Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Bitte Hijack.log prüfen (https://www.trojaner-board.de/18562-bitte-hijack-log-pruefen.html)

mursain 03.06.2005 15:48
Bitte Hijack.log prüfen
 
Beim Starten des Internetexplorers und aufrufen einer Internetadresse wird automatisch diese URL aufgerufen.
213.193.215.174/ssredir/gr.html

Kann sich jemand die Mühe machen und mal mein Logfile checken? Danke!!!! :o


Hier ist das Log (einen Eintrag mit hot-tats oder so habe ich schon gelöscht):
Logfile of HijackThis v1.99.1
Scan saved at 11:18:13, on 03.06.2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\Explorer.EXE
C:\WINNT\System32\qttask.exe
C:\Programme\Netropa\Multimedia Keyboard\MMKeybd.exe
C:\Programme\Microsoft Hardware\Mouse\point32.exe
C:\Programme\Netropa\Multimedia Keyboard\mmusbkb2.exe
C:\Programme\Netropa\Multimedia Keyboard\TrayMon.exe
C:\Programme\Netropa\Onscreen Display\OSD.exe
C:\WINNT\System32\hkcmd.exe
C:\Programme\Tivoli\lcf\bin\w32-ix86\mrt\lcfep.exe
C:\Programme\Network Associates\VirusScan\SHSTAT.EXE
C:\Programme\Tivoli\lcf\dat\1\Mobile\mobile.exe
C:\Programme\ePOAgent\Common Framework\UpdaterUI.exe
C:\WINNT\system32\internat.exe
C:\Programme\Notes\NLNOTES.EXE
C:\Programme\Notes\ntaskldr.EXE
C:\Programme\Microsoft Office\Office\MSACCESS.EXE
C:\Programme\Microsoft Office\Office\WINWORD.EXE
C:\Program Files\Tivoli\Desktop\tivoli.exe
C:\WINNT\system32\cmd.exe
C:\WINNT\System32\mshta.exe
C:\Programme\Internet Explorer\IEXPLORE.EXE
D:\HijackThis.exe




O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\ActiveX\ACROIE~1.OCX
O3 - Toolbar: @msdxmLC.dll,-1@1031,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [QuickTime Task] C:\WINNT\System32\qttask.exe
O4 - HKLM\..\Run: [MULTIMEDIA KEYBOARD] C:\Programme\Netropa\Multimedia Keyboard\MMKeybd.exe
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINNT\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\System32\hkcmd.exe
O4 - HKLM\..\Run: [lcfep] "C:\Programme\Tivoli\lcf\bin\w32-ix86\mrt\lcfep.exe"
O4 - HKLM\..\Run: [SwdisUsrPCN.DEPHBRSAA1DT68U] "C:\PROGRA~1\Tivoli\lcf\dat\1\cache\lib\w32-ix86\wdusrpcn.exe" "C:\Programme\Tivoli\swdis\1\wdusrpcn.env"
O4 - HKLM\..\Run: [Mobile] "C:\Programme\Tivoli\lcf\dat\1\Mobile\epspawn.exe" -w "C:\Programme\Tivoli\lcf\dat\1\Mobile" "C:\Programme\Tivoli\lcf\dat\1\Mobile\mobile.exe"
O4 - HKLM\..\Run: [ShStatEXE] "C:\Programme\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Programme\ePOAgent\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKCU\..\Run: [Internat.exe] internat.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office\OSA9.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\PLUGINS\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://pww.de.ms.philips.com
O16 - DPF: JavaConnect - file://C:\Documents and Settings\Administrator\Local Settings\Temp\SISD\JavaConnect.cab
O16 - DPF: Sametime BroadCast Client ST31 - file://C:\Documents and Settings\Administrator\Local Settings\Temp\SISD\STBroadcastClient.cab
O16 - DPF: Sametime Directory Applet ST31 - file://C:\Documents and Settings\Administrator\Local Settings\Temp\SISD\STDirectoryApplet.cab
O16 - DPF: Sametime Meeting Room Client ST31 - file://C:\Documents and Settings\Administrator\Local Settings\Temp\SISD\STMeetingRoomClient.cab
O16 - DPF: {719433EA-60DE-45A8-8255-115826F16D5B} (STConnectivityAgent Control) - file://C:\Documents and Settings\Administrator\Local Settings\Temp\SISD\InstallSTConnAgent.cab
O16 - DPF: {7261EE42-318E-490A-AE8F-77649DBA1ECA} (JNILoader Control) - file://C:\Documents and Settings\Administrator\Local Settings\Temp\SISD\STJNILoader.cab
O20 - Winlogon Notify: igfxcui - C:\WINNT\SYSTEM32\igfxsrvc.dll
O23 - Service: Verwaltungsdienst für die Verwaltung logischer Datenträger (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: Tivoli Endpoint (lcfd) - Unknown owner - C:\Programme\Tivoli\lcf\bin\w32-ix86\mrt\LCFD.EXE
O23 - Service: McAfee Framework Service (McAfeeFramework) - Unknown owner - C:\Programme\ePOAgent\Common Framework\FrameworkService.exe" /ServiceStart (file missing)
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Programme\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Programme\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Programme\Netropa\Multimedia Keyboard\nhksrv.exe
O23 - Service: OracleOraHome81ClientCache - Unknown owner - C:\Programme\Oracle\ora81\bin\ONRSD.EXE
O23 - Service: Tivoli Remote Control Service (TME10RC) - IBM Corporation - C:\WINNT\RCSERV.EXE


Alle Zeitangaben in WEZ +1. Es ist jetzt 19:48 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131