- #1
T
TT-driver
Guest
Meine bemühungen Firefox wieder zum laufen zu bringen, hat mir den gtanzen Tag viel Spaß mit SpyAxe gebracht. Diesen nervigen Pop Up habe ich beseitigen können, allerdings werde ich den Rest nicht los.
Hat jemand einen Rat, wie ich die betroffenen datein beseitigen kann, danke.
Logfile of HijackThis v1.99.1
Scan saved at 19:53:29, on 29.12.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Programme\Trend Micro\PC-cillin 2002\pccguide.exe
C:\Programme\Trend Micro\PC-cillin 2002\PCCClient.exe
C:\Programme\Trend Micro\PC-cillin 2002\Pop3trap.exe
C:\Programme\T-Online\T-Online_Software_5\Basis-Software\Basis1\ToADiMon.exe
C:\Programme\Lexmark X5100 Series\lxbabmgr.exe
C:\WINDOWS\system32\crbe.exe
C:\Programme\Lexmark X5100 Series\lxbabmon.exe
C:\Programme\MSN Messenger\msnmsgr.exe
C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Programme\Trend Micro\PC-cillin 2002\WebTrap.EXE
C:\WINDOWS\winzv32.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Trend Micro\PC-cillin 2002\Tmntsrv.exe
C:\Programme\Trend Micro\PC-cillin 2002\PCCPFW.exe
C:\DOKUME~1\JJ.JAN\LOKALE~1\Temp\Temporäres Verzeichnis 14 für hijackthis_199.zip\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\lrijr.dll/sp.html#53142%resultposition.net
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\lrijr.dll/sp.html#53142%resultposition.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\lrijr.dll/sp.html#53142%resultposition.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\lrijr.dll/sp.html#53142%resultposition.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\lrijr.dll/sp.html#53142%resultposition.net
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\lrijr.dll/sp.html#53142%resultposition.net
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\lrijr.dll/sp.html#53142%resultposition.net
R3 - Default URLSearchHook is missing
O2 - BHO: Class - {6BF77FD2-9004-E69D-4473-91C3988264B0} - C:\WINDOWS\system32\msnz.dll
O2 - BHO: Class - {8C2CC6A5-75A3-61E8-04E2-F0D78734877A} - C:\WINDOWS\atlmq32.dll
O2 - BHO: Class - {F3D8DFCC-C963-F6D5-205B-07D798983E90} - C:\WINDOWS\system32\d3xi32.dll
O4 - HKLM\..\Run: [pccguide.exe] C:\Programme\Trend Micro\PC-cillin 2002\pccguide.exe
O4 - HKLM\..\Run: [PCCClient.exe] C:\Programme\Trend Micro\PC-cillin 2002\PCCClient.exe
O4 - HKLM\..\Run: [Pop3trap.exe] C:\Programme\Trend Micro\PC-cillin 2002\Pop3trap.exe
O4 - HKLM\..\Run: [ToADiMon.exe] C:\Programme\T-Online\T-Online_Software_5\Basis-Software\Basis1\ToADiMon.exe -TOnlineAutodialStart
O4 - HKLM\..\Run: [Lexmark X5100 Series] C:\Programme\Lexmark X5100 Series\lxbabmgr.exe
O4 - HKLM\..\Run: [crbe.exe] C:\WINDOWS\system32\crbe.exe
O4 - HKCU\..\Run: [msnmsgr] C:\Programme\MSN Messenger\msnmsgr.exe /background
O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Programme\AIM95\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra->Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\msgrapp.dll (file missing)
O23 - Service: Network Security Service ( 11Fßä#·ºÄÖ`I) - Unknown owner - C:\WINDOWS\winzv32.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: PC-cillin PersonalFirewall (PCCPFW) - Trend Micro Inc. - C:\Programme\Trend Micro\PC-cillin 2002\PCCPFW.exe
O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Inc. - C:\Programme\Trend Micro\PC-cillin 2002\Tmntsrv.exe
Hat jemand einen Rat, wie ich die betroffenen datein beseitigen kann, danke.
Logfile of HijackThis v1.99.1
Scan saved at 19:53:29, on 29.12.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Programme\Trend Micro\PC-cillin 2002\pccguide.exe
C:\Programme\Trend Micro\PC-cillin 2002\PCCClient.exe
C:\Programme\Trend Micro\PC-cillin 2002\Pop3trap.exe
C:\Programme\T-Online\T-Online_Software_5\Basis-Software\Basis1\ToADiMon.exe
C:\Programme\Lexmark X5100 Series\lxbabmgr.exe
C:\WINDOWS\system32\crbe.exe
C:\Programme\Lexmark X5100 Series\lxbabmon.exe
C:\Programme\MSN Messenger\msnmsgr.exe
C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Programme\Trend Micro\PC-cillin 2002\WebTrap.EXE
C:\WINDOWS\winzv32.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Trend Micro\PC-cillin 2002\Tmntsrv.exe
C:\Programme\Trend Micro\PC-cillin 2002\PCCPFW.exe
C:\DOKUME~1\JJ.JAN\LOKALE~1\Temp\Temporäres Verzeichnis 14 für hijackthis_199.zip\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\lrijr.dll/sp.html#53142%resultposition.net
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\lrijr.dll/sp.html#53142%resultposition.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\lrijr.dll/sp.html#53142%resultposition.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\lrijr.dll/sp.html#53142%resultposition.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\lrijr.dll/sp.html#53142%resultposition.net
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\lrijr.dll/sp.html#53142%resultposition.net
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\lrijr.dll/sp.html#53142%resultposition.net
R3 - Default URLSearchHook is missing
O2 - BHO: Class - {6BF77FD2-9004-E69D-4473-91C3988264B0} - C:\WINDOWS\system32\msnz.dll
O2 - BHO: Class - {8C2CC6A5-75A3-61E8-04E2-F0D78734877A} - C:\WINDOWS\atlmq32.dll
O2 - BHO: Class - {F3D8DFCC-C963-F6D5-205B-07D798983E90} - C:\WINDOWS\system32\d3xi32.dll
O4 - HKLM\..\Run: [pccguide.exe] C:\Programme\Trend Micro\PC-cillin 2002\pccguide.exe
O4 - HKLM\..\Run: [PCCClient.exe] C:\Programme\Trend Micro\PC-cillin 2002\PCCClient.exe
O4 - HKLM\..\Run: [Pop3trap.exe] C:\Programme\Trend Micro\PC-cillin 2002\Pop3trap.exe
O4 - HKLM\..\Run: [ToADiMon.exe] C:\Programme\T-Online\T-Online_Software_5\Basis-Software\Basis1\ToADiMon.exe -TOnlineAutodialStart
O4 - HKLM\..\Run: [Lexmark X5100 Series] C:\Programme\Lexmark X5100 Series\lxbabmgr.exe
O4 - HKLM\..\Run: [crbe.exe] C:\WINDOWS\system32\crbe.exe
O4 - HKCU\..\Run: [msnmsgr] C:\Programme\MSN Messenger\msnmsgr.exe /background
O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Programme\AIM95\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra->Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\msgrapp.dll (file missing)
O23 - Service: Network Security Service ( 11Fßä#·ºÄÖ`I) - Unknown owner - C:\WINDOWS\winzv32.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: PC-cillin PersonalFirewall (PCCPFW) - Trend Micro Inc. - C:\Programme\Trend Micro\PC-cillin 2002\PCCPFW.exe
O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Inc. - C:\Programme\Trend Micro\PC-cillin 2002\Tmntsrv.exe