B
Beanos
Guest
Hi all, ich habe wieder nen Problem, ich habe Spybot Progy drüberlaufen lassen und plötzlich findet der " CoolWWWsearch.yexe " Das Problem ist das ich diesen Eintrag nicht FIxen kann, weder nach Neustart von WIn oder sonst wie. WIe bekomme ich das weg und was ist das??
Nachstehend nochmal ein HiJackthis Log würde mich freuen wenn Ihr sagt ob alles schick ist
Logfile of HijackThis v1.98.2
Scan saved at 23:30:29, on 09.11.2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSSystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
C
rogrammeGemeinsame DateienMicrosoft SharedVS7Debugmdm.exe
CrogrammeNorton Personal FirewallNISUM.EXE
CrogrammeSophos SWEEP for NTSWNETSUP.EXE
CrogrammeSophos SWEEP for NTSWEEPSRV.SYS
CrogrammeNorton Personal FirewallSymProxySvc.exe
CrogrammeNorton Personal FirewallNISSERV.EXE
CrogrammeSophos SWEEP for NTICMON.EXE
CrogrammeMozilla Firefoxfirefox.exe
D:Chrissihijackthis_198HijackThis.exe
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar =
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page =
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page =
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - CrogrammeICQToolbartoolbaru.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - CrogrammeSpybot - Search & DestroySDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - crogrammegooglegoogletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSystem32msdxm.ocx
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - CrogrammeICQToolbartoolbaru.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - crogrammegooglegoogletoolbar1.dll
O4 - HKLM..Run: [iamapp] CrogrammeNorton Personal FirewallIAMAPP.EXE
O4 - Global Startup: InterCheck Monitor.LNK = CrogrammeSophos SWEEP for NTICMON.EXE
O8 - Extra context menu item: &Google Search - res://crogrammegoogleGoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &ICQ Toolbar Search - res://CrogrammeICQToolbartoolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: Im Cache gespeicherte Seite - res://crogrammegoogleGoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://CROGRA~1MICROS~2Office10EXCEL.EXE/3000
O8 - Extra context menu item: Verweisseiten - res://crogrammegoogleGoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Ähnliche Seiten - res://crogrammegoogleGoogleToolbar1.dll/cmsimilar.html
O9 - Extra button: ICQ 4 - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - CrogrammeICQLiteICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - CrogrammeICQLiteICQLite.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - CROGRA~1Yahoo!MESSEN~1YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - CROGRA~1Yahoo!MESSEN~1YPager.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - CrogrammeMessengerMSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - CrogrammeMessengerMSMSGS.EXE
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
O17 - HKLMSystemCCSServicesTcpip..{8462AD7E-729F-4BAC-A89E-A68664B02900}: NameServer = 145.253.2.75 195.50.140.250
O17 - HKLMSystemCCSServicesTcpip..{CBF780BD-37F3-4715-9947-1E55A1D4EF56}: NameServer = 192.168.122.252,192.168.122.253
O17 - HKLMSystemCCSServicesTcpip..{E387A4B4-1EC8-47FE-AF10-50882283C1F5}: NameServer = 192.168.0.1,192.168.0.4
Dank im Vorraus!
Nachstehend nochmal ein HiJackthis Log würde mich freuen wenn Ihr sagt ob alles schick ist
Logfile of HijackThis v1.98.2
Scan saved at 23:30:29, on 09.11.2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSSystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
C
rogrammeGemeinsame DateienMicrosoft SharedVS7Debugmdm.exeC
rogrammeNorton Personal FirewallNISUM.EXEC
rogrammeSophos SWEEP for NTSWNETSUP.EXEC
rogrammeSophos SWEEP for NTSWEEPSRV.SYSC
rogrammeNorton Personal FirewallSymProxySvc.exeC
rogrammeNorton Personal FirewallNISSERV.EXEC
rogrammeSophos SWEEP for NTICMON.EXEC
rogrammeMozilla Firefoxfirefox.exeD:Chrissihijackthis_198HijackThis.exe
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar =
Please,
Anmelden
or
Registrieren
to view URLs content!
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page =
Please,
Anmelden
or
Registrieren
to view URLs content!
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page =
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C
rogrammeICQToolbartoolbaru.dllO2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C
rogrammeSpybot - Search & DestroySDHelper.dllO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c
rogrammegooglegoogletoolbar1.dllO3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSystem32msdxm.ocx
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C
rogrammeICQToolbartoolbaru.dllO3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c
rogrammegooglegoogletoolbar1.dllO4 - HKLM..Run: [iamapp] C
rogrammeNorton Personal FirewallIAMAPP.EXEO4 - Global Startup: InterCheck Monitor.LNK = C
rogrammeSophos SWEEP for NTICMON.EXEO8 - Extra context menu item: &Google Search - res://c
rogrammegoogleGoogleToolbar1.dll/cmsearch.htmlO8 - Extra context menu item: &ICQ Toolbar Search - res://C
rogrammeICQToolbartoolbaru.dll/SEARCH.HTMLO8 - Extra context menu item: Im Cache gespeicherte Seite - res://c
rogrammegoogleGoogleToolbar1.dll/cmcache.htmlO8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C
ROGRA~1MICROS~2Office10EXCEL.EXE/3000O8 - Extra context menu item: Verweisseiten - res://c
rogrammegoogleGoogleToolbar1.dll/cmbacklinks.htmlO8 - Extra context menu item: Ähnliche Seiten - res://c
rogrammegoogleGoogleToolbar1.dll/cmsimilar.htmlO9 - Extra button: ICQ 4 - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C
rogrammeICQLiteICQLite.exeO9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C
rogrammeICQLiteICQLite.exeO9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C
ROGRA~1Yahoo!MESSEN~1YPager.exeO9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C
ROGRA~1Yahoo!MESSEN~1YPager.exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C
rogrammeMessengerMSMSGS.EXEO9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C
rogrammeMessengerMSMSGS.EXEO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
Please,
Anmelden
or
Registrieren
to view URLs content!
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
Please,
Anmelden
or
Registrieren
to view URLs content!
O17 - HKLMSystemCCSServicesTcpip..{8462AD7E-729F-4BAC-A89E-A68664B02900}: NameServer = 145.253.2.75 195.50.140.250
O17 - HKLMSystemCCSServicesTcpip..{CBF780BD-37F3-4715-9947-1E55A1D4EF56}: NameServer = 192.168.122.252,192.168.122.253
O17 - HKLMSystemCCSServicesTcpip..{E387A4B4-1EC8-47FE-AF10-50882283C1F5}: NameServer = 192.168.0.1,192.168.0.4
Dank im Vorraus!
