Problem wie ChrissiBisse |
||
---|---|---|
#0
| ||
17.08.2004, 14:40
...neu hier
Beiträge: 1 |
||
|
||
17.08.2004, 16:18
Ehrenmitglied
Beiträge: 29434 |
#2
Hallo @Perschi
#Deaktiviere die Wiederherstellung http://service1.symantec.com/SUPPORT/INTER/tsgeninfointl.nsf/gdocid/20030807105707924 fixe(danach sofort neustarten) R1 - HKCU\Software\Microsoft\Internet Explorer,SearchAssistant = http://www.sharempeg.com/find/ R1 - HKCU\Software\Microsoft\Internet Explorer,CustomizeSearch = http://www.sharempeg.com/find/ R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://aifind.inf/?id=54 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://0cj.net/cat R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://0cj.net/cat R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://0cj.net/cat R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = file://C:\DOKUME~1\Thorsti\LOKALE~1\Temp\sp.html R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://0cj.net/srchasst.html R1 - HKCU\Software\Microsoft\Internet Explorer\Search,(Default) = http://0cj.net/srchasst.html R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = file://C:\DOKUME~1\Thorsti\LOKALE~1\Temp\sp.html R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://0cj.net/srchasst.html R1 - HKLM\Software\Microsoft\Internet Explorer\Search,(Default) = http://0cj.net/srchasst.html R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://0cj.net/cat R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://jvlbwr.t.muxa.cc/h.php?aid=420 (obfuscated) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank R3 - URLSearchHook: (no name) - _{00D6A7E7-4A97-456f-848A-3B75BF7554D7} - (no file) R3 - URLSearchHook: PerfectNavBHO Class - {00D6A7E7-4A97-456f-848A-3B75BF7554D7} - C:\PROGRA~1\PERFEC~1\BHO\PERFEC~1.DLL O1 - Hosts: 198.65.164.171 ehttp.cc O1 - Hosts: 198.65.164.168 winlink.biz O1 - Hosts: 198.65.164.168 winlink.ws O1 - Hosts: 198.65.164.168 ad45.com O1 - Hosts: 198.65.164.168 www.ad45.com O1 - Hosts: 198.65.164.168 ad77.com O1 - Hosts: 198.65.164.168 www.ad77.com O1 - Hosts: 198.65.164.168 ad86.com O1 - Hosts: 198.65.164.168 www.ad86.com O1 - Hosts: 198.65.164.168 ad25.com O1 - Hosts: 198.65.164.168 www.ad25.com O1 - Hosts: 198.65.164.168 00hq.com O1 - Hosts: 198.65.164.168 www.00hq.com O1 - Hosts: 198.65.164.168 8ad.com O1 - Hosts: 198.65.164.168 www.8ad.com O1 - Hosts: 198.65.164.168 searchv.com O1 - Hosts: 198.65.164.168 www.searchv.com O1 - Hosts: 198.65.164.168 008k.com O1 - Hosts: 198.65.164.168 www.008k.com O1 - Hosts: 198.65.164.170 achea.org O1 - Hosts: 198.65.164.170 www.efinder.cc O1 - Hosts: 198.65.164.170 lop.com O1 - Hosts: 198.65.164.170 finder2003.com O1 - Hosts: 198.65.164.170 www.search-aid.com O1 - Hosts: 198.65.164.170 www.search2004.net O1 - Hosts: 198.65.164.170 www.hugesearch.net O1 - Hosts: 198.65.164.170 luckyfinder.com O1 - Hosts: 198.65.164.170 luckysearch.net O1 - Hosts: 198.65.164.170 kitasearch.com O1 - Hosts: 198.65.164.170 www.orbitexplorer.com O1 - Hosts: 198.65.164.170 www.sqwire.com O1 - Hosts: 198.65.164.170 www.traffichog.com O1 - Hosts: 198.65.164.170 allneedsearch.com O1 - Hosts: 198.65.164.170 www.yellow500.com O1 - Hosts: 198.65.164.170 www.008i.com O1 - Hosts: 198.65.164.170 www.opsex.com O1 - Hosts: 198.65.164.170 www.onlysex.ws O1 - Hosts: 198.65.164.170 www.7days.ws O1 - Hosts: 198.65.164.170 www.xsex.ws O1 - Hosts: 198.65.164.170 www.6o9.com O1 - Hosts: 198.65.164.170 search-company.com O1 - Hosts: 198.65.164.170 www.700k.com O1 - Hosts: 198.65.164.170 www.hotbookmark.com O1 - Hosts: 198.65.164.170 www.runsearch.com O1 - Hosts: 198.65.164.170 runsearch.com O1 - Hosts: 198.65.164.170 www.search-about.net O1 - Hosts: 198.65.164.170 go-all.com O1 - Hosts: 198.65.164.170 go-acct.com O1 - Hosts: 198.65.164.170 get-faster.com O1 - Hosts: 198.65.164.170 get-data.net O1 - Hosts: 198.65.164.170 get-certified.net O1 - Hosts: 198.65.164.170 get-access.com O1 - Hosts: 198.65.164.170 000info.com O1 - Hosts: 198.65.164.170 0-days.net O1 - Hosts: 198.65.164.170 0-2u.com O1 - Hosts: 198.65.164.170 0-29.com O1 - Hosts: 198.65.164.170 alfaporn.com O1 - Hosts: 198.65.164.170 i-lookup.com O1 - Hosts: 198.65.164.170 www.alfa-search.com O1 - Hosts: 198.65.164.170 www.dotcomtoolbar.com O1 - Hosts: 198.65.164.170 toteen.com O1 - Hosts: 198.65.164.170 www.find-itnow.com O1 - Hosts: 198.65.164.170 www.mixedporno.com O1 - Hosts: 198.65.164.170 eliteteensites.com O1 - Hosts: 198.65.164.170 newsexgate.com O1 - Hosts: 198.65.164.170 www.newsexgate.com O1 - Hosts: 198.65.164.170 uuporn.com O1 - Hosts: 198.65.164.170 www.uuporn.com O1 - Hosts: 198.65.164.170 hardcorevibe.com O1 - Hosts: 198.65.164.170 www.hardcorevibe.com O1 - Hosts: 198.65.164.170 overmix.com O1 - Hosts: 198.65.164.170 www.overmix.com O1 - Hosts: 198.65.164.170 theadultgate.com O1 - Hosts: 198.65.164.170 www.theadultgate.com O1 - Hosts: 198.65.164.170 hornygate.com O1 - Hosts: 198.65.164.170 www.hornygate.com O1 - Hosts: 198.65.164.170 sexxx-start.com O1 - Hosts: 198.65.164.170 www.sexxx-start.com O1 - Hosts: 198.65.164.170 logtoporn.com O1 - Hosts: 198.65.164.170 www.logtoporn.com O1 - Hosts: 198.65.164.170 3xpower.com O1 - Hosts: 198.65.164.170 www.3xpower.com O1 - Hosts: 198.65.164.170 start-search.com O1 - Hosts: 198.65.164.170 www.lookfor.cc O1 - Hosts: 198.65.164.170 www.hotsearchbox.com O1 - Hosts: 198.65.164.170 ie-search.com O1 - Hosts: 198.65.164.170 www.search-1.net O1 - Hosts: 198.65.164.170 swift-look.com O1 - Hosts: 198.65.164.170 www.swift-look.com O1 - Hosts: 198.65.164.170 www.search2525.com O1 - Hosts: 198.65.164.170 www.sureseeker.com O1 - Hosts: 198.65.164.170 www.searchmeup.com O1 - Hosts: 198.65.164.170 www.statblaster.com O1 - Hosts: 198.65.164.170 www.day4sex.com O1 - Hosts: 198.65.164.170 day4sex.com O1 - Hosts: 198.65.164.170 www.seek-porn.com O1 - Hosts: 198.65.164.170 seek-porn.com O1 - Hosts: 198.65.164.170 freexxxplace.com O1 - Hosts: 198.65.164.170 www.freexxxplace.com O1 - Hosts: 198.65.164.170 worldmpeg.com O1 - Hosts: 198.65.164.170 www.worldmpeg.com O2 - BHO: MxTargetObj Class - {0000607D-D204-42C7-8E46-216055BF9918} - C:\WINDOWS\mxTarget.dll O2 - BHO: NavErrRedir Class - {00D6A7E7-4A97-456f-848A-3B75BF7554D7} - C:\PROGRA~1\PERFEC~1\BHO\PERFEC~1.DLL O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - C:\Programme\MyWay\myBar\1.bin\MYBAR.DLL O2 - BHO: (no name) - {16D393E2-DF37-455B-B0F7-60DF89401A63} - (no file) O2 - BHO: Activater - {1E1B2879-88FF-11D2-8D96-D7ACAC95951F} - C:\Programme\CommonName\Toolbar\CNBarIE.dll O2 - BHO: MyObj Class - {275636E4-A535-4668-9FF1-86DC0C62D446} - C:\WINDOWS\madopew.dll O2 - BHO: winlink module - {6CC1C91A-AE8B-4373-A5B4-28BA1851E39A} - (no file) O2 - BHO: (no name) - {9C691A33-7DDA-4C2F-BE4C-C176083F35CF} - (no file) O2 - BHO: BabeIE - {A6475E6B-3C2E-4B1F-82FD-8F1C0B1D8AD0} - C:\Programme\CommonName\Toolbar\BabeIE.dll O2 - BHO: ICOO Loader BHO - {B9D90B27-AD4A-413a-88CB-3E6DDC10DC2D} - (no file) O2 - BHO: (no name) - {C6F60183-539A-463D-A60E-6F61C287306F} - (no file) O2 - BHO: IEHlprObj Class - {CE7C3CF0-4B15-11D1-ABED-709549C10000} - C:\WINDOWS\system32\StopzillaBH0.dll O3 - Toolbar: CommonName - {A3E3F04C-F98C-4295-95EF-41C57425B077} - C:\Programme\CommonName\Toolbar\CNBarIE.dll O3 - Toolbar: &SearchBar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - C:\Programme\MyWay\myBar\1.bin\MYBAR.DLL O4 - HKCU\..\Run: [winlogon] c:\windows\winlogon.exe O4 - Global Startup: CAPIControl.lnk = ? O4 - Global Startup: HomeNet Control.lnk = ? O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot O8 - Extra context menu item: Web Search - C:\WINDOWS\ex.htm O11 - Options group: [CommonName] CommonName O13 - DefaultPrefix: http://%65%68%74%74%70%2E%63%63/? O13 - WWW Prefix: http://%65%68%74%74%70%2E%63%63/? O13 - WWW. Prefix: http://%65%68%74%74%70%2E%63%63/? O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) - O18 - Protocol: icoo - {4A8DADD4-5A25-4D41-8599-CB7458766220} - (no file) O18 - Filter: text/html - {432EB95B-4A48-46DE-B1F1-E7177A8D08AF} - (no file) O18 - Filter: text/plain - {432EB95B-4A48-46DE-B1F1-E7177A8D08AF} - (no file) O19 - User stylesheet: C:\WINDOWS\color.css O19 - User stylesheet: C:\WINDOWS\my.css (HKLM) neustarten #Gehe mal in die Host-Datei (mit Editor oeffen) schau mal in c:\Windows\System32\drivers\etc\hosts Im Normalfall sollte dass hier drin stehen, alles andere loeschen ! 127.0.0.1 localhost Orginal Host Datei #deinstalliere P2P Networking #Lade AdAware (free) scanne <alle Dateien< http://www.lavasoft.de/support/download/ #Lade ClearProg http://www.clearprog.de/ Loesche: - Cookies - Verlauf - Temporäre Internetfiles (Cache) #Lade <eScan< (in C:\base entpacken) http://www.mwti.net/antivirus/free_utilities.asp # "kavupd.exe" suchen und anklicken. Es oeffnet sich ein DOS-Fenster und es wird ein Update ausgeführt(dauert ein bisschen) #den Scanner mit der "mwav.exe starten. Alle Häkchen setzen und "Clean-Scan" klicken. ...................................................................................................... #Poste dann bitte das Viren-Log von eScan (abkopieren aus Logviewer) #stelle eine neue Site im <Internetoptionen< ein und poste auch das neue Log vom HijackThis. mfg Sabina __________ MfG Sabina rund um die PC-Sicherheit Dieser Beitrag wurde am 17.08.2004 um 16:21 Uhr von Sabina editiert.
|
|
|
Habe gescannt und hier ist die Kopie:
Was muss ich denn jetzt tun???
Vielen Dank!
Gruß, Perschi
Logfile of HijackThis v1.98.2
Scan saved at 14:12:41, on 17.08.2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Browser Mouse\Browser Mouse\1.0\lwbwheel.exe
C:\PROGRA~1\0190WA~1\WARN0190.EXE
C:\WINDOWS\System32\P2P Networking\P2P Networking.exe
C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
C:\Programme\AVPersonal\AVGNT.EXE
C:\program files\altnet\points manager\points manager.exe
C:\Programme\Messenger\msmsgs.exe
C:\Programme\Telekom\Eumex 504PC SE\Capictrl.exe
C:\Programme\Telekom\Eumex 504PC SE\HNetCtrl.exe
C:\Programme\AVPersonal\AVGUARD.EXE
C:\PROGRA~1\GEMEIN~1\aol\ACS\AOLacsd.exe
C:\Programme\AVPersonal\AVWUPSRV.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\scagent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\Fast.exe
C:\PROGRA~2\Altnet\DOWNLO~1\asm.exe
C:\PROGRA~1\WinZip\winzip32.exe
C:\DOKUME~1\Thorsti\LOKALE~1\Temp\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchAssistant = http://www.sharempeg.com/find/
R1 - HKCU\Software\Microsoft\Internet Explorer,CustomizeSearch = http://www.sharempeg.com/find/
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://aifind.inf/?id=54
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://0cj.net/cat
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://0cj.net/cat
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://0cj.net/cat
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = file://C:\DOKUME~1\Thorsti\LOKALE~1\Temp\sp.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://0cj.net/srchasst.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,(Default) = http://0cj.net/srchasst.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = file://C:\DOKUME~1\Thorsti\LOKALE~1\Temp\sp.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://0cj.net/srchasst.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,(Default) = http://0cj.net/srchasst.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://0cj.net/cat
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://jvlbwr.t.muxa.cc/h.php?aid=420 (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer bereitgestellt von AOL
R3 - URLSearchHook: (no name) - _{00D6A7E7-4A97-456f-848A-3B75BF7554D7} - (no file)
R3 - URLSearchHook: PerfectNavBHO Class - {00D6A7E7-4A97-456f-848A-3B75BF7554D7} - C:\PROGRA~1\PERFEC~1\BHO\PERFEC~1.DLL
O1 - Hosts: 198.65.164.171 ehttp.cc
O1 - Hosts: 198.65.164.168 winlink.biz
O1 - Hosts: 198.65.164.168 winlink.ws
O1 - Hosts: 198.65.164.168 ad45.com
O1 - Hosts: 198.65.164.168 www.ad45.com
O1 - Hosts: 198.65.164.168 ad77.com
O1 - Hosts: 198.65.164.168 www.ad77.com
O1 - Hosts: 198.65.164.168 ad86.com
O1 - Hosts: 198.65.164.168 www.ad86.com
O1 - Hosts: 198.65.164.168 ad25.com
O1 - Hosts: 198.65.164.168 www.ad25.com
O1 - Hosts: 198.65.164.168 00hq.com
O1 - Hosts: 198.65.164.168 www.00hq.com
O1 - Hosts: 198.65.164.168 8ad.com
O1 - Hosts: 198.65.164.168 www.8ad.com
O1 - Hosts: 198.65.164.168 searchv.com
O1 - Hosts: 198.65.164.168 www.searchv.com
O1 - Hosts: 198.65.164.168 008k.com
O1 - Hosts: 198.65.164.168 www.008k.com
O1 - Hosts: 198.65.164.170 achea.org
O1 - Hosts: 198.65.164.170 www.efinder.cc
O1 - Hosts: 198.65.164.170 lop.com
O1 - Hosts: 198.65.164.170 finder2003.com
O1 - Hosts: 198.65.164.170 www.search-aid.com
O1 - Hosts: 198.65.164.170 www.search2004.net
O1 - Hosts: 198.65.164.170 www.hugesearch.net
O1 - Hosts: 198.65.164.170 luckyfinder.com
O1 - Hosts: 198.65.164.170 luckysearch.net
O1 - Hosts: 198.65.164.170 kitasearch.com
O1 - Hosts: 198.65.164.170 www.orbitexplorer.com
O1 - Hosts: 198.65.164.170 www.sqwire.com
O1 - Hosts: 198.65.164.170 www.traffichog.com
O1 - Hosts: 198.65.164.170 allneedsearch.com
O1 - Hosts: 198.65.164.170 www.yellow500.com
O1 - Hosts: 198.65.164.170 www.008i.com
O1 - Hosts: 198.65.164.170 www.opsex.com
O1 - Hosts: 198.65.164.170 www.onlysex.ws
O1 - Hosts: 198.65.164.170 www.7days.ws
O1 - Hosts: 198.65.164.170 www.xsex.ws
O1 - Hosts: 198.65.164.170 www.6o9.com
O1 - Hosts: 198.65.164.170 search-company.com
O1 - Hosts: 198.65.164.170 www.700k.com
O1 - Hosts: 198.65.164.170 www.hotbookmark.com
O1 - Hosts: 198.65.164.170 www.runsearch.com
O1 - Hosts: 198.65.164.170 runsearch.com
O1 - Hosts: 198.65.164.170 www.search-about.net
O1 - Hosts: 198.65.164.170 go-all.com
O1 - Hosts: 198.65.164.170 go-acct.com
O1 - Hosts: 198.65.164.170 get-faster.com
O1 - Hosts: 198.65.164.170 get-data.net
O1 - Hosts: 198.65.164.170 get-certified.net
O1 - Hosts: 198.65.164.170 get-access.com
O1 - Hosts: 198.65.164.170 000info.com
O1 - Hosts: 198.65.164.170 0-days.net
O1 - Hosts: 198.65.164.170 0-2u.com
O1 - Hosts: 198.65.164.170 0-29.com
O1 - Hosts: 198.65.164.170 alfaporn.com
O1 - Hosts: 198.65.164.170 i-lookup.com
O1 - Hosts: 198.65.164.170 www.alfa-search.com
O1 - Hosts: 198.65.164.170 www.dotcomtoolbar.com
O1 - Hosts: 198.65.164.170 toteen.com
O1 - Hosts: 198.65.164.170 www.find-itnow.com
O1 - Hosts: 198.65.164.170 www.mixedporno.com
O1 - Hosts: 198.65.164.170 eliteteensites.com
O1 - Hosts: 198.65.164.170 newsexgate.com
O1 - Hosts: 198.65.164.170 www.newsexgate.com
O1 - Hosts: 198.65.164.170 uuporn.com
O1 - Hosts: 198.65.164.170 www.uuporn.com
O1 - Hosts: 198.65.164.170 hardcorevibe.com
O1 - Hosts: 198.65.164.170 www.hardcorevibe.com
O1 - Hosts: 198.65.164.170 overmix.com
O1 - Hosts: 198.65.164.170 www.overmix.com
O1 - Hosts: 198.65.164.170 theadultgate.com
O1 - Hosts: 198.65.164.170 www.theadultgate.com
O1 - Hosts: 198.65.164.170 hornygate.com
O1 - Hosts: 198.65.164.170 www.hornygate.com
O1 - Hosts: 198.65.164.170 sexxx-start.com
O1 - Hosts: 198.65.164.170 www.sexxx-start.com
O1 - Hosts: 198.65.164.170 logtoporn.com
O1 - Hosts: 198.65.164.170 www.logtoporn.com
O1 - Hosts: 198.65.164.170 3xpower.com
O1 - Hosts: 198.65.164.170 www.3xpower.com
O1 - Hosts: 198.65.164.170 start-search.com
O1 - Hosts: 198.65.164.170 www.lookfor.cc
O1 - Hosts: 198.65.164.170 www.hotsearchbox.com
O1 - Hosts: 198.65.164.170 ie-search.com
O1 - Hosts: 198.65.164.170 www.search-1.net
O1 - Hosts: 198.65.164.170 swift-look.com
O1 - Hosts: 198.65.164.170 www.swift-look.com
O1 - Hosts: 198.65.164.170 www.search2525.com
O1 - Hosts: 198.65.164.170 www.sureseeker.com
O1 - Hosts: 198.65.164.170 www.searchmeup.com
O1 - Hosts: 198.65.164.170 www.statblaster.com
O1 - Hosts: 198.65.164.170 www.day4sex.com
O1 - Hosts: 198.65.164.170 day4sex.com
O1 - Hosts: 198.65.164.170 www.seek-porn.com
O1 - Hosts: 198.65.164.170 seek-porn.com
O1 - Hosts: 198.65.164.170 freexxxplace.com
O1 - Hosts: 198.65.164.170 www.freexxxplace.com
O1 - Hosts: 198.65.164.170 worldmpeg.com
O1 - Hosts: 198.65.164.170 www.worldmpeg.com
O2 - BHO: MxTargetObj Class - {0000607D-D204-42C7-8E46-216055BF9918} - C:\WINDOWS\mxTarget.dll
O2 - BHO: NavErrRedir Class - {00D6A7E7-4A97-456f-848A-3B75BF7554D7} - C:\PROGRA~1\PERFEC~1\BHO\PERFEC~1.DLL
O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - C:\Programme\MyWay\myBar\1.bin\MYBAR.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {16D393E2-DF37-455B-B0F7-60DF89401A63} - (no file)
O2 - BHO: Activater - {1E1B2879-88FF-11D2-8D96-D7ACAC95951F} - C:\Programme\CommonName\Toolbar\CNBarIE.dll
O2 - BHO: MyObj Class - {275636E4-A535-4668-9FF1-86DC0C62D446} - C:\WINDOWS\madopew.dll
O2 - BHO: winlink module - {6CC1C91A-AE8B-4373-A5B4-28BA1851E39A} - (no file)
O2 - BHO: (no name) - {9C691A33-7DDA-4C2F-BE4C-C176083F35CF} - (no file)
O2 - BHO: BabeIE - {A6475E6B-3C2E-4B1F-82FD-8F1C0B1D8AD0} - C:\Programme\CommonName\Toolbar\BabeIE.dll
O2 - BHO: ICOO Loader BHO - {B9D90B27-AD4A-413a-88CB-3E6DDC10DC2D} - (no file)
O2 - BHO: (no name) - {C6F60183-539A-463D-A60E-6F61C287306F} - (no file)
O2 - BHO: IEHlprObj Class - {CE7C3CF0-4B15-11D1-ABED-709549C10000} - C:\WINDOWS\system32\StopzillaBH0.dll
O3 - Toolbar: CommonName - {A3E3F04C-F98C-4295-95EF-41C57425B077} - C:\Programme\CommonName\Toolbar\CNBarIE.dll
O3 - Toolbar: &SearchBar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - C:\Programme\MyWay\myBar\1.bin\MYBAR.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [LWBMOUSE] C:\Programme\Browser Mouse\Browser Mouse\1.0\lwbwheel.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [0190 Warner] C:\PROGRA~1\0190WA~1\WARN0190.EXE
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [AOLDialer] C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVGCtrl] "C:\Programme\AVPersonal\AVGNT.EXE" /min
O4 - HKLM\..\Run: [AltnetPointsManager] c:\program files\altnet\points manager\points manager.exe -s
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [winlogon] c:\windows\winlogon.exe
O4 - Global Startup: CAPIControl.lnk = ?
O4 - Global Startup: HomeNet Control.lnk = ?
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Web Search - C:\WINDOWS\ex.htm
O9 - Extra button: AOL Instant Messenger (TM) - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Programme\AIM95\aim.exe (file missing)
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\MSMSGS.EXE
O11 - Options group: [CommonName] CommonName
O13 - DefaultPrefix: http://%65%68%74%74%70%2E%63%63/?
O13 - WWW Prefix: http://%65%68%74%74%70%2E%63%63/?
O13 - WWW. Prefix: http://%65%68%74%74%70%2E%63%63/?
O14 - IERESET.INF: START_PAGE_URL=http://www.aol.de/e60/
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
O16 - DPF: {4427E1E4-A9A6-40B1-BEAA-3F5CDA2F7453} (AxPhotoStudio Kontrolle) - http://de.samsungmobile.com/play/photo/album_ger.cab
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/activedata/SymAData.cab
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - http://www.symantec.com/techsupp/activedata/ActiveData.cab
O18 - Protocol: icoo - {4A8DADD4-5A25-4D41-8599-CB7458766220} - (no file)
O18 - Filter: text/html - {432EB95B-4A48-46DE-B1F1-E7177A8D08AF} - (no file)
O18 - Filter: text/plain - {432EB95B-4A48-46DE-B1F1-E7177A8D08AF} - (no file)
O19 - User stylesheet: C:\WINDOWS\color.css
O19 - User stylesheet: C:\WINDOWS\my.css (HKLM)