Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   könnt ihr bitte meine hijacklogfile auswerten?danke (https://www.trojaner-board.de/20252-bitte-hijacklogfile-auswerten-danke.html)

dierosenbluete4 27.07.2005 18:30
könnt ihr bitte meine hijacklogfile auswerten?danke
 
Logfile of HijackThis v1.99.1
Scan saved at 19:05:49, on 27.07.2005
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\SSDPSRV.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\PROGRAMME\GEMEINSAME DATEIEN\AOL\ACS\AOLACSD.EXE
C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\DIT.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\DITEXP.EXE
C:\WINDOWS\SYSTEM\HIDSERV.EXE
C:\WINDOWS\SYSTEM\USBMONIT.EXE
C:\WINDOWS\SYSTEM32\DRIVERS\KODAKCCS.EXE
C:\PROGRAMME\AHEAD\INCD\INCD.EXE
C:\PROGRAMME\GEMEINSAME DATEIEN\MICROSOFT SHARED\WORKS SHARED\WKUFIND.EXE
C:\PROGRAMME\GEMEINSAME DATEIEN\AOL\ACS\AOLDIAL.EXE
C:\PROGRAMME\MEDIA KEY\MAGICKEY.EXE
C:\PROGRAMME\AVPERSONAL\AVGCTRL.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\PROGRAMME\MEDIA KEY\OSD.EXE
C:\PROGRAMME\TELEDAT\IWATCH.EXE
C:\VSTASCAN\VSACCESS.EXE
C:\PROGRAMME\KODAK\KODAK EASYSHARE SOFTWARE\BIN\EASYSHARE.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\WBEM\WINMGMT.EXE
C:\PROGRAMME\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
D:\PROGRAMME\HIJACK\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.searchgateway.net/search/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.searchgateway.net/search/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.searchgateway.net/search/%s
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAMME\ACROBATREADER6.0\READER\ACTIVEX\ACROIEHELPER.DLL
O2 - BHO: ShprRprts - {2A8A997F-BB9F-48F6-AA2B-2762D50F9289} - C:\PROGRAMME\SHOPPERREPORTS\BIN\1.0.5.0\SHPRRPRT.DLL (file missing)
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\PROGRAMME\CANON\EASY-WEBPRINT\TOOLBAND.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [WeatherOnTray] C:\PROGRAMME\HBTOOLS\BIN\4.6.4.0\HBTWEATHERONTRAY.EXE
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [Hidserv] Hidserv.exe run
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [USBMonit.exe] "C:\WINDOWS\SYSTEM\USBMonit.exe"
O4 - HKLM\..\Run: [KodakCCS] C:\WINDOWS\System32\Drivers\KodakCCS.exe
O4 - HKLM\..\Run: [InCD] C:\Programme\ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [MagicKey] C:\PROGRA~1\MEDIAK~1\MAGICKEY.EXE
O4 - HKLM\..\Run: [AVGCtrl] C:\PROGRAMME\AVPERSONAL\AVGCTRL.EXE /min
O4 - HKLM\..\Run: [ICSDCLT] C:\WINDOWS\rundll32.exe C:\WINDOWS\SYSTEM\icsdclt.dll,ICSClient
O4 - HKLM\..\Run: [HbTools] C:\Programme\HbTools\Bin\4.6.4.0\HbtOEAddOn.exe
O4 - HKLM\..\RunServices: [SSDPSRV] C:\WINDOWS\SYSTEM\ssdpsrv.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\RunServices: [AolAcsDaemon1] "C:\PROGRAMME\GEMEINSAME DATEIEN\AOL\ACS\AOLACSD.EXE"
O4 - HKLM\..\RunServices: [KB891711] C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
O4 - Startup: ISDNWatch.lnk = C:\Programme\Teledat\IWatch.exe
O4 - Startup: UMAX VistaAccess.lnk = C:\VSTASCAN\vsaccess.exe
O4 - Startup: Kodak EasyShare Software.lnk = C:\Programme\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Startup: AOL Tray-Symbol.lnk = C:\Programme\AOL 9.0\aoltray.exe
O8 - Extra context menu item: Easy-WebPrint Drucken - res://C:\PROGRAMME\CANON\EASY-WEBPRINT\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Schnelldruck - res://C:\PROGRAMME\CANON\EASY-WEBPRINT\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Vorschau - res://C:\PROGRAMME\CANON\EASY-WEBPRINT\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Zu Druckliste hinzufügen - res://C:\PROGRAMME\CANON\EASY-WEBPRINT\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearc...p=ZBxdm031YYDE
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: MSN Messenger Service - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.EXE
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM\Shdocvw.dll
O9 - Extra button: ShopperReports - Compare product prices - {E77EDA01-3C56-4a96-8D08-02B42891C169} - C:\PROGRAMME\SHOPPERREPORTS\BIN\1.0.5.0\SHPRRPRT.DLL (file missing)
O9 - Extra button: ShopperReports - Compare travel rates - {946B3E9E-E21A-49c8-9F63-900533FAFE14} - C:\PROGRAMME\SHOPPERREPORTS\BIN\1.0.5.0\SHPRRPRT.DLL (file missing)
O12 - Plugin for .mid: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin2.dll
O12 - Plugin for .au: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin2.dll
O12 - Plugin for .aif: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll
O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 192.168.121.252,192.168.121.253

Haui45 27.07.2005 20:24
Siehe auch http://forum.hijackthis.de/showthread.php?t=7228
Thread kann in die Mülltonne.


Alle Zeitangaben in WEZ +1. Es ist jetzt 22:50 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131