HALLOOO !!!
Kriege als startseite den lästigen WEB_SEARCH seite immer.. kann nichts machen habe viel versucht doch der kommt immer wieder..
wie kriege ich das weg!??
könnte auch mal geschaut werden ob andere gefährliche reg. drinn sind!!!
bin ziemlich misstraurisch weil ich mein pc 1 woche ohne virenschutz hatte
kann mir jemand helfen bitte!!!!
Logfile of HijackThis v1.99.0
Scan saved at 20:24:23, on 14.02.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\WINDOWS\System32\ScsiAccess.EXE
C:\Programme\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Programme\Gemeinsame Dateien\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Programme\Gemeinsame Dateien\Softwin\BitDefender Scan Server\bdss.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Softwin\BitDefender8\vsserv.exe
C:\Programme\Ahead\InCD\InCD.exe
C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\VM_STI.EXE
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
C:\Programme\Java\j2re1.4.2_05\bin\jusched.exe
C:\Programme\CyberLink\PowerDVD\PDVDServ.exe
C:\Programme\Softwin\BitDefender8\bdswitch.exe
C:\Programme\Softwin\BitDefender8\bdoesrv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
C:\Programme\Aluria Software\ASE\ASE Scheduler.exe
C:\Programme\MSN Messenger\msnmsgr.exe
C:\Programme\Softwin\BitDefender8\bdmcon.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Programme\WinAce\WinAce.exe
C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\~AceTemp\hijack this_199\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://go.compaq.com/1Q00CDT/0407/bl7.asp
O2 - BHO: (no name) - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - (no file)
O2 - BHO: (no name) - {031B6D43-CBC4-46A5-8E46-CF8B407C1A33} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Search Relevancy - {1D7E3B41-23CE-469B-BE1B-A64B877923E1} - (no file)
O2 - BHO: (no name) - {30192F8D-0958-44E6-B54D-331FD39AC959} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {83DE62E0-5805-11D8-9B25-00E04C60FAF2} - (no file)
O2 - BHO: Explorer Class - {962F12AE-2773-4BEB-99EA-B5C3AB9A6606} - C:\WINDOWS\system32\DSMANA~1.DLL
O2 - BHO: (no name) - {A9AEE0DD-89E1-40EE-8749-A18650CC2175} - (no file)
O2 - BHO: (no name) - {F4E04583-354E-4076-BE7D-ED6A80FD66DA} - (no file)
O2 - BHO: (no name) - {FFF5092F-7172-4018-827B-FA5868FB0478} - (no file)
O4 - HKLM\..\Run: [ayaauyengrm] C:\WINDOWS\system32\muueccqg.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Programme\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKLM\..\Run: [4oO4arwa] C:\WINDOWS\shwnxufo.exe
O4 - HKLM\..\Run: [RemoteControl] C:\Programme\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [BDMCon] C:\progra~1\softwin\bitdef~1\bdmcon.exe
O4 - HKLM\..\Run: [BDNewsAgent] C:\progra~1\softwin\bitdef~1\bdnagent.exe
O4 - HKLM\..\Run: [BDSwitchAgent] C:\Programme\Softwin\BitDefender8\\bdswitch.exe
O4 - HKLM\..\Run: [BDOESRV] C:\Programme\Softwin\BitDefender8\\bdoesrv.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: ASE Scheduler.lnk = C:\Programme\Aluria Software\ASE\ASE Scheduler.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - https://messenger.zone.msn.com/binary/ms ... b31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - https://messenger.zone.msn.com/binary/Me ... b31267.cab
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} -
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - https://messenger.zone.msn.com/binary/Mi ... b31267.cab
O16 - DPF: {386A771C-E96A-421F-8BA7-32F1B706892F} -
O16 - DPF: {3AEECF42-EFE4-4AC8-AE9E-83C031EC09AB} (GamyunNetToolbar) - https://server.gamyun.net/GamyunIeToolbar.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - https://www.bitdefender.de/scan/Msie/bitdefender.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - https://messenger.zone.msn.com/binary/Me ... b31267.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - https://www.pattayalivecam.com/AxisCamControl.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - https://messenger.msn.com/download/MsnMe ... loader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - https://messenger.zone.msn.com/binary/ZI ... b31267.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - https://messenger.zone.msn.com/binary/Ba ... b31267.cab
O16 - DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} (Lycos File Upload Component) - https://f007.mail.lycos.de/app/uploader/FileUploader.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - https://messenger.zone.msn.com/binary/Chess.cab31267.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - https://messenger.zone.msn.com/binary/So ... b31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2EFFBC51-2893-43D6-BC59-B11B080754F8}: NameServer = 195.3.96.67 195.3.96.68
O18 - Protocol: cdefs - {B5F329B4-2BBD-48F5-ADAF-9EAF2AFE37B3} - (no file)
O18 - Protocol: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Programme\HP\hpcoretech\comp\hpuiprot.dll
O23 - Service: Aluria Security Center Spyware Eliminator Service - Unknown - C:\Programme\Aluria.exe (file missing)
O23 - Service: Aluria Spyware Eliminator Service - Unknown - C:\PROGRA~1\ALURIA~1\ASE\ASEServ.exe (file missing)
O23 - Service: Ati HotKey Poller - Unknown - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: BitDefender Scan Server - Unknown - C:\Programme\Gemeinsame Dateien\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: InCD Helper - Ahead Software AG - C:\Programme\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) - Ahead Software AG - C:\Programme\Ahead\InCD\InCDsrv.exe
O23 - Service: Kodak Camera Connection Software - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: ScsiAccess - Unknown - C:\WINDOWS\System32\ScsiAccess.EXE
O23 - Service: SoundMAX Agent Service - Analog Devices, Inc. - C:\Programme\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: TrueVector Internet Monitor - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: BitDefender Virus Shield - Unknown - C:\Programme\Softwin\BitDefender8\vsserv.exe
O23 - Service: BitDefender Communicator - Softwin - C:\Programme\Gemeinsame Dateien\Softwin\BitDefender Communicator\xcommsvr.exe