Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Zu viel Logitch Datein (O18) (https://www.trojaner-board.de/20898-viel-logitch-datein-o18.html)

OHL 17.08.2005 17:33
Zu viel Logitech Datein (O18)
 
Hiho

Da ich kein plan habe wie so ich so viele O18 - Enumeration of existing protocols and filters Von meinem maushersteller habe Poste ich die log und warte auf eure meinung... :dummguck:

Danke im vorraus :)

Logfile of HijackThis v1.99.1
Scan saved at 18:27:25, on 17.08.2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\config\svchost.exe
C:\Programme\AVPersonal\AVGNT.EXE
C:\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Programme\ATI Technologies\ATI.ACE\CLI.exe
C:\Logitech\SetPoint\SetPoint.exe
C:\Programme\Gemeinsame Dateien\Logitech\KHAL\KHALMNPR.EXE
C:\Programme\AVPersonal\AVGUARD.EXE
C:\Programme\AVPersonal\AVWUPSRV.EXE
C:\WINDOWS\system32\ntvdm.exe
C:\T-ONLINE\BSW4\ToDuCAlC.EXE
C:\Programme\teamspeak2_RC2\TeamSpeak.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\Winamp\Winamp.exe
C:\Dokumente und Einstellungen\Paul\Desktop\nfsu\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.t-online.de/software/ie401/search.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
O4 - HKLM\..\Run: [ATIPTA] C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [dlexport] C:\Programme\Windows Media Player\dlexport.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Programme\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [ICQ Lite] C:\Programme\ICQ 4.0\ICQLite\ICQLite.exe -minimize
O4 - HKLM\..\Run: [Service Process] C:\WINDOWS\system32\config\svchost.exe
O4 - HKLM\..\Run: [AVGCtrl] C:\Programme\AVPersonal\AVGNT.EXE /min
O4 - HKCU\..\Run: [LDM] C:\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Programme\ICQ 4.0\ICQLite\ICQLite.exe -trayboot
O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Programme\ATI Technologies\ATI.ACE\CLI.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: Alles mit FlashGet laden - C:\FlashGet\jc_all.htm
O8 - Extra context menu item: Mit FlashGet laden - C:\FlashGet\jc_link.htm
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQ 4.0\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQ 4.0\ICQLite\ICQLite.exe
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\FlashGet\flashget.exe
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - ms-its:mhtml:file://c:\nosuxxx.mht!http://home.dworx.org/ax/loud.chm::/bridge-c11.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/ca...C_1_0_0_44.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.co...?1117029887294
O17 - HKLM\System\CCS\Services\Tcpip\..\{A435787E-E004-4F0C-9086-1448C20DC9AF}: NameServer = 217.237.151.161 217.237.151.33
O18 - Protocol: bw+0 - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {996B3401-B823-4972-A03E-2918E5626CE0} - C:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Programme\AVPersonal\AVGUARD.EXE
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Programme\AVPersonal\AVWUPSRV.EXE

OHL 17.08.2005 17:38
hmm wen ich log saven möchte tellt mir mein AntiVir
Das mit :crazy:

C:\DOKUMENTE UND EINSTELLUNGEN\PAUL\DESKTOP\NFSU\HIJACKTHIS.LOG

Enthält Signatur des HTML-Scriptvirus HTML/Exploit.Mhtml

Das bin ich Da ist mein HIJACKTHIS drin (Ordner)
Das Programm hatt mein kleiner bruder draufgemacht :sword2: Mit dem ich oft streiten darf wer an Pc kann...

dartus 17.08.2005 22:59
Hallo OHL,

in Deinem System ist u.u. dieser hier aktiv:
http://securityresponse.symantec.com...rker.worm.html

Grund ist Dein nicht aktuelles Betriebssytem! SP 2 und alle weiteren Sicherheitspatches müssen installiert sein!

Bei einem Trojaner mit Backdoorfunktionalität wird Dir dringend zur Neuinstallation geraten.

http://www.mathematik.uni-marburg.de...c-removal.html
http://www.mathematik.uni-marburg.de...ompromise.html
http://en.wikipedia.org/wiki/Botnet
http://de.wikipedia.org/wiki/Backdoor

Empfohlene Anleitung zur Neuinstallation

http://www.trojaner-board.de/showthread.php?t=12154

Thema Datensicherung:

http://www.trojaner-board.de/showpos...8&postcount=11

dartus

OHL 18.08.2005 16:09
Und meine log so weit ok ?


Alle Zeitangaben in WEZ +1. Es ist jetzt 04:10 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55