popup terror! is das ein virus ? was kann ich machen ? - Seite 3

Erst einmal danke für deine Hilfe chrisair habe aber jetzt das Problem, dass er anfängt nach updates zu suchen aber weiter passiert dann nchts! Also da bleibt er immer hängen!

Hier hab jetzt das gemacht was du gesagt hast! Hier das kopierte:

Logfile of HijackThis v1.99.1
Scan saved at 17:27:05, on 01.03.2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32csrss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:ProgrammeGemeinsame DateienSymantec SharedccEvtMgr.exe
C:ProgrammeNorton Internet SecurityNISUM.EXE
C:WINDOWSExplorer.EXE
C:ProgrammeGemeinsame DateienSymantec SharedccApp.exe
C:windowstempadwarefsg_4203.exe
C:ProgrammeHPHP Software UpdateHPWuSchd.exe
C:ProgrammeHPhpcoretechhpcmpmgr.exe
C:ProgrammeMessengerMSMSGS.EXE
C:ProgrammeNorton Internet SecurityccPxySvc.exe
C:ProgrammeNorton AntiVirusnavapsvc.exe
C:WINDOWSsystem32slserv.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSSystem32wuauclt.exe
C:ProgrammeT-OnlineT-Online_Software_5Basis-SoftwareBasis2kernel.exe
C:ProgrammeT-OnlineT-Online_Software_5Basis-SoftwareBasis2sc_watch.exe
C:PROGRA~1T-OnlineT-ONLI~1BASIS-~1Basis2PROFIL~1.EXE
C:ProgrammeAdobeAcrobat 5.0ReaderAcroRd32.exe
C:PROGRA~2AltnetDOWNLO~1adm4005.exe
C:ProgrammeInternet ExplorerIEXPLORE.EXE
C:ProgrammeSpybot - Search & DestroyTeaTimer.exe
C:ProgrammeSpybot - Search & DestroySpybotSD.exe
C:hijackthis_199HijackThis.exe

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://google.icq.co..._frame.php
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://google.icq.com
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.msn.de/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://www.hyrican.de
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:ProgrammeICQToolbartoolbaru.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:ProgrammeAdobeAcrobat 5.0ReaderActiveXAcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:PROGRA~1SPYBOT~1SDHelper.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:ProgrammeNorton AntiVirusNavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSystem32msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:ProgrammeNorton AntiVirusNavShExt.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:ProgrammeICQToolbartoolbaru.dll
O4 - HKLM..Run: [BluetoothAuthenticationAgent] rundll32.exe irprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM..Run: [QuickFinder Scheduler] "C:ProgrammeWordPerfect Office 11ProgramsQFSCHD110.EXE"
O4 - HKLM..Run: [ccApp] "C:ProgrammeGemeinsame DateienSymantec SharedccApp.exe"
O4 - HKLM..Run: [ccRegVfy] "C:ProgrammeGemeinsame DateienSymantec SharedccRegVfy.exe"
O4 - HKLM..Run: [Symantec NetDriver Monitor] C:PROGRA~1SYMNET~1SNDMon.exe /Consumer


O4 - HKLM..Run: [P2P Networking] C:WINDOWSSystem32P2P NetworkingP2P Networking.exe /AUTOSTART

raus damit

O4 - HKLM..Run: [KAZAA] C:ProgrammeKazaakazaa.exe /SYSTRAY
O4 - HKLM..Run: [InstaFinderK] C:ProgrammeINSTAFINKInstaFinderK_inst.exe

alles 3 raus damit

O4 - HKLM..Run: [Trickler] "c:windowstempadwarefsg_4203.exe"
O4 - HKLM..Run: [AltnetPointsManager] c:program filesaltnetpoints managerpoints manager.exe -s

beides raus damit

O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [SSC_UserPrompt] C:ProgrammeGemeinsame DateienSymantec SharedSecurity CenterUsrPrmpt.exe
O4 - HKLM..Run: [HP Software Update] "C:ProgrammeHPHP Software UpdateHPWuSchd.exe"
O4 - HKLM..Run: [HP Component Manager] "C:ProgrammeHPhpcoretechhpcmpmgr.exe"
O4 - HKLM..Run: [QuickTime Task] "C:ProgrammeQuickTimeqttask.exe" -atboottime
O4 - HKLM..Run: [ICQ Lite] C:ProgrammeICQLiteICQLite.exe -minimize
O4 - HKCU..Run: [MSMSGS] "C:ProgrammeMessengerMSMSGS.EXE" /background
O4 - HKCU..Run: [SpybotSD TeaTimer] C:ProgrammeSpybot - Search & DestroyTeaTimer.exe
O4 - HKCU..RunOnce: [ICQ Lite] C:ProgrammeICQLiteICQLite.exe -trayboot
O4 - Startup: Adobe Gamma.lnk = C:ProgrammeGemeinsame DateienAdobeCalibrationAdobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:ProgrammeHPDigital Imagingbinhpqtra08.exe
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:ProgrammeICQToolbartoolbaru.dll/SEARCH.HTML


O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%bdoscandel.exe (file missing)

raus damit

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%bdoscandel.exe (file missing)
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:ProgrammeICQLiteICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:ProgrammeICQLiteICQLite.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:WINDOWSwebrelated.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:WINDOWSwebrelated.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:ProgrammeMessengerMSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:ProgrammeMessengerMSMSGS.EXE
O14 - IERESET.INF: START_PAGE_URL=http://www.hyrican.de


O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F99} (CR64Loader Object) - http://www.miniclip....Loader.dll

beides raus damit

O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.syma...vSniff.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefend...oscan8.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma.../cabsa.cab


O16 - DPF: {DA511858-B44C-439E-A0EA-704ED20035E7} (EphoxEditLive4.EditLive) - http://www.beepworld...tlive4.cab
O17 - HKLMSystemCCSServicesTcpip..{FF178C7A-6661-48D6-8287-DEEF40E290C9}: NameServer = 217.237.151.33 217.237.149.225

beides raus damit

O23 - Service: Adobe LM Service - Adobe Systems - C:ProgrammeGemeinsame DateienAdobe Systems SharedServiceAdobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:ProgrammeGemeinsame DateienSymantec SharedccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:ProgrammeGemeinsame DateienSymantec SharedccPwdSvc.exe
O23 - Service: Symantec Proxy Service (ccPxySvc) - Symantec Corporation - C:ProgrammeNorton Internet SecurityccPxySvc.exe
O23 - Service: Norton AntiVirus Auto-Protect-Dienst (navapsvc) - Symantec Corporation - C:ProgrammeNorton AntiVirusnavapsvc.exe
O23 - Service: Norton Internet Security Accounts Manager (NISUM) - Symantec Corporation - C:ProgrammeNorton Internet SecurityNISUM.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:WINDOWSSystem32HPZipm12.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:PROGRA~1GEMEIN~1SYMANT~1SCRIPT~1SBServ.exe
O23 - Service: SmartLinkService (SLService) - - C:WINDOWSSYSTEM32slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:ProgrammeGemeinsame DateienSymantec SharedSNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:ProgrammeGemeinsame DateienSymantec SharedSecurity CenterSymWSC.exe