Netz-Treff

Nachricht aus dem Archiv

Royson [Gast] schrieb am 27.June.2010, 21:21:18 in der Kategorie pc.security

Werbung öffnet sich ständig

Hier sind die Logfiles:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:21:12, on 27.06.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\\Windows\\SYSTEM32\\taskeng.exe
C:\\Program Files\\TuneUp Utilities 2010\\TuneUpUtilitiesApp32.exe
C:\\Windows\\Explorer.EXE
C:\\Windows\\Ibeqia.exe
C:\\Users\\Antoschin\\AppData\\Local\\Temp\\Iji.exe
C:\\Program Files\\Acer Arcade Deluxe\\Acer Arcade Deluxe\\ArcadeDeluxeAgent.exe
C:\\Program Files\\Acer Arcade Deluxe\\Acer Arcade Deluxe\\Kernel\\CLML\\CLMLSvc.exe
C:\\Windows\\System32\\rundll32.exe
C:\\Program Files\\AmIcoSingLun\\AmIcoSinglun.exe
C:\\Program Files\\Realtek\\Audio\\HDA\\RtHDVCpl.exe
C:\\Windows\\PLFSetI.exe
C:\\Program Files\\Acer Bio Protection\\PdtWzd.exe
C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe
C:\\Program Files\\Launch Manager\\LManager.exe
C:\\Program Files\\Acer\\Acer PowerSmart Manager\\ePowerTray.exe
C:\\Program Files\\EgisTec Egis Software Update\\EgisUpdate.exe
C:\\Program Files\\Razer\\Diamondback 3G\\razerhid.exe
C:\\Windows\\WindowsMobile\\wmdc.exe
C:\\Windows\\ehome\\ehtray.exe
C:\\Program Files\\Windows Media Player\\wmpnscfg.exe
C:\\Users\\Antoschin\\AppData\\Roaming\\MSA\\mscjm.exe
C:\\Users\\Antoschin\\AppData\\Roaming\\MSA\\mscj.exe
C:\\Windows\\System32\\rundll32.exe
C:\\Program Files\\Acer\\Acer VCM\\AcerVCM.exe
C:\\Windows\\ehome\\ehmsas.exe
C:\\Windows\\System32\\mobsync.exe
C:\\Program Files\\Acer Bio Protection\\PwdBank.exe
C:\\Program Files\\Razer\\Diamondback 3G\\razertra.exe
C:\\Program Files\\Razer\\Diamondback 3G\\razerofa.exe
C:\\Windows\\system32\\wbem\\unsecapp.exe
C:\\Users\\ANTOSC~1\\AppData\\Local\\Temp\\RtkBtMnt.exe
C:\\Program Files\\Internet Explorer\\iexplore.exe
C:\\Program Files\\Synaptics\\SynTP\\SynTPHelper.exe
C:\\Users\\Antoschin\\appdata\\roaming\\msa\\mscj.exe
C:\\Windows\\system32\\NOTEPAD.EXE
C:\\Windows\\system32\\NOTEPAD.EXE
C:\\Program Files\\Mozilla Firefox\\firefox.exe
C:\\Users\\Antoschin\\Downloads\\HiJackThis204.exe

R1 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0409&m=aspire_7738
R0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = http://start.icq.com/
R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0409&m=aspire_7738
R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0409&m=aspire_7738
R0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Search,SearchAssistant =
R0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Search,CustomizeSearch =
R0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {83821C2B-32A8-4DD7-B6D4-44309A78E668} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\\Program Files\\Common Files\\Adobe\\Acrobat\\ActiveX\\AcroIEHelperShim.dll
O2 - BHO: CBAbzockschutz.InitToolbarBHO - {2e250b90-0e7a-42a3-9d65-e39f9f227fa4} - mscoree.dll (file missing)
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\\Program Files\\Common Files\\Microsoft Shared\\Windows Live\\WindowsLiveLogin.dll
O3 - Toolbar: COMPUTERBILD-Abzockschutz - {353e2a48-6254-4bd3-88f4-3b51a0ca7870} - mscoree.dll (file missing)
O4 - HKLM\\..\\Run: [ArcadeDeluxeAgent] \"C:\\Program Files\\Acer Arcade Deluxe\\Acer Arcade Deluxe\\ArcadeDeluxeAgent.exe\"
O4 - HKLM\\..\\Run: [CLMLServer] \"C:\\Program Files\\Acer Arcade Deluxe\\Acer Arcade Deluxe\\Kernel\\CLML\\CLMLSvc.exe\"
O4 - HKLM\\..\\Run: [NvCplDaemon] RUNDLL32.EXE C:\\Windows\\system32\\NvCpl.dll,NvStartup
O4 - HKLM\\..\\Run: [NvMediaCenter] RUNDLL32.EXE C:\\Windows\\system32\\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\\..\\Run: [AmIcoSinglun] C:\\Program Files\\AmIcoSingLun\\AmIcoSinglun.exe
O4 - HKLM\\..\\Run: [RtHDVCpl] C:\\Program Files\\Realtek\\Audio\\HDA\\RtHDVCpl.exe
O4 - HKLM\\..\\Run: [PLFSetI] C:\\Windows\\PLFSetI.exe
O4 - HKLM\\..\\Run: [VitaKeyPdtWzd] c:\\Program Files\\Acer Bio Protection\\PdtWzd.exe
O4 - HKLM\\..\\Run: [SynTPEnh] C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe
O4 - HKLM\\..\\Run: [LManager] C:\\Program Files\\Launch Manager\\LManager.exe
O4 - HKLM\\..\\Run: [Acer ePower Management] C:\\Program Files\\Acer\\Acer PowerSmart Manager\\ePowerTray.exe
O4 - HKLM\\..\\Run: [EgisTecLiveUpdate] \"C:\\Program Files\\EgisTec Egis Software Update\\EgisUpdate.exe\"
O4 - HKLM\\..\\Run: [Diamondback] C:\\Program Files\\Razer\\Diamondback 3G\\razerhid.exe
O4 - HKLM\\..\\Run: [Windows Mobile-based device management] %windir%\\WindowsMobile\\wmdc.exe
O4 - HKLM\\..\\Run: [Ocs_SM] C:\\Users\\Antoschin\\AppData\\Roaming\\OCS\\SM\\SearchAnonymizer.exe
O4 - HKCU\\..\\Run: [ehTray.exe] C:\\Windows\\ehome\\ehTray.exe
O4 - HKCU\\..\\Run: [WMPNSCFG] C:\\Program Files\\Windows Media Player\\WMPNSCFG.exe
O4 - HKCU\\..\\Run: [M5T8QL3YW3] C:\\Users\\Antoschin\\AppData\\Local\\Temp\\Iji.exe
O4 - HKCU\\..\\Run: [mscjm.exe] C:\\Users\\Antoschin\\AppData\\Roaming\\MSA\\mscjm.exe
O4 - HKCU\\..\\Run: [mscj.exe] C:\\Users\\Antoschin\\AppData\\Roaming\\MSA\\mscj.exe
O4 - HKCU\\..\\Run: [p2papp50] rundll32.exe \"C:\\Users\\Antoschin\\AppData\\Local\\p2papp50\\p2papp50.dll\", DllInit
O4 - HKCU\\..\\Run: [mscjm] c:\\users\\antoschin\\appdata\\roaming\\msa\\mscjm.exe
O4 - HKCU\\..\\Run: [mscj] c:\\users\\antoschin\\appdata\\roaming\\msa\\mscj.exe
O4 - HKUS\\S-1-5-19\\..\\Run: [Sidebar] %ProgramFiles%\\Windows Sidebar\\Sidebar.exe /detectMem (User \'LOKALER DIENST\')
O4 - HKUS\\S-1-5-19\\..\\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User \'LOKALER DIENST\')
O4 - HKUS\\S-1-5-20\\..\\Run: [Sidebar] %ProgramFiles%\\Windows Sidebar\\Sidebar.exe /detectMem (User \'NETZWERKDIENST\')
O4 - Global Startup: Acer VCM.lnk = ?
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\\Users\\Antoschin\\AppData\\Roaming\\DVDVideoSoftIEHelpers\\youtubetomp3.htm
O8 - Extra context menu item: Google Sidewiki... - res://C:\\Program Files\\Google\\Google Toolbar\\Component\\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\\PROGRA~1\\MICROS~3\\Office10\\EXCEL.EXE/3000
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\\PROGRA~1\\MICROS~3\\Office12\\EXCEL.EXE/3000
O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\\Program Files\\Windows Live\\Writer\\WriterBrowserExtension.dll
O9 - Extra \'Tools\' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\\Program Files\\Windows Live\\Writer\\WriterBrowserExtension.dll
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\\PROGRA~1\\MICROS~3\\Office12\\ONBttnIE.dll
O9 - Extra \'Tools\' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\\PROGRA~1\\MICROS~3\\Office12\\ONBttnIE.dll
O9 - Extra button: @C:\\Windows\\WindowsMobile\\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\\Windows\\WindowsMobile\\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\\Windows\\WindowsMobile\\INetRepl.dll
O9 - Extra \'Tools\' menuitem: @C:\\Windows\\WindowsMobile\\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\\Windows\\WindowsMobile\\INetRepl.dll
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\\Program Files\\ICQ7.0\\ICQ.exe
O9 - Extra \'Tools\' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\\Program Files\\ICQ7.0\\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\\PROGRA~1\\MICROS~3\\Office12\\REFIEBAR.DLL
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\\PROGRA~1\\COMMON~1\\Skype\\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\\Windows\\system32\\browseui.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\\Windows\\system32\\agrsmsvc.exe
O23 - Service: CLHNService - Unknown owner - C:\\Program Files\\Acer Arcade Deluxe\\HomeMedia\\Kernel\\DMP\\CLHNService.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\\Program Files\\Acer\\Acer PowerSmart Manager\\ePowerSvc.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\\Program Files\\Intel\\WiFi\\bin\\EvtEng.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\\Program Files\\MAGIX\\Common\\Database\\bin\\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\\Program Files\\Common Files\\Macrovision Shared\\FLEXnet Publisher\\FNPLicensingService.exe
O23 - Service: FsUsbExService - Teruten - C:\\Windows\\system32\\FsUsbExService.Exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\\Program Files\\Google\\Update\\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\\Program Files\\Common Files\\InstallShield\\Driver\\1150\\Intel 32\\IDriverT.exe
O23 - Service: EgisTec Service (IGBASVC) - Egis Technology Inc. - c:\\Program Files\\Acer Bio Protection\\BASVC.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\\Program Files\\Common Files\\Sony Shared\\AVLib\\MSCSPTISRV.exe
O23 - Service: MyWinLocker Service (MWLService) - EgisTec Inc. - C:\\Program Files\\EgisTec\\MyWinLocker 3\\x86\\\\MWLService.exe
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\\Program Files\\NewTech Infosystems\\Acer Backup Manager\\IScheduleSvc.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\\Program Files\\NewTech Infosystems\\NTI Backup Now 5\\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\\Program Files\\NewTech Infosystems\\NTI Backup Now 5\\SchedulerSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\\Windows\\system32\\nvvsvc.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\\Program Files\\Common Files\\Sony Shared\\AVLib\\PACSPTISVR.exe
O23 - Service: PnkBstrA - Unknown owner - C:\\Windows\\system32\\PnkBstrA.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\\Program Files\\Common Files\\Intel\\WirelessCommon\\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\\Program Files\\WinPcap\\rpcapd.exe
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\\Program Files\\Acer\\Acer VCM\\RS_Service.exe
O23 - Service: S3D Service (Win32) - iZ3D Inc. - C:\\Program Files\\iZ3D Driver\\Win32\\S3DCService.exe
O23 - Service: SearchAnonymizer - Unknown owner - C:\\Users\\Antoschin\\AppData\\Roaming\\OCS\\SM\\SearchAnonymizerHelper.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\\Program Files\\Common Files\\Sony Shared\\AVLib\\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\\Program Files\\Common Files\\Sony Shared\\AVLib\\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\\Program Files\\Common Files\\Sony Shared\\AVLib\\SSScsiSV.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\\Program Files\\Common Files\\Steam\\SteamService.exe
O23 - Service: @C:\\Program Files\\TuneUp Utilities 2010\\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\\Program Files\\TuneUp Utilities 2010\\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\\Program Files\\TuneUp Utilities 2010\\TuneUpUtilitiesService32.exe
O23 - Service: WEP/WPA-PMK key recovery service (WZCOOK) - Unknown owner - C:\\Users\\Antoschin\\Downloads\\aircrack-ng-1.0-win\\aircrack-ng-1.0-win\\bin\\wzcook.exe

--
End of file - 12196 bytes

Werbung öffnet sich ständig Royson [Gast] - 27.June.2010, 19:36:29 - (pc.security)
- Werbung öffnet sich ständig GagstGast [Gast] - 28.June.2010, 04:08:21
- Werbung öffnet sich ständig Hausdoc - 27.June.2010, 19:42:45
  - Werbung öffnet sich ständig Royson [Gast] - 27.June.2010, 21:21:18
    - Werbung öffnet sich ständig Hausdoc - 27.June.2010, 21:35:56
    - Werbung öffnet sich ständig Hausdoc - 27.June.2010, 21:24:43
      - Werbung öffnet sich ständig Royson [Gast] - 27.June.2010, 21:27:44
        Werbung öffnet sich ständig Royson [Gast] - 27.June.2010, 21:28:30
        Werbung öffnet sich ständig Hausdoc - 27.June.2010, 21:31:58
        Werbung öffnet sich ständig Royson [Gast] - 27.June.2010, 21:36:47
        Werbung öffnet sich ständig cosinus - 30.June.2010, 13:30:12
        Werbung öffnet sich ständig Hausdoc - 27.June.2010, 21:39:05
        Werbung öffnet sich ständig Royson [Gast] - 27.June.2010, 21:41:12
        Werbung öffnet sich ständig Hausdoc - 27.June.2010, 21:44:00
        Werbung öffnet sich ständig Royson [Gast] - 28.June.2010, 13:18:31
        Werbung öffnet sich ständig Royson [Gast] - 28.June.2010, 13:19:05