|
Habe Trojaner problem aber keine Ahnung :-o ich habe seit gestern ein riesen Trojaner Problem. Ich weiss nicht wo sie herkommen, da ich eigendlich denke ich mal recht gut geschützt bin. Helft mir bitte weiter mein DU-Meter zeigt einiges an Upload Traffic an. gefällt mir garnicht. Habe keine Ahnung von diesen Sachen also wär ne Schritt für Schritt anleitung sehr nett. Klingt blöd aber wegen dem Traffic kann ich kein CSS spielen und ich habe morgen ein wichtiges Turnier. need HELP plZ Logfile of HijackThis v1.99.1 Scan saved at 10:03:45, on 27.07.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS.0\System32\smss.exe C:\WINDOWS.0\system32\winlogon.exe C:\WINDOWS.0\system32\services.exe C:\WINDOWS.0\system32\lsass.exe D:\-=] Programme [=-\Fingerabdruck sensor\Omniserv.exe C:\WINDOWS.0\system32\svchost.exe C:\WINDOWS.0\System32\svchost.exe C:\Programme\TGTSoft\StyleXP\StyleXPService.exe C:\WINDOWS.0\system32\spoolsv.exe D:\-=] Programme [=-\Anti Vir\AntiVir PersonalEdition Classic\sched.exe D:\-=] Programme [=-\Anti Vir\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS.0\ATKKBService.exe C:\WINDOWS.0\system32\nvsvc32.exe C:\Programme\HHVcdV5Sys\VC5SecS.exe C:\Programme\Gemeinsame Dateien\Softwin\BitDefender Communicator\xcommsvr.exe C:\WINDOWS.0\system32\WgaTray.exe C:\WINDOWS.0\explorer.exe C:\WINDOWS.0\SOUNDMAN.EXE D:\-=] Programme [=-\Deamon Toolz\daemon.exe C:\Programme\HHVcdV5Sys\VC5Play.exe C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe D:\-=] Programme [=-\Fingerabdruck sensor\scureapp.exe C:\WINDOWS.0\system32\RUNDLL32.EXE C:\Programme\Java\jre1.5.0_06\bin\jusched.exe D:\-=] Programme [=-\Virtual CD 5.04\System\VC5Tray.exe C:\WINDOWS.0\system32\rundll32.exe C:\Programme\SurfAccuracy\SAcc.exe C:\WINDOWS.0\elefq.exe C:\WINDOWS.0\system32\rundll32.exe D:\-=] Programme [=-\Anti Vir\AntiVir PersonalEdition Classic\avgnt.exe D:\-=] Programme [=-\BitDefender\bdnagent.exe D:\-=] Programme [=-\Cursor XP\CursorXP.exe C:\Programme\TGTSoft\StyleXP\StyleXP.exe D:\-=] Programme [=-\Lasermaus\Desktop Messenger\8876480\Program\BackWeb-8876480.exe C:\Programme\MSN Messenger\MsnMsgr.Exe D:\-=] games [=-\steam\steam.exe C:\WINDOWS.0\system32\wscntfy.exe D:\-=] Programme [=-\Lasermaus\SetPoint\KEM.exe D:\-=] Programme [=-\RealVNC\WinVNC\winvnc.exe D:\-=] Programme [=-\Lasermaus\SetPoint\KHALMNPR.EXE D:\-=] Programme [=-\DU Meter\DUMeter.exe C:\WINDOWS.0\system32\svchost.exe C:\Programme\Gemeinsame Dateien\Softwin\BitDefender Scan Server\bdss.exe d:\-=] programme [=-\bitdefender\bdmcon.exe d:\-=] programme [=-\bitdefender\bdlite.exe D:\-=] Programme [=-\SpyStopper\ssp.exe D:\-=] Programme [=-\Winamp 5\Winamp.exe D:\-__PRO~1\Netscape\Netscp.exe C:\WINDOWS.0\system32\taskmgr.exe D:\-=] Archiv [=-\-=] Anti-Viren [=-\Hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = ftp://192.168.1.103/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file) R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - D:\-=] Programme [=-\ICQToolbar\toolbaru.dll F2 - REG:system.ini: Shell=explorer.exe O2 - BHO: (no name) - {73364D99-1240-4dff-B11A-67E448373048} - C:\WINDOWS.0\system32\ipv6mons.dll O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - D:\-=] Programme [=-\ICQToolbar\toolbaru.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS.0\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [ElbyCheckElbyCDFL] "d:\-=] programme [=-\Clone CD\ElbyCheck.exe" /L ElbyCDFL O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS.0\system32\NeroCheck.exe O4 - HKLM\..\Run: [Resume copy] copyfstq.exe /startup O4 - HKLM\..\Run: [DAEMON Tools-1033] "D:\-=] Programme [=-\Deamon Toolz\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [VC5Player] C:\Programme\HHVcdV5Sys\VC5Play.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [OmniPass] D:\-=] Programme [=-\Fingerabdruck sensor\scureapp.exe O4 - HKLM\..\Run: [I/O Controllers] svcnet.exe O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS.0\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,ClientStartup -s O4 - HKLM\..\Run: [SurfAccuracy] C:\Programme\SurfAccuracy\SAcc.exe O4 - HKLM\..\Run: [ReJf5vH] C:\WINDOWS.0\elefq.exe O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [avgnt] "D:\-=] Programme [=-\Anti Vir\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [System service79] C:\WINDOWS.0\\\etb\\pokapoka79.exe O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789 012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678912345678] C:\Programme\user32.exe O4 - HKLM\..\Run: [DirectXs] C:\WINDOWS.0\system32\directxs.exe O4 - HKLM\..\Run: [SpyStopperPro] D:\-=] Programme [=-\SpyStopper\ssp.exe O4 - HKLM\..\Run: [BDMCon] "D:\-=] Programme [=-\BitDefender\bdmcon.exe" O4 - HKLM\..\Run: [BDNewsAgent] "d:\-=] programme [=-\bitdefender\bdnagent.exe" O4 - HKCU\..\Run: [CursorXP] "D:\-=] Programme [=-\Cursor XP\CursorXP.exe" -s O4 - HKCU\..\Run: [STYLEXP] C:\Programme\TGTSoft\StyleXP\StyleXP.exe -Hide O4 - HKCU\..\Run: [LDM] D:\-=] Programme [=-\Lasermaus\Desktop Messenger\8876480\Program\BackWeb-8876480.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Programme\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [I/O Controllers] svcnet.exe O4 - HKCU\..\Run: [Steam] "d:\-=] games [=-\steam\steam.exe" -silent O4 - HKCU\..\Run: [Mozilla Quick Launch] "d:\-=] Programme [=-\Netscape\Netscp.exe" -turbo O4 - Startup: DU Meter (2).lnk = D:\-=] Programme [=-\DU Meter\DUMeter.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = D:\-=] Programme [=-\Lasermaus\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Logitech SetPoint.lnk = D:\-=] Programme [=-\Lasermaus\SetPoint\KEM.exe O4 - Global Startup: Run VNC Server (2).lnk = D:\-=] Programme [=-\RealVNC\WinVNC\winvnc.exe O8 - Extra context menu item: &ICQ Toolbar Search - res://D:\-=] Programme [=-\ICQToolbar\toolbaru.dll/SEARCH.HTML O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: BitBuddy - {8FCCDD73-C9F3-443a-AB53-7A25FD925808} - D:\-=] Programme [=-\BitBuddy\BitBuddy.EXE (file missing) O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\-=] Programme [=-\ICQLite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\-=] Programme [=-\ICQLite\ICQLite.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O17 - HKLM\System\CCS\Services\Tcpip\..\{9A035EDE-EE32-41D4-B6CE-8BC3AA82EA3F}: NameServer = 192.168.1.1 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: OPXPGina - C:\WINDOWS.0\ O20 - Winlogon Notify: WgaLogon - C:\WINDOWS.0\SYSTEM32\WgaLogon.dll O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - D:\-=] Programme [=-\Anti Vir\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - D:\-=] Programme [=-\Anti Vir\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS.0\ATKKBService.exe O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Programme\Gemeinsame Dateien\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS.0\system32\nvsvc32.exe O23 - Service: Softex OmniPass Service (omniserv) - Softex Inc. - D:\-=] Programme [=-\Fingerabdruck sensor\Omniserv.exe O23 - Service: StyleXPService - Unknown owner - C:\Programme\TGTSoft\StyleXP\StyleXPService.exe O23 - Service: Virtual CD v5 Security service (VC5SecS) - H+H Software GmbH - C:\Programme\HHVcdV5Sys\VC5SecS.exe O23 - Service: Windows Log - Unknown owner - C:\WINDOWS.0\system32\nvsvcd.exe O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Programme\Gemeinsame Dateien\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing) Danke schonmal an euch Pros der N@P ;-) |
|
Der Link ist tot... |
| Alle Zeitangaben in WEZ +1. Es ist jetzt 16:35 Uhr. |
Copyright ©2000-2025, Trojaner-Board