|
Log-Analyse und Auswertung: About:blank kann mir wer helfenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
30.06.2009, 13:03 | #1 |
| About:blank kann mir wer helfen Also ich habe seid längerer Zeit als Startseite dieses about:blank und habe dann ein bissl gegoogelt wie man das so macht und herausgefunden, dass das ein unschöner Trojaner ist aber auch wie man ihn weg bekommen könnte... Hier erstmal mein Log, ich hoffe ihr könnt damit was anfangen und mir weiter helfen ..... ich weiß echt nicht mehr weiter ... Danke schonmal an alle Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:04:08, on 25.06.2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Programme\Steganos AntiPhishing Beta\services\SaphiSrv.exe C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe C:\Programme\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe C:\Programme\CyberLink\Shared Files\CLML_NTService\CLMLService.exe C:\WINDOWS\System32\svchost.exe C:\Programme\CA\eTrust Antivirus\InoRpc.exe C:\Programme\CA\eTrust Antivirus\InoRT.exe C:\Programme\CA\eTrust Antivirus\InoTask.exe C:\Programme\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\Explorer.EXE C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\System32\PAStiSvc.exe C:\WINDOWS\system32\svchost.exe C:\Programme\Steganos AntiSpyware 2006\WRSSSDK.exe C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\Dit.exe C:\WINDOWS\system32\RunDll32.exe C:\WINDOWS\AGRSMMSG.exe C:\PROGRA~1\Medion\KeyStat\KeyStat.exe C:\Programme\Home Cinema\PowerCinema\PCMService.exe C:\PROGRA~1\CA\ETRUST~1\realmon.exe C:\Programme\Saitek\Software\SaiSmart.exe C:\Programme\Saitek\Software\SaiMfd.exe C:\Programme\Saitek\Software\Profiler.exe C:\Programme\Razer\razerhid.exe C:\Programme\Unlocker\UnlockerAssistant.exe C:\Programme\Java\jre6\bin\jusched.exe C:\Programme\Razer\razerofa.exe C:\WINDOWS\system32\ctfmon.exe C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Programme\Electronic Arts\EADM\Core.exe C:\Programme\Skype\Phone\Skype.exe C:\Programme\Windows Media Player\WMPNSCFG.exe C:\Programme\ICQ6.5\ICQ.exe C:\WINDOWS\system32\wscntfy.exe C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe C:\Programme\Skype\Plugin Manager\skypePM.exe C:\Programme\Internet Explorer\iexplore.exe C:\Programme\Internet Explorer\iexplore.exe C:\Programme\Windows Live\Toolbar\wltuser.exe C:\WINDOWS\system32\SearchProtocolHost.exe C:\Programme\Internet Explorer\iexplore.exe C:\Dokumente und Einstellungen\Johanna\Lokale Einstellungen\Temporary Internet Files\Content.IE5\375KQQZ7\HiJackThis[1].exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.de/0SEDEDE/SAOS01 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://en.dinoparc.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,First Home Page = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Programme\Winamp Toolbar\winamptb.dll R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\5357\toolbaru.dll O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\5357\toolbaru.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing) O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Programme\Winamp Toolbar\winamptb.dll O2 - BHO: Zango Search Assistant Helper /fleok=1D8A83A5C5E315789FA575760EA83FA5EF80752B94E3D87C59784E2D3ACF - {56F1D444-11BF-4879-A12B-79CF0177F038} - (no file) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Programme\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\de\msntb.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Programme\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programme\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\5357\toolbaru.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\de\msntb.dll O3 - Toolbar: (no name) - {F21202A2-959A-4149-B1C3-68B9013F3335} - (no file) O3 - Toolbar: (no name) - {41F6170D-6AF8-4188-8D92-9DDAB3C71A78} - (no file) O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Programme\Winamp Toolbar\winamptb.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [ATIPTA] C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [Dit] Dit.exe O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [Keyboard Status] C:\PROGRA~1\Medion\KeyStat\KeyStat.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [PCMService] "C:\Programme\Home Cinema\PowerCinema\PCMService.exe" O4 - HKLM\..\Run: [Realtime Monitor] C:\PROGRA~1\CA\ETRUST~1\realmon.exe -s O4 - HKLM\..\Run: [SaiSmart] C:\Programme\Saitek\Software\SaiSmart.exe O4 - HKLM\..\Run: [SaiMfd] C:\Programme\Saitek\Software\SaiMfd.exe O4 - HKLM\..\Run: [Profiler] C:\Programme\Saitek\Software\Profiler.exe O4 - HKLM\..\Run: [AntiSpyware 2006] "C:\Programme\Steganos AntiSpyware 2006\saspy2006.exe" /startintray O4 - HKLM\..\Run: [razer] C:\Programme\Razer\razerhid.exe O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Programme\Unlocker\UnlockerAssistant.exe" -H O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [EA Core] "C:\Programme\Electronic Arts\EADM\Core.exe" -silent O4 - HKCU\..\Run: [Skype] "C:\Programme\Skype\\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [ICQ] "C:\Programme\ICQ6.5\ICQ.exe" silent O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Windows Search.lnk = C:\Programme\Windows Desktop Search\WindowsSearch.exe O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Programme\ICQToolbar\toolbaru.dll/SEARCH.HTML O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZC O8 - Extra context menu item: &Winamp Search - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html O8 - Extra context menu item: Download with NetPumper - C:\Programme\NetPumper\AddUrl.htm O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000 O9 - Extra button: Steganos AntiPhishing - {104B66A9-9E68-49D1-A3F5-94754BE9E0E6} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (file missing) O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (file missing) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com/ O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/DE-DE/a-UNO1/GAME_UNO1.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1106843944468 O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://arcade.icq.com/carlo/zuma/popcaploader_v5.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Programme\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O23 - Service: Abel - Unknown owner - F:\Cain\Abel.exe (file missing) O23 - Service: Steganos AntiPhishing Communication Service (AntiPhishingCommService) - Unknown owner - C:\Programme\Steganos AntiPhishing Beta\services\SaphiSrv.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Programme\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: eTrust Antivirus RPC Server (InoRPC) - Computer Associates International, Inc. - C:\Programme\CA\eTrust Antivirus\InoRpc.exe O23 - Service: eTrust Antivirus Realtime Server (InoRT) - Computer Associates International, Inc. - C:\Programme\CA\eTrust Antivirus\InoRT.exe O23 - Service: eTrust Antivirus Job Server (InoTask) - Computer Associates International, Inc. - C:\Programme\CA\eTrust Antivirus\InoTask.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Programme\WinPcap\rpcapd.exe O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Programme\Steganos AntiSpyware 2006\WRSSSDK.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- End of file - 14999 bytes |
02.07.2009, 09:43 | #2 |
| About:blank kann mir wer helfen Kann mir hier wegen echt keiner helfen? Ich hab das Ding schon so lang auf dem Rechner und würde es gerne los werden wollen. Also wenn irgendjemand weiß wie, wäre ich sehr verbunden, wenn er sich melden würde. Danke.
__________________ |
02.07.2009, 16:32 | #3 |
| About:blank kann mir wer helfen Hallo und
__________________Haben Steganos AntiSpyware 2006 und CA nix zu meckern gehabt? arbeite bitte zuerst diese Anleitung ab (ohne Hijackthis) http://www.trojaner-board.de/69886-a...-beachten.html zusätzlich überprüfe dein System mit SUPERAntiSpyware und poste alle relevanten Logs hierher, dann sehen wir weiter. MFG
__________________ |
02.07.2009, 22:24 | #4 |
| About:blank kann mir wer helfen mhh ne die sagen da nichts zu leider |
03.07.2009, 06:24 | #5 | ||
| About:blank kann mir wer helfen Moin Zitat:
Zitat:
__________________ Kein Support per PN - Bitte im Forum posten. Wenn du das Forum unterstützen möchtest Genitiv ins Wasser, weil es dativ ist http://www.vivaconagua.org/ |
03.07.2009, 10:35 | #6 |
| About:blank kann mir wer helfen also beim CCleaner finde ich teilweise 4000mb kp warum hier nun der log vom malewarebitys Malwarebytes' Anti-Malware 1.38 Datenbank Version: 2366 Windows 5.1.2600 Service Pack 3 03.07.2009 11:32:43 mbam-log-2009-07-03 (11-32-43).txt Scan-Methode: Vollständiger Scan (C:\|D:\|E:\|F:\|) Durchsuchte Objekte: 267251 Laufzeit: 1 hour(s), 21 minute(s), 39 second(s) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 66 Infizierte Registrierungswerte: 3 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 17 Infizierte Dateien: 99 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: HKEY_CLASSES_ROOT\clientax.requiredcomponent (Adware.180Solutions) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{0ac49246-419b-4ee0-8917-8818daad6a4e} (Adware.180Solutions) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{51cf80dc-a309-4735-bb11-ef18bf4e3ad9} (Adware.180Solutions) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{f31a5d11-bf0b-4a4e-90af-274f2090aaa6} (Adware.180Solutions) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{f31a5d11-bf0b-4a4e-90af-274f2090aaa6} (Adware.180Solutions) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\clientax.requiredcomponent.1 (Adware.180Solutions) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\clientax.zangoclientax (Adware.180Solutions) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\clientax.zangoclientax.1 (Adware.180Solutions) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\lmgr180.wmdrmax (Adware.180Solutions) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\lmgr180.wmdrmax.1 (Adware.180Solutions) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\netpumper.addurl (Trojan.Lop) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\netpumpernnproxy.netscapeinterface (Trojan.Lop) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\TypeLib\{f7258f6e-9f60-49c0-8c82-f0a0993d68e0} (Trojan.Lop) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{e0abbf96-17dc-44ca-96d0-6217064a97ba} (Trojan.Lop) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{e19b133d-184e-4bba-8a70-38489c9dd31b} (Trojan.Lop) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{43382522-a846-46f4-ac57-1f71ae6e1086} (Adware.WhenUSave) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{572fb162-c0ba-4edf-8cff-e3846153b9b0} (Adware.WhenUSave) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{72a836d1-bc00-43c0-a941-17960e4fb842} (Adware.WhenUSave) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{a8b0f390-e6bf-4027-a4d4-1e4363f5e27b} (Trojan.Lop) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{a9e33220-0b05-11d7-88d2-444553540000} (Trojan.Lop) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{1aa406ab-f581-42ab-b4d1-31d2e13819ef} (Trojan.Lop) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{df901432-1b9f-4f5b-9e56-301c553f9095} (Adware.WhenUSave) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{1145a909-a836-44b8-b03a-48d858b0f43e} (Trojan.Lop) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{127df9b4-d75d-44a6-af78-8c3a8ceb03db} (Adware.WhenUSave) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c2eeb4fa-b6d6-41b9-9cfa-aba87f862bcb} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{42f2c9ba-614f-47c0-b3e3-ecfd34eed658} (Adware.ISTBar) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{f919fbd3-a96b-4679-af26-f551439bb5fd} (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b64f4a7c-97c9-11da-8bde-f66bad1e3f3a} (Rogue.WinAntiVirus) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\TypeLib\{d724f038-df89-4a1a-83d1-fd9164b78077} (Rogue.BulletProofSpyware) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{502f728b-67b8-409e-bceb-7ee8632f321a} (Rogue.BulletProofSpyware) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{d2cd81e5-cc37-44b3-93b7-c52cb993ba34} (Rogue.BulletProofSpyware) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{da295dae-fce7-4168-bcb8-edc3a433bd97} (Rogue.BulletProofSpyware) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{ed40af28-f03f-492a-9542-e24945cd65aa} (Rogue.BulletProofSpyware) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{e6bb8b70-8ad2-43b6-a952-83e462ce80de} (Rogue.BulletProofSpyware) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\netpumper_is1 (Adware.NetPumper) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\TypeLib\{056738e1-e15c-11d6-b876-0050bf5d85c7} (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{056738ed-e15c-11d6-b876-0050bf5d85c7} (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{056738ee-e15c-11d6-b876-0050bf5d85c7} (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{056738ee-e15c-11d6-b876-0050bf5d85c7} (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\NetPumper (Adware.NetPumper) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\Download with NetPumper (Adware.NetPumper) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\MIME\Database\Content Type\application/x-netpumper-detector (Adware.NetPumper) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2 (Adware.PopCap) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2.1 (Adware.PopCap) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Online Add-on (Trojan.Zlob) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\ACM.dll (Adware.WhenUSave) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\NetPumper (Adware.NetPumper) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\anti-leech alie (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\anti-leech alnn (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Anti-Leech (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055fd26d-3a88-4e15-963d-dc8493744b1d} (Adware.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{055fd26d-3a88-4e15-963d-dc8493744b1d} (Adware.BHO) -> Quarantined and deleted successfully. Infizierte Registrierungswerte: HKEY_CURRENT_USER\SOFTWARE\Netscape\Netscape Navigator\Automation Protocols\ftp (Adware.NetPumper) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Netscape\Netscape Navigator\Automation Protocols\http (Adware.NetPumper) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Search\ (Adware.Hotbar) -> Quarantined and deleted successfully. Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: C:\Programme\Video Add-on Setup (Trojan.Zlob) -> Quarantined and deleted successfully. C:\Programme\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\History (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\Settings (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Programme\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\funwebproducts\ScreenSaver (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\funwebproducts\screensaver\Images (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\funwebproducts\Shared (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\Johanna\Anwendungsdaten\NetPumper (Adware.NetPumper) -> Quarantined and deleted successfully. C:\Programme\NetPumper (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\Anti-Leech (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help\images (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\Anti-Leech (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully. c:\programme\anti-leech\ALIE_1.0.2.3 (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully. c:\programme\anti-leech\ALNN (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully. Infizierte Dateien: C:\WINDOWS\Downloaded Program Files\ClientAX.dll (Adware.180Solutions) -> Quarantined and deleted successfully. C:\Programme\NetPumper\NetPumperNNProxy.dll (Trojan.Lop) -> Quarantined and deleted successfully. c:\programme\anti-leech\ALNN\alhlp.exe (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully. c:\programme\anti-leech\ALNN\npalnn.dll (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully. c:\programme\anti-leech\ALNN\setup2.exe (Rogue.Installer) -> Quarantined and deleted successfully. c:\programme\netpumper\NetPumper.exe (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\NetPumperIEProxy.exe (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\NPNetPumper_Application.dll (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\NPNetPumper_Audio.dll (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\NPNetPumper_Video.dll (Trojan.Lop) -> Quarantined and deleted successfully. c:\programme\netpumper\shutdown.exe (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\TurnLog.exe (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\anti-leech\ALPlugin-setup.exe (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully. c:\WINDOWS\system32\bpssc1.1.dll (Rogue.BulletProofSpyware) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\History\search2 (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\Settings\prevcfg2.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\mywebsearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\funwebproducts\screensaver\Images\005C49FA.urr (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\funwebproducts\Shared\00635A63.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\Johanna\anwendungsdaten\netpumper\Johanna.ini (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\AddUrl.htm (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\README.txt (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\unins000.dat (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\unins000.exe (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\x.bat (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\anti-leech\ALPluginIE-1.0.2.3-setup.exe (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\anti-leech\LICENSE.txt (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help\compat.htm (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help\details.htm (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help\features.htm (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help\index.htm (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help\mainwin.htm (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help\nphelp.css (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help\prefwindow.htm (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help\register.htm (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help\schedwin.htm (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help\tips.htm (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help\images\apllimit.gif (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help\images\bandwidthpanel.gif (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help\images\buttons.gif (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help\images\cmdadd.gif (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help\images\cmdaddtoschedule.gif (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help\images\cmddetails.gif (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help\images\cmdeditschedule.gif (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help\images\cmdfolder.gif (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help\images\cmdhelp.gif (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help\images\cmdopen.gif (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help\images\cmdopenfolder.gif (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help\images\cmdpause.gif (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help\images\cmdprefs.gif (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help\images\cmdremove.gif (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help\images\cmdresume.gif (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help\images\cmdselectall.gif (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help\images\detailwin-wide.gif (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help\images\detailwin.gif (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help\images\droptoschedule.gif (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help\images\editbandwidth.gif (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help\images\ignlimit.gif (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help\images\limserver.gif (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help\images\limservergold.gif (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help\images\limuser.gif (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help\images\mainwin.gif (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help\images\moveicons.gif (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help\images\prefw-bandwidth.gif (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help\images\prefw-connections.gif (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help\images\prefw-general.gif (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help\images\prefw-login.gif (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help\images\prefw-monitoring.gif (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help\images\prefw-proxy-ftp.gif (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help\images\prefw-proxy-http.gif (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help\images\register-1.gif (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help\images\register-2.gif (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help\images\register-3-1.gif (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help\images\register-3-2.gif (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help\images\schedulewin.gif (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help\images\scnoresume.gif (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help\images\scresumes.gif (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help\images\scunk.gif (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help\images\stanalyzing.gif (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help\images\starticon.gif (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help\images\stcompleted.gif (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help\images\stfatal.gif (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help\images\stinpro.gif (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help\images\stnhelp.gif (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help\images\stopicon.gif (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help\images\stpaused.gif (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help\images\stqueued.gif (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help\images\stretrying.gif (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help\images\stscheduled.gif (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help\images\summary.gif (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help\images\throtdn.gif (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\netpumper\help\images\zoombtn.gif (Adware.NetPumper) -> Quarantined and deleted successfully. c:\programme\anti-leech\alie_1.0.2.3\alhlp.exe (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully. c:\programme\anti-leech\alie_1.0.2.3\alie.dll (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully. c:\programme\anti-leech\alie_1.0.2.3\alie.inf (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully. c:\programme\anti-leech\alie_1.0.2.3\iesetup2.exe (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully. c:\WINDOWS\system32\navshext1.dll (Trojan.Agent) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\Johanna\lokale einstellungen\Temp\laf1.exe (Trojan.Zlob) -> Quarantined and deleted successfully. C:\Programme\ICQToolbar\5357\toolbaru.dll (Adware.BHO) -> Delete on reboot. |
03.07.2009, 22:05 | #7 |
| About:blank kann mir wer helfen Hallo na da hat Malwarebytes ja 'ne ganze Menge Müll entsorgt, den größten Teil der Funde wurde von dir selbst installiert. Mach nun bitte mit SUPERAntiSpyware und der Liste der installierten Programme weiter, poste das Log und die Liste sowie ein frisches HijackThis Log hierher und berichte bitte. MFG
__________________ Kein Support per PN - Bitte im Forum posten. Wenn du das Forum unterstützen möchtest Genitiv ins Wasser, weil es dativ ist http://www.vivaconagua.org/ |
04.07.2009, 09:36 | #8 |
| About:blank kann mir wer helfen Mhh ok werde ich tun allerdings werde ich das erst ab montag reinposten weil ich solange nicht zu hause bin trotzdem schon einmal vielen vielen dank |
05.07.2009, 20:22 | #9 |
| About:blank kann mir wer helfen SUPERAntiSpyware Scan Log http://www.superantispyware.com Generated 07/05/2009 at 09:18 PM Application Version : 4.26.1006 Core Rules Database Version : 3972 Trace Rules Database Version: 1912 Scan type : Complete Scan Total Scan Time : 02:57:45 Memory items scanned : 611 Memory threats detected : 0 Registry items scanned : 7346 Registry threats detected : 34 File items scanned : 224788 File threats detected : 17 Adware.Zango HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{56F1D444-11BF-4879-A12B-79CF0177F038} HKU\S-1-5-21-1147986998-4177404512-1620174987-1008\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{56F1D444-11BF-4879-A12B-79CF0177F038} Adware.WhenU HKU\S-1-5-21-1147986998-4177404512-1620174987-1008\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA2325ED-F9EB-4830-8FCE-0BC35B16969B} Adware.Tracking Cookie C:\Dokumente und Einstellungen\Johanna\Cookies\johanna@doubleclick[1].txt Adware.180solutions/ZangoSearch HKCR\TypeLib\{8BE3FABA-7468-4851-B97C-0750AF2B908E} HKCR\TypeLib\{8BE3FABA-7468-4851-B97C-0750AF2B908E}\1.0 HKCR\TypeLib\{8BE3FABA-7468-4851-B97C-0750AF2B908E}\1.0\0 HKCR\TypeLib\{8BE3FABA-7468-4851-B97C-0750AF2B908E}\1.0\0\win32 HKCR\TypeLib\{8BE3FABA-7468-4851-B97C-0750AF2B908E}\1.0\FLAGS HKCR\TypeLib\{8BE3FABA-7468-4851-B97C-0750AF2B908E}\1.0\HELPDIR Adware.MyWebSearch/FunWebProducts HKU\S-1-5-21-1147986998-4177404512-1620174987-1008\SOFTWARE\FunWebProducts Malware.AntiVirGear HKCR\CLSID\{3BC3AC5B-3BBB-9DBE-8166-EC650E3B9B48} HKCR\CLSID\{3BC3AC5B-3BBB-9DBE-8166-EC650E3B9B48}\aPpa HKCR\CLSID\{3BC3AC5B-3BBB-9DBE-8166-EC650E3B9B48}\dgxzzcuoXHb HKCR\CLSID\{3BC3AC5B-3BBB-9DBE-8166-EC650E3B9B48}\etKks HKCR\CLSID\{3BC3AC5B-3BBB-9DBE-8166-EC650E3B9B48}\Implemented Categories HKCR\CLSID\{3BC3AC5B-3BBB-9DBE-8166-EC650E3B9B48}\Implemented Categories\{62C8FE65-4EBB-45E7-B440-6E39B2CDBF29} HKCR\CLSID\{3BC3AC5B-3BBB-9DBE-8166-EC650E3B9B48}\InprocServer32 HKCR\CLSID\{3BC3AC5B-3BBB-9DBE-8166-EC650E3B9B48}\InprocServer32#ThreadingModel HKCR\CLSID\{3BC3AC5B-3BBB-9DBE-8166-EC650E3B9B48}\InprocServer32#Class HKCR\CLSID\{3BC3AC5B-3BBB-9DBE-8166-EC650E3B9B48}\InprocServer32#Assembly HKCR\CLSID\{3BC3AC5B-3BBB-9DBE-8166-EC650E3B9B48}\InprocServer32#RuntimeVersion HKCR\CLSID\{3BC3AC5B-3BBB-9DBE-8166-EC650E3B9B48}\InprocServer32\1.0.5000.0 HKCR\CLSID\{3BC3AC5B-3BBB-9DBE-8166-EC650E3B9B48}\InprocServer32\1.0.5000.0#Class HKCR\CLSID\{3BC3AC5B-3BBB-9DBE-8166-EC650E3B9B48}\InprocServer32\1.0.5000.0#Assembly HKCR\CLSID\{3BC3AC5B-3BBB-9DBE-8166-EC650E3B9B48}\InprocServer32\1.0.5000.0#RuntimeVersion HKCR\CLSID\{3BC3AC5B-3BBB-9DBE-8166-EC650E3B9B48}\InprocServer32\2.0.0.0 HKCR\CLSID\{3BC3AC5B-3BBB-9DBE-8166-EC650E3B9B48}\InprocServer32\2.0.0.0#RuntimeVersion HKCR\CLSID\{3BC3AC5B-3BBB-9DBE-8166-EC650E3B9B48}\InprocServer32\2.0.0.0#Assembly HKCR\CLSID\{3BC3AC5B-3BBB-9DBE-8166-EC650E3B9B48}\InprocServer32\2.0.0.0#Class HKCR\CLSID\{3BC3AC5B-3BBB-9DBE-8166-EC650E3B9B48}\ProgId HKCR\CLSID\{3BC3AC5B-3BBB-9DBE-8166-EC650E3B9B48}\qRgzt HKCR\CLSID\{3BC3AC5B-3BBB-9DBE-8166-EC650E3B9B48}\SJXfurnmsV HKCR\CLSID\{3BC3AC5B-3BBB-9DBE-8166-EC650E3B9B48}\yDuKri HKCR\CLSID\{3BC3AC5B-3BBB-9DBE-8166-EC650E3B9B48}\zwibhFcjvJx C:\DOKUMENTE UND EINSTELLUNGEN\JOHANNA\LOKALE EINSTELLUNGEN\TEMP\BRE.EXE Adware.180solutions/Search Assistant C:\DOKUMENTE UND EINSTELLUNGEN\JOHANNA\LOKALE EINSTELLUNGEN\TEMP\180F.TMP C:\DOKUMENTE UND EINSTELLUNGEN\JOHANNA\LOKALE EINSTELLUNGEN\TEMP\18012.TMP C:\DOKUMENTE UND EINSTELLUNGEN\JOHANNA\LOKALE EINSTELLUNGEN\TEMP\18019.TMP C:\DOKUMENTE UND EINSTELLUNGEN\JOHANNA\LOKALE EINSTELLUNGEN\TEMP\1801B.TMP C:\DOKUMENTE UND EINSTELLUNGEN\JOHANNA\LOKALE EINSTELLUNGEN\TEMP\18040.TMP C:\DOKUMENTE UND EINSTELLUNGEN\JOHANNA\LOKALE EINSTELLUNGEN\TEMP\1809A.TMP C:\DOKUMENTE UND EINSTELLUNGEN\JOHANNA\LOKALE EINSTELLUNGEN\TEMP\180AA.TMP C:\DOKUMENTE UND EINSTELLUNGEN\JOHANNA\LOKALE EINSTELLUNGEN\TEMP\180E.TMP C:\DOKUMENTE UND EINSTELLUNGEN\JOHANNA\LOKALE EINSTELLUNGEN\TEMP\CAX18.TMP C:\DOKUMENTE UND EINSTELLUNGEN\JOHANNA\LOKALE EINSTELLUNGEN\TEMP\CAX1F.TMP C:\DOKUMENTE UND EINSTELLUNGEN\JOHANNA\LOKALE EINSTELLUNGEN\TEMP\CAX7.TMP C:\DOKUMENTE UND EINSTELLUNGEN\JOHANNA\LOKALE EINSTELLUNGEN\TEMP\CAXE.TMP C:\DOKUMENTE UND EINSTELLUNGEN\JOHANNA\LOKALE EINSTELLUNGEN\TEMP\CAXF.TMP C:\DOKUMENTE UND EINSTELLUNGEN\JOHANNA\LOKALE EINSTELLUNGEN\TEMP\TZL18.TMP C:\DOKUMENTE UND EINSTELLUNGEN\JOHANNA\LOKALE EINSTELLUNGEN\TEMP\TZL19.TMP soa hat auch ewig gedauert ^^ |
05.07.2009, 20:27 | #10 |
| About:blank kann mir wer helfen Soa nun die liste meiner Programme 3GP Video Converter 3 Adobe Flash Player 10 ActiveX Adobe Reader 7.1.0 - Deutsch AGEIA PhysX v7.11.13 Agere Systems PCI Soft Modem AOL Deutschland Apple Mobile Device Support Apple Software Update Arkivuesi WinRAR ATI - Dienstprogramm zur Deinstallation der Software ATI Control Panel ATI Display Driver AVIConverter 5.1.6 Battlefield 2142 Deluxe Edition BlueSoleil CA eTrust Antivirus Cammaestro 1.0PT build 146 CCleaner (remove only) Choice Guard C-Media High Definition Audio Driver C-Media USB Sound Counter-Strike 1.6 Creatix V.92 Data Fax Modem DivX Codec DivX Converter DivX Player DivX Plus DirectShow Filters DivX Web Player EA Download Manager GameSpy Arcade Generic USB CardReader 2.0 Google Toolbar for Internet Explorer Google Toolbar for Internet Explorer Google Updater Gotcha! Half-Life HALF-LIFE: COUNTER-STRIKE Hamachi 1.0.2.5 Heroes of Might and Magic® IV Hervorhebe-Funktion (Windows Live Toolbar) High Definition Audio Driver Package - KB835221 HighMAT-Erweiterung für den Microsoft Windows XP-Assistenten zum Schreiben von CDs HijackThis 2.0.2 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows XP (KB915800-v4) Hotfix für Windows Internet Explorer 7 (KB947864) Hotfix für Windows Media Player 11 (KB939683) Hotfix für Windows XP (KB952287) Hotfix für Windows XP (KB961118) ICQ Toolbar ICQ Toolbar ICQ6.5 Informationen über Ihren PC InterActual Player J2SE Runtime Environment 5.0 Update 1 Java(TM) 6 Update 13 Java(TM) 6 Update 3 Java(TM) 6 Update 5 Java(TM) 6 Update 7 Junk Mail filter update KeyStat Learn2 Player (Uninstall Only) LetsTrade Komponenten Macromedia Shockwave Player Malwarebytes' Anti-Malware MediaShow 3.0 medionmusic-Suite Messenger Key 7.11 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 German Language Pack Microsoft .NET Framework 1.1 Hotfix (KB928366) Microsoft .NET Framework 2.0 SDK - DEU Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU Microsoft .NET Framework 3.5 Language Pack SP1 - deu Microsoft .NET Framework 3.5 Language Pack SP1 - DEU Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 3.5 SP1 Microsoft AutoRoute 2005 Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Encarta Enzyklopädie 2005 Microsoft Internationalized Domain Names Mitigation APIs Microsoft National Language Support Downlevel APIs Microsoft Office Live Add-in 1.3 Microsoft Picture It! Foto Premium 10 Microsoft Search Enhancement Pack Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Sync Framework Runtime Native v1.0 (x86) Microsoft Sync Framework Services Native v1.0 (x86) Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual J# .NET Redistributable Package 1.1 Microsoft Visual J# 2.0 Redistributable Package Microsoft Windows-Journal-Viewer Microsoft Word 2002 Microsoft Works Microsoft Works Suite-Add-Ins für Microsoft Word MSN Toolbar MSVCRT MSXML 4.0 SP2 (KB927978) MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB954430) Nero Suite OpenOffice.org Installer 1.0 PhotoNow! 1.0 PowerCinema 4.0 PowerDirector PowerDVD PowerProducer QIP 2005 8092 Jeak-Edition QuickTime Razer RealPlayer RT2500 USB Wireless LAN Card Security Update for CAPICOM (KB931906) Security Update for CAPICOM (KB931906) Security Update for Windows Search 4 - KB963093 Segoe UI Setup-Start von Microsoft Works 2005 Shockwave Sicherheitsupdate für Step by Step Interactive Training (KB898458) Sicherheitsupdate für Step by Step Interactive Training (KB923723) Sicherheitsupdate für Windows Internet Explorer 7 (KB928090) Sicherheitsupdate für Windows Internet Explorer 7 (KB929969) Sicherheitsupdate für Windows Internet Explorer 7 (KB933566) Sicherheitsupdate für Windows Internet Explorer 7 (KB937143) Sicherheitsupdate für Windows Internet Explorer 7 (KB938127) Sicherheitsupdate für Windows Internet Explorer 7 (KB939653) Sicherheitsupdate für Windows Internet Explorer 7 (KB942615) Sicherheitsupdate für Windows Internet Explorer 7 (KB944533) Sicherheitsupdate für Windows Internet Explorer 7 (KB950759) Sicherheitsupdate für Windows Internet Explorer 7 (KB953838) Sicherheitsupdate für Windows Internet Explorer 7 (KB956390) Sicherheitsupdate für Windows Internet Explorer 7 (KB958215) Sicherheitsupdate für Windows Internet Explorer 7 (KB960714) Sicherheitsupdate für Windows Internet Explorer 7 (KB961260) Sicherheitsupdate für Windows Internet Explorer 7 (KB963027) Sicherheitsupdate für Windows Internet Explorer 7 (KB969897) Sicherheitsupdate für Windows Internet Explorer 8 (KB969897) Sicherheitsupdate für Windows Media Player (KB952069) Sicherheitsupdate für Windows Media Player 10 (KB911565) Sicherheitsupdate für Windows Media Player 10 (KB917734) Sicherheitsupdate für Windows Media Player 11 (KB936782) Sicherheitsupdate für Windows Media Player 11 (KB954154) Sicherheitsupdate für Windows XP (KB923561) Sicherheitsupdate für Windows XP (KB938464) Sicherheitsupdate für Windows XP (KB938464-v2) Sicherheitsupdate für Windows XP (KB941569) Sicherheitsupdate für Windows XP (KB946648) Sicherheitsupdate für Windows XP (KB950760) Sicherheitsupdate für Windows XP (KB950762) Sicherheitsupdate für Windows XP (KB950974) Sicherheitsupdate für Windows XP (KB951066) Sicherheitsupdate für Windows XP (KB951376) Sicherheitsupdate für Windows XP (KB951376-v2) Sicherheitsupdate für Windows XP (KB951698) Sicherheitsupdate für Windows XP (KB951748) Sicherheitsupdate für Windows XP (KB952004) Sicherheitsupdate für Windows XP (KB952954) Sicherheitsupdate für Windows XP (KB953839) Sicherheitsupdate für Windows XP (KB954211) Sicherheitsupdate für Windows XP (KB954459) Sicherheitsupdate für Windows XP (KB954600) Sicherheitsupdate für Windows XP (KB955069) Sicherheitsupdate für Windows XP (KB956391) Sicherheitsupdate für Windows XP (KB956572) Sicherheitsupdate für Windows XP (KB956802) Sicherheitsupdate für Windows XP (KB956803) Sicherheitsupdate für Windows XP (KB956841) Sicherheitsupdate für Windows XP (KB957095) Sicherheitsupdate für Windows XP (KB957097) Sicherheitsupdate für Windows XP (KB958644) Sicherheitsupdate für Windows XP (KB958687) Sicherheitsupdate für Windows XP (KB958690) Sicherheitsupdate für Windows XP (KB959426) Sicherheitsupdate für Windows XP (KB960225) Sicherheitsupdate für Windows XP (KB960715) Sicherheitsupdate für Windows XP (KB960803) Sicherheitsupdate für Windows XP (KB961373) Sicherheitsupdate für Windows XP (KB961501) Sicherheitsupdate für Windows XP (KB968537) Sicherheitsupdate für Windows XP (KB969898) Sicherheitsupdate für Windows XP (KB970238) Sierra Utilities Skype™ 4.0 Smart Manager Smart Menus (Windows Live Toolbar) SST Programming Software Steam Steganos AntiSpyware 2006 SUPERAntiSpyware Free Edition TeamSpeak 2 RC2 Unlocker 1.8.5 Update für Windows Internet Explorer 8 (KB971180) Update für Windows XP (KB951072-v2) Update für Windows XP (KB951978) Update für Windows XP (KB955839) Update für Windows XP (KB961503) Update für Windows XP (KB967715) VC80CRTRedist - 8.0.50727.762 videon Viewpoint Media Player VisiBroker for Cpp 4.1 Visual Concept VP-EYE Uninstall W83L518D WebEye Wichtiges Update für Windows Media Player 11 (KB959772) Winamp Winamp Remote Winamp Toolbar for Firefox Winamp Toolbar for Internet Explorer Windows Imaging Component Windows Installer Clean Up Windows Internet Explorer 8 Windows Live Anmelde-Assistent Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Essentials Windows Live Family Safety Windows Live Favorites für Windows Live Toolbar Windows Live Fotogalerie Windows Live Mail Windows Live Messenger Windows Live Sync Windows Live Toolbar Windows Live Toolbar-Erweiterung (Windows Live Toolbar) Windows Live Writer Windows Live-Uploadtool Windows Media Format 11 runtime Windows Media Format 11 runtime Windows Media Player 11 Windows Media Player 11 Windows Search 4.0 Windows XP Service Pack 3 Windows-Sicherungsprogramm WinPcap 4.0 World of Warcraft X10 Hardware(TM) XML Paper Specification Shared Components Language Pack 1.0 |
05.07.2009, 20:29 | #11 |
| About:blank kann mir wer helfen Soa nun folgt der neue log von hijackthis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:29:45, on 05.07.2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Programme\Steganos AntiPhishing Beta\services\SaphiSrv.exe C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe C:\Programme\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe C:\Programme\CyberLink\Shared Files\CLML_NTService\CLMLService.exe C:\WINDOWS\System32\svchost.exe C:\Programme\CA\eTrust Antivirus\InoRpc.exe C:\Programme\CA\eTrust Antivirus\InoRT.exe C:\Programme\CA\eTrust Antivirus\InoTask.exe C:\Programme\Java\jre6\bin\jqs.exe C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\PnkBstrA.exe C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\Dit.exe C:\WINDOWS\system32\RunDll32.exe C:\WINDOWS\AGRSMMSG.exe C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\PROGRA~1\Medion\KeyStat\KeyStat.exe C:\Programme\Home Cinema\PowerCinema\PCMService.exe C:\PROGRA~1\CA\ETRUST~1\realmon.exe C:\Programme\Saitek\Software\SaiSmart.exe C:\WINDOWS\System32\PAStiSvc.exe C:\WINDOWS\system32\svchost.exe C:\Programme\Saitek\Software\SaiMfd.exe C:\Programme\Saitek\Software\Profiler.exe C:\Programme\Steganos AntiSpyware 2006\WRSSSDK.exe C:\Programme\Razer\razerhid.exe C:\Programme\Unlocker\UnlockerAssistant.exe C:\Programme\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Programme\Electronic Arts\EADM\Core.exe C:\Programme\Skype\Phone\Skype.exe C:\Programme\Windows Media Player\WMPNSCFG.exe C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe C:\Programme\ICQ6.5\ICQ.exe C:\Programme\Razer\razerofa.exe C:\WINDOWS\system32\SearchIndexer.exe C:\WINDOWS\system32\wscntfy.exe C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Programme\Skype\Plugin Manager\skypePM.exe C:\Programme\Internet Explorer\iexplore.exe C:\Programme\Internet Explorer\iexplore.exe C:\Programme\Windows Live\Toolbar\wltuser.exe C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Programme\Internet Explorer\iexplore.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\SearchProtocolHost.exe C:\WINDOWS\system32\SearchProtocolHost.exe C:\Programme\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Dinoparc.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI R1 - HKLM\Software\Microsoft\Internet Explorer\Main,First Home Page = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Programme\Winamp Toolbar\winamptb.dll R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing) O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Programme\Winamp Toolbar\winamptb.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Programme\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\de\msntb.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Programme\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programme\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file) O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\de\msntb.dll O3 - Toolbar: (no name) - {F21202A2-959A-4149-B1C3-68B9013F3335} - (no file) O3 - Toolbar: (no name) - {41F6170D-6AF8-4188-8D92-9DDAB3C71A78} - (no file) O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Programme\Winamp Toolbar\winamptb.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [ATIPTA] C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [Dit] Dit.exe O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [Keyboard Status] C:\PROGRA~1\Medion\KeyStat\KeyStat.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [PCMService] "C:\Programme\Home Cinema\PowerCinema\PCMService.exe" O4 - HKLM\..\Run: [Realtime Monitor] C:\PROGRA~1\CA\ETRUST~1\realmon.exe -s O4 - HKLM\..\Run: [SaiSmart] C:\Programme\Saitek\Software\SaiSmart.exe O4 - HKLM\..\Run: [SaiMfd] C:\Programme\Saitek\Software\SaiMfd.exe O4 - HKLM\..\Run: [Profiler] C:\Programme\Saitek\Software\Profiler.exe O4 - HKLM\..\Run: [AntiSpyware 2006] "C:\Programme\Steganos AntiSpyware 2006\saspy2006.exe" /startintray O4 - HKLM\..\Run: [razer] C:\Programme\Razer\razerhid.exe O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Programme\Unlocker\UnlockerAssistant.exe" -H O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [EA Core] "C:\Programme\Electronic Arts\EADM\Core.exe" -silent O4 - HKCU\..\Run: [Skype] "C:\Programme\Skype\\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [ICQ] "C:\Programme\ICQ6.5\ICQ.exe" silent O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Windows Search.lnk = C:\Programme\Windows Desktop Search\WindowsSearch.exe O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Programme\ICQToolbar\toolbaru.dll/SEARCH.HTML O8 - Extra context menu item: &Winamp Search - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000 O9 - Extra button: Steganos AntiPhishing - {104B66A9-9E68-49D1-A3F5-94754BE9E0E6} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (file missing) O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (file missing) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com/ O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary...n.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/DE-DE/.../GAME_UNO1.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.co...?1106843944468 O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary...o.cab56649.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab56907.cab O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshel...onGameHost.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://arcade.icq.com/carlo/zuma/popcaploader_v5.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Programme\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O20 - Winlogon Notify: !SASWinLogon - C:\Programme\SUPERAntiSpyware\SASWINLO.dll O23 - Service: Abel - Unknown owner - F:\Cain\Abel.exe (file missing) O23 - Service: Steganos AntiPhishing Communication Service (AntiPhishingCommService) - Unknown owner - C:\Programme\Steganos AntiPhishing Beta\services\SaphiSrv.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Programme\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: eTrust Antivirus RPC Server (InoRPC) - Computer Associates International, Inc. - C:\Programme\CA\eTrust Antivirus\InoRpc.exe O23 - Service: eTrust Antivirus Realtime Server (InoRT) - Computer Associates International, Inc. - C:\Programme\CA\eTrust Antivirus\InoRT.exe O23 - Service: eTrust Antivirus Job Server (InoTask) - Computer Associates International, Inc. - C:\Programme\CA\eTrust Antivirus\InoTask.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Programme\WinPcap\rpcapd.exe O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Programme\Steganos AntiSpyware 2006\WRSSSDK.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- End of file - 14337 bytes |
10.07.2009, 21:36 | #12 |
| About:blank kann mir wer helfen weiß jemand wie ich das wegbekomme brauche bitte eure hilfe danke |
11.07.2009, 07:15 | #13 | |
| About:blank kann mir wer helfen Hallo starte bitte HijackThis mit der Option - do a system scan only - und hake diese Einträge an Zitat:
Nach dem Neustart versuche eine neue Startseite fest zu legen und poste bitte ein frisches HijackThis Log hierher. MFG
__________________ Kein Support per PN - Bitte im Forum posten. Wenn du das Forum unterstützen möchtest Genitiv ins Wasser, weil es dativ ist http://www.vivaconagua.org/ |
11.07.2009, 08:46 | #14 |
| About:blank kann mir wer helfen ich kanns nicht glauben ich habe ne startseite DANKE DANKE DANKE DANKE endlich is dieser müll weg *happy* nochmals viel vielen dank vorallem für die schnelle hilfe |
11.07.2009, 08:53 | #15 |
| About:blank kann mir wer helfen ach ja mein neuer log hoffe er ist nun rein ^^ Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 09:55:00, on 11.07.2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Programme\Steganos AntiPhishing Beta\services\SaphiSrv.exe C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe C:\Programme\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe C:\Programme\CyberLink\Shared Files\CLML_NTService\CLMLService.exe C:\WINDOWS\System32\svchost.exe C:\Programme\CA\eTrust Antivirus\InoRpc.exe C:\Programme\CA\eTrust Antivirus\InoRT.exe C:\Programme\CA\eTrust Antivirus\InoTask.exe C:\Programme\Java\jre6\bin\jqs.exe C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\Dit.exe C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\RunDll32.exe C:\WINDOWS\AGRSMMSG.exe C:\WINDOWS\System32\PAStiSvc.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\Medion\KeyStat\KeyStat.exe C:\Programme\Steganos AntiSpyware 2006\WRSSSDK.exe C:\Programme\Home Cinema\PowerCinema\PCMService.exe C:\PROGRA~1\CA\ETRUST~1\realmon.exe C:\Programme\Saitek\Software\SaiSmart.exe C:\Programme\Saitek\Software\SaiMfd.exe C:\Programme\Saitek\Software\Profiler.exe C:\Programme\Razer\razerhid.exe C:\Programme\Unlocker\UnlockerAssistant.exe C:\Programme\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Programme\Skype\Phone\Skype.exe C:\Programme\Windows Media Player\WMPNSCFG.exe C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe C:\Programme\ICQ6.5\ICQ.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Programme\Razer\razerofa.exe C:\WINDOWS\system32\wscntfy.exe C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Programme\Skype\Plugin Manager\skypePM.exe C:\Programme\Internet Explorer\iexplore.exe C:\Programme\Internet Explorer\iexplore.exe C:\Programme\Windows Live\Toolbar\wltuser.exe C:\Programme\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Dinoparc.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Programme\Winamp Toolbar\winamptb.dll O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Programme\Winamp Toolbar\winamptb.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Programme\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\de\msntb.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Programme\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programme\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\de\msntb.dll O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Programme\Winamp Toolbar\winamptb.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [ATIPTA] C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [Dit] Dit.exe O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [Keyboard Status] C:\PROGRA~1\Medion\KeyStat\KeyStat.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [PCMService] "C:\Programme\Home Cinema\PowerCinema\PCMService.exe" O4 - HKLM\..\Run: [Realtime Monitor] C:\PROGRA~1\CA\ETRUST~1\realmon.exe -s O4 - HKLM\..\Run: [SaiSmart] C:\Programme\Saitek\Software\SaiSmart.exe O4 - HKLM\..\Run: [SaiMfd] C:\Programme\Saitek\Software\SaiMfd.exe O4 - HKLM\..\Run: [Profiler] C:\Programme\Saitek\Software\Profiler.exe O4 - HKLM\..\Run: [AntiSpyware 2006] "C:\Programme\Steganos AntiSpyware 2006\saspy2006.exe" /startintray O4 - HKLM\..\Run: [razer] C:\Programme\Razer\razerhid.exe O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Programme\Unlocker\UnlockerAssistant.exe" -H O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [EA Core] "C:\Programme\Electronic Arts\EADM\Core.exe" -silent O4 - HKCU\..\Run: [Skype] "C:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [ICQ] "C:\Programme\ICQ6.5\ICQ.exe" silent O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Programme\ICQToolbar\toolbaru.dll/SEARCH.HTML O8 - Extra context menu item: &Winamp Search - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000 O9 - Extra button: Steganos AntiPhishing - {104B66A9-9E68-49D1-A3F5-94754BE9E0E6} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com/ O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Programme\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O20 - Winlogon Notify: !SASWinLogon - C:\Programme\SUPERAntiSpyware\SASWINLO.dll O23 - Service: Steganos AntiPhishing Communication Service (AntiPhishingCommService) - Unknown owner - C:\Programme\Steganos AntiPhishing Beta\services\SaphiSrv.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Programme\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: eTrust Antivirus RPC Server (InoRPC) - Computer Associates International, Inc. - C:\Programme\CA\eTrust Antivirus\InoRpc.exe O23 - Service: eTrust Antivirus Realtime Server (InoRT) - Computer Associates International, Inc. - C:\Programme\CA\eTrust Antivirus\InoRT.exe O23 - Service: eTrust Antivirus Job Server (InoTask) - Computer Associates International, Inc. - C:\Programme\CA\eTrust Antivirus\InoTask.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Programme\WinPcap\rpcapd.exe O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Programme\Steganos AntiSpyware 2006\WRSSSDK.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- End of file - 11847 bytes |
Themen zu About:blank kann mir wer helfen |
acroiehelper.dll, adobe, als startseite, antispyware, antivirus, bho, computer, content.ie5, desktop, dll, einstellungen, excel, explorer, google, helper, hijack, hijackthis, hkus\s-1-5-18, home, internet, internet explorer, locker, mein log, monitor, object, plug-in, rundll, software, system, trojaner, webroot, windows, windows xp |