Ständiges Öffnen neuer Fenster mit Werbung etc.

shos24 · 22.07.2008, 17:42

Hallo, mein Problem besteht nun mittlerweile seit paar Tagen. Da ich aber absoluter Laie auf diesem Gebiet bin, bin ich äußerst ratlos, was ich machen kann, dass sich nicht ständig irgendwelche Fenster öffnen.

Ich hoffe hier kann mir jemand helfen.

Vielen Dank bereits jetzt für Eure Mühe!!!
Basti

#

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:41:39, on 22.07.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Intel\Wireless\Bin\EvtEng.exe
C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccProxy.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe
C:\Programme\Norton Internet Security\ISSVC.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Programme\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\Programme\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Programme\Apoint\Apoint.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\ICO.EXE
C:\Programme\Sony\VAIO Power Management\SPMgr.exe
C:\Programme\Sony\ISB Utility\ISBMgr.exe
C:\Programme\Utimaco\SafeGuard PrivateDisk\pdservice.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe
C:\Programme\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAGE.EXE
C:\Programme\Winamp\winampa.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Programme\QuickTime\qttask.exe
C:\Programme\Adobe\Photoshop Elements 4.0\apdproxy.exe
C:\Programme\Sony\VAIO Update 3\VAIOUpdt.exe
C:\Programme\avmwlanstick\FRITZWLANMini.exe
C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\TuneUp Utilities 2007\MemOptimizer.exe
C:\dokumente und einstellungen\ebay\lokale einstellungen\anwendungsdaten\qgiua.exe
C:\Programme\Apoint\Apntex.exe
C:\Programme\Nikon\PictureProject\NkbMonitor.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Programme\Sony\VAIO Event Service\VESMgr.exe
C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Center\SymWSC.exe
C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\WINDOWS\System32\alg.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\NMain.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Dokumente und Einstellungen\Ebay\Lokale Einstellungen\Temp\jkos-Ebay\binaries\ScanningProcess.exe
C:\Programme\Microsoft Office\Office\OUTLOOK.EXE
C:\Dokumente und Einstellungen\Ebay\Lokale Einstellungen\Temporary Internet Files\Content.IE5\H7M8LQBQ\HiJackThis[1].exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Programme\Messenger\msmsgs.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.bearshare.com/sidebar.html?src=ssb
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ebay.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://vcl.vaio.sony.co.jp/eu/PforVAIO.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = fritz.box;192.168.178.1
R3 - URLSearchHook: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Programme\BearShare applications\BearShare MediaBar\MediaBar.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Programme\Gemeinsame Dateien\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programme\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: XBTP02634 - {F97DA966-F09D-4cab-BF29-75A0026986EA} - C:\PROGRA~1\BEARSH~1\BEARSH~2\MediaBar.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Programme\Gemeinsame Dateien\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programme\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Programme\BearShare applications\BearShare MediaBar\MediaBar.dll
O4 - HKLM\..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Programme\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Programme\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Programme\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [PDService.exe] C:\Programme\Utimaco\SafeGuard PrivateDisk\pdservice.exe
O4 - HKLM\..\Run: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Programme\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Programme\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [EPSON Stylus Photo RX520 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAGE.EXE /P31 "EPSON Stylus Photo RX520 Series" /O6 "USB001" /M "Stylus Photo RX520"
O4 - HKLM\..\Run: [WinampAgent] C:\Programme\Winamp\winampa.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Programme\Adobe\Photoshop Elements 4.0\apdproxy.exe"
O4 - HKLM\..\Run: [VAIO Update 3] "C:\Programme\Sony\VAIO Update 3\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [AVMWlanClient] C:\Programme\avmwlanstick\FRITZWLANMini.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Programme\TuneUp Utilities 2007\MemOptimizer.exe" autostart
O4 - HKCU\..\Run: [qgiua] c:\dokumente und einstellungen\ebay\lokale einstellungen\anwendungsdaten\qgiua.exe qgiua
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Programme\Nikon\PictureProject\NkbMonitor.exe
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O12 - Plugin for .UVR: C:\Programme\Internet Explorer\Plugins\NPUPano.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.com/de/
O15 - Trusted Zone: *.sony-europe.com
O15 - Trusted Zone: *.sonystyle-europe.com
O15 - Trusted Zone: *.vaio-link.com
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/pm/activex/eBay_Enhanced_Picture_Control_v1-0-3-48.cab
O16 - DPF: {59136DB4-6CA3-4B40-8F2F-BBF84B6F1E91} (Attachment Upload Control) - https://stream.web.de/mail/activex/mail_upload_11213.cab
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Programme\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: Automatisches LiveUpdate - Scheduler - Symantec Corporation - C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe
O23 - Service: EvtEng - Intel Corporation - C:\Programme\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Programme\Norton Internet Security\ISSVC.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norton AntiVirus Auto-Protect-Dienst (navapsvc) - Symantec Corporation - C:\Programme\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: NBService - Nero AG - C:\Programme\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Programme\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\GEMEIN~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Programme\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Programme\Spyware Doctor\pctsSvc.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: Symantec RemoteAssist - Symantec, Inc. - C:\Programme\Gemeinsame Dateien\Symantec Shared\Support Controls\ssrc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Programme\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Programme\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Programme\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Programme\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Programme\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O24 - Desktop Component 0: (no name) - http://srx.de.ebayrtm.com/rtm?RtmCmd&a=json&cb=parent.ebay.oDocument.oPage.watcheditem&p=129:283:280:433&i=565680805&c=1H4sIAAAAAAAAAF2OsQpCMQxFd8F%2FKLg%2F kjRt0gf5BHFQcHF7Org56P%2Bb11RE6XBuys292Z1v13RYniljgjKTziBpfzwlApDt5kHWRJ2Ys2EnmUxQRapPYFwa1%2F6PBisrDY6Z2dYclPLxLverIV1eAIAlgBDsC2jSNxhCEIhxm4AEJaoimY aPWlyGv67yt0VsqFGj3zbNRspdUY%2FRkZrVj%2FTnukZfFkPk4voNxsGpVzUBAAA%3D&g=b4192cd21150a09c13e65246ffb91a80&uf=1&z=8&ord=1193833718265&amp ;bw=1259

--
End of file - 15252 bytes

shos24 · 22.07.2008, 18:40

Search Navipromo version 3.6.1 began on 22.07.2008 at 19:19:33,54

!!! Warning, this report may include legitimate files/programs !!!
!!! Post this report on the forum you are being helped !!!
!!! Don't continue with removal unless instructed by an authorized helper !!!
Fix running from C:\Programme\navilog1
Actual User Account : "Ebay"

Updated on 19.07.2008 at 20h00 by IL-MAFIOSO

Microsoft Windows XP [Version 5.1.2600]
Version Internet Explorer : 7.0.5730.11
Filesystem type : NTFS

Search done in normal mode

*** Searching for installed Software ***

Favorit

*** Search folders in "C:\WINDOWS" ***

*** Search folders in "C:\Programme" ***

*** Search folders in "C:\Dokumente und Einstellungen\All Users\startm~1\progra~1" ***

*** Search folders in "C:\Dokumente und Einstellungen\All Users\startm~1" ***

*** Search folders in "c:\dokume~1\alluse~1\anwend~1" ***

*** Search folders in "C:\Dokumente und Einstellungen\Ebay\anwend~1" ***

*** Search folders in "C:\DOKUME~1\Anja\anwend~1" ***

*** Search folders in "C:\DOKUME~1\Basti\anwend~1" ***

*** Search folders in "C:\Dokumente und Einstellungen\Ebay\lokale~1\anwend~1" ***

*** Search folders in "C:\DOKUME~1\Anja\lokale~1\anwend~1" ***

*** Search folders in "C:\DOKUME~1\Basti\lokale~1\anwend~1" ***

*** Search folders in "C:\Dokumente und Einstellungen\Ebay\startm~1\progra~1" ***

*** Search folders in "C:\DOKUME~1\Anja\startm~1\progra~1" ***

*** Search folders in "C:\DOKUME~1\Basti\startm~1\progra~1" ***

*** Search with Catchme-rootkit/stealth malware detector by gmer ***
for more info : http://www.gmer.net

No Navipromo file found

*** Search with GenericNaviSearch ***
!!! Possibility of legitimate files in the result !!!
!!! Must always be checked before manually deleting !!!

* Scan in "C:\WINDOWS\system32" *

* Scan in "C:\Dokumente und Einstellungen\Ebay\lokale~1\anwend~1" *

* Scan in "C:\DOKUME~1\Anja\lokale~1\anwend~1" *

* Scan in "C:\DOKUME~1\Basti\lokale~1\anwend~1" *

*** Search files ***

C:\WINDOWS\system32\nvs2.inf found !

*** Search specific Registry keys ***

HKEY_CURRENT_USER\Software\Lanconfig found !

*** Complementary Search ***
(Search specific files)

1)Search new Instant Access files :

2)Heuristic Search :

* In "C:\WINDOWS\system32" :

* In "C:\Dokumente und Einstellungen\Ebay\lokale~1\anwend~1" :

qgiua.dat found !
qgiua_nav.dat found !
qgiua_navps.dat found !

* In "C:\DOKUME~1\Anja\lokale~1\anwend~1" :

* In "C:\DOKUME~1\Basti\lokale~1\anwend~1" :

3)Certificates Search :

Egroup certificate found !
Electronic-Group certificate found !
OOO-Favorit certificate found !
Sunny-Day-Design-Ltd certificate not found !

4)Search known files :

*** Search completed on 22.07.2008 at 19:38:08,15 ***

shos24 · 22.07.2008, 18:52

nach ausführen der option 2 im navilog1:

Navipromo Removal version 3.6.1 started on 22.07.2008 at 19:43:23,71

Fix running from C:\Programme\navilog1
Actual User Account : "Ebay"

Updated on 19.07.2008 at 20h00 by IL-MAFIOSO

Microsoft Windows XP [Version 5.1.2600]
Internet Explorer : 7.0.5730.11
Filesystem type : NTFS

Automatic removal
with Catchme and GNS results

Cleanning stage done on Reboot

*** fsbl1.txt not found ***
(Check that Catchme found nothing in Search Mode)

*** Deleting with Backups GenericNaviSearch results ***

* Deletion in "C:\WINDOWS\System32" *

* Deletion in "C:\Dokumente und Einstellungen\Ebay\lokale~1\anwend~1" *

* Deletion in "C:\DOKUME~1\Anja\lokale~1\anwend~1" *

* Deletion in "C:\DOKUME~1\Basti\lokale~1\anwend~1" *

*** Deleting folders in "C:\WINDOWS" ***

*** Deleting folders in "C:\Programme" ***

*** Deleting folders in "C:\Dokumente und Einstellungen\All Users\startm~1\progra~1" ***

*** Deleting folders in "C:\Dokumente und Einstellungen\All Users\startm~1" ***

*** Deleting folders in "c:\dokume~1\alluse~1\anwend~1" ***

*** Deleting folders in "C:\Dokumente und Einstellungen\Ebay\anwend~1" ***

*** Deleting folders in "C:\DOKUME~1\Anja\anwend~1" ***

*** Deleting folders in "C:\DOKUME~1\Basti\anwend~1" ***

*** Deleting folders in "C:\Dokumente und Einstellungen\Ebay\lokale~1\anwend~1" ***

*** Deleting folders in "C:\DOKUME~1\Anja\lokale~1\anwend~1" ***

*** Deleting folders in "C:\DOKUME~1\Basti\lokale~1\anwend~1" ***

*** Deleting folders in "C:\Dokumente und Einstellungen\Ebay\startm~1\progra~1" ***

*** Deleting folders in "C:\DOKUME~1\Anja\startm~1\progra~1" ***

*** Deleting folders in "C:\DOKUME~1\Basti\startm~1\progra~1" ***

*** Deleting files ***

C:\WINDOWS\system32\nvs2.inf deleted !

*** Deleting temporary files ***

Cleaning of C:\WINDOWS\Temp done !
Cleaning of C:\Dokumente und Einstellungen\Ebay\lokale~1\Temp done !

*** Complementary Search ***
(Search specific files)

1)Deletion with backups new Instant Access files:

2)Heuristic search and deletion with backups :

* In "C:\WINDOWS\system32" *

* In "C:\Dokumente und Einstellungen\Ebay\lokale~1\anwend~1" *

qgiua.exe found !
Copy qgiua.exe done !
qgiua.exe deleted !

qgiua.dat found !
Copy qgiua.dat done !
qgiua.dat deleted !

qgiua_nav.dat found !
Copy qgiua_nav.dat done !
qgiua_nav.dat deleted !

qgiua_navps.dat found !
Copy qgiua_navps.dat done !
qgiua_navps.dat deleted !

C:\WINDOWS\prefetch\qgiua*.pf found !
Copy C:\WINDOWS\prefetch\qgiua*.pf done !
C:\WINDOWS\prefetch\qgiua*.pf deleted !

* In "C:\DOKUME~1\Anja\lokale~1\anwend~1" *

* In "C:\DOKUME~1\Basti\lokale~1\anwend~1" *

*** Copy Registry to Safebackup folder ***

Backing up Registry done !

*** Cleaning Registry ***

Registry cleaned

*** Certificates ***

Egroup Certificate deleted !
Electronic-Group Certificate deleted !
OOO-Favorit Certificate deleted !
Sunny-Day-Design-Ltd Certificate not found !

*** Cleaning stage complete on 22.07.2008 at 19:48:34,73 ***

Jetzt alles ok????

Ständiges Öffnen neuer Fenster mit Werbung etc.

Log-Analyse und Auswertung: Ständiges Öffnen neuer Fenster mit Werbung etc.