Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Hilfe!!! Unrecognized attempt blocked from

Hilfe!!! Unrecognized attempt blocked from


Log-Analyse und Auswertung: Hilfe!!! Unrecognized attempt blocked from

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 24.06.2008, 10:18   #1
tummy
 
Hilfe!!! Unrecognized attempt blocked from - Standard

Hilfe!!! Unrecognized attempt blocked from


Hallo,
habe da ein paar probleme mit mein internet....habe ein laptop und ein desktop an ein d-link DI-524.Nun wird dieser seid ein paar tagen angegriffen(zumindest denk ich das).Hier mal die log vom router:
-------------------------------------------------
System Logs
-------------------------------------------------
Tue Jun 24 10:49:20 2008 Set Device Time to: Mon Dec 31 23:59:29 2007
Tue Jun 24 10:49:24 2008 TX TCP reset for 192.168.0.4(1193) -> 192.168.0.1(80)
Tue Jun 24 10:49:28 2008 Syn time: Tue Jun 24 10:49:27 2008
Tue Jun 24 10:49:29 2008 Syn time: Tue Jun 24 10:49:29 2008
Tue Jun 24 10:49:39 2008 Unrecognized attempt blocked from 84.62.10.93:16693 to 84.62.147.102 TCP:135Tue Jun 24 10:49:40 2008 Unrecognized attempt blocked from 84.62.10.93:16713 to 84.62.147.102 TCP:135
Tue Jun 24 10:49:45 2008 PPPoE start to hang-up
Tue Jun 24 10:49:45 2008 PADT sent
Tue Jun 24 10:49:47 2008 DOD:TCP trigger from 192.168.0.3:3284 to 208.78.69.70:80
Tue Jun 24 10:49:47 2008 PPPoE start to dial-up
Tue Jun 24 10:49:47 2008 PADI sent arcor
Tue Jun 24 10:49:48 2008 PADR sent
Tue Jun 24 10:49:50 2008 PPP3: TX LCP Request
Tue Jun 24 10:49:50 2008 PPP3: Rx LCP Request
Tue Jun 24 10:49:50 2008 PPP3: TX LCP ACK
Tue Jun 24 10:49:50 2008 PPP3: Rx LCP ACK
Tue Jun 24 10:49:51 2008 CHAP3: CHAP authentication success, unit 13297
Tue Jun 24 10:49:51 2008 PPP3: Tx IPCP Reguest
Tue Jun 24 10:49:51 2008 PPP3: Rx IPCP Request
Tue Jun 24 10:49:51 2008 PPP3: Rx IPCP NACK/REJECT
Tue Jun 24 10:49:51 2008 IPCP3: IP is 84.62.157.166
Tue Jun 24 10:49:51 2008 IPCP3: DNS0 is 195.50.140.114
Tue Jun 24 10:49:51 2008 IPCP3: DNS1 is 195.50.140.252
Tue Jun 24 10:49:51 2008 PPP3: Tx IPCP Reguest
Tue Jun 24 10:49:51 2008 PPP3: Rx IPCP ACK
Tue Jun 24 10:50:02 2008 Unrecognized attempt blocked from 89.136.48.69:62589 to 84.62.157.166 TCP:1086
Tue Jun 24 10:50:03 2008 Unrecognized attempt blocked from 89.136.48.69:62589 to 84.62.157.166 TCP:1086
Tue Jun 24 10:50:04 2008 Unrecognized attempt blocked from 89.136.48.69:62589 to 84.62.157.166 TCP:1086
Tue Jun 24 10:50:06 2008 Unrecognized attempt blocked from 89.136.48.69:62589 to 84.62.157.166 TCP:1086
Tue Jun 24 10:50:11 2008 Unrecognized attempt blocked from 89.136.48.69:62589 to 84.62.157.166 TCP:1086
Tue Jun 24 10:50:21 2008 Unrecognized attempt blocked from 89.136.48.69:62589 to 84.62.157.166 TCP:1086
Tue Jun 24 10:50:25 2008 TX TCP reset for 192.168.0.4(1316) -> 192.168.0.1(80)
Tue Jun 24 10:52:07 2008 Unrecognized attempt blocked from 84.62.140.202:50749 to 84.62.157.166 TCP:135
Tue Jun 24 10:52:32 2008 Unrecognized attempt blocked from 92.227.202.13:28759 to 84.62.157.166 TCP:135
Tue Jun 24 10:54:26 2008 Unrecognized attempt blocked from 84.62.11.69:3877 to 84.62.157.166 TCP:445
Tue Jun 24 10:54:30 2008 Unrecognized attempt blocked from 77.12.125.189:59292 to 84.62.157.166 UDP:52777
Tue Jun 24 10:56:21 2008 Unrecognized attempt blocked from 84.62.11.69:4539 to 84.62.157.166 TCP:135
Tue Jun 24 10:56:50 2008 Unrecognized attempt blocked from 61.164.148.109:12200 to 84.62.157.166 TCP:7212
Tue Jun 24 10:56:51 2008 Unrecognized attempt blocked from 61.164.148.109:12200 to 84.62.157.166 TCP:9788
Tue Jun 24 10:57:03 2008 Unrecognized attempt blocked from 84.62.196.150:3297 to 84.62.157.166 TCP:135
Tue Jun 24 10:57:25 2008 Unrecognized attempt blocked from 84.62.158.192:5102 to 84.62.157.166 TCP:135
Tue Jun 24 10:57:36 2008 Unrecognized attempt blocked from 77.12.125.189:59292 to 84.62.157.166 UDP:52777
Tue Jun 24 10:57:42 2008 Unrecognized attempt blocked from 92.227.202.13:51630 to 84.62.157.166 TCP:135
Tue Jun 24 10:57:51 2008 Unrecognized attempt blocked from 77.12.125.189:59292 to 84.62.157.166 UDP:52777
Tue Jun 24 10:58:31 2008 Unrecognized attempt blocked from 88.65.209.154:34828 to 84.62.157.166 UDP:52777
Tue Jun 24 10:58:35 2008 Unrecognized attempt blocked from 88.65.209.154:34828 to 84.62.157.166 UDP:52777
Tue Jun 24 10:58:56 2008 Unrecognized attempt blocked from 92.227.202.13:8119 to 84.62.157.166 TCP:135
Tue Jun 24 11:01:41 2008 Unrecognized attempt blocked from 77.12.125.189:59292 to 84.62.157.166 UDP:52777
Tue Jun 24 11:03:16 2008 Unrecognized attempt blocked from 84.62.44.26:40286 to 84.62.157.166 TCP:135
Tue Jun 24 11:05:06 2008 Unrecognized attempt blocked from 88.65.209.154:34554 to 84.62.157.166 UDP:52777
Tue Jun 24 11:05:16 2008 Admin from 192.168.0.4 login successful

Hab auch schon mit das programm hijack logs von den rechnern gemacht:
1(laptop):

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:54:16, on 24.06.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
C:\Programme\Intel\Wireless\Bin\EvtEng.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
C:\Programme\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\OEM02Mon.exe
C:\Programme\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\stsystra.exe
C:\Programme\Intel\Wireless\bin\ZCfgSvc.exe
C:\Programme\Intel\Wireless\Bin\ifrmewrk.exe
C:\Programme\Dell\Dell Webcam Manager\DellWMgr.exe
C:\Programme\Dell\QuickSet\quickset.exe
C:\WINDOWS\system32\KADxMain.exe
C:\Programme\Dell Support Center\bin\sprtcmd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Digital Line Detect\DLG.exe
C:\Programme\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Programme\Outlook Express\msimn.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Dokumente und Einstellungen\Joerg\Desktop\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://partnerpage.google.com/smallbiz.dell.com/de_de?hl=de&client=dell-row&channel=de-smb&ibd=2080425
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.de/hws/sb/dell-row/de/side.html?channel=de-smb
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = hxxp://partnerpage.google.com/smallbiz.dell.com/de_de?hl=de&client=dell-row&channel=de-smb&ibd=2080425
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = hxxp://partnerpage.google.com/smallbiz.dell.com/de_de?hl=de&client=dell-row&channel=de-smb&ibd=2080425
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Programme\Dell\BAE\BAE.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\Programme\FlashFXP\IEFlash.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe nvHotkey.dll,Start
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\WINDOWS\OEM02Mon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Programme\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Programme\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Programme\Dell\Dell Webcam Manager\DellWMgr.exe" /s
O4 - HKLM\..\Run: [Dell QuickSet] C:\Programme\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [KADxMain] C:\WINDOWS\system32\KADxMain.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\GEMEIN~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [dscactivate] "C:\Programme\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Programme\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Programme\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Digital Line Detect.lnk = C:\Programme\Digital Line Detect\DLG.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - hxxp://www.srtest.com/srl_bin/sysreqlab3.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - hxxp://www.update.microsoft.com/micr...?1209478831421
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Programme\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Programme\Dell Support Center\bin\sprtsvc.exe
O23 - Service: stllssvr - Unknown owner - C:\Programme\Gemeinsame Dateien\SureThing Shared\stllssvr.exe (file missing)
O23 - Service: TuneUp Drive Defrag-Dienst (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Programme\Intel\Wireless\Bin\WLKeeper.exe

--
End of file - 8219 bytes


2(desktop):

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:56:08, on 24.06.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\VIA\RAID\raid_tool.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Programme\SPAMfighter\SFAgent.exe
C:\Programme\ATI Technologies\ATI.ACE\cli.exe
C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\SPAMfighter\sfus.exe
C:\Programme\Logitech\SetPoint\SetPoint.exe
C:\Programme\Gemeinsame Dateien\Logishrd\KHAL2\KHALMNPR.EXE
C:\WINDOWS\System32\svchost.exe
C:\Programme\ATI Technologies\ATI.ACE\cli.exe
C:\Programme\ATI Technologies\ATI.ACE\cli.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\Opera\Opera.exe
C:\Programme\Outlook Express\msimn.exe
C:\WINDOWS\system32\java.exe
C:\Programme\Zylom Games\Da Vinci's Secret Deluxe\davincissecret.exe
C:\Dokumente und Einstellungen\Administrator\Desktop\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://s4.bitefight.de/bite/uebersicht.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Programme\FlashGet\jccatch.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\Programme\FlashFXP\IEFlash.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Programme\FlashGet\getflash.dll
O4 - HKLM\..\Run: [RaidTool] C:\Programme\VIA\RAID\raid_tool.exe
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SPAMfighter Agent] "C:\Programme\SPAMfighter\SFAgent.exe" update delay 60
O4 - HKLM\..\Run: [ATICCC] "C:\Programme\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &Alles mit FlashGet laden - C:\Programme\FlashGet\jc_all.htm
O8 - Extra context menu item: &Mit FlashGet laden - C:\Programme\FlashGet\jc_link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Programme\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Programme\FlashGet\FlashGet.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\MSMSGS.EXE (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\MSMSGS.EXE (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Programme\Gemeinsame Dateien\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: NBService - Nero AG - C:\Programme\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe
O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Programme\SPAMfighter\sfus.exe
O23 - Service: TuneUp Drive Defrag-Dienst (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - Unknown owner - C:\Programme\TuneUpUtilities2006\WinStylerThemeSvc.exe (file missing)

--
End of file - 5656 bytes


Leider kann ich mit den ganzen logs nicht viel anfangen,und bin auf eure hilfe angewiesen.Wär echt super wenn mir jemand helfen könnte....teilweise geht mein internet für ein paar minuten garnichtmehr....


m.f.g.

Alt 24.06.2008, 10:59   #2
undoreal
/// AVZ-Toolkit Guru
 
Hilfe!!! Unrecognized attempt blocked from - Standard

Hilfe!!! Unrecognized attempt blocked from


Hallo tummy.

Das sind alles Arcor Adressen. Also kein Grund zur Sorge.

Deine logs sind sauber. Allerdings solltest du am Desktop mal auf das Sevie Pack 3 updaten!!

Hattest du am Desktop das Game C:\Programme\Zylom Games\Da Vinci's Secret Deluxe\davincissecret.exe am Laufen während du den HJT Scan gemacht hast?
__________________

__________________
Alt 24.06.2008, 12:29   #3
tummy
 
Hilfe!!! Unrecognized attempt blocked from - Standard

Hilfe!!! Unrecognized attempt blocked from


Hallo,
ja das spiel war gerade am laufen.
Hatte das service pack3 auch schonmal aufn desktop,nur leider musste ich es wieder löschen weil der rechner immerwieder eingefroren ist.

m.f.g.
__________________
Alt 24.06.2008, 20:06   #4
tummy
 
Hilfe!!! Unrecognized attempt blocked from - Standard

Hilfe!!! Unrecognized attempt blocked from


Hallo,
jetzt habe ich ein neues problem,un zwar dieses:
Log aus dem router:

Tue Jun 24 20:58:16 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 20:58:16 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 20:58:16 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 20:58:31 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 20:58:31 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 20:58:31 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 20:58:31 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 20:58:31 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 20:58:46 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 20:58:46 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 20:58:46 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 20:58:46 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 20:58:46 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 20:59:01 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 20:59:01 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 20:59:01 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 20:59:01 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 20:59:01 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 20:59:16 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 20:59:16 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 20:59:16 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 20:59:16 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 20:59:16 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 20:59:31 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 20:59:31 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 20:59:31 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 20:59:31 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 20:59:31 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 20:59:46 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 20:59:46 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 20:59:46 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 20:59:46 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 20:59:46 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 21:00:01 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 21:00:01 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 21:00:01 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 21:00:01 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 21:00:01 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 21:00:14 2008 Unrecognized attempt blocked from 84.63.133.147:63456 to 84.63.150.174 TCP:135
Tue Jun 24 21:00:16 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 21:00:16 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 21:00:16 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 21:00:16 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 21:00:16 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 21:00:22 2008 Unrecognized attempt blocked from 84.63.95.195:31983 to 84.63.150.174 TCP:135
Tue Jun 24 21:00:31 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 21:00:31 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 21:00:31 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 21:00:31 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 21:00:31 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 21:00:46 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 21:00:46 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 21:00:46 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 21:00:46 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 21:00:46 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 21:01:01 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 21:01:01 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 21:01:01 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 21:01:01 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 21:01:01 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 21:01:16 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 21:01:16 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 21:01:16 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 21:01:16 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 21:01:16 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 21:01:31 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 21:01:31 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 21:01:31 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 21:01:31 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 21:01:31 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 21:01:46 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 21:01:46 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 21:01:46 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 21:01:46 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 21:01:46 2008 ICMP: type 3 code 13 from 84.63.128.1
Tue Jun 24 21:01:46 2008 PPPoE start to hang-up
Tue Jun 24 21:01:46 2008 PADT sent
Tue Jun 24 21:01:51 2008 DOD:triggered internally
Tue Jun 24 21:01:51 2008 PPPoE start to dial-up
Tue Jun 24 21:01:51 2008 PADI sent arcor
Tue Jun 24 21:01:51 2008 PADR sent
Tue Jun 24 21:01:54 2008 PPP3: TX LCP Request
Tue Jun 24 21:01:54 2008 PPP3: Rx LCP Request
Tue Jun 24 21:01:54 2008 PPP3: TX LCP ACK
Tue Jun 24 21:01:54 2008 PPP3: Rx LCP ACK
Tue Jun 24 21:01:54 2008 CHAP3: CHAP authentication success, unit 12293
Tue Jun 24 21:01:54 2008 PPP3: Tx IPCP Reguest
Tue Jun 24 21:01:54 2008 PPP3: Rx IPCP Request
Tue Jun 24 21:01:54 2008 PPP3: Rx IPCP NACK/REJECT
Tue Jun 24 21:01:54 2008 IPCP3: IP is 84.62.174.95
Tue Jun 24 21:01:54 2008 IPCP3: DNS0 is 195.50.140.114
Tue Jun 24 21:01:54 2008 IPCP3: DNS1 is 195.50.140.252
Tue Jun 24 21:01:54 2008 PPP3: Tx IPCP Reguest
Tue Jun 24 21:01:54 2008 PPP3: Rx IPCP ACK
Tue Jun 24 21:02:01 2008 ICMP: type 3 code 13 from 84.62.128.1
Tue Jun 24 21:02:01 2008 ICMP: type 3 code 13 from 84.62.128.1


hat es da vielleicht einer auf mich abgesehn???
Die ip ist von arcor,und der anschluss irgendwo in oberhausen.
Mein router macht dauernd trennung und das inet ist nurnoch am lahmen......


m.f.g.

Antwort

Themen zu Hilfe!!! Unrecognized attempt blocked from
administrator, adobe, bho, browser, desktop, einstellungen, error, explorer, firefox, helfen, hijack, hijackthis, hilfe!!, hilfe!!!, hkus\s-1-5-18, internet explorer, monitor, mozilla, mozilla firefox, outlook express, programm, registry, rundll, software, super, system, tcp, temp, tuneup.defrag, udp, windows, windows xp, windows xp sp3, xp sp3


« Ist mein System sauber? | Backdoor oder sowas, bin am verzweifeln »


Ähnliche Themen: Hilfe!!! Unrecognized attempt blocked from


  1. Bluescreen an attempt was made to write on read only memory
    Alles rund um Windows - 09.08.2015 (12)
  2. Hilfe ich habe mir was gefangen:chrome-extension://flliilndjeohchalpbbcdekjklbdgfkk/html/blocked.html
    Log-Analyse und Auswertung - 16.01.2015 (17)
  3. Javakonsole blocked a Frame Browser
    Alles rund um Windows - 01.08.2013 (1)
  4. router: Unrecognized attempt blocked from[..]
    Log-Analyse und Auswertung - 23.08.2010 (3)
  5. Unrecognized attempt blocked
    Log-Analyse und Auswertung - 16.05.2009 (1)
  6. Unrecognized attempt blocked from... immer im Router Log und Internet verlangsamt.
    Log-Analyse und Auswertung - 09.12.2008 (4)
  7. Unrecognized attempt blocked from
    Plagegeister aller Art und deren Bekämpfung - 19.02.2008 (2)
  8. "Unrecognized attempt blocked from..."
    Plagegeister aller Art und deren Bekämpfung - 06.02.2008 (0)
  9. Download nicht möglich - bitte Hilfe: This object has been blocked.
    Alles rund um Windows - 25.07.2007 (5)
  10. Firewall log: Unrecognized attempt blocked from MIT HiJach Log
    Log-Analyse und Auswertung - 13.02.2007 (5)
  11. Unrecognized attempt blocked & HiJackThis Log-File
    Log-Analyse und Auswertung - 30.01.2007 (1)
  12. Internetprobleme "Unrecognized attempt blocked"
    Plagegeister aller Art und deren Bekämpfung - 19.07.2006 (8)
  13. Unrecognized attempt blocked *Hilfe*
    Log-Analyse und Auswertung - 04.01.2006 (1)
  14. Hilfe!!! Unrecognized attempt blocked from
    Plagegeister aller Art und deren Bekämpfung - 26.10.2005 (8)
  15. pop up window blocked
    Plagegeister aller Art und deren Bekämpfung - 27.02.2005 (1)
  16. Pop-up window blocked
    Plagegeister aller Art und deren Bekämpfung - 24.02.2005 (6)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Hilfe!!! Unrecognized attempt blocked from - Hallo, habe da ein paar probleme mit mein internet....habe ein laptop und ein desktop an ein d-link DI-524.Nun wird dieser seid ein paar tagen angegriffen(zumindest denk ich das).Hier mal die - Hilfe!!! Unrecognized attempt blocked from...
Archiv
Du betrachtest: Hilfe!!! Unrecognized attempt blocked from auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54