Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Mülltonne (https://www.trojaner-board.de/muelltonne/)
-   -   Verdacht auf Tr. HiJackThis log auswerten bitte (https://www.trojaner-board.de/65853-verdacht-tr-hijackthis-log-auswerten-bitte.html)

Southpark 05.12.2008 12:11
Verdacht auf Tr. HiJackThis log auswerten bitte
 
Also ich habe einen Verdacht auf einen Trojaner auf meinen Pc kann mich aber auch irrn wäre schön wenn ihr das logfile mal durchschaut

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:06:25, on 05.12.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
E:\WINDOWS.0\System32\smss.exe
E:\WINDOWS.0\system32\winlogon.exe
E:\WINDOWS.0\system32\services.exe
E:\WINDOWS.0\system32\lsass.exe
E:\WINDOWS.0\system32\svchost.exe
E:\WINDOWS.0\System32\svchost.exe
E:\WINDOWS.0\system32\TASKMAN.EXE
E:\WINDOWS.0\system32\spoolsv.exe
E:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
E:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe
E:\Programme\Windows32\bcserver.service
E:\Programme\Bonjour\mDNSResponder.exe
C:\Tobit ClipInc\Server\ClipInc-Server.exe
E:\Programme\FileZilla Server\FileZilla Server.exe
E:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
E:\Programme\Icecast2 Win32\icecastService.exe
E:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
E:\WINDOWS.0\system32\nvsvc32.exe
E:\WINDOWS.0\system32\PnkBstrA.exe
E:\WINDOWS.0\system32\PnkBstrB.exe
E:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe
E:\WINDOWS.0\system32\RUNDLL32.EXE
E:\WINDOWS.0\RTHDCPL.EXE
E:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe
E:\Programme\Winamp\winampa.exe
E:\WINDOWS.0\system32\ctfmon.exe
E:\Programme\Spybot - Search & Destroy\TeaTimer.exe
C:\Tobit ClipInc\Player\ClipIncTray.exe
E:\WINDOWS.0\system32\svchost.exe
E:\Programme\Java\jre6\bin\jqs.exe
E:\WINDOWS.0\system32\drwtsn32.exe
E:\WINDOWS.0\system32\wbem\wmiapsrv.exe
E:\WINDOWS.0\system32\drwtsn32.exe
E:\Programme\Cain\Cain.exe
E:\WINDOWS.0\explorer.exe
E:\Programme\No-IP\DUC20.exe
E:\Programme\Trend Micro\HijackThis\HijackThis.exe
E:\Programme\Mozilla Firefox\firefox.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - E:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - E:\Programme\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - E:\Programme\Winamp Toolbar\winamptb.dll
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - E:\Programme\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Programme\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - E:\Programme\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - E:\Programme\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - E:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - E:\Programme\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - E:\Programme\Winamp Toolbar\winamptb.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - E:\Programme\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS.0\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE E:\WINDOWS.0\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AVP] "E:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "E:\Programme\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [QuickTime Task] "E:\Programme\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [LogonStudio] "E:\Programme\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM
O4 - HKLM\..\Run: [WinampAgent] E:\Programme\Winamp\winampa.exe
O4 - HKLM\..\RunOnce: [NSSInstallation] E:\WINDOWS.0\system32\Adobe\Shockwave 11\nssstub.exe /RunOnce
O4 - HKCU\..\Run: [CTFMON.EXE] E:\WINDOWS.0\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] E:\WINDOWS.0\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] E:\WINDOWS.0\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS.0\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS.0\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Ralink Wireless Utility.lnk = E:\Programme\RALINK\Common\RaUI.exe
O8 - Extra context menu item: &Winamp Search - E:\Dokumente und Einstellungen\All Users.WINDOWS.0\Anwendungsdaten\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Alles mit FDM herunterladen - file://E:\Programme\Free Download Manager\dlall.htm
O8 - Extra context menu item: Auswahl mit FDM herunterladen - file://E:\Programme\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Datei mit FDM herunterladen - file://E:\Programme\Free Download Manager\dllink.htm
O8 - Extra context menu item: Hinzufügen zu Kaspersky Anti-Banner - E:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE\ie_banner_deny.htm
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://E:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: RF - Formular ausfüllen - file://E:\Programme\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: RF - Formular speichern - file://E:\Programme\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: RF - Menü anpassen - file://E:\Programme\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: RF - RoboForm-Leiste ein/aus - file://E:\Programme\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Videos mit FDM herunterladen - file://E:\Programme\Free Download Manager\dlfvideo.htm
O9 - Extra button: Statistik für Web-Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - E:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE\SCIEPlgn.dll
O9 - Extra button: Ausfüllen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://E:\Programme\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: RF - Formular ausfüllen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://E:\Programme\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Speichern - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://E:\Programme\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: RF - Formular speichern - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://E:\Programme\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://E:\Programme\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RF - RoboForm-Leiste ein/aus - {724d43aa-0d85-11d4-9908-00400523e39a} - file://E:\Programme\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - E:\Programme\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - E:\Programme\ICQ6\ICQ.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O20 - AppInit_DLLs: E:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll
O23 - Service: Adobe LM Service - Adobe Systems - E:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Kaspersky Security Suite CBE (AVP) - Kaspersky Lab - E:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - E:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - E:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Icecast-trunk Streaming Media Server (Icecast-trunk) - Unknown owner - E:\Programme\Icecast2 Win32\icecastService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - E:\Programme\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS.0\system32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - E:\Programme\WinPcap\rpcapd.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - E:\Programme\TuneUpUtilities2006\WinStylerThemeSvc.exe

--
End of file - 9264 bytes


mfg southpark


Alle Zeitangaben in WEZ +1. Es ist jetzt 08:18 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131