Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Bitte dieses HJT-Log auswerten (https://www.trojaner-board.de/19527-bitte-hjt-log-auswerten.html)

killerbirke 04.07.2005 15:26
Bitte dieses HJT-Log auswerten
 
Hallo,
könnt ihr damit was anfangen?

Logfile of HijackThis v1.99.1
Scan saved at 16:17:28, on 04.07.2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\AVPersonal\AVGUARD.EXE
C:\Programme\AVPersonal\AVWUPSRV.EXE
C:\PROGRA~1\Serv-U\SERVUD~1.EXE
C:\Programme\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\rdpclip.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\S3apphk.exe
C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Programme\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Intel\Intel(R) Active Monitor\imontray.exe
C:\PROGRA~1\WinFax\WFXSWTCH.exe
C:\WINDOWS\System32\wfxsnt40.exe
C:\Programme\AVPersonal\AVGNT.EXE
C:\WINDOWS\System32\intel32.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Programme\WinFax\WFXCTL32.EXE
D:\Daten\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
O1 - Hosts: 62.75.224.159 www.bns1.net
O1 - Hosts: 62.75.224.159 www.bns2.net
O1 - Hosts: 62.75.224.159 www.bns3.net
O1 - Hosts: 62.75.224.159 www.bns4.net
O1 - Hosts: 62.75.224.159 www.bns5.net
O1 - Hosts: 62.75.224.159 www.bns6.net
O1 - Hosts: 62.75.224.159 www.bns7.net
O1 - Hosts: 62.75.224.159 www.bns8.net
O1 - Hosts: 62.75.224.159 www.cms1.net
O1 - Hosts: 62.75.224.159 www.cms2.net
O1 - Hosts: 62.75.224.159 www.cms3.net
O1 - Hosts: 62.75.224.159 www.cms4.net
O1 - Hosts: 62.75.224.159 www.cms5.net
O1 - Hosts: 62.75.224.159 www.cms6.net
O1 - Hosts: 62.75.224.159 www.cms7.net
O1 - Hosts: 62.75.224.159 www.cms8.net
O1 - Hosts: 62.75.224.159 www.rg1.com
O1 - Hosts: 62.75.224.159 www.rg2.com
O1 - Hosts: 62.75.224.159 www.rg3.com
O1 - Hosts: 62.75.224.159 www.rg4.com
O1 - Hosts: 62.75.224.159 www.rg5.com
O1 - Hosts: 62.75.224.159 www.rg6.com
O1 - Hosts: 62.75.224.159 www.rg7.com
O1 - Hosts: 62.75.224.159 www.rg8.com
O1 - Hosts: 62.75.224.159 jcms.cydoor.com
O1 - Hosts: 62.75.224.159 cydoor.com
O1 - Hosts: 62.75.224.159 jnova.cjt1.net
O1 - Hosts: 62.75.224.159 jcontent.bns1.m7z.net
O1 - Hosts: 62.75.224.159 j.2004CMS.com
O1 - Hosts: 62.75.224.159 2004CMS.com
O1 - Hosts: 62.75.224.159 bns1.m7z.net
O1 - Hosts: 62.75.224.159 m7z.net
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [S3apphk] S3apphk.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Programme\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [IMONTRAY] C:\Program Files\Intel\Intel(R) Active Monitor\imontray.exe
O4 - HKLM\..\Run: [Microsoft Windows Security Patch] C:\WINDOWS\System32\mspatchsec.exe
O4 - HKLM\..\Run: [WFXSwtch] C:\PROGRA~1\WinFax\WFXSWTCH.exe
O4 - HKLM\..\Run: [WinFaxAppPortStarter] wfxsnt40.exe
O4 - HKLM\..\Run: [AVGCtrl] "C:\Programme\AVPersonal\AVGNT.EXE" /min
O4 - HKLM\..\Run: [intel32.exe] C:\WINDOWS\System32\intel32.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - Global Startup: Controller.LNK = C:\Programme\WinFax\WFXCTL32.EXE
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - file://C:\TempEI4\EI40_\msxml4.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{10DFC9A8-53D3-44BC-B404-D661A852925D}: NameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{1128B0A3-02C2-4D00-89DC-2F2869F26114}: NameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{90FEA03D-E009-434F-BA51-BB50250E4D77}: NameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{B4C9582B-3FEF-45C3-8DCD-E49837EF4F96}: NameServer = 192.168.0.1,0.0.0.0
O17 - HKLM\System\CCS\Services\Tcpip\..\{D118189D-5F23-47E6-8CD2-D692E61A2A03}: NameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{10DFC9A8-53D3-44BC-B404-D661A852925D}: NameServer = 192.168.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{10DFC9A8-53D3-44BC-B404-D661A852925D}: NameServer = 192.168.0.1
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Programme\AVPersonal\AVGUARD.EXE
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Programme\AVPersonal\AVWUPSRV.EXE
O23 - Service: DvISE ClipInc 001 (DavidClipInc001) - Unknown owner - C:\David\APPS\CLIPINC\CODE\CLIPINC.EXE (file missing)
O23 - Service: DvISE Discussion Server (DavidDiscussionServer) - Unknown owner - C:\David\APPS\DSERVER\CODE\DSERVER.EXE (file missing)
O23 - Service: DvISE Grabbing Server (DavidGrabbingServer) - Unknown owner - C:\David\APPS\DVGRAB\CODE\DVGRAB.EXE (file missing)
O23 - Service: DvISE Host (DavidHost) - Unknown owner - C:\David\APPS\DVHOST\CODE\DVHOST.EXE (file missing)
O23 - Service: DvISE Mail Access Server (DavidMailAccessServer) - Unknown owner - C:\PROGRA~1\DAVID\APPS\MASERVER\CODE\MASERVER.EXE (file missing)
O23 - Service: DvISE PBXpense (DavidPBXpense) - Unknown owner - C:\David\APPS\PBXPENSE\CODE\PBXPENSE.EXE (file missing)
O23 - Service: DvISE PCL Conversion Server (DavidPCL) - Unknown owner - C:\PROGRA~1\DAVID\APPS\FAXWARE\CONVERT\PCL\PCL.EXE (file missing)
O23 - Service: DvISE PostMan (DavidPostMan) - Unknown owner - C:\David\APPS\POSTMAN\CODE\POSTMAN.EXE (file missing)
O23 - Service: DvISE Replica (DavidReplica) - Unknown owner - C:\David\APPS\REPLICA\CODE\REPLICA.EXE (file missing)
O23 - Service: DvISE Service Layer (DavidServiceLayer) - Unknown owner - C:\David\CODE\SL.EXE (file missing)
O23 - Service: DvISE TLD 001 (DavidTLD001) - Unknown owner - C:\David\tld\code\CAPI\tld.exe (file missing)
O23 - Service: DvISE TVIndex (DavidTVIndex) - Unknown owner - C:\David\APPS\TVINDEX\TVINDEX.EXE (file missing)
O23 - Service: DvISE VideoCapture (DavidVideoCapture) - Unknown owner - C:\David\APPS\VIDEOCPT\CODE\VIDEOC~1.EXE (file missing)
O23 - Service: DvISE WebBox (DavidWebBox) - Unknown owner - C:\PROGRA~1\DAVID\APPS\WEBBOX\CODE\WEBBOX.EXE (file missing)
O23 - Service: Intel(R) Active Monitor (imonNT) - Intel Corp. - C:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\System32\oodag.exe
O23 - Service: Serv-U FTP Server (Serv-U) - Cat Soft - C:\PROGRA~1\Serv-U\SERVUD~1.EXE
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programme\Analog Devices\SoundMAX\SMAgent.exe

chaosman 04.07.2005 20:41
@killerbirke
überprüfe dein rechner mit escan
http://www.trojaner-board.de/showthread.php?t=17492


chaosman


Alle Zeitangaben in WEZ +1. Es ist jetzt 03:40 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131