Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: About:blank kann mir wer helfen

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 30.06.2009, 13:03   #1
BlablaNo.1
 
About:blank kann mir wer helfen - Unglücklich

About:blank kann mir wer helfen



Also ich habe seid längerer Zeit als Startseite dieses about:blank und habe dann ein bissl gegoogelt wie man das so macht und herausgefunden, dass das ein unschöner Trojaner ist aber auch wie man ihn weg bekommen könnte...
Hier erstmal mein Log, ich hoffe ihr könnt damit was anfangen und mir weiter helfen ..... ich weiß echt nicht mehr weiter ... Danke schonmal an alle

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:04:08, on 25.06.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Steganos AntiPhishing Beta\services\SaphiSrv.exe
C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Programme\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Programme\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\CA\eTrust Antivirus\InoRpc.exe
C:\Programme\CA\eTrust Antivirus\InoRT.exe
C:\Programme\CA\eTrust Antivirus\InoTask.exe
C:\Programme\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Steganos AntiSpyware 2006\WRSSSDK.exe
C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\Dit.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\AGRSMMSG.exe
C:\PROGRA~1\Medion\KeyStat\KeyStat.exe
C:\Programme\Home Cinema\PowerCinema\PCMService.exe
C:\PROGRA~1\CA\ETRUST~1\realmon.exe
C:\Programme\Saitek\Software\SaiSmart.exe
C:\Programme\Saitek\Software\SaiMfd.exe
C:\Programme\Saitek\Software\Profiler.exe
C:\Programme\Razer\razerhid.exe
C:\Programme\Unlocker\UnlockerAssistant.exe
C:\Programme\Java\jre6\bin\jusched.exe
C:\Programme\Razer\razerofa.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Programme\Electronic Arts\EADM\Core.exe
C:\Programme\Skype\Phone\Skype.exe
C:\Programme\Windows Media Player\WMPNSCFG.exe
C:\Programme\ICQ6.5\ICQ.exe
C:\WINDOWS\system32\wscntfy.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\Programme\Skype\Plugin Manager\skypePM.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\Windows Live\Toolbar\wltuser.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Dokumente und Einstellungen\Johanna\Lokale Einstellungen\Temporary Internet Files\Content.IE5\375KQQZ7\HiJackThis[1].exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.de/0SEDEDE/SAOS01
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://en.dinoparc.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,First Home Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Programme\Winamp Toolbar\winamptb.dll
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\5357\toolbaru.dll
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\5357\toolbaru.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Programme\Winamp Toolbar\winamptb.dll
O2 - BHO: Zango Search Assistant Helper /fleok=1D8A83A5C5E315789FA575760EA83FA5EF80752B94E3D87C59784E2D3ACF - {56F1D444-11BF-4879-A12B-79CF0177F038} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Programme\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\de\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Programme\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programme\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\5357\toolbaru.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\de\msntb.dll
O3 - Toolbar: (no name) - {F21202A2-959A-4149-B1C3-68B9013F3335} - (no file)
O3 - Toolbar: (no name) - {41F6170D-6AF8-4188-8D92-9DDAB3C71A78} - (no file)
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Programme\Winamp Toolbar\winamptb.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Keyboard Status] C:\PROGRA~1\Medion\KeyStat\KeyStat.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PCMService] "C:\Programme\Home Cinema\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [Realtime Monitor] C:\PROGRA~1\CA\ETRUST~1\realmon.exe -s
O4 - HKLM\..\Run: [SaiSmart] C:\Programme\Saitek\Software\SaiSmart.exe
O4 - HKLM\..\Run: [SaiMfd] C:\Programme\Saitek\Software\SaiMfd.exe
O4 - HKLM\..\Run: [Profiler] C:\Programme\Saitek\Software\Profiler.exe
O4 - HKLM\..\Run: [AntiSpyware 2006] "C:\Programme\Steganos AntiSpyware 2006\saspy2006.exe" /startintray
O4 - HKLM\..\Run: [razer] C:\Programme\Razer\razerhid.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Programme\Unlocker\UnlockerAssistant.exe" -H
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [EA Core] "C:\Programme\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [Skype] "C:\Programme\Skype\\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ICQ] "C:\Programme\ICQ6.5\ICQ.exe" silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Windows Search.lnk = C:\Programme\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Programme\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZC
O8 - Extra context menu item: &Winamp Search - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Download with NetPumper - C:\Programme\NetPumper\AddUrl.htm
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: Steganos AntiPhishing - {104B66A9-9E68-49D1-A3F5-94754BE9E0E6} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com/
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/DE-DE/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1106843944468
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://arcade.icq.com/carlo/zuma/popcaploader_v5.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Programme\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Abel - Unknown owner - F:\Cain\Abel.exe (file missing)
O23 - Service: Steganos AntiPhishing Communication Service (AntiPhishingCommService) - Unknown owner - C:\Programme\Steganos AntiPhishing Beta\services\SaphiSrv.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Programme\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: eTrust Antivirus RPC Server (InoRPC) - Computer Associates International, Inc. - C:\Programme\CA\eTrust Antivirus\InoRpc.exe
O23 - Service: eTrust Antivirus Realtime Server (InoRT) - Computer Associates International, Inc. - C:\Programme\CA\eTrust Antivirus\InoRT.exe
O23 - Service: eTrust Antivirus Job Server (InoTask) - Computer Associates International, Inc. - C:\Programme\CA\eTrust Antivirus\InoTask.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Programme\WinPcap\rpcapd.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Programme\Steganos AntiSpyware 2006\WRSSSDK.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

--
End of file - 14999 bytes

Alt 02.07.2009, 09:43   #2
BlablaNo.1
 
About:blank kann mir wer helfen - Standard

About:blank kann mir wer helfen



Kann mir hier wegen echt keiner helfen? Ich hab das Ding schon so lang auf dem Rechner und würde es gerne los werden wollen. Also wenn irgendjemand weiß wie, wäre ich sehr verbunden, wenn er sich melden würde. Danke.
__________________


Alt 02.07.2009, 16:32   #3
nochdigger
 
About:blank kann mir wer helfen - Standard

About:blank kann mir wer helfen



Hallo und

Haben Steganos AntiSpyware 2006 und CA nix zu meckern gehabt?

arbeite bitte zuerst diese Anleitung ab (ohne Hijackthis)
http://www.trojaner-board.de/69886-a...-beachten.html
zusätzlich überprüfe dein System mit SUPERAntiSpyware und poste alle relevanten Logs hierher, dann sehen wir weiter.

MFG
__________________
__________________

Alt 02.07.2009, 22:24   #4
BlablaNo.1
 
About:blank kann mir wer helfen - Standard

About:blank kann mir wer helfen



mhh ne die sagen da nichts zu leider

Alt 03.07.2009, 06:24   #5
nochdigger
 
About:blank kann mir wer helfen - Standard

About:blank kann mir wer helfen



Moin

Zitat:
mhh ne die sagen da nichts zu leider
ein bisschen traurig, dann bitte hiermit weitermachen
Zitat:
Zitat von nochdigger Beitrag anzeigen
arbeite bitte zuerst diese Anleitung ab (ohne Hijackthis)
http://www.trojaner-board.de/69886-a...-beachten.html
zusätzlich überprüfe dein System mit SUPERAntiSpyware und poste alle relevanten Logs hierher, dann sehen wir weiter.
MFG

__________________
Kein Support per PN - Bitte im Forum posten.

Alt 03.07.2009, 10:35   #6
BlablaNo.1
 
About:blank kann mir wer helfen - Standard

About:blank kann mir wer helfen



also beim CCleaner finde ich teilweise 4000mb kp warum hier nun der log vom malewarebitys

Malwarebytes' Anti-Malware 1.38
Datenbank Version: 2366
Windows 5.1.2600 Service Pack 3

03.07.2009 11:32:43
mbam-log-2009-07-03 (11-32-43).txt

Scan-Methode: Vollständiger Scan (C:\|D:\|E:\|F:\|)
Durchsuchte Objekte: 267251
Laufzeit: 1 hour(s), 21 minute(s), 39 second(s)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 66
Infizierte Registrierungswerte: 3
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 17
Infizierte Dateien: 99

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_CLASSES_ROOT\clientax.requiredcomponent (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0ac49246-419b-4ee0-8917-8818daad6a4e} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{51cf80dc-a309-4735-bb11-ef18bf4e3ad9} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f31a5d11-bf0b-4a4e-90af-274f2090aaa6} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{f31a5d11-bf0b-4a4e-90af-274f2090aaa6} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\clientax.requiredcomponent.1 (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\clientax.zangoclientax (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\clientax.zangoclientax.1 (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\lmgr180.wmdrmax (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\lmgr180.wmdrmax.1 (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\netpumper.addurl (Trojan.Lop) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\netpumpernnproxy.netscapeinterface (Trojan.Lop) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{f7258f6e-9f60-49c0-8c82-f0a0993d68e0} (Trojan.Lop) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e0abbf96-17dc-44ca-96d0-6217064a97ba} (Trojan.Lop) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e19b133d-184e-4bba-8a70-38489c9dd31b} (Trojan.Lop) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{43382522-a846-46f4-ac57-1f71ae6e1086} (Adware.WhenUSave) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{572fb162-c0ba-4edf-8cff-e3846153b9b0} (Adware.WhenUSave) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{72a836d1-bc00-43c0-a941-17960e4fb842} (Adware.WhenUSave) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{a8b0f390-e6bf-4027-a4d4-1e4363f5e27b} (Trojan.Lop) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{a9e33220-0b05-11d7-88d2-444553540000} (Trojan.Lop) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1aa406ab-f581-42ab-b4d1-31d2e13819ef} (Trojan.Lop) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{df901432-1b9f-4f5b-9e56-301c553f9095} (Adware.WhenUSave) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{1145a909-a836-44b8-b03a-48d858b0f43e} (Trojan.Lop) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{127df9b4-d75d-44a6-af78-8c3a8ceb03db} (Adware.WhenUSave) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c2eeb4fa-b6d6-41b9-9cfa-aba87f862bcb} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{42f2c9ba-614f-47c0-b3e3-ecfd34eed658} (Adware.ISTBar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{f919fbd3-a96b-4679-af26-f551439bb5fd} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b64f4a7c-97c9-11da-8bde-f66bad1e3f3a} (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{d724f038-df89-4a1a-83d1-fd9164b78077} (Rogue.BulletProofSpyware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{502f728b-67b8-409e-bceb-7ee8632f321a} (Rogue.BulletProofSpyware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d2cd81e5-cc37-44b3-93b7-c52cb993ba34} (Rogue.BulletProofSpyware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{da295dae-fce7-4168-bcb8-edc3a433bd97} (Rogue.BulletProofSpyware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{ed40af28-f03f-492a-9542-e24945cd65aa} (Rogue.BulletProofSpyware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e6bb8b70-8ad2-43b6-a952-83e462ce80de} (Rogue.BulletProofSpyware) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\netpumper_is1 (Adware.NetPumper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{056738e1-e15c-11d6-b876-0050bf5d85c7} (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{056738ed-e15c-11d6-b876-0050bf5d85c7} (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{056738ee-e15c-11d6-b876-0050bf5d85c7} (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{056738ee-e15c-11d6-b876-0050bf5d85c7} (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\NetPumper (Adware.NetPumper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\Download with NetPumper (Adware.NetPumper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MIME\Database\Content Type\application/x-netpumper-detector (Adware.NetPumper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2 (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2.1 (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Online Add-on (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\ACM.dll (Adware.WhenUSave) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\NetPumper (Adware.NetPumper) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\anti-leech alie (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\anti-leech alnn (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Anti-Leech (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055fd26d-3a88-4e15-963d-dc8493744b1d} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{055fd26d-3a88-4e15-963d-dc8493744b1d} (Adware.BHO) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Netscape\Netscape Navigator\Automation Protocols\ftp (Adware.NetPumper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Netscape\Netscape Navigator\Automation Protocols\http (Adware.NetPumper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Search\ (Adware.Hotbar) -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
C:\Programme\Video Add-on Setup (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Programme\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\programme\mywebsearch\bar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\programme\mywebsearch\bar\History (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\programme\mywebsearch\bar\Settings (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Programme\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\programme\funwebproducts\ScreenSaver (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\programme\funwebproducts\screensaver\Images (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\programme\funwebproducts\Shared (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\Johanna\Anwendungsdaten\NetPumper (Adware.NetPumper) -> Quarantined and deleted successfully.
C:\Programme\NetPumper (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\Anti-Leech (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help\images (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\Anti-Leech (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
c:\programme\anti-leech\ALIE_1.0.2.3 (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
c:\programme\anti-leech\ALNN (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.

Infizierte Dateien:
C:\WINDOWS\Downloaded Program Files\ClientAX.dll (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Programme\NetPumper\NetPumperNNProxy.dll (Trojan.Lop) -> Quarantined and deleted successfully.
c:\programme\anti-leech\ALNN\alhlp.exe (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
c:\programme\anti-leech\ALNN\npalnn.dll (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
c:\programme\anti-leech\ALNN\setup2.exe (Rogue.Installer) -> Quarantined and deleted successfully.
c:\programme\netpumper\NetPumper.exe (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\NetPumperIEProxy.exe (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\NPNetPumper_Application.dll (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\NPNetPumper_Audio.dll (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\NPNetPumper_Video.dll (Trojan.Lop) -> Quarantined and deleted successfully.
c:\programme\netpumper\shutdown.exe (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\TurnLog.exe (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\anti-leech\ALPlugin-setup.exe (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\bpssc1.1.dll (Rogue.BulletProofSpyware) -> Quarantined and deleted successfully.
c:\programme\mywebsearch\bar\History\search2 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\programme\mywebsearch\bar\Settings\prevcfg2.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\programme\mywebsearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\programme\funwebproducts\screensaver\Images\005C49FA.urr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\programme\funwebproducts\Shared\00635A63.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\Johanna\anwendungsdaten\netpumper\Johanna.ini (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\AddUrl.htm (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\README.txt (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\unins000.dat (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\unins000.exe (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\x.bat (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\anti-leech\ALPluginIE-1.0.2.3-setup.exe (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\anti-leech\LICENSE.txt (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help\compat.htm (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help\details.htm (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help\features.htm (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help\index.htm (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help\mainwin.htm (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help\nphelp.css (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help\prefwindow.htm (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help\register.htm (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help\schedwin.htm (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help\tips.htm (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help\images\apllimit.gif (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help\images\bandwidthpanel.gif (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help\images\buttons.gif (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help\images\cmdadd.gif (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help\images\cmdaddtoschedule.gif (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help\images\cmddetails.gif (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help\images\cmdeditschedule.gif (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help\images\cmdfolder.gif (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help\images\cmdhelp.gif (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help\images\cmdopen.gif (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help\images\cmdopenfolder.gif (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help\images\cmdpause.gif (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help\images\cmdprefs.gif (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help\images\cmdremove.gif (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help\images\cmdresume.gif (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help\images\cmdselectall.gif (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help\images\detailwin-wide.gif (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help\images\detailwin.gif (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help\images\droptoschedule.gif (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help\images\editbandwidth.gif (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help\images\ignlimit.gif (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help\images\limserver.gif (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help\images\limservergold.gif (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help\images\limuser.gif (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help\images\mainwin.gif (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help\images\moveicons.gif (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help\images\prefw-bandwidth.gif (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help\images\prefw-connections.gif (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help\images\prefw-general.gif (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help\images\prefw-login.gif (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help\images\prefw-monitoring.gif (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help\images\prefw-proxy-ftp.gif (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help\images\prefw-proxy-http.gif (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help\images\register-1.gif (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help\images\register-2.gif (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help\images\register-3-1.gif (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help\images\register-3-2.gif (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help\images\schedulewin.gif (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help\images\scnoresume.gif (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help\images\scresumes.gif (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help\images\scunk.gif (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help\images\stanalyzing.gif (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help\images\starticon.gif (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help\images\stcompleted.gif (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help\images\stfatal.gif (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help\images\stinpro.gif (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help\images\stnhelp.gif (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help\images\stopicon.gif (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help\images\stpaused.gif (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help\images\stqueued.gif (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help\images\stretrying.gif (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help\images\stscheduled.gif (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help\images\summary.gif (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help\images\throtdn.gif (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\netpumper\help\images\zoombtn.gif (Adware.NetPumper) -> Quarantined and deleted successfully.
c:\programme\anti-leech\alie_1.0.2.3\alhlp.exe (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
c:\programme\anti-leech\alie_1.0.2.3\alie.dll (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
c:\programme\anti-leech\alie_1.0.2.3\alie.inf (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
c:\programme\anti-leech\alie_1.0.2.3\iesetup2.exe (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\navshext1.dll (Trojan.Agent) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\Johanna\lokale einstellungen\Temp\laf1.exe (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Programme\ICQToolbar\5357\toolbaru.dll (Adware.BHO) -> Delete on reboot.

Alt 03.07.2009, 22:05   #7
nochdigger
 
About:blank kann mir wer helfen - Standard

About:blank kann mir wer helfen



Hallo

na da hat Malwarebytes ja 'ne ganze Menge Müll entsorgt, den größten Teil der Funde wurde von dir selbst installiert.

Mach nun bitte mit SUPERAntiSpyware und der Liste der installierten Programme weiter, poste das Log und die Liste sowie ein frisches HijackThis Log hierher und berichte bitte.

MFG
__________________
Kein Support per PN - Bitte im Forum posten.

Alt 04.07.2009, 09:36   #8
BlablaNo.1
 
About:blank kann mir wer helfen - Standard

About:blank kann mir wer helfen



Mhh ok werde ich tun allerdings werde ich das erst ab montag reinposten weil ich solange nicht zu hause bin trotzdem schon einmal vielen vielen dank

Alt 05.07.2009, 20:22   #9
BlablaNo.1
 
About:blank kann mir wer helfen - Standard

About:blank kann mir wer helfen



SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 07/05/2009 at 09:18 PM

Application Version : 4.26.1006

Core Rules Database Version : 3972
Trace Rules Database Version: 1912

Scan type : Complete Scan
Total Scan Time : 02:57:45

Memory items scanned : 611
Memory threats detected : 0
Registry items scanned : 7346
Registry threats detected : 34
File items scanned : 224788
File threats detected : 17

Adware.Zango
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{56F1D444-11BF-4879-A12B-79CF0177F038}
HKU\S-1-5-21-1147986998-4177404512-1620174987-1008\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{56F1D444-11BF-4879-A12B-79CF0177F038}

Adware.WhenU
HKU\S-1-5-21-1147986998-4177404512-1620174987-1008\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA2325ED-F9EB-4830-8FCE-0BC35B16969B}

Adware.Tracking Cookie
C:\Dokumente und Einstellungen\Johanna\Cookies\johanna@doubleclick[1].txt

Adware.180solutions/ZangoSearch
HKCR\TypeLib\{8BE3FABA-7468-4851-B97C-0750AF2B908E}
HKCR\TypeLib\{8BE3FABA-7468-4851-B97C-0750AF2B908E}\1.0
HKCR\TypeLib\{8BE3FABA-7468-4851-B97C-0750AF2B908E}\1.0\0
HKCR\TypeLib\{8BE3FABA-7468-4851-B97C-0750AF2B908E}\1.0\0\win32
HKCR\TypeLib\{8BE3FABA-7468-4851-B97C-0750AF2B908E}\1.0\FLAGS
HKCR\TypeLib\{8BE3FABA-7468-4851-B97C-0750AF2B908E}\1.0\HELPDIR

Adware.MyWebSearch/FunWebProducts
HKU\S-1-5-21-1147986998-4177404512-1620174987-1008\SOFTWARE\FunWebProducts

Malware.AntiVirGear
HKCR\CLSID\{3BC3AC5B-3BBB-9DBE-8166-EC650E3B9B48}
HKCR\CLSID\{3BC3AC5B-3BBB-9DBE-8166-EC650E3B9B48}\aPpa
HKCR\CLSID\{3BC3AC5B-3BBB-9DBE-8166-EC650E3B9B48}\dgxzzcuoXHb
HKCR\CLSID\{3BC3AC5B-3BBB-9DBE-8166-EC650E3B9B48}\etKks
HKCR\CLSID\{3BC3AC5B-3BBB-9DBE-8166-EC650E3B9B48}\Implemented Categories
HKCR\CLSID\{3BC3AC5B-3BBB-9DBE-8166-EC650E3B9B48}\Implemented Categories\{62C8FE65-4EBB-45E7-B440-6E39B2CDBF29}
HKCR\CLSID\{3BC3AC5B-3BBB-9DBE-8166-EC650E3B9B48}\InprocServer32
HKCR\CLSID\{3BC3AC5B-3BBB-9DBE-8166-EC650E3B9B48}\InprocServer32#ThreadingModel
HKCR\CLSID\{3BC3AC5B-3BBB-9DBE-8166-EC650E3B9B48}\InprocServer32#Class
HKCR\CLSID\{3BC3AC5B-3BBB-9DBE-8166-EC650E3B9B48}\InprocServer32#Assembly
HKCR\CLSID\{3BC3AC5B-3BBB-9DBE-8166-EC650E3B9B48}\InprocServer32#RuntimeVersion
HKCR\CLSID\{3BC3AC5B-3BBB-9DBE-8166-EC650E3B9B48}\InprocServer32\1.0.5000.0
HKCR\CLSID\{3BC3AC5B-3BBB-9DBE-8166-EC650E3B9B48}\InprocServer32\1.0.5000.0#Class
HKCR\CLSID\{3BC3AC5B-3BBB-9DBE-8166-EC650E3B9B48}\InprocServer32\1.0.5000.0#Assembly
HKCR\CLSID\{3BC3AC5B-3BBB-9DBE-8166-EC650E3B9B48}\InprocServer32\1.0.5000.0#RuntimeVersion
HKCR\CLSID\{3BC3AC5B-3BBB-9DBE-8166-EC650E3B9B48}\InprocServer32\2.0.0.0
HKCR\CLSID\{3BC3AC5B-3BBB-9DBE-8166-EC650E3B9B48}\InprocServer32\2.0.0.0#RuntimeVersion
HKCR\CLSID\{3BC3AC5B-3BBB-9DBE-8166-EC650E3B9B48}\InprocServer32\2.0.0.0#Assembly
HKCR\CLSID\{3BC3AC5B-3BBB-9DBE-8166-EC650E3B9B48}\InprocServer32\2.0.0.0#Class
HKCR\CLSID\{3BC3AC5B-3BBB-9DBE-8166-EC650E3B9B48}\ProgId
HKCR\CLSID\{3BC3AC5B-3BBB-9DBE-8166-EC650E3B9B48}\qRgzt
HKCR\CLSID\{3BC3AC5B-3BBB-9DBE-8166-EC650E3B9B48}\SJXfurnmsV
HKCR\CLSID\{3BC3AC5B-3BBB-9DBE-8166-EC650E3B9B48}\yDuKri
HKCR\CLSID\{3BC3AC5B-3BBB-9DBE-8166-EC650E3B9B48}\zwibhFcjvJx
C:\DOKUMENTE UND EINSTELLUNGEN\JOHANNA\LOKALE EINSTELLUNGEN\TEMP\BRE.EXE

Adware.180solutions/Search Assistant
C:\DOKUMENTE UND EINSTELLUNGEN\JOHANNA\LOKALE EINSTELLUNGEN\TEMP\180F.TMP
C:\DOKUMENTE UND EINSTELLUNGEN\JOHANNA\LOKALE EINSTELLUNGEN\TEMP\18012.TMP
C:\DOKUMENTE UND EINSTELLUNGEN\JOHANNA\LOKALE EINSTELLUNGEN\TEMP\18019.TMP
C:\DOKUMENTE UND EINSTELLUNGEN\JOHANNA\LOKALE EINSTELLUNGEN\TEMP\1801B.TMP
C:\DOKUMENTE UND EINSTELLUNGEN\JOHANNA\LOKALE EINSTELLUNGEN\TEMP\18040.TMP
C:\DOKUMENTE UND EINSTELLUNGEN\JOHANNA\LOKALE EINSTELLUNGEN\TEMP\1809A.TMP
C:\DOKUMENTE UND EINSTELLUNGEN\JOHANNA\LOKALE EINSTELLUNGEN\TEMP\180AA.TMP
C:\DOKUMENTE UND EINSTELLUNGEN\JOHANNA\LOKALE EINSTELLUNGEN\TEMP\180E.TMP
C:\DOKUMENTE UND EINSTELLUNGEN\JOHANNA\LOKALE EINSTELLUNGEN\TEMP\CAX18.TMP
C:\DOKUMENTE UND EINSTELLUNGEN\JOHANNA\LOKALE EINSTELLUNGEN\TEMP\CAX1F.TMP
C:\DOKUMENTE UND EINSTELLUNGEN\JOHANNA\LOKALE EINSTELLUNGEN\TEMP\CAX7.TMP
C:\DOKUMENTE UND EINSTELLUNGEN\JOHANNA\LOKALE EINSTELLUNGEN\TEMP\CAXE.TMP
C:\DOKUMENTE UND EINSTELLUNGEN\JOHANNA\LOKALE EINSTELLUNGEN\TEMP\CAXF.TMP
C:\DOKUMENTE UND EINSTELLUNGEN\JOHANNA\LOKALE EINSTELLUNGEN\TEMP\TZL18.TMP
C:\DOKUMENTE UND EINSTELLUNGEN\JOHANNA\LOKALE EINSTELLUNGEN\TEMP\TZL19.TMP

soa hat auch ewig gedauert ^^

Alt 05.07.2009, 20:27   #10
BlablaNo.1
 
About:blank kann mir wer helfen - Standard

About:blank kann mir wer helfen



Soa nun die liste meiner Programme

3GP Video Converter 3
Adobe Flash Player 10 ActiveX
Adobe Reader 7.1.0 - Deutsch
AGEIA PhysX v7.11.13
Agere Systems PCI Soft Modem
AOL Deutschland
Apple Mobile Device Support
Apple Software Update
Arkivuesi WinRAR
ATI - Dienstprogramm zur Deinstallation der Software
ATI Control Panel
ATI Display Driver
AVIConverter 5.1.6
Battlefield 2142 Deluxe Edition
BlueSoleil
CA eTrust Antivirus
Cammaestro 1.0PT build 146
CCleaner (remove only)
Choice Guard
C-Media High Definition Audio Driver
C-Media USB Sound
Counter-Strike 1.6
Creatix V.92 Data Fax Modem
DivX Codec
DivX Converter
DivX Player
DivX Plus DirectShow Filters
DivX Web Player
EA Download Manager
GameSpy Arcade
Generic USB CardReader 2.0
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
Google Updater
Gotcha!
Half-Life
HALF-LIFE: COUNTER-STRIKE
Hamachi 1.0.2.5
Heroes of Might and Magic® IV
Hervorhebe-Funktion (Windows Live Toolbar)
High Definition Audio Driver Package - KB835221
HighMAT-Erweiterung für den Microsoft Windows XP-Assistenten zum Schreiben von CDs
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows XP (KB915800-v4)
Hotfix für Windows Internet Explorer 7 (KB947864)
Hotfix für Windows Media Player 11 (KB939683)
Hotfix für Windows XP (KB952287)
Hotfix für Windows XP (KB961118)
ICQ Toolbar
ICQ Toolbar
ICQ6.5
Informationen über Ihren PC
InterActual Player
J2SE Runtime Environment 5.0 Update 1
Java(TM) 6 Update 13
Java(TM) 6 Update 3
Java(TM) 6 Update 5
Java(TM) 6 Update 7
Junk Mail filter update
KeyStat
Learn2 Player (Uninstall Only)
LetsTrade Komponenten
Macromedia Shockwave Player
Malwarebytes' Anti-Malware
MediaShow 3.0
medionmusic-Suite
Messenger Key 7.11
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 German Language Pack
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 SDK - DEU
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU
Microsoft .NET Framework 3.5 Language Pack SP1 - deu
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft AutoRoute 2005
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Encarta Enzyklopädie 2005
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Live Add-in 1.3
Microsoft Picture It! Foto Premium 10
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual J# .NET Redistributable Package 1.1
Microsoft Visual J# 2.0 Redistributable Package
Microsoft Windows-Journal-Viewer
Microsoft Word 2002
Microsoft Works
Microsoft Works Suite-Add-Ins für Microsoft Word
MSN Toolbar
MSVCRT
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
Nero Suite
OpenOffice.org Installer 1.0
PhotoNow! 1.0
PowerCinema 4.0
PowerDirector
PowerDVD
PowerProducer
QIP 2005 8092 Jeak-Edition
QuickTime
Razer
RealPlayer
RT2500 USB Wireless LAN Card
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Windows Search 4 - KB963093
Segoe UI
Setup-Start von Microsoft Works 2005
Shockwave
Sicherheitsupdate für Step by Step Interactive Training (KB898458)
Sicherheitsupdate für Step by Step Interactive Training (KB923723)
Sicherheitsupdate für Windows Internet Explorer 7 (KB928090)
Sicherheitsupdate für Windows Internet Explorer 7 (KB929969)
Sicherheitsupdate für Windows Internet Explorer 7 (KB933566)
Sicherheitsupdate für Windows Internet Explorer 7 (KB937143)
Sicherheitsupdate für Windows Internet Explorer 7 (KB938127)
Sicherheitsupdate für Windows Internet Explorer 7 (KB939653)
Sicherheitsupdate für Windows Internet Explorer 7 (KB942615)
Sicherheitsupdate für Windows Internet Explorer 7 (KB944533)
Sicherheitsupdate für Windows Internet Explorer 7 (KB950759)
Sicherheitsupdate für Windows Internet Explorer 7 (KB953838)
Sicherheitsupdate für Windows Internet Explorer 7 (KB956390)
Sicherheitsupdate für Windows Internet Explorer 7 (KB958215)
Sicherheitsupdate für Windows Internet Explorer 7 (KB960714)
Sicherheitsupdate für Windows Internet Explorer 7 (KB961260)
Sicherheitsupdate für Windows Internet Explorer 7 (KB963027)
Sicherheitsupdate für Windows Internet Explorer 7 (KB969897)
Sicherheitsupdate für Windows Internet Explorer 8 (KB969897)
Sicherheitsupdate für Windows Media Player (KB952069)
Sicherheitsupdate für Windows Media Player 10 (KB911565)
Sicherheitsupdate für Windows Media Player 10 (KB917734)
Sicherheitsupdate für Windows Media Player 11 (KB936782)
Sicherheitsupdate für Windows Media Player 11 (KB954154)
Sicherheitsupdate für Windows XP (KB923561)
Sicherheitsupdate für Windows XP (KB938464)
Sicherheitsupdate für Windows XP (KB938464-v2)
Sicherheitsupdate für Windows XP (KB941569)
Sicherheitsupdate für Windows XP (KB946648)
Sicherheitsupdate für Windows XP (KB950760)
Sicherheitsupdate für Windows XP (KB950762)
Sicherheitsupdate für Windows XP (KB950974)
Sicherheitsupdate für Windows XP (KB951066)
Sicherheitsupdate für Windows XP (KB951376)
Sicherheitsupdate für Windows XP (KB951376-v2)
Sicherheitsupdate für Windows XP (KB951698)
Sicherheitsupdate für Windows XP (KB951748)
Sicherheitsupdate für Windows XP (KB952004)
Sicherheitsupdate für Windows XP (KB952954)
Sicherheitsupdate für Windows XP (KB953839)
Sicherheitsupdate für Windows XP (KB954211)
Sicherheitsupdate für Windows XP (KB954459)
Sicherheitsupdate für Windows XP (KB954600)
Sicherheitsupdate für Windows XP (KB955069)
Sicherheitsupdate für Windows XP (KB956391)
Sicherheitsupdate für Windows XP (KB956572)
Sicherheitsupdate für Windows XP (KB956802)
Sicherheitsupdate für Windows XP (KB956803)
Sicherheitsupdate für Windows XP (KB956841)
Sicherheitsupdate für Windows XP (KB957095)
Sicherheitsupdate für Windows XP (KB957097)
Sicherheitsupdate für Windows XP (KB958644)
Sicherheitsupdate für Windows XP (KB958687)
Sicherheitsupdate für Windows XP (KB958690)
Sicherheitsupdate für Windows XP (KB959426)
Sicherheitsupdate für Windows XP (KB960225)
Sicherheitsupdate für Windows XP (KB960715)
Sicherheitsupdate für Windows XP (KB960803)
Sicherheitsupdate für Windows XP (KB961373)
Sicherheitsupdate für Windows XP (KB961501)
Sicherheitsupdate für Windows XP (KB968537)
Sicherheitsupdate für Windows XP (KB969898)
Sicherheitsupdate für Windows XP (KB970238)
Sierra Utilities
Skype™ 4.0
Smart Manager
Smart Menus (Windows Live Toolbar)
SST Programming Software
Steam
Steganos AntiSpyware 2006
SUPERAntiSpyware Free Edition
TeamSpeak 2 RC2
Unlocker 1.8.5
Update für Windows Internet Explorer 8 (KB971180)
Update für Windows XP (KB951072-v2)
Update für Windows XP (KB951978)
Update für Windows XP (KB955839)
Update für Windows XP (KB961503)
Update für Windows XP (KB967715)
VC80CRTRedist - 8.0.50727.762
videon
Viewpoint Media Player
VisiBroker for Cpp 4.1
Visual Concept
VP-EYE Uninstall
W83L518D
WebEye
Wichtiges Update für Windows Media Player 11 (KB959772)
Winamp
Winamp Remote
Winamp Toolbar for Firefox
Winamp Toolbar for Internet Explorer
Windows Imaging Component
Windows Installer Clean Up
Windows Internet Explorer 8
Windows Live Anmelde-Assistent
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Family Safety
Windows Live Favorites für Windows Live Toolbar
Windows Live Fotogalerie
Windows Live Mail
Windows Live Messenger
Windows Live Sync
Windows Live Toolbar
Windows Live Toolbar-Erweiterung (Windows Live Toolbar)
Windows Live Writer
Windows Live-Uploadtool
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows Search 4.0
Windows XP Service Pack 3
Windows-Sicherungsprogramm
WinPcap 4.0
World of Warcraft
X10 Hardware(TM)
XML Paper Specification Shared Components Language Pack 1.0

Alt 05.07.2009, 20:29   #11
BlablaNo.1
 
About:blank kann mir wer helfen - Standard

About:blank kann mir wer helfen



Soa nun folgt der neue log von hijackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:29:45, on 05.07.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Steganos AntiPhishing Beta\services\SaphiSrv.exe
C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Programme\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Programme\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\CA\eTrust Antivirus\InoRpc.exe
C:\Programme\CA\eTrust Antivirus\InoRT.exe
C:\Programme\CA\eTrust Antivirus\InoTask.exe
C:\Programme\Java\jre6\bin\jqs.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\Dit.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\PROGRA~1\Medion\KeyStat\KeyStat.exe
C:\Programme\Home Cinema\PowerCinema\PCMService.exe
C:\PROGRA~1\CA\ETRUST~1\realmon.exe
C:\Programme\Saitek\Software\SaiSmart.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Saitek\Software\SaiMfd.exe
C:\Programme\Saitek\Software\Profiler.exe
C:\Programme\Steganos AntiSpyware 2006\WRSSSDK.exe
C:\Programme\Razer\razerhid.exe
C:\Programme\Unlocker\UnlockerAssistant.exe
C:\Programme\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programme\Electronic Arts\EADM\Core.exe
C:\Programme\Skype\Phone\Skype.exe
C:\Programme\Windows Media Player\WMPNSCFG.exe
C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe
C:\Programme\ICQ6.5\ICQ.exe
C:\Programme\Razer\razerofa.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Programme\Skype\Plugin Manager\skypePM.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\Windows Live\Toolbar\wltuser.exe
C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Programme\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Dinoparc.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,First Home Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Programme\Winamp Toolbar\winamptb.dll
R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Programme\Winamp Toolbar\winamptb.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Programme\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\de\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Programme\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programme\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\de\msntb.dll
O3 - Toolbar: (no name) - {F21202A2-959A-4149-B1C3-68B9013F3335} - (no file)
O3 - Toolbar: (no name) - {41F6170D-6AF8-4188-8D92-9DDAB3C71A78} - (no file)
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Programme\Winamp Toolbar\winamptb.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Keyboard Status] C:\PROGRA~1\Medion\KeyStat\KeyStat.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PCMService] "C:\Programme\Home Cinema\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [Realtime Monitor] C:\PROGRA~1\CA\ETRUST~1\realmon.exe -s
O4 - HKLM\..\Run: [SaiSmart] C:\Programme\Saitek\Software\SaiSmart.exe
O4 - HKLM\..\Run: [SaiMfd] C:\Programme\Saitek\Software\SaiMfd.exe
O4 - HKLM\..\Run: [Profiler] C:\Programme\Saitek\Software\Profiler.exe
O4 - HKLM\..\Run: [AntiSpyware 2006] "C:\Programme\Steganos AntiSpyware 2006\saspy2006.exe" /startintray
O4 - HKLM\..\Run: [razer] C:\Programme\Razer\razerhid.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Programme\Unlocker\UnlockerAssistant.exe" -H
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [EA Core] "C:\Programme\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [Skype] "C:\Programme\Skype\\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ICQ] "C:\Programme\ICQ6.5\ICQ.exe" silent
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Windows Search.lnk = C:\Programme\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Programme\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: &Winamp Search - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: Steganos AntiPhishing - {104B66A9-9E68-49D1-A3F5-94754BE9E0E6} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com/
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary...n.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/DE-DE/.../GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.co...?1106843944468
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary...o.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab56907.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshel...onGameHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://arcade.icq.com/carlo/zuma/popcaploader_v5.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Programme\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Programme\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Abel - Unknown owner - F:\Cain\Abel.exe (file missing)
O23 - Service: Steganos AntiPhishing Communication Service (AntiPhishingCommService) - Unknown owner - C:\Programme\Steganos AntiPhishing Beta\services\SaphiSrv.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Programme\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: eTrust Antivirus RPC Server (InoRPC) - Computer Associates International, Inc. - C:\Programme\CA\eTrust Antivirus\InoRpc.exe
O23 - Service: eTrust Antivirus Realtime Server (InoRT) - Computer Associates International, Inc. - C:\Programme\CA\eTrust Antivirus\InoRT.exe
O23 - Service: eTrust Antivirus Job Server (InoTask) - Computer Associates International, Inc. - C:\Programme\CA\eTrust Antivirus\InoTask.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Programme\WinPcap\rpcapd.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Programme\Steganos AntiSpyware 2006\WRSSSDK.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

--
End of file - 14337 bytes

Alt 10.07.2009, 21:36   #12
BlablaNo.1
 
About:blank kann mir wer helfen - Standard

About:blank kann mir wer helfen



weiß jemand wie ich das wegbekomme brauche bitte eure hilfe danke

Alt 11.07.2009, 07:15   #13
nochdigger
 
About:blank kann mir wer helfen - Standard

About:blank kann mir wer helfen



Hallo

starte bitte HijackThis mit der Option - do a system scan only - und hake diese Einträge an
Zitat:
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,First Home Page = about:blank
R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O3 - Toolbar: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O3 - Toolbar: (no name) - {F21202A2-959A-4149-B1C3-68B9013F3335} - (no file)
O3 - Toolbar: (no name) - {41F6170D-6AF8-4188-8D92-9DDAB3C71A78} - (no file)
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (file missing)
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary...n.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/DE-DE/.../GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.co...?1106843944468
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary...o.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab56907.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshel...onGameHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://arcade.icq.com/carlo/zuma/popcaploader_v5.cab
O23 - Service: Abel - Unknown owner - F:\Cain\Abel.exe (file missing) <- evtl. ein weiterer Schritt nötig
klicke dann auf - fix checked - beende HijackThis und starte das System neu.
Nach dem Neustart versuche eine neue Startseite fest zu legen und poste bitte ein frisches HijackThis Log hierher.

MFG
__________________
Kein Support per PN - Bitte im Forum posten.

Alt 11.07.2009, 08:46   #14
BlablaNo.1
 
About:blank kann mir wer helfen - Standard

About:blank kann mir wer helfen



ich kanns nicht glauben ich habe ne startseite DANKE DANKE DANKE DANKE endlich is dieser müll weg *happy* nochmals viel vielen dank vorallem für die schnelle hilfe

Alt 11.07.2009, 08:53   #15
BlablaNo.1
 
About:blank kann mir wer helfen - Standard

About:blank kann mir wer helfen



ach ja mein neuer log hoffe er ist nun rein ^^

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:55:00, on 11.07.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Steganos AntiPhishing Beta\services\SaphiSrv.exe
C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Programme\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Programme\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\CA\eTrust Antivirus\InoRpc.exe
C:\Programme\CA\eTrust Antivirus\InoRT.exe
C:\Programme\CA\eTrust Antivirus\InoTask.exe
C:\Programme\Java\jre6\bin\jqs.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\Dit.exe
C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\Medion\KeyStat\KeyStat.exe
C:\Programme\Steganos AntiSpyware 2006\WRSSSDK.exe
C:\Programme\Home Cinema\PowerCinema\PCMService.exe
C:\PROGRA~1\CA\ETRUST~1\realmon.exe
C:\Programme\Saitek\Software\SaiSmart.exe
C:\Programme\Saitek\Software\SaiMfd.exe
C:\Programme\Saitek\Software\Profiler.exe
C:\Programme\Razer\razerhid.exe
C:\Programme\Unlocker\UnlockerAssistant.exe
C:\Programme\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programme\Skype\Phone\Skype.exe
C:\Programme\Windows Media Player\WMPNSCFG.exe
C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe
C:\Programme\ICQ6.5\ICQ.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Programme\Razer\razerofa.exe
C:\WINDOWS\system32\wscntfy.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Programme\Skype\Plugin Manager\skypePM.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\Windows Live\Toolbar\wltuser.exe
C:\Programme\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Dinoparc.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Programme\Winamp Toolbar\winamptb.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Programme\Winamp Toolbar\winamptb.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Programme\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\de\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Programme\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programme\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\de\msntb.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Programme\Winamp Toolbar\winamptb.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Keyboard Status] C:\PROGRA~1\Medion\KeyStat\KeyStat.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PCMService] "C:\Programme\Home Cinema\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [Realtime Monitor] C:\PROGRA~1\CA\ETRUST~1\realmon.exe -s
O4 - HKLM\..\Run: [SaiSmart] C:\Programme\Saitek\Software\SaiSmart.exe
O4 - HKLM\..\Run: [SaiMfd] C:\Programme\Saitek\Software\SaiMfd.exe
O4 - HKLM\..\Run: [Profiler] C:\Programme\Saitek\Software\Profiler.exe
O4 - HKLM\..\Run: [AntiSpyware 2006] "C:\Programme\Steganos AntiSpyware 2006\saspy2006.exe" /startintray
O4 - HKLM\..\Run: [razer] C:\Programme\Razer\razerhid.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Programme\Unlocker\UnlockerAssistant.exe" -H
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [EA Core] "C:\Programme\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [Skype] "C:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ICQ] "C:\Programme\ICQ6.5\ICQ.exe" silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Programme\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: &Winamp Search - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: Steganos AntiPhishing - {104B66A9-9E68-49D1-A3F5-94754BE9E0E6} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com/
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Programme\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Programme\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Steganos AntiPhishing Communication Service (AntiPhishingCommService) - Unknown owner - C:\Programme\Steganos AntiPhishing Beta\services\SaphiSrv.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Programme\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: eTrust Antivirus RPC Server (InoRPC) - Computer Associates International, Inc. - C:\Programme\CA\eTrust Antivirus\InoRpc.exe
O23 - Service: eTrust Antivirus Realtime Server (InoRT) - Computer Associates International, Inc. - C:\Programme\CA\eTrust Antivirus\InoRT.exe
O23 - Service: eTrust Antivirus Job Server (InoTask) - Computer Associates International, Inc. - C:\Programme\CA\eTrust Antivirus\InoTask.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Programme\WinPcap\rpcapd.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Programme\Steganos AntiSpyware 2006\WRSSSDK.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

--
End of file - 11847 bytes

Antwort

Themen zu About:blank kann mir wer helfen
acroiehelper.dll, adobe, als startseite, antispyware, antivirus, bho, computer, content.ie5, desktop, dll, einstellungen, excel, explorer, google, helper, hijack, hijackthis, hkus\s-1-5-18, home, internet, internet explorer, locker, mein log, monitor, object, plug-in, rundll, software, system, trojaner, webroot, windows, windows xp




Ähnliche Themen: About:blank kann mir wer helfen


  1. Wer kann Helfen
    Plagegeister aller Art und deren Bekämpfung - 15.06.2008 (2)
  2. Wer kann mir helfen...
    Log-Analyse und Auswertung - 13.08.2005 (2)
  3. Wieder mal about:blank Kann das mal jemand überprüfen bitte
    Log-Analyse und Auswertung - 29.04.2005 (2)
  4. about:blank wer kann helfen
    Log-Analyse und Auswertung - 17.03.2005 (1)
  5. Wer kann Helfen?
    Log-Analyse und Auswertung - 14.03.2005 (3)
  6. Wer kann Helfen?
    Log-Analyse und Auswertung - 09.03.2005 (1)
  7. wer kann mir helfen??
    Log-Analyse und Auswertung - 17.02.2005 (1)
  8. wer kann mir helfen?
    Log-Analyse und Auswertung - 11.02.2005 (0)
  9. "about:blank" Startpage -->HJThis File! Bitte helfen!
    Log-Analyse und Auswertung - 06.02.2005 (14)
  10. Wer kann helfen: Download.Trojan / ied.exe kann nicht gelöscht werden
    Plagegeister aller Art und deren Bekämpfung - 05.02.2005 (4)
  11. Möchte mir keiner helfen?? Büdde! about:blank
    Log-Analyse und Auswertung - 30.01.2005 (10)
  12. Wer Kann Mir Helfen ??
    Log-Analyse und Auswertung - 18.12.2004 (1)
  13. Wer kann helfen???
    Log-Analyse und Auswertung - 08.12.2004 (1)
  14. wer kann helfen
    Log-Analyse und Auswertung - 06.11.2004 (2)
  15. wer kann mir helfen?
    Log-Analyse und Auswertung - 23.09.2004 (4)
  16. Winocx32.exe Wurm ? Kann nichts mehr öffnen ! Wer kann mir helfen ?
    Plagegeister aller Art und deren Bekämpfung - 20.06.2004 (8)
  17. Wer kann mir helfen ?
    Plagegeister aller Art und deren Bekämpfung - 25.04.2004 (15)

Zum Thema About:blank kann mir wer helfen - Also ich habe seid längerer Zeit als Startseite dieses about :blank und habe dann ein bissl gegoogelt wie man das so macht und herausgefunden, dass das ein unschöner Trojaner ist - About:blank kann mir wer helfen...
Archiv
Du betrachtest: About:blank kann mir wer helfen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.