Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Unspy.....hier nochmal (https://www.trojaner-board.de/25311-unspy-nochmal.html)

DennisS. 03.01.2006 22:01
Unspy.....hier nochmal
 
moin,

mein problem ist wie folgt! nach dem start öffnet sich ein programm namens unspypc automatisch, sowie eine linkliste für Potensverstärker!
Wenn ich das Programm duchlaufen lasse oder es mit Taskmanager beende kann ich kurz zeitig garnichts mehr machen!

Hier mein Hijackthis log

Logfile of HijackThis v1.99.1
Scan saved at 21:43:08, on 03.01.2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\PROGRAMME\AVPERSONAL\AVGUARD.EXE
C:\Programme\AVPersonal\AVWUPSRV.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\Fast.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Programme\AVPersonal\AVGNT.EXE
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
C:\Programme\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Programme\Teamspeak2_RC2\TeamSpeak.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Dokumente und Einstellungen\DennisSiats\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R3 - URLSearchHook: (no name) - {39FAF6DA-1FA7-1624-1047-BE52EEBDD29B} - media64.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O4 - HKLM\..\Run: [MMTray] C:\Programme\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVGCtrl] "C:\Programme\AVPersonal\AVGNT.EXE" /min
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Gainward] C:\WINDOWS\TBPanel.exe /A
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NeroFilter] NeroFilterCheck.EXE
O4 - HKLM\..\Run: [MSN9 Startup] msn9.exe
O4 - HKLM\..\Run: [RemoteControl] C:\Programme\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Bogobot] wormexe.exe
O4 - HKLM\..\Run: [runload32] Preliminary.exe
O4 - HKLM\..\Run: [yaemu.exe] C:\WINDOWS\System32\yaemu.exe
O4 - HKLM\..\RunServices: [NeroFilter] NeroFilterCheck.EXE
O4 - HKLM\..\RunServices: [MSN9 Startup] msn9.exe
O4 - HKCU\..\Run: [LDM] \Program\
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programme\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [desktop] C:\WINDOWS\System32\idemlog.exe
O4 - HKCU\..\Run: [UnSpyPC] "C:\Programme\UnSpyPC\UnSpyPC.exe"
O4 - HKCU\..\Run: [bnui] xwiz.exe
O4 - HKCU\..\Run: [ABCXYZ] iesetupdll.exe
O4 - HKCU\..\Run: [AppMasterCenter] sysmon12.exe
O4 - Startup: Xfire.lnk = D:\Programme\Xfire\Xfire.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programme\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O12 - Plugin for .spop: C:\Programme\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1107695124234
O17 - HKLM\System\CCS\Services\Tcpip\..\{ABD3A58A-424D-4A9B-B374-FBBFCB42C510}: NameServer = 85.255.115.27 85.255.112.120
O17 - HKLM\System\CCS\Services\Tcpip\..\{D4B9E616-6BEB-44B8-8E0E-8A00ACB62338}: NameServer = 85.255.115.27,85.255.112.120
O17 - HKLM\System\CS1\Services\Tcpip\..\{ABD3A58A-424D-4A9B-B374-FBBFCB42C510}: NameServer = 85.255.115.27 85.255.112.120
O18 - Protocol: bw+0 - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: haufereader - {39198710-62F7-42CD-9458-069843FA5D32} - C:\Programme\Haufe\HaufeReader\HRInstmon.dll
O18 - Protocol: offline-8876480 - {961B6666-A263-4E27-B459-B622756E8726} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\PROGRAMME\AVPERSONAL\AVGUARD.EXE
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Programme\AVPersonal\AVWUPSRV.EXE
O23 - Service: Enables Java Support (Java) - Unknown owner - C:\WINDOWS\System32\winjava.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: AntiVir Update Temp (TmpUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\DOKUME~1\DENNIS~1\LOKALE~1\TEMP\_VWUPSRV.EXE

DennisS. 03.01.2006 22:02
musste die datei aus dem notepad heirein kopieren anders gings irgendwie nicht

hoerni26 03.01.2006 22:20
da sind sehr viele sachen die da nicht hinpassen..
ich bin mir nur nicht sicher...
mach mal bitte Hier einen onlinescan und poste das ergebniss.
dann sehen wir mal weiter..

DennisS. 03.01.2006 22:24
Known viruses: 168879 Updated: 03-01-2006
File size (Kb): 18 Virus bodies: 0
Files: 1 Warnings: 0
Archives: 0 Suspicious: 0


meinste das?

hoerni26 03.01.2006 22:25
nein...
das meine ich nicht...
ich meine das komplette logfile nach dem onlinescan..

irrlicht 03.01.2006 22:27
O4 - HKLM\..\Run: [Bogobot] wormexe.exe
O4 - HKLM\..\Run: [runload32] Preliminary.exe
O4 - HKLM\..\Run: [yaemu.exe] C:\WINDOWS\System32\yaemu.exe
Da wird mir nur vom Hingucken schwindelig.........

hoerni26 03.01.2006 22:29
@irrlicht

ist schon klar...
aber ich würd gern wissen was genau dahinter steckt??
darum

irrlicht 03.01.2006 22:31
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Mehr muß ich gar nicht wissen..............
da kann ich prima sehen was "dahintersteckt" nämlich ein Patchmuffel
Irrlicht

hoerni26 03.01.2006 22:32
hast ja recht..
würd aber gern wissen was hinter den dateien steckt die schlecht sind..

DennisS. 03.01.2006 22:41
@hoerni, ist das normal das der seit 20 min. datein runterlädt?

@irrlicht, was soll ich deiner meinung nach löschen?

hoerni26 03.01.2006 22:44
es sollten eigentlich deine daten die du auf dem system hast online gescannt werden..
mehr nicht..

DennisS. 03.01.2006 22:45
das tut er gerade

Update Kaspersky Anti-Virus Databases [28%]:

hoerni26 03.01.2006 22:46
ja das ist dann so ok...
warte mal bis der scan durch ist..

irrlicht 03.01.2006 22:59
Hallo Dennis,
wenn du mich schon fragst .....
Mach dein System neu.Es kann dir eigentlich egal sein wie der ganze Mist heißt der sich bei dir rumtreibt.Die Scannerei ist in meinen Augen reine Zeitverschwendung.Besorge dir SP2,entweder als Download von Microsoft oder bestelle die kostenlose CD.Hier ein Link was wann wie zu tun ist.Hältst du dich daran,wirst du zukünftig von solch einem Übel verschont bleiben.
http://www.trojaner-board.de/showthread.php?t=12154
Viel Erfolg
Irrlicht


Alle Zeitangaben in WEZ +1. Es ist jetzt 06:47 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131