Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   mein pc ist mit viren bzw. trojaner verseucht bitte um hilfe!!! (https://www.trojaner-board.de/10406-pc-viren-bzw-trojaner-verseucht-bitte-um-hilfe.html)

Lithos 04.12.2004 14:34
mein pc ist mit viren bzw. trojaner verseucht bitte um hilfe!!!
 
hab zwei viren entdeckt

DR 180Solutions & Tr Drop.Delf DJ.3

will die wieder los werden...weiß aber nichtgenau was ich machen muß...kann mir da bitte jemand helfen!!!!

:heulen:


Logfile of HijackThis v1.98.2
Scan saved at 13:21:26, on 04.12.04
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v5.50 SP1 (5.50.4522.1800)

Running processes:
C:\WINDOWS.000\SYSTEM\KERNEL32.DLL
C:\WINDOWS.000\SYSTEM\MSGSRV32.EXE
C:\WINDOWS.000\SYSTEM\MPREXE.EXE
C:\WINDOWS.000\EXPLORER.EXE
C:\WINDOWS.000\TEMP\MWAVSCAN.COM
C:\WINDOWS.000\TEMP\KAVSS.EXE
C:\PROGRAMME\ZUBEHöR\WORDPAD.EXE
C:\NEUER ORDNER (2)\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://your-searcher.com/sp.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.speed-search.biz/index.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.speed-search.biz/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.speed-search.biz/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.speed-search.biz/search.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.speed-search.biz/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.speed-search.biz/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.speed-search.biz/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.speed-search.biz/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.speed-search.biz/search.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.speed-search.biz/index.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.speed-search.biz/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.speed-search.biz/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.speed-search.biz/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,SearchURL = http://your-searcher.com/sp.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.speed-search.biz/search.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.speed-search.biz/index.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.speed-search.biz/index.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer von T-Online
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://www.t-online.de/software/ie50/setpxy.pac
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=proxy.btx.dtag.de:80;ftp=ftp-proxy.btx.dtag.de:80
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
F1 - win.ini: load=C:\OPLIMIT\ocraware.exe
O2 - BHO: BHO - {06CAD548-14DD-4fa3-9EA9-05F83C18CBD7} - C:\WINDOWS.000\SYSTEM\MSPXS32.DLL
O2 - BHO: BHObj Class - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - (no file)
O2 - BHO: Search Relevancy - {1D7E3B41-23CE-469B-BE1B-A64B877923E1} - C:\PROGRA~1\SEARCH~1\SEARCH~1.DLL
O2 - BHO: ADP UrlCatcher Class - {F4E04583-354E-4076-BE7D-ED6A80FD66DA} - C:\WINDOWS.000\SYSTEM\MSBE.DLL
O2 - BHO: (no name) - {6DFC3158-EA17-25E7-8753-60550DF4744A} - C:\WINDOWS.000\SYSTEM\ZUEZFZ.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: @msdxmLC.dll,-1@1031,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS.000\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS.000\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS.000\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [ATIGART] c:\ati\gart\atigart.exe
O4 - HKLM\..\Run: [AtiPTA] Atiptaaa.exe
O4 - HKLM\..\Run: [AtiQiPcl] AtiQiPcl.exe
O4 - HKLM\..\Run: [LexStart] Lexstart.exe
O4 - HKLM\..\Run: [AVGCtrl] C:\PROGRAMME\AVPERSONAL\AVGCTRL.EXE /min
O4 - HKLM\..\Run: [Win32SystemMonitor] C:\WINDOWS.000\Jvj.exe
O4 - HKLM\..\Run: [salm] c:\temp\salm.exe
O4 - HKLM\..\Run: [BullsEye Network] C:\Programme\BullsEye Network\bin\bargains.exe
O4 - HKLM\..\Run: [Win32 Explorer] C:\WINDOWS.000\SYSTEM\explorer32.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKCU\..\Run: [ATI Launchpad] "C:\PROGRAM FILES\ATI MULTIMEDIA\MAIN\LAUNCHPD.EXE"
O4 - HKCU\..\Run: [Win32SystemMonitor] C:\WINDOWS.000\Jvj.exe
O4 - HKCU\..\Run: [Cmee] C:\WINDOWS.000\Anwendungsdaten\pdee.exe
O4 - HKCU\..\Run: [Debfjko] C:\WINDOWS.000\SYSTEM\qjnjz.exe
O4 - HKCU\..\Run: [Win32 Explorer] C:\WINDOWS.000\SYSTEM\explorer32.exe
O4 - HKCU\..\RunServices: [ATI Launchpad] "C:\PROGRAM FILES\ATI MULTIMEDIA\MAIN\LAUNCHPD.EXE"
O4 - HKCU\..\RunServices: [Win32SystemMonitor] C:\WINDOWS.000\Jvj.exe
O4 - HKCU\..\RunServices: [Cmee] C:\WINDOWS.000\Anwendungsdaten\pdee.exe
O4 - HKCU\..\RunServices: [Debfjko] C:\WINDOWS.000\SYSTEM\qjnjz.exe
O4 - HKCU\..\RunServices: [Win32 Explorer] C:\WINDOWS.000\SYSTEM\explorer32.exe
O4 - Startup: UMAX VistaAccess.lnk = C:\VSTASCAN\vsaccess.exe
O4 - Startup: Microsoft Office.lnk = C:\WINDOWS.000\Anwendungsdaten\Microsoft\Installer\{00010407-78E1-11D2-B60F-006097C998E7}\misc.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS.000\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS.000\web\related.htm
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: SideFind - {10E42047-DEB9-4535-A118-B3F6EC39B807} - C:\PROGRAMME\SIDEFIND\SIDEFIND.DLL (file missing)
O14 - IERESET.INF: START_PAGE_URL=http://www.t-online.de
O15 - Trusted Zone: *.windupdates.com
O15 - Trusted Zone: *.searchmiracle.com
O15 - Trusted Zone: *.searchbarcash.com
O15 - Trusted Zone: *.skoobidoo.com
O15 - Trusted Zone: *.my-internet.info
O15 - Trusted Zone: *.xxxtoolbar.com
O15 - Trusted Zone: *.slotch.com
O15 - Trusted Zone: *.flingstone.com
O15 - Trusted Zone: *.mt-download.com
O15 - Trusted Zone: *.blazefind.com
O15 - Trusted Zone: *.clickspring.net
O15 - Trusted Zone: *.topconverting.com
O15 - Trusted Zone: *.crazywinnings.com
O15 - Trusted Zone: *.ysbweb.com
O15 - Trusted Zone: *.slotchbar.com

wie muß ich jetzt weiter arbeiten???

*Christian* 04.12.2004 21:26
Scanne mal hiermit im abgesicherten Modus: http://www.trojaner-board.de/42731-escan-anleitung.html

Wo wird was gefunden?


Alle Zeitangaben in WEZ +1. Es ist jetzt 23:10 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131