Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   TR/vundo.gen (https://www.trojaner-board.de/44542-tr-vundo-gen.html)

Penneth 12.10.2007 18:12
TR/vundo.gen
 
Mal weider ein weiterer Fall ves vundo.gen Trojaners....
gleich vorne weg: ich bin ein ziemlicher noob, von daher bitte verzeit mir in euren augen idiotische fragen ;)
ich poste mal das hijack logfile, weil das ja in den anderen threads immer gefragt wurde


Logfile of HijackThis v1.99.1
Scan saved at 19:06:20, on 12.10.2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\programme\gemeinsame dateien\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\Programme\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\WINDOWS\System32\LVCOMSX.EXE
C:\Programme\QuickTime\qttask.exe
C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe
C:\Programme\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Programme\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Programme\Logitech\Video\CameraAssistant.exe
C:\WINDOWS\System32\ElkCtrl.exe
C:\Programme\iTunes\iTunesHelper.exe
C:\Programme\HbTools\Bin\4.8.7.0\HbtWeatherOnTray.exe
C:\Programme\HbTools\Bin\4.8.7.0\HbtOEAddOn.exe
C:\Programme\FreePDF_XP\fpassist.exe
C:\Programme\Gemeinsame Dateien\Teleca Shared\CapabilityManager.exe
C:\Programme\Hbtools\HBTV\HBTV.exe
C:\Programme\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\MSN Messenger\MsnMsgr.Exe
C:\Programme\Microsoft ActiveSync\wcescomm.exe
C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programme\FRITZ!DSL\IGDCTRL.EXE
C:\Programme\Skype\Phone\Skype.exe
C:\Programme\sony\giga pocket\shwserv.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Programme\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\FRITZ!DSL\StCenter.exe
C:\Programme\sony\keyboard closure setup\KSWServ.exe
C:\Programme\Microsoft Office\Office\OSA.EXE
C:\Programme\sony\usbsircs\usbsircs.exe
C:\Programme\Sony\VAIO Action Setup\VAServ.exe
C:\Programme\PC-TV\WinManager\WinManager.exe
C:\Programme\WinZip\WZQKPICK.EXE
C:\Programme\Mozilla Firefox\firefox.exe
C:\Programme\Gemeinsame Dateien\Teleca Shared\Generic.exe
C:\Programme\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Programme\sony\giga pocket\RM_SV.exe
C:\Programme\iPod\bin\iPodService.exe
C:\Programme\MSN Messenger\usnsvc.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Programme\Internet Explorer\IEXPLORE.EXE
C:\Programme\HbTools\Bin\4.8.7.0\HbtSrv.exe
C:\Programme\WinRAR\WinRAR.exe
C:\Programme\hijackhits\pruefung.com.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.web.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.sony-europe.com/
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\tbu12\toolbaru.dll
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\Programme\ICQToolbar\tbu12\toolbaru.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {3E129AE1-2AE7-4EBD-BC42-A0A36BE6A0A4} - C:\WINDOWS\System32\ddabb.dll
O2 - BHO: TVEngine Helper /fleok=1D8A83A5C2E6107C91A475760EA83FA5EF80752B94E2DD7A5B7A402A36C1 - {4B18DD50-C996-44fc-AC52-0FECFF82ED58} - c:\programme\hbtools\hbtv\hbtvhelper.dll
O2 - BHO: {e64a466b-f46b-db69-cb04-608a742db245} - {542bd247-a806-40bc-96bd-b64fb664a46e} - C:\WINDOWS\System32\gvaquvqj.dll (file missing)
O2 - BHO: HbTools - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Programme\HbTools\Bin\4.8.7.0\HbtHostIE.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {97786002-2598-49C5-BBA9-30D1287ACDD3} - C:\WINDOWS\System32\sstqp.dll (file missing)
O2 - BHO: (no name) - {9B967F80-7190-420C-92CE-1DF0C5F2494D} - C:\WINDOWS\System32\ssqro.dll (file missing)
O2 - BHO: (no name) - {A99A4C6A-9F4D-45F0-B349-0E4C2D6E589A} - C:\WINDOWS\System32\vtstt.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: (no name) - {DC08A6BE-F324-4071-9704-9B1D479EEEDA} - C:\WINDOWS\System32\awtsq.dll (file missing)
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\tbu12\toolbaru.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programme\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar3.dll
O3 - Toolbar: H&otbar - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Programme\HbTools\Bin\4.8.7.0\HbtHostIE.dll
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\System32\khooker.exe
O4 - HKLM\..\Run: [OpwareSE2] "C:\Programme\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ICQ Lite] "C:\Programme\ICQLite\ICQLite.exe" -minimize
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Programme\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Programme\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Programme\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Programme\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\System32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programme\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [WeatherOnTray] C:\Programme\HbTools\Bin\4.8.7.0\HbtWeatherOnTray.exe
O4 - HKLM\..\Run: [HbTools] C:\Programme\HbTools\Bin\4.8.7.0\HbtOEAddOn.exe
O4 - HKLM\..\Run: [satvlcxh] C:\WINDOWS\System32\zvoliwnq.exe
O4 - HKLM\..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe
O4 - HKLM\..\Run: [ISP] C:\Programme\sony\ISPselector\ISPselector.exe /SCHEDULER
O4 - HKLM\..\Run: [343593c4] rundll32.exe "C:\WINDOWS\System32\hsrsdssp.dll",sitypnow
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programme\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Programme\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [LDM] C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] C:\Programme\Logitech\Video\ManifestEngine.exe boot
O4 - HKCU\..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WEB.DE_WEB.DE Messenger] "C:\Programme\WEB.DE\WEB.DE Messenger\MESSENGR.EXE" /hide
O4 - HKCU\..\Run: [Skype] "C:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -trayboot
O4 - Global Startup: Acrobat Assistant.lnk = C:\Programme\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: FRITZ!DSL Startcenter.lnk = C:\Programme\FRITZ!DSL\StCenter.exe
O4 - Global Startup: Keyboard Closure Setup.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Microsoft-Indexerstellung.lnk = C:\Programme\Microsoft Office\Office\FINDFAST.EXE
O4 - Global Startup: Office-Start.lnk = C:\Programme\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: Remocon-Treiber.lnk = ?
O4 - Global Startup: VAIO Action Setup (Server).lnk = ?
O4 - Global Startup: WinManager.lnk = C:\Programme\PC-TV\WinManager\WinManager.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Programme\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Programme\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: Easy-WebPrint - Drucken - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint - Schnelldruck - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint - Vorschau - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint - Zu Druckliste hinzufügen - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Mobilen Favoriten erstellen... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.sony-europe.com/
O15 - Trusted Zone: *.sony-europe.com
O15 - Trusted Zone: *.sonystyle-europe.com
O15 - Trusted Zone: *.vaio-link.com
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) - https://www.wiso-sparbuch.de/wiso/aspx/wisoappl/Download/wficat.cab
O16 - DPF: {2EF3FB47-7B1E-4536-BA4D-51427BD45DFA} (Snapfish Drag and Drop upload plugin) - http://www.pixaco.de/static/download/pixacodndupload.cab
O16 - DPF: {59136DB4-6CA3-4B40-8F2F-BBF84B6F1E91} (Attachment Upload Control) - https://stream.web.de/mail/activex/mail_upload_11213.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab
O16 - DPF: {8C875948-9C60-4381-9248-0DF180542D53} (HbtInstObj) - http://installs.hotbar.com/installs/hbtools/programs/4.8.7.0/hbtools.cab
O16 - DPF: {AE2B937E-EA7D-4A8D-888C-B68D7F72A3C4} (IPSUploader4 Control) - http://as.photoprintit.de/ips-opdata/layout/default01/activex/IPSUploader4.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: awtsq - C:\WINDOWS\System32\awtsq.dll (file missing)
O20 - Winlogon Notify: ssqro - C:\WINDOWS\System32\ssqro.dll (file missing)
O20 - Winlogon Notify: sstqp - C:\WINDOWS\System32\sstqp.dll (file missing)
O20 - Winlogon Notify: vtstt - C:\WINDOWS\System32\vtstt.dll (file missing)
O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVM IGD CTRL Service - AVM Berlin - C:\Programme\FRITZ!DSL\IGDCTRL.EXE
O23 - Service: AVM FRITZ!web Routing Service (de_serv) - AVM Berlin - C:\Programme\Gemeinsame Dateien\AVM\de_serv.exe
O23 - Service: Giga Pocket Hardware Detector - Sony Corporation - C:\Programme\sony\giga pocket\shwserv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\programme\gemeinsame dateien\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: Sony TV Tuner Controller - Sony Corporation - C:\Programme\sony\giga pocket\halsv.exe
O23 - Service: Sony TV Tuner Manager - Sony Corporation - C:\Programme\sony\giga pocket\RM_SV.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\Sptisrv.exe
O23 - Service: VAIO Media Music Server (VAIOMediaPlatform-MusicServer-AppServer) - Unknown owner - C:\Programme\sony\vaio media music server\SSSvr.exe" /Service=VAIOMediaPlatform-MusicServer-AppServer /DisplayName="VAIO Media Music Server (file missing)
O23 - Service: VAIO Media Music Server (HTTP) (VAIOMediaPlatform-MusicServer-HTTP) - Unknown owner - C:\Programme\Gemeinsame Dateien\Sony Shared\vaio media platform\sv_httpd.exe" /Service=VAIOMediaPlatform-MusicServer-HTTP /RegRoot="Software\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\MusicServer\HTTP (file missing)
O23 - Service: VAIO Media Music Server (UPnP) (VAIOMediaPlatform-MusicServer-UPnP) - Sony Corporation - C:\Programme\Gemeinsame Dateien\Sony Shared\vaio media platform\UPnPFramework.exe
O23 - Service: VAIO Media Photo Server (VAIOMediaPlatform-PhotoServer-AppServer) - Sony Corporation - C:\Programme\sony\photo server\appsrv\PhotoAppSrv.exe
O23 - Service: VAIO Media Photo Server (HTTP) (VAIOMediaPlatform-PhotoServer-HTTP) - Unknown owner - C:\Programme\Gemeinsame Dateien\sony shared\vaio media platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-PhotoServer-HTTP /RegRoot="Software\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\PhotoServer\HTTP (file missing)
O23 - Service: VAIO Media Photo Server (UPnP) (VAIOMediaPlatform-PhotoServer-UPnP) - Sony Corporation - C:\Programme\Gemeinsame Dateien\sony shared\vaio media platform\UPnPFramework.exe
O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Unknown owner - C:\Programme\sony\giga pocket\GPVSvr.exe" /Service=VAIOMediaPlatform-VideoServer-AppServer /DisplayName="VAIO Media Video Server (file missing)
O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Unknown owner - C:\Programme\Gemeinsame Dateien\sony shared\vaio media platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-VideoServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\VideoServer\HTTP (file missing)
O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Programme\Gemeinsame Dateien\sony shared\vaio media platform\UPnPFramework.exe
O23 - Service: VundoFix Service (VundoFixSvc) - Atribune.org - C:\WINDOWS\SYSTEM32\VundoFixSVC.exe





also für mich ist das wie gesagt alles nur chinesisch. ich hoffe ihr könnt mir weiterhelfen oder braucht ihr noch mehr infos?

danke schonmal, Penneth

cosinus 12.10.2007 18:32
Hallo.

Ich glaube Vundo ist hier eher sekundär, du hast viel dringendere Probleme mit dem System:

Zitat:
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Dein System ist ungepatcht und somit verwundbar! Hier fehlt mindestens das SP2!

Zitat:
C:\Programme\HbTools\
hbtools - Spyware!

Code:
O2 - BHO: (no name) - {3E129AE1-2AE7-4EBD-BC42-A0A36BE6A0A4} - C:\WINDOWS\System32\ddabb.dll
O2 - BHO: TVEngine Helper /fleok=1D8A83A5C2E6107C91A475760EA83FA5EF80752B94E2 DD7A5B7A402A36C1 - {4B18DD50-C996-44fc-AC52-0FECFF82ED58} - c:\programme\hbtools\hbtv\hbtvhelper.dll
O2 - BHO: {e64a466b-f46b-db69-cb04-608a742db245} - {542bd247-a806-40bc-96bd-b64fb664a46e} - C:\WINDOWS\System32\gvaquvqj.dll (file missing)
O2 - BHO: HbTools - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Programme\HbTools\Bin\4.8.7.0\HbtHostIE.dll
O2 - BHO: (no name) - {97786002-2598-49C5-BBA9-30D1287ACDD3} - C:\WINDOWS\System32\sstqp.dll (file missing)
O2 - BHO: (no name) - {9B967F80-7190-420C-92CE-1DF0C5F2494D} - C:\WINDOWS\System32\ssqro.dll (file missing)
O2 - BHO: (no name) - {A99A4C6A-9F4D-45F0-B349-0E4C2D6E589A} - C:\WINDOWS\System32\vtstt.dll (file missing)
O2 - BHO: (no name) - {DC08A6BE-F324-4071-9704-9B1D479EEEDA} - C:\WINDOWS\System32\awtsq.dll (file missing)
O4 - HKLM\..\Run: [WeatherOnTray] C:\Programme\HbTools\Bin\4.8.7.0\HbtWeatherOnTray. exe
O4 - HKLM\..\Run: [HbTools] C:\Programme\HbTools\Bin\4.8.7.0\HbtOEAddOn.exe
O4 - HKLM\..\Run: [satvlcxh] C:\WINDOWS\System32\zvoliwnq.exe
O4 - HKLM\..\Run: [343593c4] rundll32.exe "C:\WINDOWS\System32\hsrsdssp.dll",sitypnow
O16 - DPF: {8C875948-9C60-4381-9248-0DF180542D53} (HbtInstObj) - http://installs.hotbar.com/installs/hbtools/programs/4.8.7.0/hbtools.cab
O20 - Winlogon Notify: awtsq - C:\WINDOWS\System32\awtsq.dll (file missing)
O20 - Winlogon Notify: ssqro - C:\WINDOWS\System32\ssqro.dll (file missing)
O20 - Winlogon Notify: sstqp - C:\WINDOWS\System32\sstqp.dll (file missing)
O20 - Winlogon Notify: vtstt - C:\WINDOWS\System32\vtstt.dll (file missing)
Angesichts der erdrückenden Menge von Schädlingseinträgen sowie fehlendem SP2, was erschwerend noch hinzukommt, kann ich dir nur ausdrücklich empfehlen, das System neu aufzusetzen!

Penneth 12.10.2007 19:13
hm mist, das hab ich fast befürchtet.
aber da komm ich dann wohl nicht drum rum. danke für die schnelle antwort.
noch irgendwelche tipps, was ich danach besser machen kann/soll.
was z.b. ist SP2 und wie komm ich dazu?

gruß, Penneth

cosinus 12.10.2007 22:36
SP2=Service Pack 2. Damit wird hier eigentlich immer das für Windows XP gemeint.
Solltest du alles hier finden. Den Rest im Zweifel da.
Wichtig ist nur, dass du erst dann wieder ins Internet gehst, wenn dein System abgesichert ist. Heißt: Mindestens SP2 muss installiert sein.


Alle Zeitangaben in WEZ +1. Es ist jetzt 19:48 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131