Hallo!
Der Trojaner schikct sich selbver weiter
Ich brauche unbedingt Hilfe Mein Freund hatte nen Trojaner schon und er schickt automatisch einen spanischen Text mit einem Link ( ich glaub mit zip. am Ende getarnt)
Ich dachte mit nichts dabei und öffnete ihn........am Anfang kam ein weißes Bild und es passierte nix(ich glaub er wurde im hintergrund downgeloaded und instaliert)
ich schloss das Fenster ich ein paar sekunden später kam ein Fenster vm Kaspersky: Es wurde ein Trpjaner gefunden kann nicht gelöscht werden erlauben oder verbieten, ich drückte verbieten.
Aber es hat mich trotzdem erwischt, jetzt schcik ich den Trojaner an jedem weiter mit dem ich chatt, es ist soo nervig. Hab schon2 mal MSN neuinstaliert passiert auch nichts.
Hier ist eine Hijack.Thiss Datei:
Logfile of HijackThis v1.99.1
Scan saved at 14:19:36, on 18.02.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\mHotkey.exe
C:\WINDOWS\CNYHKey.exe
C:\WINDOWS\system32\CmUCReye.exe
C:\Programme\QuickTime\qttask.exe
C:\Programme\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\atwtusb.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\dllvirtual.exe
C:\Programme\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Programme\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\Programme\Skype\Phone\Skype.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Programme\Alwil Software\Avast4\ashServ.exe
C:\Programme\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Programme\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Programme\Home Cinema\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Programme\CyberLink\Shared Files\RichVideo.exe
C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe
C:\Programme\iPod\bin\iPodService.exe
C:\Programme\Skype\Plugin Manager\SkypePM.exe
C:\Programme\MSN Messenger\usnsvc.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\MSN Messenger\msnmsgr.exe
C:\Dokumente und Einstellungen\Kinder\Desktop\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.at/
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Programme\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Programme\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Programme\MyWebSearch\bar\1.bin\MWSBAR.DLL
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programme\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar2.dll
O3 - Toolbar: My &Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Programme\MyWebSearch\bar\1.bin\MWSBAR.DLL
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe
O4 - HKLM\..\Run: [CmUCRRun] C:\WINDOWS\system32\CmUCReye.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programme\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [atwtusb] atwtusb.exe beta
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Programme\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=0
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ ] C:\WINDOWS\system32\dllvirtual.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Programme\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [kis] "C:\Programme\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe"
O4 - HKCU\..\Run: [Skype] "C:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Programme\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredi ... jhtml?p=ZN
O8 - Extra context menu item: Easy-WebPrint - Drucken - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint - Schnelldruck - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint - Vorschau - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint - Zu Druckliste hinzufügen - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Hinzufügen zu Kaspersky Anti-Banner - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 6.0\\ie_banner_deny.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Web-Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra button: MedionShop - {A461BF3E-96B0-488F-9ACA-202335DDCC4B} - http://www.medionshop.de/ (file missing) (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://oesterreichmeineheimat.spaces.li ... nPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 8778405937
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b31267.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Programme\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Unknown owner - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" -r (file missing)
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Programme\Home Cinema\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programme\CyberLink\Shared Files\RichVideo.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
hoffentlich könnt ihr mir helfen!
Warum kostenlos registrieren?
Nur als registriertes Mitglied hast Du vollen Zugriff auf alle Funktionen unserer Website. So kannst Du eigene Fragen stellen und hast die volle Übersicht über neue interessante Themen im Forum.
Jetzt kostenlos registrieren.
Login
MSN Trojaner habe Log-File bitte anschaun!!
19 Beiträge • Seite 1 von 2 • 1, 2
von Ariczzz am 18.02.2007, 15:33
msn erstmal nicht mehr verwenden
C:\WINDOWS\system32\dllvirtual.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Programme\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Programme\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Programme\MyWebSearch\bar\1.bin\MWSBAR.DLL
O3 - Toolbar: My &Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Programme\MyWebSearch\bar\1.bin\MWSBAR.DLL
O4 - HKLM\..\Run: [ ] C:\WINDOWS\system32\dllvirtual.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredi ... jhtml?p=ZN
- mache den online-scan auf www.bitdefender.de und stelle den report hier rein.
- dann lade spybot und ad-aware und lasse beide scannen(download siehe
- signatur)
- Ariczzz
- Mitarbeiter
- Beiträge: 1622
- Registriert: 06.09.2006, 16:23
- Wohnort: Niederndodeleben
von d2k am 18.02.2007, 18:00
poste dieses log
http://virus-protect.org/artikel/tools/combofix.html
stelle den CleanUp genauso ein, wie hier angegeben:
http://virus-protect.org/cleanup.html
Kopiere diese 6 Textdateien ab . (rechtsklick mit der Maus -> den Text markieren -> kopieren -> einfügen) Sie sind nach Datum geordnet. (kopiere nur die letzten 3 Monate ab)
http://virus-protect.org/datfindbat.html
http://virus-protect.org/artikel/tools/combofix.html
stelle den CleanUp genauso ein, wie hier angegeben:
http://virus-protect.org/cleanup.html
Kopiere diese 6 Textdateien ab . (rechtsklick mit der Maus -> den Text markieren -> kopieren -> einfügen) Sie sind nach Datum geordnet. (kopiere nur die letzten 3 Monate ab)
http://virus-protect.org/datfindbat.html
- d2k
- Mitarbeiter
- Beiträge: 1398
- Registriert: 09.06.2006, 10:42
- Wohnort: 86316 Friedberg
defender-bit
von skrapid am 18.02.2007, 18:32
Hier ist der defnder-Bit report, nach 3 1/2 stundiger untersuchung hat er einen Virus gefunden.
Danke für eure Hilfe!!!!!!
BitDefender Online Scanner
Scan report generated at: Sun, Feb 18, 2007 - 17:29:15
Scan path: C:\;D:\;E:\;F:\;G:\;H:\;I:\;J:\;K:\;
Statistics
Time
02:06:35
Files
645772
Folders
7098
Boot Sectors
4
Archives
10351
Packed Files
61089
Results
Identified Viruses
1
Infected Files
3
Suspect Files
1
Warnings
0
Disinfected
0
Deleted Files
2
Engines Info
Virus Definitions
388724
Engine build
AVCORE v1.0 (build 2397) (i386) (Feb 8 2007 14:24:08)
Scan plugins
14
Archive plugins
38
Unpack plugins
6
E-mail plugins
6
System plugins
1
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
C:\Programme\MyWebSearch\bar\1.bin\F3SHLLVW.DLL
Detected with: Adware.Mywebsearch.G
C:\Programme\MyWebSearch\bar\1.bin\F3SHLLVW.DLL
Disinfection failed
C:\Programme\MyWebSearch\bar\1.bin\F3SHLLVW.DLL
Deleted
C:\Programme\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
Detected with: Adware.Mywebsearch.G
C:\Programme\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
Disinfection failed
C:\Programme\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
Delete failed
C:\System Volume Information\_restore{20EA187A-C68E-49AC-A1E6-FEF621E0E4FC}\RP149\A0199937.EXE
Clean
C:\System Volume Information\_restore{20EA187A-C68E-49AC-A1E6-FEF621E0E4FC}\RP149\A0199937.EXE=>wise0001
Clean
C:\System Volume Information\_restore{20EA187A-C68E-49AC-A1E6-FEF621E0E4FC}\RP149\A0199937.EXE=>wise0002
Clean
C:\System Volume Information\_restore{20EA187A-C68E-49AC-A1E6-FEF621E0E4FC}\RP149\A0199937.EXE=>wise0003
Clean
C:\System Volume Information\_restore{20EA187A-C68E-49AC-A1E6-FEF621E0E4FC}\RP149\A0199937.EXE=>wise0004
Clean
C:\System Volume Information\_restore{20EA187A-C68E-49AC-A1E6-FEF621E0E4FC}\RP149\A0199937.EXE=>wise0005
Clean
C:\System Volume Information\_restore{20EA187A-C68E-49AC-A1E6-FEF621E0E4FC}\RP149\A0199937.EXE=>wise0006
Clean
C:\System Volume Information\_restore{20EA187A-C68E-49AC-A1E6-FEF621E0E4FC}\RP149\A0199937.EXE=>wise0007
Clean
C:\System Volume Information\_restore{20EA187A-C68E-49AC-A1E6-FEF621E0E4FC}\RP149\A0199937.EXE=>wise0008
Clean
C:\System Volume Information\_restore{20EA187A-C68E-49AC-A1E6-FEF621E0E4FC}\RP149\A0199937.EXE=>wise0009
Clean
C:\System Volume Information\_restore{20EA187A-C68E-49AC-A1E6-FEF621E0E4FC}\RP149\A0199937.EXE=>wise0010
Clean
C:\System Volume Information\_restore{20EA187A-C68E-49AC-A1E6-FEF621E0E4FC}\RP149\A0199937.EXE=>wise0011
Clean
C:\System Volume Information\_restore{20EA187A-C68E-49AC-A1E6-FEF621E0E4FC}\RP149\A0199937.EXE=>wise0012
Clean
C:\System Volume Information\_restore{20EA187A-C68E-49AC-A1E6-FEF621E0E4FC}\RP149\A0199937.EXE=>wise0013
Clean
C:\System Volume Information\_restore{20EA187A-C68E-49AC-A1E6-FEF621E0E4FC}\RP149\A0199937.EXE=>wise0014
Clean
C:\System Volume Information\_restore{20EA187A-C68E-49AC-A1E6-FEF621E0E4FC}\RP149\A0199937.EXE=>wise0015
Clean
C:\System Volume Information\_restore{20EA187A-C68E-49AC-A1E6-FEF621E0E4FC}\RP149\A0199937.EXE=>wise0016
Clean
C:\System Volume Information\_restore{20EA187A-C68E-49AC-A1E6-FEF621E0E4FC}\RP149\A0199937.EXE=>wise0017
Clean
C:\System Volume Information\_restore{20EA187A-C68E-49AC-A1E6-FEF621E0E4FC}\RP149\A0199937.EXE=>wise0018
Clean
C:\System Volume Information\_restore{20EA187A-C68E-49AC-A1E6-FEF621E0E4FC}\RP149\A0199937.EXE=>wise0019
Clean
C:\System Volume Information\_restore{20EA187A-C68E-49AC-A1E6-FEF621E0E4FC}\RP149\A0199937.EXE=>wise0020
Clean
C:\System Volume Information\_restore{20EA187A-C68E-49AC-A1E6-FEF621E0E4FC}\RP149\A0199937.EXE=>wise0021
Clean
C:\System Volume Information\_restore{20EA187A-C68E-49AC-A1E6-FEF621E0E4FC}\RP149\A0199937.EXE=>wise0022
Clean
C:\System Volume Information\_restore{20EA187A-C68E-49AC-A1E6-FEF621E0E4FC}\RP149\A0199937.EXE=>wise0023
Clean
C:\System Volume Information\_restore{20EA187A-C68E-49AC-A1E6-FEF621E0E4FC}\RP149\A0199938.lnk
Clean
C:\System Volume Information\_restore{20EA187A-C68E-49AC-A1E6-FEF621E0E4FC}\RP170\A0205309.DLL
Detected with: Adware.Mywebsearch.G
C:\System Volume Information\_restore{20EA187A-C68E-49AC-A1E6-FEF621E0E4FC}\RP170\A0205309.DLL
Disinfection failed
C:\System Volume Information\_restore{20EA187A-C68E-49AC-A1E6-FEF621E0E4FC}\RP170\A0205309.DLL
Deleted
C:\WINDOWS\Driver Cache\i386\driver.cab=>colorq.ppd
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>compbatt.sys
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cpper241.ppd
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cppm15.gpd
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cppm20.gpd
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cppmq151.ppd
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cppmq201.ppd
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cppsnb10.ppd
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cppsx241.ppd
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cpqarray.sys
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cpqdap01.sys
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cpqndis5.sys
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cpqtrnd5.sys
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cpscan.dll
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq12alg4.out
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq12alg6.out
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq12cln4.out
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq12cln6.out
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq12fcic.dll
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq12icur.dll
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq12sdrv.gpd
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq12sdrv.ini
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq12spsz.gpd
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq12srdr.dll
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq12sres.dll
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq12sui.dll
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq30alg1.out
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq30alg3.out
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq30cln1.out
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq30cln3.out
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq30fcic.dll
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq30icur.dll
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq30sdrv.gpd
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq30sdrv.ini
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq30spsz.gpd
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq30srdr.dll
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq30sres.dll
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq30sui.dll
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq60alg1.out
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq60alg3.out
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq60alg4.out
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq60alg6.out
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq60cln4.out
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq60cln6.out
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq60fcic.dll
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq60icur.dll
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq60sdrv.gpd
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq60sdrv.ini
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq60spsz.gpd
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq60srdr.dll
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq60sres.dll
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq60sui.dll
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq70alg4.out
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq70alg6.out
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq70cln4.out
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq70cln6.out
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq70fcic.dll
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq70icur.dll
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq70sdrv.gpd
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq70sdrv.ini
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq70spsz.gpd
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq70srdr.dll
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq70sres.dll
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq70sui.dll
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq75alg4.out
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq75alg6.out
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq75cln4.out
Clean
C:\WINDOWS\system32\dllvirtual.exe
Suspected of: BehavesLike:Win32.SMTP-Mailer
C:\WINDOWS\system32\dllvirtual.exe
Disinfection failed
C:\WINDOWS\system32\dllvirtual.exe
Delete failed
Danke für eure Hilfe!!!!!!
BitDefender Online Scanner
Scan report generated at: Sun, Feb 18, 2007 - 17:29:15
Scan path: C:\;D:\;E:\;F:\;G:\;H:\;I:\;J:\;K:\;
Statistics
Time
02:06:35
Files
645772
Folders
7098
Boot Sectors
4
Archives
10351
Packed Files
61089
Results
Identified Viruses
1
Infected Files
3
Suspect Files
1
Warnings
0
Disinfected
0
Deleted Files
2
Engines Info
Virus Definitions
388724
Engine build
AVCORE v1.0 (build 2397) (i386) (Feb 8 2007 14:24:08)
Scan plugins
14
Archive plugins
38
Unpack plugins
6
E-mail plugins
6
System plugins
1
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
C:\Programme\MyWebSearch\bar\1.bin\F3SHLLVW.DLL
Detected with: Adware.Mywebsearch.G
C:\Programme\MyWebSearch\bar\1.bin\F3SHLLVW.DLL
Disinfection failed
C:\Programme\MyWebSearch\bar\1.bin\F3SHLLVW.DLL
Deleted
C:\Programme\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
Detected with: Adware.Mywebsearch.G
C:\Programme\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
Disinfection failed
C:\Programme\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
Delete failed
C:\System Volume Information\_restore{20EA187A-C68E-49AC-A1E6-FEF621E0E4FC}\RP149\A0199937.EXE
Clean
C:\System Volume Information\_restore{20EA187A-C68E-49AC-A1E6-FEF621E0E4FC}\RP149\A0199937.EXE=>wise0001
Clean
C:\System Volume Information\_restore{20EA187A-C68E-49AC-A1E6-FEF621E0E4FC}\RP149\A0199937.EXE=>wise0002
Clean
C:\System Volume Information\_restore{20EA187A-C68E-49AC-A1E6-FEF621E0E4FC}\RP149\A0199937.EXE=>wise0003
Clean
C:\System Volume Information\_restore{20EA187A-C68E-49AC-A1E6-FEF621E0E4FC}\RP149\A0199937.EXE=>wise0004
Clean
C:\System Volume Information\_restore{20EA187A-C68E-49AC-A1E6-FEF621E0E4FC}\RP149\A0199937.EXE=>wise0005
Clean
C:\System Volume Information\_restore{20EA187A-C68E-49AC-A1E6-FEF621E0E4FC}\RP149\A0199937.EXE=>wise0006
Clean
C:\System Volume Information\_restore{20EA187A-C68E-49AC-A1E6-FEF621E0E4FC}\RP149\A0199937.EXE=>wise0007
Clean
C:\System Volume Information\_restore{20EA187A-C68E-49AC-A1E6-FEF621E0E4FC}\RP149\A0199937.EXE=>wise0008
Clean
C:\System Volume Information\_restore{20EA187A-C68E-49AC-A1E6-FEF621E0E4FC}\RP149\A0199937.EXE=>wise0009
Clean
C:\System Volume Information\_restore{20EA187A-C68E-49AC-A1E6-FEF621E0E4FC}\RP149\A0199937.EXE=>wise0010
Clean
C:\System Volume Information\_restore{20EA187A-C68E-49AC-A1E6-FEF621E0E4FC}\RP149\A0199937.EXE=>wise0011
Clean
C:\System Volume Information\_restore{20EA187A-C68E-49AC-A1E6-FEF621E0E4FC}\RP149\A0199937.EXE=>wise0012
Clean
C:\System Volume Information\_restore{20EA187A-C68E-49AC-A1E6-FEF621E0E4FC}\RP149\A0199937.EXE=>wise0013
Clean
C:\System Volume Information\_restore{20EA187A-C68E-49AC-A1E6-FEF621E0E4FC}\RP149\A0199937.EXE=>wise0014
Clean
C:\System Volume Information\_restore{20EA187A-C68E-49AC-A1E6-FEF621E0E4FC}\RP149\A0199937.EXE=>wise0015
Clean
C:\System Volume Information\_restore{20EA187A-C68E-49AC-A1E6-FEF621E0E4FC}\RP149\A0199937.EXE=>wise0016
Clean
C:\System Volume Information\_restore{20EA187A-C68E-49AC-A1E6-FEF621E0E4FC}\RP149\A0199937.EXE=>wise0017
Clean
C:\System Volume Information\_restore{20EA187A-C68E-49AC-A1E6-FEF621E0E4FC}\RP149\A0199937.EXE=>wise0018
Clean
C:\System Volume Information\_restore{20EA187A-C68E-49AC-A1E6-FEF621E0E4FC}\RP149\A0199937.EXE=>wise0019
Clean
C:\System Volume Information\_restore{20EA187A-C68E-49AC-A1E6-FEF621E0E4FC}\RP149\A0199937.EXE=>wise0020
Clean
C:\System Volume Information\_restore{20EA187A-C68E-49AC-A1E6-FEF621E0E4FC}\RP149\A0199937.EXE=>wise0021
Clean
C:\System Volume Information\_restore{20EA187A-C68E-49AC-A1E6-FEF621E0E4FC}\RP149\A0199937.EXE=>wise0022
Clean
C:\System Volume Information\_restore{20EA187A-C68E-49AC-A1E6-FEF621E0E4FC}\RP149\A0199937.EXE=>wise0023
Clean
C:\System Volume Information\_restore{20EA187A-C68E-49AC-A1E6-FEF621E0E4FC}\RP149\A0199938.lnk
Clean
C:\System Volume Information\_restore{20EA187A-C68E-49AC-A1E6-FEF621E0E4FC}\RP170\A0205309.DLL
Detected with: Adware.Mywebsearch.G
C:\System Volume Information\_restore{20EA187A-C68E-49AC-A1E6-FEF621E0E4FC}\RP170\A0205309.DLL
Disinfection failed
C:\System Volume Information\_restore{20EA187A-C68E-49AC-A1E6-FEF621E0E4FC}\RP170\A0205309.DLL
Deleted
C:\WINDOWS\Driver Cache\i386\driver.cab=>colorq.ppd
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>compbatt.sys
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cpper241.ppd
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cppm15.gpd
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cppm20.gpd
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cppmq151.ppd
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cppmq201.ppd
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cppsnb10.ppd
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cppsx241.ppd
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cpqarray.sys
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cpqdap01.sys
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cpqndis5.sys
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cpqtrnd5.sys
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cpscan.dll
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq12alg4.out
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq12alg6.out
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq12cln4.out
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq12cln6.out
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq12fcic.dll
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq12icur.dll
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq12sdrv.gpd
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq12sdrv.ini
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq12spsz.gpd
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq12srdr.dll
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq12sres.dll
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq12sui.dll
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq30alg1.out
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq30alg3.out
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq30cln1.out
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq30cln3.out
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq30fcic.dll
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq30icur.dll
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq30sdrv.gpd
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq30sdrv.ini
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq30spsz.gpd
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq30srdr.dll
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq30sres.dll
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq30sui.dll
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq60alg1.out
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq60alg3.out
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq60alg4.out
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq60alg6.out
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq60cln4.out
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq60cln6.out
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq60fcic.dll
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq60icur.dll
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq60sdrv.gpd
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq60sdrv.ini
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq60spsz.gpd
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq60srdr.dll
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq60sres.dll
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq60sui.dll
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq70alg4.out
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq70alg6.out
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq70cln4.out
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq70cln6.out
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq70fcic.dll
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq70icur.dll
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq70sdrv.gpd
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq70sdrv.ini
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq70spsz.gpd
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq70srdr.dll
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq70sres.dll
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq70sui.dll
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq75alg4.out
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq75alg6.out
Clean
C:\WINDOWS\Driver Cache\i386\driver.cab=>cq75cln4.out
Clean
C:\WINDOWS\system32\dllvirtual.exe
Suspected of: BehavesLike:Win32.SMTP-Mailer
C:\WINDOWS\system32\dllvirtual.exe
Disinfection failed
C:\WINDOWS\system32\dllvirtual.exe
Delete failed
- skrapid
- Beiträge: 10
- Registriert: 18.02.2007, 15:08
von Ariczzz am 18.02.2007, 18:41
eine datei ist noch übrig..
lade dir avenger(siehe signatur) und kopiere rein
dann klicke die grüne ampel. das script wird jetzt ausgeführt und der pc neustarten. dann stelle hier den report rein,der nach dem hochfahren erscheint
lade dir avenger(siehe signatur) und kopiere rein
Files to delete:
C:\WINDOWS\system32\dllvirtual.exe
dann klicke die grüne ampel. das script wird jetzt ausgeführt und der pc neustarten. dann stelle hier den report rein,der nach dem hochfahren erscheint
- Ariczzz
- Mitarbeiter
- Beiträge: 1622
- Registriert: 06.09.2006, 16:23
- Wohnort: Niederndodeleben
von gipsy111 am 18.02.2007, 18:51
Also jetzt einmal langsam! Das bringt nichts, wenn 2 verschiedene Leute durcheinander an einem Fall arbeiten und keine Struktur haben. Das kann man schon machen, aber da muss man sich absprechen.
Also nocheinmal von vorne
@ skrapid
Anleitung + Download HijackTHis
Also nocheinmal von vorne
@ skrapid
Anleitung + Download HijackTHis
- gipsy111
- Moderator
- Beiträge: 1608
- Registriert: 26.12.2005, 18:02
- Wohnort: Baden - Württemberg
Ariczzz
von skrapid am 18.02.2007, 19:08
Ja ich weiß dass ich nur eins machen soll, ich mach daweil dass vom Ariczzzz und es scheint zu Helfen.
da ist deine gewünschte
Hijack This Log-datei:
Logfile of HijackThis v1.99.1
Scan saved at 18:14:07, on 18.02.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Programme\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Programme\Home Cinema\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Programme\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\mHotkey.exe
C:\WINDOWS\CNYHKey.exe
C:\WINDOWS\system32\CmUCReye.exe
C:\Programme\QuickTime\qttask.exe
C:\Programme\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\atwtusb.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\dllvirtual.exe
C:\Programme\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe
C:\Programme\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\Programme\Skype\Phone\Skype.exe
C:\Programme\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
C:\Programme\iPod\bin\iPodService.exe
C:\Programme\Skype\Plugin Manager\SkypePM.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Dokumente und Einstellungen\Kinder\Desktop\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.at/
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programme\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar2.dll
O3 - Toolbar: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe
O4 - HKLM\..\Run: [CmUCRRun] C:\WINDOWS\system32\CmUCReye.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programme\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [atwtusb] atwtusb.exe beta
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Programme\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=0
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ ] C:\WINDOWS\system32\dllvirtual.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Programme\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [kis] "C:\Programme\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe"
O4 - HKCU\..\Run: [Skype] "C:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Programme\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredi ... jhtml?p=ZN
O8 - Extra context menu item: Easy-WebPrint - Drucken - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint - Schnelldruck - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint - Vorschau - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint - Zu Druckliste hinzufügen - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Web-Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra button: MedionShop - {A461BF3E-96B0-488F-9ACA-202335DDCC4B} - http://www.medionshop.de/ (file missing) (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://oesterreichmeineheimat.spaces.li ... nPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resourc ... oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 8778405937
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b31267.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Programme\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Unknown owner - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" -r (file missing)
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Programme\Home Cinema\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programme\CyberLink\Shared Files\RichVideo.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
da ist deine gewünschte
Hijack This Log-datei:
Logfile of HijackThis v1.99.1
Scan saved at 18:14:07, on 18.02.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Programme\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Programme\Home Cinema\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Programme\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\mHotkey.exe
C:\WINDOWS\CNYHKey.exe
C:\WINDOWS\system32\CmUCReye.exe
C:\Programme\QuickTime\qttask.exe
C:\Programme\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\atwtusb.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\dllvirtual.exe
C:\Programme\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe
C:\Programme\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\Programme\Skype\Phone\Skype.exe
C:\Programme\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
C:\Programme\iPod\bin\iPodService.exe
C:\Programme\Skype\Plugin Manager\SkypePM.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Dokumente und Einstellungen\Kinder\Desktop\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.at/
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programme\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar2.dll
O3 - Toolbar: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe
O4 - HKLM\..\Run: [CmUCRRun] C:\WINDOWS\system32\CmUCReye.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programme\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [atwtusb] atwtusb.exe beta
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Programme\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=0
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ ] C:\WINDOWS\system32\dllvirtual.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Programme\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [kis] "C:\Programme\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe"
O4 - HKCU\..\Run: [Skype] "C:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Programme\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredi ... jhtml?p=ZN
O8 - Extra context menu item: Easy-WebPrint - Drucken - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint - Schnelldruck - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint - Vorschau - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint - Zu Druckliste hinzufügen - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Web-Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra button: MedionShop - {A461BF3E-96B0-488F-9ACA-202335DDCC4B} - http://www.medionshop.de/ (file missing) (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://oesterreichmeineheimat.spaces.li ... nPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resourc ... oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 8778405937
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b31267.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Programme\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Unknown owner - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" -r (file missing)
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Programme\Home Cinema\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programme\CyberLink\Shared Files\RichVideo.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
- skrapid
- Beiträge: 10
- Registriert: 18.02.2007, 15:08
von gipsy111 am 18.02.2007, 19:22
Also fangen wir mal an!!
Erster Schritt
Virustotal --> Datei immer einzeln überprüfen lassen
Den Pfad, der einzelnen Dateien, hier abkopieren --> in das weiße, leere Feld einfügen --> send drücken --> danach das Ergebnis abwarten (kann mehrere Minuten dauern) --> dieses Ergebnis abkopieren und hier posten
Erster Schritt
Virustotal --> Datei immer einzeln überprüfen lassen
Den Pfad, der einzelnen Dateien, hier abkopieren --> in das weiße, leere Feld einfügen --> send drücken --> danach das Ergebnis abwarten (kann mehrere Minuten dauern) --> dieses Ergebnis abkopieren und hier posten
C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE
C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE
- gipsy111
- Moderator
- Beiträge: 1608
- Registriert: 26.12.2005, 18:02
- Wohnort: Baden - Württemberg
Was soll ich jetzt machen?
von skrapid am 18.02.2007, 19:23
Hallo!
Jetzt hab ich den avenger auch schon gemacht hier die LOG-File:
Logfile of HijackThis v1.99.1
Scan saved at 18:28:14, on 18.02.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\mHotkey.exe
C:\WINDOWS\CNYHKey.exe
C:\WINDOWS\system32\CmUCReye.exe
C:\Programme\QuickTime\qttask.exe
C:\Programme\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\atwtusb.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\dllvirtual.exe
C:\Programme\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Programme\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\Programme\Skype\Phone\Skype.exe
C:\Programme\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
C:\Programme\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Programme\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Programme\Home Cinema\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Programme\CyberLink\Shared Files\RichVideo.exe
C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe
C:\Programme\iPod\bin\iPodService.exe
C:\Programme\Skype\Plugin Manager\SkypePM.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Dokumente und Einstellungen\Kinder\Desktop\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.at/
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programme\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar2.dll
O3 - Toolbar: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe
O4 - HKLM\..\Run: [CmUCRRun] C:\WINDOWS\system32\CmUCReye.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programme\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [atwtusb] atwtusb.exe beta
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Programme\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=0
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ ] C:\WINDOWS\system32\dllvirtual.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Programme\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [kis] "C:\Programme\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe"
O4 - HKCU\..\Run: [Skype] "C:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Programme\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredi ... jhtml?p=ZN
O8 - Extra context menu item: Easy-WebPrint - Drucken - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint - Schnelldruck - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint - Vorschau - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint - Zu Druckliste hinzufügen - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Web-Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra button: MedionShop - {A461BF3E-96B0-488F-9ACA-202335DDCC4B} - http://www.medionshop.de/ (file missing) (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://oesterreichmeineheimat.spaces.li ... nPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resourc ... oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 8778405937
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b31267.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Programme\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Unknown owner - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" -r (file missing)
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Programme\Home Cinema\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programme\CyberLink\Shared Files\RichVideo.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
Was soll ich jetzt machen oder bin ich fertig und soll den mesenger ausprobieren obs geht?
DANKE FÜR EURE RASCHE HILFE!!!!
Jetzt hab ich den avenger auch schon gemacht hier die LOG-File:
Logfile of HijackThis v1.99.1
Scan saved at 18:28:14, on 18.02.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\mHotkey.exe
C:\WINDOWS\CNYHKey.exe
C:\WINDOWS\system32\CmUCReye.exe
C:\Programme\QuickTime\qttask.exe
C:\Programme\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\atwtusb.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\dllvirtual.exe
C:\Programme\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Programme\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\Programme\Skype\Phone\Skype.exe
C:\Programme\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
C:\Programme\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Programme\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Programme\Home Cinema\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Programme\CyberLink\Shared Files\RichVideo.exe
C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe
C:\Programme\iPod\bin\iPodService.exe
C:\Programme\Skype\Plugin Manager\SkypePM.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Dokumente und Einstellungen\Kinder\Desktop\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.at/
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programme\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar2.dll
O3 - Toolbar: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe
O4 - HKLM\..\Run: [CmUCRRun] C:\WINDOWS\system32\CmUCReye.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programme\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [atwtusb] atwtusb.exe beta
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Programme\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=0
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ ] C:\WINDOWS\system32\dllvirtual.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Programme\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [kis] "C:\Programme\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe"
O4 - HKCU\..\Run: [Skype] "C:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Programme\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredi ... jhtml?p=ZN
O8 - Extra context menu item: Easy-WebPrint - Drucken - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint - Schnelldruck - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint - Vorschau - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint - Zu Druckliste hinzufügen - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Web-Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra button: MedionShop - {A461BF3E-96B0-488F-9ACA-202335DDCC4B} - http://www.medionshop.de/ (file missing) (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://oesterreichmeineheimat.spaces.li ... nPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resourc ... oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 8778405937
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b31267.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Programme\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Unknown owner - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" -r (file missing)
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Programme\Home Cinema\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programme\CyberLink\Shared Files\RichVideo.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
Was soll ich jetzt machen oder bin ich fertig und soll den mesenger ausprobieren obs geht?
DANKE FÜR EURE RASCHE HILFE!!!!
- skrapid
- Beiträge: 10
- Registriert: 18.02.2007, 15:08
von gipsy111 am 18.02.2007, 19:25
gipsy111 hat geschrieben:Also fangen wir mal an!!
Erster Schritt
Virustotal --> Datei immer einzeln überprüfen lassen
Den Pfad, der einzelnen Dateien, hier abkopieren --> in das weiße, leere Feld einfügen --> send drücken --> danach das Ergebnis abwarten (kann mehrere Minuten dauern) --> dieses Ergebnis abkopieren und hier postenC:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE
C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE
Bitte schön!!
- gipsy111
- Moderator
- Beiträge: 1608
- Registriert: 26.12.2005, 18:02
- Wohnort: Baden - Württemberg
Ok
von skrapid am 18.02.2007, 19:50
C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE
File "IMJPMIG.EXE" received on 02.18.2007 at 18:36:16 (CET) is being scanned by VirusTotal in this moment. Results will be shown as they're generated.
Antivirus Version Update Result
AntiVir 7.3.1.37 02.18.2007 no virus found
Authentium 4.93.8 02.16.2007 no virus found
Avast 4.7.936.0 02.18.2007 no virus found
AVG 386 02.18.2007 no virus found
BitDefender 7.2 02.18.2007 no virus found
CAT-QuickHeal 9.00 02.16.2007 no virus found
ClamAV devel-20060426 02.18.2007 no virus found
DrWeb 4.33 02.18.2007 no virus found
eSafe 7.0.14.0 02.18.2007 no virus found
eTrust-Vet 30.4.3410 02.18.2007 no virus found
Ewido 4.0 02.18.2007 no virus found
Fortinet 2.85.0.0 02.18.2007 no virus found
F-Prot 4.2.1.29 02.16.2007 no virus found
Aditional Information
File size: 208952 bytes
MD5: 7bbe4cf421aecc7f0226edd75f12079f
SHA1: d95e7ac036471c5e0386a06738605ce698bd78f1
C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe
Antivirus Version Update Result
AntiVir 7.3.1.37 02.18.2007 no virus found
Authentium 4.93.8 02.16.2007 no virus found
Avast 4.7.936.0 02.18.2007 no virus found
AVG 386 02.18.2007 no virus found
Aditional Information
File size: 59392 bytes
MD5: 1b17e09c1223f6d17336d2dd7a1af4f4
SHA1: 721dd499b30cc3643941eed4b449884bfc1777a5
:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE
Antivirus Version Update Result
AntiVir 7.3.1.37 02.18.2007 no virus found
Authentium 4.93.8 02.16.2007 no virus found
Avast 4.7.936.0 02.18.2007 no virus found
AVG 386 02.18.2007 no virus found
BitDefender 7.2 02.18.2007 no virus found
CAT-QuickHeal 9.00 02.16.2007 no virus found
ClamAV devel-20060426 02.18.2007 no virus found
DrWeb 4.33 02.18.2007 no virus found
eSafe 7.0.14.0 02.18.2007 no virus found
eTrust-Vet 30.4.3410 02.18.2007 no virus found
Ewido 4.0 02.18.2007 no virus found
Fortinet 2.85.0.0 02.18.2007 no virus found
F-Prot 4.2.1.29 02.16.2007 no virus found
F-Secure 6.70.13030.0 02.17.2007 no virus found
Ikarus T3.1.0.31 02.18.2007 no virus found
Kaspersky 4.0.2.24 02.18.2007 no virus found
McAfee 4965 02.16.2007 no virus found
Microsoft 1.2204 02.18.2007 no virus found
NOD32v2 2068 02.18.2007 no virus found
Norman 5.80.02 02.16.2007 no virus found
Panda 9.0.0.4 02.18.2007 no virus found
Prevx1 V2 02.18.2007 no virus found
Sophos 4.14.0 02.18.2007 no virus found
Sunbelt 2.2.907.0 02.17.2007 no virus found
Symantec 10 02.18.2007 no virus found
TheHacker 6.1.6.059 02.16.2007 no virus found
UNA 1.83 02.16.2007 no virus found
VBA32 3.11.2 02.17.2007 no virus found
VirusBuster 4.3.19:9 02.18.2007 no virus found
Aditional Information
File size: 59392 bytes
MD5: 1b17e09c1223f6d17336d2dd7a1af4f4
SHA1: 721dd499b30cc3643941eed4b449884bfc1777a5
VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware.
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE
Antivirus Version Update Result
AntiVir 7.3.1.37 02.18.2007 no virus found
Authentium 4.93.8 02.16.2007 no virus found
Avast 4.7.936.0 02.18.2007 no virus found
AVG 386 02.18.2007 no virus found
BitDefender 7.2 02.18.2007 no virus found
CAT-QuickHeal 9.00 02.16.2007 no virus found
ClamAV devel-20060426 02.18.2007 no virus found
File "IMJPMIG.EXE" received on 02.18.2007 at 18:36:16 (CET) is being scanned by VirusTotal in this moment. Results will be shown as they're generated.
Antivirus Version Update Result
AntiVir 7.3.1.37 02.18.2007 no virus found
Authentium 4.93.8 02.16.2007 no virus found
Avast 4.7.936.0 02.18.2007 no virus found
AVG 386 02.18.2007 no virus found
BitDefender 7.2 02.18.2007 no virus found
CAT-QuickHeal 9.00 02.16.2007 no virus found
ClamAV devel-20060426 02.18.2007 no virus found
DrWeb 4.33 02.18.2007 no virus found
eSafe 7.0.14.0 02.18.2007 no virus found
eTrust-Vet 30.4.3410 02.18.2007 no virus found
Ewido 4.0 02.18.2007 no virus found
Fortinet 2.85.0.0 02.18.2007 no virus found
F-Prot 4.2.1.29 02.16.2007 no virus found
Aditional Information
File size: 208952 bytes
MD5: 7bbe4cf421aecc7f0226edd75f12079f
SHA1: d95e7ac036471c5e0386a06738605ce698bd78f1
C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe
Antivirus Version Update Result
AntiVir 7.3.1.37 02.18.2007 no virus found
Authentium 4.93.8 02.16.2007 no virus found
Avast 4.7.936.0 02.18.2007 no virus found
AVG 386 02.18.2007 no virus found
Aditional Information
File size: 59392 bytes
MD5: 1b17e09c1223f6d17336d2dd7a1af4f4
SHA1: 721dd499b30cc3643941eed4b449884bfc1777a5
:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE
Antivirus Version Update Result
AntiVir 7.3.1.37 02.18.2007 no virus found
Authentium 4.93.8 02.16.2007 no virus found
Avast 4.7.936.0 02.18.2007 no virus found
AVG 386 02.18.2007 no virus found
BitDefender 7.2 02.18.2007 no virus found
CAT-QuickHeal 9.00 02.16.2007 no virus found
ClamAV devel-20060426 02.18.2007 no virus found
DrWeb 4.33 02.18.2007 no virus found
eSafe 7.0.14.0 02.18.2007 no virus found
eTrust-Vet 30.4.3410 02.18.2007 no virus found
Ewido 4.0 02.18.2007 no virus found
Fortinet 2.85.0.0 02.18.2007 no virus found
F-Prot 4.2.1.29 02.16.2007 no virus found
F-Secure 6.70.13030.0 02.17.2007 no virus found
Ikarus T3.1.0.31 02.18.2007 no virus found
Kaspersky 4.0.2.24 02.18.2007 no virus found
McAfee 4965 02.16.2007 no virus found
Microsoft 1.2204 02.18.2007 no virus found
NOD32v2 2068 02.18.2007 no virus found
Norman 5.80.02 02.16.2007 no virus found
Panda 9.0.0.4 02.18.2007 no virus found
Prevx1 V2 02.18.2007 no virus found
Sophos 4.14.0 02.18.2007 no virus found
Sunbelt 2.2.907.0 02.17.2007 no virus found
Symantec 10 02.18.2007 no virus found
TheHacker 6.1.6.059 02.16.2007 no virus found
UNA 1.83 02.16.2007 no virus found
VBA32 3.11.2 02.17.2007 no virus found
VirusBuster 4.3.19:9 02.18.2007 no virus found
Aditional Information
File size: 59392 bytes
MD5: 1b17e09c1223f6d17336d2dd7a1af4f4
SHA1: 721dd499b30cc3643941eed4b449884bfc1777a5
VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware.
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE
Antivirus Version Update Result
AntiVir 7.3.1.37 02.18.2007 no virus found
Authentium 4.93.8 02.16.2007 no virus found
Avast 4.7.936.0 02.18.2007 no virus found
AVG 386 02.18.2007 no virus found
BitDefender 7.2 02.18.2007 no virus found
CAT-QuickHeal 9.00 02.16.2007 no virus found
ClamAV devel-20060426 02.18.2007 no virus found
- skrapid
- Beiträge: 10
- Registriert: 18.02.2007, 15:08
von gipsy111 am 18.02.2007, 19:54
Allles klar!
Jetzt noch ein Schritt bis zur richtigen Reinigung!!
Den folgenden Text in den Editor (Start - Zubehör - Editor) kopieren und als listen.bat mit 'Speichern unter' auf dem Desktop. Gebe bei Dateityp 'Alle Dateien' an. Du solltest jetzt auf dem Desktop diese Datei finden. --> die listen.bat doppelt klicken--> kopiere den Text, der erscheint und poste den bitte.
Jetzt noch ein Schritt bis zur richtigen Reinigung!!
Den folgenden Text in den Editor (Start - Zubehör - Editor) kopieren und als listen.bat mit 'Speichern unter' auf dem Desktop. Gebe bei Dateityp 'Alle Dateien' an. Du solltest jetzt auf dem Desktop diese Datei finden. --> die listen.bat doppelt klicken--> kopiere den Text, der erscheint und poste den bitte.
cd\
dir "C:\Dokumente und Einstellungen\%UserName%\Anwendungsdaten" >>files.txt
dir "C:\Dokumente und Einstellungen\All User\Anwendungsdaten" >>files.txt
dir "C:\Programme" >>files.txt
dir "C:\WINDOWS\Temp" >>files.txt
dir "C:\Program Files" >>files.txt
notepad files.txt
- gipsy111
- Moderator
- Beiträge: 1608
- Registriert: 26.12.2005, 18:02
- Wohnort: Baden - Württemberg
Hallo?!
von skrapid am 18.02.2007, 21:34
Hallo!
Ich öffne ein den Editor und schreibe listen.bat rein, dann speichere ich es unter dem Namen listen.bat am Desktop. Wenn ich es mit doppelklick öffne kommt:
ein C\Windows\system32\cmd\exe steht oben am "Rahme"
dann kommt: c:\ Kokumente und Einstellungen\User\Desktop>listen.bat.
Es schaut so aus als es immer mehrere kommen würden.
Ist das Richtig?
Ich öffne ein den Editor und schreibe listen.bat rein, dann speichere ich es unter dem Namen listen.bat am Desktop. Wenn ich es mit doppelklick öffne kommt:
ein C\Windows\system32\cmd\exe steht oben am "Rahme"
dann kommt: c:\ Kokumente und Einstellungen\User\Desktop>listen.bat.
Es schaut so aus als es immer mehrere kommen würden.
Ist das Richtig?
- skrapid
- Beiträge: 10
- Registriert: 18.02.2007, 15:08
von gipsy111 am 18.02.2007, 21:38
Nein!!
Du öffnest den Editor
Start --> Programme --> Zubehör --> Editor
In weißen Textfeld kopierst du diesen Text hinein
Danach gehst du auf Datei --> Speicher unter
Dateiname : listen.bat
Datentypen : Alle Dateien
Speichern.
Danach führst du durch Doppelklick die listen.bat aus. Dann erscheint ein Text und diesen kopierst du heraus und fügst es hier hinein!!
Alles klar!!
Du öffnest den Editor
Start --> Programme --> Zubehör --> Editor
In weißen Textfeld kopierst du diesen Text hinein
cd\
dir "C:\Dokumente und Einstellungen\%UserName%\Anwendungsdaten" >>files.txt
dir "C:\Dokumente und Einstellungen\All User\Anwendungsdaten" >>files.txt
dir "C:\Programme" >>files.txt
dir "C:\WINDOWS\Temp" >>files.txt
dir "C:\Program Files" >>files.txt
notepad files.txt
Danach gehst du auf Datei --> Speicher unter
Dateiname : listen.bat
Datentypen : Alle Dateien
Speichern.
Danach führst du durch Doppelklick die listen.bat aus. Dann erscheint ein Text und diesen kopierst du heraus und fügst es hier hinein!!
Alles klar!!
- gipsy111
- Moderator
- Beiträge: 1608
- Registriert: 26.12.2005, 18:02
- Wohnort: Baden - Württemberg
Aso sry! :D
von skrapid am 18.02.2007, 21:53
Datentr„ger in Laufwerk C: ist BOOT
Volumeseriennummer: F845-9504
Verzeichnis von C:\Dokumente und Einstellungen\Kinder\Anwendungsdaten
09.10.2005 11:49 <DIR> Adobe
03.09.2006 18:37 <DIR> AdobeUM
11.08.2006 22:21 <DIR> Ahead
11.10.2006 15:49 <DIR> Apple Computer
03.12.2006 19:22 <DIR> Autodesk
29.10.2005 13:47 <DIR> CyberLink
15.02.2007 20:01 <DIR> DivX
05.10.2006 16:02 83.912 GDIPFONTCACHEV1.DAT
18.09.2006 10:58 <DIR> Google
16.10.2006 15:12 <DIR> Help
08.10.2005 21:58 <DIR> Identities
09.12.2006 12:11 <DIR> InstallShield
18.02.2007 17:51 <DIR> Lavasoft
09.10.2005 10:21 <DIR> Macromedia
02.12.2006 10:17 <DIR> Microsoft Web Folders
09.02.2007 16:59 <DIR> Mozilla
09.10.2005 10:26 <DIR> Real
18.02.2007 20:54 <DIR> Skype
28.08.2006 15:03 <DIR> Sun
14.10.2080 19:59 <DIR> Symantec
18.02.2007 15:15 <DIR> temp
18.02.2007 16:49 3.052 wklnhst.dat
14.10.1980 19:47 <DIR> Xfire
09.10.2005 11:28 <DIR> You've Got Pictures Screensaver
2 Datei(en) 86.964 Bytes
22 Verzeichnis(se), 147.916.783.616 Bytes frei
Datentr„ger in Laufwerk C: ist BOOT
Volumeseriennummer: F845-9504
Verzeichnis von C:\Programme
18.02.2007 17:53 <DIR> .
18.02.2007 17:53 <DIR> ..
09.10.2005 11:43 <DIR> Adobe
12.10.2005 07:39 <DIR> Ahead
18.02.2007 02:55 <DIR> Alwil Software
11.10.2006 15:48 <DIR> Apple Software Update
03.12.2006 19:17 <DIR> Autodesk
16.08.2006 10:26 <DIR> BrickTower
16.11.2006 18:16 <DIR> Bridge Builder
08.10.2005 14:40 <DIR> C-Media USB2.0 Card Reader
09.08.2006 18:52 <DIR> CA
20.12.2006 18:16 <DIR> Canon
03.09.2006 19:53 <DIR> CCleaner
22.10.2005 13:19 <DIR> Common Files
22.10.2006 16:32 <DIR> COMPANY_NAME
31.10.2005 18:58 <DIR> CyberLink
05.01.2007 15:07 <DIR> Daemon Manager
15.08.2006 22:39 <DIR> DAEMON Tools
16.08.2006 19:03 <DIR> Der Trainer 2006
08.11.2006 19:57 <DIR> Destination Mahjongg
10.08.2006 16:45 <DIR> directx
15.02.2007 20:00 <DIR> DivX
02.02.2007 20:20 <DIR> EA GAMES
02.11.2006 14:26 <DIR> EA SPORTS
03.11.2006 12:10 <DIR> Electronic Arts
17.02.2007 16:36 <DIR> eMule
09.10.2005 13:33 <DIR> Encarta
04.12.2006 17:58 <DIR> FM07 Spielergenerator
01.02.2007 16:47 <DIR> GameSpy Arcade
13.12.2006 17:26 <DIR> Gemeinsame Dateien
31.01.2007 20:48 <DIR> Google
18.02.2007 03:47 <DIR> Grisoft
21.10.2006 10:43 <DIR> Ground Control II
28.08.2006 16:38 <DIR> Hasbro Interactive
08.10.2005 14:59 <DIR> HighMAT CD Writing Wizard
29.10.2005 13:27 <DIR> Home Cinema
10.08.2006 16:45 <DIR> Intel
17.02.2007 16:18 <DIR> Internet Explorer
11.10.2006 15:49 <DIR> iPod
11.10.2006 15:49 <DIR> iTunes
09.10.2005 10:24 <DIR> Java
18.02.2007 13:08 <DIR> Kaspersky Lab
27.10.2006 11:30 <DIR> King
20.01.2007 10:54 <DIR> Lavalys
18.02.2007 17:51 <DIR> Lavasoft
09.10.2005 11:28 <DIR> Learn2.com
09.10.2005 13:49 <DIR> Letstrade
20.12.2006 18:39 <DIR> LucasArts
12.10.2005 07:50 <DIR> Medion Info Display
08.10.2005 15:00 <DIR> Messenger
30.10.2006 21:42 <DIR> Metropolis Software
09.10.2005 13:37 <DIR> Microsoft AutoRoute
16.08.2006 22:15 <DIR> Microsoft Digital Image 2006
02.12.2006 10:17 <DIR> microsoft frontpage
07.02.2007 13:13 <DIR> Microsoft Games
02.12.2006 10:17 <DIR> Microsoft Office
02.12.2006 10:20 <DIR> Microsoft Visual Studio
06.10.2006 18:43 <DIR> Microsoft Works
09.10.2005 13:23 <DIR> Microsoft Works Suite 2006
16.08.2006 10:23 <DIR> ModernBrainMaster
08.10.2005 21:56 <DIR> Movie Maker
18.02.2007 18:23 <DIR> Mozilla Firefox
27.10.2006 16:07 <DIR> MP3 WAV Converter
09.08.2006 20:42 <DIR> MSN
08.10.2005 21:55 <DIR> MSN Gaming Zone
17.02.2007 21:23 <DIR> MSN Messenger
16.11.2006 15:01 <DIR> MSXML 4.0
09.10.2005 13:46 <DIR> muvee Technologies
08.02.2007 13:47 <DIR> MyWebSearch
08.10.2005 21:56 <DIR> NetMeeting
15.02.2007 19:56 <DIR> NimoCodec Pack
09.10.2005 18:13 <DIR> NVIDIA Demo Kiosk
16.10.2005 13:03 <DIR> OfficeUpdate11
08.10.2005 21:55 <DIR> Online Services
08.10.2005 21:56 <DIR> Online-Dienste
15.12.2006 22:45 <DIR> Outlook Express
16.08.2006 10:31 <DIR> phenomedia
17.02.2007 16:27 <DIR> PokerStars.NET
11.10.2006 15:48 <DIR> QuickTime
09.10.2005 10:53 <DIR> RALINK
09.10.2005 10:25 <DIR> Real
09.10.2005 10:27 <DIR> Realtek
19.10.2006 17:03 <DIR> Risk
11.06.2005 13:38 5.654.528 Scooter_-_Maria.mp3
09.12.2006 12:12 <DIR> SEGA
13.12.2006 17:26 <DIR> Skype
18.02.2007 17:40 <DIR> Spybot - Search & Destroy
14.10.2080 20:23 <DIR> Symantec
17.11.2006 18:23 <DIR> THQ
12.10.2005 07:51 <DIR> USB Wireless Keyboard Driver
09.10.2005 11:28 <DIR> Viewpoint
09.12.2006 12:24 <DIR> wincmd
08.10.2005 14:18 <DIR> Windows Journal Viewer
09.10.2005 10:11 <DIR> Windows Media Connect
27.10.2006 11:27 <DIR> Windows Media Player
08.10.2005 21:55 <DIR> Windows NT
10.08.2006 10:44 <DIR> WinRAR
22.10.2005 13:19 <DIR> X10 Hardware
08.10.2005 21:58 <DIR> xerox
02.11.2006 22:15 <DIR> Yahoo!
1 Datei(en) 5.654.528 Bytes
99 Verzeichnis(se), 147.916.779.520 Bytes frei
Datentr„ger in Laufwerk C: ist BOOT
Volumeseriennummer: F845-9504
Verzeichnis von C:\WINDOWS\Temp
18.02.2007 20:57 <DIR> .
18.02.2007 20:57 <DIR> ..
18.02.2007 20:56 8.192 cch~131c8c3f3d0b.htp
18.02.2007 20:56 8.192 cch~131c8c5a27e7.htp
18.02.2007 20:56 8.192 cch~131cbd9b7ad6.htp
18.02.2007 20:56 8.192 cch~131cbdc6e638.htp
18.02.2007 20:56 8.192 cch~131d04de676e.htp
18.02.2007 20:56 8.192 cch~131d04fac44f.htp
18.02.2007 20:56 8.192 cch~131fdbaffdb4.htp
18.02.2007 20:56 8.192 cch~131fdbcc4e8a.htp
18.02.2007 19:00 0 CLML_AGENT_LOG1.txt
18.02.2007 19:00 2.048 sqlite_hEzYAefR8qKZGmO
18.02.2007 13:07 0 T30DebugLogFile.txt
18.02.2007 19:00 255 WGAErrLog.txt
18.02.2007 19:00 409 WGANotify.settings
18.02.2007 13:23 <DIR> _avast4_
18.02.2007 11:21 16.384 ~DF2088.tmp
18.02.2007 18:18 16.384 ~DF22E2.tmp
18.02.2007 19:00 16.384 ~DF230C.tmp
18.02.2007 13:14 16.384 ~DF29C5.tmp
18.02.2007 17:56 16.384 ~DF3453.tmp
18 Datei(en) 150.168 Bytes
3 Verzeichnis(se), 147.916.779.520 Bytes frei
Datentr„ger in Laufwerk C: ist BOOT
Volumeseriennummer: F845-9504
Verzeichnis von C:\
Danke nochmals
Volumeseriennummer: F845-9504
Verzeichnis von C:\Dokumente und Einstellungen\Kinder\Anwendungsdaten
09.10.2005 11:49 <DIR> Adobe
03.09.2006 18:37 <DIR> AdobeUM
11.08.2006 22:21 <DIR> Ahead
11.10.2006 15:49 <DIR> Apple Computer
03.12.2006 19:22 <DIR> Autodesk
29.10.2005 13:47 <DIR> CyberLink
15.02.2007 20:01 <DIR> DivX
05.10.2006 16:02 83.912 GDIPFONTCACHEV1.DAT
18.09.2006 10:58 <DIR> Google
16.10.2006 15:12 <DIR> Help
08.10.2005 21:58 <DIR> Identities
09.12.2006 12:11 <DIR> InstallShield
18.02.2007 17:51 <DIR> Lavasoft
09.10.2005 10:21 <DIR> Macromedia
02.12.2006 10:17 <DIR> Microsoft Web Folders
09.02.2007 16:59 <DIR> Mozilla
09.10.2005 10:26 <DIR> Real
18.02.2007 20:54 <DIR> Skype
28.08.2006 15:03 <DIR> Sun
14.10.2080 19:59 <DIR> Symantec
18.02.2007 15:15 <DIR> temp
18.02.2007 16:49 3.052 wklnhst.dat
14.10.1980 19:47 <DIR> Xfire
09.10.2005 11:28 <DIR> You've Got Pictures Screensaver
2 Datei(en) 86.964 Bytes
22 Verzeichnis(se), 147.916.783.616 Bytes frei
Datentr„ger in Laufwerk C: ist BOOT
Volumeseriennummer: F845-9504
Verzeichnis von C:\Programme
18.02.2007 17:53 <DIR> .
18.02.2007 17:53 <DIR> ..
09.10.2005 11:43 <DIR> Adobe
12.10.2005 07:39 <DIR> Ahead
18.02.2007 02:55 <DIR> Alwil Software
11.10.2006 15:48 <DIR> Apple Software Update
03.12.2006 19:17 <DIR> Autodesk
16.08.2006 10:26 <DIR> BrickTower
16.11.2006 18:16 <DIR> Bridge Builder
08.10.2005 14:40 <DIR> C-Media USB2.0 Card Reader
09.08.2006 18:52 <DIR> CA
20.12.2006 18:16 <DIR> Canon
03.09.2006 19:53 <DIR> CCleaner
22.10.2005 13:19 <DIR> Common Files
22.10.2006 16:32 <DIR> COMPANY_NAME
31.10.2005 18:58 <DIR> CyberLink
05.01.2007 15:07 <DIR> Daemon Manager
15.08.2006 22:39 <DIR> DAEMON Tools
16.08.2006 19:03 <DIR> Der Trainer 2006
08.11.2006 19:57 <DIR> Destination Mahjongg
10.08.2006 16:45 <DIR> directx
15.02.2007 20:00 <DIR> DivX
02.02.2007 20:20 <DIR> EA GAMES
02.11.2006 14:26 <DIR> EA SPORTS
03.11.2006 12:10 <DIR> Electronic Arts
17.02.2007 16:36 <DIR> eMule
09.10.2005 13:33 <DIR> Encarta
04.12.2006 17:58 <DIR> FM07 Spielergenerator
01.02.2007 16:47 <DIR> GameSpy Arcade
13.12.2006 17:26 <DIR> Gemeinsame Dateien
31.01.2007 20:48 <DIR> Google
18.02.2007 03:47 <DIR> Grisoft
21.10.2006 10:43 <DIR> Ground Control II
28.08.2006 16:38 <DIR> Hasbro Interactive
08.10.2005 14:59 <DIR> HighMAT CD Writing Wizard
29.10.2005 13:27 <DIR> Home Cinema
10.08.2006 16:45 <DIR> Intel
17.02.2007 16:18 <DIR> Internet Explorer
11.10.2006 15:49 <DIR> iPod
11.10.2006 15:49 <DIR> iTunes
09.10.2005 10:24 <DIR> Java
18.02.2007 13:08 <DIR> Kaspersky Lab
27.10.2006 11:30 <DIR> King
20.01.2007 10:54 <DIR> Lavalys
18.02.2007 17:51 <DIR> Lavasoft
09.10.2005 11:28 <DIR> Learn2.com
09.10.2005 13:49 <DIR> Letstrade
20.12.2006 18:39 <DIR> LucasArts
12.10.2005 07:50 <DIR> Medion Info Display
08.10.2005 15:00 <DIR> Messenger
30.10.2006 21:42 <DIR> Metropolis Software
09.10.2005 13:37 <DIR> Microsoft AutoRoute
16.08.2006 22:15 <DIR> Microsoft Digital Image 2006
02.12.2006 10:17 <DIR> microsoft frontpage
07.02.2007 13:13 <DIR> Microsoft Games
02.12.2006 10:17 <DIR> Microsoft Office
02.12.2006 10:20 <DIR> Microsoft Visual Studio
06.10.2006 18:43 <DIR> Microsoft Works
09.10.2005 13:23 <DIR> Microsoft Works Suite 2006
16.08.2006 10:23 <DIR> ModernBrainMaster
08.10.2005 21:56 <DIR> Movie Maker
18.02.2007 18:23 <DIR> Mozilla Firefox
27.10.2006 16:07 <DIR> MP3 WAV Converter
09.08.2006 20:42 <DIR> MSN
08.10.2005 21:55 <DIR> MSN Gaming Zone
17.02.2007 21:23 <DIR> MSN Messenger
16.11.2006 15:01 <DIR> MSXML 4.0
09.10.2005 13:46 <DIR> muvee Technologies
08.02.2007 13:47 <DIR> MyWebSearch
08.10.2005 21:56 <DIR> NetMeeting
15.02.2007 19:56 <DIR> NimoCodec Pack
09.10.2005 18:13 <DIR> NVIDIA Demo Kiosk
16.10.2005 13:03 <DIR> OfficeUpdate11
08.10.2005 21:55 <DIR> Online Services
08.10.2005 21:56 <DIR> Online-Dienste
15.12.2006 22:45 <DIR> Outlook Express
16.08.2006 10:31 <DIR> phenomedia
17.02.2007 16:27 <DIR> PokerStars.NET
11.10.2006 15:48 <DIR> QuickTime
09.10.2005 10:53 <DIR> RALINK
09.10.2005 10:25 <DIR> Real
09.10.2005 10:27 <DIR> Realtek
19.10.2006 17:03 <DIR> Risk
11.06.2005 13:38 5.654.528 Scooter_-_Maria.mp3
09.12.2006 12:12 <DIR> SEGA
13.12.2006 17:26 <DIR> Skype
18.02.2007 17:40 <DIR> Spybot - Search & Destroy
14.10.2080 20:23 <DIR> Symantec
17.11.2006 18:23 <DIR> THQ
12.10.2005 07:51 <DIR> USB Wireless Keyboard Driver
09.10.2005 11:28 <DIR> Viewpoint
09.12.2006 12:24 <DIR> wincmd
08.10.2005 14:18 <DIR> Windows Journal Viewer
09.10.2005 10:11 <DIR> Windows Media Connect
27.10.2006 11:27 <DIR> Windows Media Player
08.10.2005 21:55 <DIR> Windows NT
10.08.2006 10:44 <DIR> WinRAR
22.10.2005 13:19 <DIR> X10 Hardware
08.10.2005 21:58 <DIR> xerox
02.11.2006 22:15 <DIR> Yahoo!
1 Datei(en) 5.654.528 Bytes
99 Verzeichnis(se), 147.916.779.520 Bytes frei
Datentr„ger in Laufwerk C: ist BOOT
Volumeseriennummer: F845-9504
Verzeichnis von C:\WINDOWS\Temp
18.02.2007 20:57 <DIR> .
18.02.2007 20:57 <DIR> ..
18.02.2007 20:56 8.192 cch~131c8c3f3d0b.htp
18.02.2007 20:56 8.192 cch~131c8c5a27e7.htp
18.02.2007 20:56 8.192 cch~131cbd9b7ad6.htp
18.02.2007 20:56 8.192 cch~131cbdc6e638.htp
18.02.2007 20:56 8.192 cch~131d04de676e.htp
18.02.2007 20:56 8.192 cch~131d04fac44f.htp
18.02.2007 20:56 8.192 cch~131fdbaffdb4.htp
18.02.2007 20:56 8.192 cch~131fdbcc4e8a.htp
18.02.2007 19:00 0 CLML_AGENT_LOG1.txt
18.02.2007 19:00 2.048 sqlite_hEzYAefR8qKZGmO
18.02.2007 13:07 0 T30DebugLogFile.txt
18.02.2007 19:00 255 WGAErrLog.txt
18.02.2007 19:00 409 WGANotify.settings
18.02.2007 13:23 <DIR> _avast4_
18.02.2007 11:21 16.384 ~DF2088.tmp
18.02.2007 18:18 16.384 ~DF22E2.tmp
18.02.2007 19:00 16.384 ~DF230C.tmp
18.02.2007 13:14 16.384 ~DF29C5.tmp
18.02.2007 17:56 16.384 ~DF3453.tmp
18 Datei(en) 150.168 Bytes
3 Verzeichnis(se), 147.916.779.520 Bytes frei
Datentr„ger in Laufwerk C: ist BOOT
Volumeseriennummer: F845-9504
Verzeichnis von C:\
Danke nochmals
- skrapid
- Beiträge: 10
- Registriert: 18.02.2007, 15:08
19 Beiträge • Seite 1 von 2 • 1, 2
Ähnliche Themen
| HILFE ALLE MEINE ORDNERBERECHTIGUNG SIND WEG HILFE BITTE Forum: Hardware-Hilfe Autor: Anonymous Antworten: |
brauche BITTE mal ganz dringend hilfe!!! Forum: Software-Hilfe Autor: blue-sky Antworten: |
USB Hub tot?? Bitte um hilfe!! Forum: Hardware-Hilfe Autor: Ponny2 Antworten: |
CRC- Check bitte dringend Hilfe Forum: Hardware-Hilfe Autor: Anonymous Antworten: |
Das Problem mit der Homepage habe ich auch :( Forum: Webmaster-Anfänger Autor: Anonymous Antworten: |
Zurück zu Online- und PC-Sicherheit
Wer ist online?
Mitglieder in diesem Forum: 0 Mitglieder und 0 Gäste