Trojaner oder Hack - Online Rollenspiel ?
Hallo liebes Trojaner Board,
ich habe mir wohl am 4. Dezember einen Trojaner eingefangen.
Wie ich darauf komme , am 4 . Dezember hat sich jemand bei meinem Onlinespiel eingeloggt und webung gemacht :/
nun bin ich auf der suche nach dem schädlich bisher noch nich fündig geworden.
gesucht habe ich mit .
- HijackThis,Gmer,SpywareBlaster,Spybot - Search & Destroy,Ad-Watch
ich hatte die ganze zeit internet explorer benutz. und habe vista.
nun habe ihc auf opera umgeswitcht :/ hoffe der is sicherer.
ich poste hier mal das log von hijackthis ..
mfg
danke schon mal für die hilfe. Code:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:19:19, on 04.12.2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
\system32\Dwm.exe
\system32\taskeng.exe
\Explorer.EXE
\Program Files\Windows Defender\MSASCui.exe
\Program Files\ROCCAT\Kone Mouse\KoneHID.EXE
\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
\Program Files\Windows Sidebar\sidebar.exe
\Windows\ehome\ehtray.exe
\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
\Windows\ehome\ehmsas.exe
\Program Files\Windows Media Player\wmpnscfg.exe
\Program Files\ROCCAT\Kone Mouse\osd.exe
\Program Files\ICQ6.5\ICQ.exe
\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
\Program Files\Spybot - Search & Destroy\SpybotSD.exe
\Program Files\Spybot - Search & Destroy\TeaTimer.exe
\Windows\system32\conime.exe
\Program Files\Internet Explorer\ieuser.exe
\Program Files\Internet Explorer\iexplore.exe
\Windows\system32\Macromed\Flash\FlashUtil10a.exe
\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - \Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - \Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - \Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - \program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - \program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Kone] "\Program Files\ROCCAT\Kone Mouse\KoneHID.EXE"
O4 - HKLM\..\Run: [AVP] "\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [Sidebar] \Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] \Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] \Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] \Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - \Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Statistik für den Schutz des Web-Datenverkehrs - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - \Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - \PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - \Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - \Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - \Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - \Program Files\ICQ6.5\ICQ.exe
O13 - Gopher Prefix:
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
O20 - AppInit_DLLs: \PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll, \PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll, \PROGRA~1\KASPER~1\KASPER~1\adialhk.dll, \PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - \Windows\system32\Ati2evxx.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - \Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Google Updater Service (gusvc) - Google - \Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
--
End of file - 5830 bytes
| 