Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   ljhmkand.exe ???? (https://www.trojaner-board.de/69263-ljhmkand-exe.html)

Kawa-Mika 28.01.2009 19:45
ljhmkand.exe ????
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:41:46, on 28.01.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\Ati2evxx.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\Ati2evxx.exe
F:\WINDOWS\system32\spoolsv.exe
F:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe
F:\WINDOWS\Explorer.EXE
F:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe
F:\Programme\Java\jre6\bin\jqs.exe
F:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
F:\WINDOWS\system32\HPZipm12.exe
F:\WINDOWS\system32\svchost.exe
F:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe
F:\Programme\Logitech\iTouch\iTouch.exe
F:\Programme\Winamp\winampa.exe
F:\WINDOWS\RTHDCPL.EXE
F:\Programme\Spamihilator\spamihilator.exe
F:\Programme\Java\jre6\bin\jusched.exe
F:\Programme\T-DSL SpeedManager\SpeedMgr.exe
F:\Programme\avmwlanstick\FRITZWLANMini.exe
F:\Programme\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
F:\WINDOWS\system32\ctfmon.exe
F:\Programme\Spybot - Search & Destroy\TeaTimer.exe
F:\Programme\Eraser\eraser.exe
F:\dokumente und einstellungen\administrator\lokale einstellungen\anwendungsdaten\ljhmkand.exe
F:\Programme\OpenOffice.org 2.4\program\soffice.exe
F:\Programme\OpenOffice.org 2.4\program\soffice.BIN
F:\Programme\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
F:\WINDOWS\system32\wbem\wmiapsrv.exe
F:\Programme\T-DSL SpeedManager\tsmsvc.exe
F:\WINDOWS\system32\wuauclt.exe
f:\programme\internet explorer\iexplore.exe
F:\Programme\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.freenet.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - F:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - F:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - F:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - F:\Programme\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Programme\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - f:\programme\google\googletoolbar2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - F:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - f:\programme\google\googletoolbar2.dll
O3 - Toolbar: Falk Toolbar - {F1864DD1-3DC9-11D8-A015-00105ADD2ADA} - F:\Programme\Falk\Falk Toolbar\FalkBar.dll
O3 - Toolbar: &Save Flash - {4064EA35-578D-4073-A834-C96D82CBCF40} - F:\Programme\Save Flash\SaveFlash.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - F:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] F:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] F:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKLM\..\Run: [avgnt] "F:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [zBrowser Launcher] F:\Programme\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "F:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [WinampAgent] F:\Programme\Winamp\winampa.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Spamihilator] "F:\Programme\Spamihilator\spamihilator.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "F:\Programme\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] F:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "F:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [T-DSL SpeedMgr] "F:\Programme\T-DSL SpeedManager\SpeedMgr.exe"
O4 - HKLM\..\Run: [AVMWlanClient] F:\Programme\avmwlanstick\FRITZWLANMini.exe
O4 - HKLM\..\Run: [StartCCC] "F:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [bkcpibni] "f:\dokumente und einstellungen\administrator\lokale einstellungen\anwendungsdaten\bkcpibni.exe" bkcpibni
O4 - HKCU\..\Run: [SpybotSD TeaTimer] F:\Programme\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Eraser] F:\Programme\Eraser\eraser.exe -hide
O4 - HKCU\..\Run: [ljhmkand] "f:\dokumente und einstellungen\administrator\lokale einstellungen\anwendungsdaten\ljhmkand.exe" ljhmkand
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: DSL-Manager.lnk = F:\Programme\T-Online\DSL-Manager\DslMgr.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: DSL-Manager.lnk = F:\Programme\T-Online\DSL-Manager\DslMgr.exe (User 'Default user')
O4 - Startup: OpenOffice.org 2.4.lnk = F:\Programme\OpenOffice.org 2.4\program\quickstart.exe
O8 - Extra context menu item: Als Start in Falk übernehmen - res://F:\PROGRA~1\Falk\FALKTO~1\FalkBar.dll/SetAsStart
O8 - Extra context menu item: Als Ziel in Falk übernehmen - res://F:\PROGRA~1\Falk\FALKTO~1\FalkBar.dll/SetAsDest
O8 - Extra context menu item: E&xport to Microsoft Excel - res://F:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Falk Stadtplan anzeigen - res://F:\PROGRA~1\Falk\FALKTO~1\FalkBar.dll/GetMap
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - F:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - F:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: @F:\Programme\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @F:\Programme\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Programme\Messenger\msmsgs.exe
O9 - Extra button: Klicke hier um das Projekt xp-AntiSpy zu unterstützen - {0e921e80-267a-42aa-aee4-60b9a1222a44} - F:\Programme\xp-AntiSpy\sponsoring\sponsor.html (HKCU)
O9 - Extra 'Tools' menuitem: Unterstützung für xp-AntiSpy - {0e921e80-267a-42aa-aee4-60b9a1222a44} - F:\Programme\xp-AntiSpy\sponsoring\sponsor.html (HKCU)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://express.foto.com/ImageUploader5.cab
O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} (IPSUploader4 Control) - http://photoservice.fujicolor.de/ips-opdata/layout/fuji01/activex/IPSUploader4.cab
O23 - Service: Avira AntiVir Personal - Free Antivirus Planer (AntiVirScheduler) - Avira GmbH - F:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - F:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - F:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - F:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Google Updater Service (gusvc) - Google - F:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - F:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - F:\Programme\Java\jre6\bin\jqs.exe
O23 - Service: Pml Driver HPZ12 - HP - F:\WINDOWS\system32\HPZipm12.exe
O23 - Service: TSMService - T-Systems Nova, Berkom - F:\Programme\T-DSL SpeedManager\tsmsvc.exe

--
End of file - 9433 bytes


Alle Zeitangaben in WEZ +1. Es ist jetzt 07:01 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55