RECHNER 1

Logfile of HijackThis v1.99.1
Scan saved at 17:58:49, on 24.11.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Programme\AVPersonal\AVGNT.EXE
C:\Programme\GigaByte\VGA Utility Manager\G-VGA.exe
C:\Programme\Java\jre1.5.0_04\bin\jusched.exe
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programme\MessengerPlus! 3\MsgPlus.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\ALURIA~1\AL_ADS~1.EXE
C:\PROGRAMME\AVPERSONAL\AVGUARD.EXE
C:\Programme\AVPersonal\AVWUPSRV.EXE
C:\Programme\Gemeinsame Dateien\Command Software\dvpapi.exe
C:\WINDOWS\SYSTEM32\GEARSEC.EXE
C:\PROGRA~1\ALURIA~1\AluriaMsgSrv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe
C:\Programme\ICQLite\ICQLite.exe
C:\Dokumente und Einstellungen\Hagi HagiMe\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nierlein.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [AVGCtrl] "C:\Programme\AVPersonal\AVGNT.EXE" /min
O4 - HKLM\..\Run: [NVRTCLK] C:\WINDOWS\system32\NVRTCLK\NVRTClk.exe
O4 - HKLM\..\Run: [VGAUtil] C:\Programme\GigaByte\VGA Utility Manager\G-VGA.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Programme\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -trayboot
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe LM Service - Unknown owner - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AL_ADSService - Aluria Software, LLC - C:\PROGRA~1\ALURIA~1\AL_ADS~1.EXE
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\PROGRAMME\AVPERSONAL\AVGUARD.EXE
O23 - Service: Aluria Security Center Spyware Eliminator Service (ASCService) - Unknown owner - C:\PROGRA~1\ALURIA~1\ascserv.exe
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Programme\AVPersonal\AVWUPSRV.EXE
O23 - Service: DvpApi (dvpapi) - Command Software Systems, Inc. - C:\Programme\Gemeinsame Dateien\Command Software\dvpapi.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\SYSTEM32\GEARSEC.EXE
O23 - Service: Aluria Message Service (MsgSrvService) - Aluria Software, LLC. - C:\PROGRA~1\ALURIA~1\AluriaMsgSrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Programme\TuneUp Utilities 2006\WinStylerThemeSvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe


Ist alles OK ? hab zurzeit bisschen probs mit meinem beiden Rechnern hier kommt Rechner 2


Rechner 2

Logfile of HijackThis v1.99.1
Scan saved at 18:01:23, on 24.11.2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\TuneUp Utilities 2006\WinStylerThemeSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRAMME\AVPERSONAL\AVGUARD.EXE
C:\Programme\AVPersonal\AVWUPSRV.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Programme\Spyware Doctor\sdhelp.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\RunDll32.exe
C:\Programme\Java\jre1.5.0_04\bin\jusched.exe
C:\windows\system32\wiaadmgr.exe
C:\Programme\AVPersonal\AVGNT.EXE
C:\Programme\DAEMON Tools\daemon.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Programme\Spyware Doctor\swdoctor.exe
C:\Programme\ArcorOnline\Arcor.exe
C:\Programme\ICQLite\ICQLite.exe
C:\Dokumente und Einstellungen\Björn\Eigene Dateien\ICQ Lite\332864313\Hagi_296498924\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.arcor.de
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.arcor.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.arcor.de
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.arcor.de
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.arcor.de
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Arcor AG & Co. KG
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll
O2 - BHO: MSEvents Object - {79A576C4-B7A9-47EC-B57C-2CE5CA6ECC6A} - C:\WINDOWS\System32\ddayy.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [MSPP System Update 64] C:\windows\system32\wiaadmgr.exe
O4 - HKLM\..\Run: [AVGCtrl] "C:\Programme\AVPersonal\AVGNT.EXE" /min
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\GEMEIN~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Programme\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Programme\Spyware Doctor\swdoctor.exe" /Q
O4 - HKCU\..\RunServices: [Compaq Service Drivers] ntsys32.exe
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -trayboot
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Programme\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: &Search - http://ku.bar.need2find.com/KU/menusearch.html?p=KU
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\MSMSGS.EXE
O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\PROGRAMME\AVPERSONAL\AVGUARD.EXE
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Programme\AVPersonal\AVWUPSRV.EXE
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: Local Security Authority Subsystem Service (lsass) - Unknown owner - C:\WINDOWS\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools - C:\Programme\Spyware Doctor\sdhelp.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe
O23 - Service: sysmgr64 - Unknown owner - C:\WINDOWS\sysmgr64.exe (file missing)
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Programme\TuneUp Utilities 2006\WinStylerThemeSvc.exe

Rechner 2

ServiceFilter.zip
http://virus-protect.net/artikel/tools/ ... Filter.zip
- entzippen
- scannen
- POST_THIS.TXT abkopieren

Registry Search Tool
http://www.billsway.com/vbspage/vbsfiles/RegSrch.zip
eventuelle Meldung vom Virenscanner --- > warnmeldung:bösartiges skript entdeckt --> ignorieren

Doppelklick:regsrch.vbs
reinkopieren:

sysmgr64

Press 'OK'

warten, bis die Suche beendet ist. (Ergebnis bitte posten)

wende cleanUp an
http://virus-protect.net/cleanup.html


kopiere die 4 textdateien
http://virus-protect.net/datfindbat.html

ok hab alles gemacht hier die ergebnisse :

Reagsearch :

REGEDIT4
; RegSrch.vbs © Bill James

; Registry search results for string "sysmgr64" 24.11.2005 18:32:49

; NOTE: This file will be deleted when you close WordPad.
; You must manually save this file to a new location if you want to refer to it again later.
; (If you save the file with a .reg extension, you can use it to restore any Registry changes you make to these values.)


[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SYSMGR64]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SYSMGR64\0000]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SYSMGR64\0000]
"Service"="sysmgr64"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SYSMGR64\0000]
"DeviceDesc"="sysmgr64"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sysmgr64]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sysmgr64]
"DisplayName"="sysmgr64"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sysmgr64\Security]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sysmgr64\Enum]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sysmgr64\Enum]
"0"="Root\\LEGACY_SYSMGR64\\0000"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SYSMGR64]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SYSMGR64\0000]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SYSMGR64\0000]
"Service"="sysmgr64"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SYSMGR64\0000]
"DeviceDesc"="sysmgr64"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sysmgr64]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sysmgr64]
"DisplayName"="sysmgr64"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sysmgr64\Security]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SYSMGR64]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SYSMGR64\0000]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SYSMGR64\0000]
"Service"="sysmgr64"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SYSMGR64\0000]
"DeviceDesc"="sysmgr64"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sysmgr64]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sysmgr64]
"DisplayName"="sysmgr64"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sysmgr64\Security]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sysmgr64\Enum]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sysmgr64\Enum]
"0"="Root\\LEGACY_SYSMGR64\\0000"

POST THIS :

The script did not recognize the services listed below.
This does not mean that they are a problem.

To copy the entire contents of this document for posting:
At the top of this window click "Edit" then "Select All"
Next click "Edit" again then "Copy"
Now right click in the forum post box then click "Paste"

########################################

ServiceFilter 1.1
by rand1038

Microsoft Windows XP Professional
Version: 5.1.2600 Service Pack 1
Nov 24, 2005 18:23:21


---> Begin Service Listing <---



Unknown Service # 4
Service Name: lsass
Display Name: Local Security Authority Subsystem Service
Start Mode: Auto
Start Name: LocalSystem
Description: Microsoft Path Finder Service Displays Internet Routing ...
Service Type: Own Process
Path: "c:\windows\lsass.exe"
State: Stopped
Process ID: 0
Started: Falsch
Exit Code: 0
Accept Pause: Falsch
Accept Stop: Falsch


Unknown Service # 8
Service Name: sysmgr64
Display Name: sysmgr64
Start Mode: Auto
Start Name: LocalSystem
Description: Windows 64bit System ...
Service Type: Own Process
Path: "c:\windows\sysmgr64.exe"
State: Stopped
Process ID: 0
Started: Falsch
Exit Code: 0
Accept Pause: Falsch
Accept Stop: Falsch



datfind :

Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: CC9E-82A3

Verzeichnis von C:\WINDOWS\system32

24.11.2005 18:34 605 yyadd.ini
24.11.2005 18:30 40.996 nvapps.xml
24.11.2005 18:30 236.550 guard.tmp
24.11.2005 16:25 236.550 oJkley.dll
24.11.2005 16:25 233.838 en8ml1l11.dll
24.11.2005 16:08 236.550 f8j2li1o18.dll
24.11.2005 13:29 237.140 k808lidu1808.dll
23.11.2005 15:24 2.206 wpa.dbl
23.11.2005 15:15 236.932 p48qlel51hq.dll
23.11.2005 15:15 235.348 n0l8la3u1d.dll
20.11.2005 19:13 234.644 irp6l57s1.dll
20.11.2005 15:26 234.644 gp00l3dm1.dll
20.11.2005 01:28 235.890 p68q0gl5e6q.dll
19.11.2005 15:39 235.890 nant4cpl.dll
18.11.2005 21:57 70 i
18.11.2005 15:48 235.405 dn6s01j7e.dll
18.11.2005 15:00 235.330 q6860glse6q60.dll
17.11.2005 22:24 236.099 irn4l55q1.dll
17.11.2005 17:58 236.472 m828lifu1828.dll
17.11.2005 00:36 236.217 u4rule991h.dll
16.11.2005 19:39 234.223 wsnmm.dll
16.11.2005 12:51 234.223 wkn87em.dll
16.11.2005 02:18 234.037 k426lefs1h26.dll
15.11.2005 15:15 235.524 kt84l7lq1.dll
14.11.2005 05:36 233.993 d2j0lc1m1f.dll
12.11.2005 23:03 235.787 s4rsle971h.dll
11.11.2005 21:55 233.993 bjowser.dll
11.11.2005 19:33 47.616 ntdat32.exe
11.11.2005 16:33 235.956 sbdpsrv.dll
11.11.2005 14:49 180.224 NVUNINST.EXE

11.11.2005 13:47 573.440 nvhwvid.dll
11.11.2005 13:47 311.296 nvwrsde.dll
11.11.2005 13:47 1.019.904 nvwimg.dll
11.11.2005 05:25 0 TFTP872
11.11.2005 05:19 236.726 mvjql9151.dll
11.11.2005 05:19 235.207 hr4605hse.dll
11.11.2005 03:39 20.480 wiaadmgr.exe
11.11.2005 03:34 234.253 dpdiagn.dll
11.11.2005 03:31 2.175.616 TUKernel.exe
11.11.2005 01:50 234.272 TrnLib20.dll
09.11.2005 20:29 393 ehhkj.ini
09.11.2005 14:36 544.788 jkhhe.dll
09.11.2005 14:36 544.788 ddayy.dll
07.11.2005 23:31 0 TFTP3704
07.11.2005 22:41 380.350 perfh009.dat

hatt ich nicht geschrieben, drei Monate reichen ???

und wo sind die anderen drei Logs ?

hast du schon formatiert???
Alle beide Rechner sind von Backdoors und anderem verseucht

nein ich hab noch keinen der beiden rechner formatiert.

Soll ich beider rechner Formatieren den der 1.Rechner geht eigentlich gut aber der 2. macht ganz schön faxen wie zb ständiger seitenaufbau mit dummer werbung !!!

du solltest beide so schnell als moeglich formatieren

http://www.informationsarchiv.net/foren ... 43645.html

Infos:
http://virus-protect.net/kompsystem.html
http://virus-protect.net/nachneuinst.html

===========================

ok hab den 1 rechner schonmal formatiert was soll ich raufmachen das das nicht mehr passiert.

hab winxp prof. sp2 drauf !

Ansonsten auch alle anderen Windowsupdates.

Dann kann ich nur Empfehlen:

Sygate als Firewall (testsieger Chip). Kostenlos

Antivir als Virenscanner ( www.free-av.de ) Kostenlos

PestPatrol als Spyware-Scanner ( www.microsoft.com ) 1 Jahr lang umsonst Updates.

=

Sehr gutes System.

Ansonsten hilft nur bewusstes Surfen, kein klicken auf mail-Anhänge und dergleichen. Kein programm kann dich vor deiner eigenen Dummheit schützen. (nicht auf dich bez. sondern eher allgemein gemeint )