hijackthis log bitte mal ansehen wer zeit hat!Thema ist geschlossen! |
||
---|---|---|
Thema ist geschlossen! |
||
#0
| ||
14.01.2006, 21:06
Member
Beiträge: 26 |
||
|
||
15.01.2006, 10:33
Ehrenmitglied
Beiträge: 6028 |
#2
Lade mal Spybot s&d ohne TeaTimer http://www.majorgeeks.com/download2471.html
Und Download CleanUp http://www.stevengould.org/downloads/cleanup/CleanUp40.exe Einstellungen sehe Anhang Anhang: ClaenUp.JPG __________ MfG Argus |
|
|
||
15.01.2006, 17:30
Member
Themenstarter Beiträge: 26 |
#3
spybot hab ich schon durchlaufen lassen, hat eh 23 einträge gefunden und beseitigt.....clean up hab ich vergessen, danke für den tipp!
zu den cleanup einstellungen.....welche cookies werden gelöscht....auch passwörter und usernames für diverse seiten? Dieser Beitrag wurde am 15.01.2006 um 17:33 Uhr von demoness editiert.
|
|
|
||
15.01.2006, 18:30
Ehrenmitglied
Beiträge: 6028 |
#4
Du kannst es auch mit CCleaner versuchen da kann man die Cookies einstellen
http://www.filehippo.com/download_ccleaner/ Ich hatte noch nie probleme mit CleanUp Und alle meine Passwörter hab ich auf ein floppie gespeichert __________ MfG Argus Dieser Beitrag wurde am 15.01.2006 um 18:35 Uhr von Arnold editiert.
|
|
|
||
25.01.2006, 21:54
Member
Themenstarter Beiträge: 26 |
#5
so danke hat super geklappt nur hab ich ein neues problem, bei nem freund
hab spybot und cleanup durchlaufen lassen, aber spybot kann 4 probleme (von über 400!!) nicht beseitigen, auch nicht nach direktem scanvorgang nach dem rebooten.....vielleicht könnt ihr mir helfen, hier das logfile (da is bestimmt! noch jede menge anderer schrott drinnen so lang wie das is) Logfile of HijackThis v1.99.1 Scan saved at 21:50:47, on 25.01.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wdfmgr.exe C:\WINDOWS\System32\alg.exe C:\Programme\IC\Card Reader Driver v1.9e2\Disk_Monitor.exe C:\Programme\Java\jre1.5.0_01\bin\jusched.exe C:\Programme\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe C:\Programme\iTunes\iTunesHelper.exe C:\Programme\Logitech\MouseWare\system\em_exec.exe C:\Programme\BurnQuick\BQTray.exe C:\WINDOWS\system32\ctfmon.exe C:\Programme\iPod\bin\iPodService.exe C:\Programme\MSN Messenger\MsnMsgr.Exe C:\Programme\Messenger\msmsgs.exe C:\Programme\TTMessenger 2.1\spool\PDFSaver.exe C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\WINDOWS\system32\RunDLL32.exe C:\Programme\ouea\moel.exe C:\Programme\EQTraffic\EQTraffic.exe C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Programme\Kodak\Kodak EasyShare Software\bin\EasyShare.exe C:\Programme\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe C:\Dokumente und Einstellungen\andy\Desktop\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://de.rd.yahoo.com/customize/ie/defaults/su/ymsgr6/us/*http://www.yahoo.de R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://de.rd.yahoo.com/customize/ie/defaults/sb/ymsgr6/us/*http://www.yahoo.com/ext/search/search.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://de.rd.yahoo.com/customize/ie/defaults/sp/ymsgr6/us/*http://www.yahoo.de R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.accoona.com/search?q=%s R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - C:\Programme\SurfSideKick 3\SskBho.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: CvgraphObj Object - {12355F3E-90C3-41AA-8705-15969AF7F210} - C:\WINDOWS\vgraph.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar1.dll O2 - BHO: (no name) - {BB23551F-C9F4-BA07-F3FC-E13B81567695} - C:\WINDOWS\system32\tdc.dll (file missing) O2 - BHO: BigMeanGorilla.MadAsHell - {FBD2EBD0-E6DF-456E-B300-A4D10A90C683} - C:\WINDOWS\system32\{FBD2EBD0-E6DF-456E-B300-A4D10A90C683}.dll (file missing) O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar1.dll O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Disk Monitor] C:\Programme\IC\Card Reader Driver v1.9e2\Disk_Monitor.exe O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_01\bin\jusched.exe O4 - HKLM\..\Run: [DI9Fr] C:\WINDOWS\wfrurqyo.exe O4 - HKLM\..\Run: [fgncp] C:\WINDOWS\fgncp.exe O4 - HKLM\..\Run: [ohyhkh] C:\WINDOWS\ohyhkh.exe O4 - HKLM\..\Run: [ML1HelperStartUp] C:\PROGRA~1\MIDNIG~1\ML1HEL~1.EXE /partner ML1 O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Programme\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [xvmarua] C:\WINDOWS\xvmarua.exe O4 - HKLM\..\Run: [KAVPersonal50] C:\Programme\Steganos AntiVirus 7\kav.exe /minimize O4 - HKLM\..\Run: [MNI.UWFX5U_0001_LP1710] "C:\Dokumente und Einstellungen\andy\Lokale Einstellungen\Temporary Internet Files\Content.IE5\KHEJK1MZ\WinFixer2005ScannerInstallDE[1].exe" O4 - HKLM\..\Run: [5458595B595C5A] 5357585A585B.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Programme\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [BurnQuick Queue] C:\Programme\BurnQuick\BQTray.exe O4 - HKLM\..\Run: [p2pnetworking] xz.exe O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\10.bin\mwsoemon.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [SurfSideKick 3] C:\Programme\SurfSideKick 3\Ssk.exe O4 - HKLM\..\RunServices: [p2pnetworking] xz.exe O4 - HKLM\..\RunOnce: [SpybotSnD] "C:\Programme\Spybot - Search & Destroy\SpybotSD.exe" /autocheck O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Programme\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [TTMessengerPDF] "C:\Programme\TTMessenger 2.1\spool\PDFSaver.exe" O4 - HKCU\..\Run: [LDM] C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [services32] C:\Programme\Gemeinsame Dateien\Windows\mc-110-12-0000137.exe O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\SIMPLE~1\PHOTOS~1\data\Xtras\mssysmgr.exe O4 - HKCU\..\Run: [OfotoNow USB Detection] C:\WINDOWS\system32\RunDLL32.exe C:\PROGRA~1\Ofoto\OfotoNow\OFUSBS.DLL,WatchForConnection OfotoNow O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\10.bin\mwsoemon.exe O4 - HKCU\..\Run: [Tsae] "C:\Programme\ouea\moel.exe" -vt wnew O4 - HKCU\..\Run: [XPRepairBusiness] C:\Programme\XP Repair Pro\xprepairpro.exe /s O4 - HKCU\..\Run: [EQTraffic] "C:\Programme\EQTraffic\EQTraffic.exe" O4 - HKCU\..\Run: [SurfSideKick 3] C:\Programme\SurfSideKick 3\Ssk.exe O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Kodak EasyShare Software.lnk = C:\Programme\Kodak\Kodak EasyShare Software\bin\EasyShare.exe O4 - Global Startup: Kodak software updater.lnk = C:\Programme\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programme\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Programme\ICQToolbar\toolbaru.dll/SEARCH.HTML O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZCfox000 O8 - Extra context menu item: >>> FREE PORN GALLERIES <<< - javascript:{document.location='http://sexmaxx.com/freegalleries.htm';} O8 - Extra context menu item: Alles mit Net Transport herunterladen - C:\Programme\Xi\NetTransport 2\NTAddList.html O8 - Extra context menu item: Mit Net Transport herunterladen - C:\Programme\Xi\NetTransport 2\NTAddLink.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\j2re1.4.2\bin\npjpi142.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\j2re1.4.2\bin\npjpi142.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O16 - DPF: RaptisoftGameLoader - http://www.miniclip.com/hamsterball/raptisoftgameloader.cab O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {8FCDF9D9-A28B-480F-8C3D-581F119A8AB8} - http://static.zangocash.com/cab/180solutions/ie/bridge-c24.cab O16 - DPF: {91433D86-9F27-402C-B5E3-DEBDD122C339} - http://l00kl23.com/default.cab?uid=60&id=48370&ex&1s&ppd=4&tag=17 O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab O16 - DPF: {DA511858-B44C-439E-A0EA-704ED20035E7} (EphoxEditLive4.EditLive) - http://www.beepworld.de/hp/activexeditor/editlive4.cab O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab O18 - Protocol: bw+0 - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O18 - Protocol: offline-8876480 - {F6A6F2C0-3920-4454-81FA-AE03703329E4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Filter: text/html - (no CLSID) - (no file) O20 - AppInit_DLLs: repairs302972961.dll O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Programme\iPod\bin\iPodService.exe O23 - Service: kavsvc - Kaspersky Labs - C:\Programme\Steganos AntiVirus 7\kavsvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe danke schonmal im vorraus! lg |
|
|
||
25.01.2006, 23:20
Ehrenmitglied
Beiträge: 29434 |
#6
demoness
dieser PC sollte schleunigst formatiert werden __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
26.01.2006, 14:10
Member
Themenstarter Beiträge: 26 |
#7
ähm, ja hab ich mir auch gedacht clean up hat 1,03GB datenmüll rausgehaun
ja und wie gesagt, spybot hat über 400 einträge gefunden (416 oder so ^^) das hab ich überhaupt noch nie gesehen sowas..... naja werd ichs ihnen wohl schonend beibringen müssen, das der formatiert gehört |
|
|
||
Logfile of HijackThis v1.99.1
Scan saved at 21:10:27, on 14.01.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\F-SECU~1\backweb\4476822\Program\SERVIC~1.EXE
C:\WINDOWS\Explorer.EXE
C:\Programme\F-Secure Internet Security\Anti-Virus\fsgk32st.exe
C:\Programme\F-Secure Internet Security\backweb\4476822\Program\fspex.exe
C:\Programme\F-Secure Internet Security\backweb\4476822\program\fsbwsys.exe
C:\Programme\F-Secure Internet Security\Anti-Virus\FSGK32.EXE
C:\Programme\F-Secure Internet Security\Common\FSMA32.EXE
C:\Programme\F-Secure Internet Security\Anti-Virus\fssm32.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\Programme\F-Secure Internet Security\Common\FSMB32.EXE
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\ScsiAccess.EXE
C:\Programme\F-Secure Internet Security\Common\FSM32.EXE
C:\Programme\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Programme\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\F-Secure Internet Security\Common\FCH32.EXE
C:\Programme\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Programme\F-Secure Internet Security\Common\FAMEH32.EXE
C:\Programme\F-Secure Internet Security\FSPC\fspc.exe
C:\Programme\F-Secure Internet Security\Anti-Virus\fsav32.exe
C:\Programme\F-Secure Internet Security\FWES\Program\fsdfwd.exe
C:\Programme\F-Secure Internet Security\FSGUI\fsguiexe.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Programme\Hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Programme\Yahoo!\Common\yiesrvc.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Programme\Yahoo!\Common\YIeTagBm.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Programme\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\MSN Apps\MSN Toolbar\01.02.4000.1001\de-at\msntb.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\MSN Apps\MSN Toolbar\01.02.4000.1001\de-at\msntb.dll
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Programme\F-Secure Internet Security\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Programme\F-Secure Internet Security\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Programme\F-Secure Internet Security\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -minimize
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Programme\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Programme\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programme\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -trayboot
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Programme\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Programme\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: In Adobe PDF konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: In vorhandene PDF-Datei konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Programme\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Programme\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Programme\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Webfilter - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Programme\F-Secure Internet Security\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Programme\F-Secure Internet Security\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Website-&Liste anzeigen - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Programme\F-Secure Internet Security\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F02} - C:\Programme\F-Secure Internet Security\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Webseitenfilter &aussetzen - {200DB664-75B5-47c0-8B45-A44ACCF73F02} - C:\Programme\F-Secure Internet Security\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F03} - C:\Programme\F-Secure Internet Security\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Diese Website &sperren - {200DB664-75B5-47c0-8B45-A44ACCF73F03} - C:\Programme\F-Secure Internet Security\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F04} - C:\Programme\F-Secure Internet Security\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Diese Website &zulassen - {200DB664-75B5-47c0-8B45-A44ACCF73F04} - C:\Programme\F-Secure Internet Security\FSPC\fspcmsie.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Programme\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O10 - Broken Internet access because of LSP provider 'winsflt.dll' missing
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: F-Secure Internet Security 2005 (BackWeb Plug-in - 4476822) - Unknown owner - C:\PROGRA~1\F-SECU~1\backweb\4476822\Program\SERVIC~1.EXE
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Programme\F-Secure Internet Security\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - C:\Programme\F-Secure Internet Security\backweb\4476822\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Programme\F-Secure Internet Security\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure HTTP Server (fshttps) - F-Secure Corporation - C:\Programme\F-Secure Internet Security\FSPC\fshttps\fshttps.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Programme\F-Secure Internet Security\Common\FSMA32.EXE
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\system32\ScsiAccess.EXE
danke für eure hilfe!
lg