RuFFnecK Geschrieben 9. Juni 2006 Geschrieben 9. Juni 2006 Hi, ich hab das gefühl, dass ich auf meinem Rechner irgendwas drauf hab, was da nicht hingehört. Internet setzt hin und wieder mal aus. In meinem Router Log steht dieses hier: 2006/06/09 20:52:57 : **TCP SYN Flooding** from 80.142.110.58 2006/06/09 20:52:55 : **TCP SYN Flooding** from 192.168.0.9 2006/06/09 20:52:54 : **TCP SYN Flooding** from 192.168.0.9 2006/06/09 04:40:10 : **TCP SYN Flooding** from 172.177.98.214 2006/06/09 04:39:50 : **TCP SYN Flooding** from 192.168.0.9 2006/06/09 04:39:30 : **TCP SYN Flooding** from 172.179.218.32 2006/06/09 04:39:18 : **TCP SYN Flooding** from 192.168.0.9 2006/06/09 04:39:08 : **TCP SYN Flooding** from 192.168.0.9 2006/06/09 04:39:02 : **TCP SYN Flooding** from 192.168.0.9 2006/06/09 04:38:59 : **TCP SYN Flooding** from 192.168.0.9 2006/06/09 04:38:58 : **TCP SYN Flooding** from 192.168.0.9 2006/06/09 04:38:54 : **TCP SYN Flooding** from 192.168.0.9 2006/06/09 04:38:52 : **TCP SYN Flooding** from 192.168.0.9 2006/06/09 04:38:51 : **TCP SYN Flooding** from 192.168.0.9 2006/06/09 04:38:41 : **TCP SYN Flooding** from 192.168.0.9 2006/06/09 04:38:32 : **TCP SYN Flooding** from 192.168.0.9 2006/06/09 04:38:31 : **TCP SYN Flooding** from 192.168.0.9 2006/06/09 04:38:29 : **TCP SYN Flooding** from 192.168.0.9 2006/06/09 04:30:57 : **TCP SYN Flooding** from 192.168.0.9 2006/06/09 04:30:55 : **TCP SYN Flooding** from 192.168.0.9 2006/06/09 04:30:54 : **TCP SYN Flooding** from 192.168.0.9 2006/06/09 04:30:14 : **TCP SYN Flooding** from 192.168.0.9 2006/06/09 04:30:05 : **TCP SYN Flooding** from 84.182.247.18 2006/06/09 04:30:04 : **TCP SYN Flooding** from 62.104.90.105 2006/06/09 04:30:03 : **TCP SYN Flooding** from 192.168.0.9 2006/06/09 04:28:14 : **TCP SYN Flooding** from 84.73.240.39 2006/06/09 04:27:54 : **TCP SYN Flooding** from 192.168.0.9 2006/06/09 04:27:47 : **TCP SYN Flooding** from 192.168.0.9 2006/06/09 04:27:37 : **TCP SYN Flooding** from 192.168.0.9 Versucht da mein Rechner irgendwelche Pakete in der Gegend rum zu schicken? Ein Log von HighJackthis hab ich auch mal auswerten lassen, allerdings wurde nichts besonderes gefunden. Hier ist es trotzdem mal: Logfile of HijackThis v1.99.1 Scan saved at 14:06:13, on 09.06.2006 Platform: Windows 2003 SP1 (WinNT 5.02.3790) MSIE: Internet Explorer v6.00 SP1 (6.00.3790.1830) Running processes: D:\Security\AVast\aswUpdSv.exe D:\Security\AVast\ashServ.exe D:\VMWare\vmware-authd.exe C:\Program Files (x86)\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe C:\WINDOWS\SysWOW64\vmnat.exe C:\WINDOWS\SysWOW64\vmnetdhcp.exe D:\Security\AVast\ashWebSv.exe C:\Program Files (x86)\NVIDIA Corporation\NvMixer\NVMixerTray.exe C:\WINDOWS\SysWOW64\ctfmon.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\cli.exe C:\Program Files (x86)\Java\jre1.5.0_06\bin\jusched.exe D:\Media\Winamp\winampa.exe D:\Internet\ICQLite\ICQLite.exe D:\Security\AVast\ashDisp.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\cli.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\cli.exe C:\WINDOWS\SysWOW64\javaw.exe D:\Security\AD-AWA~1\Ad-Aware.exe D:\Media\Winamp\winamp.exe G:\Backup Notebook\Daten\Eigene Dateien\hijackthis_199\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://update.microsoft.com/ F2 - REG:system.ini: UserInit=userinit O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Tools\Adobe\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.5.0_06\bin\ssv.dll O4 - HKLM\..\Run: [ATICCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Java\jre1.5.0_06\bin\jusched.exe" O4 - HKLM\..\Run: [WinampAgent] D:\Media\Winamp\winampa.exe O4 - HKLM\..\Run: [iCQ Lite] "D:\Internet\ICQLite\ICQLite.exe" -minimize O4 - HKLM\..\Run: [avast!] D:\Security\AVast\ashDisp.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\RunOnce: [iCQ Lite] D:\Internet\ICQLite\ICQLite.exe -trayboot O4 - Startup: Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\Internet\ICQLite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\Internet\ICQLite\ICQLite.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Klicke hier um das Projekt xp-AntiSpy zu unterstützen - {0e921e80-267a-42aa-aee4-60b9a1222a44} - D:\Tools\xp-AntiSpy\sponsoring\sponsor.html (HKCU) O9 - Extra 'Tools' menuitem: Unterstützung für xp-AntiSpy - {0e921e80-267a-42aa-aee4-60b9a1222a44} - D:\Tools\xp-AntiSpy\sponsoring\sponsor.html (HKCU) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1147383769230 O17 - HKLM\System\CCS\Services\Tcpip\..\{BE8200DB-9551-4169-9030-2FFA6E23A1B0}: NameServer = 192.168.0.1 O20 - Winlogon Notify: dimsntfy - C:\WINDOWS\SYSTEM32\dimsntfy.dll O20 - Winlogon Notify: EFS - C:\WINDOWS\SYSTEM32\sclgntfy.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - D:\Security\AVast\aswUpdSv.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe (file missing) O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2saag.exe O23 - Service: avast! Antivirus - Unknown owner - D:\Security\AVast\ashServ.exe O23 - Service: avast! Web Scanner - Unknown owner - D:\Security\AVast\ashWebSv.exe" /service (file missing) O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe (file missing) O23 - Service: Event Log (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe (file missing) O23 - Service: HTTP SSL (HTTPFilter) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: Imapi Helper - Alex Feinman - D:\CD-Tools\ISO-Recorder\ImapiHelper.exe O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe (file missing) O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files (x86)\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: Distributed Transaction Coordinator (MSDTC) - Unknown owner - C:\WINDOWS\system32\msdtc.exe (file missing) O23 - Service: Net Logon (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: NT LM Security Support Provider (NtLmSsp) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Plug and Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe (file missing) O23 - Service: IPSEC Services (PolicyAgent) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Protected Storage (ProtectedStorage) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Remote Desktop Help Session Manager (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe (file missing) O23 - Service: Security Accounts Manager (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Virtual Disk Service (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - D:\VMWare\vmware-authd.exe O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe (file missing) O23 - Service: WMI Performance Adapter (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe (file missing) Danke Zitieren
Empfohlene Beiträge
Dein Kommentar
Du kannst jetzt schreiben und Dich später registrieren. Wenn Du ein Konto hast, melde Dich jetzt an, um unter Deinem Benutzernamen zu schreiben.