|
TR/Dldr.iBill.AK in mailbox gefunden. Antivir kann den File nicht löschen Bei einem Systemscan gibt Antivir mir folgende Fehlermeldung. This file is a mailbox. To avoid damaging your emails this file will not be repaired or deleted! Is the Trojan horse: TR/Dldr.iBill.AK ich kann den file also nicht in Quarantäne stellen. was kann ich tun? Danke für eure Hilfe. |
Nen Minimum an Informationen wär halt schon notwendig. :rolleyes: Benutzt du Windows oder Linux? Benutzt du XP oder ein anderes Betriebssystem? Welche Mailsoftware nutzt du? Wie heißt die bemängelte Datei? Das sind die wichtigsten Infos, ohne die kann dir erstmal keiner helfen... lg myrtille |
Ich hab Windows XP. Nutzen tue ich jetzt Outlook-express. Mein Vorgänger hatte aber Thunderbird. Das habe ich jedoch deinstalliert. Und Dateiname: siehe unten Avira AntiVir Personal Report file date: 09 July 2008 10:11 Scanning for 1393875 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-ADJIE-0001 Platform: Windows XP Windows version: (Service Pack 2) [5.1.2600] Boot mode: Normally booted Username: SYSTEM Computer name: AFXPMONAIRDIG02 Version information: BUILD.DAT : 8.1.0.308 16478 Bytes 28.05.2008 17:03:00 AVSCAN.EXE : 8.1.2.12 311553 Bytes 18.03.2008 10:02:56 AVSCAN.DLL : 8.1.1.0 53505 Bytes 07.02.2008 09:43:37 LUKE.DLL : 8.1.2.9 151809 Bytes 28.02.2008 09:41:23 LUKERES.DLL : 8.1.2.1 12033 Bytes 21.02.2008 09:28:40 ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18.07.2007 11:33:34 ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24.06.2008 06:16:35 ANTIVIR2.VDF : 7.0.5.51 273408 Bytes 04.07.2008 06:04:15 ANTIVIR3.VDF : 7.0.5.71 204800 Bytes 09.07.2008 06:04:41 Engineversion : 8.1.0.64 AEVDF.DLL : 8.1.0.5 102772 Bytes 25.02.2008 10:58:21 AESCRIPT.DLL : 8.1.0.46 283002 Bytes 03.07.2008 06:04:08 AESCN.DLL : 8.1.0.22 119157 Bytes 20.06.2008 15:32:42 AERDL.DLL : 8.1.0.20 418165 Bytes 13.06.2008 15:19:26 AEPACK.DLL : 8.1.1.6 364918 Bytes 20.06.2008 15:32:40 AEOFFICE.DLL : 8.1.0.20 192891 Bytes 20.06.2008 15:32:34 AEHEUR.DLL : 8.1.0.35 1298806 Bytes 03.07.2008 06:04:04 AEHELP.DLL : 8.1.0.15 115063 Bytes 13.06.2008 15:15:51 AEGEN.DLL : 8.1.0.29 307573 Bytes 20.06.2008 15:32:18 AEEMU.DLL : 8.1.0.6 430451 Bytes 13.06.2008 15:14:16 AECORE.DLL : 8.1.0.32 168311 Bytes 03.07.2008 06:03:51 AVWINLL.DLL : 1.0.0.7 14593 Bytes 23.01.2008 18:07:53 AVPREF.DLL : 8.0.0.1 25857 Bytes 18.02.2008 11:37:50 AVREP.DLL : 7.0.0.1 155688 Bytes 16.04.2007 14:26:47 AVREG.DLL : 8.0.0.0 30977 Bytes 23.01.2008 18:07:49 AVARKT.DLL : 1.0.0.23 307457 Bytes 12.02.2008 09:29:23 AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 28.02.2008 09:31:31 SQLITE3.DLL : 3.3.17.1 339968 Bytes 22.01.2008 18:28:02 SMTPLIB.DLL : 1.2.0.19 28929 Bytes 23.01.2008 18:08:39 NETNT.DLL : 8.0.0.1 7937 Bytes 25.01.2008 13:05:10 RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 10.03.2008 15:37:25 RCTEXT.DLL : 8.0.32.0 86273 Bytes 06.03.2008 13:02:11 Configuration settings for the scan: Jobname..........................: Complete system scan Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp Logging..........................: low Primary action...................: interactive Secondary action.................: ignore Scan master boot sector..........: on Scan boot sector.................: on Boot sectors.....................: C:, Scan memory......................: on Process scan.....................: on Scan registry....................: on Search for rootkits..............: off Scan all files...................: All files Scan archives....................: on Recursion depth..................: off Smart extensions.................: on Deviating archive types..........: +BSD Mailbox, +Netscape/Mozilla Mailbox, +Eudora Mailbox, +Squid cache, +Pegasus Mailbox, +MS Outlook Mailbox, Macro heuristic..................: on File heuristic...................: high Deviating risk categories........: +APPL,+GAME,+JOKE,+PCK,+SPR, Start of the scan: 09 July 2008 10:11 The scan of running processes will be started Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'avcenter.exe' - '1' Module(s) have been scanned Scan process 'wuauclt.exe' - '1' Module(s) have been scanned Scan process 'skypePM.exe' - '1' Module(s) have been scanned Scan process 'alg.exe' - '1' Module(s) have been scanned Scan process 'fbserver.exe' - '1' Module(s) have been scanned Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned Scan process 'symlcsvc.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'SMAgent.exe' - '1' Module(s) have been scanned Scan process 'Skype.exe' - '1' Module(s) have been scanned Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned Scan process 'HPZipm12.exe' - '1' Module(s) have been scanned Scan process 'ctfmon.exe' - '1' Module(s) have been scanned Scan process 'avgnt.exe' - '1' Module(s) have been scanned Scan process 'jusched.exe' - '1' Module(s) have been scanned Scan process 'igfxpers.exe' - '1' Module(s) have been scanned Scan process 'hkcmd.exe' - '1' Module(s) have been scanned Scan process 'SMTray.exe' - '1' Module(s) have been scanned Scan process 'LogMeIn.exe' - '1' Module(s) have been scanned Scan process 'explorer.exe' - '1' Module(s) have been scanned Scan process 'ramaint.exe' - '1' Module(s) have been scanned Scan process 'fbguard.exe' - '1' Module(s) have been scanned Scan process 'CDAC11BA.EXE' - '1' Module(s) have been scanned Scan process 'AluSchedulerSvc.exe' - '1' Module(s) have been scanned Scan process 'avguard.exe' - '1' Module(s) have been scanned Scan process 'sched.exe' - '1' Module(s) have been scanned Scan process 'spoolsv.exe' - '1' Module(s) have been scanned Scan process 'aawservice.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'lsass.exe' - '1' Module(s) have been scanned Scan process 'services.exe' - '1' Module(s) have been scanned Scan process 'winlogon.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'smss.exe' - '1' Module(s) have been scanned 39 processes with 39 modules were scanned Starting master boot sector scan: Master boot sector HD0 [INFO] No virus was found! Master boot sector HD1 [INFO] No virus was found! [WARNING] Das Gerät ist nicht bereit. Master boot sector HD2 [INFO] No virus was found! [WARNING] Das Gerät ist nicht bereit. Master boot sector HD3 [INFO] No virus was found! [WARNING] Das Gerät ist nicht bereit. Master boot sector HD4 [INFO] No virus was found! [WARNING] Das Gerät ist nicht bereit. Start scanning boot sectors: Boot sector 'C:\' [INFO] No virus was found! Starting to scan the registry. The registry was scanned ( '25' files ). Starting the file scan: Begin scan in 'C:\' C:\hiberfil.sys [WARNING] The file could not be opened! C:\pagefile.sys [WARNING] The file could not be opened! C:\Documents and Settings\DIGuser02\Application Data\Thunderbird\Profiles\go1te8sc.default\Mail\Local Folders\Inbox [0] Archive type: Netscape/Mozilla Mailbox --> Mailbox_[Message-ID: <000f01c78040$fdf2ab70$00cd8134@Appointment>][From: "eBay" <meinestory@ebay.de>][Subject: Ebay: Sie haben Ihre Email Adresse geanderter]76.mim [1] Archive type: MIME --> 00644.zip [DETECTION] The file contains an executable. This, however, is disguised by a harmless file extension (HIDDENEXT/Worm.Gen) --> 00644.zip [2] Archive type: ZIP --> Dokument.doc.exe [DETECTION] Is the Trojan horse TR/Dldr.Agent.98009 --> Mailbox_[From: "cleverbridge Avira GmbH." <cle@cleverbridge.co][Message-ID: <64297519.20070423115906@cleverbridge.com>][Subject: Referenznr.:595169: Ihre Bestellung von Avira G]92.mim [1] Archive type: MIME --> 595169.zip [2] Archive type: ZIP --> HBEDV.KEY.exe [DETECTION] Is the Trojan horse TR/Dldr.iBill.AJ.1 --> Mailbox_[Message-ID: <CD664F03.3274134@northwestern.edu>][From: Antonio <Marta@northwestern.edu>][Subject: RE: Unterlagen]104.mim [1] Archive type: MIME --> 64646.zip [DETECTION] The file contains an executable. This, however, is disguised by a harmless file extension (HIDDENEXT/Worm.Gen) --> 64646.zip [2] Archive type: ZIP --> Vertrag.doc.exe [DETECTION] Is the Trojan horse TR/Dldr.iBill.AM --> Mailbox_[Message-ID: <34C81D12.5368055@yrnet.com>][From: Rodrigo <Caroline@yrnet.com>][Subject: RE: Unterlagen]106.mim [1] Archive type: MIME --> 57670.zip [DETECTION] The file contains an executable. This, however, is disguised by a harmless file extension (HIDDENEXT/Worm.Gen) --> 57670.zip [2] Archive type: ZIP --> Vertrag.doc.exe [DETECTION] Is the Trojan horse TR/Dldr.iBill.AM --> Mailbox_[Message-ID: <95F89265.7757663@lansheng.net>][From: Eugenia <Glenda@lansheng.net>][Subject: RE: Vertrag]108.mim [1] Archive type: MIME --> 29797.zip [DETECTION] The file contains an executable. This, however, is disguised by a harmless file extension (HIDDENEXT/Worm.Gen) --> 29797.zip [2] Archive type: ZIP --> Vertrag.doc.exe [DETECTION] Is the Trojan horse TR/Dldr.iBill.AM --> Mailbox_[Message-ID: <731E5CDE.0640939@nittanylink.com>][From: Blanca <Richie@nittanylink.com>][Subject: RE:]110.mim [1] Archive type: MIME --> 79423.zip [DETECTION] The file contains an executable. This, however, is disguised by a harmless file extension (HIDDENEXT/Worm.Gen) --> 79423.zip [2] Archive type: ZIP --> Vertrag.doc.exe [DETECTION] Is the Trojan horse TR/Dldr.iBill.AM --> Mailbox_[Message-ID: <BFEEEDF7.5970521@northwestern.edu>][From: Houston <Ed@northwestern.edu>][Subject: RE: Unterlagen]112.mim [1] Archive type: MIME --> 97539.zip [DETECTION] The file contains an executable. This, however, is disguised by a harmless file extension (HIDDENEXT/Worm.Gen) --> 97539.zip [2] Archive type: ZIP --> Vertrag.doc.exe [DETECTION] Is the Trojan horse TR/Dldr.iBill.AM --> Mailbox_[From: "cleverbridge Avira GmbH" <tech@cleverbridge.][Message-ID: <45552870.20070429074304@cleverbridge.com>][Subject: Referenznr.:595169: Ihre Bestellung von Avira G]132.mim [1] Archive type: MIME --> 595169.zip [DETECTION] Is the Trojan horse TR/Dldr.iBill.Zipped --> 595169.zip [2] Archive type: ZIP --> HBEDV.KEY.exe [DETECTION] Is the Trojan horse TR/Dldr.iBill.AK --> Mailbox_[From: "cleverbridge Avira GmbH" <tech@cleverbridge.co][Message-ID: <44915428.20070428074012@cleverbridge.com>][Subject: Referenznr.:595169: Ihre Bestellung von Avira G]136.mim [1] Archive type: MIME --> 595169.zip [DETECTION] Is the Trojan horse TR/Dldr.iBill.Zipped --> 595169.zip [2] Archive type: ZIP --> HBEDV.KEY.exe [DETECTION] Is the Trojan horse TR/Dldr.iBill.AK --> Mailbox_[From: "cleverbridge Avira GmbH" <list@cleverbridge.][Message-ID: <232502931.20070428154408@cleverbridge.com>][Subject: Referenznr.:595169: Ihre Bestellung von Avira G]138.mim [1] Archive type: MIME --> 595169.zip [DETECTION] Is the Trojan horse TR/Dldr.iBill.Zipped --> 595169.zip [2] Archive type: ZIP --> HBEDV.KEY.exe [DETECTION] Is the Trojan horse TR/Dldr.iBill.AK --> Mailbox_[From: "cleverbridge Avira GmbH." <list@cleverbridge.c][Message-ID: <709964972.20070428195904@cleverbridge.com>][Subject: Referenznr.:595169: Ihre Bestellung von Avira G]140.mim [1] Archive type: MIME --> 595169.zip [DETECTION] Is the Trojan horse TR/Dldr.iBill.Zipped --> 595169.zip [2] Archive type: ZIP --> HBEDV.KEY.exe [DETECTION] Is the Trojan horse TR/Dldr.iBill.AK [WARNING] This file is a mailbox. To avoid damaging your emails this file will not be repaired or deleted! C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcrst.dll [WARNING] The file could not be opened! End of the scan: 09 July 2008 11:31 Used time: 1:20:15 min The scan has been done completely. 9280 Scanning directories 636671 Files were scanned 15 viruses and/or unwanted programs were found 6 Files were classified as suspicious: 0 files were deleted 0 files were repaired 0 files were moved to quarantine 0 files were renamed 3 Files cannot be scanned 636656 Files not concerned 10655 Archives were scanned 8 Warnings 0 Notes |
Hi, Zitat:
Weißt du was die Person alles mit dem Rechner gemacht hat, was sie an Malware auf dem Rechner hat/hatte? Ob sie den Rechner manipuliert hat, um weiterhin auf den Rechner zugreifen zu können? etc? Es ist natürlich deine Entscheidung, aber ich würde niemals einen gebrauchten Laptop übernehmen, ohne das System komplett neuaufzusetzen. @Datei Wenn du Thunderbird und die darin gespeicherten Mails nicht brauchst, kannst du einfach den Ordner Zitat:
Wenn du Thunderbird weiterhin nutzt und nur die entsprechenden Mails löschen willst, dann musst du Thunderbird starten, die entsprechenden Mails in den Mülleimer verschieben. Den Mülleimer leeren und anschließend unter dann unter Datei auf "All Ordner des Konto komprimieren" klicken. Danach sollten die Dateien auch verschwunden sien. lg myrtille |
nun da wir den Rechner nutzen um in Afrika einen Flughafen zu bauen, und hier keinerlei Installations-CD der fachspezifischen Programme mitgebracht wurde (was natürlich ein Unding ist) kann ich den Rechner meines Vorgängers nicht neu installieren. Aber er ist ja ein Kollege und Freund, von daher hab ich keine Bedenken. :-) |
Zitat:
Ich hoffe ich muss jetzt nichts über Backups, kaputte Festplatten und verlorene Daten sagen? :p Auch wenn man keine Windows-CD zum Neuaufsetzen hat sollten die Datein gesichert werden. ;) Desweiteren würd ich gern ein Hijackthis log sehen.... Mal sehen, was außer dem Flughafen noch auf dem Rechner ist ;) Zitat:
2 Antivirenprogrammen reduzieren die Sicherheit des Systems, da sie sich gegenseitig behindern, bitte eins deinstallieren. lg myrtille |
norton symantec hab ich schon deinstalliert was ich noch drauf habe ist: spydoctor und Malwarebytes aber die sind nicht aktiv. Logfile of HijackThis v1.99.1 Scan saved at 15:21:00, on 09/07/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe C:\Program Files\LogMeIn\x86\RaMaint.exe C:\WINDOWS\Explorer.EXE C:\Program Files\LogMeIn\x86\LogMeIn.exe C:\Program Files\Analog Devices\SoundMAX\SMTray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe C:\Program Files\Skype\Plugin Manager\SkypePM.exe C:\Program Files\IB&T\CARD81\CARDP\CARDEXEC.EXE C:\Program Files\Leica Geosystems\Survey Office\OfficeToolsMenu.exe C:\Program Files\Outlook Express\msimn.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Documents and Settings\DIGuser02\My Documents\Wartung\Dieter\hijackthis_199\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://xxx.xxx.xx/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://xxx.xxxxx.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://xxx.xxx.xxx.com/customize/ie/defaults/sb/msgr8/*http://xxx.xxx.xxx/ext/search/search.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://xxx.xxx.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 10.68.0.28:8080 R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file) O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file) O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe O4 - HKLM\..\Run: [SetRefresh] REM C:\Program Files\Compaq\SetRefresh\SetRefresh.exe O4 - HKLM\..\Run: [VOBRegCheck] C:\WINDOWS\System32\VOBREGCheck.exe -CheckReg O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: In Adobe PDF konvertieren - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: In vorhandene PDF-Datei konvertieren - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {556EEC63-31E2-47C3-BF29-DFF799D2FE04} (Remote Access ActiveX Client) - https:/xxx.xxx.com/activex/RACtrl.cab O16 - DPF: {59136DB4-6CA3-4B40-8F2F-BBF84B6F1E91} (Attachment Upload Control) - https://xxxx.xxx.de/mail/activex/mail_upload_11213.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://xxx.xxx.de/scan_de/scan8/oscan8.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://xxx.xxx.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1144798353625 O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://xxx.xxx.com/products/acrobat/nos/gp.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{107824C6-0507-4603-B1A8-627654CD0487}: NameServer = 213.187.132.70 O17 - HKLM\System\CS1\Services\Tcpip\..\{107824C6-0507-4603-B1A8-627654CD0487}: NameServer = 213.187.132.70 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll O20 - Winlogon Notify: LMIinit - C:\WINDOWS\SYSTEM32\LMIinit.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe |
Hast du dabei den uninstaller von norton genutzt, oder bist einfach über die Systemsteuerung gegangen. Ich frag, weil es doch noch deutliche Spuren gibt: Zitat:
Java und Adobe scheinen ein Update vertragen zu können, ansonsten sieht das Log sauber aus. lg myrtille |
Tut mir leid, ich bin über die Systemsteuerung gegangen und hab alles was ich als überflüssig empfand deinstalliert. So auch Norton. Was kann ich jetzt tun? |
Ist kein Drama... es ist nur so, dass Norton nicht komplett deinstalliert wird, wenn man über die Systemsteuerung geht. Wollte ich nur gesagt haben :D Das Removaltool sollte eigentlich den Rest erledigen. Eine ausführliche Anleitung gibt es hier Dabei gilt es zu beachten, dass eventuelle weitere Produkte von Symantec in Mitleidenschaft ziehen: Zitat:
|
| Alle Zeitangaben in WEZ +1. Es ist jetzt 23:20 Uhr. |
Copyright ©2000-2025, Trojaner-Board