Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   CID-Werbung (https://www.trojaner-board.de/61347-cid-werbung.html)

HippieDeluxe 05.10.2008 12:51
CID-Werbung
 
Guten Tag


Ich bin neu hier und hoffe auf Hilfe von euch.

Ich habe einen Windows Vista PC zu Hause. Seit langer Zeit nerven mich diese CID-Werbung, die am Tag ca. 15 auftauchen:headbang:. Ich habe dann meinen MessengerPlus deinstallier. Die Meldungen kamen auch nicht mehr für etwa 2 Stunden. Danach fing alles wieder an undich habe echt keine Lust mehr.

Kann das nicht lesen, hoffe hemand von euch findet etwas:

--------------------------------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:24:50, on 05.10.2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\WerCon.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\ehome\ehmsas.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\hp\kbd\kbd.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ch/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_CH&c=73&bd=Pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_CH&c=73&bd=Pavilion&pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\2.bin\MWSSRCAS.DLL
O1 - Hosts: ::1 localhost
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\2.bin\MWSSRCAS.DLL
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: WebSpeechBHO Class - {83A30C59-3A50-49E6-9DAF-4923C4EA3C23} - C:\PROGRA~1\COMMON~1\WEBSPE~1.0\LgxIEBar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [CCUTRAYICON] FactoryMode
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Mp3 That] "C:\ProgramData\CAST FLAW FLAW.qtekhv"
O4 - HKCU\..\Run: [dog about manager team] "C:\ProgramData\Multi itch frag.7mdrmw0"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Startup: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Download with Xilisoft Download YouTube Video - C:\Program Files\Xilisoft\Download YouTube Video\upod_link.HTM
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Read By Natural Voice Reader - C:\Program Files\Natural Voice Reader Standard\read.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Natural Reader - {0DF757C4-9999-463C-A4EB-B6BF1D8D8D3D} - C:\Program Files\Natural Voice Reader Standard\read.html (file missing)
O9 - Extra button: WebSpeech - {1CE4DE72-7FCC-4eb8-8F66-AE6A56A0A54D} - C:\PROGRA~1\COMMON~1\WEBSPE~1.0\LgxIEBar.dll
O9 - Extra 'Tools' menuitem: Seite/Markierung vorlesen (WebSpeech) - {1CE4DE72-7FCC-4eb8-8F66-AE6A56A0A54D} - C:\PROGRA~1\COMMON~1\WEBSPE~1.0\LgxIEBar.dll
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: HP Sammelmappe - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Intelligente Auswahl - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/FacebookPhotoUploader5.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Intel(R) Alert Service (AlertService) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Intel DH Service (IntelDHSvcConf) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Intel(R) Viiv(TM) Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
O23 - Service: Intel(R) Application Tracker (MCLServiceATL) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe

--
End of file - 13005 bytes
--------------------------------------------------------------------------

Ich danke viel mals :daumenhoc

myrtille 05.10.2008 13:27
Hi,
Zitat:
Ich habe dann meinen MessengerPlus deinstallier.
Sowas installiert man auch nicht. :blabla:

Deaktivier bitte dein Antivirenprogramm während des Scans

Lade dir Lop S&D herunter.

Führe Lop S&D.exe per Doppelklick aus.
Wähle die Sprache deiner Wahl und anschließend die Option 1 (Suche)
Warte bis der Scanbericht erstellt wird (Du findest ihn unter C:\lopR.txt, sollte der Bericht nicht erscheinen)

(Sollte dein Desktop verschwinden, drücke bitte Strg + Alt + Entf um den Taskmanager zu starten. Wähle unter Datei, neuen Task aus und gib dort explorer.exe ein)

lg myrtille

HippieDeluxe 05.10.2008 19:14
Okay, danke. Ich versuchs :aplaus:

HippieDeluxe 05.10.2008 19:23
Also hab das mal gemacht. Und jetzt? Wenn ich den neuen Task eingegeben habe, öffnet sich mein "Dokumente" - Ordner :confused:

myrtille 05.10.2008 19:43
Poste mir den bitte den Inhalt der Datei C:\lopR.txt

lg myrtille

HippieDeluxe 05.10.2008 20:22
Hier:






--------------------\\ Lop S&D 4.2.4-5 XP/Vista

Microsoft® Windows Vista™ Home Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU 4400 @ 2.00GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : USER ( Administrator )
BOOT : Normal boot
Firewall : ZoneAlarm Firewall 7.1.254.000 (Activated)
C:\ (Local Disk) - NTFS - Total : 458 Go Free : 317 Go
D:\ (Local Disk) - NTFS - Total : 7 Go Free : 1 Go
E:\ (CD or DVD) - CDFS - Total : 0 Go Free : 0 Go
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (USB)
L:\ (CD or DVD) - CDFS - Total : 0 Go Free : 0 Go
M:\ (CD or DVD) - CDFS - Total : 0 Go Free : 0 Go
N:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 02-10-2008|23:42 )
Option : [1] ( 05.10.2008|20:11 )

[ UAC => 0 ]

--------------------\\ Ordner Verzeichnis unter Local

[08.03.2008|18:10] C:\Users\USER\AppData\Local\Adobe
[04.05.2008|20:13] C:\Users\USER\AppData\Local\Ahead
[05.03.2008|10:53] C:\Users\USER\AppData\Local\Anwendungsdaten
[09.03.2008|22:00] C:\Users\USER\AppData\Local\Apple
[10.03.2008|17:18] C:\Users\USER\AppData\Local\Apple Computer
[25.09.2008|14:14] C:\Users\USER\AppData\Local\Apps
[05.10.2008|13:02] C:\Users\USER\AppData\Local\d3d9caps.dat
[05.10.2008|19:29] C:\Users\USER\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[19.07.2008|17:15] C:\Users\USER\AppData\Local\GDIPFONTCACHEV1.DAT
[28.03.2008|21:06] C:\Users\USER\AppData\Local\Google
[19.07.2008|17:15] C:\Users\USER\AppData\Local\HP
[02.10.2008|23:33] C:\Users\USER\AppData\Local\IconCache.db
[18.07.2008|16:54] C:\Users\USER\AppData\Local\Microsoft
[23.04.2008|18:37] C:\Users\USER\AppData\Local\Microsoft Help
[23.06.2008|18:03] C:\Users\USER\AppData\Local\Mozilla
[28.09.2008|19:08] C:\Users\USER\AppData\Local\Netlog
[02.10.2008|16:54] C:\Users\USER\AppData\Local\Paint.NET
[23.03.2008|23:04] C:\Users\USER\AppData\Local\ratDVD
[05.10.2008|20:09] C:\Users\USER\AppData\Local\Temp
[05.03.2008|10:53] C:\Users\USER\AppData\Local\Temporary Internet Files
[05.03.2008|10:53] C:\Users\USER\AppData\Local\Verlauf
[13.06.2008|21:07] C:\Users\USER\AppData\Local\VirtualStore
[10.03.2008|17:35] C:\Users\USER\AppData\Local\WMTools Downloaded Files
[4|Datei(en),] C:\Users\USER\AppData\Local\Bytes
[21|Verzeichnis(se),] C:\Users\USER\AppData\Local\Bytes frei

--------------------\\ Geplante Aufgaben unter C:\Windows\Tasks

[05.10.2008 16:49][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{7743B7EA-FA8A-439D-87B7-027B8544047F}.job
[05.10.2008 12:54][--ah-----] C:\Windows\tasks\SA.DAT
[04.10.2008 19:48][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Ordner Verzeichnis unter C:\ProgramData

[13.06.2008|20:36] C:\ProgramData\.zreglib
[07.03.2008|22:11] C:\ProgramData\addr_file.html
[08.03.2008|19:36] C:\ProgramData\Adobe
[05.03.2008|10:50] C:\ProgramData\Anwendungsdaten
[09.03.2008|21:59] C:\ProgramData\Apple
[09.03.2008|22:02] C:\ProgramData\Apple Computer
[02.11.2006|15:02] C:\ProgramData\Application Data
[07.03.2008|21:45] C:\ProgramData\Avira
[01.07.2008|14:42] C:\ProgramData\CAST FLAW FLAW.0zg4c
[01.07.2008|15:04] C:\ProgramData\CAST FLAW FLAW.254v7n
[22.06.2008|14:31] C:\ProgramData\CAST FLAW FLAW.2ypjh
[01.07.2008|16:10] C:\ProgramData\CAST FLAW FLAW.3y564
[01.07.2008|17:15] C:\ProgramData\CAST FLAW FLAW.40uw1
[01.07.2008|13:15] C:\ProgramData\CAST FLAW FLAW.7odh10
[01.07.2008|18:21] C:\ProgramData\CAST FLAW FLAW.akg89iw
[01.07.2008|14:21] C:\ProgramData\CAST FLAW FLAW.ht7n9n
[26.04.2008|21:08] C:\ProgramData\CAST FLAW FLAW.klmis
[01.07.2008|12:31] C:\ProgramData\CAST FLAW FLAW.lffkx
[01.07.2008|15:48] C:\ProgramData\CAST FLAW FLAW.nyp0z7n
[22.06.2008|14:31] C:\ProgramData\CAST FLAW FLAW.o399t
[01.07.2008|16:32] C:\ProgramData\CAST FLAW FLAW.pclnj0
[01.07.2008|15:26] C:\ProgramData\CAST FLAW FLAW.prb7v4
[01.07.2008|16:53] C:\ProgramData\CAST FLAW FLAW.q265nj
[01.07.2008|17:59] C:\ProgramData\CAST FLAW FLAW.q9bg5f
[01.07.2008|18:43] C:\ProgramData\CAST FLAW FLAW.qtekhv
[01.07.2008|13:37] C:\ProgramData\CAST FLAW FLAW.r7n1btp
[01.06.2008|12:25] C:\ProgramData\CAST FLAW FLAW.vlwvg
[01.07.2008|12:53] C:\ProgramData\CAST FLAW FLAW.wa8s9u
[01.07.2008|13:59] C:\ProgramData\CAST FLAW FLAW.y5hci
[01.07.2008|17:37] C:\ProgramData\CAST FLAW FLAW.z7d5f
[07.03.2008|21:47] C:\ProgramData\CheckPoint
[02.11.2006|15:02] C:\ProgramData\Desktop
[02.11.2006|15:02] C:\ProgramData\Documents
[05.03.2008|10:50] C:\ProgramData\Dokumente
[07.03.2008|23:02] C:\ProgramData\Downloaded Installations
[22.06.2008|14:32] C:\ProgramData\Drv Audio Dog About
[13.06.2008|20:37] C:\ProgramData\Elaborate Bytes
[05.03.2008|10:50] C:\ProgramData\Favoriten
[02.11.2006|15:02] C:\ProgramData\Favorites
[05.03.2008|03:32] C:\ProgramData\Google
[05.10.2008|13:04] C:\ProgramData\Google Updater
[19.07.2008|17:09] C:\ProgramData\Hewlett-Packard
[18.09.2008|18:48] C:\ProgramData\HP
[18.09.2008|18:48] C:\ProgramData\HP Product Assistant
[19.07.2008|17:07] C:\ProgramData\HPSSUPPLY
[18.09.2008|18:54] C:\ProgramData\hpzinstall.log
[05.03.2008|03:13] C:\ProgramData\Intel
[01.07.2008|13:37] C:\ProgramData\KnobFreeOkay
[15.06.2008|15:51] C:\ProgramData\Lavasoft
[04.05.2008|20:19] C:\ProgramData\LightScribe
[07.03.2008|21:55] C:\ProgramData\LUUnInstall.LiveUpdate
[13.03.2008|21:54] C:\ProgramData\MAGIX
[10.03.2008|17:20] C:\ProgramData\Microsoft
[11.09.2008|15:31] C:\ProgramData\Microsoft Help
[22.06.2008|14:32] C:\ProgramData\Multi itch frag.7mdrmw0
[05.03.2008|03:25] C:\ProgramData\muvee Technologies
[04.06.2008|20:05] C:\ProgramData\Nero
[23.03.2008|22:55] C:\ProgramData\NVIDIA
[07.03.2008|23:05] C:\ProgramData\PC Suite
[05.03.2008|03:29] C:\ProgramData\PC-Doctor
[19.03.2008|17:35] C:\ProgramData\Roxio
[14.06.2008|17:11] C:\ProgramData\Skype
[05.03.2008|03:23] C:\ProgramData\Sonic
[02.11.2006|15:02] C:\ProgramData\Start Menu
[05.03.2008|10:50] C:\ProgramData\Startmenü
[07.03.2008|22:00] C:\ProgramData\Symantec
[19.03.2008|17:41] C:\ProgramData\TEMP
[02.11.2006|15:02] C:\ProgramData\Templates
[23.07.2008|16:56] C:\ProgramData\Trymedia
[05.03.2008|10:50] C:\ProgramData\Vorlagen
[19.07.2008|17:17] C:\ProgramData\WEBREG
[26.05.2008|18:34] C:\ProgramData\WindowsSearch
[16.05.2008|23:02] C:\ProgramData\WLInstaller
[27|Datei(en),] C:\ProgramData\Bytes
[48|Verzeichnis(se),] C:\ProgramData\Bytes frei

--------------------\\ Ordner Verzeichnis unter C:\Program Files

[25.07.2008|14:10] C:\Program Files\Adobe
[19.09.2008|18:29] C:\Program Files\Apple Software Update
[23.07.2008|16:59] C:\Program Files\Atom Bomber
[07.03.2008|21:45] C:\Program Files\Avira
[10.03.2008|17:20] C:\Program Files\AviSynth 2.5
[09.03.2008|22:01] C:\Program Files\Bonjour
[19.07.2008|17:04] C:\Program Files\Common Files
[08.07.2008|21:49] C:\Program Files\DAEMON Tools Lite
[17.08.2008|20:06] C:\Program Files\DivX
[14.06.2008|15:29] C:\Program Files\EA GAMES
[16.02.2007|17:50] C:\Program Files\EasyBits
[13.06.2008|21:19] C:\Program Files\Elaborate Bytes
[10.03.2008|17:20] C:\Program Files\eRightSoft
[18.07.2008|00:36] C:\Program Files\Free MSN Emoticons Pack 4
[05.03.2008|10:50] C:\Program Files\Gemeinsame Dateien [C:\Program Files\Common Files]
[14.05.2008|19:39] C:\Program Files\Google
[05.03.2008|03:29] C:\Program Files\Hewlett-Packard
[19.07.2008|17:07] C:\Program Files\HP
[21.09.2008|21:32] C:\Program Files\InstallShield Installation Information
[05.03.2008|03:13] C:\Program Files\Intel
[07.04.2008|17:38] C:\Program Files\Internet Explorer
[09.03.2008|22:02] C:\Program Files\iPod
[09.03.2008|22:02] C:\Program Files\iTunes
[06.04.2008|14:20] C:\Program Files\Java
[24.03.2008|00:35] C:\Program Files\K-Lite Codec Pack
[15.06.2008|15:50] C:\Program Files\Lavasoft
[23.06.2008|19:37] C:\Program Files\LimeWire
[18.07.2008|13:04] C:\Program Files\Logox 4 Player
[05.03.2008|03:11] C:\Program Files\MainConcept
[02.11.2006|14:37] C:\Program Files\Microsoft Games
[07.03.2008|22:38] C:\Program Files\Microsoft Office
[07.03.2008|22:44] C:\Program Files\Microsoft Office Outlook Connector
[07.03.2008|22:37] C:\Program Files\Microsoft Visual Studio
[07.03.2008|22:32] C:\Program Files\Microsoft Visual Studio 8
[11.09.2008|15:27] C:\Program Files\Microsoft Works
[07.03.2008|22:36] C:\Program Files\Microsoft.NET
[07.04.2008|17:38] C:\Program Files\Movie Maker
[10.03.2008|17:35] C:\Program Files\Movie Maker 2.6
[27.09.2008|14:53] C:\Program Files\Mozilla Firefox
[07.03.2008|22:38] C:\Program Files\MSBuild
[08.03.2008|15:01] C:\Program Files\MSECache
[08.03.2008|15:00] C:\Program Files\MSXML 4.0
[05.03.2008|03:25] C:\Program Files\muvee Technologies
[25.05.2008|21:28] C:\Program Files\myphotobook
[18.07.2008|13:37] C:\Program Files\MyWebSearch
[17.07.2008|19:08] C:\Program Files\Natural Voice Reader Standard
[04.06.2008|20:06] C:\Program Files\Nero
[04.05.2008|20:13] C:\Program Files\NeroInstall.bak
[28.09.2008|19:08] C:\Program Files\Netlog Photo Tool
[07.03.2008|23:07] C:\Program Files\Nokia
[05.03.2008|03:32] C:\Program Files\Online-Dienste
[30.09.2008|21:22] C:\Program Files\Paint.NET
[24.04.2008|01:14] C:\Program Files\Passware
[05.03.2008|12:12] C:\Program Files\PC-Doctor 5 for Windows
[30.09.2008|17:46] C:\Program Files\Picasa2
[30.03.2008|19:09] C:\Program Files\Private Tax 2007
[09.03.2008|22:01] C:\Program Files\QuickTime
[23.03.2008|23:04] C:\Program Files\ratDVD
[05.03.2008|03:24] C:\Program Files\Real
[07.04.2008|16:59] C:\Program Files\Realtek
[02.11.2006|14:37] C:\Program Files\Reference Assemblies
[08.07.2008|21:51] C:\Program Files\Rockstar Games
[05.03.2008|03:24] C:\Program Files\Roxio
[25.06.2008|12:58] C:\Program Files\SimPE
[14.06.2008|17:11] C:\Program Files\Skype
[13.06.2008|20:58] C:\Program Files\SlySoft
[07.03.2008|21:55] C:\Program Files\Symantec
[16.03.2008|15:50] C:\Program Files\Trend Micro
[13.03.2008|20:26] C:\Program Files\UltraStar
[02.11.2006|15:01] C:\Program Files\Uninstall Information
[27.06.2008|21:41] C:\Program Files\UseNeXT
[11.03.2008|22:26] C:\Program Files\VideoLAN
[07.04.2008|17:38] C:\Program Files\Windows Calendar
[07.04.2008|17:38] C:\Program Files\Windows Collaboration
[07.04.2008|17:38] C:\Program Files\Windows Defender
[07.04.2008|17:38] C:\Program Files\Windows Journal
[07.03.2008|22:08] C:\Program Files\Windows Live
[23.08.2008|12:18] C:\Program Files\Windows Mail
[07.04.2008|17:38] C:\Program Files\Windows Media Player
[05.03.2008|10:50] C:\Program Files\Windows NT
[07.04.2008|17:38] C:\Program Files\Windows Photo Gallery
[07.04.2008|17:38] C:\Program Files\Windows Sidebar
[11.06.2008|13:30] C:\Program Files\WinRAR
[08.03.2008|17:09] C:\Program Files\Xilisoft
[30.03.2008|19:04] C:\Program Files\Zero G Registry
[07.04.2008|19:45] C:\Program Files\Zone Labs
[0|Datei(en),] C:\Program Files\Bytes
[88|Verzeichnis(se),] C:\Program Files\Bytes frei

--------------------\\ Ordner Verzeichnis unter C:\Program Files\Common Files

[08.03.2008|19:36] C:\Program Files\Common Files\Adobe
[09.03.2008|21:59] C:\Program Files\Common Files\Apple
[07.03.2008|22:37] C:\Program Files\Common Files\DESIGNER
[19.07.2008|17:04] C:\Program Files\Common Files\Hewlett-Packard
[05.03.2008|03:17] C:\Program Files\Common Files\HP
[05.03.2008|03:12] C:\Program Files\Common Files\InstallShield
[05.03.2008|03:13] C:\Program Files\Common Files\Intel
[13.03.2008|19:56] C:\Program Files\Common Files\Java
[05.03.2008|03:24] C:\Program Files\Common Files\LightScribe
[19.07.2008|14:22] C:\Program Files\Common Files\Logox.4.0
[05.03.2008|03:24] C:\Program Files\Common Files\LS Getting Started
[13.03.2008|21:55] C:\Program Files\Common Files\MAGIX Shared
[04.06.2008|20:05] C:\Program Files\Common Files\microsoft shared
[05.03.2008|03:25] C:\Program Files\Common Files\muvee Technologies
[04.06.2008|20:06] C:\Program Files\Common Files\Nero
[07.03.2008|23:05] C:\Program Files\Common Files\Nokia
[07.03.2008|23:05] C:\Program Files\Common Files\PCSuite
[10.07.2008|20:25] C:\Program Files\Common Files\PX Storage Engine
[05.03.2008|03:24] C:\Program Files\Common Files\Real
[05.03.2008|03:23] C:\Program Files\Common Files\Roxio Shared
[02.11.2006|13:18] C:\Program Files\Common Files\Services
[05.03.2008|03:23] C:\Program Files\Common Files\Sonic Shared
[02.11.2006|13:18] C:\Program Files\Common Files\SpeechEngines
[05.03.2008|03:24] C:\Program Files\Common Files\SureThing Shared
[07.03.2008|22:00] C:\Program Files\Common Files\Symantec Shared
[07.04.2008|17:38] C:\Program Files\Common Files\System
[19.07.2008|14:21] C:\Program Files\Common Files\WebSpeech.4.0
[07.03.2008|21:52] C:\Program Files\Common Files\WindowsLiveInstaller
[17.07.2008|18:43] C:\Program Files\Common Files\Wise Installation Wizard
[05.03.2008|03:24] C:\Program Files\Common Files\xing shared
[0|Datei(en),] C:\Program Files\Common Files\Bytes
[32|Verzeichnis(se),] C:\Program Files\Common Files\Bytes frei

--------------------\\ Process

( 84 Processes )

iexplore.exe ~ [PID:2452]

--------------------\\ Ueberpruefung mit S_Lop

C:\ProgramData\CAST FLAW FLAW.0zg4c
C:\ProgramData\CAST FLAW FLAW.2ypjh
C:\ProgramData\CAST FLAW FLAW.3y564
C:\ProgramData\CAST FLAW FLAW.40uw1
C:\ProgramData\CAST FLAW FLAW.klmis
C:\ProgramData\CAST FLAW FLAW.lffkx
C:\ProgramData\CAST FLAW FLAW.o399t
C:\ProgramData\CAST FLAW FLAW.vlwvg
C:\ProgramData\CAST FLAW FLAW.y5hci
C:\ProgramData\CAST FLAW FLAW.z7d5f
C:\ProgramData\CAST FLAW FLAW.254v7n
C:\ProgramData\CAST FLAW FLAW.7odh10
C:\ProgramData\CAST FLAW FLAW.ht7n9n
C:\ProgramData\CAST FLAW FLAW.pclnj0
C:\ProgramData\CAST FLAW FLAW.prb7v4
C:\ProgramData\CAST FLAW FLAW.q265nj
C:\ProgramData\CAST FLAW FLAW.q9bg5f
C:\ProgramData\CAST FLAW FLAW.qtekhv
C:\ProgramData\CAST FLAW FLAW.wa8s9u
C:\ProgramData\CAST FLAW FLAW.akg89iw
C:\ProgramData\CAST FLAW FLAW.nyp0z7n
C:\ProgramData\CAST FLAW FLAW.r7n1btp
C:\ProgramData\Multi itch frag.7mdrmw0

--------------------\\ Suche nach Lop Dateien - Ordnern

C:\ProgramData\Drv Audio Dog About
C:\ProgramData\Drv Audio Dog About\Ref Gpl.exe
C:\Users\USER\AppData\Local\Temp\nsm737C.tmp
C:\Users\USER\AppData\Roaming\MICROS~1\Windows\Cookies\user@www.adserver5[1].txt
C:\Users\USER\AppData\Roaming\MICROS~1\Windows\Cookies\user@adopt.euroclick[1].txt

--------------------\\ Suche innerhalb der Registry

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Mp3 That"="\"C:\\ProgramData\\CAST FLAW FLAW.qtekhv\""
"dog about manager team"="\"C:\\ProgramData\\Multi itch frag.7mdrmw0\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

--------------------\\ Ueberpruefung der Hosts Datei

Hosts Datei SAUBER


--------------------\\ Suche nach verborgenen Dateien mit Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-05 20:12:02
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 33

--------------------\\ Suche nach anderen Infektionen

--------------------\\ Cracks & Keygens ..

C:\Users\USER\Documents\Doc's\Die Sims2 Hauptspiel Sim2\Crack
C:\Users\USER\Documents\Doc's\Die Sims2 Hauptspiel Sim2\Crack\Sims2.exe
C:\Users\USER\Documents\Doc's\Die Sims2 Hauptspiel Sim2\Crack\The Sims2 - All Keygenerator
C:\Users\USER\Documents\Doc's\Die Sims2 Hauptspiel Sim2\Crack\The Sims2 - All Keygenerator\fff-ea136.exe
C:\Users\USER\Documents\UseNeXT\wizard\Nero Ultra Edition v.8.3.2.1\keygen.exe


[F:4485][D:190]-> C:\Users\USER\AppData\Local\Temp
[F:736][D:1]-> C:\Users\USER\AppData\Roaming\MICROS~1\Windows\Cookies
[F:1316][D:5]-> C:\Users\USER\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:5][D:3]-> C:\$Recycle.Bin

1 - "C:\Lop SD\LopR_1.txt" - 05.10.2008|20:20 - Option : [1]

--------------------\\ Scan beendet um 20:20:15
[ UAC => 1 ]





lg HippieDeluxe

myrtille 05.10.2008 20:26
Hi,

rufe bitte die Option 3 von LopS&D auf. Lasse alles bereinigen und poste das Ergebnis hier.

lg myrtille

HippieDeluxe 06.10.2008 12:22
--------------------\\ Lop S&D 4.2.4-5 XP/Vista

Microsoft® Windows Vista™ Home Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU 4400 @ 2.00GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : USER ( Administrator )
BOOT : Normal boot
Firewall : ZoneAlarm Firewall 7.1.254.000 (Activated)
C:\ (Local Disk) - NTFS - Total : 458 Go Free : 318 Go
D:\ (Local Disk) - NTFS - Total : 7 Go Free : 1 Go
E:\ (CD or DVD) - CDFS - Total : 0 Go Free : 0 Go
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (USB)
L:\ (CD or DVD) - CDFS - Total : 0 Go Free : 0 Go
M:\ (CD or DVD) - CDFS - Total : 0 Go Free : 0 Go
N:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 02-10-2008|23:42 )
Option : [3] ( 06.10.2008|13:02 )

[ UAC => 1 ]


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ FIX

Geloescht ! - C:\ProgramData\Drv Audio Dog About\Ref Gpl.exe
Geloescht ! - C:\Users\USER\AppData\Local\Temp\nsm737C.tmp
Geloescht ! - C:\Users\USER\AppData\Roaming\MICROS~1\Windows\Cookies\user@www.adserver5[1].txt
Geloescht ! - C:\Users\USER\AppData\Roaming\MICROS~1\Windows\Cookies\user@adopt.euroclick[1].txt
Geloescht ! - C:\ProgramData\CAST FLAW FLAW.0zg4c
Geloescht ! - C:\ProgramData\CAST FLAW FLAW.2ypjh
Geloescht ! - C:\ProgramData\CAST FLAW FLAW.3y564
Geloescht ! - C:\ProgramData\CAST FLAW FLAW.40uw1
Geloescht ! - C:\ProgramData\CAST FLAW FLAW.klmis
Geloescht ! - C:\ProgramData\CAST FLAW FLAW.lffkx
Geloescht ! - C:\ProgramData\CAST FLAW FLAW.o399t
Geloescht ! - C:\ProgramData\CAST FLAW FLAW.vlwvg
Geloescht ! - C:\ProgramData\CAST FLAW FLAW.y5hci
Geloescht ! - C:\ProgramData\CAST FLAW FLAW.z7d5f
Geloescht ! - C:\ProgramData\CAST FLAW FLAW.254v7n
Geloescht ! - C:\ProgramData\CAST FLAW FLAW.7odh10
Geloescht ! - C:\ProgramData\CAST FLAW FLAW.ht7n9n
Geloescht ! - C:\ProgramData\CAST FLAW FLAW.pclnj0
Geloescht ! - C:\ProgramData\CAST FLAW FLAW.prb7v4
Geloescht ! - C:\ProgramData\CAST FLAW FLAW.q265nj
Geloescht ! - C:\ProgramData\CAST FLAW FLAW.q9bg5f
Geloescht ! - C:\ProgramData\CAST FLAW FLAW.qtekhv
Geloescht ! - C:\ProgramData\CAST FLAW FLAW.wa8s9u
Geloescht ! - C:\ProgramData\CAST FLAW FLAW.akg89iw
Geloescht ! - C:\ProgramData\CAST FLAW FLAW.nyp0z7n
Geloescht ! - C:\ProgramData\CAST FLAW FLAW.r7n1btp
Geloescht ! - C:\ProgramData\Multi itch frag.7mdrmw0
Geloescht ! - C:\ProgramData\Drv Audio Dog About

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Ordner Verzeichnis unter Local

[08.03.2008|18:10] C:\Users\USER\AppData\Local\Adobe
[04.05.2008|20:13] C:\Users\USER\AppData\Local\Ahead
[05.03.2008|10:53] C:\Users\USER\AppData\Local\Anwendungsdaten
[09.03.2008|22:00] C:\Users\USER\AppData\Local\Apple
[10.03.2008|17:18] C:\Users\USER\AppData\Local\Apple Computer
[25.09.2008|14:14] C:\Users\USER\AppData\Local\Apps
[05.10.2008|13:02] C:\Users\USER\AppData\Local\d3d9caps.dat
[05.10.2008|19:29] C:\Users\USER\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[19.07.2008|17:15] C:\Users\USER\AppData\Local\GDIPFONTCACHEV1.DAT
[28.03.2008|21:06] C:\Users\USER\AppData\Local\Google
[19.07.2008|17:15] C:\Users\USER\AppData\Local\HP
[06.10.2008|00:14] C:\Users\USER\AppData\Local\IconCache.db
[18.07.2008|16:54] C:\Users\USER\AppData\Local\Microsoft
[23.04.2008|18:37] C:\Users\USER\AppData\Local\Microsoft Help
[23.06.2008|18:03] C:\Users\USER\AppData\Local\Mozilla
[28.09.2008|19:08] C:\Users\USER\AppData\Local\Netlog
[02.10.2008|16:54] C:\Users\USER\AppData\Local\Paint.NET
[23.03.2008|23:04] C:\Users\USER\AppData\Local\ratDVD
[06.10.2008|13:02] C:\Users\USER\AppData\Local\Temp
[05.03.2008|10:53] C:\Users\USER\AppData\Local\Temporary Internet Files
[05.03.2008|10:53] C:\Users\USER\AppData\Local\Verlauf
[13.06.2008|21:07] C:\Users\USER\AppData\Local\VirtualStore
[10.03.2008|17:35] C:\Users\USER\AppData\Local\WMTools Downloaded Files
[4|Datei(en),] C:\Users\USER\AppData\Local\Bytes
[21|Verzeichnis(se),] C:\Users\USER\AppData\Local\Bytes frei

--------------------\\ Geplante Aufgaben unter C:\Windows\Tasks

[05.10.2008 16:49][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{7743B7EA-FA8A-439D-87B7-027B8544047F}.job
[06.10.2008 12:56][--ah-----] C:\Windows\tasks\SA.DAT
[04.10.2008 19:48][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Ordner Verzeichnis unter C:\ProgramData

[13.06.2008|20:36] C:\ProgramData\.zreglib
[07.03.2008|22:11] C:\ProgramData\addr_file.html
[08.03.2008|19:36] C:\ProgramData\Adobe
[05.03.2008|10:50] C:\ProgramData\Anwendungsdaten
[09.03.2008|21:59] C:\ProgramData\Apple
[09.03.2008|22:02] C:\ProgramData\Apple Computer
[02.11.2006|15:02] C:\ProgramData\Application Data
[07.03.2008|21:45] C:\ProgramData\Avira
[07.03.2008|21:47] C:\ProgramData\CheckPoint
[02.11.2006|15:02] C:\ProgramData\Desktop
[02.11.2006|15:02] C:\ProgramData\Documents
[05.03.2008|10:50] C:\ProgramData\Dokumente
[07.03.2008|23:02] C:\ProgramData\Downloaded Installations
[13.06.2008|20:37] C:\ProgramData\Elaborate Bytes
[05.03.2008|10:50] C:\ProgramData\Favoriten
[02.11.2006|15:02] C:\ProgramData\Favorites
[05.03.2008|03:32] C:\ProgramData\Google
[05.10.2008|13:04] C:\ProgramData\Google Updater
[19.07.2008|17:09] C:\ProgramData\Hewlett-Packard
[18.09.2008|18:48] C:\ProgramData\HP
[18.09.2008|18:48] C:\ProgramData\HP Product Assistant
[19.07.2008|17:07] C:\ProgramData\HPSSUPPLY
[18.09.2008|18:54] C:\ProgramData\hpzinstall.log
[05.03.2008|03:13] C:\ProgramData\Intel
[01.07.2008|13:37] C:\ProgramData\KnobFreeOkay
[15.06.2008|15:51] C:\ProgramData\Lavasoft
[04.05.2008|20:19] C:\ProgramData\LightScribe
[07.03.2008|21:55] C:\ProgramData\LUUnInstall.LiveUpdate
[13.03.2008|21:54] C:\ProgramData\MAGIX
[10.03.2008|17:20] C:\ProgramData\Microsoft
[11.09.2008|15:31] C:\ProgramData\Microsoft Help
[05.03.2008|03:25] C:\ProgramData\muvee Technologies
[04.06.2008|20:05] C:\ProgramData\Nero
[23.03.2008|22:55] C:\ProgramData\NVIDIA
[07.03.2008|23:05] C:\ProgramData\PC Suite
[05.03.2008|03:29] C:\ProgramData\PC-Doctor
[19.03.2008|17:35] C:\ProgramData\Roxio
[14.06.2008|17:11] C:\ProgramData\Skype
[05.03.2008|03:23] C:\ProgramData\Sonic
[02.11.2006|15:02] C:\ProgramData\Start Menu
[05.03.2008|10:50] C:\ProgramData\Startmenü
[07.03.2008|22:00] C:\ProgramData\Symantec
[19.03.2008|17:41] C:\ProgramData\TEMP
[02.11.2006|15:02] C:\ProgramData\Templates
[23.07.2008|16:56] C:\ProgramData\Trymedia
[05.03.2008|10:50] C:\ProgramData\Vorlagen
[19.07.2008|17:17] C:\ProgramData\WEBREG
[26.05.2008|18:34] C:\ProgramData\WindowsSearch
[16.05.2008|23:02] C:\ProgramData\WLInstaller
[4|Datei(en),] C:\ProgramData\Bytes
[47|Verzeichnis(se),] C:\ProgramData\Bytes frei

--------------------\\ Ordner Verzeichnis unter C:\Program Files

[25.07.2008|14:10] C:\Program Files\Adobe
[19.09.2008|18:29] C:\Program Files\Apple Software Update
[23.07.2008|16:59] C:\Program Files\Atom Bomber
[07.03.2008|21:45] C:\Program Files\Avira
[10.03.2008|17:20] C:\Program Files\AviSynth 2.5
[09.03.2008|22:01] C:\Program Files\Bonjour
[19.07.2008|17:04] C:\Program Files\Common Files
[08.07.2008|21:49] C:\Program Files\DAEMON Tools Lite
[17.08.2008|20:06] C:\Program Files\DivX
[14.06.2008|15:29] C:\Program Files\EA GAMES
[16.02.2007|17:50] C:\Program Files\EasyBits
[13.06.2008|21:19] C:\Program Files\Elaborate Bytes
[10.03.2008|17:20] C:\Program Files\eRightSoft
[18.07.2008|00:36] C:\Program Files\Free MSN Emoticons Pack 4
[05.03.2008|10:50] C:\Program Files\Gemeinsame Dateien [C:\Program Files\Common Files]
[14.05.2008|19:39] C:\Program Files\Google
[05.03.2008|03:29] C:\Program Files\Hewlett-Packard
[19.07.2008|17:07] C:\Program Files\HP
[21.09.2008|21:32] C:\Program Files\InstallShield Installation Information
[05.03.2008|03:13] C:\Program Files\Intel
[07.04.2008|17:38] C:\Program Files\Internet Explorer
[09.03.2008|22:02] C:\Program Files\iPod
[09.03.2008|22:02] C:\Program Files\iTunes
[06.04.2008|14:20] C:\Program Files\Java
[24.03.2008|00:35] C:\Program Files\K-Lite Codec Pack
[15.06.2008|15:50] C:\Program Files\Lavasoft
[23.06.2008|19:37] C:\Program Files\LimeWire
[18.07.2008|13:04] C:\Program Files\Logox 4 Player
[05.03.2008|03:11] C:\Program Files\MainConcept
[02.11.2006|14:37] C:\Program Files\Microsoft Games
[07.03.2008|22:38] C:\Program Files\Microsoft Office
[07.03.2008|22:44] C:\Program Files\Microsoft Office Outlook Connector
[07.03.2008|22:37] C:\Program Files\Microsoft Visual Studio
[07.03.2008|22:32] C:\Program Files\Microsoft Visual Studio 8
[11.09.2008|15:27] C:\Program Files\Microsoft Works
[07.03.2008|22:36] C:\Program Files\Microsoft.NET
[07.04.2008|17:38] C:\Program Files\Movie Maker
[10.03.2008|17:35] C:\Program Files\Movie Maker 2.6
[27.09.2008|14:53] C:\Program Files\Mozilla Firefox
[07.03.2008|22:38] C:\Program Files\MSBuild
[08.03.2008|15:01] C:\Program Files\MSECache
[08.03.2008|15:00] C:\Program Files\MSXML 4.0
[05.03.2008|03:25] C:\Program Files\muvee Technologies
[25.05.2008|21:28] C:\Program Files\myphotobook
[18.07.2008|13:37] C:\Program Files\MyWebSearch
[17.07.2008|19:08] C:\Program Files\Natural Voice Reader Standard
[04.06.2008|20:06] C:\Program Files\Nero
[04.05.2008|20:13] C:\Program Files\NeroInstall.bak
[28.09.2008|19:08] C:\Program Files\Netlog Photo Tool
[07.03.2008|23:07] C:\Program Files\Nokia
[05.03.2008|03:32] C:\Program Files\Online-Dienste
[30.09.2008|21:22] C:\Program Files\Paint.NET
[24.04.2008|01:14] C:\Program Files\Passware
[05.03.2008|12:12] C:\Program Files\PC-Doctor 5 for Windows
[30.09.2008|17:46] C:\Program Files\Picasa2
[30.03.2008|19:09] C:\Program Files\Private Tax 2007
[09.03.2008|22:01] C:\Program Files\QuickTime
[23.03.2008|23:04] C:\Program Files\ratDVD
[05.03.2008|03:24] C:\Program Files\Real
[07.04.2008|16:59] C:\Program Files\Realtek
[02.11.2006|14:37] C:\Program Files\Reference Assemblies
[08.07.2008|21:51] C:\Program Files\Rockstar Games
[05.03.2008|03:24] C:\Program Files\Roxio
[25.06.2008|12:58] C:\Program Files\SimPE
[14.06.2008|17:11] C:\Program Files\Skype
[13.06.2008|20:58] C:\Program Files\SlySoft
[07.03.2008|21:55] C:\Program Files\Symantec
[16.03.2008|15:50] C:\Program Files\Trend Micro
[13.03.2008|20:26] C:\Program Files\UltraStar
[02.11.2006|15:01] C:\Program Files\Uninstall Information
[27.06.2008|21:41] C:\Program Files\UseNeXT
[11.03.2008|22:26] C:\Program Files\VideoLAN
[07.04.2008|17:38] C:\Program Files\Windows Calendar
[07.04.2008|17:38] C:\Program Files\Windows Collaboration
[07.04.2008|17:38] C:\Program Files\Windows Defender
[07.04.2008|17:38] C:\Program Files\Windows Journal
[07.03.2008|22:08] C:\Program Files\Windows Live
[23.08.2008|12:18] C:\Program Files\Windows Mail
[07.04.2008|17:38] C:\Program Files\Windows Media Player
[05.03.2008|10:50] C:\Program Files\Windows NT
[07.04.2008|17:38] C:\Program Files\Windows Photo Gallery
[07.04.2008|17:38] C:\Program Files\Windows Sidebar
[11.06.2008|13:30] C:\Program Files\WinRAR
[08.03.2008|17:09] C:\Program Files\Xilisoft
[30.03.2008|19:04] C:\Program Files\Zero G Registry
[07.04.2008|19:45] C:\Program Files\Zone Labs
[0|Datei(en),] C:\Program Files\Bytes
[88|Verzeichnis(se),] C:\Program Files\Bytes frei

--------------------\\ Ordner Verzeichnis unter C:\Program Files\Common Files

[08.03.2008|19:36] C:\Program Files\Common Files\Adobe
[09.03.2008|21:59] C:\Program Files\Common Files\Apple
[07.03.2008|22:37] C:\Program Files\Common Files\DESIGNER
[19.07.2008|17:04] C:\Program Files\Common Files\Hewlett-Packard
[05.03.2008|03:17] C:\Program Files\Common Files\HP
[05.03.2008|03:12] C:\Program Files\Common Files\InstallShield
[05.03.2008|03:13] C:\Program Files\Common Files\Intel
[13.03.2008|19:56] C:\Program Files\Common Files\Java
[05.03.2008|03:24] C:\Program Files\Common Files\LightScribe
[19.07.2008|14:22] C:\Program Files\Common Files\Logox.4.0
[05.03.2008|03:24] C:\Program Files\Common Files\LS Getting Started
[13.03.2008|21:55] C:\Program Files\Common Files\MAGIX Shared
[04.06.2008|20:05] C:\Program Files\Common Files\microsoft shared
[05.03.2008|03:25] C:\Program Files\Common Files\muvee Technologies
[04.06.2008|20:06] C:\Program Files\Common Files\Nero
[07.03.2008|23:05] C:\Program Files\Common Files\Nokia
[07.03.2008|23:05] C:\Program Files\Common Files\PCSuite
[10.07.2008|20:25] C:\Program Files\Common Files\PX Storage Engine
[05.03.2008|03:24] C:\Program Files\Common Files\Real
[05.03.2008|03:23] C:\Program Files\Common Files\Roxio Shared
[02.11.2006|13:18] C:\Program Files\Common Files\Services
[05.03.2008|03:23] C:\Program Files\Common Files\Sonic Shared
[02.11.2006|13:18] C:\Program Files\Common Files\SpeechEngines
[05.03.2008|03:24] C:\Program Files\Common Files\SureThing Shared
[07.03.2008|22:00] C:\Program Files\Common Files\Symantec Shared
[07.04.2008|17:38] C:\Program Files\Common Files\System
[19.07.2008|14:21] C:\Program Files\Common Files\WebSpeech.4.0
[07.03.2008|21:52] C:\Program Files\Common Files\WindowsLiveInstaller
[17.07.2008|18:43] C:\Program Files\Common Files\Wise Installation Wizard
[05.03.2008|03:24] C:\Program Files\Common Files\xing shared
[0|Datei(en),] C:\Program Files\Common Files\Bytes
[32|Verzeichnis(se),] C:\Program Files\Common Files\Bytes frei

--------------------\\ Process

( 85 Processes )

... OK !

--------------------\\ Ueberpruefung mit S_Lop

Kein Lop Ordner gefunden !

--------------------\\ Suche nach Lop Dateien - Ordnern

Kein Lop Ordner gefunden !

--------------------\\ Suche innerhalb der Registry

..... OK !

--------------------\\ Ueberpruefung der Hosts Datei

Hosts Datei SAUBER


--------------------\\ Suche nach verborgenen Dateien mit Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-06 13:02:58
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 33

--------------------\\ Suche nach anderen Infektionen

--------------------\\ Cracks & Keygens ..

C:\Users\USER\Documents\Doc's\Die Sims2 Hauptspiel Sim2\Crack
C:\Users\USER\Documents\Doc's\Die Sims2 Hauptspiel Sim2\Crack\Sims2.exe
C:\Users\USER\Documents\Doc's\Die Sims2 Hauptspiel Sim2\Crack\The Sims2 - All Keygenerator
C:\Users\USER\Documents\Doc's\Die Sims2 Hauptspiel Sim2\Crack\The Sims2 - All Keygenerator\fff-ea136.exe
C:\Users\USER\Documents\UseNeXT\wizard\Nero Ultra Edition v.8.3.2.1\keygen.exe


[F:4490][D:188]-> C:\Users\USER\AppData\Local\Temp
[F:734][D:1]-> C:\Users\USER\AppData\Roaming\MICROS~1\Windows\Cookies
[F:1490][D:5]-> C:\Users\USER\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:15][D:3]-> C:\$Recycle.Bin

1 - "C:\Lop SD\LopR_1.txt" - 05.10.2008|20:20 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 06.10.2008|13:21 - Option : [3]

--------------------\\ Scan beendet um 13:21:03
[ UAC => 1 ]


________________________________________________________________

Danke :D

myrtille 06.10.2008 23:53
Wie gehts dem Rechner jetzt?

lg myrtille

HippieDeluxe 07.10.2008 11:35
Also ich hatte Gestern nur noch eine einzige Werbung die aufkam. Wenn sie wieder auftauchen sollten, soll ich mich nochmal melden oder wie ?

Danke viel mal :aplaus:

myrtille 07.10.2008 12:49
Hi,

ja, eigentlich sollte es keine Werbung mehr geben. Wenn doch, dann versuch es mal mit dem Add-On "Adblock Plus" für Firefox. Wenn danach weiterhin Popups auftauchen, müssen wir deinen Rechner nochmal auseinander nehmen.

lg myrtille


Alle Zeitangaben in WEZ +1. Es ist jetzt 12:52 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19