Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Mülltonne (https://www.trojaner-board.de/muelltonne/)
-   -   Hilfe, !!h*tp://*** (https://www.trojaner-board.de/53325-hilfe-h-tp.html)

Bleistiftmin 01.06.2008 22:15
Hilfe, !!h*tp://***
 
hallo
habe seit ein paar tagen das problem das sich dauernd die seite : ht*p://sichererantivirus.com öffnet und es is denk ich spyware der ganze pc is langsam inernet is langsam google geht auch garnicht! nur wenn ich den explorer im task beende dann gehts! Bittte um hilfe, kenn mich null aus! danke




Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Programme\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
E:\Programme\Adobe\PhotoshopElementsFileAgent.exe
C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Programme\Eset\nod32krn.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\Dit.exe
C:\Programme\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Programme\Java\jre1.6.0_03\bin\jusched.exe
C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe
C:\Programme\Eset\nod32kui.exe
C:\Programme\Veoh Networks\Veoh\VeohClient.exe
C:\WINDOWS\DitExp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\explorer.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Programme\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.Aon.at
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.Aon.at
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Programme\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Programme\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [nod32kui] "C:\Programme\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [BMdbfcdb9e] Rundll32.exe "C:\WINDOWS\system32\aopmftkp.dll",s
O4 - HKLM\..\Run: [d8cfe802] rundll32.exe "C:\WINDOWS\system32\gnoedjtd.dll",b
O4 - HKCU\..\Run: [Veoh] "C:\Programme\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Programme\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Programme\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Programme\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1211749867812
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Programme\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - E:\Programme\Adobe\PhotoshopElementsFileAgent.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Programme\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

VolkerRacho 02.06.2008 00:11
Bitte folgende Dateien bei Virustotal auswerten lassen :

C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe
C:\WINDOWS\system32\aopmftkp.dll
C:\WINDOWS\system32\gnoedjtd.dll

Bleistiftmin 02.06.2008 07:25
also:

C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe

Is Harmlos


C:\WINDOWS\system32\aopmftkp.dll

AhnLab-V3 2008.5.30.1 2008.06.02 -
AntiVir 7.8.0.26 2008.06.02 -
Authentium 5.1.0.4 2008.06.01 -
Avast 4.8.1195.0 2008.06.01 Win32:Vundo@dll
AVG 7.5.0.516 2008.06.01 -
BitDefender 7.2 2008.06.02 -
CAT-QuickHeal 9.50 2008.05.31 -
ClamAV 0.92.1 2008.06.02 -
DrWeb 4.44.0.09170 2008.06.01 -
eSafe 7.0.15.0 2008.06.01 -
eTrust-Vet 31.4.5837 2008.05.30 -
Ewido 4.0 2008.06.01 -
F-Prot 4.4.4.56 2008.06.01 -
F-Secure 6.70.13260.0 2008.06.02 Vundo.gen179
Fortinet 3.14.0.0 2008.06.02 -
GData 2.0.7306.1023 2008.06.02 Win32:Vundo
Ikarus T3.1.1.26.0 2008.06.02 -
Kaspersky 7.0.0.125 2008.06.02 -
McAfee 5307 2008.05.30 -
Microsoft 1.3520 2008.06.02 Trojan:Win32/Vundo.gen!H
NOD32v2 3150 2008.06.01 -
Norman 5.80.02 2008.05.30 -
Panda 9.0.0.4 2008.06.01 Suspicious file
Prevx1 V2 2008.06.02 Fraudulent Security Program
Rising 20.47.00.00 2008.06.02 -
Sophos 4.29.0 2008.06.02 Troj/Virtum-Gen
Sunbelt 3.0.1139.1 2008.05.29 -
Symantec 10 2008.06.02 -
TheHacker 6.2.92.331 2008.06.02 -
VBA32 3.12.6.6 2008.06.01 -
VirusBuster 4.3.26:9 2008.06.01 -
Webwasher-Gateway 6.6.2 2008.06.02 Win32.Malware.gen (suspicious)

C:\WINDOWS\system32\gnoedjtd.dll

Antivirus Version letzte aktualisierung Ergebnis
AhnLab-V3 2008.5.30.1 2008.06.02 -
AntiVir 7.8.0.26 2008.06.02 ADSPY/Virtumonde.trz
Authentium 5.1.0.4 2008.06.01 -
Avast 4.8.1195.0 2008.06.01 Win32:Vundo@dll
AVG 7.5.0.516 2008.06.01 -
BitDefender 7.2 2008.06.02 -
CAT-QuickHeal 9.50 2008.05.31 -
ClamAV 0.92.1 2008.06.02 -
DrWeb 4.44.0.09170 2008.06.01 -
eSafe 7.0.15.0 2008.06.01 -
eTrust-Vet 31.4.5837 2008.05.30 -
Ewido 4.0 2008.06.01 -
F-Prot 4.4.4.56 2008.06.01 -
F-Secure 6.70.13260.0 2008.06.02 Vundo.gen179
Fortinet 3.14.0.0 2008.06.02 -
GData 2.0.7306.1023 2008.06.02 Win32:Vundo
Ikarus T3.1.1.26.0 2008.06.02 -
Kaspersky 7.0.0.125 2008.06.02 -
McAfee 5307 2008.05.30 -
Microsoft 1.3520 2008.06.02 Trojan:Win32/Vundo.gen!H
NOD32v2 3150 2008.06.01 -
Norman 5.80.02 2008.05.30 -
Panda 9.0.0.4 2008.06.01 -
Prevx1 V2 2008.06.02 Fraudulent Security Program
Rising 20.47.00.00 2008.06.02 -
Sophos 4.29.0 2008.06.02 Troj/Virtum-Gen
Sunbelt 3.0.1139.1 2008.05.29 -
Symantec 10 2008.06.02 -
TheHacker 6.2.92.331 2008.06.02 -
VBA32 3.12.6.6 2008.06.01 -
VirusBuster 4.3.26:9 2008.06.01 -
Webwasher-Gateway 6.6.2 2008.06.02 Ad-Spyware.Virtumonde.trz


Alle Zeitangaben in WEZ +1. Es ist jetzt 17:17 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131