| |
| |||||||
Log-Analyse und Auswertung: unerklärlicher DatenverkehrWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
22.12.2006, 01:54
| #1 |
| |  unerklärlicher Datenverkehr Hi Forum, ich seh hier bei mir unerklärlichen Datenverkehr zum Internet von wenigen kb/s für ca. 20 min und dann ist wieder Schluß. Ein netstat -e bringt mich leider auch nicht weiter. Vielleicht habt ihr einen Tip für mich, ob da was faul ist. Hier mein Hijack log: Logfile of HijackThis v1.99.1 Scan saved at 01:49:34, on 22.12.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programme\Ahead\InCD\InCDsrv.exe C:\WINDOWS\system32\spoolsv.exe C:\Programme\Portrait Displays\PerfectSuite\dtsslsrv.exe C:\Programme\Alwil Software\Avast4\aswUpdSv.exe C:\Programme\Alwil Software\Avast4\ashServ.exe C:\Programme\FRITZ!DSL\IGDCTRL.EXE C:\Programme\Portrait Displays\PerfectSuite\DTSRVC.exe C:\WINDOWS\system32\nvsvc32.exe C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\System32\PAStiSvc.exe C:\WINDOWS\system32\svchost.exe C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe C:\WINDOWS\Explorer.EXE C:\Programme\Canon\CAL\CALMAIN.exe C:\Programme\Alwil Software\Avast4\ashMaiSv.exe C:\Programme\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe C:\Programme\Picasa2\PicasaMediaDetector.exe C:\Programme\QuickTime\qttask.exe C:\Programme\Java\jre1.5.0_06\bin\jusched.exe C:\Programme\WinPortrait\wpctrl.exe C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\WINDOWS\system32\rundll32.exe C:\Programme\Rainlendar2\Rainlendar2.exe C:\Programme\Messenger\msmsgs.exe C:\Programme\SlySoft\AnyDVD\AnyDVD.exe C:\WINDOWS\system32\ctfmon.exe C:\Programme\Logitech\SetPoint\SetPoint.exe C:\program files\Lexmark Applications\QLink\QLINK.EXE C:\Programme\FRITZ!DSL\FritzDsl.exe C:\Programme\FRITZ!DSL\FwebProt.exe C:\Programme\FRITZ!DSL\StCenter.exe C:\Programme\Gemeinsame Dateien\Logitech\KHAL\KHALMNPR.EXE C:\Programme\x-shot\X-Shot 2002.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\Programme\Mozilla Thunderbird\thunderbird.exe C:\Programme\FileZilla\FileZilla.exe C:\Dokumente und Einstellungen\Martin\Desktop\HijackThis.exe O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\isuspm.exe" -startup O4 - HKLM\..\Run: [ISUSScheduler] "C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [Picasa Media Detector] C:\Programme\Picasa2\PicasaMediaDetector.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [PivotSoftware] "C:\Programme\WinPortrait\wpctrl.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKCU\..\Run: [LDM] C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [Rainlendar2] C:\Programme\Rainlendar2\Rainlendar2.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [AnyDVD] C:\Programme\SlySoft\AnyDVD\AnyDVD.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Startup: Adobe Gamma.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: FRITZ!DSL Internet.lnk = C:\Programme\FRITZ!DSL\FritzDsl.exe O4 - Startup: FRITZ!DSL Protect.lnk = C:\Programme\FRITZ!DSL\FwebProt.exe O4 - Startup: FRITZ!DSL Startcenter.lnk = C:\Programme\FRITZ!DSL\StCenter.exe O4 - Startup: Verknüpfung mit X-Shot 2002.exe.lnk = C:\Programme\x-shot\X-Shot 2002.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programme\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: PerfectSuite.lnk = C:\Programme\Portrait Displays\PerfectSuite\dthtml.exe O4 - Global Startup: QLINK.lnk = ? O4 - Global Startup: VR-NetWorld Auftragsprüfung.lnk = ? O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Send to Mindjet MindManager - {531B9DC0-D8EE-4c76-A6EE-6C1E50569655} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\programme\fritz!dsl\sarah.dll O10 - Unknown file in Winsock LSP: c:\programme\fritz!dsl\sarah.dll O10 - Unknown file in Winsock LSP: c:\programme\fritz!dsl\sarah.dll O10 - Unknown file in Winsock LSP: c:\programme\fritz!dsl\sarah.dll O10 - Unknown file in Winsock LSP: c:\programme\fritz!dsl\sarah.dll O11 - Options group: [INTERNATIONAL] International* O18 - Protocol: bw+0 - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: offline-8876480 - {4FB3AAC4-3494-4785-B297-F9ABE9545F67} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Asset Management Daemon - Unknown owner - C:\Programme\Portrait Displays\PerfectSuite\dtsslsrv.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Programme\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Programme\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programme\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Programme\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVM IGD CTRL Service - AVM Berlin - C:\Programme\FRITZ!DSL\IGDCTRL.EXE O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Programme\Canon\CAL\CALMAIN.exe O23 - Service: AVM FRITZ!web Routing Service (de_serv) - AVM Berlin - C:\Programme\Gemeinsame Dateien\AVM\de_serv.exe O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Programme\Portrait Displays\PerfectSuite\DTSRVC.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Programme\Ahead\InCD\InCDsrv.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Programme\iPod\bin\iPodService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe |
|
22.12.2006, 09:32
| #2 |
 | unerklärlicher Datenverkehr Hallo!
__________________Bis auf die 018 schaut dein System sauber aus. Aber es kan auch sein das die 018 von Log auch nicht schädlich sind. Überprüfe diese Deiten mit Jotti: http://virusscan.jotti.org/ Und poste ob diese Dateinen sauber sind. Welche Sicherheitssoftware benutzt du? Also wie siehst du den Internetverkehr? Mit: http://www.xwatch.de/ kannst du dir eine DSL Watch runterladen mit dem du dan dan siehst ob du gerade Internetverkehrsfluss hast oder nicht. Dritt der unerklärliche Internetverkehr permanet auf? Und wieviel beträgt er? Falls du ICQ oder Skype,..... verwendest brauchst du auch immer etwas Datenvolumen. lg |
|
22.12.2006, 13:18
| #3 |
| | unerklärlicher Datenverkehr danke Joschi für die Tipps...
__________________018 scheint sauber zu sein, da kommt nur ein "found nothing". Dann bin ich froh, dass ich mir dann allem Anschein nach wenigstens keinen Trojaner eingefangen hab. Meine Sicherheitsmaßnahmen: Avast Fritz DSL protect Firewall und ein aktuelles System Der Datenverkehr geht ca. 10 min lang mit jeweils ca. 3-5 kb up- und downstream. Das dann vielleicht einmal alle 2 Tage. Ich sehe das mit der Fritz DSL Software. irgendeiner meiner installierten Programme telefoniert scheinbar nachhause... seltsam dass mir ein netstat da nichts anzeigt, vielleicht ist es irgendeine Firefox-Browser Erweiterung... Danke einstweilen ciao Martin |
|
| Themen zu unerklärlicher Datenverkehr |
| adobe, antivirus, avast, avast!, bho, canon, computer, datenverkehr, desktop, dll, dsl, einstellungen, explorer, google, hijack, hijackthis, internet, internet explorer, log, mozilla, mozilla thunderbird, netstat, nvidia, picasa, programme, rundll, software, system, uleadburninghelper, unknown file in winsock lsp, windows, windows xp |
