Hi ihr!!!
Irgendwie hab ich auf meinen Computer den 180search assistens draufgekriegt.
Was kann ich denn jetzt machen?
Ich hab mal Hijack durchlaufen lassen und da kam folgendes:
Logfile of HijackThis v1.99.1
Scan saved at 19:11:11, on 04.08.05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v5.50 (5.50.4134.0600)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAMME\OFFICESCAN 95\PCCWIN97.EXE
C:\WINDOWS\LOADQM.EXE
C:\PROGRAM FILES\MSN APPS\UPDATER\01.03.0000.1005\DE\MSNAPPAU.EXE
C:\PROGRAMME\CARDREADER2.0\OTIREADER.EXE
C:\WINDOWS\SYSTEM\PRINTRAY.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\PROGRAMME\HEWLETT-PACKARD\HP SHARE-TO-WEB\HPGS2WND.EXE
C:\WINDOWS\SYSTEM\WINDIR32.EXE
C:\WINDOWS\TEMP\RARSFX1\10A.EXE
C:\PROGRAMME\MSN MESSENGER\MSNMSGR.EXE
C:\WINDOWS\SYSTEM\WINDIR32.EXE
C:\PROGRAMME\MICROSOFT OFFICE\OFFICE\OSA.EXE
C:\PROGRAMME\GEMEINSAME DATEIEN\MICROSOFT SHARED\WORKS SHARED\WKCALREM.EXE
C:\PROGRAMME\HARDCOPY\HARDCOPY.EXE
C:\PROGRAMME\HEWLETT-PACKARD\HP SHARE-TO-WEB\HPGS2WNF.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\CHINDX.EXE
C:\DSUNT4948.EXE
C:\WINDOWS\TEMP\RARSFX2\10A.EXE
C:\WINDOWS\MSBB.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\PROGRAMME\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\SYSTEM\3B9VTMT1.EXE
C:\PROGRAMME\ADOBE\ACROBAT 4.0\READER\ACRORD32.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\EXPLORER.EXE
C:\DSDFSS.EXE
C:\DSDFSS.EXE
C:\EIGENE DATEIEN\NEW\HIJACKTHIS.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.arcor.de/
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRAMME\ICQTOOLBAR\TOOLBAR.DLL
O2 - BHO: SABHO - {21B4ACC4-8874-4AEC-AEAC-F567A249B4D4} - C:\WINDOWS\MSBBHOOK.DLL
O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [OEMCleanup] C:\WINDOWS\OPTIONS\OEMRESET.EXE
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [OfficeScan95] "C:\PROGRAMME\OFFICESCAN 95\pccwin97.exe"
O4 - HKLM\..\Run: [mdac_runonce] C:\WINDOWS\SYSTEM\runonce.exe
O4 - HKLM\..\Run: [sisdecdp] C:\WINDOWS\SYSTEM\sisdecdp.exe
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [msnappau] "c:\program files\MSN Apps\Updater\01.03.0000.1005\de\msnappau.exe"
O4 - HKLM\..\Run: [OTIREADER] C:\PROGRAMME\CARDREADER2.0\OTIREADER.EXE
O4 - HKLM\..\Run: [LexmarkPrinTray] PrinTray.exe
O4 - HKLM\..\Run: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -minimize
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] c:\Programme\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [Microsoft Windows DLL Services Configuration] windir32.exe
O4 - HKLM\..\Run: [Media Gateway] C:\WINDOWS\TEMP\RARSFX1\10A.EXE
O4 - HKLM\..\Run: [fwh] C:\WINDOWS\fwh.exe
O4 - HKLM\..\Run: [msbb] c:\windows\msbb.exe
O4 - HKLM\..\Run: [fez] C:\WINDOWS\fez.exe
O4 - HKLM\..\Run: [System service62] C:\WINDOWS\ETB\POKAPOKA62.EXE
O4 - HKLM\..\Run: [3b9vtmt1] C:\WINDOWS\SYSTEM\3b9vtmt1.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [Microsoft Windows DLL Services Configuration] windir32.exe
O4 - HKCU\..\Run: [MsnMsgr] "c:\Programme\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Felix] C:\Program Files\ScreenMates\FELIX2VONHERNERKLIMMECK.EXE
O4 - HKCU\..\Run: [Microsoft Windows DLL Services Configuration] windir32.exe
O4 - HKCU\..\RunServices: [MsnMsgr] "c:\Programme\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\RunServices: [Felix] C:\Program Files\ScreenMates\FELIX2VONHERNERKLIMMECK.EXE
O4 - HKCU\..\RunServices: [Microsoft Windows DLL Services Configuration] windir32.exe
O4 - Startup: Office-Start.lnk = C:\Programme\Microsoft Office\Office\OSA.EXE
O4 - Startup: EPSON Status Monitor 3 Environment Check.lnk = C:\WINDOWS\SYSTEM\CFGWIZ32.EXE
O4 - Startup: Erinnerungen für Microsoft Works-Kalender.lnk = C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\wkcalrem.exe
O4 - Startup: Hardcopy.LNK = C:\Programme\Hardcopy\hardcopy.exe
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\PROGRAMME\ICQTOOLBAR\TOOLBAR.DLL/SEARCH.HTML
O9 - Extra button: ICQ 4.1 - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRAMME\AIM95\AIM.EXE
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: ChatSpace Full Java Client 3.1.0.235 - http://chat.waslos.de/Java/cfs31235.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {99410CDE-6F16-42ce-9D49-3807F78F0287} (ClientInstaller Class) - http://www.180searchassistant.com/180saax.cab
Kann mir vielleicht jemand weiterhelfen was ich jetzt tun kann?
Vielen Dank schonmal!!!!!!!!
Anne7 Gast |