title image


Smiley Kann mal bitte jemand dieses hijackthis log anschauen
Hallo, ich glaube ich habe mir einen Trojaner eingefangen.

Virensoftware findet nichts auch adaware nicht. Könnte vielleicht jemand mal das logfile anschauen?

Danke



Logfile of HijackThis v1.99.1

Scan saved at 18:35:13, on 24.03.2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)



Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe

C:\Programme\Alwil Software\Avast4\aswUpdSv.exe

C:\Programme\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\System32\DVDRAMSV.exe

C:\WINDOWS\System32\GEARSec.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\System32\svchost.exe

C:\Programme\PowerQuest\Drive Image 7.0\Agent\PQV2iSvc.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\ZoneLabs\vsmon.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Programme\Acronis\TrueImage\TrueImageMonitor.exe

C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe

C:\Programme\Java\jre1.5.0_06\bin\jusched.exe

C:\Programme\Festplatten-Inspektor\HDInspector.exe

C:\Programme\QuickTime\qttask.exe

C:\Programme\NoPopUp 2003\nopopup.exe

C:\Programme\WebWasher\wwasher.exe

C:\WINDOWS\system32\RAMASST.exe

C:\WINDOWS\system32\HDDSvc.exe

C:\Programme\Alwil Software\Avast4\ashMaiSv.exe

C:\Programme\Alwil Software\Avast4\ashWebSv.exe

C:\Programme\TuneUp Utilities 2006\RegistryCleaner.exe

C:\Programme\Internet Explorer\iexplore.exe

C:\Programme\Internet Explorer\iexplore.exe

C:\WINDOWS\regedit.exe

C:\Downloads\HIJack\HijackThis.exe



R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.t-online.de/

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = localhost:4001

O2 - BHO: (no name) - {6619E423-C201-40D9-964F-D07CED00D1C4} - (no file)

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll

O2 - BHO: (no name) - {A8717EF5-97EB-427F-9C74-0DF3262C7F40} - (no file)

O2 - BHO: (no name) - {EFD869E6-08C5-4B3F-ABD3-02045AC0A4CD} - (no file)

O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Programme\Acronis\TrueImage\TrueImageMonitor.exe

O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe"

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [Zone Labs Client] C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe

O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_06\bin\jusched.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [HDInspector.exe] C:\Programme\Festplatten-Inspektor\HDInspector.exe

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\\PSDrvCheck.exe

O4 - HKCU\..\Run: [NoPopUp] C:\Programme\NoPopUp 2003\nopopup.exe /autorun

O4 - HKCU\..\Run: [WebWasher] C:\Programme\WebWasher\wwasher.exe

O4 - Startup: Adobe Gamma.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe

O8 - Extra context menu item: Alles mit FlashGet laden - C:\PROGRA~1\FlashGet\jc_all.htm

O8 - Extra context menu item: Mit FlashGet laden - C:\PROGRA~1\FlashGet\jc_link.htm

O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000

O8 - Extra context menu item: Zur Filterliste hinzufügen (WebWasher) - http://-Web.Washer-/ie_add

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe

O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1139074797375

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1139145354609

O16 - DPF: {ABC1D8DE-CAB5-4FB7-BCD0-137BAB9F09DC} (aldisued-fotos-druck_de_bilduebertragung) - http://www.aldisued-fotos-druck.de/upload/aldi_sued_bilduebertragung.cab

O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IP-Uploader Control) - http://asp01.photoprintit.de/microsite/1119/defaults/activex/ImageUploader3.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{728B9A8B-3F13-4836-9B8A-42C28E8139FA}: NameServer = 195.50.140.250 195.50.140.114

O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe

O23 - Service: Adobe LM Service - Adobe Systems - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Programme\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - Unknown owner - C:\Programme\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programme\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Programme\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\System32\DVDRAMSV.exe

O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - The Firebird Project - C:\MAGIX\Common\Database\bin\fbserver.exe

O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe

O23 - Service: HDD Information Service (HDDSvc) - AltrixSoft (http://www.altrixsoft.com/) - C:\WINDOWS\system32\HDDSvc.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Programme\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcDataSrv.exe

O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Programme\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcSandraSrv.exe

O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Programme\TuneUp Utilities 2006\WinStylerThemeSvc.exe

O23 - Service: V2i Protector - PowerQuest Corporation - C:\Programme\PowerQuest\Drive Image 7.0\Agent\PQV2iSvc.exe

O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe







geschrieben von

Login

E-Mail:
  

Passwort:
  

Beitrag anfügen

Symbol:
 
 
 
 
 
 
 
 
 
 
 
 
 

Überschrift: