Werbung öffnet in neuer Registerkarte

lade es nochmals von hier: http://www.afterdawn.com/software/desktop_software/desktop_security/smitfraudfix.cfm

anschliessend start im abgesichertem Modus und nochmals versuchen

 

Bin durch und hab diesen Report bekommen:

SmitFraudFix v2.387

Scan done at 12:58:11,44, 24.12.2008
Run from C:\Users\uwe\Desktop\SmitfraudFix
OS: Microsoft Windows [Version 6.0.6001] - Windows_NT
The filesystem type is NTFS
Fix run in safe mode

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Killing process


»»»»»»»»»»»»»»»»»»»»»»»» hosts


127.0.0.1 localhost
::1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
...

»»»»»»»»»»»»»»»»»»»»»»»» VACFix

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix

S!Ri's WS2Fix: LSP not Found.


»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files


»»»»»»»»»»»»»»»»»»»»»»»» IEDFix

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» Agent.OMZ.Fix

Agent.OMZ.Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

 

der Rest kann noch etwas dauern, da brauch selbst ich Hilfe

 

http://virus-protect.org/artikel/tools/navilog.html

bitte Punkt 1 und 2 ausführen

 

Muss ich das auch wieder im abgesicherten Modus machen oder kann ich das einfach so machen?

 

machs im abgesichertem

 

Ist durch. Habe nun diese beiden Log bekommen:

Fixnavi

Search Navipromo version 3.7.0 began on 25.12.2008 at 18:27:59,96

!!! Warning, this report may include legitimate files/programs !!!
!!! Post this report on the forum you are being helped !!!
!!! Don't continue with removal unless instructed by an authorized helper !!!

Fix running from C:\Program Files\navilog1

Updated on 10.12.2008 at 21h00 by IL-MAFIOSO

Microsoft® Windows Vista™ Home Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : uwe ( Administrator )
BOOT : Fail-safe boot

Antivirus : Norton 360 Online 2007 (Activated)
Firewall : Norton 360 Online 2007 (Activated)

C:\ (Local Disk) - NTFS - Total:445 Go (Free:347 Go)
D:\ (Local Disk) - FAT32 - Total:19 Go (Free:10 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)


Search done in safe mode

*** Searching for installed Software ***


*** Search folders in "C:\Windows" ***


*** Search folders in "C:\Program Files" ***


*** Search folders in "c:\progra~2\micros~1\windows\startm~1\programs" ***


*** Search folders in "c:\progra~2\micros~1\windows\startm~1" ***


*** Search folders in "C:\ProgramData" ***


*** Search folders in "c:\users\uwe\appdata\roaming\micros~1\windows\startm~1\programs" ***


*** Search folders in "C:\Users\uwe\AppData\Local\virtualstore\Program Files" ***

...\InternetGameBox found !

*** Search folders in "C:\Users\uwe\AppData\Roaming" ***


*** Search folders in "C:\Users\IUSR_N~1\appdata\roaming" ***


*** Search with Catchme-rootkit/stealth malware detector by gmer ***
for more info : http://www.gmer.net



*** Search with GenericNaviSearch ***
!!! Possibility of legitimate files in the result !!!
!!! Must always be checked before manually deleting !!!

* Scan in "C:\Windows\system32" *

* Scan in "C:\Users\uwe\AppData\Local\Microsoft" *

* Scan in "C:\Users\uwe\AppData\Local\virtualstore\windows\system32" *

* Scan in "C:\Users\uwe\AppData\Local" *

* Scan in "C:\Users\IUSR_N~1\AppData\Local" *



*** Search files ***



*** Search specific Registry keys ***
!! Following keys are not certainly all infected !!


*** Complementary Search ***
(Search specific files)

1)Search new Instant Access files :


2)Heuristic Search :

* In "C:\Windows\system32" :


* In "C:\Users\uwe\AppData\Local\Microsoft" :


* In "C:\Users\uwe\AppData\Local\virtualstore\windows\system32" :


* In "C:\Users\uwe\AppData\Local" :


* In "C:\Users\IUSR_N~1\AppData\Local" :


3)Certificates Search :

Egroup certificate not found !
Electronic-Group certificate found !
Montorgueil certificate not found !
OOO-Favorit certificate found !
Sunny-Day-Design-Ltd certificate not found !

4)Search others known folders and files :



*** Search completed on 25.12.2008 at 18:35:05,14 ***


Cleannavi:

Navipromo Removal version 3.7.0 started on 25.12.2008 at 18:35:52,78

Fix running from C:\Program Files\navilog1

Updated on 10.12.2008 at 21h00 by IL-MAFIOSO

Microsoft® Windows Vista™ Home Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : uwe ( Administrator )
BOOT : Fail-safe boot

Antivirus : Norton 360 Online 2007 (Activated)
Firewall : Norton 360 Online 2007 (Activated)

C:\ (Local Disk) - NTFS - Total:445 Go (Free:347 Go)
D:\ (Local Disk) - FAT32 - Total:19 Go (Free:10 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)


Automatic removal
with Catchme and GNS results


Cleanning stage done in safe mode


*** fsbl1.txt not found ***
(Check that Catchme found nothing in Search Mode)


*** Deleting with Backups GenericNaviSearch results ***

* Deletion in "C:\Windows\System32" *


* Deletion in "C:\Users\uwe\AppData\Local\Microsoft" *


* Deletion in "C:\Users\uwe\AppData\Local\virtualstore\windows\system32" *


* Deletion in "C:\Users\uwe\AppData\Local" *


* Deletion in "C:\Users\IUSR_N~1\AppData\Local" *



*** Deleting folders in "C:\Windows" ***


*** Deleting folders in "C:\Program Files" ***


*** Deleting folders in "c:\progra~2\micros~1\windows\startm~1\programs" ***


*** Deleting folders in "c:\progra~2\micros~1\windows\startm~1" ***


*** Deleting folders in "C:\ProgramData" ***


*** Deleting folders in c:\users\uwe\appdata\roaming\micros~1\windows\startm~1\programs ***


*** Deleting folders in "C:\Users\IUSR_N~1\appdata\roaming\micros~1\windows\startm~1\programs" ***


*** Deleting folders in "C:\Users\uwe\AppData\Local\virtualstore\Program Files" ***

...\InternetGamebox ...deleting...
...\InternetGamebox deleted !


*** Deleting folders in "C:\Users\uwe\AppData\Roaming" ***


*** Deleting folders in "C:\Users\IUSR_N~1\appdata\roaming" ***



*** Deleting files ***


*** Deleting temporary files ***

Cleaning of C:\Windows\Temp done !
Cleaning of C:\Users\uwe\AppData\Local\Temp done !

*** Complementary Search ***
(Search specific files)

1)Deletion with backups new Instant Access files:

2)Heuristic search and deletion with backups :


* In "C:\Windows\system32" *


* In "C:\Users\uwe\AppData\Local\Microsoft" *


* In "C:\Users\uwe\AppData\Local\virtualstore\windows\system32" *


* In "C:\Users\uwe\AppData\Local" *


* In "C:\Users\IUSR_N~1\AppData\Local" *


*** Copy Registry to Safebackup folder ***

Backing up Registry done !

*** Cleaning Registry ***

Registry cleaned


*** Certificates ***

Egroup Certificate not found !
Electronic-Group Certificate deleted !
Montorgueil Certificate not found !
OOO-Favorit Certificate deleted !
Sunny-Day-Design-Ltd Certificate not found !


*** Search others known folders and files ***



*** Cleaning stage complete on 25.12.2008 at 18:36:40,00 ***



Muss ich jetzt noch was machen?

 

habe fertig glaub ich

 

Echt jetzt?
Das ist ja cool.
Freu mich total.

Vielen lieben Dank