Bitte um Überprüfung

shocker79 · 10.06.2005, 22:24

Hallo Leute,

habe soeben folgendes Logfile erstellt. Meine Probleme sien Win XP Login nach eingabe von Passwort passiert eine Minute nichts. WLAN und BT sind aus. Ins Internet gehe ich über eine UMTS Karte Verbindung steht aber es dauert 50 sec. bis Daten meiner Anfrage (aufruf einer Webseite z.B. google) gesendet werden. Außerdem bekomme ich werbe Popups This is ad... und werbepopups von doubleclick. Ad Aware habe ich aktuell und drüberlaufen lassen. findet nur cocies spybot ver.1.4 findet was bereinigt es und hat es beim nächten booten wieder. Bitte helft mir... Im HijackThis ver. 1.99 finde ich nichts auffälliges...

Logfile of HijackThis v1.99.1
Scan saved at 22:36:46, on 10.06.2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WIN\System32\smss.exe
C:\WIN\system32\winlogon.exe
C:\WIN\system32\services.exe
C:\WIN\system32\lsass.exe
C:\WIN\system32\svchost.exe
C:\WIN\System32\svchost.exe
C:\WIN\system32\spoolsv.exe
C:\Program Files\Fujitsu Siemens\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\DeskView\SMSAgent\SMSAgent.exe
C:\PROGRA~1\DeskView\DNAgent\DNAgent.Exe
D:\Programme\Scout NG\ELUXD.exe
C:\Program Files\NetWorker Laptop\OLlaunch.exe
C:\WIN\System32\logonuser.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\OfficeScan NT\ntrtscan.exe
C:\WIN\Explorer.EXE
C:\Program Files\OfficeScan NT\OfcPfwSvc.exe
C:\Program Files\NetWorker Laptop\OLRegCap.EXE
C:\Program Files\OfficeScan NT\tmlisten.exe
C:\WIN\System32\CCM\CcmExec.exe
C:\WIN\TEMP\TN8B70.EXE
C:\WIN\System32\msiexec.exe
C:\WIN\System32\igfxtray.exe
C:\WIN\System32\hkcmd.exe
C:\WIN\AGRSMMSG.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\OfficeScan NT\pccntmon.exe
C:\WIN\system32\userinit.exe
D:\Programme\iTouch\iTouch\iTouch.exe
C:\WIN\Logi_MwX.Exe
D:\programme\QuickTime6\qttask.exe
D:\PROGRA~1\ACDSee\DEVDET~1\DEVDET~1.EXE
C:\Program Files\Intuwave\Shared\mRouterRunTime\mRouterConfig.exe
C:\Program Files\Intuwave\Shared\mRouterRunTime\mRouterRuntime.exe
C:\Program Files\Support.com\bin\tgcmd.exe
C:\WIN\switpa.exe
C:\Program Files\T-Mobile\Communication Center\AutoUpdateSrv.exe
C:\WIN\System32\ctfmon.exe
C:\WIN\AntSwitch.exe
C:\Program Files\Fujitsu Siemens\Bluetooth Software\BTTray.exe
C:\Program Files\DeTeWe\TA 33 USB\Capictrl.exe
C:\Program Files\Cisco Systems\VPN Client\vpngui.exe
C:\Program Files\winzip\WZQKPICK.EXE
C:\Program Files\NetWorker Laptop\OLSysTray.exe
D:\Programme\Messenger\ymsgr_tray.exe
C:\PROGRA~1\WINZIP\winzip32.exe
D:\temp\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://my.fsc.net/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://proxyconf.fsc.net/xstop.pac
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 172.25.80.198:81
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WIN\System32\msdxm.ocx
O4 - HKLM\..\Run: [IgfxTray] C:\WIN\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WIN\System32\hkcmd.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [SchedulingAgent] mstinit.exe /firstlogon
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [cryptoex] C:\Program Files\CryptoEx Security Suite\cex_t.exe
O4 - HKLM\..\Run: [IO-Monitor] "C:\Program Files\OfficeScan NT\pccntmon.exe" -HideWindow
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WIN\system32\NeroCheck.exe
O4 - HKLM\..\Run: [zBrowser Launcher] D:\Programme\iTouch\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [QuickTime Task] "D:\programme\QuickTime6\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Camera Detector] D:\PROGRA~1\ACDSee\DEVDET~1\DEVDET~1.EXE -autorun
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [mRouterConfig] C:\Program Files\Intuwave\Shared\mRouterRunTime\mRouterConfig.exe
O4 - HKLM\..\Run: [routcnf] C:\Program Files\DeTeWe\TA 33 USB\routcnf.exe
O4 - HKLM\..\Run: [tgcmd] "C:\Program Files\Support.com\bin\tgcmd.exe" /server /startmonitor
O4 - HKLM\..\Run: [switp] C:\WIN\switpa.exe
O4 - HKLM\..\Run: [Connect Update Agent] "C:\Program Files\T-Mobile\Communication Center\AutoUpdateSrv.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WIN\System32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] D:\Programme\Messenger\ypager.exe -quiet
O4 - Startup: Legato TaskBar Icon.LNK = C:\Program Files\NetWorker Laptop\OLSysTray.exe
O4 - Global Startup: AntSwitch.lnk = C:\WIN\AntSwitch.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: CAPIControl.lnk = ?
O4 - Global Startup: Cisco Systems VPN Client.lnk = C:\Program Files\Cisco Systems\VPN Client\vpngui.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\winzip\WZQKPICK.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Senden an &Bluetooth - C:\Program Files\Fujitsu Siemens\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ 4.1 - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Fujitsu Siemens\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Fujitsu Siemens\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - D:\PROGRA~1\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - D:\PROGRA~1\MESSEN~1\YPager.exe
O14 - IERESET.INF: START_PAGE_URL=http://my.fsc.net/
O15 - Trusted Zone: fujitsu-siemens.amdahl-autinform.de
O15 - Trusted Zone: *.bahn.de
O15 - Trusted Zone: v7.e-tmm.com
O15 - Trusted Zone: http://service.fsc.net
O15 - Trusted Zone: ecrm.fujitsu-siemens.com
O15 - Trusted Zone: ecrm.fujitsu-siemes.com
O15 - Trusted Zone: components.viewpoint.com
O15 - Trusted Zone: fujitsu-siemens.webex.com
O15 - Trusted Zone: www.wwworkplace.com
O15 - Trusted Zone: fujitsu-siemens.amdahl-autinform.de (HKLM)
O15 - Trusted Zone: *.bahn.de (HKLM)
O15 - Trusted Zone: ecrm.fujitsu-siemes.com (HKLM)
O15 - Trusted Zone: components.viewpoint.com (HKLM)
O15 - Trusted Zone: fujitsu-siemens.webex.com (HKLM)
O15 - Trusted Zone: www.wwworkplace.com (HKLM)
O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab
O16 - DPF: {01111F00-3E00-11D2-8470-0060089874ED} (Support.com Installer) - http://abgzsu1a.abg.fsc.net/sdccommon/download/tgctlins.cab
O16 - DPF: {11D856F0-5660-4371-B131-C71A44F4E73E} (Microsoft ActiveX Upload Control, version 1.5) - http://service.fsc.net/supportassistent/files/flupl.cab
O16 - DPF: {18B51E93-4F69-4601-87AB-36B477DB8AB1} (Siebel Option Pack for IE 7.5.3) - http://erm.fsc.net/erm_deu/16186/applets/SiebelOptionPack.cab
O16 - DPF: {1EEBFE70-1CE8-11D6-8C81-00D0B7E72554} (MailClient Class) - http://ecrm.fujitsu-siemens.com/fsc_ecrm_deu/16161/applets/SiebExtMailClient.cab
O16 - DPF: {253A9D23-F982-11D4-8BE4-00D0B7E61414} (SiebelHTMLApplication Class) - http://ecrm.fujitsu-siemens.com/fsc_ecrm_deu/16161/applets/siebelhtml.cab
O16 - DPF: {3BE05871-C708-4F28-94FF-12E5F82DE085} (Siebel Option Pack for IE 7.5.3) - http://ecrm.fujitsu-siemens.com/fsc_ecrm_deu/16192/applets/SiebelOptionPack.cab
O16 - DPF: {84147158-773D-4E89-AAEF-561EC76DA3DC} (Siebel Option Pack for IE 7.5.3) - http://ecrm.fujitsu-siemens.com/fsc_ecrm_deu/16192/applets/SiebelOptionPack.cab
O16 - DPF: {886E7BF0-C867-11CF-B1AE-00AA00A3F2C3} - http://service.fsc.net/supportassistent/files/flupl.cab
O16 - DPF: {8E4D45F6-244E-499A-9E93-1E7510A975FB} (Siebel Option Pack for IE 7.5.3) - http://ecrm.fujitsu-siemens.com/fsc_ecrm_deu/16161/applets/SiebelOptionPack.cab
O16 - DPF: {8F4F3368-54CA-4268-8225-0F4367472CF4} (MailClient Class) - http://ecrm.fujitsu-siemens.com/fsc_ecrm_deu/16192/applets/SiebExtMailClient.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://fujitsu-siemens.webex.com/client/latest/webex/ieatgpc.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = hvr.fsc.net
O17 - HKLM\Software\..\Telephony: DomainName = hvr.fsc.net
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = hvr.fsc.net
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = hvr.fsc.net
O18 - Protocol: t-mobile - {C6D89159-3467-4C2F-9918-3362DA57BCD2} - C:\PROGRA~1\T-Mobile\HOTSPO~1\TMOBIL~1.DLL
O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WIN\System32\BTXPPA~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WIN\SYSTEM32\igfxsrvc.dll
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\Fujitsu Siemens\Bluetooth Software\bin\btwdins.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: DeskView Data Provider (DataProv) - Fujitsu Siemens Computers - C:\Program Files\DeskView\SMSAgent\SMSAgent.exe
O23 - Service: DeskView Agent - Fujitsu Siemens Computers - C:\PROGRA~1\DeskView\DNAgent\DNAgent.Exe
O23 - Service: Scout NG - Server (ELUXD) - UniCon Software - D:\Programme\Scout NG\ELUXD.exe
O23 - Service: Legato NetWorker Laptop Launcher (LegatoLauncher) - Legato Systems, Inc. - C:\Program Files\NetWorker Laptop\OLlaunch.exe
O23 - Service: License Management Service ESD - element5 - C:\Program Files\Common Files\element5 Shared\Service\Licence Manager ESD.exe
O23 - Service: Logon User Service (LogonUserService) - Guardeonic Solutions AG - C:\WIN\System32\logonuser.exe
O23 - Service: DeskView MT Alerting Service (MTAlerting) - Fujitsu Siemens Computers - C:\PROGRA~1\DeskView\DVCC\MTALER~1.EXE
O23 - Service: OfficeScan RealTime Scan (ntrtscan) - Trend Micro Inc. - C:\Program Files\OfficeScan NT\ntrtscan.exe
O23 - Service: OfficeScanNT Personal Firewall (OfcPfwSvc) - Trend Micro Inc. - C:\Program Files\OfficeScan NT\OfcPfwSvc.exe
O23 - Service: Networker Laptop RegCap (OLRegCap) - Legato Systems, Inc. - C:\Program Files\NetWorker Laptop\OLRegCap.EXE
O23 - Service: OfficeScan Listener (tmlisten) - Trend Micro Inc. - C:\Program Files\OfficeScan NT\tmlisten.exe

Vielen Dank für eure Hilfe!!!
_____________
Anm.
Aktive Links editiert!
Beachte zukünftig die Hinweise dieser Anleitung: HiJackThis.

LG Cidre
S-Mod TB

Bitte um Überprüfung

Log-Analyse und Auswertung: Bitte um Überprüfung

Bitte um Überprüfung

Ähnliche Themen: Bitte um Überprüfung