|
HILFE !!!! Könnt ihr mir helfen? Hallo, ich weiß nicht genau was ich mir da eingefangen hab, aber vielleicht könnt ihr mir ja helfen es wieder loszuwerden ... hier ist das hijackthis-log: Logfile of HijackThis v1.99.1 Scan saved at 09:58:01, on 20.02.2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\atiptaxx.exe C:\WINDOWS\SOUNDMAN.EXE C:\Programme\Synaptics\SynTP\SynTPLpr.exe C:\Programme\Norton Personal Firewall\IAMAPP.EXE C:\Programme\Java\j2re1.4.2_04\bin\jusched.exe C:\Programme\AntiVir\AVGNT.EXE C:\WINDOWS\System32\ctfmon.exe C:\WINDOWS\System32\cstr.exe C:\Programme\AntiVir\AVGUARD.EXE C:\WINDOWS\System32\Ati2evxx.exe C:\Programme\AntiVir\AVWUPSRV.EXE C:\Programme\Gemeinsame Dateien\EPSON\EBAPI\SAgent2.exe C:\Programme\Borland\InterBase\bin\ibguard.exe C:\Programme\Norton Personal Firewall\NISUM.EXE C:\Programme\Norton Personal Firewall\NISSERV.EXE C:\Programme\Norton Personal Firewall\SymProxySvc.exe C:\Programme\Borland\InterBase\bin\ibserver.exe C:\Programme\Opera7\opera.exe C:\WINDOWS\System32\taskmgr.exe C:\Programme\Windows Media Player\wmplayer.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Dokumente und Einstellungen\Trish\Desktop\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.couldnotfind.com/search_p...ount_id=158290 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.couldnotfind.com/search_p...ount_id=158290 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wwe.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.couldnotfind.com/search_p...ount_id=158290 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file) O2 - BHO: BHObj Class - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - (no file) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: BAHelper Class - {A3FDD654-A057-4971-9844-4ED8E67DBBB8} - C:\Programme\SideFind\sfbho.dll (file missing) O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: ISTbar - {5F1ABCDB-A875-46c1-8345-B72A4567E486} - C:\PROGRA~1\ISTbar\istbar.dll O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe O4 - HKLM\..\Run: [SynTPLpr] C:\Programme\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [iamapp] C:\Programme\Norton Personal Firewall\IAMAPP.EXE O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\j2re1.4.2_04\bin\jusched.exe O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Center\UsrPrmpt.exe O4 - HKLM\..\Run: [winmgr.exe] scvhost.exe O4 - HKLM\..\Run: [aK7BCbCj] C:\WINDOWS\njtxsyh.exe O4 - HKLM\..\Run: [Norton Update] cUpdate.exe O4 - HKLM\..\Run: [l4PLAfV] C:\WINDOWS\njtxsyh.exe O4 - HKLM\..\Run: [Power Scan] C:\Programme\Power Scan\powerscan.exe O4 - HKLM\..\Run: [xwd] C:\WINDOWS\xwd.exe O4 - HKLM\..\Run: [AVGCtrl] C:\Programme\AntiVir\AVGNT.EXE /min O4 - HKLM\..\Run: [regmgr32nt] msbin32.exe O4 - HKLM\..\Run: [nvsv32.exe] cstr.exe O4 - HKLM\..\RunServices: [winmgr.exe] scvhost.exe O4 - HKLM\..\RunServices: [Norton Update] cUpdate.exe O4 - HKLM\..\RunServices: [regmgr32nt] msbin32.exe O4 - HKLM\..\RunServices: [nvsv32.exe] cstr.exe O4 - HKLM\..\RunOnce: [nvsv32.exe] cstr.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [regmgr32nt] msbin32.exe O4 - HKCU\..\Run: [nvsv32.exe] cstr.exe O4 - HKCU\..\RunServices: [regmgr32nt] msbin32.exe O4 - HKCU\..\RunOnce: [nvsv32.exe] cstr.exe O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\j2re1.4.2_04\bin\npjpi142_04.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\j2re1.4.2_04\bin\npjpi142_04.dll O9 - Extra button: SideFind - {10E42047-DEB9-4535-A118-B3F6EC39B807} - C:\Programme\SideFind\sidefind.dll (file missing) O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.co...?1108888358983 O17 - HKLM\System\CCS\Services\Tcpip\..\{0B6DBFD7-AFDB-40CC-A966-86A638AE78FC}: Domain = lop.com O17 - HKLM\System\CCS\Services\Tcpip\..\{97D40DB0-6AFF-4B4F-96E7-EAE3A5C009BB}: NameServer = 139.30.8.7 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = uni-rostock.de O17 - HKLM\System\CS1\Services\Tcpip\..\{0B6DBFD7-AFDB-40CC-A966-86A638AE78FC}: Domain = lop.com O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = uni-rostock.de O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Programme\AntiVir\AVGUARD.EXE O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Programme\AntiVir\AVWUPSRV.EXE O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Programme\Gemeinsame Dateien\EPSON\EBAPI\SAgent2.exe O23 - Service: InterBase Guardian (InterBaseGuardian) - Borland Software Corporation - C:\Programme\Borland\InterBase\bin\ibguard.exe O23 - Service: InterBase Server (InterBaseServer) - Borland Software Corporation - C:\Programme\Borland\InterBase\bin\ibserver.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Programme\Gemeinsame Dateien\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: MySQL - Unknown owner - C:\minixampp\mysql\bin\mysqld-nt.exe O23 - Service: Norton Personal Firewall Service (NISSERV) - Symantec Corporation - C:\Programme\Norton Personal Firewall\NISSERV.EXE O23 - Service: Norton Personal Firewall Accounts Manager (NISUM) - Symantec Corporation - C:\Programme\Norton Personal Firewall\NISUM.EXE O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe O23 - Service: Norton Personal Firewall Proxy Service (SymProxySvc) - Symantec Corporation - C:\Programme\Norton Personal Firewall\SymProxySvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Center\SymWSC.exe danke schön lg rhaps |
Hallo, nur mal ein paar Beispiele von deinem extrem verseuchtem System: Zitat:
Zitat:
Zitat:
Zitat:
|
| Alle Zeitangaben in WEZ +1. Es ist jetzt 19:01 Uhr. |
Copyright ©2000-2025, Trojaner-Board