Boah scheiß Spam Virus :'( Help pls.
Hi also ich bekomm immer so nen scheiß : Microsoft Network Information.
Und irgendwie blockt meine Firewall (Norton Internet Security 2005) jetzt auch den Ie .
Hier mal meine Logfile : Zitat:
Logfile of HijackThis v1.98.2
Scan saved at 15:21:43, on 03.03.2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\TGTSoft\StyleXP\StyleXPService.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe
C:\Programme\Stardock\Object Desktop\WindowBlinds\wbload.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccProxy.exe
C:\Programme\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\Dit.exe
C:\WINDOWS\System32\RunDll32.exe
C:\WINDOWS\DitExp.exe
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
C:\Programme\Logitech\MouseWare\system\em_exec.exe
C:\WINDOWS\logon.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Programme\Norton Internet Security\Norton AntiVirus\SAVScan.exe
C:\Programme\Winamp\winampa.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\WINDOWS\system32\ps2.exe
C:\WINDOWS\iau.exe
C:\WINDOWS\stisvsq.exe
C:\WINDOWS\msqdevl.exe
C:\WINDOWS\lssas.exe
C:\WINDOWS\mservice.exe
C:\Programme\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Programme\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Programme\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Programme\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\WINDOWS\svshost.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\Messenger\msmsgs.exe
C:\Programme\HijackThis\HijackThis.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://de8.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://de8.hpwis.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = https://
R3 - Default URLSearchHook is missing
O2 - BHO: CDownCom Class - {031B6D43-CBC4-46A5-8E46-CF8B407C1A33} - C:\WINDOWS\Downloaded Program Files\ipreg32.dll (disabled by BHODemon)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {ED103D9F-3070-4580-AB1E-E5C179C1AE41} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [StorageGuard] "C:\Programme\Gemeinsame Dateien\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [xVr.exe] C:\dokumente und einstellungen\baal\lokale einstellungen\temp\xVr.exe
O4 - HKLM\..\Run: [cyberfree.exe] C:\DOKUME~1\Baal\LOKALE~1\Temp\fikf.dat
O4 - HKLM\..\Run: [vostok] C:\WINDOWS\EDialers\34-1-59-4-vostok-.exe !m
O4 - HKLM\..\Run: [CloneCDTray] "C:\Programme\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [international] C:\WINDOWS\EDialers\2-1-2-2-international-89746_7.exe !m
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [WinLogon] C:\WINDOWS\logon.exe
O4 - HKLM\..\Run: [Windows ControlAd] C:\Program Files\Windows ControlAd\WinCtlAd.exe
O4 - HKLM\..\Run: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Programme\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [Win32 USB2 Driver] winsnd32.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Programme\Winamp\winampa.exe
O4 - HKLM\..\Run: [mswspl] C:\DOKUME~1\Baal\LOKALE~1\Temp\searchbarcash.exe
O4 - HKLM\..\Run: [Md] C:\dokumente und einstellungen\baal\lokale einstellungen\temp\Md.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Admilli Service] C:\Program Files\Admilli Service\AdmilliServ.exe
O4 - HKLM\..\Run: [Md.exe] C:\dokumente und einstellungen\baal\lokale einstellungen\temp\Md.exe
O4 - HKLM\..\Run: [Openwares LiveUpdate] C:\Program Files\LiveUpdate\LiveUpdate.exe
O4 - HKLM\..\Run: [XPSP2 Firewall] C:\WINDOWS\system32\xpsp2fw.exe
O4 - HKLM\..\Run: [Admanager Controller] C:\Program Files\Admanager Controller\AdManCtl.exe
O4 - HKLM\..\Run: [AdStatus Service] C:\Program Files\AdStatus Service\AdStatServ.exe
O4 - HKLM\..\Run: [loader32] C:\Dokumente und Einstellungen\Baal\Anwendungsdaten\SysDown\sys00604.exe
O4 - HKLM\..\Run: [Windows AdStatus] C:\Program Files\Windows AdStatus\WinStat.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [AdTools Service] C:\Program Files\AdTools Service\AdTools.exe
O4 - HKLM\..\Run: [doit.exe] doit.exe
O4 - HKLM\..\Run: [Preview AdService] C:\Program Files\Preview AdService\PrevAdServ.exe
O4 - HKLM\..\Run: [Microsoft Internet Acceleration Utility] iau.exe
O4 - HKLM\..\Run: [Internet Connection Wizard] stisvsq.exe
O4 - HKLM\..\Run: [Games Acceleration] svshost.exe
O4 - HKLM\..\Run: [Internet Mail and News] msqdevl.exe
O4 - HKLM\..\Run: [Microsoft Management Console] lssas.exe
O4 - HKLM\..\Run: [Multimedia extensions] mservice.exe
O4 - HKLM\..\RunServices: [Win32 USB2 Driver] winsnd32.exe
O4 - HKLM\..\RunServices: [doit.exe] doit.exe
O4 - HKCU\..\Run: [STYLEXP] C:\Programme\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [Win32 USB2 Driver] winsnd32.exe
O4 - HKCU\..\Run: [Aatm] C:\Dokumente und Einstellungen\Baal\Anwendungsdaten\tnrp.exe
O4 - HKCU\..\Run: [Windows Update Client ] C:\WINDOWS\system32\wuclient.exe
O4 - HKCU\..\Run: [Internet Download Accelerator] C:\Programme\IDA\ida.exe -autorun
O4 - HKCU\..\Run: [doit.exe] doit.exe
O4 - HKCU\..\Run: [Microsoft Internet Acceleration Utility] iau.exe
O4 - HKCU\..\Run: [Internet Connection Wizard] stisvsq.exe
O4 - HKCU\..\Run: [Games Acceleration] svshost.exe
O4 - HKCU\..\Run: [Internet Mail and News] msqdevl.exe
O4 - HKCU\..\Run: [Microsoft Management Console] lssas.exe
O4 - HKCU\..\Run: [Multimedia extensions] mservice.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Programme\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O9 - Extra button: Preispiraten 2.1.2 - {86DE8B3B-1EB7-4386-84BD-EBE94348A913} - C:\Programme\Preispiraten\Preispiraten2\preispiraten2ie.exe
O9 - Extra button: (no name) - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - (no file)
O9 - Extra button: Corel Network monitor worker - {ECE38E31-4B66-4673-9AB3-C4D2A144DD9A} - (no file)
O9 - Extra 'Tools' menuitem: Corel Network monitor worker - {ECE38E31-4B66-4673-9AB3-C4D2A144DD9A} - (no file)
O9 - Extra button: Klicke hier um das Projekt xp-AntiSpy zu unterstützen - {885D784D-3796-43D6-A5E0-7A435D98B530} - C:\Programme\xp-AntiSpy\sponsoring\sponsor.html (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Unterstützung für xp-AntiSpy - {885D784D-3796-43D6-A5E0-7A435D98B530} - C:\Programme\xp-AntiSpy\sponsoring\sponsor.html (file missing) (HKCU)
O9 - Extra button: Corel Network monitor worker - {ECE38E31-4B66-4673-9AB3-C4D2A144DD9A} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Corel Network monitor worker - {ECE38E31-4B66-4673-9AB3-C4D2A144DD9A} - (no file) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://de7.hpwis.com
O16 - DPF: RaptisoftGameLoader - http://www.miniclip.com/hamsterball/raptisoftgameloader.cab
O16 - DPF: {00000000-0000-0000-0000-000020040000} - http://207.234.185.217/ABoxInst_int3.exe
O16 - DPF: {12E5E9D9-4366-45D9-BA41-D0BCD55AD8CF} - http://17.sharedsource.org/html/NrsgroupUD_1.0.0.3ie.cab?
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cab
O16 - DPF: {40BF816B-D862-41B9-9445-ECA36D5F67F9} (Flatcast Viewer 4.12) - http://www.1mal1.com/flatcast/NpFv412.dll
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/1761bc38a9e10efd3806/netzip/RdxIE601_de.cab
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/20040428/qtinstall.info.apple.com/saba/de/win/QuickTimeInstaller.exe
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall-Kontrolle) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab
O16 - DPF: {D67AC55A-B750-41A4-BEE6-020E017A7996} - http://install.cokemusic.de/client/pc/MY-PLAYLIST-WEBINSTALLER_loader.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{ED003700-6E7A-445D-9442-8DDA2820BF53}: NameServer = 213.191.92.86 213.191.74.19
| Hoffe ihr könnt mir schnell helfen ich kann nämlich gar nichts machen und es is soo langweilig :heulen:
Fg Hydro | 