hallo,
ich hatte mir wohl von youtube einen Virus eingefangen, wurde mit mbam gelöscht.
Nun wollte ich aber sicher gehen das da nichts weiter an Trojanern usw. drauf ist.
Wäre echt super wenn sich mal jemand das hijackthis anschauen könnte.
G Data habe ich schon versucht zu fixen, geht aber nicht,
schon mal vielen dank.
LG Bernd
Code:Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:29:15, on 07.07.2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\windows\System32\smss.exe C:\windows\system32\winlogon.exe C:\windows\system32\services.exe C:\windows\system32\lsass.exe C:\windows\system32\svchost.exe C:\windows\system32\svchost.exe C:\windows\system32\spoolsv.exe C:\Programme\Avira\AntiVir Desktop\sched.exe C:\windows\system32\netdde.exe C:\Programme\Avira\AntiVir Desktop\avguard.exe C:\windows\System32\svchost.exe C:\windows\Explorer.EXE C:\Programme\Avira\AntiVir Desktop\avgnt.exe C:\windows\RTHDCPL.EXE C:\Programme\Avira\AntiVir Desktop\avshadow.exe C:\windows\system32\svchost.exe C:\Programme\InterVideo\WinDVR\WINDVR.exe C:\Programme\InterVideo\WinDVR\WinScheduler.exe C:\Programme\Trillian\trillian.exe C:\Programme\Opera\opera.exe C:\Programme\Opera\pluginwrapper\opera_plugin_wrapper.exe C:\Programme\Opera\pluginwrapper\opera_plugin_wrapper.exe C:\windows\system32\taskmgr.exe C:\Programme\Adobe\Reader 10.0\Reader\AcroRd32.exe C:\Programme\Adobe\Reader 10.0\Reader\AcroRd32.exe C:\Dokumente und Einstellungen\pro\Desktop\gmer.exe C:\Programme\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - (no file) O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O8 - Extra context menu item: Block frame with Ad Muncher - http://www.admuncher.com/request_wil...=menu_ie_frame O8 - Extra context menu item: Block image with Ad Muncher - http://www.admuncher.com/request_wil...=menu_ie_image O8 - Extra context menu item: Block link with Ad Muncher - http://www.admuncher.com/request_wil...d=menu_ie_link O8 - Extra context menu item: Das YouTube Video als MP3 &speichern - C:\Dokumente und Einstellungen\pro\Anwendungsdaten\Free YouTube to MP3 Converter Studio\Free YouTube to MP3 Converter Studio.htm O8 - Extra context menu item: Don't filter page with Ad Muncher - http://www.admuncher.com/request_wil...enu_ie_exclude O8 - Extra context menu item: Free YouTube Download - C:\Dokumente und Einstellungen\pro\Anwendungsdaten\DVDVideoSoftIEHelpers\freeytvdownloader.htm O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Report page to the Ad Muncher developers - http://www.admuncher.com/request_wil...menu_ie_report O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\windows\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\windows\system32\browseui.dll O23 - Service: Avira Planer (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Programme\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira Echtzeit Scanner (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Programme\Avira\AntiVir Desktop\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\windows\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: G Data AntiVirus Proxy (AVKProxy) - Unknown owner - C:\Programme\Gemeinsame Dateien\G Data\AVKProxy\AVKProxy.exe (file missing) O23 - Service: G Data Scheduler (AVKService) - Unknown owner - C:\Programme\G Data\TotalProtection\AVK\AVKService.exe (file missing) O23 - Service: G Data Dateisystem Wächter (AVKWCtl) - Unknown owner - C:\Programme\G Data\TotalProtection\AVK\AVKWCtl.exe (file missing) O23 - Service: Freemake Improver - Freemake - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe O23 - Service: G Data Backup Service (GDBackupSvc) - Unknown owner - C:\Programme\G Data\TotalProtection\AVKBackup\AVKBackupService.exe (file missing) O23 - Service: G Data Personal Firewall (GDFwSvc) - Unknown owner - C:\Programme\G Data\TotalProtection\Firewall\GDFwSvc.exe (file missing) O23 - Service: G Data Scanner (GDScan) - Unknown owner - C:\Programme\Gemeinsame Dateien\G Data\GDScan\GDScan.exe (file missing) O23 - Service: G Data Tuner Service (GDTunerSvc) - Unknown owner - C:\Programme\G Data\TotalProtection\AVKTuner\AVKTunerService.exe (file missing) O23 - Service: G Data Datensafe Service (TSNxGService) - Unknown owner - C:\Programme\G Data\TotalProtection\TSNxG\TSNxGService.exe (file missing) O23 - Service: Windows Presentation Foundation Font Cache 4.0.0.0 (WPFFontCache_v0400) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (file missing) -- End of file - 6143 bytes
