Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Verdammt kompliziert (https://www.trojaner-board.de/27056-verdammt-kompliziert.html)

wiXXer 21.02.2006 23:36
Verdammt kompliziert
 
hi
ich habe letztens spysherif auf meinen computer bekommen diesen aber wieder entfernt mit dem remover (smitfraud oder so was)...
jetzt habe ich nur das problem das dauernt alles verschwindet und danach wieder kommt.... (alle symbole und fenster verschwinden...nur noch das hintergrundbild ist da...und anschließend kehrt er zum desktop zurück allerdings wurden alle fenster geschlossen.) weiter kann ich erst gar keinen internetexplorer öffnen....habe schon fast alle prozesse geprüft und sämtliche virenscanner drüber laufen lassen....ohne erfolg...

hier das hjackthis logfile:

Logfile of HijackThis v1.99.1
Scan saved at 16:49:20, on 19.02.2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\AVPersonal\AVWUPSRV.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\Dit.exe
C:\Programme\Classic PhoneTools\CapFax.EXE
C:\Programme\Medion\PowerCinema\My_TV\Agent.exe
C:\WINDOWS\Logi_MwX.Exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe
C:\Programme\Java\j2re1.4.2_06\bin\jusched.exe
C:\WINDOWS\System32\LVCOMSX.EXE
C:\Programme\Logitech\Video\LogiTray.exe
C:\micros0f.exe
C:\WINDOWS\sysvx_.exe
C:\WINDOWS\sachostx.exe
C:\WINDOWS\System32\spoolsvv.exe
C:\windows\system32\drivers\helpsys\internet.exe
C:\Programme\MSN Messenger\MsnMsgr.Exe
C:\Programme\D-Link AirPlus\AIRPLUS.EXE
C:\Programme\Logitech\SetPoint\kem.exe
C:\Programme\Logitech\SetPoint\KHALMNPR.EXE
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\Logitech\Video\FxSvr2.exe
C:\WINDOWS\System32\sysvx.exe
C:\WINDOWS\System32\sachostc.exe
C:\Programme\MSN Messenger\msnmsgr.exe
C:\WINDOWS\System32\sachosts.exe
C:\WINDOWS\explorer.exe
C:\Programme\WinRAR\WinRAR.exe
C:\DOKUME~1\Luca\LOKALE~1\Temp\Rar$EX00.625\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.web.de/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.aldi.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page_bak = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - URLSearchHook: (no name) - {3263170B-D2B3-A744-9D7E-AD98B862F3CC} - C:\WINDOWS\System32\kodc.dll
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: (no name) - {3B631705-D2B3-DC43-9D0A-AA98CC12F3BB} - C:\WINDOWS\System32\kodc.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll
O3 - Toolbar: Zango Toolbar - {EA0D26BD-9029-431A-86E0-83152D67828A} - C:\Program Files\Zango Programs\Zango Toolbar\ZangoTB.dll (file missing)
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [CapFax] C:\Programme\Classic PhoneTools\CapFax.EXE
O4 - HKLM\..\Run: [Agent] C:\Programme\Medion\PowerCinema\My_TV\Agent.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\j2re1.4.2_06\bin\jusched.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Programme\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Programme\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Programme\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [Registry Control] C:\micros0f.exe
O4 - HKLM\..\Run: [SystemLoader] C:\WINDOWS\sysldr32.exe
O4 - HKLM\..\Run: [sysvx] C:\WINDOWS\sysvx_.exe
O4 - HKLM\..\Run: [WindowsUpdateNT] C:\WINDOWS\System\svwhost.exe /s
O4 - HKLM\..\Run: [HostSrv] C:\WINDOWS\sachostx.exe
O4 - HKLM\..\Run: [spoolsvv] C:\WINDOWS\System32\spoolsvv.exe
O4 - HKLM\..\Run: [Internet] C:\windows\system32\drivers\helpsys\internet.exe
O4 - HKCU\..\Run: [LDM] C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programme\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Internet] C:\windows\system32\drivers\helpsys\internet.exe
O4 - HKCU\..\Run: [Irp] C:\WINDOWS\System32\?hkdsk.exe
O4 - HKCU\..\Run: [Rlos] "C:\WINDOWS\System32\WNSXS~1\dexplore.exe" -vt mt
O4 - HKCU\..\Run: [CU1] C:\Programme\Common Files\VCClient\VCClient.exe
O4 - HKCU\..\Run: [CU2] C:\Programme\Common Files\VCClient\VCMain.exe
O4 - HKCU\..\Run: [WindowsUpdateNT] C:\WINDOWS\System\svwhost.exe
O4 - HKCU\..\Run: [Rl] "C:\WINDOWS\System32\WNSXS~1\dexplore.exe" -vt mt
O4 - Global Startup: D-Link AirPlus Utility.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programme\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MedionShop - {36AF14E3-8E6A-413E-A01F-360900AD6802} - http://www.medionshop.de (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://www.medion.de
O16 - DPF: {00000000-0000-0000-0000-000020040000} - http://207.234.185.217/ABoxInst_int13.exe
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O18 - Protocol: bw+0 - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {83B8C5F7-6238-465E-B569-C0EA28C3373F} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: nkunpack - C:\WINDOWS\SYSTEM32\nkunpack.dll
O20 - Winlogon Notify: Setup - C:\WINDOWS\system32\jt8207loe.dll
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Programme\AVPersonal\AVWUPSRV.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

würde mich über hilfe sehr freuen:)

dartus 22.02.2006 00:26
Hallo wiXXer,

Dein System ist mehr als verseucht! Da laufen mehr Schadprogramme als Systemprogramme. Die Anzahl der Backdoor-Trojaner schätze ich mal auf 7.
Hauptgrund ist Dein nicht aktuelles Betriebssystem.SP 2 und alle weiteren Sicherheitspatches müssen installiert sein!

Bei einer derartigen Verseuchung hilft nur noch eine Neuinstallation.
Empfohlene Anleitung:
http://www.trojaner-board.de/showthread.php?t=12154

dartus


Alle Zeitangaben in WEZ +1. Es ist jetzt 02:22 Uhr.

Copyright ©2000-2024, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130