Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Bitte um Überprüfung (https://www.trojaner-board.de/18831-bitte-um-uberpruefung.html)

shocker79 10.06.2005 22:24
Bitte um Überprüfung
 
Hallo Leute,

habe soeben folgendes Logfile erstellt. Meine Probleme sien Win XP Login nach eingabe von Passwort passiert eine Minute nichts. WLAN und BT sind aus. Ins Internet gehe ich über eine UMTS Karte Verbindung steht aber es dauert 50 sec. bis Daten meiner Anfrage (aufruf einer Webseite z.B. google) gesendet werden. Außerdem bekomme ich werbe Popups This is ad... und werbepopups von doubleclick. Ad Aware habe ich aktuell und drüberlaufen lassen. findet nur cocies spybot ver.1.4 findet was bereinigt es und hat es beim nächten booten wieder. Bitte helft mir... Im Hijackthis ver. 1.99 finde ich nichts auffälliges...


Logfile of HijackThis v1.99.1
Scan saved at 22:36:46, on 10.06.2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WIN\System32\smss.exe
C:\WIN\system32\winlogon.exe
C:\WIN\system32\services.exe
C:\WIN\system32\lsass.exe
C:\WIN\system32\svchost.exe
C:\WIN\System32\svchost.exe
C:\WIN\system32\spoolsv.exe
C:\Program Files\Fujitsu Siemens\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\DeskView\SMSAgent\SMSAgent.exe
C:\PROGRA~1\DeskView\DNAgent\DNAgent.Exe
D:\Programme\Scout NG\ELUXD.exe
C:\Program Files\NetWorker Laptop\OLlaunch.exe
C:\WIN\System32\logonuser.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\OfficeScan NT\ntrtscan.exe
C:\WIN\Explorer.EXE
C:\Program Files\OfficeScan NT\OfcPfwSvc.exe
C:\Program Files\NetWorker Laptop\OLRegCap.EXE
C:\Program Files\OfficeScan NT\tmlisten.exe
C:\WIN\System32\CCM\CcmExec.exe
C:\WIN\TEMP\TN8B70.EXE
C:\WIN\System32\msiexec.exe
C:\WIN\System32\igfxtray.exe
C:\WIN\System32\hkcmd.exe
C:\WIN\AGRSMMSG.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\OfficeScan NT\pccntmon.exe
C:\WIN\system32\userinit.exe
D:\Programme\iTouch\iTouch\iTouch.exe
C:\WIN\Logi_MwX.Exe
D:\programme\QuickTime6\qttask.exe
D:\PROGRA~1\ACDSee\DEVDET~1\DEVDET~1.EXE
C:\Program Files\Intuwave\Shared\mRouterRunTime\mRouterConfig.exe
C:\Program Files\Intuwave\Shared\mRouterRunTime\mRouterRuntime.exe
C:\Program Files\Support.com\bin\tgcmd.exe
C:\WIN\switpa.exe
C:\Program Files\T-Mobile\Communication Center\AutoUpdateSrv.exe
C:\WIN\System32\ctfmon.exe
C:\WIN\AntSwitch.exe
C:\Program Files\Fujitsu Siemens\Bluetooth Software\BTTray.exe
C:\Program Files\DeTeWe\TA 33 USB\Capictrl.exe
C:\Program Files\Cisco Systems\VPN Client\vpngui.exe
C:\Program Files\winzip\WZQKPICK.EXE
C:\Program Files\NetWorker Laptop\OLSysTray.exe
D:\Programme\Messenger\ymsgr_tray.exe
C:\PROGRA~1\WINZIP\winzip32.exe
D:\temp\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://my.fsc.net/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://proxyconf.fsc.net/xstop.pac
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 172.25.80.198:81
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WIN\System32\msdxm.ocx
O4 - HKLM\..\Run: [IgfxTray] C:\WIN\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WIN\System32\hkcmd.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [SchedulingAgent] mstinit.exe /firstlogon
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [cryptoex] C:\Program Files\CryptoEx Security Suite\cex_t.exe
O4 - HKLM\..\Run: [IO-Monitor] "C:\Program Files\OfficeScan NT\pccntmon.exe" -HideWindow
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WIN\system32\NeroCheck.exe
O4 - HKLM\..\Run: [zBrowser Launcher] D:\Programme\iTouch\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [QuickTime Task] "D:\programme\QuickTime6\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Camera Detector] D:\PROGRA~1\ACDSee\DEVDET~1\DEVDET~1.EXE -autorun
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [mRouterConfig] C:\Program Files\Intuwave\Shared\mRouterRunTime\mRouterConfig.exe
O4 - HKLM\..\Run: [routcnf] C:\Program Files\DeTeWe\TA 33 USB\routcnf.exe
O4 - HKLM\..\Run: [tgcmd] "C:\Program Files\Support.com\bin\tgcmd.exe" /server /startmonitor
O4 - HKLM\..\Run: [switp] C:\WIN\switpa.exe
O4 - HKLM\..\Run: [Connect Update Agent] "C:\Program Files\T-Mobile\Communication Center\AutoUpdateSrv.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WIN\System32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] D:\Programme\Messenger\ypager.exe -quiet
O4 - Startup: Legato TaskBar Icon.LNK = C:\Program Files\NetWorker Laptop\OLSysTray.exe
O4 - Global Startup: AntSwitch.lnk = C:\WIN\AntSwitch.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: CAPIControl.lnk = ?
O4 - Global Startup: Cisco Systems VPN Client.lnk = C:\Program Files\Cisco Systems\VPN Client\vpngui.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\winzip\WZQKPICK.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Senden an &Bluetooth - C:\Program Files\Fujitsu Siemens\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ 4.1 - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Fujitsu Siemens\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Fujitsu Siemens\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - D:\PROGRA~1\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - D:\PROGRA~1\MESSEN~1\YPager.exe
O14 - IERESET.INF: START_PAGE_URL=http://my.fsc.net/
O15 - Trusted Zone: fujitsu-siemens.amdahl-autinform.de
O15 - Trusted Zone: *.bahn.de
O15 - Trusted Zone: v7.e-tmm.com
O15 - Trusted Zone: http://service.fsc.net
O15 - Trusted Zone: ecrm.fujitsu-siemens.com
O15 - Trusted Zone: ecrm.fujitsu-siemes.com
O15 - Trusted Zone: components.viewpoint.com
O15 - Trusted Zone: fujitsu-siemens.webex.com
O15 - Trusted Zone: www.wwworkplace.com
O15 - Trusted Zone: fujitsu-siemens.amdahl-autinform.de (HKLM)
O15 - Trusted Zone: *.bahn.de (HKLM)
O15 - Trusted Zone: ecrm.fujitsu-siemes.com (HKLM)
O15 - Trusted Zone: components.viewpoint.com (HKLM)
O15 - Trusted Zone: fujitsu-siemens.webex.com (HKLM)
O15 - Trusted Zone: www.wwworkplace.com (HKLM)
O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab
O16 - DPF: {01111F00-3E00-11D2-8470-0060089874ED} (Support.com Installer) - http://abgzsu1a.abg.fsc.net/sdccommon/download/tgctlins.cab
O16 - DPF: {11D856F0-5660-4371-B131-C71A44F4E73E} (Microsoft ActiveX Upload Control, version 1.5) - http://service.fsc.net/supportassistent/files/flupl.cab
O16 - DPF: {18B51E93-4F69-4601-87AB-36B477DB8AB1} (Siebel Option Pack for IE 7.5.3) - http://erm.fsc.net/erm_deu/16186/applets/SiebelOptionPack.cab
O16 - DPF: {1EEBFE70-1CE8-11D6-8C81-00D0B7E72554} (MailClient Class) - http://ecrm.fujitsu-siemens.com/fsc_ecrm_deu/16161/applets/SiebExtMailClient.cab
O16 - DPF: {253A9D23-F982-11D4-8BE4-00D0B7E61414} (SiebelHTMLApplication Class) - http://ecrm.fujitsu-siemens.com/fsc_ecrm_deu/16161/applets/siebelhtml.cab
O16 - DPF: {3BE05871-C708-4F28-94FF-12E5F82DE085} (Siebel Option Pack for IE 7.5.3) - http://ecrm.fujitsu-siemens.com/fsc_ecrm_deu/16192/applets/SiebelOptionPack.cab
O16 - DPF: {84147158-773D-4E89-AAEF-561EC76DA3DC} (Siebel Option Pack for IE 7.5.3) - http://ecrm.fujitsu-siemens.com/fsc_ecrm_deu/16192/applets/SiebelOptionPack.cab
O16 - DPF: {886E7BF0-C867-11CF-B1AE-00AA00A3F2C3} - http://service.fsc.net/supportassistent/files/flupl.cab
O16 - DPF: {8E4D45F6-244E-499A-9E93-1E7510A975FB} (Siebel Option Pack for IE 7.5.3) - http://ecrm.fujitsu-siemens.com/fsc_ecrm_deu/16161/applets/SiebelOptionPack.cab
O16 - DPF: {8F4F3368-54CA-4268-8225-0F4367472CF4} (MailClient Class) - http://ecrm.fujitsu-siemens.com/fsc_ecrm_deu/16192/applets/SiebExtMailClient.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://fujitsu-siemens.webex.com/client/latest/webex/ieatgpc.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = hvr.fsc.net
O17 - HKLM\Software\..\Telephony: DomainName = hvr.fsc.net
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = hvr.fsc.net
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = hvr.fsc.net
O18 - Protocol: t-mobile - {C6D89159-3467-4C2F-9918-3362DA57BCD2} - C:\PROGRA~1\T-Mobile\HOTSPO~1\TMOBIL~1.DLL
O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WIN\System32\BTXPPA~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WIN\SYSTEM32\igfxsrvc.dll
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\Fujitsu Siemens\Bluetooth Software\bin\btwdins.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: DeskView Data Provider (DataProv) - Fujitsu Siemens Computers - C:\Program Files\DeskView\SMSAgent\SMSAgent.exe
O23 - Service: DeskView Agent - Fujitsu Siemens Computers - C:\PROGRA~1\DeskView\DNAgent\DNAgent.Exe
O23 - Service: Scout NG - Server (ELUXD) - UniCon Software - D:\Programme\Scout NG\ELUXD.exe
O23 - Service: Legato NetWorker Laptop Launcher (LegatoLauncher) - Legato Systems, Inc. - C:\Program Files\NetWorker Laptop\OLlaunch.exe
O23 - Service: License Management Service ESD - element5 - C:\Program Files\Common Files\element5 Shared\Service\Licence Manager ESD.exe
O23 - Service: Logon User Service (LogonUserService) - Guardeonic Solutions AG - C:\WIN\System32\logonuser.exe
O23 - Service: DeskView MT Alerting Service (MTAlerting) - Fujitsu Siemens Computers - C:\PROGRA~1\DeskView\DVCC\MTALER~1.EXE
O23 - Service: OfficeScan RealTime Scan (ntrtscan) - Trend Micro Inc. - C:\Program Files\OfficeScan NT\ntrtscan.exe
O23 - Service: OfficeScanNT Personal Firewall (OfcPfwSvc) - Trend Micro Inc. - C:\Program Files\OfficeScan NT\OfcPfwSvc.exe
O23 - Service: Networker Laptop RegCap (OLRegCap) - Legato Systems, Inc. - C:\Program Files\NetWorker Laptop\OLRegCap.EXE
O23 - Service: OfficeScan Listener (tmlisten) - Trend Micro Inc. - C:\Program Files\OfficeScan NT\tmlisten.exe

Vielen Dank für eure Hilfe!!!
_____________
Anm.
Aktive Links editiert!
Beachte zukünftig die Hinweise dieser Anleitung: HiJackThis.


LG Cidre
S-Mod TB


Alle Zeitangaben in WEZ +1. Es ist jetzt 00:18 Uhr.

Copyright ©2000-2024, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129