Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   quick web search und mehr.. (https://www.trojaner-board.de/18055-quick-web-search-mehr.html)

lorin 20.05.2005 16:29
quick web search und mehr..
 
ich habe auch quick web search und bekomme es nicht weg habe schon viel mit hijack ausprobiert aber bekomme es nicht hin.vieleicht habe ich auch noch andere trojaner oder sonstwas!! hier mein logfile:
vielen dank schonmal..




Logfile of HijackThis v1.99.1
Scan saved at 17:36:44, on 20.05.2005
Platform: Windows 2000 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\csrss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
E:\Bluetooth Treiber\bin\btwdins.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\System32\nvsvc32.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\Explorer.exe
E:\Icq\ICQLite\ICQLite.exe
C:\Programme\QuickTime\qttask.exe
C:\WINNT\loadqm.exe
E:\Bearshare\BearShare.exe
C:\web.exe
C:\Programme\MSN Messenger\msnmsgr.exe
E:\Bluetooth Treiber\BTTray.exe
E:\Winzip\WZQKPICK.EXE
C:\Programme\iPod\bin\iPodService.exe
E:\asd\SPYWAR~1\swdoctor.exe
C:\Programme\Internet Explorer\IEXPLORE.EXE
C:\WINNT\System32\SNDVOL32.EXE
C:\WINNT\System32\SNDVOL32.EXE
C:\Programme\Internet Explorer\iexplore.exe
C:\WINNT\System32\dmsadmins.exe
C:\WINNT\System32\qwinnta.exe
C:\WINNT\System32\sesmgr.exe
C:\Programme\Internet Explorer\iexplore.exe
E:\loel\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = h**p://www.wow-access.com/search/main.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = h**p://www.wow-access.com/search/main.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://www.wow-access.com/search/main.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = h**p://www.wow-access.com/search/main.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = h**p://www.wow-access.com/search/main.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://www.google.de
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = h**p://www.wow-access.com/search/main.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = h**p://www.wow-access.com/search/main.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = h**p://www.wow-access.com/search/main.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = h**p://www.wow-access.com/search/main.html
O2 - BHO: ActiveX Control - {0DAB6E20-6B91-4AC8-824F-6F6CFCD3F8D5} - C:\WINNT\System32\mskrj.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - E:\asd\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - E:\asd\SPYWAR~1\tools\iesdpb.dll
O2 - BHO: IE SP2 AddOn - {DC9FE6F5-9F05-4237-8934-FD2356CFB408} - C:\WINNT\System32\spqwa.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\System32\\NVCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [ICQ Lite] E:\Icq\ICQLite\ICQLite.exe -minimize
O4 - HKLM\..\Run: [iTunesHelper] E:\I tunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [Sin Espias] C:\Programme\SinEspias\No-Spy.exe /autorun
O4 - HKLM\..\Run: [SpionFrei] "C:\Programme\SinEspias\No-Spy.exe" /autorun
O4 - HKLM\..\Run: [XoftSpy] E:\spyware23\XoftSpy\XoftSpy.exe -s
O4 - HKLM\..\Run: [EasyMessage] "C:\Programme\Zango Messenger\em2.exe" -wait
O4 - HKLM\..\Run: [BearShare] "E:\Bearshare\BearShare.exe" /pause
O4 - HKLM\..\Run: [winpipe] C:\web.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Programme\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Steam] "f:\games\steam\steam.exe" -silent
O4 - HKCU\..\RunOnce: [ICQ Lite] E:\Icq\ICQLite\ICQLite.exe -trayboot
O4 - Global Startup: BTTray.lnk = E:\Bluetooth Treiber\BTTray.exe
O4 - Global Startup: WinZip Quick Pick.lnk = E:\Winzip\WZQKPICK.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Senden an &Bluetooth - E:\Bluetooth Treiber\btsendto_ie_ctx.htm
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - E:\asd\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - E:\Icq\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - E:\Icq\ICQLite\ICQLite.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - E:\Bluetooth Treiber\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - E:\Bluetooth Treiber\btsendto_ie.htm
O13 - DefaultPrefix: h**p://www.microsoet.com/start.php?url=
O13 - WWW Prefix: h**p://www.microsoet.com/start.php?url=
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - h**p://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab]
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - h**p://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - h**p://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{A95B9D61-B341-46AF-8138-682CF627A4EF}: NameServer = 69.50.176.156,195.225.176.31
O17 - HKLM\System\CCS\Services\Tcpip\..\{B16C854F-5A75-4D8D-80C3-FA765CF0BBCE}: NameServer = 69.50.176.156,195.225.176.31
O17 - HKLM\System\CS1\Services\VxD\MSTCP: NameServer = 69.50.176.156,195.225.176.31
O17 - HKLM\System\CS2\Services\VxD\MSTCP: NameServer = 69.50.176.156,195.225.176.31
O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 69.50.176.156,195.225.176.31
O21 - SSODL: zLUQJsNUErP - {7464217D-DECE-8BD7-86A4-728A83C81390} - C:\WINNT\System32\mi.dll
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - E:\Bluetooth Treiber\bin\btwdins.exe
O23 - Service: Verwaltungsdienst für die Verwaltung logischer Datenträger (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINNT\System32\nvsvc32.exe

_____________
Anm.
Aktive Links editiert!
Beachte die Hinweise dieser Anleitung: HiJackThis

LG Cidre
S-Mod TB

chaosman 20.05.2005 21:31
@lorin

du hast einiges im system
überprüfe dein system mit escan
http://www.trojaner-board.de/showthread.php?t=17492

chaosman


Alle Zeitangaben in WEZ +1. Es ist jetzt 20:05 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131