Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   iexplore.exe problem! (https://www.trojaner-board.de/83821-iexplore-exe-problem.html)

DaveCop88 17.03.2010 18:28
iexplore.exe problem!
 
Hallo Leute!

Ich habe schon seit längerem das iexplore.exe Problem.

Ich habe in den anderen Threads leider nichts gefunden, was MIR helfen könnte, da das Problem bei vielen sehr individuell ist.

In Task-Manager lässt sich iexplore.exe nicht beenden und falls ich es versuche erscheinen plötzlich 3 - 5 firefox.exe oder wieder iexplore.exe Prozesse.

Hier mal mein Logfile:

Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 18:18:32, on 17.03.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS.0\System32\smss.exe
C:\WINDOWS.0\system32\winlogon.exe
C:\WINDOWS.0\system32\services.exe
C:\WINDOWS.0\system32\lsass.exe
C:\WINDOWS.0\system32\Ati2evxx.exe
C:\WINDOWS.0\system32\svchost.exe
C:\WINDOWS.0\System32\svchost.exe
C:\WINDOWS.0\system32\Ati2evxx.exe
C:\WINDOWS.0\system32\spoolsv.exe
C:\WINDOWS.0\Explorer.EXE
C:\Programme\Avira\AntiVir Desktop\sched.exe
C:\Programme\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe
C:\Programme\iTunes\iTunesHelper.exe
C:\Programme\Avira\AntiVir Desktop\avgnt.exe
C:\Programme\Google\Update\1.2.183.17\GoogleCrashHandler.exe
C:\Programme\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Programme\Logitech\SetPoint\SetPoint.exe
C:\Programme\Gemeinsame Dateien\Logishrd\KHAL2\KHALMNPR.EXE
C:\Programme\Avira\AntiVir Desktop\avguard.exe
C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programme\Application Updater\ApplicationUpdater.exe
C:\Programme\Bonjour\mDNSResponder.exe
C:\WINDOWS.0\System32\svchost.exe
C:\Programme\CDBurnerXP\NMSAccessU.exe
C:\Programme\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
C:\Programme\Pixar\RenderManProServer-13.5.2\bin\alfserver.exe
C:\Programme\Pixar\license-5.0.2\PixarLicenseServer.exe
C:\WINDOWS.0\system32\PSIService.exe
C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS.0\system32\svchost.exe
C:\Programme\iPod\bin\iPodService.exe
C:\WINDOWS.0\system32\wbem\wmiapsrv.exe
C:\WINDOWS.0\system32\taskmgr.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\WINDOWS.0\system32\msiexec.exe
C:\Programme\TrendMicro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.at
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.tuwien.ac.at/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = socks=
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programme\pdfforge Toolbar\SearchSettings.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programme\Windows Live\Toolbar\wltcore.dll
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programme\pdfforge Toolbar\SearchSettings.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Programme\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programme\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [service] C:\WINDOWS.0\system32\backup\msnmsgr.exe
O4 - HKLM\..\Run: [Winload] C:\WINDOWS.0\CTFMON\msnmsgr.exe
O4 - HKCU\..\Run: [msnmsgr] C:\WINDOWS.0\system32\backup\msnmsgr.exe
O4 - HKCU\..\Run: [CTFMON] C:\WINDOWS.0\CTFMON\msnmsgr.exe
O4 - HKLM\..\Policies\Explorer\Run: [msnmsgr.exe] C:\WINDOWS.0\CTFMON\msnmsgr.exe
O4 - HKLM\..\Policies\Explorer\Run: [] ! ówdŠÿþ…?öÞøšv5ûX
!£«‡˜7´õZn¸™€·ù³m–
€gYû™N²cË!6¾…?ý/ù¸ªû7¡…½/6Ú
q߼͹µ¿%Ä0#¢y78¥þ©
O4 - HKLM\..\Policies\Explorer\Run: [msnmsgr] C:\WINDOWS.0\system32\backup\msnmsgr.exe
O4 - HKCU\..\Policies\Explorer\Run: [msnmsgr.exe] C:\WINDOWS.0\CTFMON\msnmsgr.exe
O4 - HKCU\..\Policies\Explorer\Run: [] ! ówdŠÿþ…?öÞøšv5ûX
!£«‡˜7´õZn¸™€·ù³m–
€gYû™N²cË!6¾…?ý/ù¸ªû7¡…½/6Ú
q߼͹µ¿%Ä0#¢y78¥þ©
O4 - HKCU\..\Policies\Explorer\Run: [msnmsgr] C:\WINDOWS.0\system32\backup\msnmsgr.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS.0\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS.0\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS.0\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS.0\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send by Bluetooth - C:\Programme\IVT Corporation\BlueSoleil\TransSend\IE\tsinfo.htm
O8 - Extra context menu item: Send via &Message... - C:\Programme\IVT Corporation\BlueSoleil\TransSend\IE\tssms.htm
O8 - Extra context menu item: QQ - C:\Programme\Tencent\QQIntl\Bin\AddEmotion.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS.0\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS.0\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=www.tuwien.ac.at
O16 - DPF: {AC414988-E5BB-4C2C-873B-EA53D2F3D23A} (CCTVUpdateInstall) - http://t.live.cctv.com/ieocx/CCTVUpdateInstall.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{1B8EAB73-BB79-47E7-AD3D-5A9FEE558C2B}: NameServer = 192.168.2.1
O18 - Protocol: bw+0 - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: offline-8876480 - {3D8F5D53-EF4C-42C9-B21D-A32B11CD53DB} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\WINDOWS.0\system32\skype4com.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS.0\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS.0\system32\browseui.dll
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Application Updater - Spigot, Inc. - C:\Programme\Application Updater\ApplicationUpdater.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS.0\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS.0\system32\ati2sgag.exe
O23 - Service: BlueSoleilCS - Unknown owner - C:\Programme\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Programme\Bonjour\mDNSResponder.exe
O23 - Service: BsHelpCS - Unknown owner - C:\Programme\IVT Corporation\BlueSoleil\BsHelpCS.exe
O23 - Service: BsMobileCS - Unknown owner - C:\Programme\IVT Corporation\BlueSoleil\BsMobileCS.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate1c9beefb68f93b6) (gupdate1c9beefb68f93b6) - Google Inc. - C:\Programme\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Programme\Gemeinsame Dateien\Logitech\Bluetooth\LBTServ.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Programme\CDBurnerXP\NMSAccessU.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Programme\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: Pixar Alfred Server 13.5.2 - Unknown owner - C:\Programme\Pixar\RenderManProServer-13.5.2\bin\alfserver.exe
O23 - Service: Pixar License Server 5.0.2 - Unknown owner - C:\Programme\Pixar\license-5.0.2\PixarLicenseServer.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS.0\system32\HPZipm12.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS.0\system32\PSIService.exe
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Programme\SiSoftware\SiSoftware Sandra Lite 2010\RpcAgentSrv.exe
O23 - Service: TuneUp Drive Defrag-Dienst (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS.0\System32\TuneUpDefragService.exe

--
End of file - 23663 bytes


Bitte um Hilfe!

Franz1968 17.03.2010 18:48
Hallo DaveCop88 und :hallo:

lasse bei Virustotal die beiden folgenden Dateien scannen, evtl. vorher sichtbar machen, und poste den Ergebnislink:
Zitat:
Zitat von DaveCop88 (Beitrag 509491)
C:\WINDOWS.0\system32\backup\msnmsgr.exe
C:\WINDOWS.0\CTFMON\msnmsgr.exe
Anschließend arbeite bitte das ab (Punkt 2 und 3).

DaveCop88 17.03.2010 20:03
Danke für deine Antwort.

Hier das Ergebnislink:Link1

Link2

Ich weiß nicht wie ich mein Beitrag ändere. Bitte um kurze "Anleitung".

StLB 17.03.2010 20:17
@DaveCop88

In der URL fehlt ein Teil. Habe das mal vervollständigt ;)

Link 1

Link 2

DaveCop88 17.03.2010 20:25
Dankschön :)

Franz1968 17.03.2010 22:09
Zitat:
Zitat von Franz1968 (Beitrag 509497)
Anschließend arbeite bitte das ab (Punkt 2 und 3).
Dieser Schritt fehlt noch. ;)
Zitat:

Link 2
Welche Datei hast du da gescannt (Pfadangabe)?


Alle Zeitangaben in WEZ +1. Es ist jetzt 06:46 Uhr.

Copyright ©2000-2024, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28