| |
| |||||||
Log-Analyse und Auswertung: Mein LogfileWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
10.02.2005, 23:35
| #1 |
 |  Mein Logfile Logfile of HijackThis v1.99.0 Scan saved at 23:32:56, on 10.02.2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Programme\AVPersonal\AVGUARD.EXE C:\FoxServ\Apache\bin\Apache.exe C:\Programme\AVPersonal\AVWUPSRV.EXE C:\WINDOWS\System32\drivers\CDAC11BA.EXE C:\FoxServ\Apache\bin\Apache.exe C:\WINDOWS\System32\soft.exe C:\PROGRA~1\T-DSLS~1\SpeedMgr.exe C:\WINDOWS\mHotkey.exe C:\WINDOWS\System32\VNICMon.exe C:\WINDOWS\System32\atiptaxx.exe C:\Programme\Java\j2re1.4.2_03\bin\jusched.exe C:\Programme\Hewlett-Packard\HP Software Update\HPWuSchd.exe C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe C:\Programme\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\Programme\QuickTime\qttask.exe C:\Programme\MSN Apps\Updater\01.02.3000.1001\de\msnappau.exe C:\WINDOWS\System32\P2P Networking\P2P Networking.exe C:\program files\altnet\points manager\points manager.exe C:\WINDOWS\javaro.exe C:\WINDOWS\isrvs\desktop.exe C:\WINDOWS\System32\gcdclien.exe C:\Program Files\AutoUpdate\AutoUpdate.exe C:\Programme\AVPersonal\AVGNT.EXE C:\Programme\MSN Messenger\msnmsgr.exe C:\WINDOWS\System32\forctrs.exe C:\PROGRA~2\Altnet\DOWNLO~1\asm.exe C:\WINDOWS\javatx.exe C:\WINDOWS\javatx.exe C:\Programme\Internet Explorer\iexplore.exe C:\Programme\Internet Explorer\iexplore.exe C:\Programme\Internet Explorer\iexplore.exe C:\Programme\mozilla.org\Mozilla\mozilla.exe C:\Dokumente und Einstellungen\Madrid\Eigene Dateien\Meine empfangenen Dateien\hijackthis199\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R3 - Default URLSearchHook is missing F3 - REG:win.ini: run=C:\WINDOWS\System32\soft.exe O2 - BHO: (no name) - {21258EF1-13DE-0334-9DB4-2B3E344FFB37} - C:\WINDOWS\addku.dll O2 - BHO: IE Update Class - {5B4AB8E2-6DC5-477A-B637-BF3C1A2E5993} - C:\WINDOWS\isrvs\sysupd.dll O2 - BHO: (no name) - {B75F75B8-93F3-429D-FF34-660B206D897A} - C:\WINDOWS\System32\boln.dll O4 - HKLM\..\Run: [T-DSL SpeedMgr] "C:\PROGRA~1\T-DSLS~1\SpeedMgr.exe" O4 - HKLM\..\Run: [CHotKey] mHotkey.exe O4 - HKLM\..\Run: [NIC Monitor] VNICMon.exe O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\j2re1.4.2_03\bin\jusched.exe O4 - HKLM\..\Run: [HP Software Update] "C:\Programme\Hewlett-Packard\HP Software Update\HPWuSchd.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe O4 - HKLM\..\Run: [DeviceDiscovery] C:\Programme\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe O4 - HKLM\..\Run: [sdkin.exe] C:\WINDOWS\system32\sdkin.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Andware Defence] Zsoft32.exe O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART O4 - HKLM\..\Run: [SearchUpgrader] C:\Programme\Common files\SearchUpgrader\SearchUpgrader.exe O4 - HKLM\..\Run: [javaro.exe] C:\WINDOWS\javaro.exe O4 - HKLM\..\Run: [8ED.tmp] C:\DOKUME~1\Madrid\LOKALE~1\Temp\8ED.tmp.exe 1 10001 O4 - HKLM\..\Run: [Web Service] C:\WINDOWS\System32\sm.exe O4 - HKLM\..\Run: [Desktop Search] C:\WINDOWS\isrvs\desktop.exe O4 - HKLM\..\Run: [ffis] C:\WINDOWS\isrvs\ffisearch.exe O4 - HKLM\..\Run: [Systems Restart] Rundll32.exe boln.dll, DllRegisterServer O4 - HKLM\..\Run: [p3rO36h] gcdclien.exe O4 - HKLM\..\Run: [AVGCtrl] C:\Programme\AVPersonal\AVGNT.EXE /min O4 - HKLM\..\Run: [antiware] c:\windows\system32\elitetry32.exe O4 - HKLM\..\RunServices: [Andware Defence] Zsoft32.exe O4 - HKLM\..\RunOnce: [javatx.exe] C:\WINDOWS\javatx.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Programme\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Web Service] C:\WINDOWS\System32\sm.exe O4 - HKCU\..\Run: [Y00ERWNsX] forctrs.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\MSMSGS.EXE O12 - Plugin for .pdf: C:\Programme\Internet Explorer\PLUGINS\nppdf32.dll O15 - Trusted Zone: *.f1organizer.com O15 - Trusted Zone: *.finefind.nettraffic2cash.biz O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab27571.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab27571.cab O16 - DPF: {40BF816B-D862-41B9-9445-ECA36D5F67F7} (Flatcast Viewer 4.10) - http://www.1mal1.com/flatcast/NpFv410.dll O16 - DPF: {40BF816B-D862-41B9-9445-ECA36D5F67F9} (Flatcast Viewer 4.12) - http://www.1mal1.com/flatcast/NpFv412.dll O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab27571.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary...n.cab27571.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{102908F9-D770-4FCD-A538-07A4BE52CF75}: NameServer = 192.168.2.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{102908F9-D770-4FCD-A538-07A4BE52CF75}: NameServer = 192.168.2.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{102908F9-D770-4FCD-A538-07A4BE52CF75}: NameServer = 192.168.2.1 O18 - Filter: text/html - {950238FB-C706-4791-8674-4D429F85897E} - C:\WINDOWS\isrvs\mfiltis.dll O23 - Service: AntiVir Service - H+BEDV Datentechnik GmbH - C:\Programme\AVPersonal\AVGUARD.EXE O23 - Service: Apache - Apache Software Foundation - C:\FoxServ\Apache\bin\Apache.exe O23 - Service: AntiVir Update - H+BEDV Datentechnik GmbH, Germany - C:\Programme\AVPersonal\AVWUPSRV.EXE O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE O23 - Service: hpdj - HP - C:\DOKUME~1\Madrid\LOKALE~1\Temp\hpdj.exe O23 - Service: MySql - Unknown - C:/FoxServ/mysql/bin/mysqld-nt.exe O23 - Service: Remote Procedure Call (RPC) Helper - Unknown - C:\WINDOWS\javatx.exe Was soll ich fixen ??? |
| Themen zu Mein Logfile |
| .pdf, antivir, antivir update, askbar, bho, dateien, drivers, einstellungen, explorer, helper, hijack, hijackthis, icq, internet, internet explorer, logfile, messenger, microsoft, monitor, msn, msn messenger, programme, rundll, software, sun java, system, system32, temp, urlsearchhook, windows, windows xp, windows\system32\drivers |
Baum-Darstellung