#1 5. Juni 2006 Mal wieder ein Problem: Wenn ich einen Scann machen will, dann hängt er sich immer bei der erweiterten Registrieungsprüfung auf! Jedesmal... ich kann nie zu Ende scannen! Habe das Programm neu drauf, also weiß ich nicht, ob das früher auch so gewesen wäre! Danke für eure Hilfe!
#2 5. Juni 2006 Hijackthis Anleitung bitte poste ein logfile.... mal wieder zum zeitpunkt des absturzes das logfile machen. außerdem, wenn das programm abstürzt verursacht es eine fehlermeldung. zeig sie uns mfg
#3 5. Juni 2006 Also... einmal vor dem Scan mit Ad-Aware: Code: Logfile of HijackThis v1.99.1 Scan saved at 14:42:16, on 05.06.2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Unable to get Internet Explorer version! Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Charactical D\Sygate Personal Firewall\smc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\CHARAC~1\AVG Anti-Virus\avgcc.exe C:\Charactical D\MessengerPlus! 3\MsgPlus.exe C:\CHARAC~1\AVG Anti-Virus\avgamsvr.exe C:\CHARAC~1\AVG Anti-Virus\avgupsvc.exe C:\Charactical D\CardReader2.0\OTiReader.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\wdfmgr.exe C:\Charactical D\WinAmp\winamp.exe C:\Charactical D\ICQ Lite\ICQLite.exe C:\Charactical D\Ad-Aware\Ad-watch.exe C:\Charactical D\Mozilla Firefox\firefox.exe C:\Dokumente und Einstellungen\Danny\Eigene Dateien\hij\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,First Home Page = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = : R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file) O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Charactical D\SnagIt\SnagItBHO.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: McBrwHelper Class - {227B8AA8-DAF2-4892-BD1D-73F568BCB24E} - c:\charactical d\mcafee.com\mps\mcbrhlpr.dll O2 - BHO: McAfee PopupKiller - {3EC8255F-E043-4cae-8B3B-B191550C2A22} - c:\charactical d\mcafee.com\mps\popupkiller.dll O2 - BHO: McAfee Anti-Phishing Filter - {41D68ED8-4CFF-4115-88A6-6EBB8AF19000} - (no file) O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Charactical D\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\CHARAC~1\Spyware Doctor\tools\iesdsg.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Charactical D\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: ATLDistrib Object - {83A5F7B7-DC75-44CE-9195-264F41709FA9} - C:\WINDOWS\System32\geebb.dll O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\CHARAC~1\Spyware Doctor\tools\iesdpb.dll O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file) O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file) O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\charac~1\mcafee.com\vso\mcvsshl.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Charactical D\SnagIt\SnagItIEAddin.dll O3 - Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file) O4 - HKLM\..\Run: [SmcService] C:\CHARAC~1\SYGATE~1\smc.exe -startgui O4 - HKLM\..\Run: [AVG7_CC] C:\CHARAC~1\AVG Anti-Virus\avgcc.exe /STARTUP O4 - HKLM\..\Run: [MessengerPlus3] "C:\Charactical D\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKLM\..\Run: [Ad-watch] C:\Charactical D\Ad-Aware\Ad-watch.exe O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Charactical D\ICQ Lite\ICQLite.exe -trayboot O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Charactical D\ICQToolbar\toolbaru.dll/SEARCH.HTML O8 - Extra context menu item: &NeoTrace It! - C:\CHARAC~1\NeoTrace Pro\NTXcontext.htm O8 - Extra context menu item: Mit dem LeechGet Wizard laden - file://C:\Charactical D\LeechGet\\Wizard.html O8 - Extra context menu item: Mit LeechGet herunterladen - file://C:\Charactical D\LeechGet\\AddUrl.html O8 - Extra context menu item: Mit LeechGet parsen - file://C:\Charactical D\LeechGet\\Parser.html O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\CHARAC~1\Microsoft Office\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Charactical D\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Charactical D\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\CHARAC~1\Spyware Doctor\tools\iesdpb.dll O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra 'Tools' menuitem: McAfee Anti-Phishing Filter - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\CHARAC~1\Microsoft Office\OFFICE11\REFIEBAR.DLL O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Charactical D\ICQ Lite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Charactical D\ICQ Lite\ICQLite.exe O9 - Extra button: NeoTrace It! - {9885224C-1217-4c5f-83C2-00002E6CEF2B} - C:\CHARAC~1\NeoTrace Pro\NTXtoolbar.htm (file missing) (HKCU) O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{C0D91DD6-AE55-4979-BB0E-BBADF8908F80}: NameServer = 195.50.140.178 195.50.140.114 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\CHARAC~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: geebb - C:\WINDOWS\System32\geebb.dll O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O23 - Service: Adobe LM Service - Adobe Systems - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\CHARAC~1\AVG Anti-Virus\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\CHARAC~1\AVG Anti-Virus\avgupsvc.exe O23 - Service: hpdj - Unknown owner - C:\DOKUME~1\Danny\LOKALE~1\Temp\hpdj.exe (file missing) O23 - Service: OTi Card Reader Service - Unknown owner - C:\Charactical D\CardReader2.0\OTiReader.exe O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Charactical D\Spyware Doctor\sdhelp.exe O23 - Service: Service Hosts (ServiceHost) - Unknown owner - C:\WINDOWS\shost.exe (file missing) O23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - C:\Charactical D\Sygate Personal Firewall\smc.exe O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Charactical D\TuneUp Utilities 2006\WinStylerThemeSvc.exe Als es abstürz, siehts so aus: Code: Logfile of HijackThis v1.99.1 Scan saved at 14:45:09, on 05.06.2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Unable to get Internet Explorer version! Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Charactical D\Sygate Personal Firewall\smc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\CHARAC~1\AVG Anti-Virus\avgcc.exe C:\Charactical D\MessengerPlus! 3\MsgPlus.exe C:\CHARAC~1\AVG Anti-Virus\avgamsvr.exe C:\CHARAC~1\AVG Anti-Virus\avgupsvc.exe C:\Charactical D\CardReader2.0\OTiReader.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\wdfmgr.exe C:\Charactical D\WinAmp\winamp.exe C:\Charactical D\ICQ Lite\ICQLite.exe C:\Charactical D\Ad-Aware\Ad-watch.exe C:\Charactical D\Mozilla Firefox\firefox.exe C:\Dokumente und Einstellungen\Danny\Eigene Dateien\hij\HijackThis.exe C:\Charactical D\Ad-Aware\Ad-aware.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,First Home Page = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = : R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file) O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Charactical D\SnagIt\SnagItBHO.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: McBrwHelper Class - {227B8AA8-DAF2-4892-BD1D-73F568BCB24E} - c:\charactical d\mcafee.com\mps\mcbrhlpr.dll O2 - BHO: McAfee PopupKiller - {3EC8255F-E043-4cae-8B3B-B191550C2A22} - c:\charactical d\mcafee.com\mps\popupkiller.dll O2 - BHO: McAfee Anti-Phishing Filter - {41D68ED8-4CFF-4115-88A6-6EBB8AF19000} - (no file) O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Charactical D\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\CHARAC~1\Spyware Doctor\tools\iesdsg.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Charactical D\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: ATLDistrib Object - {83A5F7B7-DC75-44CE-9195-264F41709FA9} - C:\WINDOWS\System32\geebb.dll O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\CHARAC~1\Spyware Doctor\tools\iesdpb.dll O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file) O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file) O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\charac~1\mcafee.com\vso\mcvsshl.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Charactical D\SnagIt\SnagItIEAddin.dll O3 - Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file) O4 - HKLM\..\Run: [SmcService] C:\CHARAC~1\SYGATE~1\smc.exe -startgui O4 - HKLM\..\Run: [AVG7_CC] C:\CHARAC~1\AVG Anti-Virus\avgcc.exe /STARTUP O4 - HKLM\..\Run: [MessengerPlus3] "C:\Charactical D\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKLM\..\Run: [Ad-watch] C:\Charactical D\Ad-Aware\Ad-watch.exe O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Charactical D\ICQ Lite\ICQLite.exe -trayboot O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Charactical D\ICQToolbar\toolbaru.dll/SEARCH.HTML O8 - Extra context menu item: &NeoTrace It! - C:\CHARAC~1\NeoTrace Pro\NTXcontext.htm O8 - Extra context menu item: Mit dem LeechGet Wizard laden - file://C:\Charactical D\LeechGet\\Wizard.html O8 - Extra context menu item: Mit LeechGet herunterladen - file://C:\Charactical D\LeechGet\\AddUrl.html O8 - Extra context menu item: Mit LeechGet parsen - file://C:\Charactical D\LeechGet\\Parser.html O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\CHARAC~1\Microsoft Office\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Charactical D\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Charactical D\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\CHARAC~1\Spyware Doctor\tools\iesdpb.dll O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra 'Tools' menuitem: McAfee Anti-Phishing Filter - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\CHARAC~1\Microsoft Office\OFFICE11\REFIEBAR.DLL O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Charactical D\ICQ Lite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Charactical D\ICQ Lite\ICQLite.exe O9 - Extra button: NeoTrace It! - {9885224C-1217-4c5f-83C2-00002E6CEF2B} - C:\CHARAC~1\NeoTrace Pro\NTXtoolbar.htm (file missing) (HKCU) O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{C0D91DD6-AE55-4979-BB0E-BBADF8908F80}: NameServer = 195.50.140.178 195.50.140.114 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\CHARAC~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: geebb - C:\WINDOWS\System32\geebb.dll O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O23 - Service: Adobe LM Service - Adobe Systems - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\CHARAC~1\AVG Anti-Virus\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\CHARAC~1\AVG Anti-Virus\avgupsvc.exe O23 - Service: hpdj - Unknown owner - C:\DOKUME~1\Danny\LOKALE~1\Temp\hpdj.exe (file missing) O23 - Service: OTi Card Reader Service - Unknown owner - C:\Charactical D\CardReader2.0\OTiReader.exe O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Charactical D\Spyware Doctor\sdhelp.exe O23 - Service: Service Hosts (ServiceHost) - Unknown owner - C:\WINDOWS\shost.exe (file missing) O23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - C:\Charactical D\Sygate Personal Firewall\smc.exe O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Charactical D\TuneUp Utilities 2006\WinStylerThemeSvc.exe Und eine Fehlermeldung gibt es nicht! Da kommt einfach keine Rückmeldung, dann gehe ich auf schließen und das wars!
#4 6. Juni 2006 AHHH Junge wenn man was klickt wenn er scannt steht auch bei mir keine rückmeldung und wenn er fertig is dann aktualisiert er das fenster und dann steht es nimmer da Also einfach nix klicken und abwarten (so ist es bei mir) grEEtz QuaYeR
#5 6. Juni 2006 hey, beende mal alle Prozzese ( STRG+ALT+ENT ---> Prozzese und Unwichtig erscheinen Pozzese beenden ). Dann versuch mal !!
#7 7. Juni 2006 befolge diese anleitung zum reinigen deines systemes http://virus-protect.org/artikel/dienste/shost.html mfg spotting