Seit einigen Tagen gibt mein PC sätze von sich wie "oh my god" auch ohne dass ich mit dem internet verbunden bin. Ausserdem ist er enorm langsam. Der Scan mit F-Secure Internet Security 2008 8.00 build 101 hat auch nichts ergeben.habe jetzt den ccleaner v2.16.830 angewendet, anschliessend Hijack This. Kann mir bitte jemand mit dem Logfile weiterhelfen? Ich weiss nicht was alles entfernt werden muss und wie. Ich verwende den IE6.0, Betriebssystem Windows XP (version 2002 SP3).
Vielen Dank!
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:27:12, on 29.01.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Programme\F-Secure Internet Security\Anti-Virus\fsgk32st.exe
C:\Programme\F-Secure Internet Security\Anti-Virus\FSGK32.EXE
C:\Programme\F-Secure Internet Security\Common\FSMA32.EXE
C:\Programme\F-Secure Internet Security\Common\FSMB32.EXE
C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe
C:\Programme\F-Secure Internet Security\Common\FCH32.EXE
C:\Programme\Gemeinsame Dateien\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Programme\F-Secure Internet Security\Anti-Virus\fsqh.exe
C:\Programme\F-Secure Internet Security\Common\FAMEH32.EXE
C:\Programme\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlagent.EXE
C:\Programme\F-Secure Internet Security\FSAUA\program\fsaua.exe
C:\Programme\F-Secure Internet Security\Anti-Virus\fssm32.exe
C:\Programme\F-Secure Internet Security\FWES\Program\fsdfwd.exe
C:\Programme\F-Secure Internet Security\FSAUA\program\fsus.exe
C:\Programme\F-Secure Internet Security\Anti-Virus\fsav32.exe
C:\Programme\iPod\bin\iPodService.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\iTunes\iTunesHelper.exe
C:\Programme\F-Secure Internet Security\Common\FSM32.EXE
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Programme\F-Secure Internet Security\FSGUI\fsguidll.exe
C:\Programme\Windows Defender\MsMpEng.exe
C:\Programme\Windows Defender\MSASCui.exe
C:\Programme\Java\jre6\bin\jusched.exe
C:\Programme\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Programme\Microsoft ActiveSync\WCESCOMM.EXE
C:\Programme\Internet Explorer\iexplore.exe
C:\DOKUME~1\Admin\LOKALE~1\Temp\Temporäres Verzeichnis 2 für HiJackThis.zip\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ch/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://de.yahoo.com/fsc/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://de.yahoo.com/fsc/
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Programme\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programme\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Programme\F-Secure Internet Security\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Programme\F-Secure Internet Security\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Windows Defender] "C:\Programme\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Programme\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [updateMgr] "C:\Programme\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-21-2354763073-2748271865-508016666-1007\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Francesca')
O4 - HKUS\S-1-5-21-2354763073-2748271865-508016666-1007\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime (User 'Francesca')
O4 - HKUS\S-1-5-21-2354763073-2748271865-508016666-1007\..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'Francesca')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Dienst-Manager.lnk = C:\Programme\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Mobilen Favoriten erstellen - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Programme\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Programme\Microsoft ActiveSync\INetRepl.dll
O9 - Extra 'Tools' menuitem: Mobilen Favoriten erstellen... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Programme\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O15 - Trusted Zone: *.cme-infektiologie.de
O15 - Trusted Zone: *.cme-rheumatologie.de
O15 - Trusted Zone: *.d3webtrain.de
O15 - Trusted Zone: d3webtrain.informatik.uni-wuerzburg.de
O15 - Trusted Zone: d3webtrain0.informatik.uni-wuerzburg.de
O15 - Trusted Zone: d3webtrain1.informatik.uni-wuerzburg.de
O15 - Trusted Zone: d3webtrain10.informatik.uni-wuerzburg.de
O15 - Trusted Zone: d3webtrain11.informatik.uni-wuerzburg.de
O15 - Trusted Zone: d3webtrain12.informatik.uni-wuerzburg.de
O15 - Trusted Zone: d3webtrain13.informatik.uni-wuerzburg.de
O15 - Trusted Zone: d3webtrain14.informatik.uni-wuerzburg.de
O15 - Trusted Zone: d3webtrain15.informatik.uni-wuerzburg.de
O15 - Trusted Zone: d3webtrain16.informatik.uni-wuerzburg.de
O15 - Trusted Zone: d3webtrain17.informatik.uni-wuerzburg.de
O15 - Trusted Zone: d3webtrain18.informatik.uni-wuerzburg.de
O15 - Trusted Zone: d3webtrain19.informatik.uni-wuerzburg.de
O15 - Trusted Zone: d3webtrain2.informatik.uni-wuerzburg.de
O15 - Trusted Zone: d3webtrain20.informatik.uni-wuerzburg.de
O15 - Trusted Zone: d3webtrain21.informatik.uni-wuerzburg.de
O15 - Trusted Zone: d3webtrain22.informatik.uni-wuerzburg.de
O15 - Trusted Zone: d3webtrain23.informatik.uni-wuerzburg.de
O15 - Trusted Zone: d3webtrain24.informatik.uni-wuerzburg.de
O15 - Trusted Zone: d3webtrain25.informatik.uni-wuerzburg.de
O15 - Trusted Zone: d3webtrain26.informatik.uni-wuerzburg.de
O15 - Trusted Zone: d3webtrain27.informatik.uni-wuerzburg.de
O15 - Trusted Zone: d3webtrain28.informatik.uni-wuerzburg.de
O15 - Trusted Zone: d3webtrain29.informatik.uni-wuerzburg.de
O15 - Trusted Zone: d3webtrain3.informatik.uni-wuerzburg.de
O15 - Trusted Zone: d3webtrain30.informatik.uni-wuerzburg.de
O15 - Trusted Zone: d3webtrain31.informatik.uni-wuerzburg.de
O15 - Trusted Zone: d3webtrain32.informatik.uni-wuerzburg.de
O15 - Trusted Zone: d3webtrain33.informatik.uni-wuerzburg.de
O15 - Trusted Zone: d3webtrain34.informatik.uni-wuerzburg.de
O15 - Trusted Zone: d3webtrain35.informatik.uni-wuerzburg.de
O15 - Trusted Zone: d3webtrain36.informatik.uni-wuerzburg.de
O15 - Trusted Zone: d3webtrain37.informatik.uni-wuerzburg.de
O15 - Trusted Zone: d3webtrain38.informatik.uni-wuerzburg.de
O15 - Trusted Zone: d3webtrain39.informatik.uni-wuerzburg.de
O15 - Trusted Zone: d3webtrain4.informatik.uni-wuerzburg.de
O15 - Trusted Zone: d3webtrain5.informatik.uni-wuerzburg.de
O15 - Trusted Zone: d3webtrain6.informatik.uni-wuerzburg.de
O15 - Trusted Zone: d3webtrain7.informatik.uni-wuerzburg.de
O15 - Trusted Zone: d3webtrain8.informatik.uni-wuerzburg.de
O15 - Trusted Zone: d3webtrain9.informatik.uni-wuerzburg.de
O15 - Trusted Zone: zytologie.informatik.uni-wuerzburg.de
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatisches LiveUpdate - Scheduler - Symantec Corporation - C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Programme\Canon\CAL\CALMAIN.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Programme\F-Secure Internet Security\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Programme\F-Secure Internet Security\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Programme\F-Secure Internet Security\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Programme\F-Secure Internet Security\Common\FSMA32.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Programme\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PMounter - Unknown owner - C:\WINDOWS\system32\PMounter.exe
--
End of file - 12957 bytes
0172 Gast |