewall (spfirewallsvc) - Securepoint Latinoamerica S.A. de C.V. - C:\Programme\Schönherr Personal Firewall\driver\spfirewallsvc.exe
O23 - Service: TSMService - T-Systems Nova, Berkom - C:\Programme\T-DSL SpeedManager\tsmsvc.exe
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\eTrust Antivirus\VetMsg.exe
S.O. - alles gemacht,
der Bericht vom PandaScan und ein neues HuijackthisLofile:
PANDA
Incident Status Location
Spyware:Spyware/ISTbar No disinfected Windows Registry
Adware:Adware/MyWebSearch No disinfected C:\Programme\MyWebSearch
Adware:Adware/MyWebSearch No disinfected C:\!Submit\MWSSRCAS.DLL
Adware:Adware/FunWeb No disinfected C:\Dokumente und Einstellungen\Alf\Desktop\Neuer Ordner\backups\backup-20050514-181633-844.inf
Hijackthis Logfile:
Logfile of HijackThis v1.99.1
Scan saved at 16:52:10, on 09.06.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\eTrust Antivirus\ISafe.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Programme\Schönherr Personal Firewall\driver\spfirewallsvc.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\Elaborate Bytes\CloneCD\CloneCDTray.exe
C:\Programme\Browser mouse\1.3\mouse32a.exe
C:\eTrust Antivirus\VetMsg.exe
C:\ahead\InCD\InCD.exe
C:\programme\schönherr personal firewall\bin\sppfw.exe
C:\D-Tools\daemon.exe
C:\eTrust Antivirus\CAVTray.exe
C:\eTrust Antivirus\CAVRID.exe
C:\Programme\Messenger\msmsgs.exe
C:\802.11 Wireless LAN\802.11b Wireless CardBus & PCI Adapter HW.11 V1.10\WlanCU.exe
C:\WINDOWS\System32\alg.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Dokumente und Einstellungen\Alf\Desktop\Neuer Ordner\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customi ... ch/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customi ... .yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.giga.de/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customi ... .yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.ulead.com.tw/uleadAp/Push/do ... YPE=320102
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\apps\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Programme\Gemeinsame Dateien\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar2.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Programme\Gemeinsame Dateien\Symantec Shared\AdBlocking\NISShExt.dll
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [CloneCDTray] "C:\Elaborate Bytes\CloneCD\CloneCDTray.exe"
O4 - HKLM\..\Run: [FLMMEDIONMOUSE] C:\Programme\Browser mouse\1.3\mouse32a.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [IS CfgWiz] C:\Programme\Gemeinsame Dateien\Symantec Shared\cfgwiz.exe /GUID NIS /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [Securepoint Personal Firewall] c:\programme\schönherr personal firewall\bin\sppfw.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [CaAvTray] "C:\eTrust Antivirus\CAVTray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\eTrust Antivirus\CAVRID.exe"
O4 - HKCU\..\Run: [Update Service] C:\PROGRA~1\GEMEIN~1\TEKNUM~1\update.exe /startup
O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Steam] C:\Spiele + Demos\Half Life 2 Demo\Steam.exe -silent
O4 - Global Startup: InterVideo WinCinema Manager.lnk = ?
O4 - Global Startup: Wireless Configuration Utility.lnk = C:\802.11 Wireless LAN\802.11b Wireless CardBus & PCI Adapter HW.11 V1.10\WlanCU.exe
O8 - Extra context menu item: &Google Search - res://c:\programme\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Im Cache gespeicherte Seite - res://c:\programme\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Verweisseiten - res://c:\programme\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Ähnliche Seiten - res://c:\programme\google\GoogleToolbar2.dll/cmsimilar.html
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0F755549-6768-4609-B7A4-88A68ED90D46}: NameServer = 194.25.2.129,194.25.2.130
O17 - HKLM\System\CCS\Services\Tcpip\..\{7655D87C-83B3-468F-ADC2-3380258FB0A7}: NameServer = 192.168.122.252,192.168.122.253
O17 - HKLM\System\CS1\Services\Tcpip\..\{0F755549-6768-4609-B7A4-88A68ED90D46}: NameServer = 194.25.2.129,194.25.2.130
O17 - HKLM\System\CS2\Services\Tcpip\..\{0F755549-6768-4609-B7A4-88A68ED90D46}: NameServer = 194.25.2.129,194.25.2.130
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\eTrust Antivirus\ISafe.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccProxy.exe
O23 - Service: AVM FRITZ!web Routing Service (de_serv) - AVM Berlin - C:\Programme\Gemeinsame Dateien\AVM\de_serv.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Securepoint Personal Firewall (spfirewallsvc) - Securepoint Latinoamerica S.A. de C.V. - C:\Programme\Schönherr Personal Firewall\driver\spfirewallsvc.exe
O23 - Service: TSMService - T-Systems Nova, Berkom - C:\Programme\T-DSL SpeedManager\tsmsvc.exe
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\eTrust Antivirus\VetMsg.exe
- Snafu
- Beiträge: 148
- Registriert: 25.01.2005, 16:12
- Wohnort: Leipzig
6 Beiträge • Seite 1 von 1
Ähnliche Themen
| Tuning Programme und ihre Folgen Forum: Tuning, Modding, PC-Gallerie Autor: olli89 Antworten: |
Programme weg, Norton funzt nicht, Windows neu installieren? Forum: Software-Hilfe Autor: hobbygrtner Antworten: |
Programme übernehmen Forum: Software-Hilfe Autor: Paris Antworten: |
Programme lassen sich nicht mehr starten Forum: Software-Hilfe Autor: PhilFalk Antworten: |
"Kontroll"programme im Allgemeinen Forum: Software-Hilfe Autor: lissi Antworten: |
Zurück zu Online- und PC-Sicherheit
Wer ist online?
Mitglieder in diesem Forum: Google [Bot] und 0 Gäste