Win32:interceptor (trj)
 

Hallo!

Bin neu hier, deshalb entschuldigt, wenn ich was falsch mache.
Hab mir dummerweise grad von w*w.spionfrei.de die Software gedownloaded und bei der Installation hat mein Antiviren-Programm (Avast) gleich gepiept wie ein Verrückter: win32:interceptor (trj)

Kann das echt sein, dass ich mir selber nen Trojaner runtergeladen habe?? Wisst ihr irgendwas über das Programm?

Danke!

hallo,

bitte poste ein HJT logfile nach der anleitung in meiner signatur

Logfile of HijackThis v1.99.1
Scan saved at 16:27:36, on 16.01.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Sygate\SPF\smc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
F:\Programme\Avast4\aswUpdSv.exe
F:\Programme\Avast4\ashServ.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
F:\Programme\Avast4\ashMaiSv.exe
F:\Programme\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Programme\Office Mouse\moffice.exe
F:\Programme\PestPatrol\PPMemCheck.exe
F:\Programme\PestPatrol\PPControl.exe
F:\Programme\PestPatrol\CookiePatrol.exe
C:\PROGRA~1\GEMEIN~1\PCSuite\DATALA~1\DATALA~1.EXE
F:\PROGRA~1\Nokia\PCSUIT~2\NOKIAP~1\TRAYAP~1.EXE
F:\PROGRA~1\Avast4\ashDisp.exe
C:\Programme\Gemeinsame Dateien\Nokia\NCLTools\NCLConf.exe
C:\Programme\T-Online\DSL-Manager\TODslMgr.exe
C:\WINDOWS\system32\ctfmon.exe
F:\Programme\a-squared\a2guard.exe
F:\Programme\Hewlett-Packard\AiO\hp officejet g series\Bin\hpoavn07.exe
C:\Programme\Office Mouse\MOUSE32A.EXE
C:\PROGRA~1\GEMEIN~1\PCSuite\Services\SERVIC~1.EXE
C:\Programme\T-Online\DSL-Manager\TODslSvc.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
F:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exe
F:\Programme\Hewlett-Packard\AiO\Shared\bin\hpOSTS07.exe
F:\Programme\Hewlett-Packard\AiO\Shared\bin\hpOFXM07.exe
C:\WINDOWS\system32\hpoipm07.exe
F:\Programme\hijackthis\HijackThis.exe
F:\Programme\Opera\Opera.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://192.168.2.1/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: metaspinner media GmbH - {7C7A8947-5935-4430-AC0E-E7D04697414E} - (disabled by BHODemon)
O2 - BHO: metaspinner media GmbH - {84B94901-3645-4D80-A6B7-4D0050B19455} - (no file)
O2 - BHO: metaspinner media GmbH - {CD9B7762-DFBC-42B1-BB30-02A78287B456} - (no file)
O2 - BHO: metaspinner media GmbH - {D3AA56A9-8137-4950-A6F9-D0190A82AF2A} - (no file)
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Programme\Office Mouse\moffice.exe
O4 - HKLM\..\Run: [PPMemCheck] F:\Programme\PestPatrol\PPMemCheck.exe
O4 - HKLM\..\Run: [PestPatrol Control Center] F:\Programme\PestPatrol\PPControl.exe
O4 - HKLM\..\Run: [CookiePatrol] F:\Programme\PestPatrol\CookiePatrol.exe
O4 - HKLM\..\Run: [DataLayer] C:\PROGRA~1\GEMEIN~1\PCSuite\DATALA~1\DATALA~1.EXE
O4 - HKLM\..\Run: [PCSuiteTrayApplication] F:\PROGRA~1\Nokia\PCSUIT~2\NOKIAP~1\TRAYAP~1.EXE
O4 - HKLM\..\Run: [avast!] F:\PROGRA~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Nokia Connection Monitor] "C:\Programme\Gemeinsame Dateien\Nokia\NCLTools\NCLConf.exe"
O4 - HKLM\..\Run: [T-Online DSL-Manager] "C:\Programme\T-Online\DSL-Manager\TODslMgr.exe"
O4 - HKCU\..\Run: [IncrediMail] C:\PROGRA~1\INCRED~1\bin\IncMail.exe /c
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [a-squared] "F:\Programme\a-squared\a2guard.exe"
O4 - Global Startup: HPAiODevice(hp officejet g series) - 1.lnk = F:\Programme\Hewlett-Packard\AiO\hp officejet g series\Bin\hpoavn07.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: &eBay Search - res://F:\Programme\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: Mobilen Favoriten erstellen - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - F:\Programme\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - F:\Programme\Microsoft ActiveSync\INetRepl.dll
O9 - Extra 'Tools' menuitem: Mobilen Favoriten erstellen... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - F:\Programme\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\spacklsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\spacklsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\spacklsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\spacklsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\spacklsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\spacklsp.dll
O14 - IERESET.INF: START_PAGE_URL=about:blank
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/aio/de/check/qdiagh.cab?326
O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IncrediMail) - http://www2.incredimail.com/contents/setup/downloader/imloader.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - F:\Programme\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - F:\Programme\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - F:\Programme\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - F:\Programme\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Programme\Sygate\SPF\smc.exe
O23 - Service: T-Online DSL-Manager (TODslService) - T-Systems International GmbH - C:\Programme\T-Online\DSL-Manager\TODslSvc.exe


So. Hoffe das war alles richtig und ich hab keine privaten Daten drin.

Sieht irgendwie nicht so sauber aus, kann das sein?!