Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   IE öffnet sich ständig (https://www.trojaner-board.de/54177-ie-oeffnet-staendig.html)

JanisStorhas 17.06.2008 23:04
IE öffnet sich ständig
 
Hallo,

und zwar habe ich das Problem , dass sich bei mir ständig der IE öffnet, obwohl ich ausschliesslich Mozilla Firefox verwende.

Dazu hier mein logfile :

Log created by WinPatrol version 15.0.2008.0:15.0.2008.0
Scan saved at 0:02:29 AM, on 6/18/2008
Platform: Windows XP SP2 Home Edition Service Pack 2 (Build 2600)
MSIE: Internet Explorer (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRAMME\ANTIVIR PERSONALEDITION CLASSIC\avguard.exe
C:\PROGRAMME\GEMEINSAME DATEIEN\Acronis\SCHEDULE2\schedul2.exe
C:\PROGRAMME\ANTIVIR PERSONALEDITION CLASSIC\sched.exe
C:\PROGRAMME\FRITZ!DSL\IGDCTRL.EXE
C:\PROGRAMME\Google\Common\GOOGLE UPDATER\GOOGLEUPDATERSERVICE.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\PROGRAMME\ALCOHOL SOFT\ALCOHOL 120\StarWind\STARWINDSERVICE.EXE
C:\PROGRAMME\GEMEINSAME DATEIEN\Acronis\Fomatik\TRUEIMAGETRYSTARTSERVICE.EXE
C:\WINDOWS\explorer.exe
C:\PROGRAMME\VentSrv\VENTRILO_SVC.EXE
C:\PROGRAMME\VentSrv\VENTRILO_SRV.EXE
C:\WINDOWS\TBPanel.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\RTHDCPL.exe
C:\PROGRAMME\Java\JRE1.6.0_03\bin\jusched.exe
C:\PROGRAMME\ANTIVIR PERSONALEDITION CLASSIC\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRAMME\Steam\steam.exe
C:\PROGRAMME\WINDOWS LIVE\MESSENGER\msnmsgr.exe
C:\PROGRAMME\DNA\btdna.exe
C:\PROGRAMME\FRITZ!DSL\StCenter.exe
C:\PROGRAMME\Logitech\SetPoint\SetPoint.exe
C:\PROGRAMME\OPENOFFICE.ORG 2.3\program\soffice.exe
C:\PROGRAMME\OPENOFFICE.ORG 2.3\program\soffice.bin
C:\PROGRAMME\GEMEINSAME DATEIEN\Logitech\KHALSHARED\KHALMNPR.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRAMME\WINDOWS LIVE\MESSENGER\usnsvc.exe
C:\Programme\MOZILLA FIREFOX\firefox.exe
C:\PROGRAMME\INTERNET EXPLORER\iexplore.exe
C:\PROGRAMME\BILLP STUDIOS\WINPATROL\WINPATROL.EXE
C:\PROGRAMME\BILLP STUDIOS\WINPATROL\WINPATROLEX.EXE
C:\WINDOWS\system32\notepad.exe
C:\PROGRAMME\GEMEINSAME DATEIEN\MICROSOFT SHARED\WINDOWS LIVE\WLLOGINPROXY.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
O1 - Hosts: 127.
O2 - BHO: - {02478D38-C3F9-4efb-9B51-7695ECA05670} -
O2 - BHO: XTTBPos00 Class - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\Programme\ICQToolbar\toolbaru.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Outerinfo - {2E9D4C81-9F27-4c14-B804-7B0F6BC88A4F} - C:\Programme\Outerinfo\Outerinfo.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: - {7E853D72-626A-48EC-A868-BA8D5E23E045} -
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [Gainward]C:\WINDOWS\TBPanel.exe /A
O4 - HKLM\..\Run: [NvCplDaemon]C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz]nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter]C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL]RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr]ALCMTR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched]C:\Programme\Java\jre1.6.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer]KHALMNPR.EXE
O4 - HKLM\..\Run: [avgnt]C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe /min
O4 - HKLM\..\Run: [QuickTime Task]C:\Programme\QuickTime\qttask.exe -atboottime
O4 - HKLM\..\Run: [CAMP SHIM EXIT HECK]C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\That Face Camp Shim\platform coal.exe
O4 - HKLM\..\Run: [WinPatrol]C:\Programme\BillP Studios\WinPatrol\winpatrol.exe -expressboot
O4 - HKCU\..\Run: [CTFMON.EXE]C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Steam]c:\programme\steam\steam.exe -silent
O4 - HKCU\..\Run: [MsnMsgr]C:\Programme\Windows Live\Messenger\MsnMsgr.Exe /background
O4 - HKCU\..\Run: [OuterinfoUpdate]C:\Programme\Outerinfo\OuterinfoUpdate.exe
O4 - HKCU\..\Run: [BitTorrent DNA]C:\Programme\DNA\btdna.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk=C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: FRITZ!DSL Startcenter.lnk=C:\Programme\FRITZ!DSL\StCenter.exe
O4 - Global Startup: Logitech SetPoint.lnk=C:\Programme\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Adobe Gamma.lnk=C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: FRITZ!DSL Startcenter.lnk=C:\Programme\FRITZ!DSL\StCenter.exe
O4 - Global Startup: OpenOffice.org 2.3.lnk=C:\Programme\OpenOffice.org 2.3\program\quickstart.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Programme\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: In neuer Registerkarte im Hintergrund öffnen - res://C:\Programme\Windows Live Toolbar\Components\de-de\msntabres.dll.mui/229?4976a117652446518f9e35ec51c48edc
O8 - Extra context menu item: In neuer Registerkarte im Vordergrund öffnen - res://C:\Programme\Windows Live Toolbar\Components\de-de\msntabres.dll.mui/230?4976a117652446518f9e35ec51c48edc
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O11 - Options group: [Java (Sun)] Java (Sun) - C:\Programme\Java\jre1.6.0_03\bin
O11 - Options group: [] -
O14 - IERESET.INF: START_PAGE_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
O14 - IERESET.INF: SEARCH_PAGE_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
O14 - IERESET.INF:HKCU, Start Page = %START_PAGE_URL%
O14 - IERESET.INF:HKLM, Default_Page_URL = %START_PAGE_URL%
O14 - IERESET.INF:HKLM, Default_Search_URL = %SEARCH_PAGE_URL%
O14 - IERESET.INF:HKLM, Search Page = %SEARCH_PAGE_URL%
O14 - IERESET.INF:HKCU, Search Page = %SEARCH_PAGE_URL%
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_03) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} (Java Plug-in 1.6.0_02) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} (Java Plug-in 1.6.0_03) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 1.6.0_03) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
O21 - WPDShServiceObj - WPDShServiceObj Class - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Acronis Scheduler2 Service - Acronis - C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Planer - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Anwendungsverwaltung - - C:\WINDOWS\System32\appmgmts.dll
O23 - Service: AVM IGD CTRL Service - AVM Berlin - C:\Programme\FRITZ!DSL\IGDCTRL.EXE
O23 - Service: AVM FRITZ!web Routing Service - AVM Berlin - C:\Programme\Gemeinsame Dateien\AVM\De_serv.exe
O23 - Service: Google Updater Service - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Eingabegerätezugang - - C:\WINDOWS\System32\hidserv.dll
O23 - Service: NVIDIA Display Driver Service - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: StarWind iSCSI Service - Rocket Division Software - C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Acronis Try And Decide Service - - C:\Programme\Gemeinsame Dateien\Acronis\Fomatik\TrueImageTryStartService.exe
O23 - Service: Ventrilo - - C:\Programme\VentSrv\ventrilo_svc.exe
O24 - Desktop Component 0: Die derzeitige Homepage - About:Home

--- Additional WinPatrol Info ---
Default Browser: Firefox - Firefox version 2.0.0.14
MSIE: Internet Explorer (6.00.2900.2180)
Firefox 2.0.0.14 installed in C:\Programme\Mozilla Firefox.
302 IE Cookies in Folder: C:\Dokumente und Einstellungen\Janis\Cookies\
946 Mozilla Cookies in Folder: C:\Dokumente und Einstellungen\Janis\Anwendungsdaten\Mozilla\FireFox\Profiles\d3h47599.default

WP00 - HKLM\CS1: BootExecute = autocheck autochk *
WP00 - HKLM\CCS: BootExecute = autocheck autochk *
WP00 - HKLM\CS2: BootExecute = autocheck autochk *
WP02 - HKLM\CCS: Command = C:\WINDOWS\system32\cmd.exe

WP03 - Windows Automatic Update = 4:Empfohlene Updates automatisch herunterladen und installieren.


WP08 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix: Default = http://
WP08 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes: www = http://

WP31 - Scheduled Tasks: [Norton Security Scan.job]C:\Programme\Norton Security Scan\Nss.exe 05/16/2008 3:00 PM
WP31 - Scheduled Tasks: [Auf Updates für Windows Live Toolbar prüfen.job]C:\Programme\Windows Live Toolbar\MSNTBUP.EXE 06/17/2008 11:33 PM
WP31 - Scheduled Tasks: [AppleSoftwareUpdate.job]C:\Programme\Apple Software Update\SoftwareUpdate.exe 05/15/2008 3:15 PM
WP31 - Scheduled Tasks: [AB13DB3091845110.job]c:\Dokumente und Einstellungen\Janis\Anwendungsdaten\help 64 deaf\Poke Wma Regs.exe 06/18/2008 12:00 AM

WP16 - ActiveX: {2D360201-FFF5-11D1-8D03-00A0C959BC0A} [DHTML Edit Control Safe for Scripting for IE5] C:\PROGRAMME\GEMEINSAME DATEIEN\MICROSOFT SHARED\Triedit\dhtmled.ocx 6.01.9232
WP16 - ActiveX: {333C7BC4-460F-11D0-BC04-0080C7055A83} [Tabular Data Control] C:\WINDOWS\system32\tdc.ocx 1, 3, 0, 3130
WP16 - ActiveX: {55136805-B2DE-11D1-B9F2-00A0C98BC547} [Shell Name Space] C:\WINDOWS\system32\shdocvw.dll 6.00.2900.3354
WP16 - ActiveX: {6BF52A52-394A-11D3-B153-00C04F79FAA6} [Windows Media Player] C:\WINDOWS\system32\wmp.dll 11.0.5721.5230
WP16 - ActiveX: {8856F961-340A-11D0-A96B-00C04FD705A2} [Microsoft Webbrowser] C:\WINDOWS\system32\shdocvw.dll 6.00.2900.3354
WP16 - ActiveX: {B45FF030-4447-11D2-85DE-00C04FA35C89} [SearchAssistantOC] C:\WINDOWS\system32\shdocvw.dll 6.00.2900.3354
WP16 - ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} [Shockwave Flash Object] C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx 9,0,16,0
WP16 - ActiveX: {05589fa1-c356-11ce-bf01-00aa0055595a} [ActiveMovieControl Object] C:\WINDOWS\system32\wmpdxm.dll 11.0.5721.5145
WP16 - ActiveX: {1D2B4F40-1F10-11D1-9E88-00C04FDCAB92} [ThumbCtl Class] C:\WINDOWS\system32\webvw.dll 6.00.2900.2180
WP16 - ActiveX: {52a2aaae-085d-4187-97ea-8c30db990436} [HHCtrl Object] C:\WINDOWS\system32\hhctrl.ocx 5.2.3790.2847
WP16 - ActiveX: {8856F961-340A-11D0-A96B-00C04FD705A2} [Microsoft Webbrowser] C:\WINDOWS\system32\shdocvw.dll 6.00.2900.3354
WP16 - ActiveX: {AE24FDAE-03C6-11D1-8B76-0080C744F389} [Microsoft Scriptlet Component] C:\WINDOWS\system32\mshtml.dll 6.00.2900.3354
WP16 - ActiveX: {CA8A9780-280D-11CF-A24D-444553540000} [Adobe PDF Reader] C:\PROGRAMME\GEMEINSAME DATEIEN\Adobe\Acrobat\ActiveX\AcroPDF.dll
WP16 - ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} [Shockwave Flash Object] C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx 9,0,16,0
WP16 - ActiveX: {E5DF9D10-3B52-11D1-83E8-00A0C90DC849} [WebViewFolderIcon Class] C:\WINDOWS\system32\webvw.dll 6.00.2900.2180

WP32 - Hidden File: C:\boot.ini
WP32 - Hidden File: C:\bootfont.bin
WP32 - Hidden File: C:\IO.SYS
WP32 - Hidden File: C:\MSDOS.SYS
WP32 - Hidden File: C:\NTDETECT.COM
WP32 - Hidden File: C:\ntldr
WP32 - Hidden File: C:\pagefile.sys
WP32 - Hidden File: C:\sqmdata00.sqm
WP32 - Hidden File: C:\sqmdata01.sqm
WP32 - Hidden File: C:\sqmdata02.sqm
WP32 - Hidden File: C:\sqmdata03.sqm
WP32 - Hidden File: C:\sqmdata04.sqm
WP32 - Hidden File: C:\sqmdata05.sqm
WP32 - Hidden File: C:\sqmdata06.sqm
WP32 - Hidden File: C:\sqmdata07.sqm
WP32 - Hidden File: C:\sqmdata08.sqm
WP32 - Hidden File: C:\sqmdata09.sqm
WP32 - Hidden File: C:\sqmdata10.sqm
WP32 - Hidden File: C:\sqmdata11.sqm
WP32 - Hidden File: C:\sqmnoopt00.sqm
WP32 - Hidden File: C:\sqmnoopt01.sqm
WP32 - Hidden File: C:\sqmnoopt02.sqm
WP32 - Hidden File: C:\sqmnoopt03.sqm
WP32 - Hidden File: C:\sqmnoopt04.sqm
WP32 - Hidden File: C:\sqmnoopt05.sqm
WP32 - Hidden File: C:\sqmnoopt06.sqm
WP32 - Hidden File: C:\sqmnoopt07.sqm
WP32 - Hidden File: C:\sqmnoopt08.sqm
WP32 - Hidden File: C:\sqmnoopt09.sqm
WP32 - Hidden File: C:\sqmnoopt10.sqm
WP32 - Hidden File: C:\sqmnoopt11.sqm
WP32 - Hidden File: C:\WINDOWS\QTFont.qfn
WP32 - Hidden File: C:\WINDOWS\super.chm
WP32 - Hidden File: C:\WINDOWS\WindowsShell.Manifest
WP32 - Hidden File: C:\WINDOWS\winnt.bmp
WP32 - Hidden File: C:\WINDOWS\winnt256.bmp
WP32 - Hidden File: C:\WINDOWS\system32\AVSredirect.dll
WP32 - Hidden File: C:\WINDOWS\system32\cdplayer.exe.manifest
WP32 - Hidden File: C:\WINDOWS\system32\config\default.LOG
WP32 - Hidden File: C:\WINDOWS\system32\config\SAM.LOG
WP32 - Hidden File: C:\WINDOWS\system32\config\SECURITY.LOG

WP33 - File Type .AVI: [Winamp media file]C:\Programme\Winamp\winamp.exe %1
WP33 - File Type .BAT: [Stapelverarbeitungsdatei für MS-DOS]%1 %*
WP33 - File Type .CAB: [WinRAR-Archiv]C:\Programme\WinRAR\WinRAR.exe %1
WP33 - File Type .CAT: [Sicherheitskatalog]rundll32.exe cryptext.dll,CryptExtOpenCAT %1
WP33 - File Type .CHM: [Kompilierte HTML-Hilfedatei]C:\WINDOWS\hh.exe %1
WP33 - File Type .COM: [Anwendung für MS-DOS]%1 %*
WP33 - File Type .CMD: [Befehlsskript von Windows NT]%1 %*
WP33 - File Type .DOC: [Microsoft Word Dokument]C:\Programme\OpenOffice.org 2.3\program\soffice.exe -writer -o %1
WP33 - File Type .EML: [Outlook Express-E-Mail-Nachricht]C:\Programme\Outlook Express\msimn.exe /eml:%1
WP33 - File Type .EXE: [Anwendung]%1 %*
WP33 - File Type .INF: [Setup-Informationen]C:\WINDOWS\System32\NOTEPAD.EXE %1
WP33 - File Type .JS: [JScript-Skriptdatei]C:\WINDOWS\System32\WScript.exe %1 %*
WP33 - File Type .LOG: [Textdatei]C:\WINDOWS\system32\NOTEPAD.EXE %1
WP33 - File Type .MSI: [Windows Installer Package]C:\WINDOWS\System32\msiexec.exe /i %1 %*
WP33 - File Type .MID: [Winamp media file]C:\Programme\Winamp\winamp.exe %1
WP33 - File Type .MP3: [Winamp media file]C:\Programme\Winamp\winamp.exe %1
WP33 - File Type .MP3: [AIMP2]C:\Programme\AIMP2\AIMP2.exe %1
WP33 - File Type .PIF: [Verknüpfung mit einer Anwendung für MS-DOS]%1 %*
WP33 - File Type .REG: [Registrierungsdatei]regedit.exe %1
WP33 - File Type .RTF: [soffice.exe -writer -]C:\Programme\OpenOffice.org 2.3\program\soffice.exe -writer -o %1
WP33 - File Type .SCR: [Bildschirmschoner]%1 /S
WP33 - File Type .TXT: [Textdatei]C:\WINDOWS\system32\NOTEPAD.EXE %1
WP33 - File Type .URL: [Internetverknüpfung]rundll32.exe shdocvw.dll,OpenURL %l
WP33 - File Type .VBS: [VBScript-Skriptdatei]C:\WINDOWS\System32\WScript.exe %1 %*
WP33 - File Type .VBE: [Codierte VBScript-Skriptdatei]C:\WINDOWS\System32\WScript.exe %1 %*
WP33 - File Type .WSF: [Windows-Skriptdatei]C:\WINDOWS\System32\WScript.exe %1 %*
WP33 - File Type .WSH: [Windows Script Host-Einstellungsdatei]C:\WINDOWS\System32\WScript.exe %1 %*
WP33 - File Type .XLS: [Microsoft Excel Tabelle]C:\Programme\OpenOffice.org 2.3\program\soffice.exe -calc -o %1

Memory currently in use: 59%
Physical Memory Free: 419,980 KB
Paging File Free: 1,912,980 KB
Virtual Memory Free: 2,050,556 KB


--
End of file

Danke schonmal im vorraus

mfg Janis Storhas

BataAlexander 18.06.2008 22:23
Du hast Dir über Outerinfo

Zitat:
O4 - HKCU\..\Run: [OuterinfoUpdate]C:\Programme\Outerinfo\OuterinfoUpdate.exe
diesen Eintrag eingehandelt

Zitat:
O4 - HKLM\..\Run: [CAMP SHIM EXIT HECK]C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\That Face Camp Shim\platform coal.exe
Gehe wie hier beschrieben vor, poste dann die Logs.


Alle Zeitangaben in WEZ +1. Es ist jetzt 16:11 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27