Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Mein Logfile schaut es euch mal an! (https://www.trojaner-board.de/25351-logfile-schaut-euch-mal.html)

Deny 04.01.2006 16:34
Mein Logfile schaut es euch mal an!
 
Hi Leute bin neu hier,

habe seit den letzten Tagen eine Wurm gehabt und bin auf diese Forum gestoßen. Nachdem ich mir einige Sachen hier durchgelesen habe, fand ich die Programme zum testen, ob mein PC nicht doch befallen von Viren etc. ist. Nun kam das alles heraus als ich den eScan durchgeführt habe.

Killbox half leider nichts und mit der Smitrem-Datei wars wohl auch ncihts.

Hier mein File:

Hoffe ich habe jetzt alles wichtige eingefügt!

Muss ich evtl mein System wieder platt machen?

Danke
Dennis

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Funde für "infected"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Wed Jan 04 15:28:48 2006 => System found infected with cws.loadadv.400 Browser Hijacker ({5e2121ee-0300-11d4-8d3b-444553540000})! Action taken: No Action Taken.
Wed Jan 04 15:28:57 2006 => File C:\!KillBox\internat.VIR infected by "Trojan-Dropper.Win32.Paradrop.a" Virus! Action Taken: No Action Taken.
Wed Jan 04 15:28:57 2006 => File C:\!KillBox\scvhost.VIR infected by "Trojan-Dropper.Win32.Agent.ye" Virus! Action Taken: No Action Taken.
Wed Jan 04 15:28:57 2006 => File C:\!KillBox\scvhost.VIR00 infected by "Trojan-Dropper.Win32.Agent.ye" Virus! Action Taken: No Action Taken.
Wed Jan 04 15:28:58 2006 => File C:\!KillBox\spool32.VIR infected by "Backdoor.Win32.Rbot.gen" Virus! Action Taken: No Action Taken.
Wed Jan 04 15:28:59 2006 => File C:\!KillBox\spool32.VIR00 infected by "Backdoor.Win32.Rbot.gen" Virus! Action Taken: No Action Taken.
Wed Jan 04 15:29:00 2006 => File C:\!KillBox\spool32.VIR01 infected by "Backdoor.Win32.Rbot.gen" Virus! Action Taken: No Action Taken.
Wed Jan 04 15:29:01 2006 => File C:\!KillBox\spool32.VIR02 infected by "Backdoor.Win32.Rbot.gen" Virus! Action Taken: No Action Taken.
Wed Jan 04 15:29:01 2006 => File C:\!KillBox\winIogon.VIR infected by "Trojan-Dropper.Win32.Paradrop.a" Virus! Action Taken: No Action Taken.
Wed Jan 04 16:05:44 2006 => Scanning Folder: D:\Programme\AVPersonal\INFECTED\*.*
Wed Jan 04 16:05:44 2006 => Scanning File D:\Programme\AVPersonal\INFECTED\_CACHE_001_.VIR
Wed Jan 04 16:09:14 2006 => Total Disinfected Files: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Funde für "tagged"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Wed Jan 04 15:28:57 2006 => File C:\!KillBox\DivXPro511Adware.exe tagged as "not-a-virus:AdWare.Win32.Gator.3202". Action Taken: No Action Taken.
Wed Jan 04 15:28:57 2006 => File C:\!KillBox\GDiVX1.9.9.6.exe tagged as "not-a-virus:AdWare.Win32.GigatechSuperBar". Action Taken: No Action Taken.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Funde für "offending"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Statistiken:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Wed Jan 04 16:09:14 2006 => Total Virus(es) Found: 11
Wed Jan 04 16:09:14 2006 => Total Errors: 233
Wed Jan 04 16:09:14 2006 => Time Elapsed: 00:40:56
Wed Jan 04 16:09:14 2006 => Total Objects Scanned: 66327
Wed Jan 04 15:25:40 2006 => Virus Database Date: 1/2/2006
Wed Jan 04 15:28:04 2006 => Virus Database Date: 1/4/2006
Wed Jan 04 16:09:14 2006 => Virus Database Date: 1/4/2006
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hoerni26 04.01.2006 16:36
hallo,

also wenn dies dein aktuelles logfiel vom scan ist dann gibt es nur die lösung dein system neuaufzusetzen.
denn bei backdoor trojanr gibt es sonst keine andere lösung.
halte dich genau an die anleitung in meiner signatur...

Deny 05.01.2006 16:52
Danke für die schnelle Hilfe!

Habe heute mein System neuaufgesetzt und es sollten noch zwei Viren vorhanden sein. Die kamen aber erst als ich meine Logitechmaus installiert hatte.

Hier habe ich mal mein Logfile:

Logfile of HijackThis v1.99.1
Scan saved at 16:47:20, on 05.01.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
D:\Programme\CyberLink\PowerDVD\PDVDServ.exe
D:\Programme\Zone Labs\ZoneAlarm\zlclient.exe
D:\Programme\AVPersonal\AVGNT.EXE
C:\WINDOWS\system32\ctfmon.exe
D:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
D:\Programme\Logitech\SetPoint\SetPoint.exe
C:\Programme\Gemeinsame Dateien\Logitech\KHAL\KHALMNPR.EXE
D:\Programme\AVPersonal\AVGUARD.EXE
D:\Programme\AVPersonal\AVWUPSRV.EXE
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
D:\Programme\ICQLite\ICQLite.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\DOKUME~1\Den\LOKALE~1\Temp\Rar$EX00.266\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - D:\Programme\ICQToolbar\toolbaru.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - D:\Programme\ICQToolbar\toolbaru.dll
O4 - HKLM\..\Run: [RemoteControl] D:\Programme\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [Zone Labs Client] D:\Programme\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [AVGCtrl] "D:\Programme\AVPersonal\AVGNT.EXE" /min
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] D:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\RunOnce: [ICQ Lite] D:\Programme\ICQLite\ICQLite.exe -trayboot
O4 - Global Startup: Logitech Desktop Messenger.lnk = D:\Programme\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = D:\Programme\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &ICQ Toolbar Search - res://D:\Programme\ICQToolbar\toolbaru.dll/SEARCH.HTML
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{8D8EACFC-D3C7-429A-9793-05F4DB1591DB}: NameServer = 217.237.150.33 217.237.151.161
O18 - Protocol: bw+0 - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {2F7F559F-2AF9-4BF7-A1BE-F1142EF7E6FA} - D:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - D:\Programme\AVPersonal\AVGUARD.EXE
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - D:\Programme\AVPersonal\AVWUPSRV.EXE
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe


Dennis

Deny 05.01.2006 16:55
Hier noch die Virenauswertung über die find.bat

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Funde für "infected"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Thu Jan 05 16:01:33 2006 => System found infected with redv Spyware/Adware (insthelp.dll)! Action taken: No Action Taken.
Thu Jan 05 16:01:33 2006 => System found infected with redv Spyware/Adware (insthelp.dll)! Action taken: No Action Taken.
Thu Jan 05 16:28:38 2006 => Scanning Folder: D:\Programme\AVPersonal\INFECTED\*.*
Thu Jan 05 16:28:38 2006 => Scanning File D:\Programme\AVPersonal\INFECTED\_CACHE_001_.VIR
Thu Jan 05 16:37:57 2006 => Total Disinfected Files: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Funde für "tagged"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Funde für "offending"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Thu Jan 05 16:01:33 2006 => Offending file found: C:\DOKUME~1\Den\LOKALE~1\Temp\insthelp.dll
Thu Jan 05 16:01:33 2006 => Offending file found: C:\Dokumente und Einstellungen\Den\Lokale Einstellungen\temp\insthelp.dll
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Statistiken:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Thu Jan 05 16:37:57 2006 => Total Virus(es) Found: 2
Thu Jan 05 16:37:57 2006 => Total Errors: 37
Thu Jan 05 16:37:57 2006 => Time Elapsed: 00:36:52
Thu Jan 05 16:37:57 2006 => Total Objects Scanned: 52366
Thu Jan 05 16:00:48 2006 => Virus Database Date: 1/5/2006
Thu Jan 05 16:37:57 2006 => Virus Database Date: 1/5/2006
Thu Jan 05 16:39:13 2006 => Virus Database Date: 1/5/2006
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~ © Haui ;-) ~~~~~~~
~~~~~~~ Dank an Cidre ~~~~~~~

Deny 06.01.2006 16:17
Sorry musst mal was schreiben, da mein File immer weiter nach hinten verdrängt wurde *g*

Den


Alle Zeitangaben in WEZ +1. Es ist jetzt 19:32 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19