Computerhilfen.de Logo
Forum
Tipps
News

Highjack Log auswerten

Wer kann mir helfen, das nachfolgende Log richtig auszuwerten?
Logfile of HijackThis v1.98.2
Scan saved at 11:13:11, on 10/17/2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVPersonal\AVGNT.EXE
C:\Program Files\Windows SyncroAd\SyncroAd.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\Windows SyncroAd\WinSync.exe
C:\Program Files\0900 Alarm\0900Alarm.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AVPersonal\AVGUARD.EXE
C:\Program Files\AVPersonal\AVWUPSRV.EXE
C:\WINDOWS\system32\CTsvcCDA.exe
C:\diskeeper\DKService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\System32\Fast.exe
C:\Program Files\1&1 Internet\Profi-Dialer\ProfiDialer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\WebWasher\wwasher.exe
C:\Documents and Settings\UCJunker\Desktop\Downloads\Highjack\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
O2 - BHO: LocalNRDObj Class - {00320615-B6C2-40A6-8F99-F1C52D674FAD} - C:\WINDOWS\localNRD.dll
O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Idea2 SidebarBrowserMonitor Class - {45AD732C-2CE2-4666-B366-B2214AD57A49} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: My &Search Bar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [AVGCtrl] C:\Program Files\AVPersonal\AVGNT.EXE /min
O4 - HKLM\..\Run: [Windows SyncroAd] C:\Program Files\Windows SyncroAd\SyncroAd.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\RunServices: [Microsoft DirectX] time123.exe
O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [0900 Alarm] C:\Program Files\0900 Alarm\0900Alarm.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Download with Go!Zilla - file://C:\Program Files\Go!Zilla\download-with-gozilla.html
O8 - Extra context menu item: Im Cache gespeicherte Seite - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Verweisseiten - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Zur Filterliste hinzufügen (WebWasher) - http://-Web.Washer-/ie_add
O8 - Extra context menu item: Ähnliche Seiten - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra button: Preispiraten 2.1.1 - {86DE8B3B-1EB7-4386-84BD-EBE94348A913} - C:\Program Files\Preispiraten\Preispiraten2\preispiraten2ie.exe
O9 - Extra button: concept/design's onlineTV - {A592E0F5-EDA8-449E-9B7A-D90F9DBE4538} - C:\Program Files\onlineTV\onlineTV.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/SU/ocx/12119/CTSUEng.cab
O16 - DPF: {11260943-421B-11D0-8EAC-012609430000} - http://www.ipix-i.com/download/ipixx.cab
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windupdates.com/get_file.php?bt=ie&p=81a20e2d4daf862b581047e8e0c24e8effd07b128e225c91fe269f1e3e53b395f49377f8e3605dd230f34a38bc2fbef0a2d6fd6f14c38aff842869220dcf:31e1e886df05c54f80cdc9defbb7eddc
O16 - DPF: {C1BAC744-8F0B-11D0-89E7-00C0A8295197} (Cameractl Class) - http://www.crtvg.es/camweb/camera.cab
O16 - DPF: {F54C1137-5E34-4B95-95A5-BA56D4D8D743} (Secure Delivery) - http://www.gamespot.com/KDX22/download/kdx.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/SU/ocx/15008/CTPID.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{8BB1C836-1AD1-4274-874C-CECCAFAE7611}: NameServer = 217.237.150.141 217.237.150.97



Antworten zu Highjack Log auswerten:

Hat dir diese Antwort geholfen?

Danke ButtonHilfreiche Antwort Button

Hallo, die automatische Auswertung auf der Site:
http://www.hijackthis.de/
zeigt das:

 C:\Program Files\Windows SyncroAd\SyncroAd.exe    
Nasty   running process. (SyncroAd.exe)
Windows SyncroAd SyncroAd.exe   This is a nasty process! You should fix it and try to delete it manually!
(fixen)

 C:\Program Files\Windows SyncroAd\WinSync.exe    
Nasty   running process. (WinSync.exe)
Windows SyncroAd WinSync.exe   This is a nasty process! You should fix it and try to delete it manually!
(fixen)

 O2 - BHO: LocalNRDObj Class - {00320615-B6C2-40A6-8F99-F1C52D674FAD} -
C:\WINDOWS\localNRD.dll    
Nasty   Entries found in this registry zone are potentially nasty. This application ([00320615-B6C2-40A6-8F99-F1C52D674FAD] - Result: 00320615-B6C2-40A6-8F99-F1C52D674FAD) has been checked. Hit rate: 99 %   Must be fixed!
  O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - C:\Program
Files\MyWay\myBar\1.bin\MYBAR.DLL    
Nasty   Entries found in this registry zone are potentially nasty. This application ([0494D0D1-F8E0-41ad-92A3-14154ECE70AC] - Result: 0494D0D1-F8E0-41ad-92A3-14154ECE70AC) has been checked. Hit rate: 99 %   Must be fixed!
(beide fixen)

 O3 - Toolbar: My &Search Bar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} -
C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL    
Nasty   Entries found in this registry zone are potentially nasty. This application ([0494D0D9-F8E0-41ad-92A3-14154ECE70AC] - Result: 0494D0D9-F8E0-41ad-92A3-14154ECE70AC) has been checked. If the name is made up of random letters, found in the folder 'Application Data' and the kind is 'Unknown' , it should be fixed. Hit rate: 99 %   Should be fixed.
(fixen)

  O4 - HKLM\..\Run: [Windows SyncroAd] C:\Program Files\Windows
SyncroAd\SyncroAd.exe    
Nasty   The entered application Windows SyncroAd was identified: Windows SyncroAd. Hit rate: 99 % (result)   Must be fixed!
(fixen)

  O4 - HKLM\..\RunServices: [Microsoft DirectX] time123.exe    
Nasty   The entered application Microsoft DirectX was identified: Microsoft DirectX. Hit rate: 71 % (result)   Must be fixed!
(fixen)

  O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} -
http://public.windupdates.com/get_file.php?bt=ie&p=81a20e2d4daf862b581047e8e0c24e8effd07b128e225c91fe269f1e3e53b395f49377f8e3605dd230f34a38bc2fbef0a2d6fd6f14c38aff842869220dcf:31e1e886df05c54f80cdc9defbb7eddc    
Nasty   This entry is possibly nasty.   Should be fixed.
(fixen)


« Win ME: Fragt immer nach SDKQH32.DLLGroßes Internet-Problem !!! »
 

Schnelle Hilfe: Hier nach ähnlichen Fragen und passenden Tipps suchen!