Verdacht auf viren

#0
09.12.2009, 16:24
ediz
zu Gast
#1 hallo ich bin mal wieder da letzte zeit ist mein pc so lahm und hängt voll oft



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:22:24, on 09.12.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16915)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Programme\Alwil Software\Avast4\aswUpdSv.exe
C:\Programme\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Alwil Software\Avast4\setup\avast.setup
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Programme\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Programme\Hijack This\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search

Page = http://www.google.de
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page

= http://google.atcomet.com/b/
R1 - HKLM\Software\Microsoft\Internet

Explorer\Main,Default_Page_URL = http://www.google.de
R1 - HKLM\Software\Microsoft\Internet

Explorer\Main,Default_Search_URL = http://www.google.de
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search

Page = http://www.google.de
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page

= http://www.google.de
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,First Home

Page = http://www.google.de
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet

Settings,ProxyServer = 127.0.0.1:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet

Settings,ProxyOverride = local;*.local
O2 - BHO: Adobe PDF Reader -

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -

C:\Programme\Gemeinsame

Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) -

{22BF413B-C6D2-4d91-82A9-A0F997BA588C} -

C:\Programme\Skype\Toolbars\Internet

Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet

Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} -

C:\Programme\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: BitComet ClickCapture -

{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -

C:\Programme\BitComet\tools\BitCometBHO_1.3.1.15.dll (file

missing)
O2 - BHO: (no name) -

{5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Anmelde-Hilfsprogramm -

{9030D464-4C02-4ABF-8ECC-5164760863C6} -

C:\Programme\Gemeinsame Dateien\Microsoft

Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper -

{AA58ED58-01DD-4d91-8333-CF10577473F7} -

C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO -

{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -

C:\Programme\Google\GoogleToolbarNotifier\5.3.4501.1418\sw

g.dll
O2 - BHO: MegaIEMn -

{bf00e119-21a3-4fd1-b178-3b8537e75c92} -

D:\Programme\MegaIEMn.dll
O2 - BHO: Google Dictionary Compression sdch -

{C84D72FE-E17D-4195-BB24-76C02E2E7C4E} -

C:\Programme\Google\Google

Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper -

{DBC80044-A445-435b-BC74-9C25C1C588A9} -

C:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl -

{E7E6F031-17CE-4C07-BC86-EABFE594F69C} -

C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio -

{8E718888-423F-11D2-876E-00A0C9082467} -

C:\WINDOWS\system32\Msdxm6.ocx
O3 - Toolbar: Google Toolbar -

{2318C2B1-4965-11d4-9B18-009027A5CD4F} -

C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroFilterCheck]

C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avast!]

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched]

"C:\Programme\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware]

C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe /install

/silent
O4 - HKCU\..\Run: [CTFMON.EXE]

C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE]

C:\WINDOWS\System32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE]

C:\WINDOWS\System32\CTFMON.EXE (User '?')
O4 -

HKUS\S-1-5-21-57989841-2111687655-1801674531-1004\..\R

un: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User

'?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE]

C:\WINDOWS\System32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE]

C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Alles mit BitComet herunterladen

- res://C:\Programme\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Alle &Videos mit BitComet

herunterladen -

res://C:\Programme\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Mit BitComet herunter&laden -

res://C:\Programme\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Nach Microsoft &Excel

exportieren -

res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000
O9 - Extra button: Skype -

{77BF5300-1474-4EC7-9980-D32B190E9B07} -

C:\Programme\Skype\Toolbars\Internet

Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) -

{85d1f590-48f4-11d9-9669-0800200c9a66} -

C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online

Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} -

C:\WINDOWS\bdoscandel.exe
O9 - Extra button: BitComet -

{D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} -

res://C:\Programme\BitComet\tools\BitCometBHO_1.3.1.15.dll/2

06 (file missing)
O9 - Extra button: ICQ6 -

{E59EB121-F339-4851-A3BA-FE49C35617C2} -

C:\Programme\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 -

{E59EB121-F339-4851-A3BA-FE49C35617C2} -

C:\Programme\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger -

{FB5F1910-F110-11d2-BB9E-00C04F795683} -

C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -

{FB5F1910-F110-11d2-BB9E-00C04F795683} -

C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537}

(MSN Photo Upload Tool) -

http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B}

(OnlineScanner Control) - http://www.eset.eu/OnlineScanner.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24}

(UnoCtrl Class) -

http://messenger.zone.msn.com/ES-LA/a-UNO1/GAME_UNO1.

cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}

(BDSCANONLINE Control) -

http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE}

(System Requirements Lab) -

http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreql

ab2.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7}

(Image Uploader Control) -

http://static.ak.schuelervz.net/photouploader/ImageUploader4.ca

b?nocache=20071219-1
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB}

(NVIDIA Smart Scan) -

http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSma

rtScan.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592}

(MSN Games - Installer) -

http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B}

(Zylom Games Player) -

http://game03.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072}

(MessengerStatsClient Class) -

http://messenger.zone.msn.com/binary/MessengerStatsPAClient

.cab56907.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7}

(get_atlcom Class) -

http://www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}

(Shockwave Flash Object) -

http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/s

wflash.cab
O18 - Protocol: skype4com -

{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -

C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O23 - Service: a-squared Free Service (a2free) - Emsi Software

GmbH - C:\Programme\a-squared Free\a2service.exe
O23 - Service: Apple Mobile Device - Apple Inc. -

C:\Programme\Gemeinsame Dateien\Apple\Mobile Device

Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) -

ALWIL Software - C:\Programme\Alwil

Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software -

C:\Programme\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software -

C:\Programme\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software -

C:\Programme\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. -

C:\Programme\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe

Ltd. - C:\Programme\Gemeinsame Dateien\Macrovision

Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) -

Google Inc. - C:\Programme\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google -

C:\Programme\Google\Common\Google

Updater\GoogleUpdaterService.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. -

C:\Programme\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) -

Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe
O23 - Service: nProtect GameGuard Service (npggsvc) -

Unknown owner - C:\WINDOWS\system32\GameMon.des.exe

(file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA

Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner -

C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Visual Studio Analyzer RPC bridge - Unknown

owner - C:\Programme\Microsoft Visual

Studio\Common\Tools\VS-Ent98\Vanalyzr\varpc.exe (file

missing)

--
End of file - 9546 bytes



hoffe auf schnelle antworten
Seitenanfang Seitenende
09.12.2009, 16:30
Member

Beiträge: 3716
#2 hi, bitte die anleitung abarbeiten, logs posten.
http://board.protecus.de/t23188.htm
Seitenanfang Seitenende
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!

Folgende Themen könnten Dich auch interessieren: