Unrecognized attempt blocked & HiJackThis Log-File
Hallo,
gestern ist mir aufgefallen, nachdem ich mehrere freeware-Spiele von chip.de installiert habe, das im logfile meines Routers folgende Meldungen vorlagen. Jedoch kann ich nicht sagen ob diese Meldungen schon vorher da waren, bevor ich die Spiele installiert und anschließend deinstalliert habe. Mein Router: D-Link DI-524
Aufgefallen ist mir das anhand des Task-Symbols des WLAN Routers. Diese hat ständig grün geleuchtet. Als würde ich was aus dem Internet downloaden. Also habe ich mal im logfile meines Routers nachgeschaut und folgende Einträge sind mir aufgefallen Zitat:
Mon Jan 29 19:41:01 2007 Unrecognized attempt blocked from 24.72.127.222:60113 to 91.4.227.56 UDP:59323
Mon Jan 29 19:41:03 2007 Unrecognized attempt blocked from 24.72.127.222:60113 to 91.4.227.56 UDP:59323
Mon Jan 29 19:41:06 2007 Unrecognized attempt blocked from 24.72.127.222:60113 to 91.4.227.56 UDP:59323
Mon Jan 29 19:41:45 2007 Unrecognized attempt blocked from 82.21.236.44:33639 to 91.4.227.56 UDP:59323
Mon Jan 29 19:41:46 2007 Unrecognized attempt blocked from 86.31.227.70:10550 to 91.4.227.56 UDP:59323
Mon Jan 29 19:41:46 2007 Unrecognized attempt blocked from 86.27.18.117:11734 to 91.4.227.56 UDP:59323
Mon Jan 29 19:41:46 2007 Unrecognized attempt blocked from 89.166.168.230:14351 to 91.4.227.56 UDP:59323
Mon Jan 29 19:41:46 2007 Unrecognized attempt blocked from 84.69.105.73:26135 to 91.4.227.56 UDP:59323
Mon Jan 29 19:41:50 2007 Unrecognized attempt blocked from 86.10.88.167:31931 to 91.4.227.56 UDP:59323
Mon Jan 29 19:41:51 2007 Unrecognized attempt blocked from 89.27.250.82:34630 to 91.4.227.56 UDP:59323
Mon Jan 29 19:41:55 2007 Unrecognized attempt blocked from 81.220.203.238:28528 to 91.4.227.56 UDP:59323
Mon Jan 29 19:41:56 2007 Unrecognized attempt blocked from 213.132.147.191:48411 to 91.4.227.56 UDP:59323
Mon Jan 29 19:41:56 2007 Unrecognized attempt blocked from 82.237.49.85:45667 to 91.4.227.56 UDP:59323
Mon Jan 29 19:42:01 2007 Unrecognized attempt blocked from 80.238.64.138:25762 to 91.4.227.56 UDP:59323
Mon Jan 29 19:42:01 2007 Unrecognized attempt blocked from 217.123.17.156:1771 to 91.4.227.56 UDP:59323
Mon Jan 29 19:42:11 2007 Unrecognized attempt blocked from 88.118.166.44:41005 to 91.4.227.56 UDP:59323
Mon Jan 29 19:42:11 2007 Unrecognized attempt blocked from 88.136.91.40:33780 to 91.4.227.56 UDP:59323
Mon Jan 29 19:42:11 2007 Unrecognized attempt blocked from 194.219.37.242:32911 to 91.4.227.56 UDP:59323
Mon Jan 29 19:42:11 2007 Unrecognized attempt blocked from 160.36.227.246:51435 to 91.4.227.56 UDP:59323
Mon Jan 29 19:42:16 2007 Unrecognized attempt blocked from 88.136.91.40:33780 to 91.4.227.56 UDP:59323
Mon Jan 29 19:42:16 2007 Unrecognized attempt blocked from 160.36.227.246:51435 to 91.4.227.56 UDP:59323
Mon Jan 29 19:42:21 2007 Unrecognized attempt blocked from 88.136.91.40:33780 to 91.4.227.56 UDP:59323
Mon Jan 29 19:42:21 2007 Unrecognized attempt blocked from 160.36.227.246:51435 to 91.4.227.56 UDP:59323
Mon Jan 29 19:42:26 2007 Unrecognized attempt blocked from 88.136.91.40:33780 to 91.4.227.56 UDP:59323
Mon Jan 29 19:42:26 2007 Unrecognized attempt blocked from 160.36.227.246:51435 to 91.4.227.56 UDP:59323
Mon Jan 29 19:42:31 2007 Unrecognized attempt blocked from 88.136.91.40:33780 to 91.4.227.56 UDP:59323
Mon Jan 29 19:42:31 2007 Unrecognized attempt blocked from 160.36.227.246:51435 to 91.4.227.56 UDP:59323
Mon Jan 29 19:42:57 2007 Unrecognized attempt blocked from 212.80.82.60:39751 to 91.4.227.56 UDP:59921
Mon Jan 29 19:42:57 2007 Unrecognized attempt blocked from 212.80.82.60:62933 to 91.4.227.56 TCP:59921
Mon Jan 29 19:43:00 2007 Unrecognized attempt blocked from 212.80.82.60:62933 to 91.4.227.56 TCP:59921
Mon Jan 29 19:43:32 2007 Unrecognized attempt blocked from 212.80.82.60:44342 to 91.4.227.56 UDP:59323
Mon Jan 29 19:46:19 2007 Unrecognized attempt blocked from 91.4.106.184:2602 to 91.4.227.56 TCP:135
Mon Jan 29 19:46:22 2007 Unrecognized attempt blocked from 91.4.106.184:2602 to 91.4.227.56 TCP:135
| Weiß jemand damit was anzufangen ?
Ich habe auch gleich mal einen HiJackThis Log-File erstellt Zitat:
Logfile of HijackThis v1.99.1
Scan saved at 19:08:30, on 29.01.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Synaptics\SynTP\SynTPLpr.exe
C:\Programme\Synaptics\SynTP\SynTPEnh.exe
C:\Programme\Windows Defender\MSASCui.exe
C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe
C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Skype\Phone\Skype.exe
C:\Programme\Skype\Plugin Manager\SkypePM.exe
C:\Programme\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://vod.t-online.de/c/64/09/68/6409688.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.0.1:0
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0\bin\ssv.dll
O4 - HKLM\..\Run: [SynTPLpr] C:\Programme\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Windows Defender] "C:\Programme\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programme\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programme\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{7A0327DF-EED3-4423-B855-CAAA5AFB102B}: NameServer = 192.168.0.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O18 - Protocol: talkto - {828030A1-22C1-4009-854F-8E305202313F} - (no file)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
| Ich habe auch schon mehrere Viren und Spybot Programme installiert und ausgeführt. Jedoch wurde nix gefunden.
Ich hoffe Ihr könnt mir helfen.... | 