Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Pc stürtzt oft ab (https://www.trojaner-board.de/73633-pc-stuertzt-oft-ab.html)

rena200 29.05.2009 18:20
Pc stürtzt oft ab
 
Malwarebytes' Anti-Malware 1.37
Datenbank Version: 2192
Windows 5.1.2600 Service Pack 3

29.05.2009 19:04:39
mbam-log-2009-05-29 (19-04-39).txt

Scan-Methode: Vollständiger Scan (C:\|D:\|E:\|F:\|G:\|)
Durchsuchte Objekte: 166922
Laufzeit: 39 minute(s), 38 second(s)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 7
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 12
Infizierte Dateien: 35

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b7d3e479-cc68-42b5-a338-938ece35f419} (Adware.SoftMate) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c900b400-cdfe-11d3-976a-00e02913a9e0} (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{056738e1-e15c-11d6-b876-0050bf5d85c7} (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{056738ed-e15c-11d6-b876-0050bf5d85c7} (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{056738ee-e15c-11d6-b876-0050bf5d85c7} (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\NetPumper (Adware.NetPumper) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\anti-leech alie (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
C:\Programme\Zango (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\programme\Zango\bin (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\programme\Zango\bin\10.3.79.0 (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\programme\Zango\bin\10.3.79.0\firefox (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\programme\Zango\bin\10.3.79.0\firefox\extensions (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\programme\Zango\bin\10.3.79.0\firefox\extensions\components (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\programme\Zango\bin\10.3.79.0\firefox\extensions\plugins (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\All Users\Anwendungsdaten\ZangoSA (Adware.Zango) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\All Users\Anwendungsdaten\2ACA5CC3-0F83-453D-A079-1076FE1A8B65 (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\programme\Anti-Leech (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
c:\programme\anti-leech\ALIE_1.0.2.2 (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\Renate Matt\Anwendungsdaten\Zango (Adware.Zango) -> Quarantined and deleted successfully.

Infizierte Dateien:
c:\programme\Zango\bin\10.3.79.0\OEAddOn.exe (Adware.Zango) -> Quarantined and deleted successfully.
c:\programme\Zango\bin\10.3.79.0\Srv.exe (Adware.Zango) -> Quarantined and deleted successfully.
c:\programme\Zango\bin\10.3.79.0\Toolbar.dll (Adware.Zango) -> Quarantined and deleted successfully.http://www.trojaner-board.de/images/smilies/willkommen.png:o
c:\programme\Zango\bin\10.3.79.0\Weather.exe (Adware.Zango) -> Quarantined and deleted successfully.
c:\programme\Zango\bin\10.3.79.0\ZangoSA.exe (Adware.Zango) -> Quarantined and deleted successfully.
c:\programme\Zango\bin\10.3.79.0\ZangoSADF.exe (Adware.Zango) -> Quarantined and deleted successfully.
d:\programme\Mulmedia\gdivx player\SuperBarInstall.exe (Adware.SuperBar) -> Quarantined and deleted successfully.
c:\programme\Zango\bin\10.3.79.0\arrow.ico (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\programme\Zango\bin\10.3.79.0\CntntCntr.dll (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\programme\Zango\bin\10.3.79.0\copyright.txt (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\programme\Zango\bin\10.3.79.0\CoreSrv.dll (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\programme\Zango\bin\10.3.79.0\HostIE.dll (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\programme\Zango\bin\10.3.79.0\HostOE.dll (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\programme\Zango\bin\10.3.79.0\HostOL.dll (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\programme\Zango\bin\10.3.79.0\link.ico (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\programme\Zango\bin\10.3.79.0\Wallpaper.dll (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\programme\Zango\bin\10.3.79.0\WeSkin.dll (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\programme\Zango\bin\10.3.79.0\ZangoSAAX.dll (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\programme\Zango\bin\10.3.79.0\ZangoSAHook.dll (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\programme\Zango\bin\10.3.79.0\ZangoUninstaller.exe (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\programme\Zango\bin\10.3.79.0\firefox\extensions\chrome.manifest (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\programme\Zango\bin\10.3.79.0\firefox\extensions\install.rdf (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\programme\Zango\bin\10.3.79.0\firefox\extensions\components\npclntax.xpt (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\programme\Zango\bin\10.3.79.0\firefox\extensions\plugins\npclntax_ZangoSA.dll (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\all users\anwendungsdaten\ZangoSA\ZangoSA.dat (Adware.Zango) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\all users\anwendungsdaten\ZangoSA\ZangoSAAbout.mht (Adware.Zango) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\all users\anwendungsdaten\ZangoSA\ZangoSAau.dat (Adware.Zango) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\all users\anwendungsdaten\ZangoSA\ZangoSAEULA.mht (Adware.Zango) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\all users\anwendungsdaten\ZangoSA\ZangoSA_hpk.dat (Adware.Zango) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\all users\anwendungsdaten\ZangoSA\ZangoSA_kyf_update.dat (Adware.Zango) -> Quarantined and deleted successfully.
c:\programme\anti-leech\alie_1.0.2.2\al2np.dll (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
c:\programme\anti-leech\alie_1.0.2.2\alhlp.exe (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
c:\programme\anti-leech\alie_1.0.2.2\alie.dll (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
c:\programme\anti-leech\alie_1.0.2.2\alie.inf (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
c:\programme\anti-leech\alie_1.0.2.2\iesetup2.exe (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully
:headbang:

Hansebanger 29.05.2009 18:28
Bitte ein hjt noch drauf setzen °°

rena200 29.05.2009 19:32
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:33:43, on 29.05.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\cisvc.exe
C:\Programme\T-Online\Dialerschutz-Software\DFInject.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Programme\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\System32\svchost.exe
D:\PROGRA~1\MICROS~1\Office\OUTLOOK.EXE
C:\WINDOWS\msagent\AgentSvr.exe
C:\Programme\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = eumex.ip;<local>
R3 - URLSearchHook: Yahoo! Toolbar mit Pop-Up-Blocker - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [T-Online Dialerschutz-Software] "C:\Programme\T-Online\Dialerschutz-Software\Defender.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Programme\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = D:\Programme\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Programme\Yahoo!\Common\yinsthelper.dll
O23 - Service: Avira AntiVir Personal – Free Antivirus Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Automatisches LiveUpdate - Scheduler - Symantec Corporation - C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Dialerschutz Dienst (DFSVC) - Unknown owner - C:\Programme\T-Online\Dialerschutz-Software\DFInject.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe

--
End of file - 4259 bytes


Alle Zeitangaben in WEZ +1. Es ist jetzt 16:13 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131