| |
| |||||||
Log-Analyse und Auswertung: Bitte Log mal ansehen!!!Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
08.03.2005, 10:34
| #1 |
| |  Bitte Log mal ansehen!!! Logfile of HijackThis v1.99.1 Scan saved at 10:32:24, on 08.03.2005 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Programme\Gemeinsame Dateien\CMEII\CMESys.exe C:\Programme\QuickTime\qttask.exe C:\WINDOWS\SOINTGR.EXE C:\Programme\Trojancheck 6\tcguard.exe C:\Programme\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe C:\WINDOWS\System32\svchost.exe C:\DOKUME~1\STANDARD\LOKALE~1\TEMP\_VWUPSRV.EXE G:\antivir\AVWUPSRV.EXE G:\antivir\AVGUARD.EXE G:\antivir\AVGNT.EXE C:\Programme\Mozilla Firefox\firefox.exe C:\trojacheck\hijackthis\HijackThis.exe C:\WINDOWS\system32\NOTEPAD.EXE R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer bereitgestellt von AOL R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;<local> O1 - Hosts: 216.177.73.139 auto.search.msn.com O1 - Hosts: 216.177.73.139 search.netscape.com O1 - Hosts: 216.177.73.139 ieautosearch O1 - Hosts: 216.177.73.139 ieautosearch O1 - Hosts: 216.177.73.139 ieautosearch O1 - Hosts: 216.177.73.139 ieautosearch O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAMME\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [SystemTray] SysTray.Exe O4 - HKLM\..\Run: [AVGCtrl] "G:\antivir\AVGNT.EXE" /min O4 - HKLM\..\Run: [Trojancheck 6 Guard] C:\Programme\Trojancheck 6\tcguard.exe O4 - HKCU\..\Run: [AIM] C:\Programme\AIM95\aim.exe -cnetwait.odl O4 - Startup: TK-Phone.lnk = C:\Programme\Telekom\TkSoft\tkphone.exe O4 - Global Startup: Sagem - 802.11g Wi-Fi USB Dongle LAN Utility.lnk = ? O9 - Extra button: Recherche-Assistent - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Reference 2001\EROProj.dll O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Programme\AIM95\aim.exe O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O16 - DPF: ChatSpace Full Java Client 3.1.0.235 - http://217.175.252.58:8000/Java/cfs31235.cab O16 - DPF: {0B682CC1-FB40-4006-A5DD-99EDD3C9095D} (vbiewer control) - http://www.thepaymentcentre.com/build/vbiewer.cab O16 - DPF: {1A254634-F4AC-4002-8B34-35CE1B2C9E72} (Wsd Control) - http://212.112.203.97/dialer/wsd.cab O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/acti..._v1-0-3-12.cab O16 - DPF: {67B15B0B-160C-4579-95AF-858169659092} (IELoaderCtl Class) - http://freeload.cc/secure/ieloader.cab O16 - DPF: {6B4788E2-BAE8-11D2-A1B4-00400512739B} (PWMediaSendControl Class) - http://216.249.24.140/code/PWActiveXImgCtl.CAB O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game18.zylomgames.com/activex...amesplayer.cab O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://game11.zylomgames.com/activex/zylomloader.cab O16 - DPF: {E0B795B4-FD95-4ABD-A375-27962EFCE8CF} (StarInstall Control) - http://www.stardialer.de/install/StarInstall.ocx O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl Class) - http://tools.ebayimg.com/eps/activex...l_v1-0-3-0.cab O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - http://www2.incredimail.com/contents...r/imloader.cab O16 - DPF: {F0BC061F-DAF9-4533-8011-53BCB4C10307} (Installations Assistent) - http://install.stardialer.de/InstallationsAssistent.ocx O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - G:\antivir\AVGUARD.EXE O23 - Service: AOL Connectivity Service (AOL ACS) - Unknown owner - C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe (file missing) O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - G:\antivir\AVWUPSRV.EXE |
|
08.03.2005, 11:26
| #2 |
  | Bitte Log mal ansehen!!! @lauschi
__________________du hast einiges im system, update dein system und IE als erstes. lade escan download anleitung teile uns das gesamte (!) Ergebnis des eScan mit: welche Viren wurden auf Deinem Rechner gefunden: "öffne die mwav.log -> Bearbeiten -> Suchen -> virus eingeben -> Weitersuchen -> Treffer markieren/kopieren und ins Forum übertragen." (Zitat Cidre) chaosman
__________________ |
|
08.03.2005, 18:07
| #3 |
| | Bitte Log mal ansehen!!! hallo, das ist nun die auswertung von e-scan.
__________________nun benötige ich nochmal eure hilfe bitte. File C:\PROGRA~1\GEMEIN~1\CMEII\CMESys.exe infected by "not-a-virus:AdWare.Gator.6034" Virus. Action Taken: No Action Taken. File C:\PROGRA~1\GEMEIN~1\CMEII\GIocl.dll infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken. File C:\PROGRA~1\GEMEIN~1\CMEII\GStore.dll infected by "not-a-virus:AdWare.Gator.6051" Virus. Action Taken: No Action Taken. File C:\PROGRA~1\GEMEIN~1\CMEII\CMEIIAPI.dll infected by "not-a-virus:AdWare.Gator.5115" Virus. Action Taken: No Action Taken. File C:\PROGRA~1\GEMEIN~1\CMEII\GIOCLC~1.DLL infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken. File c:\PROGRA~1\GEMEIN~1\cmeii\GSTORE~1.DLL infected by "not-a-virus:AdWare.Gator.6051" Virus. Action Taken: No Action Taken. File c:\PROGRA~1\GEMEIN~1\cmeii\gdwldeng.dll infected by "not-a-virus:AdWare.Gator.3124" Virus. Action Taken: No Action Taken. File c:\PROGRA~1\GEMEIN~1\cmeii\gmtproxy.dll infected by "not-a-virus:AdWare.Gator.6051" Virus. Action Taken: No Action Taken. File C:\PROGRA~1\GEMEIN~1\CMEII\GObjs.dll infected by "not-a-virus:AdWare.Gator.6051" Virus. Action Taken: No Action Taken. File C:\DOKUME~1\Standard\LOKALE~1\Temp\trickler_4010.ex_ infected by "not-a-virus:AdWare.Gator.4010" Virus. Action Taken: No Action Taken. File C:\DOKUME~1\Standard\LOKALE~1\Temp\ImInstaller\IncrediMail\imloader.exe tagged as not-a-virus:RiskWare.Downloader.ImLoader.b. No Action Taken. File C:\WINDOWS\TEMP\~GL_3C18.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File C:\WINDOWS\TEMP\~GL_3C1F.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File C:\WINDOWS\TEMP\~GL_2405.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File C:\WINDOWS\TEMP\~GL_3A46.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File C:\WINDOWS\TEMP\~GL_3B35.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File C:\WINDOWS\TEMP\~GL_3458.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File C:\WINDOWS\TEMP\~GL_3506.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File C:\WINDOWS\TEMP\Adware\cd_install_291.exe infected by "not-a-virus:AdWare.Cydoor" Virus. Action Taken: No Action Taken. File C:\WINDOWS\TEMP\Adware\DelFinMediaViewer29j.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File C:\WINDOWS\TEMP\Adware\WebInstall.exe infected by "not-a-virus:AdWare.DownloadWare" Virus. Action Taken: No Action Taken. File C:\WINDOWS\TEMP\Adware\SaveNowInst.exe infected by "not-a-virus:AdWare.SaveNow.ar" Virus. Action Taken: No Action Taken. File C:\WINDOWS\TEMP\BDECache\bde10A5.TMP infected by "not-a-virus:AdWare.Altnet.a" Virus. Action Taken: No Action Taken. File C:\WINDOWS\wt\wtupdates\wtwebdriver\files\3.1.0.037\NPWTHOST.DLL infected by "not-a-virus:AdWare.WildTangent.b" Virus. Action Taken: No Action Taken. File C:\WINDOWS\wt\wtupdates\wtwebdriver\files\3.1.0.037\WTVH.DLL infected by "not-a-virus:AdWare.WildTangent.b" Virus. Action Taken: No Action Taken. File C:\WINDOWS\wt\wtupdates\wtwebdriver\files\3.2.0.007\wtvh.dll infected by "not-a-virus:AdWare.WildTangent.b" Virus. Action Taken: No Action Taken. File C:\WINDOWS\wt\wtupdates\wtwebdriver\files\3.2.0.007\npwthost.dll infected by "not-a-virus:AdWare.WildTangent.b" Virus. Action Taken: No Action Taken. File C:\WINDOWS\wt\wtupdates\wtbgm\files\1.5.0.134\WTBGMTT.EXE infected by "not-a-virus:AdWare.WildTangent.a" Virus. Action Taken: No Action Taken. File C:\WINDOWS\wt\wtupdates\wtbgm\files\1.5.1.019\wtbgmtt.exe infected by "not-a-virus:AdWare.WinAD" Virus. Action Taken: No Action Taken. File C:\WINDOWS\wt\wtbgm\wtbgmtt.exe infected by "not-a-virus:AdWare.WinAD" Virus. Action Taken: No Action Taken. File C:\WINDOWS\wt\wtvh.dll infected by "not-a-virus:AdWare.WildTangent.b" Virus. Action Taken: No Action Taken. File C:\Programme\Gemeinsame Dateien\CMEII\apps\PrecisionTime\precisiontime2102.zip infected by "not-a-virus:AdWare.Gator.2102" Virus. Action Taken: No Action Taken. File C:\Programme\Gemeinsame Dateien\CMEII\apps\PrecisionTime\InstallPrecisionTime.exe infected by "not-a-virus:AdWare.Gator.2102" Virus. Action Taken: No Action Taken. File C:\Programme\Gemeinsame Dateien\CMEII\apps\DateManager\datemanager2102.zip infected by "not-a-virus:AdWare.Gator.4116" Virus. Action Taken: No Action Taken. File C:\Programme\Gemeinsame Dateien\CMEII\apps\DateManager\InstallDateManager.exe infected by "not-a-virus:AdWare.Gator.4116" Virus. Action Taken: No Action Taken. File C:\Programme\Gemeinsame Dateien\CMEII\CMESys.exe infected by "not-a-virus:AdWare.Gator.6034" Virus. Action Taken: No Action Taken. File C:\Programme\Gemeinsame Dateien\CMEII\GDwldEng.dll infected by "not-a-virus:AdWare.Gator.3124" Virus. Action Taken: No Action Taken. File C:\Programme\Gemeinsame Dateien\CMEII\GIocl.dll infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken. File C:\Programme\Gemeinsame Dateien\CMEII\GIoclClient.dll infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken. File C:\Programme\Gemeinsame Dateien\CMEII\GMTProxy.dll infected by "not-a-virus:AdWare.Gator.6051" Virus. Action Taken: No Action Taken. File C:\Programme\Gemeinsame Dateien\CMEII\GObjs.dll infected by "not-a-virus:AdWare.Gator.6051" Virus. Action Taken: No Action Taken. File C:\Programme\Gemeinsame Dateien\CMEII\GStore.dll infected by "not-a-virus:AdWare.Gator.6051" Virus. Action Taken: No Action Taken. File C:\Programme\Gemeinsame Dateien\CMEII\GStoreServer.dll infected by "not-a-virus:AdWare.Gator.6051" Virus. Action Taken: No Action Taken. File C:\Programme\Gemeinsame Dateien\CMEII\CMEIIAPI.dll infected by "not-a-virus:AdWare.Gator.5115" Virus. Action Taken: No Action Taken. File C:\Programme\Gemeinsame Dateien\CMEII\store\apps\precisiontime2102.zip infected by "not-a-virus:AdWare.Gator.2102" Virus. Action Taken: No Action Taken. File C:\Programme\Gemeinsame Dateien\CMEII\store\apps\datemanager2102.zip infected by "not-a-virus:AdWare.Gator.4116" Virus. Action Taken: No Action Taken. File C:\holi351601426.exe infected by "not-a-virus:Porn-Dialer.Win32.Holistyc.gen" Virus. Action Taken: No Action Taken. File C:\Dokumente und Einstellungen\Standard\Lokale Einstellungen\Temp\trickler_4010.ex_ infected by "not-a-virus:AdWare.Gator.4010" Virus. Action Taken: No Action Taken. File C:\Dokumente und Einstellungen\Standard\Lokale Einstellungen\Temp\ImInstaller\IncrediMail\imloader.exe tagged as not-a-virus:RiskWare.Downloader.ImLoader.b. No Action Taken. File C:\Dokumente und Einstellungen\Standard\Eigene Dateien\poolmup.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File C:\System Volume Information\_restore{275AACCF-B2DA-421D-9C21-7695B368A0DF}\RP490\A0104894.exe infected by "not-a-virus:AdWare.Gator.5112" Virus. Action Taken: No Action Taken. File C:\System Volume Information\_restore{275AACCF-B2DA-421D-9C21-7695B368A0DF}\RP490\A0104900.dll infected by "not-a-virus:AdWare.Gator.5017" Virus. Action Taken: No Action Taken. File C:\System Volume Information\_restore{275AACCF-B2DA-421D-9C21-7695B368A0DF}\RP490\A0104901.dll infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken. File G:\antivir\INFECTED\SQCLREAON.EXE.VIR infected by "not-a-virus:AdWare.Gator.a" Virus. Action Taken: No Action Taken. File G:\antivir\INFECTED\FFCNRFCF.EXE.VIR infected by "not-a-virus:AdWare.Gator.a" Virus. Action Taken: No Action Taken. File G:\antivir\INFECTED\FFCNRFCF.EXE.001 infected by "not-a-virus:AdWare.Gator.a" Virus. Action Taken: No Action Taken. File G:\antivir\INFECTED\SQCLREAON.EXE.001 infected by "not-a-virus:AdWare.Gator.a" Virus. Action Taken: No Action Taken. File G:\antivir\INFECTED\SQCLREAON.EXE.002 infected by "not-a-virus:AdWare.Gator.a" Virus. Action Taken: No Action Taken. File G:\antivir\INFECTED\FFCNRFCF.EXE.002 infected by "not-a-virus:AdWare.Gator.a" Virus. Action Taken: No Action Taken. File G:\antivir\INFECTED\SQCLREAON.EXE.003 infected by "not-a-virus:AdWare.Gator.a" Virus. Action Taken: No Action Taken. File G:\antivir\INFECTED\FFCNRFCF.EXE.003 infected by "not-a-virus:AdWare.Gator.a" Virus. Action Taken: No Action Taken. File G:\antivir\INFECTED\SQCLREAON.EXE.004 infected by "not-a-virus:AdWare.Gator.a" Virus. Action Taken: No Action Taken. File G:\antivir\INFECTED\SQCLREAON.EXE.005 infected by "not-a-virus:AdWare.Gator.a" Virus. Action Taken: No Action Taken. File G:\antivir\INFECTED\FFCNRFCF.EXE.004 infected by "not-a-virus:AdWare.Gator.a" Virus. Action Taken: No Action Taken. File G:\antivir\INFECTED\SQCLREAON.EXE.006 infected by "not-a-virus:AdWare.Gator.a" Virus. Action Taken: No Action Taken. File G:\antivir\INFECTED\FFCNRFCF.EXE.005 infected by "not-a-virus:AdWare.Gator.a" Virus. Action Taken: No Action Taken. |
|
08.03.2005, 19:32
| #4 |
| | Bitte Log mal ansehen!!! @lauschi diese datei auf diskette sichern zwecks beweismittel gegen hohe telefonrechnungen lade clearprog download alle häkchen bei IE und windows setzen, löschen systemwiederherstellung deaktivieren, neu booten, systemwiederherstellung aktivieren. wechsle in den abgesicherten modus und lösche manuell alle CMEII-dateien, alle folgende dateien C:\WINDOWS\wt\wtupdates\wtwebdriver\files\3.1.0.03 7\NPWTHOST.DLL C:\WINDOWS\wt\wtupdates\wtwebdriver\files\3.1.0.03 7\WTVH.DLL C:\WINDOWS\wt\wtupdates\wtwebdriver\files\3.2.0.00 7\wtvh.dll C:\WINDOWS\wt\wtupdates\wtwebdriver\files\3.2.0.00 7\npwthost.dll C:\WINDOWS\wt\wtupdates\wtbgm\files\1.5.0.134\WTBG MTT.EXE C:\WINDOWS\wt\wtupdates\wtbgm\files\1.5.1.019\wtbg mtt.exe C:\WINDOWS\wt\wtbgm\wtbgmtt.exe C:\WINDOWS\wt\wtvh.dll C:\holi351601426.exe diese ordner mal leeren G\antivir\INFECTED neu booten, neues HJT logfile posten chaosman
__________________ Bonus vir semper tiro |
|
13.03.2005, 15:51
| #5 |
| | Bitte Log mal ansehen!!! salut, hier der logfile nach dem scannen und löschen. Logfile of HijackThis v1.99.1 Scan saved at 15:48:34, on 13.03.2005 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE G:\antivir\AVGNT.EXE C:\Programme\Trojancheck 6\tcguard.exe C:\Programme\Java\jre1.5.0_01\bin\jusched.exe C:\Programme\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe G:\antivir\AVGUARD.EXE G:\antivir\AVWUPSRV.EXE C:\WINDOWS\System32\svchost.exe C:\trojacheck\hijackthis\HijackThis.exe R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer bereitgestellt von AOL R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;<local> O1 - Hosts: 216.177.73.139 auto.search.msn.com O1 - Hosts: 216.177.73.139 search.netscape.com O1 - Hosts: 216.177.73.139 ieautosearch O1 - Hosts: 216.177.73.139 ieautosearch O1 - Hosts: 216.177.73.139 ieautosearch O1 - Hosts: 216.177.73.139 ieautosearch O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAMME\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [SystemTray] SysTray.Exe O4 - HKLM\..\Run: [AVGCtrl] "G:\antivir\AVGNT.EXE" /min O4 - HKLM\..\Run: [Trojancheck 6 Guard] C:\Programme\Trojancheck 6\tcguard.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_01\bin\jusched.exe O4 - Startup: TK-Phone.lnk = C:\Programme\Telekom\TkSoft\tkphone.exe O4 - Global Startup: Sagem - 802.11g Wi-Fi USB Dongle LAN Utility.lnk = ? O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_01\bin\npjpi150_01.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_01\bin\npjpi150_01.dll O9 - Extra button: Recherche-Assistent - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Reference 2001\EROProj.dll O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Programme\AIM95\aim.exe O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O16 - DPF: ChatSpace Full Java Client 3.1.0.235 - http://217.175.252.58:8000/Java/cfs31235.cab O16 - DPF: {0B682CC1-FB40-4006-A5DD-99EDD3C9095D} (vbiewer control) - http://www.thepaymentcentre.com/build/vbiewer.cab O16 - DPF: {1A254634-F4AC-4002-8B34-35CE1B2C9E72} (Wsd Control) - http://212.112.203.97/dialer/wsd.cab O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/acti..._v1-0-3-12.cab O16 - DPF: {67B15B0B-160C-4579-95AF-858169659092} (IELoaderCtl Class) - http://freeload.cc/secure/ieloader.cab O16 - DPF: {6B4788E2-BAE8-11D2-A1B4-00400512739B} (PWMediaSendControl Class) - http://216.249.24.140/code/PWActiveXImgCtl.CAB O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game18.zylomgames.com/activex...amesplayer.cab O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://game11.zylomgames.com/activex/zylomloader.cab O16 - DPF: {E0B795B4-FD95-4ABD-A375-27962EFCE8CF} (StarInstall Control) - http://www.stardialer.de/install/StarInstall.ocx O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl Class) - http://tools.ebayimg.com/eps/activex...l_v1-0-3-0.cab O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - http://www2.incredimail.com/contents...r/imloader.cab O16 - DPF: {F0BC061F-DAF9-4533-8011-53BCB4C10307} (Installations Assistent) - http://install.stardialer.de/InstallationsAssistent.ocx O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - G:\antivir\AVGUARD.EXE O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - G:\antivir\AVWUPSRV.EXE |
|
15.03.2005, 20:44
| #6 |
| | Bitte Log mal ansehen!!! @lauschi system und IE updaten! wechsle erst danach in den abgesicherten modus und fixe mit HJT R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = ;<local> O1 - Hosts: 216.177.73.139 auto.search.msn.com O1 - Hosts: 216.177.73.139 search.netscape.com O1 - Hosts: 216.177.73.139 ieautosearch O1 - Hosts: 216.177.73.139 ieautosearch O1 - Hosts: 216.177.73.139 ieautosearch O1 - Hosts: 216.177.73.139 ieautosearch O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O16 - DPF: {0B682CC1-FB40-4006-A5DD-99EDD3C9095D} (vbiewer control) - http://www.thepaymentcentre.com/build/vbiewer.cab O16 - DPF: {1A254634-F4AC-4002-8B34-35CE1B2C9E72} (Wsd Control) - http://212.112.203.97/dialer/wsd.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game18.zylomgames.com/active...gamesplayer.cab O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://game11.zylomgames.com/activex/zylomloader.cab O16 - DPF: {E0B795B4-FD95-4ABD-A375-27962EFCE8CF} (StarInstall Control) - http://www.stardialer.de/install/StarInstall.ocx O16 - DPF: {F0BC061F-DAF9-4533-8011-53BCB4C10307} (Installations Assistent) - http://install.stardialer.de/InstallationsAssistent.ocx danach manuell löschen C:\WINDOWS\web\related.htm neu booten, neues HJT logfile posten neue startseite vergeben chaosman
__________________ --> Bitte Log mal ansehen!!! |
|
15.03.2005, 20:56
| #7 |
| | Bitte Log mal ansehen!!! salut! kannst du mir vielleicht sagen, wie ich system und IE update? und hast du eine ahnung, was Nullsoft für ein Programm ist? das befindet sich an mehren stellen auf der c festplatte. danke dir lg lauschi |
|
15.03.2005, 21:00
| #8 | ||
| Moderator, a.D.  | Bitte Log mal ansehen!!!Zitat:
AFAIK gibts dafür sogar den ein- oder anderen Button in WindowsXP.  Zitat:
Gruß  Yopie |
|
15.03.2005, 21:02
| #9 | ||
| | Bitte Log mal ansehen!!!Zitat:
1.) Windows-Hilfe 2.) Google (siehe Signatur) 3.) Start-> Programme-> Windows-Update Zitat:
1.) Google, aber das hatten wir ja schon  2.) -> Winamp  mfg Haui |
|
| Themen zu Bitte Log mal ansehen!!! |
| adobe, antivir, antivir update, bho, check, dateien, explorer, file missing, firefox, hijack, hijackthis, internet, internet explorer, log, logfile, microsoft, mozilla, mozilla firefox, object, programme, software, system, system32, temp, update, usb, windows, windows xp |
Linear-Darstellung
