title image


Smiley Log
Hi consinus,



Ja, ich bin mir 100%ig sicher, dass ich die Patches installiert habe :-).



Konnte jetzt doch noch Antivir installieren, hat einen Virus gefunden mit dem Namen Micro-128(C). Nur ist das Problem noch nicht behoben.



Hier ist das Log:



Logfile of HijackThis v1.99.1

Scan saved at 23:21:50, on 06.02.2006

Platform: Windows 2000 SP4 (WinNT 5.00.2195)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)



Running processes:

C:\WINNT\System32\smss.exe

C:\WINNT\SYSTEM32\winlogon.exe

C:\WINNT\system32\services.exe

C:\WINNT\system32\lsass.exe

C:\WINNT\system32\drivers\CDAC11BA.EXE

C:\Programme\WS_FTP Pro\ftpsched.exe

C:\WINNT\system32\regsvc.exe

C:\WINNT\system32\stisvc.exe

C:\WINNT\system32\mspmspsv.exe

C:\WINNT\Explorer.EXE

C:\WINNT\system32\HpMmKbd.exe

C:\WINNT\System\Inst.exe

C:\Programme\Logitech\MouseWare\system\em_exec.exe

C:\Programme\Spam Inspector Outlook Express\Spam Inspector Outlook Express Edition\piiserviceOE.exe

C:\Programme\USB Media\shwicon.exe

C:\Programme\Nokia\Nokia PC Suite 5\DataLayer.exe

C:\Programme\HP\HP Software Update\HPWuSchd2.exe

C:\Programme\HP\Digital Imaging\Promotions\HPpromo.exe

C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe

C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe

C:\Programme\Adobe\Acrobat 5.0\Distillr\AcroTray.exe

C:\Programme\Microsoft Office\Office\1031\msoffice.exe

C:\WINNT\system32\ZoneLabs\vsmon.exe

C:\WINNT\system32\mmc.exe

C:\WINNT\System32\locator.exe

C:\Programme\mozilla.org\Mozilla\mozilla.exe

C:\Programme\Internet Explorer\IEXPLORE.EXE

C:\Programme\AntiVir PersonalEdition Classic\sched.exe

C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe

C:\Programme\AntiVir PersonalEdition Classic\avcenter.exe

C:\Programme\AntiVir PersonalEdition Classic\avguard.exe

C:\Programme\AntiVir PersonalEdition Classic\avscan.exe

C:\Dokumente und Einstellungen\Administrator\Desktop\HijackThis.exe



R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://***.spiegel.de/

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=localhost:8080

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;wiggel.de*;anzeiger.ch*

R3 - URLSearchHook: i-Nav IDN SearchHook - {CE000994-A58C-4441-8938-744CD72AB27F} - C:\Programme\VeriSign\i-Nav\i-nav_4_2_1.dll

O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Programme\TechSmith\SnagIt 6\SnagItBHO.dll

O2 - BHO: (no name) - {08DF42F3-792D-4944-941B-512582B87219} - C:\WINNT\system32\adobeacr.dll (file missing)

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar3.dll

O2 - BHO: i-Nav IDN Resolver - {CE000992-A58C-4441-8938-744CD72AB27F} - C:\Programme\VeriSign\i-Nav\i-nav_4_2_1.dll

O2 - BHO: (no name) - {D8FF9A84-FEB9-4B4B-B36B-D46570203C39} - C:\WINNT\system32\key.dll (file missing)

O3 - Toolbar: Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx

O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Programme\TechSmith\SnagIt 6\SnagItIEAddin.dll

O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar3.dll

O4 - HKLM\..\Run: [SiS KHooker] C:\WINNT\system32\khooker.exe

O4 - HKLM\..\Run: [HpMmKbd] HpMmKbd.exe

O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe

O4 - HKLM\..\Run: [Inst] C:\WINNT\System\Inst.exe install

O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp

O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Programme\CloneCD\ElbyCheck.exe" /L ElbyCDFL

O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon

O4 - HKLM\..\Run: [piiserviceOE] "C:\Programme\Spam Inspector Outlook Express\Spam Inspector Outlook Express Edition\piiserviceOE.exe"

O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Programme\D-Tools\daemon.exe" -lang 1033

O4 - HKLM\..\Run: [ShowIcon_Vosonic_USB Media Device Driver v1.19r003] "C:\Programme\USB Media\shwicon.exe" -t"Vosonic\USB Media Device Driver v1.19r003"

O4 - HKLM\..\Run: [UIUCU] C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\UIUCU.EXE -CLEAN_UP -S

O4 - HKLM\..\Run: [DataLayer] C:\Programme\Nokia\Nokia PC Suite 5\DataLayer.exe

O4 - HKLM\..\Run: [Mirabilis ICQ] D:\PROGRA~1\ICQ\ICQNet.exe

O4 - HKLM\..\Run: [HP Software Update] "C:\Programme\HP\HP Software Update\HPWuSchd2.exe"

O4 - HKLM\..\Run: [Microsoft Critical Security Update] "%SystemRoot%\securityconnect.exe"

O4 - HKLM\..\Run: [Kaspersky] C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\KAV Personal Pro\5.0\Save Kaspersky.bat

O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask

O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"

O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe

O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\McUpdate.exe

O4 - HKLM\..\Run: [HPpromo psc 2400 series] "C:\Programme\HP\Digital Imaging\Promotions\HPpromo.exe" /N "psc 2400 series" -r

O4 - HKLM\..\Run: [Zone Labs Client] C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe

O4 - HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKCU\..\Run: [Reminder] C:\programme\Microsoft Money 99\System\reminder.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Programme\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [_Proxomitron] F:\Progs\Proxomitron4.51-S-1.62\Proxomitron.exe

O4 - HKCU\..\Run: [backup] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

O4 - HKCU\..\Run: [piiserviceOE] "C:\Programme\Spam Inspector Outlook Express\Spam Inspector Outlook Express Edition\piiserviceOE.exe"

O4 - Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office\OSA9.EXE

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe

O8 - Extra context menu item: &Google-Suche - res://c:\programme\google\GoogleToolbar3.dll/cmsearch.html

O8 - Extra context menu item: &Ins Deutsche übersetzen - res://c:\programme\google\GoogleToolbar3.dll/cmwordtrans.html

O8 - Extra context menu item: Im Cache gespeicherte Seite - res://c:\programme\google\GoogleToolbar3.dll/cmcache.html

O8 - Extra context menu item: Verweisseiten - res://c:\programme\google\GoogleToolbar3.dll/cmbacklinks.html

O8 - Extra context menu item: Ähnliche Seiten - res://c:\programme\google\GoogleToolbar3.dll/cmsimilar.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNT\system32\msjava.dll

O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNT\system32\msjava.dll

O9 - Extra button: Recherche-Assistent - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Encarta Researcher\EROPROJ.DLL

O9 - Extra button: Hilfe zu i-Nav - {CE000992-A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/index.jsp (file missing)

O9 - Extra 'Tools' menuitem: Hilfe zu i-Nav - {CE000992-A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/index.jsp (file missing)

O9 - Extra button: (no name) - {CE000996-A58C-4441-8938-744CD72AB27F} - C:\Programme\VeriSign\i-Nav\i-nav_4_2_1.dll

O9 - Extra 'Tools' menuitem: Optionen für i-Nav - {CE000996-A58C-4441-8938-744CD72AB27F} - C:\Programme\VeriSign\i-Nav\i-nav_4_2_1.dll

O12 - Plugin for .spop: C:\Programme\Internet Explorer\Plugins\NPDocBox.dll

O15 - Trusted Zone: de.trendmicro-europe.com

O16 - DPF: {05317530-B882-449D-9421-18D94FA3ED34} (OSInfo Control) - http://www.sis.com/support/chipdetect/OSInfo.cab

O16 - DPF: {16095503-786F-4097-AED6-5D567A26D760} (SiS_OCX Control) - http://www.sis.com/support/chipdetect/SiSAutodetectNT.cab

O16 - DPF: {297F2B65-017C-11D5-A128-00D0B7869AD6} (SpectorPhotoUploader Control) - http://www.extrafilm.ch/import/spu.cab

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall-Kontrolle) - http://housecall.trendmicro-europe.com/housecall/Xscan53.cab

O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab

O16 - DPF: {99B6E512-3893-4155-9964-8EB8E06099CB} (WebSpyWareKiller Class) - http://download.zonelabs.com/bin/promotions/spywaredetector/WebSWK.cab

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab

O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab

O16 - DPF: {CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA} (Java Runtime Environment 1.4.1_01) -

O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl Class) - http://tools.ebayimg.com/eps/activex/EPSControl_v1-0-3-0.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{28628C53-6A84-4590-9BCC-7608F9C718E7}: NameServer = 195.186.1.110,195.186.4.110

O23 - Service: Adobe LM Service - Unknown owner - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: AntiVir Scheduler (AntiVirScheduler) - H+BEDV Datentechnik GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINNT\system32\drivers\CDAC11BA.EXE

O23 - Service: Verwaltungsdienst für die Verwaltung logischer Datenträger (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe

O23 - Service: Easy2Sync-Dienst - IT-Services Thomas Holz - C:\Programme\Easy2Sync\Easy2Sync.exe

O23 - Service: Ipswitch WS_FTP Queue (ftpqueue) - Ipswitch, Inc., 81 Hartwell Ave, Lexington MA 02421 - C:\Programme\WS_FTP Pro\ftpsched.exe

O23 - Service: GhostStartService - Symantec Corporation - C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE

O23 - Service: Marspc (Ip2xmlService) - Unknown owner - C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\IP2xmlSrvc.exe (file missing)

O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe

O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe

O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe

O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - McAfee, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe

O23 - Service: VeriSign Updater (navi) - VeriSign, Inc. - C:\Programme\VeriSign\NAVI\naviagent.exe

O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\PROGRAMME\NORMAN\Nvc\BIN\nipsvc.exe (file missing)

O23 - Service: Pml Driver HPZ12 - HP - C:\WINNT\system32\HPZipm12.exe

O23 - Service: SBHookSvc - Unknown owner - C:\PROGRA~1\Bluewin\QUICKH~1\SMARTB~1\SBHookSvc.exe (file missing)

O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINNT\system32\ZoneLabs\vsmon.exe

O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Programme\RealVNC\VNC4\WinVNC4.exe" -service (file missing)

geschrieben von

Login

E-Mail:
  

Passwort:
  

Beitrag anfügen

Symbol:
 
 
 
 
 
 
 
 
 
 
 
 
 

Überschrift: