Ich glaube ich habe mir gestern ein Virus eingefanngen seit dem ist mein Rechner immer auf 100% Auslastung! Die dateien svochst machen den ganzen scheiß! Habe alle beendet dan gehts:
Quellcode
- Logfile of HijackThis v1.99.1
- Scan saved at 08:12:54, on 16.07.2005
- Platform: Windows XP SP2 (WinNT 5.01.2600)
- MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
- Running processes:
- C:\WINDOWS\System32\smss.exe
- C:\WINDOWS\system32\csrss.exe
- C:\WINDOWS\system32\winlogon.exe
- C:\WINDOWS\system32\services.exe
- C:\WINDOWS\system32\lsass.exe
- [B]C:\WINDOWS\System32\svchost.exe[/B]
- C:\WINDOWS\system32\spoolsv.exe
- C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe
- E:\Programme\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
- E:\Programme\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe
- E:\PROGRA~1\NORTON~1\NORTON~1\NPROTECT.EXE
- C:\Programme\Gemeinsame Dateien\Symantec Shared\SPBBC\SPBBCSvc.exe
- E:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE
- C:\Programme\Gemeinsame Dateien\Symantec Shared\CCPD-LC\symlcsvc.exe
- C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe
- C:\WINDOWS\Explorer.EXE
- C:\WINDOWS\system32\wscntfy.exe
- C:\Programme\Java\jre1.5.0_01\bin\jusched.exe
- C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe
- C:\Programme\MessengerPlus! 3\MsgPlus.exe
- C:\Programme\Messenger\msmsgs.exe
- C:\Programme\MSN Messenger\msnmsgr.exe
- C:\Programme\Mozilla Firefox\firefox.exe
- C:\WINDOWS\system32\svchost.exe
- C:\WINDOWS\system32\svchost.exe
- C:\DOKUME~1\Security\LOKALE~1\Temp\Temporäres Verzeichnis 1 für hijackthis.zip\HijackThis.exe
- E:\Programme\FlashFXP\flashfxp.exe
- R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://searchmiracle.com/sp.php
- R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchmiracle.com/sp.php
- R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll
- O2 - BHO: &EliteBar - {28CAEFF3-0F18-4036-B504-51D73BD81ABC} - C:\WINDOWS\EliteToolBar\EliteToolBar version 60.dll
- O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
- O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_01\bin\jusched.exe
- O4 - HKLM\..\Run: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe"
- O4 - HKLM\..\Run: [Norton Ghost 9.0] E:\Programme\Norton SystemWorks\Norton Ghost\Agent\GhostTray.exe
- O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
- O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
- O4 - HKLM\..\Run: [CorelDRAW Graphics Suite 11b] C:\Programme\Corel\Corel Graphics 12\Languages\DE\Programs\Registration.exe /title="CorelDRAW Graphics Suite 12" /date=072605 serial=DR12WNG-9832295-FCW lang=DE
- O4 - HKLM\..\Run: [checkrun] C:\windows\system32\elitefex32.exe
- O4 - HKLM\..\Run: [hostserv] hostserv.exe
- O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
- O4 - HKLM\..\Run: [MessengerPlus3] "C:\Programme\MessengerPlus! 3\MsgPlus.exe"
- O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Programme\Gemeinsame Dateien\Ulead Systems\AutoDetector\monitor.exe
- O4 - HKLM\..\Run: [WiNupdate] C:\WINDOWS\NR\wuaclt.exe
- O4 - HKLM\..\RunServices: [hostserv] hostserv.exe
- O4 - HKLM\..\RunServices: [WiNupdate] C:\WINDOWS\NR\wuaclt.exe
- O4 - HKCU\..\Run: [Norton SystemWorks] "E:\Programme\Norton SystemWorks\cfgwiz.exe" /GUID {05858CFD-5CC4-4ceb-AAAF-CF00BF39736A} /MODE CfgWiz
- O4 - HKCU\..\Run: [hostserv] hostserv.exe
- O4 - HKCU\..\Run: [STYLEXP] C:\Programme\TGTSoft\StyleXP\StyleXP.exe -Hide
- O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
- O4 - HKCU\..\Run: [msnmsgr] "C:\Programme\MSN Messenger\msnmsgr.exe" /background
- O4 - HKCU\..\Run: [WiNupdate] C:\WINDOWS\NR\wuaclt.exe
- O4 - Global Startup: generic.dll
- O4 - Global Startup: SaimSpeye.dll
- O4 - Global Startup: srv_cd.dll
- O4 - Global Startup: svr_jpg.dll
- O4 - Global Startup: s_svchost.dll
- O4 - Global Startup: test.dll
- O4 - Global Startup: webstore.dll
- O4 - Global Startup: WiNupdate.dll
- O4 - Global Startup: wuaclt.exe
- O4 - Global User Startup: generic.dll
- O4 - Global User Startup: SaimSpeye.dll
- O4 - Global User Startup: srv_cd.dll
- O4 - Global User Startup: svr_jpg.dll
- O4 - Global User Startup: s_svchost.dll
- O4 - Global User Startup: test.dll
- O4 - Global User Startup: webstore.dll
- O4 - Global User Startup: WiNupdate.dll
- O4 - Global User Startup: wuaclt.exe
- O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Programme\ICQToolbar\toolbaru.dll/SEARCH.HTML
- O8 - Extra context menu item: &NeoTrace It! - C:\PROGRA~1\NEOTRA~1\NTXcontext.htm
- O8 - Extra context menu item: Alles mit FlashGet laden - C:\Programme\FlashGet\jc_all.htm
- O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - res://E:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
- O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - res://E:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
- O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - res://E:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
- O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - res://E:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
- O8 - Extra context menu item: In Adobe PDF konvertieren - res://E:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
- O8 - Extra context menu item: In vorhandene PDF-Datei konvertieren - res://E:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
- O8 - Extra context menu item: Mit FlashGet laden - C:\Programme\FlashGet\jc_link.htm
- O8 - Extra context menu item: Subscribe in Desktop Sidebar - res://C:\Programme\Desktop Sidebar\sbhelp.dll/menuhandler.html
- O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - res://E:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
- O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - res://E:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
- O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_01\bin\npjpi150_01.dll
- O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_01\bin\npjpi150_01.dll
- O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Programme\Desktop Sidebar\sbhelp.dll
- O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Programme\Desktop Sidebar\sbhelp.dll
- O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
- O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
- O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
- O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
- O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
- O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
- O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
- O9 - Extra button: Add bid - {866875B8-9855-48f8-BAAB-8002C325BE69} - C:\Programme\G DATA LastMinute Buyer für ebay®\buyer.exe (HKCU)
- O9 - Extra 'Tools' menuitem: Add bid - {866875B8-9855-48f8-BAAB-8002C325BE69} - C:\Programme\G DATA LastMinute Buyer für ebay®\buyer.exe (HKCU)
- O9 - Extra button: NeoTrace It! - {9885224C-1217-4c5f-83C2-00002E6CEF2B} - C:\PROGRA~1\NEOTRA~1\NTXtoolbar.htm (HKCU)
- O17 - HKLM\System\CCS\Services\Tcpip\..\{734D437E-CA53-40AF-8F52-3D57284F14F3}: NameServer = 217.237.148.1 217.237.148.17
- O20 - AppInit_DLLs: MsgPlusLoader.dll
- O23 - Service: Adobe LM Service - Adobe Systems - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe
- O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe
- O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccPwdSvc.exe
- O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe
- O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe
- O23 - Service: Norton AntiVirus Auto-Protect-Dienst (navapsvc) - Symantec Corporation - E:\Programme\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
- O23 - Service: Norton Ghost - Symantec Corporation - E:\Programme\Norton SystemWorks\Norton Ghost\Agent\PQV2iSvc.exe
- O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - E:\Programme\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe
- O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - E:\PROGRA~1\NORTON~1\NORTON~1\NPROTECT.EXE
- O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
- O23 - Service: SAVScan - Symantec Corporation - E:\Programme\Norton SystemWorks\Norton AntiVirus\SAVScan.exe
- O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\GEMEIN~1\SYMANT~1\SCRIPT~1\SBServ.exe
- O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe
- O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\SPBBC\SPBBCSvc.exe
- O23 - Service: Speed Disk service - Symantec Corporation - E:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE
- O23 - Service: StyleXPService - Unknown owner - C:\Programme\TGTSoft\StyleXP\StyleXPService.exe
- O23 - Service: Symantec Core LC - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\CCPD-LC\symlcsvc.exe
für 2jahre im ausland...