 Help! Unexplained slowdown... |
Forum Rules
Greetings,
Before you post in this forum,please read and follow the instructions in this post: Guidelines for Posting in This Forum
Failure to follow these instructions will only result in delays of the cleaning and removal process.
If you ran other AntiVirus and/or AntiSpyware programs and have the logs available, please post them as well.
Our goal is to help you clean your PC and restore it to pre-infection condition wherever possible.
Thank You
  |
 Jan 17 2006, 11:02 AM
Post
#1
|
|
 Active Member  Group: Member Posts: 39 Joined: 17-January 06 Member No.: 17473  |
 Hi Last week I suddenly experienced a major slowdown: Most of the programs do lower performances, also the sound buzzes (So..o...o...un..d). After i checked my sound driver and defragmentatet my hard drive i figured, it might be an infection since Norton was recently blocked by a swarm of auto-deleted files, and when i checked the quarantine folder, it contained about 1000 files of the java.class type (i deletet them all, eversince, the quarantine is empty) I remember that you helped me once out of a real :angry: , so i figured, perhaps you could do it again: I'm really sorry to be back here again, I know I shouldnt be but I followed all the security tipps you gave me, and I didnt open any suspicious e-mails. I use Norton, AVG, spybot s&d and Microsoft Anti-spyware to protect my system. So here's the Log, perhaps you see something suspicious:  Logfile of HijackThis v1.99.1 Scan saved at 09:59:49, on 17.01.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe C:\Programme\Norton AntiVirus\navapsvc.exe C:\WINDOWS\System32\nvsvc32.exe C:\Programme\Norton AntiVirus\SAVScan.exe C:\WINDOWS\Explorer.EXE C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Center\SymWSC.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe C:\Programme\Power Cinema\PowerVCR II\Agent.exe C:\Programme\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe C:\WINDOWS\SOUNDMAN.EXE C:\Programme\Logitech\MouseWare\system\em_exec.exe C:\WINDOWS\system32\ctfmon.exe C:\Programme\Microsoft AntiSpyware\gcasDtServ.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Corel\Graphics8\Programs\MFIndexer.exe C:\Programme\Mozilla Firefox\firefox.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe C:\Programme\AvRack\rtlrack.exe C:\Programme\Messenger\msmsgs.exe C:\Dokumente und Einstellungen\Seebi\Desktop\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hattrick.org R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hattrick.org O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programme\Norton AntiVirus\NavShExt.dll O2 - BHO: SpoofStick BHO - {CBA74CDA-DF78-4AD9-954E-3B15D0A993DE} - C:\Programme\CoreStreet\SpoofStick\SpoofStickBHO.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programme\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll O3 - Toolbar: SpoofStick - {4D46ED77-1429-4CF6-8F63-C84B5D710BAF} - C:\Programme\CoreStreet\SpoofStick\SpoofStick.dll O4 - HKLM\..\Run: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe O4 - HKLM\..\Run: [Agent] C:\Programme\Power Cinema\PowerVCR II\Agent.exe O4 - HKLM\..\Run: [Remote_Agent] C:\Programme\Power Cinema\PowerVCR II\RemoteAgent.exe O4 - HKLM\..\Run: [mmtask] C:\Programme\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [gcasServ] "C:\Programme\Microsoft AntiSpyware\gcasServ.exe" O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Corel MEDIA FOLDERS INDEXER 8.LNK = C:\Corel\Graphics8\Programs\MFIndexer.exe O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office\OSA9.EXE O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\j2re1.4.2\bin\npjpi142.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\j2re1.4.2\bin\npjpi142.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O12 - Plugin for .csm: C:\Programme\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .csml: C:\Programme\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .cub: C:\Programme\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .cube: C:\Programme\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .dx: C:\Programme\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .emb: C:\Programme\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .embl: C:\Programme\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .gau: C:\Programme\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .jdx: C:\Programme\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .mol: C:\Programme\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .mop: C:\Programme\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .pdb: C:\Programme\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .rxn: C:\Programme\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .scr: C:\Programme\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .skc: C:\Programme\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .spt: C:\Programme\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .tgf: C:\Programme\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .xyz: C:\Programme\Internet Explorer\Plugins\npchime.dll O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone (HKLM) O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15015/CTSUEng.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1096475232281 O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall-Kontrolle) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} - http://fdl.msn.com/zone/datafiles/heartbeat.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15016/CTPID.cab O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Norton AntiVirus Auto-Protect-Dienst (navapsvc) - Symantec Corporation - C:\Programme\Norton AntiVirus\navapsvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: SAVScan - Symantec Corporation - C:\Programme\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\GEMEIN~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Center\SymWSC.exe :boh: Please, tell me if I did something wrong or you need more information. Sincerely Seebald (aka Besbert) |
 |
|
|
Jan 17 2006, 05:44 PM
Post
#2
|
|
|
Most Respected SuperExpert Group: Member Posts: 4576 Joined: 9-June 04 Member No.: 8164 |
This can be selected and fixed:
O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone (HKLM) There has been an issue found recently with Sun Java. When newer versions are installed, the older versions are left behind and malware can call these older versions to exploit flaws. Some malware has been found to install this way. First update to the very latest version of Sun Java, which is 1.5.0_06 Then go into Add Remove programs and uninstall any older versions you find listed there. ---------------------- You are running tow AV scanners at the same time. Norton and AVG. They can interfere with each other and cause a performance hit. You need to disable one of them. Are you running a Firewall? Go for free online Virus scans here: http://housecall.trendmicro.com/housecall/start_corp.asp http://www.pandasoftware.com/activescan/ Allow them to clean Panda will have the option to create a log afer the scan has finished. Click the See Report button. Then click the save Report button. It will be saved under the name activescan.txt Do that and post that log into your next reply here. --------------- |
|
|
|
|
Jan 17 2006, 09:09 PM
Post
#3
|
|
|
Active Member Group: Member Posts: 39 Joined: 17-January 06 Member No.: 17473 |
Sigh! I'm infected with 3 virusses and about 100 spywares... can I sue Norton?
 Here's pandas log: Incident Status Location Dialer:dialer.aas Not disinfected C:\WINDOWS\SYSTEM32\epl2.exe Adware:adware/gator Not disinfected C:\GatorPatch.log Adware:adware/searchaid Not disinfected Windows Registry Spyware:Cookie/2o7.net Not disinfected C:\Dokumente und Einstellungen\Seebi\Cookies\seebi@2o7[2].txt Spyware:Cookie/YieldManager Not disinfected C:\Dokumente und Einstellungen\Seebi\Cookies\seebi@ad.yieldmanager[1].txt Spyware:Cookie/Adtech Not disinfected C:\Dokumente und Einstellungen\Seebi\Cookies\seebi@adtech[2].txt Spyware:Cookie/Adverserve Not disinfected C:\Dokumente und Einstellungen\Seebi\Cookies\seebi@adverserve[2].txt Spyware:Cookie/Belnk Not disinfected C:\Dokumente und Einstellungen\Seebi\Cookies\seebi@belnk[1].txt Spyware:Cookie/GoStats Not disinfected C:\Dokumente und Einstellungen\Seebi\Cookies\seebi@c3.gostats[1].txt Spyware:Cookie/Ccbill Not disinfected C:\Dokumente und Einstellungen\Seebi\Cookies\seebi@ccbill[1].txt Spyware:Cookie/Com.com Not disinfected C:\Dokumente und Einstellungen\Seebi\Cookies\seebi@com[1].txt Spyware:Cookie/cs.-- The nicest hobby on Earth ;) --counter Not disinfected C:\Dokumente und Einstellungen\Seebi\Cookies\seebi@cs.-- The nicest hobby on Earth ;) --counter[2].txt Spyware:Cookie/Belnk Not disinfected C:\Dokumente und Einstellungen\Seebi\Cookies\seebi@dist.belnk[2].txt Spyware:Cookie/PayCounter Not disinfected C:\Dokumente und Einstellungen\Seebi\Cookies\seebi@paycounter[1].txt Spyware:Cookie/QuestionMarket Not disinfected C:\Dokumente und Einstellungen\Seebi\Cookies\seebi@questionmarket[2].txt Spyware:Cookie/RealMedia Not disinfected C:\Dokumente und Einstellungen\Seebi\Cookies\seebi@realmedia[2].txt Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Dokumente und Einstellungen\Seebi\Cookies\seebi@server.iad.liveperson[1].txt Spyware:Cookie/Toplist Not disinfected C:\Dokumente und Einstellungen\Seebi\Cookies\seebi@toplist[1].txt Spyware:Cookie/XXXCounter Not disinfected C:\Dokumente und Einstellungen\Seebi\Cookies\seebi@xxxcounter[1].txt Spyware:Cookie/BurstNet Not disinfected C:\Dokumente und Einstellungen\Seebi\Anwendungsdaten\Mozilla\Firefox\Profiles\default.r0m\cookies.txt[.burstnet.com/] Spyware:Cookie/cs.-- The nicest hobby on Earth ;) --counter Not disinfected C:\Dokumente und Einstellungen\Seebi\Anwendungsdaten\Mozilla\Firefox\Profiles\default.r0m\cookies.txt[.cs.-- The nicest hobby on Earth ;) --counter.com/] Spyware:Cookie/Casalemedia Not disinfected C:\Dokumente und Einstellungen\Seebi\Anwendungsdaten\Mozilla\Firefox\Profiles\default.r0m\cookies.txt[.casalemedia.com/] Spyware:Cookie/DomainSponsor Not disinfected C:\Dokumente und Einstellungen\Seebi\Anwendungsdaten\Mozilla\Firefox\Profiles\default.r0m\cookies.txt[landing.domainsponsor.com/] Spyware:Cookie/FortuneCity Not disinfected C:\Dokumente und Einstellungen\Seebi\Anwendungsdaten\Mozilla\Firefox\Profiles\default.r0m\cookies.txt[.fortunecity.com/] Spyware:Cookie/Serving-sys Not disinfected C:\Dokumente und Einstellungen\Seebi\Anwendungsdaten\Mozilla\Firefox\Profiles\default.r0m\cookies.txt[.serving-sys.com/] Spyware:Cookie/Falkag Not disinfected C:\Dokumente und Einstellungen\Seebi\Anwendungsdaten\Mozilla\Firefox\Profiles\default.r0m\cookies.txt[.as-eu.falkag.net/] Spyware:Cookie/Maxserving Not disinfected C:\Dokumente und Einstellungen\Seebi\Anwendungsdaten\Mozilla\Firefox\Profiles\default.r0m\cookies.txt[.maxserving.com/] Spyware:Cookie/Falkag Not disinfected C:\Dokumente und Einstellungen\Seebi\Anwendungsdaten\Mozilla\Firefox\Profiles\default.r0m\cookies.txt[.as-us.falkag.net/] Spyware:Cookie/Statcounter Not disinfected C:\Dokumente und Einstellungen\Seebi\Anwendungsdaten\Mozilla\Firefox\Profiles\default.r0m\cookies.txt[.statcounter.com/] Spyware:Cookie/YieldManager Not disinfected C:\Dokumente und Einstellungen\Seebi\Anwendungsdaten\Mozilla\Firefox\Profiles\default.r0m\cookies.txt[ad.yieldmanager.com/] Spyware:Cookie/Reliablestats Not disinfected C:\Dokumente und Einstellungen\Seebi\Anwendungsdaten\Mozilla\Firefox\Profiles\default.r0m\cookies.txt[stats1.reliablestats.com/] Spyware:Cookie/WinFixer Not disinfected C:\Dokumente und Einstellungen\Seebi\Anwendungsdaten\Mozilla\Firefox\Profiles\default.r0m\cookies.txt[.winfixer.com/] Spyware:Cookie/Ccbill Not disinfected C:\Dokumente und Einstellungen\Seebi\Anwendungsdaten\Mozilla\Firefox\Profiles\default.r0m\cookies.txt[.ccbill.com/] Spyware:Cookie/MediaTickets Not disinfected C:\Dokumente und Einstellungen\Seebi\Anwendungsdaten\Mozilla\Firefox\Profiles\default.r0m\cookies.txt[.kinghost.com/] Spyware:Cookie/Belnk Not disinfected C:\Dokumente und Einstellungen\Seebi\Anwendungsdaten\Mozilla\Firefox\Profiles\default.r0m\cookies.txt[.belnk.com/] Spyware:Cookie/RealMedia Not disinfected C:\Dokumente und Einstellungen\Seebi\Anwendungsdaten\Mozilla\Firefox\Profiles\default.r0m\cookies.txt[.realmedia.com/] Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Dokumente und Einstellungen\Seebi\Anwendungsdaten\Mozilla\Firefox\Profiles\default.r0m\cookies.txt[server.iad.liveperson.net/hc/46036647] Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Dokumente und Einstellungen\Seebi\Anwendungsdaten\Mozilla\Firefox\Profiles\default.r0m\cookies.txt[server.iad.liveperson.net/] Spyware:Cookie/Com.com Not disinfected C:\Dokumente und Einstellungen\Seebi\Anwendungsdaten\Mozilla\Firefox\Profiles\default.r0m\cookies.txt[.com.com/] Spyware:Cookie/Hbmediapro Not disinfected C:\Dokumente und Einstellungen\Seebi\Anwendungsdaten\Mozilla\Firefox\Profiles\default.r0m\cookies.txt[.adopt.hbmediapro.com/] Spyware:Cookie/2o7.net Not disinfected C:\Dokumente und Einstellungen\Seebi\Anwendungsdaten\Mozilla\Firefox\Profiles\default.r0m\cookies.txt[.2o7.net/] Spyware:Cookie/Microsofte Not disinfected C:\Dokumente und Einstellungen\Seebi\Anwendungsdaten\Mozilla\Firefox\Profiles\default.r0m\cookies.txt[.microsofteup.112.2o7.net/] Spyware:Cookie/Doubleclick Not disinfected C:\Dokumente und Einstellungen\Seebi\Anwendungsdaten\Mozilla\Firefox\Profiles\default.r0m\cookies.txt[.doubleclick.net/] Spyware:Cookie/Mediaplex Not disinfected C:\Dokumente und Einstellungen\Seebi\Anwendungsdaten\Mozilla\Firefox\Profiles\default.r0m\cookies.txt[.mediaplex.com/] Spyware:Cookie/888 Not disinfected C:\Dokumente und Einstellungen\Mama\Cookies\mama@888[2].txt Spyware:Cookie/OfferOptimizer Not disinfected C:\Dokumente und Einstellungen\Mama\Cookies\mama@offeroptimizer[1].txt Spyware:Cookie/Doubleclick Not disinfected C:\Dokumente und Einstellungen\Mama.SEEBI-Z19CZRBKD\Anwendungsdaten\Mozilla\Firefox\Profiles\iutqeper.default\cookies.txt[] Spyware:Cookie/2o7.net Not disinfected C:\Dokumente und Einstellungen\Mama.SEEBI-Z19CZRBKD\Cookies\mama@2o7[1].txt Spyware:Cookie/Falkag Not disinfected C:\Dokumente und Einstellungen\Mama.SEEBI-Z19CZRBKD\Cookies\mama@as1.falkag[2].txt Spyware:Cookie/Atlas DMT Not disinfected C:\Dokumente und Einstellungen\Mama.SEEBI-Z19CZRBKD\Cookies\mama@atdmt[2].txt Spyware:Cookie/Doubleclick Not disinfected C:\Dokumente und Einstellungen\Mama.SEEBI-Z19CZRBKD\Cookies\mama@doubleclick[1].txt Spyware:Cookie/Mediaplex Not disinfected C:\Dokumente und Einstellungen\Mama.SEEBI-Z19CZRBKD\Cookies\mama@mediaplex[1].txt Spyware:Cookie/Tradedoubler Not disinfected C:\Dokumente und Einstellungen\Mama.SEEBI-Z19CZRBKD\Cookies\mama@tradedoubler[1].txt Spyware:Cookie/OfferOptimizer Not disinfected C:\Dokumente und Einstellungen\Papa\Cookies\papa@offeroptimizer[1].txt Spyware:Spyware/BetterInet Not disinfected C:\Dokumente und Einstellungen\Papa\Lokale Einstellungen\Temp\biini.inf Adware:Adware/SAHAgent Not disinfected C:\Dokumente und Einstellungen\Papa\Lokale Einstellungen\Temp\flashtlk.inf Adware:Adware/WebHancer Not disinfected C:\Dokumente und Einstellungen\Papa\Lokale Einstellungen\Temp\whCC-GROKSTER.exe[whAgent.inf] Spyware:Cookie/Adtech Not disinfected C:\Dokumente und Einstellungen\Papa.SEEBI-Z19CZRBKD\Cookies\papa@adtech[1].txt Spyware:Cookie/Atlas DMT Not disinfected C:\Dokumente und Einstellungen\Papa.SEEBI-Z19CZRBKD\Cookies\papa@atdmt[2].txt Spyware:Cookie/Doubleclick Not disinfected C:\Dokumente und Einstellungen\Papa.SEEBI-Z19CZRBKD\Cookies\papa@doubleclick[1].txt Spyware:Cookie/Linksynergy Not disinfected C:\Dokumente und Einstellungen\Papa.SEEBI-Z19CZRBKD\Cookies\papa@linksynergy[1].txt Spyware:Cookie/Mediaplex Not disinfected C:\Dokumente und Einstellungen\Papa.SEEBI-Z19CZRBKD\Cookies\papa@mediaplex[1].txt Spyware:Cookie/888 Not disinfected C:\Dokumente und Einstellungen\Seeba\Cookies\seeba@888[1].txt Spyware:Cookie/Barelylegal Not disinfected C:\Dokumente und Einstellungen\Seeba\Cookies\seeba@c.fsx[1].txt Spyware:Cookie/Ccbill Not disinfected C:\Dokumente und Einstellungen\Seeba\Cookies\seeba@ccbill[2].txt Spyware:Cookie/Com.com Not disinfected C:\Dokumente und Einstellungen\Seeba\Cookies\seeba@com[1].txt Spyware:Cookie/Itrack Not disinfected C:\Dokumente und Einstellungen\Seeba\Cookies\seeba@ilead.itrack[1].txt Spyware:Cookie/MediaTickets Not disinfected C:\Dokumente und Einstellungen\Seeba\Cookies\seeba@kinghost[2].txt Spyware:Cookie/OfferOptimizer Not disinfected C:\Dokumente und Einstellungen\Seeba\Cookies\seeba@offeroptimizer[1].txt Adware:Adware/IPInsight Not disinfected C:\Dokumente und Einstellungen\Seeba\Lokale Einstellungen\Temp\Belt.ini Spyware:Spyware/BetterInet Not disinfected C:\Dokumente und Einstellungen\Seeba\Lokale Einstellungen\Temp\biini.inf Adware:Adware/SAHAgent Not disinfected C:\Dokumente und Einstellungen\Seeba\Lokale Einstellungen\Temp\flashtlk.inf Adware:Adware/WebHancer Not disinfected C:\Dokumente und Einstellungen\Seeba\Lokale Einstellungen\Temp\whCC-GROKSTER.exe[whAgent.inf] Spyware:Spyware/Altnet Not disinfected C:\Dokumente und Einstellungen\Seeba\Lokale Einstellungen\Temp\__unin__.exe Spyware:Cookie/BurstNet Not disinfected C:\Dokumente und Einstellungen\Seebi\Anwendungsdaten\Mozilla\Firefox\Profiles\default.r0m\cookies.txt[] Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Dokumente und Einstellungen\Seebi\Anwendungsdaten\Mozilla\Firefox\Profiles\default.r0m\cookies.txt[46036647] Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Dokumente und Einstellungen\Seebi\Anwendungsdaten\Mozilla\Firefox\Profiles\default.r0m\cookies.txt[] Spyware:Cookie/2o7.net Not disinfected C:\Dokumente und Einstellungen\Seebi\Cookies\seebi@2o7[2].txt Spyware:Cookie/YieldManager Not disinfected C:\Dokumente und Einstellungen\Seebi\Cookies\seebi@ad.yieldmanager[1].txt Spyware:Cookie/Adtech Not disinfected C:\Dokumente und Einstellungen\Seebi\Cookies\seebi@adtech[2].txt Spyware:Cookie/Adverserve Not disinfected C:\Dokumente und Einstellungen\Seebi\Cookies\seebi@adverserve[2].txt Spyware:Cookie/Belnk Not disinfected C:\Dokumente und Einstellungen\Seebi\Cookies\seebi@belnk[1].txt Spyware:Cookie/GoStats Not disinfected C:\Dokumente und Einstellungen\Seebi\Cookies\seebi@c3.gostats[1].txt Spyware:Cookie/Ccbill Not disinfected C:\Dokumente und Einstellungen\Seebi\Cookies\seebi@ccbill[1].txt Spyware:Cookie/Com.com Not disinfected C:\Dokumente und Einstellungen\Seebi\Cookies\seebi@com[1].txt Spyware:Cookie/cs.-- The nicest hobby on Earth ;) --counter Not disinfected C:\Dokumente und Einstellungen\Seebi\Cookies\seebi@cs.-- The nicest hobby on Earth ;) --counter[2].txt Spyware:Cookie/Belnk Not disinfected C:\Dokumente und Einstellungen\Seebi\Cookies\seebi@dist.belnk[2].txt Spyware:Cookie/PayCounter Not disinfected C:\Dokumente und Einstellungen\Seebi\Cookies\seebi@paycounter[1].txt Spyware:Cookie/QuestionMarket Not disinfected C:\Dokumente und Einstellungen\Seebi\Cookies\seebi@questionmarket[2].txt Spyware:Cookie/RealMedia Not disinfected C:\Dokumente und Einstellungen\Seebi\Cookies\seebi@realmedia[2].txt Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Dokumente und Einstellungen\Seebi\Cookies\seebi@server.iad.liveperson[1].txt Spyware:Cookie/Toplist Not disinfected C:\Dokumente und Einstellungen\Seebi\Cookies\seebi@toplist[1].txt Spyware:Cookie/XXXCounter Not disinfected C:\Dokumente und Einstellungen\Seebi\Cookies\seebi@xxxcounter[1].txt Virus:W32/Gaobot.batch Disinfected C:\Dokumente und Einstellungen\Seebi\Lokale Einstellungen\Temp\r.bat Adware:Adware/SaveNow Not disinfected C:\Dokumente und Einstellungen\Seebi\Lokale Einstellungen\Temp\wu.exe Potentially unwanted tool:Application/MyWay Not disinfected C:\Program Files\MySearch\bar\1.bin\NPMYSRCH.DLL Adware:Adware/IST.YourSiteBar Not disinfected C:\WINDOWS\Downloaded Program Files\CONFLICT.1\ysbactivex.inf Adware:Adware/IST.YourSiteBar Not disinfected C:\WINDOWS\Downloaded Program Files\CONFLICT.2\ysbactivex.inf Adware:Adware/IST.YourSiteBar Not disinfected C:\WINDOWS\Downloaded Program Files\CONFLICT.3\ysbactivex.inf Adware:Adware/IST.YourSiteBar Not disinfected C:\WINDOWS\Downloaded Program Files\CONFLICT.4\ysbactivex.inf Virus:W32/Bobax.C.worm Disinfected C:\WINDOWS\system32\config\systemprofile\Lokale Einstellungen\Temporary Internet Files\Content.IE5\WT2FGPUR\80.218.154[1].gif Adware:Adware/MediaTickets Not disinfected C:\WINDOWS\system32\config\systemprofile\Lokale Einstellungen\Temporary Internet Files\Content.IE5\WT2FGPUR\MediaTicketsInstaller[1].cab[MediaTicketsInstaller.INF] Adware:Adware/MediaTickets Not disinfected C:\WINDOWS\system32\config\systemprofile\Lokale Einstellungen\Temporary Internet Files\Content.IE5\WT2FGPUR\MediaTicketsInstaller[1].cab[MediaTicketsInstaller.ocx] Virus:Trj/Qhost.Z Disinfected C:\WINDOWS\system32\drivers\etc\HOSTS.bak Dialer:Dialer.AAS Not disinfected C:\WINDOWS\system32\epl2.exe Dialer:Dialer.AAS Not disinfected C:\WINDOWS\system32\_U.exe How can I get rid of all this junk? 
|
|
|
|
|
Jan 17 2006, 10:46 PM
Post
#4
|
|
|
Most Respected SuperExpert Group: Member Posts: 4576 Joined: 9-June 04 Member No.: 8164 |
A lot of that is cookies. No AV is perfect. But some are better than others.
Delete these files. C:\WINDOWS\SYSTEM32\epl2.exe C:\GatorPatch.log C:\Dokumente und Einstellungen\Seebi\Cookies\seebi@2o7[2].txt C:\Dokumente und Einstellungen\Seebi\Cookies\seebi@ad.yieldmanager[1].txt C:\Dokumente und Einstellungen\Seebi\Cookies\seebi@adtech[2].txt C:\Dokumente und Einstellungen\Seebi\Cookies\seebi@adverserve[2].txt C:\Dokumente und Einstellungen\Seebi\Cookies\seebi@belnk[1].txt C:\Dokumente und Einstellungen\Seebi\Cookies\seebi@c3.gostats[1].txt C:\Dokumente und Einstellungen\Seebi\Cookies\seebi@ccbill[1].txt C:\Dokumente und Einstellungen\Seebi\Cookies\seebi@com[1].txt C:\Dokumente und Einstellungen\Seebi\Cookies\seebi@cs.-- The nicest hobby on Earth ;) --counter[2].txt C:\Dokumente und Einstellungen\Seebi\Cookies\seebi@dist.belnk[2].txt C:\Dokumente und Einstellungen\Seebi\Cookies\seebi@paycounter[1].txt C:\Dokumente und Einstellungen\Seebi\Cookies\seebi@questionmarket[2].txt C:\Dokumente und Einstellungen\Seebi\Cookies\seebi@realmedia[2].txt C:\Dokumente und Einstellungen\Seebi\Cookies\seebi@server.iad.liveperson[1].txt C:\Dokumente und Einstellungen\Seebi\Cookies\seebi@toplist[1].txt C:\Dokumente und Einstellungen\Seebi\Cookies\seebi@xxxcounter[1].txt C:\Dokumente und Einstellungen\Mama\Cookies\mama@888[2].txt C:\Dokumente und Einstellungen\Mama\Cookies\mama@offeroptimizer[1].txt C:\Dokumente und Einstellungen\Mama.SEEBI-Z19CZRBKD\Cookies\mama@2o7[1].txt C:\Dokumente und Einstellungen\Mama.SEEBI-Z19CZRBKD\Cookies\mama@as1.falkag[2].txt C:\Dokumente und Einstellungen\Mama.SEEBI-Z19CZRBKD\Cookies\mama@atdmt[2].txt C:\Dokumente und Einstellungen\Mama.SEEBI-Z19CZRBKD\Cookies\mama@doubleclick[1].txt C:\Dokumente und Einstellungen\Mama.SEEBI-Z19CZRBKD\Cookies\mama@mediaplex[1].txt C:\Dokumente und Einstellungen\Mama.SEEBI-Z19CZRBKD\Cookies\mama@tradedoubler[1].txt C:\Dokumente und Einstellungen\Papa\Cookies\papa@offeroptimizer[1].txt C:\Dokumente und Einstellungen\Papa\Lokale Einstellungen\Temp\biini.inf C:\Dokumente und Einstellungen\Papa\Lokale Einstellungen\Temp\flashtlk.inf C:\Dokumente und Einstellungen\Papa\Lokale Einstellungen\Temp\whCC-GROKSTER.exe[whAgent.inf] C:\Dokumente und Einstellungen\Papa.SEEBI-Z19CZRBKD\Cookies\papa@adtech[1].txt C:\Dokumente und Einstellungen\Papa.SEEBI-Z19CZRBKD\Cookies\papa@atdmt[2].txt C:\Dokumente und Einstellungen\Papa.SEEBI-Z19CZRBKD\Cookies\papa@doubleclick[1].txt C:\Dokumente und Einstellungen\Papa.SEEBI-Z19CZRBKD\Cookies\papa@linksynergy[1].txt C:\Dokumente und Einstellungen\Papa.SEEBI-Z19CZRBKD\Cookies\papa@mediaplex[1].txt C:\Dokumente und Einstellungen\Seeba\Cookies\seeba@888[1].txt C:\Dokumente und Einstellungen\Seeba\Cookies\seeba@c.fsx[1].txt C:\Dokumente und Einstellungen\Seeba\Cookies\seeba@ccbill[2].txt C:\Dokumente und Einstellungen\Seeba\Cookies\seeba@com[1].txt C:\Dokumente und Einstellungen\Seeba\Cookies\seeba@ilead.itrack[1].txt C:\Dokumente und Einstellungen\Seeba\Cookies\seeba@kinghost[2].txt C:\Dokumente und Einstellungen\Seeba\Cookies\seeba@offeroptimizer[1].txt C:\Dokumente und Einstellungen\Seeba\Lokale Einstellungen\Temp\Belt.ini C:\Dokumente und Einstellungen\Seeba\Lokale Einstellungen\Temp\biini.inf C:\Dokumente und Einstellungen\Seeba\Lokale Einstellungen\Temp\flashtlk.inf C:\Dokumente und Einstellungen\Seeba\Lokale Einstellungen\Temp\whCC-GROKSTER.exe[whAgent.inf] C:\Dokumente und Einstellungen\Seeba\Lokale Einstellungen\Temp\__unin__.exe C:\Dokumente und Einstellungen\Seebi\Cookies\seebi@2o7[2].txt C:\Dokumente und Einstellungen\Seebi\Cookies\seebi@ad.yieldmanager[1].txt C:\Dokumente und Einstellungen\Seebi\Cookies\seebi@adtech[2].txt C:\Dokumente und Einstellungen\Seebi\Cookies\seebi@adverserve[2].txt C:\Dokumente und Einstellungen\Seebi\Cookies\seebi@belnk[1].txt C:\Dokumente und Einstellungen\Seebi\Cookies\seebi@c3.gostats[1].txt C:\Dokumente und Einstellungen\Seebi\Cookies\seebi@ccbill[1].txt C:\Dokumente und Einstellungen\Seebi\Cookies\seebi@com[1].txt C:\Dokumente und Einstellungen\Seebi\Cookies\seebi@cs.-- The nicest hobby on Earth ;) --counter[2].txt C:\Dokumente und Einstellungen\Seebi\Cookies\seebi@dist.belnk[2].txt C:\Dokumente und Einstellungen\Seebi\Cookies\seebi@paycounter[1].txt C:\Dokumente und Einstellungen\Seebi\Cookies\seebi@questionmarket[2].txt C:\Dokumente und Einstellungen\Seebi\Cookies\seebi@realmedia[2].txt C:\Dokumente und Einstellungen\Seebi\Cookies\seebi@server.iad.liveperson[1].txt C:\Dokumente und Einstellungen\Seebi\Cookies\seebi@toplist[1].txt C:\Dokumente und Einstellungen\Seebi\Cookies\seebi@xxxcounter[1].txt C:\Dokumente und Einstellungen\Seebi\Lokale Einstellungen\Temp\wu.exe C:\Program Files\MySearch\bar\1.bin\NPMYSRCH.DLL C:\WINDOWS\system32\config\systemprofile\Lokale Einstellungen\Temporary Internet Files\Content.IE5\WT2FGPUR\MediaTicketsInstaller[1].cab[MediaTicketsInstaller.INF] C:\WINDOWS\system32\config\systemprofile\Lokale Einstellungen\Temporary Internet Files\Content.IE5\WT2FGPUR\MediaTicketsInstaller[1].cab[MediaTicketsInstaller.ocx] C:\WINDOWS\system32\epl2.exe C:\WINDOWS\system32\_U.exe ------------- These next files need special handling. Go to start >Run and paste in this command, press enter and then wait for the success message: regsvr32 /u occache.dll Delete these files: C:\WINDOWS\Downloaded Program Files\CONFLICT.1\ysbactivex.inf C:\WINDOWS\Downloaded Program Files\CONFLICT.2\ysbactivex.inf C:\WINDOWS\Downloaded Program Files\CONFLICT.3\ysbactivex.inf C:\WINDOWS\Downloaded Program Files\CONFLICT.4\ysbactivex.inf Go back to start >Run and paste in this command, press enter and then wait for the success message: regsvr32 /i occache.dll |
|
|
|
|
Jan 18 2006, 07:16 AM
Post
#5
|
|
|
Active Member Group: Member Posts: 39 Joined: 17-January 06 Member No.: 17473 |
All done :dance:
In the place of C:\WINDOWS\system32\config\systemprofile\Lokale Einstellungen\Temporary Internet Files\Content.IE5\WT2FGPUR\MediaTicketsInstaller[1].cab[MediaTicketsInstaller.INF] C:\WINDOWS\system32\config\systemprofile\Lokale Einstellungen\Temporary Internet Files\Content.IE5\WT2FGPUR\MediaTicketsInstaller[1].cab[MediaTicketsInstaller.ocx] I only found one file (winrar) and deleted it. Hope, thats ok. What must I do next? |
|
|
|
|
Jan 18 2006, 03:50 PM
Post
#6
|
|
|
Most Respected SuperExpert Group: Member Posts: 4576 Joined: 9-June 04 Member No.: 8164 |
That's fine.
Download and run Cleanup. http://home.comcast.net/~sgould4567/softwa...p/download.html Learn how to use Cleanup: http://home.comcast.net/~sgould4567/softwa...up/running.html What is going on with your system now? I doublt the buzzing went away. HAve you recently moved your system or adding any new piece of electrics to that room? Any kind of changes you have made to either your system or the environment might explain it. It might be your Speakers too. May I see another Hijckthis log too? |
|
|
|
|
Jan 18 2006, 07:26 PM
Post
#7
|
|
|
Active Member Group: Member Posts: 39 Joined: 17-January 06 Member No.: 17473 |
Cleanup flushed about 1.4 gB worth of files. That was a real good tipp, thx.
I doubt it's the speakers, since I use the same headphones for 2 months now. Also, when i watch a video, the sound AND the picture stall together (sound interrupts, picture freezes for a short period). I bought a MP3 Player recently (Creative Zen Micro) and installed the software that came with it (Media Organizer and Player-Driver) I guess it installed also new drivers for my soundcard (Avance AC97 Audio). I converted my CD-collection to MP3s with Media Organizer, the day I noticed the problem. So it might be that. I uninstalled all Programs that came with the MP3 Player and re-installed the sound driver, but the problem's still there... so I came to you... Anyhow, here's the Hijack Log: Logfile of HijackThis v1.99.1 Scan saved at 19:28:24, on 18.01.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe C:\Programme\Norton AntiVirus\navapsvc.exe C:\WINDOWS\System32\nvsvc32.exe C:\Programme\Norton AntiVirus\SAVScan.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Center\SymWSC.exe C:\WINDOWS\Explorer.EXE C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe C:\Programme\Power Cinema\PowerVCR II\Agent.exe C:\Programme\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe C:\WINDOWS\SOUNDMAN.EXE C:\Programme\Java\jre1.5.0_06\bin\jusched.exe C:\Programme\Microsoft AntiSpyware\gcasDtServ.exe C:\WINDOWS\system32\ctfmon.exe C:\Programme\Logitech\MouseWare\system\em_exec.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Corel\Graphics8\Programs\MFIndexer.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Programme\Messenger\msmsgs.exe C:\Programme\Mozilla Firefox\firefox.exe C:\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hattrick.org R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hattrick.org O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programme\Norton AntiVirus\NavShExt.dll O2 - BHO: SpoofStick BHO - {CBA74CDA-DF78-4AD9-954E-3B15D0A993DE} - C:\Programme\CoreStreet\SpoofStick\SpoofStickBHO.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programme\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll O3 - Toolbar: SpoofStick - {4D46ED77-1429-4CF6-8F63-C84B5D710BAF} - C:\Programme\CoreStreet\SpoofStick\SpoofStick.dll O4 - HKLM\..\Run: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe O4 - HKLM\..\Run: [Agent] C:\Programme\Power Cinema\PowerVCR II\Agent.exe O4 - HKLM\..\Run: [Remote_Agent] C:\Programme\Power Cinema\PowerVCR II\RemoteAgent.exe O4 - HKLM\..\Run: [mmtask] C:\Programme\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [gcasServ] "C:\Programme\Microsoft AntiSpyware\gcasServ.exe" O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_06\bin\jusched.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Corel MEDIA FOLDERS INDEXER 8.LNK = C:\Corel\Graphics8\Programs\MFIndexer.exe O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office\OSA9.EXE O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O12 - Plugin for .csm: C:\Programme\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .csml: C:\Programme\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .cub: C:\Programme\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .cube: C:\Programme\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .dx: C:\Programme\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .emb: C:\Programme\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .embl: C:\Programme\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .gau: C:\Programme\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .jdx: C:\Programme\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .mol: C:\Programme\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .mop: C:\Programme\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .pdb: C:\Programme\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .rxn: C:\Programme\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .scr: C:\Programme\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .skc: C:\Programme\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .spt: C:\Programme\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .tgf: C:\Programme\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .xyz: C:\Programme\Internet Explorer\Plugins\npchime.dll O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15015/CTSUEng.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1096475232281 O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall-Kontrolle) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} - http://fdl.msn.com/zone/datafiles/heartbeat.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15016/CTPID.cab O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Norton AntiVirus Auto-Protect-Dienst (navapsvc) - Symantec Corporation - C:\Programme\Norton AntiVirus\navapsvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: SAVScan - Symantec Corporation - C:\Programme\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\GEMEIN~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Center\SymWSC.exe Also I ran panda again: Incident Status Location Adware:adware/gator Not disinfected C:\GatorPatch.log Adware:adware/searchaid Not disinfected Windows Registry Spyware:Cookie/BurstNet Not disinfected C:\Dokumente und Einstellungen\Seebi\Anwendungsdaten\Mozilla\Firefox\Profiles\default.r0m\cookies.txt[.burstnet.com/] Spyware:Cookie/cs.-- The nicest hobby on Earth ;) --counter Not disinfected C:\Dokumente und Einstellungen\Seebi\Anwendungsdaten\Mozilla\Firefox\Profiles\default.r0m\cookies.txt[.cs.-- The nicest hobby on Earth ;) --counter.com/] Spyware:Cookie/Casalemedia Not disinfected C:\Dokumente und Einstellungen\Seebi\Anwendungsdaten\Mozilla\Firefox\Profiles\default.r0m\cookies.txt[.casalemedia.com/] Spyware:Cookie/DomainSponsor Not disinfected C:\Dokumente und Einstellungen\Seebi\Anwendungsdaten\Mozilla\Firefox\Profiles\default.r0m\cookies.txt[landing.domainsponsor.com/] Spyware:Cookie/FortuneCity Not disinfected C:\Dokumente und Einstellungen\Seebi\Anwendungsdaten\Mozilla\Firefox\Profiles\default.r0m\cookies.txt[.fortunecity.com/] Spyware:Cookie/Serving-sys Not disinfected C:\Dokumente und Einstellungen\Seebi\Anwendungsdaten\Mozilla\Firefox\Profiles\default.r0m\cookies.txt[.serving-sys.com/] Spyware:Cookie/Falkag Not disinfected C:\Dokumente und Einstellungen\Seebi\Anwendungsdaten\Mozilla\Firefox\Profiles\default.r0m\cookies.txt[.as-eu.falkag.net/] Spyware:Cookie/Maxserving Not disinfected C:\Dokumente und Einstellungen\Seebi\Anwendungsdaten\Mozilla\Firefox\Profiles\default.r0m\cookies.txt[.maxserving.com/] Spyware:Cookie/Falkag Not disinfected C:\Dokumente und Einstellungen\Seebi\Anwendungsdaten\Mozilla\Firefox\Profiles\default.r0m\cookies.txt[.as-us.falkag.net/] Spyware:Cookie/Statcounter Not disinfected C:\Dokumente und Einstellungen\Seebi\Anwendungsdaten\Mozilla\Firefox\Profiles\default.r0m\cookies.txt[.statcounter.com/] Spyware:Cookie/YieldManager Not disinfected C:\Dokumente und Einstellungen\Seebi\Anwendungsdaten\Mozilla\Firefox\Profiles\default.r0m\cookies.txt[ad.yieldmanager.com/] Spyware:Cookie/Reliablestats Not disinfected C:\Dokumente und Einstellungen\Seebi\Anwendungsdaten\Mozilla\Firefox\Profiles\default.r0m\cookies.txt[stats1.reliablestats.com/] Spyware:Cookie/WinFixer Not disinfected C:\Dokumente und Einstellungen\Seebi\Anwendungsdaten\Mozilla\Firefox\Profiles\default.r0m\cookies.txt[.winfixer.com/] Spyware:Cookie/Ccbill Not disinfected C:\Dokumente und Einstellungen\Seebi\Anwendungsdaten\Mozilla\Firefox\Profiles\default.r0m\cookies.txt[.ccbill.com/] Spyware:Cookie/MediaTickets Not disinfected C:\Dokumente und Einstellungen\Seebi\Anwendungsdaten\Mozilla\Firefox\Profiles\default.r0m\cookies.txt[.kinghost.com/] Spyware:Cookie/Belnk Not disinfected C:\Dokumente und Einstellungen\Seebi\Anwendungsdaten\Mozilla\Firefox\Profiles\default.r0m\cookies.txt[.belnk.com/] Spyware:Cookie/RealMedia Not disinfected C:\Dokumente und Einstellungen\Seebi\Anwendungsdaten\Mozilla\Firefox\Profiles\default.r0m\cookies.txt[.realmedia.com/] Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Dokumente und Einstellungen\Seebi\Anwendungsdaten\Mozilla\Firefox\Profiles\default.r0m\cookies.txt[server.iad.liveperson.net/hc/46036647] Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Dokumente und Einstellungen\Seebi\Anwendungsdaten\Mozilla\Firefox\Profiles\default.r0m\cookies.txt[server.iad.liveperson.net/] Spyware:Cookie/Com.com Not disinfected C:\Dokumente und Einstellungen\Seebi\Anwendungsdaten\Mozilla\Firefox\Profiles\default.r0m\cookies.txt[.com.com/] Spyware:Cookie/Hbmediapro Not disinfected C:\Dokumente und Einstellungen\Seebi\Anwendungsdaten\Mozilla\Firefox\Profiles\default.r0m\cookies.txt[.adopt.hbmediapro.com/] Spyware:Cookie/2o7.net Not disinfected C:\Dokumente und Einstellungen\Seebi\Anwendungsdaten\Mozilla\Firefox\Profiles\default.r0m\cookies.txt[.2o7.net/] Spyware:Cookie/Microsofte Not disinfected C:\Dokumente und Einstellungen\Seebi\Anwendungsdaten\Mozilla\Firefox\Profiles\default.r0m\cookies.txt[.microsofteup.112.2o7.net/] Spyware:Cookie/Doubleclick Not disinfected C:\Dokumente und Einstellungen\Seebi\Anwendungsdaten\Mozilla\Firefox\Profiles\default.r0m\cookies.txt[.doubleclick.net/] Spyware:Cookie/Mediaplex Not disinfected C:\Dokumente und Einstellungen\Seebi\Anwendungsdaten\Mozilla\Firefox\Profiles\default.r0m\cookies.txt[.mediaplex.com/] Spyware:Cookie/Doubleclick Not disinfected C:\Dokumente und Einstellungen\Mama.SEEBI-Z19CZRBKD\Anwendungsdaten\Mozilla\Firefox\Profiles\iutqeper.default\cookies.txt[] Spyware:Cookie/BurstNet Not disinfected C:\Dokumente und Einstellungen\Seebi\Anwendungsdaten\Mozilla\Firefox\Profiles\default.r0m\cookies.txt[] Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Dokumente und Einstellungen\Seebi\Anwendungsdaten\Mozilla\Firefox\Profiles\default.r0m\cookies.txt[46036647] Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Dokumente und Einstellungen\Seebi\Anwendungsdaten\Mozilla\Firefox\Profiles\default.r0m\cookies.txt[] Although the problem doesnt seem to be solved yet, my system's running faster now, so thanks for the help so far! 
|
|
|
|
|
Jan 18 2006, 09:56 PM
Post
#8
|
|
|
Most Respected SuperExpert Group: Member Posts: 4576 Joined: 9-June 04 Member No.: 8164 |
You're welcome;
This file can be deleted. C:\GatorPatch.log The rest are cookies in Mozilla Firefox. Empty those out. ------------------------------- Which program are you using to play the Videos? Have you run DXDiag yet? Go to Start >Run and type dxdiag Press enter When the DirectX diagnostic screen comes up, run the sound and Display tests. Let me know how that goes. Don't forget to check what drivers show as being installed. |
|
|
|
|
Jan 18 2006, 11:02 PM
Post
#9
|
|
|
Active Member Group: Member Posts: 39 Joined: 17-January 06 Member No.: 17473 |
I deleted the cookies.txt file. Hope I was supposed to do that, I didn't know how else to manage my cookies.
I made the tests with dxdiag before I contacted you, and now i've repeated them: everything runs ok. The program i use for videos: for example windows media player. But ingame Videos of games do the same thing. I also thought about this: the day the sound problems startet I discovered an old quicktime version on my harddrive, and because I couldnt uninstall it i kicked it in the trash and cleared "quicktime" related entries out of the registry (using regedit). I thought it might have to do something with that so i downloaded and installed the newest quicktime version, but since it brought no improvement i uninstalled it (this time properly) again. My sound driver used to be named Advance AC97 and is now Realtek AC97. Does that perhaps mean something? else: 
|
|
|
|
|
Jan 19 2006, 01:12 AM
Post
#10
|
|
|
Most Respected SuperExpert Group: Member Posts: 4576 Joined: 9-June 04 Member No.: 8164 |
Do you know how to get into Device Manager?
If so, scroll to Sounds Video and Game Controllers and expand that branch. Then find your sound device and get its properties. See if there's any problem with it. Also see if there are any problems for any of the other devices under Sounds Video and game controllers. |
|
|
|
|
Jan 20 2006, 04:45 PM
Post
#11
|
|
|
Active Member Group: Member Posts: 39 Joined: 17-January 06 Member No.: 17473 |
I checked all properties of all devices. There are no Conflicts between any devices, also they all claim to work properly. The location of my Audiocodecs is unknown, is that normal? Also I've two MIDI devices: MPU-compatible MIDI- device and Realtek. Is that maybe a problem?
:coffee: |
|
|
|
|
Jan 20 2006, 04:54 PM
Post
#12
|
|
|
Most Respected SuperExpert Group: Member Posts: 4576 Joined: 9-June 04 Member No.: 8164 |
AudioCodecs
Location: Unknown is not a problem. But di run the troubleshooter to see if it can pinpoint the problem of why the sound is stopping or skipping. When you ran DxDiag did you turn down the Hardware Acceleration? That's a good test to see if you need a driver upgrade. If turning down the Hardware acceleratoin corrects the situation. |
|
|
|
|
Jan 20 2006, 09:08 PM
Post
#13
|
|
|
Active Member Group: Member Posts: 39 Joined: 17-January 06 Member No.: 17473 |
Nope, even with Hardware Acceleration to zero, its still the same...
I opened Teamspeak just now and got this error message: :rulez: TDSoundOut.Open(DirectSoundCreate):No sound driver is available for use. Is this because I reinstalled DirectX? |
|
|
|
|
Jan 20 2006, 09:15 PM
Post
#14
|
|
|
Most Respected SuperExpert Group: Member Posts: 4576 Joined: 9-June 04 Member No.: 8164 |
Google can get you answers.
http://forum.teamspeak.org/showthread.php?t=7054 QUOTE upgraded my Soundcard drivers, and then 2 days later fired up TeamSpeak to join my server: TDSoundOut.Open(DirectSoundCreate): No sound driver is available for use. WTF? In the client, I looked at > Settings > Options: Sure enough, card was there? Then, I sussed. It wasn't selected (EVEN though highlighted). So go: Settings > Options: slect you card in the list box, and hit 'Apply'. I would suggest you uninstall then reinstall your sound drivers again. |
|
|
|
|
Jan 20 2006, 09:18 PM
Post
#15
|
|
|
Most Respected SuperExpert Group: Member Posts: 4576 Joined: 9-June 04 Member No.: 8164 |
When you opened device manager and looked at yuour sound card drivers, was there a rollback option? That would roll back the drivers to the last ones installed previously.
|
|
|
|
|
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:
| Lo-Fi Version | Time is now: 22nd November 2009 - 04:36 AM |
