system32 spybot |
||
---|---|---|
#0
| ||
16.02.2005, 22:02
...neu hier
Beiträge: 1 |
||
|
||
16.02.2005, 22:06
Member
Beiträge: 1132 |
#2
siehe http://board.protecus.de/t15475.htm
Gruß Heron __________ "Die Welt ist groß, weil der Kopf so klein" Wilhelm Busch |
|
|
Hier mein Hijack-Log:
Logfile of HijackThis v1.99.1
Scan saved at 21:43:42, on 16.02.2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe
D:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\system32\rundll32.exe
D:\WINDOWS\Explorer.EXE
D:\Programme\Winamp3\winampa.exe
D:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe
D:\WINDOWS\wvjinkcg.exe
D:\WINDOWS\System32\dx3_ci.exe
D:\WINDOWS\System32\ctfmon.exe
D:\Programme\Messenger\msmsgs.exe
D:\WINDOWS\System32\duspex.exe
D:\Programme\WinZip\WZQKPICK.EXE
D:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
D:\Programme\Norton AntiVirus\navapsvc.exe
D:\Programme\Norton AntiVirus\AdvTools\NPROTECT.EXE
D:\WINDOWS\System32\svchost.exe
D:\Programme\Norton AntiVirus\SAVScan.exe
D:\Programme\Internet Explorer\iexplore.exe
D:\PROGRA~1\WINZIP\winzip32.exe
C:\Michael\hijack\HijackThis.exe
D:\WINDOWS\system32\NOTEPAD.EXE
R3 - URLSearchHook: (no name) - _{9E295118-D5EF-79CD-52F5-D96664D7E9B6} - (no file)
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: (no name) - _{CA0E28FA-1AFD-4C21-A8DC-70EB5BE2F076} - (no file)
F2 - REG:system.ini: UserInit=D:\WINDOWS\System32\Userinit.exe
O1 - Hosts: 69.20.16.183 auto.search.msn.com
O1 - Hosts: 69.20.16.183 search.netscape.com
O1 - Hosts: 69.20.16.183 ieautosearch
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [XPSP2 Firewall] D:\WINDOWS\system32\xpsp2fw.exe
O4 - HKLM\..\Run: [BA8EFCCB] D:\WINDOWS\system32\tracbac.exe
O4 - HKLM\..\Run: [WinampAgent] "D:\Programme\Winamp3\winampa.exe"
O4 - HKLM\..\Run: [websx] D:\Programme\websx\int392725.exe -auto
O4 - HKLM\..\Run: [RSPC Driver D] gcfna.exe
O4 - HKLM\..\Run: [IExplorer32 Java Scripting] IExplore32b.exe
O4 - HKLM\..\Run: [QuickTime Task] "D:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Microsofts media] wingtp.exe
O4 - HKLM\..\Run: [msmc] D:\WINDOWS\System32\msmc.exe
O4 - HKLM\..\Run: [ccApp] "D:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] D:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] D:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [K7f4Gm] D:\WINDOWS\wvjinkcg.exe
O4 - HKLM\..\Run: [K7f4Gmú"‹üžigÅYƒ]vD:\Programme\ISTsvc\istsvc.exe] D:\WINDOWS\wvjinkcg.exe
O4 - HKLM\..\Run: [wF6O3mi] dx3_ci.exe
O4 - HKLM\..\RunServices: [RSPC Driver D] gcfna.exe
O4 - HKLM\..\RunServices: [IExplorer32 Java Scripting] IExplore32b.exe
O4 - HKLM\..\RunServices: [Microsofts media] wingtp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "D:\Programme\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BA8EFCCB] D:\WINDOWS\system32\tracbac.exe
O4 - HKCU\..\Run: [hopERgGEg] duspex.exe
O4 - Global Startup: WinZip Quick Pick.lnk = D:\Programme\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: d:\windows\system32\aklsp.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\aklsp.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\aklsp.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\aklsp.dll
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {59136DB4-6CA3-4B40-8F2F-BBF84B6F1E91} (Attachment Upload Control) - https://img.web.de/v/mail/activex/mail_upload_1123.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {9E98E84C-79E1-49C3-82EB-798FCD552EFB} (VacPro.internazionale_ver4) - http://advnt01.com/dialer/internazionale_ver4.CAB
O16 - DPF: {BAB3E70B-A847-4A88-ACFC-778FCCC00287} (CActSetupObj Object) - http://www.odysseusmarketing.com/actsetup.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{E77DFD8E-E4E9-4012-B1AB-EF32DEEA02CF}: NameServer = 217.237.150.141 217.237.150.97
O20 - Winlogon Notify: H323TSP - D:\WINDOWS\system32\dnr4019qe.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - D:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - D:\Programme\Gemeinsame Dateien\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - D:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe
O23 - Service: Norton AntiVirus Auto-Protect-Dienst (navapsvc) - Symantec Corporation - D:\Programme\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - D:\Programme\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: SAVScan - Symantec Corporation - D:\Programme\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - D:\PROGRA~1\GEMEIN~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - D:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe