Hijack - bitte mal helfen

Meier
Gast

« am: 13.07.07, 21:55:38 »

hi!

hab probleme mit dem pc

avast hat nix weiter gefunden beim booten und ein update kann ich leider net mehr ausführen

ad aware kann nicht scannen fängt kurz an und danach bootet er neu jedesmal einfach so

spybot hat 3 fehler gefunden will beheben kann aber nicht
woran liegt dies alles?

wer kann mir bitte helfen auser formatieren

hier die auswertung

Logfile of HijackThis v1.99.1
Scan saved at 17:35:58, on 13.07.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Alwil Software\Avast4\aswUpdSv.exe
C:\Programme\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\Programme\Ashampoo\Ashampoo FireWall\FireWall.exe
C:\WINDOWS\system32\PuXpMan.exe
C:\Programme\Winamp\winampa.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe
C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
C:\Programme\PowerArchiver\PASTARTER.EXE
C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexStoreSvr.exe
C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Alwil Software\Avast4\ashMaiSv.exe
C:\Programme\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Dokumente und Einstellungen\Meier85\Desktop\hijackthis_199\HijackThis.exe

F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\ntos.exe,
O2 - BHO: (no name) - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\Programme\FlashFXP\IEFlash.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [AudioDeck] C:\Programme\VIAudioi\SBADeck\ADeck.exe 1
O4 - HKLM\..\Run: [EPSON Stylus D68 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE /P23 "EPSON Stylus D68 Series" /O6 "USB001" /M "Stylus D68"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Ashampoo FireWall] "D:\Programme\Ashampoo\Ashampoo FireWall\FireWall.exe" -TRAY
O4 - HKLM\..\Run: [mspwr] C:\WINDOWS\system32\PuXpMan.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Programme\Winamp\winampa.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [PowerArchiver Tray] C:\Programme\PowerArchiver\PASTARTER.EXE
O4 - HKCU\..\Run: [userinit] C:\WINDOWS\system32\ntos.exe
O4 - Startup: Adobe Gamma.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: MSWin-1441538426.exe
O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: d:\programme\ashampoo\ashampoo firewall\spi.dll
O10 - Unknown file in Winsock LSP: d:\programme\ashampoo\ashampoo firewall\spi.dll
O10 - Unknown file in Winsock LSP: d:\programme\ashampoo\ashampoo firewall\spi.dll
O10 - Unknown file in Winsock LSP: d:\programme\ashampoo\ashampoo firewall\spi.dll
O10 - Unknown file in Winsock LSP: d:\programme\ashampoo\ashampoo firewall\spi.dll
O10 - Unknown file in Winsock LSP: d:\programme\ashampoo\ashampoo firewall\spi.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1178450217875
O17 - HKLM\System\CCS\Services\Tcpip\..\{4561414B-AA2D-4B5E-83C1-EA8D323B8532}: NameServer = 67.15.202.9,67.15.202.9,72.21.36.74,75.126.60.131
O17 - HKLM\System\CCS\Services\Tcpip\..\{538C6F71-6D00-4257-83AB-39E36E6DFDF7}: NameServer = 67.15.202.9,67.15.202.9,72.21.36.74,75.126.60.131
O17 - HKLM\System\CCS\Services\Tcpip\..\{6631331F-10BB-46C3-A9C3-C22A9A342F2D}: NameServer = 195.50.140.252 195.50.140.114
O17 - HKLM\System\CCS\Services\Tcpip\..\{71379DB0-D6D4-4031-8276-10EFDCA66D22}: NameServer = 67.15.202.9,67.15.202.9,72.21.36.74,75.126.60.131
O17 - HKLM\System\CCS\Services\Tcpip\..\{83CE7C52-DE79-48D9-A49F-F5654BD86D11}: NameServer = 67.15.202.9,67.15.202.9,72.21.36.74,75.126.60.131
O17 - HKLM\System\CCS\Services\Tcpip\..\{E01B805D-0D20-4AFE-B5A8-E01920DCEECB}: NameServer = 67.15.202.9,72.21.36.74,75.126.60.131
O17 - HKLM\System\CCS\Services\Tcpip\..\{E1202FCF-F7E2-4A9F-8CAA-4845971C9907}: NameServer = 67.15.202.9,67.15.202.9,72.21.36.74,75.126.60.131
O17 - HKLM\System\CS1\Services\Tcpip\..\{4561414B-AA2D-4B5E-83C1-EA8D323B8532}: NameServer = 67.15.202.9,67.15.202.9,72.21.36.74,75.126.60.131
O17 - HKLM\System\CS2\Services\Tcpip\..\{4561414B-AA2D-4B5E-83C1-EA8D323B8532}: NameServer = 67.15.202.9,67.15.202.9,72.21.36.74,75.126.60.131
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\GEMEIN~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: rlx5dom1 - C:\WINDOWS\SYSTEM32\rlx5dom1.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programme\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programme\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programme\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Programme\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Programme\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

THX

Hijack - bitte mal helfen

Antworten zu Hijack - bitte mal helfen:

Re: Hijack - bitte mal helfen

Mehr zu Hijack - bitte mal helfen