Logfile of HijackThis v1.99.1
Scan saved at 17:32:31, on 02.01.2007
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
C:\Programme\Sitecom\Bluetooth Software\bin\btwdins.exe
D:\NORTON~1\NORTON~3\GHOSTS~2.EXE
c:\programme\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
D:\NORTON~1\NORTON~1\NPROTECT.EXE
D:\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\khooker.exe
C:\WINDOWS\System32\RunDll32.exe
C:\WINDOWS\System32\pctspk.exe
C:\WINDOWS\system32\sistray.EXE
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\Programme\T-Com\Sinus 154 data II\PRISMSVR.EXE
C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\Programme\Google\Google Desktop Search\GoogleDesktop.exe
C:\Programme\Sitecom\Bluetooth Software\BTTray.exe
C:\Programme\T-Com\Sinus 154 data II\TS154USB.exe
C:\Programme\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Programme\Google\Google Desktop Search\GoogleDesktopDisplay.exe
C:\Programme\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
D:\WinRAR\WinRAR.exe
C:\DOKUME~1\Steffen\LOKALE~1\Temp\Rar$EX00.672\HijackThis.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Adobe Reader 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\System32\khooker.exe
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\sisUSBrg.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [SiS Tray] C:\WINDOWS\system32\sistray.EXE
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [PRISMSVR.EXE] "C:\Programme\T-Com\Sinus 154 data II\PRISMSVR.EXE" /APPLY
O4 - HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [yaemu.exe] C:\WINDOWS\System32\yaemu.exe
O4 - HKCU\..\Run: [Google Desktop Search] "C:\Programme\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - Global Startup: Adobe Reader - Schnellstart.lnk = D:\Adobe Reader 7.0\Reader\reader_sl.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Corel Family & Friends Erinnerungsfunktionen.LNK = D:\Corel Print House\cffrem.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: T-Com WLAN Manager.lnk = C:\Programme\T-Com\Sinus 154 data II\TS154USB.exe
O8 - Extra context menu item: Bild in &Microsoft PhotoDraw öffnen - res://C:\PROGRA~1\MICROS~2\Office\1031\phdintl.dll/phdContext.htm
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Senden an &Bluetooth - C:\Programme\Sitecom\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Sitecom\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Sitecom\Bluetooth Software\btsendto_ie.htm
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/de/4,0,0,83/mcinsctl.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0A4697DF-8860-43B0-B947-7EDBF6E5BBA9}: NameServer = 85.255.115.52,85.255.112.85
O17 - HKLM\System\CCS\Services\Tcpip\..\{41DAB95D-8FD9-4AF8-B944-13F078858602}: NameServer = 85.255.115.52,85.255.112.85
O17 - HKLM\System\CCS\Services\Tcpip\..\{81FF7B38-2F28-4A52-B506-DC45348D4660}: NameServer = 85.255.115.52,85.255.112.85
O17 - HKLM\System\CCS\Services\Tcpip\..\{B95F6630-C2BF-4910-88A2-28BEC88794D3}: NameServer = 85.255.115.52,85.255.112.85
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.114.29 85.255.112.109
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.114.29 85.255.112.109
O17 - HKLM\System\CS2\Services\Tcpip\..\{009CFDEC-CE7E-4622-B9CA-49BDFEA079DF}: NameServer = 85.255.115.52,85.255.112.85
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.114.29 85.255.112.109
O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\System32\btxppanel.dll
O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation - C:\Programme\Sitecom\Bluetooth Software\bin\btwdins.exe
O23 - Service: GhostStartService - Symantec Corporation - D:\NORTON~1\NORTON~3\GHOSTS~2.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\programme\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - D:\NORTON~1\NORTON~1\NPROTECT.EXE
O23 - Service: Speed Disk service - Symantec Corporation - D:\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE
Ja das is der log könnte mir pls wer helfen ob noch was zu retten ist und wenn ja wie?
Keimling Gast |