Prozess tsnp325.exe und vsnp325.exe

#1 Hallo!
Ich habe kein wirkliches Problem mit meinem Laptop, doch als ich neulich auf die Sytemstartliste im msconfig ging bemerkte ich zwei Prozesse die ich nicht identifizieren konnte.
Der Name ist tsnp325.exe und vsnp325.exe.
Sie liegen beide im Windows Ordner und ich wollte nun wissen, ob es sich dabei um Viren handelt.



Hier das Logfile:

Zitat

Logfile of HijackThis v1.99.1
Scan saved at 23:59:33, on 20.08.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
D:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe
D:\Programme\HP\TVPlay\Kernel\CLML_NTService\CLMLServer.exe
D:\Programme\F-Secure\Anti-Virus\fsgk32st.exe
D:\Programme\F-Secure\Common\FSMA32.EXE
D:\Programme\F-Secure\Anti-Virus\FSGK32.EXE
D:\Programme\F-Secure\Common\FSMB32.EXE
D:\Programme\F-Secure\Common\FCH32.EXE
D:\WINDOWS\system32\svchost.exe
D:\Programme\HP\TVPlay\Kernel\TV\TVPCapSvc.exe
D:\Programme\F-Secure\Common\FAMEH32.EXE
D:\Programme\F-Secure\Anti-Virus\fsqh.exe
D:\Programme\F-Secure\FSPC\fspc.exe
D:\Programme\HP\TVPlay\Kernel\TV\TVPSched.exe
D:\Programme\F-Secure\FSAUA\program\fsaua.exe
D:\Programme\F-Secure\Anti-Virus\fssm32.exe
D:\Programme\F-Secure\FWES\Program\fsdfwd.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\Programme\F-Secure\Anti-Virus\fsav32.exe
D:\WINDOWS\Explorer.EXE
D:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
D:\WINDOWS\System32\svchost.exe
D:\Programme\Babylon\Babylon-Pro\Babylon.exe
D:\WINDOWS\tsnp325.exe
D:\WINDOWS\vsnp325.exe
D:\Programme\F-Secure\FSGUI\fsguidll.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Programme\iPod\bin\iPodService.exe
D:\Programme\MSN Messenger\usnsvc.exe
D:\Programme\MSN Messenger\msnmsgr.exe
D:\Programme\iTunes\iTunes.exe
D:\Programme\MSN Messenger\msnmsgr.exe
D:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
D:\Programme\Mozilla Firefox\firefox.exe
D:\Programme\Opera\Opera.exe
D:\Programme\WinRAR\WinRAR.exe
D:\DOKUME~1\BAERNT~1.ALE\LOKALE~1\Temp\Rar$EX00.813\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 172.21.0.7:8080
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - D:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Programme\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [ATIPTA] "D:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [F-Secure Manager] "D:\Programme\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "D:\Programme\F-Secure\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [Babylon Client] D:\Programme\Babylon\Babylon-Pro\Babylon.exe -AutoStart
O4 - HKLM\..\Run: [tsnp325] D:\WINDOWS\tsnp325.exe
O4 - HKLM\..\Run: [snp325] D:\WINDOWS\vsnp325.exe
O4 - HKLM\..\Run: [MSConfig] D:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [TkBellExe] "D:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "D:\Programme\MSN Messenger\MsnMsgr.Exe" /background
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programme\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programme\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Erwachsene... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - D:\Programme\F-Secure\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - D:\Programme\F-Secure\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Erwachsene... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - D:\Programme\F-Secure\FSPC\fspcmsie.dll
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - D:\Programme\Gemeinsame Dateien\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Programme\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Programme\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programme\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: d:\programme\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: d:\programme\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: d:\programme\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: d:\programme\f-secure\fsps\program\fslsp.dll
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - D:\Programme\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/DE-DE/a-UNO1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = delasalle.local
O17 - HKLM\Software\..\Telephony: DomainName = delasalle.local
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = delasalle.local
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = delasalle.local
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - D:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - D:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - D:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - D:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: CyberLink Media Library Service(HP TVPlay) - Cyberlink - D:\Programme\HP\TVPlay\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - D:\Programme\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - D:\Programme\F-Secure\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - D:\Programme\F-Secure\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - D:\Programme\F-Secure\Common\FSMA32.EXE
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - D:\Programme\iPod\bin\iPodService.exe
O23 - Service: CyberLink Background Capture Service (CBCS HP TVPlay) (TVPCapSvc) - Unknown owner - D:\Programme\HP\TVPlay\Kernel\TV\TVPCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS HP TVPlay) (TVPSched) - Unknown owner - D:\Programme\HP\TVPlay\Kernel\TV\TVPSched.exe

#2 Gehören zum SONIX Cam Driver

Java
http://board.protecus.de/t30683.htm
__________
MfG Argus