|
HiJackThis Logfile......wer kann helfen.... Habe jetzt das ganz Lofile, wer kann mir dabei HELFEN, habe schon Ad-ware, Spybot Search&Destroy, CWShredder versucht nix hilft........ DANKE schon mal im voraus............. Logfile of HijackThis v1.98.2 Scan saved at 19:20:09, on 29.09.2004 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Programme\Norton AntiVirus\navapsvc.exe C:\WINDOWS\System32\svchost.exe C:\Programme\Norton AntiVirus\SAVScan.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\inetm\services.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe C:\Programme\Logitech\Video\LogiTray.exe C:\WINDOWS\System32\P2P Networking\P2P Networking.exe C:\WINDOWS\System32\ctfmon.exe C:\Programme\Messenger\msmsgs.exe C:\Programme\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe C:\WINDOWS\System32\LVComS.exe C:\WINDOWS\System32\wuauclt.exe C:\WINDOWS\System32\dllcache\IExplore.exe C:\WINDOWS\System32\dllcache\IExplore.exe C:\WINDOWS\System32\dllcache\IExplore.exe C:\WINDOWS\System32\dllcache\IExplore.exe C:\WINDOWS\System32\dllcache\IExplore.exe C:\WINDOWS\System32\dllcache\IExplore.exe C:\WINDOWS\System32\dllcache\IExplore.exe C:\WINDOWS\System32\dllcache\IExplore.exe C:\WINDOWS\System32\dllcache\IExplore.exe C:\WINDOWS\System32\dllcache\IExplore.exe C:\WINDOWS\System32\dllcache\IExplore.exe D:\Programme\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://on-search.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer bereitgestellt von A1 F3 - REG:win.ini: run=C:\WINDOWS\inetm\services.exe O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\YAHOO!\COMPAN~1\INSTALLS\cpn\ycomp5_3_12_0.dll O2 - BHO: (no name) - {5321E378-FFAD-4999-8C62-03CA8155F0B3} - (no file) O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: C:\WINDOWS\lbbho.dll - {70CCB9C3-9D44-4961-8CA8-54C4280925A9} - C:\WINDOWS\lbbho.dll O2 - BHO: (no name) - {7B55BB05-0B4D-44fd-81A6-B136188F5DEB} - C:\WINDOWS\questmod.dll (file missing) O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programme\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programme\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\YAHOO!\COMPAN~1\INSTALLS\cpn\ycomp5_3_12_0.dll O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Programme\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Programme\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART O4 - HKLM\..\Run: [xp_system] C:\WINDOWS\inetm\services.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [LDM] C:\Programme\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe O4 - HKCU\..\Run: [Yahoo! Pager] C:\Programme\Yahoo!\Messenger\ypager.exe -quiet O4 - HKCU\..\Run: [xp_system] C:\WINDOWS\inetm\services.exe O4 - Startup: iMesh.lnk = D:\MP i-MeshV4\iMeshClient.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programme\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O8 - Extra context menu item: &Yahoo! Search - file:///C:\Programme\Yahoo!\Common/ycsrch.htm O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Programme\Yahoo!\Common/ycdict.htm O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Programme\Yahoo!\Common/ycdict.htm O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Programme\Yahoo!\Messenger\yhexbmes0521.dll O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Programme\Yahoo!\Messenger\yhexbmes0521.dll O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) - O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.co...?1095862650919 O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yaho...tocomplete.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{06F9EB74-A4D6-4CA0-94C1-4B20FDB212BB}: NameServer = 62.116.33.193 O17 - HKLM\System\CS1\Services\Tcpip\..\{06F9EB74-A4D6-4CA0-94C1-4B20FDB212BB}: NameServer = 62.116.33.193 O17 - HKLM\System\CS2\Services\Tcpip\..\{06F9EB74-A4D6-4CA0-94C1-4B20FDB212BB}: NameServer = 62.116.33.193 :confused: :confused: :confused: DANKE...... |
Ein THread genügt, ich antworte im anderen. |
Hallo, überprüfe diese Datei bei http://virusscan.jotti.org/de und poste das Ergebnis: C:\WINDOWS\inetm\services.exe Zitat:
Warum? |
| Alle Zeitangaben in WEZ +1. Es ist jetzt 05:51 Uhr. |
Copyright ©2000-2025, Trojaner-Board