Hi, ich ahbe mit HIJACKTHIS einen Systemcheck gemacht. Mit folgendem Ergebnis:
Logfile of HijackThis v1.98.0
Scan saved at 10:27:58, on 28.07.2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Sygate\SPF\smc.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\AVPersonal\AVWUPSRV.EXE
C:\WINDOWS\system32\drivers\dcfssvc.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\windows\ms spool32.exe
C:\WINDOWS\System32\MSMNGR32.EXE
C:\WINDOWS\System32\mpc.exe
C:\Programme\g3OnlineTimer\g3OnlineTimer.exe
C:\Dokumente und Einstellungen\computer\Desktop\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.aol.de
F2 - REG:system.ini: Shell=explorer.exe system33r.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [Ms Spool32] C:\windows\ms spool32.exe
O4 - HKLM\..\Run: [SysUpd] C:\WINDOWS\System32\SysUpd.exe
O4 - HKLM\..\Run: [Roxio Engine] MSMNGR32.EXE
O4 - HKLM\..\Run: [Multi-PC] mpc.exe
O4 - HKLM\..\Run: [Ver.....ung] C:\Dokumente und Einstellungen\computer\Desktop\anna1602.exe
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\RunServices: [RDLL] RunDll16.exe
O4 - HKLM\..\RunServices: [SystemSAS] system32.exe
O4 - HKCU\..\RunOnce: [Multi-PC] mpc.exe
O4 - HKCU\..\RunOnce: [Roxio Engine] MSMNGR32.EXE
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -trayboot
O4 - Startup: g3OnlineTimer.lnk = C:\Programme\g3OnlineTimer\g3OnlineTimer.exe
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: ICQ 4.1 - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\MSMSGS.EXE (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\MSMSGS.EXE (file missing)
O9 - Extra button: MedionShop - {1BE7B301-ED56-4E47-BCA8-68D80A44DCB8} - http://www.medionshop.de/ (file missing) (HKCU)
O16 - DPF: {52290B25-D07A-43B5-84D8-493116D50FA0} (WebPlugin Class) - http://webinstall.tscash.com/webinstall.cab
O16 - DPF: {8FA9D107-547B-4DBC-9D88-FABD891EDB0A} (shizmoo Class) - http://playroom.icq.com/odyssey_web8.cab
O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl Class) - http://tools.ebayimg.com/eps/activex/EPSControl_v1-0-3-0.cab
O16 - DPF: {FB48C7B0-EB66-4BE6-A1C5-9DDF3C37249A} (MCSendMessageHandler Class) - http://xtraz.icq.com/xtraz/activex/MISBH.cab
O18 - Protocol: msref - {74D92DF3-6D9D-11D1-8B38-006097DBED7A} - C:\PROGRA~1\GEMEIN~1\MICROS~1\REFERE~1\msref.dll
Kann mir jemand sagen,welche Dateien davon schädlich sind damit ich sie löschen kann?
MfG Freddy
Freddy123 Gast |