Your Computer is infected!

#1 Hab schon in der Suche geguckt , weiß aba nicht wie ich fortfahren soll.
Ich hoffe ihr könnt mir helfen
Hier mal der Log:


Logfile of HijackThis v1.99.1
Scan saved at 18:52:41, on 09.11.2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\WINDOWS\System32\LVCOMSX.EXE
C:\Programme\Logitech\Video\LogiTray.exe
C:\Programme\AVPersonal\AVGNT.EXE
C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
C:\Programme\Logitech\MouseWare\system\em_exec.exe
C:\Programme\Logitech\Video\FxSvr2.exe
C:\Programme\AVPersonal\AVGUARD.EXE
C:\Programme\AVPersonal\AVWUPSRV.EXE
C:\WINDOWS\System32\svchost.exe
C:\Dokumente und Einstellungen\Patrick\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: C:\WINDOWS\adsldpbd.dll - {826B2228-BC09-49F2-B5F8-42CE26B1B711} - C:\WINDOWS\adsldpbd.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\MSN Apps\MSN Toolbar\01.02.4000.1001\de\msntb.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: SecurityToolbar - {736b5468-bdad-41be-92d0-22ae2ddf7bcb} - C:\Programme\Security Toolbar\Security Toolbar.dll (file missing)
O4 - HKLM\..\Run: [NVMixerTray] "C:\Programme\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Programme\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Programme\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [AVGCtrl] C:\Programme\AVPersonal\AVGNT.EXE /min
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] C:\Programme\Logitech\Video\ManifestEngine.exe boot
O4 - HKCU\..\Run: [LDM] \Program\
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programme\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: eBay - Homepage - {EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} - C:\Programme\IrfanView\Ebay\Ebay.htm
O15 - Trusted Zone: *.coolwebsearch.com
O15 - Trusted Zone: *.searchmeup.com
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1102866605750
O16 - DPF: {83873F92-B99B-400A-9E36-52B5F4970FB7} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/sv/filesharingctrl.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O18 - Protocol: bw+0 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: gg - C:\WINDOWS\adsldpbd.dll
O20 - Winlogon Notify: st3 - C:\WINDOWS\system32\st3.dll (file missing)
O23 - Service: Adobe LM Service - Unknown owner - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Programme\AVPersonal\AVGUARD.EXE
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Programme\AVPersonal\AVWUPSRV.EXE

#2 lynx-123

CCleaner
http://www.ccleaner.com/ccdownload.asp
lösche alle temp-Dateien

kopiere hier die 4 Logs
http://virus-protect.org/datfindbat.html

kopiere hier das Log vom winpfind
http://virus-protect.org/winpfind.html

Download f-secure-Beta Trial
http://www.f-secure.com/blacklight/
doppelklick: blbeta.exe
nach dem Check klicke -- next
nun findet man eine Textdatei auf dem Desktop: kopiere sie in deinen Thread

--------------------------------------------

Info:st3_dll + C:\WINDOWS\adsldpbc.dll
http://virus-protect.org/artikel/spyware/st3_dll.html
__________
MfG Sabina

rund um die PC-Sicherheit

#3 Ich hab gerade mehrmals versucht die Logs zu posten irgendwie schneidet er dauernt etwas ab. und ich weiß grad nicht was ich jetzt machen soll. Kann ich dir die ganzen logs per mail zukommen lassen ?

#4 öffne das HijackThis -- Button "scan" -- vor die Malware-Einträge Häkchen setzen -- Button "Fix checked" -- PC neustarten

O2 - BHO: C:\WINDOWS\adsldpbd.dll - {826B2228-BC09-49F2-B5F8-42CE26B1B711} - C:\WINDOWS\adsldpbd.dll
O3 - Toolbar: SecurityToolbar - {736b5468-bdad-41be-92d0-22ae2ddf7bcb} - C:\Programme\Security Toolbar\Security Toolbar.dll (file missing)
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programme\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O15 - Trusted Zone: *.coolwebsearch.com
O15 - Trusted Zone: *.searchmeup.com
O18 - Protocol: bw+0 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {D769EEE5-714B-44A9-AB93-D30A24DC0DB2} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: gg - C:\WINDOWS\adsldpbd.dll
O20 - Winlogon Notify: st3 - C:\WINDOWS\system32\st3.dll (file missing)

PC neustarten

kopiere hier die 4 Logs
http://virus-protect.org/datfindbat.html

beginne damit, dann sehen wir weiter
__________
MfG Sabina

rund um die PC-Sicherheit

#5 Sabina der System32 log wird dauernt gekürzt. Kann ich dir schnell die TXT files per mail zukommen lassen? Die Sachen mit HJT hab ich entfernt

#6 du brauchst mir nur die Daten bis September zu schicken...die Daten von 1995 will ich nicht sehen....

unter den PM (private message) kannst du mir die message per mail zukommen lassen.
__________
MfG Sabina

rund um die PC-Sicherheit

#7 Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: 0441-6C3F

Verzeichnis von C:\WINDOWS\system32

11.11.2005 10:13 39.992 perfc009.dat
11.11.2005 10:13 311.604 perfh009.dat
11.11.2005 09:37 63.288 LVCOMSX.LOG
11.11.2005 09:37 2.206 wpa.dbl
08.11.2005 19:10 102.400 svchosts.dll
01.11.2005 17:16 316.594 perfh007.dat
01.11.2005 17:16 48.156 perfc007.dat
01.11.2005 17:16 723.744 PerfStringBackup.INI
25.09.2005 14:03 2.266 qtplugin.log
25.09.2005 14:03 380 QuickTime.qtp
18.09.2005 13:47 21.840 SIntfNT.dll
18.09.2005 13:47 17.212 SIntf32.dll
18.09.2005 13:47 12.067 SIntf16.dll
18.09.2005 13:17 43.520 CmdLineExt03.dll
15.04.2005 12:55 23.392 nscompat.tlb
15.04.2005 12:55 16.832 amcompat.tlb
06.04.2005 12:15 110.992 FNTCACHE.DAT
11.03.2005 23:48 56.832 pxcpya64.exe
11.03.2005 23:48 56.320 pxinsa64.exe
11.03.2005 23:48 109.568 pxinsi64.exe
11.03.2005 23:48 61.440 pxhpinst.exe
11.03.2005 23:48 108.544 pxcpyi64.exe
11.03.2005 23:28 151.552 pxwma.dll
11.03.2005 23:28 339.968 pxwave.dll
11.03.2005 23:28 28.672 vxblock.dll
11.03.2005 23:28 172.032 pxmas.dll
11.03.2005 23:28 405.504 pxdrv.dll
11.03.2005 23:28 339.968 px.dll
10.02.2005 21:08 1.103 lvcoinst.log
28.01.2005 14:23 9.216 asferror.dll
28.01.2005 14:23 228.352 wmerror.dll
28.01.2005 14:23 86.016 wmpshell.dll
28.01.2005 14:23 3.407.872 wmploc.dll
28.01.2005 14:23 486.400 Audiodev.dll
28.01.2005 14:23 316.416 MSWMDM.dll
28.01.2005 12:32 895.736 wmvdmod.dll
28.01.2005 12:32 2.370.296 wmvcore.dll
28.01.2005 12:32 1.218.808 wmvadvd.dll
28.01.2005 12:32 774.904 wmsdmod.dll
28.01.2005 12:32 396.528 wmadmod.dll
28.01.2005 12:32 364.784 MSSCP.dll
28.01.2005 12:32 413.944 wmspdmod.dll
28.01.2005 12:32 258.296 drmclien.dll
28.01.2005 07:53 290.816 WMDRMNet.dll
28.01.2005 07:53 335.872 WMDRMdev.dll
28.01.2005 07:53 502.272 drmv2clt.dll
28.01.2005 07:53 294.912 blackbox.dll
28.01.2005 07:53 96.768 drmstor.dll
28.01.2005 07:53 221.184 qasf.dll
28.01.2005 07:53 142.336 msnetobj.dll
28.01.2005 07:53 135.168 wmpasf.dll
28.01.2005 07:53 1.512.448 WMVADVE.DLL
28.01.2005 07:53 28.160 WMDMLOG.dll
28.01.2005 07:53 164.864 cewmdm.dll
28.01.2005 07:53 33.792 WMDMPS.dll
28.01.2005 07:53 282.624 wmpdxm.dll
28.01.2005 07:53 25.088 MsPMSNSv.dll
28.01.2005 07:53 173.568 MsPMSP.dll
28.01.2005 07:53 940.544 wmspdmoe.dll
28.01.2005 07:53 1.119.744 wmsdmoe2.dll
28.01.2005 07:53 1.594.880 wmpencen.dll
28.01.2005 07:53 716.288 wmadmoe.dll
28.01.2005 07:53 175.104 wmpsrcwp.dll
28.01.2005 07:53 1.003.008 wmvdmoe2.dll
28.01.2005 07:53 6.656 laprxy.dll
28.01.2005 07:53 224.768 wmasf.dll
28.01.2005 07:53 1.027.072 wmnetmgr.dll
28.01.2005 07:53 5.525.504 wmp.dll
28.01.2005 07:53 150.016 wmidx.dll
28.01.2005 07:52 20.480 wmpcore.dll
28.01.2005 07:52 20.480 wmp.ocx
28.01.2005 07:52 20.480 wmpcd.dll
28.01.2005 07:52 20.480 wmpui.dll
28.01.2005 00:36 38.912 wpd_ci.dll
28.01.2005 00:36 331.264 wpdsp.dll
28.01.2005 00:36 331.776 wpdmtpdr.dll
28.01.2005 00:36 114.176 wpdmtp.dll
28.01.2005 00:36 66.560 wpdmtpus.dll
28.01.2005 00:36 61.952 wpdconns.dll
28.01.2005 00:36 10.752 wpdtrace.dll
28.01.2005 00:36 47.104 uwdf.exe
28.01.2005 00:36 38.912 wdfmgr.exe
28.01.2005 00:35 15.872 wdfapi.dll
28.01.2005 00:26 360.448 l3codecp.acm
28.01.2005 00:21 96.768 logagent.exe


Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: 0441-6C3F

Verzeichnis von C:\DOKUME~1\Patrick\LOKALE~1\Temp

28.09.2001 17:00 164.864 GLB1A2B.EXE
1 Datei(en) 164.864 Bytes
0 Verzeichnis(se), 12.144.705.536 Bytes frei

Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: 0441-6C3F

Verzeichnis von C:\WINDOWS

11.11.2005 09:43 455.651 WindowsUpdate.log
11.11.2005 09:37 159 wiadebug.log
11.11.2005 09:37 50 wiaservc.log
11.11.2005 09:37 2.048 bootstat.dat
09.11.2005 22:27 32.616 SchedLgU.Txt
08.11.2005 19:34 70.656 adsldpbd.dll
08.11.2005 18:30 227 system.ini
08.11.2005 18:30 604 win.ini
07.11.2005 17:44 116 NeroDigital.ini
24.10.2005 19:21 192 winamp.ini
01.10.2005 13:33 99.970 UninstallFirefox.exe
01.10.2005 13:33 4.627 mozver.dat
29.09.2005 12:50 98.795 War3Unin.dat
20.04.2005 16:02 188 mousom.ini
15.04.2005 12:55 316.640 WMSysPr9.prx
03.04.2005 12:17 403 ODBC.INI
03.04.2005 12:17 59 vbaddin.ini
02.03.2005 20:51 118.784 bwUnin-7.2.0.137-8876480SL.exe
28.01.2005 16:07 804 _delis32.ini
28.01.2005 16:07 81.920 bwUnin-6.1.4.68-8876480L.exe


Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: 0441-6C3F

Verzeichnis von C:\

11.11.2005 10:38 0 sys.txt
11.11.2005 10:38 4.164 system.txt
11.11.2005 10:38 294 systemtemp.txt
11.11.2005 10:38 98.255 system32.txt
11.11.2005 10:24 53.150 system32-teil.txt
11.11.2005 09:37 1.610.612.736 pagefile.sys
09.11.2005 17:31 998 smitfiles.txt
08.11.2005 18:30 194 boot.ini
09.02.2005 17:42 56 scriptpack.ini
28.01.2005 16:07 183 LogiSetup.log


11/11/05 09:59:29 [Info]: BlackLight Engine 1.0.25 initialized
11/11/05 09:59:29 [Info]: OS: 5.1 build 2600 (Service Pack 1)
11/11/05 09:59:29 [Note]: 4019 4
11/11/05 09:59:29 [Note]: 4005 0
11/11/05 09:59:32 [Note]: 4006 0
11/11/05 09:59:32 [Note]: 4011 1720
11/11/05 09:59:32 [Note]: FSRAW library version 1.7.1013
11/11/05 09:59:56 [Note]: 4006 0
11/11/05 09:59:56 [Note]: 4011 1720
11/11/05 09:59:56 [Note]: FSRAW library version 1.7.1013
11/11/05 10:00:10 [Note]: 4007 0
__________
MfG Sabina

rund um die PC-Sicherheit

#8 WARNING: not all files found by this scanner are bad. Consult with a knowledgable person before proceeding.

If you see a message in the titlebar saying "Not responding..." you can ignore it. Windows somethimes displays this message due to the high volume of disk I/O. As long as the hard disk light is flashing, the program is still working properly.

»»»»»»»»»»»»»»»»» Windows OS and Versions »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Product Name: Microsoft Windows XP Current Build: Service Pack 1 Current Build Number: 2600
Internet Explorer Version: 6.0.2800.1106

»»»»»»»»»»»»»»»»» Checking Selected Standard Folders »»»»»»»»»»»»»»»»»»»»

Checking %SystemDrive% folder...

Checking %ProgramFilesDir% folder...

Checking %WinDir% folder...
UPX! 08.11.2005 19:34:22 70656 C:\WINDOWS\adsldpbd.dll
UPX! 22.08.2004 17:04:56 69120 C:\WINDOWS\daemon.dll

Checking %System% folder...
UPX! 19.07.2002 17:05:08 269312 C:\WINDOWS\SYSTEM32\devil.dll
PEC2 18.08.2001 20:00:00 41118 C:\WINDOWS\SYSTEM32\dfrg.msc
UPX! 19.07.2002 17:06:02 27648 C:\WINDOWS\SYSTEM32\ilu.dll
UPX! 19.07.2002 17:06:42 16384 C:\WINDOWS\SYSTEM32\ilut.dll
Umonitor 29.08.2002 02:43:28 660480 C:\WINDOWS\SYSTEM32\rasdlg.dll
winsync 18.08.2001 20:00:00 1309184 C:\WINDOWS\SYSTEM32\wbdbase.deu

Checking %System%\Drivers folder and sub-folders...

Items found in C:\WINDOWS\SYSTEM32\drivers\etc\hosts


Checking the Windows folder and sub-folders for system and hidden files within the last 60 days...
11.11.2005 09:37:24 S 2048 C:\WINDOWS\bootstat.dat
11.11.2005 09:50:08 H 1024 C:\WINDOWS\system32\config\default.LOG
11.11.2005 09:37:26 H 1024 C:\WINDOWS\system32\config\SAM.LOG
11.11.2005 09:47:32 H 1024 C:\WINDOWS\system32\config\SECURITY.LOG
11.11.2005 09:53:46 H 1024 C:\WINDOWS\system32\config\software.LOG
11.11.2005 09:54:58 H 32768 C:\WINDOWS\system32\config\system.LOG
17.09.2005 13:49:28 HS 388 C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\8ee3d30b-153f-4bad-9be6-52d3af80df30
17.09.2005 13:49:28 HS 24 C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\Preferred
11.11.2005 09:37:26 H 6 C:\WINDOWS\Tasks\SA.DAT

Checking for CPL files...
Microsoft Corporation 18.08.2001 20:00:00 68096 C:\WINDOWS\SYSTEM32\access.cpl
Microsoft Corporation 29.08.2002 02:43:42 583680 C:\WINDOWS\SYSTEM32\appwiz.cpl
Logitech Inc. 01.06.2004 11:02:30 282624 C:\WINDOWS\SYSTEM32\CamCpl.cpl
Microsoft Corporation 29.08.2002 02:43:42 132096 C:\WINDOWS\SYSTEM32\desk.cpl
Microsoft Corporation 18.08.2001 20:00:00 152064 C:\WINDOWS\SYSTEM32\hdwwiz.cpl
Microsoft Corporation 29.08.2002 02:43:42 293376 C:\WINDOWS\SYSTEM32\inetcpl.cpl
Microsoft Corporation 29.08.2002 02:43:42 125440 C:\WINDOWS\SYSTEM32\intl.cpl
Microsoft Corporation 18.08.2001 04:55:10 48640 C:\WINDOWS\SYSTEM32\irprops.cpl
Microsoft Corporation 29.08.2002 03:41:00 208896 C:\WINDOWS\SYSTEM32\joy.cpl
Sun Microsystems, Inc. 19.12.2004 02:51:26 49262 C:\WINDOWS\SYSTEM32\jpicpl32.cpl
Microsoft Corporation 18.08.2001 20:00:00 189440 C:\WINDOWS\SYSTEM32\main.cpl
Microsoft Corporation 18.08.2001 20:00:00 566272 C:\WINDOWS\SYSTEM32\mmsys.cpl
Microsoft Corporation 18.08.2001 20:00:00 35840 C:\WINDOWS\SYSTEM32\ncpa.cpl
Microsoft Corporation 18.08.2001 20:00:00 259072 C:\WINDOWS\SYSTEM32\nusrmgr.cpl
Microsoft Corporation 18.08.2001 20:00:00 38400 C:\WINDOWS\SYSTEM32\nwc.cpl
Microsoft Corporation 18.08.2001 20:00:00 36864 C:\WINDOWS\SYSTEM32\odbccp32.cpl
Microsoft Corporation 18.08.2001 20:00:00 111616 C:\WINDOWS\SYSTEM32\powercfg.cpl
Apple Computer, Inc. 23.09.2004 18:57:40 323072 C:\WINDOWS\SYSTEM32\QuickTime.cpl
Microsoft Corporation 29.08.2002 02:43:42 272896 C:\WINDOWS\SYSTEM32\sysdm.cpl
Microsoft Corporation 18.08.2001 20:00:00 28160 C:\WINDOWS\SYSTEM32\telephon.cpl
Microsoft Corporation 18.08.2001 20:00:00 90112 C:\WINDOWS\SYSTEM32\timedate.cpl
Microsoft Corporation 03.08.2004 13:59:08 168216 C:\WINDOWS\SYSTEM32\wuaucpl.cpl
Microsoft Corporation 18.08.2001 20:00:00 68096 C:\WINDOWS\SYSTEM32\dllcache\access.cpl
Microsoft Corporation 29.08.2002 02:43:42 583680 C:\WINDOWS\SYSTEM32\dllcache\appwiz.cpl
Microsoft Corporation 29.08.2002 02:43:42 132096 C:\WINDOWS\SYSTEM32\dllcache\desk.cpl
Microsoft Corporation 18.08.2001 20:00:00 152064 C:\WINDOWS\SYSTEM32\dllcache\hdwwiz.cpl
Microsoft Corporation 29.08.2002 02:43:42 293376 C:\WINDOWS\SYSTEM32\dllcache\inetcpl.cpl
Microsoft Corporation 29.08.2002 02:43:42 125440 C:\WINDOWS\SYSTEM32\dllcache\intl.cpl
Microsoft Corporation 29.08.2002 03:41:00 208896 C:\WINDOWS\SYSTEM32\dllcache\joy.cpl
Microsoft Corporation 18.08.2001 20:00:00 189440 C:\WINDOWS\SYSTEM32\dllcache\main.cpl
Microsoft Corporation 18.08.2001 20:00:00 566272 C:\WINDOWS\SYSTEM32\dllcache\mmsys.cpl
Microsoft Corporation 18.08.2001 20:00:00 35840 C:\WINDOWS\SYSTEM32\dllcache\ncpa.cpl
Microsoft Corporation 18.08.2001 20:00:00 259072 C:\WINDOWS\SYSTEM32\dllcache\nusrmgr.cpl
Microsoft Corporation 18.08.2001 20:00:00 38400 C:\WINDOWS\SYSTEM32\dllcache\nwc.cpl
Microsoft Corporation 18.08.2001 20:00:00 36864 C:\WINDOWS\SYSTEM32\dllcache\odbccp32.cpl
Microsoft Corporation 18.08.2001 20:00:00 111616 C:\WINDOWS\SYSTEM32\dllcache\powercfg.cpl
Microsoft Corporation 29.08.2002 02:43:42 151552 C:\WINDOWS\SYSTEM32\dllcache\sapi.cpl
Microsoft Corporation 29.08.2002 02:43:42 272896 C:\WINDOWS\SYSTEM32\dllcache\sysdm.cpl
Microsoft Corporation 18.08.2001 20:00:00 28160 C:\WINDOWS\SYSTEM32\dllcache\telephon.cpl
Microsoft Corporation 18.08.2001 20:00:00 90112 C:\WINDOWS\SYSTEM32\dllcache\timedate.cpl

»»»»»»»»»»»»»»»»» Checking Selected Startup Folders »»»»»»»»»»»»»»»»»»»»»

Checking files in %ALLUSERSPROFILE%\Startup folder...
03.12.2004 19:36:24 HS 84 C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini
28.01.2005 16:07:30 1857 C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Logitech Desktop Messenger.lnk

Checking files in %ALLUSERSPROFILE%\Application Data folder...
04.12.2004 02:23:46 HS 62 C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\desktop.ini

Checking files in %USERPROFILE%\Startup folder...
03.12.2004 19:36:24 HS 84 C:\Dokumente und Einstellungen\Patrick\Startmenü\Programme\Autostart\desktop.ini

Checking files in %USERPROFILE%\Application Data folder...
22.01.2005 17:39:52 871 C:\Dokumente und Einstellungen\Patrick\Anwendungsdaten\AdobeDLM.log
04.12.2004 02:23:46 HS 62 C:\Dokumente und Einstellungen\Patrick\Anwendungsdaten\desktop.ini
22.01.2005 17:39:52 0 C:\Dokumente und Einstellungen\Patrick\Anwendungsdaten\dm.ini

»»»»»»»»»»»»»»»»» Checking Selected Registry Keys »»»»»»»»»»»»»»»»»»»»»»»

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]

[HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers]
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\AntiVir/Win
{a7cda720-84ee-11d0-b5c0-00001b3ca278} = C:\Programme\AVPersonal\AVShlExt.DLL
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\ICQLiteMenu
{73B24247-042E-4EF5-ADC2-42F62E6FD654} = C:\Programme\ICQLite\ICQLiteShell.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\ICQMenu
{f802f260-519b-11d1-bb5d-0060974c6013} = C:\Programme\ICQ\ICQShExt.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Offline Files
{750fdf0e-2a26-11d1-a3ea-080036587f03} = %SystemRoot%\System32\cscui.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Open With
{09799AFB-AD67-11d1-ABCD-00C04FC30936} = %SystemRoot%\system32\SHELL32.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Open With EncryptionMenu
{A470F8CF-A1E8-4f65-8335-227475AA5C46} = %SystemRoot%\system32\SHELL32.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\WinRAR
{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Programme\WinRAR\rarext.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\{a2a9545d-a0c2-42b4-9708-a0b2badd77c8}
Start Menu Pin = %SystemRoot%\system32\SHELL32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\AntiVir/Win
{a7cda720-84ee-11d0-b5c0-00001b3ca278} = C:\Programme\AVPersonal\AVShlExt.DLL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\WinRAR
{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Programme\WinRAR\rarext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\EncryptionMenu
{A470F8CF-A1E8-4f65-8335-227475AA5C46} = %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\ICQLiteMenu
{73B24247-042E-4EF5-ADC2-42F62E6FD654} = C:\Programme\ICQLite\ICQLiteShell.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\ICQMenu
{f802f260-519b-11d1-bb5d-0060974c6013} = C:\Programme\ICQ\ICQShExt.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\Offline Files
{750fdf0e-2a26-11d1-a3ea-080036587f03} = %SystemRoot%\System32\cscui.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\Sharing
{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} = ntshrui.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\WinRAR
{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Programme\WinRAR\rarext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{0D2E74C4-3C34-11d2-A27E-00C04FC30871}
= %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{24F14F01-7B1C-11d1-838f-0000F80461CF}
= %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{24F14F02-7B1C-11d1-838f-0000F80461CF}
= %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{66742402-F9B9-11D1-A202-0000F81FEDEE}
= %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{F9DB5320-233E-11D1-9F84-707F02C10627}
= C:\Programme\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{826B2228-BC09-49F2-B5F8-42CE26B1B711}
C:\WINDOWS\adsldpbd.dll = C:\WINDOWS\adsldpbd.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{4D5C8C25-D075-11d0-B416-00C04FB90376}
&Tipps und Tricks = %SystemRoot%\System32\shdocvw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} = MSN : C:\Programme\MSN Apps\MSN Toolbar\01.02.4000.1001\de\msntb.dll
{8E718888-423F-11D2-876E-00A0C9082467} = &Radio : C:\WINDOWS\System32\msdxm.ocx

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}
MenuText = Sun Java Konsole : C:\Programme\Java\jre1.5.0\bin\npjpi150.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{6224f700-cba3-4071-b251-47cb894244cd}
ButtonText = ICQ Pro : C:\PROGRA~1\ICQ\ICQ.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B863453A-26C3-4e1f-A54D-A2CD196348E9}
ButtonText = ICQ Lite : C:\Programme\ICQLite\ICQLite.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A}
ButtonText = eBay - Homepage : C:\Programme\IrfanView\Ebay\Ebay.htm

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars]
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{32683183-48a0-441b-a342-7c2a440a9478}
Media Band = %SystemRoot%\System32\browseui.dll

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar]
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser
{01E04581-4EEE-11D0-BFE9-00AA005B4383} = &Adresse : %SystemRoot%\System32\browseui.dll
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser
{01E04581-4EEE-11D0-BFE9-00AA005B4383} = &Adresse : %SystemRoot%\System32\browseui.dll
{0E5CBF21-D15F-11D0-8301-00AA005B4383} = &Links : %SystemRoot%\system32\SHELL32.dll
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} = MSN : C:\Programme\MSN Apps\MSN Toolbar\01.02.4000.1001\de\msntb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
NVMixerTray "C:\Programme\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
LogitechVideoRepair C:\Programme\Logitech\Video\ISStart.exe
LVCOMSX C:\WINDOWS\System32\LVCOMSX.EXE
LogitechVideoTray C:\Programme\Logitech\Video\LogiTray.exe
Logitech Utility Logi_MwX.Exe
AVGCtrl C:\Programme\AVPersonal\AVGNT.EXE /min

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
IMAIL Installed = 1
MAPI Installed = 1
MSFS Installed = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
LogitechSoftwareUpdate C:\Programme\Logitech\Video\ManifestEngine.exe boot
LDM \Program\
SpybotSD TeaTimer C:\Programme\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\load]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Adobe Gamma Loader.lnk
path C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Gamma Loader.lnk
backup C:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup
location Common Startup
command C:\PROGRA~1\GEMEIN~1\Adobe\CALIBR~1\ADOBEG~1.EXE
item Adobe Gamma Loader
path C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Gamma Loader.lnk
backup C:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup
location Common Startup
command C:\PROGRA~1\GEMEIN~1\Adobe\CALIBR~1\ADOBEG~1.EXE
item Adobe Gamma Loader

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Adobe Reader - Schnellstart.lnk
path C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Reader - Schnellstart.lnk
backup C:\WINDOWS\pss\Adobe Reader - Schnellstart.lnkCommon Startup
location Common Startup
command C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE
item Adobe Reader - Schnellstart
path C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Reader - Schnellstart.lnk
backup C:\WINDOWS\pss\Adobe Reader - Schnellstart.lnkCommon Startup
location Common Startup
command C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE
item Adobe Reader - Schnellstart

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Kodak EasyShare Software.lnk
path C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Kodak EasyShare Software.lnk
backup C:\WINDOWS\pss\Kodak EasyShare Software.lnkCommon Startup
location Common Startup
command C:\PROGRA~1\Kodak\KODAKE~1\bin\EASYSH~1.EXE -h
item Kodak EasyShare Software
path C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Kodak EasyShare Software.lnk
backup C:\WINDOWS\pss\Kodak EasyShare Software.lnkCommon Startup
location Common Startup
command C:\PROGRA~1\Kodak\KODAKE~1\bin\EASYSH~1.EXE -h
item Kodak EasyShare Software

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^KODAK Software Updater.lnk
path C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\KODAK Software Updater.lnk
backup C:\WINDOWS\pss\KODAK Software Updater.lnkCommon Startup
location Common Startup
command C:\PROGRA~1\Kodak\KODAKS~1\7288971\Program\BACKWE~1.EXE
item KODAK Software Updater
path C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\KODAK Software Updater.lnk
backup C:\WINDOWS\pss\KODAK Software Updater.lnkCommon Startup
location Common Startup
command C:\PROGRA~1\Kodak\KODAKS~1\7288971\Program\BACKWE~1.EXE
item KODAK Software Updater

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Logitech Desktop Messenger.lnk
path C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Logitech Desktop Messenger.lnk
backup C:\WINDOWS\pss\Logitech Desktop Messenger.lnkCommon Startup
location Common Startup
command C:\PROGRA~1\Logitech\DESKTO~1\8876480\Program\LDMConf.exe /start
item Logitech Desktop Messenger
path C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Logitech Desktop Messenger.lnk
backup C:\WINDOWS\pss\Logitech Desktop Messenger.lnkCommon Startup
location Common Startup
command C:\PROGRA~1\Logitech\DESKTO~1\8876480\Program\LDMConf.exe /start
item Logitech Desktop Messenger

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Microsoft Office.lnk
path C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Microsoft Office.lnk
backup C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup
location Common Startup
command C:\PROGRA~1\MICROS~2\Office\OSA9.EXE -b -l
item Microsoft Office
path C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Microsoft Office.lnk
backup C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup
location Common Startup
command C:\PROGRA~1\MICROS~2\Office\OSA9.EXE -b -l
item Microsoft Office

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Dokumente und Einstellungen^Patrick^Startmenü^Programme^Autostart^Mousometer.lnk
path C:\Dokumente und Einstellungen\Patrick\Startmenü\Programme\Autostart\Mousometer.lnk
backup C:\WINDOWS\pss\Mousometer.lnkStartup
location Startup
command C:\PROGRA~1\MOUSOM~1\MOUSOM~1.EXE
item Mousometer
path C:\Dokumente und Einstellungen\Patrick\Startmenü\Programme\Autostart\Mousometer.lnk
backup C:\WINDOWS\pss\Mousometer.lnkStartup
location Startup
command C:\PROGRA~1\MOUSOM~1\MOUSOM~1.EXE
item Mousometer

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ATIPTA
key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item atiptaxx
hkey HKLM
command C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
inimapping 0
key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item atiptaxx
hkey HKLM
command C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
inimapping 0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CloneCDTray
key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item CloneCDTray
hkey HKLM
command "C:\Programme\SlySoft\CloneCD\CloneCDTray.exe" /s
inimapping 0
key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item CloneCDTray
hkey HKLM
command "C:\Programme\SlySoft\CloneCD\CloneCDTray.exe" /s
inimapping 0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CTFMON.EXE
key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item ctfmon
hkey HKCU
command C:\WINDOWS\System32\ctfmon.exe
inimapping 0
key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item ctfmon
hkey HKCU
command C:\WINDOWS\System32\ctfmon.exe
inimapping 0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools-1033
key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item daemon
hkey HKLM
command "C:\Programme\D-Tools\daemon.exe" -lang 1033
inimapping 0
key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item daemon
hkey HKLM
command "C:\Programme\D-Tools\daemon.exe" -lang 1033
inimapping 0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ICQ Lite
key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item ICQLite
hkey HKLM
command C:\Programme\ICQLite\ICQLite.exe -minimize
inimapping 0
key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item ICQLite
hkey HKLM
command C:\Programme\ICQLite\ICQLite.exe -minimize
inimapping 0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LDM
key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item BackWeb-8876480
hkey HKCU
command C:\Programme\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
inimapping 0
key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item BackWeb-8876480
hkey HKCU
command C:\Programme\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
inimapping 0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Logitech Utility
key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item Logi_MwX
hkey HKLM
command Logi_MwX.Exe
inimapping 0
key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item Logi_MwX
hkey HKLM
command Logi_MwX.Exe
inimapping 0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\msnappau
key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item msnappau
hkey HKLM
command "C:\Programme\MSN Apps\Updater\01.02.3000.1001\de\msnappau.exe"
inimapping 0
key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item msnappau
hkey HKLM
command "C:\Programme\MSN Apps\Updater\01.02.3000.1001\de\msnappau.exe"
inimapping 0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MsnMsgr
key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item MsnMsgr
hkey HKCU
command "C:\Programme\MSN Messenger\MsnMsgr.Exe" /background
inimapping 0
key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item MsnMsgr
hkey HKCU
command "C:\Programme\MSN Messenger\MsnMsgr.Exe" /background
inimapping 0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NeroFilterCheck
key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item NeroCheck
hkey HKLM
command C:\WINDOWS\system32\NeroCheck.exe
inimapping 0
key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item NeroCheck
hkey HKLM
command C:\WINDOWS\system32\NeroCheck.exe
inimapping 0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task
key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item qttask
hkey HKLM
command "C:\Programme\QuickTime\qttask.exe" -atboottime
inimapping 0
key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item qttask
hkey HKLM
command "C:\Programme\QuickTime\qttask.exe" -atboottime
inimapping 0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Steam
key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item Steam
hkey HKCU
command D:\Steam\\Steam.exe -silent
inimapping 0
key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item Steam
hkey HKCU
command D:\Steam\\Steam.exe -silent
inimapping 0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched
key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item jusched
hkey HKLM
command C:\Programme\Java\jre1.5.0\bin\jusched.exe
inimapping 0
key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item jusched
hkey HKLM
command C:\Programme\Java\jre1.5.0\bin\jusched.exe
inimapping 0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WinampAgent
key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item winampa
hkey HKLM
command C:\Programme\Winamp\winampa.exe
inimapping 0
key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item winampa
hkey HKLM
command C:\Programme\Winamp\winampa.exe
inimapping 0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\state
system.ini 0
win.ini 0
bootini 0
services 0
startup 2


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum
{BDEADF00-C265-11D0-BCED-00A0C90AB50F} = C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} =
{0DF44EAA-FF21-4412-828E-260A8728E7F1} =


HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ratings

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system
dontdisplaylastusername 0
legalnoticecaption
legalnoticetext
shutdownwithoutlogon 1
undockwithoutlogon 1
DisableTaskMgr 0


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies]

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop
NoChangingWallPaper 0

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
NoDriveTypeAutoRun 145
NoActiveDesktop 0
NoSaveSettings 0
ClassicShell 0
NoThemesTab 0

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
DisableTaskMgr 0
NoColorChoice 0
NoSizeChoice 0
NoDispScrSavPage 0
NoDispCPL 0
NoVisualStyleChoice 0
NoDispSettingsPage 0
NoDispAppearancePage 0
NoDispBackgroundPage 0


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
PostBootReminder {7849596a-48ea-486e-8937-a2a3009f31a9} = %SystemRoot%\system32\SHELL32.dll
CDBurn {fbeb8a05-beee-4442-804e-409d6c4515e9} = %SystemRoot%\system32\SHELL32.dll
WebCheck {E6FB5E20-DE35-11CF-9C87-00AA005127ED} = %SystemRoot%\System32\webcheck.dll
SysTray {35CEC8A3-2BE6-11D2-8773-92E220524153} = C:\WINDOWS\System32\stobject.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINDOWS\system32\userinit.exe,
Shell = Explorer.exe
System =

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent
= Ati2evxx.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain
= crypt32.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet
= cryptnet.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll
= cscdll.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\gg
= C:\WINDOWS\adsldpbd.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp
= wlnotify.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule
= wlnotify.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy
= sclgntfy.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn
= WlNotify.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\st3
= C:\WINDOWS\system32\st3.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv
= wlnotify.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon
= wlnotify.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Your Image File Name Here without a path
Debugger = ntsd -d

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
AppInit_DLLs


»»»»»»»»»»»»»»»»»»»»»»»» Scan Complete »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
WinPFind v1.4.1 - Log file written to "WinPFind.Txt" in the WinPFind folder.
Scan completed on 11.11.2005 09:55:03
__________
MfG Sabina

rund um die PC-Sicherheit

#9 KILLBOX - Pocket KillBox
http://virus-protect.org/killbox.html

Delete File on Reboot -- anhaken
reinkopieren:

C:\WINDOWS\system32\svchosts.dll
C:\WINDOWS\system32\st3.dll
C:\WINDOWS\adsldpbd.dll

und klicke auf das rote Kreuz, wenn gefragt wird, ob "Do you want to reboot? "---- klicke auf "no",und kopiere das nächste rein, erst beim letzten auf "yes"

PC neustarten

Fixe mit dem HijackTHis:

O2 - BHO: C:\WINDOWS\adsldpbd.dll - {826B2228-BC09-49F2-B5F8-42CE26B1B711} - C:\WINDOWS\adsldpbd.dll
O3 - Toolbar: SecurityToolbar - {736b5468-bdad-41be-92d0-22ae2ddf7bcb} - C:\Programme\Security Toolbar\Security Toolbar.dll (file missing)
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programme\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O15 - Trusted Zone: *.coolwebsearch.com
O15 - Trusted Zone: *.searchmeup.com
O20 - Winlogon Notify: gg - C:\WINDOWS\adsldpbd.dll
O20 - Winlogon Notify: st3 - C:\WINDOWS\system32\st3.dll (file missing)

PC neustarten

counterspy
http://virus-protect.org/counterspy.html
nach dem Scan muss man sich entscheiden für:

*Ignore
*Remove
*Quarantaine

wähle immer Remove und starte den PC neu (dann kopiere den Scanreport ab und ins Sicherheitsforum)
__________
MfG Sabina

rund um die PC-Sicherheit

#10

Zitat

Dawid postete

Zitat

könnt ihr mal bitte mein logfile angucken.
Ich hatte so ein sherrif kack drauf und your computer is infected, jetzt nerven mich so rot weisse kreuze unten in der taskleiste.Alles ist langsamer und es nervt einfach bitte bitte helft mir

wenn du weiter doppeltpostest, werden deinen Anfragen nicht mehr beantwortet

http://board.protecus.de/t19313-lastpage.htm
__________
MfG Sabina

rund um die PC-Sicherheit

#11 Servus, bin neu im Board, vll. lern ich ja noch was. Aber ich denk mal zu diesen Forum folgendes... Man kann ja auch 1000km laufen, wenn der weg 5 km weit weg ist. Was ich damit meine ist folgendes. Hab genau den gleich shit auf dem rechner gehabt, was mich am meisten geärgert hat, ist die zuverlässigkeit vom antivir. Ein Kumpel lachte mich noch aus, weil er Norton benutzt, das ja angeblich besser sei.... Aber schwups, hat er genau den gleichen dreck. Wir sind grad dabei herrauszufinden, was wir gleiches am Pc treiben vl. sind es doch die schönen seiten im netz :-P ne Joke, aber folgendes. ...
Ich hab einfach Systemwiederherstellung gemacht, und bin Clean wie noch nie ... Postet bitte wenn ihr irgendetwas daran auszusetzten habt, vl. ist das ja nur ein großer fehler den ich da gemacht hab.. Aufjeden fall ist das ding weg, und ich muss mir nicht jede 2 minuten anhören:"'Your Cmputer is Infecdet, please use Antispy Software... bla bla bla"... Bis dann

#12 Hallo@palm-bistro
ich schau mal nach ...interessiert mich

kopiere hier die 4 Textdateien
http://virus-protect.org/datfindbat.html
__________
MfG Sabina

rund um die PC-Sicherheit

#13 Hallo Sabina ...

kenn dieses hijack nicht. Hab mich noch nie mit sowas beschäfftigt. mal ne frage... was machst du beruflich, weil du scheinst brutal begabt zu sein... Ich denke selber nicht dass ich den Virus vollständig damit vernichtet hab, bin aber aufjedenfall weiter als jeder andere hier in diesem forum.- manchmal liegt die antwort näher als man denkt sag ich mir immer
mail back thx

#14

Zitat

kenn dieses hijack nicht

die datfindbat ist kein HijackThis, sondern zeigt mir was alles so auf dem PC versammelt ist

Verzeichnis von C:\WINDOWS\system32
Verzeichnis von C:\DOKUME~1\Username\LOKALE~1\Temp
Verzeichnis von C:\WINDOWS
Verzeichnis von C:\
http://virus-protect.org/datfindbat.html
__________
MfG Sabina

rund um die PC-Sicherheit

#15 das mistviech scheint extremst umzugehen, oder?
ich hab das auch bekommen.
sitz hier schon paar h am rechner und versuch das teil runterzuschmeissen...
hab wohl nur ad-aware und regcleaner.
reicht das?