Dringend: Mein Rechner (winlogon.exe) verschickt massig Spam in die Welt!!!

**Strike110** · 17.02.2006 19:37

Hallo, ich hab ein grosses problem: ich hab auf diesem PC (is der von meiner Schwester, ich hab da eigentlich bisher nichts gefunden..) gerade per zufall bemerkt, dass ein enormer traffic durch die Anwendung "winlogon.exe" entsteht..Ich bin dem dann mal nachgegangen: jede sekunde wird eine Verbindung zu verschiedenen SMTP servern aufgebaut.Da verschickt etwas massenweise Spammails durch meine INet Leitung!

Ich hoffe ihr könnt mir helfen..Ich hab jetzt mal meiner FW eine regel für winlogon hinzugefügt..Ich will ja nicht für so eine masse von Spams verantwortlich sein

Anbei ein Hijackthis Logfile:

Code:

Logfile of HijackThis v1.99.1
Scan saved at 18:57:48, on 17.02.2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Programme\Analog Devices\SoundMAX\SMTray.exe
C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\Programme\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
G:\Kaspersky Anti-Hacker\KAVPF.exe
C:\Programme\NETGEAR WG311v2 Adapter\wlancfg5.exe
C:\Programme\NETGEAR\WG111 Configuration Utility\WG111CFG.exe
G:\Encarta 2005 Fr\Collection Encarta 2005\EDICT.EXE
C:\WINDOWS\explorer.exe
G:\Mozilla1.7.3\mozilla.exe
F:\Download\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = c:\secure32.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = c:\secure32.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = c:\secure32.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = c:\secure32.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - URLSearchHook: ICQ  Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll
F2 - REG:system.ini: Shell=explorer.exe                                                                                                    "C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\ibm00001.exe"
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - G:\Adobe\AcrobatReader7\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - G:\SPYBOT~1\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: ICQ  Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll
O4 - HKLM\..\Run: [Smapp] C:\Programme\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [MMTray] C:\Programme\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [drsmartloadb] c:\\drsmartloadb.exe
O4 - HKLM\..\Run: [KAVPersonal50] "G:\Kaspersky Anti-Virus Personal Pro\kav.exe" /minimize
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [VirtualDesktop] "G:\TweakXP\prog\virtuald.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Programme\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [PopularScreensaversWallpaper] rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\F3SCRCTR.DLL,LES
O4 - HKCU\..\Run: [PayTime] C:\WINDOWS\System32\paytime.exe
O4 - HKCU\..\Run: [CU1] C:\Programme\Common Files\VCClient\VCClient.exe
O4 - HKCU\..\Run: [CU2] C:\Programme\Common Files\VCClient\VCMain.exe
O4 - Global Startup: Adobe Reader - Schnellstart.lnk = G:\Adobe\AcrobatReader7\Reader\reader_sl.exe
O4 - Global Startup: Kaspersky Anti-Hacker.lnk = G:\Kaspersky Anti-Hacker\KAVPF.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programme\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: NETGEAR WG311v2 Smart Configuration.lnk = C:\Programme\NETGEAR WG311v2 Adapter\wlancfg5.exe
O4 - Global Startup: Smart Wizard Wireless Settings.lnk = ?
O4 - Global Startup: Webfilter.lnk = G:\AntiVirenKit InternetSecurity\Webfilter\Webfilter.exe
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Programme\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZCxdm369XXUS
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://G:\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - G:\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O16 - DPF: {3AF4DACE-36ED-42EF-9DFC-ADC34DA30CFF} (PatchInstaller.Installer) - file://D:\content\include\XPPatchInstaller.CAB
O16 - DPF: {8B1BC605-C593-4865-8F5B-05517F0CD0BB} (MSSecurityAdvisorCD Class) - file://D:\Content\include\msSecUcd.cab
O18 - Protocol: bw+0 - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~2\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {418B1271-DE7E-407D-BDE9-C9D7F761F888} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: kavsvc - Kaspersky Lab - G:\Kaspersky Anti-Virus Personal Pro\kavsvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programme\Analog Devices\SoundMAX\SMAgent.exe

Anhang 726

p.s:Nachdem ich mir das logfile mal genauer angeschaut hab, ist mir die frage gekommen, ob es nicht einfacher sei den rechner komplett neu einzurichten?? (hd formatieren, win neu drauf, und PATCHEN, der wurde ja schon ewigkeiten nicht mehr gepatcht.., update funktion is auch aus..man man man

)

Gesehen hab ich einen dialer (paytime.exe) sicher ne menge trojaner (drsmartloadb.exe??) also ich denke die lösung ist klaar..ich hätte nur gern ne bestätigung vom Profi

Vielen Dank im Voraus

**Speedy** · 17.02.2006 19:51

hi, kann das nur bestätigen, es ist einfach sicherer

virenschutz nur heute frei >> bitdefender 8 <<

wenn du zu allem genauere informationen einholen willst -> siehe hier im forum tipps und tricks.

Thema: Dringend: Mein Rechner (winlogon.exe) verschickt massig Spam in die Welt!!!

Themen-Optionen

Dringend: Mein Rechner (winlogon.exe) verschickt massig Spam in die Welt!!!

AW: Dringend: Mein Rechner (winlogon.exe) verschickt massig Spam in die Welt!!!

Aktive Benutzer

Aktive Benutzer

Ähnliche Themen

winlogon.exe Spam/Virenschleuder

Mein Rechner sendet ständig

Ist mein rechner clean???

Die Frau in der IT - Welt

Hier mein Logfile - Bitte dringend um Hilfe!

Forumregeln