|
mrjj.exe,ran.popuppers.com & Co. Hallo, freues neues Jahr an alle! Meine Mutter hat ein riesiges Problem mit Iherem Lap Top und ich weiss jetzt auch nicht mehr wie ich ihr helfen kann. Erstens kommen ab und zu Popups mit folgender info: 1. you or a programm have requested information from aus2.mozilla.org(es kommen unterschiedliche links: ran.popuppers.com, prutect.com, e2give.com, aber auch andere)which connection do you want to use. und es springt ein fenster auf, das mrj heisst. 2. beim hochfahren kommen VCCClient.exe und VCMain.exe Application Error 3.unter software sind folgende verdächtige software zu finden: Related Page e2give Plug-in Web Nexus Network Webhancer Customer Companion webHancer Survey Companion 4.es laufen mrjj.exe und ccApp.exe im Hintergrund :( 5. wenn ich ins internet gehe taucht immer die gleiche seite auf:www.adultfriendfinder.com Ich habe schon die Festplatte formatiert und spywarescanner , antivirus, etc..heruntergeladen, aber die dinge kommen immer wieder. Ich weiss nicht, was ich noch tun kann???? |
hallo, poste bitte ein HJT logfile.. anleitung im link meiner signatur.. |
LSA, VCmain.exe Error Application, etc.. Hallo, Spybot findet ab zu mal wieder LSA, ansonsten ist alles clear. Hier ist der Logfile von Hijackthis: Logfile of HijackThis v1.99.1 Scan saved at 21:36:26, on 02/01/2006 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Documents and Settings\User\Desktop\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/ O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [CPQEASYACC] C:\Program Files\Compaq\Easy Access Button Support\cpqeadm.exe O4 - HKLM\..\Run: [EACLEAN] C:\Program Files\Compaq\Easy Access Button Support\eaclean.exe O4 - HKLM\..\Run: [Microsoft Conference] mscf.exe O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe O4 - HKLM\..\RunServices: [Microsoft Conference] mscf.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [Microsoft Conference] mscf.exe O4 - HKCU\..\Run: [CU1] C:\Program Files\Common Files\VCClient\VCClient.exe O4 - HKCU\..\Run: [CU2] C:\Program Files\Common Files\VCClient\VCMain.exe O4 - HKCU\..\Run: [rsobca] C:\WINDOWS\System32\rsobca.exe O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q O4 - HKCU\..\RunServices: [Microsoft Conference] mscf.exe O4 - Global Startup: Consola KIT ADSL.lnk = ? O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1135967102649 O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Servicio Auto-Protect de Norton AntiVirus (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools - C:\Program Files\Spyware Doctor\sdhelp.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe und von Spyware Doctor: Scan Results: scan start: 02/01/2006 21:15:46 scan stop: 02/01/2006 21:27:22 scanned items: 48261 found items: 178 found and ignored: 0 tools used: General Scanner, Process Scanner, Hosts scanner, LSP Scanner, Registry Scanner, Browser Defaults, Favorites and ZoneMap Scanner, ActiveX Scanner, Browser Activity Scanner, Disk Scanner Infection Name Location Risk Internet Explorer Security Settings multiple Info & PUAs MediaGateway HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MediaGatewayX.dll Elevated MediaGateway HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MediaGatewayX.dll## Elevated MediaGateway HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MediaGatewayX.dll##.Owner Elevated MediaGateway HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MediaGatewayX.dll##{8FCDF9D9-A28B-480F-8C3D-581F119A8AB8} Elevated MediaGateway HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs##C:\WINDOWS\Downloaded Program Files\MediaGatewayX.dll Elevated MediaMotor HKCR\IEMonitor.cBrowsers High MediaMotor HKCR\IEMonitor.cBrowsers## High MediaMotor HKCR\IEMonitor.cBrowsers\Clsid High MediaMotor HKCR\IEMonitor.cBrowsers\Clsid## High MediaMotor HKCR\IEMonitor.IEEvents High MediaMotor HKCR\IEMonitor.IEEvents## High MediaMotor HKCR\IEMonitor.IEEvents\Clsid High MediaMotor HKCR\IEMonitor.IEEvents\Clsid## High MediaMotor HKCR\Interface\{29375563-1B91-44D9-8B05-FFAD8AC286F6} High MediaMotor HKCR\Interface\{29375563-1B91-44D9-8B05-FFAD8AC286F6}## High MediaMotor HKCR\Interface\{29375563-1B91-44D9-8B05-FFAD8AC286F6}\ProxyStubClsid High MediaMotor HKCR\Interface\{29375563-1B91-44D9-8B05-FFAD8AC286F6}\ProxyStubClsid## High MediaMotor HKCR\Interface\{29375563-1B91-44D9-8B05-FFAD8AC286F6}\ProxyStubClsid32 High MediaMotor HKCR\Interface\{29375563-1B91-44D9-8B05-FFAD8AC286F6}\ProxyStubClsid32## High MediaMotor HKCR\Interface\{29375563-1B91-44D9-8B05-FFAD8AC286F6}\TypeLib High MediaMotor HKCR\Interface\{29375563-1B91-44D9-8B05-FFAD8AC286F6}\TypeLib## High MediaMotor HKCR\Interface\{29375563-1B91-44D9-8B05-FFAD8AC286F6}\TypeLib##Version High MediaMotor HKCR\Interface\{2AFDD165-B663-43C1-AFE2-105FDCA2A24B} High MediaMotor HKCR\Interface\{2AFDD165-B663-43C1-AFE2-105FDCA2A24B}## High MediaMotor HKCR\Interface\{2AFDD165-B663-43C1-AFE2-105FDCA2A24B}\ProxyStubClsid High MediaMotor HKCR\Interface\{2AFDD165-B663-43C1-AFE2-105FDCA2A24B}\ProxyStubClsid## High MediaMotor HKCR\Interface\{2AFDD165-B663-43C1-AFE2-105FDCA2A24B}\ProxyStubClsid32 High MediaMotor HKCR\Interface\{2AFDD165-B663-43C1-AFE2-105FDCA2A24B}\ProxyStubClsid32## High MediaMotor HKCR\Interface\{2AFDD165-B663-43C1-AFE2-105FDCA2A24B}\TypeLib High MediaMotor HKCR\Interface\{2AFDD165-B663-43C1-AFE2-105FDCA2A24B}\TypeLib## High MediaMotor HKCR\Interface\{2AFDD165-B663-43C1-AFE2-105FDCA2A24B}\TypeLib##Version High MediaMotor HKCR\Interface\{DAE67284-3C98-44C5-AA8F-9461C3247707} High MediaMotor HKCR\Interface\{DAE67284-3C98-44C5-AA8F-9461C3247707}## High MediaMotor HKCR\Interface\{DAE67284-3C98-44C5-AA8F-9461C3247707}\ProxyStubClsid High MediaMotor HKCR\Interface\{DAE67284-3C98-44C5-AA8F-9461C3247707}\ProxyStubClsid## High MediaMotor HKCR\Interface\{DAE67284-3C98-44C5-AA8F-9461C3247707}\ProxyStubClsid32 High MediaMotor HKCR\Interface\{DAE67284-3C98-44C5-AA8F-9461C3247707}\ProxyStubClsid32## High MediaMotor HKCR\Interface\{DAE67284-3C98-44C5-AA8F-9461C3247707}\TypeLib High MediaMotor HKCR\Interface\{DAE67284-3C98-44C5-AA8F-9461C3247707}\TypeLib## High MediaMotor HKCR\Interface\{DAE67284-3C98-44C5-AA8F-9461C3247707}\TypeLib##Version High MediaMotor HKCR\TypeLib\{1942BEBE-DCE5-4148-868E-1250A2218B4C} High MediaMotor HKCR\TypeLib\{1942BEBE-DCE5-4148-868E-1250A2218B4C}## High MediaMotor HKCR\TypeLib\{1942BEBE-DCE5-4148-868E-1250A2218B4C}\2.0 High MediaMotor HKCR\TypeLib\{1942BEBE-DCE5-4148-868E-1250A2218B4C}\2.0## High MediaMotor HKCR\TypeLib\{1942BEBE-DCE5-4148-868E-1250A2218B4C}\2.0\0 High MediaMotor HKCR\TypeLib\{1942BEBE-DCE5-4148-868E-1250A2218B4C}\2.0\0## High MediaMotor HKCR\TypeLib\{1942BEBE-DCE5-4148-868E-1250A2218B4C}\2.0\0\win32 High MediaMotor HKCR\TypeLib\{1942BEBE-DCE5-4148-868E-1250A2218B4C}\2.0\0\win32## High MediaMotor HKCR\TypeLib\{1942BEBE-DCE5-4148-868E-1250A2218B4C}\2.0\FLAGS High MediaMotor HKCR\TypeLib\{1942BEBE-DCE5-4148-868E-1250A2218B4C}\2.0\FLAGS## High MediaMotor HKCR\TypeLib\{1942BEBE-DCE5-4148-868E-1250A2218B4C}\2.0\HELPDIR High MediaMotor HKCR\TypeLib\{1942BEBE-DCE5-4148-868E-1250A2218B4C}\2.0\HELPDIR## High Webhancer HKLM\software\microsoft\windows\currentversion\app management\arpcache\whsurvey Medium Webhancer HKLM\software\microsoft\windows\currentversion\app management\arpcache\whsurvey## Medium Webhancer HKLM\software\microsoft\windows\currentversion\app management\arpcache\whsurvey##SlowInfoCache Medium Webhancer HKLM\software\microsoft\windows\currentversion\app management\arpcache\whsurvey##Changed Medium MediaMotor HKCR\CLSID\{62FBA4E7-BD9E-4D8D-8FBB-3C32999CB7FC} High MediaMotor HKCR\CLSID\{62FBA4E7-BD9E-4D8D-8FBB-3C32999CB7FC}\Control High MediaMotor HKCR\CLSID\{62FBA4E7-BD9E-4D8D-8FBB-3C32999CB7FC}\Implemented Categories High MediaMotor HKCR\CLSID\{62FBA4E7-BD9E-4D8D-8FBB-3C32999CB7FC}\Implemented Categories\{0DE86A52-2BAA-11CF-A229-00AA003D7352} High MediaMotor HKCR\CLSID\{62FBA4E7-BD9E-4D8D-8FBB-3C32999CB7FC}\Implemented Categories\{0DE86A53-2BAA-11CF-A229-00AA003D7352} High MediaMotor HKCR\CLSID\{62FBA4E7-BD9E-4D8D-8FBB-3C32999CB7FC}\Implemented Categories\{0DE86A57-2BAA-11CF-A229-00AA003D7352} High MediaMotor HKCR\CLSID\{62FBA4E7-BD9E-4D8D-8FBB-3C32999CB7FC}\Implemented Categories\{40FC6ED4-2438-11CF-A3DB-080036F12502} High MediaMotor HKCR\CLSID\{62FBA4E7-BD9E-4D8D-8FBB-3C32999CB7FC}\InprocServer32 High MediaMotor HKCR\CLSID\{62FBA4E7-BD9E-4D8D-8FBB-3C32999CB7FC}\MiscStatus High MediaMotor HKCR\CLSID\{62FBA4E7-BD9E-4D8D-8FBB-3C32999CB7FC}\MiscStatus\1 High MediaMotor HKCR\CLSID\{62FBA4E7-BD9E-4D8D-8FBB-3C32999CB7FC}\ProgID High MediaMotor HKCR\CLSID\{62FBA4E7-BD9E-4D8D-8FBB-3C32999CB7FC}\ToolboxBitmap32 High MediaMotor HKCR\CLSID\{62FBA4E7-BD9E-4D8D-8FBB-3C32999CB7FC}\TypeLib High MediaMotor HKCR\CLSID\{62FBA4E7-BD9E-4D8D-8FBB-3C32999CB7FC}\VERSION High MediaMotor HKLM\Software\Classes\CLSID\{62FBA4E7-BD9E-4D8D-8FBB-3C32999CB7FC} High MediaMotor HKLM\Software\Classes\CLSID\{62FBA4E7-BD9E-4D8D-8FBB-3C32999CB7FC}\Control High MediaMotor HKLM\Software\Classes\CLSID\{62FBA4E7-BD9E-4D8D-8FBB-3C32999CB7FC}\Implemented Categories High MediaMotor HKLM\Software\Classes\CLSID\{62FBA4E7-BD9E-4D8D-8FBB-3C32999CB7FC}\Implemented Categories\{0DE86A52-2BAA-11CF-A229-00AA003D7352} High MediaMotor HKLM\Software\Classes\CLSID\{62FBA4E7-BD9E-4D8D-8FBB-3C32999CB7FC}\Implemented Categories\{0DE86A53-2BAA-11CF-A229-00AA003D7352} High MediaMotor HKLM\Software\Classes\CLSID\{62FBA4E7-BD9E-4D8D-8FBB-3C32999CB7FC}\Implemented Categories\{0DE86A57-2BAA-11CF-A229-00AA003D7352} High MediaMotor HKLM\Software\Classes\CLSID\{62FBA4E7-BD9E-4D8D-8FBB-3C32999CB7FC}\Implemented Categories\{40FC6ED4-2438-11CF-A3DB-080036F12502} High MediaMotor HKLM\Software\Classes\CLSID\{62FBA4E7-BD9E-4D8D-8FBB-3C32999CB7FC}\InprocServer32 High MediaMotor HKLM\Software\Classes\CLSID\{62FBA4E7-BD9E-4D8D-8FBB-3C32999CB7FC}\MiscStatus High MediaMotor HKLM\Software\Classes\CLSID\{62FBA4E7-BD9E-4D8D-8FBB-3C32999CB7FC}\MiscStatus\1 High MediaMotor HKLM\Software\Classes\CLSID\{62FBA4E7-BD9E-4D8D-8FBB-3C32999CB7FC}\ProgID High MediaMotor HKLM\Software\Classes\CLSID\{62FBA4E7-BD9E-4D8D-8FBB-3C32999CB7FC}\ToolboxBitmap32 High MediaMotor HKLM\Software\Classes\CLSID\{62FBA4E7-BD9E-4D8D-8FBB-3C32999CB7FC}\TypeLib High MediaMotor HKLM\Software\Classes\CLSID\{62FBA4E7-BD9E-4D8D-8FBB-3C32999CB7FC}\VERSION High MediaMotor HKCR\CLSID\{A03323D3-F649-4F16-A6E4-4FC53F917A83} High MediaMotor HKCR\CLSID\{A03323D3-F649-4F16-A6E4-4FC53F917A83}\Implemented Categories High MediaMotor HKCR\CLSID\{A03323D3-F649-4F16-A6E4-4FC53F917A83}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502} High MediaMotor HKCR\CLSID\{A03323D3-F649-4F16-A6E4-4FC53F917A83}\ProgID High MediaMotor HKCR\CLSID\{A03323D3-F649-4F16-A6E4-4FC53F917A83}\Programmable High MediaMotor HKCR\CLSID\{A03323D3-F649-4F16-A6E4-4FC53F917A83}\TypeLib High MediaMotor HKCR\CLSID\{A03323D3-F649-4F16-A6E4-4FC53F917A83}\VERSION High MediaMotor HKLM\Software\Classes\CLSID\{A03323D3-F649-4F16-A6E4-4FC53F917A83} High MediaMotor HKLM\Software\Classes\CLSID\{A03323D3-F649-4F16-A6E4-4FC53F917A83}\Implemented Categories High MediaMotor HKLM\Software\Classes\CLSID\{A03323D3-F649-4F16-A6E4-4FC53F917A83}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502} High MediaMotor HKLM\Software\Classes\CLSID\{A03323D3-F649-4F16-A6E4-4FC53F917A83}\ProgID High MediaMotor HKLM\Software\Classes\CLSID\{A03323D3-F649-4F16-A6E4-4FC53F917A83}\Programmable High MediaMotor HKLM\Software\Classes\CLSID\{A03323D3-F649-4F16-A6E4-4FC53F917A83}\TypeLib High MediaMotor HKLM\Software\Classes\CLSID\{A03323D3-F649-4F16-A6E4-4FC53F917A83}\VERSION High Mirar HKCR\CLSID\{9A9C9B69-F908-4AAB-8D0C-10EA8997F37E} Low Mirar HKCR\CLSID\{9A9C9B69-F908-4AAB-8D0C-10EA8997F37E}\InprocServer32 Low Mirar HKCR\CLSID\{9A9C9B69-F908-4AAB-8D0C-10EA8997F37E}\TypeLib Low Mirar HKLM\Software\Classes\CLSID\{9A9C9B69-F908-4AAB-8D0C-10EA8997F37E} Low Mirar HKLM\Software\Classes\CLSID\{9A9C9B69-F908-4AAB-8D0C-10EA8997F37E}\InprocServer32 Low Mirar HKLM\Software\Classes\CLSID\{9A9C9B69-F908-4AAB-8D0C-10EA8997F37E}\TypeLib Low Pru-tect C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\YWDJDZJT\d1[1].htm Medium Known Bad Sites C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\2W8S94HT\smartload_stats[3].htm High Known Bad Sites C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\41225C51\smartload[1].htm High Known Bad Sites C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\P5KVCI6P\smartload_d[1].htm High Known Bad Sites C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\41225C51\drsmartload[1].exe High MediaMotor C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\YWDJDZJT\log3[1].php High MediaMotor C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\41225C51\joysaver[1].cab High Known Bad Sites C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\2W8S94HT\ibarshow[1].gif High I-Search Desktop Search Toolbar C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\2W8S94HT\installer[1].exe Elevated Known Bad Sites C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\YWDJDZJT\smartload_einde[1].htm High Pru-tect C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\41225C51\f[1].aspx Medium Known Bad Sites C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\YWDJDZJT\ibarinstall[1].gif High Known Bad Sites C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\41225C51\ibar[1].js High Known Bad Sites C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\YWDJDZJT\ibar[1].css High Known Bad Sites C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\P5KVCI6P\ibarie[1].css High Known Bad Sites C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\2W8S94HT\smartload[1].htm High Known Bad Sites C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\2W8S94HT\drsmartload_js[1].htm High Known Bad Sites C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\YWDJDZJT\MediaTicketsInstaller[1].cab High Known Bad Sites C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\YWDJDZJT\adtech2006a[1].exe High Known Bad Sites C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\YWDJDZJT\timessquare[1].exe High TargetSavers C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\YWDJDZJT\tsupdate2[1].ini High Known Bad Sites C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\P5KVCI6P\1[1].css High MediaMotor C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\P5KVCI6P\pi1_25[1].exe High I-Search Desktop Search Toolbar C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\P5KVCI6P\checkin[1].htm Elevated Known Bad Sites C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\YWDJDZJT\donotdelete[1].htm High Known Bad Sites C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\2W8S94HT\smartload_stats[2].htm High Known Bad Sites C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\41225C51\drsmartloadb[1].exe High Known Bad Sites C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\2W8S94HT\smartload_stats[1].htm High Known Bad Sites C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\YWDJDZJT\drsmartload124a[1].exe High Known Bad Sites C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\41225C51\ibarbg[1].gif High MediaMotor C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\P5KVCI6P\unstall[1].exe High Known Bad Sites C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\2W8S94HT\tussen[1].gif High Pru-tect C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\41225C51\file1[1].ashx Medium Known Bad Sites C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\P5KVCI6P\ibarhide[1].gif High MediaMotor C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\2W8S94HT\whCC-GIANT[1].exe High MediaMotor C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\41225C51\mrj[1].exe High Known Bad Sites C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\2W8S94HT\logo[3].gif High MediaMotor C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\P5KVCI6P\876029[1].exe High Known Bad Sites C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\2W8S94HT\mtrslib2[1].js High Known Bad Sites C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\P5KVCI6P\mbimg[1].gif High Known Bad Sites C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\P5KVCI6P\ibarbgon[1].gif High Known Bad Sites C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\41225C51\ibarhideon[1].gif High Known Bad Sites C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\P5KVCI6P\smartload_stats[1].htm High Known Bad Sites C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\YWDJDZJT\hoek[1].gif High Tracking Cookie(s) C:\Documents and Settings\User\Cookies\user@xmts[1].txt Medium Tracking Cookie(s) C:\Documents and Settings\User\Cookies\user@exitexchange[1].txt Medium Tracking Cookie(s) C:\Documents and Settings\User\Cookies\user@ad.yieldmanager[2].txt Medium Advertising C:\Documents and Settings\User\Cookies\user@com[2].txt Low E2.Give.IEBHOs C:\Documents and Settings\User\Local Settings\Temp\ei.exe Medium TargetSavers C:\DOCUME~1\User\LOCALS~1\Temp\GLFCGLFC.EXE High MediaMotor C:\Documents and Settings\User\Desktop\hijackthis\backups\backup-20060101-204706-612.dll High MediaMotor C:\Documents and Settings\User\Desktop\hijackthis\backups\backup-20060101-204706-612.inf High ClkOptimizer C:\Documents and Settings\User\Local Settings\Temp\f5118810.exe High MediaTickets C:\Documents and Settings\User\Local Settings\Temp\ICD1.tmp\MediaTicketsInstaller.INF Elevated TargetSavers C:\Documents and Settings\User\Local Settings\Temp\tsinstall_4_0_4_0_b4.exe High E2.Give.IEBHOs C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\2W8S94HT\ei[1].exe Medium InternetOptimizer C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\2W8S94HT\optimize[1].exe High Trojan.Downloader.Small.BUY C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\41225C51\MTE3NDI6ODoxNg[1].exe High ClkOptimizer C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\41225C51\rcverlib[1].exe High ClkOptimizer C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\P5KVCI6P\install[1].exe High E2.Give.IEBHOs C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\P5KVCI6P\pi1_25[1].exe Medium TargetSavers C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\P5KVCI6P\stub_113_4_0_4_0[1].exe High Trojan.Startpage.AW C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\YWDJDZJT\timessquare[1].exe High MediaMotor C:\RECYCLER\S-1-5-21-1060284298-746137067-1957994488-1003\Dc10.ocx High MediaMotor C:\RECYCLER\S-1-5-21-1060284298-746137067-1957994488-1003\Dc11.exe High MediaMotor C:\RECYCLER\S-1-5-21-1060284298-746137067-1957994488-1003\Dc2.exe High Trojan.Startpage.AW C:\RECYCLER\S-1-5-21-1060284298-746137067-1957994488-1003\Dc4.exe High E2.Give C:\RECYCLER\S-1-5-21-1060284298-746137067-1957994488-1003\Dc6.dll High E2.Give C:\RECYCLER\S-1-5-21-1060284298-746137067-1957994488-1003\Dc7.exe High MediaMotor C:\RECYCLER\S-1-5-21-1060284298-746137067-1957994488-1003\Dc8.tlb High I-Search Desktop Search Toolbar C:\WINDOWS\VXNlcg\asappsrv.dll Elevated I-Search Desktop Search Toolbar C:\WINDOWS\VXNlcg\command.exe Elevated I-Search Desktop Search Toolbar C:\WINDOWS\VXNlcg\prh5w0.vbs |
Hallo Iolanthe, Dein System ist bei weitem nicht in Ordnung. Einige Eiträge weisen auf eine Backdoor-Torjaner hin, daher mein Rat: http://www.trojaner-board.de/showthread.php?t=12154 dartus |
| Alle Zeitangaben in WEZ +1. Es ist jetzt 13:34 Uhr. |
Copyright ©2000-2025, Trojaner-Board