Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: logfile kontrollieren pls

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 11.03.2005, 22:20   #1
martin1660
 
logfile kontrollieren pls - Standard

logfile kontrollieren pls



Logfile of HijackThis v1.99.1
Scan saved at 22:17:19, on 11.03.2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
c:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe
c:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Gemeinsame Dateien\WinTools\WToolsA.exe
C:\Programme\Gemeinsame Dateien\WinTools\WSup.exe
C:\WINDOWS\system32\crypserv.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Gemeinsame Dateien\Softwin\BitDefender Communicator\xcommsvr.exe
C:\WINDOWS\Dit.exe
C:\WINDOWS\System32\RunDll32.exe
C:\HP\KBD\KBD.EXE
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe
C:\WINDOWS\DitExp.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
C:\WINDOWS\System32\hphmon03.exe
C:\Programme\Hewlett-Packard\PhotoSmart\Photo Imaging\Hpi_Monitor.exe
C:\Programme\Hewlett-Packard\PhotoSmart\HP Share-to-Web\hpgs2wnd.exe
C:\PROGRA~1\HEWLET~1\PHOTOS~1\HPSHAR~1\hpgs2wnf.exe
C:\Programme\ICQLite\ICQLite.exe
C:\Programme\OutLaster\shhost.exe
C:\PROGRA~1\Save\Save.exe
C:\windows\system32\mksc.exe
C:\WINDOWS\System32\rundll32.exe
C:\Programme\NavExcel\NavHelper\v2.0.4d\navapp.exe
C:\Programme\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\webHancer\Programs\whAgent.exe
C:\Programme\Java\jre1.5.0_01\bin\jusched.exe
C:\Programme\Winamp\winampa.exe
C:\Programme\ClockSync\Sync.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Programme\Siemens\Gigaset WLAN Adapter\wlm.exe
C:\Valve\Steam\Steam.exe
C:\Dokumente und Einstellungen\home\Desktop\allerlei\Teamspeak2_RC2\TeamSpeak.exe
c:\Programme\Norton AntiVirus\navapsvc.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\Gemeinsame Dateien\Softwin\BitDefender Scan Server\bdss.exe
c:\progra~1\softwin\bitdef~1\bdmcon.exe
c:\progra~1\softwin\bitdef~1\bdlite.exe
C:\PROGRA~1\WINZIP\winzip32.exe
C:\Dokumente und Einstellungen\home\Lokale Einstellungen\Temp\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://at7.hpwis.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-de8.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.websearch.com/ie.aspx?tb_id=50193
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.createphpbb.com/phpbb/ind...?mforum=vernon
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://at7.hpwis.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-de8.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.websearch.com/ie.aspx?tb_id=50193
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-de8.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-de8.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://at7.hpwis.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.websearch.com/ie.aspx?tb_id=50193
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://at7.hpwis.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {87766247-311C-43B4-8499-3D5FEC94A183} - C:\PROGRA~1\GEMEIN~1\WinTools\WToolsB.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Popup Manager - {08E74C67-99A6-45C7-94DA-A397A8FD8082} - C:\Programme\Popup Manager\PopupMgr_1.0.1.5.dll
O2 - BHO: URLLink Class - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Programme\NewDotNet\newdotnet6_38.dll (file missing)
O2 - BHO: (no name) - {87766247-311C-43B4-8499-3D5FEC94A183} - C:\PROGRA~1\GEMEIN~1\WinTools\WToolsB.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Programme\Norton AntiVirus\NavShExt.dll
O2 - BHO: NavHelper Class - {C1E58A84-95B3-4630-B8C2-D06B77B7A0FC} - C:\Programme\NavExcel\NavHelper\v2.0.4d\NHelper.dll
O2 - BHO: WhIeHelperObj Class - {c900b400-cdfe-11d3-976a-00e02913a9e0} - C:\Program Files\webHancer\programs\whiehlpr.dll
O2 - BHO: UrlCatcher Class - {CE31A1F7-3D90-4874-8FBE-A5D97F8BC8F1} - C:\Programme\Bargain Buddy\bin\apuc.dll (file missing)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Programme\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [ccApp] "c:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [UpdateManager] "C:\Programme\Gemeinsame Dateien\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [PCMService] "C:\Programme\Home Cinema\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [HPHmon03] C:\WINDOWS\System32\hphmon03.exe
O4 - HKLM\..\Run: [CXMon] "C:\Programme\Hewlett-Packard\PhotoSmart\Photo Imaging\Hpi_Monitor.exe"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Programme\Hewlett-Packard\PhotoSmart\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -minimize
O4 - HKLM\..\Run: [shhost] C:\Programme\OutLaster\shhost.exe
O4 - HKLM\..\Run: [webHancer Survey Companion] "C:\Program Files\webHancer\Programs\whSurvey.exe"
O4 - HKLM\..\Run: [WhenUSave] C:\PROGRA~1\Save\Save.exe
O4 - HKLM\..\Run: [OSS] c:\windows\system32\mksc.exe -boot
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,NewDotNetStartup -s
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [navapp] C:\Programme\NavExcel\NavHelper\v2.0.4d\navapp.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [WinTools] C:\PROGRA~1\GEMEIN~1\WinTools\WToolsA.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Programme\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [webHancer Agent] "C:\Program Files\webHancer\Programs\whAgent.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Programme\Winamp\winampa.exe
O4 - HKLM\..\Run: [BDMCon] C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe
O4 - HKLM\..\Run: [BDNewsAgent] C:\Programme\Softwin\BitDefender Free Edition\bdnagent.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [ClockSync] C:\Programme\ClockSync\Sync.exe /q
O4 - HKCU\..\Run: [msnmsgr] "C:\Programme\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -trayboot
O4 - Global Startup: Gigaset WLAN Adapter Monitor.lnk = ?
O4 - Global Startup: ZoneAlarm.lnk = C:\Programme\Zone Labs\ZoneAlarm\zonealarm.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra button: ICQ 4.1 - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\MSMSGS.EXE
O10 - Broken Internet access because of LSP provider 'c:\programme\newdotnet\newdotnet6_38.dll' missing
O12 - Plugin for .spop: C:\Programme\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://at7.hpwis.com
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/game...s/y/pote_x.cab
O16 - DPF: {00000000-CDDC-0704-0B53-2C8830E9FAEC} - http://install.global-netcom.de/ieloader.cab
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/Ga.../bridge-c6.cab
O16 - DPF: {8FA9D107-547B-4DBC-9D88-FABD891EDB0A} (shizmoo Class) - http://playroom.icq.com/odyssey_web11.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://134.68.137.201/activex/AxisCamControl.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/ms...downloader.cab
O16 - DPF: {D7A4D8FB-83F0-40E5-954F-88F48D15AE96} (ICQVideoWindow Class) - http://xtraz.icq.com/xtraz/activex/ICQVideoControl.cab
O16 - DPF: {E0B795B4-FD95-4ABD-A375-27962EFCE8CF} (StarInstall Control) - http://install.serviceurl.de/StarInstall.ocx
O16 - DPF: {E123BED4-B8C7-42BB-958F-F13CA77EF95D} (Anark Client ActiveX Control) - http://install.anark.com/client/vers...n/AMClient.cab
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - http://us.dl1.yimg.com/download.comp...io5_3_18_0.cab
O18 - Protocol: bw+0 - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {D9406806-60FD-4D8A-9A57-0BCFF2CFB44F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Programme\Gemeinsame Dateien\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Programme\Gemeinsame Dateien\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: ISEXEng - Unknown owner - C:\WINDOWS\System32\angelex.exe (file missing)
O23 - Service: Norton AntiVirus Auto-Protect-Dienst (navapsvc) - Symantec Corporation - c:\Programme\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver - HP - C:\WINDOWS\System32\HPHipm09.exe
O23 - Service: SAVScan - Symantec Corporation - c:\Programme\Norton AntiVirus\SAVScan.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Programme\Gemeinsame Dateien\Softwin\BitDefender Communicator\xcommsvr.exe


danke schon mal im vorraus

Alt 11.03.2005, 22:39   #2
dartus
 
logfile kontrollieren pls - Standard

logfile kontrollieren pls



Hallo martin1660,

uploade bitte folgende Datei:
(Falls noch nicht eingestellt: Öffne den Explorer-->Extras-->Ordneroptionen-->Ansicht-->Systendateien ausblenden "häckchen weg und "Alle Dateien und Ordner Anzeigen" anklicken)

C:\Programme\OutLaster\shhost.exe

hier --> http://www.malwareupload.com
Erläuterungen

Desweiteren lass die Datei einmal hier online scannen:

http://virusscan.jotti.org

dartus
__________________


Alt 12.03.2005, 11:09   #3
martin1660
 
logfile kontrollieren pls - Standard

logfile kontrollieren pls



also ich find die datei nicht, da ist nur eine .exe datei drinnen: un-shoot.exe


dann habe uich nich einen scan mit MWAV geamncht und dann kamen socleh infizierte datein:z.B.

File C:\DOKUME~1\home\LOKALE~1\Temp\Temporary Internet Files\Content.IE5\GLANW1Y3\a576a971[1].js infected by "Trojan-Downloader.JS.Small.af" Virus.

oder:

File C:\DOKUME~1\home\LOKALE~1\Temp\Temporary Internet Files\Content.IE5\GH6RG1I7\WinTA[1].cab infected by "not-a-virus:AdWare.Wintol.t" Virus.

kann man solche datein per hand löschen oder sind das wirklich wichtige datein??? weil bei den scan stand bei den meisten "not-a-virus" dabei
__________________

Alt 12.03.2005, 18:16   #4
dartus
 
logfile kontrollieren pls - Standard

logfile kontrollieren pls



Hallo martin1660,

dann uploade und lass eben diese Datei online-scannen.

Du hast den Escan nicht im abgesicherten Modus gemacht.
http://www.systemwiederherstellung-d...indows-xp.html
Wiederhole den Scan auch mit den Optionen "All local Drives" und "scan all".
Poste auch das Gesamtergebnis (befindet sich ganz unten im Logfile).

dartus

Antwort

Themen zu logfile kontrollieren pls
.inf, adobe, antivirus, askbar, bho, computer, defender, desktop, drivers, einstellungen, explorer, file missing, hijack, hijackthis, home, internet, internet explorer, logfile, nvcpl.dll, popup, rundll, server, settings manager, software, sun java, symantec, system, teamspeak, temp, urlsearchhook, windows, windows messenger, windows xp, wlan




Ähnliche Themen: logfile kontrollieren pls


  1. Will meinen PC kontrollieren.
    Plagegeister aller Art und deren Bekämpfung - 11.02.2015 (13)
  2. Batch Datei kontrollieren
    Alles rund um Windows - 23.01.2011 (2)
  3. würde jemand diesen logfile kontrollieren?
    Log-Analyse und Auswertung - 19.12.2010 (26)
  4. Logs kontrollieren
    Log-Analyse und Auswertung - 04.04.2010 (10)
  5. Bitte logfile kontrollieren
    Mülltonne - 24.07.2008 (1)
  6. hijacker log bitte kontrollieren
    Log-Analyse und Auswertung - 30.03.2008 (39)
  7. Bitte hjt-log kontrollieren
    Mülltonne - 28.03.2008 (0)
  8. Kann mal jemand den Logfile kontrollieren? Danke schonmal!
    Log-Analyse und Auswertung - 19.02.2006 (1)
  9. Logfile Kontrollieren
    Log-Analyse und Auswertung - 29.12.2005 (1)
  10. Neues log mal kontrollieren
    Log-Analyse und Auswertung - 08.11.2005 (4)
  11. [B]Bitte Log kontrollieren![/B]
    Log-Analyse und Auswertung - 09.10.2005 (2)
  12. Bitte Logfile Kontrollieren (newdotnet)
    Log-Analyse und Auswertung - 05.10.2005 (15)
  13. e-scan kontrollieren
    Log-Analyse und Auswertung - 01.06.2005 (1)
  14. meinen Log bitte kontrollieren
    Log-Analyse und Auswertung - 22.03.2005 (2)
  15. logfile kontrollieren pls
    Log-Analyse und Auswertung - 11.03.2005 (1)
  16. plz einmal die logfile kontrollieren.....
    Log-Analyse und Auswertung - 09.02.2005 (1)
  17. Hallo, wer kann mir helfen und mein Logfile kontrollieren!
    Log-Analyse und Auswertung - 14.10.2004 (5)

Zum Thema logfile kontrollieren pls - Logfile of HijackThis v1.99.1 Scan saved at 22:17:19, on 11.03.2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe - logfile kontrollieren pls...
Archiv
Du betrachtest: logfile kontrollieren pls auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.