Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Mülltonne (https://www.trojaner-board.de/muelltonne/)
-   -   Your Computer is Infected (https://www.trojaner-board.de/56484-your-computer-is-infected.html)

Basti1233 22.07.2008 00:56
Your Computer is Infected
 
Hallo
Ich hab schon alles ausprobiert aber es erscheint immer noch diese meldung.
kann mir mal einer bitte helfen. hier mal dieses ding was ihr immer sehen müsst.

Zitat:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:42:35, on 22.07.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\csrss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\Ati2evxx.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\system32\svchost.exe
H:\Programme\Gemeinsame Dateien\Symantec Shared\CCPD-LC\symlcsvc.exe
H:\WINDOWS\system32\Ati2evxx.exe
H:\WINDOWS\Explorer.EXE
H:\Programme\Lavasoft\Ad-Aware 2007\aawservice.exe
H:\WINDOWS\system32\spoolsv.exe
H:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe
H:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe
H:\WINDOWS\system32\cisvc.exe
H:\Programme\Ahead\InCD\InCDsrv.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\ups.exe
H:\WINDOWS\System32\alg.exe
H:\WINDOWS\system32\cidaemon.exe
H:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe
H:\Programme\T-Online\T-Online_Software_5\Basis-Software\Basis1\ToADiMon.exe
H:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
H:\WINDOWS\system32\braviax.exe
H:\WINDOWS\system32\ctfmon.exe
H:\Programme\Spybot - Search & Destroy\TeaTimer.exe
H:\Programme\T-Online\T-Online_Software_5\Basis-Software\Basis2\kernel.exe
H:\Programme\T-Online\T-Online_Software_5\Basis-Software\Basis2\sc_watch.exe
H:\PROGRA~1\T-Online\T-ONLI~1\BASIS-~1\Basis2\PROFIL~1.EXE
H:\PROGRAMME\MOZILLA FIREFOX\FIREFOX.EXE
H:\PROGRAMME\T-ONLINE\T-ONLINE_SOFTWARE_5\EMAIL\MAIL.EXE
H:\Programme\Avira\AntiVir PersonalEdition Classic\GUARDGUI.EXE
H:\Programme\Avira\AntiVir PersonalEdition Classic\GUARDGUI.EXE
H:\Dokumente und Einstellungen\Basti\Desktop\HiJackThis.exe
H:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - H:\Programme\Search Settings\kb127\SearchSettings.dll (file missing)
F2 - REG:system.ini: UserInit=H:\WINDOWS\system32\userinit.exe,H:\WINDOWS\system32\ntos.exe,
O3 - Toolbar: T-Online Toolbar 2.0 - {25F97EB4-1C02-45BA-BA0C-E67AACE64D4A} - H:\Programme\T-Online\T-Online_Toolbar_2\T-Online_Toolbar_2.0.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - H:\PROGRA~1\ICQTOO~1\toolbaru.dll (file missing)
O3 - Toolbar: BizForm Bar - {C46CED39-05C9-40C3-88D1-E07AB8128E02} - H:\Programme\BizForm Bar\Toolbar\BizFormBar.dll (file missing)
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - H:\Programme\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: [avgnt] "H:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [ToADiMon.exe] H:\Programme\T-Online\T-Online_Software_5\Basis-Software\Basis1\ToADiMon.exe -TOnlineAutodialStart
O4 - HKLM\..\Run: [TkBellExe] "H:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [braviax] H:\WINDOWS\system32\braviax.exe
O4 - HKCU\..\Run: [ctfmon.exe] H:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] H:\Programme\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [InfoCockpit] H:\Programme\T-Online\T-Online_Software_6\Info-Cockpit\IC_START.EXE /nosplash (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: DSL-Manager.lnk = H:\Programme\DSL-Manager\DslMgr.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: T-Online DSL-Manager.lnk = H:\Programme\T-Online\DSL-Manager\TODslMgr.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: DSL-Manager.lnk = H:\Programme\DSL-Manager\DslMgr.exe (User 'Default user')
O4 - .DEFAULT Startup: T-Online DSL-Manager.lnk = H:\Programme\T-Online\DSL-Manager\TODslMgr.exe (User 'Default user')
O8 - Extra context menu item: &eBay Search - res://H:\Programme\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZN
O8 - Extra context menu item: Lookup on Merriam Webster - file://H:\Programme\ieSpell\Merriam Webster.HTM
O8 - Extra context menu item: Lookup on Wikipedia - file://H:\Programme\ieSpell\wikipedia.HTM
O8 - Extra context menu item: RF - Formular ausfüllen - file://H:\Programme\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: RF - Formular speichern - file://H:\Programme\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: RF - Menü anpassen - file://H:\Programme\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: RF - RoboForm-Leiste ein/aus - file://H:\Programme\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Programme\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Programme\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra button: Ausfüllen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://H:\Programme\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: RF - Formular ausfüllen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://H:\Programme\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Speichern - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://H:\Programme\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: RF - Formular speichern - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://H:\Programme\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://H:\Programme\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RF - RoboForm-Leiste ein/aus - {724d43aa-0d85-11d4-9908-00400523e39a} - file://H:\Programme\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - H:\Programme\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - H:\Programme\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - H:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - H:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - H:\Programme\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - H:\Programme\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Programme\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: h:\windows\system32\nwprovau.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/german/partner/de/kavwebscan_unicode.cab
O16 - DPF: {10132C0C-B4E5-11D5-AB9E-444553540000} (PCVRA.VRPCA) - http://www.visualradio.de/download/VRPCA.CAB
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.15.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-3-48.cab
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://simcity.ea.com/update/EARTPX.cab
O16 - DPF: {85D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin class) - http://secure2.comned.com/signuptemplates/securelogin-devel.cab
O16 - DPF: {C36661D7-3590-45B1-80B5-520839E94DAD} (MaxisSimCity4PatcherX Control) - http://simcity.ea.com/update/MaxisSimCity4PatcherX.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D2982A7F-489A-47F5-A319-FC1F14EBC245} (Navigator Class) - http://www.nutzwerk.de/control/NutzNavi.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{D2E6BCA0-49F7-4EC1-BFBC-017DB30CCACA}: NameServer = 217.237.151.51 217.237.149.205
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - H:\Programme\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - H:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - H:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - H:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - H:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Automatisches LiveUpdate - Scheduler - Unknown owner - H:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Boonty Games - BOONTY - H:\Programme\Gemeinsame Dateien\BOONTY Shared\Service\Boonty.exe
O23 - Service: Hotspot Manager (HotSpotFSvc) - Unknown owner - H:\Programme\Gemeinsame Dateien\T-COM\HotspotMgr\HotSpotFSvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - H:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD File System Service (InCDsrv) - AHEAD Software - H:\Programme\Ahead\InCD\InCDsrv.exe
O23 - Service: lxcy_device - - H:\WINDOWS\system32\lxcycoms.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - H:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Symantec Core LC - Symantec Corporation - H:\Programme\Gemeinsame Dateien\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: DSL-Manager (TDslMgrService) - T-Systems Enterprise Services GmbH - H:\Programme\DSL-Manager\DslMgrSvc.exe

--
End of file - 10860 bytes
kann mir mal bitte bitte einer helfen:heulen::heulen::headbang:

mfg.basti


Alle Zeitangaben in WEZ +1. Es ist jetzt 02:30 Uhr.

Copyright ©2000-2024, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28