Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Mülltonne (https://www.trojaner-board.de/muelltonne/)
-   -   Benötige dringende Hilfe!!! Server 2003 (https://www.trojaner-board.de/41381-benoetige-dringende-hilfe-server-2003-a.html)

Horst2000 27.07.2007 15:46
Benötige dringende Hilfe!!! Server 2003
 
Hallo zusammen,

ich habe folgenden LogFile.
Bitte um dringende Hilfe!!!
Bedanke mich vorab!



Logfile of HijackThis v1.99.1
Scan saved at 16:33:17, on 27.07.07
Platform: Windows 2003 SP2 (WinNT 5.02.3790)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\windows\system32\dllcache\svchost.dll
C:\Programme\CA\BrightStor ARCserve Backup\DBENG.exe
C:\Programme\CA\SharedComponents\BrightStor\CADS\casdscsvc.exe
C:\Programme\CA\BrightStor ARCserve Backup\jobeng.exe
C:\Programme\CA\BrightStor ARCserve Backup\msgeng.exe
C:\Programme\CA\BrightStor ARCserve Backup\caserved.exe
C:\Programme\CA\BrightStor ARCserve Backup\casmrtbk.exe
C:\Programme\CA\BrightStor ARCserve Backup\tapeeng.exe
C:\Programme\CA\BrightStor ARCserve Backup\cadiscovd.exe
C:\Programme\CA\SharedComponents\BrightStor\UniAgent\UnivAgent.exe
C:\Programme\CA\BrightStor ARCserve Backup\Catirpc.exe
C:\Programme\CA\SharedComponents\CA_LIC\lic98rmt.exe
C:\Programme\Tobit ClipInc\Server\ClipInc-Server.exe
C:\Programme\Tobit ClipInc\Server\ClipInc-Server.exe
C:\David\APPS\DSERVER\CODE\DSERVER.EXE
C:\David\APPS\DVGRAB\CODE\DVGRAB.EXE
C:\David\APPS\POSTMAN\CODE\POSTMAN.EXE
C:\David\APPS\REPLICA\CODE\REPLICA.EXE
C:\David\CODE\SL.EXE
C:\Programme\CA\BrightStor ARCserve Backup\RDS.EXE
C:\Programme\CA\BrightStor ARCserve Backup\caloggerd.exe
C:\David\tld\code\CAPI\tld.exe
C:\David\tld\code\CAPI\tld.exe
C:\David\APPS\WEBBOX\CODE\WEBBOX.EXE
C:\Programme\CA\SharedComponents\BrightStor\DBAcommon\DBASVR.exe
C:\WINDOWS\system32\Dfssvc.exe
C:\WINDOWS\System32\dns.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Symantec\Norton Ghost 2003\GhostStartService.exe
C:\Programme\CA\iGateway\igateway.exe
C:\WINDOWS\System32\ismserv.exe
C:\Programme\CA\SharedComponents\CA_LIC\LogWatNT.exe
C:\Programme\McAfee\Common Framework\FrameworkService.exe
C:\Programme\McAfee\VirusScan Enterprise\Mcshield.exe
C:\Programme\McAfee\VirusScan Enterprise\VsTskMgr.exe
C:\Programme\CA\BrightStor ARCserve Backup\Mediasvr.exe
C:\windows\security\secapp.dll
C:\Programme\CA\BrightStor ARCserve Backup\caauthd.exe
C:\WINDOWS\system32\netservice.exe
C:\WINDOWS\msagent\netmon.exe
C:\WINDOWS\system32\ntfrs.exe
C:\Programme\CA\BrightStor Backup Agent for Open Files\Ofant.exe
C:\Programme\CA\BrightStor ARCserve Backup Agent for Microsoft SQL Server\dbasqlr.exe
C:\WINDOWS\AntiTrojan.dll
C:\Programme\CA\BrightStor ARCserve Backup\LQServer.exe
C:\Programme\ORL\VNC\WinVNC.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\CA\BrightStor ARCserve Backup\asalert.exe
C:\Programme\CA\BrightStor ARCserve Backup\LDBServer.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ASUS\Probe\AsusProb.exe
C:\Programme\Tobit Software ViProtect\TAVfD.exe
C:\Programme\Symantec\Norton Ghost 2003\GhostStar**rayApp.exe
C:\Programme\Tobit ClipInc\Player\ClipIncTray.exe
C:\Programme\McAfee\Common Framework\UdaterUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\McAfee\Common Framework\McTray.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\mmc.exe
C:\Dokumente und Einstellungen\Administrator\Desktop\hijackthis_199\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = res://shdoclc.dll/hardAdmin.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

h**p://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

h**p://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

h**p://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

h**p://go.microsoft.com/fwlink/?LinkId=69157
O4 - HKLM\..\Run: [Ptipbmf] rundll32.exe ptipbmf.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [WinVNC] "C:\Programme\ORL\VNC\WinVNC.exe" -servicehelper
O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe
O4 - HKLM\..\Run: [Tobit AntiVirus for Desktops] "C:\Programme\Tobit Software ViProtect\TAVfD.exe" -HIDE
O4 - HKLM\..\Run: [GhostStar**rayApp] C:\Programme\Symantec\Norton Ghost 2003\GhostStar**rayApp.exe
O4 - HKLM\..\Run: [ClipIncSrvTray] "C:\Programme\Tobit ClipInc\Player\ClipIncTray.exe"
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Programme\McAfee\Common Framework\UdaterUI.exe"

/StartedFromRunKey
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Abou**ime.lnk = C:\Programme\Abou**ime\Abou**ime.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Nach Microsoft &Excel exportieren -

res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = KU**IG.GMBH
O17 - HKLM\Software\..\Telephony: DomainName = KU**IG.GMBH
O17 - HKLM\System\CCS\Services\Tcpip\..\{5BCD7098-5C8D-4C7B-9EB3-FAF3A3CAD735}: NameServer =

192.168.100.44,192.168.100.2
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = KU**IG.GMBH
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = KU**IG.GMBH
O20 - Winlogon Notify: dimsntfy - C:\WINDOWS\SYSTEM32\dimsntfy.dll
O23 - Service: Localhost Service (Anti-V) - Cat Soft - c:\windows\system32\dllcache\svchost.dll
O23 - Service: Cosynus BlackBerry Connector (BlackBerry4Dv) - Unknown owner -

C:\WINDOWS\system32\srvany.exe
O23 - Service: CA BrightStor-Datenbankprozess (CASDBEngine) - Computer Associates -

C:\Programme\CA\BrightStor ARCserve Backup\DBENG.exe
O23 - Service: CA BrightStor Discovery Service (CASDiscoverySvc) - Computer Associates -

C:\Programme\CA\SharedComponents\BrightStor\CADS\casdscsvc.exe
O23 - Service: CA BrightStor-Jobprozess (CASJobEngine) - Computer Associates -

C:\Programme\CA\BrightStor ARCserve Backup\jobeng.exe
O23 - Service: CA BrightStor-Nachrichtenprozess (CASMsgEngine) - Computer Associates -

C:\Programme\CA\BrightStor ARCserve Backup\msgeng.exe
O23 - Service: CA BrightStor-Dienst-Controller (CASSvcControlSvr) - Computer Associates -

C:\Programme\CA\BrightStor ARCserve Backup\caserved.exe
O23 - Service: CA BrightStor-Bandprozess (CASTapeEngine) - Computer Associates -

C:\Programme\CA\BrightStor ARCserve Backup\tapeeng.exe
O23 - Service: CA BrightStor-Domänenserver (CASUnivDomainSvr) - Computer Associates -

C:\Programme\CA\BrightStor ARCserve Backup\cadiscovd.exe
O23 - Service: CA BrightStor Universal Agent (CASUniversalAgent) - Computer Associates -

C:\Programme\CA\SharedComponents\BrightStor\UniAgent\UnivAgent.exe
O23 - Service: CA-Server für Remote-Prozeduraufruf (CATIRPC) - Computer Associates -

C:\Programme\CA\BrightStor ARCserve Backup\Catirpc.exe
O23 - Service: CA License Client (CA_LIC_CLNT) - Computer Associates International Inc. -

C:\Programme\CA\SharedComponents\CA_LIC\lic98rmt.exe
O23 - Service: CA License Server (CA_LIC_SRVR) - Computer Associates International Inc. -

C:\Programme\CA\SharedComponents\CA_LIC\lic98rmtd.exe
O23 - Service: ClipInc 001 (ClipInc001) - Unknown owner - C:\Programme\Tobit

ClipInc\Server\ClipInc-Server.exe
O23 - Service: ClipInc 002 (ClipInc002) - Unknown owner - C:\Programme\Tobit

ClipInc\Server\ClipInc-Server.exe
O23 - Service: David Discussion Server (DavidDiscussionServer) - Tobit Software -

C:\David\APPS\DSERVER\CODE\DSERVER.EXE
O23 - Service: David Grabbing Server (DavidGrabbingServer) - Tobit Software -

C:\David\APPS\DVGRAB\CODE\DVGRAB.EXE
O23 - Service: David Host (DavidHost) - Tobit Software - C:\David\APPS\DVHOST\CODE\DVHOST.EXE
O23 - Service: David Mail Access Server (DavidMailAccessServer) - Tobit Software -

C:\David\APPS\MASERVER\CODE\MASERVER.EXE
O23 - Service: David PBXpense (DavidPBXpense) - Tobit Software -

C:\David\Apps\pbxpense\code\pbxpense.exe
O23 - Service: David PostMan (DavidPostMan) - Tobit Software - C:\David\APPS\POSTMAN\CODE\POSTMAN.EXE
O23 - Service: David Replica (DavidReplica) - Tobit Software - C:\David\APPS\REPLICA\CODE\REPLICA.EXE
O23 - Service: David Service Layer (DavidServiceLayer) - Tobit Software - C:\David\CODE\SL.EXE
O23 - Service: David Show Interface Services (DavidShowInterfaceServices) - Tobit Software -

C:\David\apps\showis\showis.exe
O23 - Service: David TLD 001 (DavidTLD001) - Tobit Software - C:\David\tld\code\CAPI\tld.exe
O23 - Service: David TLD 002 (DavidTLD002) - Tobit Software - C:\David\tld\code\CAPI\tld.exe
O23 - Service: David WebBox (DavidWebBox) - Tobit Software - C:\David\APPS\WEBBOX\CODE\WEBBOX.EXE
O23 - Service: CA BrightStor Backup Agent RPC-Server (DbaRpcService) - Computer Associates -

C:\Programme\CA\SharedComponents\BrightStor\DBAcommon\DBASVR.exe
O23 - Service: GhostStartService - Symantec Corporation - C:\Programme\Symantec\Norton Ghost

2003\GhostStartService.exe
O23 - Service: iTechnology iGateway 3.0 (iGateway) - Computer Associates -

C:\Programme\CA\iGateway\igateway.exe
O23 - Service: Event Log Watch (LogWatch) - Computer Associates -

C:\Programme\CA\SharedComponents\CA_LIC\LogWatNT.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Unknown owner - C:\Programme\McAfee\Common

Framework\FrameworkService.exe" /ServiceStart (file missing)
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Programme\McAfee\VirusScan

Enterprise\Mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Programme\McAfee\VirusScan

Enterprise\VsTskMgr.exe
O23 - Service: Microsoft Security Monitoring Service (MSSecMonSrv) - Unknown owner -

C:\windows\security\secapp.dll
O23 - Service: Network Monitoring Service (NetMonSrv) - Unknown owner -

C:\WINDOWS\system32\netservice.exe
O23 - Service: TCP/IP Network Monitoring Service (Ne**cpSrv) - Unknown owner -

C:\WINDOWS\msagent\netmon.exe
O23 - Service: CA Backup Agent for Open Files (OpenFileAgent) - Computer Associates -

C:\Programme\CA\BrightStor Backup Agent for Open Files\Ofant.exe
O23 - Service: CA BrightStor BrightStor Backup Agent-Remote-Dienst (RemoteDbagent) - Computer Associates

- C:\Programme\CA\BrightStor ARCserve Backup Agent for Microsoft SQL Server\dbasqlr.exe
O23 - Service: Remote Controller (RpcCtr) - Unknown owner - C:\WINDOWS\AntiTrojan.dll
O23 - Service: Tcp-Ip Protocol (secapp) - Unknown owner - C:\WINDOWS\security\secapp.dll
O23 - Service: Serv-U FTP Server (Serv-U) - Unknown owner - C:\WINDOWS\system32\netservice.exe
O23 - Service: Tobit AntiVirus for Desktops Service (TAVFDService) - Unknown owner -

C:\PROGRA~1\TOBITA~1\TAVFDSrv.EXE (file missing)
O23 - Service: VNC Server (winvnc) - Unknown owner - C:\Programme\ORL\VNC\WinVNC.exe" -service (file

missing)


Alle Zeitangaben in WEZ +1. Es ist jetzt 16:02 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131