Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Mülltonne (https://www.trojaner-board.de/muelltonne/)
-   -   Wer kann mir helfen? Meine Maus spinnt... (https://www.trojaner-board.de/29798-mir-helfen-maus-spinnt.html)

Findme 07.06.2006 14:38
Wer kann mir helfen? Meine Maus spinnt...
 
Logfile of HijackThis v1.99.1
Scan saved at 15:19:03, on 07.06.2006
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\PROGRAMME\SYGATE\SPF\SMC.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAMME\INCREDIMAIL\BIN\INCREDIMAIL.EXE
C:\PROGRAMME\LEXMARK X1100 SERIES\LXBKBMGR.EXE
C:\WINDOWS\MIXER.EXE
C:\WINDOWS\LOADQM.EXE
C:\PROGRAMME\LOGITECH\SETPOINT\KEM.EXE
C:\PROGRAMME\LEXMARK X1100 SERIES\LXBKBMON.EXE
C:\WINDOWS\DIT.EXE
C:\WINDOWS\SYSTEM\LVCOMSX.EXE
C:\PROGRAMME\LOGITECH\VIDEO\LOGITRAY.EXE
C:\PROGRAMME\ALPENLAND\EURO + @\EUROAT.EXE
C:\WINDOWS\SYSTEM\LEXBCES.EXE
C:\PROGRAMME\TUNEUP UTILITIES 2004\MEMOPTIMIZER.EXE
C:\WINDOWS\DITEXP.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAMME\RAINLENDAR\RAINLENDAR.EXE
C:\PROGRAMME\LOGITECH\SETPOINT\KHALMNPR.EXE
C:\PROGRAMME\LOGITECH\VIDEO\FXSVR2.EXE
C:\WINDOWS\SYSTEM\LEXPPS.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\PROGRAMME\MYIE2\MYIE.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAMME\WINZIP\WZQKPICK.EXE
C:\EIGENE DATEIEN\UPDATES\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://morwillsearch.com/?adv_id=amandaxxx&sub_id=
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.freenet.de
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lookfor.cc?pin=12345
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://lookfor.cc/sp.php?pin=12345
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://lookfor.cc/sp.php?pin=12345
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://lookfor.cc/sp.php?pin=12345
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://lookfor.cc?pin=12345
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Kalles Internet Explorer
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRAMME\ICQTOOLBAR\TOOLBAR.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAMME\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL
O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Programme\GetRight\xx2gr.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRAMME\ICQTOOLBAR\TOOLBAR.DLL
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRAMME\YAHOO!\COMPANION\INSTALLS\CPN\YT.DLL
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [IncrediMail] C:\PROGRA~1\INCRED~1\bin\IncrediMail.exe /c
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Programme\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [LexStart] lexstart.exe
O4 - HKLM\..\Run: [WinDSL MTU-Adjust] WinDSL_MTU.exe
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [SetPoint] C:\Programme\Logitech\SetPoint\KEM.EXE
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\SYSTEM\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Programme\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Programme\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\SYGATE\SPF\SMC.EXE -startgui
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [KB891711] C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
O4 - HKLM\..\RunServices: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\RunServices: [SmcService] C:\PROGRAMME\SYGATE\SPF\SMC.EXE
O4 - HKCU\..\Run: [euroat.exe] C:\PROGRAMME\ALPENLAND\EURO + @\EUROAT.EXE
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\PROGRAMME\TUNEUP UTILITIES 2004\MEMOPTIMIZER.EXE" autostart
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] C:\PROGRAMME\LOGITECH\VIDEO\MANIFESTENGINE.EXE boot
O4 - Startup: Rainlendar.lnk = C:\Programme\Rainlendar\Rainlendar.exe
O4 - Startup: WinZip Quick Pick.lnk = C:\Programme\WinZip\WZQKPICK.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\WebMenuImg.htm
O8 - Extra context menu item: Download with GetRight - C:\Programme\GetRight\GRdownload.htm
O8 - Extra context menu item: Open with GetRight Browser - C:\Programme\GetRight\GRbrowse.htm
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZNxdm119YYDE
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\PROGRAMME\ICQTOOLBAR\TOOLBAR.DLL/SEARCH.HTML
O8 - Extra context menu item: Zum Popup-Filter hinzufügen - C:\PROGRAMME\MYIE2\config/blacklist.htm
O8 - Extra context menu item: Mit &Google suchen - C:\WINDOWS\Anwendungsdaten\TuneUp Software\TuneUp Utilities\Web\gsearch.htm
O8 - Extra context menu item: Äh&nliche Seiten - C:\WINDOWS\Anwendungsdaten\TuneUp Software\TuneUp Utilities\Web\gsimilar.htm
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAMME\YAHOO!\COMMON\YHEXBMESDE.DLL
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAMME\YAHOO!\COMMON\YHEXBMESDE.DLL
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRAMME\JAVA\JRE1.5.0_06\BIN\SSV.DLL
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRAMME\JAVA\JRE1.5.0_06\BIN\SSV.DLL
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} (Yahoo! Toolbar) - http://us.dl1.yimg.com/download.companion.yahoo.com/dl/toolbar/yiebio5_3_18_0.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.de/scan8/oscan8.cab

Rene-gad 07.06.2006 14:53
@Findme
Bitte hier nachlesen und nachhaken, sonst landet Dein Thread in die Mülltonne.

Sunny 07.06.2006 14:57
Hallo Findme,

so wie dein name es schon sagt, wonach soll ich suchen? Nach einem bösen Eintrag wie (mausspinnt.exe?) ??? :lach:

Fixe mit HijackThis folgende Einträge:
Zitat:
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lookfor.cc?pin=12345[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = ht*p://lookfor.cc/sp.php?pin=12345[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://lookfor.cc/sp.php?pin=12345[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://lookfor.cc/sp.php?pin=12345[/url]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://lookfor.cc?pin=12345[/url]
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZNxdm119YYDE[/url]
O8 - Extra context menu item: Zum Popup-Filter hinzufügen - C:\PROGRAMME\MYIE2\config/blacklist.htm
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
Mach anschliessend einen kompletten eScan poste das Ergebnis mit Hilfe der "find.bat" (alles in der Anleitung beschrieben!)

Gruß
Daniel

EDIT: Sorry Rene-gad ...:rolleyes:


Alle Zeitangaben in WEZ +1. Es ist jetzt 13:06 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131