Hallo
Ich habe auch so ein Problem das wenn ich den IE6 starte niux kommt ausserd dieser Fehlermeldung Shdoclc.dll. Doch was mir komisch erscheint ist das Programme wir ICQ IRC laufen doch MSN wieder nicht. Habe auch mal dieses Program Hijackthis drüber laufen lassen. Hier der Log:
Logfile of HijackThis v1.98.0
Scan saved at 12:38:04, on 16.07.2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\System32\CTHELPER.EXE
C:\Programme\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe
C:\Programme\Winamp\winampa.exe
C:\Programme\ICQLite\ICQLite.exe
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
C:\WINDOWS\szchost.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\inetsrv\inetinfo.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\rundll32.exe
C:\Programme\Steam\Steam.exe
C:\Dokumente und Einstellungen\empty\Anwendungsdaten\buun.exe
C:\Programme\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\rondtg.exe
C:\WINDOWS\runwin32.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Programme\Lavasoft\Ad-aware 6\Ad-aware.exe
Z:\Programme\Gamers.IRC\mirc.exe
C:\WINDOWS\notepad.exe
H:\-=][Appz][=-\HijackThis.exe
C:\WINDOWS\System32\mstsc.exe
C:\Programme\Messenger\msmsgs.exe
R1 - HKCU\Software\Microsoft\Internet Explorer,Search = http://dinamo.directwebsearch.net/search.php
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://dinamo.directwebsearch.net/search.php
R1 - HKLM\Software\Microsoft\Internet Explorer,Search = http://dinamo.directwebsearch.net/search.php
R1 - HKLM\Software\Microsoft\Internet Explorer,SearchURL = http://dinamo.directwebsearch.net/search.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://dinamo.directwebsearch.net/search.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = file://C:\DOKUME~1\empty\LOKALE~1\Temp\sp.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = file://C:\DOKUME~1\empty\LOKALE~1\Temp\sp.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://c:/spad/start.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://dinamo.directwebsearch.net/search.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = file://C:\DOKUME~1\empty\LOKALE~1\Temp\sp.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = file://C:\DOKUME~1\empty\LOKALE~1\Temp\sp.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = file://C:\DOKUME~1\empty\LOKALE~1\Temp\sp.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dinamo.directwebsearch.net/search.php
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = file://C:\DOKUME~1\empty\LOKALE~1\Temp\sp.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.bluewin.ch/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O1 - Hosts file is located at: C:\WINDOWS\nsdb\hosts
O1 - Hosts: 81.211.105.69 lender-search.com
O1 - Hosts: 81.211.105.68 hot-searches.com
O2 - BHO: (no name) - {0000607D-D204-42C7-8E46-216055BF9918} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {4DAA4276-B13C-0D9C-D557-66550FA07E30} - C:\WINDOWS\System32\zhuwemn.dll
O2 - BHO: (no name) - {51EA18A2-7C1A-4A8A-9943-0DAB0672F8FE} - C:\WINDOWS\System32\anlg.dll
O2 - BHO: Botnet - {A2833482-B023-4C65-B09D-EE47A4E8CC56} - C:\Dokumente und Einstellungen\empty\Anwendungsdaten\botnet1.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programme\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programme\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar.dll
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTSysVol] C:\Programme\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
O4 - HKLM\..\Run: [CTDVDDet] C:\Programme\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [CTStartup] "C:\Programme\Creative\Splash Screen\CTEaxSpl.EXE" /run
O4 - HKLM\..\Run: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Programme\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [AGQWDK] C:\WINDOWS\AGQWDK.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Programme\Winamp\winampa.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -minimize
O4 - HKLM\..\Run: [RunDLL] rundll32.exe "C:\WINDOWS\Downloaded Program Files\bridge.dll",Load
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [winupd] C:\WINDOWS\System32\winupd.exe
O4 - HKLM\..\Run: [ElbyCheckElbyCDFL] z:\programme\clonecd\ElbyCheck.exe /L ElbyCDFL
O4 - HKLM\..\Run: [Zone system] C:\WINDOWS\szchost.exe
O4 - HKLM\..\Run: [win32.exe] C:\WINDOWS\win32.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programme\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [Steam] C:\Programme\Steam\Steam.exe -silent
O4 - HKCU\..\Run: [Tecc] C:\Dokumente und Einstellungen\empty\Anwendungsdaten\buun.exe
O4 - HKCU\..\Run: [Npq] C:\WINDOWS\System32\rondtg.exe
O4 - HKCU\..\Run: [Remote Packet Capture Protocol v.2.0] C:\WINDOWS\runwin32.exe
O4 - HKCU\..\Run: [Plug and Play] C:\WINDOWS\wininet32.exe
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -trayboot
O4 - Global Startup: GStartup.lnk = C:\Programme\Gemeinsame Dateien\GMT\GMT.exe
O8 - Extra context menu item: &Google Search - res://C:\Programme\Google\googletoolbar.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://C:\Programme\Google\googletoolbar.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Programme\Google\googletoolbar.dll/cmcache.html
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Si&milar Pages - res://C:\Programme\Google\googletoolbar.dll/cmsimilar.html
O9 - Extra button: (no name) - {237AA178-C3BC-4f67-A8BB-D8BC14BA0B89} - (no file)
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Programme\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Programme\ICQ\ICQ.exe
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: Microsoft® JavaScript® Console - {BA7DD78F-4EF4-4CC8-AA12-2A7453BD2A64} - (no file)
O9 - Extra 'Tools' menuitem: JavaScript Console - {BA7DD78F-4EF4-4CC8-AA12-2A7453BD2A64} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\MSMSGS.EXE
O9 - Extra button: (no name) - {237AA178-C3BC-4f67-A8BB-D8BC14BA0B89} - (no file) (HKCU)
O9 - Extra button: Microsoft® JavaScript® Console - {BA7DD78F-4EF4-4CC8-AA12-2A7453BD2A64} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: JavaScript Console - {BA7DD78F-4EF4-4CC8-AA12-2A7453BD2A64} - (no file) (HKCU)
O15 - Trusted Zone: *.clickspring.net
O15 - Trusted Zone: *.mt-download.com
O15 - Trusted Zone: *.my-internet.info
O15 - Trusted Zone: *.searchmiracle.com
O15 - Trusted Zone: *.skoobidoo.com
O16 - DPF: {11010101-1001-1111-1000-110112345678} - ms-its:mhtml:file://C:oo.mhtml!http://81.9.3.86//scripts//dw//chm.chm?id=dp::/win.exe
O16 - DPF: {11111111-1111-1111-1111-111111111157} - ms-its:mhtml:file://c:\nosuch.mht!http://213.159.117.133/dl/adv97/x.chm::/load.exe
O16 - DPF: {11111111-1111-1111-1111-111111111171} - ms-its:mhtml:file://c:\\nosuch.mht!http://line-plus.com/newhelp.chm::/newhelp.exe
O16 - DPF: {706F3805-27D7-478D-80E5-E25D2BB030B3} (VacPro.internazionale_ver3) - http://www.advnt01.com/dialer/internazionale_ver3.CAB
O16 - DPF: {8FA9D107-547B-4DBC-9D88-FABD891EDB0A} (shizmoo Class) - http://arcade.icq.com/multiplayer/odyssey_web8.cab
O16 - DPF: {912DC742-755C-4F1D-9F77-DFF88C344083} (Vacpro.switzerland) - http://www.7adpower.com/dialer/switzerland.CAB
O16 - DPF: {AD7FAFB0-16D6-40C3-AF27-585D6E6453FD} - http://dload.ipbill.com/del/loader.cab
O18 - Filter: text/html - {BA816B72-53BF-49A4-9AA2-8BF8580790D0} - C:\WINDOWS\System32\anlg.dll
O18 - Filter: text/plain - {BA816B72-53BF-49A4-9AA2-8BF8580790D0} - C:\WINDOWS\System32\anlg.dll
O21 - SSODL: System - {7EE26A99-D3D8-412A-9166-AB2455C5B992} - C:\WINDOWS\system32\system32.dll (file missing)
Wäre echt froh um hilft
MfG emptY