129 Infizierte Objekte
 

habe mir Malwarebytes runtergeladen und gescannt. Es kamen 129 Infizierte Objekte heraus. Habe diese gelöscht und Computer neu hochgefahren.
Habe irgendwo gelesen das ich das dann rein posten sollte.
Hab ich alles richtig gemacht ?
ich scan lieber nochmal durch

Malwarebytes' Anti-Malware 1.18
Datenbank Version: 870

20:25:45 25.6.2008
mbam-log-6-25-2008 (20-25-45).txt

Scan Art: Schnell Scan
Objekte gescannt: 47584
Scan Dauer: 19 minute(s), 58 second(s)

Infizierte Speicher Prozesse: 3
Infizierte Speicher Module: 3
Infizierte Registrierungsschlüssel: 125
Infizierte Registrierungswerte: 10
Infizierte Datei Objekte der Registrierung: 1
Infizierte Verzeichnisse: 18
Infizierte Dateien: 46

P.S. da der Beitrag nur 25.000 wörter zulässt brauch ich ein doppel post sry :-(

Infizierte Speicher Prozesse:
C:\Programme\Zango\bin\10.0.370.0\OEAddOn.exe (Adware.180Solutions) -> Unloaded process successfully.
C:\Programme\Zango\bin\10.0.370.0\ZangoSA.exe (Adware.180Solutions) -> Unloaded process successfully.
C:\Programme\XP Antivirus\xpa.exe (Rogue.XPAntivirus) -> Unloaded process successfully.

Infizierte Speicher Module:
C:\Programme\Zango\bin\10.0.370.0\ZangoSAAX.dll (Adware.Zango) -> Unloaded module successfully.
C:\Programme\Zango\bin\10.0.370.0\HostOE.dll (Adware.180Solutions) -> Unloaded module successfully.
C:\Programme\Zango\bin\10.0.370.0\ZangoSAHook.dll (Adware.180Solutions) -> Unloaded module successfully.

Infizierte Registrierungsschlüssel:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{9034a523-d068-4be8-a284-9df278be776e} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{99ba268b-4021-4739-9945-3c774217fe75} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99ba268b-4021-4739-9945-3c774217fe75} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbcoresrv.dynamicprop (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1e0004ec-5df0-48c7-a8f0-fbb0488a3d94} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b0cb585f-3271-4e42-88d9-ae5c9330d554} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d2221ccb-f2bb-4858-aad4-57c754153603} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbcoresrv.dynamicprop.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{00b77587-be1b-4201-b8e9-09fcf50ab771} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{067c6a37-72ea-4437-863a-5be20c246f3c} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostie.bho (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{07aa283a-43d7-4cbe-a064-32a21112d94d} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07aa283a-43d7-4cbe-a064-32a21112d94d} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{93b0fa7b-50f6-41b4-ac7e-612a72ce8c3c} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{93b0fa7b-50f6-41b4-ac7e-612a72ce8c3c} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ea0b6a1a-6a59-4a58-9c41-9966504898a5} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostie.bho.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{34e29700-0d13-46aa-b9a5-ace68e21a091} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3661af2d-c27b-499c-9bcf-66c8502a3806} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{99123ac9-7dda-4c82-b252-44c2804bf392} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{08755390-f46d-4d09-968c-3430166b3189} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{5a4737a8-b92a-4e54-970e-c2891d98ce3f} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{ace99e77-aa2a-43c2-8c9d-caf2020fdf2b} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e0fb1610-b25b-49f6-be20-751b2f230e6f} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{087c4054-0a2b-4f35-b0db-bed3e21650f4} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3f0915b8-b238-4c2d-ad1e-60db1e14d27a} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{ea58c2ea-be26-49dd-9b9a-c8e4e5ca7791} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{fca28ac5-c1e1-4d67-a5ae-c44d6c374d9f} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{0923208c-e259-4ed5-a778-cb607da350ad} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1230cf51-6bc4-4a23-b3f1-c7cf0afed619} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1985fce1-4043-4346-ae70-d0a0cd90bdd3} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1a2af056-1fe1-47ca-993d-5d09d18e674e} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\zangoax.clientdetector (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1e5b2693-d348-4ca7-8364-4f5e51bf9c6d} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1e5b2693-d348-4ca7-8364-4f5e51bf9c6d} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2e54ac53-efa4-4831-a3f6-b47b1a1937cf} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2e54ac53-efa4-4831-a3f6-b47b1a1937cf} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\zangoax.clientdetector.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2e623b96-b166-4c70-8169-820761794299} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{4e8b851b-05b0-4baf-b24d-d0dfe88dded3} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{50c3e2b3-4fd7-4cb9-91f9-641a6e6b3689} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{62b0b239-f9ac-4a5b-bfae-62c7a23f7627} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{726f0ab9-b842-4ae4-90c7-230e233e6a99} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{b9cc2b92-5611-453f-8381-8b6f72d9c0b8} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{c4543e64-1498-410d-8e72-4744eea99ab9} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{229d2451-a617-4b30-b5e8-8138694240cb} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2b81f920-6660-4f76-93bf-b1c67bf5d1a0} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\zangoax.userprofiles (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\zangoax.userprofiles.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{49155dae-c471-40fa-98ee-b2b3cad115ce} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{4d783385-0dda-4188-a529-c97dc3d67cbd} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\wallpaper.wallpapermanager (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{54a3f8b7-228e-4ed8-895b-de832b2c3959} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{54a3f8b7-228e-4ed8-895b-de832b2c3959} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\wallpaper.wallpapermanager.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\toolbar.htmlmenuui (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5b2e150d-4c8a-40e4-8c36-dd9c02771c67} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{627d894a-8a77-416e-b522-432eaf2c818e} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\toolbar.htmlmenuui.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\toolbar.toolbarctl (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\toolbar.toolbarctl.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6e10479b-31e8-4a3b-81b1-ddaf39097f19} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\srv.coreservices (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\srv.coreservices.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7138f250-5b72-48dd-adfb-9a83b429dd9e} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostol.mailanim (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8971cb48-9fca-445a-be77-e8e8a4cc9df7} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b88e4484-3ff6-4ea9-815b-a54fe20d4387} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostol.mailanim.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbmain.commband (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbmain.commband.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{b247f5bf-bd9d-4ecd-8fc1-365f36a1fda1} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{bbbfb891-98ae-4678-86f3-bd5a2eed86c9} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{ad71e48f-6f47-4b63-9312-fae879541c4d} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\coresrv.lfgax (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\coresrv.lfgax.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostol.webmailsend (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostol.webmailsend.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\zango.desktopflash (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\zango.desktopflash.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{bd937ffe-0352-4fde-88f2-c30d1a9b25cf} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{bd937ffe-0352-4fde-88f2-c30d1a9b25cf} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{bd937ffe-0352-4fde-88f2-c30d1a9b25cf} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{bf1bf02c-5a86-4ecf-adac-472c54c4d21e} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{c23fa5a4-1fea-419f-8b14-f7465df062bc} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{ccc6e232-aa4c-4813-a019-9c14b27776b6} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\coresrv.coreservices (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\coresrv.coreservices.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{dbf00e12-281c-4dc8-a7ec-1ff45182439b} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{dd1cb2d7-161d-4b84-ae5c-08d3faed894f} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbr.hbmain (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbr.hbmain.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eddbb5ee-bb64-4bfc-9dbe-e7c85941335b} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Installer\Features\9ee2330ae5f4470cac801baac83818c9 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\568267acfc5644dab06f058006ddbae3 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\clientax.requiredcomponent (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0ac49246-419b-4ee0-8917-8818daad6a4e} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{51cf80dc-a309-4735-bb11-ef18bf4e3ad9} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{99410cde-6f16-42ce-9d49-3807f78f0287} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f31a5d11-bf0b-4a4e-90af-274f2090aaa6} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\clientax.requiredcomponent.1 (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{0ebacaf2-e0f9-47a9-98cf-0ecce30b654c} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2b0eceac-f597-4858-a542-d966b49055b9} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\clientax.zangoclientax (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\clientax.zangoclientax.1 (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{031cbf6a-c70e-4177-a0d4-c5268ee311fb} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6c092742-10fe-4db2-988d-fc71948de70c} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7fa8976f-d00c-4e98-8729-a66569233fb5} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{a16650a9-b065-40ec-bbd1-f8d370d17fb1} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{bdddf1a5-51a9-4f51-b38d-4cd0ad831b31} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{ddea2e1d-8555-45e5-af09-ec9aa4ea27ad} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e43dfaa6-8c16-4519-b022-8792408505a4} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{f1f1e775-1b21-454d-8d38-7c16519969e5} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{5b6689b5-c2d4-4dc7-bfd1-24ac17e5fcda} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\clientax.clientinstaller (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\clientax.clientinstaller.1 (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\lmgr180.wmdrmax (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\lmgr180.wmdrmax.1 (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\zangosa (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Zango (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZangoSA (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\ZangoSA_df.exe (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\multimediaControls.chl (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\fopn (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\Software\zango (Adware.180Solutions) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{07aa283a-43d7-4cbe-a064-32a21112d94d} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{07aa283a-43d7-4cbe-a064-32a21112d94d} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ZangoOE (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ZangoSA (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\e©ùýùàûïýóÎéøøãøôÍÊýíñûÊÞó (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network\UID (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run\start (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\Zango@Zango.com (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\BootStera (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\Zango 10.0.370.0 (Adware.Zango) -> Quarantined and deleted successfully.

Infizierte Datei Objekte der Registrierung:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Backdoor.Bot) -> Data: c:\windows\system32\ntos.exe -> Delete on reboot.

Infizierte Verzeichnisse:
C:\Programme\NetProject (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Programme\Zango (Adware.180Solutions) -> Delete on reboot.
C:\Programme\Zango\bin (Adware.180Solutions) -> Delete on reboot.
C:\Programme\Zango\bin\10.0.370.0 (Adware.180Solutions) -> Delete on reboot.
C:\Programme\Zango\bin\10.0.370.0\firefox (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Programme\Zango\bin\10.0.370.0\firefox\extensions (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Programme\Zango\bin\10.0.370.0\firefox\extensions\components (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Programme\Zango\bin\10.0.370.0\firefox\extensions\plugins (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Programme\WinAntiVirus Pro 2006 (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
C:\Programme\Gemeinsame Dateien\WinAntiVirus Pro 2006 (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WinAntiVirus Pro 2006 (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wsnpoem (Trojan.Agent) -> Delete on reboot.
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ZangoSA (Adware.Zango) -> Quarantined and deleted successfully.
C:\Programme\XP Antivirus (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\2ACA5CC3-0F83-453D-A079-1076FE1A8B65 (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\Stefan\Startmenü\XP Antivirus 2008 (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\wsnpoem (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\wsnpoem (Trojan.Agent) -> Quarantined and deleted successfully.

Infizierte Dateien:
C:\Programme\Zango\bin\10.0.370.0\CoreSrv.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Programme\Zango\bin\10.0.370.0\HostIE.dll (Adware.Zango) -> Quarantined and deleted successfully.
C:\Programme\Zango\bin\10.0.370.0\ZangoSAAX.dll (Adware.Zango) -> Quarantined and deleted successfully.
C:\Programme\Zango\bin\10.0.370.0\Wallpaper.dll (Adware.Zango) -> Quarantined and deleted successfully.
C:\Programme\Zango\bin\10.0.370.0\Toolbar.dll (Adware.Zango) -> Quarantined and deleted successfully.
C:\Programme\Zango\bin\10.0.370.0\HostOL.dll (Adware.Zango) -> Quarantined and deleted successfully.
C:\WINDOWS\Downloaded Program Files\ClientAX.dll (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Programme\Zango\zangoau.dat (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Programme\Zango\zangohook.dll (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Programme\Zango\zango_gdf.dat (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Programme\Zango\zango_kyf.dat (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Programme\Zango\bin\10.0.370.0\arrow.ico (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Programme\Zango\bin\10.0.370.0\copyright.txt (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Programme\Zango\bin\10.0.370.0\HostOE.dll (Adware.180Solutions) -> Delete on reboot.
C:\Programme\Zango\bin\10.0.370.0\link.ico (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Programme\Zango\bin\10.0.370.0\OEAddOn.exe (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Programme\Zango\bin\10.0.370.0\Srv.exe (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Programme\Zango\bin\10.0.370.0\ZangoSA.exe (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Programme\Zango\bin\10.0.370.0\ZangoSADF.exe (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Programme\Zango\bin\10.0.370.0\ZangoSAHook.dll (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Programme\Zango\bin\10.0.370.0\firefox\extensions\install.rdf (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Programme\Zango\bin\10.0.370.0\firefox\extensions\components\npclntax.xpt (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Programme\Zango\bin\10.0.370.0\firefox\extensions\plugins\npclntax_ZangoSA.dll (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Programme\WinAntiVirus Pro 2006\msvcp71.dll (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
C:\Programme\WinAntiVirus Pro 2006\msvcr71.dll (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
C:\Programme\Gemeinsame Dateien\WinAntiVirus Pro 2006\WapCHK.dll (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wsnpoem\audio.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\wsnpoem\audio.dll.cla (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\wsnpoem\video.dll (Trojan.Agent) -> Delete on reboot.
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ZangoSA\ZangoSA.dat (Adware.Zango) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ZangoSA\ZangoSAAbout.mht (Adware.Zango) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ZangoSA\ZangoSAau.dat (Adware.Zango) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ZangoSA\ZangoSAEula.mht (Adware.Zango) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ZangoSA\ZangoSAEula.mht.tmp (Adware.Zango) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ZangoSA\ZangoSA_kyf.dat (Adware.Zango) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ZangoSA\ZangoSA_kyf_update.dat (Adware.Zango) -> Quarantined and deleted successfully.
C:\Programme\XP Antivirus\xpa.exe (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\2ACA5CC3-0F83-453D-A079-1076FE1A8B65\ProfileReg.dat (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\Stefan\Startmenü\XP Antivirus 2008\Uninstall XP Antivirus 2008.lnk (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\Stefan\Startmenü\XP Antivirus 2008\XP Antivirus 2008.lnk (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\wsnpoem\audio.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\wsnpoem\audio.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ntos.exe (Backdoor.Bot) -> Delete on reboot.
C:\WINDOWS\system32\stera.job (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\Stefan\Desktop\XP Antivirus 2008.lnk (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\XP Antivirus 2008.lnk (Rogue.XPAntivirus) -> Quarantined and deleted successfully.

2ter durchgang nur 1 Infiziertes Objekt

Malwarebytes' Anti-Malware 1.18
Datenbank Version: 870

21:15:04 25.6.2008
mbam-log-6-25-2008 (21-15-04).txt

Scan Art: Komplett Scan (C:\|D:\|)
Objekte gescannt: 187199
Scan Dauer: 41 minute(s), 43 second(s)

Infizierte Speicher Prozesse: 0
Infizierte Speicher Module: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Datei Objekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 1

Infizierte Speicher Prozesse:
(Keine Malware Objekte gefunden)

Infizierte Speicher Module:
(Keine Malware Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine Malware Objekte gefunden)

Infizierte Registrierungswerte:
(Keine Malware Objekte gefunden)

Infizierte Datei Objekte der Registrierung:
(Keine Malware Objekte gefunden)

Infizierte Verzeichnisse:
(Keine Malware Objekte gefunden)

Infizierte Dateien:
C:\Programme\ZangoToolbar\Bin\4.8.2.0\dBenderC.dll (Adware.Hotbar) -> Quarantined and deleted successfully.

Hallo, du solltest unbedingt Neuaufsetzen, da du:
1. einen Zlob und
2. die ntos.exe (Backdoor) drauf hast.

Ändere zudem noch alle Passwörter und Zugangsdaten von einem nicht infiziertem PC und trenne den Infizierten sofort vom Netz.

mfg

So hab eigentlich nicht viel ahnung vom pc.
Was meinst du mit neu aufsetzen ?

2te antwort: Habe leider nur einen Pc ^^

Folge dieser Anleitung: http://www.trojaner-board.de/51262-a...sicherung.html

Wichtig ist nur, das du deine PW und Zugangsdaten, besonders für Online Banking, PayPal, eBay Account, etc. änderst! Das möglichst von einem sauberen Rechner

mfg

Ok werd ich demnächst machen, muss halt zu meiner sis fahren :-)

Mit neu aufsetzten werd ich versuchen, anleitung ist ja da.
Bis später :-)

Am besten Anleitung ausdrucken :)
Viel Erfolg und Spaß.

Lass zudem sicherheitshalber deine Konten sperren. Sorry, vergas ich zu erwähnen.
Evtl. könnte dir deine Bank Hinweise für dein Vorgehen geben.

mfg

PayPal und sonstiges habe ich nicht
ebay, e-mail dagegen schon ^^

Wenn du keine unerwarteten Bestellungen und Probleme mit deinem Provider willst, lasse diese evtl. sperren
mfg

Edit: Der Grund ist, das ntos.exe einer der wiederwertigsten Infektionen ist, die man haben kann. Damit ist einfach nichtmehr zu spaßen

Was soll ich tun wenn ich die XP-CD nicht habe um es neu zu installieren ?

Wieso hast du keine CD ?
o.o

Hehe ne nicht wirklich. und glaube auch nie eine gehabt :-(

Wenn man einen PC kauft, ist diese IMMER dabei.
Oder hast du deinen PC selber zusammengebaut?

Also die frage könntest du dir selber beantworten ^^
Habe diesen Pc geschenkt bekommen von einem Freund.
ich könnte ihn ja mal fragen. Sind die XP-Cds alle gleich oder gibts bestimmte ? ic hdenke nicht oder

Frag deinen Freund, ob er diese noch hat.
Die CD ist mitunter das Wichtigste, neben dem PC selber.
Sonst müsstest du dir eine kaufen, ich weiß nicht ob eine Linux-Live-CD funktioniert

Ok dann sag ich erstmal danke für heute werde mich melden wenn ich die Cd habe

Gut, das kriegen wir schon hin ;)

Dann mal ne andere frage!
Was bewirkt der Virus eigentlich genau ?
Wenn ich die Cd nicht habe bekomm ich ihn auch irgendwie anderst runter ?

Welchen meinst du? Zlob, ntos.exe a.k.a Spy.Buzus oder die etlichen anderen?

Hm.. die etlichen anderen sind ja glaub ich weg oder ?
Hab grad durchgescannt hat nix gefunden.
Ich meinte Zlob, ntos.exe a.k.a Spy.Buzus

Die anderen sind nicht relevant.
Zlob hat rootkit-ähnliche Eigenschaften, evtl. ermöglicht er unbefugten Zugriff von Dritten.
Er wird nur sehr schwer erkannt (MalewareBytes z.B. hat ihn nicht gefunden ;) ) und da es von ihm unzählige Varianten gibt, ist es schwer zu sagen, ob deiner Backdooreigenschaften hat.

ntos.exe ist ein Backdoortrojaner, der deine Passwörter ausspioniert und den Zugriff von Dritten ermöglicht.

Dein System ist kompromittiert

auswirkungen auf programmen hat es auch ?
Kann nämlich Internet Explorer nicht mehr benutzen sowie Icq und msn.
Opera geht aber

Dein System ist nichtmehr vertrauenswürdig, nur der Hacker weiß, was bei dir alles manipuliert wurde. Sprich nur er bestimmt, was du machen darfst und was nicht,
dein PC ist sozusagen seiner.

Nochwas:
Du solltest deinen PC schleunigst vom Netz nehmen, dein PC könnte evlt. schon zu einem Bot-Netzwerk gehören, Spam Mails versenden oder einen DDoS Angriff starten

Hm.. wohne in einem kleinen Dorf glaube nicht das es schon so weit gekommen ist :-(

werde trotzdem vorsichtshalber demnächst den stecker ziehen

Hat nichts damit zu tun wo du wohnst :)
Das ist dem Dritten egal
mfg

Ja ich meinte das um uns rum eigentlich kaum häuser sind und die die hier wohnen ich eigentlich sehr gut kenne.

Oder können die dritten auch von 10km aus auf den pc zugreifen ?

Der wohnt wahrscheinlich nichtmal in Deutschland ;)

Oh ich verstehe :-(

Nunja dann wird der stecker erstmal gezogen.
was ist nun wenn ich keine xp-cd habe ?
dann müsste ich mir ja eigentlich ein neuen pc zulegen :-(

Danke für die hilfe.
werde mich demnächst melden

Besser: XP CD kaufen, kostet um die 60€

Der Schaden, der durch Backdoortrojaner angerichtet werden kann, wäre wesentlich höher :daumenhoc

mfg