|
Brauche dringend analyse! Habe seit neuestem ein Problem dass mein pc einfriert sobald ich ein spiel starte(manchmal auch erst nach ca 5 min). Habe bereits mehrfach gescannt(mit spybot s&d antivir und adware) aber bin sie bisher nicht losgeworden(obwohl viren gefunden wurden...) Ich bitte daher freundlich darum, dass sich jemand meiner(eines neulings auf diesem gebiet) annimmt und mir hilft! Hier mein Hi-Jack Log: Logfile of HijackThis v1.99.1 Scan saved at 21:31:59, on 24.02.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\Dit.exe C:\WINDOWS\mHotkey.exe C:\WINDOWS\CNYHKey.exe C:\WINDOWS\system32\Prismsta.exe C:\Programme\Home Cinema\PowerCinema\PCMService.exe C:\WINDOWS\system32\RunDll32.exe C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe C:\Programme\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe C:\Programme\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe C:\Programme\QuickTime\qttask.exe C:\Programme\Java\jre1.5.0_05\bin\jusched.exe C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe C:\Programme\Macrogaming\SweetIM\SweetIM.exe C:\Programme\T-Online\T-Online_Software_5\Basis-Software\Basis1\ToADiMon.exe C:\Programme\WARCRAFT\ReplayManager\ReplayManager.exe C:\WINDOWS\system32\ctfmon.exe C:\Programme\Spybot - Search & Destroy\TeaTimer.exe C:\Programme\Logitech\SetPoint\KEM.exe C:\Programme\Logitech\SetPoint\KHALMNPR.EXE C:\Programme\AntiVir PersonalEdition Classic\sched.exe C:\Programme\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\system32\cisvc.exe C:\Programme\CA\SharedComponents\CA_LIC\LogWatNT.exe C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\wanmpsvc.exe C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe C:\Programme\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe C:\Programme\Spybot - Search & Destroy\SpybotSD.exe C:\Programme\T-Online\T-Online_Software_5\Basis-Software\Basis2\kernel.exe C:\Programme\T-Online\T-Online_Software_5\Basis-Software\Basis2\sc_watch.exe C:\PROGRA~1\T-Online\T-ONLI~1\BASIS-~1\Basis2\PROFIL~1.EXE C:\Programme\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\cidaemon.exe C:\Dokumente und Einstellungen\Moritz\Desktop\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file) R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Programme\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll (file missing) O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Programme\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing) O4 - HKLM\..\Run: [ATIPTA] C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [Dit] Dit.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [CHotkey] mHotkey.exe O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe O4 - HKLM\..\Run: [Prism_Utility] Prismsta.exe O4 - HKLM\..\Run: [PCMService] "C:\Programme\Home Cinema\PowerCinema\PCMService.exe" O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [mmtask] C:\Programme\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe O4 - HKLM\..\Run: [MMTray] C:\Programme\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_05\bin\jusched.exe O4 - HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [SweetIM] C:\Programme\Macrogaming\SweetIM\SweetIM.exe O4 - HKLM\..\Run: [ToADiMon.exe] C:\Programme\T-Online\T-Online_Software_5\Basis-Software\Basis1\ToADiMon.exe -TOnlineAutodialStart O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u O4 - HKLM\..\Run: [Lescos Warcraft Toolkit] "C:\Programme\Warcraft III\LWT.exe" -minimized O4 - HKLM\..\Run: [ReplayExplorer.Autorun] "C:\Programme\Replay Explorer\RepExplorer.exe" /m O4 - HKLM\..\Run: [Replay Manager] C:\Programme\WARCRAFT\ReplayManager\ReplayManager.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Spyware Cleaner] "C:\Programme\Spyware Cleaner\SpywareCleaner.Exe" /boot O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [SweetIM] C:\Programme\Macrogaming\SweetIM\SweetIM.exe O4 - Startup: Xfire.lnk = C:\Programme\Xfire\xfire.exe O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Brockhaus-Direktsuche.lnk = C:\Programme\Brockhaus Multimedia\Brockhaus multimedial\pgbmm.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\KEM.exe O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Programme\ICQToolbar\toolbaru.dll/SEARCH.HTML O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_05\bin\npjpi150_05.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_05\bin\npjpi150_05.dll O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra button: MedionShop - {07E3F115-C445-480D-94CB-ECA914A353CE} - http://www.medionshop.de/ (file missing) (HKCU) O11 - Options group: [INTERNATIONAL] International* O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/04a30f04300bfbf27206/netzip/RdxIE601_de.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{AE60CE46-C8A7-4F46-9B82-19496EE1E875}: NameServer = 217.237.151.142 217.237.150.188 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: CA-Lizenz-Client (CA_LIC_CLNT) - Computer Associates - C:\Programme\CA\SharedComponents\CA_LIC\lic98rmt.exe O23 - Service: CA-Lizenzserver (CA_LIC_SRVR) - Computer Associates - C:\Programme\CA\SharedComponents\CA_LIC\lic98rmtd.exe O23 - Service: Ereignisprotokoll-Überwachung (LogWatch) - Computer Associates - C:\Programme\CA\SharedComponents\CA_LIC\LogWatNT.exe O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe Danke wäre echt nett wenn mir jemand erklärt was ich machen soll. Danke im Vorraus mfg Nablezen |
Wäre natürlich super, wenn du uns die Berichte über die Virenfunde posten könntest. Dein log sieht gesäubert aus wenn ich das so formulieren soll.. Mach mal bitte einen eScan mit MWAVE. Anleitung findest du in meiner Signatur. Es ist sehr wichtig, dass du diese bis zum Schluss abarbeitest um uns ein ordentliches logFile zu liefern.. mfg Undoreal |
Hier schonmal die viren"berichte": e-scan bin ich grad am machen.. dauert aber noch Malware.SpywareCleaner Object Recognized! Type : RegValue Data : TAC Rating : 3 Category : Malware Comment : "Spyware Cleaner" Rootkey : HKEY_USERS Object : S-1-5-21-1268086586-3941762377-3502801164-1009\software\microsoft\windows\currentversion\run Value : Spyware Cleaner Registry Scan result: New critical objects: 1 Objects found so far: 44 Deep registry scan result: New critical objects: 0 Objects found so far: 44 Started Tracking Cookie scan Tracking Cookie Object Recognized! Type : IECache Entry Data : moritz@counter.sexsuche[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:2 Value : Cookie:moritz@counter.sexsuche.tv/ Expires : 16.08.2006 15:55:54 LastSync : Hits:2 UseCount : 0 Hits : 2 Tracking Cookie Object Recognized! Type : IECache Entry Data : moritz@stat.onestat[2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:2 Value : Cookie:moritz@stat.onestat.com/ Expires : 22.05.2016 01:00:00 LastSync : Hits:2 UseCount : 0 Hits : 2 Tracking Cookie Object Recognized! Type : IECache Entry Data : moritz@landing.domainsponsor[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:5 Value : Cookie:moritz@landing.domainsponsor.com/ Expires : 06.12.2008 14:05:42 LastSync : Hits:5 UseCount : 0 Hits : 5 Tracking Cookie Object Recognized! Type : IECache Entry Data : moritz@sel.as-eu.falkag[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:1 Value : Cookie:moritz@sel.as-eu.falkag.net/ Expires : 19.06.2006 18:21:24 LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : moritz@dealtime[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:1 Value : Cookie:moritz@dealtime.com/ Expires : 28.07.2007 14:29:02 LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : moritz@list[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:1 Value : Cookie:moritz@list.ru/ Expires : 19.08.2006 21:00:00 LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : moritz@estat[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:1 Value : Cookie:moritz@estat.com/ Expires : 04.12.2016 14:07:04 LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : moritz@weborama[2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:3 Value : Cookie:moritz@weborama.fr/ Expires : 04.07.2008 19:59:44 LastSync : Hits:3 UseCount : 0 Hits : 3 Tracking Cookie Object Recognized! Type : IECache Entry Data : moritz@clickability[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:1 Value : Cookie:moritz@clickability.com/ Expires : 26.11.2006 13:12:00 LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : moritz@msnportal.112.2o7[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:17 Value : Cookie:moritz@msnportal.112.2o7.net/ Expires : 01.07.2011 15:25:16 LastSync : Hits:17 UseCount : 0 Hits : 17 Tracking Cookie Object Recognized! Type : IECache Entry Data : moritz@overstock[2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:10 Value : Cookie:moritz@overstock.com/ Expires : 19.02.2020 15:28:00 LastSync : Hits:10 UseCount : 0 Hits : 10 Tracking Cookie Object Recognized! Type : IECache Entry Data : moritz@adserver.easyad[2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:2 Value : Cookie:moritz@adserver.easyad.info/ Expires : 22.10.2016 19:58:00 LastSync : Hits:2 UseCount : 0 Hits : 2 Tracking Cookie Object Recognized! Type : IECache Entry Data : moritz@2o7[2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:308 Value : Cookie:moritz@2o7.net/ Expires : 17.02.2012 10:34:48 LastSync : Hits:308 UseCount : 0 Hits : 308 Tracking Cookie Object Recognized! Type : IECache Entry Data : moritz@rambler[2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:74 Value : Cookie:moritz@rambler.ru/ Expires : 01.01.2009 01:00:00 LastSync : Hits:74 UseCount : 0 Hits : 74 Tracking Cookie Object Recognized! Type : IECache Entry Data : moritz@as1.falkag[2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:1055 Value : Cookie:moritz@as1.falkag.de/ Expires : 06.04.2007 16:52:52 LastSync : Hits:1055 UseCount : 0 Hits : 1055 Tracking Cookie Object Recognized! Type : IECache Entry Data : moritz@www.etracker[2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:36 Value : Cookie:moritz@www.etracker.de/ Expires : 26.02.2007 16:29:50 LastSync : Hits:36 UseCount : 0 Hits : 36 Tracking Cookie Object Recognized! Type : IECache Entry Data : moritz@adfarm1.adition[2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:12 Value : Cookie:moritz@adfarm1.adition.com/ Expires : 01.01.2025 01:00:00 LastSync : Hits:12 UseCount : 0 Hits : 12 Tracking Cookie Object Recognized! Type : IECache Entry Data : moritz@serving-sys[2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:25 Value : Cookie:moritz@serving-sys.com/ Expires : 31.12.2037 23:00:00 LastSync : Hits:25 UseCount : 0 Hits : 25 Tracking Cookie Object Recognized! Type : IECache Entry Data : moritz@adtech[2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:6 Value : Cookie:moritz@adtech.de/ Expires : 14.07.2016 14:24:44 LastSync : Hits:6 UseCount : 0 Hits : 6 Tracking Cookie Object Recognized! Type : IECache Entry Data : moritz@partners.webmasterplan[2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:5 Value : Cookie:moritz@partners.webmasterplan.com/ Expires : 05.07.2016 23:00:00 LastSync : Hits:5 UseCount : 0 Hits : 5 Tracking Cookie Object Recognized! Type : IECache Entry Data : moritz@adserver.71i[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:1 Value : Cookie:moritz@adserver.71i.de/ Expires : 30.12.2037 17:00:00 LastSync : Hits:1 UseCount : 0 Hits : 1 Hits : 2 Tracking cookie scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 23 Objects found so far: 67 Deep scanning and examining files (C:) »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» WinAntiVirusPro Object Recognized! Type : File Data : A0525809.exe TAC Rating : 10 Category : Malware Comment : Object : C:\System Volume Information\_restore{C0D98CBA-6672-47B1-9E43-2A9DE301BFBF}\RP561\ FileVersion : 0, 1, 24, 0 ProductVersion : 0, 1, 24, 0 ProductName : Companion Wizard CompanyName : WinSoftware FileDescription : Companion Wizard InternalName : CompanionWizard.exe LegalCopyright : (c) WinSoftware. All rights reserved. OriginalFilename : CompanionWizard.exe |
| Alle Zeitangaben in WEZ +1. Es ist jetzt 21:40 Uhr. |
Copyright ©2000-2025, Trojaner-Board