title image


Smiley Bitte mal Logfile Hijackthis ansehen. Bitdefender hat heute......
Logfile of HijackThis v1.99.1

Scan saved at 16:41:43, on 21.03.2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)



Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\LEXBCES.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\LEXPPS.EXE

C:\WINDOWS\Explorer.EXE

C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe

C:\WINDOWS\system32\S3hotkey.exe

C:\WINDOWS\system32\S3tray2.exe

C:\Programme\Real\RealPlayer\RealPlay.exe

C:\Programme\Softwin\BitDefender8\bdnagent.exe

C:\Programme\Messenger\msmsgs.exe

C:\Programme\AMD\PowerNow!\GemServ.exe

C:\Programme\AMD\PowerNow!\gemback.exe

C:\WINDOWS\system32\slserv.exe

C:\WINDOWS\System32\svchost.exe

C:\Programme\Gemeinsame Dateien\Softwin\BitDefender Communicator\xcommsvr.exe

C:\Programme\Gemeinsame Dateien\Softwin\BitDefender Scan Server\bdss.exe

C:\Programme\Softwin\BitDefender8\vsserv.exe

c:\programme\softwin\bitdefender8\bdmcon.exe

C:\Dokumente und Einstellungen\Besitzer\Desktop\HijackThis.exe



R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/

O4 - HKLM\..\Run: [WorksFUD] C:\Programme\Microsoft Works\wkfud.exe

O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Programme\Microsoft Works\WksSb.exe /AllUsers

O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe

O4 - HKLM\..\Run: [S3hotkey] S3hotkey.exe

O4 - HKLM\..\Run: [S3TRAY2] S3tray2.exe

O4 - HKLM\..\Run: [DXM6Patch_981116] C:\WINDOWS\p_981116.exe /Q:A

O4 - HKLM\..\Run: [RealTray] C:\Programme\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [REGSHAVE] C:\Programme\REGSHAVE\REGSHAVE.EXE /AUTORUN

O4 - HKLM\..\Run: [websx] C:\Programme\websx\int66746.exe -auto

O4 - HKLM\..\Run: [BDMCon] "C:\Programme\Softwin\BitDefender8\bdmcon.exe"

O4 - HKLM\..\Run: [BDNewsAgent] "C:\Programme\Softwin\BitDefender8\bdnagent.exe"

O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [Preispiraten] "C:\Programme\Preispiraten 2.0b\preispiraten2.exe" /autorun

O4 - HKCU\..\Run: [dlmMgr] "C:\Programme\Gemeinsame Dateien\Adobe\ESD\AdobeDownloadManager.exe" restart=1

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.de/scan8/oscan8.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1094381916981

O16 - DPF: {713AE1D4-897C-11D2-B2A0-00C04F94B4D5} (WUCorpSuppControl Class) - http://corporate.windowsupdate.microsoft.com/de/wucorpct.CAB

O17 - HKLM\System\CCS\Services\Tcpip\..\{5728514F-F954-4B5E-B7A4-D172D7F40CF5}: NameServer = 62.27.27.62 195.247.247.195

O20 - AppInit_DLLs: sockspy.dll sockspy.dll sockspy.dll sockspy.dll

O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Programme\Gemeinsame Dateien\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)

O23 - Service: AMD PowerNow! (tm) Technology Service (GemServ) - Advanced Micro Devices - C:\Programme\AMD\PowerNow!\GemServ.exe

O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe

O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Programme\Softwin\BitDefender8\vsserv.exe" /service (file missing)

O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Programme\Gemeinsame Dateien\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)



EXPLOIT WIN32MS05-002Gen gefunden u. in Quarantäne verschoben. Stimmt das, wenn ja wie bekomme ich das Biest los oder richtet es in d. Quarantäne keinen Schaden an?

Erst mal Dank u. Grüsse ramses90
______________________________________________________________________________________________________________________ Was mich nicht umbringt macht mich stärker!

geschrieben von

Login

E-Mail:
  

Passwort:
  

Beitrag anfügen

Symbol:
 
 
 
 
 
 
 
 
 
 
 
 
 

Überschrift: