| |
| |||||||
Log-Analyse und Auswertung: specific911 sucks- bin am ende :-( !!!! hilfe!!!Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
22.12.2004, 20:20
| #1 |
 |  specific911 sucks- bin am ende :-( !!!! hilfe!!! Sry, war aus versehen, hier ist der wieder: Logfile of HijackThis v1.99.0 Scan saved at 20:08:24, on 22.12.2004 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programme\Sygate\SPF\smc.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Programme\AVPersonal\AVGUARD.EXE C:\Programme\AVPersonal\AVWUPSRV.EXE C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\system32\P2P Networking\P2P Networking.exe C:\Programme\AVPersonal\AVGNT.EXE C:\Programme\Internet Explorer\iexplore.exe C:\Dokumente und Einstellungen\kaim rq\Desktop\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer,SearchAssistant = http://specific911.net/aff/108/ R1 - HKCU\Software\Microsoft\Internet Explorer,CustomizeSearch = http://specific911.net/aff/108/ R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://specific911.net/aff/108/ R1 - HKLM\Software\Microsoft\Internet Explorer,SearchURL = http://specific911.com/_start/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://specific911.net/aff/108/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://specific911.net/aff/108/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://specific911.net/aff/108/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://specific911.net/aff/108/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://specific911.net/aff/108/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://specific911.com/_start/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://specific911.net/aff/108/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://specific911.net/aff/108/ R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://specific911.com/_start/ R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://specific911.com/_start/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://specific911.net/aff/108/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://specific911.com/_start/ R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/cust.../www.yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.google.de/ O1 - Hosts: 64.246.26.137 searchmyrequest.com O1 - Hosts: 64.246.26.137 sina.com.cn O1 - Hosts: 64.246.26.137 163.com O1 - Hosts: 64.246.26.137 sohu.com O1 - Hosts: 64.246.26.137 line-plus.com O1 - Hosts: 64.246.26.137 list2004.com O1 - Hosts: 64.246.26.137 worldmpeg.com O1 - Hosts: 64.246.26.137 install.xxxtoolbar.com O1 - Hosts: 64.246.26.137 ewebsearch.net O1 - Hosts: 64.246.26.137 casino.com O1 - Hosts: 64.246.26.137 hotbot.com O1 - Hosts: 64.246.26.137 lycos.com O1 - Hosts: 64.246.26.137 excite.com O1 - Hosts: 64.246.26.137 dmoz.org O1 - Hosts: 64.246.26.137 wisenut.com O1 - Hosts: 64.246.26.137 alltheweb.com O1 - Hosts: 64.246.26.137 teoma.com O1 - Hosts: 64.246.26.137 search.com O1 - Hosts: 64.246.26.137 msn.com O1 - Hosts: 64.246.26.137 search.msn.com O1 - Hosts: 64.246.26.137 altavista.com O1 - Hosts: 64.246.26.137 google.com O1 - Hosts: 64.246.26.137 yahoo.com O1 - Hosts: 64.246.26.137 www.search-all-fast.com O1 - Hosts: 64.246.26.137 thehun.com O1 - Hosts: 64.246.26.137 geosites.com O1 - Hosts: 64.246.26.137 i-lookup.com O1 - Hosts: 64.246.26.137 sexocean.com O1 - Hosts: 64.246.26.137 full-search.net O1 - Hosts: 64.246.26.137 search-all-fast.com O1 - Hosts: 64.246.26.137 www.full-search.net O1 - Hosts: 64.246.26.137 auto.search.msn.com O1 - Hosts: 64.246.26.137 in.webcounter.cc O1 - Hosts: 64.246.26.137 sitefinder.verisign.com O1 - Hosts: 64.246.26.137 www.umaxsearch.com O1 - Hosts: 64.246.26.137 umaxsearch.com O1 - Hosts: 64.246.26.137 www.google.com O1 - Hosts: 64.246.26.137 www.coolwebsearch.com O1 - Hosts: 64.246.26.137 coolwebsearch.com O1 - Hosts: 64.246.26.137 www.searchmeup.com O1 - Hosts: 64.246.26.137 searchmeup.com O1 - Hosts: 64.246.26.137 www.pizdato.biz O1 - Hosts: 64.246.26.137 search-motor.com O1 - Hosts: 64.246.26.137 pizdato.biz O1 - Hosts: 64.246.26.137 www.search-motor.com O1 - Hosts: 64.246.26.137 38.117.144.162 O1 - Hosts: 64.246.26.137 209.66.114.129 O1 - Hosts: 64.246.26.137 www.yahoo.com O1 - Hosts: 64.246.26.137 search.yahoo.com O1 - Hosts: 64.246.26.137 xml.umaxfeed.com O1 - Hosts: 64.246.26.137 searchmiracle.com O1 - Hosts: 64.246.26.137 x.full-tgp.net O1 - Hosts: 64.246.26.137 www.searchmiracle.com O1 - Hosts: 64.246.26.137 www.search-and-more.com O1 - Hosts: 64.246.26.137 x.full-tgp.net O1 - Hosts: 64.246.26.137 home.peoplepc.com O1 - Hosts: 64.246.26.137 peoplepc.com O1 - Hosts: 64.246.26.137 all-find.net O1 - Hosts: 64.246.26.137 www.start-page.info O1 - Hosts: 64.246.26.137 start-page.info O1 - Hosts: 64.246.26.137 www.young-devils.com O1 - Hosts: 64.246.26.137 young-devils.com O1 - Hosts: 64.246.26.137 toolbarpartner.net O1 - Hosts: 64.246.26.137 www.toolbarpartner.net O1 - Hosts: 64.246.26.137 www.teocash.com O1 - Hosts: 64.246.26.137 cgi.gammae.com O1 - Hosts: 64.246.26.137 teens-dream.com O1 - Hosts: 64.246.26.137 the.sextracker.com O1 - Hosts: 64.246.26.137 new-iframe.biz O1 - Hosts: 64.246.26.137 troyporn.com O1 - Hosts: 64.246.26.137 213.159.117.133 O1 - Hosts: 64.246.26.137 213.159.117.150 O1 - Hosts: 64.246.26.137 63.219.178.91 O1 - Hosts: 64.246.26.137 66.180.174.16 O1 - Hosts: 64.246.26.137 find-on-the-net.com O1 - Hosts: 64.246.26.137 first-time.biz O1 - Hosts: 64.246.26.137 toolbarcash.com O1 - Hosts: 64.246.26.137 www.slotch.com O1 - Hosts: 64.246.26.137 www.vesbiz.biz O2 - BHO: (no name) - {00D6A7E7-4A97-456f-848A-3B75BF7554D7} - (no file) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file) O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\system32\P2P Networking\P2P Networking.exe /AUTOSTART O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [host] C:\WINDOWS\..vbs O4 - HKLM\..\Run: [AVGCtrl] "C:\Programme\AVPersonal\AVGNT.EXE" /min O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: &Google Search - res://C:\Programme\Google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Im Cache gespeicherte Seite - res://C:\Programme\Google\GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: Verweisseiten - res://C:\Programme\Google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Ähnliche Seiten - res://C:\Programme\Google\GoogleToolbar1.dll/cmsimilar.html O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O10 - Broken Internet access because of LSP provider 'xfire_lsp_10650.dll' missing O12 - Plugin for .pdf: C:\Programme\Internet Explorer\PLUGINS\nppdf32.dll O13 - WWW Prefix: http://specific911.net/se.cgi?query= O16 - DPF: {11111111-1111-1111-1111-111111111111} - http://www.akty.pl/www/oral.exe O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://specific911.com/acc1/PopularS...tup1.0.0.8.cab O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) - O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://files.ea.com/downloads/rtpatch/v2/EARTPX.cab O16 - DPF: {5CBA93A3-E0ED-11D5-A70E-00C12601EADE} - http://www.laski.pl/sex-explorer.exe O16 - DPF: {F0BC061F-DAF9-4533-8011-53BCB4C10307} - http://install.p2p-projekt.de/Instal...sAssistent.ocx O23 - Service: AntiVir Service - H+BEDV Datentechnik GmbH - C:\Programme\AVPersonal\AVGUARD.EXE O23 - Service: AntiVir Update - H+BEDV Datentechnik GmbH, Germany - C:\Programme\AVPersonal\AVWUPSRV.EXE O23 - Service: NVIDIA Display Driver Service - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Sygate Personal Firewall - Sygate Technologies, Inc. - C:\Programme\Sygate\SPF\smc.exe Geändert von el-mike (22.12.2004 um 23:24 Uhr) |
| Themen zu specific911 sucks- bin am ende :-( !!!! hilfe!!! |
| .pdf, adobe, antivir, antivir update, bho, desktop, dll, einstellungen, explorer, firewall, hijack, hijackthis, hilfe, hilfe!!, hilfe!!!, icq, internet, internet explorer, messenger, microsoft, nvcpl.dll, nvidia, programme, rundll, software, system, system32, update, windows, windows messenger, windows xp |
Baum-Darstellung