Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Logilfe bitte überprüfen (https://www.trojaner-board.de/35195-logilfe-bitte-ueberpruefen.html)

rainy 11.01.2007 10:32
Logilfe bitte überprüfen
 
hey , was mir sorgen macht ist die barbstore.exe
und warum logitech am ende des logfiles so viele einträge hat oO

Logfile of HijackThis v1.99.1
Scan saved at 10:28:14, on 11.01.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!

Running processes:
C:\WINDOWS2\System32\smss.exe
C:\WINDOWS2\system32\winlogon.exe
C:\WINDOWS2\system32\services.exe
C:\WINDOWS2\system32\lsass.exe
C:\WINDOWS2\system32\Ati2evxx.exe
C:\WINDOWS2\system32\svchost.exe
C:\Programme\Panda Software\Panda Internet Security 2007\pavsrv51.exe
C:\Programme\Panda Software\Panda Internet Security 2007\AVENGINE.EXE
C:\WINDOWS2\system32\svchost.exe
C:\Programme\Panda Software\Panda Internet Security 2007\TPSrv.exe
C:\Programme\TGTSoft\StyleXP\StyleXPService.exe
c:\programme\panda software\panda internet security 2007\firewall\PNMSRV.EXE
C:\WINDOWS2\system32\spoolsv.exe
C:\Programme\Panda Software\Panda Internet Security 2007\PavFnSvr.exe
C:\Programme\Gemeinsame Dateien\Panda Software\PavShld\pavprsrv.exe
C:\Programme\Panda Software\Panda Internet Security 2007\AntiSpam\pskmssvc.exe
C:\Programme\Panda Software\Panda Internet Security 2007\PsImSvc.exe
C:\WINDOWS2\system32\svchost.exe
C:\WINDOWS2\system32\wscntfy.exe
C:\WINDOWS2\system32\Ati2evxx.exe
C:\WINDOWS2\Explorer.exe
C:\Programme\Java\jre1.5.0_10\bin\jusched.exe
C:\Programme\CyberLink\PowerDVD\PDVDServ.exe
C:\Programme\Musicmatch\Musicmatch Jukebox\mmtask.exe
C:\Programme\Saitek\Software\SaiMfd.exe
C:\WINDOWS2\system32\ctfmon.exe
C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Programme\Panda Software\Panda Internet Security 2007\SRVLOAD.EXE
C:\Programme\Opera\Opera.exe
C:\Programme\photoshop cs9\Photoshop.exe
C:\DOKUME~1\new\LOKALE~1\Temp\Adobelm_Cleanup.0001
C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe
C:\DOKUME~1\new\LOKALE~1\Temp\Adobelm_Cleanup.0001
C:\Programme\Gemeinsame Dateien\Adobe\Updater\AdobeUpdater.exe
C:\DOKUME~1\new\LOKALE~1\Temp\Rar$EX01.875\HijackThis.exe

F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS2\system32\spools.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Programme\GetRight\xx2gr.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: metaspinner GmbH - {84B94901-3645-4D80-A6B7-4D0050B19455} - C:\Programme\Preispiraten3\Preispiraten3\IEButtonAmazonInterface.dll
O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Programme\TGTSoft\StyleXP\TGT_BHO.dll
O2 - BHO: metaspinner GmbH - {CD9B7762-DFBC-42B1-BB30-02A78287B456} - C:\Programme\Preispiraten3\Preispiraten3\IEButtonEbayInterface.dll
O2 - BHO: metaspinner GmbH - {E9E027BF-C3F3-4022-8F6B-8F6D39A59684} - C:\Programme\Preispiraten3\Preispiraten3\IEButtonPPInterface.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CloneCDTray] "C:\Programme\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [RemoteControl] C:\Programme\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [Generic Host Process] C:\WINDOWS2\system32\spools.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [MMTray] C:\PROGRA~1\MUSICM~1\MUSICM~2\mm_tray.exe
O4 - HKLM\..\Run: [mmtask] "C:\Programme\Musicmatch\Musicmatch Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [Profiler] C:\Programme\Saitek\Software\ProfilerU.exe
O4 - HKLM\..\Run: [SaiMfd] C:\Programme\Saitek\Software\SaiMfd.exe
O4 - HKLM\..\Run: [LanzarP2006] "C:\DOKUME~1\dafuea\LOKALE~1\Temp\{0164FA9C-36E9-4CD8-8973-CBA35B7167B2}\{EEBA9416-3207-47E0-9022-116440599DBC}\..\..\P2006tmp\Install.exe" /SETUP:"/l0x0009"
O4 - HKLM\..\Run: [APVXDWIN] "C:\Programme\Panda Software\Panda Internet Security 2007\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [SCANINICIO] "C:\Programme\Panda Software\Panda Internet Security 2007\Inicio.exe"
O4 - HKLM\..\Run: [AGEIA PhysX SysTray] C:\Programme\AGEIA Technologies\TrayIcon.exe
O4 - HKLM\..\RunServices: [Generic Host Process] C:\WINDOWS2\system32\spools.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS2\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programme\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\SetPoint.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_10\bin\npjpi150_10.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_10\bin\npjpi150_10.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O18 - Protocol: bw+0 - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {5198C729-9371-4442-9C9D-D78A1DB9D408} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: avldr - C:\WINDOWS2\SYSTEM32\avldr.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS2\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS2\system32\ati2sgag.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Programme\Panda Software\Panda Internet Security 2007\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Programme\Gemeinsame Dateien\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Programme\Panda Software\Panda Internet Security 2007\pavsrv51.exe
O23 - Service: Panda Antispam Engine (pmshellsrv) - Panda Software International - C:\Programme\Panda Software\Panda Internet Security 2007\AntiSpam\pskmssvc.exe
O23 - Service: Panda Network Manager (PNMSRV) - Panda Software International - c:\programme\panda software\panda internet security 2007\firewall\PNMSRV.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software - C:\Programme\Panda Software\Panda Internet Security 2007\PsImSvc.exe
O23 - Service: StyleXPService - Unknown owner - C:\Programme\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Software - C:\Programme\Panda Software\Panda Internet Security 2007\TPSrv.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Programme\RealVNC\VNC4\WinVNC4.exe" -service (file missing)

Sunny 11.01.2007 14:37
Hallo. :)

Was dir mehr Sorgen machen sollte ist dieser Eintrag im Hijacklog:

Zitat:
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS2\system32\spools.exe
O4 - HKLM\..\RunServices: [Generic Host Process] C:\WINDOWS2\system32\spools.exe
Diese Einträge gehören zu folgendem Schädling:

W32/Rbot-LD

Das macht er:

Zitat:
* Ermöglicht Dritten den Zugriff auf den Computer
* Reduziert die Systemsicherheit
* Installiert sich in der Registrierung
Ich kann dir bei Backdoorbefall nur noch eine Neuinstallation ans Herz legen, alles andere wäre sinnlos. ;)

Gruß
Sunny


Alle Zeitangaben in WEZ +1. Es ist jetzt 14:52 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55