Ergebnis 1 bis 2 von 2

Thema: MS Error Messages

  1. 30.08.2005, 02:57 #1
    judid
    judid ist offline
    Einsteiger
    Registriert seit
    30.08.2005
    Beiträge
    1

    MS Error Messages

    I definitely have something going on -- started when I inadvertently agreed to download MS security updates. Now am constantly getting the Internet Explorer (or other program) has encountered a problem and needs to close ... inconvenience. (understatement!) Here's the log:

    Thanks in advance for any help! (sorry if it's too long -- am new at this!)
    judid
    Code:
    Logfile of HijackThis v1.99.1
Scan saved at 9:11:34 PM, on 8/29/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\SCANJET\PrecisionScanLT\hppwrsav.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\PROGRA~1\MYWEBS~1\bar\3.bin\mwsoemon.exe
C:\Program Files\ahead\InCD\InCD.exe
C:\Program Files\Dell Photo AIO Printer 942\dlbubmgr.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\Program Files\Dell Photo AIO Printer 942\memcard.exe
C:\Program Files\Dell Photo AIO Printer 942\dlbubmon.exe
C:\Program Files\WildTangent\Apps\CDA\GameDrvr.exe
C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
C:\WINDOWS\system32\InetCntrl\InetCntrl.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\WINDOWS\Plaxo\2.1.0.80\InstallStub.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Consumer Input\ConsumerInput.exe
C:\Program Files\Consumer Input\ConsumerInputUa.exe
C:\PROGRA~1\Comcast\COMCAS~1\data\Xtras\mssysmgr.exe
C:\Program Files\Survey Alerts Manager\skinkers.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.dogpile.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/help/?CM.src=helpcomcast
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\3.bin\MWSSRCAS.DLL
O2 - BHO: My Search BHO - {014DA6C1-189F-421a-88CD-07CFE51CFF10} - C:\Program Files\MySearch\bar\1.bin\S4BAR.DLL
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\3.bin\MWSBAR.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O2 - BHO: PopBlockBHO Class - {E0019445-4C1F-414D-A70E-AD80F231C584} - C:\WINDOWS\system32\InetCntrl\PopupKil\BsafeBHO.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: My &Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\3.bin\MWSBAR.DLL
O3 - Toolbar: Trellian Toolbar - {71AAABE5-1F0F-11d7-BD6F-004854603DCE} - C:\Program Files\TRELLIAN\ToolBar\toolbar.dll
O3 - Toolbar: My &Search Bar - {014DA6C9-189F-421a-88CD-07CFE51CFF10} - C:\Program Files\MySearch\bar\1.bin\S4BAR.DLL
O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [hppwrsav] C:\SCANJET\PrecisionScanLT\hppwrsav.exe
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\3.bin\mwsoemon.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [Dell Photo AIO Printer 942] "C:\Program Files\Dell Photo AIO Printer 942\dlbubmgr.exe"
O4 - HKLM\..\Run: [DellMCM] "C:\Program Files\Dell Photo AIO Printer 942\memcard.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [WildTangent CDA] "C:\Program Files\WildTangent\Apps\CDA\GameDrvr.exe" /startup "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0500.dll"
O4 - HKLM\..\Run: [InetCntrl] C:\WINDOWS\system32\InetCntrl\InetCntrl.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKCU\..\Run: [PlaxoUpdate] C:\WINDOWS\Plaxo\2.1.0.80\InstallStub.exe -a
O4 - HKCU\..\Run: [Weather] C:\PROGRA~1\AWS\WEATHE~1\Weather.exe 1
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\3.bin\mwsoemon.exe
O4 - HKCU\..\Run: [SpyKiller] C:\Program Files\SpyKiller\spykiller.exe /startup
O4 - HKCU\..\Run: [IncrediMail] C:\PROGRA~1\INCRED~1\bin\IncMail.exe /c
O4 - HKCU\..\Run: [AIM] C:\PROGRA~1\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [Consumer Input] C:\Program Files\Consumer Input\ConsumerInput.exe
O4 - HKCU\..\Run: [Consumer Input Update] C:\Program Files\Consumer Input\ConsumerInputUa.exe
O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\Comcast\COMCAS~1\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [SAMCluster] C:\Program Files\Survey Alerts Manager\skinkers.exe
O4 - Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\3.bin\MWSOEMON.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Broadband Networking.lnk = ?
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O4 - Global Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\3.bin\MWSOEMON.EXE
O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe
O4 - Global Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZSxdm172
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Ebates - {6685509E-B47B-4f47-8E16-9A5F3A62F683} - file://C:\Program Files\Ebates_MoeMoneyMaker\Sy350\Tp350\scri350a.htm (file missing) (HKCU)
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\PROGRA~1\AWS\WEATHE~1\Weather.exe (HKCU)
O10 - Broken Internet access because of LSP provider 'inetcntrl.dll' missing
O15 - Trusted Zone: www.everydaywealth.com
O16 - DPF: ChatClient - http://216.126.214.195/taw/chat/ChatClient.cab
O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com.../c381/chat.cab
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://www.comcastsupport.com/sdccom...ad/tgctlcm.cab
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {02BED220-FBC7-4392-93A2-3A50B056F78E} - http://down.plaxo.com/down/release/instub.cab
O16 - DPF: {08BEF711-06DA-48B2-9534-802ECAA2E4F9} (PlxInstall Class) - https://www.plaxo.com/down/release/PlaxoInstall.cab
O16 - DPF: {15589FA1-C456-11CE-BF01-00AA0055595A} - http://www.spywarenuker.com/product/...rInstaller.exe
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache...tup1.0.0.8.cab
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} - http://us.chat1.yimg.com/us.yimg.com...45/yacscom.cab
O16 - DPF: {2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} (MiniBugTransporterX Class) - http://download.weatherbug.com/minib...ansporter.cab?
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/S...in/AvSniff.cab
O16 - DPF: {40289096-9F72-4A04-BCB3-E434ECDCEE33} (AppDLCtrl Class) - http://download.howudodat.com/chatte...load/appdl.cab
O16 - DPF: {4E7BD74F-2B8D-469E-DEFA-EB76B1D5FA7D} - http://ww2.reciperewards.com/bundles/reciperewards.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/27ba84d04e1d5f1...p/RdxIE601.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.co...?1093618494309
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
O16 - DPF: {81296632-05C2-4A99-8271-77EBCFE7844A} (NPEVPCFG.UserControl1) - http://voicecafe.optecs.net/confighelp/NPEVPCFG.CAB
O16 - DPF: {92CA8ACC-4E99-4A2A-93F1-B2C5CADC8613} (NMInstall Control) - http://a14.g.akamai.net/f/14/7141/1d...APANEL_USA.cab
O16 - DPF: {93EFDAB8-8800-4896-B428-76F943140E1B} (Setup Class) - http://www.consumerinput.com/panel/g...ne/dcainst.cab
O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} (cpbrkpie Control) - http://a19.g.akamai.net/7/19/7125/40...1/cpbrkpie.cab
O16 - DPF: {A7EA8AD2-287F-11D3-B120-006008C39542} (CBSTIEPrint Class) - http://offers.e-centives.com/cif/dow...in/actxcab.cab
O16 - DPF: {B24F0664-7DDA-40B6-B38C-A4FD68DE8685} (CentraDownloaderCtl Class) - http://gosolo1.centra.com/SiteRoots/...Downloader.cab
O16 - DPF: {B69F2A9C-E470-11D3-AFA3-525400DB7692} (Actimage Room Control) - http://ib.armstrong.com/ib/databases/actimage30717.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yaho...tocomplete.cab
O16 - DPF: {BCBC9371-595D-11D4-A96D-00105A1CEF6C} (View22RTE Class) - http://hgtv1.view22.com/view22/app/view22rte.cab
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
O16 - DPF: {C6B086D2-146B-47A4-A218-B82DCAF2D872} (cpbrxpie Control) - http://a19.g.akamai.net/7/19/7125/40...0/cpbrxpie.cab
O16 - DPF: {DC187740-46A9-11D5-A815-00B0D0428C0C} - http://www.pcpowerscan.com/pcpowerscan.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://everydaywealth.webex.com/cli...nt/ieatgpc.cab
O16 - DPF: {E43DF60D-D6FA-42AB-921C-FE0A023C5BE1} (eWebEditProLibCtl.eWebEditPro) - http://admin.salemwebnetwork.com/ewe...webeditpro.cab
O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl Class) - http://tools.ebayimg.com/eps/activex...trol_v1-32.cab
O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - http://www2.incredimail.com/contents...r/imloader.cab
O16 - DPF: {FDDCE9FF-1FC6-413C-80B1-37B101FDA1D4} - http://download.buddylinks.net/ShellInstaller.cab
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: dlbu_device - Dell - C:\WINDOWS\system32\dlbucoms.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
    Geändert von Ruby (30.08.2005 um 03:56 Uhr) Grund: BoardRules: Know how - HijackThis
  2. 30.08.2005, 04:20 #2
    Ruby
    Ruby ist offline
    Supermod a.D. Avatar von Ruby
    Registriert seit
    25.01.2005
    Ort
    The Netherlands
    Beiträge
    20.041

    AW: MS Error Messages

    Please post your Logfiles in vB Code!
    Note: Announcement    ....

    Welcome to HijackThis.de @ Judid

    Part 1

    1
    Make sure you set windows to see the hidden files and folders.

    2
    Please scan the following files

    C:\Program Files\Dell Photo AIO Printer 942\dlbubmgr.exe
    C:\Program Files\Dell Photo AIO Printer 942\memcard.exe
    C:\Program Files\Dell Photo AIO Printer 942\dlbubmon.exe
    C:\WINDOWS\system32\InetCntrl\InetCntrl.exe
    C:\WINDOWS\Plaxo\2.1.0.80\InstallStub.exe
    C:\Program Files\Consumer Input\ConsumerInputUa.exe
    C:\PROGRA~1\Comcast\COMCAS~1\data\Xtras\mssysmgr.exe
    C:\Program Files\Survey Alerts Manager\skinkers.exe
    C:\WINDOWS\system32\dlbucoms.exe

    with Virustotal and Jotti

    => Make us know all about the results by copy&paste.

    Part 2

    Code:
    Please read these instructions carefully and print them out!
Be sure to follow ALL instructions!
    Follow the numbers.

1
Remember that Hijackthis must be run in an own folder.
C:\Program Files\HJT\HijackThis.exe of C:\HJT\HijackThis.exe
Only if Hijackthis runs in an own folder it will create backups!

Please change it:  	C:\Program Files\HijackThis.exe

2
Download and Instructions of Use

A. Download
Please load down one of these tools WinsockFix and unzip it. 
Then double-click on it to run it. 
If you don't have a zip-tool we suggest zipgenius (It is free).
As you want to use LSP, please put a checkmark into "I know what I'm doing" and click then onto the Finished Button.
You will need it as your Internet Connection gets broken.

B. Download
--> !!! save the text under "all files" as "DelDomains.inf" to your desktop!!!  DelDomains.inf
-> install it to your desktop. Close your Internet Explorer!
Double-click onto "DelDomains.inf" and run it.
This will remove all entries in the "Trusted Zone" and "Ranges" also.

C. Download
CCleaner

3
Don't use the programs now.

4
Disconnect to the Internet.

5
Turn to  safe mode. Stay in safe mode until you read that you may turn to normal mode!

6
Close down all windows including Internet Explorer.
Run Hijackthis, click scan, and put a checkmark next to each of these items.
Then click the Fix Checked button:

O15 - Trusted Zone: wvw.everydaywealth.com
O16 - DPF: ChatClient - hzzp://216.126.214.195/taw/chat/ChatClient.cab
O16 - DPF: Yahoo! Chat - hzzp://us.chat1.yimg.com/us.yimg.co...t/c381/chat.cab
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - hzzp://www.comcastsupport.com/sdcco...oad/tgctlcm.cab
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - hzzp://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {02BED220-FBC7-4392-93A2-3A50B056F78E} - hzzp://down.plaxo.com/down/release/instub.cab
O16 - DPF: {08BEF711-06DA-48B2-9534-802ECAA2E4F9} (PlxInstall Class) - hzzps://www.plaxo.com/down/release/PlaxoInstall.cab
O16 - DPF: {15589FA1-C456-11CE-BF01-00AA0055595A} - hzzp://www.spywarenuker.com/product...erInstaller.exe
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - hzzp://ak.imgfarm.com/images/nocach...etup1.0.0.8.cab
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} - hzzp://us.chat1.yimg.com/us.yimg.co...v45/yacscom.cab
O16 - DPF: {2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} (MiniBugTransporterX Class) - hzzp://download.weatherbug.com/mini...ransporter.cab?
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - hzzp://security.symantec.com/sscv6/...bin/AvSniff.cab
O16 - DPF: {40289096-9F72-4A04-BCB3-E434ECDCEE33} (AppDLCtrl Class) - hzzp://download.howudodat.com/chatt...nload/appdl.cab
O16 - DPF: {4E7BD74F-2B8D-469E-DEFA-EB76B1D5FA7D} - hzzp://ww2.reciperewards.com/bundles/reciperewards.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - hzzp://207.188.7.150/27ba84d04e1d5f...ip/RdxIE601.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - hzzp://v5.windowsupdate.microsoft.c...b?1093618494309
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - hzzp://security.symantec.com/sscv6/...n/bin/cabsa.cab
O16 - DPF: {81296632-05C2-4A99-8271-77EBCFE7844A} (NPEVPCFG.UserControl1) - hzzp://voicecafe.optecs.net/confighelp/NPEVPCFG.CAB
O16 - DPF: {92CA8ACC-4E99-4A2A-93F1-B2C5CADC8613} (NMInstall Control) - hzzp://a14.g.akamai.net/f/14/7141/1...PAN  EL_USA.cab
O16 - DPF: {93EFDAB8-8800-4896-B428-76F943140E1B} (Setup Class) - hzzp://www.consumerinput.com/panel/...ine/dcainst.cab
O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} (cpbrkpie Control) - hzzp://a19.g.akamai.net/7/19/7125/4...21/cpbrkpie.cab
O16 - DPF: {A7EA8AD2-287F-11D3-B120-006008C39542} (CBSTIEPrint Class) - hzzp://offers.e-centives.com/cif/do...bin/actxcab.cab
O16 - DPF: {B24F0664-7DDA-40B6-B38C-A4FD68DE8685} (CentraDownloaderCtl Class) - hzzp://gosolo1.centra.com/SiteRoots...aDownloader.cab
O16 - DPF: {B69F2A9C-E470-11D3-AFA3-525400DB7692} (Actimage Room Control) - hzzp://ib.armstrong.com/ib/databases/actimage30717.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - hzzp://us.dl1.yimg.com/download.yah...utocomplete.cab
O16 - DPF: {BCBC9371-595D-11D4-A96D-00105A1CEF6C} (View22RTE Class) - hzzp://hgtv1.view22.com/view22/app/view22rte.cab
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - hzzp://security.symantec.com/sscv6/...n/bin/cabsa.cab
O16 - DPF: {C6B086D2-146B-47A4-A218-B82DCAF2D872} (cpbrxpie Control) - hzzp://a19.g.akamai.net/7/19/7125/4...20/cpbrxpie.cab
O16 - DPF: {DC187740-46A9-11D5-A815-00B0D0428C0C} - hzzp://www.pcpowerscan.com/pcpowerscan.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - hzzps://everydaywealth.webex.com/cl...ent/ieatgpc.cab
O16 - DPF: {E43DF60D-D6FA-42AB-921C-FE0A023C5BE1} (eWebEditProLibCtl.eWebEditPro) - hzzp://admin.salemwebnetwork.com/ew...ewebeditpro.cab
O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl Class) - hzzp://tools.ebayimg.com/eps/active...ntrol_v1-32.cab
O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - hzzp://www2.incredimail.com/content...er/imloader.cab
O16 - DPF: {FDDCE9FF-1FC6-413C-80B1-37B101FDA1D4} - hzzp://download.buddylinks.net/ShellInstaller.cab

Click on Fix Checked and exit HijackThis.

7
Reboot your system into normal mode.

8
Run the CCleaner
Put a Checkmark next to all items
under "Windows", "Applications" and "Issues".
Have a look to the screenshots.
Press the button "Run Cleaner".

9
 Empty your "Recycle Bin"
Go to START > run and type: cleanmgr and click ok.
Let it scan your system for files to remove.

10
Run HijackThis once more.
Have it save a new Logfile.

-> Please post the new HJT-Logfile.
« Vorheriges Thema | Nächstes Thema »

Aktive Benutzer

Aktive Benutzer

Aktive Benutzer in diesem Thema: 1 (Registrierte Benutzer: 0, Gäste: 1)

Berechtigungen

  • Neue Themen erstellen: Nein
  • Themen beantworten: Nein
  • Anhänge hochladen: Nein
  • Beiträge bearbeiten: Nein
  •  

Foren-Regeln