hallo,
ich denke ich hab mir einige sehr unschöne programme eingefangen habe und jetzt bräuchte ich mal hilfe um
a) zu wissen wie groß der schaden ist bzw ob es reperabel ist
b) wenn man es wieder richten kann wie das am besten geht
hijack:
Logfile of HijackThis v1.99.1
Scan saved at 19:16:43, on 17.06.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\TGTSoft\StyleXP\StyleXPService.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\OfficeScan NT\pccntmon.exe
C:\Programme\Java\jre1.5.0_06\bin\jusched.exe
C:\Programme\Logitech\Video\LogiTray.exe
C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Programme\ATI Technologies\ATI.ACE\cli.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
C:\Programme\Norton AntiVirus\navapsvc.exe
C:\Programme\Norton AntiVirus\IWP\NPFMntor.exe
C:\Programme\Logitech\Video\FxSvr2.exe
C:\OfficeScan NT\OfcPfwSvc.exe
G:\Spiele\Spyware Doctor\sdhelp.exe
C:\WINDOWS\System32\svchost.exe
C:\OfficeScan NT\tmlisten.exe
C:\Programme\ATI Technologies\ATI.ACE\cli.exe
C:\Programme\ATI Technologies\ATI.ACE\cli.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\WINDOWS\TEMP\PK6E9.EXE
G:\mozilla\mozilla.exe
C:\Programme\Messenger\msmsgs.exe
C:\Program Files\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.uboot.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.qsrch.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - Default URLSearchHook is missing
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Quick! - {4E7BD74F-2B8D-469E-C0FF-FD67B79CAF2C} - C:\Programme\quickbar\quickbar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Programme\Norton AntiVirus\NavShExt.dll
O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Programme\TGTSoft\StyleXP\TGT_BHO.dll
O3 - Toolbar: Quick! - {4E7BD74F-2B8D-469E-C0FF-FD67B79CAF2C} - C:\Programme\quickbar\quickbar.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Programme\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\OfficeScan NT\pccntmon.exe" -HideWindow
O4 - HKLM\..\Run: [ATIPTA] C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Programme\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Programme\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ALi5289] C:\Programme\ULI5289\ALi5289.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Programme\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe"
O4 - HKCU\..\Run: [STYLEXP] C:\Programme\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] C:\Programme\Logitech\Video\ManifestEngine.exe boot
O4 - HKCU\..\Run: [updateMgr] "C:\Programme\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - Global Startup: Logitech Desktop Messenger Agent.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: RaptisoftGameLoader - http://www.miniclip.com/hamsterball/rap ... loader.cab
O16 - DPF: {00134F72-5284-44F7-95A8-52A619F70751} (ObjWinNTCheck Class) - https://ntserver04/officescan/console/C ... nNTChk.cab
O16 - DPF: {08D75BB0-D2B5-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment SetupINICtrl Class) - https://ntserver04/officescan/console/C ... tupini.cab
O16 - DPF: {08D75BC1-D2B5-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment SetupCtrl Class) - https://ntserver04/officescan/console/C ... /setup.cab
O16 - DPF: {35C3D91E-401A-4E45-88A5-F3B32CD72DF4} (Encrypt Class) - https://ntserver04/officescan/console/html/AtxEnc.cab
O16 - DPF: {3FE16C08-D6A7-4133-84FC-D5BFB4F7D886} (WebGameLoader Class) - http://www.miniclip.com/ricochet/Reflex ... Loader.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5EFE8CB1-D095-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment ObjRemoveCtrl Class) - https://ntserver04/officescan/console/C ... veCtrl.cab
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://launch.gamespyarcade.com/softwar ... launch.cab
O16 - DPF: {8FA9D107-547B-4DBC-9D88-FABD891EDB0A} - http://playroom.icq.com/odyssey_web11.cab
O16 - DPF: {BDEE1959-AB6B-4745-A29B-F492861102CC} -
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://arcade.icq.com/carlo/zuma/popcaploader_v5.cab
O18 - Protocol: bw+0 - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {8D78C3E9-8578-48BC-A1E1-A16AC27BEEC5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: RegCompact - C:\WINDOWS\SYSTEM32\RegCompact.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS (file missing)
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Programme\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Programme\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: OfficeScanNT Personal Firewall (OfcPfwSvc) - Trend Micro Inc. - C:\OfficeScan NT\OfcPfwSvc.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Programme\Norton AntiVirus\SAVScan.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - G:\Spiele\Spyware Doctor\sdhelp.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: StyleXPService - Unknown owner - C:\Programme\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: OfficeScanNT Listener (tmlisten) - Trend Micro Inc. - C:\OfficeScan NT\tmlisten.exe
schon mal danke für die hilfe im vorraus
Warum kostenlos registrieren?
Nur als registriertes Mitglied hast Du vollen Zugriff auf alle Funktionen unserer Website. So kannst Du eigene Fragen stellen und hast die volle Übersicht über neue interessante Themen im Forum.
Jetzt kostenlos registrieren.
Login
probleme mit infizierungen
15 Beiträge • Seite 1 von 1
von Nikita am 18.06.2006, 01:55
Download Registry Search by Bobbi Flekman
http://virus-protect.org/artikel/tools/regsearch.html
und doppelklicken, um zu starten. in: "Enter search strings" (reinschreiben oder reinkopieren)
quickbar
in edit und klicke "Ok".
Notepad wird sich oeffnen -- kopiere den Text ab und poste ihn.
http://virus-protect.org/artikel/tools/regsearch.html
und doppelklicken, um zu starten. in: "Enter search strings" (reinschreiben oder reinkopieren)
quickbar
in edit und klicke "Ok".
Notepad wird sich oeffnen -- kopiere den Text ab und poste ihn.
- Nikita
- Moderator
- Beiträge: 11478
- Registriert: 07.12.2003, 16:53
- Wohnort: Lissabon
von g46ri31 am 18.06.2006, 12:10
hier die log von RegSearch:
REGEDIT4
; Registry Search 2.0 by Bobbi Flekman © 2005
; Version: 2.0.1.0
; Results at 18.06.2006 12:07:28 for strings:
; 'quickbar'
; Strings excluded from search:
; (None)
; Search in:
; Registry Keys Registry Values Registry Data
; HKEY_LOCAL_MACHINE HKEY_USERS
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4E7BD74F-2B8D-469E-C0FF-FD67B79CAF2C}\InprocServer32]
@="C:\\Programme\\quickbar\\quickbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4E7BD74F-2B8D-469E-C0FF-FD67B79CAF2C}\ProgID]
@="quickbar.QUICKBAR"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4E7BD74F-2B8D-469E-C0FF-FD67B79CAF2D}]
@="QUICKBARToggle Button"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4E7BD74F-2B8D-469E-C0FF-FD67B79CAF2D}\InprocServer32]
@="C:\\Programme\\quickbar\\quickbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4E7BD74F-2B8D-469E-C0FF-FD67B79CAF2D}\ProgID]
@="quickbar.QUICKBARToggle Button"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4E7BD74F-2B8D-469E-C0FF-FD67B79CAF2E}]
@="QUICKBARMenu Button"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4E7BD74F-2B8D-469E-C0FF-FD67B79CAF2E}\InprocServer32]
@="C:\\Programme\\quickbar\\quickbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4E7BD74F-2B8D-469E-C0FF-FD67B79CAF2E}\ProgID]
@="quickbar.QUICKBARMenu Button"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\quickbar.QUICKBAR]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\quickbar.QUICKBAR]
@="QUICKBAR"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\quickbar.QUICKBAR\Clsid]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\quickbar.QUICKBARMenu Button]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\quickbar.QUICKBARMenu Button]
@="QUICKBARMenu Button"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\quickbar.QUICKBARMenu Button\Clsid]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\quickbar.QUICKBARToggle Button]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\quickbar.QUICKBARToggle Button]
@="QUICKBARToggle Button"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\quickbar.QUICKBARToggle Button\Clsid]
[HKEY_USERS\S-1-5-21-1935655697-1957994488-1801674531-1003\Software\QUICKBAR]
[HKEY_USERS\S-1-5-21-1935655697-1957994488-1801674531-1003\Software\QUICKBAR]
"SPI"="QUICKBAR215820"
[HKEY_USERS\S-1-5-21-1935655697-1957994488-1801674531-1003\Software\QUICKBAR\Config]
[HKEY_USERS\S-1-5-21-1935655697-1957994488-1801674531-1003\Software\QUICKBAR\Config\quickbartb0302]
[HKEY_USERS\S-1-5-21-1935655697-1957994488-1801674531-1003\Software\QUICKBAR\LogEvents]
[HKEY_USERS\S-1-5-21-1935655697-1957994488-1801674531-1003\Software\QUICKBAR\LogEvents\Checkin]
[HKEY_USERS\S-1-5-21-1935655697-1957994488-1801674531-1003\Software\QUICKBAR\LogEvents\Install]
[HKEY_USERS\S-1-5-21-1935655697-1957994488-1801674531-1003\Software\QUICKBAR\LogEvents\Uninstall]
[HKEY_USERS\S-1-5-21-1935655697-1957994488-1801674531-1003\Software\QUICKBAR\Options]
[HKEY_USERS\S-1-5-21-1935655697-1957994488-1801674531-1003\Software\QUICKBAR\Reports]
[HKEY_USERS\S-1-5-21-1935655697-1957994488-1801674531-1003\Software\QUICKBAR\Reports\38880]
[HKEY_USERS\S-1-5-21-1935655697-1957994488-1801674531-1003\Software\QUICKBAR\Reports\38881]
[HKEY_USERS\S-1-5-21-1935655697-1957994488-1801674531-1003\Software\QUICKBAR\Reports\38882]
[HKEY_USERS\S-1-5-21-1935655697-1957994488-1801674531-1003\Software\QUICKBAR\Reports\38883]
[HKEY_USERS\S-1-5-21-1935655697-1957994488-1801674531-1003\Software\QUICKBAR\Reports\38884]
[HKEY_USERS\S-1-5-21-1935655697-1957994488-1801674531-1003\Software\QUICKBAR\Reports\38885]
[HKEY_USERS\S-1-5-21-1935655697-1957994488-1801674531-1003\Software\QUICKBAR\Stat]
; End Of The Log...
REGEDIT4
; Registry Search 2.0 by Bobbi Flekman © 2005
; Version: 2.0.1.0
; Results at 18.06.2006 12:07:28 for strings:
; 'quickbar'
; Strings excluded from search:
; (None)
; Search in:
; Registry Keys Registry Values Registry Data
; HKEY_LOCAL_MACHINE HKEY_USERS
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4E7BD74F-2B8D-469E-C0FF-FD67B79CAF2C}\InprocServer32]
@="C:\\Programme\\quickbar\\quickbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4E7BD74F-2B8D-469E-C0FF-FD67B79CAF2C}\ProgID]
@="quickbar.QUICKBAR"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4E7BD74F-2B8D-469E-C0FF-FD67B79CAF2D}]
@="QUICKBARToggle Button"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4E7BD74F-2B8D-469E-C0FF-FD67B79CAF2D}\InprocServer32]
@="C:\\Programme\\quickbar\\quickbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4E7BD74F-2B8D-469E-C0FF-FD67B79CAF2D}\ProgID]
@="quickbar.QUICKBARToggle Button"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4E7BD74F-2B8D-469E-C0FF-FD67B79CAF2E}]
@="QUICKBARMenu Button"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4E7BD74F-2B8D-469E-C0FF-FD67B79CAF2E}\InprocServer32]
@="C:\\Programme\\quickbar\\quickbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4E7BD74F-2B8D-469E-C0FF-FD67B79CAF2E}\ProgID]
@="quickbar.QUICKBARMenu Button"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\quickbar.QUICKBAR]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\quickbar.QUICKBAR]
@="QUICKBAR"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\quickbar.QUICKBAR\Clsid]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\quickbar.QUICKBARMenu Button]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\quickbar.QUICKBARMenu Button]
@="QUICKBARMenu Button"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\quickbar.QUICKBARMenu Button\Clsid]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\quickbar.QUICKBARToggle Button]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\quickbar.QUICKBARToggle Button]
@="QUICKBARToggle Button"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\quickbar.QUICKBARToggle Button\Clsid]
[HKEY_USERS\S-1-5-21-1935655697-1957994488-1801674531-1003\Software\QUICKBAR]
[HKEY_USERS\S-1-5-21-1935655697-1957994488-1801674531-1003\Software\QUICKBAR]
"SPI"="QUICKBAR215820"
[HKEY_USERS\S-1-5-21-1935655697-1957994488-1801674531-1003\Software\QUICKBAR\Config]
[HKEY_USERS\S-1-5-21-1935655697-1957994488-1801674531-1003\Software\QUICKBAR\Config\quickbartb0302]
[HKEY_USERS\S-1-5-21-1935655697-1957994488-1801674531-1003\Software\QUICKBAR\LogEvents]
[HKEY_USERS\S-1-5-21-1935655697-1957994488-1801674531-1003\Software\QUICKBAR\LogEvents\Checkin]
[HKEY_USERS\S-1-5-21-1935655697-1957994488-1801674531-1003\Software\QUICKBAR\LogEvents\Install]
[HKEY_USERS\S-1-5-21-1935655697-1957994488-1801674531-1003\Software\QUICKBAR\LogEvents\Uninstall]
[HKEY_USERS\S-1-5-21-1935655697-1957994488-1801674531-1003\Software\QUICKBAR\Options]
[HKEY_USERS\S-1-5-21-1935655697-1957994488-1801674531-1003\Software\QUICKBAR\Reports]
[HKEY_USERS\S-1-5-21-1935655697-1957994488-1801674531-1003\Software\QUICKBAR\Reports\38880]
[HKEY_USERS\S-1-5-21-1935655697-1957994488-1801674531-1003\Software\QUICKBAR\Reports\38881]
[HKEY_USERS\S-1-5-21-1935655697-1957994488-1801674531-1003\Software\QUICKBAR\Reports\38882]
[HKEY_USERS\S-1-5-21-1935655697-1957994488-1801674531-1003\Software\QUICKBAR\Reports\38883]
[HKEY_USERS\S-1-5-21-1935655697-1957994488-1801674531-1003\Software\QUICKBAR\Reports\38884]
[HKEY_USERS\S-1-5-21-1935655697-1957994488-1801674531-1003\Software\QUICKBAR\Reports\38885]
[HKEY_USERS\S-1-5-21-1935655697-1957994488-1801674531-1003\Software\QUICKBAR\Stat]
; End Of The Log...
- g46ri31
- Beiträge: 8
- Registriert: 17.06.2006, 18:48
von Nikita am 18.06.2006, 14:38
Den folgenden Text in den Editor (Start - Zubehör - Editor) kopieren und als listen.bat mit 'Speichern unter' auf dem Desktop. Gebe bei Dateityp 'Alle Dateien' an. Du solltest jetzt auf dem Desktop diese Datei finden. --> die listen.bat doppelt klicken--> kopiere den Text, der erscheint
- Code: Alles auswählen
cd\
dir "C:\Programme\quickbar" >>files.txt
notepad files.txt
- Nikita
- Moderator
- Beiträge: 11478
- Registriert: 07.12.2003, 16:53
- Wohnort: Lissabon
von g46ri31 am 18.06.2006, 20:20
da scheint nicht mehr viel vorhanden zu sein:
Datentr„ger in Laufwerk C: ist Lokaler Datentr„ger
Volumeseriennummer: 204E-44CC
Verzeichnis von C:\Programme
Datentr„ger in Laufwerk C: ist Lokaler Datentr„ger
Volumeseriennummer: 204E-44CC
Verzeichnis von C:\Programme
- g46ri31
- Beiträge: 8
- Registriert: 17.06.2006, 18:48
von Nikita am 18.06.2006, 20:35
virustotal
Oben auf der Seite --> auf Durchsuchen klicken --> gleich die Datei mit korrektem Pfad einkopieren) --> Doppelklick auf die zu prüfende Datei --> klick auf Submit... jetzt abwarten
http://www.virustotal.com/flash/index_en.html
C:\WINDOWS\SYSTEM32\RegCompact.dll
poste den report
--------------------------------------------------------------------------
1.
Avenger
http://virus-protect.org/artikel/tools/avenger.html
kopier rein:
Klicke die gruene Ampel
das Script wird nun ausgeführt, dann wird der PC automatisch neustarten
**
poste das log vom avenger, was erscheint
**
Counterspy
http://virus-protect.org/counterspy.html
* nach dem Scan muss man sich entscheiden für:
*Ignore
*Remove --> Status: Deleted
*Quarantaine
wähle immer Remove und starte den PC neu (dann kopiere den Scanreport ab
Oben auf der Seite --> auf Durchsuchen klicken --> gleich die Datei mit korrektem Pfad einkopieren) --> Doppelklick auf die zu prüfende Datei --> klick auf Submit... jetzt abwarten
http://www.virustotal.com/flash/index_en.html
C:\WINDOWS\SYSTEM32\RegCompact.dll
poste den report
--------------------------------------------------------------------------
1.
Avenger
http://virus-protect.org/artikel/tools/avenger.html
kopier rein:
registry keys to delete:
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4E7BD74F-2B8D-469E-C0FF-FD67B79CAF2C}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4E7BD74F-2B8D-469E-C0FF-FD67B79CAF2D}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4E7BD74F-2B8D-469E-C0FF-FD67B79CAF2E}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\quickbar.QUICKBAR
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\quickbar.QUICKBARMenu Button
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\quickbar.QUICKBARToggle Button\Clsid
Klicke die gruene Ampel
das Script wird nun ausgeführt, dann wird der PC automatisch neustarten
**
poste das log vom avenger, was erscheint
**
Counterspy
http://virus-protect.org/counterspy.html
* nach dem Scan muss man sich entscheiden für:
*Ignore
*Remove --> Status: Deleted
*Quarantaine
wähle immer Remove und starte den PC neu (dann kopiere den Scanreport ab
- Nikita
- Moderator
- Beiträge: 11478
- Registriert: 07.12.2003, 16:53
- Wohnort: Lissabon
von g46ri31 am 20.06.2006, 21:34
virustotal und avanger hier, counterspy kann ich leider erst morgen posten:
Antivirus Version Update Result
AntiVir 6.35.0.13 06.18.2006 no virus found
Authentium 4.93.8 06.16.2006 no virus found
Avast 4.7.844.0 06.15.2006 no virus found
AVG 386 06.16.2006 no virus found
BitDefender 7.2 06.18.2006 no virus found
CAT-QuickHeal 8.00 06.17.2006 no virus found
ClamAV devel-20060426 06.18.2006 no virus found
DrWeb 4.33 06.18.2006 no virus found
eTrust-InoculateIT 23.72.42 06.18.2006 no virus found
eTrust-Vet 12.6.2259 06.16.2006 no virus found
Ewido 3.5 06.18.2006 no virus found
Fortinet 2.77.0.0 06.18.2006 no virus found
F-Prot 3.16f 06.17.2006 no virus found
Ikarus 0.2.65.0 06.16.2006 no virus found
Kaspersky 4.0.2.24 06.18.2006 no virus found
McAfee 4786 06.16.2006 no virus found
Microsoft 1.1441 06.18.2006 no virus found
NOD32v2 1.1606 06.17.2006 no virus found
Norman 5.90.21 06.16.2006 no virus found
Panda 9.0.0.4 06.18.2006 no virus found
Sophos 4.06.0 06.18.2006 no virus found
Symantec 8.0 06.18.2006 no virus found
TheHacker 5.9.8.162 06.18.2006 no virus found
UNA 1.83 06.16.2006 no virus found
VBA32 3.11.0 06.18.2006 no virus found
VirusBuster 4.3.7:9 06.17.2006 no virus found
Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\yrnrghhj
*******************
Script file located at: \??\C:\Program Files\igfikfyb.txt
Script file opened successfully.
Script file read successfully
Backups directory opened successfully at C:\Avenger
*******************
Beginning to process script file:
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4E7BD74F-2B8D-469E-C0FF-FD67B79CAF2C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4E7BD74F-2B8D-469E-C0FF-FD67B79CAF2D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4E7BD74F-2B8D-469E-C0FF-FD67B79CAF2E} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\quickbar.QUICKBAR deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\quickbar.QUICKBARMenu Button deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\quickbar.QUICKBARToggle Button\Clsid deleted successfully.
Completed script processing.
*******************
Finished! Terminate.
Antivirus Version Update Result
AntiVir 6.35.0.13 06.18.2006 no virus found
Authentium 4.93.8 06.16.2006 no virus found
Avast 4.7.844.0 06.15.2006 no virus found
AVG 386 06.16.2006 no virus found
BitDefender 7.2 06.18.2006 no virus found
CAT-QuickHeal 8.00 06.17.2006 no virus found
ClamAV devel-20060426 06.18.2006 no virus found
DrWeb 4.33 06.18.2006 no virus found
eTrust-InoculateIT 23.72.42 06.18.2006 no virus found
eTrust-Vet 12.6.2259 06.16.2006 no virus found
Ewido 3.5 06.18.2006 no virus found
Fortinet 2.77.0.0 06.18.2006 no virus found
F-Prot 3.16f 06.17.2006 no virus found
Ikarus 0.2.65.0 06.16.2006 no virus found
Kaspersky 4.0.2.24 06.18.2006 no virus found
McAfee 4786 06.16.2006 no virus found
Microsoft 1.1441 06.18.2006 no virus found
NOD32v2 1.1606 06.17.2006 no virus found
Norman 5.90.21 06.16.2006 no virus found
Panda 9.0.0.4 06.18.2006 no virus found
Sophos 4.06.0 06.18.2006 no virus found
Symantec 8.0 06.18.2006 no virus found
TheHacker 5.9.8.162 06.18.2006 no virus found
UNA 1.83 06.16.2006 no virus found
VBA32 3.11.0 06.18.2006 no virus found
VirusBuster 4.3.7:9 06.17.2006 no virus found
Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\yrnrghhj
*******************
Script file located at: \??\C:\Program Files\igfikfyb.txt
Script file opened successfully.
Script file read successfully
Backups directory opened successfully at C:\Avenger
*******************
Beginning to process script file:
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4E7BD74F-2B8D-469E-C0FF-FD67B79CAF2C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4E7BD74F-2B8D-469E-C0FF-FD67B79CAF2D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4E7BD74F-2B8D-469E-C0FF-FD67B79CAF2E} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\quickbar.QUICKBAR deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\quickbar.QUICKBARMenu Button deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\quickbar.QUICKBARToggle Button\Clsid deleted successfully.
Completed script processing.
*******************
Finished! Terminate.
- g46ri31
- Beiträge: 8
- Registriert: 17.06.2006, 18:48
von Nikita am 21.06.2006, 00:19
Counterspy
http://virus-protect.org/counterspy.html
* nach dem Scan muss man sich entscheiden für:
*Ignore
*Remove --> Status: Deleted
*Quarantaine
wähle immer Remove und starte den PC neu (dann kopiere den Scanreport ab
http://virus-protect.org/counterspy.html
* nach dem Scan muss man sich entscheiden für:
*Ignore
*Remove --> Status: Deleted
*Quarantaine
wähle immer Remove und starte den PC neu (dann kopiere den Scanreport ab
- Nikita
- Moderator
- Beiträge: 11478
- Registriert: 07.12.2003, 16:53
- Wohnort: Lissabon
von g46ri31 am 21.06.2006, 15:44
CounterSpy log:
Spyware Scan Details
Start Date: 21.06.2006 13:55:42
End Date: 21.06.2006 15:18:10
Total Time: 1 hrs 22 mins 28 secs
Detected spyware
WindUpdates Browser Plug-in more information...
Details: WindUpdates is an adware application that installs as a browser plug-in and displays advertising on the desktop.
Status: Deleted
Infected files detected
c:\windows\system32\ide21201.vxd
AntiLeech Plugin Adware (General) more information...
Details: Plugin is an Ad-Ware software which enables the broadcasting of advertisements, and execution of e-commerce and other internet related services on the user-interface of the software.
Status: Deleted
Infected files detected
C:\mozilla.org\Mozilla\plugins\al2np.dll
C:\mozilla.org\Mozilla\plugins\alhlp.exe
C:\mozilla.org\Mozilla\plugins\npalnn.dll
G:\SONSTIGES\download\ALPlugin-1.0.1.6-setup.exe
Infected registry entries detected
HKEY_CURRENT_USER\Software\Anti-Leech\Anti-Leech Plugin
HKEY_CURRENT_USER\Software\Anti-Leech\Anti-Leech Plugin Mozilla 1.7.2 C:\Programme\mozilla.org\Mozilla\Plugins
HKEY_CURRENT_USER\Software\Anti-Leech\Anti-Leech Plugin Mozilla 1.7.3 C:\mozilla.org\Mozilla\Plugins
HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@anti-leech.com/Anti-Leech Plugin,version=1.0.1.5\MimeTypes\application/x-al-package
HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@anti-leech.com/Anti-Leech Plugin,version=1.0.1.5\MimeTypes\application/x-al-package Description Anti-Leech Package
HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@anti-leech.com/Anti-Leech Plugin,version=1.0.1.5\MimeTypes\application/x-al-package Suffixes alp
HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@anti-leech.com/Anti-Leech Plugin,version=1.0.1.5\Suffixes
HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@anti-leech.com/Anti-Leech Plugin,version=1.0.1.5
HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@anti-leech.com/Anti-Leech Plugin,version=1.0.1.5\MimeTypes\application/x-al-package Description Anti-Leech Package
HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@anti-leech.com/Anti-Leech Plugin,version=1.0.1.5\MimeTypes\application/x-al-package Suffixes alp
HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@anti-leech.com/Anti-Leech Plugin,version=1.0.1.5 Description Anti-Leech Plugin for Netscape, Mozilla, Opera
HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@anti-leech.com/Anti-Leech Plugin,version=1.0.1.5 Version 1.0.1.5
HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@anti-leech.com/Anti-Leech Plugin,version=1.0.1.5 Vendor Anti-Leech
HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@anti-leech.com/Anti-Leech Plugin,version=1.0.1.5 ProductName Anti-Leech Plugin
Hacker v2 Backdoor more information...
Details: Hacker v2 is a trojan which is used to stealing or deleting files and sending virus.
Status: Deleted
Infected files detected
G:\DOWNLOADS\GAMES UND PROGS\3 Hacking Simulations Games\hackerv2.zip
RBot.steam Trojan more information...
Status: Deleted
Infected files detected
G:\LAN-Party\CS 1.6\platform\steam_dev.exe
Quick! Searchbar Browser Plug-in more information...
Status: Deleted
Infected registry entries detected
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E7BD74F-2B8D-469E-C0FF-FD67B79CAF2C}
HKEY_CURRENT_USER\Software\QUICKBAR
HKEY_CURRENT_USER\Software\QUICKBAR IE C:\Programme\Internet Explorer\iexplore.exe
HKEY_CURRENT_USER\Software\QUICKBAR InsVer 302
HKEY_CURRENT_USER\Software\QUICKBAR ConfigCode 0
HKEY_CURRENT_USER\Software\QUICKBAR CfgID 1
HKEY_CURRENT_USER\Software\QUICKBAR ClientID
HKEY_CURRENT_USER\Software\QUICKBAR LogPTR TBEZY402Q
HKEY_CURRENT_USER\Software\QUICKBAR LogVersion 262146
HKEY_CURRENT_USER\Software\QUICKBAR FirstRun 1
HKEY_CURRENT_USER\Software\QUICKBAR BarID 2005021521582019216812
HKEY_CURRENT_USER\Software\QUICKBAR SPI QUICKBAR215820
HKEY_CURRENT_USER\Software\QUICKBAR LastSinfoLoc http://www.rokop-security.de/index.php?showtopic=3867
HKEY_CURRENT_USER\Software\QUICKBAR GTK CFBDDECDEDDDGFEDJEFDDFGDJEHDDEIDELJMJCAKOHOFFAOANMKMIJMLEPDMILIOIEOHJMNCIGMGCOOKBANK
HKEY_CURRENT_USER\Software\QUICKBAR FirstCfg 1
HKEY_CURRENT_USER\Software\QUICKBAR LastLeft 2
HKEY_CURRENT_USER\Software\QUICKBAR InstallReport 1
HKEY_CURRENT_USER\Software\QUICKBAR CLTBID 2890bd8013ccaf709d63508ff13e2ec6
HKEY_CURRENT_USER\Software\QUICKBAR LastBadPopup play.de
HKEY_CURRENT_USER\Software\QUICKBAR PopupCount 35
HKEY_CURRENT_USER\Software\QUICKBAR LastResultUrl http://quick.qsrch.com/tbar?prt=TBEZY40 ... 13e2ec6&s=
HKEY_CURRENT_USER\Software\QUICKBAR LastGoodPopup superchat.at
HKEY_CURRENT_USER\Software\QUICKBAR BitmapVersion 0
HKEY_CLASSES_ROOT\quickbar.QUICKBARToggle Button
HKEY_CLASSES_ROOT\quickbar.QUICKBARToggle Button QUICKBARToggle Button
ATDMT.com Cookie (General) more information...
Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count
Status: Deleted
Infected cookies detected
c:\dokumente und einstellungen\patrick\cookies\patrick@atdmt[2].txt
Mediaplex.com Cookie (General) more information...
Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count
Status: Deleted
Infected cookies detected
c:\dokumente und einstellungen\patrick\cookies\patrick@mediaplex[1].txt
Radar Spy 1.0 Cookie (General) more information...
Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count
Status: Deleted
Infected cookies detected
c:\dokumente und einstellungen\patrick\cookies\patrick@tradedoubler[1].txt
Spyware Scan Details
Start Date: 21.06.2006 13:55:42
End Date: 21.06.2006 15:18:10
Total Time: 1 hrs 22 mins 28 secs
Detected spyware
WindUpdates Browser Plug-in more information...
Details: WindUpdates is an adware application that installs as a browser plug-in and displays advertising on the desktop.
Status: Deleted
Infected files detected
c:\windows\system32\ide21201.vxd
AntiLeech Plugin Adware (General) more information...
Details: Plugin is an Ad-Ware software which enables the broadcasting of advertisements, and execution of e-commerce and other internet related services on the user-interface of the software.
Status: Deleted
Infected files detected
C:\mozilla.org\Mozilla\plugins\al2np.dll
C:\mozilla.org\Mozilla\plugins\alhlp.exe
C:\mozilla.org\Mozilla\plugins\npalnn.dll
G:\SONSTIGES\download\ALPlugin-1.0.1.6-setup.exe
Infected registry entries detected
HKEY_CURRENT_USER\Software\Anti-Leech\Anti-Leech Plugin
HKEY_CURRENT_USER\Software\Anti-Leech\Anti-Leech Plugin Mozilla 1.7.2 C:\Programme\mozilla.org\Mozilla\Plugins
HKEY_CURRENT_USER\Software\Anti-Leech\Anti-Leech Plugin Mozilla 1.7.3 C:\mozilla.org\Mozilla\Plugins
HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@anti-leech.com/Anti-Leech Plugin,version=1.0.1.5\MimeTypes\application/x-al-package
HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@anti-leech.com/Anti-Leech Plugin,version=1.0.1.5\MimeTypes\application/x-al-package Description Anti-Leech Package
HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@anti-leech.com/Anti-Leech Plugin,version=1.0.1.5\MimeTypes\application/x-al-package Suffixes alp
HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@anti-leech.com/Anti-Leech Plugin,version=1.0.1.5\Suffixes
HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@anti-leech.com/Anti-Leech Plugin,version=1.0.1.5
HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@anti-leech.com/Anti-Leech Plugin,version=1.0.1.5\MimeTypes\application/x-al-package Description Anti-Leech Package
HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@anti-leech.com/Anti-Leech Plugin,version=1.0.1.5\MimeTypes\application/x-al-package Suffixes alp
HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@anti-leech.com/Anti-Leech Plugin,version=1.0.1.5 Description Anti-Leech Plugin for Netscape, Mozilla, Opera
HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@anti-leech.com/Anti-Leech Plugin,version=1.0.1.5 Version 1.0.1.5
HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@anti-leech.com/Anti-Leech Plugin,version=1.0.1.5 Vendor Anti-Leech
HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@anti-leech.com/Anti-Leech Plugin,version=1.0.1.5 ProductName Anti-Leech Plugin
Hacker v2 Backdoor more information...
Details: Hacker v2 is a trojan which is used to stealing or deleting files and sending virus.
Status: Deleted
Infected files detected
G:\DOWNLOADS\GAMES UND PROGS\3 Hacking Simulations Games\hackerv2.zip
RBot.steam Trojan more information...
Status: Deleted
Infected files detected
G:\LAN-Party\CS 1.6\platform\steam_dev.exe
Quick! Searchbar Browser Plug-in more information...
Status: Deleted
Infected registry entries detected
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E7BD74F-2B8D-469E-C0FF-FD67B79CAF2C}
HKEY_CURRENT_USER\Software\QUICKBAR
HKEY_CURRENT_USER\Software\QUICKBAR IE C:\Programme\Internet Explorer\iexplore.exe
HKEY_CURRENT_USER\Software\QUICKBAR InsVer 302
HKEY_CURRENT_USER\Software\QUICKBAR ConfigCode 0
HKEY_CURRENT_USER\Software\QUICKBAR CfgID 1
HKEY_CURRENT_USER\Software\QUICKBAR ClientID
HKEY_CURRENT_USER\Software\QUICKBAR LogPTR TBEZY402Q
HKEY_CURRENT_USER\Software\QUICKBAR LogVersion 262146
HKEY_CURRENT_USER\Software\QUICKBAR FirstRun 1
HKEY_CURRENT_USER\Software\QUICKBAR BarID 2005021521582019216812
HKEY_CURRENT_USER\Software\QUICKBAR SPI QUICKBAR215820
HKEY_CURRENT_USER\Software\QUICKBAR LastSinfoLoc http://www.rokop-security.de/index.php?showtopic=3867
HKEY_CURRENT_USER\Software\QUICKBAR GTK CFBDDECDEDDDGFEDJEFDDFGDJEHDDEIDELJMJCAKOHOFFAOANMKMIJMLEPDMILIOIEOHJMNCIGMGCOOKBANK
HKEY_CURRENT_USER\Software\QUICKBAR FirstCfg 1
HKEY_CURRENT_USER\Software\QUICKBAR LastLeft 2
HKEY_CURRENT_USER\Software\QUICKBAR InstallReport 1
HKEY_CURRENT_USER\Software\QUICKBAR CLTBID 2890bd8013ccaf709d63508ff13e2ec6
HKEY_CURRENT_USER\Software\QUICKBAR LastBadPopup play.de
HKEY_CURRENT_USER\Software\QUICKBAR PopupCount 35
HKEY_CURRENT_USER\Software\QUICKBAR LastResultUrl http://quick.qsrch.com/tbar?prt=TBEZY40 ... 13e2ec6&s=
HKEY_CURRENT_USER\Software\QUICKBAR LastGoodPopup superchat.at
HKEY_CURRENT_USER\Software\QUICKBAR BitmapVersion 0
HKEY_CLASSES_ROOT\quickbar.QUICKBARToggle Button
HKEY_CLASSES_ROOT\quickbar.QUICKBARToggle Button QUICKBARToggle Button
ATDMT.com Cookie (General) more information...
Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count
Status: Deleted
Infected cookies detected
c:\dokumente und einstellungen\patrick\cookies\patrick@atdmt[2].txt
Mediaplex.com Cookie (General) more information...
Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count
Status: Deleted
Infected cookies detected
c:\dokumente und einstellungen\patrick\cookies\patrick@mediaplex[1].txt
Radar Spy 1.0 Cookie (General) more information...
Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count
Status: Deleted
Infected cookies detected
c:\dokumente und einstellungen\patrick\cookies\patrick@tradedoubler[1].txt
- g46ri31
- Beiträge: 8
- Registriert: 17.06.2006, 18:48
von Nikita am 21.06.2006, 18:18
virustotal
Oben auf der Seite --> auf Durchsuchen klicken --> gleich die Datei mit korrektem Pfad einkopieren) --> Doppelklick auf die zu prüfende Datei --> klick auf Submit... jetzt abwarten
http://www.virustotal.com/flash/index_en.html
C:\Programme\ULI5289\ALi5289.exe
Oben auf der Seite --> auf Durchsuchen klicken --> gleich die Datei mit korrektem Pfad einkopieren) --> Doppelklick auf die zu prüfende Datei --> klick auf Submit... jetzt abwarten
http://www.virustotal.com/flash/index_en.html
C:\Programme\ULI5289\ALi5289.exe
- Nikita
- Moderator
- Beiträge: 11478
- Registriert: 07.12.2003, 16:53
- Wohnort: Lissabon
von g46ri31 am 21.06.2006, 21:17
VirusTotal:
Antivirus Version Update Result
AntiVir 6.35.0.15 06.21.2006 no virus found
Authentium 4.93.8 06.21.2006 no virus found
Avast 4.7.844.0 06.21.2006 no virus found
AVG 386 06.21.2006 no virus found
BitDefender 7.2 06.21.2006 no virus found
CAT-QuickHeal 8.00 06.21.2006 no virus found
ClamAV devel-20060426 06.21.2006 no virus found
DrWeb 4.33 06.21.2006 no virus found
eTrust-InoculateIT 23.72.45 06.21.2006 no virus found
eTrust-Vet 12.6.2269 06.21.2006 no virus found
Ewido 3.5 06.21.2006 no virus found
Fortinet 2.77.0.0 06.21.2006 no virus found
F-Prot 3.16f 06.21.2006 no virus found
Ikarus 0.2.65.0 06.21.2006 no virus found
Kaspersky 4.0.2.24 06.21.2006 no virus found
McAfee 4790 06.21.2006 no virus found
Microsoft 1.1481 06.21.2006 no virus found
NOD32v2 1.1612 06.21.2006 no virus found
Norman 5.90.21 06.21.2006 no virus found
Panda 9.0.0.4 06.21.2006 no virus found
Sophos 4.06.0 06.21.2006 no virus found
Symantec 8.0 06.21.2006 no virus found
TheHacker 5.9.8.163 06.21.2006 no virus found
UNA 1.83 06.21.2006 no virus found
VBA32 3.11.0 06.21.2006 no virus found
VirusBuster 4.3.7:9 06.21.2006 no virus found
Antivirus Version Update Result
AntiVir 6.35.0.15 06.21.2006 no virus found
Authentium 4.93.8 06.21.2006 no virus found
Avast 4.7.844.0 06.21.2006 no virus found
AVG 386 06.21.2006 no virus found
BitDefender 7.2 06.21.2006 no virus found
CAT-QuickHeal 8.00 06.21.2006 no virus found
ClamAV devel-20060426 06.21.2006 no virus found
DrWeb 4.33 06.21.2006 no virus found
eTrust-InoculateIT 23.72.45 06.21.2006 no virus found
eTrust-Vet 12.6.2269 06.21.2006 no virus found
Ewido 3.5 06.21.2006 no virus found
Fortinet 2.77.0.0 06.21.2006 no virus found
F-Prot 3.16f 06.21.2006 no virus found
Ikarus 0.2.65.0 06.21.2006 no virus found
Kaspersky 4.0.2.24 06.21.2006 no virus found
McAfee 4790 06.21.2006 no virus found
Microsoft 1.1481 06.21.2006 no virus found
NOD32v2 1.1612 06.21.2006 no virus found
Norman 5.90.21 06.21.2006 no virus found
Panda 9.0.0.4 06.21.2006 no virus found
Sophos 4.06.0 06.21.2006 no virus found
Symantec 8.0 06.21.2006 no virus found
TheHacker 5.9.8.163 06.21.2006 no virus found
UNA 1.83 06.21.2006 no virus found
VBA32 3.11.0 06.21.2006 no virus found
VirusBuster 4.3.7:9 06.21.2006 no virus found
- g46ri31
- Beiträge: 8
- Registriert: 17.06.2006, 18:48
von g46ri31 am 21.06.2006, 22:08
wow, cool.
dann bedanke ich mich recht herzlich bei Nikita für die superschnelle und professionelle hilfe! thx!
glg
dann bedanke ich mich recht herzlich bei Nikita für die superschnelle und professionelle hilfe! thx!
glg
- g46ri31
- Beiträge: 8
- Registriert: 17.06.2006, 18:48
von g46ri31 am 22.06.2006, 15:29
diese exe is nicht mehr vorhanden.
bzw sollte sie noch da sein nicht mehr in c:/windows/temp
glg
bzw sollte sie noch da sein nicht mehr in c:/windows/temp
glg
- g46ri31
- Beiträge: 8
- Registriert: 17.06.2006, 18:48
15 Beiträge • Seite 1 von 1
Ähnliche Themen
| plötzlich mehrere probleme Forum: Hardware-Hilfe Autor: Anonymous Antworten: |
Probleme mit WinXP auf einem Laptop Amilo A beim Hochfahren Forum: Hardware-Hilfe Autor: Anonymous Antworten: |
Probleme mit Onboard-Geräten Forum: Hardware-Hilfe Autor: Anonymous Antworten: |
Probleme beim Installiern Forum: Hardware-Hilfe Autor: Anonymous Antworten: |
Probleme nach dem Hochstarten meines Rechners Forum: Software-Hilfe Autor: schlitzoehrli Antworten: |
Zurück zu Online- und PC-Sicherheit
Wer ist online?
Mitglieder in diesem Forum: 0 Mitglieder und 0 Gäste