Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   brauche hilfe beim auswerten von hijackthis (https://www.trojaner-board.de/16445-brauche-hilfe-beim-auswerten-hijackthis.html)

doedel 09.04.2005 14:56
brauche hilfe beim auswerten von hijackthis
 
Logfile of HijackThis v1.99.0
Scan saved at 14:23:03, on 09.04.2005
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\EIGENE DATEIEN\DENIS\HIJACKTHIS199\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.deep-ass.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
O1 - Hosts: 3506967828 thehun.net
O1 - Hosts: 3506967828 www.thehun.net
O1 - Hosts: 3506967828 thehun.com
O1 - Hosts: 3506967828 www.thehun.com
O1 - Hosts: 3506967828 worldsex.com
O1 - Hosts: 3506967828 www.worldsex.com
O1 - Hosts: 3506967828 al4a.com
O1 - Hosts: 3506967828 www.al4a.com
O1 - Hosts: 3506967828 elephantlist.com
O1 - Hosts: 3506967828 www.elephantlist.com
O1 - Hosts: 3506967828 sleazydream.com
O1 - Hosts: 3506967828 www.sleazydream.com
O1 - Hosts: 3506967828 lumberjack-links.com
O1 - Hosts: 3506967828 www.lumberjack-links.com
O1 - Hosts: 3506967828 book-mark.net
O1 - Hosts: 3506967828 www.book-mark.net
O1 - Hosts: 3506967828 freeones.com
O1 - Hosts: 3506967828 www.freeones.com
O1 - Hosts: 3506967828 thumbzilla.com
O1 - Hosts: 3506967828 www.thumbzilla.com
O1 - Hosts: 3506967828 pinkworld.com
O1 - Hosts: 3506967828 www.pinkworld.com
O1 - Hosts: 3506967828 call-kelly.com
O1 - Hosts: 3506967828 www.call-kelly.com
O1 - Hosts: 3506967828 mmm100.com
O1 - Hosts: 3506967828 www.mmm100.com
O1 - Hosts: 3506967828 bunnyteens.com
O1 - Hosts: 3506967828 www.bunnyteens.com
O1 - Hosts: 3506967828 vidsvidsvids.com
O1 - Hosts: 3506967828 www.vidsvidsvids.com
O1 - Hosts: 3506967828 youngerbabes.com
O1 - Hosts: 3506967828 www.youngerbabes.com
O1 - Hosts: 3506967828 mature-post.com
O1 - Hosts: 3506967828 www.mature-post.com
O1 - Hosts: 3506967828 pornno.com
O1 - Hosts: 3506967828 www.pornno.com
O1 - Hosts: 3506967828 x-ho.com
O1 - Hosts: 3506967828 www.x-ho.com
O1 - Hosts: 3506967828 catlist.com
O1 - Hosts: 3506967828 www.catlist.com
O1 - Hosts: 3506967828 teenax.com
O1 - Hosts: 3506967828 www.teenax.com
O1 - Hosts: 3506967828 google.com
O1 - Hosts: 3506967828 www.google.com
O1 - Hosts: 3506967828 buldog.com
O1 - Hosts: 3506967828 www.buldog.com
O1 - Hosts: 3506967828 persiankitty.com
O1 - Hosts: 3506967828 www.persiankitty.com
O1 - Hosts: 3506967828 jizzhut.com
O1 - Hosts: 3506967828 www.jizzhut.com
O1 - Hosts: 3506967828 alexmovies.com
O1 - Hosts: 3506967828 www.alexmovies.com
O1 - Hosts: 3506967828 moviesarena.com
O1 - Hosts: 3506967828 www.moviesarena.com
O1 - Hosts: 3506967828 freepicturepage.com
O1 - Hosts: 3506967828 www.freepicturepage.com
O1 - Hosts: 3506967828 ultradonkey.com
O1 - Hosts: 3506967828 www.ultradonkey.com
O1 - Hosts: 3506967828 amplandmovies.com
O1 - Hosts: 3506967828 www.amplandmovies.com
O1 - Hosts: 3506967828 yahoo.com
O1 - Hosts: 3506967828 www.yahoo.com
O1 - Hosts: 3506967828 grannypictures.com
O1 - Hosts: 3506967828 www.grannypictures.com
O1 - Hosts: 3506967828 jamies-galleries.com
O1 - Hosts: 3506967828 www.jamies-galleries.com
O1 - Hosts: 3506967828 freebigmovies.com
O1 - Hosts: 3506967828 www.freebigmovies.com
O1 - Hosts: 3506967828 auntpolly.com
O1 - Hosts: 3506967828 www.auntpolly.com
O1 - Hosts: 3506967828 smashingthumbs.com
O1 - Hosts: 3506967828 www.smashingthumbs.com
O1 - Hosts: 3506967828 freeheaven.com
O1 - Hosts: 3506967828 www.freeheaven.com
O1 - Hosts: 3506967828 smokinmovies.com
O1 - Hosts: 3506967828 www.smokinmovies.com
O1 - Hosts: 3506967828 stickyhole.com
O1 - Hosts: 3506967828 www.stickyhole.com
O1 - Hosts: 3506967828 thumbnailpost.com
O1 - Hosts: 3506967828 www.thumbnailpost.com
O1 - Hosts: 3506967828 shagadelic.com
O1 - Hosts: 3506967828 www.shagadelic.com
O1 - Hosts: 3506967828 localteenies.com
O1 - Hosts: 3506967828 www.localteenies.com
O1 - Hosts: 3506967828 livesexlist.com
O1 - Hosts: 3506967828 www.livesexlist.com
O1 - Hosts: 3506967828 panty-ass.com
O1 - Hosts: 3506967828 www.panty-ass.com
O1 - Hosts: 3506967828 interracialporno.nu
O1 - Hosts: 3506967828 www.interracialporno.nu
O1 - Hosts: 3506967828 thumbco.com
O1 - Hosts: 3506967828 www.thumbco.com
O1 - Hosts: 3506967828 babes4free.com
O1 - Hosts: 3506967828 www.babes4free.com
O1 - Hosts: 3506967828 madthumbs.com
O1 - Hosts: 3506967828 www.madthumbs.com
O1 - Hosts: 3506967828 teeniefiles.com
O1 - Hosts: 3506967828 www.teeniefiles.com
O1 - Hosts: 3506967828 onlyteenstgp.com
O1 - Hosts: 3506967828 www.onlyteenstgp.com
O1 - Hosts: 3506967828 sublimedirectory.com
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programme\Norton AntiVirus\NavShExt.dll
O2 - BHO: BHOmodObj Class - {7F6828CA-9E42-462C-BC60-418C8144012C} - C:\WINDOWS\SYSTEM\BHOMOD.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programme\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Symantec Core LC] C:\Programme\Gemeinsame Dateien\Symantec Shared\CCPD-LC\symlcsvc.exe start
O4 - HKLM\..\Run: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMON.EXE
O4 - HKLM\..\Run: [ntddetect] WS\SYSTEM\ntddetect.exe
O4 - HKLM\..\Run: [MSUpdSrv] msupdsrv.exe
O4 - HKLM\..\Run: [ControlPanel] C:\WINDOWS\SYSTEM\twink64.exe internat.dll,LoadKeyboardProfile
O4 - HKLM\..\RunServices: [ccEvtMgr] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe"
O4 - HKLM\..\RunServices: [ccSetMgr] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe"
O4 - HKLM\..\RunServices: [NPFMonitor] C:\Programme\Norton AntiVirus\IWP\NPFMntor.exe
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [ntddetect] WS\SYSTEM\ntddetect.exe
O4 - HKCU\..\Run: [x3yy] C:\WINDOWS\SYSTEM\X3YY\CHENLMGO.EXE
O4 - HKCU\..\Run: [ntddetect] WS\SYSTEM\ntddetect.exe
O4 - Startup: Startleiste.lnk = C:\BISY\LAUNCHER.EXE
O4 - Startup: VR-NetWorld Auftragsprüfung.lnk = C:\Programme\VR-NetWorld\vrtoolcheckorder.exe
O4 - Global Startup: WERBAS-Compact (2).lnk = C:\WALI\WP.EXE
O15 - Trusted Zone: *.slotch.com
O15 - Trusted Zone: *.xxxtoolbar.com
O15 - Trusted Zone: *.blazefind.com
O15 - Trusted Zone: *.windupdates.com
O15 - Trusted Zone: *.searchmiracle.com
O15 - Trusted Zone: *.searchbarcash.com
O15 - Trusted Zone: *.skoobidoo.com
O15 - Trusted Zone: *.my-internet.info
O15 - Trusted Zone: *.flingstone.com
O15 - Trusted Zone: *.mt-download.com
O15 - Trusted Zone: *.clickspring.net
O15 - Trusted Zone: *.ysbweb.com
O15 - Trusted Zone: *.slotchbar.com
O15 - Trusted Zone: *.windupdates.com (HKLM)
O15 - Trusted Zone: *.searchbarcash.com (HKLM)
O15 - Trusted Zone: *.searchmiracle.com (HKLM)
O15 - Trusted Zone: *.skoobidoo.com (HKLM)
O15 - Trusted Zone: *.my-internet.info (HKLM)
O15 - Trusted Zone: *.xxxtoolbar.com (HKLM)
O15 - Trusted Zone: *.slotch.com (HKLM)
O15 - Trusted Zone: *.flingstone.com (HKLM)
O15 - Trusted Zone: *.mt-download.com (HKLM)
O15 - Trusted Zone: *.blazefind.com (HKLM)
O15 - Trusted Zone: *.clickspring.net (HKLM)
O15 - Trusted Zone: *.ysbweb.com (HKLM)
O15 - Trusted Zone: *.slotchbar.com (HKLM)
O15 - Trusted IP range: 67.19.185.246
O15 - Trusted IP range: 67.19.185.246 (HKLM)

Gigamail 09.04.2005 15:56
Hi,

Du bist leider schwer verseucht setze deine Kiste zu Deiner eigenen Sicherheit neu auf.
Du hast unter anderem einen Backdoor on Board
Zitat:
O4 - HKLM\..\RunServices: [ntddetect] WS\SYSTEM\ntddetect.exe
Der hier ist aktiv
Nebeneffekte:
# Ermöglicht Dritten den Zugriff auf den Computer
# Reduziert die Systemsicherheit
# Installiert sich in der Registrierung
# Hinterlässt nicht infizierte Dateien auf dem Computer

Das heisst Du bist Kompromittiert


Alle Zeitangaben in WEZ +1. Es ist jetzt 16:49 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131