| Albert46 | 16.09.2005 16:18 |
Problem mit Notebook
Hi @ all,
ich glaube, ich habe da ein dickes Problem auf meinem Notebook.
Ich bin dankbar für jede Hilfe.
Hier ist ein Hijackthis Log:
Logfile of HijackThis v1.99.0
Scan saved at 12:37:31, on 14.09.2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe
C:\Programme\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Programme\Synaptics\SynTP\SynTPLpr.exe
C:\Programme\Synaptics\SynTP\SynTPEnh.exe
C:\Programme\Dell\QuickSet\quickset.exe
C:\Programme\Dell\AccessDirect\dadapp.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe
C:\Programme\Dell\AccessDirect\DadTray.exe
C:\Programme\T-Online\T-Online_Software_5\Basis-Software\Basis1\ToADiMon.exe
C:\Programme\ISTsvc\istsvc.exe
C:\WINDOWS\twknjoy.exe
C:\Program Files\Internet Optimizer\optimize.exe
C:\programme\180solutions\sais.exe
C:\Programme\BullsEye Network\bin\bargains.exe
C:\Programme\Web_Rebates\WebRebates0.exe
C:\Program Files\Windows ControlAd\WinCtlAd.exe
C:\WINDOWS\ABox.exe
C:\WINDOWS\logon.exe
C:\Program Files\Windows ControlAd\WinCtlAdAlt.exe
C:\Program Files\AdTools Service\AdTools.exe
C:\Program Files\Internet Optimizer\actalert.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\AdTools Service\AdToolsKeep.exe
C:\Programme\Messenger\msmsgs.exe
C:\Programme\Telekom\Eumex 724PC DSL\CapiCtrl.exe
C:\Programme\Telekom\Eumex 724PC DSL\HNetCtrl.exe
C:\Programme\Telekom\Eumex 724PC DSL\RouterCtrl.exe
C:\Programme\Web_Rebates\WebRebates1.exe
E:\hijackthis\HijackThis.exe
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: BHObj Class - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - C:\WINDOWS\nem220.dll
O2 - BHO: (no name) - {1D7E3B41-23CE-469B-BE1B-A64B877923E1} - C:\PROGRA~1\SEARCH~2\SEARCH~1.DLL
O2 - BHO: BHObj Class - {8F4E5661-F99E-4B3E-8D85-0EA71C0748E4} - C:\WINDOWS\wsem302.dll
O2 - BHO: BAHelper Class - {A3FDD654-A057-4971-9844-4ED8E67DBBB8} - C:\Programme\SideFind\sfbho13.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar1.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programme\Norton AntiVirus\NavShExt.dll
O2 - BHO: ADP UrlCatcher Class - {F4E04583-354E-4076-BE7D-ED6A80FD66DA} - C:\WINDOWS\System32\msbe.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programme\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: ISTbar - {5F1ABCDB-A875-46c1-8345-B72A4567E486} - C:\PROGRA~1\ISTbar\istbar.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Programme\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Programme\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [DadApp] C:\Programme\Dell\AccessDirect\dadapp.exe
O4 - HKLM\..\Run: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [ToADiMon.exe] C:\Programme\T-Online\T-Online_Software_5\Basis-Software\Basis1\ToADiMon.exe -TOnlineAutodialStart
O4 - HKLM\..\Run: [routcnf] C:\Programme\Telekom\Eumex 724PC DSL\routcnf.exe
O4 - HKLM\..\Run: [blah service] msnmsgrr.exe
O4 - HKLM\..\Run: [IExplorer32 Java Scripting] IExplore32b.exe
O4 - HKLM\..\Run: [IExplorer32c Java Scripting] IExplore32cb.exe
O4 - HKLM\..\Run: [NvCplScan] nvsc32.exe
O4 - HKLM\..\Run: [IST Service] C:\Programme\ISTsvc\istsvc.exe
O4 - HKLM\..\Run: [tucd] C:\WINDOWS\twknjoy.exe
O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe"
O4 - HKLM\..\Run: [sais] c:\programme\180solutions\sais.exe
O4 - HKLM\..\Run: [yrkbir] C:\WINDOWS\yrkbir.exe
O4 - HKLM\..\Run: [BullsEye Network] C:\Programme\BullsEye Network\bin\bargains.exe
O4 - HKLM\..\Run: [WebRebates0] "C:\Programme\Web_Rebates\WebRebates0.exe"
O4 - HKLM\..\Run: [Windows ControlAd] C:\Program Files\Windows ControlAd\WinCtlAd.exe
O4 - HKLM\..\Run: [¢‰¸u0–4C
�}ïÁz�î�[�8C:\Programme\ISTsvc\istsvc.exe] C:\WINDOWS\twknjoy.exe
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [ABox] C:\WINDOWS\ABox.exe
O4 - HKLM\..\Run: [WinLogon] C:\WINDOWS\logon.exe
O4 - HKLM\..\Run: [¢‰¸u0Ô@ÔÁß]§ú"�ü‰üžiC:\Programme\ISTsvc\istsvc.exe] C:\WINDOWS\twknjoy.exe
O4 - HKLM\..\Run: [¢‰¸u0Ô@ÔÁß]§ú"�ü‰¸K0C:\Programme\ISTsvc\istsvc.exe] C:\WINDOWS\twknjoy.exe
O4 - HKLM\..\Run: [AdTools Service] C:\Program Files\AdTools Service\AdTools.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [¢‰¸K0¨4W
�}ïÁz�î�[�8C:\Programme\ISTsvc\istsvc.exe] C:\WINDOWS\twknjoy.exe
O4 - HKLM\..\Run: [¢‰¸K0¨4W
�}ïÁz�îžigÝC:\Programme\ISTsvc\istsvc.exe] C:\WINDOWS\twknjoy.exe
O4 - HKLM\..\Run: [¢‰¸K0Ô@ÔÁß]§ú"�ü‰üžiC:\Programme\ISTsvc\istsvc.exe] C:\WINDOWS\twknjoy.exe
O4 - HKLM\..\Run: [¢‰¸K0ÔÁß]§ú"�ü‰üžigÝC:\Programme\ISTsvc\istsvc.exe] C:\WINDOWS\twknjoy.exe
O4 - HKLM\..\Run: [¢‰¸K0Ô@ÔÁß]§ú"�ü‰¸K0C:\Programme\ISTsvc\istsvc.exe] C:\WINDOWS\twknjoy.exe
O4 - HKLM\..\RunServices: [blah service] msnmsgrr.exe
O4 - HKLM\..\RunServices: [IExplorer32 Java Scripting] IExplore32b.exe
O4 - HKLM\..\RunServices: [IExplorer32c Java Scripting] IExplore32cb.exe
O4 - HKLM\..\RunServices: [NvCplScan] nvsc32.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msdev] msdev.exe
O4 - HKCU\..\Run: [IExplorer32 Java Scripting] IExplore32b.exe
O4 - HKCU\..\Run: [IExplorer32c Java Scripting] IExplore32cb.exe
O4 - HKCU\..\Run: [NvCplScan] nvsc32.exe
O4 - Global Startup: CAPIControl.lnk = ?
O4 - Global Startup: HomeNet Control.lnk = ?
O4 - Global Startup: RouterControl.lnk = ?
O8 - Extra context menu item: &Google Search - res://C:\Programme\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Im Cache gespeicherte Seite - res://C:\Programme\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Verweisseiten - res://C:\Programme\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Web Rebates - file://C:\Programme\Web_Rebates\Sy1150\Tp1150\scri1150a.htm
O8 - Extra context menu item: Ähnliche Seiten - res://C:\Programme\Google\GoogleToolbar1.dll/cmsimilar.html
O9 - Extra button: SideFind - {10E42047-DEB9-4535-A118-B3F6EC39B807} - C:\Programme\SideFind\sidefind13.dll
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O16 - DPF: {00000000-0000-0000-0000-000020040000} - ***207.234.185.217/ABoxInst_int4.exe
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - ***public.windupdates.com/get_file.php?bt=ie&p=1e82aba168c4c865711e3aae98420f431142c71b016514cb0ff99d582b859ea4912aae8ce6dccdd89e45e1b1f23a72dbba676482ec7adc7045ec9fe9492e85293 8:685aa3d566974fee79b844b3bca43e7d
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - ***v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1099598730964
O16 - DPF: {91433D86-9F27-402C-B5E3-DEBDD122C339} - ***netvenda.com/sites/games-intl/de/games4.cab
O16 - DPF: {9E98E84C-79E1-49C3-82EB-798FCD552EFB} (VacPro.internazionale_ver4) - ***advnt01.com/dialer/internazionale_ver4.CAB
O16 - DPF: {AD0B8220-7DA4-4C0A-8532-B25A9F631D3D} (VacPro.internazionale_ver10) - ***advnt01.com/dialer/internazionale_ver10.CAB
O18 - Filter: text/html - {9CA7909C-1BF3-4D2F-B65C-384FD5C4D2AF} - C:\Dokumente und Einstellungen\Christoph\Lokale Einstellungen\Anwendungsdaten\microsoft\internet explorer\V0.26.dat
O23 - Service: Symantec Event Manager - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccPwdSvc.exe
O23 - Service: Norton AntiVirus Auto-Protect-Dienst - Symantec Corporation - C:\Programme\Norton AntiVirus\navapsvc.exe
O23 - Service: NvCplScan - Unknown - C:\WINDOWS\System32\nvsc32.exe (file missing)
O23 - Service: ScriptBlocking Service - Symantec Corporation - C:\PROGRA~1\GEMEIN~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: WLTRYSVC - Unknown - C:\WINDOWS\System32\wltrysvc.exe C:\WINDOWS\System32\bcmwltry.exe (file missing)
O23 - Service: ZESOFT - Unknown - C:\WINDOWS\zeta.exe
Log-Ende
[edit]
links entfernt
[/edit] | 