Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Internet wird immer langsamer, Downloads nicht mehr möglich! (https://www.trojaner-board.de/30614-internet-immer-langsamer-downloads-mehr-moeglich.html)

Illo 15.07.2006 20:14
Internet wird immer langsamer, Downloads nicht mehr möglich!
 
Hallo,
Ich kriege von tag zu tag immer mehr Probleme mit dem Internet. Ich dachte zuerst die Hitze macht dem rechner vielleicht etwas zu schaffen und deswegen läuft alles bißchen langsamer. Aber ich kann mittlerweile nichtmal mehr downloaden. Fast imme rkommt die Meldung "The Installation you are trying to use is corrupt or incomplete..." Sogar die Updates von Windows konnten nur zum teil heruntergeladen werden. Und wie gesagt, Internet wird imme rlangsamer, bzw. Seiten können ncith angezeigt werden und ich muß 2,3mal probieren bis es klappt, bei ner DSL Leitung!
Ich habe einen hicjackthis laufen lassen, aber nix auffälliges gefunden.
Dann habe ich einen escan gemacht. Es kam die Meldung das ein update nötig ist, welchen ich auch gemahct habe, aber anscheinend gab es da wieder schwierigkeiten und der download war unollständig. Es wurde jetzt was von nem Stand von Mai 2006 angezeigt.
Ich habe dann trotzdem mal escan laufen lassen. Seltsamerweise hatte ich erneut diese "mybar", "myway", "perfactnav". "kazaa" Zeug drauf, obwohl ich es schon zigmal entfernt habe. :headbang:
Was neu ist ist dieser smitfraud Browser hijacker, was mir ziemliche Sorgen bereitet.
Also, ich wäre dankbar für ne Auswertung meines scans und Informationen der gefunden spy-/adware, und natürlich für Hinweise wie ich jetzt am besten vorgehe. Danke.


Tue May 16 19:26:16 2006 => System found infected with mybar Spyware/Adware ({014da6c9-189f-421a-88cd-07cfe51cff10})! Action taken: No Action Taken.
Tue May 16 19:26:16 2006 => System found infected with kazaa Spyware/Adware ({66fc8717-efa7-4546-8c4a-e224f3a80c76})! Action taken: No Action Taken.
Tue May 16 19:26:16 2006 => System found infected with mybar Spyware/Adware ({0494d0d9-f8e0-41ad-92a3-14154ece70ac})! Action taken: No Action Taken.
Tue May 16 19:26:17 2006 => System found infected with myway Spyware/Adware ({0494d0d4-f8e0-41ad-92a3-14154ece70ac})! Action taken: No Action Taken.
Tue May 16 15:17:45 2006 => **********************************************************
Tue May 16 15:17:45 2006 => MicroWorld Anti Virus & Spyware Toolkit Utility.
Tue May 16 15:17:45 2006 => Copyright © 2003-2006, MicroWorld Technologies Inc.
Tue May 16 15:17:45 2006 => **********************************************************
Tue May 16 15:17:45 2006 => Source: C:\Programme\eScan\mwav.exe
Tue May 16 15:17:45 2006 => Version 8.2.8 (C:\DOKUME~1\Olli\LOKALE~1\Temp\mexe.com)
Tue May 16 15:17:45 2006 => Log File: C:\DOKUME~1\Olli\LOKALE~1\Temp\MWAV.LOG
Tue May 16 15:17:45 2006 => MWAV Registered: FALSE.
Tue May 16 15:17:45 2006 => User Account: Olli
Tue May 16 15:17:45 2006 => OS Type: Windows Workstation
Tue May 16 15:17:45 2006 => OS: Windows XP
Tue May 16 15:17:45 2006 => Ver: Service Pack 2 (Build 2600)
Tue May 16 15:17:45 2006 => Windows Root Folder: C:\WINDOWS
Tue May 16 15:17:45 2006 => Windows Sys32 Folder: C:\WINDOWS\system32
Tue May 16 15:17:45 2006 => Local Fixed Drives: c:\
Tue May 16 15:17:45 2006 => MWAV Mode: Only Scan files.
Tue May 16 15:17:45 2006 => Latest Date of files inside MWAV: 12 May 2006 08:34:55.
Tue May 16 15:17:49 2006 => AV Library Loaded...
Tue May 16 15:17:49 2006 => MWAV doing self scanning...
Tue May 16 15:17:49 2006 => Scanning File C:\DOKUME~1\Olli\LOKALE~1\Temp\kavss.exe
Tue May 16 15:17:49 2006 => Scanning File C:\DOKUME~1\Olli\LOKALE~1\Temp\Getvlist.exe
Tue May 16 15:17:49 2006 => Scanning File C:\DOKUME~1\Olli\LOKALE~1\Temp\kavss.dll
Tue May 16 15:17:49 2006 => Scanning File C:\DOKUME~1\Olli\LOKALE~1\Temp\kavssdi.dll
Tue May 16 15:17:49 2006 => Scanning File C:\DOKUME~1\Olli\LOKALE~1\Temp\kavssi.dll
Tue May 16 15:17:49 2006 => Scanning File C:\DOKUME~1\Olli\LOKALE~1\Temp\kavvlg.dll
Tue May 16 15:17:49 2006 => Scanning File C:\DOKUME~1\Olli\LOKALE~1\Temp\msvlclnt.dll
Tue May 16 15:17:49 2006 => Scanning File C:\DOKUME~1\Olli\LOKALE~1\Temp\ipc.dll
Tue May 16 15:17:49 2006 => Scanning File C:\DOKUME~1\Olli\LOKALE~1\Temp\main.avi
Tue May 16 15:17:49 2006 => Scanning File C:\DOKUME~1\Olli\LOKALE~1\Temp\virus.avi
Tue May 16 15:17:49 2006 => MWAV files are clean.
Tue May 16 15:17:52 2006 => Virus Database Date: 5/12/2006
Tue May 16 15:17:52 2006 => Virus Database Count: 193177
Tue May 16 15:19:12 2006 => AV Library Unloaded (3)...
Tue May 16 17:39:58 2006 => **********************************************************
Tue May 16 17:39:58 2006 => MicroWorld Anti Virus & Spyware Toolkit Utility.
Tue May 16 17:39:58 2006 => Copyright © 2003-2006, MicroWorld Technologies Inc.
Tue May 16 17:39:58 2006 => **********************************************************
Tue May 16 17:39:58 2006 => Source: C:\DOKUME~1\Olli\LOKALE~1\TEMPOR~1\Content.IE5\BUVV205R\MWAV_1~1.EXE
Tue May 16 17:39:58 2006 => Version 8.2.8 (C:\DOKUME~1\Olli\LOKALE~1\Temp\mexe.com)
Tue May 16 17:39:58 2006 => Log File: C:\DOKUME~1\Olli\LOKALE~1\Temp\MWAV.LOG
Tue May 16 17:39:58 2006 => MWAV Registered: FALSE.
Tue May 16 17:39:58 2006 => User Account: Olli
Tue May 16 17:39:58 2006 => OS Type: Windows Workstation
Tue May 16 17:39:58 2006 => OS: Windows XP
Tue May 16 17:39:58 2006 => Ver: Service Pack 2 (Build 2600)
Tue May 16 17:39:58 2006 => Windows Root Folder: C:\WINDOWS
Tue May 16 17:39:58 2006 => Windows Sys32 Folder: C:\WINDOWS\system32
Tue May 16 17:39:58 2006 => Local Fixed Drives: c:\
Tue May 16 17:39:58 2006 => MWAV Mode: Only Scan files.
Tue May 16 17:39:58 2006 => Latest Date of files inside MWAV: 12 May 2006 08:34:55.
Tue May 16 17:40:00 2006 => AV Library Loaded...
Tue May 16 17:40:00 2006 => MWAV doing self scanning...
Tue May 16 17:40:00 2006 => Scanning File C:\DOKUME~1\Olli\LOKALE~1\Temp\kavss.exe
Tue May 16 17:40:00 2006 => Scanning File C:\DOKUME~1\Olli\LOKALE~1\Temp\Getvlist.exe
Tue May 16 17:40:00 2006 => Scanning File C:\DOKUME~1\Olli\LOKALE~1\Temp\kavss.dll
Tue May 16 17:40:00 2006 => Scanning File C:\DOKUME~1\Olli\LOKALE~1\Temp\kavssdi.dll
Tue May 16 17:40:00 2006 => Scanning File C:\DOKUME~1\Olli\LOKALE~1\Temp\kavssi.dll
Tue May 16 17:40:00 2006 => Scanning File C:\DOKUME~1\Olli\LOKALE~1\Temp\kavvlg.dll
Tue May 16 17:40:00 2006 => Scanning File C:\DOKUME~1\Olli\LOKALE~1\Temp\msvlclnt.dll
Tue May 16 17:40:00 2006 => Scanning File C:\DOKUME~1\Olli\LOKALE~1\Temp\ipc.dll
Tue May 16 17:40:00 2006 => Scanning File C:\DOKUME~1\Olli\LOKALE~1\Temp\main.avi
Tue May 16 17:40:00 2006 => Scanning File C:\DOKUME~1\Olli\LOKALE~1\Temp\virus.avi
Tue May 16 17:40:00 2006 => MWAV files are clean.
Tue May 16 17:40:01 2006 => Virus Database Date: 5/12/2006
Tue May 16 17:40:01 2006 => Virus Database Count: 193177
Tue May 16 17:41:07 2006 => Generating Virus List... getvlist.exe C:\DOKUME~1\Olli\LOKALE~1\Temp\vlist.txt
Tue May 16 17:41:21 2006 => AV Library Unloaded (3)...
Tue May 16 17:43:50 2006 => **********************************************************
Tue May 16 17:43:50 2006 => MicroWorld Anti Virus & Spyware Toolkit Utility.
Tue May 16 17:43:50 2006 => Copyright © 2003-2006, MicroWorld Technologies Inc.
Tue May 16 17:43:50 2006 => **********************************************************
Tue May 16 17:43:50 2006 => Source: C:\Bases_X\mwav.exe
Tue May 16 17:43:50 2006 => Version 8.2.8 (C:\DOKUME~1\Olli\LOKALE~1\Temp\mexe.com)
Tue May 16 17:43:50 2006 => Log File: C:\DOKUME~1\Olli\LOKALE~1\Temp\MWAV.LOG
Tue May 16 17:43:50 2006 => MWAV Registered: FALSE.
Tue May 16 17:43:50 2006 => User Account: Olli
Tue May 16 17:43:50 2006 => OS Type: Windows Workstation
Tue May 16 17:43:50 2006 => OS: Windows XP
Tue May 16 17:43:50 2006 => Ver: Service Pack 2 (Build 2600)
Tue May 16 17:43:50 2006 => Windows Root Folder: C:\WINDOWS
Tue May 16 17:43:50 2006 => Windows Sys32 Folder: C:\WINDOWS\system32
Tue May 16 17:43:50 2006 => Local Fixed Drives: c:\
Tue May 16 17:43:50 2006 => MWAV Mode: Only Scan files.
Tue May 16 17:43:50 2006 => Latest Date of files inside MWAV: 12 May 2006 08:34:55.
Tue May 16 17:43:52 2006 => AV Library Loaded...
Tue May 16 17:43:52 2006 => MWAV doing self scanning...
Tue May 16 17:43:52 2006 => Scanning File C:\DOKUME~1\Olli\LOKALE~1\Temp\kavss.exe
Tue May 16 17:43:52 2006 => Scanning File C:\DOKUME~1\Olli\LOKALE~1\Temp\Getvlist.exe
Tue May 16 17:43:52 2006 => Scanning File C:\DOKUME~1\Olli\LOKALE~1\Temp\kavss.dll
Tue May 16 17:43:52 2006 => Scanning File C:\DOKUME~1\Olli\LOKALE~1\Temp\kavssdi.dll
Tue May 16 17:43:52 2006 => Scanning File C:\DOKUME~1\Olli\LOKALE~1\Temp\kavssi.dll
Tue May 16 17:43:52 2006 => Scanning File C:\DOKUME~1\Olli\LOKALE~1\Temp\kavvlg.dll
Tue May 16 17:43:52 2006 => Scanning File C:\DOKUME~1\Olli\LOKALE~1\Temp\msvlclnt.dll
Tue May 16 17:43:52 2006 => Scanning File C:\DOKUME~1\Olli\LOKALE~1\Temp\ipc.dll
Tue May 16 17:43:52 2006 => Scanning File C:\DOKUME~1\Olli\LOKALE~1\Temp\main.avi
Tue May 16 17:43:52 2006 => Scanning File C:\DOKUME~1\Olli\LOKALE~1\Temp\virus.avi
Tue May 16 17:43:52 2006 => MWAV files are clean.
Tue May 16 17:43:52 2006 => Virus Database Date: 5/12/2006
Tue May 16 17:43:52 2006 => Virus Database Count: 193177
Tue May 16 17:43:59 2006 => AV Library Unloaded (3)...
Tue May 16 19:23:41 2006 => **********************************************************
Tue May 16 19:23:41 2006 => MicroWorld Anti Virus & Spyware Toolkit Utility.
Tue May 16 19:23:41 2006 => Copyright © 2003-2006, MicroWorld Technologies Inc.
Tue May 16 19:23:41 2006 => **********************************************************
Tue May 16 19:23:41 2006 => Source: C:\Bases_X\mwav.exe
Tue May 16 19:23:41 2006 => Version 8.2.8 (C:\DOKUME~1\Olli\LOKALE~1\Temp\mexe.com)
Tue May 16 19:23:41 2006 => Log File: C:\DOKUME~1\Olli\LOKALE~1\Temp\MWAV.LOG
Tue May 16 19:23:41 2006 => MWAV Registered: FALSE.
Tue May 16 19:23:41 2006 => User Account: Olli
Tue May 16 19:23:41 2006 => OS Type: Windows Workstation
Tue May 16 19:23:41 2006 => OS: Windows XP
Tue May 16 19:23:41 2006 => Ver: Service Pack 2 (Build 2600)
Tue May 16 19:23:41 2006 => Windows Root Folder: C:\WINDOWS
Tue May 16 19:23:41 2006 => Windows Sys32 Folder: C:\WINDOWS\system32
Tue May 16 19:23:41 2006 => Local Fixed Drives: c:\
Tue May 16 19:23:41 2006 => MWAV Mode: Only Scan files.
Tue May 16 19:23:41 2006 => Latest Date of files inside MWAV: 12 May 2006 08:34:55.
Tue May 16 19:23:43 2006 => AV Library Loaded...
Tue May 16 19:23:43 2006 => MWAV doing self scanning...
Tue May 16 19:23:43 2006 => Scanning File C:\DOKUME~1\Olli\LOKALE~1\Temp\kavss.exe
Tue May 16 19:23:43 2006 => Scanning File C:\DOKUME~1\Olli\LOKALE~1\Temp\Getvlist.exe
Tue May 16 19:23:44 2006 => Scanning File C:\DOKUME~1\Olli\LOKALE~1\Temp\kavss.dll
Tue May 16 19:23:44 2006 => Scanning File C:\DOKUME~1\Olli\LOKALE~1\Temp\kavssdi.dll
Tue May 16 19:23:44 2006 => Scanning File C:\DOKUME~1\Olli\LOKALE~1\Temp\kavssi.dll
Tue May 16 19:23:44 2006 => Scanning File C:\DOKUME~1\Olli\LOKALE~1\Temp\kavvlg.dll
Tue May 16 19:23:44 2006 => Scanning File C:\DOKUME~1\Olli\LOKALE~1\Temp\msvlclnt.dll
Tue May 16 19:23:44 2006 => Scanning File C:\DOKUME~1\Olli\LOKALE~1\Temp\ipc.dll
Tue May 16 19:23:44 2006 => Scanning File C:\DOKUME~1\Olli\LOKALE~1\Temp\main.avi
Tue May 16 19:23:44 2006 => Scanning File C:\DOKUME~1\Olli\LOKALE~1\Temp\virus.avi
Tue May 16 19:23:44 2006 => MWAV files are clean.
Tue May 16 19:23:44 2006 => Virus Database Date: 5/12/2006
Tue May 16 19:23:44 2006 => Virus Database Count: 193177
Tue May 16 19:24:50 2006 => Downloading AntiVirus and Anti-Spyware Databases...
Tue May 16 19:24:51 2006 => Downloads Not Successful!

Tue May 16 19:25:00 2006 => **********************************************************
Tue May 16 19:25:00 2006 => MicroWorld Anti Virus & Spyware Toolkit Utility.
Tue May 16 19:25:00 2006 => Copyright © 2003-2006, MicroWorld Technologies Inc.
Tue May 16 19:25:00 2006 =>
Tue May 16 19:25:00 2006 => Support: support@mwti.net
Tue May 16 19:25:00 2006 => Web: http://www.mwti.net
Tue May 16 19:25:00 2006 => **********************************************************
Tue May 16 19:25:00 2006 => Version 8.2.8 (C:\DOKUME~1\Olli\LOKALE~1\Temp\mexe.com)
Tue May 16 19:25:00 2006 => Log File: C:\DOKUME~1\Olli\LOKALE~1\Temp\MWAV.LOG
Tue May 16 19:25:00 2006 => User Account: Olli
Tue May 16 19:25:00 2006 => Windows Root Folder: C:\WINDOWS
Tue May 16 19:25:00 2006 => Windows Sys32 Folder: C:\WINDOWS\system32
Tue May 16 19:25:00 2006 => OS: Windows XP
Tue May 16 19:25:00 2006 => Ver: Service Pack 2 (Build 2600)
Tue May 16 19:25:00 2006 => Latest Date of files inside MWAV: 12 May 2006 08:34:55.

Tue May 16 19:25:00 2006 => Options Selected by User:
Tue May 16 19:25:00 2006 => Memory Check: Enabled
Tue May 16 19:25:00 2006 => Registry Check: Enabled
Tue May 16 19:25:00 2006 => StartUp Folder Check: Disabled
Tue May 16 19:25:00 2006 => System Folder Check: Disabled
Tue May 16 19:25:00 2006 => System Area Check: Disabled
Tue May 16 19:25:00 2006 => Services Check: Enabled
Tue May 16 19:25:00 2006 => Drive Check: Disabled
Tue May 16 19:25:00 2006 => All Drive Check :Enabled
Tue May 16 19:25:00 2006 => Folder Check: Disabled




Tue May 16 19:26:19 2006 => Offending Key found: HKLM\Software\magnet\handlers\kazaa !!!
Tue May 16 19:26:19 2006 => Object "kazaa Spyware/Adware" found in File System! Action Taken: No Action Taken.

Tue May 16 19:26:19 2006 => Offending Key found: HKLM\Software\kazaa !!!
Tue May 16 19:26:19 2006 => Object "kazaa Spyware/Adware" found in File System! Action Taken: No Action Taken.

Tue May 16 19:26:19 2006 => Offending Key found: HKLM\Software\myway !!!
Tue May 16 19:26:19 2006 => Object "my way speedbar Spyware/Adware" found in File System! Action Taken: No Action Taken.

Tue May 16 19:26:19 2006 => Offending Key found: HKLM\Software\perfectnav !!!
Tue May 16 19:26:19 2006 => Object "perfectnav Spyware/Adware" found in File System! Action Taken: No Action Taken.

Tue May 16 19:26:19 2006 => Offending Key found: HKCU\Software\instafink !!!
Tue May 16 19:26:19 2006 => Object "instafinder Spyware/Adware" found in File System! Action Taken: No Action Taken.

Tue May 16 19:26:19 2006 => Offending Key found: HKCU\Software\kazaa !!!
Tue May 16 19:26:19 2006 => Object "kazaa Spyware/Adware" found in File System! Action Taken: No Action Taken.

Tue May 16 19:26:20 2006 => Offending file found: C:\WINDOWS\smdat32a.sys
Tue May 16 19:26:20 2006 => System found infected with altnet Spyware/Adware (smdat32a.sys)! Action taken: No Action Taken.

Tue May 16 19:26:20 2006 => Offending Folder found: C:\Programme\accessdiver
Tue May 16 19:26:20 2006 => Object "access diver Spyware/Adware" found in File System! Action Taken: No Action Taken.

Tue May 16 19:26:20 2006 => Offending Folder found: C:\Programme\instafink
Tue May 16 19:26:20 2006 => Object "instafinder Spyware/Adware" found in File System! Action Taken: No Action Taken.

Tue May 16 19:26:34 2006 => Offending file found: C:\Dokumente und Einstellungen\Olli\Eigene Dateien\cum fiesta.lnk
Tue May 16 19:26:34 2006 => System found infected with xxxtoolbar Spyware/Adware (cum fiesta.lnk)! Action taken: No Action Taken.

Tue May 16 19:28:29 2006 => Offending file found: C:\Dokumente und Einstellungen\Olli\Eigene Dateien\cum fiesta.lnk
Tue May 16 19:28:29 2006 => System found infected with xxxtoolbar Spyware/Adware (cum fiesta.lnk)! Action taken: No Action Taken.

Sat Jul 15 16:05:01 2006 => ***** Scanning Registry and File system for Adware/Spyware *****
Sat Jul 15 16:05:01 2006 => Loading Spyware Signatures from new External Database (Size: 157208).
Sat Jul 15 16:05:02 2006 => Indexed Spyware Databases Successfully Created...

Sat Jul 15 16:05:06 2006 => System found infected with mybar Spyware/Adware ({014da6c9-189f-421a-88cd-07cfe51cff10})! Action taken: No Action Taken.
Sat Jul 15 16:05:06 2006 => System found infected with kazaa Spyware/Adware ({66fc8717-efa7-4546-8c4a-e224f3a80c76})! Action taken: No Action Taken.
Sat Jul 15 16:05:06 2006 => System found infected with mybar Spyware/Adware ({0494d0d9-f8e0-41ad-92a3-14154ece70ac})! Action taken: No Action Taken.
Sat Jul 15 16:05:10 2006 => Offending Folder found: C:\Programme\xxxvid
Sat Jul 15 16:05:10 2006 => Object "xxxvid Spyware/Adware" found in File System! Action Taken: No Action Taken.

Sat Jul 15 16:06:58 2006 => Offending file found: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\yahoo!\spiele\poker.url
Sat Jul 15 16:06:58 2006 => System found infected with smitfraud Browser Hijacker (poker.url)! Action taken: No Action Taken.

Sat Jul 15 16:06:58 2006 => Offending file found: C:\Dokumente und Einstellungen\All Users\Startmenü\programme\yahoo!\spiele\poker.url
Sat Jul 15 16:06:58 2006 => System found infected with smitfraud Browser Hijacker (poker.url)! Action taken: No Action Taken.

Illo 15.07.2006 21:22
Hier der hijackthis log dazu...


Logfile of HijackThis v1.99.1
Scan saved at 22:17:15, on 15.07.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\DSentry.exe
C:\Programme\D-Tools\daemon.exe
C:\Programme\Logitech\Video\LogiTray.exe
C:\Programme\Ahead\InCD\InCD.exe
C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe
C:\Programme\iTunes\iTunesHelper.exe
C:\Programme\QuickTime\qttask.exe
C:\WINDOWS\system32\LVComS.exe
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
C:\Programme\Winamp\winampa.exe
C:\Programme\Java\jre1.5.0_06\bin\jusched.exe
C:\Programme\ICQLite\ICQLite.exe
C:\Programme\PowerISO\PWRISOVM.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\MSN Messenger\msnmsgr.exe
C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
C:\Programme\FRITZ!DSL\IGDCTRL.EXE
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Programme\FRITZ!DSL\StCenter.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
C:\Programme\WinZip\WZQKPICK.EXE
C:\Programme\FRITZ!DSL\FwebProt.exe
C:\Programme\OpenOffice.org 2.0\program\soffice.exe
C:\Programme\OpenOffice.org 2.0\program\soffice.BIN
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe
C:\Programme\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programme\FRITZ!DSL\fritzdsl.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\Hijackthisentpackt\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gmx.de/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Programme\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Programme\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Programme\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Programme\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programme\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [WinampAgent] C:\Programme\Winamp\winampa.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [ICQ Lite] "C:\Programme\ICQLite\ICQLite.exe" -minimize
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Programme\PowerISO\PWRISOVM.EXE
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Programme\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -trayboot
O4 - Startup: FRITZ!DSL Protect.lnk = C:\Programme\FRITZ!DSL\FwebProt.exe
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Programme\OpenOffice.org 2.0\program\quickstart.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: FRITZ!DSL Startcenter.lnk = C:\Programme\FRITZ!DSL\StCenter.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Programme\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Validate XML - C:\WINDOWS\web\msxmlval.htm
O8 - Extra context menu item: View XSL Output - C:\WINDOWS\web\msxmlvw.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Programme\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Programme\Yahoo!\Messenger\YahooMessenger.exe
O10 - Unknown file in Winsock LSP: c:\programme\fritz!dsl\sarah.dll
O10 - Unknown file in Winsock LSP: c:\programme\fritz!dsl\sarah.dll
O10 - Unknown file in Winsock LSP: c:\programme\fritz!dsl\sarah.dll
O10 - Unknown file in Winsock LSP: c:\programme\fritz!dsl\sarah.dll
O10 - Unknown file in Winsock LSP: c:\programme\fritz!dsl\sarah.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab30149.cab
O16 - DPF: {0EB73E39-8AD4-43E8-8FBA-0165C2CCDB8B} (GameControl Class) - http://focus.msn.midasplayer.com/midasa.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab30149.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab30149.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) -
O16 - DPF: {5F05A225-0F66-43DE-89E4-6FFD589C4F01} (OC web Installer) - http://www.objectcube.com/dc5/aebn/f...ubeInstall.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab30149.cab
O16 - DPF: {8FA9D107-547B-4DBC-9D88-FABD891EDB0A} (shizmoo Class) - http://playroom.icq.com/odyssey_web8.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab
O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/radio/amp...1.11_en_dl.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary...o.cab30149.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary...t.cab30149.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://anu.popcap.com/games/popcaploader_v5.cab
O16 - DPF: {E6A3C1E2-F792-483E-9133-596215172BE9} (AcceptLang Class) - http://runonce.msn.com/setacceptlang.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary...n.cab30149.cab
O16 - DPF: {FB48C7B0-EB66-4BE6-A1C5-9DDF3C37249A} (MCSendMessageHandler Class) - http://xtraz.icq.com/xtraz/activex/MISBH.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{9CF5DDF6-0CD1-43BB-8DFA-3FF3CCBB836F}: NameServer = 192.168.122.252,192.168.122.253
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - AVIRA GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVM IGD CTRL Service - AVM Berlin - C:\Programme\FRITZ!DSL\IGDCTRL.EXE
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: AVM FRITZ!web Routing Service (de_serv) - AVM Berlin - C:\Programme\Gemeinsame Dateien\AVM\de_serv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Programme\Ahead\InCD\InCDsrv.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - c:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS (file missing)
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Programme\Intel\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TSMService - T-Systems Nova, Berkom - C:\Programme\T-DSL SpeedManager\tsmsvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe

Illo 20.07.2006 00:00
Danke für eure Hilfe. :daumenhoc


Alle Zeitangaben in WEZ +1. Es ist jetzt 11:53 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131