Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Mülltonne (https://www.trojaner-board.de/muelltonne/)
-   -   Bitte um Überprüfung!!! (https://www.trojaner-board.de/43503-bitte-um-uberpruefung.html)

Fexzz 15.09.2007 17:12
Bitte um Überprüfung!!!
 
Ich habe angst, es hat sich was bei mr eingeschlichen, da auch mein vater einen Virus vor 2-3 Tagen bekommen hat!! Bitte überprüft das, wenn ihr zeit habt!!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:10:37, on 15.09.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
C:\Programme\avmwlanstick\WlanNetService.exe
C:\Programme\Bonjour\mDNSResponder.exe
C:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\WINDOWS\system32\LckFldService.exe
C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Programme\Java\jre1.5.0_06\bin\jusched.exe
C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe
C:\Programme\avmwlanstick\wlangui.exe
C:\WINDOWS\??pPatch\r?ndll32.exe
C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programme\Java\jre1.5.0_06\bin\jucheck.exe
C:\Programme\Mozilla Firefox\firefox.exe
F:\ProgrammZ\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\explorer.exe
F:\ProgrammZ\Deamon Tools\DAEMON Tools\daemon.exe
F:\ProgrammZ\Hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {CD0B9583-593B-74E0-1395-56C0A85D00E7} - C:\WINDOWS\system32\jdmwlav.dll (file missing)
R3 - URLSearchHook: (no name) - {CA0BE4F6-5936-01E0-13E6-50C0AD550094} - C:\WINDOWS\system32\jdmwlav.dll (file missing)
R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
R3 - URLSearchHook: (no name) - {CC0B95F5-5938-00E3-13E7-53C0A45C0096} - C:\WINDOWS\system32\jdmwlav.dll (file missing)
R3 - URLSearchHook: (no name) - {F4DAC5DB-073C-2CEE-1672-56F07BBB3BC6} - C:\WINDOWS\system32\fra.dll
R3 - URLSearchHook: (no name) - {F5DAC5AB-073F-58ED-1600-5DF077C63BC7} - C:\WINDOWS\system32\fra.dll
R3 - URLSearchHook: (no name) - {F4DAC5DD-073C-2CEE-1672-58F07BC73BB6} - C:\WINDOWS\system32\fra.dll
R3 - URLSearchHook: (no name) - {F3DAB4A8-0731-59EE-1601-5EF07ECF3BC5} - C:\WINDOWS\system32\fra.dll
R3 - URLSearchHook: (no name) - {F3DAB4AB-0731-59EE-1601-5EF07ECF3BC5} - C:\WINDOWS\system32\fra.dll
R3 - URLSearchHook: (no name) - {F3DAB4AA-0731-5CEE-1609-5DF008BC3BB6} - C:\WINDOWS\system32\fra.dll
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {93BAF754-C845-453E-B199-84566A7375ED} - C:\WINDOWS\msagent\tuilajva.dll (file missing)
O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Programme\TGTSoft\StyleXP\TGT_BHO.dll
O2 - BHO: (no name) - {CA0BE4F6-5936-01E0-13E6-50C0AD550094} - C:\WINDOWS\system32\jdmwlav.dll (file missing)
O2 - BHO: (no name) - {CC0B95F5-5938-00E3-13E7-53C0A45C0096} - C:\WINDOWS\system32\jdmwlav.dll (file missing)
O2 - BHO: (no name) - {CD0B9583-593B-74E0-1395-56C0A85D00E7} - C:\WINDOWS\system32\jdmwlav.dll (file missing)
O2 - BHO: (no name) - {F3DAB4A8-0731-59EE-1601-5EF07ECF3BC5} - C:\WINDOWS\system32\fra.dll
O2 - BHO: (no name) - {F3DAB4AA-0731-5CEE-1609-5DF008BC3BB6} - C:\WINDOWS\system32\fra.dll
O2 - BHO: (no name) - {F3DAB4AB-0731-59EE-1601-5EF07ECF3BC5} - C:\WINDOWS\system32\fra.dll
O2 - BHO: (no name) - {F4DAC5DB-073C-2CEE-1672-56F07BBB3BC6} - C:\WINDOWS\system32\fra.dll
O2 - BHO: (no name) - {F4DAC5DD-073C-2CEE-1672-58F07BC73BB6} - C:\WINDOWS\system32\fra.dll
O2 - BHO: (no name) - {F5DAC5AB-073F-58ED-1600-5DF077C63BC7} - C:\WINDOWS\system32\fra.dll
O4 - HKLM\..\Run: [TRIXX] "C:\Programme\TRIXX\TRIXX.exe" -s
O4 - HKLM\..\Run: [nTrayFw] C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [BearShare] "F:\ProgrammZ\BearShare\BearShare.exe" /pause
O4 - HKLM\..\Run: [BearFlix] "F:\ProgrammZ\BearFlix\BearFlix.exe" /pause
O4 - HKLM\..\Run: [uwa6pcw] "C:\Programme\Gemeinsame Dateien\WinAntiVirus Pro 2006\uwa6pcw.exe" -c
O4 - HKLM\..\Run: [AVMWlanClient] C:\Programme\avmwlanstick\wlangui.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ATICCC] "C:\Programme\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [Eohr] "C:\DOKUME~1\KAIMLL~1\ANWEND~1\DOBE~1\mmc.exe" -vt ndrv
O4 - HKCU\..\Run: [Qgkk] C:\WINDOWS\??pPatch\r?ndll32.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programme\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [DeeEnEs] C:\Dokumente und Einstellungen\****\Desktop\DeeEnes\DeeEnEs.exe
O4 - HKCU\..\Run: [Fraps] C:\DOKUMENTE UND EINSTELLUNGEN\*****\DESKTOP\GAMES UND PROGRAMME\PROGRAMME\FRAPS\FRAPS.EXE
O4 - HKCU\..\Run: [Skype] "C:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [DAEMON Tools] "F:\ProgrammZ\Deamon Tools\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [STYLEXP] C:\Programme\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [BLASC] "F:\ProgrammZ\Blasc2\BLASC.exe" silent
O4 - HKCU\..\Run: [ICQ] "F:\ProgrammZ\ICQLite\ICQ6\ICQ.exe" silent
O4 - HKCU\..\Run: [SpybotSD TeaTimer] F:\ProgrammZ\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Policies\Explorer\Run: [{C8CC4533-08A3-1031-0120-060103050031}] "C:\Programme\Gemeinsame

Dateien\{C8CC4533-08A3-1031-0120-060103050031}\Update.exe" mc-110-12-0000272
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - F:\ProgrammZ\ICQLite\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - F:\ProgrammZ\ICQLite\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O15 - Trusted Zone: h**p://locator.cdn.imageservr.com
O15 - Trusted Zone: h**p://scanner.sysprotect.com
O15 - Trusted Zone: h**p://*.systemdoctor.com
O15 - Trusted Zone: h**p://www.winantiviruspro.com
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -

http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1159116685937
O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} - h**p://yax-download.yazzle.net/YazzleActiveX.cab?refid=1123
O16 - DPF: {B64F4A7C-97C9-11DA-8BDE-F66BAD1E3F3A} - h**p://download.cdn.winsoftware.com/files/installers/cab/WinAntiVirusPro2006FreeInstall.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\WINDOWS\system32\chkntfs.dll
O20 - Winlogon Notify: tuilajva - C:\WINDOWS\msagent\tuilajva.dll (file missing)
O20 - Winlogon Notify: winkbe32 - winkbe32.dll (file missing)
O21 - SSODL: incestuously - {03413bf7-e34c-445b-bfc0-a2b127255871} - (no file)
O22 - SharedTaskScheduler: {03413bf7-e34c-445b-bfc0-a2b127255871} - incestuously - (no file)
O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVM WLAN Connection Service - AVM Berlin - C:\Programme\avmwlanstick\WlanNetService.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Programme\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet

Publisher\FNPLicensingService.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache

Group\Apache2\bin\apache.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel

32\IDriverT.exe
O23 - Service: LckFldService - Unknown owner - C:\WINDOWS\system32\LckFldService.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA - C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: StyleXPService - Unknown owner - C:\Programme\TGTSoft\StyleXP\StyleXPService.exe
O24 - Desktop Component 0: (no name) - (no file)

--
End of file - 11088 bytes


Alle Zeitangaben in WEZ +1. Es ist jetzt 05:50 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131