hallo, bei mir erscheint seit neustem immer so eine suchleiste, die ich nicht wegbekomme, könnt ihr mir vielleicht sagen wie das geht. ich hab an spyware gedacht, weiß aber nicht welche schlüssel ich bei hijackthis löschen kann!!
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe
G:\Norton SystemWorks\Internetsecurity\NISUM.EXE
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe
G:\Norton SystemWorks\Internetsecurity\ccPxySvc.exe
C:\WINDOWS\System32\GEARSEC.EXE
C:\PROGRA~1\NORTON~1\NORTON~4\GHOSTS~2.EXE
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
C:\Programme\Norton SystemWorks\Norton Antivirus\navapsvc.exe
C:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXE
C:\Programme\Norton SystemWorks\Norton Antivirus\SAVScan.exe
C:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Mixer.exe
C:\Programme\Trust\Ami Mouse 250S Cordless\Amoumain.exe
C:\WINDOWS\System32\SxgTkBar.exe
G:\I-Tunes\iTunesHelper.exe
G:\MusicmatchJukebox\PhilipsRemote.exe
C:\Programme\iPod\bin\iPodService.exe
C:\Programme\Logitech\MouseWare\MouseWare\system\em_exec.exe
G:\MusicmatchJukebox\mm_tray.exe
C:\Programme\Logitech\Video\LogiTray.exe
g:\MUSICM~1\MM_DIR~1.EXE
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe
H:\QUICKTIME\qttask.exe
C:\Programme\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
C:\Programme\Norton SystemWorks\Password Manager\AcctMgr.exe
C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programme\ICQLite\ICQLite.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\NCLAUNCH.EXe
H:\E-Color\True Internet Color\TICIcon.exe
G:\Common\Bin\WinCinemaMgr.exe
C:\WINDOWS\System32\LVComS.exe
C:\Programme\MSN Messenger\msnmsgr.exe
C:\Programme\Messenger\msmsgs.exe
E:\Eigene Dateien\My Received Files\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tonline.de/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer von T-Online
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=proxy.btx.dtag.de:80;ftp=ftp-proxy.btx.dtag.de:80
R3 - Default URLSearchHook is missing
F0 - system.ini: Shell=
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
O2 - BHO: Clear Search - {00000000-0000-0000-0000-000000000240} - (no file)
O2 - BHO: QuickSearch Search Bar - {82315A18-6CFB-44a7-BDFD-90E36537C252} - C:\Programme\QuickSearch\QuickSearchBar1_27.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programme\Norton SystemWorks\Norton Antivirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programme\Norton SystemWorks\Norton Antivirus\NavShExt.dll
O3 - Toolbar: QuickSearch Search Bar - {82315A18-6CFB-44a7-BDFD-90E36537C252} - C:\Programme\QuickSearch\QuickSearchBar1_27.dll
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [TrustInstaller] K:\Setup.exe
O4 - HKLM\..\Run: [WheelMouse] C:\Programme\Trust\Ami Mouse 250S Cordless\Amoumain.exe
O4 - HKLM\..\Run: [SxgTkBar] SxgTkBar.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [iTunesHelper] G:\I-Tunes\iTunesHelper.exe
O4 - HKLM\..\Run: [PhilipsRemote] g:\MusicmatchJukebox\PhilipsRemote.exe
O4 - HKLM\..\Run: [MMTray] g:\MusicmatchJukebox\mm_tray.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Programme\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Programme\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "H:\QUICKTIME\qttask.exe" -atboottime
O4 - HKLM\..\Run: [GhostStartTrayApp] C:\Programme\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
O4 - HKLM\..\Run: [AcctMgr] C:\Programme\Norton SystemWorks\Password Manager\AcctMgr.exe /startup
O4 - HKLM\..\Run: [ATIPTA] C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -minimize
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [NCLaunch] C:\WINDOWS\NCLAUNCH.EXe
O4 - HKCU\..\Run: [sws.exe] c:\programme\GlobalDialer\pntbo00000-37321a7\132760.exe -remove
O4 - Global Startup: EPSON Background Monitor.lnk = H:\ESM2\STMS.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: True Internet Color® Symbol.lnk = H:\E-Color\True Internet Color\TICIcon.exe
O4 - Global Startup: NetShow PowerPoint Helper.lnk = H:\Video\NetShow Services\Tools\nsppthlp.exe
O4 - Global Startup: Microsoft Office.lnk = G:\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: InterVideo WinCinema Manager.lnk = G:\Common\Bin\WinCinemaMgr.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://G:\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: ICQ 4.0 - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM32\SHDOCVW.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\MSMSGS.EXE
O12 - Plugin for .au: C:\Programme\Internet Explorer\PLUGINS\npqtplugin3.dll
O12 - Plugin for .mid: C:\Programme\Internet Explorer\PLUGINS\npqtplugin3.dll
O12 - Plugin for .pcg: C:\PROGRA~1\INTERN~1\Plugins\nppcgplg.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab
O16 - DPF: {53B8B406-42E4-4DD3-96E7-9DEC8CEB3DD8} (ICQVideoControl Class) - http://xtraz.icq.com/xtraz/activex/ICQVideoControl.cab
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/20030625/qtinstall.info.apple.com/abarth/de/win/QuickTimeInstaller.exe
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
O16 - DPF: {BE95EB50-BF4C-11D2-AD93-0060087E046C} (debitel KundenService) - https://kundenservice.debitel.com/sccicci125.cab
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2FC5DCF4-F17C-4EA9-8E9F-27E7E16CECFE}: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{D6F3C131-3670-46A6-8B99-0879E379CE75}: NameServer = 192.168.1.1
vielen dank schonmal
jojoadsf Gast |