| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: HijackThis,wer kann mir helfen?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
14.01.2004, 23:32
| #1 |
| |  HijackThis,wer kann mir helfen? Hallo bin neu hier und Summerwind1980 meinte ich solle meinen HijackThis-log mal hier posten, vielleicht könnt Ihr mir ja weiter helfen? Wäre echt nett von Euch. Gruß Nemo Logfile of HijackThis v1.97.7 Scan saved at 23:24:04, on 14.01.04 Platform: Windows 98 SE (Win9x 4.10.2222A) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\SYSTEM\KERNEL32.DLL C:\WINDOWS\SYSTEM\MSGSRV32.EXE C:\WINDOWS\SYSTEM\SPOOL32.EXE C:\WINDOWS\SYSTEM\MPREXE.EXE C:\WINDOWS\SYSTEM\MSTASK.EXE C:\WINDOWS\EXPLORER.EXE C:\WINDOWS\TASKMON.EXE C:\WINDOWS\SYSTEM\SYSTRAY.EXE C:\WINDOWS\SYSTEM\WMIEXE.EXE C:\PROGRAMME\AVPERSONAL\AVGCTRL.EXE C:\WINDOWS\LOADQM.EXE C:\PROGRAMME\EUMEX 504PC SE\CAPICTRL.EXE C:\WINDOWS\SYSTEM\RNAAPP.EXE C:\WINDOWS\SYSTEM\TAPISRV.EXE C:\PROGRAMME\MESSENGER PLUS! 2\MSGPLUS.EXE C:\PROGRAMME\MSN MESSENGER\MSNMSGR.EXE C:\WINDOWS\SYSTEM\DDHELP.EXE C:\PROGRAMME\INTERNET EXPLORER\IEXPLORE.EXE C:\EIGENE DATEIEN\MEINE EMPFANGENEN DATEIEN\HIJACKTHIS.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = 69.61.38.52 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.searchenhancement.com/...=sesm&sstring= R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.searchenhancement.com/...=sesm&sstring= R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.searchenhancement.com/searchbar/iev1.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.searchenhancement.com/...=sesm&sstring= R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.teleos-web.de R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.searchenhancement.com/...=sesm&sstring= R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.searchenhancement.com/...=sesm&sstring= R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer bereitgestellt von Teleos R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.searchenhancement.com/...=sesm&sstring= R3 - URLSearchHook: WebSearch Class - {9368D063-44BE-49B9-BD14-BB9663FD38FC} - C:\PROGRAMME\SCBAR\V2\SCBAR.DLL O1 - Hosts: 69.61.38.52 ie.search.msn.com O1 - Hosts: 69.61.38.54 uh-oh.net www.uh-oh.net www.thumbnailseries.com thumbnailseries.com goatlist.com www.goatlist.com www.worldsex.com worldsex.com www.al4a.com al4a.com www.gigagalleries.com O1 - Hosts: 69.61.38.54 www.89.com 89.com www.thumberland.com thumberland.com www.freeheaven.com freeheaven.com www.spyass.com spyass.com www.starslist.com starslist.com gigagalleries.com O1 - Hosts: 69.61.38.54 amandalist.com www.amandalist.com www.absolut-series.com absolut-series.com lloronas.com www.lloronas.com p0rno.org www.p0rno.org www.ampland.com ampland.com O1 - Hosts: 69.61.38.54 dianapost.com www.dianapost.com www.xnxx.com xnxx.com www.zadina.com zadina.com www.frogsex.com frogsex.com teenagesecrets.biz www.teenagesecrets.biz ratemycameltoe.com O1 - Hosts: 69.61.38.54 www.mature-post.com mature-post.com www.call-kelly.com call-kelly.com www.boneme.com boneme.com sexyfotky.cz www.sexyfotky.cz sleazydream.com www.sleazydream.com O1 - Hosts: 69.61.38.54 sexape.com www.sexape.com picwarehouse.com www.picwarehouse.com cowlist.com www.cowlist.com sublimedirectory.com sexocean.com www.sexocean.com rubias19.com www.rubias19.com O1 - Hosts: 69.61.38.54 www.sublimedirectory.com www.88by88.com 88by88.com elreyano.com www.elreyano.com purextc.com www.purextc.com madthumbs.com www.madthumbs.com officespy.com www.officespy.com O1 - Hosts: 69.61.38.54 muyzorras.com www.muyzorras.com pussy.org www.pussy.org freesmutseries.net www.freesmutseries.net porno-pics-free.com www.porno-pics-free.com catlist.com O1 - Hosts: 69.61.38.54 pichunter.com www.pichunter.com teeniefiles.com www.teeniefiles.com bunnyteens.com www.bunnyteens.com jpeg4free.com www.jpeg4free.com www.catlist.com www.ratemycameltoe.com O1 - Hosts: 69.61.38.54 amateurcurves.com www.amateurcurves.com hammervideo.com www.hammervideo.com rawpussy.com www.rawpussy.com teeniesxxx.com www.teeniesxxx.com porn-view.com www.porn-view.com O1 - Hosts: 69.61.38.54 pornstarfinder.net www.pornstarfinder.net jennysbookmarks.com www.jennysbookmarks.com babes4free.com www.babes4free.com 3pic.com www.3pic.com fuckk.com www.fuckk.com O1 - Hosts: 69.61.38.54 searchgals.com www.searchgals.com picsmonster.com www.picsmonster.com sublimepie.com www.sublimepie.com easygals.com www.easygals.com pornhelious.com www.pornhelious.com O2 - BHO: (no name) - {00041A26-7033-432C-94C7-6371DE343822} - C:\PROGRAMME\SCBAR\V2\SCBAR.DLL O2 - BHO: (no name) - {A85C4A1B-BD36-44E5-A70F-8EC347D9B24F} - C:\WINDOWS\BS3.DLL O2 - BHO: (no name) - {0019C3E2-DD48-4A6D-AB2D-8D32436313D9} - C:\WINDOWS\BSX5.DLL O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe O4 - HKLM\..\Run: [SystemTray] SysTray.Exe O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\Run: [Adaptec DirectCD] C:\PROGRA~1\CD-WRI~1\DIRECTCD\DIRECTCD.EXE O4 - HKLM\..\Run: [dfueconf] C:\Programme\Eumex 504PC SE\dfueconf.exe O4 - HKLM\..\Run: [Outpost Firewall] C:\PROGRAMME\AGNITUM\OUTPOST FIREWALL 1.0\outpost.exe /waitservice O4 - HKLM\..\Run: [AVGCtrl] C:\PROGRAMME\AVPERSONAL\AVGCTRL.EXE /min O4 - HKLM\..\Run: [Bsx3] RunDLL32.EXE C:\WINDOWS\BS3.DLL,DllRun O4 - HKLM\..\Run: [bxsx5] RunDLL32.EXE C:\WINDOWS\BSX5.DLL,DllRun O4 - HKLM\..\Run: [DXKO] C:\WINDOWS\DXKO.exe O4 - HKLM\..\Run: [SearchEnhancement] "C:\PROGRAMME\SCBAR\V2\SCBAR.EXE" /U O4 - HKLM\..\Run: [LoadQM] loadqm.exe O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe O4 - HKLM\..\RunServices: [Outpost Firewall] C:\PROGRAMME\AGNITUM\OUTPOST FIREWALL 1.0\outpost.exe /service O4 - HKLM\..\RunServices: [MessengerPlus2] "C:\Programme\Messenger Plus! 2\MsgPlus.exe" O4 - HKLM\..\RunOnce: [SpyBotSnD] "C:\PROGRAMME\SPYBOT - SEARCH & DESTROY\SPYBOTSD.EXE" /autocheck O4 - Startup: CAPI Control.lnk = C:\Programme\Eumex 504PC SE\Capictrl.exe O9 - Extra button: Related (HKLM) O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM) O9 - Extra button: Yahoo! Messenger (HKLM) O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM) O9 - Extra button: ICQ Lite (HKLM) O9 - Extra 'Tools' menuitem: ICQ Lite (HKLM) O14 - IERESET.INF: START_PAGE_URL=http://www.teleos-web.de O16 - DPF: {00000000-CDDC-0704-0B53-2C8830E9FAEC} (IELoaderCtl Class) - http://install.global-netcom.de/ieloader.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/s...sh/swflash.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...tatsClient.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab |
| Themen zu HijackThis,wer kann mir helfen? |
| .html, .inf, bho, button, dateien, explorer, firewall, helfen, hijack, icq, internet, internet explorer, links, messenger, microsoft, msn, msn messenger, neu, object, programme, registry, rundll, rundll32.exe, services, shockwave, software, system, urlsearchhook, windows, yahoo |
Baum-Darstellung