Trojaner-Board - Ungewöhnlich langer Logfile....

Trojaner-Board (https://www.trojaner-board.de/)

- Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)

- - Ungewöhnlich langer Logfile.... (https://www.trojaner-board.de/16941-ungewoehnlich-langer-logfile.html)

Ungewöhnlich langer Logfile....

.... und die Auswertung auf hijackthis.de versagt....

Könntet ihr mir bitte weiterhelfen.... Hier der eweig lange Logfile.....:

Logfile of HijackThis v1.99.1
Scan saved at 21:38:44, on 21.04.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Nhksrv.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\System32\cisvc.exe
C:\Programme\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Center\SymWSC.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe
C:\PROGRA~1\MICROS~2\GAMECO~1\Common\SWTrayV4.exe
C:\WINDOWS\DELLMMKB.EXE
C:\WINDOWS\system32\SafeSignCertReg.exe
C:\Programme\Java\j2re1.4.2_03\bin\jusched.exe
C:\Programme\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
C:\Programme\Ahead\InCD\InCD.exe
C:\WINDOWS\system32\RUNDLL32.exe
C:\windows\system32\sncntr.exe
C:\windows\system32\sp2ctr.exe
C:\windows\system32\evthtm.exe
C:\Programme\QuickTime\qttask.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\tbctray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Programme\MSN Messenger\MsnMsgr.Exe
C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe
C:\Programme\Logitech\MouseWare\system\em_exec.exe
C:\Programme\Netropa\OSD.exe
C:\Programme\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\explorer.exe
C:\Programme\Messenger\msmsgs.exe
C:\PROGRA~1\MICROS~3\OFFICE11\OUTLOOK.EXE
C:\Programme\Microsoft Office\OFFICE11\WINWORD.EXE
D:\Jenny\Programme\firefox.exe
C:\DOKUME~1\shary\LOKALE~1\Temp\Rar$EX00.531\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bluewin.ch/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Jenny\Programme\adobe\ActiveX\AcroIEHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programme\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programme\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [NAV CfgWiz] C:\Programme\Gemeinsame Dateien\Symantec Shared\CfgWiz.exe /GUID NAV /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SideWinderTrayV4] C:\PROGRA~1\MICROS~2\GAMECO~1\Common\SWTrayV4.exe
O4 - HKLM\..\Run: [DellTouch] C:\WINDOWS\DELLMMKB.EXE
O4 - HKLM\..\Run: [CertificateRegistration] SafeSignCertReg.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Programme\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Programme\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe "C:\Programme\WildTangent\Apps\CDA\cdaEngine0400.dll",cdaEngineMain
O4 - HKLM\..\Run: [sncntr] c:\windows\system32\sncntr.exe /nocomm
O4 - HKLM\..\Run: [sp2ctr] c:\windows\system32\sp2ctr.exe /nocomm
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [EvtHtm] c:\windows\system32\evthtm.exe /nocomm
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [GIWNSQSU] c:\windows\system32\giwnsqsu.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [TraySantaCruz] C:\WINDOWS\system32\tbctray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [LDM] C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programme\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programme\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ 4.1 - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/S...in/AvSniff.cab
O16 - DPF: {41649A90-B484-11D1-8D75-00C04FC24EE6} (WebEQ Browser Controls) - http://www.dessci.com/en/dl/wbqviewer/WebEQInstall.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/176c6f5d...dxIE601_de.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.co...?1095631794718
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/ms...downloader.cab
O16 - DPF: {B942A249-D1E7-4C11-98AE-FCB76B08747F} (RealArcadeRdxIE Class) - http://games-dl.real.com/gameconsole...rcadeRdxIE.cab
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/aio/de/check/qdiagh.cab?315
O18 - Protocol: bw+0 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} -
C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Programme\Ahead\InCD\InCDsrv.exe
O23 - Service: Norton AntiVirus Auto-Protect-Dienst (navapsvc) - Symantec Corporation - C:\Programme\Norton AntiVirus\navapsvc.exe
O23 - Service: Netropa NHK Server (Nhksrv) - Unknown owner - C:\WINDOWS\Nhksrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Programme\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\GEMEIN~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Center\SymWSC.exe

Uff.... Danke euch für eure Hilfe...

;) LG ;)

Zweit-PC? -> http://www.trojaner-board.de/showthread.php?t=16894
;)

Im Log sind einige unschöne Einträge, führe deshalb zunächst dies aus:
Lade eScan herunter und scanne das System gemäß dieser Anleitung im abgesicherten Modus (alternativer Downloadlink).
Wichtig: Arbeite die einzelnen Schritte der Anleitung aufmerksam ab. eScan muss ins Verzeichnis c:\bases_x entpackt werden, die Haken müssen so, wie es auf den Bildern zu sehen ist, gesetzt sein.
Speichere außerdem diese Datei mittels Rechtsklick-> "Ziel speichern unter..." auf deiner Festplatte. Führe sie nach dem Scan mit eScan aus (Doppelklick). Danach solltest du die Datei C:\eScan_neu.txt auf deiner Festplatte finden. Den Inhalt dieser Datei postest du dann bitte in diesen Thread.

MfG Haui

P.S.: Da du Probleme mit der automatischen Auswertung hast, habe ich das mal für dich gemacht :blabla:
http://www.hijackthis.de/logfiles/5b...7f0160c3e.html

Hier bitte mal zuallererst Escan(http://www.trojaner-board.de/42731-escan-anleitung.html)

-Anleitung bitte genau beachten-

im abgesicherten Modus bei deaktivierter Systemwiederherstellung durchführen:

http://www.systemwiederherstellung-d...indows-xp.html.

Speichere außerdem diese Datei mittels Rechtsklick-> "Ziel speichern unter..." auf deiner Festplatte. Führe sie nach dem Scan mit eScan aus (Doppelklick). Danach solltest du die Datei C:\eScan_neu.txt auf deiner Festplatte finden. Den Inhalt dieser Datei postest du dann bitte in diesen Thread.

Edit:@Haui

da war ich aber sehr langsam

Hallo Haui

Der Link ist nen PC den ich richten soll.(Besitzer nur flüchtig bekannt. Der zahlt für´s richten.... ;) ) Der hiesige Thread ist ein PC von nem Freund ohne große PC-Kenntnisse... Nutzt ihn eigentlich nur zum surfen und schreiben...

Anweisungen habe ich kopiert/runtergeladen/ausgedruckt. Werde mich wieder melden wenn ich fertig bin.

@cronos: Auch dir danke für deine Antwort

;) LG ;)

Hi

hier der Inhalt der File....

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Funde für "infected"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Fri Apr 22 15:49:05 2005 => File c:\windows\system32\sncntr.exe infected by "not-a-virus:Porn-Dialer.Win32.DialerComp" Virus. Action Taken: No Action Taken.
Fri Apr 22 15:49:06 2005 => File c:\windows\system32\evthtm.exe infected by "Trojan-Downloader.Win32.Dluca.an" Virus. Action Taken: No Action Taken.
Fri Apr 22 15:49:23 2005 => System found infected with Gator Spyware/Adware ({21FFB6C0-0DA1-11D5-A9D5-00500413153C})! Action taken: No Action Taken.
Fri Apr 22 15:49:23 2005 => File System Found infected by "Gator Spyware/Adware" Virus. Action Taken: No Action Taken.
Fri Apr 22 15:49:23 2005 => System found infected with AltnetBDE Spyware/Adware (adm4.adm4)! Action taken: No Action Taken.
Fri Apr 22 15:49:23 2005 => File System Found infected by "AltnetBDE Spyware/Adware" Virus. Action Taken: No Action Taken.
Fri Apr 22 15:49:23 2005 => System found infected with AltnetBDE Spyware/Adware (adm25.adm25)! Action taken: No Action Taken.
Fri Apr 22 15:49:23 2005 => File System Found infected by "AltnetBDE Spyware/Adware" Virus. Action Taken: No Action Taken.
Fri Apr 22 15:49:23 2005 => System found infected with cydoor Spyware/Adware! Action taken: No Action Taken.
Fri Apr 22 15:49:23 2005 => File System Found infected by "cydoor Spyware/Adware" Virus. Action Taken: No Action Taken.
Fri Apr 22 15:49:23 2005 => System found infected with myway Spyware/Adware! Action taken: No Action Taken.
Fri Apr 22 15:49:23 2005 => File System Found infected by "myway Spyware/Adware" Virus. Action Taken: No Action Taken.
Fri Apr 22 15:49:23 2005 => System found infected with gator.com Spyware/Adware! Action taken: No Action Taken.
Fri Apr 22 15:49:23 2005 => File System Found infected by "gator.com Spyware/Adware" Virus. Action Taken: No Action Taken.
Fri Apr 22 15:49:23 2005 => System found infected with altnet Spyware/Adware! Action taken: No Action Taken.
Fri Apr 22 15:49:23 2005 => File System Found infected by "altnet Spyware/Adware" Virus. Action Taken: No Action Taken.
Fri Apr 22 15:51:39 2005 => System found infected with AltnetBDE Spyware/Adware (altnet signing module.exe)! Action taken: No Action Taken.
Fri Apr 22 15:51:39 2005 => File System Found infected by "AltnetBDE Spyware/Adware" Virus. Action Taken: No Action Taken.
Fri Apr 22 15:51:39 2005 => System found infected with AltnetBDE Spyware/Adware (adm.exe)! Action taken: No Action Taken.
Fri Apr 22 15:51:39 2005 => File System Found infected by "AltnetBDE Spyware/Adware" Virus. Action Taken: No Action Taken.
Fri Apr 22 15:55:44 2005 => File C:\DOKUME~1\shary\LOKALE~1\TEMPOR~1\Content.IE5\0BT7MYFP\evthtm[1].exe infected by "Trojan-Downloader.Win32.Agent.ej" Virus. Action Taken: No Action Taken.
Fri Apr 22 16:33:51 2005 => File C:\DOKUME~1\shary\LOKALE~1\TEMPOR~1\Content.IE5\XFJNDDOE\evthtm[1].exe infected by "Trojan-Downloader.Win32.Dluca.an" Virus. Action Taken: No Action Taken.
Fri Apr 22 16:33:52 2005 => File C:\DOKUME~1\shary\LOKALE~1\TEMPOR~1\Content.IE5\XFJNDDOE\evthtm[2].exe infected by "Trojan-Downloader.Win32.Dluca.an" Virus. Action Taken: No Action Taken.
Fri Apr 22 16:33:52 2005 => File C:\DOKUME~1\shary\LOKALE~1\TEMPOR~1\Content.IE5\XFJNDDOE\evthtm[3].exe infected by "Trojan-Downloader.Win32.Dluca.an" Virus. Action Taken: No Action Taken.
Fri Apr 22 16:33:53 2005 => File C:\DOKUME~1\shary\LOKALE~1\TEMPOR~1\Content.IE5\XFJNDDOE\evthtm[4].exe infected by "Trojan-Downloader.Win32.Dluca.an" Virus. Action Taken: No Action Taken.
Fri Apr 22 16:37:30 2005 => File C:\DOKUME~1\shary\LOKALE~1\TEMPOR~1\Content.IE5\YD0JQHM5\sp2ctr[1].exe infected by "Trojan-Downloader.Win32.Dluca.ai" Virus. Action Taken: No Action Taken.
Fri Apr 22 16:39:40 2005 => File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\GAINDashBar3.zip infected by "Password-protected-EXE" Virus. Action Taken: No Action Taken.
Fri Apr 22 16:43:50 2005 => File C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Temporary Internet Files\Content.IE5\N7LJ350W\evthtm[1].exe infected by "Trojan-Downloader.Win32.Dluca.an" Virus. Action Taken: No Action Taken.
Fri Apr 22 16:47:02 2005 => File C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Temporary Internet Files\Content.IE5\UT70T0ZU\evthtm[1].exe infected by "Trojan-Downloader.Win32.Dluca.an" Virus. Action Taken: No Action Taken.
Fri Apr 22 16:53:25 2005 => File C:\Dokumente und Einstellungen\shary\Lokale Einstellungen\Temporary Internet Files\Content.IE5\0BT7MYFP\evthtm[1].exe infected by "Trojan-Downloader.Win32.Agent.ej" Virus. Action Taken: No Action Taken.
Fri Apr 22 17:30:48 2005 => File C:\Dokumente und Einstellungen\shary\Lokale Einstellungen\Temporary Internet Files\Content.IE5\XFJNDDOE\evthtm[1].exe infected by "Trojan-Downloader.Win32.Dluca.an" Virus. Action Taken: No Action Taken.
Fri Apr 22 17:30:48 2005 => File C:\Dokumente und Einstellungen\shary\Lokale Einstellungen\Temporary Internet Files\Content.IE5\XFJNDDOE\evthtm[2].exe infected by "Trojan-Downloader.Win32.Dluca.an" Virus. Action Taken: No Action Taken.
Fri Apr 22 17:30:48 2005 => File C:\Dokumente und Einstellungen\shary\Lokale Einstellungen\Temporary Internet Files\Content.IE5\XFJNDDOE\evthtm[3].exe infected by "Trojan-Downloader.Win32.Dluca.an" Virus. Action Taken: No Action Taken.
Fri Apr 22 17:30:49 2005 => File C:\Dokumente und Einstellungen\shary\Lokale Einstellungen\Temporary Internet Files\Content.IE5\XFJNDDOE\evthtm[4].exe infected by "Trojan-Downloader.Win32.Dluca.an" Virus. Action Taken: No Action Taken.
Fri Apr 22 17:34:25 2005 => File C:\Dokumente und Einstellungen\shary\Lokale Einstellungen\Temporary Internet Files\Content.IE5\YD0JQHM5\sp2ctr[1].exe infected by "Trojan-Downloader.Win32.Dluca.ai" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:02:49 2005 => File C:\Programme\Norton AntiVirus\Quarantine\010848A7 infected by "Email-Worm.Win32.NetSky.b" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:02:50 2005 => File C:\Programme\Norton AntiVirus\Quarantine\01EC0C8D infected by "Trojan-Downloader.Win32.Dluca.gen" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:02:50 2005 => File C:\Programme\Norton AntiVirus\Quarantine\04F53BAC infected by "Trojan-Downloader.Win32.Dluca.gen" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:02:50 2005 => File C:\Programme\Norton AntiVirus\Quarantine\05B55BC9 infected by "not-a-virus:AdWare.Altnet.b" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:02:50 2005 => File C:\Programme\Norton AntiVirus\Quarantine\05D55A30 infected by "Email-Worm.Win32.NetSky.q" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:02:50 2005 => File C:\Programme\Norton AntiVirus\Quarantine\06007C01 infected by "Exploit.HTML.FileDownload" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:02:51 2005 => File C:\Programme\Norton AntiVirus\Quarantine\0890732F infected by "Email-Worm.Win32.NetSky.q" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:02:51 2005 => File C:\Programme\Norton AntiVirus\Quarantine\08B76B04 infected by "Exploit.HTML.FileDownload" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:02:51 2005 => File C:\Programme\Norton AntiVirus\Quarantine\0CBF1F12 infected by "Email-Worm.Win32.Sober.f" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:02:51 2005 => File C:\Programme\Norton AntiVirus\Quarantine\0CEF14DC infected by "Email-Worm.Win32.Sober.f" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:02:51 2005 => File C:\Programme\Norton AntiVirus\Quarantine\0E8B1613 infected by "Email-Worm.Win32.NetSky.b" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:02:51 2005 => File C:\Programme\Norton AntiVirus\Quarantine\110749E0 infected by "Email-Worm.Win32.NetSky.b" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:02:51 2005 => File C:\Programme\Norton AntiVirus\Quarantine\14AC1B8D infected by "Email-Worm.Win32.NetSky.d" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:02:52 2005 => File C:\Programme\Norton AntiVirus\Quarantine\198A1D4B infected by "Trojan-Downloader.Win32.Dluca.gen" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:02:52 2005 => File C:\Programme\Norton AntiVirus\Quarantine\1DF05E2E infected by "not-a-virus:AdWare.Altnet.b" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:02:53 2005 => File C:\Programme\Norton AntiVirus\Quarantine\1F313C93 infected by "Trojan-Downloader.Win32.Dluca.gen" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:02:53 2005 => File C:\Programme\Norton AntiVirus\Quarantine\1FC8135A infected by "Email-Worm.Win32.NetSky.q" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:02:53 2005 => File C:\Programme\Norton AntiVirus\Quarantine\20063116 infected by "Exploit.HTML.FileDownload" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:02:53 2005 => File C:\Programme\Norton AntiVirus\Quarantine\204F48BF infected by "Email-Worm.Win32.NetSky.d" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:02:53 2005 => File C:\Programme\Norton AntiVirus\Quarantine\23452099 infected by "not-a-virus:AdWare.Altnet.b" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:02:53 2005 => File C:\Programme\Norton AntiVirus\Quarantine\23F5370D infected by "Email-Worm.Win32.NetSky.q" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:02:53 2005 => File C:\Programme\Norton AntiVirus\Quarantine\242A56D4 infected by "Exploit.HTML.FileDownload" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:02:53 2005 => File C:\Programme\Norton AntiVirus\Quarantine\24390D5C infected by "not-a-virus:AdWare.Altnet.b" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:02:54 2005 => File C:\Programme\Norton AntiVirus\Quarantine\243C3758 infected by "not-a-virus:AdWare.Altnet.b" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:02:54 2005 => File C:\Programme\Norton AntiVirus\Quarantine\26510E8F infected by "Trojan-Downloader.Win32.Dluca.gen" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:02:54 2005 => File C:\Programme\Norton AntiVirus\Quarantine\27BC005A infected by "Email-Worm.Win32.NetSky.b" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:02:55 2005 => File C:\Programme\Norton AntiVirus\Quarantine\2A113886 infected by "Trojan-Downloader.Win32.Dluca.gen" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:02:56 2005 => File C:\Programme\Norton AntiVirus\Quarantine\2FCF4A63 infected by "Trojan-Downloader.Win32.Dluca.gen" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:02:56 2005 => File C:\Programme\Norton AntiVirus\Quarantine\339C21AF infected by "Trojan-Downloader.Win32.Dluca.gen" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:02:56 2005 => File C:\Programme\Norton AntiVirus\Quarantine\33F823CD infected by "Email-Worm.Win32.NetSky.q" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:02:56 2005 => File C:\Programme\Norton AntiVirus\Quarantine\34F45574 infected by "Email-Worm.Win32.NetSky.d" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:02:57 2005 => File C:\Programme\Norton AntiVirus\Quarantine\38752FD9 infected by "Email-Worm.Win32.NetSky.b" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:02:57 2005 => File C:\Programme\Norton AntiVirus\Quarantine\38777C8D infected by "Email-Worm.Win32.NetSky.b" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:02:58 2005 => File C:\Programme\Norton AntiVirus\Quarantine\39EC6858 infected by "Trojan-Downloader.Win32.Dluca.gen" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:02:58 2005 => File C:\Programme\Norton AntiVirus\Quarantine\3BF73EF4 infected by "Trojan-Downloader.Win32.Dluca.gen" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:02:59 2005 => File C:\Programme\Norton AntiVirus\Quarantine\3F2D5DAD infected by "Trojan-Downloader.Win32.Dluca.gen" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:02:59 2005 => File C:\Programme\Norton AntiVirus\Quarantine\457C2457 infected by "Trojan-Downloader.Win32.Dluca.gen" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:03:00 2005 => File C:\Programme\Norton AntiVirus\Quarantine\477B4BEA infected by "Trojan-Downloader.Win32.Dluca.gen" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:03:01 2005 => File C:\Programme\Norton AntiVirus\Quarantine\48F57E9E infected by "Trojan-Downloader.Win32.Dluca.gen" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:03:02 2005 => File C:\Programme\Norton AntiVirus\Quarantine\4ABD19AC infected by "Trojan-Downloader.Win32.Dluca.gen" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:03:02 2005 => File C:\Programme\Norton AntiVirus\Quarantine\5A704FE2 infected by "not-a-virus:AdWare.Altnet.b" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:03:02 2005 => File C:\Programme\Norton AntiVirus\Quarantine\5F4F5350 infected by "Exploit.HTML.IframeBof" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:03:03 2005 => File C:\Programme\Norton AntiVirus\Quarantine\5F951B3C infected by "Trojan-Downloader.Win32.Dluca.gen" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:03:03 2005 => File C:\Programme\Norton AntiVirus\Quarantine\5F9C6F35 infected by "Trojan-Downloader.Win32.Dluca.gen" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:03:03 2005 => File C:\Programme\Norton AntiVirus\Quarantine\5F9F1932 infected by "Trojan-Downloader.Win32.Dluca.gen" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:03:04 2005 => File C:\Programme\Norton AntiVirus\Quarantine\5FA3432E infected by "Trojan-Downloader.Win32.Dluca.gen" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:03:04 2005 => File C:\Programme\Norton AntiVirus\Quarantine\610F57D9 infected by "not-a-virus:Porn-Downloader.Win32.TibSystems" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:03:04 2005 => File C:\Programme\Norton AntiVirus\Quarantine\611955CE infected by "not-a-virus:Porn-Dialer.Win32.PluginAccess" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:03:05 2005 => File C:\Programme\Norton AntiVirus\Quarantine\611C7FCB infected by "Trojan-Downloader.Win32.Dluca.gen" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:03:06 2005 => File C:\Programme\Norton AntiVirus\Quarantine\612029C7 infected by "Trojan-Downloader.Win32.Dluca.gen" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:03:06 2005 => File C:\Programme\Norton AntiVirus\Quarantine\612353C4 infected by "not-a-virus:Porn-Dialer.Win32.Cyberbill" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:03:07 2005 => File C:\Programme\Norton AntiVirus\Quarantine\6147219C infected by "Trojan-Downloader.Win32.Dluca.gen" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:03:08 2005 => File C:\Programme\Norton AntiVirus\Quarantine\615B1D87 infected by "Trojan-Downloader.Win32.Dluca.gen" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:03:08 2005 => File C:\Programme\Norton AntiVirus\Quarantine\61663122 infected by "Email-Worm.Win32.NetSky.q" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:03:09 2005 => File C:\Programme\Norton AntiVirus\Quarantine\61853F58 infected by "Trojan-Downloader.Win32.Dluca.gen" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:03:09 2005 => File C:\Programme\Norton AntiVirus\Quarantine\619C0A56 infected by "Email-Worm.Win32.NetSky.q" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:03:10 2005 => File C:\Programme\Norton AntiVirus\Quarantine\619F0F3B infected by "Trojan-Downloader.Win32.Dluca.gen" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:03:10 2005 => File C:\Programme\Norton AntiVirus\Quarantine\61B63522 infected by "not-a-virus:Porn-Dialer.Win32.Generic" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:03:10 2005 => File C:\Programme\Norton AntiVirus\Quarantine\61B95F1E infected by "not-a-virus:Porn-Dialer.Win32.Generic" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:03:11 2005 => File C:\Programme\Norton AntiVirus\Quarantine\61BC091B infected by "Trojan-Downloader.Win32.Dluca.gen" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:03:11 2005 => File C:\Programme\Norton AntiVirus\Quarantine\63B83C2E infected by "not-a-virus:Porn-Dialer.Win32.Star" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:03:11 2005 => File C:\Programme\Norton AntiVirus\Quarantine\6A902082 infected by "Trojan-Downloader.Win32.Dluca.gen" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:03:12 2005 => File C:\Programme\Norton AntiVirus\Quarantine\6AAF28A5 infected by "Email-Worm.Win32.NetSky.b" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:03:12 2005 => File C:\Programme\Norton AntiVirus\Quarantine\6EC5126C infected by "Exploit.HTML.FileDownload" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:03:13 2005 => File C:\Programme\Norton AntiVirus\Quarantine\713F0DF4 infected by "Trojan-Downloader.Win32.Dluca.gen" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:03:13 2005 => File C:\Programme\Norton AntiVirus\Quarantine\737D246E infected by "Email-Worm.Win32.NetSky.d" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:03:13 2005 => File C:\Programme\Norton AntiVirus\Quarantine\74230A59 infected by "Trojan-Downloader.Win32.Dluca.gen" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:03:14 2005 => File C:\Programme\Norton AntiVirus\Quarantine\75C317FC infected by "Trojan-Downloader.Win32.Dluca.gen" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:03:14 2005 => File C:\Programme\Norton AntiVirus\Quarantine\76BF4D13 infected by "Exploit.HTML.FileDownload" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:03:15 2005 => File C:\Programme\Norton AntiVirus\Quarantine\76E62D3C infected by "Trojan-Downloader.Win32.Dluca.gen" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:03:15 2005 => File C:\Programme\Norton AntiVirus\Quarantine\7B7A40B3 infected by "Trojan-Downloader.Win32.Dluca.gen" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:03:16 2005 => File C:\Programme\Norton AntiVirus\Quarantine\7B7D6AAF infected by "Trojan-Downloader.Win32.Dluca.gen" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:03:17 2005 => File C:\Programme\Norton AntiVirus\Quarantine\7B8114AC infected by "Trojan-Downloader.Win32.Dluca.gen" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:03:18 2005 => File C:\Programme\Norton AntiVirus\Quarantine\7B843EA8 infected by "Trojan-Downloader.Win32.Dluca.gen" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:03:18 2005 => File C:\Programme\Norton AntiVirus\Quarantine\7B8768A5 infected by "Trojan-Downloader.Win32.Dluca.gen" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:03:19 2005 => File C:\Programme\Norton AntiVirus\Quarantine\7FB44657 infected by "Trojan-Downloader.Win32.Dluca.gen" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:03:19 2005 => File C:\Programme\Norton AntiVirus\Quarantine\7FBA72B1 infected by "not-a-virus:Porn-Dialer.Win32.Generic" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:03:20 2005 => File C:\Programme\Norton AntiVirus\Quarantine\7FBD1CAE infected by "not-a-virus:Porn-Dialer.Win32.Generic" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:10:22 2005 => File C:\System Volume Information\_restore{8BF12AEE-14F4-4492-8E34-6DE3CB292322}\RP377\A0058867.exe infected by "Trojan-Downloader.Win32.Agent.ej" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:10:40 2005 => File C:\System Volume Information\_restore{8BF12AEE-14F4-4492-8E34-6DE3CB292322}\RP379\A0059166.exe infected by "Trojan-Downloader.Win32.Dluca.ai" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:11:27 2005 => File C:\System Volume Information\_restore{8BF12AEE-14F4-4492-8E34-6DE3CB292322}\RP385\A0059636.exe infected by "Trojan-Downloader.Win32.Dluca.an" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:48:34 2005 => File C:\WINDOWS\Temp\Altnet\adm.exe infected by "not-a-virus:AdWare.Altnet.b" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:48:34 2005 => File C:\WINDOWS\Temp\Altnet\dmfiles.cab infected by "not-a-virus:AdWare.Altnet.b" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:48:34 2005 => File C:\WINDOWS\Temp\Altnet\mysearch.cab infected by "not-a-virus:AdWare.ToolBar.MyWay.g" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:48:35 2005 => File C:\WINDOWS\Temp\Altnet\pmexe.cab infected by "not-a-virus:AdWare.Altnet.h" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:48:35 2005 => File C:\WINDOWS\Temp\Altnet\pmfiles.cab infected by "not-a-virus:AdWare.BrilliantDigital.1007" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:48:35 2005 => File C:\WINDOWS\Temp\Altnet\Setup.exe infected by "not-a-virus:AdWare.Altnet.b" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:49:02 2005 => File C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\wtvh.dll infected by "not-a-virus:AdWare.WildTangent.b" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:49:04 2005 => File C:\WINDOWS\wt\wtupdates\wtwebdriver\files\3.3.1.001\npwthost.dll infected by "not-a-virus:AdWare.WildTangent.b" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:49:07 2005 => File C:\WINDOWS\wt\wtupdates\wtwebdriver\files\3.3.1.001\wtvh.dll infected by "not-a-virus:AdWare.WildTangent.b" Virus. Action Taken: No Action Taken.
Fri Apr 22 18:49:07 2005 => File C:\WINDOWS\wt\wtvh.dll infected by "not-a-virus:AdWare.WildTangent.b" Virus. Action Taken: No Action Taken.
Fri Apr 22 19:15:07 2005 => Total Disinfected Files: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Funde für "tagged"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Fri Apr 22 15:51:55 2005 => File C:\WINDOWS\_MSRSTRT.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken.
Fri Apr 22 17:36:16 2005 => File C:\Program Files\scom\dialers\sexcams_ch\sexcams_ch.exe tagged as not-a-virus:RiskWare.Dialer.gen. No Action Taken.
Fri Apr 22 18:13:06 2005 => File C:\System Volume Information\_restore{8BF12AEE-14F4-4492-8E34-6DE3CB292322}\RP393\A0060359.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken.
Fri Apr 22 18:49:07 2005 => File C:\WINDOWS\_MSRSTRT.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken.
Fri Apr 22 19:04:33 2005 => File D:\Röbi\Weisseradler-Script 1.071\Weisseradler-Script.exe tagged as not-a-virus:RiskWare.mIRC.6.03. No Action Taken.
Fri Apr 22 19:04:35 2005 => File D:\Röbi\Weisseradler-Script_1.071.zip tagged as not-a-virus:RiskWare.mIRC.6.03. No Action Taken.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Statistiken:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Fri Apr 22 19:15:07 2005 => Total Virus(es) Found: 123
Fri Apr 22 19:15:07 2005 => Total Errors: 152
Fri Apr 22 19:15:07 2005 => Time Elapsed: 03:25:58
Fri Apr 22 19:15:07 2005 => Total Objects Scanned: 195425
Fri Apr 22 15:46:37 2005 => Virus Database Date: 2005/04/10
Fri Apr 22 19:15:07 2005 => Virus Database Date: 2005/04/10
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~ © Haui ;-) ~~~~~~~
~~~~~~~ Dank an Cidre ~~~~~~~

Und nu???

;) LG ;)

Wechsle in den abgesicherten Modus bei deaktivierter Systemwiederherstellung:

http://www.systemwiederherstellung-d...indows-xp.html

Lösche den Inhalt folgender Ordner:
C:\Windows\Temp
C:\DOKUME~1\shary\LOKALE~1\TEMPOR~1
C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen
C:\Programme\Norton AntiVirus\Quarantine

Lösche weiterhin:
C:\WINDOWS\wt
c:\windows\system32\evthtm.exe
C:\WINDOWS\_MSRSTRT.EXE
D:\Röbi\Weisseradler-Script 1.071\Weisseradler-Script.exe
D:\Röbi\Weisseradler-Script_1.071.zip

Bevor du folgende Dateien löschst:
c:\windows\system32\sncntr.exe
C:\Program Files\scom\dialers\sexcams_ch\sexcams_ch.exe

Solltest du sie auf Diskette sichern zwecks Beweissicherung bei erhöhter Telefonrechnung.
Dazu ist dann auch folgende Seite hilfreich:
www.dialerschutz.de

Scanne dein System auch mit Spybot( http://www.safer-networking.org/de/spybotsd/index.html) und Adaware( http://www.lavasoftusa.com/german/software/adaware/) und beseitige auch noch deren Funde.Mit Spybot auch noch zusätzlich immunisieren

@cronos
mache auch noch folgendes:
systemwiederherstellung deaktivieren, neu booten, systemwiederherstellung aktivieren.

chaosman

@ chaosman

Bis auf das wiederaktivieren (was ich vergaß zu schreiben) steht doch alles da

@cronos

hast recht, habe ich übersehen. :balla:
nichts für ungut;)

chaosman :party:

33% gehen aber auch auf meine Kosten. :knuddel:

@cronos
gerne :knuddel:

chaosman

Zitat:

Fri Apr 22 15:46:37 2005 => Virus Database Date: 2005/04/10

Nach dem Löschen der Einträge:
Die alte mwav.log löschen und eScan updaten!
Erneut scannen und die Ergebnisse zusammen mit einem neuen HjT-Logfile posten.

Hi danke für eure Hilfe. Hier der neue Hijackthis Logfile:

Logfile of HijackThis v1.99.1
Scan saved at 22:31:27, on 23.04.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Nhksrv.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\System32\cisvc.exe
C:\Programme\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Center\SymWSC.exe
C:\Programme\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe
C:\PROGRA~1\MICROS~2\GAMECO~1\Common\SWTrayV4.exe
C:\WINDOWS\DELLMMKB.EXE
C:\WINDOWS\system32\SafeSignCertReg.exe
C:\Programme\Java\j2re1.4.2_03\bin\jusched.exe
C:\Programme\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe
C:\Programme\Ahead\InCD\InCD.exe
C:\Programme\QuickTime\qttask.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\tbctray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Programme\MSN Messenger\MsnMsgr.Exe
C:\Programme\Logitech\MouseWare\system\em_exec.exe
C:\Programme\Netropa\OSD.exe
C:\Programme\Messenger\msmsgs.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Programme\WinRAR\WinRAR.exe
C:\DOKUME~1\shary\LOKALE~1\Temp\Rar$EX00.984\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bluewin.ch/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Jenny\Programme\adobe\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Jenny\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programme\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programme\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [NAV CfgWiz] C:\Programme\Gemeinsame Dateien\Symantec Shared\CfgWiz.exe /GUID NAV /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SideWinderTrayV4] C:\PROGRA~1\MICROS~2\GAMECO~1\Common\SWTrayV4.exe
O4 - HKLM\..\Run: [DellTouch] C:\WINDOWS\DELLMMKB.EXE
O4 - HKLM\..\Run: [CertificateRegistration] SafeSignCertReg.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Programme\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Programme\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [TraySantaCruz] C:\WINDOWS\system32\tbctray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [LDM] C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programme\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programme\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ 4.1 - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/S...in/AvSniff.cab
O16 - DPF: {41649A90-B484-11D1-8D75-00C04FC24EE6} (WebEQ Browser Controls) - http://www.dessci.com/en/dl/wbqviewer/WebEQInstall.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/176c6f5d...dxIE601_de.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.co...?1095631794718
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/ms...downloader.cab
O16 - DPF: {B942A249-D1E7-4C11-98AE-FCB76B08747F} (RealArcadeRdxIE Class) - http://games-dl.real.com/gameconsole...rcadeRdxIE.cab
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/aio/de/check/qdiagh.cab?315
O18 - Protocol: bw+0 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {694A30DF-579E-4178-BFB8-5FFED33DFF7E} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Programme\Ahead\InCD\InCDsrv.exe
O23 - Service: Norton AntiVirus Auto-Protect-Dienst (navapsvc) - Symantec Corporation - C:\Programme\Norton AntiVirus\navapsvc.exe
O23 - Service: Netropa NHK Server (Nhksrv) - Unknown owner - C:\WINDOWS\Nhksrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Programme\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\GEMEIN~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Center\SymWSC.exe

Neuer E-Scan Logfile folgt. Lasse es heute über Nacht laufen...

;) LG ;)