Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Möglicher Trojaner-Befall (https://www.trojaner-board.de/81008-moeglicher-trojaner-befall.html)

Tenerok 30.12.2009 11:30
Möglicher Trojaner-Befall
 
Guten Tag,
ich habe seid einer Weile die Befürchtung, dass ein Trojaner oder ein Virus meinen PC befallen hat, weil er merklich langsamer geworden ist.
Vielleicht könnt ihr mir helfen?

HijackThis Logfile:
Code:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:51:52, on 30.12.2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18349)
Boot mode: Normal

Running processes:
C:\Program Files\Norton Internet Security\Engine\17.0.0.136\ccSvcHst.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Launch Manager\WisKeyState.exe
C:\Program Files\Launch Manager\OSD.exe
C:\Program Files\Launch Manager\OSDCtrl.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\teatimer.exe
C:\Program Files\OnlineControl\ocontrol.exe
C:\Program Files\WiFiConnector\NintendoWFCReg.exe
c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\FREEDO~1\fdm.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) -  - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\17.0.0.136\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\17.0.0.136\IPSBHO.DLL
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.0.0.136\coIEPlg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [StartCCC] "c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [HotkeyApp] "C:\Program Files\Launch Manager\HotkeyApp.exe"
O4 - HKLM\..\Run: [WisKeyState] "C:\Program Files\Launch Manager\WisKeyState.exe"
O4 - HKLM\..\Run: [LMgrVolOSD] "C:\Program Files\Launch Manager\OSD.exe"
O4 - HKLM\..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSDCtrl.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [FSCRecovery] c:\Program Files\Fujitsu Siemens Computers\Fujitsu Siemens Computers Recovery\FSCRecoveryReminder.exe
O4 - HKLM\..\Run: [Google EULA Launcher] c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe IE PA
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKCU\..\Run: [fsc-reg] C:\fsc-reg\fscreg.exe 20091226
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')
O4 - Global Startup: OnlineControl.lnk = C:\Program Files\OnlineControl\ocontrol.exe
O4 - Global Startup: Registrierungsprogramm ausführen.lnk = C:\Program Files\WiFiConnector\NintendoWFCReg.exe
O8 - Extra context menu item: Alles mit FDM herunterladen - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Auswahl mit FDM herunterladen - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Datei mit FDM herunterladen - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Videos mit FDM herunterladen - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: FSCLBaseUpdaterService - Unknown owner - C:\Program Files\Fujitsu Siemens Computers\FSCLounge\FSCWBaseUpdaterService\2\FSCWBaseUpdaterService.exe
O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\17.0.0.136\ccSvcHst.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Scramby Server (ScrambyServer) - Unknown owner - D:\Scramby\ScrambyServer.exe (file missing)
O23 - Service: Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) - Fujitsu Siemens Computers - C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
O23 - Service: WisLMSvc - Wistron Corp. - C:\Program Files\Launch Manager\WisLMSvc.exe

--
End of file - 10983 bytes
CCleaner:

Code:
EVEREST Home Edition v2.20        Lavalys Inc        27.08.2009        6,58MB        2.20
Free Download Manager 3.0        FreeDownloadManager.ORG        30.08.2009        18,5MB       
FSCLounge        Fujitsu Siemens Computers        27.08.2009        8,47MB        1.0.0
Fujitsu Siemens Computers Recovery        Fujitsu Siemens Computers        27.08.2009        7,06MB        1.3.9
Futuremark SystemInfo        Futuremark Corporation        20.10.2009        3,79MB        3.20.1.2
GIMP 2.6.7                07.09.2009        87,0MB       
Google Desktop        Google        17.11.2009        6,65MB        5.9.0911.03589
Google Toolbar for Internet Explorer        Google Inc.        21.12.2009        8,15MB       
GUILD WARS                09.09.2009        2.881,1MB       
HijackThis 2.0.2        TrendMicro        18.11.2009        0,39MB        2.0.2
ICQ Toolbar        ICQ        27.08.2009                3.0.0
Java(TM) 6 Update 16        Sun Microsystems, Inc.        17.09.2009        95,0MB        6.0.160
JMicron JMB38X Flash Media Controller        JMicron Technology Corp.        04.09.2008        2,26MB        1.00.11.02
KoolMoves Demo 7.1.1        Lucky Monkey Designs LLC        11.12.2009        32,6MB        7.1.1
Launch Manager V1.5.4        Wistron Corp.        04.09.2008        1,35MB        1.5.4
Microsoft .NET Framework 1.1                08.12.2009               
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU        Microsoft Corporation        30.08.2009        37,0MB       
Microsoft .NET Framework 3.5 SP1        Microsoft Corporation        27.08.2009        27,8MB       
Microsoft Office Home and Student 2007        Microsoft Corporation        11.12.2009        296,9MB        12.0.6425.1000
Microsoft Office PowerPoint Viewer 2007 (German)        Microsoft Corporation        11.12.2009        51,0MB        12.0.6425.1000
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053        Microsoft Corporation        13.11.2009        0,25MB        8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable        Microsoft Corporation        20.10.2009        0,54MB        8.0.56336
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148        Microsoft Corporation        13.11.2009        0,19MB        9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17        Microsoft Corporation        27.08.2009        0,58MB        9.0.30729
Microsoft Works        Microsoft Corporation        13.11.2009        376,7MB        9.7.0621
Mozilla Firefox (3.5.6)        Mozilla        20.12.2009        26,4MB        3.5.6 (de)
MSXML 4.0 SP2 (KB954430)        Microsoft Corporation        27.08.2009        1,28MB        4.20.9870.0
MSXML 4.0 SP2 (KB973688)        Microsoft Corporation        25.11.2009        1,34MB        4.20.9876.0
NCsoft Launcher        NCsoft        02.09.2009        6,61MB        1.5.4.2
Nero 8 Essentials        Nero AG        04.09.2008        1.687,1MB        8.10.368
Norton Internet Security        Symantec Corporation        30.10.2009        64,9MB        17.0.0.136
OnlineControl 1.2        Deutsche Telekom AG T-Com        27.08.2009        0,88MB        1.2.23
OpenAL                20.10.2009        0,75MB       
PaperPort Image Printer        Nuance Communications, Inc.        30.08.2009        0,38MB        1.00.0000
Picasa 2        Google, Inc.        27.08.2009        35,3MB        2.0
Realtek High Definition Audio Driver        Realtek Semiconductor Corp.        04.09.2008               
Registrierungsprogramm für den Nintendo Wi-Fi USB Connector                19.09.2009        2,04MB       
RGSS-RTP Standard        Enterbrain        26.10.2009        22,5MB        1.0.0
RPG Maker VX        Enterbrain        26.10.2009        9,74MB        1.02
RPG Maker VX RTP        Enterbrain        26.10.2009        43,1MB        1.02
RPGXP        Enterbrain        29.10.2009        4,11MB        1.0.0
ScanSoft PaperPort 11        Nuance Communications, Inc.        30.08.2009        130,3MB        11.1.0000
Scramby        Rapid Solution Software AG        07.11.2009        56,1MB        2.0.40.0
SpeedFan (remove only)                07.12.2009        4,79MB       
Spybot - Search & Destroy        Safer Networking Limited        27.08.2009        51,4MB        1.6.2
Synaptics Pointing Device Driver        Synaptics        04.09.2008        13,6MB        10.0.12.0
SystemDiagnostics        Fujitsu Siemens Computers              27.08.2009        13,6MB        2.01.0004
T-Online 6.0                27.08.2009        17,3MB       
TeamSpeak 2 RC2        Dominating Bytes Design        11.10.2009                2.0.32.60
Windows Live Anmelde-Assistent        Microsoft Corporation        12.11.2009        1,93MB        5.000.818.5
Windows Live Essentials        Microsoft Corporation        12.11.2009        44,0MB        14.0.8089.0726
Windows Live-Uploadtool        Microsoft Corporation        12.11.2009        0,22MB        14.0.8014.1029
WinRAR                11.10.2009        3,82MB       
World of Warcraft        Blizzard Entertainment        18.12.2009        18.347,0MB        2.1.1.1374
Ich danke euch schonmal im vorraus.
Ihr macht eure Arbeit spitze. :D

Gruß

cosinus 30.12.2009 13:38
Hallo und :hallo:

Zitat:
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18349)
Es fehlen: SP2, IE8!

Hast Du keinen Virenscanner installiert? Logfile sieht sonst okay aus IMHO.
Bitte beachten => http://www.trojaner-board.de/71631-p...samer-tun.html

Tenerok 31.12.2009 14:29
Zitat:
Zitat von cosinus (Beitrag 490460)
Hallo und :hallo:



Es fehlen: SP2, IE8!

Hast Du keinen Virenscanner installiert? Logfile sieht sonst okay aus IMHO.
Bitte beachten => http://www.trojaner-board.de/71631-p...samer-tun.html
Jo hab ich, danke dir. ^^
Werd es mir anschauen.

Gruß


Alle Zeitangaben in WEZ +1. Es ist jetzt 21:48 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131