J
johnny
Guest
hallo ich habe einen scan from meinen neffen gekriegt...und jets weis ich nicht gans
was jets nicht gut ist....bitte helfen sie mir grusse johnnyLogfile of HijackThis v1.98.2
Scan saved at 12:24:56, on 12-10-2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32LEXBCES.EXE
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSsystem32LEXPPS.EXE
C
rogram FilesNetropaMultimedia Keyboardnhksrv.exe
Crogram FilesAVPersonalAVGUARD.EXE
Crogram FilesAVPersonalAVWUPSRV.EXE
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32wscntfy.exe
C:WINDOWSExplorer.EXE
C:WINDOWSSystem32svchost.exe
Crogram FilesNetropaMultimedia KeyboardMMKeybd.exe
C:WINDOWSSystem32hkcmd.exe
Crogram FilesAVPersonalAVGNT.EXE
Crogram FilesAVPersonalAVSched32.EXE
Crogram FilesNetropaMultimedia KeyboardTrayMon.exe
Crogram FilesNetropaOnscreen DisplayOSD.exe
Crogram FilesNetropaInetKbInetkb.exe
Crogram FilesQuickTimeqttask.exe
crogra~1intern~1iexplore.exe
C:WINDOWSSystem32LXSUPMON.EXE
Crogram FilesFree Surferfs20.exe
Crogram FilesMessenger Plus! 3MsgPlus.exe
C:WINDOWSSystem32igfxtray.exe
Crogram FilesHewlett-PackardHP Share-to-Webhpgs2wnd.exe
Crogram FilesMSN AppsUpdater1.02.3000.1001nlmsnappau.exe
C:WINDOWSewupdater.exe
Crogram FilesHotbarbinHbinst.exe
Crogram FilesHewlett-PackardHP Share-to-Webhpgs2wnf.exe
Crogram FilesInternet Exploreriexplore.exe
CROGRA~1DAPDAP.EXE
CROGRA~1WINZIPwinzip32.exe
Cocuments and Settingscorrie meijerBureaubladHijackThis.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL =
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page =
R1 - HKCUSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Startpagina =
file:///C:/Program%20Files/QuickPage/Portal/portal.html
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet
Settings,ProxyServer = www-proxy.wanadoo.nl:8080
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet
Settings,ProxyOverride =
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
Koppelingen
O2 - BHO: DAPHelper Class - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} -
Crogram FilesDAPDAPBHO.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
Crogram FilesAdobeAcrobat 5.0ReaderActiveXAcroIEHelper.ocx
O2 - BHO: (no name) - {0D2E4906-B451-61E6-E34C-A35EF5354C40} -
CROGRA~1WINPRO~1Defy2.exe
O2 - BHO: (no name) - {56EDBCA0-298F-65BE-B575-B8B831E0D48C} -
CROGRA~1WINPRO~1Frag Less.exe
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - Crogram FilesMSN
AppsST1.02.3000.1002en-xustmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} -
crogram filesgooglegoogletoolbar2.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} -
Crogram FilesMSN AppsMSN Toolbar1.02.3000.1001nlmsntb.dll
O2 - BHO: BHO Class - {C77E900A-FF55-400E-9BAA-E042C8212898} - Crogram
FilesSimpelInternetEasybarToolbarStarter.dll
O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - Crogram
FilesDAPDAPIEBar.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Crogram
FilesMSN AppsMSN Toolbar1.02.3000.1001nlmsntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - crogram
filesgooglegoogletoolbar2.dll
O4 - HKLM..Run: [MULTIMEDIA KEYBOARD] Crogram FilesNetropaMultimedia
KeyboardMMKeybd.exe
O4 - HKLM..Run: [HotKeysCmds] C:WINDOWSSystem32hkcmd.exe
O4 - HKLM..Run: [AVGCtrl] "Crogram FilesAVPersonalAVGNT.EXE" /min
O4 - HKLM..Run: [AVSCHED32] Crogram FilesAVPersonalAVSched32.EXE /min
O4 - HKLM..Run: [Mode Stupid] CROGRA~1ELSECO~1Comp This.exe
O4 - HKLM..Run: [QuickTime Task] "Crogram FilesQuickTimeqttask.exe"
-atboottime
O4 - HKLM..Run: [PrinTray]
C:WINDOWSSystem32spoolDRIVERSW32X862printray.exe
O4 - HKLM..Run: [LXSUPMON] C:WINDOWSSystem32LXSUPMON.EXE RUN
O4 - HKLM..Run: [freesurfer] Crogram FilesFree Surferfs20.exe
O4 - HKLM..Run: [MessengerPlus3] "Crogram FilesMessenger Plus!
3MsgPlus.exe"
O4 - HKLM..Run: [IgfxTray] C:WINDOWSSystem32igfxtray.exe
O4 - HKLM..Run: [Share-to-Web Namespace Daemon] Crogram
FilesHewlett-PackardHP Share-to-Webhpgs2wnd.exe
O4 - HKLM..Run: [msnappau] "Crogram FilesMSN
AppsUpdater1.02.3000.1001nlmsnappau.exe"
O4 - HKLM..Run: [managerjumphidesite] Cocuments and SettingsAll
UsersApplication Dataknob online manager jumpOoze Acid.exe
O4 - HKLM..Run: [ewupdater] C:WINDOWSewupdater.exe
O4 - HKLM..Run: [Burn Logo Cool 16] Cocuments and SettingsAll
UsersApplication DatacoalwaveburnlogoMess Bore.exe
O4 - HKLM..Run: [Hotbar] Crogram FilesHotbarbinHbinst.exe /Upgrade
O4 - HKCU..Run: [WashAndGo - Cleanup of old Backupfiles] "Crogram
FilesPurgatio Prochecker.exe /check"
O8 - Extra context menu item: &Download with &DAP -
CROGRA~1DAPdapextie.htm
O8 - Extra context menu item: Download &all with DAP -
CROGRA~1DAPdapextie2.htm
O8 - Extra context menu item: Gelijkwaardige pagina's - res://crogram
filesgoogleGoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Koppelingspagina's - res://crogram
filesgoogleGoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Opgeslagen momentopname van de pagina -
res://crogram filesgoogleGoogleToolbar2.dll/cmcache.html
O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} -
CROGRA~1DAPDAP.EXE
O9 - Extra button: Free Surfer - {AFC3FA82-AD07-45cd-8B57-983435B9899E} -
Crogram FilesFree SurferFS20.exe
O9 - Extra 'Tools' menuitem: Free Surfer -
{AFC3FA82-AD07-45cd-8B57-983435B9899E} - Crogram FilesFree
SurferFS20.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
Crogram FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - Crogram
FilesMessengermsmsgs.exe
[Editiert am 12/10/2004 von johnny]
was jets nicht gut ist....bitte helfen sie mir grusse johnnyLogfile of HijackThis v1.98.2
Scan saved at 12:24:56, on 12-10-2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32LEXBCES.EXE
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSsystem32LEXPPS.EXE
C
rogram FilesNetropaMultimedia Keyboardnhksrv.exeC
rogram FilesAVPersonalAVGUARD.EXEC
rogram FilesAVPersonalAVWUPSRV.EXEC:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32wscntfy.exe
C:WINDOWSExplorer.EXE
C:WINDOWSSystem32svchost.exe
C
rogram FilesNetropaMultimedia KeyboardMMKeybd.exeC:WINDOWSSystem32hkcmd.exe
C
rogram FilesAVPersonalAVGNT.EXEC
rogram FilesAVPersonalAVSched32.EXEC
rogram FilesNetropaMultimedia KeyboardTrayMon.exeC
rogram FilesNetropaOnscreen DisplayOSD.exeC
rogram FilesNetropaInetKbInetkb.exeC
rogram FilesQuickTimeqttask.exec
rogra~1intern~1iexplore.exeC:WINDOWSSystem32LXSUPMON.EXE
C
rogram FilesFree Surferfs20.exeC
rogram FilesMessenger Plus! 3MsgPlus.exeC:WINDOWSSystem32igfxtray.exe
C
rogram FilesHewlett-PackardHP Share-to-Webhpgs2wnd.exeC
rogram FilesMSN AppsUpdater1.02.3000.1001nlmsnappau.exeC:WINDOWSewupdater.exe
C
rogram FilesHotbarbinHbinst.exeC
rogram FilesHewlett-PackardHP Share-to-Webhpgs2wnf.exeC
rogram FilesInternet Exploreriexplore.exeC
ROGRA~1DAPDAP.EXEC
ROGRA~1WINZIPwinzip32.exeC
ocuments and Settingscorrie meijerBureaubladHijackThis.exeR0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
Please,
Anmelden
or
Registrieren
to view URLs content!
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL =
Please,
Anmelden
or
Registrieren
to view URLs content!
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page =
Please,
Anmelden
or
Registrieren
to view URLs content!
R1 - HKCUSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
Please,
Anmelden
or
Registrieren
to view URLs content!
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
Please,
Anmelden
or
Registrieren
to view URLs content!
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Startpagina =
file:///C:/Program%20Files/QuickPage/Portal/portal.html
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet
Settings,ProxyServer = www-proxy.wanadoo.nl:8080
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet
Settings,ProxyOverride =
Please,
Anmelden
or
Registrieren
to view URLs content!
;signup.wanadoo.nl;<local>R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
Koppelingen
O2 - BHO: DAPHelper Class - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} -
C
rogram FilesDAPDAPBHO.dllO2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C
rogram FilesAdobeAcrobat 5.0ReaderActiveXAcroIEHelper.ocxO2 - BHO: (no name) - {0D2E4906-B451-61E6-E34C-A35EF5354C40} -
C
ROGRA~1WINPRO~1Defy2.exeO2 - BHO: (no name) - {56EDBCA0-298F-65BE-B575-B8B831E0D48C} -
C
ROGRA~1WINPRO~1Frag Less.exeO2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C
rogram FilesMSN AppsST1.02.3000.1002en-xustmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} -
c
rogram filesgooglegoogletoolbar2.dllO2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} -
C
rogram FilesMSN AppsMSN Toolbar1.02.3000.1001nlmsntb.dllO2 - BHO: BHO Class - {C77E900A-FF55-400E-9BAA-E042C8212898} - C
rogram FilesSimpelInternetEasybarToolbarStarter.dll
O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C
rogram FilesDAPDAPIEBar.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C
rogram FilesMSN AppsMSN Toolbar1.02.3000.1001nlmsntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c
rogram filesgooglegoogletoolbar2.dll
O4 - HKLM..Run: [MULTIMEDIA KEYBOARD] C
rogram FilesNetropaMultimedia KeyboardMMKeybd.exe
O4 - HKLM..Run: [HotKeysCmds] C:WINDOWSSystem32hkcmd.exe
O4 - HKLM..Run: [AVGCtrl] "C
rogram FilesAVPersonalAVGNT.EXE" /minO4 - HKLM..Run: [AVSCHED32] C
rogram FilesAVPersonalAVSched32.EXE /minO4 - HKLM..Run: [Mode Stupid] C
ROGRA~1ELSECO~1Comp This.exeO4 - HKLM..Run: [QuickTime Task] "C
rogram FilesQuickTimeqttask.exe" -atboottime
O4 - HKLM..Run: [PrinTray]
C:WINDOWSSystem32spoolDRIVERSW32X862printray.exe
O4 - HKLM..Run: [LXSUPMON] C:WINDOWSSystem32LXSUPMON.EXE RUN
O4 - HKLM..Run: [freesurfer] C
rogram FilesFree Surferfs20.exeO4 - HKLM..Run: [MessengerPlus3] "C
rogram FilesMessenger Plus! 3MsgPlus.exe"
O4 - HKLM..Run: [IgfxTray] C:WINDOWSSystem32igfxtray.exe
O4 - HKLM..Run: [Share-to-Web Namespace Daemon] C
rogram FilesHewlett-PackardHP Share-to-Webhpgs2wnd.exe
O4 - HKLM..Run: [msnappau] "C
rogram FilesMSN AppsUpdater1.02.3000.1001nlmsnappau.exe"
O4 - HKLM..Run: [managerjumphidesite] C
ocuments and SettingsAll UsersApplication Dataknob online manager jumpOoze Acid.exe
O4 - HKLM..Run: [ewupdater] C:WINDOWSewupdater.exe
O4 - HKLM..Run: [Burn Logo Cool 16] C
ocuments and SettingsAll UsersApplication DatacoalwaveburnlogoMess Bore.exe
O4 - HKLM..Run: [Hotbar] C
rogram FilesHotbarbinHbinst.exe /UpgradeO4 - HKCU..Run: [WashAndGo - Cleanup of old Backupfiles] "C
rogram FilesPurgatio Prochecker.exe /check"
O8 - Extra context menu item: &Download with &DAP -
C
ROGRA~1DAPdapextie.htmO8 - Extra context menu item: Download &all with DAP -
C
ROGRA~1DAPdapextie2.htmO8 - Extra context menu item: Gelijkwaardige pagina's - res://c
rogram filesgoogleGoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Koppelingspagina's - res://c
rogram filesgoogleGoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Opgeslagen momentopname van de pagina -
res://c
rogram filesgoogleGoogleToolbar2.dll/cmcache.htmlO9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} -
C
ROGRA~1DAPDAP.EXEO9 - Extra button: Free Surfer - {AFC3FA82-AD07-45cd-8B57-983435B9899E} -
C
rogram FilesFree SurferFS20.exeO9 - Extra 'Tools' menuitem: Free Surfer -
{AFC3FA82-AD07-45cd-8B57-983435B9899E} - C
rogram FilesFree SurferFS20.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C
rogram FilesMessengermsmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C
rogram FilesMessengermsmsgs.exe
[Editiert am 12/10/2004 von johnny]
