Logfile of HijackThis v1.97.7
Scan saved at 14:15:17, on 31.03.2004
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\CTSvcCDA.exe
C:\WINNT\System32\svchost.exe
C:\Programme\Norton AntiVirus\navapsvc.exe
C:\Programme\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINNT\system32\nvsvc32.exe
C:\WINNT\system32\regsvc.exe
C:\Programme\Norton AntiVirus\SAVScan.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\Programme\Creative\ShareDLL\CtNotify.exe
C:\WINNT\TBPanel.exe
C:\Programme\Messenger Plus! 2\MsgPlus.exe
C:\Programme\Winamp\winampa.exe
C:\Program Files\webHancer\Programs\whSurvey.exe
C:\WINNT\system32\rundll32.exe
C:\Programme\Creative\ShareDLL\MediaDet.exe
C:\Programme\ICQLite\ICQLite.exe
C:\Program Files\webHancer\Programs\whAgent.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe
C:\Programme\FRITZ!DSL\Awatch.exe
C:\WINNT\system32\winload.exe
C:\WINNT\system32\qscsdq.exe
C:\WINNT\system32\internat.exe
C:\WINNT\system32\ntvdm.exe
C:\WINNT\System32\svchost.exe
C:\Programme\MSN Messenger\msnmsgr.exe
C:\Programme\Internet Explorer\IEXPLORE.EXE
C:\Dokumente und Einstellungen\Funny1\Desktop\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.spielmit.com/
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Programme\NewDotNet\newdotnet3_88.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programme\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {c900b400-cdfe-11d3-976a-00e02913a9e0} - C:\Program Files\webHancer\programs\whiehlpr.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programme\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [Disc Detector] C:\Programme\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [Gainward] C:\WINNT\TBPanel.exe /A
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [MessengerPlus2] C:\Programme\Messenger Plus! 2\MsgPlus.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Programme\Winamp\winampa.exe
O4 - HKLM\..\Run: [webHancer Survey Companion] C:\Program Files\webHancer\Programs\whSurvey.exe
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,NewDotNetStartup
O4 - HKLM\..\Run: [PWDK] C:\WINNT\PWDK.exe
O4 - HKLM\..\Run: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -minimize
O4 - HKLM\..\Run: [webHancer Agent] C:\Program Files\webHancer\Programs\whAgent.exe
O4 - HKLM\..\Run: [ccApp] C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [AWatch] C:\Programme\FRITZ!DSL\Awatch.exe
O4 - HKLM\..\Run: [Windows Subsys] C:\WINNT\system32\winload.exe rundll32.dll,loadsubsys,loadwin32,loadsys,win32
O4 - HKLM\..\Run: [Micosoft Logon] qscsdq.exe
O4 - HKLM\..\RunServices: [Windows Subsys] C:\WINNT\system32\winload.exe rundll32.dll,loadsubsys,loadwin32,loadsys,win32
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\Run: [MessengerPlus2] C:\Programme\Messenger Plus! 2\MsgPlus.exe /WinStart
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -trayboot
O4 - Startup: Mopy Points Collector.lnk = C:\MOPYFISH\GETPOINT.EXE
O9 - Extra button: ICQ Lite (HKLM)
O9 - Extra->Tools' menuitem: ICQ Lite (HKLM)
O9 - Extra button: Related (HKLM)
O9 - Extra->Tools' menuitem: Show &Related Links (HKLM)
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by WebHancer
O10 - Hijacked Internet access by WebHancer
O10 - Hijacked Internet access by WebHancer
O10 - Hijacked Internet access by WebHancer
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by WebHancer
O12 - Plugin for .spop: C:\Programme\Internet Explorer\Plugins\NPDocBox.dll
O12 - Plugin for .UVR: C:\Programme\Internet Explorer\Plugins\NPUPano.dll
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.4.1_02) -
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) -
http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37999.6587962963
O16 - DPF: {CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} (Java Runtime Environment 1.4.1_02) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://active.macromedia.com/flash/cabs/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{5EE393E5-58FB-40C5-ADDB-C3EF644BE891}: NameServer = 212.185.248.84 194.25.2.129
Dann mache ich das doch glatt auch mal*gg..Bei mir hat sich das Fenster alle 2 Sekunden geöffnet wenn ich offline war.*grummel