Hi Anni! Hab deine rettung von beteigeuze! Der das Prop. mit dem Worm/Rbot ?? hatte, war begeistert von deiner hilfe [Blockierte Grafik: https://www.winpower.de/images/smilies/emojione/1f44d.png] , hab da irgendwie die gleichen symptome! Kannst dir BITTE mal mein LogFile von HiJackthis ansehn und einfach mal durchseh und mir dann eine kurze antwort geben?!?!? Wär super net!
Logfile of HijackThis v1.98.2
Scan saved at 22:27:50, on 18.10.2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSSYSTEM32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSSYSTEM32Ati2evxx.exe
C:WINDOWSExplorer.EXE
C:ProgrammeAVPersonalAVGUARD.EXE
C:ProgrammeATI TechnologiesATI Control Panelatiptaxx.exe
C:ProgrammeAVPersonalAVWUPSRV.EXE
C:WINDOWSSOUNDMAN.EXE
C:ProgrammeMSILive Update 3LMonitor.exe
C:ProgrammeAVPersonalAVGNT.EXE
C:ProgrammeMSN MessengerMsnMsgr.Exe
C:ProgrammeWinAceWinAce.exe
C:DOKUME~1KundeLOKALE~1Temp~AceTemphijackthis1982HijackThis.exe
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://home.microsoft.com/search/search.asp
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://ie.search.msn.com
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.google.at/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
R1 - HKCUSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = http://ie.search.msn.com
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page_bak = http://www.google.at/
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page =
O1 - Hosts: 127.159.97.155 http://www.symantec.com
O1 - Hosts: 127.235.39.31 securityresponse.symantec.com
O1 - Hosts: 127.133.244.184 symantec.com
O1 - Hosts: 127.114.89.120 http://www.mcafee.com
O1 - Hosts: 127.139.141.35 mcafee.com
O1 - Hosts: 127.170.114.208 us.mcafee.com
O1 - Hosts: 127.245.59.89 http://www.sophos.com
O1 - Hosts: 127.192.131.20 sophos.com
O1 - Hosts: 127.119.215.152 http://www.viruslist.com
O1 - Hosts: 127.12.66.108 viruslist.com
O1 - Hosts: 127.173.178.124 f-secure.com
O1 - Hosts: 127.12.49.88 http://www.f-secure.com
O1 - Hosts: 127.54.181.118 kaspersky.com
O1 - Hosts: 127.117.112.229 http://www.avp.com
O1 - Hosts: 127.62.183.41 http://www.kaspersky.com
O1 - Hosts: 127.113.212.132 avp.com
O1 - Hosts: 127.164.237.33 http://www.networkassociates.com
O1 - Hosts: 127.159.14.27 networkassociates.com
O1 - Hosts: 127.4.188.93 http://www.ca.com
O1 - Hosts: 127.124.13.114 ca.com
O1 - Hosts: 127.63.101.156 my-etrust.com
O1 - Hosts: 127.41.226.6 http://www.my-etrust.com
O1 - Hosts: 127.99.48.112 secure.nai.com
O1 - Hosts: 127.222.199.228 nai.com
O1 - Hosts: 127.0.47.135 http://www.nai.com
O1 - Hosts: 127.96.33.35 trendmicro.com
O1 - Hosts: 127.69.170.170 http://www.trendmicro.com
O1 - Hosts: 127.85.146.15 housecall.trendmicro.com
O1 - Hosts: 127.127.211.90 http://www.pandasoftware.com
O1 - Hosts: 127.77.111.35 http://www.bitdefender.com
O1 - Hosts: 127.211.87.31 http://www.ravantivirus.com
O1 - Hosts: 127.215.66.104 http://www3.ca.com
O1 - Hosts: 127.70.222.223 v4.windowsupdate.microsoft.com
O1 - Hosts: 127.255.23.210 v5.windowsupdate.microsoft.com
O1 - Hosts: 127.114.165.210 v5windowsupdate.microsoft.nsatc.net
O1 - Hosts: 127.0.200.174 windowsupdate.microsoft.com
O1 - Hosts: 127.116.172.245 http://www.windowsupdate.com
O1 - Hosts: 127.25.134.68 windowsupdate.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:ProgrammeAdobeAcrobat 6.0ReaderActiveXAcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:ProgrammeSpybot - Search & DestroySDHelper.dll
O4 - HKLM..Run: [ATIPTA] C:ProgrammeATI TechnologiesATI Control Panelatiptaxx.exe
O4 - HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM..Run: [LiveMonitor] C:ProgrammeMSILive Update 3LMonitor.exe
O4 - HKLM..Run: [AVGCtrl] C:ProgrammeAVPersonalAVGNT.EXE /min
O4 - HKLM..RunServices: [ccEvtMrg.exe] ccEvtMrg.exe
O4 - HKLM..RunServices: [RegService] sysload16.exe -services
O4 - HKCU..Run: [MsnMsgr] "C:ProgrammeMSN MessengerMsnMsgr.Exe" /background
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:ProgrammeMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:ProgrammeMessengermsmsgs.exe
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messeng…nt.cab30149.cab
O16 - DPF: {14F65762-96FB-44B9-8DAC-93845F377A0E} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P…sharingctrl.cab
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
O16 - DPF: {4E330863-6A11-11D0-BFD8-006097237877} (InstallFromTheWeb ActiveX Control) - http://tw.msi.com.tw/autobios/client/iftwclix.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab30149.cab
O20 - AppInit_DLLs: PAVWAIT.DLL
THX im vorraus! MFG Rupp [Blockierte Grafik: https://www.winpower.de/images/smilies/emojione/263a.png]