Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Mein pc spinnt total! (https://www.trojaner-board.de/59094-pc-spinnt-total.html)

cimo85 03.09.2008 19:30
Mein pc spinnt total!
 
Hallo mein pc spinnt total ich weis nicht woran es liegen könnte vielleicht könnts ihr mir helfen.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:23:07, on 03.09.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\programme\gemeinsame dateien\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\GEMEIN~1\mcafee\mcproxy\mcproxy.exe
c:\windows\explorer.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Programme\McAfee\MPF\MPFSrv.exe
C:\Programme\McAfee\MSK\MskSrver.exe
C:\PROGRA~1\McAfee.com\Agent\mcagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Programme\Java\jre1.5.0_11\bin\jusched.exe
C:\Programme\Musicmatch\Musicmatch Jukebox\mmtask.exe
C:\WINDOWS\system32\hphmon05.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Programme\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE
C:\WINDOWS\Mixer.exe
C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe
C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexStoreSvr.exe
C:\Programme\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe
c:\PROGRA~1\mcafee\msc\mcuimgr.exe
C:\Programme\Java\jre1.5.0_11\bin\jucheck.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Mozilla Firefox\firefox.exe
C:\Programme\Microsoft Works\wkswp.exe
C:\Programme\Microsoft Works\MSWorks.exe
C:\Programme\Trend Micro\HijackThis\HijackThis.exe
C:\Programme\Microsoft Works\wkgdcach.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.alice-dsl.de
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.alice-dsl.de
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
F2 - REG:system.ini: Shell=c:\windows\explorer.exe
F2 - REG:system.ini: UserInit=c:\windows\system32\userinit.exe
O1 - Hosts: 66.98.148.65 auto.search.msn.com
O1 - Hosts: 66.98.148.65 auto.search.msn.es
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {305E4BAC-44C0-4CD3-837C-1AEDFD3C43E1} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {84B94901-3645-4D80-A6B7-4D0050B19455} - (no file)
O2 - BHO: (no name) - {A23CA8A9-47D8-4DB1-AE46-0AA018CC576E} - (no file)
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: (no name) - {C3F6F4FE-85F6-4D0C-98DE-15324B09F149} - (no file)
O2 - BHO: (no name) - {C68AE9C0-0909-4DDC-B661-C1AFB9F5AE53} - (no file)
O2 - BHO: (no name) - {CD9B7762-DFBC-42B1-BB30-02A78287B456} - (no file)
O4 - HKLM\..\Run: [ScanSoft PDF Professional 4-reminder] "C:\Programme\ScanSoft\PDF Professional 4.0\Ereg\ereg.exe" -r "C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\ScanSoft\PDF Professional\4\Ereg\ereg.ini"
O4 - HKLM\..\Run: [BMc33af9ac] Rundll32.exe "C:\WINDOWS\system32\umhspktu.dll",s
O4 - HKLM\..\Run: [zzGBK] E:\setup.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [spywarefighterguard] C:\Programme\Fighters\spywarefighter\SpywarefighterUser.exe
O4 - HKLM\..\Run: [SpyHunter Security Suite] C:\Programme\Enigma Software Group\SpyHunter\SpyHunter3.exe
O4 - HKLM\..\Run: [SMrhcp06j0ej11] C:\Programme\rhcp06j0ej11\rhcp06j0ej11.exe
O4 - HKLM\..\Run: [SiteAdvisor] C:\Programme\SiteAdvisor\6066\SiteAdv.exe
O4 - HKLM\..\Run: [Second eggs type drive] C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\FirstProcSecondEggs\refuser.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe
O4 - HKLM\..\Run: [PDF4 Registry Controller] "C:\Programme\ScanSoft\PDF Professional 4.0\\RegistryController.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [mmtask] "C:\Programme\Musicmatch\Musicmatch Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [lphct06j0ej11] C:\WINDOWS\system32\lphct06j0ej11.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\GEMEIN~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [HPHUPD05] c:\Programme\Hewlett-Packard\\{5372B9A6-6E51-4f90-9B40-E0A3B8475C4E}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [HP Software Update] "c:\Programme\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Programme\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [EPSON Stylus CX3600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE /P26 "EPSON Stylus CX3600 Series" /O6 "USB002" /M "Stylus CX3600"
O4 - HKLM\..\Run: [Cpl32ver] C:\WINDOWS\System32\Cpl32ver.exe
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Programme\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Programme\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: ['Ashampoo AntiSpyWare 2 Guard'] C:\Programme\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWare2Guard.exe
O4 - HKCU\..\Run: [WindowsManager] C:\cuhv.exe
O4 - HKCU\..\Run: [UIWatcher] C:\Programme\Ashampoo\Ashampoo UnInstaller Platinum Suite\UIWatcher.exe
O4 - HKCU\..\Run: [teXXas] "C:\Programme\teXXas\teXXas.exe" /autorun
O4 - HKCU\..\Run: [Steam] "C:\Programme\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Somefox] C:\DOKUME~1\SLO~1\LOKALE~1\Temp\setup133.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programme\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [IW_Drop_Icon] C:\Programme\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe /DropDisc
O4 - HKCU\..\Run: [Internet Exit] C:\DOKUME~1\SLO~1\ANWEND~1\SIGNSI~1\1dumb.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nlpo_01] rundll32 advpack.dll,LaunchINFSection nlite.inf,nLiteReg (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nlpo_01] rundll32 advpack.dll,LaunchINFSection nlite.inf,nLiteReg (User 'Default user')
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Open with ScanSoft PDF Converter 4.0 - res://C:\Programme\ScanSoft\PDF Professional 4.0\cnvres_eng.dll /100
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PacificPoker4 - {94EDF7B4-4272-4af3-8F8B-4E2F68E225B7} - C:\PROGRA~1\PACIFI~1\pacificpoker.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programme\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programme\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: advap.dll
O10 - Unknown file in Winsock LSP: advap.dll
O10 - Unknown file in Winsock LSP: advap.dll
O10 - Unknown file in Winsock LSP: advap.dll
O10 - Unknown file in Winsock LSP: advap.dll
O10 - Unknown file in Winsock LSP: advap.dll
O10 - Unknown file in Winsock LSP: advap.dll
O10 - Unknown file in Winsock LSP: advap.dll
O10 - Unknown file in Winsock LSP: advap.dll
O10 - Unknown file in Winsock LSP: advap.dll
O10 - Unknown file in Winsock LSP: advap.dll
O10 - Unknown file in Winsock LSP: advap.dll
O10 - Unknown file in Winsock LSP: advap.dll
O10 - Unknown file in Winsock LSP: advap.dll
O10 - Unknown file in Winsock LSP: advap.dll
O10 - Unknown file in Winsock LSP: advap.dll
O10 - Unknown file in Winsock LSP: advap.dll
O10 - Unknown file in Winsock LSP: advap.dll
O10 - Unknown file in Winsock LSP: advap.dll
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} -
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F551} -
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{996BA7BD-CE70-42E3-B4FD-16021CED5AD7}: NameServer = 213.191.92.86 62.109.123.7
O20 - AppInit_DLLs: eyrmer.dll
O20 - Winlogon Notify: gebqrkia - C:\WINDOWS\SYSTEM32\geBqRkIa.dll
O20 - Winlogon Notify: rqRIcYOe - C:\WINDOWS\
O21 - SSODL: wmphost - {31CD9B8F-4493-4ADD-AE27-AB043503737E} - (no file)
O21 - SSODL: wmpdev - {37984921-C32B-4E36-9D36-292FBC0F025C} - (no file)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\programme\gemeinsame dateien\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\GEMEIN~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Programme\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Programme\McAfee\MSK\MskSrver.exe
O23 - Service: NBService - Nero AG - C:\Programme\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programme\CyberLink\Shared files\RichVideo.exe (file missing)

--
End of file - 12779 bytes

Aggro Berlin 03.09.2008 19:31
Hallöle kannst du mal ein bisschen konkreter werden??

mfg

cimo85 03.09.2008 19:41
mein internet ist langsam mein pc stürzt oft ab alles ist sehr langsam.
Vor kurzem hatte ich paar viren drauf das habe ich bekämpft mit Malwarebytes und seit dem ist alles langsamer geworden.

Aggro Berlin 03.09.2008 19:45
Hallöle

also hast du eine Firewall und ein Antivirensystem?

also ich würde dein System SASW scannen lassen und noch einmal mit Malwarebytes scannen lassen und ganz wichtig immer updaten
und noch mit Blacklight scannen lassen.

mfg

cimo85 03.09.2008 19:49
firewall habe ich nicht nur von xp antivirensystem habe ich mcaffee

Aggro Berlin 03.09.2008 19:56
Also hast du die MS Firewall???

aber hast du schon dein System gescannt wie ichs gesagt hab??

mfg


Alle Zeitangaben in WEZ +1. Es ist jetzt 12:37 Uhr.

Copyright ©2000-2024, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129