Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Kann ein Experte mal über mein HijackThis-Log schauen?

Kann ein Experte mal über mein HijackThis-Log schauen?


Log-Analyse und Auswertung: Kann ein Experte mal über mein HijackThis-Log schauen?

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 03.03.2007, 00:06   #1
larsz81
 
Kann ein Experte mal über mein HijackThis-Log schauen? - Standard

Kann ein Experte mal über mein HijackThis-Log schauen?


Hallo.

Hab Windows XP Home und McAffee Virusscan Enterprise 8.0.0 (gerade erst aktualisiert)

Also McAffee meldete irgendwas mit Bo Heep bei explorer.exe (Pufferüberlauf) was er aber geblockt hat. Darauf hat sich explorer.exe aufgehangen. Hab dann mehrmals alles mit McAffe gecheckt, beim ersten Durchlauf fand er ein Dailer und ein Trojaner in nem /tmp Ordner (weiß nich mehr ob C:\Windows\Temp\tmp sorry) ... hat er beide gelöscht. Irgendwann hab ich dann explorer.exe abgeschosssen und über ausführen explorer.exe wieder gestartet. Danach lief es eigentlich, aber z. B. konnte ich WMediaPlayer nur über Taskmanager abschießen, beim Schließen verschwand er zwar aber Mucke lief weiter (?). Sonst is mir nix merkwürdiges aufgefallen. Traue mich aber nich neuzustarten bzw. den PC runterzufahren. Kann mal jemand durchs log schauen, ob da was verdächtig ist? Mir fällt nix auf, bin aber offenleslich kein Experte...

Log:
Logfile of HijackThis v1.99.1
Scan saved at 23:36:38, on 02.03.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Gemeinsame Dateien\AccSys\accsvc.exe
C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Programme\Cisco Systems\VPN Client\cvpnd.exe
C:\Programme\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Programme\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\Programme\Network Associates\Common Framework\FrameworkService.exe
C:\Programme\Network Associates\VirusScan\mcshield.exe
C:\Programme\Network Associates\VirusScan\vstskmgr.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe
C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\Dit.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\AGRSMMSG.exe
C:\PROGRA~1\Medion\KeyStat\KeyStat.exe
C:\Programme\Home Cinema\PowerCinema\PCMService.exe
C:\Programme\AnyDVD\AnyDVD.exe
C:\Programme\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Network Associates\VirusScan\SHSTAT.EXE
C:\Programme\Network Associates\Common Framework\UpdaterUI.exe
C:\Programme\Gemeinsame Dateien\Network Associates\TalkBack\tbmon.exe
C:\Programme\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Programme\MSN Messenger\usnsvc.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Dokumente und Einstellungen\Lars\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = ist OK
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = h..p://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = h..p://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = h..p://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = h..p://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,First Home Page = h..p://www.arcor.de
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Arcor AG & Co. KG
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar3.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar3.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Keyboard Status] C:\PROGRA~1\Medion\KeyStat\KeyStat.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PCMService] "C:\Programme\Home Cinema\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Programme\Winamp\winampa.exe"
O4 - HKLM\..\Run: [AnyDVD] C:\Programme\AnyDVD\AnyDVD.exe
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Programme\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [ctfmon] C:\WINDOWS\system32\ctfmon.exe
O4 - HKLM\..\Run: [WLAN Quick-Starter] "C:\Programme\WLAN Quick-Starter\WLAN Quick-Starter.exe" -update
O4 - HKLM\..\Run: [ICQ Lite] "C:\Programme\ICQLite\ICQLite.exe" -minimize
O4 - HKLM\..\Run: [ShStatEXE] "C:\Programme\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Programme\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Programme\Gemeinsame Dateien\Network Associates\TalkBack\tbmon.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Skype] "C:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Programme\MSN Messenger\MsnMsgr.Exe" /background
O4 - Startup: Adobe Gamma.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Acrobat - Schnellstart.lnk = ?
O4 - Global Startup: BlueSoleil.lnk = C:\Programme\IVT Corporation\BlueSoleil\BlueSoleil.exe
O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: In Adobe PDF konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: In vorhandene PDF-Datei konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com/
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - .h..p:..go.microsoft.com/fwlink/?linkid=39204.
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - .h..p:..v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1106843944468.
O17 - HKLM\System\CCS\Services\Tcpip\..\{1ED9E159-BC6B-48E9-9105-DB63616C1ECE}: NameServer = 192.168.120.252,192.168.120.253
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AccSys WiFi Component (accsvc) - AccSys GmbH - C:\Programme\Gemeinsame Dateien\AccSys\accsvc.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Programme\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Programme\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: AVM FRITZ!web Routing Service (de_serv) - AVM Berlin - C:\Programme\Gemeinsame Dateien\AVM\de_serv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: McAfee Framework-Dienst (McAfeeFramework) - Network Associates, Inc. - C:\Programme\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Programme\Network Associates\VirusScan\mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Programme\Network Associates\VirusScan\vstskmgr.exe
O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Programme\OpenVPN\bin\openvpnserv.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe



OK, Danke im Voraus

Lars
Geändert von larsz81 (03.03.2007 um 00:13 Uhr)

Alt 03.03.2007, 00:15   #2
felix1
/// Helfer-Team
 
Kann ein Experte mal über mein HijackThis-Log schauen? - Standard

Kann ein Experte mal über mein HijackThis-Log schauen?


Hi,

sieht soweit sauber aus. Nichts auffälliges zu sehen!

Gruss
__________________
Alt 03.03.2007, 00:26   #3
Mellosun
 
Kann ein Experte mal über mein HijackThis-Log schauen? - Standard

Kann ein Experte mal über mein HijackThis-Log schauen?


Zitat:
Zitat von felixx65 Beitrag anzeigen

sieht soweit sauber aus. Nichts auffälliges zu sehen!
Das muss aber nichts heißen...

@larsz81

Mache bitte mal einen Scan mit eScan.
Alles dazu gibts hier mit Anleitung

Lese Dir diese genau durch und gehe dannach vor.
Poste das LOG mit hilfe der find.zip!


Gruß Mellosun
__________________
__________________
Alt 03.03.2007, 20:33   #4
larsz81
 
Kann ein Experte mal über mein HijackThis-Log schauen? - Standard

Kann ein Experte mal über mein HijackThis-Log schauen?


Hi, Danke erstmal.
Hab hier das log von eScan also nur die Fehler-Meldungen:

Sat Mar 03 12:57:18 2007 => ***** Scanning Registry and File system for Adware/Spyware *****
Sat Mar 03 12:57:18 2007 => Loading Spyware Signatures from new External Database [Name: C:\Bases_X\spydb.avs, Size: 212325].
Sat Mar 03 12:57:21 2007 => Indexed Spyware Databases Successfully Created...

Sat Mar 03 12:57:24 2007 => Offending Key found: HKCU\\magnet !!!
Sat Mar 03 12:57:24 2007 => Object "grokster Spyware/Adware" found in File System! Action Taken: No Action Taken.

Sat Mar 03 12:57:34 2007 => Offending file found: C:\Dokumente und Einstellungen\Lars\Eigene Dateien\downloads\passwortfinder\password.exe
Sat Mar 03 12:57:34 2007 => System found infected with password-finder 2.1 PSWTool (password.exe)! Action taken: No Action Taken.

Sat Mar 03 12:57:41 2007 => Offending file found: C:\Dokumente und Einstellungen\Lars\Eigene Dateien\eigene dokumente\symbolleiste\internet\internet.lnk
Sat Mar 03 12:57:41 2007 => System found infected with ezula Spyware/Adware (internet.lnk)! Action taken: No Action Taken.

Sat Mar 03 12:57:55 2007 => Offending file found: C:\Dokumente und Einstellungen\Lars\Eigene Dateien\symbolleiste\internet\internet.lnk
Sat Mar 03 12:57:55 2007 => System found infected with ezula Spyware/Adware (internet.lnk)! Action taken: No Action Taken.

Sat Mar 03 12:58:05 2007 => Offending file found: C:\Dokumente und Einstellungen\Lars\Eigene Dateien\downloads\passwortfinder\password.exe
Sat Mar 03 12:58:05 2007 => System found infected with password-finder 2.1 PSWTool (password.exe)! Action taken: No Action Taken.

Sat Mar 03 12:58:06 2007 => Offending file found: C:\Dokumente und Einstellungen\Lars\Eigene Dateien\eigene dokumente\symbolleiste\internet\internet.lnk
Sat Mar 03 12:58:06 2007 => System found infected with ezula Spyware/Adware (internet.lnk)! Action taken: No Action Taken.

Sat Mar 03 12:58:07 2007 => Offending file found: C:\Dokumente und Einstellungen\Lars\Eigene Dateien\symbolleiste\internet\internet.lnk
Sat Mar 03 12:58:07 2007 => System found infected with ezula Spyware/Adware (internet.lnk)! Action taken: No Action Taken.

Sat Mar 03 12:58:12 2007 => Checking MountPoints2 Registry Key...
Sat Mar 03 12:58:12 2007 => Invalid Command Found in {0f039ae1-8468-11d9-8a72-001109df9636}\Shell\Autoplay\DropTarget\AutoRun\command: L:\OEMBranding.exe
Sat Mar 03 12:58:12 2007 => Offending Key found: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0f039ae1-8468-11d9-8a72-001109df9636} !!!
Sat Mar 03 12:58:12 2007 => Object "Possible Fujacks-type Worm" found in File System! Action Taken: No Action Taken.

Sat Mar 03 12:58:12 2007 => Invalid Command Found in {176ebe7a-8522-11d9-8a7e-001109df94c7}\Shell\Autoplay\DropTarget\AutoRun\command: K:\OEMBranding.exe
Sat Mar 03 12:58:12 2007 => Offending Key found: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{176ebe7a-8522-11d9-8a7e-001109df94c7} !!!
Sat Mar 03 12:58:12 2007 => Object "Possible Fujacks-type Worm" found in File System! Action Taken: No Action Taken.

Sat Mar 03 12:58:12 2007 => Invalid Command Found in {b60dc10a-85ba-11d9-8a81-001109df94c7}\Shell\Autoplay\DropTarget\AutoRun\command: L:\OEMBranding.exe
Sat Mar 03 12:58:12 2007 => Offending Key found: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b60dc10a-85ba-11d9-8a81-001109df94c7} !!!
Sat Mar 03 12:58:12 2007 => Object "Possible Fujacks-type Worm" found in File System! Action Taken: No Action Taken.

Sat Mar 03 12:58:12 2007 => Checking CLSID Reference Entries...
Sat Mar 03 12:58:13 2007 => Entry "HKCR\AOLCoach.TrainerOCXCtrl.10" refers to invalid object "{E04EAE82-14AD-41CB-BF5A-45556ABB8347}". Action Taken: No Action Taken.

Sat Mar 03 12:58:13 2007 => Entry "HKCR\Automap.Map.EU" refers to invalid object "{A49EEA01-9231-4C77-AA9E-2F89D72B4804}". Action Taken: No Action Taken.

Sat Mar 03 12:58:13 2007 => Entry "HKCR\Automap.Map.EU.12" refers to invalid object "{A49EEA01-9231-4C77-AA9E-2F89D72B4804}". Action Taken: No Action Taken.

Sat Mar 03 12:58:13 2007 => Entry "HKCR\Automap.Template.EU.12" refers to invalid object "{A49EEA01-9231-4C77-AA9E-2F89D72B4804}". Action Taken: No Action Taken.

Sat Mar 03 12:58:13 2007 => Entry "HKCR\CoachDM.WebCoachDownload" refers to invalid object "{E04EAE82-14AD-41CB-BF5A-45556ABB8347}". Action Taken: No Action Taken.

Sat Mar 03 12:58:13 2007 => Entry "HKCR\CoachDM.WebCoachDownload.1" refers to invalid object "{E04EAE82-14AD-41CB-BF5A-45556ABB8347}". Action Taken: No Action Taken.

Sat Mar 03 12:58:13 2007 => Entry "HKCR\ComPlusMetaData.MsCorHost" refers to invalid object "{727CDF4F-3BA0-11D3-8738-00C04F79ED0D}". Action Taken: No Action Taken.

Sat Mar 03 12:58:13 2007 => Entry "HKCR\ComPlusMetaData.MsCorHost.2" refers to invalid object "{727CDF4F-3BA0-11D3-8738-00C04F79ED0D}". Action Taken: No Action Taken.

Sat Mar 03 12:58:13 2007 => Entry "HKCR\DirectAnimation.PathControl" refers to invalid object "{D7A7D7C3-D47F-11D0-89D3-00A0C90833E6}". Action Taken: No Action Taken.

Sat Mar 03 12:58:13 2007 => Entry "HKCR\DirectAnimation.Sequence" refers to invalid object "{4F241DB1-EE9F-11D0-9824-006097C99E51}". Action Taken: No Action Taken.

Sat Mar 03 12:58:13 2007 => Entry "HKCR\DirectAnimation.SequencerControl" refers to invalid object "{B0A6BAE2-AAF0-11D0-A152-00A0C908DB96}". Action Taken: No Action Taken.

Sat Mar 03 12:58:13 2007 => Entry "HKCR\DirectAnimation.SpriteControl" refers to invalid object "{FD179533-D86E-11D0-89D6-00A0C90833E6}". Action Taken: No Action Taken.

Sat Mar 03 12:58:13 2007 => Entry "HKCR\DirectAnimation.StructuredGraphicsControl" refers to invalid object "{369303C2-D7AC-11D0-89D5-00A0C90833E6}". Action Taken: No Action Taken.

Sat Mar 03 12:58:14 2007 => Entry "HKCR\ICQPhone.SipxPhoneManager" refers to invalid object "{82308D15-1A2C-416A-A5BE-21DAF85DDB75}". Action Taken: No Action Taken.

Sat Mar 03 12:58:14 2007 => Entry "HKCR\MailFileAtt" refers to invalid object "{00020D05-0000-0000-C000-000000000046}". Action Taken: No Action Taken.

Sat Mar 03 12:58:14 2007 => Entry "HKCR\mapifvbx.object" refers to invalid object "{41116C00-8B90-101B-96CD-00AA003B14FC}". Action Taken: No Action Taken.

Sat Mar 03 12:58:14 2007 => Entry "HKCR\mapifvbx.object.1" refers to invalid object "{41116C00-8B90-101B-96CD-00AA003B14FC}". Action Taken: No Action Taken.

Sat Mar 03 12:58:14 2007 => Entry "HKCR\MDTDF.Form.1" refers to invalid object "{105B80D2-95F1-11D0-B0A0-00AA00BDCB5C}". Action Taken: No Action Taken.

Sat Mar 03 12:58:16 2007 => Entry "HKCR\SPhoneParser.FoundSkypeNumber" refers to invalid object "{E40A96CC-4A5B-47F4-9957-87CDED1DFF45}". Action Taken: No Action Taken.

Sat Mar 03 12:58:16 2007 => Entry "HKCR\SPhoneParser.FoundSkypeNumber.1" refers to invalid object "{E40A96CC-4A5B-47F4-9957-87CDED1DFF45}". Action Taken: No Action Taken.

Sat Mar 03 12:58:16 2007 => Entry "HKCR\SymWriter.pdb" refers to invalid object "{520DC67A-752E-11D3-8D56-00C04F680B2B}". Action Taken: No Action Taken.

Sat Mar 03 12:58:16 2007 => Checking Module Usage Entries...
Sat Mar 03 12:58:16 2007 => Checking User Trusted External App Entries...
Sat Mar 03 12:58:16 2007 => Entry "HKCU\Software\Netscape\Netscape Navigator\User Trusted External Applications" refers to invalid object "". Action Taken: No Action Taken.

Sat Mar 03 12:58:16 2007 => Checking Shared DLL Entries...
Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ahead\NeroDigital\settings.xml". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero PhotoSnap\PhotoSnap-Chs.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero PhotoSnap\PhotoSnap-Cht.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero PhotoSnap\PhotoSnap-Csy.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero PhotoSnap\PhotoSnap-Dan.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero PhotoSnap\PhotoSnap-Ell.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero PhotoSnap\PhotoSnap-Esl.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero PhotoSnap\PhotoSnap-Esp.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero PhotoSnap\PhotoSnap-Fin.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero PhotoSnap\PhotoSnap-Fra.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero PhotoSnap\PhotoSnap-Hun.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero PhotoSnap\PhotoSnap-Ita.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero PhotoSnap\PhotoSnap-Jpn.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero PhotoSnap\PhotoSnap-Kor.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero PhotoSnap\PhotoSnap-Nld.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero PhotoSnap\PhotoSnap-Nor.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero PhotoSnap\PhotoSnap-Plk.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero PhotoSnap\PhotoSnap-Ptb.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero PhotoSnap\PhotoSnap-Ptg.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero PhotoSnap\PhotoSnap-Rus.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero PhotoSnap\PhotoSnap-Sky.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero PhotoSnap\PhotoSnap-Slv.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero PhotoSnap\PhotoSnap-Sve.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero PhotoSnap\PhotoSnap-Tha.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero PhotoSnap\PhotoSnap-Trk.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero PhotoSnap\PhotoSnapViewer-Chs.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero PhotoSnap\PhotoSnapViewer-Cht.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero PhotoSnap\PhotoSnapViewer-Csy.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero PhotoSnap\PhotoSnapViewer-Dan.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero PhotoSnap\PhotoSnapViewer-Ell.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero PhotoSnap\PhotoSnapViewer-Esl.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero PhotoSnap\PhotoSnapViewer-Esp.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero PhotoSnap\PhotoSnapViewer-Fin.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero PhotoSnap\PhotoSnapViewer-Fra.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero PhotoSnap\PhotoSnapViewer-Hun.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero PhotoSnap\PhotoSnapViewer-Ita.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero PhotoSnap\PhotoSnapViewer-Jpn.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero PhotoSnap\PhotoSnapViewer-Kor.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero PhotoSnap\PhotoSnapViewer-Nld.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero PhotoSnap\PhotoSnapViewer-Nor.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero PhotoSnap\PhotoSnapViewer-Plk.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero PhotoSnap\PhotoSnapViewer-Ptb.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero PhotoSnap\PhotoSnapViewer-Ptg.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero PhotoSnap\PhotoSnapViewer-Rus.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero PhotoSnap\PhotoSnapViewer-Sky.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero PhotoSnap\PhotoSnapViewer-Slv.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero PhotoSnap\PhotoSnapViewer-Sve.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero PhotoSnap\PhotoSnapViewer-Tha.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero PhotoSnap\PhotoSnapViewer-Trk.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\CoverDesigner\covered-dan.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\CoverDesigner\covered-cht.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\CoverDesigner\covered-nld.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\CoverDesigner\covered-fra.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\CoverDesigner\covered-ita.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\CoverDesigner\covered-jpn.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\CoverDesigner\covered-kor.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\CoverDesigner\covered-nor.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\CoverDesigner\covered-ptg.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\CoverDesigner\covered-rus.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\CoverDesigner\covered-esp.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\CoverDesigner\covered-sve.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\CoverDesigner\covered-fin.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\CoverDesigner\covered-ptb.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\CoverDesigner\covered-chs.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\CoverDesigner\covered-plk.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\CoverDesigner\covered-csy.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\CoverDesigner\covered-sky.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\CoverDesigner\covered-slv.nls". Action Taken: No Action Taken.

Alt 03.03.2007, 20:34   #5
larsz81
 
Kann ein Experte mal über mein HijackThis-Log schauen? - Standard

Kann ein Experte mal über mein HijackThis-Log schauen?


Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\CoverDesigner\covered-hun.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\CoverDesigner\covered-tha.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\CoverDesigner\covered-trk.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\CoverDesigner\covered-ell.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\CoverDesigner\covered-esl.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero ShowTime\ShowTime-Chs.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero ShowTime\ShowTime-Cht.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero ShowTime\ShowTime-Csy.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero ShowTime\ShowTime-Dan.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero ShowTime\ShowTime-Ell.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero ShowTime\ShowTime-Esl.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero ShowTime\ShowTime-Esp.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero ShowTime\ShowTime-Fin.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero ShowTime\ShowTime-Fra.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero ShowTime\ShowTime-Hun.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero ShowTime\ShowTime-Ita.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero ShowTime\ShowTime-Jpn.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero ShowTime\ShowTime-kor.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero ShowTime\ShowTime-Plk.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero ShowTime\ShowTime-Nld.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero ShowTime\ShowTime-Nor.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero ShowTime\ShowTime-Ptb.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero ShowTime\ShowTime-Ptg.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero ShowTime\ShowTime-Rus.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero ShowTime\ShowTime-Sky.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero ShowTime\ShowTime-Slv.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero ShowTime\ShowTime-sve.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero ShowTime\ShowTime-Tha.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero ShowTime\ShowTime-Trk.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero ShowTime\Skins\standard.bmp". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero Recode\Recode-Chs.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero Recode\Recode-Cht.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero Recode\Recode-Csy.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero Recode\Recode-Dan.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero Recode\Recode-Ell.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero Recode\Recode-Esl.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero Recode\Recode-Esp.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero Recode\Recode-Fin.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero Recode\Recode-Fra.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero Recode\Recode-Hun.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero Recode\Recode-Ita.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero Recode\Recode-Jpn.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero Recode\Recode-Kor.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero Recode\Recode-Nld.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero Recode\Recode-Nor.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero Recode\Recode-Plk.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero Recode\Recode-Ptb.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero Recode\Recode-Ptg.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero Recode\Recode-Rus.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero Recode\Recode-Sky.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero Recode\Recode-Slv.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero Recode\Recode-Sve.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero Recode\Recode-Tha.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero Recode\Recode-Trk.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero BackItUp\BackItUp-Chs.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero BackItUp\BackItUp-Cht.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero BackItUp\BackItUp-Esp.nls". Action Taken: No Action Taken.


Alt 03.03.2007, 20:35   #6
larsz81
 
Kann ein Experte mal über mein HijackThis-Log schauen? - Standard

Kann ein Experte mal über mein HijackThis-Log schauen?


Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero BackItUp\BackItUp-Fra.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero BackItUp\BackItUp-Ita.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero BackItUp\BackItUp-Kor.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero BackItUp\BackItUp-Nld.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero BackItUp\BackItUp-Ptg.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero BackItUp\BackItUp-Csy.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero BackItUp\BackItUp-Dan.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero BackItUp\BackItUp-Ell.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero BackItUp\BackItUp-Esl.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero BackItUp\BackItUp-Fin.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero BackItUp\BackItUp-Hun.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero BackItUp\BackItUp-Nor.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero BackItUp\BackItUp-Plk.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero BackItUp\BackItUp-Ptb.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero BackItUp\BackItUp-Rus.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero BackItUp\BackItUp-Sky.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero BackItUp\BackItUp-Slv.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero BackItUp\BackItUp-Sve.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero BackItUp\BackItUp-Tha.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero BackItUp\BackItUp-Trk.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero StartSmart\NeroStartSmart_chs.chm". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero StartSmart\NeroStartSmart_cht.chm". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero StartSmart\NeroStartSmart_esp.chm". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero StartSmart\NeroStartSmart_fra.chm". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero StartSmart\NeroStartSmart_ita.chm". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero StartSmart\NeroStartSmart_jpn.chm". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero StartSmart\NeroStartSmart_kor.chm". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero StartSmart\NeroStartSmart_nld.chm". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero StartSmart\NeroStartSmart_ptg.chm". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero StartSmart\NeroStartSmart_sve.chm". Action Taken: No Action Taken.

Sat Mar 03 12:58:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Ahead\Nero BackItUp\BackItUp-Jpn.nls". Action Taken: No Action Taken.

Sat Mar 03 12:58:18 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Gemeinsame Dateien\Microsoft Shared\Textconv\WPEQU532.DLL". Action Taken: No Action Taken.

Sat Mar 03 12:58:19 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\system32\pxsfs.dll". Action Taken: No Action Taken.

Sat Mar 03 12:58:19 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\DOKUME~1\Lars\LOKALE~1\Temp\_ISTMP1.DIR\_ISTMP0.DIR\FileGrp\Msvcrt10.dll". Action Taken: No Action Taken.

Sat Mar 03 12:58:25 2007 => Checking Installer Entries...
Sat Mar 03 12:58:25 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Works\". Action Taken: No Action Taken.

Sat Mar 03 12:58:25 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Picture It! 10\". Action Taken: No Action Taken.

Sat Mar 03 12:58:25 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Encarta\". Action Taken: No Action Taken.

Sat Mar 03 12:58:26 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Antivirus Offer\". Action Taken: No Action Taken.

Sat Mar 03 12:58:26 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\ChemOffice 2005\". Action Taken: No Action Taken.

Sat Mar 03 12:58:28 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\KONAMI\Pro Evolution Soccer 4\". Action Taken: No Action Taken.

Sat Mar 03 12:58:28 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\KONAMI\". Action Taken: No Action Taken.

Sat Mar 03 12:58:28 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Office\Microsoft Office Tools\". Action Taken: No Action Taken.

Sat Mar 03 12:58:28 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Office\". Action Taken: No Action Taken.

Sat Mar 03 12:58:29 2007 => Checking Shared Tools Entries...
Sat Mar 03 12:58:29 2007 => Checking File Extension Entries...
Sat Mar 03 12:58:29 2007 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".002". Action Taken: No Action Taken.

Sat Mar 03 12:58:29 2007 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".004". Action Taken: No Action Taken.

Sat Mar 03 12:58:29 2007 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".1121274414&cmd=realopen&folder=%2FUnizeug%2F&jobid=&file=SSHSecureShellClient%2D3%2E2%2E9%2Eexe". Action Taken: No Action Taken.

Sat Mar 03 12:58:29 2007 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".com/pub/". Action Taken: No Action Taken.

Sat Mar 03 12:58:29 2007 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".com/pub/myeTrust/". Action Taken: No Action Taken.

Sat Mar 03 12:58:29 2007 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".dmp". Action Taken: No Action Taken.

Sat Mar 03 12:58:29 2007 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".idx". Action Taken: No Action Taken.

Sat Mar 03 12:58:29 2007 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".MM_". Action Taken: No Action Taken.

Sat Mar 03 12:58:29 2007 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".mpga". Action Taken: No Action Taken.

Sat Mar 03 12:58:29 2007 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".olg". Action Taken: No Action Taken.

Sat Mar 03 12:58:29 2007 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".out". Action Taken: No Action Taken.

Sat Mar 03 12:58:29 2007 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".pcf". Action Taken: No Action Taken.

Sat Mar 03 12:58:29 2007 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".PH". Action Taken: No Action Taken.

Sat Mar 03 12:58:29 2007 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".pk". Action Taken: No Action Taken.

Sat Mar 03 12:58:29 2007 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".PQI". Action Taken: No Action Taken.

Sat Mar 03 12:58:29 2007 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".sdp". Action Taken: No Action Taken.

Sat Mar 03 12:58:29 2007 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".sdw". Action Taken: No Action Taken.

Sat Mar 03 12:58:29 2007 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".sim". Action Taken: No Action Taken.

Sat Mar 03 12:58:29 2007 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".speech". Action Taken: No Action Taken.

Sat Mar 03 12:58:29 2007 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".ssm". Action Taken: No Action Taken.

Sat Mar 03 12:58:29 2007 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".tmp". Action Taken: No Action Taken.

Sat Mar 03 12:58:29 2007 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".trace". Action Taken: No Action Taken.

Sat Mar 03 12:58:29 2007 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".xpl". Action Taken: No Action Taken.

Sat Mar 03 12:58:29 2007 => Checking Application Cache Entries...
Sat Mar 03 12:58:29 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "AOL Connectivity Services". Action Taken: No Action Taken.

Sat Mar 03 12:58:29 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "AOLCoach de". Action Taken: No Action Taken.

Sat Mar 03 12:58:29 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Mozilla Firefox (2.0.0.1)". Action Taken: No Action Taken.

Sat Mar 03 12:58:29 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{40CEB0B7-671F-4269-BB20-9388B7BC5FBF}". Action Taken: No Action Taken.

Sat Mar 03 12:58:29 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{4757E865-0292-4E04-940D-9C51052A5DD6}". Action Taken: No Action Taken.

Sat Mar 03 12:58:29 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{66D08203-FB46-4D27-A609-FFE9A77FAA1F}". Action Taken: No Action Taken.

Sat Mar 03 12:58:29 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{8DCBD4B1-DD30-4A9A-ADF7-FA3162B596C4}". Action Taken: No Action Taken.

Sat Mar 03 12:58:29 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{AC76BA86-7AD7-1031-7B44-A70000000000}". Action Taken: No Action Taken.

Sat Mar 03 12:58:29 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{AF3CFB9C-A368-43DE-8877-A33B5D91CB71}". Action Taken: No Action Taken.

Sat Mar 03 12:58:29 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{CC55BD24-C1A6-4397-8EA3-2F30E74BDA2B}". Action Taken: No Action Taken.

Sat Mar 03 12:58:29 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{CCFD0EBD-252F-42F4-95AE-01E358EFD87A}". Action Taken: No Action Taken.

Sat Mar 03 12:58:29 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{EE9B31BB-1958-48CB-A298-57E3BE72FF2B}". Action Taken: No Action Taken.

Sat Mar 03 13:47:20 2007 => File C:\Dokumente und Einstellungen\Lars\Lokale Einstellungen\Temporary Internet Files\Content.IE5\KTUJ01UN\website.htm infected by "Trojan-Clicker.JS.Linker.h" Virus! Action Taken: No Action Taken.

So, 3geteilt, da die Einträge zu lang waren...

...diese ganzen internet.lnk Sachen kann ich nich glauben, da das ne Verknüpfung mit ir ist, die ich selbst erstellt hab.

Beim Rest, weiß ich nich, die temporary Internetfile hab ich gelöscht

OK, Danke im Voraus

Alt 03.03.2007, 20:36   #7
Mellosun
 
Kann ein Experte mal über mein HijackThis-Log schauen? - Standard

Kann ein Experte mal über mein HijackThis-Log schauen?


Supi...wers soll das alles lesen?

Schaue nochmal in die Anleitung zu eScan.....fast am Ende findest du einen Punkt [5] , der Dir die find.zip gibt und erklärt......führe das aus und Poste dieses Log!


Gruß Mellosun

Alt 04.03.2007, 03:46   #8
larsz81
 
Kann ein Experte mal über mein HijackThis-Log schauen? - Standard

Kann ein Experte mal über mein HijackThis-Log schauen?


Hm, naja, das hab ich mir auch gedacht, aber OK hier noch mal alles mit infected oder tagged:

Sat Mar 03 12:57:24 2007 => Offending Key found: HKCU\\magnet !!!
Sat Mar 03 12:57:24 2007 => Object "grokster Spyware/Adware" found in File System! Action Taken: No Action Taken.

Sat Mar 03 12:57:34 2007 => Offending file found: C:\Dokumente und Einstellungen\Lars\Eigene Dateien\downloads\passwortfinder\password.exe
Sat Mar 03 12:57:34 2007 => System found infected with password-finder 2.1 PSWTool (password.exe)! Action taken: No Action Taken.

Sat Mar 03 12:57:41 2007 => Offending file found: C:\Dokumente und Einstellungen\Lars\Eigene Dateien\eigene dokumente\symbolleiste\internet\internet.lnk
Sat Mar 03 12:57:41 2007 => System found infected with ezula Spyware/Adware (internet.lnk)! Action taken: No Action Taken.

Sat Mar 03 12:57:55 2007 => Offending file found: C:\Dokumente und Einstellungen\Lars\Eigene Dateien\symbolleiste\internet\internet.lnk
Sat Mar 03 12:57:55 2007 => System found infected with ezula Spyware/Adware (internet.lnk)! Action taken: No Action Taken.

Sat Mar 03 12:58:05 2007 => Offending file found: C:\Dokumente und Einstellungen\Lars\Eigene Dateien\downloads\passwortfinder\password.exe
Sat Mar 03 12:58:05 2007 => System found infected with password-finder 2.1 PSWTool (password.exe)! Action taken: No Action Taken.

Sat Mar 03 12:58:06 2007 => Offending file found: C:\Dokumente und Einstellungen\Lars\Eigene Dateien\eigene dokumente\symbolleiste\internet\internet.lnk
Sat Mar 03 12:58:06 2007 => System found infected with ezula Spyware/Adware (internet.lnk)! Action taken: No Action Taken.

Sat Mar 03 12:58:07 2007 => Offending file found: C:\Dokumente und Einstellungen\Lars\Eigene Dateien\symbolleiste\internet\internet.lnk
Sat Mar 03 12:58:07 2007 => System found infected with ezula Spyware/Adware (internet.lnk)! Action taken: No Action Taken.

Sat Mar 03 12:58:12 2007 => Checking MountPoints2 Registry Key...
Sat Mar 03 12:58:12 2007 => Invalid Command Found in {0f039ae1-8468-11d9-8a72-001109df9636}\Shell\Autoplay\DropTarget\AutoRun\command: L:\OEMBranding.exe
Sat Mar 03 12:58:12 2007 => Offending Key found: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0f039ae1-8468-11d9-8a72-001109df9636} !!!
Sat Mar 03 12:58:12 2007 => Object "Possible Fujacks-type Worm" found in File System! Action Taken: No Action Taken.

Sat Mar 03 12:58:12 2007 => Invalid Command Found in {176ebe7a-8522-11d9-8a7e-001109df94c7}\Shell\Autoplay\DropTarget\AutoRun\command: K:\OEMBranding.exe
Sat Mar 03 12:58:12 2007 => Offending Key found: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{176ebe7a-8522-11d9-8a7e-001109df94c7} !!!
Sat Mar 03 12:58:12 2007 => Object "Possible Fujacks-type Worm" found in File System! Action Taken: No Action Taken.

Sat Mar 03 12:58:12 2007 => Invalid Command Found in {b60dc10a-85ba-11d9-8a81-001109df94c7}\Shell\Autoplay\DropTarget\AutoRun\command: L:\OEMBranding.exe
Sat Mar 03 12:58:12 2007 => Offending Key found: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b60dc10a-85ba-11d9-8a81-001109df94c7} !!!
Sat Mar 03 12:58:12 2007 => Object "Possible Fujacks-type Worm" found in File System! Action Taken: No Action Taken.

Sat Mar 03 13:47:20 2007 => File C:\Dokumente und Einstellungen\Lars\Lokale Einstellungen\Temporary Internet Files\Content.IE5\KTUJ01UN\website.htm infected by "Trojan-Clicker.JS.Linker.h" Virus! Action Taken: No Action Taken.

Alt 04.03.2007, 11:27   #9
larsz81
 
Kann ein Experte mal über mein HijackThis-Log schauen? - Standard

Kann ein Experte mal über mein HijackThis-Log schauen?


OK, gestern Nacht warn es wohl zu viel Bier, als das ich da noch klar hätte denken können, also hab ich das total verpeilt mit der find.bat... So nu hab ich aber find.bat angewendet und hier das Ergebnis:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Header
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Microsoft Windows XP [Version 5.1.2600]
>
Sat Mar 03 12:36:36 2007 => Virus Database Date: 3/3/2007
Sat Mar 03 12:37:18 2007 => Virus Database Date: 3/3/2007
Sat Mar 03 12:55:05 2007 => Virus Database Date: 3/3/2007
Sat Mar 03 16:21:07 2007 => Virus Database Date: 3/3/2007
Sat Mar 03 19:21:38 2007 => Virus Database Date: 3/3/2007
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Infektionsmeldungen
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Sat Mar 03 12:57:34 2007 => System found infected with password-finder 2.1 PSWTool (password.exe)! Action taken: No Action Taken.
Sat Mar 03 12:57:41 2007 => System found infected with ezula Spyware/Adware (internet.lnk)! Action taken: No Action Taken.
Sat Mar 03 12:57:55 2007 => System found infected with ezula Spyware/Adware (internet.lnk)! Action taken: No Action Taken.
Sat Mar 03 12:58:05 2007 => System found infected with password-finder 2.1 PSWTool (password.exe)! Action taken: No Action Taken.
Sat Mar 03 12:58:06 2007 => System found infected with ezula Spyware/Adware (internet.lnk)! Action taken: No Action Taken.
Sat Mar 03 12:58:07 2007 => System found infected with ezula Spyware/Adware (internet.lnk)! Action taken: No Action Taken.
~~~~~~~~~~~
Dateien
~~~~~~~~~~~
~~~~ Infected files
~~~~~~~~~~~
Sat Mar 03 13:47:20 2007 => File C:\Dokumente und Einstellungen\Lars\Lokale Einstellungen\Temporary Internet Files\Content.IE5\KTUJ01UN\website.htm infected by "Trojan-Clicker.JS.Linker.h" Virus! Action Taken: No Action Taken.
~~~~~~~~~~~
~~~~ Tagged files
~~~~~~~~~~~
Sat Mar 03 13:11:21 2007 => Scanning File C:\Dokumente und Einstellungen\Lars\Eigene Dateien\Adobe Acrobat\Customer Support\Test Files\Untagged.pdf
Sat Mar 03 13:21:54 2007 => File C:\Dokumente und Einstellungen\Lars\Eigene Dateien\Downloads\Passwortfinder\password.exe//data0001//UPX tagged as "not-a-virus:PSWTool.Win32.PasswordFinder.21". No Action Taken.
Sat Mar 03 13:25:13 2007 => File C:\Dokumente und Einstellungen\Lars\Eigene Dateien\Downloads\Tight VNC\tightvnc-1.2.9-setup.exe//data0002 tagged as "not-a-virus:RemoteAdmin.Win32.WinVNC-based.b". No Action Taken.
Sat Mar 03 14:48:20 2007 => File C:\Programme\Screensavers.com\Installer\bin\ScreensaversInst.dll tagged as "not-a-virus:AdWare.Win32.Comet.c". Action Taken: No Action Taken.
Sat Mar 03 15:49:51 2007 => Scanning File F:\Kopie von Eigene Dateien (6.11.05)\Adobe Acrobat\Customer Support\Test Files\Untagged.pdf
Sat Mar 03 15:54:36 2007 => File F:\Kopie von Eigene Dateien (6.11.05)\Downloads\Passwortfinder\password.exe//data0001//UPX tagged as "not-a-virus:PSWTool.Win32.PasswordFinder.21". No Action Taken.
Sat Mar 03 15:57:23 2007 => File F:\Kopie von Eigene Dateien (6.11.05)\Downloads\Tight VNC\tightvnc-1.2.9-setup.exe//data0002 tagged as "not-a-virus:RemoteAdmin.Win32.WinVNC-based.b". No Action Taken.
~~~~~~~~~~~
~~~~ Offending files
~~~~~~~~~~~
Sat Mar 03 12:57:34 2007 => Offending file found: C:\Dokumente und Einstellungen\Lars\Eigene Dateien\downloads\passwortfinder\password.exe
Sat Mar 03 12:57:41 2007 => Offending file found: C:\Dokumente und Einstellungen\Lars\Eigene Dateien\eigene dokumente\symbolleiste\internet\internet.lnk
Sat Mar 03 12:57:55 2007 => Offending file found: C:\Dokumente und Einstellungen\Lars\Eigene Dateien\symbolleiste\internet\internet.lnk
Sat Mar 03 12:58:05 2007 => Offending file found: C:\Dokumente und Einstellungen\Lars\Eigene Dateien\downloads\passwortfinder\password.exe
Sat Mar 03 12:58:06 2007 => Offending file found: C:\Dokumente und Einstellungen\Lars\Eigene Dateien\eigene dokumente\symbolleiste\internet\internet.lnk
Sat Mar 03 12:58:07 2007 => Offending file found: C:\Dokumente und Einstellungen\Lars\Eigene Dateien\symbolleiste\internet\internet.lnk
~~~~~~~~~~~
Ordner
~~~~~~~~~~~
~~~~~~~~~~~
Registry
~~~~~~~~~~~
Sat Mar 03 12:57:24 2007 => Offending Key found: HKCU\\magnet !!!
Sat Mar 03 12:58:12 2007 => Offending Key found: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0f039ae1-8468-11d9-8a72-001109df9636} !!!
Sat Mar 03 12:58:12 2007 => Offending Key found: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{176ebe7a-8522-11d9-8a7e-001109df94c7} !!!
Sat Mar 03 12:58:12 2007 => Offending Key found: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b60dc10a-85ba-11d9-8a81-001109df94c7} !!!
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Statistiken:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

So, nochmals Danke, falls da noch mal wer was zu sagen kann!!!! Und auch wenn derjenige es nicht liest: Danke für die find.bat !!!

Lars

Alt 04.03.2007, 11:30   #10
larsz81
 
Kann ein Experte mal über mein HijackThis-Log schauen? - Standard

Kann ein Experte mal über mein HijackThis-Log schauen?


Ach ja, wie gesagr Internet.lnk ist von mir, genauso wie password.exe, die sind also kein Problem... Ordner Screensavers.com und alle Sachen im Conten.IE5 sind gelöscht...


Lars

Alt 04.03.2007, 11:53   #11
Mellosun
 
Kann ein Experte mal über mein HijackThis-Log schauen? - Standard

Kann ein Experte mal über mein HijackThis-Log schauen?


Zitat:
Zitat von larsz81 Beitrag anzeigen
Ach ja, wie gesagr Internet.lnk ist von mir, genauso wie password.exe, die sind also kein Problem... Ordner Screensavers.com und alle Sachen im Conten.IE5 sind gelöscht...


Lars

Dann sollte doch alles im grünen Bereich sein!
Wie hast du die Sachen im IE5 gelöscht?
Hast du ein Clear Programm wie CCleaner benutzt? Ist ganz Hilfreich und Gründlich!


Gruß Mellosun

Alt 04.03.2007, 12:24   #12
larsz81
 
Kann ein Experte mal über mein HijackThis-Log schauen? - Standard

Kann ein Experte mal über mein HijackThis-Log schauen?


Hm, nein, sollte ich das? Ich hab es einfach per Hand gelöscht (dabei hab ich mich natürlich erst mal, wie wohl 100000 andere, damit rumgeschlagen, das der reudige Explorer den Temp. Internet Files Ordner nich anzeigt. Aber Dank Total-Commander konnte ich bis auf die index.dat alles löschen... ich hoffe das ist ausreichend, wenn ich das einfach so gemacht hab...


Also, nochmals vielen Dank !!!!!

Lars

Antwort

Themen zu Kann ein Experte mal über mein HijackThis-Log schauen?
adobe, bho, c:\windows\temp, cyberlink, desktop, dll, einstellungen, error, excel, firefox, google, hijack, hijackthis, home, internet, internet explorer, konvertieren, mozilla, mozilla firefox, pdf, pdf-datei, rundll, skype.exe, software, system, taskmanager, temp, trojaner, windows, windows xp, windows\temp, wlan


« Trojan.PSW Win32.Small.bs gefunden | Hilfe -> bitte einmal die logfile anschauen »


Ähnliche Themen: Kann ein Experte mal über mein HijackThis-Log schauen?


  1. Kann jemand mal über mein Hijack schauen
    Log-Analyse und Auswertung - 15.02.2014 (3)
  2. Kann mal jemand schnell über den HiJackThis scan drüber schauen.
    Log-Analyse und Auswertung - 29.03.2012 (72)
  3. AppHangB1 Bitte mal über mein HiJackThis gucken
    Log-Analyse und Auswertung - 05.09.2009 (4)
  4. Bitte schaut mal über mein HijackThis!!
    Log-Analyse und Auswertung - 23.06.2009 (7)
  5. Bitte mal über mein Log-File schauen
    Log-Analyse und Auswertung - 24.04.2009 (13)
  6. Bitte mal über mein Logfile schauen!
    Mülltonne - 26.01.2009 (0)
  7. kann sich bitte jemand mein HiJackThis Log ansehen
    Mülltonne - 02.07.2008 (1)
  8. Kann bitte einer mein HiJackThis Log-File Checken??
    Log-Analyse und Auswertung - 28.08.2007 (1)
  9. Hey, kann bitte mal wer mein Hijackthis-log prüfen..
    Log-Analyse und Auswertung - 26.01.2007 (1)
  10. Kann sich bitte jemand mein HiJackThis Log ansehen?
    Log-Analyse und Auswertung - 09.05.2006 (3)
  11. bitte mal über mein HJT-Log-File schauen
    Log-Analyse und Auswertung - 21.04.2006 (6)
  12. Mein Log-File - Kann mal jemand drüber schauen...
    Log-Analyse und Auswertung - 15.03.2006 (1)
  13. Kann mal bitte wer auf mein Logfile schauen
    Log-Analyse und Auswertung - 26.12.2005 (11)
  14. bitte schaut doch mal über mein HiJackThis Log-file
    Log-Analyse und Auswertung - 07.11.2005 (9)
  15. Wer kann mein Logfile HijackThis auswerten?
    Log-Analyse und Auswertung - 13.03.2005 (6)
  16. Kann sich jemand bitte mein HijackThis ansehen
    Log-Analyse und Auswertung - 09.01.2005 (9)
  17. hijackthis file kann mal jemand drauf schauen?
    Plagegeister aller Art und deren Bekämpfung - 21.09.2004 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Kann ein Experte mal über mein HijackThis-Log schauen? - Hallo. Hab Windows XP Home und McAffee Virusscan Enterprise 8.0.0 (gerade erst aktualisiert) Also McAffee meldete irgendwas mit Bo Heep bei explorer.exe (Pufferüberlauf) was er aber geblockt hat. Darauf hat - Kann ein Experte mal über mein HijackThis-Log schauen?...
Archiv
Du betrachtest: Kann ein Experte mal über mein HijackThis-Log schauen? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131