Trojaner-Board - start page = new-search.net ?

Hi,

Als nuB würde ich sagen, das net-search und keyword-zeugs kann weg ?!??!!?
Und was ist mit msdxm.ocx ?

daRe verneigt sich.
Code:
Logfile of HijackThis v1.99.0

Scan saved at 21:09:53, on 20.12.2004

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Programme\AVPersonal\AVGNT.EXE

C:\WINDOWS\System32\m?iexec.exe

C:\Programme\AVPersonal\AVGUARD.EXE

C:\Programme\AVPersonal\AVWUPSRV.EXE

C:\Programme\Cisco Systems\VPN Client\cvpnd.exe

C:\Programme\Kerio\Personal Firewall 4\kpf4ss.exe

C:\WINDOWS\System32\nvsvc32.exe

C:\WINDOWS\System32\svchost.exe

C:\Programme\Kerio\Personal Firewall 4\kpf4gui.exe

C:\WINDOWS\System32\wuauclt.exe

C:\Programme\Kerio\Personal Firewall 4\kpf4gui.exe

C:\Programme\Mozilla1.7.3\mozilla.exe

C:\Programme\WinRAR\WinRAR.exe

C:\DOKUME~1\Alle\LOKALE~1\Temp\Rar$EX00.484\HijackThis.exe

C:\WINDOWS\System32\wuauclt.exe
 

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://keyword.de.netscape.com/keyword/%s

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://new-search.net/index.php?v=6&aff=0

R3 - Default URLSearchHook is missing

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe

O4 - HKLM\..\Run: [AVGCtrl] C:\Programme\AVPersonal\AVGNT.EXE /min

O4 - HKCU\..\Run: [Tnqpi] C:\WINDOWS\System32\m?iexec.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office\OSA9.EXE

O15 - Trusted Zone: *.skoobidoo.com

O15 - Trusted Zone: *.windupdates.com

O15 - Trusted Zone: *.skoobidoo.com (HKLM)

O15 - Trusted Zone: *.windupdates.com (HKLM)

O15 - Trusted IP range: 209.8.20.130

O15 - Trusted IP range:  (HKLM)

O16 - DPF: {14A3221B-1678-1982-A355-7263B1281987} - ms-its:mhtml:file://C:\foo.mht!http://82.179.166.145/x15.chm::/trs15.exe

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.co...?1098785293343

O23 - Service: AntiVir Service - H+BEDV Datentechnik GmbH - C:\Programme\AVPersonal\AVGUARD.EXE

O23 - Service: AntiVir Update - H+BEDV Datentechnik GmbH, Germany - C:\Programme\AVPersonal\AVWUPSRV.EXE

O23 - Service: Cisco Systems, Inc. VPN Service - Cisco Systems, Inc. - C:\Programme\Cisco Systems\VPN Client\cvpnd.exe

O23 - Service: Kerio Personal Firewall 4 - Kerio Technologies - C:\Programme\Kerio\Personal Firewall 4\kpf4ss.exe

O23 - Service: NVIDIA Driver Helper Service - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe