Zurück   Trojaner-Board > Archiv - Kein Posten möglich > Mülltonne

Mülltonne: Virus/Trojaner?

Windows 7 Beiträge, die gegen unsere Regeln verstoßen haben, solche, die die Welt nicht braucht oder sonstiger Müll landet hier in der Mülltonne...

 
Alt 17.11.2008, 09:11   #1
Pase
 
Virus/Trojaner? - Standard

Virus/Trojaner?



Hallo Trojaner-Board-Team,

ich hoffe Ihr könnt mir wieder helfen. Ich habe eine Internetseite besucht um Infos über ein Soundtrack zu nem Film zu bekommen.
Danach meldete sich mein Symantec AntiVirus in 5-Min Takt und blockte ein Trojaner nach dem Anderen.
Ich hab den Symantec scan laufen lassen und nun nun erscheinen keine Meldungen mehr.
Aber ich bin mir da noch sehr unsicher.

Gruß

Patrick

Mein Logfile:

Code:
ATTFilter
 Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:45:54, on 17.11.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Portrait Displays\HP Display Assistant\DTSRVC.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Hewlett-Packard\PC COE 3\OV CMS\radexecd.exe
C:\Program Files\Hewlett-Packard\PC COE 3\OV CMS\radsched.exe
C:\Program Files\Hewlett-Packard\PC COE 3\OV CMS\Radstgms.exe
C:\Program Files\Symantec AntiVirus\SavRoam.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
C:\Program Files\Hewlett-Packard\PC COE\IDA.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Portrait Displays\HP Display Assistant\DTHtml.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe
C:\Program Files\NETGEAR\WG511v2\WG511v2.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = 

http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = 

http://athp.germany.hp.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.web.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://athp.hp.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet 

Explorer provided by Hewlett-Packard
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 

localhost:6464
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common Files\Roxio 

Shared\System\EngUtil.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6

\DragToDisc\DrgToDsc.exe"
O4 - HKLM\..\Run: [IDA] C:\Program Files\Hewlett-Packard\PC COE\IDA.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe 

/Start
O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software 

Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3

\hpztsb09.exe
O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital 

Imaging\bin\hpotdd01.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [DT Task] C:\Program Files\Portrait Displays\HP Display 

Assistant\DTHtml.exe -startup_folder
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0

\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef 

/Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2

\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - Global Startup: NETGEAR WG511v2 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG511v2

\WG511v2.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2

\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2

\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32

\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network 

Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - 

C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6

\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program 

Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program 

Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - 

C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://athp.hp.com
O15 - Trusted Zone: http://ie.config.asia.compaq.com
O15 - Trusted Zone: http://ie.config.eur.compaq.com
O15 - Trusted Zone: http://ie.config.im.hou.compaq.com
O15 - Trusted Zone: http://ie.config.jp.compaq.com
O15 - Trusted Zone: http://*.compaq.com
O15 - Trusted Zone: *.cpqcorp.net
O15 - Trusted Zone: http://*.dcu.org
O15 - Trusted Zone: http://ie.config.ecom.dec.com
O15 - Trusted Zone: http://*.dec.com
O15 - Trusted Zone: *.hp.com
O15 - Trusted Zone: http://*.hpe-learning.com
O15 - Trusted Zone: *.hpqcorp.net
O15 - Trusted Zone: *.hpshopping.com
O15 - Trusted Zone: http://ie.config.tandem.com
O15 - Trusted Zone: http://*.tandem.com
O15 - Trusted Zone: http://ie.config.asia.compaq.com (HKLM)
O15 - Trusted Zone: http://ie.config.eur.compaq.com (HKLM)
O15 - Trusted Zone: http://ie.config.im.hou.compaq.com (HKLM)
O15 - Trusted Zone: http://ie.config.jp.compaq.com (HKLM)
O15 - Trusted Zone: http://ie.config.ecom.dec.com (HKLM)
O15 - Trusted Zone: http://ie.config.tandem.com (HKLM)
O16 - DPF: {00000006-9593-4264-8B29-930B3E4EDCCD} (HPVirtualRooms6 Class) - 

h**ps://www.rooms.hp.com/vRoom_Cab/WebHPVCInstall6.cab
O16 - DPF: {00000008-9593-4264-8B29-930B3E4EDCCD} (HPVirtualRooms8 Class) - 

h**ps://www.rooms.hp.com/vRoom_Cab/WebHPVCInstall8.cab
O16 - DPF: {253A9D23-F982-11D4-8BE4-00D0B7E61414} (SiebelHTMLApplication Class) - 

h**p://emeasblprod.emea.hp.com/callcenter_enu/16192/applets/siebelhtml.cab
O16 - DPF: {59136DB4-6CA3-4B40-8F2F-BBF84B6F1E91} (Attachment Upload Control) - 

h**ps://stream.web.de/mail/activex/mail_upload_11213.cab
O16 - DPF: {5BAC1200-0BBE-499A-A9E9-5F334DBC8E89} (Executive Viewer Web Client 5.1 

(English)) - h**p://olap-dev.grenoble.hp.com/ev/evctrl5en.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - 

h**p://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?

1219069672328
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - 

h**p://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {739A95E1-3942-47B8-BC5A-E53F68E9EE99} (Siebel Option Pack for IE 7.5.3) - 

h**p://emeasblprod.emea.hp.com/callcenter_enu/16192/applets/SiebelOptionPack.cab
O16 - DPF: {8F4F3368-54CA-4268-8225-0F4367472CF4} (MailClient Class) - 

h**p://emeasblprod.emea.hp.com/callcenter_enu/16192/applets/SiebExtMailClient.cab
O16 - DPF: {AE2B937E-EA7D-4A8D-888C-B68D7F72A3C4} (IPSUploader4 Control) - 

h**p://as.photoprintit.de/ips-opdata/layout/default01/activex/IPSUploader4.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - 

h**p://game11.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {E876D003-BCDE-11D3-9131-000094B61529} (ERPageAddin Class) - 

h**ps://eroom3.external.hp.com/eroomsetup/client.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = emea.cpqcorp.net
O17 - HKLM\Software\..\Telephony: DomainName = emea.hpqcorp.net
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = emea.cpqcorp.net
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = 

EMEA.cpqcorp.net,EMEA.hpqcorp.net,hpqcorp.net,cpqcorp.net
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = emea.cpqcorp.net
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = 

EMEA.cpqcorp.net,EMEA.hpqcorp.net,hpqcorp.net,cpqcorp.net
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = 

EMEA.cpqcorp.net,EMEA.hpqcorp.net,hpqcorp.net,cpqcorp.net
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program 

Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program 

Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - 

C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Program 

Files\Portrait Displays\HP Display Assistant\DTSRVC.exe
O23 - Service: hpdj - Unknown owner - C:\DOCUME~1\XXX\LOCALS~1\Temp\hpdj.exe (file missing)
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - 

C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program 

Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1

\LUCOMS~1.EXE
O23 - Service: Lan Discover Agent (magaService) - Unknown owner - C:\Program 

Files\Sygate\SSA\maga\maga.exe (file missing)
O23 - Service: PictureTaker - LANovation - C:\WINDOWS\system32\PCTKRNT.SYS
O23 - Service: Radia Notify Daemon (radexecd) - Hewlett-Packard - C:\Program Files\Hewlett-

Packard\PC COE 3\OV CMS\radexecd.exe
O23 - Service: Radia Scheduler Daemon (radsched) - Hewlett-Packard - C:\Program 

Files\Hewlett-Packard\PC COE 3\OV CMS\radsched.exe
O23 - Service: Radia MSI Redirector (Radstgms) - Hewlett-Packard - C:\Program Files\Hewlett

-Packard\PC COE 3\OV CMS\Radstgms.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec 

AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - 

C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common 

Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec 

AntiVirus\Rtvscan.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32

\ZoneLabs\vsmon.exe

--
End of file - 12157 bytes
         

 

Themen zu Virus/Trojaner?
adobe, antivirus, application, bho, excel, explorer, hijack, hijackthis, hotkey, internet explorer, lan, launch, logfile, messenger, microsoft, monitor, netgear, object, scan, software, sound, soundtrack, symantec, system, temp, virus/trojaner, windows, windows xp, windows xp sp3, wmi, xp sp3



Ähnliche Themen: Virus/Trojaner?


  1. Werbung-Virus, Virus, Trojaner?
    Plagegeister aller Art und deren Bekämpfung - 25.12.2014 (1)
  2. W 8.1,Trojaner kann von mir nicht entfernt werden.Virus: Trojan.GenericKD.1673711 (Engine A),Virus: Win32.Trojan.Pirpi.A (Engine B)
    Plagegeister aller Art und deren Bekämpfung - 21.08.2014 (3)
  3. GVU Trojaner / Virus?
    Plagegeister aller Art und deren Bekämpfung - 06.02.2014 (11)
  4. DOJ Virus Trojaner
    Plagegeister aller Art und deren Bekämpfung - 11.03.2013 (3)
  5. BKA Virus Trojaner
    Plagegeister aller Art und deren Bekämpfung - 05.10.2012 (17)
  6. Nach Virus/Trojaner-Befall nun "sauber"? (GEMA Virus)
    Plagegeister aller Art und deren Bekämpfung - 05.09.2012 (17)
  7. Windows 7 (64bit) Virus/Trojaner (evtl. Windows Verschlüsselungs Trojaner)
    Plagegeister aller Art und deren Bekämpfung - 07.05.2012 (19)
  8. Trojaner? Virus?
    Plagegeister aller Art und deren Bekämpfung - 24.02.2012 (1)
  9. Trojaner/Virus!
    Log-Analyse und Auswertung - 07.06.2011 (13)
  10. BKA-Trojaner-Virus
    Plagegeister aller Art und deren Bekämpfung - 24.05.2011 (4)
  11. AVG Anti Virus free meldet Virus PSW.Generic7.BWMP, Virus läßt sich nicht beseitigen
    Plagegeister aller Art und deren Bekämpfung - 30.10.2010 (21)
  12. Trojaner, Virus ?
    Plagegeister aller Art und deren Bekämpfung - 30.09.2010 (9)
  13. Virus/Trojaner
    Log-Analyse und Auswertung - 23.02.2010 (13)
  14. Trojaner, Virus ?
    Log-Analyse und Auswertung - 18.10.2009 (1)
  15. virus remover 2008 = Virus oder trojaner
    Plagegeister aller Art und deren Bekämpfung - 01.01.2009 (4)
  16. Probleme mit Virus, Trojaner: networm-i.virus@fp, PSW.x-Vir trojan, ...@ms
    Log-Analyse und Auswertung - 07.08.2007 (11)
  17. Trojaner Virus??
    Plagegeister aller Art und deren Bekämpfung - 05.02.2007 (5)

Zum Thema Virus/Trojaner? - Hallo Trojaner-Board-Team, ich hoffe Ihr könnt mir wieder helfen. Ich habe eine Internetseite besucht um Infos über ein Soundtrack zu nem Film zu bekommen. Danach meldete sich mein Symantec AntiVirus - Virus/Trojaner?...
Archiv
Du betrachtest: Virus/Trojaner? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.