Vielleicht Infiziert [Archiv]

Archiv verlassen und diese Seite im Standarddesign anzeigen : Vielleicht Infiziert

Tarras Kent Je Nero

23.11.2007, 11:46

Ja habe ich hier ist er aber noch einmal:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:21:01, on 23.11.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
I:\WINDOWS\System32\smss.exe
I:\WINDOWS\system32\winlogon.exe
I:\WINDOWS\system32\services.exe
I:\WINDOWS\system32\lsass.exe
I:\WINDOWS\system32\svchost.exe
I:\WINDOWS\System32\svchost.exe
I:\WINDOWS\system32\ZoneLabs\vsmon.exe
I:\WINDOWS\Explorer.EXE
I:\WINDOWS\system32\LEXBCES.EXE
I:\WINDOWS\system32\LEXPPS.EXE
I:\WINDOWS\system32\spoolsv.exe
I:\Programme\AntiVir PersonalEdition Classic\avguard.exe
I:\Programme\AntiVir PersonalEdition Classic\sched.exe
X:\Programme\Grisoft\AVG Anti-Spyware 7.5\guard.exe
I:\Programme\cFosSpeed\spd.exe
I:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
I:\WINDOWS\system32\nvsvc32.exe
I:\WINDOWS\system32\oodag.exe
I:\WINDOWS\system32\PnkBstrA.exe
I:\WINDOWS\system32\PnkBstrB.exe
I:\WINDOWS\system32\PSIService.exe
I:\Programme\SiteAdvisor\6172\SAService.exe
I:\WINDOWS\system32\svchost.exe
J:\Programme\VMware\VMware Workstation\vmware-authd.exe
I:\Programme\Gemeinsame Dateien\VMware\VMware Virtual Image Editing\vmount2.exe
I:\WINDOWS\system32\vmnat.exe
I:\WINDOWS\system32\vmnetdhcp.exe
I:\Programme\AntiVir PersonalEdition Classic\avgnt.exe
I:\Programme\Zone Labs\ZoneAlarm\zlclient.exe
I:\Programme\FreePDF_XP\fpassist.exe
X:\Programme\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
I:\Programme\cFosSpeed\cFosSpeed.exe
I:\WINDOWS\system32\ctfmon.exe
I:\Programme\DAEMON Tools Pro\DTProAgent.exe
I:\Programme\TechniSat DVB\bin\Server4PC.exe
I:\Programme\T-Online\DSL-Manager\DslMgr.exe
I:\Programme\TechniSat DVB\bin\Server4PC.exe
I:\Programme\T-Online\DSL-Manager\DslMgrSvc.exe
I:\Programme\Trillian\trillian.exe
I:\Programme\Hamachi\hamachi.exe
I:\Programme\Mozilla Firefox\firefox.exe
I:\Programme\Teamspeak2_RC2\TeamSpeak.exe
I:\Programme\Trend Micro\HijackThis\HijackThis.exe
I:\WINDOWS\system32\NOTEPAD.EXE
I:\WINDOWS\system32\NOTEPAD.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.daemonsearch.com/de/ý
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - I:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - I:\Programme\SiteAdvisor\6172\SiteAdv.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - I:\Programme\Java\jre1.6.0_03\bin\ssv.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - I:\Programme\SiteAdvisor\6172\SiteAdv.dll
O4 - HKLM\..\Run: [avgnt] "I:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [ZoneAlarm Client] "I:\Programme\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE I:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [FreePDF Assistant] I:\Programme\FreePDF_XP\fpassist.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "X:\Programme\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [cFosSpeed] I:\Programme\cFosSpeed\cFosSpeed.exe
O4 - HKCU\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "I:\Programme\DAEMON Tools Pro\DTProAgent.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: DSL-Manager.lnk = I:\Programme\T-Online\DSL-Manager\DslMgr.exe
O4 - Global Startup: Server4PC.lnk = I:\Programme\TechniSat DVB\bin\Server4PC.exe
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://I:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - I:\Programme\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - I:\Programme\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - I:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - I:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - I:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Programme\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{4142DFEA-0A18-41DA-BB12-16E2B07E75AC}: NameServer = 194.25.2.129,194.25.2.130,194.25.2.131,194.25.2.13 2,194.25.2.133,194.25.2.134,134.96.7.7
O17 - HKLM\System\CS1\Services\Tcpip\..\{4142DFEA-0A18-41DA-BB12-16E2B07E75AC}: NameServer = 194.25.2.129,194.25.2.130,194.25.2.131,194.25.2.13 2,194.25.2.133,194.25.2.134,134.96.7.7
O17 - HKLM\System\CS2\Services\Tcpip\..\{4142DFEA-0A18-41DA-BB12-16E2B07E75AC}: NameServer = 194.25.2.129,194.25.2.130,194.25.2.131,194.25.2.13 2,194.25.2.133,194.25.2.134,134.96.7.7
O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - I:\Programme\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - I:\Programme\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - X:\Programme\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: cFosSpeed System Service (cFosSpeedS) - cFos Software GmbH - I:\Programme\cFosSpeed\spd.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - I:\Programme\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - I:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - I:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - I:\Programme\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - I:\Programme\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: NMIndexingService - Nero AG - I:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - I:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - I:\WINDOWS\system32\oodag.exe
O23 - Service: PnkBstrA - Unknown owner - I:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - I:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: ProtexisLicensing - Unknown owner - I:\WINDOWS\system32\PSIService.exe
O23 - Service: SiteAdvisor-Dienst (SiteAdvisor Service) - Unknown owner - I:\Programme\SiteAdvisor\6172\SAService.exe
O23 - Service: DSL-Manager (TDslMgrService) - T-Systems Enterprise Services GmbH - I:\Programme\T-Online\DSL-Manager\DslMgrSvc.exe
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - J:\Programme\VMware\VMware Workstation\vmware-ufad.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - J:\Programme\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - I:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - I:\Programme\Gemeinsame Dateien\VMware\VMware Virtual Image Editing\vmount2.exe
O23 - Service: VMware NAT Service - VMware, Inc. - I:\WINDOWS\system32\vmnat.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - I:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 7964 bytes