You have a security problem

ich weiß das dieses thema schon öfters gibts und habe auch schon mehrere durchgelsen aber für mich sind die nicht nützlich weil ich die prozesse die ich beenden soll garnicht habe ich hoff ihr könnt mir weiterhelfen schon mal danke im vorraus

 

http://siri.urz.free.fr/Fix/SmitfraudFix_De.php

 

Das gleiche gleich nochmal. Neueste/letzte Version von HJT bevorzugt.

Logfile Inhalt kopieren und in ein neues Textdokument (.txt)einfügen. Und das dann als Anhang anhängen.


Kannst trotzdem gleich das alles fixen:

HTML:

R1 - HKCU\Softwa..\Microsoft\Internet E.plorer\Main,Search Page = h.tp://go.m-crosoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page - http://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.mi.-osoft.com/.wlink/?LinkId=69157
R1 - HKLM\Software\Micros-ft\Internet Exp-orer\Mai,,Default_Search.URL = http://go.,i-rosoft.com/fwlink.?LinkI,=54896
R1 - HKLM\Software\Microsoft\Internet -xplorer\Main,Se,rch Pa,e = ,ttp://go.mic,osoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Inter-.t Expl-rer\Mai.,Start Page = http://go.microsoft.com/fwli.k/?LinkId=69157
R0 - ,KLM\So-tware\Microsoft\Int.rnet Explorer\Search,CustomizeSea.ch =
R0 - HKCU\Software\-icroso-t\Intern.t Explorer\Toolbar,LinksFold.rName =
R3 - UR-SearchHook: ICQ To,-bar - {855F3B,--6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.-ll
R3 - URLSearchHook: Yahoo! Toolbar,- {EF99BD32-C1F--11D2-8.-,-0090.71D4F88} -.C:\Program Files\Y-hoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: SearchSettin,s Class --{E312764E-7706-43F1-8DAB-FCDD2B1E416D} -C:\Program Files\Search Settings\kb126\SearchSettings.dll
R3 - URL,earchHook: (no name) - {0579B,B6-0293-4d73-B.2D-5EBB0BA0F0A2} - C:\ProgramFiles\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
O1 - Hosts: ::1 localhost
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B07.EFC214} - C:\P.og.am.Files\Or.it.ownloade.\-rbitcth.dll
O2 - BHO: &Yahoo! Toolbar Helper --{02478,38-C3F9-4-fb-.B51-7695ECA056,0}.- C:\Progr.m .il,s\Yahoo!\Companion\Installs\cpn\yt.dll
O- - BHO: HP Pr-nt Clips - {053F9267-DC04-4294--72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_-ramework.dll
O2 - BHO:-XTTBPos00 - {055-,26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A-SRCHAS.DLL
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7,4D59-B87D-784B7,6BE0B3} - C:\ProgramFiles\Comm-n Files-A.obe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: PC-Antispy Site Blocker,Button - {60B244BE-559.-4,69-B96E-CD264D828EC9}-- C.\Program Files\PC-Antispy\ASpyStBlk.dll (file missing)
O2 - BHO: DealioBHO Class - {6A87B991-A.1F-4130-A-72-6D0C2..BF082} - C:\Pr.gram Fil-s\Dealio\kb126\Dealio.dll
O2 - BHO: SSVHelper Class - {7614-7BB-D6F0-462--B6EB-D4DAF1D92D4,} - C:\Pro-ram Files\Java\jre1.6.0_07\bin\ssv.dll
O, - BHO:-(no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O. - BHO: Windows Live An.elde-Hilfspro,r-mm - {9030D464-4C02-4ABF-8ECC-5164760-6,C6} -C:\Program Files\Common File-\Microsoft Sha.ed\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar ,elper - {B,BD1DAD-C.46-,A17-ADC1-64,5B4FF55D0} - .:\Program Files\Windows Live Toolbar\msntb.d,l
O2 - BHO: SearchSettings Class - {E.12764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\ProgramFiles\Se.rch Settings\kb126-SearchSett.ngs.d-l
O2 - BHO: WazapBHO Class - {E601996F-E400-41CA-804B-CD6373.7EEF2} -,C..Program Files\Wazap\ie_w-zap.dll
O2 - ,HO: Ask To-lbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931.4AA} - C:\Program Files\AskSBar\bar.1.bin\ASKSBAR.DLL
O3 - Toolbar: ICQ Toolbar . {855F3B16-6D3,-4fe6-8A56-BBB695989046} - C:\PROG,A~1\ICQTO,~,\toolbaru.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} , C:\Program Files\Windows Live Toolbar\msnt-.dll
O3 - Too-bar, Yahoo. T.olbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program File,\Yahoo-\Companion.Installs\cpn\yt.dll
O3 - To-lbar: Dealio - {E67C74F4-A00A-4F2C-9F-C-FD9DC004A67-} - C:\Program Files\Dealio\kb126\Dealio.dll
O3 - Too.bar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Pro,ram Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O4 - H,LM\..\Run: [recinfo810] c:\RecInfo\Re,Info.exe
O4 - HKLM\..\Run: [HP Software Update] C,\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] ",:\Program Files\J.va\jre1.6.0_07\,in\jusched.e,e"
O4 - HKLM\..\Run: [Adobe Reader Spee. Launcher] "C:\Program Files,-dob,\Reader 8.0\Reader\Reader_sl.ex-"
O4 -,HKLM\..\Run: [au] C:\Program Files\Dealio\DealioAU.exe
O- - HKLM\..\Run: -SearchSettings] C:\Program Files\Search Settings\SearchSetti,gs.exe
O4 - HKLM\..\R-n: [QuickTime Task]--C:\Pro,ram Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [egui] "C,\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - -K,M\..\Run: [NeroFi-terCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.e.e
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4-- HKCU\..\Run: ,.sc-reg] C:\Prog.amData\fsc-.eg\fscreg-exe 20080902
O4 - HKCU\..\Run: ,MsnMsgr] "C:\Program Files\Windows Live\Messenger\-snMsgr.Ex." /background
O- - HKCU\..\Run: [ehTray.exe] C:\,indows\ehome\ehTray.exe
O4 - HKCU\..\Run: -I,dxStoreSv._{79662,04-7C6C-4d9f-84C7-88D8A56B10AA}] "C,\P,ogram Fi.es\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Ru-: [S-mefox] C:\Users\s.nj.\AppData\Local\Temp\87DA.tmp.exe
O4 - HKCU\..\Run: [dscprocapp] C:\Prog-amData\dscprocapp\ctqtktqh.exe
O4 - HKCU\..\Run: [fTg.fj4pOL] C:\ProgramData\grqtgxs.\alabwlcd.exe
O4 ,,HKCU\..\Run: [WMPNSCF.] .:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Startup: .security
O4 - Global Startup:  WinCinema Manager.lnk = C:\Program Files.Sandisk\Common\Bin\WinCinemaMgr..xe
O4 - Global Startup: .security
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digit-l Imag.ng\bin\hpqtra-8.exe
O4 - Global St-rtup: w98Ej,ct.lnk = ?
O8 - Extra co,text me,u item: &Download by Orb.t - res-//C:\Program Files\Orbitdownloader\-rbitmxt.dll/201
O, -,Extra context menu item: &Grab video by Orbit - res://C:\Progra- Files\Orbitdownloader\orbitmxt.dll/204
.8 - Extra co,text menu item: &Windows Live Search - res://C:\Program Files\,i.dows Live Toolbar\msnt,.dll/search.htm
O8 - Extr- context menu item: Add to .,ndows &Live Fa-orite. - http://fav-rit.s.live.com/quick-dd.aspx
O8 - Extra context menu item: Compare Prices with &Dealio - C:\Users\sonja\AppData\L,calLow\Dealio\kb126\res\DealioSearch.html
O8 - Extra context menu it.m: Do&.nl,.d selected by Orbit - res://C:\Program Files\Orbitdownloader\or.itmxt.dll/203
O8 -.Ex-ra context me.u item: Down&load all by Orbit - res://C:\Program Files\Orbit.ownl-ad.r\o-bitmx..dll/20,
O8 - E.tra context menu item: Downloa. Video - http://www.viloade..ne./addon.htm
O8 -,Ext,a context menu item: Nach Microsoft E&xel export.eren - res://C:\PROGRA~1\MICROS~2\Of,ice12\EXCE..EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-1,CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dl-
O9 - Extra 'Tools' menuitem: Sun Ja,a Konsole - {08,0E5C0-4FCB--1CF-AAA5-00401C608501} -C:\PROGRA~1\J,va\JRE16~2.0_0\bin,ss-.dll
O9 - Extra button: Wazap - {0F7195C2-6713-4d93-A1BC-DA5,A33.0A65} - C:\Program Files\Wazap\ie_waz.p.dll
O9 - Extra 'Tools' menuitem: Wazap - {0F7195,2-6713-4.93-,1BC-DA5FA33-.A65} - C:\ProgramFiles\Waz.p\ie_wa.ap.dll
O9 - Extra but,on: An OneNote senden - {2670000A-73-0-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9.- Extra 'Tools' me-uitem: An OneNote s&enden - {2670000A-7350-4f-c-8081-5663EE0C6C49}- C:\P,OGRA~1\MICROS~2-,ffice.2\ONBttnIE.dll
O9 - Extra button: HP Sammelmappe - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Intelligente Auswahl - {700259D7-1666-4,9a-93B1-3250410481E8} - C:\Program.Fil.s\HP\Smar, Web Printing\hpswp_extensions.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9,E-3C9C571A8263} - C:\P-OGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O- - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - ,xtra 'To.ls- menuitem: ICQ6 - {E59EB121-F339-4851-,3BA-F-49C35617-2} - C:\ProgramFiles\ICQ6\ICQ.exe
O9 - Extra button: Dealio - {E908B145-C.47-4e85-B315-07E2E70DECF8} - C:\Pro,ram Files\Dealio\kb126\Dealio.dll
O9 - Extr. 'T,ols' menuitem: Dealio - {E908B145-C847-4e85.B315-07E2E70DECF8} - C:\ProgramFiles\Dealio\kb126\Dealio.dll
O10 --Unknown file in Win.ock LSP: c:\windows\sys,em32\nlaapi.dll
O10 - Unknown fi-e in Winsoc, L-P, c:\windows\system32\napinsp.dll
O11 - Options group: [INTERNATIONAL] International*
O13 - Gopher Prefix:
O16 - DPF: {.A162249-F2C5-4851-8ADC-FC58CB424243} (Image Upload,r Control) - http://static.pe.schuelervz.net/photouploader/Ima.eUploader5.cab?nocache=1206036220
O18 -,Pr,tocol: livecal. - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA.1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18.--Protocol: m.-help - {-14111C.-A502-11D2-BBCA-00C04F8EC294} - .:\Program Files\Common Files\Microsoft Share.\Help\hxds.dll
O18 - Prot-col: m.nim - {828030A1-22.1-4009-854F-8E305202313F} , C:\PROGRA~1\WI1F86~1\MESSEN-1\MSGRAP~1.DLL
O18 --.ilter hijack: text/xml - {807563.5-5,46-11D5-A672-00B0D022E945} -,C:\PRO-RA~1\COMM,N~1\MICROS~1\OFFI,.12\MSOXMLMF.DLL
O23 - Service: Apple Mobile-Device - Apple, Inc. -,C:\Program Files\Common File,\Apple\MobileDevice Support\bin\.ppleMobileDevic-S-rvice.-xe
O23 - S-rvice: Automatisches LiveUpdate - -cheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O2. - Service: Sym,ntec Event Manager (ccEvtMgr) - Unknown o-ner - c:\Pro-ram Files\CommonFiles\Symant,c Share-\ccS.cHst.exe" /h ccCommon (file missing)
O23 - Servi,e: Symantec Set,ings .anager (ccSetMgr) . Unknow, ow-er - c:\Program Files\Common Files\Syman-ec Shared\ccSvcHst.e-e. /h.ccCommon (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common F.les\Symantec Shared\c,SvcHst.exe" /h ccCommon (f,le missing)
O23,- Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\.ystem32\svchost.exe (file missing)
O23 - Se.vice: FSCLBaseUpdaterService - Unknown owner - c:\Program Files\Fujitsu Sieme,sComputers\FSCLounge\F.CWBaseUpdaterSe.vice\2\FSCWBaseUpdaterService.exe
O23 - -ervice: InstallDriver Table Man,ger (IDriver-) - Macrovision Corporation - C:\P..gram Files\Common Files\InstallShield\Driver\1150\Intel 32\I.riverT.exe
O23 - Service. LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS-1.EXE
O23 - Service: LiveUpdate Notice Servi-, Ex .LiveUpdate Notice Ex) - Unknown own.r - c:\-rogram.Files\Common Files\Symantec Shared\ccSvcHst.exe" .h ccCommon (file missing)
O23 - ,,rv,ce: LiveUpdate Notice Service - Unkno.n owner - C:\Program File.\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F,2F227FCA9A08}-PI,Svc.exe" /m 
"C,\P.ogram Files\Co.,on Files\Symantec Sh.red\PIF\{B8E1DD85-858--4c61-B58F-2F22-FCA9A08}\PifEng.-ll (file missing)
O23 - Se-vice: Nero BackItU- ,cheduler 3 - Nero AG - C:\Program Files,Nero\,e.o8\NeroBackItUp,NBService.exe
O23 - Servi,e: NMIndexingService - Nero AG - C:\Program File,\Common Files.Nero\Lib\NMIndexin,Service.exe
O2. - Service: @%SystemRoot%\system32\qw.ve.dll,-1 (QWAVE) - Unknow, owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @%SystemRoot%\system32\seclogon-dll,-7001 (seclogon) . Unk.,wn owner -%windir%\system32\svchost.exe (file missing)
O23 - Service: Fujitsu-S.emens Computers Diagn,stic.Testh,ndler (TestHandler) - FujitsuSiemens Computers - C:\f.rststeps\OnlineDiagnostic\Tes.Manager\TestHa-dler.exe
O23 - Service: @%ProgramFiles%\Windows M.dia Player\wmpnetwk.exe,-101 (WMPNetwork.vc)- Unknown o,ner - %ProgramFiles%\Wi.dows Media Player\wmpnetwk.exe (file-missing)

 

neuaufsetzen