Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Bitte Dringend Hilfe (https://www.trojaner-board.de/12756-bitte-dringend-hilfe.html)

Karottensuppe 25.01.2005 22:05

Bitte Dringend Hilfe
 
Habe ein Problem mit dem Web Site Viewer wer kann mir helfen.


Vielen Dank

Haui45 25.01.2005 22:09

Zitat:

Habe ein Problem mit dem Web Site Viewer wer kann mir helfen.
Sehr genaue Problembeschreibung :lach:

Poste ein HijackThis Logfile:
kurze Beschreibung
ausführliche Beschreibung

Karottensuppe 25.01.2005 22:12

Bitte hilf mir ich verzweifle noch
 
Der sagt mir der Text ist zu lang.

Was genau brauchst du von mir?

Haui45 25.01.2005 22:14

Wenn das Logfile tatsächlich zu lang ist, teile es auf 2 Postings auf.

Cidre 25.01.2005 22:15

Hallo,

teile dein Log-File auf zwei oder mehrere Posts auf, dann müsste es funktionieren.

@ Haui45
Warst minimal schneller.;)

Karottensuppe 25.01.2005 22:16

Ok 1. teil

Logfile of HijackThis v1.99.0
Scan saved at 22:16:10, on 25.01.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\Ati2evxx.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe
C:\Programme\T-Online\Dialerschutz-Software\DFInject.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\DJSNETCN.exe
C:\WINDOWS\System32\mnmsrvc.exe
C:\Programme\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\SONY\vaio media music server\SSSvr.exe
C:\Programme\sony\photo server 20\appsrv\PicAppSrv.exe
C:\WINDOWS\system32\syspo.exe
C:\WINDOWS\system32\carpserv.exe
C:\Programme\Apoint\Apoint.exe
C:\Programme\Sony\HotKey Utility\HKserv.exe
C:\WINDOWS\system32\ICO.EXE
C:\WINDOWS\System32\ezSP_Px.exe
C:\Programme\drag'n drop cd+dvd\BinFiles\DragDrop.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe
C:\WINDOWS\System32\LVCOMSX.EXE
C:\WINDOWS\System32\yaqylq.exe
C:\Programme\Java\j2re1.4.2_05\bin\jusched.exe
C:\WINDOWS\apiak.exe
C:\WINDOWS\system32\tibs3.exe
C:\Programme\SpyHunter\PopupBlocker\EnigmaPopupStop.exe
C:\Programme\Microsoft Office\Office\FINDFAST.EXE
C:\Programme\Microsoft Office\Office\OSA.EXE
C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Center\SymWSC.exe
C:\Programme\Apoint\Apntex.exe
C:\Programme\Gemeinsame Dateien\sony shared\vaio media platform\SV_Httpd.exe
C:\Programme\Gemeinsame Dateien\sony shared\vaio media platform\UPnPFramework.exe
C:\Programme\Sony\HotKey Utility\HKWnd.exe
C:\Programme\T-Online\T-Online_Software_5\Basis-Software\Basis2\kernel.exe
C:\Programme\T-Online\T-Online_Software_5\Basis-Software\Basis2\sc_watch.exe
C:\PROGRA~1\T-Online\T-ONLI~1\BASIS-~1\Basis2\PROFIL~1.EXE
C:\PROGRAMME\T-ONLINE\T-ONLINE_SOFTWARE_5\BROWSER\BROWSER.EXE
C:\Programme\Messenger\msmsgs.exe
C:\DOKUME~1\INGOBE~1\LOKALE~1\Temp\Temporäres Verzeichnis 2 für hijackthis.zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\xzxaf.dll/sp.html#44768
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\xzxaf.dll/sp.html#44768
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.t-online.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\system32\xzxaf.dll/sp.html#44768
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\xzxaf.dll/sp.html#44768
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\xzxaf.dll/sp.html#44768
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\xzxaf.dll/sp.html#44768
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\xzxaf.dll/sp.html#44768
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.t-online.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,YAHOOSubst = a|http://www.thehun.net|http://www.worldsex.com/
b|http://www.thehun.net|http://www.worldsex.com/
c|http://www.thehun.net|http://www.worldsex.com/
d|http://www.thehun.net|http://www.worldsex.com/
e|http://www.thehun.net|http://www.worldsex.com/
f|http://www.thehun.net|http://www.worldsex.com/
g|http://www.thehun.net|http://www.worldsex.com/
h|http://www.thehun.net|http://www.worldsex.com/
i|http://www.thehun.net|http://www.worldsex.com/
j|http://www.thehun.net|http://www.worldsex.com/
k|http://www.thehun.net|http://www.worldsex.com/
l|http://www.thehun.net|http://www.worldsex.com/
m|http://www.thehun.net|http://www.worldsex.com/
n|http://www.thehun.net|http://www.worldsex.com/
o|http://www.thehun.net|http://www.worldsex.com/
p|http://www.thehun.net|http://www.worldsex.com/
q|http://www.thehun.net|http://www.worldsex.com/
r|http://www.thehun.net|http://www.worldsex.com/
s|http://www.thehun.net|http://www.worldsex.com/
t|http://www.thehun.net|http
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,YAHOOSubst = a|http://www.thehun.net|http://www.worldsex.com/
b|http://www.thehun.net|http://www.worldsex.com/
c|http://www.thehun.net|http://www.worldsex.com/
d|http://www.thehun.net|http://www.worldsex.com/
e|http://www.thehun.net|http://www.worldsex.com/
f|http://www.thehun.net|http://www.worldsex.com/
g|http://www.thehun.net|http://www.worldsex.com/
h|http://www.thehun.net|http://www.worldsex.com/
i|http://www.thehun.net|http://www.worldsex.com/
j|http://www.thehun.net|http://www.worldsex.com/
k|http://www.thehun.net|http://www.worldsex.com/
l|http://www.thehun.net|http://www.worldsex.com/
m|http://www.thehun.net|http://www.worldsex.com/
n|http://www.thehun.net|http://www.worldsex.com/
o|http://www.thehun.net|http://www.worldsex.com/
p|http://www.thehun.net|http://www.worldsex.com/
q|http://www.thehun.net|http://www.worldsex.com/
r|http://www.thehun.net|http://www.worldsex.com/
s|http://www.thehun.net|http://www.worldsex.com/
t|http://www.thehun.net|http
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer bereitgestellt von T-Online International AG
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {B4D3C38A-0276-BEE3-D10C-C4514DA9C145} - C:\WINDOWS\apiak.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programme\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programme\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [HKSERV.EXE] C:\Programme\Sony\HotKey Utility\HKserv.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [Drag'n Drop CD+DVD] C:\Programme\drag'n drop cd+dvd\BinFiles\DragDrop.exe /StartUp
O4 - HKLM\..\Run: [System Service] C:\WINDOWS\System32\msrexe.exe
O4 - HKLM\..\Run: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Programme\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [websx] C:\Programme\websx\int25420.exe -auto
O4 - HKLM\..\Run: [ytihamy] C:\WINDOWS\System32\yaqylq.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [apiak.exe] C:\WINDOWS\apiak.exe

Karottensuppe 25.01.2005 22:17

2. teil

O4 - HKLM\..\Run: [tibs3] C:\WINDOWS\system32\tibs3.exe
O4 - HKLM\..\Run: [SpyHunter] C:\Programme\SpyHunter\SpyHunter.exe
O4 - HKLM\..\Run: [EnigmaPopupStop] C:\Programme\SpyHunter\PopupBlocker\EnigmaPopupStop.exe
O4 - HKLM\..\RunServices: [DJSNetCN] C:\Programme\Gemeinsame Dateien\Symantec Shared\DJSNETCN.exe
O4 - HKLM\..\RunOnce: [!CleanupNetMeetingDispDriver] "C:\WINDOWS\system32\rundll32.exe" msconf.dll,CleanupNetMeetingDispDriver 0
O4 - HKCU\..\Run: [sws.exe] c:\programme\GlobalDialer\diacl00012\906273.exe -remove
O4 - HKCU\..\Run: [LDM] \Program\
O4 - HKCU\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programme\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Microsoft-Indexerstellung.lnk = C:\Programme\Microsoft Office\Office\FINDFAST.EXE
O4 - Global Startup: Office-Start.lnk = C:\Programme\Microsoft Office\Office\OSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: (no name) - {173F3521-8FBE-4d0c-B14D-C4D8513A06C0} - C:\WINDOWS\htasys.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {173F3521-8FBE-4d0c-B14D-C4D8513A06C0} - C:\WINDOWS\htasys.dll (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://www.t-online.de/service/redir/ie_t-online.htm
O15 - Trusted Zone: *.sony-europe.com
O15 - Trusted Zone: *.sonystyle-europe.com
O15 - Trusted Zone: *.vaio-link.com
O16 - DPF: Yahoo! Chess - http://download.games.yahoo.com/game...ts/y/ct2_x.cab
O16 - DPF: {00000000-0000-0000-0000-000020030000} - http://www.advnt01.com/dialer/ger_nopop.exe
O16 - DPF: {12398DD6-40AA-4C40-A4EC-A42CFC0DE797} (Installer Class) - http://www.xxxtoolbar.com/ist/softwa...06_regular.cab
O16 - DPF: {22A88341-AFCB-45F0-A856-C2BAE74F878E} (InstallX Class) - http://www.20x2p.com/2384d5de/enter.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/S...in/AvSniff.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} - http://tools.ebayimg.com/eps/wl/acti...l_v1-0-3-9.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - http://god.t-online.de/download/ExentCtl.ocx
O16 - DPF: {853B7AC5-1DC9-484C-972B-479E790D4A4D} (CVxChatControl Object) - http://www.visit-x.net/downloads/app...-Client-71.cab
O16 - DPF: {91433D86-9F27-402C-B5E3-DEBDD122C339} - http://www.netvenda.com/sites/games-intl/de/games4.cab
O16 - DPF: {928626A3-6B98-11CF-90B4-00AA00A4011F} (SurroundVideoCtrl Object) - http://www.allgaeu-sonne.de/plugin/mssurvid.cab
O16 - DPF: {A45A8A35-19FA-4E8B-874C-CBA3107F354C} (GVLaunch Control) - http://www.casinolauncher.com/gvlaunch.cab
O16 - DPF: {BE95EB50-BF4C-11D2-AD93-0060087E046C} (debitel KundenService) - https://kundenservice.debitel.com/sccicci173.cab
O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} - http://eu.download.games.yahoo.com/z...ylomloader.cab
O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} - http://tools.ebayimg.com/eps/activex...l_v1-0-3-0.cab
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - http://us.dl1.yimg.com/download.comp...io5_3_18_0.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{E7B9E502-5C01-4419-B2EF-75ED91D0C219}: NameServer = 217.237.150.141 217.237.150.97
O18 - Protocol: bw+0 - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logite

Karottensuppe 25.01.2005 22:18

3. teil

col: bw60s - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {025D3E72-3FD5-4D27-AED8-643D1E3CC18B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ati HotKey Poller - Unknown - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Symantec Event Manager - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccPwdSvc.exe
O23 - Service: Dialerschutz Dienst - Unknown - C:\Programme\T-Online\Dialerschutz-Software\DFInject.exe
O23 - Service: Symantec Licensing Detect Internet Connection - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\DJSNETCN.exe
O23 - Service: Norton AntiVirus Auto Protect Service - Symantec Corporation - C:\Programme\Norton AntiVirus\navapsvc.exe
O23 - Service: ScriptBlocking Service - Symantec Corporation - C:\PROGRA~1\GEMEIN~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service - Symantec Corporation - C

Lutz 26.01.2005 10:51

Das sieht nicht gut aus. :(

Um beurteilen zu können, ob eine Rettungsaktion Sinn machen kann, oder nur eine Neuinstallation bleibt, mach mal einen Scan mit eScan (siehe Signatur - Anleitung genau beachten!) und poste anschließend, was gefunden wurde.
Öffne dazu die mwav.log -> Bearbeiten -> Suchen -> infected oder tagged eingeben -> Weitersuchen -> Treffer markieren/kopieren und ins Forum übertragen.

Karottensuppe 26.01.2005 12:39

Danke für deine Hilfe erstmal.

Ich mach gerade ein eScan aber der macht das seid 2 Stunden wie lange dauert das im normalfall?

Lutz 26.01.2005 12:42

Zitat:

Zitat von Karottensuppe
Ich mach gerade ein eScan aber der macht das seid 2 Stunden wie lange dauert das im normalfall?

Das variiert sehr stark. 'Normal' ist rd. 1 Stunde. Ich habe aber schon Rechner gesehen, bzw. davon gehört, dass es rd. 5 (!) Stunden gedauert hat...

BTW: Bis Du zur Zeit mit dem gleichen Rechner online?

Karottensuppe 26.01.2005 12:43

Ja bin ich?

Lutz 26.01.2005 12:45

Zitat:

Zitat von Karottensuppe
Ja bin ich?

ist das jetzt eine Frage oder eine Feststellung? ;)
OK - war nur Spaß.
Normalerweise sollte man eScan im abgesicherten Modus des PC laufen lassen und diesen ansonsten 'ruhen' lassen...

Karottensuppe 26.01.2005 12:46

wie mach ich das im abgesichertem Modus?
Und was muss ich machen wenn er fertig ist?

Lutz 26.01.2005 12:53

In den abgesicherten Modus kommst Du so -> http://www.trojaner-board.de/63335-w...s-starten.html
Wenn Du den Rechner im abges. Modus gestartet hast, geht es genauso wie im normalen Modus.


Alle Zeitangaben in WEZ +1. Es ist jetzt 22:17 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131