|
Plagegeister aller Art und deren Bekämpfung: Großes Problem mit IEXPLORE.EXEWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
01.06.2007, 15:10 | #1 |
| Großes Problem mit IEXPLORE.EXE Hallo, Habe , nachdem ich NetPumper installiert habe , genau das selbe Problem wie der User im folgenden Thread: http://www.trojaner-board.de/30276-p...chliessen.html Habe es schon mit der Anleitung darin probiert, aber ich kenne mich auf dem Gebiet leider überhaupt nicht aus und weiß deshalb auch nicht welche Vorgänge aus dem HiJack Log ich denn nun löschen soll. Ich hoffe jemand kann mir helfen. Das Arbeiten mit dem PC ist damit nämlich kaum möglich (der PC lahmt sehr stark wenn die IEXPLORE.EXE Vorgänge offen sind...) Hier das Log-File: Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\system32\appxb.exe C:\WINDOWS\system32\atlkw.exe C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe C:\Programme\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\System32\PAStiSvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\wanmpsvc.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Programme\Java\j2re1.4.2_03\bin\jusched.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\SOUNDMAN.EXE C:\Programme\Lexmark X1100 Series\lxbkbmgr.exe C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE C:\Programme\Lexmark X1100 Series\lxbkbmon.exe C:\Programme\DAEMON Tools\daemon.exe C:\Programme\iTunes\iTunesHelper.exe C:\Programme\QuickTime\qttask.exe C:\Programme\Winamp\winampa.exe C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe C:\Programme\iPod\bin\iPodService.exe C:\Programme\Unlocker\UnlockerAssistant.exe C:\Programme\Gemeinsame Dateien\AOL\1176997484\ee\aolsoftware.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\taskmgr.exe C:\Programme\Google\Google Desktop Search\GoogleDesktop.exe C:\WINDOWS\System32\svchost.exe C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe C:\Programme\AOL 9.0b\aoltray.exe C:\Programme\Gigabyte\Gigabyte GN-WPKG Wireless PCI Adapter SoftAP\Installer\WINXP\RaConfig2500.exe C:\Programme\Windows Desktop Search\WindowsSearch.exe C:\Programme\madotate\madotate.exe C:\Programme\VisualTaskTips\VisualTaskTips.exe C:\WINDOWS\system32\wuauclt.exe C:\Programme\AOL 9.0b\waol.exe C:\Programme\Google\Google Desktop Search\GoogleDesktopIndex.exe C:\Programme\Google\Google Desktop Search\GoogleDesktopCrawl.exe C:\Programme\AOL 9.0b\shellmon.exe C:\Programme\Google\Google Desktop Search\GoogleDesktopOE.exe C:\WINDOWS\system32\ifcconf.exe C:\WINDOWS\System32\odtemdt2.exe c:\progra~1\intern~1\iexplore.exe C:\Programme\Internet Explorer\iexplore.exe C:\Dokumente und Einstellungen\***\Desktop\Neuer Ordner (2)\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\vtrwa.dll/sp.html#44794%resultposition.net R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\vtrwa.dll/sp.html#44794%resultposition.net R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\vtrwa.dll/sp.html#44794%resultposition.net R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\vtrwa.dll/sp.html#44794%resultposition.net R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\vtrwa.dll/sp.html#44794%resultposition.net R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\vtrwa.dll/sp.html#44794%resultposition.net R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\vtrwa.dll/sp.html#44794%resultposition.net R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://de.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://de.search.yahoo.com R3 - Default URLSearchHook is missing O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll (file missing) O2 - BHO: Class - {03A3BAA1-D30D-1740-266D-DFB41175C0B6} - C:\WINDOWS\ntrd.dll (file missing) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: Class - {08484541-BCCD-C18F-32D6-EB815B6DEC10} - C:\WINDOWS\system32\ntim.dll (file missing) O2 - BHO: Class - {0CF480F1-257D-1A25-B315-E66C5C67677C} - C:\WINDOWS\sysxq32.dll (file missing) O2 - BHO: Class - {19AA31BF-1750-E89C-CB6E-11F9A6477CE9} - C:\WINDOWS\system32\d3ki32.dll O2 - BHO: Class - {1E9299A9-BF6A-EDA4-8182-44CC97B4CE96} - C:\WINDOWS\nthb32.dll (file missing) O2 - BHO: Class - {1EABA81C-2968-BCA1-3144-3C81DF7686E0} - C:\WINDOWS\system32\cryh.dll O2 - BHO: Class - {22FDEABC-8EB3-A5F1-D02C-CEB942AC6387} - C:\WINDOWS\system32\msaz32.dll O2 - BHO: Class - {263D02F9-1BD5-1743-9A90-F30CE927DC96} - C:\WINDOWS\apiof32.dll (file missing) O2 - BHO: Class - {27C69AB9-7058-A173-08CD-4881744A47E8} - C:\WINDOWS\system32\netop.dll O2 - BHO: Class - {28A68239-82F8-8D30-DC8C-F32FA43F4BF6} - C:\WINDOWS\system32\winpa.dll O2 - BHO: Class - {29094C8C-2B29-460F-F696-483BB24C0D75} - C:\WINDOWS\addrd32.dll (file missing) O2 - BHO: Class - {2D81EABA-6451-4C7C-3C50-B8A5D81AD9AB} - C:\WINDOWS\sdkwi.dll O2 - BHO: Class - {2ECC0E95-435F-646C-368F-766F51423169} - C:\WINDOWS\system32\crop32.dll O2 - BHO: Class - {2F81B0AE-8954-D01D-E50B-7FCBA7679003} - C:\WINDOWS\system32\ntds.dll O2 - BHO: Class - {32DAA6BE-6853-C120-02B0-7E948F785121} - C:\WINDOWS\system32\msjv.dll O2 - BHO: Class - {3992544B-E35C-E7B2-CC5E-542598989C13} - C:\WINDOWS\system32\apiuv.dll O2 - BHO: Class - {3EB92E28-EE9A-43B7-6D25-F4D8822B3138} - C:\WINDOWS\sysmh32.dll (file missing) O2 - BHO: Class - {4263150C-85E5-7432-04D3-FC91D0E2083A} - C:\WINDOWS\appyy32.dll (file missing) O2 - BHO: Class - {4A8FA403-6D03-3DF6-B04E-8F3E905BDA8C} - C:\WINDOWS\system32\apipb32.dll O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - C:\Programme\Need2Find\bar\1.bin\ND2FNBAR.DLL (file missing) O2 - BHO: Class - {510C09CC-B06A-EFC8-2E17-38F386848F3E} - C:\WINDOWS\crtl32.dll (file missing) O2 - BHO: Class - {513F26D2-529F-C72B-3DB2-BFE1824D6026} - C:\WINDOWS\system32\addqv.dll O2 - BHO: Class - {51E6232D-D6D8-0B28-FE18-2CDD5A3EB81A} - C:\WINDOWS\system32\appas32.dll O2 - BHO: Class - {522DCDB2-3199-3427-AF7A-5B84CDB03151} - C:\WINDOWS\system32\sysya.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Class - {565D9CD0-2D1B-B265-3401-B4D542904CEA} - C:\WINDOWS\system32\ntew32.dll O2 - BHO: Class - {5E6B4C95-6BEF-0CB7-4598-2570C18C2CE9} - C:\WINDOWS\system32\appne.dll O2 - BHO: Class - {63196008-394F-92A3-D468-B7F1C729D832} - C:\WINDOWS\system32\ntlb32.dll O2 - BHO: Class - {63FEB9FC-0CFF-19B6-22B8-41BEE619AC8D} - C:\WINDOWS\system32\ipbz.dll O2 - BHO: Class - {6671C461-7CCF-9AA0-86E0-D85FD407E962} - C:\WINDOWS\system32\mfcet32.dll O2 - BHO: Class - {6813A243-6455-01F2-5ABA-4D5390F9C114} - C:\WINDOWS\ipkq.dll (file missing) O2 - BHO: Class - {692CAE5A-4A45-E144-6735-C691484DAB07} - C:\WINDOWS\system32\sysnn32.dll O2 - BHO: Class - {6BFA37D8-ADF9-E5C1-1BA2-6D5FC51992FE} - C:\WINDOWS\netzs.dll O2 - BHO: Class - {70E8EDCB-E658-5238-0B7C-4032E35AADD5} - C:\WINDOWS\system32\ipnn32.dll O2 - BHO: Class - {75DB1C5D-4338-B2DA-7E2E-486E23737320} - C:\WINDOWS\system32\crnz.dll O2 - BHO: Class - {764788F7-270A-2065-77B9-E89626EE98D8} - C:\WINDOWS\system32\netxs.dll O2 - BHO: Class - {76551A46-3CFF-6B1B-D3B8-FBF43EA1977B} - C:\WINDOWS\sysns.dll O2 - BHO: Class - {7A9255F3-6C7E-1DF9-4197-04A41E0B4D35} - C:\WINDOWS\system32\apidh32.dll O2 - BHO: Class - {7C0FF55E-E9AE-F913-0FC2-E683C07B83BA} - C:\WINDOWS\system32\sysin.dll O2 - BHO: Class - {8391C5AE-D71D-1C39-7030-6A643F55B86D} - C:\WINDOWS\system32\addxg32.dll O2 - BHO: Class - {84A7FA6F-91FF-4596-D0F9-6EBB535B64A8} - C:\WINDOWS\d3ap.dll (file missing) O2 - BHO: Class - {850AB9B1-1258-DE09-759D-A5B88E566256} - C:\WINDOWS\ieer32.dll O2 - BHO: Class - {873458BD-F460-8C2C-C434-DA1479C9FA9D} - C:\WINDOWS\iemh32.dll O2 - BHO: Class - {8D2AB820-4792-EC0B-EEC6-7066F20405E7} - C:\WINDOWS\system32\atlpo.dll O2 - BHO: Class - {92606481-D877-8991-1150-67646D27BA88} - C:\WINDOWS\sysvu32.dll O2 - BHO: Class - {92B2D986-CF62-44F7-66D4-D1D7DD85E680} - C:\WINDOWS\mski.dll (file missing) O2 - BHO: Class - {94E2EE2C-7353-1954-E7DE-C8D3E86E1509} - C:\WINDOWS\ntug32.dll O2 - BHO: Class - {97ABFC94-0DCD-6F23-07CA-0397C1202816} - C:\WINDOWS\system32\ieic32.dll O2 - BHO: Class - {97B49D84-7652-41A1-A24E-3AC2CB7C0CCF} - C:\WINDOWS\system32\sdkes32.dll O2 - BHO: Class - {99368009-0A9B-D27D-477D-7DCB633E7E12} - C:\WINDOWS\msgt.dll (file missing) O2 - BHO: Class - {9A72E5B9-1D03-1F14-49AA-B52E51A50ABF} - C:\WINDOWS\system32\ntai.dll O2 - BHO: Class - {9ABA5138-8227-CC21-68F5-2ABC964FBA9C} - C:\WINDOWS\system32\javawe32.dll O2 - BHO: (no name) - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - (no file) O2 - BHO: Class - {9F1DF47B-EB7B-6789-0D82-E2A50C229205} - C:\WINDOWS\ntro.dll (file missing) O2 - BHO: Class - {A1A0A8B0-1426-AEE6-1AF3-A0AEC3BAA6FA} - C:\WINDOWS\appul.dll O2 - BHO: Class - {A1A5E364-E35E-3207-00BC-5BCD057C00C4} - C:\WINDOWS\addim.dll (file missing) O2 - BHO: Class - {A400880E-3B4B-F103-3D96-C2CBB123366D} - C:\WINDOWS\javahd32.dll O2 - BHO: Class - {A5B70C48-44FC-EE21-10FB-6B345BD9B634} - C:\WINDOWS\system32\mskh.dll O2 - BHO: Class - {A8A23479-ED9D-1E98-9D3B-BE5D9FF6BBE1} - C:\WINDOWS\netph.dll O2 - BHO: Class - {A989CF03-97C5-2ED8-BCEB-B1BB49B32314} - C:\WINDOWS\system32\ntci32.dll O2 - BHO: Class - {AA0E41C6-7850-AD03-4758-F830E674D570} - C:\WINDOWS\system32\javawp.dll O2 - BHO: Class - {AC5FBA74-3B09-DD85-9101-E3BA6AA5F315} - C:\WINDOWS\system32\iejx.dll O2 - BHO: Class - {AF0E6521-11D3-E910-5998-4ABEE4595D36} - C:\WINDOWS\nthe.dll O2 - BHO: Class - {AF4453A0-7DB2-2911-EE4F-0941EA0F1D4D} - C:\WINDOWS\netuf.dll O2 - BHO: Class - {AFF226D4-6484-3652-603F-005908E0DFD4} - C:\WINDOWS\javauq.dll (file missing) O2 - BHO: Class - {B3D73358-31BE-E57F-D1C6-0062ECF101F4} - C:\WINDOWS\syspu32.dll O2 - BHO: Class - {B9C08788-99E3-0FDE-627D-4CBCC68F6D36} - C:\WINDOWS\sysmv32.dll O2 - BHO: Class - {BAA30FC7-144C-D511-86B0-B4821F6A694B} - C:\WINDOWS\ipoj32.dll O2 - BHO: Class - {BC94F47E-FA75-F7AE-6982-DA5E61BD1650} - C:\WINDOWS\mscu.dll O2 - BHO: Class - {BCF7B860-1A55-E954-17E0-F2AC36525DF8} - C:\WINDOWS\javalz.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programme\Norton Internet Security\Norton AntiVirus\NavShExt.dll (file missing) O2 - BHO: Class - {BE1F0E63-6C92-5B58-E590-B7958EE995B7} - C:\WINDOWS\apive32.dll (file missing) O2 - BHO: Class - {BEE7E5D8-569A-9AC1-5C5F-875B2717BDB1} - C:\WINDOWS\system32\winth32.dll O2 - BHO: Class - {BEF00B51-738C-4232-D4D5-D51207153ADE} - C:\WINDOWS\system32\appls.dll O2 - BHO: Class - {C5933008-BD9D-D18E-FDF7-470E8C5B5132} - C:\WINDOWS\addns32.dll (file missing) O2 - BHO: Class - {C643F570-05B9-FEDB-D764-AC5B786D4B39} - C:\WINDOWS\system32\atlfa.dll O2 - BHO: Class - {CC53C364-0498-434A-F962-F0D884823228} - C:\WINDOWS\system32\ntix.dll O2 - BHO: Class - {CC76A8DE-4196-33A2-4D56-645061976E88} - C:\WINDOWS\system32\apiis32.dll O2 - BHO: Class - {CD104659-5CC2-29E7-33D3-57FFA736CDED} - C:\WINDOWS\system32\appyt32.dll O2 - BHO: Class - {CE678389-B1E9-4F6F-091A-C8A48544D7B4} - C:\WINDOWS\apppq32.dll O2 - BHO: Class - {D0D90AC7-FFCD-EA7E-B827-9D99D7655159} - C:\WINDOWS\system32\apiss.dll O2 - BHO: Class - {D9152034-827B-EB56-CE58-BDA675970AEB} - C:\WINDOWS\ntzf.dll (file missing) O2 - BHO: Class - {DA737FB7-D4AB-4D3C-5342-A991014AC8FA} - C:\WINDOWS\ipyz.dll O2 - BHO: Class - {DB64B283-BB07-8F6F-B9A9-8FB11BD47AD0} - C:\WINDOWS\system32\netkm32.dll O2 - BHO: Class - {DBBC70C2-63DD-CB69-E88B-B7DB341BA714} - C:\WINDOWS\system32\apisu32.dll O2 - BHO: Class - {DD570F33-30FC-DD2B-2D52-F5F01014766F} - C:\WINDOWS\system32\javamg32.dll O2 - BHO: Class - {E118F9B6-686E-47CF-3507-F787ADEDD0FF} - C:\WINDOWS\appla.dll (file missing) O2 - BHO: Class - {E2D6A434-202A-A2C9-09CC-F6A71EC6CBB4} - C:\WINDOWS\system32\netno.dll O2 - BHO: Class - {E2EE3398-3679-6B34-51F3-26F80A4F6FA2} - C:\WINDOWS\syszl32.dll (file missing) O2 - BHO: Class - {E738B04A-1963-CC45-FEB7-57FDF80D6F8D} - C:\WINDOWS\system32\mfcai32.dll O2 - BHO: Class - {E7D786C8-AEAE-75A3-E2AA-6242E4EDCBE4} - C:\WINDOWS\system32\addwc.dll O2 - BHO: Class - {EB6CA0F4-3A1C-6772-E64F-4A74CBFD30B5} - C:\WINDOWS\system32\cran32.dll O2 - BHO: Class - {EC341F61-0A1A-E928-100B-606855DB07DD} - C:\WINDOWS\system32\sdkwx32.dll O2 - BHO: Class - {EFC5B77D-89C3-A962-9A96-1C6818B08696} - C:\WINDOWS\system32\addni.dll O2 - BHO: Class - {F00846F6-794A-3935-C204-C7E078510F27} - C:\WINDOWS\netyu.dll O2 - BHO: Class - {F1983C20-5742-0E88-60CB-E8BD6E1204CA} - C:\WINDOWS\system32\syscu32.dll O2 - BHO: Class - {F24066EC-902B-5FD0-38BE-FCBA8F762791} - C:\WINDOWS\winqq32.dll O2 - BHO: Class - {F4625626-5DCB-AEB7-598A-486B27B92A72} - C:\WINDOWS\system32\syswv32.dll O2 - BHO: Class - {F5E5DE05-657F-880E-A52E-71E8CBCBA712} - C:\WINDOWS\ipwn32.dll (file missing) O2 - BHO: Class - {F7AAF518-F4CD-02BF-5C23-F0D9E2D6BD30} - C:\WINDOWS\system32\sdkkf.dll O2 - BHO: Class - {FA4788F1-4822-A986-4D3E-44B435C19A9C} - C:\WINDOWS\winaq32.dll (file missing) O2 - BHO: Class - {FA991F0E-1BD9-6EAD-EFEC-2317207D5E37} - C:\WINDOWS\apiwn32.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programme\Norton Internet Security\Norton AntiVirus\NavShExt.dll (file missing) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar1.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\j2re1.4.2_03\bin\jusched.exe O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AOLDialer] C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Programme\Lexmark X1100 Series\lxbkbmgr.exe" O4 - HKLM\..\Run: [Camera Detector] C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE -autorun O4 - HKLM\..\Run: [links] links.exe O4 - HKLM\..\Run: [iexplore.exe] C:\Programme\Internet Explorer\iexplore.exe O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Programme\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon O4 - HKLM\..\Run: [DAEMON Tools] "C:\Programme\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Programme\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [lich] lich.exe O4 - HKLM\..\Run: [funk] funk.exe O4 - HKLM\..\Run: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -minimize O4 - HKLM\..\Run: [WinampAgent] C:\Programme\Winamp\winampa.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [RealTray] C:\Programme\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER O4 - HKLM\..\Run: [atlfe32.exe] C:\WINDOWS\system32\atlfe32.exe O4 - HKLM\..\Run: [Glass2k] C:\Dokumente und Einstellungen\***\Desktop\Glass2k.exe O4 - HKLM\..\Run: [appnr.exe] C:\WINDOWS\appnr.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [ifcdiag] C:\WINDOWS\system32\ifcconf.exe O4 - HKLM\..\Run: [HostManager] C:\Programme\Gemeinsame Dateien\AOL\1176997484\ee\AOLSoftware.exe O4 - HKLM\..\Run: [appwb.exe] C:\WINDOWS\appwb.exe O4 - HKLM\..\Run: [idl32.exe] C:\WINDOWS\idl32.exe s O4 - HKLM\..\Run: [wndtray.exe] C:\WINDOWS\wndtray.exe s O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Programme\Unlocker\UnlockerAssistant.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [Third window active this] C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Name Bait Third Window\Waiteq.exe O4 - HKLM\..\Run: [crdp32.exe] C:\WINDOWS\system32\crdp32.exe O4 - HKLM\..\Run: [atlkw.exe] C:\WINDOWS\system32\atlkw.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Programme\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Programme\Yahoo!\Messenger\YahooMessenger.exe" -quiet O4 - HKCU\..\Run: [Google Desktop Search] "C:\Programme\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKCU\..\Run: [BitTorrent] "C:\Programme\BitTorrent\bittorrent.exe" --force_start_minimized O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [TIME RDR] C:\DOKUME~1\Eichwald\ANWEND~1\GPLAXI~1\barboptionhold.exe O4 - Startup: Madotate.lnk = C:\Programme\madotate\madotate.exe O4 - Startup: VisualTaskTips.lnk = C:\Programme\VisualTaskTips\VisualTaskTips.exe O4 - Global Startup: Adobe Gamma.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: AOL 9.0 Tray-Symbol.lnk = C:\Programme\AOL 9.0b\aoltray.exe O4 - Global Startup: GN-WPKG Utility.lnk = C:\Programme\Gigabyte\Gigabyte GN-WPKG Wireless PCI Adapter SoftAP\Installer\WINXP\RaConfig2500.exe O4 - Global Startup: Windows Desktop Search.lnk = C:\Programme\Windows Desktop Search\WindowsSearch.exe O8 - Extra context menu item: &Google-Suche - res://C:\Programme\Google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: &Ins Deutsche übersetzen - res://C:\Programme\Google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: &Search - http://ky.bar.need2find.com/KY/menusearch.html?p=KY O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: Easy-WebPrint - Drucken - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O8 - Extra context menu item: Easy-WebPrint - Schnelldruck - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint - Vorschau - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Easy-WebPrint - Zu Druckliste hinzufügen - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Im Cache gespeicherte Seite - res://C:\Programme\Google\GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: In neuer Registerkarte im Hintergrund öffnen - res://C:\Programme\Windows Live Toolbar\Components\de-de\msntabres.dll.mui/229?60e651b478f342d6b49cfbc0800ee05f O8 - Extra context menu item: In neuer Registerkarte im Vordergrund öffnen - res://C:\Programme\Windows Live Toolbar\Components\de-de\msntabres.dll.mui/230?60e651b478f342d6b49cfbc0800ee05f O8 - Extra context menu item: Verweisseiten - res://C:\Programme\Google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Ähnliche Seiten - res://C:\Programme\Google\GoogleToolbar1.dll/cmsimilar.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\j2re1.4.2_03\bin\npjpi142_03.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\j2re1.4.2_03\bin\npjpi142_03.dll O9 - Extra button: (no name) - {09FE188B-6E85-479e-9411-51FB2220DF80} - (no file) O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Programme\Yahoo!\Messenger\YahooMessenger.exe O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Programme\Yahoo!\Messenger\YahooMessenger.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\programme\bonjour\mdnsnsp.dll O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{445DEA93-50E0-4608-80F4-4B9E1F2CC01E}: NameServer = 205.188.146.145 O17 - HKLM\System\CCS\Services\Tcpip\..\{55D5A97B-FE3F-4773-88C7-A719B0CE3B2C}: NameServer = 205.188.146.145 O17 - HKLM\System\CS1\Services\Tcpip\..\{445DEA93-50E0-4608-80F4-4B9E1F2CC01E}: NameServer = 205.188.146.145 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: dbgmgr - C:\WINDOWS\SYSTEM32\ifcmgr32.dll O20 - Winlogon Notify: odtemdt2 - C:\WINDOWS\system32\odtemdt2.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\ O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Workstation NetLogon Service ( 11Fßä#·ºÄÖ`I) - Unknown owner - C:\WINDOWS\system32\appxb.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Programme\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Programme\iPod\bin\iPodService.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: NBService - Nero AG - C:\Programme\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe O23 - Service: SAVScan - Unknown owner - C:\Programme\Norton Internet Security\Norton AntiVirus\SAVScan.exe (file missing) O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe |
01.06.2007, 15:39 | #2 |
| Großes Problem mit IEXPLORE.EXE Folgende Einträge mit HijackThis fixen( Nochmal scannen, haken in die Kästchen vor betreffende Einträge machen und "Fix checked" drücken ):
__________________O4 - HKLM\..\Run: [funk] funk.exe O4 - HKLM\..\Run: [atlkw.exe] C:\WINDOWS\system32\atlkw.exe O4 - HKLM\..\Run: [crdp32.exe] C:\WINDOWS\system32\crdp32.exe O4 - HKLM\..\Run: [Third window active this] C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Name Bait Third Window\Waiteq.exe O4 - HKLM\..\Run: [wndtray.exe] C:\WINDOWS\wndtray.exe s O4 - HKLM\..\Run: [idl32.exe] C:\WINDOWS\idl32.exe s O4 - HKLM\..\Run: [appwb.exe] C:\WINDOWS\appwb.exe O4 - HKLM\..\Run: [ifcdiag] C:\WINDOWS\system32\ifcconf.exe O4 - HKLM\..\Run: [appnr.exe] C:\WINDOWS\appnr.exe O4 - HKLM\..\Run: [atlfe32.exe] C:\WINDOWS\system32\atlfe32.exe O4 - HKLM\..\Run: [lich] lich.exe O4 - HKLM\..\Run: [links] links.exe O4 - HKLM\..\Run: [iexplore.exe] C:\Programme\Internet Explorer\iexplore.exe O8 - Extra context menu item: &Search - My Search Danach arbeitest du Combofix ab ( Im Abgesicherten Modus [ Durch rebooten und beim Bootvorgang "F8" drücken gelangst du in den Abesicherten Modus ) Anleitung Combofix Download Combofix Danach lässt du ebenfalls im abgesicherten Modus Spybot Search and Destroy durchlaufen (Mitsammt allen aktuellen Updates, die du dir vorher holst.) Alles rote löschen. Download danach machst du einen normalen neustart und erstellst ein neues Logfile ( Hijackthis ) Dieses postest du dann hier. Tut mir leid, aber deine Kiste ist so verdreckt, da mkuss man erst grobe Putzarbeit verrichten. |
01.06.2007, 17:13 | #3 | |
| Großes Problem mit IEXPLORE.EXE Hallo,
__________________@Win32/jeefo Zitat:
@Amilo Deinem Log fehlt der Kopf.Gibt es dafür einen guten Grund ? Hole das bitte nach,oder setze gleich neu auf.Das geht entschieden schneller ! Du reitest ein dermaßen totes Pferd....... Irrlicht |
01.06.2007, 18:01 | #4 |
| Großes Problem mit IEXPLORE.EXE Habe alles so gemacht wie von Win32/Jeefo beschrieben. Ein paar Sachen wurden entfernt , aber das Hauptproblem das ich beschrieben habe ist leider noch da... Hier der neue Log: Logfile of HijackThis v1.99.1 Scan saved at 18:55, on 2007-06-01 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe C:\Programme\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\System32\PAStiSvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\wanmpsvc.exe C:\WINDOWS\system32\SearchIndexer.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Programme\Java\j2re1.4.2_03\bin\jusched.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\SOUNDMAN.EXE C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe C:\Programme\Lexmark X1100 Series\lxbkbmgr.exe C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE C:\Programme\DAEMON Tools\daemon.exe C:\Programme\Lexmark X1100 Series\lxbkbmon.exe C:\Programme\iTunes\iTunesHelper.exe C:\Programme\QuickTime\qttask.exe C:\Programme\Winamp\winampa.exe C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe C:\Programme\Gemeinsame Dateien\AOL\1176997484\ee\AOLSoftware.exe C:\Programme\Unlocker\UnlockerAssistant.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\svchost.exe C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe C:\Programme\iPod\bin\iPodService.exe C:\Programme\AOL 9.0b\aoltray.exe C:\WINDOWS\system32\taskmgr.exe C:\Programme\madotate\madotate.exe C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe C:\WINDOWS\system32\wuauclt.exe C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexStoreSvr.exe C:\WINDOWS\system32\wuauclt.exe c:\progra~1\intern~1\iexplore.exe C:\Programme\Internet Explorer\iexplore.exe C:\Programme\AOL 9.0b\waol.exe C:\Programme\AOL 9.0b\shellmon.exe C:\Dokumente und Einstellungen\***\Desktop\Neuer Ordner (2)\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://de.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://de.search.yahoo.com O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll (file missing) O2 - BHO: Class - {03A3BAA1-D30D-1740-266D-DFB41175C0B6} - C:\WINDOWS\ntrd.dll (file missing) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: Class - {08484541-BCCD-C18F-32D6-EB815B6DEC10} - C:\WINDOWS\system32\ntim.dll (file missing) O2 - BHO: Class - {0CF480F1-257D-1A25-B315-E66C5C67677C} - C:\WINDOWS\sysxq32.dll (file missing) O2 - BHO: Class - {19AA31BF-1750-E89C-CB6E-11F9A6477CE9} - C:\WINDOWS\system32\d3ki32.dll O2 - BHO: Class - {1E9299A9-BF6A-EDA4-8182-44CC97B4CE96} - C:\WINDOWS\nthb32.dll (file missing) O2 - BHO: Class - {1EABA81C-2968-BCA1-3144-3C81DF7686E0} - C:\WINDOWS\system32\cryh.dll O2 - BHO: Class - {22FDEABC-8EB3-A5F1-D02C-CEB942AC6387} - C:\WINDOWS\system32\msaz32.dll O2 - BHO: Class - {263D02F9-1BD5-1743-9A90-F30CE927DC96} - C:\WINDOWS\apiof32.dll (file missing) O2 - BHO: Class - {27C69AB9-7058-A173-08CD-4881744A47E8} - C:\WINDOWS\system32\netop.dll O2 - BHO: Class - {28A68239-82F8-8D30-DC8C-F32FA43F4BF6} - C:\WINDOWS\system32\winpa.dll O2 - BHO: Class - {29094C8C-2B29-460F-F696-483BB24C0D75} - C:\WINDOWS\addrd32.dll (file missing) O2 - BHO: Class - {2D81EABA-6451-4C7C-3C50-B8A5D81AD9AB} - C:\WINDOWS\sdkwi.dll O2 - BHO: Class - {2ECC0E95-435F-646C-368F-766F51423169} - C:\WINDOWS\system32\crop32.dll O2 - BHO: Class - {2F81B0AE-8954-D01D-E50B-7FCBA7679003} - C:\WINDOWS\system32\ntds.dll O2 - BHO: Class - {32DAA6BE-6853-C120-02B0-7E948F785121} - C:\WINDOWS\system32\msjv.dll O2 - BHO: Class - {3992544B-E35C-E7B2-CC5E-542598989C13} - C:\WINDOWS\system32\apiuv.dll O2 - BHO: Class - {3EB92E28-EE9A-43B7-6D25-F4D8822B3138} - C:\WINDOWS\sysmh32.dll (file missing) O2 - BHO: Class - {4263150C-85E5-7432-04D3-FC91D0E2083A} - C:\WINDOWS\appyy32.dll (file missing) O2 - BHO: Class - {4A8FA403-6D03-3DF6-B04E-8F3E905BDA8C} - C:\WINDOWS\system32\apipb32.dll O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - C:\Programme\Need2Find\bar\1.bin\ND2FNBAR.DLL (file missing) O2 - BHO: Class - {510C09CC-B06A-EFC8-2E17-38F386848F3E} - C:\WINDOWS\crtl32.dll (file missing) O2 - BHO: Class - {513F26D2-529F-C72B-3DB2-BFE1824D6026} - C:\WINDOWS\system32\addqv.dll O2 - BHO: Class - {51E6232D-D6D8-0B28-FE18-2CDD5A3EB81A} - C:\WINDOWS\system32\appas32.dll O2 - BHO: Class - {522DCDB2-3199-3427-AF7A-5B84CDB03151} - C:\WINDOWS\system32\sysya.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Class - {565D9CD0-2D1B-B265-3401-B4D542904CEA} - C:\WINDOWS\system32\ntew32.dll O2 - BHO: Class - {5E6B4C95-6BEF-0CB7-4598-2570C18C2CE9} - C:\WINDOWS\system32\appne.dll O2 - BHO: Class - {63196008-394F-92A3-D468-B7F1C729D832} - C:\WINDOWS\system32\ntlb32.dll O2 - BHO: Class - {63FEB9FC-0CFF-19B6-22B8-41BEE619AC8D} - C:\WINDOWS\system32\ipbz.dll O2 - BHO: Class - {6671C461-7CCF-9AA0-86E0-D85FD407E962} - C:\WINDOWS\system32\mfcet32.dll O2 - BHO: Class - {6813A243-6455-01F2-5ABA-4D5390F9C114} - C:\WINDOWS\ipkq.dll (file missing) O2 - BHO: Class - {692CAE5A-4A45-E144-6735-C691484DAB07} - C:\WINDOWS\system32\sysnn32.dll O2 - BHO: Class - {6BFA37D8-ADF9-E5C1-1BA2-6D5FC51992FE} - C:\WINDOWS\netzs.dll O2 - BHO: Class - {70E8EDCB-E658-5238-0B7C-4032E35AADD5} - C:\WINDOWS\system32\ipnn32.dll O2 - BHO: Class - {75DB1C5D-4338-B2DA-7E2E-486E23737320} - C:\WINDOWS\system32\crnz.dll O2 - BHO: Class - {764788F7-270A-2065-77B9-E89626EE98D8} - C:\WINDOWS\system32\netxs.dll O2 - BHO: Class - {76551A46-3CFF-6B1B-D3B8-FBF43EA1977B} - C:\WINDOWS\sysns.dll O2 - BHO: Class - {7A9255F3-6C7E-1DF9-4197-04A41E0B4D35} - C:\WINDOWS\system32\apidh32.dll O2 - BHO: Class - {7C0FF55E-E9AE-F913-0FC2-E683C07B83BA} - C:\WINDOWS\system32\sysin.dll O2 - BHO: Class - {8391C5AE-D71D-1C39-7030-6A643F55B86D} - C:\WINDOWS\system32\addxg32.dll O2 - BHO: Class - {84A7FA6F-91FF-4596-D0F9-6EBB535B64A8} - C:\WINDOWS\d3ap.dll (file missing) O2 - BHO: Class - {850AB9B1-1258-DE09-759D-A5B88E566256} - C:\WINDOWS\ieer32.dll O2 - BHO: Class - {873458BD-F460-8C2C-C434-DA1479C9FA9D} - C:\WINDOWS\iemh32.dll O2 - BHO: Class - {8D2AB820-4792-EC0B-EEC6-7066F20405E7} - C:\WINDOWS\system32\atlpo.dll O2 - BHO: Class - {92606481-D877-8991-1150-67646D27BA88} - C:\WINDOWS\sysvu32.dll O2 - BHO: Class - {92B2D986-CF62-44F7-66D4-D1D7DD85E680} - C:\WINDOWS\mski.dll (file missing) O2 - BHO: Class - {94E2EE2C-7353-1954-E7DE-C8D3E86E1509} - C:\WINDOWS\ntug32.dll O2 - BHO: Class - {97ABFC94-0DCD-6F23-07CA-0397C1202816} - C:\WINDOWS\system32\ieic32.dll O2 - BHO: Class - {97B49D84-7652-41A1-A24E-3AC2CB7C0CCF} - C:\WINDOWS\system32\sdkes32.dll O2 - BHO: Class - {99368009-0A9B-D27D-477D-7DCB633E7E12} - C:\WINDOWS\msgt.dll (file missing) O2 - BHO: Class - {9A72E5B9-1D03-1F14-49AA-B52E51A50ABF} - C:\WINDOWS\system32\ntai.dll O2 - BHO: Class - {9ABA5138-8227-CC21-68F5-2ABC964FBA9C} - C:\WINDOWS\system32\javawe32.dll O2 - BHO: (no name) - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - (no file) O2 - BHO: Class - {9F1DF47B-EB7B-6789-0D82-E2A50C229205} - C:\WINDOWS\ntro.dll (file missing) O2 - BHO: Class - {A1A0A8B0-1426-AEE6-1AF3-A0AEC3BAA6FA} - C:\WINDOWS\appul.dll O2 - BHO: Class - {A1A5E364-E35E-3207-00BC-5BCD057C00C4} - C:\WINDOWS\addim.dll (file missing) O2 - BHO: Class - {A400880E-3B4B-F103-3D96-C2CBB123366D} - C:\WINDOWS\javahd32.dll O2 - BHO: Class - {A5B70C48-44FC-EE21-10FB-6B345BD9B634} - C:\WINDOWS\system32\mskh.dll O2 - BHO: Class - {A8A23479-ED9D-1E98-9D3B-BE5D9FF6BBE1} - C:\WINDOWS\netph.dll O2 - BHO: Class - {A989CF03-97C5-2ED8-BCEB-B1BB49B32314} - C:\WINDOWS\system32\ntci32.dll O2 - BHO: Class - {AA0E41C6-7850-AD03-4758-F830E674D570} - C:\WINDOWS\system32\javawp.dll O2 - BHO: Class - {AC5FBA74-3B09-DD85-9101-E3BA6AA5F315} - C:\WINDOWS\system32\iejx.dll O2 - BHO: Class - {AF0E6521-11D3-E910-5998-4ABEE4595D36} - C:\WINDOWS\nthe.dll O2 - BHO: Class - {AF4453A0-7DB2-2911-EE4F-0941EA0F1D4D} - C:\WINDOWS\netuf.dll O2 - BHO: Class - {AFF226D4-6484-3652-603F-005908E0DFD4} - C:\WINDOWS\javauq.dll (file missing) O2 - BHO: Class - {B3D73358-31BE-E57F-D1C6-0062ECF101F4} - C:\WINDOWS\syspu32.dll O2 - BHO: Class - {B9C08788-99E3-0FDE-627D-4CBCC68F6D36} - C:\WINDOWS\sysmv32.dll O2 - BHO: Class - {BAA30FC7-144C-D511-86B0-B4821F6A694B} - C:\WINDOWS\ipoj32.dll O2 - BHO: Class - {BC94F47E-FA75-F7AE-6982-DA5E61BD1650} - C:\WINDOWS\mscu.dll O2 - BHO: Class - {BCF7B860-1A55-E954-17E0-F2AC36525DF8} - C:\WINDOWS\javalz.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programme\Norton Internet Security\Norton AntiVirus\NavShExt.dll (file missing) O2 - BHO: Class - {BE1F0E63-6C92-5B58-E590-B7958EE995B7} - C:\WINDOWS\apive32.dll (file missing) O2 - BHO: Class - {BEE7E5D8-569A-9AC1-5C5F-875B2717BDB1} - C:\WINDOWS\system32\winth32.dll O2 - BHO: Class - {BEF00B51-738C-4232-D4D5-D51207153ADE} - C:\WINDOWS\system32\appls.dll O2 - BHO: Class - {C5933008-BD9D-D18E-FDF7-470E8C5B5132} - C:\WINDOWS\addns32.dll (file missing) O2 - BHO: Class - {C643F570-05B9-FEDB-D764-AC5B786D4B39} - C:\WINDOWS\system32\atlfa.dll O2 - BHO: Class - {CC53C364-0498-434A-F962-F0D884823228} - C:\WINDOWS\system32\ntix.dll O2 - BHO: Class - {CC76A8DE-4196-33A2-4D56-645061976E88} - C:\WINDOWS\system32\apiis32.dll O2 - BHO: Class - {CD104659-5CC2-29E7-33D3-57FFA736CDED} - C:\WINDOWS\system32\appyt32.dll O2 - BHO: Class - {CE678389-B1E9-4F6F-091A-C8A48544D7B4} - C:\WINDOWS\apppq32.dll O2 - BHO: Class - {D0D90AC7-FFCD-EA7E-B827-9D99D7655159} - C:\WINDOWS\system32\apiss.dll O2 - BHO: Class - {D9152034-827B-EB56-CE58-BDA675970AEB} - C:\WINDOWS\ntzf.dll (file missing) O2 - BHO: Class - {DA737FB7-D4AB-4D3C-5342-A991014AC8FA} - C:\WINDOWS\ipyz.dll O2 - BHO: Class - {DB64B283-BB07-8F6F-B9A9-8FB11BD47AD0} - C:\WINDOWS\system32\netkm32.dll O2 - BHO: Class - {DBBC70C2-63DD-CB69-E88B-B7DB341BA714} - C:\WINDOWS\system32\apisu32.dll O2 - BHO: Class - {DD570F33-30FC-DD2B-2D52-F5F01014766F} - C:\WINDOWS\system32\javamg32.dll O2 - BHO: Class - {E118F9B6-686E-47CF-3507-F787ADEDD0FF} - C:\WINDOWS\appla.dll (file missing) O2 - BHO: Class - {E2D6A434-202A-A2C9-09CC-F6A71EC6CBB4} - C:\WINDOWS\system32\netno.dll O2 - BHO: Class - {E2EE3398-3679-6B34-51F3-26F80A4F6FA2} - C:\WINDOWS\syszl32.dll (file missing) O2 - BHO: Class - {E738B04A-1963-CC45-FEB7-57FDF80D6F8D} - C:\WINDOWS\system32\mfcai32.dll O2 - BHO: Class - {E7D786C8-AEAE-75A3-E2AA-6242E4EDCBE4} - C:\WINDOWS\system32\addwc.dll O2 - BHO: Class - {EB6CA0F4-3A1C-6772-E64F-4A74CBFD30B5} - C:\WINDOWS\system32\cran32.dll O2 - BHO: Class - {EC341F61-0A1A-E928-100B-606855DB07DD} - C:\WINDOWS\system32\sdkwx32.dll O2 - BHO: Class - {EFC5B77D-89C3-A962-9A96-1C6818B08696} - C:\WINDOWS\system32\addni.dll O2 - BHO: Class - {F00846F6-794A-3935-C204-C7E078510F27} - C:\WINDOWS\netyu.dll O2 - BHO: Class - {F1983C20-5742-0E88-60CB-E8BD6E1204CA} - C:\WINDOWS\system32\syscu32.dll O2 - BHO: Class - {F24066EC-902B-5FD0-38BE-FCBA8F762791} - C:\WINDOWS\winqq32.dll O2 - BHO: Class - {F4625626-5DCB-AEB7-598A-486B27B92A72} - C:\WINDOWS\system32\syswv32.dll O2 - BHO: Class - {F5E5DE05-657F-880E-A52E-71E8CBCBA712} - C:\WINDOWS\ipwn32.dll (file missing) O2 - BHO: Class - {F7AAF518-F4CD-02BF-5C23-F0D9E2D6BD30} - C:\WINDOWS\system32\sdkkf.dll O2 - BHO: Class - {FA4788F1-4822-A986-4D3E-44B435C19A9C} - C:\WINDOWS\winaq32.dll (file missing) O2 - BHO: Class - {FA991F0E-1BD9-6EAD-EFEC-2317207D5E37} - C:\WINDOWS\apiwn32.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programme\Norton Internet Security\Norton AntiVirus\NavShExt.dll (file missing) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar1.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\j2re1.4.2_03\bin\jusched.exe O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AOLDialer] C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Programme\Lexmark X1100 Series\lxbkbmgr.exe" O4 - HKLM\..\Run: [Camera Detector] C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE -autorun O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Programme\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon O4 - HKLM\..\Run: [DAEMON Tools] "C:\Programme\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Programme\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -minimize O4 - HKLM\..\Run: [WinampAgent] C:\Programme\Winamp\winampa.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [RealTray] C:\Programme\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER O4 - HKLM\..\Run: [Glass2k] C:\Dokumente und Einstellungen\Eichwald\Desktop\Glass2k.exe O4 - HKLM\..\Run: [HostManager] C:\Programme\Gemeinsame Dateien\AOL\1176997484\ee\AOLSoftware.exe O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Programme\Unlocker\UnlockerAssistant.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [ifcdiag] C:\WINDOWS\system32\ifcconf.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Programme\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Programme\Yahoo!\Messenger\YahooMessenger.exe" -quiet O4 - HKCU\..\Run: [Google Desktop Search] "C:\Programme\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKCU\..\Run: [BitTorrent] "C:\Programme\BitTorrent\bittorrent.exe" --force_start_minimized O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [TIME RDR] C:\DOKUME~1\Eichwald\ANWEND~1\GPLAXI~1\barboptionhold.exe O4 - Startup: Madotate.lnk = C:\Programme\madotate\madotate.exe O4 - Startup: VisualTaskTips.lnk = C:\Programme\VisualTaskTips\VisualTaskTips.exe O4 - Global Startup: Adobe Gamma.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: AOL 9.0 Tray-Symbol.lnk = C:\Programme\AOL 9.0b\aoltray.exe O4 - Global Startup: GN-WPKG Utility.lnk = C:\Programme\Gigabyte\Gigabyte GN-WPKG Wireless PCI Adapter SoftAP\Installer\WINXP\RaConfig2500.exe O4 - Global Startup: Windows Desktop Search.lnk = C:\Programme\Windows Desktop Search\WindowsSearch.exe O8 - Extra context menu item: &Google-Suche - res://C:\Programme\Google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: &Ins Deutsche übersetzen - res://C:\Programme\Google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: Easy-WebPrint - Drucken - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O8 - Extra context menu item: Easy-WebPrint - Schnelldruck - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint - Vorschau - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Easy-WebPrint - Zu Druckliste hinzufügen - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Im Cache gespeicherte Seite - res://C:\Programme\Google\GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: In neuer Registerkarte im Hintergrund öffnen - res://C:\Programme\Windows Live Toolbar\Components\de-de\msntabres.dll.mui/229?60e651b478f342d6b49cfbc0800ee05f O8 - Extra context menu item: In neuer Registerkarte im Vordergrund öffnen - res://C:\Programme\Windows Live Toolbar\Components\de-de\msntabres.dll.mui/230?60e651b478f342d6b49cfbc0800ee05f O8 - Extra context menu item: Verweisseiten - res://C:\Programme\Google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Ähnliche Seiten - res://C:\Programme\Google\GoogleToolbar1.dll/cmsimilar.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\j2re1.4.2_03\bin\npjpi142_03.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\j2re1.4.2_03\bin\npjpi142_03.dll O9 - Extra button: (no name) - {09FE188B-6E85-479e-9411-51FB2220DF80} - (no file) O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\programme\bonjour\mdnsnsp.dll O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{445DEA93-50E0-4608-80F4-4B9E1F2CC01E}: NameServer = 205.188.146.145 O17 - HKLM\System\CCS\Services\Tcpip\..\{55D5A97B-FE3F-4773-88C7-A719B0CE3B2C}: NameServer = 205.188.146.145 O17 - HKLM\System\CS1\Services\Tcpip\..\{445DEA93-50E0-4608-80F4-4B9E1F2CC01E}: NameServer = 205.188.146.145 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: dbgmgr - C:\WINDOWS\SYSTEM32\ifcmgr32.dll O20 - Winlogon Notify: odtemdt2 - C:\WINDOWS\system32\odtemdt2.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\ O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Programme\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Programme\iPod\bin\iPodService.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: NBService - Nero AG - C:\Programme\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe O23 - Service: SAVScan - Unknown owner - C:\Programme\Norton Internet Security\Norton AntiVirus\SAVScan.exe (file missing) O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe |
01.06.2007, 18:25 | #5 |
| Großes Problem mit IEXPLORE.EXE Lieber Amilo. Bitte setze dein System neu auf. Es hat einfach keinen Sinn mehr. Einen so verseuchten Log sieht man selten |
Themen zu Großes Problem mit IEXPLORE.EXE |
adobe, antivirus, bho, bonjour, canon, components, computer, desktop, einstellungen, gigabyte, google, hijack, hotkey, icq, iexplore.exe, internet, internet explorer, internet security, locker, log, log-file, löschen, microsoft, ordner, pc lahm, problem, programme, security, symantec, system, torrent.exe, unknown file in winsock lsp, urlsearchhook, windows |