Hallo ihr lieben
und insbesondere der Allmächtige
GUA der Guru
P.S.: Danke für die völlig unnötige und übertriebene Verwarnung
Kann mir jemand oder insbesondere der Obermeister GUA erklähren
was die Zeile O20 - AppInit_DLLs zu bedeuten hat!?
PHP-Code:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:45:48, on 13.06.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\HPT\HighPoint Storage Management Software\service\hptsvr.exe
C:\WINDOWS\system32\MSTMON_N.EXE
C:\Programme\Typhoon\Browser Mouse\1.0\lwbwheel.exe
C:\Programme\HPT\HighPoint Storage Management Software\service\drvinst.exe
C:\Programme\Unlocker\UnlockerAssistant.exe
C:\Programme\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\AutoSizer\AutoSizer.exe
C:\Programme\Star Downloader\stardown.exe
C:\Programme\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
C:\D-Link\AirPlusG+\AIRPLUS.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Programme\Microsoft Office\Office\1031\OLFSNT40.EXE
C:\Programme\Hardcopy\hardcopy.exe
C:\Programme\LanSpeed2\LanSpeed2.exe
C:\Programme\Trend Micro\HijackThis\HijackThis.exe
C:\Programme\Internet Explorer\iexplore.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - C:\PROGRA~1\STARDO~1\SDIEInt.dll
O4 - HKLM\..\Run: [KONICA MINOLTA PagePro 1300WStatusDisplay] C:\WINDOWS\system32\MSTMON_N.EXE
O4 - HKLM\..\Run: [LWBMOUSE] C:\Programme\Typhoon\Browser Mouse\1.0\lwbwheel.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Programme\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [tciocp64] C:\WINDOWS\tciocp64.exe
O4 - HKLM\..\Run: [WINSvr64] C:\WINDOWS\WINSvr64.exe
O4 - HKLM\..\Run: [fmbiost] C:\WINDOWS\fmbiost.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AutoSizer] "C:\Programme\AutoSizer\AutoSizer.exe"
O4 - HKCU\..\Run: [xrt_Shell] C:\Dokumente und Einstellungen\Administrator\xrt_joeh.exe
O4 - HKCU\..\Run: [Star Downloader Free] C:\Programme\Star Downloader\stardown.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Hardcopy.LNK = C:\Programme\Hardcopy\hardcopy.exe
O4 - Startup: LanSpeed2.lnk = ?
O4 - Global Startup: Acrobat Assistant.lnk = C:\Programme\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O4 - Global Startup: D-Link AirPlus G+ Wireless Utility.lnk = C:\D-Link\AirPlusG+\AIRPLUS.exe
O4 - Global Startup: Erinnerungen für Microsoft Works-Kalender.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Symantec Fax Starter Edition-Anschluss.lnk = C:\Programme\Microsoft Office\Office\1031\OLFSNT40.EXE
O8 - Extra context menu item: Download with Star Downloader - C:\Programme\Star Downloader\sdie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {EC0403E0-9158-4CF8-A2B6-3C62C3B9B6B7} (CCAOControl Object) - https://my.xxxxx.com/CitrixLogonPoint/WebInterface/EPAClient/EPAClient.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{F939053D-9375-4F3E-A221-1D3013175E1D}: NameServer = 192.168.5.5
[B]O20 - AppInit_DLLs: nmyckf.dll,fmsiocps.dll,vtgiuw.dll,zhmsdm.dll,jjgyft.dll,gjjyxa.dll,kautse.dll,ngiorg.dll,ntftdc.dll,knkjml.dll,tsuyja.dll,vxzbjf.dll,shknoy.dll,okilok.dll,rmbyli.dll,napnpu.dll,iwjrss.dll,wipicdec.dll,gsdleq.dll,kyqrrs.dll,hxpvru.dll,uvotkc.dll,msosdohs00.dll,msosjtio01.dll,msosfmsq01.dll,msosping00.dll,msosmnsf00.dll,msosptfs00.dll,msoscqit01.dll,msosdrop01.dll,nicozftp01.dll,msosmhfp01.dll,lufieh.dll,kvzrpd.dll,ipknaj.dll,oyjppy.dll,omeovf.dll,zuyjcf.dll,yrizwq.dll,naqnrp.dll,qmmqtz.dll,ihtpfq.dll,jssleh.dll,izhfkx.dll,ooqjwx.dll,pjdkzz.dll,ewgjfd.dll[/B]O23 - Service: HighPoint Storage Management Service (hptsvr) - Unknown owner - C:\Programme\HPT\HighPoint Storage Management Software\service\hptsvr.exe
--
End of file - 5437 bytes