| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Ist hier ein prozess verdächtig...?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
| |
12.08.2009, 22:26
| #1 |
| |  Ist hier ein prozess verdächtig...? J:\Program Files\Alwil Software\Avast4\aswUpdSv.exe J:\Program Files\Alwil Software\Avast4\ashServ.exe I:\WINDOWS\RTHDCPL.EXE J:\PROGRA~2\ALWILS~1\Avast4\ashDisp.exe I:\Program Files (x86)\MSN Messenger\usnsvc.exe I:\Program Files (x86)\MSN Messenger\msnmsgr.exe I:\Documents and Settings\Administrator\Desktop\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = F2 - REG:system.ini: UserInit=userinit O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - I:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - I:\Program Files (x86)\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [IMJPMIG8.1] "I:\WINDOWS\IME (x86)\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] I:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] I:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [avast!] J:\PROGRA~2\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [MsnMsgr] "I:\Program Files (x86)\MSN Messenger\MsnMsgr.Exe" /background O4 - Startup: ERUNT AutoBackup.lnk = I:\Program Files (x86)\ERUNT\AUTOBACK.EXE O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O11 - Options group: [INTERNATIONAL] International O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - I:\PROGRA~2\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - I:\PROGRA~2\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: dimsntfy - I:\WINDOWS\SYSTEM32\dimsntfy.dll O20 - Winlogon Notify: EFS - I:\WINDOWS\SYSTEM32\sclgntfy.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - J:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - J:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - Unknown owner - I:\WINDOWS\System32\dmadmin.exe (file missing) O23 - Service: Event Log (Eventlog) - Unknown owner - I:\WINDOWS\system32\services.exe (file missing) O23 - Service: HTTP SSL (HTTPFilter) - Unknown owner - I:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Unknown owner - I:\WINDOWS\system32\imapi.exe (file missing) O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - I:\Program Files (x86)\Java\jre6\bin\jqs.exe" -service -config "I:\Program Files (x86)\Java\jre6\lib\deploy\jqs\jqs.conf (file missing) O23 - Service: Distributed Transaction Coordinator (MSDTC) - Unknown owner - I:\WINDOWS\system32\msdtc.exe (file missing) O23 - Service: Net Logon (Netlogon) - Unknown owner - I:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: NMSAccessU - Unknown owner - I:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe O23 - Service: NT LM Security Support Provider (NtLmSsp) - Unknown owner - I:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - I:\WINDOWS\system32\nvsvc64.exe (file missing) O23 - Service: Plug and Play (PlugPlay) - Unknown owner - I:\WINDOWS\system32\services.exe (file missing) O23 - Service: IPSEC Services (PolicyAgent) - Unknown owner - I:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Protected Storage (ProtectedStorage) - Unknown owner - I:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Remote Desktop Help Session Manager (RDSessMgr) - Unknown owner - (no file) O23 - Service: Security Accounts Manager (SamSs) - Unknown owner - I:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Virtual Disk Service (vds) - Unknown owner - I:\WINDOWS\System32\vds.exe (file missing) O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - I:\WINDOWS\System32\vssvc.exe (file missing) O23 - Service: WMI Performance Adapter (WmiApSrv) - Unknown owner - (no file) |
|
| Themen zu Ist hier ein prozess verdächtig...? |
| einfach, frage, fragen, prozess, verdächtiger prozess |
Hybrid-Darstellung
