| |
| |||||||
Log-Analyse und Auswertung: HijackThis-Log - wie auswerten?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
14.02.2005, 19:07
| #1 |
| |  HijackThis-Log - wie auswerten? Logfile of HijackThis v1.99.0 Scan saved at 18:45:53, on 14.02.2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\cisvc.exe C:\WINDOWS\runservice.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\ZipToA.exe C:\WINDOWS\System32\cidaemon.exe C:\WINDOWS\Explorer.EXE C:\Programme\Gemeinsame Dateien\CMEII\CMESys.exe C:\WINDOWS\System32\zsdatghz.exe C:\Programme\Java\j2re1.4.2_06\bin\jusched.exe C:\Programme\QuickTime\qttask.exe C:\Programme\SuperBar\sbhc.exe C:\WINDOWS\System32\wuauclt.exe C:\WINDOWS\System32\btgmswindrv.exe C:\Programme\ISTsvc\istsvc.exe C:\Program Files\Internet Optimizer\optimize.exe C:\WINDOWS\System32\enxdwcxx.exe C:\Programme\Web_Rebates\WebRebates0.exe C:\Programme\BullsEye Network\bin\bargains.exe C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe C:\Program Files\Windows AdControl\WinAdCtl.exe C:\temp\msbb.exe C:\WINDOWS\htxsk.exe C:\Programme\Gemeinsame Dateien\GMT\GMT.exe C:\Programme\Messenger Plus! 3\MsgPlus.exe C:\Program Files\Gkdtjtg\Uwuln.exe C:\Program Files\Windows AdControl\WinAdAlt.exe C:\WINDOWS\System32\SahAgent.exe C:\Programme\Common files\SearchUpgrader\SearchUpgrader.exe C:\Programme\MSN Apps\Updater\01.02.3000.1001\de-ch\msnappau.exe C:\WINDOWS\System32\ctfmon.exe C:\Programme\NoPopUp 2001\nopopup.exe C:\WINDOWS\System32\prutpct.exe C:\Programme\Date Manager\DateManager.exe C:\Programme\InterVideo\Common\Bin\WinCinemaMgr.exe C:\Programme\PrecisionTime\PrecisionTime.exe C:\Programme\Web_Rebates\WebRebates1.exe C:\WINDOWS\System32\prutpct.exe C:\Programme\Outlook Express\msimn.exe C:\Programme\Messenger\msmsgs.exe C:\Programme\Adobe\Acrobat 6.0\Reader\AcroRd32.exe C:\Programme\Avant Browser\iexplore.exe C:\Corel\DRAW Select\programs\photopnt.exe C:\Programme\MSN Messenger\msnmsgr.exe C:\Programme\Macromedia\Dreamweaver MX 2004\Dreamweaver.exe C:\DOKUME~1\Alle\LOKALE~1\Temp\~e5d141.tmp C:\DOKUME~1\Alle\LOKALE~1\Temp\~e5d141.tmp C:\Programme\WinAce\WinAce.exe C:\DOKUME~1\Alle\LOKALE~1\Temp\~AceTemp\hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.ch/0SEDECH/SAOS01 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.couldnotfind.com/search_p...ount_id=144440 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.fan-forum.ch/ R3 - URLSearchHook: (no name) - {20EC3D2D-33C1-4C9D-BC37-C2D500688DA2} - C:\Programme\TV Media\TvmBho.dll O1 - Hosts file is located at: C:\WINDOWS\help\hosts O1 - Hosts: 88.88.88.88 elite O1 - Hosts: 207.44.194.56 www.google.akadns.net O1 - Hosts: 207.44.194.56 www.google.com O1 - Hosts: 207.44.194.56 google.com O1 - Hosts: 207.44.194.56 www.altavista.com O1 - Hosts: 207.44.194.56 altavista.com O1 - Hosts: 207.44.194.56 search.yahoo.com O1 - Hosts: 207.44.194.56 uk.search.yahoo.com O1 - Hosts: 207.44.194.56 ca.search.yahoo.com O1 - Hosts: 207.44.194.56 jp.search.yahoo.com O1 - Hosts: 207.44.194.56 au.search.yahoo.com O1 - Hosts: 207.44.194.56 de.search.yahoo.com O1 - Hosts: 207.44.194.56 search.yahoo.co.jp O1 - Hosts: 207.44.194.56 www.lycos.de O1 - Hosts: 207.44.194.56 www.lycos.ca O1 - Hosts: 207.44.194.56 www.lycos.jp O1 - Hosts: 207.44.194.56 www.lycos.co.jp O1 - Hosts: 207.44.194.56 alltheweb.com O1 - Hosts: 207.44.194.56 web.ask.com O1 - Hosts: 207.44.194.56 ask.com O1 - Hosts: 207.44.194.56 www.ask.com O1 - Hosts: 207.44.194.56 www.teoma.com O1 - Hosts: 207.44.194.56 search.aol.com O1 - Hosts: 207.44.194.56 www.looksmart.com O1 - Hosts: 207.44.194.56 auto.search.msn.com O1 - Hosts: 207.44.194.56 search.msn.com O1 - Hosts: 207.44.194.56 ca.search.msn.com O1 - Hosts: 207.44.194.56 fr.ca.search.msn.com O1 - Hosts: 207.44.194.56 search.fr.msn.be O1 - Hosts: 207.44.194.56 search.fr.msn.ch O1 - Hosts: 207.44.194.56 search.latam.yupimsn.com O1 - Hosts: 207.44.194.56 search.msn.at O1 - Hosts: 207.44.194.56 search.msn.be O1 - Hosts: 207.44.194.56 search.msn.ch O1 - Hosts: 207.44.194.56 search.msn.co.in O1 - Hosts: 207.44.194.56 search.msn.co.jp O1 - Hosts: 207.44.194.56 search.msn.co.kr O1 - Hosts: 207.44.194.56 search.msn.com.br O1 - Hosts: 207.44.194.56 search.msn.com.hk O1 - Hosts: 207.44.194.56 search.msn.com.my O1 - Hosts: 207.44.194.56 search.msn.com.sg O1 - Hosts: 207.44.194.56 search.msn.com.tw O1 - Hosts: 207.44.194.56 search.msn.co.za O1 - Hosts: 207.44.194.56 search.msn.de O1 - Hosts: 207.44.194.56 search.msn.dk O1 - Hosts: 207.44.194.56 search.msn.es O1 - Hosts: 207.44.194.56 search.msn.fi O1 - Hosts: 207.44.194.56 search.msn.fr O1 - Hosts: 207.44.194.56 search.msn.it O1 - Hosts: 207.44.194.56 search.msn.nl O1 - Hosts: 207.44.194.56 search.msn.no O1 - Hosts: 207.44.194.56 search.msn.se O1 - Hosts: 207.44.194.56 search.ninemsn.com.au O1 - Hosts: 207.44.194.56 search.t1msn.com.mx O1 - Hosts: 207.44.194.56 search.xtramsn.co.nz O1 - Hosts: 207.44.194.56 search.yupimsn.com O1 - Hosts: 207.44.194.56 uk.search.msn.com O1 - Hosts: 207.44.194.56 search.lycos.com O1 - Hosts: 207.44.194.56 www.lycos.com O1 - Hosts: 207.44.194.56 www.google.ca O1 - Hosts: 207.44.194.56 google.ca O1 - Hosts: 207.44.194.56 www.google.uk O1 - Hosts: 207.44.194.56 www.google.co.uk O1 - Hosts: 207.44.194.56 www.google.com.au O1 - Hosts: 207.44.194.56 www.google.co.jp O1 - Hosts: 207.44.194.56 www.google.jp O1 - Hosts: 207.44.194.56 www.google.at O1 - Hosts: 207.44.194.56 www.google.be O1 - Hosts: 207.44.194.56 www.google.ch O1 - Hosts: 207.44.194.56 www.google.de O1 - Hosts: 207.44.194.56 www.google.se O1 - Hosts: 207.44.194.56 www.google.dk O1 - Hosts: 207.44.194.56 www.google.fi O1 - Hosts: 207.44.194.56 www.google.fr O1 - Hosts: 207.44.194.56 www.google.com.gr O1 - Hosts: 207.44.194.56 www.google.com.hk O1 - Hosts: 207.44.194.56 www.google.ie O1 - Hosts: 207.44.194.56 www.google.co.il O1 - Hosts: 207.44.194.56 www.google.it O1 - Hosts: 207.44.194.56 www.google.co.kr O1 - Hosts: 207.44.194.56 www.google.com.mx O1 - Hosts: 207.44.194.56 www.google.nl O1 - Hosts: 207.44.194.56 www.google.co.nz O1 - Hosts: 207.44.194.56 www.google.pl O1 - Hosts: 207.44.194.56 www.google.pt O1 - Hosts: 207.44.194.56 www.google.com.ru O1 - Hosts: 207.44.194.56 www.google.com.sg O1 - Hosts: 207.44.194.56 www.google.co.th O1 - Hosts: 207.44.194.56 www.google.com.tr O1 - Hosts: 207.44.194.56 www.google.com.tw O1 - Hosts: 207.44.194.56 go.google.com O1 - Hosts: 207.44.194.56 google.at O1 - Hosts: 207.44.194.56 google.be O1 - Hosts: 207.44.194.56 google.de O1 - Hosts: 207.44.194.56 google.dk O1 - Hosts: 207.44.194.56 google.fi O1 - Hosts: 207.44.194.56 google.fr O1 - Hosts: 207.44.194.56 google.com.hk O1 - Hosts: 207.44.194.56 google.ie O1 - Hosts: 207.44.194.56 google.co.il O1 - Hosts: 207.44.194.56 google.it O2 - BHO: F1 Organizer Class - {00000EF1-0786-4633-87C6-1AA7A44296DA} - C:\WINDOWS\System32\ATPART~1.DLL O2 - BHO: TwaintecObj Class - {000020DD-C72E-4113-AF77-DD56626C6C42} - C:\WINDOWS\twaintec.dll O2 - BHO: CExtension Object - {0019C3E2-DD48-4A6D-ABCD-8D32436323D9} - C:\WINDOWS\bxxs5.dll O2 - BHO: NavErrRedir Class - {0026AD90-C86F-4269-97F3-DAB4897C6D06} - C:\PROGRA~1\INCRED~1\BHO\INCFIN~1.DLL O2 - BHO: NavErrRedir Class - {00D6A7E7-4A97-456f-848A-3B75BF7554D7} - C:\PROGRA~1\PERFEC~1\BHO\PERFEC~1.DLL O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: CControl Object - {3643ABC2-21BF-46B9-B230-F247DB0C6FD6} - C:\Programme\E2G\IeBHOs.dll O2 - BHO: MEGASEAR - {4E7BD74F-2B8D-469E-C0FF-FA7FB592BF30} - C:\WINDOWS\DOWNLO~1\megasear.dll O2 - BHO: (no name) - {5DFAE59C-8741-8A35-C3E7-F1389211099D} - C:\WINDOWS\Egiorqvs.dll O2 - BHO: (no name) - {83DE62E0-5805-11D8-9B25-00E04C60FAF2} - C:\WINDOWS\2_0_1browserhelper2.dll O2 - BHO: BHObj Class - {8F4E5661-F99E-4B3E-8D85-0EA71C0748E4} - C:\WINDOWS\wsem303.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Programme\MSN Apps\ST\01.02.3000.1002\en-xu\stmain.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\MSN Apps\MSN Toolbar\01.02.3000.1001\de-ch\msntb.dll O2 - BHO: ADP UrlCatcher Class - {F4E04583-354E-4076-BE7D-ED6A80FD66DA} - C:\WINDOWS\System32\msbe.dll |
| Themen zu HijackThis-Log - wie auswerten? |
| acrobat, adobe, auswerten, browser, dateien, explorer, help, hijack, hijackthis, internet, internet explorer, logfile, messenger, microsoft, msn, msn messenger, object, outlook express, programme, software, system, system32, temp, update, urlsearchhook, windows, windows xp |
Baum-Darstellung