pop ups + Trojan.Liewar.p |
||
|---|---|---|
| #0
| ||
|
23.10.2005, 14:23
...neu hier
Beiträge: 1 |
||
 
|
|
|
|
24.10.2005, 14:42
Ehrenmitglied
 Beiträge: 29434 |
#2
docjay
Hijacker about:blank - se.dll\sp.html-->scanne http://www.trojaner-info.de/anleitungen/hijackthis/about_blank.html #öffne das HijackThis-->> Button "scan" -->> Häkchen setzen -->> Button "Fix checked" -->> PC neustarten R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://F:\DOKUME~1\Jakob\LOKALE~1\Temp\se.dll/space.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://F:\DOKUME~1\Jakob\LOKALE~1\Temp\se.dll/space.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank O2 - BHO: (no name) - {05BB79BF-0E72-43DC-9D35-7BDE010157AD} - F:\WINDOWS\System32\enhk.dll O4 - HKLM\..\Run: [ncgrsnfewwsw] F:\WINDOWS\System32\zbqaxcx.exe O4 - HKLM\..\Run: [Multimedia extensions] mservice.exe O4 - HKLM\..\Run: [sp] rundll32 F:\DOKUME~1\Jakob\LOKALE~1\Temp\se.dll,DllInstall O4 - HKLM\..\Run: [Microsoft Internet Acceleration Utility] iau.exe O4 - HKLM\..\Run: [Internet Connection Wizard] stisvsq.exe O4 - HKLM\..\Run: [Games Acceleration] svshost.exe O4 - HKLM\..\Run: [Internet Mail and News] msqdevl.exe O4 - HKLM\..\Run: [Microsoft Management Console] lssas.exe O4 - HKCU\..\Run: [Microsoft Management Console] lssas.exe O4 - HKCU\..\Run: [Multimedia extensions] mservice.exe O4 - HKCU\..\Run: [Neto] F:\Programme\ruth\hosc.exe O4 - HKCU\..\Run: [Microsoft Internet Acceleration Utility] iau.exe O4 - HKCU\..\Run: [Internet Connection Wizard] stisvsq.exe O4 - HKCU\..\Run: [Games Acceleration] svshost.exe O4 - HKCU\..\Run: [Internet Mail and News] msqdevl.exe O18 - Filter: text/html - {26FCCD4F-BEE3-4256-A726-0C085638BE0E} - F:\WINDOWS\System32\enhk.dll O18 - Filter: text/plain - {26FCCD4F-BEE3-4256-A726-0C085638BE0E} - F:\WINDOWS\System32\enhk.dll PC neustarten CCleaner (loesche alle temporaeren Dateien) http://virus-protect.org/temp.html kopiere die 4 Logs (3 Monate vom Datum her genuegen) http://virus-protect.org/datfindbat.html winpfind http://virus-protect.org/winpfind.html ------------------------------------------------------------------ Info:Trojan.Liewar.p http://virus-protect.org/artikel/spyware/liewar.html __________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!
bitte erst » hier kostenlos registrieren!!
Folgende Themen könnten Dich auch interessieren:
Seite(n): 1
Copyright © 2024, Protecus.de - Protecus Team - Impressum / Mediadaten
http://s13.havy.biz/open_console_out.php?n=3&pin=479
meine frage ist wie bekomme ich dieses misst ding weg ? ... habs schon mit ad-aware und spybot versucht (upgedatete versionen) und bisschen mit dem hijackthis programm rumgespielt ohne erfolg .kann mir da jemand weiterhelfen ? .
thx im vorraus. (by the way wäre nett wenn man ne mir ne beschreibung für Idoit machen könnte weil ich dazu was pcees und anwendungen angeht absolut gehöre.
Logfile of HijackThis v1.99.1
Scan saved at 14:45:05, on 23.10.2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)
Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\spoolsv.exe
F:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe
F:\WINDOWS\System32\nvsvc32.exe
F:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\Explorer.EXE
C:\Programme\Logitech\iTouch\iTouch.exe
F:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe
F:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
C:\Programme\Logitech\MouseWare\system\em_exec.exe
F:\Programme\QuickTime\qttask.exe
F:\WINDOWS\System32\rundll32.exe
C:\Programme\Sonique\sqstart.exe
F:\Programme\AOL 9.0\waol.exe
F:\Programme\AOL 9.0\shellmon.exe
F:\Programme\Gemeinsame Dateien\Aol\aoltpspd.exe
F:\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://F:\DOKUME~1\Jakob\LOKALE~1\Temp\se.dll/space.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.aol.de/e60/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://F:\DOKUME~1\Jakob\LOKALE~1\Temp\se.dll/space.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer bereitgestellt von AOL
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
O2 - BHO: (no name) - {05BB79BF-0E72-43DC-9D35-7BDE010157AD} - F:\WINDOWS\System32\enhk.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - F:\Programme\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - F:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Programme\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\java2\bin\jusched.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [AOLDialer] F:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE F:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [TkBellExe] "F:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ncgrsnfewwsw] F:\WINDOWS\System32\zbqaxcx.exe
O4 - HKLM\..\Run: [Multimedia extensions] mservice.exe
O4 - HKLM\..\Run: [ICQ Lite] F:\Programme\ICQLite\ICQLite.exe -minimize
O4 - HKLM\..\Run: [DAEMON Tools-1033] "F:\Programme\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [QuickTime Task] "F:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [sp] rundll32 F:\DOKUME~1\Jakob\LOKALE~1\Temp\se.dll,DllInstall
O4 - HKLM\..\Run: [Microsoft Internet Acceleration Utility] iau.exe
O4 - HKLM\..\Run: [Internet Connection Wizard] stisvsq.exe
O4 - HKLM\..\Run: [Games Acceleration] svshost.exe
O4 - HKLM\..\Run: [Internet Mail and News] msqdevl.exe
O4 - HKLM\..\Run: [Microsoft Management Console] lssas.exe
O4 - HKCU\..\Run: [Microsoft Management Console] lssas.exe
O4 - HKCU\..\Run: [Multimedia extensions] mservice.exe
O4 - HKCU\..\Run: [Neto] F:\Programme\ruth\hosc.exe
O4 - HKCU\..\Run: [Microsoft Internet Acceleration Utility] iau.exe
O4 - HKCU\..\Run: [Internet Connection Wizard] stisvsq.exe
O4 - HKCU\..\Run: [Games Acceleration] svshost.exe
O4 - HKCU\..\Run: [Internet Mail and News] msqdevl.exe
O4 - HKCU\..\RunOnce: [ICQ Lite] F:\Programme\ICQLite\ICQLite.exe -trayboot
O4 - Global Startup: Adobe Gamma Loader.lnk = F:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: Shorten URL - http://www.cjb.net/menuext.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\java2\bin\npjpi142_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\java2\bin\npjpi142_04.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - F:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - F:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - F:\PROGRA~1\yahoo\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - F:\PROGRA~1\yahoo\MESSEN~1\YPager.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Programme\Messenger\MSMSGS.EXE (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Programme\Messenger\MSMSGS.EXE (file missing)
O14 - IERESET.INF: START_PAGE_URL=http://www.aol.de/e60/
O16 - DPF: {18CD2FD8-81CE-44C3-99E1-0822E1C7116C} (EARTPatch8X Class) - http://files.ea.com/downloads/rtpatch/v4/EARTP8X.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/11d84a80b82cf8c87105/netzip/RdxIE601.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/autocomplete.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{41F1346C-4C8D-4711-BABF-B45F64261532}: NameServer = 205.188.146.145
O18 - Filter: text/html - {26FCCD4F-BEE3-4256-A726-0C085638BE0E} - F:\WINDOWS\System32\enhk.dll
O18 - Filter: text/plain - {26FCCD4F-BEE3-4256-A726-0C085638BE0E} - F:\WINDOWS\System32\enhk.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - F:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe
O23 - Service: iPod Service (iPodService) - Unknown owner - F:\Programme\iPod\bin\iPodService.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - F:\WINDOWS\System32\nvsvc32.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - F:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe