Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Fehlermeldung macht das surfen zur qual! ich bitte um hilfe (https://www.trojaner-board.de/43029-fehlermeldung-macht-surfen-qual-bitte-um-hilfe.html)

user13 04.09.2007 15:22
Fehlermeldung macht das surfen zur qual! ich bitte um hilfe
 
Das Problem ist folgendes:
Ich kriege staendig eine Fehlermeldung die mir sagt das es ein Fehler gibt in:"Program"
Es sagt das das ich irgendwas bearbeitet habe, doch die Daten sind verloren gegangen, doch ich habe keine ahnung was los ist.
So heisst die Fehlermeldung:

AppName: program AppVer: 0.0.0.0 ModName: program
ModVer: 0.0.0.0 Offset: 0004b140
Dann haengt auch noch ziemlich viel Information ueber den Fehler dran, aber ich hab keine ahnug was das heissen soll.
Falls jemand mir helfen kann, waere ich sehr dankbar
bis denaechst

BataAlexander 04.09.2007 17:14
Erstellung eines Hijacklog

-Hier gibt es das Tool -> HijackThis
-Suche die Datei HiJackThis.exe und benenne sie um in 'This.com'
(Klick rechte Maustaste -> umbenennen)
-Starte nun mit Doppelklick auf This.com
-Klicke auf den rot markierten Button Do a system scan and save a log file
-Nach dem Scan öffnet sich ein Editor Fenster, kopiere nun dieses Logfile ab und füge es in deinen Beitrag im Forum mit ein)
- Wichtig: Durchsuche das Log-File nach persönlichen Informationen, wie z.B. deinen Realname, und editiere diese, bevor Du es postest.
- Alle Links im Log-File sollten wie folgt editiert werden -> z.B. h**p://trojaner-board.de. Einfach, damit niemand auf die Idee kommt, auf die Links zu klicken.

Bata

user13 04.09.2007 20:59
Hier ist das Logfile, ich hoffe ich hab alles richtig gemacht.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:54:40, on 4/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\Ati2evxx.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\system32\spoolsv.exe
H:\WINDOWS\system32\Ati2evxx.exe
H:\WINDOWS\Explorer.EXE
H:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
H:\WINDOWS\ATKKBService.exe
H:\Program Files\ATI Technologies\ATI.ACE\cli.exe
H:\WINDOWS\RTHDCPL.EXE
H:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
H:\Program Files\Common Files\{E0A9BADD-08A1-1043-0830-060407060020}\Update.exe
H:\WINDOWS\system32\ctfmon.exe
H:\program files\steam\steam.exe
H:\Program Files\MSN Messenger\MsnMsgr.Exe
H:\DOCUME~1\DDEE~1\MIJNDO~1\DOBE~1\wuauclt.exe
H:\WINDOWS\system32\svchosts.exe
H:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
H:\WINDOWS\system32\PnkBstrA.exe
H:\WINDOWS\system32\svchost.exe
H:\Program Files\ATI Technologies\ATI.ACE\cli.exe
H:\Program Files\LimeWire\LimeWire.exe
H:\Program Files\MSN Messenger\usnsvc.exe
H:\Program Files\Mozilla Firefox\firefox.exe
H:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
H:\Documents and Settings\Dédee\Bureaublad\THis.com.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {01D513FF-A91A-BF8E-3E8D-8BAD097CEF90} - H:\WINDOWS\system32\mdrm.dll (file missing)
O2 - BHO: (no name) - {01D916AE-FC4B-BC8D-6D8D-8BAD097DE591} - H:\WINDOWS\system32\omqpuxtu.dll (file missing)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {0766BA5D-2BEB-4825-CB47-2707E3A3ECC7} - H:\WINDOWS\system32\alg.dll (file missing)
O2 - BHO: (no name) - {0C3CD8F2-1413-7EDC-6D2D-11E4BDB6E9CA} - H:\WINDOWS\system32\gmxil.dll (file missing)
O2 - BHO: (no name) - {1493FE3C-1485-0A16-A541-67E34DEDFD98} - H:\WINDOWS\system32\vof.dll (file missing)
O2 - BHO: (no name) - {1495F835-1382-5F10-F241-67E34DE2FD93} - H:\WINDOWS\system32\ikrni.dll (file missing)
O2 - BHO: (no name) - {14C6A936-158D-5C47-A141-67E34DECA999} - H:\WINDOWS\system32\lefg.dll (file missing)
O2 - BHO: (no name) - {1596AF30-4787-0C13-F641-67E34DE3FF9B} - H:\WINDOWS\system32\hfsnfl.dll (file missing)
O2 - BHO: (no name) - {15C0A833-4386-5F15-A141-67E34DECA892} - H:\WINDOWS\system32\yjxs.dll (file missing)
O2 - BHO: (no name) - {1897A930-4685-5B13-A141-67E34DEDAACA} - H:\WINDOWS\system32\ligdayqm.dll (file missing)
O2 - BHO: (no name) - {18C4AF36-1686-0D44-F641-67E34DE2AECD} - H:\WINDOWS\system32\bsgoszjj.dll (file missing)
O2 - BHO: (no name) - {1991FE33-14D7-0E11-A541-67E34DEDAF9F} - H:\WINDOWS\system32\iiqhql.dll (file missing)
O2 - BHO: (no name) - {19C4A466-1A85-5F12-F241-67E34DE3FE92} - H:\WINDOWS\system32\biupe.dll (file missing)
O2 - BHO: (no name) - {19C7A437-4186-0019-AB41-67E34DEDF8C8} - H:\WINDOWS\system32\fsgx.dll (file missing)
O2 - BHO: (no name) - {1A96A960-108C-0A45-F641-67E34DEDFB92} - H:\WINDOWS\system32\evmzc.dll (file missing)
O2 - BHO: (no name) - {1AC6FB34-17D5-0F14-A541-67E34DE3AACF} - H:\WINDOWS\system32\iiiml.dll (file missing)
O2 - BHO: (no name) - {1B95A837-15D0-0F44-A341-67E34DE2AF9F} - H:\WINDOWS\system32\jmgyfuwm.dll (file missing)
O2 - BHO: (no name) - {1BC6FF32-17D1-0D47-F241-67E34DEDFAC8} - H:\WINDOWS\system32\uvqtwvsk.dll (file missing)
O2 - BHO: (no name) - {1BC7FC37-46D6-0918-A141-67E34DE2F8CF} - H:\WINDOWS\system32\igwgw.dll (file missing)
O2 - BHO: (no name) - {1C92FE64-158C-0C42-A741-67E34DEDF29B} - H:\WINDOWS\system32\woqwltkj.dll (file missing)
O2 - BHO: (no name) - {1CC1A861-16D1-0017-A741-67E34DE2FE9F} - H:\WINDOWS\system32\fida.dll (file missing)
O2 - BHO: (no name) - {1D94AD60-4485-5C15-F641-67E34DEDF399} - H:\WINDOWS\system32\vdvvy.dll (file missing)
O2 - BHO: (no name) - {1D96A932-4180-0D45-A141-67E34DEDFFCE} - H:\WINDOWS\system32\axnwwd.dll (file missing)
O2 - BHO: (no name) - {1DC0AF33-10D1-0810-AB41-67E34DE3FB9A} - H:\WINDOWS\system32\bpbuofkp.dll (file missing)
O2 - BHO: (no name) - {1E9AFC3C-1583-5818-F241-67E34DE2AE9B} - H:\WINDOWS\system32\ajpql.dll (file missing)
O2 - BHO: (no name) - {1F9AA835-14D7-0C18-A741-67E34DEDF2CF} - H:\WINDOWS\system32\azxmbbbp.dll (file missing)
O2 - BHO: (no name) - {1FB213DB-DC4B-BEF9-197A-D458667CFECA} - H:\WINDOWS\system32\uhqu.dll (file missing)
O2 - BHO: (no name) - {1FC7AD3D-4681-0015-A741-67E34DE2A89A} - H:\WINDOWS\system32\sgxb.dll (file missing)
O2 - BHO: (no name) - {3292BBE4-280B-4F91-246C-75B2186985CD} - H:\WINDOWS\system32\wwtnkw.dll (file missing)
O2 - BHO: (no name) - {32B21B8C-816E-EA9E-4C7A-D458667CF4C8} - H:\WINDOWS\system32\smr.dll (file missing)
O2 - BHO: (no name) - {38AE495E-F2B2-EA78-9027-81CD2F6E82C6} - H:\WINDOWS\system32\jfgb.dll (file missing)
O2 - BHO: (no name) - {39171B84-F13C-EDFE-1A1A-828DCB21839F} - H:\WINDOWS\system32\koipgt.dll (file missing)
O2 - BHO: (no name) - {391A14DF-A538-EFF9-1E1A-828DCB20D299} - H:\WINDOWS\system32\hkpybfca.dll (file missing)
O2 - BHO: (no name) - {3B191C8D-A53F-B6F9-4C1A-828DCB21D0CA} - H:\WINDOWS\system32\uqruiwwk.dll (file missing)
O2 - BHO: (no name) - {3B9A4ADB-D638-E99A-4C7A-D458667CF698} - H:\WINDOWS\system32\ngo.dll (file missing)
O2 - BHO: (no name) - {3C181A84-A461-BCFB-1E1A-828DCB2184CC} - H:\WINDOWS\system32\tlamgfd.dll (file missing)
O2 - BHO: (no name) - {3C4B15DE-F361-ECA0-1A1A-828DCB2181C2} - H:\WINDOWS\system32\wvopo.dll (file missing)
O2 - BHO: (no name) - {3E1B48DF-F338-EAA8-1C1A-828DCB208E9E} - H:\WINDOWS\system32\gob.dll (file missing)
O2 - BHO: (no name) - {46AA4C5D-85B7-EA48-9027-81CD2F6E82C6} - H:\WINDOWS\system32\jfgb.dll (file missing)
O2 - BHO: (no name) - {4894FE3D-4782-0044-F641-67E34DE3F999} - H:\WINDOWS\system32\ddcjylmi.dll (file missing)
O2 - BHO: (no name) - {48C4A935-4781-0A16-A741-67E34DECAD93} - H:\WINDOWS\system32\iuki.dll (file missing)
O2 - BHO: (no name) - {49B64FDA-8A46-B9FB-197A-D458667CF59F} - H:\WINDOWS\system32\lcmn.dll (file missing)
O2 - BHO: (no name) - {49C3F937-46D5-5843-AB41-67E34DEDFC9D} - H:\WINDOWS\system32\jdcb.dll (file missing)
O2 - BHO: (no name) - {4AE74FD8-DA4B-E9AA-4C7A-D458667CF698} - H:\WINDOWS\system32\ngo.dll (file missing)
O2 - BHO: (no name) - {4B90A43C-46D7-5814-F241-67E34DE2FB99} - H:\WINDOWS\system32\tnk.dll (file missing)
O2 - BHO: (no name) - {4B90AA36-4485-5F16-F041-67E34DE2FF9D} - H:\WINDOWS\system32\nmpg.dll (file missing)
O2 - BHO: (no name) - {4B94AC33-16D1-0117-A341-67E34DE3FC92} - H:\WINDOWS\system32\ukrcuqg.dll (file missing)
O2 - BHO: (no name) - {4B9BFE3D-1487-0A11-A741-67E34DECAE9B} - H:\WINDOWS\system32\jypj.dll (file missing)
O2 - BHO: (no name) - {4BB31CDF-D81E-BBAF-1D7A-D458667CF49D} - H:\WINDOWS\system32\gvmcvfjy.dll (file missing)
O2 - BHO: (no name) - {4BC0AC31-1BD2-5F15-A341-67E34DEDA899} - H:\WINDOWS\system32\rkyaqmf.dll (file missing)
O2 - BHO: (no name) - {4C9BF931-4384-5A40-A141-67E34DE2F9CA} - H:\WINDOWS\system32\qukun.dll (file missing)
O2 - BHO: (no name) - {4CC1AE32-40D1-0D47-A141-67E34DEDAE9A} - H:\WINDOWS\system32\nuuozi.dll (file missing)
O2 - BHO: (no name) - {4CC7AE63-1280-5A18-A341-67E34DEDAD9A} - H:\WINDOWS\system32\fqj.dll (file missing)
O2 - BHO: (no name) - {4CE2BFE7-240E-4FA1-246C-75B2186985CD} - H:\WINDOWS\system32\wwtnkw.dll (file missing)
O2 - BHO: (no name) - {4CF9AABD-6E5C-0FCC-2179-34B6784DA7CB} - H:\WINDOWS\system32\dxxd.dll (file missing)
O2 - BHO: (no name) - {4E92FC31-16D6-5C19-F641-67E34DE3FBCE} - H:\WINDOWS\system32\plwwva.dll (file missing)
O2 - BHO: (no name) - {4F96AF37-1781-0110-A341-67E34DE2F39A} - H:\WINDOWS\system32\cbn.dll (file missing)
O2 - BHO: (no name) - {4F9BAE30-1281-5F19-A141-67E34DE2FACF} - H:\WINDOWS\system32\qrglvh.dll (file missing)
O2 - BHO: (no name) - {4FC1AF33-46D2-5A40-F241-67E34DE2FA9B} - H:\WINDOWS\system32\xzsx.dll (file missing)
O2 - BHO: (no name) - {5361ED58-27E9-1C77-C347-2707E3A3E29F} - H:\WINDOWS\system32\kpitkh.dll (file missing)
O2 - BHO: (no name) - {578E15A8-FA4D-BF8D-3A8D-8BAD097CB2C3} - H:\WINDOWS\system32\jsc.dll (file missing)
O2 - BHO: (no name) - {60171D8F-F46F-EDFC-4F1A-828DCB26879D} - H:\WINDOWS\system32\qihcm.dll (file missing)
O2 - BHO: (no name) - {614F1F8B-F16D-ECA0-4F1A-828DCB218599} - H:\WINDOWS\system32\auveicq.dll (file missing)
O2 - BHO: (no name) - {694849DB-A769-BFFE-1A1A-828DCB218098} - H:\WINDOWS\system32\jvuhtqc.dll (file missing)
O2 - BHO: (no name) - {6A191F8F-F13B-ECAA-4B1A-828DCB268598} - H:\WINDOWS\system32\cxipyi.dll (file missing)
O2 - BHO: (no name) - {6A1E4FDF-A43D-BFFA-481A-828DCB2083CE} - H:\WINDOWS\system32\qkgpgit.dll (file missing)
O2 - BHO: (no name) - {6A4A4B8B-A13C-EBFA-1E1A-828DCB2085CD} - H:\WINDOWS\system32\agsvuae.dll (file missing)
O2 - BHO: (no name) - {6A4D19D8-A469-B6AE-121A-828DCB21D799} - H:\WINDOWS\system32\dvpe.dll (file missing)
O2 - BHO: (no name) - {6B16488C-F16E-B7A1-1A1A-828DCB20D39E} - H:\WINDOWS\system32\vau.dll (file missing)
O2 - BHO: (no name) - {6C1F1488-A56A-BEAE-181A-828DCB208099} - H:\WINDOWS\system32\yeqghg.dll (file missing)
O2 - BHO: (no name) - {6C4A1ED9-F66B-B6A8-491A-828DCB208ECA} - H:\WINDOWS\system32\qjyv.dll (file missing)
O2 - BHO: (no name) - {6C4B18D8-A369-BAFE-4B1A-828DCB20D598} - H:\WINDOWS\system32\qhkt.dll (file missing)
O2 - BHO: (no name) - {6C4F48D8-AE3A-BFFB-4F1A-828DCB218ECE} - H:\WINDOWS\system32\dxllm.dll (file missing)
O2 - BHO: (no name) - {6D4C1A84-AF61-EBA1-121A-828DCB21D2CA} - H:\WINDOWS\system32\pglx.dll (file missing)
O2 - BHO: (no name) - {6D4D4985-F23A-ECAD-1E1A-828DCB20D7CE} - H:\WINDOWS\system32\mpl.dll (file missing)
O2 - BHO: (no name) - {6E1C1EDC-F16F-B7AB-1E1A-828DCB21869E} - H:\WINDOWS\system32\xidfrgnm.dll (file missing)
O2 - BHO: (no name) - {6F1B48DE-AF69-B6AF-1C1A-828DCB26849F} - H:\WINDOWS\system32\lajfbkus.dll (file missing)
O2 - BHO: (no name) - {6F1D4988-A760-B9FD-4B1A-828DCB20D49D} - H:\WINDOWS\system32\dczbbfnf.dll (file missing)
O2 - BHO: (no name) - {6F4A1B88-A23B-EBAA-1C1A-828DCB2082CD} - H:\WINDOWS\system32\tjfutejj.dll (file missing)
O2 - BHO: (no name) - {758AA22B-409B-585C-ECE0-3DA6095DCCC4} - H:\WINDOWS\system32\ftaeve.dll (file missing)
O2 - BHO: (no name) - {7D4DA9F2-1410-7EEC-6D2D-11E4BDB6E9CA} - H:\WINDOWS\system32\gmxil.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {7FD463FF-DE1F-BFBE-3E8D-8BAD097CEF90} - H:\WINDOWS\system32\mdrm.dll (file missing)
O2 - BHO: (no name) - {806B813C-4AD7-7373-A494-1A4497844DCD} - H:\WINDOWS\system32\vsnffey.dll (file missing)
O2 - BHO: (no name) - {83ABA9D0-306F-5DF8-193A-30C62F4F3390} - H:\WINDOWS\system32\hcv.dll (file missing)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - H:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {99721E1C-D4A1-E06D-D906-83ADA9E527C7} - H:\WINDOWS\system32\hzela.dll (file missing)
O2 - BHO: (no name) - {997D4C4E-DEA1-E96B-8806-83ADA9BD7496} - H:\WINDOWS\system32\eubfygn.dll (file missing)
O2 - BHO: (no name) - {997F4A1D-89F9-E13E-DD06-83ADA9E57092} - H:\WINDOWS\system32\iqexwmk.dll (file missing)
O2 - BHO: (no name) - {9A284C4E-88AE-BF69-DB06-83ADA9E57396} - H:\WINDOWS\system32\nintsfop.dll (file missing)
O2 - BHO: (no name) - {9A721B1E-D9A8-B86B-8C06-83ADA9E62094} - H:\WINDOWS\system32\plekgjxs.dll (file missing)
O2 - BHO: (no name) - {9B2A4911-DBAB-EE62-D906-83ADA9E52993} - H:\WINDOWS\system32\iqcpar.dll (file missing)
O2 - BHO: (no name) - {9B2E4F1E-D5AE-E86C-DF06-83ADA9BD779D} - H:\WINDOWS\system32\npbxg.dll (file missing)
O2 - BHO: (no name) - {9C794D1A-D8A8-BA6D-8C06-83ADA9BD73C6} - H:\WINDOWS\system32\jdnmc.dll (file missing)
O2 - BHO: (no name) - {9C7E4B1E-DCA9-B86F-DD06-83ADA9E52296} - H:\WINDOWS\system32\amrglge.dll (file missing)
O2 - BHO: (no name) - {9D2E4D4E-89AD-EE6D-8806-83ADA9E574C4} - H:\WINDOWS\system32\imowb.dll (file missing)
O2 - BHO: (no name) - {9D2F4B4C-DAA0-BB3D-DF06-83ADA9E5209C} - H:\WINDOWS\system32\nvvhbapx.dll (file missing)
O2 - BHO: (no name) - {9E2E1B18-DFA0-E168-8C06-83ADA9E521C7} - H:\WINDOWS\system32\sifh.dll (file missing)
O2 - BHO: (no name) - {A008335A-8FEF-C62D-C347-F7BAD8371092} - H:\WINDOWS\system32\dlees.dll (file missing)
O2 - BHO: (no name) - {A5419E1D-52A2-6F09-DD46-5790EAD46CC7} - H:\WINDOWS\system32\mhwacuc.dll (file missing)
O2 - BHO: (no name) - {A75F3D5A-D3BA-9A76-CD47-F7BAD83712C3} - H:\WINDOWS\system32\jaqdnft.dll (file missing)
O2 - BHO: (no name) - {A943D065-36D2-7210-A294-1A4497841DC7} - H:\WINDOWS\system32\qufxzkoh.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - h:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {AB397BC4-9F71-DDEB-572E-E11BB20118C3} - H:\WINDOWS\system32\hdhauwpc.dll (file missing)
O2 - BHO: (no name) - {AC66B180-0A63-45AF-17DA-7EF2BC564099} - H:\WINDOWS\system32\pboe.dll (file missing)
O2 - BHO: (no name) - {AD362AC6-9672-88E2-002E-E11BB2014593} - H:\WINDOWS\system32\pzvbcplj.dll (file missing)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - H:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: (no name) - {B0B0FA7E-6FCA-0B0F-EA55-3676646D0DCC} - H:\WINDOWS\system32\jhk.dll (file missing)
O2 - BHO: (no name) - {B0E1AE2A-35CC-5C0E-E855-3676646D03C2} - H:\WINDOWS\system32\htu.dll (file missing)
O2 - BHO: (no name) - {B2E6AE7E-66CB-5C01-EA55-3676646D51C6} - H:\WINDOWS\system32\upq.dll (file missing)
O2 - BHO: (no name) - {B7E3FD7B-679C-5700-EA55-3676646D56C3} - H:\WINDOWS\system32\vtagrgu.dll (file missing)
O2 - BHO: (no name) - {B8D0082A-B49B-FF5C-B340-976C55195198} - H:\WINDOWS\system32\fjsbfjgh.dll (file missing)
O2 - BHO: (no name) - {B94E2A3A-9CD9-8410-F3D4-BEDECEB70A96} - H:\WINDOWS\system32\whitx.dll (file missing)
O2 - BHO: (no name) - {BED8087C-B79E-AC5C-B940-976C551800CE} - H:\WINDOWS\system32\vchjyi.dll (file missing)
O2 - BHO: (no name) - {BFD20A20-B49D-FD0F-B340-976C551802C5} - H:\WINDOWS\system32\rxdwnmnw.dll (file missing)
O2 - BHO: (no name) - {C72D1B1D-D9F9-E938-8806-83ADA9BD7591} - H:\WINDOWS\system32\ksbole.dll (file missing)
O2 - BHO: (no name) - {C7392D39-EBDC-8420-F3D4-BEDECEB70A96} - H:\WINDOWS\system32\whitx.dll (file missing)
O2 - BHO: (no name) - {C73B2E39-EBDC-8420-F3D4-BEDECEB70A96} - H:\WINDOWS\system32\whitx.dll (file missing)
O2 - BHO: (no name) - {C73F2A39-EBDC-8420-F3D4-BEDECEB70A96} - H:\WINDOWS\system32\whitx.dll (file missing)
O2 - BHO: (no name) - {C7781F4A-88A0-ED69-D906-83ADA9E62196} - H:\WINDOWS\system32\ujode.dll (file missing)
O2 - BHO: WhIeHelperObj Class - {c900b400-cdfe-11d3-976a-00e02913a9e0} - H:\Program Files\webHancer\programs\whiehlpr.dll
O2 - BHO: (no name) - {C9291B4A-8FFC-BA3D-DF06-83ADA9E62392} - H:\WINDOWS\system32\cmnyy.dll (file missing)
O2 - BHO: (no name) - {C97E4B4A-88AA-EE3E-DB06-83ADA9E52393} - H:\WINDOWS\system32\tfcgpind.dll (file missing)
O2 - BHO: (no name) - {CA794A1F-8FA0-EB62-8C06-83ADA9E52594} - H:\WINDOWS\system32\ibbdjht.dll (file missing)
O2 - BHO: (no name) - {CB2F1C1D-8EAE-BD38-D906-83ADA9E52490} - H:\WINDOWS\system32\afcypgut.dll (file missing)
O2 - BHO: (no name) - {CC7E4A4C-DCA9-E86E-8806-83ADA9E57594} - H:\WINDOWS\system32\bsjvw.dll (file missing)
O2 - BHO: (no name) - {CD291B1A-DAAF-E939-8806-83ADA9E52893} - H:\WINDOWS\system32\wblyiyxg.dll (file missing)
O2 - BHO: (no name) - {CD78191C-D5A8-EE63-D906-83ADA9E57296} - H:\WINDOWS\system32\afo.dll (file missing)
O2 - BHO: (no name) - {D4359E1E-5ED1-6F39-DD46-5790EAD46CC7} - H:\WINDOWS\system32\mhwacuc.dll (file missing)
O2 - BHO: (no name) - {DBFCFAD1-396A-0BFE-1B3A-30C62F4F60C7} - H:\WINDOWS\system32\zpzcl.dll (file missing)
O2 - BHO: (no name) - {DE793359-F8EB-C61D-C347-F7BAD8371092} - H:\WINDOWS\system32\dlees.dll (file missing)
O2 - BHO: (no name) - {E153211A-B1AE-8568-8FD3-EEABD9760092} - H:\WINDOWS\system32\rwllgta.dll (file missing)
O2 - BHO: (no name) - {E4B0FE24-6EC0-0F5E-BD55-3676646D0C96} - H:\WINDOWS\system32\hlf.dll (file missing)
O2 - BHO: (no name) - {E4E3A77E-619E-5B0C-BD55-3676646D02C1} - H:\WINDOWS\system32\oxg.dll (file missing)
O2 - BHO: (no name) - {E5ECA72F-349C-5800-E855-3676646D50C4} - H:\WINDOWS\system32\nuzu.dll
O2 - BHO: (no name) - {E5EDA72B-30C0-5E5E-E855-3676646D5493} - H:\WINDOWS\system32\mfiz.dll (file missing)
O2 - BHO: (no name) - {E657741C-E8F9-866D-8DD3-EEABD9775394} - H:\WINDOWS\system32\jfcd.dll (file missing)
O2 - BHO: (no name) - {FA46D464-3F8D-2710-F394-1A4497841E91} - H:\WINDOWS\system32\epen.dll (file missing)
O2 - BHO: (no name) - {FE1B813F-3DD2-7343-A494-1A4497844DCD} - H:\WINDOWS\system32\vsnffey.dll (file missing)
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - H:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - h:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [avast!] H:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ATICCC] "H:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [OpwareSE2] "H:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [OPSE reminder] "H:\Program Files\ScanSoft\OmniPageSE2.0\EregEng\Ereg.exe" -r "H:\Program Files\ScanSoft\OmniPageSE2.0\EregEng\ereg.ini"
O4 - HKLM\..\Run: [SunJavaUpdateSched] H:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [{E0A9BADD-08A1-1043-0830-060407060020}] "H:\Program Files\Common Files\{E0A9BADD-08A1-1043-0830-060407060020}\Update.exe" mc-110-12-0001411
O4 - HKLM\..\Run: [{E0A9BADD-08A2-1043-0830-060407060020}] "H:\Program Files\Common Files\{E0A9BADD-08A2-1043-0830-060407060020}\Update.exe" mc-110-12-0001411
O4 - HKLM\..\Run: [webHancer Agent] H:\Program Files\webHancer\Programs\whagent.exe
O4 - HKLM\..\Run: [QuickTime Task] "H:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] "h:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [MsnMsgr] "H:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Elso] "H:\DOCUME~1\DDEE~1\MIJNDO~1\DOBE~1\wuauclt.exe" -vt yazb
O4 - HKCU\..\Run: [Ybfne] H:\Program Files\Common Files\?racle\w?auclt.exe
O4 - HKCU\..\Run: [IpWins] H:\Program Files\Ipwindows\ipwins.exe
O4 - HKCU\..\Run: [WinPop] H:\Program Files\WinPop\winpop.exe
O4 - HKCU\..\Run: [swg] H:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Policies\Explorer\Run: [{E0A9BADD-08A1-1043-0830-060407060020}] "H:\Program Files\Common Files\{E0A9BADD-08A1-1043-0830-060407060020}\Update.exe" mc-110-12-0001411
O4 - HKCU\..\Policies\Explorer\Run: [{E0A9BADD-08A2-1043-0830-060407060020}] "H:\Program Files\Common Files\{E0A9BADD-08A2-1043-0830-060407060020}\Update.exe" mc-110-12-0001411
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Deer Hunter 2005 Registration.lnk = H:\Program Files\Atari\Deer Hunter 2005\ATR1.EXE
O4 - Startup: Registration Brothers In Arms.LNK = G:\Support\Register\RegistrationReminder.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = H:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: AutoCAD Startup Accelerator.lnk = H:\Program Files\Common Files\Autodesk Shared\acstart16.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://H:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://H:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://H:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://H:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://H:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O10 - Hijacked Internet access by WebHancer
O10 - Hijacked Internet access by WebHancer
O10 - Hijacked Internet access by WebHancer
O16 - DPF: {09F1ADAC-76D8-4D0F-99A5-5C907DADB988} - http://cdn.drivecleaner.com/installdrivecleanerstart_nl.cab
O22 - SharedTaskScheduler: discommodiousness - {33b8d257-07f6-4c06-8605-94bc21728635} - (no file)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - H:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - H:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - H:\WINDOWS\ATKKBService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - H:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - Unknown owner - H:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - H:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - H:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: COM+ Messages - Unknown owner - H:\WINDOWS\system32\svchosts.exe
O23 - Service: Google Updater Service (gusvc) - Google - H:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: PnkBstrA - Unknown owner - H:\WINDOWS\system32\PnkBstrA.exe

--
End of file - 22914 bytes



Ich hoffe das kann dir weiterhelfen
ciao und danke

cosinus 04.09.2007 21:15
:eek:

Ach du dickes Ei, dein System ist ja wohl voll unter die Räder gekommen! Man beachte die vielen O2-Einträge...

Desweiteren dürften sich hier gleich mehrere Backdoorschädlinge erkenntlich zeigen:

H:\DOCUME~1\DDEE~1\MIJNDO~1\DOBE~1\wuauclt.exe
H:\Program Files\Ipwindows\ipwins.exe
H:\WINDOWS\system32\svchosts.exe
H:\Program Files\WinPop\winpop.exe
H:\Program Files\Common Files\{E0A9BADD-08A1-1043-0830-060407060020}\Update.exe

Das System ist völlig im Eimer, da ist auch nichts mehr zu retten - nimm es sofort vom Netz und setz es neu auf! Folge dem Link neu aufsetzen in meiner Signatur und acker das ab - wenn du das System frisch aufgesetzt und abgesichert hat, solltest du auch sämtliche Passwörter ändern.

Evtl. auch interessante Links für dich:

Windows-PCs absichern
Windows-XP-Installationsguide

Zitat:
H:\Program Files\LimeWire\LimeWire.exe
Und vllt. auch mal in Zukunft Limewire meiden, v.a. von dort weder dubiose Programme runterladen noch ausführen!

Peking-Ente1 04.09.2007 21:28
Hallo user13

kein Wunder, daß das Surfen zur Qual wird, ich habe es schon lange nicht mehr erlebt, daß die HijackThis-Auswertung so lange braucht, um ein Ergebnis zu laden, kein gutes Zeichen.

Du hast BHO's auf Deinem Rechner, da rollen sich mir sämtliche Zehennägel auf, brrrrr. :headbang:

Vom Browser-Hijacker, bis hin zu Adware und Trojan-Downloadern ist alles vorhanden. Eine genauere Analyse wird vielleicht noch ein anderer User geben, aber das ändert nichts an der Tatsache, daß Du formatieren darfst.

Hier zum Beispiel:

H:\WINDOWS\system32\svchosts.exe -->Netzwerk-Wurm, reicht schon für format : C alleine aus, aber das ist noch nicht alles

Oder hier:

H:\Program Files\webHancer\Programs\whagent.exe ---> Link hierzu:

Webhancer - Potenziell unerwünschte Anwendung - Sophos Bedrohungsanalyse

Gruß

user13 04.09.2007 22:18
Oweh! Ich hab nicht gedacht das es so schlimm ist, ist neu aufsetzen wirklich die einzige moeglichkeit?
Ich danke euch von herzen, ich werd dann mal anfangen den Computer neu aufzusetzen.
Nochmals danke uns ciao Leute ich werd berichten ob es alles rundgelaufen ist.


Alle Zeitangaben in WEZ +1. Es ist jetzt 15:39 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131