Virus alert inner Taskleiste... |
||
---|---|---|
#0
| ||
08.06.2006, 16:20
...neu hier
Beiträge: 2 |
||
|
||
08.06.2006, 16:29
Ehrenmitglied
Beiträge: 29434 |
#2
arbeite das ab ..und ich helfe dir
http://board.protecus.de/t23188.htm __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
08.06.2006, 16:41
...neu hier
Themenstarter Beiträge: 2 |
#3
Logfile of HijackThis v1.99.1
Scan saved at 16:34:17, on 08.06.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\Temporäres Verzeichnis 1 für hijackthis.zip\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://de8.hpwis.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-de8.hpwis.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-de8.hpwis.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-de8.hpwis.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://de8.hpwis.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://de7.hpwis.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-de8.hpwis.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://de8.hpwis.com/ O1 - Hosts file is located at: C:\WINDOWS\nsdb\hosts O1 - Hosts: 81.211.105.69 lender-search.com O1 - Hosts: 81.211.105.68 hot-searches.com O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: Nothing - {6ab7158b-4bff-4160-ad7d-4d622df548cf} - C:\WINDOWS\system32\hp100.tmp O2 - BHO: (no name) - {da7ff3f8-08be-4cac-bc00-94d91c6ae7f4} - (no file) O3 - Toolbar: (no name) - {a19ef336-01d4-48e6-926a-fe7e1c747aed} - (no file) O4 - HKLM\..\Run: [RemoteControl] C:\WINDOWS\System32\rmctrl.exe O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe -CheckReg O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe O4 - HKLM\..\Run: [DAEMON Tools] "D:\Programme\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -minimize O4 - HKLM\..\Run: [Zone Labs Client] D:\Zone Labs\ZoneAlarm\zlclient.exe O4 - HKLM\..\Run: [avgnt] "D:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min O9 - Extra button: Translate - {87680762-4A83-11B4-885B-0000E8ECA40F} - D:\Keylingo\Translator.lnk (file missing) O9 - Extra 'Tools' menuitem: Translator - {87680762-4A83-11B4-885B-0000E8ECA40F} - D:\Keylingo\Translator.lnk (file missing) O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://de7.hpwis.com O16 - DPF: {00000000-CDDC-0704-0B53-2C8830E9FAEC} (IELoaderCtl Class) - http://install.global-netcom.de/ieloader.cab O16 - DPF: {00000000-DCCD-0704-0B53-2C8830E9FAEC} - http://install.questnet.de/soft/ieloader.cab O16 - DPF: {788A7678-38D7-4EEC-9D20-67A86D21A7FD} - http://www.htttp.biz/de/webupdate.cab O16 - DPF: {8699D723-6DC6-47D3-B55C-489BA006B917} - http://dot-jessy.nu-1104381.namezero.com/de/webinstall.cab O16 - DPF: {9B17FE0E-51F2-4692-8B32-8EFB805FC0E7} (HPObjectInstaller Class) - http://h30155.www3.hp.com/ediags/dd/install/guidedsolutions.cab O16 - DPF: {D7BF3304-138B-4DD5-86EE-491BB6A2286C} - http://www.globosoft.info/globobar.cab O16 - DPF: {E0CE16CB-741C-4B24-8D04-A817856E07F4} - http://cabs.media-motor.net/cabs/ieplug.cab O16 - DPF: {F5192746-22D6-41BD-9D2D-1E75D14FBD3C} (ddm_download.ddm_control) - http://download.rfwnad.com/cab/crack.CAB O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O18 - Filter: text/html - {4F7681E5-6CAF-478D-9CB8-4CA593BEE7FB} - (no file) O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - D:\Programme\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - D:\Programme\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\SYSTEM32\GEARSEC.EXE O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - D:\Programme\TuneUp Utilities 2006\WinStylerThemeSvc.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe |
|
|
||
08.06.2006, 18:17
Ehrenmitglied
Beiträge: 29434 |
#4
auf der seite (siehe oben) ist auch von datfindbat die Rede, poste bitte die 4 logs.
ich benoetige die Logs, um den SywareQuake loeschen zu koennen. __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
Bitte schnell hilfe
MfG