Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Pc stürtzt oft ab (https://www.trojaner-board.de/73633-pc-stuertzt-oft-ab.html)

rena200 29.05.2009 18:20
Pc stürtzt oft ab
 
Malwarebytes' Anti-Malware 1.37
Datenbank Version: 2192
Windows 5.1.2600 Service Pack 3

29.05.2009 19:04:39
mbam-log-2009-05-29 (19-04-39).txt

Scan-Methode: Vollständiger Scan (C:\|D:\|E:\|F:\|G:\|)
Durchsuchte Objekte: 166922
Laufzeit: 39 minute(s), 38 second(s)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 7
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 12
Infizierte Dateien: 35

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b7d3e479-cc68-42b5-a338-938ece35f419} (Adware.SoftMate) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c900b400-cdfe-11d3-976a-00e02913a9e0} (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{056738e1-e15c-11d6-b876-0050bf5d85c7} (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{056738ed-e15c-11d6-b876-0050bf5d85c7} (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{056738ee-e15c-11d6-b876-0050bf5d85c7} (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\NetPumper (Adware.NetPumper) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\anti-leech alie (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
C:\Programme\Zango (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\programme\Zango\bin (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\programme\Zango\bin\10.3.79.0 (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\programme\Zango\bin\10.3.79.0\firefox (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\programme\Zango\bin\10.3.79.0\firefox\extensions (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\programme\Zango\bin\10.3.79.0\firefox\extensions\components (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\programme\Zango\bin\10.3.79.0\firefox\extensions\plugins (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\All Users\Anwendungsdaten\ZangoSA (Adware.Zango) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\All Users\Anwendungsdaten\2ACA5CC3-0F83-453D-A079-1076FE1A8B65 (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\programme\Anti-Leech (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
c:\programme\anti-leech\ALIE_1.0.2.2 (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\Renate Matt\Anwendungsdaten\Zango (Adware.Zango) -> Quarantined and deleted successfully.

Infizierte Dateien:
c:\programme\Zango\bin\10.3.79.0\OEAddOn.exe (Adware.Zango) -> Quarantined and deleted successfully.
c:\programme\Zango\bin\10.3.79.0\Srv.exe (Adware.Zango) -> Quarantined and deleted successfully.
c:\programme\Zango\bin\10.3.79.0\Toolbar.dll (Adware.Zango) -> Quarantined and deleted successfully.http://www.trojaner-board.de/images/smilies/willkommen.png:o
c:\programme\Zango\bin\10.3.79.0\Weather.exe (Adware.Zango) -> Quarantined and deleted successfully.
c:\programme\Zango\bin\10.3.79.0\ZangoSA.exe (Adware.Zango) -> Quarantined and deleted successfully.
c:\programme\Zango\bin\10.3.79.0\ZangoSADF.exe (Adware.Zango) -> Quarantined and deleted successfully.
d:\programme\Mulmedia\gdivx player\SuperBarInstall.exe (Adware.SuperBar) -> Quarantined and deleted successfully.
c:\programme\Zango\bin\10.3.79.0\arrow.ico (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\programme\Zango\bin\10.3.79.0\CntntCntr.dll (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\programme\Zango\bin\10.3.79.0\copyright.txt (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\programme\Zango\bin\10.3.79.0\CoreSrv.dll (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\programme\Zango\bin\10.3.79.0\HostIE.dll (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\programme\Zango\bin\10.3.79.0\HostOE.dll (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\programme\Zango\bin\10.3.79.0\HostOL.dll (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\programme\Zango\bin\10.3.79.0\link.ico (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\programme\Zango\bin\10.3.79.0\Wallpaper.dll (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\programme\Zango\bin\10.3.79.0\WeSkin.dll (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\programme\Zango\bin\10.3.79.0\ZangoSAAX.dll (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\programme\Zango\bin\10.3.79.0\ZangoSAHook.dll (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\programme\Zango\bin\10.3.79.0\ZangoUninstaller.exe (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\programme\Zango\bin\10.3.79.0\firefox\extensions\chrome.manifest (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\programme\Zango\bin\10.3.79.0\firefox\extensions\install.rdf (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\programme\Zango\bin\10.3.79.0\firefox\extensions\components\npclntax.xpt (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\programme\Zango\bin\10.3.79.0\firefox\extensions\plugins\npclntax_ZangoSA.dll (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\all users\anwendungsdaten\ZangoSA\ZangoSA.dat (Adware.Zango) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\all users\anwendungsdaten\ZangoSA\ZangoSAAbout.mht (Adware.Zango) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\all users\anwendungsdaten\ZangoSA\ZangoSAau.dat (Adware.Zango) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\all users\anwendungsdaten\ZangoSA\ZangoSAEULA.mht (Adware.Zango) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\all users\anwendungsdaten\ZangoSA\ZangoSA_hpk.dat (Adware.Zango) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\all users\anwendungsdaten\ZangoSA\ZangoSA_kyf_update.dat (Adware.Zango) -> Quarantined and deleted successfully.
c:\programme\anti-leech\alie_1.0.2.2\al2np.dll (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
c:\programme\anti-leech\alie_1.0.2.2\alhlp.exe (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
c:\programme\anti-leech\alie_1.0.2.2\alie.dll (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
c:\programme\anti-leech\alie_1.0.2.2\alie.inf (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
c:\programme\anti-leech\alie_1.0.2.2\iesetup2.exe (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully
:headbang:

Hansebanger 29.05.2009 18:28
Bitte ein hjt noch drauf setzen °°

rena200 29.05.2009 19:32
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:33:43, on 29.05.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\cisvc.exe
C:\Programme\T-Online\Dialerschutz-Software\DFInject.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Programme\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\System32\svchost.exe
D:\PROGRA~1\MICROS~1\Office\OUTLOOK.EXE
C:\WINDOWS\msagent\AgentSvr.exe
C:\Programme\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = eumex.ip;<local>
R3 - URLSearchHook: Yahoo! Toolbar mit Pop-Up-Blocker - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [T-Online Dialerschutz-Software] "C:\Programme\T-Online\Dialerschutz-Software\Defender.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Programme\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = D:\Programme\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Programme\Yahoo!\Common\yinsthelper.dll
O23 - Service: Avira AntiVir Personal – Free Antivirus Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Automatisches LiveUpdate - Scheduler - Symantec Corporation - C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Dialerschutz Dienst (DFSVC) - Unknown owner - C:\Programme\T-Online\Dialerschutz-Software\DFInject.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe

--
End of file - 4259 bytes


Alle Zeitangaben in WEZ +1. Es ist jetzt 18:47 Uhr.

Copyright ©2000-2024, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129