title image


Smiley hier ist die datei
Logfile of HijackThis v1.99.1

Scan saved at 14:01:38, on 06.03.2006

Platform: Windows 2000 SP4 (WinNT 5.00.2195)

MSIE: Internet Explorer v5.00 SP4 (5.00.2920.0000)



Running processes:

C:\WINNT\System32\smss.exe

C:\WINNT\system32\winlogon.exe

C:\WINNT\system32\services.exe

C:\WINNT\system32\lsass.exe

C:\WINNT\system32\svchost.exe

C:\WINNT\system32\spoolsv.exe

C:\WINNT\system32\svchost.exe

C:\Programme\Network Associates\Common Framework\FrameworkService.exe

C:\Programme\Network Associates\VirusScan\Mcshield.exe

C:\Programme\Network Associates\VirusScan\VsTskMgr.exe

C:\WINNT\system32\nvsvc32.exe

C:\WINNT\system32\regsvc.exe

C:\WINNT\system32\MSTask.exe

C:\WINNT\System32\WBEM\WinMgmt.exe

C:\WINNT\system32\svchost.exe

C:\WINNT\Explorer.EXE

C:\Programme\Creative\Audio2K\PROGRAM\CTMIX32.EXE

C:\Programme\Network Associates\VirusScan\SHSTAT.EXE

C:\Programme\Network Associates\Common Framework\UpdaterUI.exe

C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe

C:\Programme\Java\jre1.5.0_06\bin\jusched.exe

C:\WINNT\system32\internat.exe

C:\WINNT\system32\RUNDLL32.EXE

C:\WINNT\system32\m?hta.exe

C:\Programme\Microsoft Office\Office\MSOFFICE.EXE

C:\Programme\Microsoft Office\Office\FINDFAST.EXE

C:\Programme\Microsoft Office\Office\OSA.EXE

C:\Programme\WinZip\WZQKPICK.EXE

C:\WINNT\system32\ntvdm.exe

C:\HijackThis.exe



R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.de

R3 - URLSearchHook: (no name) - {EC542B1D-EF80-9C79-A5FC-943B830E29CF} - C:\WINNT\system32\zddfvrks.dll

R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll

O2 - BHO: (no name) - {EC542B1D-EF80-9C79-A5FC-943B830E29CF} - C:\WINNT\system32\zddfvrks.dll

O3 - Toolbar: @msdxmLC.dll,-1@1031,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx

O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon

O4 - HKLM\..\Run: [CreativeMixer] C:\Programme\Creative\Audio2K\PROGRAM\CTMIX32.EXE /t

O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\system32\NeroCheck.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [ShStatEXE] "C:\Programme\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE

O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Programme\Network Associates\Common Framework\UpdaterUI.exe"

O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_06\bin\jusched.exe

O4 - HKCU\..\Run: [internat.exe] internat.exe

O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\system32\NVMCTRAY.DLL,NvTaskbarInit

O4 - HKCU\..\Run: [Uvgysfz] C:\WINNT\system32\m?hta.exe

O4 - HKCU\..\Run: [Laie] "C:\WINNT\system32\PPPATC~1\explorer.exe" -vt mt

O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: Microsoft Office Shortcut-Leiste.lnk = C:\Programme\Microsoft Office\Office\MSOFFICE.EXE

O4 - Global Startup: Microsoft-Indexerstellung.lnk = C:\Programme\Microsoft Office\Office\FINDFAST.EXE

O4 - Global Startup: Office-Start.lnk = C:\Programme\Microsoft Office\Office\OSA.EXE

O4 - Global Startup: WinZip Quick Pick.lnk = C:\Programme\WinZip\WZQKPICK.EXE

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll

O14 - IERESET.INF: SEARCH_PAGE_URL=

O14 - IERESET.INF: START_PAGE_URL=

O15 - ProtocolDefaults: 'http' protocol is in Trusted Zone, should be Internet Zone

O16 - DPF: ppctlcab - http://www.pestscan.com/scanner/ppctlcab.cab

O16 - DPF: {D909E944-3A96-4280-9983-9D00001973A4} (Access Control) - http://www.eingang69.de/EroticAccess/exe/access_special.ocx

O16 - DPF: {D9A98D08-9B09-465D-97A0-687A27399092} (TerrainViewWebOCX Control) - http://www.viewtec.ch/~webpage/temp/TerrainViewWebOCX.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{0C5C57FE-21E2-4DE4-891A-B4F1A0154F2D}: NameServer = 194.25.2.129

O17 - HKLM\System\CS1\Services\Tcpip\..\{0C5C57FE-21E2-4DE4-891A-B4F1A0154F2D}: NameServer = 194.25.2.129

O17 - HKLM\System\CS2\Services\Tcpip\..\{0C5C57FE-21E2-4DE4-891A-B4F1A0154F2D}: NameServer = 194.25.2.129

O23 - Service: Verwaltungsdienst für die Verwaltung logischer Datenträger (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe

O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Programme\Network Associates\Common Framework\FrameworkService.exe

O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Programme\Network Associates\VirusScan\Mcshield.exe

O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Programme\Network Associates\VirusScan\VsTskMgr.exe

O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe





geschrieben von

Login

E-Mail:
  

Passwort:
  

Beitrag anfügen

Symbol:
 
 
 
 
 
 
 
 
 
 
 
 
 

Überschrift: