Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Mülltonne (https://www.trojaner-board.de/muelltonne/)
-   -   Benötige dringende Hilfe!!! Server 2003 (https://www.trojaner-board.de/41381-benoetige-dringende-hilfe-server-2003-a.html)

Horst2000 27.07.2007 15:46
Benötige dringende Hilfe!!! Server 2003
 
Hallo zusammen,

ich habe folgenden LogFile.
Bitte um dringende Hilfe!!!
Bedanke mich vorab!



Logfile of HijackThis v1.99.1
Scan saved at 16:33:17, on 27.07.07
Platform: Windows 2003 SP2 (WinNT 5.02.3790)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\windows\system32\dllcache\svchost.dll
C:\Programme\CA\BrightStor ARCserve Backup\DBENG.exe
C:\Programme\CA\SharedComponents\BrightStor\CADS\casdscsvc.exe
C:\Programme\CA\BrightStor ARCserve Backup\jobeng.exe
C:\Programme\CA\BrightStor ARCserve Backup\msgeng.exe
C:\Programme\CA\BrightStor ARCserve Backup\caserved.exe
C:\Programme\CA\BrightStor ARCserve Backup\casmrtbk.exe
C:\Programme\CA\BrightStor ARCserve Backup\tapeeng.exe
C:\Programme\CA\BrightStor ARCserve Backup\cadiscovd.exe
C:\Programme\CA\SharedComponents\BrightStor\UniAgent\UnivAgent.exe
C:\Programme\CA\BrightStor ARCserve Backup\Catirpc.exe
C:\Programme\CA\SharedComponents\CA_LIC\lic98rmt.exe
C:\Programme\Tobit ClipInc\Server\ClipInc-Server.exe
C:\Programme\Tobit ClipInc\Server\ClipInc-Server.exe
C:\David\APPS\DSERVER\CODE\DSERVER.EXE
C:\David\APPS\DVGRAB\CODE\DVGRAB.EXE
C:\David\APPS\POSTMAN\CODE\POSTMAN.EXE
C:\David\APPS\REPLICA\CODE\REPLICA.EXE
C:\David\CODE\SL.EXE
C:\Programme\CA\BrightStor ARCserve Backup\RDS.EXE
C:\Programme\CA\BrightStor ARCserve Backup\caloggerd.exe
C:\David\tld\code\CAPI\tld.exe
C:\David\tld\code\CAPI\tld.exe
C:\David\APPS\WEBBOX\CODE\WEBBOX.EXE
C:\Programme\CA\SharedComponents\BrightStor\DBAcommon\DBASVR.exe
C:\WINDOWS\system32\Dfssvc.exe
C:\WINDOWS\System32\dns.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Symantec\Norton Ghost 2003\GhostStartService.exe
C:\Programme\CA\iGateway\igateway.exe
C:\WINDOWS\System32\ismserv.exe
C:\Programme\CA\SharedComponents\CA_LIC\LogWatNT.exe
C:\Programme\McAfee\Common Framework\FrameworkService.exe
C:\Programme\McAfee\VirusScan Enterprise\Mcshield.exe
C:\Programme\McAfee\VirusScan Enterprise\VsTskMgr.exe
C:\Programme\CA\BrightStor ARCserve Backup\Mediasvr.exe
C:\windows\security\secapp.dll
C:\Programme\CA\BrightStor ARCserve Backup\caauthd.exe
C:\WINDOWS\system32\netservice.exe
C:\WINDOWS\msagent\netmon.exe
C:\WINDOWS\system32\ntfrs.exe
C:\Programme\CA\BrightStor Backup Agent for Open Files\Ofant.exe
C:\Programme\CA\BrightStor ARCserve Backup Agent for Microsoft SQL Server\dbasqlr.exe
C:\WINDOWS\AntiTrojan.dll
C:\Programme\CA\BrightStor ARCserve Backup\LQServer.exe
C:\Programme\ORL\VNC\WinVNC.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\CA\BrightStor ARCserve Backup\asalert.exe
C:\Programme\CA\BrightStor ARCserve Backup\LDBServer.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ASUS\Probe\AsusProb.exe
C:\Programme\Tobit Software ViProtect\TAVfD.exe
C:\Programme\Symantec\Norton Ghost 2003\GhostStar**rayApp.exe
C:\Programme\Tobit ClipInc\Player\ClipIncTray.exe
C:\Programme\McAfee\Common Framework\UdaterUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\McAfee\Common Framework\McTray.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\mmc.exe
C:\Dokumente und Einstellungen\Administrator\Desktop\hijackthis_199\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = res://shdoclc.dll/hardAdmin.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

h**p://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

h**p://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

h**p://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

h**p://go.microsoft.com/fwlink/?LinkId=69157
O4 - HKLM\..\Run: [Ptipbmf] rundll32.exe ptipbmf.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [WinVNC] "C:\Programme\ORL\VNC\WinVNC.exe" -servicehelper
O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe
O4 - HKLM\..\Run: [Tobit AntiVirus for Desktops] "C:\Programme\Tobit Software ViProtect\TAVfD.exe" -HIDE
O4 - HKLM\..\Run: [GhostStar**rayApp] C:\Programme\Symantec\Norton Ghost 2003\GhostStar**rayApp.exe
O4 - HKLM\..\Run: [ClipIncSrvTray] "C:\Programme\Tobit ClipInc\Player\ClipIncTray.exe"
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Programme\McAfee\Common Framework\UdaterUI.exe"

/StartedFromRunKey
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Abou**ime.lnk = C:\Programme\Abou**ime\Abou**ime.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Nach Microsoft &Excel exportieren -

res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = KU**IG.GMBH
O17 - HKLM\Software\..\Telephony: DomainName = KU**IG.GMBH
O17 - HKLM\System\CCS\Services\Tcpip\..\{5BCD7098-5C8D-4C7B-9EB3-FAF3A3CAD735}: NameServer =

192.168.100.44,192.168.100.2
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = KU**IG.GMBH
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = KU**IG.GMBH
O20 - Winlogon Notify: dimsntfy - C:\WINDOWS\SYSTEM32\dimsntfy.dll
O23 - Service: Localhost Service (Anti-V) - Cat Soft - c:\windows\system32\dllcache\svchost.dll
O23 - Service: Cosynus BlackBerry Connector (BlackBerry4Dv) - Unknown owner -

C:\WINDOWS\system32\srvany.exe
O23 - Service: CA BrightStor-Datenbankprozess (CASDBEngine) - Computer Associates -

C:\Programme\CA\BrightStor ARCserve Backup\DBENG.exe
O23 - Service: CA BrightStor Discovery Service (CASDiscoverySvc) - Computer Associates -

C:\Programme\CA\SharedComponents\BrightStor\CADS\casdscsvc.exe
O23 - Service: CA BrightStor-Jobprozess (CASJobEngine) - Computer Associates -

C:\Programme\CA\BrightStor ARCserve Backup\jobeng.exe
O23 - Service: CA BrightStor-Nachrichtenprozess (CASMsgEngine) - Computer Associates -

C:\Programme\CA\BrightStor ARCserve Backup\msgeng.exe
O23 - Service: CA BrightStor-Dienst-Controller (CASSvcControlSvr) - Computer Associates -

C:\Programme\CA\BrightStor ARCserve Backup\caserved.exe
O23 - Service: CA BrightStor-Bandprozess (CASTapeEngine) - Computer Associates -

C:\Programme\CA\BrightStor ARCserve Backup\tapeeng.exe
O23 - Service: CA BrightStor-Domänenserver (CASUnivDomainSvr) - Computer Associates -

C:\Programme\CA\BrightStor ARCserve Backup\cadiscovd.exe
O23 - Service: CA BrightStor Universal Agent (CASUniversalAgent) - Computer Associates -

C:\Programme\CA\SharedComponents\BrightStor\UniAgent\UnivAgent.exe
O23 - Service: CA-Server für Remote-Prozeduraufruf (CATIRPC) - Computer Associates -

C:\Programme\CA\BrightStor ARCserve Backup\Catirpc.exe
O23 - Service: CA License Client (CA_LIC_CLNT) - Computer Associates International Inc. -

C:\Programme\CA\SharedComponents\CA_LIC\lic98rmt.exe
O23 - Service: CA License Server (CA_LIC_SRVR) - Computer Associates International Inc. -

C:\Programme\CA\SharedComponents\CA_LIC\lic98rmtd.exe
O23 - Service: ClipInc 001 (ClipInc001) - Unknown owner - C:\Programme\Tobit

ClipInc\Server\ClipInc-Server.exe
O23 - Service: ClipInc 002 (ClipInc002) - Unknown owner - C:\Programme\Tobit

ClipInc\Server\ClipInc-Server.exe
O23 - Service: David Discussion Server (DavidDiscussionServer) - Tobit Software -

C:\David\APPS\DSERVER\CODE\DSERVER.EXE
O23 - Service: David Grabbing Server (DavidGrabbingServer) - Tobit Software -

C:\David\APPS\DVGRAB\CODE\DVGRAB.EXE
O23 - Service: David Host (DavidHost) - Tobit Software - C:\David\APPS\DVHOST\CODE\DVHOST.EXE
O23 - Service: David Mail Access Server (DavidMailAccessServer) - Tobit Software -

C:\David\APPS\MASERVER\CODE\MASERVER.EXE
O23 - Service: David PBXpense (DavidPBXpense) - Tobit Software -

C:\David\Apps\pbxpense\code\pbxpense.exe
O23 - Service: David PostMan (DavidPostMan) - Tobit Software - C:\David\APPS\POSTMAN\CODE\POSTMAN.EXE
O23 - Service: David Replica (DavidReplica) - Tobit Software - C:\David\APPS\REPLICA\CODE\REPLICA.EXE
O23 - Service: David Service Layer (DavidServiceLayer) - Tobit Software - C:\David\CODE\SL.EXE
O23 - Service: David Show Interface Services (DavidShowInterfaceServices) - Tobit Software -

C:\David\apps\showis\showis.exe
O23 - Service: David TLD 001 (DavidTLD001) - Tobit Software - C:\David\tld\code\CAPI\tld.exe
O23 - Service: David TLD 002 (DavidTLD002) - Tobit Software - C:\David\tld\code\CAPI\tld.exe
O23 - Service: David WebBox (DavidWebBox) - Tobit Software - C:\David\APPS\WEBBOX\CODE\WEBBOX.EXE
O23 - Service: CA BrightStor Backup Agent RPC-Server (DbaRpcService) - Computer Associates -

C:\Programme\CA\SharedComponents\BrightStor\DBAcommon\DBASVR.exe
O23 - Service: GhostStartService - Symantec Corporation - C:\Programme\Symantec\Norton Ghost

2003\GhostStartService.exe
O23 - Service: iTechnology iGateway 3.0 (iGateway) - Computer Associates -

C:\Programme\CA\iGateway\igateway.exe
O23 - Service: Event Log Watch (LogWatch) - Computer Associates -

C:\Programme\CA\SharedComponents\CA_LIC\LogWatNT.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Unknown owner - C:\Programme\McAfee\Common

Framework\FrameworkService.exe" /ServiceStart (file missing)
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Programme\McAfee\VirusScan

Enterprise\Mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Programme\McAfee\VirusScan

Enterprise\VsTskMgr.exe
O23 - Service: Microsoft Security Monitoring Service (MSSecMonSrv) - Unknown owner -

C:\windows\security\secapp.dll
O23 - Service: Network Monitoring Service (NetMonSrv) - Unknown owner -

C:\WINDOWS\system32\netservice.exe
O23 - Service: TCP/IP Network Monitoring Service (Ne**cpSrv) - Unknown owner -

C:\WINDOWS\msagent\netmon.exe
O23 - Service: CA Backup Agent for Open Files (OpenFileAgent) - Computer Associates -

C:\Programme\CA\BrightStor Backup Agent for Open Files\Ofant.exe
O23 - Service: CA BrightStor BrightStor Backup Agent-Remote-Dienst (RemoteDbagent) - Computer Associates

- C:\Programme\CA\BrightStor ARCserve Backup Agent for Microsoft SQL Server\dbasqlr.exe
O23 - Service: Remote Controller (RpcCtr) - Unknown owner - C:\WINDOWS\AntiTrojan.dll
O23 - Service: Tcp-Ip Protocol (secapp) - Unknown owner - C:\WINDOWS\security\secapp.dll
O23 - Service: Serv-U FTP Server (Serv-U) - Unknown owner - C:\WINDOWS\system32\netservice.exe
O23 - Service: Tobit AntiVirus for Desktops Service (TAVFDService) - Unknown owner -

C:\PROGRA~1\TOBITA~1\TAVFDSrv.EXE (file missing)
O23 - Service: VNC Server (winvnc) - Unknown owner - C:\Programme\ORL\VNC\WinVNC.exe" -service (file

missing)


Alle Zeitangaben in WEZ +1. Es ist jetzt 14:48 Uhr.

Copyright ©2000-2024, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129