Hi
Ich habe jetzt Ad-ware drüberlaufen lassen und noch ein Online-Scan gemacht. Bei Ad-ware hat er ziemlich viel Müll gefunden aber ob jetzt alles Sauber ist weiss ich nicht. Habe nochmal mit HijackThis gescannt. Hier die neue Log.Datei
Logfile of HijackThis v1.97.7
Scan saved at 10:12:16, on 26.05.2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
D:\TuneUp Utilities 2004\WinStylerThemeSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\McAfee\McAfee Privacy Service\GUARDDOG.EXE
c:\PROGRA~2\mcafee.com\vso\mcvsrte.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\McAfee\McAfee Privacy Service\GUARDDOG.EXE
C:\PROGRA~2\McAfee.com\PERSON~1\MPFSERVICE.exe
C:\WINDOWS\soundman.exe
C:\Programme\McAfee\McAfee Shared Components\Guardian\CMGrdian.exe
C:\PROGRA~2\McAfee.com\Agent\MCAGENT.EXE
C:\PROGRA~2\mcafee.com\vso\mcvsshld.exe
c:\progra~2\mcafee.com\vso\mcvsescn.exe
C:\PROGRA~2\McAfee.com\PERSON~1\MpfTray.exe
C:\Programme\Java\j2re1.4.2_04\bin\jusched.exe
C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
c:\PROGRA~2\mcafee.com\vso\mcshield.exe
C:\PROGRA~2\McAfee.com\PERSON~1\MpfAgent.exe
C:\Programme\Stardock\ObjectDock\ObjectDock.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Dokumente und Einstellungen\Desktop\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.de/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak =
http://www.google.de/
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - d:\Adobe Reader 6.01\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Idea2 SidebarBrowserMonitor Class - {45AD732C-2CE2-4666-B366-B2214AD57A49} - (no file)
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - D:\FlashGet\jccatch.dll
O2 - BHO: (no name) - {cc4b2ee5-4803-11d7-8a38-00b0d0c6b814} - C:\Programme\McAfee\McAfee Privacy Service\GDIEHELP.DLL
O2 - BHO: (no name) - {D8D836BA-1FF0-45BA-AABB-8D8E25CCC5CF} - C:\WINDOWS\jksixfx.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~2\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: (no name) - {71ED4FBA-4024-4bbe-91DC-9704C93F453E} - (no file)
O4 - HKLM\..\Run: [SoundMan] soundman.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~2\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [VSOCheckTask] c:\PROGRA~2\mcafee.com\vso\mcmnhdlr.exe /checktask
O4 - HKLM\..\Run: [McAfee Guardian] C:\Programme\McAfee\McAfee Shared Components\Guardian\CMGrdian.exe /SU
O4 - HKLM\..\Run: [MCAgentExe] C:\PROGRA~2\McAfee.com\Agent\MCAGENT.EXE
O4 - HKLM\..\Run: [VirusScan Online] c:\PROGRA~2\mcafee.com\vso\mcvsshld.exe
O4 - HKLM\..\Run: [MPFTray] C:\PROGRA~2\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\j2re1.4.2_04\bin\jusched.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - Startup: Stardock ObjectDock.lnk = C:\Programme\Stardock\ObjectDock\ObjectDock.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Microsoft Office XP Professional\Office10\OSA.EXE
O8 - Extra context menu item: Alles mit FlashGet laden - D:\FlashGet\jc_all.htm
O8 - Extra context menu item: Mit FlashGet laden - D:\FlashGet\jc_link.htm
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://D:\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra->Tools' menuitem: Sun Java Konsole (HKLM)
O9 - Extra button: Subscribe in Desktop Sidebar (HKLM)
O9 - Extra->Tools' menuitem: Subscribe in Desktop Sidebar (HKLM)
O9 - Extra button: ICQ Lite (HKLM)
O9 - Extra->Tools' menuitem: ICQ Lite (HKLM)
O9 - Extra button: Privacy-Leiste (HKLM)
O9 - Extra button: FlashGet (HKLM)
O9 - Extra->Tools' menuitem: &FlashGet (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra->Tools' menuitem: Windows Messenger (HKLM)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) -
http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {1D168290-F3DF-4842-94C3-2862596771FB} -
http://us.dl1.yimg.com/download.yahoo.com/dl/installs/ydropper/ydropper1_1de.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) -
http://download.yahoo.com/dl/installs/yinst0309.cab
O16 - DPF: {4BFB1D84-F695-489A-8765-06AA5D66C57C} (IObjSafety.DemoCtl) - http:/ mmm.roings.com/cabs/clickyes.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) -
http://bin.mcafee.com/molbin/shared/mcinsctl/de/4,0,0,76/mcinsctl.cab
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) -
http://www.ea.com/downloads/rtpatch/EARTPX.cab
O16 - DPF: {706F3805-27D7-478D-80E5-E25D2BB030B3} (VacPro.internazionale_ver3) - http:/ advnt01.com/dialer/internazionale_ver3.CAB
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) -
http://launch.gamespyarcade.com/software/launch/alaunch.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) -
http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38060.3015740741
O16 - DPF: {AB29A544-D6B4-4E36-A1F8-D3E34FC7B00A} - http:/
www.wildtangent.com/install/wdriver/speedway/wildtangent/wtinst.cab
O16 - DPF: {AD7FAFB0-16D6-40C3-AF27-585D6E6453FD} - http:/ dload.ipbill.com/del/loader.cab
O16 - DPF: {CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} (Java Runtime Environment 1.4.1_02) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D67AC55A-B750-41A4-BEE6-020E017A7996} - http:/ popfile.de/myplaylist/pc/partner/d12/MY-PLAYLIST-WEBINSTALLER_loader.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{1E1A80F2-354D-4407-B825-0CBEBE879AE1}: NameServer = 145.253.2.11 145.253.2.203
O17 - HKLM\System\CS1\Services\Tcpip\..\{1E1A80F2-354D-4407-B825-0CBEBE879AE1}: NameServer = 145.253.2.11 145.253.2.203