Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Hilfe Rechner voll Spyware!! Brauche dringend HILFE!!! (https://www.trojaner-board.de/14793-hilfe-rechner-voll-spyware-brauche-dringend-hilfe.html)

Kimvestor 03.03.2005 01:11
Hilfe Rechner voll Spyware!! Brauche dringend HILFE!!!
 
Hallo, Habe Spyware auf meinen Rechner, die ich einfahc nicht wegbekomme. Habe unzählige Programme ausprobiert: Adaware, Hijackthis1.99.1, Spybot s&d, Cwshredder, usw.... nichts hat geholfen die kommen immer wieder bzw werden nicht gelöscht! Bitte helft mir die dinger zu Löschen und mein Rechner zu reinigen!!! Es ist mir sehr wichtig!!!

hier logfile

Logfile of HijackThis v1.99.1
Scan saved at 00:48:21, on 03.03.2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\spoolsv.exe
F:\Programme\AVPersonal\AVGUARD.EXE
F:\Programme\AVPersonal\AVWUPSRV.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\System32\servicelog.exe
F:\Programme\AVPersonal\AVGNT.EXE
F:\Programme\AVPersonal\AVSched32.EXE
C:\WINDOWS\Mixer.exe
C:\Programme\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\Programme\Musicmatch\Musicmatch Jukebox\mmtask.exe
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\spool32.exe
C:\WINDOWS\System32\hllcxpa.exe
C:\WINDOWS\System32\MSWSCK32.exe
C:\WINDOWS\hsbwz.exe
C:\WINDOWS\System32\ap9h4qmo.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\WINDOWS\System32\MSWSCK32.exe
C:\Programme\Spyware Doctor\swdoctor.exe
C:\Programme\Logitech\SetPoint\KEM.exe
C:\Programme\Logitech\SetPoint\KHALMNPR.EXE
C:\WINDOWS\System32\mpdat.exe
C:\WINDOWS\System32\wuauclt.exe
c:\W32mon.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Programme\Gemeinsame Dateien\Real\Update_OB\rnathchk.exe
C:\Programme\Internet Explorer\IEXPLORE.EXE
C:\Dokumente und Einstellungen\Noga\Lokale Einstellungen\Temp\Temporäres Verzeichnis 6 für hijackthis.zip\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
F2 - REG:system.ini: Shell=Explorer.exe mpdat.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [AVGCtrl] "F:\Programme\AVPersonal\AVGNT.EXE" /min
O4 - HKLM\..\Run: [AVSCHED32] F:\Programme\AVPersonal\AVSched32.EXE /min
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [MMTray] C:\Programme\Musicmatch\Musicmatch Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [mmtask] C:\Programme\Musicmatch\Musicmatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [TkBellExe] C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe -osboot
O4 - HKLM\..\Run: [USB Device] servicelog.exe
O4 - HKLM\..\Run: [Norton Antivirus Protection] spool32.exe
O4 - HKLM\..\Run: [HLL Data Parameter] hllcxpa.exe
O4 - HKLM\..\Run: [Microsoft Winsocks 32 Controller] MSWSCK32.exe
O4 - HKLM\..\Run: [hsbwz] C:\WINDOWS\hsbwz.exe
O4 - HKLM\..\Run: [antiware] C:\windows\system32\elitelgc32.exe
O4 - HKLM\..\Run: [Media Pass] C:\Program Files\Media Pass\MediaPass.exe
O4 - HKLM\..\Run: [ap9h4qmo] C:\WINDOWS\System32\ap9h4qmo.exe
O4 - HKLM\..\RunServices: [USB Device] servicelog.exe
O4 - HKLM\..\RunServices: [Norton Antivirus Protection] spool32.exe
O4 - HKLM\..\RunServices: [HLL Data Parameter] hllcxpa.exe
O4 - HKLM\..\RunServices: [Microsoft Winsocks 32 Controller] MSWSCK32.exe
O4 - HKLM\..\RunOnce: [USB Device] servicelog.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [LDM] \Program\
O4 - HKCU\..\Run: [USB Device] servicelog.exe
O4 - HKCU\..\Run: [Norton Antivirus Protection] spool32.exe
O4 - HKCU\..\Run: [HLL Data Parameter] hllcxpa.exe
O4 - HKCU\..\Run: [Microsoft Winsocks 32 Controller] MSWSCK32.exe
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Programme\Spyware Doctor\swdoctor.exe" /Q
O4 - HKCU\..\RunServices: [HLL Data Parameter] hllcxpa.exe
O4 - HKCU\..\RunOnce: [USB Device] servicelog.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programme\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\KEM.exe
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://F:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\MSMSGS.EXE
O12 - Plugin for .tiff: C:\Programme\Internet Explorer\PLUGINS\npqtplugin5.dll
O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{690B83B2-45E0-4D8E-9480-048275B13792}: NameServer = 217.65.24.98 212.80.224.161
O18 - Protocol: bw+0 - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {A609F16E-0C80-4995-A057-865DA481C42D} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - F:\Programme\AVPersonal\AVGUARD.EXE
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - F:\Programme\AVPersonal\AVWUPSRV.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccPwdSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

dartus 03.03.2005 01:37
Hallo Kimvestor,

Dein Sytem ist hoffnungslos verseucht.
Zumindest dieser war zu identifizieren:

hllcxpa.exe = http://www.sophos.com/virusinfo/analyses/w32rbottz.html

Bei einem Trojaner mit Backdoorfunktionalität
wird Dir hier dringend zu Formar C. geraten, da Dein System nicht mehr vertrauenswürdig ist.
http://www.mathematik.uni-marburg.de...ompromise.html
http://www.mathematik.uni-marburg.de...c-removal.html

Hier eine erstklassige Anleitung:

http://www.trojaner-board.de/showthread.php?t=12154

Datensicherung:

http://www.trojaner-board.de/showpos...8&postcount=11

Hier kannst Du folgende unbekannte Dateien kostenlos checken lassen:

http://www.malwareupload.com

C:\WINDOWS\System32\spool32.exe
C:\WINDOWS\hsbwz.exe
C:\WINDOWS\System32\ap9h4qmo.exe
C:\WINDOWS\System32\MSWSCK32.exe
C:\WINDOWS\System32\mpdat.exe
c:\W32mon.exe
C:\windows\system32\servicelog.exe

Hier ein paar Erläuterung zum Uploadserver:

http://www.trojaner-board.de/showthr...istian+malware


sry
dartus


Alle Zeitangaben in WEZ +1. Es ist jetzt 18:51 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131