Internet Explorer Startseite immer about:blank

#0
05.06.2007, 22:17
...neu hier

Beiträge: 5
#1 Hallo, hier nun mein eigener Thread zu folgendem Problem:

Nach einem Systemneustart wird die Startseite des IE immer wieder auf eine leere, weiße Seite zurückgesetzt (about:blank). Scannen mit diversen Tools (Kaspersky AV Pro, Ad-Aware, Spybot) brachten kein Ergebnis, sprich keine infizierten Dateien. Keine Abhilfe des Problems brachte auch die von MS empfohlene Prozedur http://support.microsoft.com/kb/320159/de.

Hier nun mein Combofix.log:

"Rolando" - 2007-06-05 22:09:37 Service Pack 2 NTFS
ComboFix 07-06-3 - Running from: "E:\Downloads\Zeug\"


((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\WINDOWS\system32\a.exe


((((((((((((((((((((((((( Files Created from 2007-05-05 to 2007-06-05 )))))))))))))))))))))))))))))))


2007-06-05 21:43 69,632 --a------ C:\WINDOWS\system32\remove.exe
2007-06-05 18:39 <DIR> d-------- C:\WINDOWS\pss
2007-06-05 12:04 <DIR> d-------- C:\DOKUME~1\ALLUSE~1\ANWEND~1\Spybot - Search & Destroy
2007-06-05 09:21 <DIR> d-------- C:\DOKUME~1\Rolando\ANWEND~1\Talkback
2007-06-05 09:20 0 --a------ C:\WINDOWS\nsreg.dat
2007-06-04 11:06 8,704 --a------ C:\WINDOWS\system32\sporder.dll
2007-06-04 11:06 76,800 --a------ C:\WINDOWS\system32\mstsdsc.exe
2007-06-04 11:06 130,048 --a------ C:\WINDOWS\system32\tmwsock.dll
2007-06-03 12:07 <DIR> d-------- C:\rFactor
2007-05-23 09:29 16,384 --a------ C:\WINDOWS\system32\FileOps.exe
2007-05-23 09:24 <DIR> d-------- C:\WINDOWS\Adobe Illustrator CS
2007-05-20 02:30 8,576 --a------ C:\WINDOWS\system32\drivers\hidgame.sys
2007-05-20 02:22 545 --a------ C:\WINDOWS\eReg.dat
2007-05-18 11:03 90,112 --a------ C:\WINDOWS\system32\RegDACL.exe
2007-05-18 11:03 9,006 --a------ C:\clean.bat
2007-05-18 11:03 86,528 --a------ C:\WINDOWS\system32\catchme.exe
2007-05-18 11:03 53,248 --a------ C:\WINDOWS\system32\process.exe
2007-05-18 11:03 4,096 --a------ C:\WINDOWS\system32\reboot.exe
2007-05-16 23:02 <DIR> d-------- C:\DOKUME~1\Rolando\ANWEND~1\InterVideo
2007-05-16 22:59 <DIR> d-------- C:\Programme\MSXML 4.0
2007-05-16 22:58 204,800 --a------ C:\WINDOWS\system32\IVIresizeW7.dll
2007-05-16 22:58 200,704 --a------ C:\WINDOWS\system32\IVIresizeA6.dll
2007-05-16 22:58 20,480 --a------ C:\WINDOWS\system32\IVIresize.dll
2007-05-16 22:58 192,512 --a------ C:\WINDOWS\system32\IVIresizeP6.dll
2007-05-16 22:58 192,512 --a------ C:\WINDOWS\system32\IVIresizeM6.dll
2007-05-16 22:58 188,416 --a------ C:\WINDOWS\system32\IVIresizePX.dll
2007-05-16 22:58 <DIR> d-------- C:\Programme\InterVideo Information Service
2007-05-16 22:58 <DIR> d-------- C:\Programme\Gemeinsame Dateien\InterVideo
2007-05-16 22:57 <DIR> d-------- C:\Programme\InterVideo
2007-05-09 13:29 98,304 --a------ C:\WINDOWS\system32\msir3jp.dll
2007-05-09 13:29 9,216 --a------ C:\WINDOWS\system32\kbdnecAT.dll
2007-05-09 13:29 838,144 --a------ C:\WINDOWS\system32\chtbrkr.dll
2007-05-09 13:29 811,064 --a------ C:\WINDOWS\system32\imjp81k.dll
2007-05-09 13:29 76,288 --a------ C:\WINDOWS\system32\uniime.dll
2007-05-09 13:29 70,656 --a------ C:\WINDOWS\system32\korwbrkr.dll
2007-05-09 13:29 7,680 --a------ C:\WINDOWS\system32\kbdnecNT.dll
2007-05-09 13:29 7,168 --a------ C:\WINDOWS\system32\kbdnec95.dll
2007-05-09 13:29 7,168 --a------ C:\WINDOWS\system32\kbdibm02.dll
2007-05-09 13:29 7,168 --a------ C:\WINDOWS\system32\f3ahvoas.dll
2007-05-09 13:29 6,656 --a------ C:\WINDOWS\system32\kbdlk41a.dll
2007-05-09 13:29 6,656 --a------ C:\WINDOWS\system32\c_is2022.dll
2007-05-09 13:29 6,144 --a------ C:\WINDOWS\system32\kbdlk41j.dll
2007-05-09 13:29 6,144 --a------ C:\WINDOWS\system32\kbdax2.dll
2007-05-09 13:29 6,144 --a------ C:\WINDOWS\system32\kbd106n.dll
2007-05-09 13:29 6,144 --a------ C:\WINDOWS\system32\kbd101a.dll
2007-05-09 13:29 6,144 --a------ C:\WINDOWS\system32\kbd101.dll
2007-05-09 13:29 218,112 --a------ C:\WINDOWS\system32\c_g18030.dll
2007-05-09 13:29 1,677,824 --a------ C:\WINDOWS\system32\chsbrkr.dll
2007-05-09 13:27 8,704 --a------ C:\WINDOWS\system32\kbdjpn.dll
2007-05-09 13:27 8,192 --a------ C:\WINDOWS\system32\kbdkor.dll
2007-05-09 13:27 6,144 --a------ C:\WINDOWS\system32\kbd106.dll
2007-05-09 13:27 6,144 --a------ C:\WINDOWS\system32\kbd101c.dll
2007-05-09 13:27 6,144 --a------ C:\WINDOWS\system32\kbd101b.dll
2007-05-09 13:27 5,632 --a------ C:\WINDOWS\system32\kbd103.dll


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-06-05 16:00:11 -------- d-----w C:\Programme\ZModeler
2007-06-05 16:00:11 -------- d-----w C:\Programme\The All-Seeing Eye
2007-06-05 16:00:09 -------- d-----w C:\Programme\3dsmax7
2007-06-05 09:34:46 -------- d-----w C:\Programme\Zoom Player
2007-06-04 17:16:54 -------- d-----w C:\DOKUME~1\Rolando\ANWEND~1\teamspeak2
2007-06-03 21:41:30 -------- d-----w C:\Programme\eMule
2007-06-02 17:31:16 -------- d-----w C:\Programme\Steam
2007-05-23 07:26:54 -------- d--h--w C:\Programme\InstallShield Installation Information
2007-04-26 00:36:42 -------- d-----w C:\Programme\TZR GTR2 MotecAdd
2007-04-20 14:42:34 -------- d-----w C:\Programme\CDViewer
2007-04-15 09:24:13 -------- d-----w C:\Programme\CSGTR2
2007-04-14 10:13:47 -------- d-----w C:\DOKUME~1\Rolando\ANWEND~1\uTorrent
2007-04-14 09:11:29 639,224 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2007-04-09 13:51:29 22,584 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
2007-04-09 13:49:55 99,904 ----a-w C:\WINDOWS\system32\PnkBstrB.exe
2007-04-07 15:46:26 -------- d-----w C:\Programme\RADVideo
2007-04-05 11:49:23 108,144 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
2007-04-04 15:13:26 63,040 ----a-w C:\WINDOWS\system32\PnkBstrA.exe
2007-04-01 12:49:41 249,856 ----a-w C:\WINDOWS\Setup1.exe
2007-04-01 12:49:40 73,216 ----a-w C:\WINDOWS\ST6UNST.EXE
2007-03-25 09:02:01 72,504 ----a-w C:\WINDOWS\system32\perfc007.dat
2007-03-25 09:02:01 408,340 ----a-w C:\WINDOWS\system32\perfh007.dat
2006-04-09 03:30:50 8 --sh--r C:\WINDOWS\system32\ACA313A996.sys


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Babylon Client"="C:\Programme\Babylon\Babylon.exe" [2006-04-11 02:18]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"updateMgr"="C:\Programme\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2005-10-24 15:53]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2002-12-31 14:00]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoRecentDocsHistory"=1 (0x1)
"ClearRecentDocsOnExit"=1 (0x1)
"NoSharedDocuments"=00000000
"NoRecentDocsMenu"=01000000
"NoSMHelp"=01000000

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost *netsvcs*


**************************************************************************

catchme 0.3.692 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-06-05 22:11:18
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

C:\WINDOWS\NeroDigital.ini:KAVICHS 228 bytes hidden from API
C:\WINDOWS\netfxocm.log:KAVICHS 36 bytes hidden from API
C:\WINDOWS\NOTEPAD.EXE:KAVICHS 100 bytes hidden from API
C:\WINDOWS\ntdtcsetup.log:KAVICHS 36 bytes hidden from API
C:\WINDOWS\ocgen.log:KAVICHS 36 bytes hidden from API
C:\WINDOWS\ocmsn.log:KAVICHS 36 bytes hidden from API
C:\WINDOWS\ODBC.INI:KAVICHS 100 bytes hidden from API
C:\WINDOWS\ODBCINST.INI:KAVICHS 36 bytes hidden from API
C:\WINDOWS\OEWABLog.txt:KAVICHS 68 bytes hidden from API
C:\WINDOWS\PhysicsEditor.ini:KAVICHS 228 bytes hidden from API
C:\WINDOWS\Porsche Cup 2007 - Carset Setup Log.txt:KAVICHS 68 bytes hidden from API
C:\WINDOWS\spupdsvc.log:KAVICHS 132 bytes hidden from API
C:\WINDOWS\ST6UNST.EXE:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system.ini:KAVICHS 36 bytes hidden from API
C:\WINDOWS\tabletoc.log:KAVICHS 36 bytes hidden from API
C:\WINDOWS\TASKMAN.EXE:KAVICHS 68 bytes hidden from API
C:\WINDOWS\tsoc.log:KAVICHS 36 bytes hidden from API
C:\WINDOWS\twain.dll:KAVICHS 36 bytes hidden from API
C:\WINDOWS\twain_32.dll:KAVICHS 100 bytes hidden from API
C:\WINDOWS\twunk_16.exe:KAVICHS 68 bytes hidden from API
C:\WINDOWS\twunk_32.exe:KAVICHS 68 bytes hidden from API
C:\WINDOWS\unvise32qt.exe:KAVICHS 68 bytes hidden from API
C:\WINDOWS\updspapi.log:KAVICHS 36 bytes hidden from API
C:\WINDOWS\vb.ini:KAVICHS 36 bytes hidden from API
C:\WINDOWS\vbaddin.ini:KAVICHS 36 bytes hidden from API
C:\WINDOWS\VehVwr.INI:KAVICHS 36 bytes hidden from API
C:\WINDOWS\Fächer.bmp:KAVICHS 36 bytes hidden from API
C:\WINDOWS\Granit.bmp:KAVICHS 36 bytes hidden from API
C:\WINDOWS\hh.exe:KAVICHS 132 bytes hidden from API
C:\WINDOWS\iis6.log:KAVICHS 36 bytes hidden from API
C:\WINDOWS\iltwain.ini:KAVICHS 68 bytes hidden from API
C:\WINDOWS\imsins.BAK:KAVICHS 36 bytes hidden from API
C:\WINDOWS\imsins.log:KAVICHS 36 bytes hidden from API
C:\WINDOWS\INRESGER.DLL:KAVICHS 68 bytes hidden from API
C:\WINDOWS\IsUn0407.exe:KAVICHS 228 bytes hidden from API
C:\WINDOWS\IsUninst.exe:KAVICHS 132 bytes hidden from API
C:\WINDOWS\iun6002.exe:KAVICHS 68 bytes hidden from API
C:\WINDOWS\Kaffeetasse.bmp:KAVICHS 36 bytes hidden from API
C:\WINDOWS\KB822603.log:KAVICHS 68 bytes hidden from API
C:\WINDOWS\KB873339.log:KAVICHS 36 bytes hidden from API
C:\WINDOWS\KB885250.log:KAVICHS 36 bytes hidden from API
C:\WINDOWS\KB885835.log:KAVICHS 36 bytes hidden from API
C:\WINDOWS\KB885836.log:KAVICHS 36 bytes hidden from API
C:\WINDOWS\KB885884.log:KAVICHS 68 bytes hidden from API
C:\WINDOWS\KB886185.log:KAVICHS 36 bytes hidden from API
C:\WINDOWS\KB887742.log:KAVICHS 36 bytes hidden from API
C:\WINDOWS\KB887797.log:KAVICHS 36 bytes hidden from API
C:\WINDOWS\KB888113.log:KAVICHS 36 bytes hidden from API
C:\WINDOWS\KB888302.log:KAVICHS 36 bytes hidden from API
C:\WINDOWS\KB890046.log:KAVICHS 36 bytes hidden from API
C:\WINDOWS\KB890859.log:KAVICHS 36 bytes hidden from API
C:\WINDOWS\KB891781.log:KAVICHS 36 bytes hidden from API
C:\WINDOWS\KB893756.log:KAVICHS 68 bytes hidden from API
C:\WINDOWS\KB893803v2.log:KAVICHS 36 bytes hidden from API
C:\WINDOWS\remove.iss:KAVICHS 68 bytes hidden from API
C:\WINDOWS\Rhododendron.bmp:KAVICHS 36 bytes hidden from API
C:\WINDOWS\Santa Fe-Stuck.bmp:KAVICHS 36 bytes hidden from API
C:\WINDOWS\SchedLgU.Txt:KAVICHS 228 bytes hidden from API
C:\WINDOWS\Seifenblase.bmp:KAVICHS 36 bytes hidden from API
C:\WINDOWS\sessmgr.setup.log:KAVICHS 36 bytes hidden from API
C:\WINDOWS\setup.log:KAVICHS 36 bytes hidden from API
C:\WINDOWS\Setup1.exe:KAVICHS 100 bytes hidden from API
C:\WINDOWS\setupact.log:KAVICHS 100 bytes hidden from API
C:\WINDOWS\setupapi.log:KAVICHS 228 bytes hidden from API
C:\WINDOWS\WGA.log:KAVICHS 132 bytes hidden from API
C:\WINDOWS\wiadebug.log:KAVICHS 68 bytes hidden from API
C:\WINDOWS\wiaservc.log:KAVICHS 228 bytes hidden from API
C:\WINDOWS\win.ini:KAVICHS 36 bytes hidden from API
C:\WINDOWS\WindowsUpdate.log:KAVICHS 228 bytes hidden from API
C:\WINDOWS\winhelp.exe:KAVICHS 68 bytes hidden from API
C:\WINDOWS\winhlp32.exe:KAVICHS 100 bytes hidden from API
C:\WINDOWS\winnt.bmp:KAVICHS 36 bytes hidden from API
C:\WINDOWS\winnt256.bmp:KAVICHS 36 bytes hidden from API
C:\WINDOWS\wmprfDEU.prx:KAVICHS 100 bytes hidden from API
C:\WINDOWS\wmsetup.log:KAVICHS 228 bytes hidden from API
C:\WINDOWS\WMSysPr9.prx:KAVICHS 36 bytes hidden from API
C:\WINDOWS\wsftperr.log:KAVICHS 228 bytes hidden from API
C:\WINDOWS\xpsp1hfm.log:KAVICHS 68 bytes hidden from API
C:\WINDOWS\Zapotek.bmp:KAVICHS 36 bytes hidden from API
C:\WINDOWS\Zmodeler.ini:KAVICHS 228 bytes hidden from API
C:\WINDOWS\_default.pif:KAVICHS 68 bytes hidden from API
C:\WINDOWS\{00000001-00000000-00000009-00001102-00000004-00521102}.BAK:KAVICHS 36 bytes hidden from API
C:\WINDOWS\{00000001-00000000-00000009-00001102-00000004-00521102}.CDF:KAVICHS 36 bytes hidden from API
C:\WINDOWS\CTDV10K1.CDF:KAVICHS 36 bytes hidden from API
C:\WINDOWS\Feder.bmp:KAVICHS 36 bytes hidden from API
C:\WINDOWS\KB905915.log:KAVICHS 36 bytes hidden from API
C:\WINDOWS\KB917953.log:KAVICHS 228 bytes hidden from API
C:\WINDOWS\Porsche Cup Carset Setup Log.txt:KAVICHS 36 bytes hidden from API
C:\WINDOWS\regopt.log:KAVICHS 36 bytes hidden from API
C:\WINDOWS\vmmreg32.dll:KAVICHS 36 bytes hidden from API
C:\WINDOWS\CTDV10K2.CDF:KAVICHS 36 bytes hidden from API
C:\WINDOWS\CTDVAUDY.CDF:KAVICHS 36 bytes hidden from API
C:\WINDOWS\CTHELPER.EXEqrjaty:KAVICHS 100 bytes hidden from API
C:\WINDOWS\DIFx.log:KAVICHS 68 bytes hidden from API
C:\WINDOWS\DirectX.log:KAVICHS 228 bytes hidden from API
C:\WINDOWS\DtcInstall.log:KAVICHS 36 bytes hidden from API
C:\WINDOWS\eReg.dat:KAVICHS 36 bytes hidden from API
C:\WINDOWS\eSellerateEngine.dll:KAVICHS 36 bytes hidden from API
C:\WINDOWS\explorer.exe:KAVICHS 164 bytes hidden from API
C:\WINDOWS\explorer.scf:KAVICHS 36 bytes hidden from API
C:\WINDOWS\FaxSetup.log:KAVICHS 36 bytes hidden from API
C:\WINDOWS\KB894391.log:KAVICHS 36 bytes hidden from API
C:\WINDOWS\KB896358.log:KAVICHS 36 bytes hidden from API
C:\WINDOWS\KB896422.log:KAVICHS 68 bytes hidden from API
C:\WINDOWS\KB896423.log:KAVICHS 36 bytes hidden from API
C:\WINDOWS\KB896424.log:KAVICHS 36 bytes hidden from API
C:\WINDOWS\KB896428.log:KAVICHS 36 bytes hidden from API
C:\WINDOWS\KB898461.log:KAVICHS 36 bytes hidden from API
C:\WINDOWS\KB899587.log:KAVICHS 36 bytes hidden from API
C:\WINDOWS\KB899589.log:KAVICHS 68 bytes hidden from API
C:\WINDOWS\KB899591.log:KAVICHS 36 bytes hidden from API
C:\WINDOWS\KB900485.log:KAVICHS 132 bytes hidden from API
C:\WINDOWS\KB900725.log:KAVICHS 36 bytes hidden from API
C:\WINDOWS\KB901017.log:KAVICHS 36 bytes hidden from API
C:\WINDOWS\KB901214.log:KAVICHS 36 bytes hidden from API
C:\WINDOWS\KB902400.log:KAVICHS 36 bytes hidden from API
C:\WINDOWS\KB904706.log:KAVICHS 36 bytes hidden from API
C:\WINDOWS\KB905414.log:KAVICHS 36 bytes hidden from API
C:\WINDOWS\KB905749.log:KAVICHS 36 bytes hidden from API
C:\WINDOWS\3DSIMED.INI:KAVICHS 68 bytes hidden from API
C:\WINDOWS\accessdll.log:KAVICHS 36 bytes hidden from API
C:\WINDOWS\Angler.bmp:KAVICHS 36 bytes hidden from API
C:\WINDOWS\avmadd32.log:KAVICHS 68 bytes hidden from API
C:\WINDOWS\avmsysnet.log:KAVICHS 36 bytes hidden from API
C:\WINDOWS\Blaue Spitzen 16.bmp:KAVICHS 36 bytes hidden from API
C:\WINDOWS\bootstat.dat:KAVICHS 228 bytes hidden from API
C:\WINDOWS\clock.avi:KAVICHS 36 bytes hidden from API
C:\WINDOWS\cmsetacl.log:KAVICHS 36 bytes hidden from API
C:\WINDOWS\comsetup.log:KAVICHS 36 bytes hidden from API
C:\WINDOWS\CTDCRES.DLL:KAVICHS 68 bytes hidden from API
C:\WINDOWS\CTDCRGER.DLL:KAVICHS 68 bytes hidden from API
C:\WINDOWS\KB908519.log:KAVICHS 36 bytes hidden from API
C:\WINDOWS\KB908531.log:KAVICHS 196 bytes hidden from API
C:\WINDOWS\KB910437.log:KAVICHS 36 bytes hidden from API
C:\WINDOWS\KB911280.log:KAVICHS 228 bytes hidden from API
C:\WINDOWS\KB911562.log:KAVICHS 196 bytes hidden from API
C:\WINDOWS\KB911564.log:KAVICHS 36 bytes hidden from API
C:\WINDOWS\KB911565.log:KAVICHS 36 bytes hidden from API
C:\WINDOWS\KB911567.log:KAVICHS 196 bytes hidden from API
C:\WINDOWS\KB911927.log:KAVICHS 36 bytes hidden from API
C:\WINDOWS\KB912812.log:KAVICHS 228 bytes hidden from API
C:\WINDOWS\KB912919.log:KAVICHS 36 bytes hidden from API
C:\WINDOWS\KB913446.log:KAVICHS 36 bytes hidden from API
C:\WINDOWS\KB913580.log:KAVICHS 228 bytes hidden from API
C:\WINDOWS\KB914388.log:KAVICHS 228 bytes hidden from API
C:\WINDOWS\KB914389.log:KAVICHS 100 bytes hidden from API
C:\WINDOWS\KB916595.log:KAVICHS 228 bytes hidden from API
C:\WINDOWS\KB917159.log:KAVICHS 228 bytes hidden from API
C:\WINDOWS\KB917344.log:KAVICHS 228 bytes hidden from API
C:\WINDOWS\KB917422.log:KAVICHS 132 bytes hidden from API
C:\WINDOWS\KB917734.log:KAVICHS 68 bytes hidden from API
C:\WINDOWS\Porsche Cup Soundset Setup Log.txt:KAVICHS 36 bytes hidden from API
C:\WINDOWS\Präriewind.bmp:KAVICHS 36 bytes hidden from API
C:\WINDOWS\PSCONV.EXE:KAVICHS 68 bytes hidden from API
C:\WINDOWS\READREG.EXE:KAVICHS 68 bytes hidden from API
C:\WINDOWS\regedit.exe:KAVICHS 100 bytes hidden from API
C:\WINDOWS\REGLOCS.OLD:KAVICHS 68 bytes hidden from API
C:\WINDOWS\KB918439.log:KAVICHS 228 bytes hidden from API
C:\WINDOWS\KB918899.log:KAVICHS 132 bytes hidden from API
C:\WINDOWS\KB919007.log:KAVICHS 228 bytes hidden from API
C:\WINDOWS\KB920214.log:KAVICHS 228 bytes hidden from API
C:\WINDOWS\KB920670.log:KAVICHS 228 bytes hidden from API
C:\WINDOWS\KB920683.log:KAVICHS 228 bytes hidden from API
C:\WINDOWS\KB920685.log:KAVICHS 228 bytes hidden from API
C:\WINDOWS\KB920872.log:KAVICHS 132 bytes hidden from API
C:\WINDOWS\KB921398.log:KAVICHS 132 bytes hidden from API
C:\WINDOWS\KB921883.log:KAVICHS 228 bytes hidden from API
C:\WINDOWS\KB922582.log:KAVICHS 36 bytes hidden from API
C:\WINDOWS\KB922616.log:KAVICHS 228 bytes hidden from API
C:\WINDOWS\LOGI_MWX.EXE:KAVICHS 132 bytes hidden from API
C:\WINDOWS\MedCtrOC.log:KAVICHS 36 bytes hidden from API
C:\WINDOWS\MIDIDEF.EXE:KAVICHS 68 bytes hidden from API
C:\WINDOWS\msdfmap.ini:KAVICHS 36 bytes hidden from API
C:\WINDOWS\msgsocm.log:KAVICHS 36 bytes hidden from API
C:\WINDOWS\msmqinst.log:KAVICHS 36 bytes hidden from API
C:\WINDOWS\system32\$winnt$.inf:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\12520437.cpx:KAVICHS 36 bytes hidden from API
C:\WINDOWS\system32\12520850.cpx:KAVICHS 36 bytes hidden from API
C:\WINDOWS\system32\6to4svc.dll:KAVICHS 36 bytes hidden from API
C:\WINDOWS\system32\a15.tbl:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\a234.tbl:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\a3d.dll:KAVICHS 36 bytes hidden from API
C:\WINDOWS\system32\aaaamon.dll:KAVICHS 36 bytes hidden from API
C:\WINDOWS\system32\AC3API.DLL:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\ACA313A996.sys:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\access.cpl:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\acctres.dll:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\accwiz.exe:KAVICHS 100 bytes hidden from API
C:\WINDOWS\system32\acelpdec.ax:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\acledit.dll:KAVICHS 36 bytes hidden from API
C:\WINDOWS\system32\icwdial.dll:KAVICHS 36 bytes hidden from API
C:\WINDOWS\system32\icwphbk.dll:KAVICHS 36 bytes hidden from API
C:\WINDOWS\system32\ideograf.uce:KAVICHS 36 bytes hidden from API
C:\WINDOWS\system32\idq.dll:KAVICHS 36 bytes hidden from API
C:\WINDOWS\system32\ie4uinit.exe:KAVICHS 100 bytes hidden from API
C:\WINDOWS\system32\ieakeng.dll:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\ieaksie.dll:KAVICHS 36 bytes hidden from API
C:\WINDOWS\system32\ieakui.dll:KAVICHS 36 bytes hidden from API
C:\WINDOWS\system32\iedkcs32.dll:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\ieencode.dll:KAVICHS 36 bytes hidden from API
C:\WINDOWS\system32\iepeers.dll:KAVICHS 228 bytes hidden from API
C:\WINDOWS\system32\iernonce.dll:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\iesetup.dll:KAVICHS 36 bytes hidden from API
C:\WINDOWS\system32\ieuinit.inf:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\iexpress.exe:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\ifmon.dll:KAVICHS 36 bytes hidden from API
C:\WINDOWS\system32\ifsutil.dll:KAVICHS 36 bytes hidden from API
C:\WINDOWS\system32\igmpagnt.dll:KAVICHS 36 bytes hidden from API
C:\WINDOWS\system32\apcups.dll:KAVICHS 36 bytes hidden from API
C:\WINDOWS\system32\append.exe:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\apphelp.dll:KAVICHS 196 bytes hidden from API
C:\WINDOWS\system32\appmgmts.dll:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\appmgr.dll:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\appwiz.cpl:KAVICHS 100 bytes hidden from API
C:\WINDOWS\system32\arp.exe:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\arphr.tbl:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\arptr.tbl:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\array30.tab:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\arrayhw.tab:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\asctrls.ocx:KAVICHS 36 bytes hidden from API
C:\WINDOWS\system32\asferror.dll:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\asfsipc.dll:KAVICHS 228 bytes hidden from API
C:\WINDOWS\system32\asr_fmt.exe:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\asr_ldm.exe:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\asr_pfu.exe:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\asycfilt.dll:KAVICHS 100 bytes hidden from API
C:\WINDOWS\system32\at.exe:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\ATHPRXY.DLL:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\atkctrs.dll:KAVICHS 36 bytes hidden from API
C:\WINDOWS\system32\atl.dll:KAVICHS 132 bytes hidden from API
C:\WINDOWS\system32\atmadm.exe:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\atmfd.dll:KAVICHS 100 bytes hidden from API
C:\WINDOWS\system32\atmlib.dll:KAVICHS 132 bytes hidden from API
C:\WINDOWS\system32\atmpvcno.dll:KAVICHS 36 bytes hidden from API
C:\WINDOWS\system32\atrace.dll:KAVICHS 36 bytes hidden from API
C:\WINDOWS\system32\attrib.exe:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\Audigy.bmp:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\audiosrv.dll:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\auditusr.exe:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\authz.dll:KAVICHS 132 bytes hidden from API
C:\WINDOWS\system32\control.exe:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\convert.exe:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\corpol.dll:KAVICHS 36 bytes hidden from API
C:\WINDOWS\system32\country.sys:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\cPopMenu6.ocx:KAVICHS 100 bytes hidden from API
C:\WINDOWS\system32\credui.dll:KAVICHS 100 bytes hidden from API
C:\WINDOWS\system32\crtdll.dll:KAVICHS 132 bytes hidden from API
C:\WINDOWS\system32\crypt32.dll:KAVICHS 132 bytes hidden from API
C:\WINDOWS\system32\cryptdlg.dll:KAVICHS 36 bytes hidden from API
C:\WINDOWS\system32\cryptdll.dll:KAVICHS 100 bytes hidden from API
C:\WINDOWS\system32\cryptext.dll:KAVICHS 100 bytes hidden from API
C:\WINDOWS\system32\cryptnet.dll:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\cryptsvc.dll:KAVICHS 100 bytes hidden from API
C:\WINDOWS\system32\cryptui.dll:KAVICHS 132 bytes hidden from API
C:\WINDOWS\system32\cscdll.dll:KAVICHS 132 bytes hidden from API
C:\WINDOWS\system32\cscript.exe:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\cscui.dll:KAVICHS 100 bytes hidden from API
C:\WINDOWS\system32\csrsrv.dll:KAVICHS 132 bytes hidden from API
C:\WINDOWS\system32\csrss.exe:KAVICHS 100 bytes hidden from API
C:\WINDOWS\system32\c_28592.nls:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\c_28593.nls:KAVICHS 36 bytes hidden from API
C:\WINDOWS\system32\C_28594.NLS:KAVICHS 36 bytes hidden from API
C:\WINDOWS\system32\C_28595.NLS:KAVICHS 36 bytes hidden from API
C:\WINDOWS\system32\C_28597.NLS:KAVICHS 36 bytes hidden from API
C:\WINDOWS\system32\c_28598.nls:KAVICHS 36 bytes hidden from API
C:\WINDOWS\system32\c_28599.nls:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\c_28603.nls:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\c_28605.nls:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\c_437.nls:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\c_500.nls:KAVICHS 36 bytes hidden from API
C:\WINDOWS\system32\c_737.nls:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\c_775.nls:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\c_850.nls:KAVICHS 36 bytes hidden from API
C:\WINDOWS\system32\c_852.nls:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\c_855.nls:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\c_857.nls:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\c_860.nls:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\c_861.nls:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\c_863.nls:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\c_865.nls:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\c_866.nls:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\c_869.nls:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\c_874.nls:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\c_875.nls:KAVICHS 36 bytes hidden from API
C:\WINDOWS\system32\c_932.nls:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\c_936.nls:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\c_949.nls:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\c_950.nls:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\c_g18030.dll:KAVICHS 228 bytes hidden from API
C:\WINDOWS\system32\c_is2022.dll:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\d3d8.dll:KAVICHS 100 bytes hidden from API
C:\WINDOWS\system32\d3d8thk.dll:KAVICHS 100 bytes hidden from API
C:\WINDOWS\system32\d3d9.dll:KAVICHS 100 bytes hidden from API
C:\WINDOWS\system32\d3dim.dll:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\d3dim700.dll:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\d3dpmesh.dll:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\d3dramp.dll:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\cards.dll:KAVICHS 36 bytes hidden from API
C:\WINDOWS\system32\catchme.exe:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\catsrv.dll:KAVICHS 36 bytes hidden from API
C:\WINDOWS\system32\catsrvps.dll:KAVICHS 36 bytes hidden from API
C:\WINDOWS\system32\catsrvut.dll:KAVICHS 36 bytes hidden from API
C:\WINDOWS\system32\ccfgnt.dll:KAVICHS 36 bytes hidden from API
C:\WINDOWS\system32\cdfview.dll:KAVICHS 132 bytes hidden from API
C:\WINDOWS\system32\cdm.dll:KAVICHS 36 bytes hidden from API
C:\WINDOWS\system32\cdmodem.dll:KAVICHS 36 bytes hidden from API
C:\WINDOWS\system32\cdosys.dll:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\certcli.dll:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\certmgr.dll:KAVICHS 36 bytes hidden from API
C:\WINDOWS\system32\certmgr.msc:KAVICHS 36 bytes hidden from API
C:\WINDOWS\system32\cewmdm.dll:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\cfgbkend.dll:KAVICHS 36 bytes hidden from API
C:\WINDOWS\system32\cfgmgr32.dll:KAVICHS 164 bytes hidden from API
C:\WINDOWS\system32\chajei.ime:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\Channels anzeigen.scf:KAVICHS 36 bytes hidden from API
C:\WINDOWS\system32\charmap.exe:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\chcp.com:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\chkdsk.exe:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\aclui.dll:KAVICHS 132 bytes hidden from API
C:\WINDOWS\system32\advpack.dll:KAVICHS 132 bytes hidden from API
C:\WINDOWS\system32\ansi.sys:KAVICHS 36 bytes hidden from API
C:\WINDOWS\system32\autochk.exe:KAVICHS 100 bytes hidden from API
C:\WINDOWS\system32\blastcln.exe:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\capesnpn.dll:KAVICHS 36 bytes hidden from API
C:\WINDOWS\system32\chkntfs.exe:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\cmd.exe:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\comdlg32.dll:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\console.dll:KAVICHS 36 bytes hidden from API
C:\WINDOWS\system32\csseqchk.dll:KAVICHS 36 bytes hidden from API
C:\WINDOWS\system32\ctl3d32.dll:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\c_10017.nls:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\c_28591.nls:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\d3drm.dll:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\dayi.ime:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\defrag.exe:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\diskcopy.dll:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\dmremote.exe:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\dpnaddr.dll:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\driverquery.exe:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\dssec.dat:KAVICHS 36 bytes hidden from API
C:\WINDOWS\system32\ega.cpi:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\d3dx9_24.dll:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\d3dx9_25.dll:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\d3dx9_26.dll:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\d3dx9_27.dll:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\d3dx9_28.dll:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\d3dx9_29.dll:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\d3dx9_30.dll:KAVICHS 228 bytes hidden from API
C:\WINDOWS\system32\d3dx9_31.dll:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\d3dx9_32.dll:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\d3dxof.dll:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\danim.dll:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\dao360.dll:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\DartSock.dll:KAVICHS 100 bytes hidden from API
C:\WINDOWS\system32\dataclen.dll:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\datime.dll:KAVICHS 36 bytes hidden from API
C:\WINDOWS\system32\davclnt.dll:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\daxctle.ocx:KAVICHS 36 bytes hidden from API
C:\WINDOWS\system32\diskmgmt.msc:KAVICHS 36 bytes hidden from API
C:\WINDOWS\system32\diskpart.exe:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\diskperf.exe:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\dispex.dll:KAVICHS 100 bytes hidden from API
C:\WINDOWS\system32\DivX.dll:KAVICHS 100 bytes hidden from API
C:\WINDOWS\system32\divxdec.ax:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\divxdec_0407.dll:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\divxdec_040c.dll:KAVICHS 36 bytes hidden from API
C:\WINDOWS\system32\divxdec_0411.dll:KAVICHS 36 bytes hidden from API
C:\WINDOWS\system32\DivXMedia.ax:KAVICHS 36 bytes hidden from API
C:\WINDOWS\system32\DivXsm.exe:KAVICHS 100 bytes hidden from API
C:\WINDOWS\system32\divxsm.tlb:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\divx_xx07.dll:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\divx_xx0c.dll:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\divx_xx11.dll:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\dllhost.exe:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\dllhst3g.exe:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\dmadmin.exe:KAVICHS 100 bytes hidden from API
C:\WINDOWS\system32\dmband.dll:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\dmcompos.dll:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\dmconfig.dll:KAVICHS 36 bytes hidden from API
C:\WINDOWS\system32\dmdlgs.dll:KAVICHS 36 bytes hidden from API
C:\WINDOWS\system32\dmdskmgr.dll:KAVICHS 36 bytes hidden from API
C:\WINDOWS\system32\dmdskres.dll:KAVICHS 36 bytes hidden from API
C:\WINDOWS\system32\dmime.dll:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\dmintf.dll:KAVICHS 36 bytes hidden from API
C:\WINDOWS\system32\dmloader.dll:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\dmocx.dll:KAVICHS 68 bytes hidden from API
C:\WINDOWS\system32\drmclien.dll:KAVICHS 132 bytes hidden from API
C:\WINDOWS\system32\drmstor.dll:KAVICHS 228 bytes hidden from API
**************************************************************************

Completion time: 2007-06-05 22:12:09
C:\ComboFix-quarantined-files.txt ... 2007-06-05 22:11

--- E O F ---
--------------------------------------------------------------------------
--------------------------------------------------------------------------

und mein Hijack This log:

Logfile of HijackThis v1.99.1
Scan saved at 22:22:32, on 05.06.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Gemeinsame Dateien\Autodesk Shared\Service\AdskScSrv.exe
C:\Programme\FRITZ!DSL\IGDCTRL.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\SFMGR\sfmgr.exe
C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe
C:\windows\system32\mstsdsc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Programme\internet explorer\iexplore.exe
C:\Programme\Mozilla Firefox\firefox.exe
E:\Downloads\Zeug\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.de
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
O2 - BHO: (no name) - {C68AE9C0-0909-4DDC-B661-C1AFB9F5AE53} - (no file)
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\Programme\MegauploadToolbar\megauploadtoolbar.dll
O4 - HKLM\..\Run: [Babylon Client] C:\Programme\Babylon\Babylon.exe -AutoStart
O4 - HKCU\..\Run: [updateMgr] "C:\Programme\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\tmwsock.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1144504932375
O16 - DPF: {BE833F39-1E0C-468C-BA70-25AAEE55775E} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4DCBE35E-B573-4F66-AB55-78EFBC12CF00}: NameServer = 192.168.122.252,192.168.122.253
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Autodesk Licensing Service - Unknown owner - C:\Programme\Gemeinsame Dateien\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVM IGD CTRL Service - AVM Berlin - C:\Programme\FRITZ!DSL\IGDCTRL.EXE
O23 - Service: AVM FRITZ!web Routing Service (de_serv) - AVM Berlin - C:\Programme\Gemeinsame Dateien\AVM\de_serv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: kavsvc - Kaspersky Lab - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: CaReTaKeR-CT NetMgr 1.2.1 (sfmgr) - Unknown owner - C:\SFMGR\sfmgr.exe
O23 - Service: FrontLine Drivers Auto Removal (v2) (sfrem02) - Protection Technology (StarForce) - C:\WINDOWS\system32\sfrem02.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Programme\TuneUp Utilities 2006\WinStylerThemeSvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe

Ich hoffe es ist alles richtig so, vielen Dank schonmal für die bisherige Hilfe!
Seitenanfang Seitenende
05.06.2007, 22:46
Ehrenmitglied
Avatar Argus

Beiträge: 6028
#2 LSPFix
lade Dir LSPFix
Starten > Häckchen bei "i know what I'm doing" > Remove tmwsock.dll von Links nach Rechts -> "Finish" anklicken

Entferne
c:\windows\system32\tmwsock.dll

Download SDFix zum Desktop

Starte im abgesicherten Modus:
http://www.bsi.bund.de/av/texte/wiederher.htm

SDFix.zip entpacken
unter C:\ findet man nun den SDFix-Ordner

Doppelklick RunThis.bat
Schreibe: Y folge allen Anweisungen
Dann wird der Rechner neustarten
SDFix entfernt jetzt die gefundene Objekte
Kopiere den Inhalt des Berichts “SophosReport.txt” der jetzt auf dein Desktop steht in diesen Thread
Und ein log von Hijack This
__________
MfG Argus
Seitenanfang Seitenende
06.06.2007, 13:39
...neu hier

Themenstarter

Beiträge: 5
#3 So, weiter geht's:


SDFix: Version 1.86

Run by Rolando - 06.06.2007 - 13:36:20,00

Microsoft Windows XP [Version 5.1.2600]

Running From: C:\DOKUME~1\Rolando\Desktop\SDFix

Safe Mode:
Checking Services:






Restoring Windows Registry Values
Restoring Windows Default Hosts File
Restoring Missing Security Center Service
Restoring Missing SharedAccess Service

Rebooting...


Normal Mode:
Checking Files:

Below files will be copied to Backups folder then removed:

C:\WINDOWS\system32\mstsdsc.exe - Deleted



Removing Temp Files...

ADS Check:

Checking if ADS is attached to system32 Folder
C:\WINDOWS\system32
No streams found.

Checking if ADS is attached to svchost.exe
C:\WINDOWS\system32\svchost.exe
No streams found.

Checking if ADS is attached to ntoskrnl.exe
C:\WINDOWS\system32\ntoskrnl.exe
No streams found.



Final Check:

Remaining Services:
------------------



Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

Remaining Files:
---------------

Backups Folder: - C:\DOKUME~1\Rolando\Desktop\SDFix\backups\backups.zip

Listing Files with Hidden Attributes:

C:\Programme\Gemeinsame Dateien\Adobe\ESD\DLMCleanup.exe
C:\Programme\Ipswitch\WS_FTP Pro\wsftpgui.exe-CommandBars
C:\WINDOWS\system32\ACA313A996.sys

Listing User Accounts:

Benutzerkonten fr \\MOTHER

Administrator ASPNET Gast
Hilfeassistent Rolando SUPPORT_388945a0
Der Befehl wurde erfolgreich ausgefhrt.


Finished

-------------------------------------------------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 13:45:58, on 06.06.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Gemeinsame Dateien\Autodesk Shared\Service\AdskScSrv.exe
C:\Programme\FRITZ!DSL\IGDCTRL.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\SFMGR\sfmgr.exe
C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Mozilla Firefox\firefox.exe
E:\Downloads\Zeug\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.de
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
O2 - BHO: (no name) - {C68AE9C0-0909-4DDC-B661-C1AFB9F5AE53} - (no file)
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\Programme\MegauploadToolbar\megauploadtoolbar.dll
O4 - HKLM\..\Run: [Babylon Client] C:\Programme\Babylon\Babylon.exe -AutoStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [updateMgr] "C:\Programme\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1144504932375
O16 - DPF: {BE833F39-1E0C-468C-BA70-25AAEE55775E} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4DCBE35E-B573-4F66-AB55-78EFBC12CF00}: NameServer = 192.168.122.252,192.168.122.253
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Autodesk Licensing Service - Unknown owner - C:\Programme\Gemeinsame Dateien\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVM IGD CTRL Service - AVM Berlin - C:\Programme\FRITZ!DSL\IGDCTRL.EXE
O23 - Service: AVM FRITZ!web Routing Service (de_serv) - AVM Berlin - C:\Programme\Gemeinsame Dateien\AVM\de_serv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: kavsvc - Kaspersky Lab - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: CaReTaKeR-CT NetMgr 1.2.1 (sfmgr) - Unknown owner - C:\SFMGR\sfmgr.exe
O23 - Service: FrontLine Drivers Auto Removal (v2) (sfrem02) - Protection Technology (StarForce) - C:\WINDOWS\system32\sfrem02.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Programme\TuneUp Utilities 2006\WinStylerThemeSvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe

Edit: Also es scheint so, daß das Problem behoben ist. Zumindest "merkt" sich der IE auch nach einem Systemneustart die Startseite. ;)
Mitlerweile habe ich allerdings das wohl einzig richtige gemacht, ich nutze jetzt Firefox.
Vielen lieben Dank an dich Arnold, top Support!!
Dieser Beitrag wurde am 06.06.2007 um 13:48 Uhr von Raidonsan editiert.
Seitenanfang Seitenende
06.06.2007, 14:10
Ehrenmitglied
Avatar Argus

Beiträge: 6028
#4 Zum MegauploadToolbar folgendes
http://www.file.net/prozess/megauploadtoolbar.dll.html

Schliesse alle Fenster und starte Hijack This
Klicke: Do a Systemscan only
Setze ein Häckchen in das Kästchen vor den genannten Eintrag bei

O2 - BHO: (no name) - {C68AE9C0-0909-4DDC-B661-C1AFB9F5AE53} - (no file)
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\Programme\MegauploadToolbar\megauploadtoolbar.dll

klicke: Fix checked

Entferne C:\Programme\MegauploadToolbar\megauploadtoolbar.dll

C:\Qoobox – loeschen und Papierkorb leeren

TIP:Adobe Reader version 8 http://www.adobe.com/de/products/reader/
__________
MfG Argus
Seitenanfang Seitenende
06.06.2007, 14:53
...neu hier

Themenstarter

Beiträge: 5
#5 Ich kann mich nur vor deiner Kompetenz verneigen ;)
Nochmals vielen Dank!
Seitenanfang Seitenende