Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Mein erster Logfile - könnt ihr das mal checken?

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 18.02.2007, 03:18   #1
Vocal-X
 
Mein erster Logfile - könnt ihr das mal checken? - Standard

Mein erster Logfile - könnt ihr das mal checken?



Hi Community,
ich hab ein Problem, welches hier geschildert wird:

http://www.trojaner-board.de/36394-tr-qhosts-hilfe.html


Und das hier ist der Logfile dazu:

Logfile of HijackThis v1.99.1
Scan saved at 02:41:40, on 18.02.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss. exe
C:\WINDOWS\system32\winlo gon.exe
C:\WINDOWS\system32\servi ces.exe
C:\WINDOWS\system32\lsass .exe
C:\WINDOWS\system32\Ati2e vxx.exe
C:\WINDOWS\system32\svcho st.exe
C:\WINDOWS\System32\svcho st.exe
C:\WINDOWS\system32\spool sv.exe
c:\programme\gemeinsame dateien\logitech\lvmvfm\L VPrcSrv.exe
C:\Programme\AlienGUIse\w bload.exe
C:\WINDOWS\system32\Ati2e vxx.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\scvhost.exe
C:\Programme\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
C:\Programme\Analog Devices\SoundMAX\SMAgent. exe
C:\WINDOWS\system32\svcho st.exe
C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programme\Analog Devices\SoundMAX\SMTray.e xe
C:\PROGRA~1\SSS\SIMPLESCR EENSHOT.EXE
C:\Programme\QuickTime\qt task.exe
C:\Programme\Elaborate Bytes\VirtualCloneDrive\V CDDaemon.exe
C:\Programme\DAEMON Tools\daemon.exe
C:\Programme\Logitech\Vid eo\CameraAssistant.exe
C:\WINDOWS\system32\ElkCt rl.exe
C:\Program Files\SMSC\Seticon.exe
C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe
C:\Programme\Gemeinsame Dateien\Real\Update_OB\re alsched.exe
C:\Programme\CyberLink\Po werDVD\PDVDServ.exe
C:\Programme\PowerISO\PWR ISOVM.EXE
C:\WINDOWS\system32\LVCOM SX.EXE
C:\Programme\Java\jre1.5. 0_10\bin\jusched.exe
C:\Programme\Skype\Phone\ Skype.exe
C:\Programme\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmo n.exe
C:\Programme\SlySoft\AnyD VD\AnyDVD.exe
C:\Programme\VIA\RAID\rai d_tool.exe
C:\Programme\DigitalPeers \CamTrack\camtrack.exe
C:\Programme\Logitech\Vid eo\VideoEffectsWatcher.ex e
C:\WINDOWS\System32\svcho st.exe
C:\Programme\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\wuauc lt.exe
C:\Programme\AntiVir PersonalEdition Classic\avscan.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Dokumente und Einstellungen\Uwe\Desktop \HijackThis.exe

R0 - HKCU\Software\Microsoft\I nternet Explorer\Main,Start Page = http://www.google.de/
R1 - HKLM\Software\Microsoft\I nternet Explorer\Main,Default_Pag e_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\I nternet Explorer\Main,Default_Sea rch_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\I nternet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\I nternet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
F2 - REG:system.ini: Shell=Explorer.exe scvhost.exe
F3 - REG:win.ini: run=C:\WINDOWS\scvhost.ex e
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acroba t 7.0\ActiveX\AcroIEHelper. dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5. 0_10\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [ATIPTA] C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroC heck.exe
O4 - HKLM\..\Run: [AceGain LiveUpdate] C:\Programme\AceGain\Live Update\LiveUpdate.exe
O4 - HKLM\..\Run: [smapp] C:\Programme\Analog Devices\SoundMAX\SMTray.e xe
O4 - HKLM\..\Run: [SimpleScreenshot] C:\PROGRA~1\SSS\SIMPLESCR EENSHOT.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\q ttask.exe" -atboottime
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Programme\Elabora te Bytes\VirtualCloneDrive\V CDDaemon.exe" /s
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Programme\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Programme\Logitech\Vid eo\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Programme\Logitech\Vid eo\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCt rl.exe /automation
O4 - HKLM\..\Run: [SetIcon] C:\Program Files\SMSC\Seticon.exe
O4 - HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeins ame Dateien\Real\Update_OB\re alsched.exe" -osboot
O4 - HKLM\..\Run: [RemoteControl] C:\Programme\CyberLink\Po werDVD\PDVDServ.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Programme\PowerISO\PWR ISOVM.EXE
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOM SX.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre1.5 .0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [ICQ Lite] C:\WINDOWS\scvhost.exe
O4 - HKLM\..\Run: [Windows Update] C:\WINDOWS\scvhost.exe
O4 - HKLM\..\Run: [msconfig] C:\WINDOWS\scvhost.exe
O4 - HKLM\..\Run: [Update Checker] C:\WINDOWS\scvhost.exe
O4 - HKLM\..\Run: [AntiVir] C:\WINDOWS\scvhost.exe
O4 - HKLM\..\Run: [] C:\WINDOWS\scvhost.exe
O4 - HKLM\..\RunServices: [Windows Update] C:\WINDOWS\scvhost.exe
O4 - HKLM\..\RunServices: [msconfig] C:\WINDOWS\scvhost.exe
O4 - HKLM\..\RunServices: [icq lite] C:\WINDOWS\scvhost.exe
O4 - HKLM\..\RunServices: [Update Checker] C:\WINDOWS\scvhost.exe
O4 - HKLM\..\RunServices: [AntiVir] C:\WINDOWS\scvhost.exe
O4 - HKLM\..\RunServices: [] C:\WINDOWS\scvhost.exe
O4 - HKLM\..\RunOnce: [Windows Update] C:\WINDOWS\scvhost.exe
O4 - HKLM\..\RunOnce: [msconfig] C:\WINDOWS\scvhost.exe
O4 - HKLM\..\RunOnce: [icq lite] C:\WINDOWS\scvhost.exe
O4 - HKLM\..\RunOnce: [Update Checker] C:\WINDOWS\scvhost.exe
O4 - HKLM\..\RunOnce: [AntiVir] C:\WINDOWS\scvhost.exe
O4 - HKLM\..\RunOnce: [] C:\WINDOWS\scvhost.exe
O4 - HKCU\..\Run: [Skype] "C:\Programme\Skype\Phone \Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Programme\MessengerPl us! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [NBJ] "C:\Programme\Ahead\N ero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] C:\Programme\Logitech\Vid eo\ManifestEngine.exe boot
O4 - HKCU\..\Run: [msnmsgr] "C:\Programme\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmo n.exe
O4 - HKCU\..\Run: [AnyDVD] C:\Programme\SlySoft\AnyD VD\AnyDVD.exe
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Programme\ICQLite\ICQL ite.exe -trayboot
O4 - Startup: Adobe Gamma.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration \Adobe Gamma Loader.exe
O4 - Startup: CamTrack.lnk = C:\Programme\DigitalPeers \CamTrack\camtrack.exe
O4 - Startup: MSN Pictures Displayer.lnk = C:\Programme\MSN Pictures Displayer\MSN Pictures Displayer.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acroba t 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger Agent.lnk = C:\Programme\Logitech\Des ktop Messenger\8876480\Program \LDMConf.exe
O4 - Global Startup: VIA RAID TOOL.lnk = C:\Programme\VIA\RAID\rai d_tool.exe
O8 - Extra context menu item: Choose as MSN Picture - C:\Programme\MSN Pictures Displayer\AddIEPicture.ht m
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFI CE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5. 0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5. 0_10\bin\ssv.dll
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFI CE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQL ite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQL ite.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...ca b31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloa dControl Class) - http://messenger.msn.com/download/Ms...wnload er.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary...o.cab47946.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.co m/...sh/swflash.cab
O18 - Protocol: bw+0 - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGR AP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGR AP~1.DLL
O18 - Protocol: offline-8876480 - {EE6B2C18-8802-422A-8963-2646CD203D4C} - C:\Programme\Logitech\Des ktop Messenger\8876480\Program \BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WB - C:\Programme\AlienGUIse\f astload.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLo gon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDSh ServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc .exe
O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - AVIRA GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2e vxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2s gag.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInsta nce) - MAGIX® - C:\MAGIX\Common\Database\ bin\fbserver.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Dri ver\11\Intel 32\IDriverT.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\programme\gemeinsame dateien\logitech\lvmvfm\L VPrcSrv.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programme\Analog Devices\SoundMAX\SMAgent. exe

Alt 18.02.2007, 04:02   #2
myrtille
/// TB-Ausbilder
 
Mein erster Logfile - könnt ihr das mal checken? - Standard

Mein erster Logfile - könnt ihr das mal checken?



Hi,

erstmal: Hijackthis bitte nur im entsprechenden Thread erstellen indem auch die Problembeschreibung ist.

Leider hast du kein Glück, damit
Zitat:
O4 - HKLM\..\Run: [ICQ Lite] C:\WINDOWS\scvhost.exe
O4 - HKLM\..\Run: [Windows Update] C:\WINDOWS\scvhost.exe
O4 - HKLM\..\Run: [msconfig] C:\WINDOWS\scvhost.exe
O4 - HKLM\..\Run: [Update Checker] C:\WINDOWS\scvhost.exe
O4 - HKLM\..\Run: [AntiVir] C:\WINDOWS\scvhost.exe
O4 - HKLM\..\Run: [] C:\WINDOWS\scvhost.exe
O4 - HKLM\..\RunServices: [Windows Update] C:\WINDOWS\scvhost.exe
O4 - HKLM\..\RunServices: [msconfig] C:\WINDOWS\scvhost.exe
O4 - HKLM\..\RunServices: [icq lite] C:\WINDOWS\scvhost.exe
O4 - HKLM\..\RunServices: [Update Checker] C:\WINDOWS\scvhost.exe
O4 - HKLM\..\RunServices: [AntiVir] C:\WINDOWS\scvhost.exe
O4 - HKLM\..\RunServices: [] C:\WINDOWS\scvhost.exe
O4 - HKLM\..\RunOnce: [Windows Update] C:\WINDOWS\scvhost.exe
O4 - HKLM\..\RunOnce: [msconfig] C:\WINDOWS\scvhost.exe
O4 - HKLM\..\RunOnce: [icq lite] C:\WINDOWS\scvhost.exe
O4 - HKLM\..\RunOnce: [Update Checker] C:\WINDOWS\scvhost.exe
O4 - HKLM\..\RunOnce: [AntiVir] C:\WINDOWS\scvhost.exe
O4 - HKLM\..\RunOnce: [] C:\WINDOWS\scvhost.exe
hast du einmal neuaufsetzen gewonnen.

Die im Links gegebenen Tipps werden dich zwar auch nicht schützen können(das kann niemand. ), wenn du die falschen Dateien ausführst, aber sie können einiges verhindern und bei Befall dem Trojaner durchaus Grenzen setzen.

lg myrtille
__________________


Antwort

Themen zu Mein erster Logfile - könnt ihr das mal checken?
adobe, antivir, avira, bho, ctfmon.exe, cyberlink, desktop, einstellungen, excel, explorer, firefox, helper, hijack, hijackthis, internet, internet explorer, logfile, magix, monitor, mozilla, mozilla firefox, object, pdf, poweriso, problem, server, shockwave, software, system, windows, windows xp



Ähnliche Themen: Mein erster Logfile - könnt ihr das mal checken?


  1. Mein erster Logfile ist alles ok?
    Log-Analyse und Auswertung - 14.01.2010 (3)
  2. Könnt ihr bitte mein Hijackthis Logfile checken
    Log-Analyse und Auswertung - 13.09.2008 (1)
  3. Könnt ihr mein Log checken?!?!
    Mülltonne - 05.06.2008 (0)
  4. Könnt ihr euch mal mein Logfile ansehen?
    Mülltonne - 11.08.2007 (0)
  5. Könnt ihr mir bitte mein HiJackThis-Logfile auswerten??
    Log-Analyse und Auswertung - 13.07.2007 (11)
  6. Könnt ihr bitte mein HiJacjThis - Logfile ansehen?
    Log-Analyse und Auswertung - 07.06.2007 (3)
  7. Werde about:blank hijacker nicht los: könnt Ihr bitte mal mein HJT Log checken?
    Log-Analyse und Auswertung - 24.12.2005 (2)
  8. Könnt ihr mein Log-File mal checken?
    Log-Analyse und Auswertung - 03.11.2005 (3)
  9. könnt ihr bitte den logfile checken?
    Log-Analyse und Auswertung - 01.08.2005 (3)
  10. Könnt ihr bitte mal mein Logfile checken?!
    Log-Analyse und Auswertung - 31.07.2005 (1)
  11. mein verseuchter logfile - bitte könnt ihr mal draufschauen ?
    Plagegeister aller Art und deren Bekämpfung - 27.07.2005 (3)
  12. Könnt ihr euch mein Logfile bitte mal anschauen?
    Log-Analyse und Auswertung - 23.07.2005 (3)
  13. Könnt ihr mal über mein logfile guggen
    Log-Analyse und Auswertung - 16.07.2005 (1)
  14. Könnt ihr ma mein log checken ?
    Log-Analyse und Auswertung - 10.07.2005 (5)
  15. Könnt Ihr mein Logfile bitte auswerten?
    Log-Analyse und Auswertung - 18.02.2005 (30)
  16. Mein erster Highjackthis Logfile
    Log-Analyse und Auswertung - 02.01.2005 (2)
  17. Könnt ihr bitte mein HJT-Logfile auswerten?
    Log-Analyse und Auswertung - 22.12.2004 (5)

Zum Thema Mein erster Logfile - könnt ihr das mal checken? - Hi Community, ich hab ein Problem, welches hier geschildert wird: http://www.trojaner-board.de/36394-tr-qhosts-hilfe.html Und das hier ist der Logfile dazu: Logfile of HijackThis v1.99.1 Scan saved at 02:41:40, on 18.02.2007 Platform: Windows - Mein erster Logfile - könnt ihr das mal checken?...
Archiv
Du betrachtest: Mein erster Logfile - könnt ihr das mal checken? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.