Ich bin Neu , Ich weiß auch das Passt hier zwar nicht hin aber ich habe ein großes problem .
nach 1-3 min öffnet sich der IE mit werbung und das nervt beim zocken .
hab auch schon eine HiJackThis Log datei ...
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 07:03:38, on 04.03.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINXP\System32\smss.exe
C:\WINXP\system32\winlogon.exe
C:\WINXP\system32\services.exe
C:\WINXP\system32\lsass.exe
C:\WINXP\system32\Ati2evxx.exe
C:\WINXP\system32\svchost.exe
C:\WINXP\System32\svchost.exe
C:\WINXP\system32\Ati2evxx.exe
C:\WINXP\system32\spoolsv.exe
E:\Avira\AntiVir Desktop\sched.exe
E:\Avira\AntiVir Desktop\avguard.exe
E:\Hamachi\hamachi-2.exe
C:\WINXP\Explorer.EXE
E:\Avira\AntiVir Desktop\avshadow.exe
C:\DOKUME~1\NICOLO~1\LOKALE~1\Temp\Ewe.exe
E:\Java\bin\jqs.exe
C:\WINXP\system32\drivers\svdmoos.exe
C:\WINXP\Ezelia.exe
C:\WINXP\RTHDCPL.EXE
C:\Programme\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe
E:\Avira\AntiVir Desktop\avgnt.exe
C:\WINXP\system32\ctfmon.exe
C:\Programme\Messenger\msmsgs.exe
C:\Programme\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINXP\system32\wbem\wmiapsrv.exe
C:\Programme\Windows Media Player\wmplayer.exe
C:\DOKUME~1\NICOLO~1\LOKALE~1\Temp\Ewd.exe
C:\WINXP\system32\ctfmon.exe
E:\Mozilla Firefox\firefox.exe
E:\Mozilla Firefox\plugin-container.exe
C:\WINXP\system32\msiexec.exe
C:\Programme\Internet Explorer\IEXPLORE.EXE
E:\hijackthis\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Only registered and activated users can see links. Click Here To Register...]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Only registered and activated users can see links. Click Here To Register...]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Only registered and activated users can see links. Click Here To Register...]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Only registered and activated users can see links. Click Here To Register...]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Only registered and activated users can see links. Click Here To Register...]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Only registered and activated users can see links. Click Here To Register...]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
F2 - REG:system.ini: UserInit=C:\WINXP\system32\userinit.exe,C:\WINXP\x Client.exe
O2 - BHO: C:\WINXP\system32\p7aoulta.dll - {B9B220C2-A500-59BD-F210-02B53A2C8953} - C:\WINXP\system32\p7aoulta.dll (file missing)
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [StartCCC] "C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Adobe reader\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [MPprc] C:\WINXP\install.exe
O4 - HKLM\..\Run: [HPUKSQURrxe] C:\DOKUME~1\NICOLO~1\LOKALE~1\Temp\system.exe
O4 - HKLM\..\Run: [MPk+] C:\WINXP\gdi32.exe
O4 - HKLM\..\Run: [HPUKSQURnZ] C:\DOKUME~1\NICOLO~1\LOKALE~1\Temp\cmd.exe
O4 - HKLM\..\Run: [MPub] C:\WINXP\sysmgm.exe
O4 - HKLM\..\Run: [MPqW] C:\WINXP\drweb.exe
O4 - HKLM\..\Run: [HPUKSQURpw+] C:\DOKUME~1\NICOLO~1\LOKALE~1\Temp\nvsvc32.exe
O4 - HKLM\..\Run: [HPUKSQURnyc] C:\DOKUME~1\NICOLO~1\LOKALE~1\Temp\csrss.exe
O4 - HKLM\..\Run: [MPud] C:\WINXP\system.exe
O4 - HKLM\..\Run: [HPUKSQURssc] C:\DOKUME~1\NICOLO~1\LOKALE~1\Temp\winlogon.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [avgnt] "E:\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINXP\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LKGGOPABUH] C:\DOKUME~1\NICOLO~1\LOKALE~1\Temp\Ewd.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Dokumente und Einstellungen\Nico Loves Luisa\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyo utubetomp3converter.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINXP\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINXP\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O20 - Winlogon Notify: reset5c - Invalid registry found
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINXP\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINXP\system32\browseui.dll
O22 - SharedTaskScheduler: dgushef87w3ruiijfgsdigdgs - {B9B220C2-A500-59BD-F210-02B53A2C8953} - C:\WINXP\system32\p7aoulta.dll (file missing)
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - E:\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - E:\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINXP\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINXP\system32\ati2sgag.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - E:\Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - E:\Java\bin\jqs.exe
O23 - Service: svdmoos - Unknown owner - C:\WINXP\system32\drivers\svdmoos.exe
O23 - Service: TuneUp Drive Defrag-Dienst (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINXP\System32\TuneUpDefragService.exe
--
End of file - 6422 bytes
Ich hoffe ihr Könnt mir Helfen
nach 1-3 min öffnet sich der IE mit werbung und das nervt beim zocken .
hab auch schon eine HiJackThis Log datei ...
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 07:03:38, on 04.03.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINXP\System32\smss.exe
C:\WINXP\system32\winlogon.exe
C:\WINXP\system32\services.exe
C:\WINXP\system32\lsass.exe
C:\WINXP\system32\Ati2evxx.exe
C:\WINXP\system32\svchost.exe
C:\WINXP\System32\svchost.exe
C:\WINXP\system32\Ati2evxx.exe
C:\WINXP\system32\spoolsv.exe
E:\Avira\AntiVir Desktop\sched.exe
E:\Avira\AntiVir Desktop\avguard.exe
E:\Hamachi\hamachi-2.exe
C:\WINXP\Explorer.EXE
E:\Avira\AntiVir Desktop\avshadow.exe
C:\DOKUME~1\NICOLO~1\LOKALE~1\Temp\Ewe.exe
E:\Java\bin\jqs.exe
C:\WINXP\system32\drivers\svdmoos.exe
C:\WINXP\Ezelia.exe
C:\WINXP\RTHDCPL.EXE
C:\Programme\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe
E:\Avira\AntiVir Desktop\avgnt.exe
C:\WINXP\system32\ctfmon.exe
C:\Programme\Messenger\msmsgs.exe
C:\Programme\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINXP\system32\wbem\wmiapsrv.exe
C:\Programme\Windows Media Player\wmplayer.exe
C:\DOKUME~1\NICOLO~1\LOKALE~1\Temp\Ewd.exe
C:\WINXP\system32\ctfmon.exe
E:\Mozilla Firefox\firefox.exe
E:\Mozilla Firefox\plugin-container.exe
C:\WINXP\system32\msiexec.exe
C:\Programme\Internet Explorer\IEXPLORE.EXE
E:\hijackthis\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Only registered and activated users can see links. Click Here To Register...]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Only registered and activated users can see links. Click Here To Register...]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Only registered and activated users can see links. Click Here To Register...]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Only registered and activated users can see links. Click Here To Register...]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Only registered and activated users can see links. Click Here To Register...]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Only registered and activated users can see links. Click Here To Register...]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
F2 - REG:system.ini: UserInit=C:\WINXP\system32\userinit.exe,C:\WINXP\x Client.exe
O2 - BHO: C:\WINXP\system32\p7aoulta.dll - {B9B220C2-A500-59BD-F210-02B53A2C8953} - C:\WINXP\system32\p7aoulta.dll (file missing)
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [StartCCC] "C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Adobe reader\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [MPprc] C:\WINXP\install.exe
O4 - HKLM\..\Run: [HPUKSQURrxe] C:\DOKUME~1\NICOLO~1\LOKALE~1\Temp\system.exe
O4 - HKLM\..\Run: [MPk+] C:\WINXP\gdi32.exe
O4 - HKLM\..\Run: [HPUKSQURnZ] C:\DOKUME~1\NICOLO~1\LOKALE~1\Temp\cmd.exe
O4 - HKLM\..\Run: [MPub] C:\WINXP\sysmgm.exe
O4 - HKLM\..\Run: [MPqW] C:\WINXP\drweb.exe
O4 - HKLM\..\Run: [HPUKSQURpw+] C:\DOKUME~1\NICOLO~1\LOKALE~1\Temp\nvsvc32.exe
O4 - HKLM\..\Run: [HPUKSQURnyc] C:\DOKUME~1\NICOLO~1\LOKALE~1\Temp\csrss.exe
O4 - HKLM\..\Run: [MPud] C:\WINXP\system.exe
O4 - HKLM\..\Run: [HPUKSQURssc] C:\DOKUME~1\NICOLO~1\LOKALE~1\Temp\winlogon.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [avgnt] "E:\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINXP\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LKGGOPABUH] C:\DOKUME~1\NICOLO~1\LOKALE~1\Temp\Ewd.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Dokumente und Einstellungen\Nico Loves Luisa\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyo utubetomp3converter.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINXP\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINXP\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O20 - Winlogon Notify: reset5c - Invalid registry found
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINXP\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINXP\system32\browseui.dll
O22 - SharedTaskScheduler: dgushef87w3ruiijfgsdigdgs - {B9B220C2-A500-59BD-F210-02B53A2C8953} - C:\WINXP\system32\p7aoulta.dll (file missing)
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - E:\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - E:\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINXP\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINXP\system32\ati2sgag.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - E:\Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - E:\Java\bin\jqs.exe
O23 - Service: svdmoos - Unknown owner - C:\WINXP\system32\drivers\svdmoos.exe
O23 - Service: TuneUp Drive Defrag-Dienst (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINXP\System32\TuneUpDefragService.exe
--
End of file - 6422 bytes
Ich hoffe ihr Könnt mir Helfen