Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Mülltonne (https://www.trojaner-board.de/muelltonne/)
-   -   Mpeg time.exe (https://www.trojaner-board.de/29663-mpeg-time-exe.html)

Philaner 02.06.2006 18:34
Mpeg time.exe
 
Logfile of HijackThis v1.99.1
Scan saved at 19:30:43, on 02.06.2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
G:\WINDOWS\System32\smss.exe
G:\WINDOWS\system32\csrss.exe
G:\WINDOWS\system32\winlogon.exe
G:\WINDOWS\system32\services.exe
G:\WINDOWS\system32\lsass.exe
G:\WINDOWS\system32\Ati2evxx.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\System32\svchost.exe
G:\Programme\TGTSoft\StyleXP\StyleXPService.exe
G:\WINDOWS\System32\svchost.exe
G:\WINDOWS\System32\svchost.exe
G:\WINDOWS\system32\Ati2evxx.exe
G:\WINDOWS\Explorer.EXE
G:\WINDOWS\system32\spoolsv.exe
C:\Logitech\MouseWare\system\em_exec.exe
D:\powerstrip\pstrip.exe
G:\Programme\DAEMON Tools\daemon.exe
G:\Programme\ATI Technologies\ATI.ACE\cli.exe
D:\Winamp\winampa.exe
G:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
G:\WINDOWS\System32\CTsvcCDA.EXE
D:\Spyware Doctor\sdhelp.exe
D:\steam\steam.exe
G:\Programme\MSN Messenger\msnmsgr.exe
G:\WINDOWS\System32\svchost.exe
D:\Spyware Doctor\swdoctor.exe
G:\WINDOWS\System32\wdfmgr.exe
D:\Miranda IM\Miranda IM\miranda32.exe
E:\mIRC\mirc.exe
G:\Programme\ATI Technologies\ATI.ACE\CLI.exe
g:\progra~1\intern~1\iexplore.exe
G:\Programme\Internet Explorer\iexplore.exe
G:\Programme\AntiVir PersonalEdition Classic\avgnt.exe
G:\Programme\AntiVir PersonalEdition Classic\sched.exe
D:\Winamp\winamp.exe
G:\WINDOWS\System32\CTPdeSrv.exe
D:\Ventrilo1\Ventrilo.exe
C:\firefox.exe
C:\Programme\Outlook Express\msimn.exe
G:\Dokumente und Einstellungen\Phil\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - D:\ICQ2003a\ICQToolbar\toolbaru.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - G:\Programme\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - D:\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - g:\programme\google\googletoolbar2.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - D:\SPYWAR~1\tools\iesdpb.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - D:\ICQ2003a\ICQToolbar\toolbaru.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - G:\WINDOWS\system32\msdxm.ocx
O4 - HKLM\..\Run: [UpdReg] G:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [CTStartup] G:\Programme\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [PowerStrip] d:\powerstrip\pstrip.exe
O4 - HKLM\..\Run: [DAEMON Tools] "G:\Programme\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [ATICCC] "G:\Programme\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [WinampAgent] D:\Winamp\winampa.exe
O4 - HKLM\..\Run: [TkBellExe] "G:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [Steam] "d:\steam\steam.exe" -silent
O4 - HKCU\..\Run: [STYLEXP] G:\Programme\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [msnmsgr] "G:\Programme\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Spyware Doctor] "D:\Spyware Doctor\swdoctor.exe" /Q
O4 - HKCU\..\Run: [Show Vc] G:\DOKUME~1\Phil\ANWEND~1\LISTWA~1\Mpeg time.exe
O4 - Global Startup: ATI CATALYST-Infobereich.lnk = G:\Programme\ATI Technologies\ATI.ACE\CLI.exe
O8 - Extra context menu item: &Google Search - res://g:\programme\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &ICQ Toolbar Search - res://D:\ICQ2003a\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: Backward Links - res://g:\programme\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://g:\programme\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://g:\programme\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://g:\programme\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - D:\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - D:\ICQ2003A\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - D:\ICQ2003A\ICQ.exe
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\ICQ2003a\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\ICQ2003a\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Programme\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Programme\Messenger\MSMSGS.EXE
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://www.ea.com/downloads/rtpatch/EARTPX.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://207.188.7.150/213ed927be0e970d6b06/netzip/RdxIE601_de.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{12B4350F-3C28-4E90-A345-DE8928C1E40D}: NameServer = 217.237.151.225,217.237.150.225
O17 - HKLM\System\CS1\Services\Tcpip\..\{12B4350F-3C28-4E90-A345-DE8928C1E40D}: NameServer = 217.237.151.225,217.237.150.225
O17 - HKLM\System\CS2\Services\Tcpip\..\{12B4350F-3C28-4E90-A345-DE8928C1E40D}: NameServer = 217.237.151.225
O17 - HKLM\System\CS3\Services\Tcpip\..\{12B4350F-3C28-4E90-A345-DE8928C1E40D}: NameServer = 217.237.151.225
O17 - HKLM\System\CS4\Services\Tcpip\..\{12B4350F-3C28-4E90-A345-DE8928C1E40D}: NameServer = 217.237.151.225,217.237.150.225
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "G:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - G:\Programme\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - AVIRA GmbH - G:\Programme\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - G:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - G:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - G:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: Macromedia Licensing Service - Macromedia - G:\Programme\Gemeinsame Dateien\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - D:\Spyware Doctor\sdhelp.exe
O23 - Service: StyleXPService - Unknown owner - G:\Programme\TGTSoft\StyleXP\StyleXPService.exe


Hallo!
Ich habe seit längerer Zeit diese komische Mpeg time.exe welche ich weder mit Anti Vir noch mit irgendwelchen andere Programmen wegkriege.
Hat vielleicht jmd Erfahrung mit diesem "Virus" und kann mir Hilfestellung geben?

cosinus 02.06.2006 20:13
Zitat:
G:\DOKUME~1\Phil\ANWEND~1\LISTWA~1\Mpeg time.exe
Werte diese Datei bei Jotti oder Virustotal aus. Ergebnisse posten.

GUA 02.06.2006 21:40
einfach mal hier nachlesen, dann klappts auch mit der hilfe

http://www.trojaner-board.de/extra/impressum.html#NUB

GUA


Alle Zeitangaben in WEZ +1. Es ist jetzt 12:29 Uhr.

Copyright ©2000-2024, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129