| |
| |||||||
Mülltonne: Nicht löschbaren Trojaner...Windows 7 Beiträge, die gegen unsere Regeln verstoßen haben, solche, die die Welt nicht braucht oder sonstiger Müll landet hier in der Mülltonne... |
22.12.2008, 16:55
| #1 |
| |  Nicht löschbaren Trojaner... So, da ich aus diesem Board eigentlich immer wertvolle Informationen beziehen konnte lief eigenetich immer alles glatt, jedoch hab ich nu ein richtiges hartknäckiges Problem. Ich hab mir, Gott weiß wie, einen Trojaner eingefangen, und zwar wahrscheinlich den "virtualmonde" bzw"virtumonde" . hab shcon mit adaware,spybot,superantipy und wie se alle heissen verushct den losweerden, nichts klappt.. habs auch schon im Abgesicherten modus versucht, hat auch nich geklappt.. nun mal ne logfile, ihr seit meine letzte hoffnung: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:46:31, on 22.12.2008 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Windows\System32\rundll32.exe D:\Programme\Cyberlink\PowerDVD\PDVDServ.exe D:\Programme\ZoneAlarm\zlclient.exe D:\Programme\Trust Maus\StartAutorun.exe C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe D:\Programme\pdf24\PDFBackend.exe D:\Programme\Miranda SE 2.0 (Unicode)\miranda32.exe C:\Program Files\Windows Sidebar\sidebar.exe D:\Programme\Trust Maus\KMConfig.exe D:\Programme\Sophos\AutoUpdate\ALMon.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe D:\Programme\aMSN\bin\wish.exe C:\Windows\system32\conime.exe D:\Programme\Trust Maus\KMProcess.exe C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe C:\Program Files\Windows Sidebar\sidebar.exe D:\Programme\FF 3\firefox.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe D:\Programme\HiJack This\HijackThis.exe C:\Windows\system32\SearchFilterHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\ww.samsungcomputer.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = htp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = htp:\\www.samsungcomputer.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = htp:\\www.samsungcomputer.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = htp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = htp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = htp://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Sophos Web Content Scanner - {39EA7695-B3F2-4C44-A4BC-297ADA8FD235} - D:\Programme\Sophos\Sophos Anti-Virus\SophosBHO.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Programme\Java\bin\ssv.dll O2 - BHO: (no name) - {7CF48114-A08A-4B96-921A-ABB6BD0CF51C} - C:\Windows\system32\rQhFVnlk.dll (file missing) O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RemoteControl] D:\Programme\Cyberlink\PowerDVD\PDVDServ.exe O4 - HKLM\..\Run: [LanguageShortcut] D:\Programme\Cyberlink\PowerDVD\Language\Language.exe O4 - HKLM\..\Run: [ZoneAlarm Client] "D:\Programme\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [KMCONFIG] D:\Programme\Trust Maus\StartAutorun.exe KMConfig.exe O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [PDFPrint] "D:\Programme\pdf24\PDFBackend.exe" O4 - HKCU\..\Run: [miranda] D:\Programme\Miranda SE 2.0 (Unicode)\miranda32.exe O4 - HKCU\..\Run: [amsn] D:\Programme\aMSN\amsn.exe O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST') O4 - Startup: FRITZ!DSL Startcenter.lnk = D:\Programme\FRITZ DSL\StCenter.exe O4 - Startup: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = D:\Programme\OneNote2007\Office12\ONENOTEM.EXE O4 - Global Startup: AutoUpdate Monitor.lnk = D:\Programme\Sophos\AutoUpdate\ALMon.exe O4 - Global Startup: BTTray.lnk = ? O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\PROGRA~1\Java\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\PROGRA~1\Java\bin\ssv.dll O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\ONENOT~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\ONENOT~1\Office12\ONBttnIE.dll O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - D:\Programme\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - D:\Programme\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\VISIOP~1\Office12\REFIEBAR.DLL O9 - Extra button: Encarta Suchleiste - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: HP Intelligente Auswahl - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O13 - Gopher Prefix: O17 - HKLM\System\CCS\Services\Tcpip\..\{6CDA10B2-3B70-445C-AE20-88DC15AF0412}: Domain = uni-muenster.de O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: !SASWinLogon - D:\Programme\SuperAntispyware\SASWINLO.dll O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - D:\Programme\Ad-aware\aawservice.exe O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\Windows\system32\brsvc01a.exe O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - D:\Programme\Cisco\cvpnd.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: AVM IGD CTRL Service (IGDCTRL) - AVM Berlin - D:\Programme\FRITZ DSL\IGDCTRL.EXE O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - D:\Programme\Trust Maus\KMWDSrv.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\Windows\System32\LEXBCES.EXE O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: Samsung Update Plus - Unknown owner - C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe O23 - Service: Sophos Anti-Virus Statusreporter (SAVAdminService) - Sophos Plc - D:\Programme\Sophos\Sophos Anti-Virus\SAVAdminService.exe O23 - Service: Sophos Anti-Virus (SAVService) - Sophos Plc - D:\Programme\Sophos\Sophos Anti-Virus\SavService.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - D:\Programme\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - D:\Programme\Spyware Doctor\pctsSvc.exe O23 - Service: Sophos AutoUpdate Service - Sophos Plc - D:\Programme\Sophos\AutoUpdate\ALsvc.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - D:\Programme\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe -- End of file - 10632 bytes |
| Themen zu Nicht löschbaren Trojaner... |
| abgesicherten modus, ad-aware, adobe, bho, defender, dsl, explorer, hijack, hijack this, hijackthis, internet, internet explorer, logfile, maus, nvidia, registry, rundll, security, software, superantispyware, system, trojaner, trojaner eingefangen, usb, virtumonde, vista, windows, windows defender, windows sidebar |
Linear-Darstellung
